Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1428. (Read 4671947 times)

But i mean what failure are you talking about? Before any sort of successful sustained long term attack we will probably have some that are not long term sustainable. Maybe someone can afford to reverse enough trasactions to doublespend a couple of their transactions but the point at which this first becomes potentially profitable will not be the same point at which it becomes reasonable to DOS shut down the network. The point is i think we should be careful not to homogenize "attacks" as if they are all the same.

As for the social contract obsession. Its important. Granted it creates some problems of course reasonable flexability would be ideal. But without the social contract you have nothing. You have no trust. No one knows what they are buying. One person thinks that he is buying something with a currency supply of 21 million and someone else thinks they are buying something with a currency supply of 42 million than you have a disaster in the making. Clearly defined rules are how you avoid conflict. No one comes on my property because everyone knows its my property, if someone else thinks that he owns half of my property and i think that i own half of his than we are going to get into a fight. That rigid social contract that defines the line between the two may be less than ideal for some situations, but it is what protects both of us from conflict. In the bitcoin world it may not come to fistiecuffs but parties will abandon the crypto if the rules are confused and undefined. or they will all fork different ways and create dis-coordination and make all of their monies less useful as money.


This may be a good point. Noted for consideration.

I disagree how it plays out. It won't get to the point where it actually fails, it will simply fail to gain value because its unstable underpinnings will become increasingly obvious. If there were a willingness to make the sorts of hard choices that you mention ahead of actual failure, then it could be saved, but I think the "social contract" obsession will likely prevent that from ever happening. Instead the value will flow elsewhere, to something lacking the flaws. That may already be happening to some extent.

As for the size of Bitcoin's network, I consider all crypto networks tied for zero place relative to fiat. Yes the world needs crypto but Bitcoin only has a negligible lead on anything else looking at the picture from the scale of fiat.

I dont think this is as dire as you think smooth. If bitcoin does get to the point where there is not enough hashing power to protect it, and someone does actually begin DOS'ing or doubespending than this will create the motivation to fork into some change that fixes the problem. Be that more inflation to pay miners or higher transaction fees or even proof of stake. After a successful attack the will to change something to fix the problem will be there. Will it lose some capitalization in the process? sure. But crypto is amazing and the world needs it and bitcoin has the network and inferastructre that no others have or probably ever will have. Honestly im more concerned about overspending on security because it is much more difficult to discover that mistake. Only perhaps through market competition and alternative crypto currency schemes that spend less on security but still are not successfully attacked could we discover that bitcoin is overspending on security.

It is not uncertain, it won't work. The "hard money" BTC types are being unrealistic about how the technology operates, entirely independent of whether their monetary theories are valid or not (I take no position).

BTC is on a collision course with failure, or being reinvented as a centralized ledger system (with the degree of centralization that already exists its almost there already, so this isn't hard to imagine at all) or switching to PoS or something else equally retarded. This is a good example of what I'm talking about when it comes to not being strangled by an inflexible "social contract."

The only way it could possibly work would be to have some internal source of mining rewards that don't increase the money supply, for example demurrage. Actually that's the only one I could think of but maybe there are others. But I guess the Bitcoin version of "social contract" probably prevents that too. Bitcoin is likely beyond saving.

There is a reason that Monero was designed with a minimum block reward, although I'm skeptical that the rapidly declining rewards will continue to secure the network even long before the minimum kicks in. Still better than Bitcoin though.

I meant the 1% of bootstrap coins which get shuffled from the bottom of the deck to the top.  Sorry for mixing shoe/card metaphors.

Nice catch on the multisig derp, but XMR doesn't need multisig to be held in escrow by third parties.  I guess the fund should be divided among several reputable escrow providers for redundancy, until that functionality is enabled internally.  No biggie; social engineering will prevail!   

Did I miss the discussion about the cost/difficulty of exposing multisig?  I see it's already in Cryptonote...

Let's add multisig, trustless Blockchain type web wallet, and p2pool to our Wish List of items for the final platform to be funded by the Bootstrap.

Anything else crucial we want, while keeping within the 184k XMR/~$300k budget?

Damn this is good coffee.  As it must be, if I'm to solve the mystery of optimal post-Bootstrap final emission schedule...

An optimal final emission schedule should converge on a finite number, so we don't have an unlimited number of coins.  Infinite inflation scares the BTC hard money types, although lost coins probably dominate the actually available money supply and results in undesirable(?) net deflation.

But without a lower limit, it is uncertain whether tx fees will be sufficient to provide incentive to miners.

This smells like an empirical question whose correct answer cannot be deduced by analysis.  Maybe modeling would help.  We can't wait for Bitcoin to figure it out first.   

In any case, I think we have to iron out the logically prior details of if/where/when the last 1% of coins actually occur before we move them to the Bootstrap Block.

Maybe we could sidestep the issue by using the second to last 1% instead?     Are their whereabouts known with reasonable certainty?

Such a hard problem!  I wonder what (((((cypherdoc))))) would say.  He's brilliant at this kind of monetary architect stuff.

People seem to think and I agree.....it's problem.

What do you mean by shuffled coins? I don't understand the term.

BTW, multisig doesn't exist in Monero. Of course, that could be one of the funded development items but it is a bit of a bootstrapping problem with your proposal. Relatively minor detail though.

I'm a fan of Bitcon's ultraconservative approach, but I'm also a fan of calculated risk, diversity, innovation, and hedging.

Monero's success grants it the unique privilege of monetizing its devteam's sweat equity by means of the (AFAIK) world's first postmine.

Making our Bootstrap Block on the 100k anniversary of the Troll Block is a pointed reference to the salient moment when Taco and the rest cemented their coin's world-class altcoin rockstar status, proving true RP's statement that Monero is the only hedge to, and coin most likely to achieve parity with, Bitcoin.

The main ideas, a 1% devtax like BBR and a block presale like VIA, aren't new.  We know they are working so far, and don't have to reinvent the wheel.

I like how both approaches are flat taxes.  We whales/botherders/private miners with more to gain shoulder a part of the dev burden proportional to our hlodings and hoards.

As for the social contract, the 18.4 MM figure is a minimum, with a maximum contingent on final outcome of an unsettled debate.

There are a number of options to offset pulling coins from the end, especially since the specifics of how the curve ends (or doesn't end) are in active discussion.

Maybe adopting my proposal will have a clarifying effect on the final emission debate, killing two birds with one stone.

If we must insist on kind-of replacing the relatively insignificant 1% shuffled coins, we increase the (proposed and controversial) hard lower block reward limit.  Increased tx fees are another option to secure revenue for miners in the distant future.  But we're talking about 1% of the coins, that's not a big deal even at the penultimate Tacoshi.

My initial proposal only sets in stone the finality of the one-time only Bootstrap Block and the mining devtax hard upper limit of 1%.

Perhaps it should be expanded to include or even be contingent upon resolution of exactly when/if we'll mine the last Tacoshi.  That will require more thought/coffee...!

There will be no med/long term dumping because of the Bootstrap Block presale.  Read how the VIA presale was conducted; it is a demonstrably optimal form of the gimmicky crowdsourcing ideas being bandied about here earlier.  It's at least equally likely the price will increase in response to the Bootstrap, given that our devteam will now be able to complete its ambitious previously unreachable goals and provide for the mature platform's maintenance in the foreseeable future. 

Image the dumping if the dev team has to quit or scale back their vision for the final platform.  We may already be seeing it today.  Less devs = less security/more risk = dump the truck up.

If you have a more elegant/robust idea than 50/50 XMR/BTC with 5/9 multisig escrow, I'd love to hear it.  Remember to KISS please.

I knew you would have concerns about one of the two non-core people with partial multisig authority.  RP is there to represent the MEW (whale money) and CZ is there to represent the rest of the more-respectable Cryptonote community.  We require at least one adversarial, but authoritative, voice in the mix to prevent groupthink and keep you all honest.  Besides, you only need 5/9 sigs to authorize expenditures.

That is incorrect. Let's look at the OP (which in this regard has not changed since day one, so no funny business here)


The first sentence (with scaling factor applied) corresponds to the 18.4 million. The second sentence says there may be a minimum subsidy, which, if implemented, would inevitably result in sooner or later there being more than 18.4 million coins in circulation (of course not counting lost coins, etc.)

So aside from the issue of whether this alleged social contract even exists and if it exists whether it should be changed, it certainly doesn't even say what you think it says.

Thank you for sharing the experience with LTC though. I wasn't aware of that background and it is definitely interesting. And regardless of what I said above, your specific suggested changes are well taken and helpful.

Preferably dressed, but I hear some people will be attending naked.
~ Myagui

Hi, guys , how should I join in  #Monero-Dev Fireside Chat? Thanks

The number of coins being talked about is 9 days worth of emissions at the present rate.

I come from litecoin which I've been in and out of for the last few years.  They literally have to always beg for donations.  They have hordes of rich bagholders.  They have an active forum and sell advertisements.  Donation drives.  My point is - they have the "several solutions" you are talking about.  And it's barely enough for a mature coin that is basically just a clone of bitcoin.

I want to bring up the social contract again.  The social contract was that eventually there would be 18.4 million coins in circulation.  I'm not an advocate of changing that number in any way shape or form.  However what we are talking about is essentially doing 3 things (in this solution)

A - Changing when they are released.  This essentially creates more short term dillution but does not change the long term "social contract"

B - Changing how they are released.  This is really just stating that the developers are 10% as important as the miners to the long term health of the coin hence it should be released now to make it possible for the other 18,216,000 coins actually get to the point they are usable.

C - It forces everyone to share in the cost of the development.  Including the miners, traders and hodlers.

I'm not saying this is the solution but it's the one I've liked the most so far.

*Edit - I would actually like the idea better of releasing the coins over 1 - 3 years rather than all at once.

This being the Internet and there being no controls over what names people use a forum nicks, don't assume. However, in this case I can confirm that one of them did make that post.

It is my belief that the question of funding will get solved not by a single solution but by a combination of several ones. This in turns means that 1) no option need to be very ambitious and 2) we can afford for some options to be discarded later on as they are deemed inappropriate.
To reiterate what smooth just wrote, the fact that it is happening while the coin is already known and people had time to judge the coin, the project and the team, should definitely help in making it more acceptable. Also, I'm not a big fan of "set in stone" here. My experience proves that, as long as people know that the rules can change later on, there are OK with it. When (possible) changes is part of the contract, this is fine - only unexpected changes should be avoided, changes announced well in advance are OK.

That being said, donations should be handled as they are now: dev decide what to do with the money. Not the competitors, not the donators, not the big investors. This is what we did until now, it allowed us to diligently make the most out of it and, if this doesn't suffice, MEW will act the exact same way.
If this is not enough, consider that governance would become much harder: all of a sudden, someone else than the devs could consider what is a priority without necessarily having all the information to make an informed decision. We would spend more time discussing than acting. Shills and trolls would invite themselves in the discussion to try to sabotage it all. We would have to keep two different accounts: one for money we can use as we see fit and one for money we must ask for usage.
Much ado bloat for nothing, in my opinion. Especially considering we already proved who we are and what we can do, contrary to a pre-launch IPO.

If someone is not comfortable with giving us a blank cheque, then one could use this money on one of the many crowdfunded projects that will pop up later on. Keeping in mind that some crowdfunded projets might never happen if the fundations are not paid...

Still, this is good to have some constructive proposals for ensuring Monero will thrive. Keep it on!

lol. I believe this is actually the cryptographer who the XMR devs had vet the whitepaper ... google is your friend.. I'm not.

geez why so many accounts anonnymint 

The notation in the whitepaper and what you've seen here is proper notation. I = x*H_p(P) means x times H_p(P) where H_p is a hash function, H_p(P) is the hash function evaluated at a point, and * denotes elliptic curve multiplication which is NOT normal multiplication. Just like matrix multiplication is not the same as usual multiplication, elliptic curve multiplication takes place in a different manner than what you learned in, say, elementary algebra class. This is an abstract multiplicative notion, it is quite usual and proper to see it used this way.

For further reading, I would not begin necessarily with fluffypony's wall of links, but with Daepp and Gorkin's "Reading, Writing, and Proving" to learn a little bit about formal mathematics, and then maybe move onto Trappe and Washington's "Introduction to Cryptography." In that order. Be sure to try all the exercises in both books before asking any more questions.

Edit: I a word.

I certainly think it is premature to make any kind of decision or even consider voting, etc., but the discussion is healthy and interesting. I 100% applaud the willingness to think big and break a few "rules" in crafting a proposal, whether or not it gets adopted. More of this please!

There are some things I really like about the idea. For example, compared to a premine or IPO, I very much like that it is happening after there has been some experience with the coin and team, rather than right at the start when it's all promises, no distribution or established market value, and no track record.

There are some things I think are quite strange and need further explanation and/or revision. I'm not even sure how much of this is sincere. Some of the biggest problems with the emission of the coin is the rewards going away too soon. Pulling from the tail end of the distribution makes that worse. Fund being 50/50 in BTC/XMR might be a bad idea to set in stone for all time, and would almost certainly be a bad idea to enforce quickly, because it would require dumping a ton of XMR (unless that were somehow built into the bidding). And CZ?!

I'm not a fan "everything must be set in stone because that is the social contract" model that comes out of Bitcoin's precedent. I think part of the whole idea of doing something that isn't Bitcoin is to try to improve on it, and especially not feel compelled to follow its precedent when it doesn't work for us (and arguably hasn't even worked for it). That is not just code, and especially not just anonymity, but also culture and process.

How about not quoting the whole thing (especially incorrectly) repeatedly though? It makes the thread very hard to read.