Pages:
Author

Topic: Why the fuck did Satoshi implement the 1 MB blocksize limit? - page 2. (Read 2196 times)

staff
Activity: 3458
Merit: 6793
Just writing some code
The SPV system is not something that "keeps miners in check". The SPV system is a cryptographically secure way to know that a given transaction is part of a given block chain.
I never said that SPV was to "keep miners in check". You are completely misunderstanding me.

Fraud proofs are necessary to have a cryptogrpahically secure way to know that a transaction is part of a given blockchain AND that the transaction is valid. Yes, merkle trees ensure that a transaction is part of the blockchain. But nothing currently exist to prove that a transaction is valid without having to have the full transaction history. The only way that a transaction can be fully validated is to know the transactions that it spends from, and then the transactions those spend from, etc.

In that respect, it is working, and it is working correctly.  Wallets like electrum work that way as far as I understand.
No, it does not currently work, and it is not how Electrum works at all.

All that Electrum can do is know for certain that a transaction is included in a block. It must trust that the Electrum servers that it has connected to have actually verified the transaction. However if your Electrum wallet were to be connected to malicious Electrum servers, they could serve you invalid transactions which you would not know are invalid. Said transaction can be included as part of a block; the merkle root would be correct and the PoW of the block would be valid. BUT the block would contain an invalid transaction. For full nodes, this block would be entirely invalid and discarded. But we are talking about malicious Electrum servers here. So those malicious servers TELL YOU that the invalid transaction is actually valid, and so you accept it. There is no way for you to prove that the transaction is valid or invalid, Electrum simply does not have the data to fully verify the transaction. But we still have met all of the criteria that you wanted: the transaction is included in the merkle root and the block's PoW is valid. The big thing that you are missing is that the block includes an invalid transaction, and SPV wallets have no way of knowing whether the transaction is valid or not. Fraud proofs are required to prove that all of the transactions in a block are valid, and currently they do not exist nor is there a known way to make such proofs.

Just because a block has a valid PoW does not mean that all transactions in the block are valid. Just because they are included in the merkle root does not mean that all transactions in the block are valid. There is more to a valid block than just the merkle root and the PoW.



Edit: It's not worth my time to argue this with you. You clearly don't understand how Bitcoin or SPV wallets work. To my ignore list you go.
hero member
Activity: 770
Merit: 629
The SPV system that satoshi described involves fraud proofs, which are proofs that miners did not commit fraud. However we have no such thing today. From the paper (emphasis mine):

I never understood that SPV was a check on the correctness of miners.  After all, without having all transactions explicitly you can never know whether or not these transactions were valid.  You cannot know whether there was a double spend or not.  You cannot know whether the signatures were valid or not.  You need to download the entire block to be able to verify that.
You cannot even begin to consider an SPV system that verifies the correctness of miners' verification work of a block.  So that could never be part of it.

The SPV system is not something that "keeps miners in check". The SPV system is a cryptographically secure way to know that a given transaction is part of a given block chain.  In that respect, it is working, and it is working correctly.  Wallets like electrum work that way as far as I understand.

In an SPV system, if one is given a transaction T, a leg in a Merkle tree M(T) leading to T, and the entire header chain, of which the top of the leg M(T) is included in the header chain, you know for sure that:

- this transaction T is part of the block B with the Merkle Tree M of which you have the leg M(T).
- this block B is part of the block chain of which you have the header list H.

From the header list, you can check the amount of proof of work.  In fact, one cannot give you a fake SPV result without at least having spent the proof of work leading up to the block block B ; but if you have the header list H, one cannot give you a fake SPV result with less than the proof of work in the entire list H.

It is sufficient to check that the list H is part of the actual block chain that is being produced by the mining pools, to know that you are having a genuine transaction in the currently accepted consensus block chain.   So the only things you need for SPV to be absolutely foolproof is:
- that the header list H is sufficiently recent
- that the current mining pools are working on top of this header list.

As such, you simply need to request the last part of the header list H' from a few of the principal mining pools (or from a few full nodes of which you think they are up to date) and you know cryptographically that the transaction T that has been shown to you, is included in the currently accepted consensus block chain.   Note that it is essentially impossible that the currently active mining pools would be lying to you, because in order to lie to you, they would have to spend a lot of proof of work to give you a fake block header list ; moreover, it would be very difficult for them to do this in a simultaneous way.  They would need to spend as much hashes on the top list of, say, 10 blocks, than to mine 10 new blocks.  

So, if you can obtain from the top mining pools:
- the last few block headers mined H'
- the SPV data (T, M(T), H)

in such a way that the end of H overlaps with H', you know 100% cryptographically for sure that T is part of the actual block chain.

Quote
Satoshi realizes that SPV is not secure, and that some method must be implemented in order for SPV nodes to know that they are not being defrauded, e.g. by full nodes giving them some alert. But the Bitcoin network does not support such a thing, so Satoshi's "SPV vision" does not work until such proofs can be made and be provably sound (i.e. you can't fake a proof).

No, what Satoshi refers here to, is that it could in principle be possible that your SPV provider is providing you with a fork of lesser PoW, that is not the main chain.  This is possible in a situation (as Satoshi saw things) where you have a very broad network of mining nodes, and one mining node decided to continue mining on his orphaned fork, and gives you the SPV results of that orphaned fork.  If you are not part of the full network, you might believe that this fork is the actual consensus, because you are not up to date to the actual chain. He might, while he's working on his false prong, include transactions that do not exist and that were never broadcast.

Note, however, that in order to do so, one has nevertheless to waste mining resources to make this false prong, in order to mislead you.

In order for this cheating to work, apart from having to mine the useless prong, he must also be sure that you are not contacting another node that might have the true currenc consensus block chain. In the current bitcoin structure, with much less different mining sources, even the price to make a fork is so large, that this is not a problem.  Miners don't waste time continuing on their fork.

Imagine that your "SPV provider" were a mining node that has somewhat less than 10% of the total hash rate, and is making hence a block two hours or so.  He might, if he wanted to, put this hash rate in a fork, instead of putting it in the consensus chain (I don't see why but OK).  That fork grows slower, but it is a correct chain, and he can give you the SPV elements of that chain.  You may be tricked in believing a recent transaction on his prong, that is not part of the general consensus.

But from the moment that you know the real chain head, this won't work.  And the real chain head is given to you by the major mining pools.  Note that the danger Satoshi pointed out, is also a danger for a full node.  If a full node is kept apart from the rest of the network, and is only fed with a false prong, that full node will be just as gullible as your SPV client.
staff
Activity: 3458
Merit: 6793
Just writing some code
Ah, that's interesting.  When you contrast that with Satoshi's November 2008 e-mail, where he clearly explained how 100 MB blocks were no problem, and how users would use SPV clients ; and when you see that Hal Finey was the one pushing for the 1 MB limit according to some, we now see that Hal Finey finally took power over Satoshi.  Hal Finey is writing here exactly the same objection that Satoshi already replied to in November 2008: "of course we don't send all transactions to all users".

Satoshi never had any doubts about the scaling non-problem from the beginning. Most users simply didn't need the block chain, and that's exactly why he introduced the SPV possibility with the Merkle tree - otherwise there's no need for a Merkle tree structure in Bitcoin ! The very single only reason Satoshi invented the ordering of the blocks in a Merkle tree, is that this allows SPV.  If blocks are to be used as a whole, you can simply calculate a single hash of the entire block.  Nowhere else do you need any Merkle tree.  The Merkle tree is a way to have a minimal number of steps of verification of presence of a piece of data in a block, and really becomes useful only when blocks are very large.
Otherwise you could even resort to a sub-list, that is, a block is a linear list of transactions, and to each transaction corresponds a hash, that can itself be included in a hashed linked list of "hash blocks" all the way to the block header, containing the hash of the last "hash header".  The problem is that this list goes as N, when N is the number of transactions in a block.  A Merkle tree does the same, but the depth goes as log2(N).  This becomes a significant thing when N becomes very large, that is, when blocks become very big.  For 1MB blocks, with some 2000 transactions in it, this is not yet very significant.  If, in order to check that a given transaction T is in a given block, you need to get that famous "linked list" with 2000 entries, to see that your transaction T was indeed, in the K-th entry of those 2000 entries, that's still very feasible.  However, for a block of 100 MB, looking in the list of 200 000 entries, or looking in a path of the Merkle tree, only 18 steps deep, is a hell of a difference.

So from the very start, Satoshi designed bitcoin as a very big block system, of which only mining nodes need to have the full data burden, and of which all other users use SPV and connect to one of these nodes.

The SPV system that satoshi described involves fraud proofs, which are proofs that miners did not commit fraud. However we have no such thing today. From the paper (emphasis mine):

Quote
While network nodes can verify
transactions for themselves, the simplified method can be fooled by an attacker's fabricated
transactions
for as long as the attacker can continue to overpower the network. One strategy to
protect against this would be to accept alerts from network nodes when they detect an invalid
block, prompting the user's software to download the full block and alerted transactions to
confirm the inconsistency

Satoshi realizes that SPV is not secure, and that some method must be implemented in order for SPV nodes to know that they are not being defrauded, e.g. by full nodes giving them some alert. But the Bitcoin network does not support such a thing, so Satoshi's "SPV vision" does not work until such proofs can be made and be provably sound (i.e. you can't fake a proof).
hero member
Activity: 770
Merit: 629


One can say: maybe he realized that his 2008 scaling solution was going to "centralize" is system, so he simply put in something that would push people to invent an off-chain way of using it.  In other words, he put in this limit because he understood that block chain tech doesn't scale, contrary to his 2008 explanation, and considered that people should invent something that solves it in another way.  In other words, he did this to push people to invent the LN.

But that doesn't hold water either.  Given that he didn't know whether something like the LN could even be invented, and given that he didn't know when it would be invented, and what would have been its needs, crippling the only solution you have, of which you've explained how it would scale, would have been extremely dangerous.  If the LN would only have been invented in 2025, bitcoin would have been dead already by the time it could have been invented.  That's akin to jumping out of an air plane, and hoping you'll invent a parachute while falling.


Hal Finney predicted "more or less" LN back in the day:



Actually there is a very good reason for Bitcoin-backed banks to exist, issuing their own digital cash currency, redeemable for bitcoins. Bitcoin itself cannot scale to have every single financial transaction in the world be broadcast to everyone and included in the block chain. There needs to be a secondary level of payment systems which is lighter weight and more efficient. Likewise, the time needed for Bitcoin transactions to finalize will be impractical for medium to large value purchases.

Bitcoin backed banks will solve these problems. They can work like banks did before nationalization of currency. Different banks can have different policies, some more aggressive, some more conservative. Some would be fractional reserve while others may be 100% Bitcoin backed. Interest rates may vary. Cash from some banks may trade at a discount to that from others.

George Selgin has worked out the theory of competitive free banking in detail, and he argues that such a system would be stable, inflation resistant and self-regulating.

I believe this will be the ultimate fate of Bitcoin, to be the "high-powered money" that serves as a reserve currency for banks that issue their own digital cash. Most Bitcoin transactions will occur between banks, to settle net transfers. Bitcoin transactions by private individuals will be as rare as... well, as Bitcoin based purchases are today.

But LN is much better than what he envisioned.


Ah, that's interesting.  When you contrast that with Satoshi's November 2008 e-mail, where he clearly explained how 100 MB blocks were no problem, and how users would use SPV clients ; and when you see that Hal Finey was the one pushing for the 1 MB limit according to some, we now see that Hal Finey finally took power over Satoshi.  Hal Finey is writing here exactly the same objection that Satoshi already replied to in November 2008: "of course we don't send all transactions to all users".

Satoshi never had any doubts about the scaling non-problem from the beginning. Most users simply didn't need the block chain, and that's exactly why he introduced the SPV possibility with the Merkle tree - otherwise there's no need for a Merkle tree structure in Bitcoin ! The very single only reason Satoshi invented the ordering of the blocks in a Merkle tree, is that this allows SPV.  If blocks are to be used as a whole, you can simply calculate a single hash of the entire block.  Nowhere else do you need any Merkle tree.  The Merkle tree is a way to have a minimal number of steps of verification of presence of a piece of data in a block, and really becomes useful only when blocks are very large.
Otherwise you could even resort to a sub-list, that is, a block is a linear list of transactions, and to each transaction corresponds a hash, that can itself be included in a hashed linked list of "hash blocks" all the way to the block header, containing the hash of the last "hash header".  The problem is that this list goes as N, when N is the number of transactions in a block.  A Merkle tree does the same, but the depth goes as log2(N).  This becomes a significant thing when N becomes very large, that is, when blocks become very big.  For 1MB blocks, with some 2000 transactions in it, this is not yet very significant.  If, in order to check that a given transaction T is in a given block, you need to get that famous "linked list" with 2000 entries, to see that your transaction T was indeed, in the K-th entry of those 2000 entries, that's still very feasible.  However, for a block of 100 MB, looking in the list of 200 000 entries, or looking in a path of the Merkle tree, only 18 steps deep, is a hell of a difference.

So from the very start, Satoshi designed bitcoin as a very big block system, of which only mining nodes need to have the full data burden, and of which all other users use SPV and connect to one of these nodes.

Piling every proof-of-work quorum system in the world into one dataset doesn't scale.

Bitcoin and BitDNS can be used separately.  Users shouldn't have to download all of both to use one or the other.  BitDNS users may not want to download everything the next several unrelated networks decide to pile in either.

The networks need to have separate fates.  BitDNS users might be completely liberal about adding any large data features since relatively few domain registrars are needed, while Bitcoin users might get increasingly tyrannical about limiting the size of the chain so it's easy for lots of users and small devices.

That's very funny, because Satoshi takes here the entirely opposite stance than when he laconically wavered Jeff Garzik's opposition to him introducing this limit in the first place, away, for exactly the same reasons.

Quote
I don't believe in conspiracy theories, everyone was trying to do what was seen as best at the time. Satoshi didn't predict big centralization in mining, so we can't have huge blocksizes, it will need to scale off-chain.

If mining is centralized, bitcoin is of course centralized, and everything you build on it just as well.  The problem is that people see decentralization as a goal, while it was a tool.  Decentralization was a tool to make bitcoin work correctly.  After all, the ONLY thing you want from bitcoin, is that you can do transactions, and verify transactions.  Exactly how that comes about, doesn't really matter (unless it becomes a kind of sales argument in itself of course).  Whether it is the impossibility to leave a Nash equilibrium because of "massive collusion needed too difficult and too impractical to be plausible", which is the decentralization method, or by market forces ("if I do stupid things as a miner, my entire investment in hardware will become an expensive doorstep"), it doesn't matter.  What one simply wants, is that one can do transactions, that's all bitcoin is good at.  Even if bitcoin were entirely centralized in one big data centre, but because of its investment and market forces, it kept on running bitcoin as it should, that's just as good.

Quote
LN is the best technology out there to scale a coin worldwide. If it fails, we can always go back to layer 0 and still have decentralized enough network and use it as a store of value only (yes, Bitcoin IS decentralized, when was the last time you saw a miner selecting a transaction he didn't like and blocking it? because that is what decentralization is, being able to donate to Wikileaks freely, and same goes for the protocol, no one can change it in a centralized fashion;

Well, as I just said, decentralization is a tool to obtain a result ; but other tools can work just as well.  So it is not because you see that the system works well, that you can conclude that decentralization is at work.  In fact, if you think about it, you see that it isn't the case, because it is very easy, TECHNICALLY, for this to fail.

You know very well that there are 3 or at best 4 mining pools that make a good majority of the blocks. If these 3 or 4 entities sit together and decide NOT to include a given transaction, and NOT to mine on a block that includes this transaction, then, I hope you agree with me, that technically this transaction will not be included.  Simply because with the hash rate they command, the longest chain rule will never include this transaction.  Other mining pools including this transaction will make orphaned blocks ; or they can be informed that they shouldn't even try.  You know just as well as I do, that *purely technically*, according to bitcoin's rules, that is perfectly possible, and nobody violated any rule in doing so.

A decentralized system would not permit such thing to happen, because 2000 people would have to agree to do so, and the hypothesis of decentralization is exactly that such a collusion is not going to happen because too massive, too difficult, and internally too inconsistent.  That's the core idea of decentralization: a super-Nash equilibrium that can only be broken by such massive collusion, that that collusion in itself, is not realistic.

Well, in bitcoin's mining landscape today, this kind of collusion is theoretically extremely possible.  I use to joke that bitcoin is more centralized than the Euro.  In order to decide something for the Euro, 15 finance ministers have to agree ; in bitcoin, 3 or 4 mining pool owners have to agree.

But, I agree with you, this is not happening (yet).  Why is this not happening ?  Because of the market. Because these mining pools and their miner subcontractors have a lot of investment in bitcoin mining, and if ever this would get known, their mining equipment might become an expensive doorstep.  But if that argument holds, then a totally centralized miner will be just as sensitive to this, and will just as well let through all transactions.

So, bitcoin can work, even though its functioning is not any more guaranteed by a decentralized game theoretical argument ; now it is a market sensitivity argument.  Miners are in the business for money, they don't want to risk their investment.  Whether they are 1, 2, 3 or 200.

But let us now think of something else.  Let us now think of bitcoin being legally accepted everywhere, and is legally framed, and recognized as a form of legal tender.  Let us also suppose that you get legal permits to be a bitcoin miner.  Given the huge amounts of energy that go into bitcoin mining, it is not a "do it in your basement" kind of activity, and you cannot do that underground.  We're talking about industrial installations, and these can very well be legally framed.  You might even get preferential electricity prices on the condition that you are registered.  Nothing tells you that this legal frame may include a clause that puts you in a legal difficulty if ever your mining contributes to forbidden transactions.  As such, as a miner, you better connect to a mining pool that respects those engagements.  You can set up a contract, and the mining pool engages in only using your hash rate if it doesn't approve transactions given by an international committee (say, linked to Interpol or the likes). Your mining pool is now legally bond to not include such transactions, and not mine on top of blocks that do include such a transaction. But if you respect that, you're not only legally OK, you even have advantages like cheap power.  You pay taxes on your benefits, and you can enjoy your rich life of a miner in all legality.
If there is enough international collaboration over this, a majority of hash rate can fall in the hands of such legalized mining pools.  If they reject a transaction, they have a good legal reason to do so.   If the 4 or 5 most important mining pools are legalized that way, they will also be very attractive for industrial miners (they have contractually to do so).

Where's your decentralization now ?  You know that technically, the 4 or 5 majority mining pools can do so.  Now, they have a legal incentive.  Do you think your LN will save you from this ?  What idiot is going to lock in his coins with an entity that might get all further transactions blocked ?

This Gedanken Experiment shows you that if the bitcoin layer is centralized and potentially censored, the LN on top cannot be less censored. You cannot "win in decentralization" on top of a centralized system.   That's the equivalent of thinking you can run safely some code on a compromised computer.
legendary
Activity: 1372
Merit: 1252


One can say: maybe he realized that his 2008 scaling solution was going to "centralize" is system, so he simply put in something that would push people to invent an off-chain way of using it.  In other words, he put in this limit because he understood that block chain tech doesn't scale, contrary to his 2008 explanation, and considered that people should invent something that solves it in another way.  In other words, he did this to push people to invent the LN.

But that doesn't hold water either.  Given that he didn't know whether something like the LN could even be invented, and given that he didn't know when it would be invented, and what would have been its needs, crippling the only solution you have, of which you've explained how it would scale, would have been extremely dangerous.  If the LN would only have been invented in 2025, bitcoin would have been dead already by the time it could have been invented.  That's akin to jumping out of an air plane, and hoping you'll invent a parachute while falling.


Hal Finney predicted "more or less" LN back in the day:



Actually there is a very good reason for Bitcoin-backed banks to exist, issuing their own digital cash currency, redeemable for bitcoins. Bitcoin itself cannot scale to have every single financial transaction in the world be broadcast to everyone and included in the block chain. There needs to be a secondary level of payment systems which is lighter weight and more efficient. Likewise, the time needed for Bitcoin transactions to finalize will be impractical for medium to large value purchases.

Bitcoin backed banks will solve these problems. They can work like banks did before nationalization of currency. Different banks can have different policies, some more aggressive, some more conservative. Some would be fractional reserve while others may be 100% Bitcoin backed. Interest rates may vary. Cash from some banks may trade at a discount to that from others.

George Selgin has worked out the theory of competitive free banking in detail, and he argues that such a system would be stable, inflation resistant and self-regulating.

I believe this will be the ultimate fate of Bitcoin, to be the "high-powered money" that serves as a reserve currency for banks that issue their own digital cash. Most Bitcoin transactions will occur between banks, to settle net transfers. Bitcoin transactions by private individuals will be as rare as... well, as Bitcoin based purchases are today.

But LN is much better than what he envisioned.

And this post is very old, but they already knew it wouldn't scale on-chain. People buying coffees on-chain all over the world fast and cheap was always delusional, but LN can save the day.

Satoshi also predicted people going against blocksize increases:

Piling every proof-of-work quorum system in the world into one dataset doesn't scale.

Bitcoin and BitDNS can be used separately.  Users shouldn't have to download all of both to use one or the other.  BitDNS users may not want to download everything the next several unrelated networks decide to pile in either.

The networks need to have separate fates.  BitDNS users might be completely liberal about adding any large data features since relatively few domain registrars are needed, while Bitcoin users might get increasingly tyrannical about limiting the size of the chain so it's easy for lots of users and small devices.


I don't believe in conspiracy theories, everyone was trying to do what was seen as best at the time. Satoshi didn't predict big centralization in mining, so we can't have huge blocksizes, it will need to scale off-chain. LN is the best technology out there to scale a coin worldwide. If it fails, we can always go back to layer 0 and still have decentralized enough network and use it as a store of value only (yes, Bitcoin IS decentralized, when was the last time you saw a miner selecting a transaction he didn't like and blocking it? because that is what decentralization is, being able to donate to Wikileaks freely, and same goes for the protocol, no one can change it in a centralized fashion; sure the mining could be better, but the power distribution is spread across different parties enough to be called decentralized, as for the initial specs of Bitcoin (that is, 21 million limit coin, the blocksize, and so on).. well, it had to start somewhere, I don't know what you suggest there.


hero member
Activity: 770
Merit: 629
I just fell on this gem by Satoshi.  It makes me think that Satoshi didn't fully understand his own system.

http://satoshi.nakamotoinstitute.org/posts/bitcointalk/188/

"I anticipate there will never be more than 100K nodes, probably less."

Unless Satoshi has a sense of humour and of understatement, and given that he previously wrote:

http://satoshi.nakamotoinstitute.org/emails/cryptography/2/#selection-67.0-75.14

"Long before the network gets anywhere near as large as that, it would be safe
for users to use Simplified Payment Verification (section Cool to check for
double spending, which only requires having the chain of block headers, or
about 12KB per day. Only people trying to create new coins would need to run
network nodes
."

he's anticipating there would be less than 100K mining nodes.

Let us think through what that would mean if there were 100K nodes, each having, in the best of cases, exactly the same hash rate.  Given that there will be generated 52000 blocks per year, it means that each node will on average win one block every two years.

Now let us see what that would mean.  Given that finding a block is a Poisson process, the probability of not finding a single block in time T will be:

P(T) = exp(-T/(2 years).

It means that the probability that you have been mining for 4 years is 13% ; it means that the probability that you have been mining for 6 years and not one single block, is 5%.

Who could support the costs of mining without revenue over such periods ?  Most probably your hardware is obsolete before you had anything!
Can you imagine having started mining in 2013, and still not have a single block ?  Not one cent of revenue ?

In reality of course, not all miners will be equal, which makes it even much, much worse for the smaller ones.  In reality, one could at most expect a few hundred solo miners.  We observed that the market decided upon 10 or something.
member
Activity: 210
Merit: 26
High fees = low BTC price
Remember Salman Rushdi, who had to hide because he had written a book that was to the disliking of some Islamic leaders in Iran, who pronounced a fatwa over him

Yes it's getting a bit like that around here too if you offend members of the bitcoin faith, they attack you and
spew out all kinds of bullshit.

My understanding of contracts on ETH is you can write one to move money from A-B and take a commission fee
but have code within the deployed contract that says on the 1st June 2020 send all payments to my account.

Bitcoin is only pretending to use smart contracts because no one has told me how to upload "Smart contracts" or
even what the scripting language will be so maybe it's some values on the Lightning Network where the banking
hubs can set the transaction fee or something.

EVO seems to have the best "Smart Contracts" and windows developers can write them in C# or even use Java-script
 
hero member
Activity: 770
Merit: 629
Makes Satoshi sound like John Kramer!

Mmm.  Makes me think.  How about a future vision of a "cryptofatwa" ?  Remember Salman Rushdi, who had to hide because he had written a book that was to the disliking of some Islamic leaders in Iran, who pronounced a fatwa over him ?  There was a call to kill Salman, and the "reward" must have been something akin to virgins in paradise or some other thing.  Now, in as much as virgins in paradise sound like an attractive reward, you still have to be convinced in it before you think that going to kill a guy because someone said so, is a reasonable thing to do.  Nevertheless, it scared the hell out of Salman Rushdi and the British government that tried to protect him.  But one could still go and ask, with "convincing arguments" that the pronunciation of the fatwa be undone.

Let us fast-forward to our crypto paradise in a few decades, when crypto rules finance.  Of course, an obvious application will be life insurance.  if someone dies, automatically, smart contracts are put into work to pay the beneficiaries.  There's no reason why this big part of finance should not be crypto-ized, right ?  Now, consider the following: if, by sufficient atomic swaps, I can put together a fatwa contract on one or other crypto smart contract chain, so that a large amount of another crypto currency (say, bitcoin) will be given to the guy or girl that goes and kills a specified person ?  The contract will be triggered by a minor life insurance contract on his real-world identity, to indicate that the target was killed.  The potential murderer has to stake some amount of coins, together with a payment address to him, somewhere else on another smart contract, before he kills the victim, within a given time slot.  If the victim's death is not acted through the oracle of the life insurance contract, the potential murderer has lost his funds, and these are added to the reward of the next candidate-murderer.   So, there's a smart contract that runs a cryptofatwa on Joe Schmoe, and offers, say, 1000 BTC to his killer.  If Jack proposes himself to the contract as the candidate murderer, he has to put, say, 100 BTC stake.  This locks the contract (no other murderer can apply) for, say, 3 weeks.  Jack submits in his payment also an address for his reward (his mother's address).  If the contract observes that Joe Schmoe is dead before 3 weeks, it verses 1100 BTC to the address Jack provided ; if not, Jack lost his 100 BTC, and now the contract is open again, and the reward is now 1100 BTC. Maybe Jack simply needed more time: he can stake again.  Or, Joe Schmoe may stake himself, to win 3 weeks of his life.  And stake again, and again, and again.  But for each 3 weeks he buys himself for 100 BTC, he augments the attractiveness of his killing !  Of course, it is maybe wiser to use ZCASH or monero or the like.  The LN technology makes this possible once atomic swaps are implemented.  Note that the contract remains valid, even if the police traces me, tortures me, hangs me, and burns me publicly on a stack in the middle of town.  I launched it, but I cannot stop it.  Even if I'm dead, it will keep running.

Once we have such crypto fatwa, the door is open to unlimited bribery.   What if I ask a politician to vote against a crypto-limiting law, or a crypto fatwa will be launched against his daughter ?  Ok, I can go to jail.  Would the judge dare to convict me BTW ?  Ok, I may even regret what I did.  There's no stopping this thing.

Let us up the stakes a bit more: let us now have a self-propagating contract over all descendants of the victim.  The crypto equivalent of what the Knights Templar did when he cursed the French king until the 13th generation.   But with earthly rewards for the killer, or his family, not promises of virgins, paradise or whatever religious smoke and mirrors....

Is that good enough as a John Kramer story before bed time ?   Grin
newbie
Activity: 23
Merit: 0
Great question !

Okay okay, before you rush and say "To prevent spam attacks!!", please wait and read this whole thread.

^The above argument is what I hear all the time. However, there is something not quite right about that reasoning. It doesn't make sense.

Let's start with a little background info...

Satoshi implemented the 1 MB blocksize limit without telling anyone; He just did it randomly. There was no discussion beforehand and after he did it, he did not mention it anywhere. People had to look at the code/use it to see the change. The mannerism in which the 1 MB blocksize limit was added is already strange in itself and as soon as it was done, debates/arguments among the community started happening.

Satoshi never told people that the 1 MB limit was to prevent spam - its just what everyone inferred.


Okay... history lesson over.

Now here is why it doesnt make sense:

The process of a transaction getting confirmed and added to the blockchain goes like this:

1) Tx. is broadcast with a custom fee
2) Tx. is added to the mempool
3) Miner collects tx. from the mempool (usually they will pic tx. based on which has the highest fee and work their way down from there)
4) Miner adds tx. to their block
5) Miner calculates the proof of work
6) Miner publishes block to the blockchain


Okay now we have the process outlined we can analyse the miners incentives/behaviour. I'll be using game theory to explain this and here is where it gets interesting.

The miners main goal is to make profit. This is why he adds tx. to his block in the first place (it allows for more fees and thus, more profits). So we can assume that without the blocksize limit, the miners would add infinite tx. to their block right? WRONG!

Allow me to explain:

Look at step 3.. Collecting the tx. from the mempool and adding it to their block takes a set amount of time and the longer that the miner spends collecting the tx. and adding it to their block, the less time they can spend calculating the proof of work - thereby giving their competition (other miners) the edge. The miners would naturally (based on game theory) find a nash equilibrium between collecting as many tx. as possible and finding enough time to calculate the proof of work in order to give them the maximum profitability. Thus, we can assume, that without a blocksize limit (infinite), the block size would stay relatively the same.

This is why an infinite block size limit is not an issue. I honestly cannot understand why he added the 1 MB limit.
Can someone please, please explain? I have been pondering this for over a month now. Thanks.

There are three possible answers:

1) Satoshi didn't completely understand the implications of his random choice, which seemed reasonable at the time to him.  

2) Satoshi knew very well what he was doing, was an evil mind, and he was lying through his teeth all the time, to trick us into his nonsense.

3) Satoshi was a true god and genius, and even though we think he might have made a mistake, he was absolutely right in everything he ever did and we are simply too dumb to see it.

There have been a lot of discussions over that issue, and people warned Satoshi that his random decision was recipe to disaster.

The truth is maybe in the 3 things at once.  It is obvious that the spam limit is a joke.  In fact, it makes spam worse.  The excuse was that if a fool mined a single block of 10 GB full of nonsense, the blockchain would be spammed to an incredible size in no time.  That was clearly wrong, because in order for that block to be incorporated into the chain, other miners would have to agree with it.  There's no reason why honest miners would mine on top of a crazy block.  In other words, implicitly, there would be a gross maximum size set by miners and that would grow dynamically.

By putting a hard limit on block size, you actually increase drastically the effect of spam, as we saw.  Once the block is full of spam, transactions are hindered.  This is an efficient DDOS of bitcoin.  If the blocks are elastic, you can spam a lot, that will increase the size to some point, but transactions can go through unhampered, and you'd have to spam like crazy in order to have an efficient DDOS.  Hard limits make DDOSsing of bitcoin in fact much easier.

Satoshi was clearly in favour of very large blocks if useful, and he explains that in the beginning, where he tells us that most normal users shouldn't run a full node, "left to specialists with farms of specialized hardware".  That was in November 2008.

People explained him that putting a hard limit in the protocol would require a hard fork at a point, which might be problematic.  He wavered that away: just changing a constant in the code.

Maybe Satoshi did put a "time bomb" in his bitcoin system because he considered it an experiment from which we have to learn, and it should self-destroy at a certain point in order for us to make a new system with better properties.  Maybe Satoshi wanted to put in a trap, so that only if his heirs were smart enough to have good governance, and if they cannot even change a simple parameter, then it is better that this system dies.  Maybe Satoshi wanted to develop a whole crypto market, and needed to put something nasty in bitcoin, in order to make it lose its first mover advantage and open up the market.

Maybe Satoshi was designing a reserve currency for big, dark, deep state players, and only needed Joe Sixpack to ramp it up, but needed him to be pushed out of bitcoin once the system was up and running, to leave it to the big boys.  Claiming it to be a currency of the people, but at the same time, making its use too expensive for the people, and only allow the big boys on it, was maybe his hidden plan.

But I think that Satoshi simply made a mistake.  He made many.  Bitcoin is quite ill designed.  That doesn't take away the fact that he was a bright mind.  We have hindsight he didn't have.  But he was wrong on this one, as he was wrong on many choices.


Makes Satoshi sound like John Kramer!
member
Activity: 183
Merit: 25
Wow. I didn't expect this thread to get so many replies. glad I could spark up a discussion  Smiley

Some great points raised.
jr. member
Activity: 116
Merit: 1
Your GateWay to Bitcoin Gambling Greatness
@OP, I agree with your argument. As per game theory and the assumptions you have made, I don't see a reason why the block size limit has to stay at 1 MB.

Newbie question here, is there any way to change the block size limit? How feasible it is to do? Would it require a hard fork?

Well, that's why there is a current "civil war" within the Bitcoin community because of this. There are groups that want to scale Bitcoin and others just want to stay in place. Again, that's why the forks of Bitcoin Cash and Bitcoin Gold happened and I believe there are more to come or happened already.

BCH has an 8MB block size limit if you're looking for one with a bigger block size.
hero member
Activity: 770
Merit: 629
As I understand it, the people who want to keep blocksize as is want to maximise the odds of someone from a developing/under-developed country being able to eventually afford running a full node. Bitcoin is not just meant for us in developed nations, but the world.

As Satoshi explained in November 2008, and as I outlined here and on several other occasions, there's strictly no need "for poor people to run a full non-mining node".  You run a full node only if you're a mining pool (you have to), or if you have a very large vested interest in bitcoin and in the ability for a lot of people to connect their light wallets to you.  Also if you're a geek, and want to analyse aspects of bitcoin's system on your own.  But running a full node doesn't add much to the power decentralization aspect of bitcoin.   To be a bitcoin user, and to be secure, you only need a SPV wallet (like electrum).   An SPV wallet proves that all transactions you're looking at, are part of the one and only block chain out there, produced for you by an industry of miners.  You cannot screw someone with an SPV wallet in thinking that a transaction was part of the block chain while it isn't.  That's all you need, and Satoshi explained that already in November 2008.

Given the stakes of the bitcoin system, big players can afford big blocks and big block chains.  Small players have in any case nothing to say concerning the actual block chain, they can only VERIFY that they are using the "right" one.  An SPV wallet does that perfectly for them.

Personally, I'd rather have these scaling solutions put in place before we exclude a whole bunch of unbanked individuals just because we're impatient and want to play with our new toy.

Bitcoin has nothing to do with the "unbanked".  It's not money.  It could have been, if the suggestions in the post I quoted, had been followed.

Ask yourself the question: suppose that I was an evil genie wanting to destroy the world with a paperclip maximizer, but I only have myself and my  computer, how could I possibly do it ?  

I could spend my modest savings into trying to build a robot doing so, but I would be ruined, the army would come in, and bomb it.  Game over.  No.  I have to invent something that will trick people into putting themselves a lot of resources in making paperclips.  How ?  I could try to make people make "paperclips" (that is, something totally useless that eats up economic resources), and reward them for it.  But I don't have the world's finances to reward them for it.  I'd be ruined before doing any bit of damage.    I can't ask them to sell there useless stuff to ME.  But if I can trick them in selling their useless stuff BETWEEN THEM, it might work.  

However, how to trick people into thinking they can sell useless stuff to their neighbour ?  By letting them think it is going to grow in value !  If I can trick people in using more and more resources to make something that is useless, but which they can sell to their neighbour for a higher price than the cost of what they made, I'm done !  Now, what could that useless thing be ?  It can't be something physical.  This has already happened, gold rushes did happen, and did a lot of damage, but not enough.  Something virtual then.  How can I have people use a lot of resources to make something virtual ?  It must be the result of a difficult calculation.  If I could trick people in selling one another results of a difficult calculation, in such a way that people need more and more resources to do those calculations, and can sell these results for a higher and higher price, I'm done. But how can I get people to get to think that the results of there difficult calculation will be worth more than the price of the resources they put into it ?  If I could present those results of difficult calculations as a kind of rare jewel that, for the moment, is still a bargain, that might work.  I can bootstrap people's greed into using more and more resources, to make less and less of these rare jewels.  I only have to find a regulating mechanism so that people will always get rewarded sufficiently for the resources they use up.  How can this be done ?  By organizing a competition of difficulty of calculation of course.  If I can have people compete, and bid up in resources, to solve more and more difficult calculations, using more and more resources, their competition will always be such that they spend almost as much value on the calculations as they expect to obtain by selling them.  In return, if they use more and more resources to make less and less of these jewels, the first holders of these jewels that got it against very little expenses, will now be rich.  That will inspire more and more people to join the rat race, because they also want to be rich.  This will only stop if we're running out of resources to make these rarer and rarer jewels.  I'm done.

Now let's invent a story that sells this to idealists that will do the honest mouth-to-mouth service in the beginning and who are above all suspicion.  Mmm.  We could say that we want a "freedom money".  Ok, here we go:
  
"I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party..."
jr. member
Activity: 33
Merit: 1
I think 1MB is arbitrary, and just happens to be the status quo.

As I understand it, the people who want to keep blocksize as is want to maximise the odds of someone from a developing/under-developed country being able to eventually afford running a full node. Bitcoin is not just meant for us in developed nations, but the world.

Ironically, right now, transaction fees are such that these very people won't be able to use bitcoin. So that is a bit sad.

However, there are supposed to be scaling solutions in the works that don't require increasing the block size.

Personally, I'd rather have these scaling solutions put in place before we exclude a whole bunch of unbanked individuals just because we're impatient and want to play with our new toy.
hero member
Activity: 770
Merit: 629
The mans a legend because it is a legend and he looks like double crossing CIA agent to me for the reasons
that I have listed.

I don't think so.  I've been pondering such, but there are too many things that indicate that he wasn't a 3-lettre agent.  I rather think of the following.  "When an honest man realizes he made a mistake, there are two possibilities: he stops making the mistake, or he stops being honest".

I think Satoshi was "real and honest" in 2008.  Maybe he realized there were severe mistakes in the principles of his system later, but didn't want to stop it openly.  Maybe his 1MB block limit sneaked in was his last attempt to save the world from his Frankenstein paperclip maximizer.
hero member
Activity: 770
Merit: 629
How could satoshi nakamoto have known this maasive scalability might hit bitcoin? Dont forget that bitcoin was the first and foremost cryptocurrency, and other coins have only tried to perfect themselves only based on limitations of bitcoin and learning from it. If bitcoin had not been there

The master of deception brought us the block-chain but also CPU-Wars for mining and then the development team spent years
making everything complicated and now we are at a stage where we have 20,000 miners trying to synchronize 200gb of data and fees
hitting silly levels as a way to deal with scaling of the block that they knew from day one would not scale.

The real danger of this thing is actually that bitcoin really becomes secure with PoW only when its proof of work consumes demonstrably more than half of the world's electricity supply.  Maybe bitcoin is the first
https://wiki.lesswrong.com/wiki/Paperclip_maximizer

It turns essentially everything into mining equipment.  First, it enslaved humanity's greed as its work horse.  Now it wants them to make mining equipment.  Maybe between 2008 and 2010, Satoshi realized this, and wanted to stop that madness with a finite block size ?    Grin

One can estimate (I did it elsewhere) that if all world financial investment put 1% of their holdings in bitcoin, we will be forced to consume 1/3 of world electricity production for mining.  Give or take a rough factor of a few.   Maybe between 2008 and 2010, Satoshi did this simple math too.  I'm surprised nobody else did.  It's quite simple.  Here is the outline.

The state of the art mining is the S9 antminer, consuming 0.1J/GH.  (Joule per Giga Hash).
The current hash rate of bitcoin is of the order of 20 billion GH/s right now (that is proved proof of work).  So the very minimal energy consumption of bitcoin right now is 2 GW.  
But right now:
 - bitcoin's miners are most probably a mix of newer and older technologies, consuming more
 - with the very recent price increase, right now mining is very, very profitable (cost of mining much lower than block rewards+fees in the market).  One roughly estimates this a factor of 5.  This is why hash rate is strongly rising, even if price is dropping: hardware installation hasn't caught up yet.

==> at about $10 000 / BTC, we can roughly estimate the equilibrium power consumption at 10 GW (5 times the lowest possible one right now).

Now, what is bitcoin's maximum "success" market cap ?

If bitcoin is a currency, it will eat away the fiat market, which is several tens of trillions of dollars.  ==> factor of several x100 from now.

If bitcoin is a speculative asset (most likely), it will eat away at the speculation finance market.  That's 2 quadrillion world wide (the derivatives market).  ==> factor of 10 000.  If bitcoin represents 1% of all investment in this market, ==> factor of x100 from now.

So everything points to a factor x100 if bitcoin is a total success story: "most of currency" or "1% of speculative assets".  Personally, I think everything points to speculative asset, but that doesn't matter here.

If x100 in market cap, also x100 in mining power consumption.  Not 10 GW, but 1 TW.  World electricity production: 2.8 TW.

QED.

Very funny to see discussions about scaling whine about *disk space* if you realize this.
newbie
Activity: 104
Merit: 0
Satoshi can't decide the implications of his random choice. Maybe happiness and luckiness come with him!
member
Activity: 210
Merit: 26
High fees = low BTC price
How could satoshi nakamoto have known this maasive scalability might hit bitcoin? Dont forget that bitcoin was the first and foremost cryptocurrency, and other coins have only tried to perfect themselves only based on limitations of bitcoin and learning from it. If bitcoin had not been there

The master of deception brought us the block-chain but also CPU-Wars for mining and then the development team spent years
making everything complicated and now we are at a stage where we have 20,000 miners trying to synchronize 200gb of data and fees
hitting silly levels as a way to deal with scaling of the block that they knew from day one would not scale.

"would not be these better solutions we are seeing now either"

We are seeing much better solutions and they are gaining ground on Bitcoin and will do 25,000 per second on-block apparently
without introducing banking hubs like is happening with the Lightning network.

Mr satoshi nakamoto solved one problem and gave us ten more and he forgot the missing link
that I believe that I have found but here is not the place to go into detail or any tom, dick or harry
will say that they came up with it first.

The mans a legend because it is a legend and he looks like double crossing CIA agent to me for the reasons
that I have listed.
hero member
Activity: 770
Merit: 629
How could satoshi nakamoto have known this maasive scalability might hit bitcoin?

Because he wrote it in November 2008 maybe ?  http://satoshi.nakamotoinstitute.org/emails/cryptography/2/

He kind of expected time to solve the bandwidth/storage issue, and he was correct: In this issue it's time that makes the impossible => possible. Because over time, network and computing technology evolves. The impact of 100gb/day will be different on the networks and PCs of 2008 compared to those of ....2028 or ....2038.

He could fast-forward scaling by changing the network topology from p2p to client-server, but that's not a novelty. Visa does that, Swift does that, etc etc. The novelty is doing it on a peer-to-peer basis, because as he pointed elsewhere in his writings, governments are pretty efficient in shutting down alternative payment systems that operate in a centralized manner.

His solution of November 2008 was perfectly alright:  there would be a class of "specialist mining nodes with farms of specialized hardware", and these nodes would be keeping the block chain in full.  They would also act as SPV servers for the light wallets of the millions of users.

Given the investment that "specialist mining nodes" make in their mining hardware, the extra cost of storage and bandwidth, to serve the normal, non-mining users and their SPV wallets, is relatively small.  The "specialist mining nodes" would be small (or big) data centres.  They could serve of course all the normal, non-mining users.

The network and storage load of an SPV wallet is much, much lighter, as Satoshi explains.  So normal users are not concerned with big block chains. It is good enough to autonomously verify that one isn't telling you jokes, and that the transactions you see ARE part of the block chain.  For Satoshi, you only run a full node (with all the data and network burden) if you also "try to make coins" (that is, mine).   A full non-mining node was an absurdity for Satoshi.

As such, even today, his solution can perfectly scale to VISA levels.  The only caveat is that it shows the de-facto centralization in bitcoin.  Satoshi was thinking of hundreds or thousands of "mining nodes".  In reality, we have a handful of mining pools.  


Quote
Quote
Satoshi is telling bullshit here. And I can't imagine that he doesn't know.  At no point, his phrase, that it would be "detrimental to Jeff", is true.

Garzik would fork off and mine orphans... you can call that detrimental.

Of course he wouldn't, most of the time.  At that time, there weren't enough transactions to fill a block near to 1 MB, and even if he did, he would only make an orphan, not "fork off".  There's nothing dramatic by having an orphaned block.  Until the middle of last year, miners regularly had blocks orphaned.  It is only when bitcoin mining centralization was complete, that no orphans are made any more (since June 2017 more or less).

The limit was way way higher than the size of needed blocks back then, so there wouldn't be any sensible reason to make such blocks.  So limit or no limit, a normal, well-behaving miner (I count Garzik amongst them) wouldn't, ever, make a block larger than 1 MB.  And if you don't make such blocks, you are going to make blocks that are compatible with the others.  And you accept all blocks by the others.  

Again, the only problem would have been if Garzik's patch were majority adopted, and the problem would then be for those that kept their minority hard limit.  At no point it would have been detrimental TO GARZIK:

- Garzik in minority: accepts still all blocks by others ; will normally only make blocks also accepted by others if reasonable ; if not reasonable, will only make a single orphan monster block.  --> not really detrimental to Garzik

- Garzik in majority: everybody is making big blocks and having fun, except for a minority that keeps the hard limit: they will make a small minority chain that has forked off the rest.  --> also not detrimental to Garzik and his majority.


Quote
Quote
To continue: Satoshi's narrative of "let's keep small blocks as long as we can, later we'll switch to big blocks, but first we have to trick people in this thing while it is small", and his code example, would have prompted, if he were honest, to indeed, include this if statement:
"small blocks until block number X".  The fact of not having included this, even while he was saying that one COULD do it that way, and given all comments, indicates he wasn't being serious here.

When I first tried to download the bitcoin client and set it up on my linux box, it started downloading... and I waited, and waited, and waited, and was hearing my hard disk going crrrrr-crrrrr-crrrr from all the seeking and writing, etc etc... after waiting for quite a while and seeing no usable program that I can play with, I got angry. I said "what the fuck is this doing for so long? what the hell is this?".... And I erased the entire folder condemning bitcoin for the bullshit that it was.

That's because you should have used a light wallet like electrum.  Electrum is a SPV wallet, like Satoshi proposed for normal users in November 2008.  If your idea was not to mine, there's no reason you download that huge block chain (unless, like me, if you want to look at it with a hex editor...)

I started out in bitcoin with electrum for my own coins.  I only installed, for fun, a full node during a few years, but I never used it for anything else but to look at the blockchain.  As a wallet, it wasn't great.  I didn't want to use a non-HD wallet.  Using a non-HD wallet is very dangerous, because there's a point in time, when you do a transaction, that the very single only place where your private key resides, is in the wallet.dat file.  If at that moment, your disk scratches, you've lost potentially all your funds.  Even if you made a backup 4 minutes earlier.  Very dangerous. 

Quote
In other words I was prevented from even trying it out by the problematic user experience of having to download a lot, and the associated problems of hard-disk seeking which was making my system crawl.

I could also say: Youtube is bullshit.  I wanted to download the entire datacenter serving Youtube, and it took me a month and a truckload of hard disks.  And I only wanted to look at a single video.  What bullshit, Youtube.  But people don't download all of Youtube to look at a single video.  They connect to a Youtube server, and take what they need.  

As a bitcoin user, you are only interested in a very small part of the block chain: those transactions that you are concerned with (to you, and from you).  That's what a light wallet downloads, together with the cryptographic proof that it is indeed, part of the block chain.  That's what Satoshi already said in that November 2008 mail.
newbie
Activity: 11
Merit: 1
If a genius mind invented such a game-changing technology, it doesn't mean it was part of the CIA or any other government entity.

Bitcoin was probably just an experiment, Satoshi probably never thought it'll get this far and maybe it was not even what he wanted. If BTC would've NOT been an experiment but a cryptocurrency meant for the everyday use, I think he would have written a completely different code. On the other hand, even genius minds sometimes make mistakes. Genius doesn't mean 100% perfect. Look what Satoshi said in early 2009 regarding the scaling of Bitcoin (source https://pastebin.com/Na5FwkQ4):

It would have been nice to get this attention in any other context.  WikiLeaks has kicked the hornet's nest, and the swarm is headed towards us.

He was afraid of something, or hiding from somebody. I wouldn't deny the fact that he is most likely still around here on our forums, maybe even reading this thread though.
legendary
Activity: 1708
Merit: 1049
How could satoshi nakamoto have known this maasive scalability might hit bitcoin?

Because he wrote it in November 2008 maybe ?  http://satoshi.nakamotoinstitute.org/emails/cryptography/2/

He kind of expected time to solve the bandwidth/storage issue, and he was correct: In this issue it's time that makes the impossible => possible. Because over time, network and computing technology evolves. The impact of 100gb/day will be different on the networks and PCs of 2008 compared to those of ....2028 or ....2038.

He could fast-forward scaling by changing the network topology from p2p to client-server, but that's not a novelty. Visa does that, Swift does that, etc etc. The novelty is doing it on a peer-to-peer basis, because as he pointed elsewhere in his writings, governments are pretty efficient in shutting down alternative payment systems that operate in a centralized manner.

Quote
Satoshi is telling bullshit here. And I can't imagine that he doesn't know.  At no point, his phrase, that it would be "detrimental to Jeff", is true.

Garzik would fork off and mine orphans... you can call that detrimental.

Quote
To continue: Satoshi's narrative of "let's keep small blocks as long as we can, later we'll switch to big blocks, but first we have to trick people in this thing while it is small", and his code example, would have prompted, if he were honest, to indeed, include this if statement:
"small blocks until block number X".  The fact of not having included this, even while he was saying that one COULD do it that way, and given all comments, indicates he wasn't being serious here.

When I first tried to download the bitcoin client and set it up on my linux box, it started downloading... and I waited, and waited, and waited, and was hearing my hard disk going crrrrr-crrrrr-crrrr from all the seeking and writing, etc etc... after waiting for quite a while and seeing no usable program that I can play with, I got angry. I said "what the fuck is this doing for so long? what the hell is this?".... And I erased the entire folder condemning bitcoin for the bullshit that it was.

In other words I was prevented from even trying it out by the problematic user experience of having to download a lot, and the associated problems of hard-disk seeking which was making my system crawl.

Big blocks, spamming, etc, definitely had a real potential to significantly reduce user adoption. I speak from experience (it prevented me at an earlier stage compared to when I eventually got in).
Pages:
Jump to: