Pages:
Author

Topic: will bitcoin become less secure over time? (Read 2666 times)

legendary
Activity: 1050
Merit: 1003
July 18, 2011, 08:25:47 AM
#31
Main point is that network security is designed to decrease over time to near zero in the current protocol. This is a serious issue.

Bullshit. The serious issue is why do you keep trolling this forum.

Okay. I'll ignore your posts and would appreciate it if yould ignore topics started by me. If you cannot do this, I will still ignore your posts.

The forum should be big enough for the both of us.
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
Main point is that network security is designed to decrease over time to near zero in the current protocol. This is a serious issue.

Bullshit. The serious issue is why do you keep trolling this forum.
legendary
Activity: 1050
Merit: 1003
Suffolk bank is irrelevant. Of course a monopoly transaction verifier has an incentive to tell the truth. We have been over the ability of a mining monopoly to solve the problem. In the current system entry into mining or pool operation is very cheap. A monopoly can't capture rents without altering the protocol to forestall free entry. I agree that establishing a mining monopoly is one possible solution. Would the new coin be any better than paypal?

Suffolk bank was not a monopolly. It was a private entitity that at its peak had asociated around 60% of the banks of the state (from memory though, the % could be different). And during some periods it had competition. The prove that it was not a monopolly is the fact that a competiting bank appeared and Suffolk was forced to close its clearing house operations in one year.

The point is:

1. Contrary to what you said, security is not best handled as a monopolly, or at least its not impossible and not profitable to handle by private firms, as real life shows.
2. With all your chaning subject any time you are proven wrong, I even forget what you are trying to prove about Bitcoin.

60% huh. Sounds like they had some market power doesn't it. During some periods it had competition... 

Of course there is a continuum from monopoly to perfect competition. Less security would be provided at every step.

You are right,  ' this discussion is far afield.

Main point is that network security is designed to decrease over time to near zero in the current protocol. This is a serious issue.
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
Suffolk bank is irrelevant. Of course a monopoly transaction verifier has an incentive to tell the truth. We have been over the ability of a mining monopoly to solve the problem. In the current system entry into mining or pool operation is very cheap. A monopoly can't capture rents without altering the protocol to forestall free entry. I agree that establishing a mining monopoly is one possible solution. Would the new coin be any better than paypal?

Suffolk bank was not a monopolly. It was a private entitity that at its peak had asociated around 60% of the banks of the state (from memory though, the % could be different). And during some periods it had competition. The prove that it was not a monopolly is the fact that a competiting bank appeared and Suffolk was forced to close its clearing house operations in one year.

The point is:

1. Contrary to what you said, security is not best handled as a monopolly, or at least its not impossible and not profitable to handle by private firms, as real life shows.
2. With all your chaning subject any time you are proven wrong, I even forget what you are trying to prove about Bitcoin.
legendary
Activity: 1050
Merit: 1003
Suffolk bank is irrelevant. Of course a monopoly transaction verifier has an incentive to tell the truth. We have been over the ability of a mining monopoly to solve the problem. In the current system entry into mining or pool operation is very cheap. A monopoly can't capture rents without altering the protocol to forestall free entry. I agree that establishing a mining monopoly is one possible solution. Would the new coin be any better than paypal?
legendary
Activity: 1050
Merit: 1003
Where does the fund come from to pay for the clusters in case of attack? Voluntarism?


My main point is (and please refute that if you disagree): the security of the Bitcoin network does not need permanently high hashrate - it can be just as secure at a fraction of the cost with a very high standby hashrate available on demand (in case of an attack).

(not my area of expertise) I basically agree with the main point, though there are lingering questions about how quickly the attack needs to be detected and how expensive it would be to have standby hashing capacity. It may or may not be practical.

Of course this is a red herring because it doesn't have anything to do with the incentive issue.
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
Security is a canonical example of a public good. You need to have a serious analysis of the incentives to demand and supply security services before you entrust provision to the market. The normal case is that security is greatly under-supplied because no one in the user base has an incentive to purchase it. If you were to give one person a legal monopoly of mining, (i.e. centralize transaction processing), the incentive situation would improve considerably. Supply-side competition in this case is harmful, it leads to a competitive "race to the bottom" in which security is severely under-supplied.

The only possible (costless) way out of this quagmire is if security isn't really necessary after all. For example, if you can't make mischief with say 75% of hashing power, then the future collapse in security is not a problem. Views on this issue are conflicting and my professional expertise is in economic analysis not the workings of the algorithm.

I dont agree at all. In fact people pay for security to private firms in the present system where there is a monopolly on security and apparently it should not be necesary.

And the private security agencies have not gone away, even in the face of a monpolly, so they are working. Sorry, what you say is not true.

The private security agencies are hired to protect public networks? Very interesting. Could you give me an example?

Stop trolling.

Honestly when I though you could have an honest debate, you start trolling again. Sad.

EDIT: Search Suffolk bank.
legendary
Activity: 1050
Merit: 1003
Security is a canonical example of a public good. You need to have a serious analysis of the incentives to demand and supply security services before you entrust provision to the market. The normal case is that security is greatly under-supplied because no one in the user base has an incentive to purchase it. If you were to give one person a legal monopoly of mining, (i.e. centralize transaction processing), the incentive situation would improve considerably. Supply-side competition in this case is harmful, it leads to a competitive "race to the bottom" in which security is severely under-supplied.

The only possible (costless) way out of this quagmire is if security isn't really necessary after all. For example, if you can't make mischief with say 75% of hashing power, then the future collapse in security is not a problem. Views on this issue are conflicting and my professional expertise is in economic analysis not the workings of the algorithm.

I dont agree at all. In fact people pay for security to private firms in the present system where there is a monopolly on security and apparently it should not be necesary.

And the private security agencies have not gone away, even in the face of a monpolly, so they are working. Sorry, what you say is not true.

The private security agencies are hired to protect public networks? Very interesting. Could you give me an example?
legendary
Activity: 1050
Merit: 1003

You are basically saying that competition is a tragedy of the commons, which is basically nonsense.

A monopolist miner has some incentive to protect the asset in order to preserve his monopoly rents from txn processing.
Competitive miners lack any incentive to protect the asset because they don't earn monopoly rents. None of the client users have sufficient incentives to buy
security because of the free rider problem. However, they should voluntarily purchase an extremely small amount.
As you can see, monopoly power is the only potential source of strong incentives to protect the asset. Increasing competition decreases security.

Monopoly is not sustainable without restrictions on who is allowed to mine, however. People will enter to capture rents.

Without intervention the free market equilibrium is a) extremely tiny txn fees, b) extremely low difficulty, and c) a large number of atomistic miners.

You better either a) hope that the protocol is changed, b) hope that security isn't necessary after all, or c) wait for a currency project with a sustainable design to come along.

legendary
Activity: 910
Merit: 1001
Revolutionizing Brokerage of Personal Data
Where does the fund come from to pay for the clusters in case of attack? Voluntarism?
Everybody using Bitcoin as a form of payment or as a store of value has an interest that the system stays secure. If Bitcoin goes mainstream then large merchants or financial institutes would probably be more than willing to fund a Bitcoin network security insurance.

For the same reasons, merchants and banks invest in electronic scanning equipment to check for counterfeit banknotes, they would be willing to pay some money to insure against counterfeited (ie. double-spent) Bitcoins, no?

Besides, such a Bitcoin insurance would probably be rather cheap in comparison.

My main point is (and please refute that if you disagree): the security of the Bitcoin network does not need permanently high hashrate - it can be just as secure at a fraction of the cost with a very high standby hashrate available on demand (in case of an attack).
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
Security is a canonical example of a public good. You need to have a serious analysis of the incentives to demand and supply security services before you entrust provision to the market. The normal case is that security is greatly under-supplied because no one in the user base has an incentive to purchase it. If you were to give one person a legal monopoly of mining, (i.e. centralize transaction processing), the incentive situation would improve considerably. Supply-side competition in this case is harmful, it leads to a competitive "race to the bottom" in which security is severely under-supplied.

The only possible (costless) way out of this quagmire is if security isn't really necessary after all. For example, if you can't make mischief with say 75% of hashing power, then the future collapse in security is not a problem. Views on this issue are conflicting and my professional expertise is in economic analysis not the workings of the algorithm.

I dont agree at all. In fact people pay for security to private firms in the present system where there is a monopolly on security and apparently it should not be necesary.

And the private security agencies have not gone away, even in the face of a monpolly, so they are working. Sorry, what you say is not true.
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
The failure of what you are saying is that a extremely efficient miner with very little hash power, will take very long to get a block thus taking away very little fees from the other miners. Unless the efficient miner starts expanding and adquire more hasing power it would not represent a threat to the rest of the miners. Therefore you already have more hashing power appearing.

This makes no sense. TX fee price is determined by the most efficient miner. Unless you assume all miners equally efficient, the more efficient ones can charge lower TX fees and thus drive the less efficient out. All miners reaching equal efficiency in a competitive environment doesn't seem likely either.

I need not go into your other points. An argument with one point broken is broken. I am tired of this, I again see no model coupling attacker size to network size and thus difficulty. The "argument", apart from being false, would apply to any network size. That does not seem reasonable at all.

Please, read a little more carefully before claiming things I can show false in two statements and absurd in one.

Efficient miner is different than a miner with a lot of hasing power. I can start mining with a very efficient system (consuming less energy for Hash than my competition) but still have very little processing power, and I would need time and money to get to their position, which in turns gives them the opportunity to react. Its called the market process.

Therefore being efficient does NOT imply getting a lot of fees. It will tend to go there with time, but a) the efficient miner needs to add more hashing power, thus avoiding the problem of reducing the hashing power, b) the others will react and try to become efficient as well.

You are basically saying that competition is a tragedy of the commons, which is basically nonsense.
legendary
Activity: 1050
Merit: 1003
I'm still thinking about this, but I'm sceptical that there will be a functional outcome here. Right now, about 50% (something like that, exact figure please) of the money supply is being issued per annun to pay for security. If you want the ratio between the size of potential attack rewards and the cost of an attack to remain constant, you would need a 50% (again approximate) annual wealth tax to achieve this. If this doesn't scream unsustainable, then I don't know what does. How could anyone rationalize setting up a system like this? It is an incredibly inefficient use of resources.

But again you are forgetting that the decline in Bitcoin generation does not go away suddenly. Its progressive over time and wont end until 2040. Miners have plenty of time and also the incentives to adapt.

What you are proposing is a fixed level of fees depending on a set of conditions that you think are the best. But how is this fixed system that you are proposing not more dangerous and less adaptable than a system where the miners, the people with the experience and the information, deciding at every moment the best strategy? Imagine the percentage or rules you propose are too much or too little? That would hurt Bitcoin big time. Its better to leave the miners decide what they need to charge to be in business.


Security is a canonical example of a public good. You need to have a serious analysis of the incentives to demand and supply security services before you entrust provision to the market. The normal case is that security is greatly under-supplied because no one in the user base has an incentive to purchase it. If you were to give one person a legal monopoly of mining, (i.e. centralize transaction processing), the incentive situation would improve considerably. Supply-side competition in this case is harmful, it leads to a competitive "race to the bottom" in which security is severely under-supplied.

The only possible (costless) way out of this quagmire is if security isn't really necessary after all. For example, if you can't make mischief with say 75% of hashing power, then the future collapse in security is not a problem. Views on this issue are conflicting and my professional expertise is in economic analysis not the workings of the algorithm.
legendary
Activity: 1036
Merit: 1002
The failure of what you are saying is that a extremely efficient miner with very little hash power, will take very long to get a block thus taking away very little fees from the other miners. Unless the efficient miner starts expanding and adquire more hasing power it would not represent a threat to the rest of the miners. Therefore you already have more hashing power appearing.

This makes no sense. TX fee price is determined by the most efficient miners -- all prices will cascade down if one appears that offers fees smaller than any other. Unless you assume all miners equally efficient, the more efficient ones can charge lower TX fees and thus drive the less efficient out CONTINUOUSLY. The process will repeat every time difficulty adapts. All miners reaching equal efficiency in a competitive environment doesn't seem likely either.

I need not go into your other points. An argument with one point broken is broken. I am tired of this, I again see no model coupling attacker size to network size and thus difficulty. The "argument", apart from being false, would apply to any network size. That does not seem reasonable at all.

Please, read a little more carefully before claiming things I can show false in one paragraph and absurd in one statement.
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
I'm still thinking about this, but I'm sceptical that there will be a functional outcome here. Right now, about 50% (something like that, exact figure please) of the money supply is being issued per annun to pay for security. If you want the ratio between the size of potential attack rewards and the cost of an attack to remain constant, you would need a 50% (again approximate) annual wealth tax to achieve this. If this doesn't scream unsustainable, then I don't know what does. How could anyone rationalize setting up a system like this? It is an incredibly inefficient use of resources.

But again you are forgetting that the decline in Bitcoin generation does not go away suddenly. Its progressive over time and wont end until 2040. Miners have plenty of time and also the incentives to adapt.

What you are proposing is a fixed level of fees depending on a set of conditions that you think are the best. But how is this fixed system that you are proposing not more dangerous and less adaptable than a system where the miners, the people with the experience and the information, decide at every moment the best strategy? Imagine the percentage or rules you propose are too much or too little? That would hurt Bitcoin big time. Its better to leave the miners decide what they need to charge to be in business.

EDIT:

Quote
Again, still thinking, but my intuition is that this would indeed occur:

Already answered to him. See above. Competition does not work the way he is portraying it. According to him/her competition is a tragedy of the commons. If that were true, the human race would have disappeared long ago.
legendary
Activity: 1050
Merit: 1003

3. What you are proposing is already posible

The "solution" to the no-problem is already in place. Miners can decide which transactions they process and which transactions they dont. If they feel they are not being payed enough they can decide to not process transactions with a fee that does not met a certain percentage of the bitcoins being transfered, for example a 0.5%. So if someone with a lot of bitcoins wants to transfer them the miners can decide not to unless that person pays a fee that pleases them.

Again, still thinking, but my intuition is that this would indeed occur (Edit: what would happen to difficulty in absolute terms is hard to say, it depends on USD-denominated prices. However, relative to its level prior to the end of minting difficulty will certainly go way, way down):

All but the cheapest miners will be pushed out of the market, reducing difficulty, which in turn creates competition among the cheapest miners. It's a Tragedy of the Commons, with only the non-profit miners remaining in the end, and difficulty converging to zero.
legendary
Activity: 1148
Merit: 1001
Radix-The Decentralized Finance Protocol
And last, this has been discussed already. Why keep opening threads discussing the same again and again?

Because every time it has been actually discussed, the result was Bitcoin security NOT functioning properly after minting, and NO consensus on a choice of block size limit being in place. One cannot reduce a two-variable problem (difficulty, fees) to a one-variable problem (fees) without any explanation as to why this can be done.

Thank you for pointing out that this thread is just a rehash of another thread. Why not continue the discussion there, instead of making everybody repeat the same arguments? Propagandizing or trolling are the only two options I can imagine.

Quote
Neglect block size limit, and see what you get. All but the cheapest miners will be pushed out of the market, reducing difficulty,

No, this if false. It is true that the inefficient miners will be pushed out of the market, but that does not mean reducing difficulty in a meaningful way. What will happen is that the more efficient miners will take the place of the less efficient miners, and probably a part of the less efficient miners will learn how to become more efficient.

The failure of what you are saying is that a extremely efficient miner with very little hash power, will take very long to get a block thus taking away very little fees from the other miners. Unless the efficient miner starts expanding and adquire more hasing power it would not represent a thread to the rest of the miners. Therefore you already have more hashing power appearing.

Quote
which in turn creates competition among the cheapest miners. It's a Tragedy of the Commons, with only the non-profit miners remaining in the end, and difficulty converging to zero.

See above.

Quote
I have had discussions in lengthy threads about it, and the bottom line was fairly clear. People arguing that current Bitcoin protocol would work don't even have a model they agree on! Some want to remove limits, some don't, some think cartels will do the job, some just neglect the Tragedy of the Commons... and each argument showed significant flaws. The only model that really gets backing has difficulty not only de-coupled from possible attacker size, but also converging to very low values unless limits on transactions push fees to arbitrary numbers.

I though the Bitcoin community was dogmatic. Now the problem is too many opinions? Some people are never happy.

Quote
See the following thread for the discussion, or the linked post in which I tried to summarize models. It's a mess, but if you take some time to think about it, it becomes clear that there is something wrong.

Thread on difficulty equilibrium after minting:
http://forum.bitcoin.org/index.php?topic=6284.0

Post in which I try to show that people who don't see a problem hardly ever agree on a model:
http://forum.bitcoin.org/index.php?topic=6284.msg111735#msg111735

I dont see how you have answered to my points.
legendary
Activity: 1050
Merit: 1003
It's a mess, but if you take some time to think about it, it becomes clear that there is something wrong.

+1
legendary
Activity: 1050
Merit: 1003
1. You are ignoring initial investment.

It might not be profitable to buy more hardware because the rate of return is so low that it will take too long to recover, but it might still be profitable to keep the hardware running. Miners will hardly stop mining as long as the income is slightly above the price of electricity. So maintaing a certain hashing power once the network has gotten there is not that difficult.

This is irrelevant. Two reasons:
a) Attackers would probably rent hardware by establishing many different pools and buying bitcoin to pay off participating miners. Miners would not need to know they are participating. The rental rate is the appropriate metric of attack cost. Sunk costs (such as the initial cost of hardware are irrelevant).

b) Even if attackers purchase hardware rather than rent it, old hardware will be broken or poor quality after a few years. In this unlikely scenario, overcapacity due to past investment only postpones a severe security situation, it does absolutely nothing to solve it.

2. The value of Bitcoin creates incentive both ways.

If Bitcoin value goes up incentivates more cheaters, but it also makes mining more profitable atracting more hashing power. Also, Bitcoin has been created to be used widely, so it will generate a big amount of transaction and therefore transaction fees. The initial compensation for block is a way to jumpstart the system and at the same time distribute the currency.

This is accounted for in the assumptions I gave. I think it is quite clear that without expanded txn fees the incentives to hash decline exponetionally, while the incentives to attack increase additively. Txn fees will need to increase exponentially to offset these two effects. Without a percentage-based txn fee, there is no way this will work.

3. What you are proposing is already posible

The "solution" to the no-problem is already in place. Miners can decide which transactions they process and which transactions they dont. If they feel they are not being payed enough they can decide to not process transactions with a fee that does not met a certain percentage of the bitcoins being transfered, for example a 0.5%. So if someone with a lot of bitcoins wants to transfer them the miners can decide not to unless that person pays a fee that pleases them.
I'm still thinking about this, but I'm sceptical that there will be a functional outcome here. Right now, about 50% (something like that, exact figure please) of the money supply is being issued per annun to pay for security. If you want the ratio between the size of potential attack rewards and the cost of an attack to remain constant, you would need a 50% (again approximate) annual wealth tax to achieve this. If this doesn't scream unsustainable, then I don't know what does. How could anyone rationalize setting up a system like this? It is an incredibly inefficient use of resources.

And last, this has been discussed already. Why keep opening threads discussing the same again and again?

It seems pretty important that users and developers are aware of the security situation. Could you please help by linking to the old threads.



legendary
Activity: 1036
Merit: 1002
And last, this has been discussed already. Why keep opening threads discussing the same again and again?

Because every time it has been actually discussed, the result was Bitcoin security NOT functioning properly after minting, and NO consensus on a choice of block size limit being in place. One cannot reduce a two-variable problem (difficulty, fees) to a one-variable problem (fees) without any explanation as to why this can be done.

Neglect block size limit, and see what you get. All but the cheapest miners will be pushed out of the market, reducing difficulty, which in turn creates competition among the cheapest miners. It's a Tragedy of the Commons, with only the non-profit miners remaining in the end, and difficulty converging to zero.

I have had discussions in lengthy threads about it, and the bottom line was fairly clear. People arguing that current Bitcoin protocol would work don't even have a model they agree on! Some want to remove limits, some don't, some think cartels will do the job, some just neglect the Tragedy of the Commons... and each argument showed significant flaws. The only model that really gets backing has difficulty not only de-coupled from possible attacker size, but also converging to very low values unless limits on transactions push fees to arbitrary numbers.

See the following thread for the discussion, or the linked post in which I tried to summarize models. It's a mess, but if you take some time to think about it, it becomes clear that there is something wrong.

Thread on difficulty equilibrium after minting:
http://forum.bitcoin.org/index.php?topic=6284.0

Post in which I try to show that people who don't see a problem hardly ever agree on a model:
http://forum.bitcoin.org/index.php?topic=6284.msg111735#msg111735


The only thing that looks promising is the block message rule 13: "Reject if timestamp is after the median time of the last 11 blocks", as this could be used to prevent chain splitting after a certain amount of time. But I think things should be formal and proven secure, not just happen to make difficulties for an attacker.
Pages:
Jump to: