Topic: What Guarantees Are There That The Supply of Bitcoin Will Be Limited (Read 6350 times)

The phrase "double spend" is highly misleading, I wish it weren't the common phrase for that attack.  It would be better if we called that attack "reverse and respend":  What someone with a super majority hashpower can do is spend some coin with you, then after its deep enough in the chain that you trust it to be permanent (e.g. at least 6 deep) they release a new chain which starts before your txn was confirmed but spends the same coins someplace else.  The new chain must be longer than the current real one... so to do this with any reliability they need >>50% of the total hashpower.  So effectively they reverse one of their own payments to you by redoing the bitcoin transaction history so the funds when somewhere else instead.  The total amount of coins is conserved.

There isn't any majority voting on the rules. The rules of the bitcoin system are fixed in every copy of the software. When you change them you don't change bitcoin, you create an alternative chain, effectively... because the two systems won't talk unless their rules agree.

Of course, if ~everyone changed their software than things can change— but it's silly to claim that this constitutes a lack of immutability of the rules. After all, if I made an interface to paypal with a bitcoin logo on it, and convinced everyone to change to that you could hardly say that I changed the bitcoin rules or hold bitcoin accountable for it.

Not exactly, because a client won't accept a longer blockchain with different rules. The client accepts the longest blockchain following its rules, so aside from a gigantic waste of resources, half of bitcoin using a new set of rules does not affect your half.

Now... people said the 51% attack can only double-spend, but I thought that the whole chain and rules were based on consensus, so if 51% said the new rules were there were more money, even though the client was hardcoded it would only fork at the point that something that was hardcoded got ignored (ie, once we got to above the hardcoded limiting amount past 21m). Even then, wouldn't the client just think something was wrong and stop getting a connection? I mean it's consensus so if 50% agreed to new rules wouldn't that be the new rules?

It is a trade off.  If you shorten the cycle time, you gain in one place, but lose in another.  10 minutes seems fairly well balanced, but no choice will make everyone happy.  There is more to it than just the confirmation time.

We may discover that the hashing power of BTC drops once inflation slows or ends, and the whole tx fee thing doesn't support enough hashing power to make all us BTC holders feel secure from a 51% attack.  Thus to incentivize more mining, we may slow the inflation rate to something small, i dunno maybe 1%/year or so.  Would still make BTC a very strong currency, but also keep blocks clipping along.

Maybe this is off topic.  But why don't they change the block generation from 50 BTC every 10 minutes to 5 BTC every minute?  That would cut the tx time and quicken the flow of confirms.  I know some of the alt chains tried this.  Does it work, and why can't we do this with the mainline client?

Having an automatic update feature opens a whole world of possible security breaches and it could potentially damage the network.

Consider the following scenario:

1. Automatic update servers are cracked,
2. Depending on the attacker (casual thief or government) a trojan OR modifiied client is planted in place of the legitimate client
3. 80% of users download the fake client

Now, there are 2 options:
4a. The hacker steals wallets of 80 percent of the bitcoin users. OR
4b. The hacker uses the modified client to damage the network, split chains, implant child pornography into chain or whatever else

5. ?? ??
6. PROFIT !

Such damage could be fatal to the network and could actually destroy the people's faith in the currency.

So no, having an automatic update feature is definately NOT a good idea.

It might be a good idea for the downloadable reference client (opt-out of course), although obviously not for mining platforms that enforce the security of the network.

I am in greater fear of an attacker finding a flaw in the client software and continuing to exploit unpatched nodes than, say, Gavin's keys being compromised and a fake update (with a back door) being issued.

But for that reason I don't expect automatic updates would never be implemented. If you fail to patch your software, it's your fault. OTOH, if Gavin's keys are compromised one could make the case of (criminal?) negligence against him.

+ 1

When I participate, I know the rules -- 50 BTC / block every 10 minutes, 21 million total, etc.   Now if there were a fork with a change like that which only favors those who already hold the coins then that would, to me, be an unacceptable breach and I would either only trade with the client that doesn't include that change or would abandon bitcoin at that point.  I would probably not be alone with that decision, and thus the value of bitcoin would be harmed.  I couldnt see that happening.


Having an auto-upgrade for the Bitcoin client would not be a good idea.

I'm reading about the problems if the limit is higher but this same reasons seem to work fine for a greedy community if they decide to lower the limit to 18000000 or what ever number. If business people starts to use it as a deposit for value and price really moves upwards, this limit change could be moved on, lets suppose automatic upgrade feature is installed and widely adopted, and so this could work for some days before everythings falls having made some really rich and all the others really poor.

Let me sum up for you what would happen in short IF the developers increased the money supply:

1. The blockchain would split into the NEW chain (with more inflation) and the OLD chain (with unchanged inflation)
2. Most of people, including me, would abandon the NEW chain and go back to OLD chain
3. Bitcoins from the NEW chain would enter a downward spiral until they would become worthless

Seriously, who would want to be robbed ? And that is exactly what increased inflation is - common thievery.

If the value of your home is assessed with *that* many decimals, then why don't you buy AMD, Intel, NVidia, etc. and mine all the bitcoins yourself.

Yup -- that is the winning answer.   Changes that work in the favor of those who hold the already-issued bitcoins are possible if enough of those users accept the changes.  Changes that would harm the value of those existing bitcoin users would likely not get adopted and would stay as an unused fork.

There are at least two examples of changes occurring and being adopted.

The overflow incident from August 2010 required a new client and because those holding bitcoins would be harmed BY NOT changing over to the new client they did so promptly.
 https://bitcointalksearch.org/topic/value-overflow-incident-august-15-2010-6290

Another example is with Namecoin merged mining.  That is a change that requires buy-in from existing namecoin users (i.e., to use the new client that changes the rules).  If merged mining was rejected by those holding namecoins, the change would simply be a fork with few or no users as the namecoins issued or used in trade on the fork would not be accepted by those earlier users.

Your specific question of issuing a greater amount of currency is a change that be harmful to those holding bitcoins (it would devalue their holdings) and therefore it is unlikely that change would be accepted.

A billion people worldwide will be sharing 2,099,999,997,690,000 satoshis, so it's no problem at all.

There are only 982 billions USD hard currency in existence currently, and yet the world seems to function fine upon it.

Exactly - no merchant would want to change, so the new fork would be useless.

This is why there won't be multiple chains.  And also why we don't have to worry much about the rules changing.

The market would decide - the bitcoin block chain would fork and you could choose to go with the new fork or stick with the old one. If you have bitcoins you would almost certainly stick with the original one.

It's not magical, it's "just some number to limit the supply". The number itself doesn't mean anything.

Less than a full world economy, large enough to not promote too much hoarding... My guess is a integer value is 2.1billion, and with the decimal shift maybe that has some significance but I also know that the storage is double integer so it should support trillions easily.

I don't think Satoshi ever really said in the documents his personal reason for choosing the number?

Sure they can.  They just download the source, edit the function GetBlockValue() in main.cpp, and recompile.  And if they only comment out the line that shifts nSubsidy, it'll still work fine for another 60,000 odd blocks.