I think the fundamental assumption is that "Satoshi invented a useful solution to decentralized consensus".
What people don't realize is that Satoshi's solution only works if two assumptions hold true:
1. Mining is decentralized: If mining is centralized than relying on proof-of-work for consensus is waste since the centralized entity controls the blockchain anyway.
2. Consensus rules don't change: If you see the threat of #1 and so take power away from miners (like Bitcoin has done), then you cannot ever change the consensus ruleset because aside from proof-of-work, Satoshi did not give any solution to the problem of choosing between 2 chains that have slightly different consensus rules. If you change the consensus ruleset (ie. make any changes where 2 nodes disagree on if a block is valid or not), then you need an oracle to tell you which chain to choose. We've seen this when Core developers chose the 0.7 Bitcoin chain in 2013 and when Vitalik chose the forked Ethereum chain in 2016.
At the end of the day, the blockchain's decentralization is a myth because it relies on false assumptions. Satoshi invented a Rube Goldberg machine that is currently using as much electricity as a medium-sized country (and also enabling things like money laundering, drug trafficking, etc.).
Cryptocurrency mining is as close as one can get to a theoretical free market in the real world. Free markets have known modes of failure [1]. One of these is where first-mover advantage and economies of scale combine to produce a barrier to entry; the result is oligopoly or monopoly.
Except that so far it remains to be seen if that can work at scale. Bitcoin is moving towards the lightning network which changes things quite a bit, in particular potentially adding some centralization and giving some nodes advantages over others (well connected nodes with large open channels will have an advantage over a newcomer without connections for instance).
Bitcoin cash is trying an other route with bigger blocks but it remains to be seen if it scales well enough to real-world currency usage. And of course there's the big problem of cryptocurrencies being useless as currencies because they're not stable enough. Which itself can be largely blamed on their limited supply and inflationary nature which is necessary to bootstrap them (there's an incentive to get in early) but seems to turn against them in the long run since nobody wants to spend something that's by design supposed to become scarcer and scarcer.
It might be theoretically free but it doesn't work great so far. And of course we could discuss whether a completely free market is a good or a bad thing, but that's a whole different debate.
>Bitcoin is moving towards the lightning network which changes things quite a bit, in particular potentially adding some centralization and giving some nodes advantages over others (well connected nodes with large open channels will have an advantage over a newcomer without connections for instance).
The centralization narrative involving LN is somewhat mischaracterized IMHO. Given that source-routing puts control of payments into the the payer, you can choose to mitigate the custodial risk of a single hop holding up your funds in their payment channel a number of ways. For instance, there is no reason one payment from person A to person B needs to involve only one route.
Intelligent wallet software, on the order of tens of milliseconds, could break up one payment of $10 into 100 different routes across numerous payment channels. In addition to giving you custodial risk mitigation, its also beneficial for privacy as well.
I think the average human being values convenience and low fees much more than privacy (otherwise Facebook and credit cards wouldn't be quite as popular). That means that I expect that wallets and stores that offer the smallest fee will be the ones people use most. A well connected node will be cheaper to transact with by virtue of not having to open a new channel.
That gives well connected "bank" nodes a lot of power because they can decide who they connect with (you could imagine paying a "bank" node to connect with you to enable cheaper transactions for your customers) and as a user you have an incentive to host your coins in one of these bank nodes so that it remains easily and cheaply available for purchases. Meanwhile a small indie shop (or some guy selling socks on ebay) won't have any channel so transacting with them will end up more expensive than buying from a popular store.
Basically you've reinvented Visa without the insurance, regulations and customer protection. At least that's how it looks like to me.
I guess we'll know soon enough which one of us is right. Maybe the truth is somewhere in between.
> I think the average human being values convenience and low fees much more than privacy
I think it ends up being more nuanced than that, with plenty of gradations of all of those factors.
If it means, "Literally nobody can know whether I prefer pads or tampons, and where I get them, not even the person I buy pads or tampons from", then I'm going to lean toward paying cash at some random drug store. A brick and mortar because getting things shipped to me requires giving them identifying information, and cash because it has literally zero fees and leaves no paper trail.
If I have to buy something online, then I already have to give them my name and address so I can get it shipped to me. At that point I may not care if my bank and the credit card processing agency also have a record of the transaction, because the info's already out there. At that point it's just a question of whether there are privacy laws that prevent parties from selling too much information or not - either way, I'm guessing 1 and 3 parties will ultimately fall in roughly the same equivalence class, on the privacy front.
Personally, I don't see a middle path where blockchain is preferable to either of those options. If I want complete privacy, then I don't want that transaction appearing on the blockchain, either. If I don't, well, might as well get some consumer protection.
In reality, the average person is going to buy pads or tampons in a way that is most convenient to them.
Only the subset of privacy concerned consumers who don't want anyone to know whether they prefer pads or tampons will go out of their way to visit a random drug store.
That's not the argument. The idea is that if a given amount of bitcoins is set to increase in value as time passes (as is supposed to happen if the currency is successful) you don't have a lot of incentive to invest or spend your money.
If you have $100 on your bank account today then you've got incentives to spend or invest it soon because it's slowly losing value because of inflation, your $100 will probably buy you fewer goods and services in the future that it does now.
Now if you have BTC100 on your wallet and you believe that Bitcoin will succeed as a currency then you know for a fact that these bitcoins will be more valuable in the future than they are now (because the demand will grow but the supply is capped). Ergo you have strong incentives to hoard your bitcoins and not spend or invest them. Your savings gain value without actually being invested in anything. They don't contribute to the economy, they don't fund anything.
I don't understand why most cryptocurrency enthusiasts don't see a huge problem in this. How will you get a loan to start your company in the bitcoin world? Who would want to take such a risk when they'll keep getting richer by not doing anything at all? You'd have to promise them ridiculously high returns (higher than bitcoin's deflation at least). The rich gets richer by virtue of being rich, the poor needs to buy food and basic utilities so they can't save their coins to become rich. Basically what we have today, only worse.
I am a big supporter of crypto currencies, and I do see a problem in that. However, the current volatility will level off significantly once there is wider adoption. That will help reduce incentive to hold. I would never recommend somebody give/accept loans in crypto currencies right now. The time will come though (unless governments squash crypto through regulation or outright banning).
That said, there's no guarantee that BTC or any crypto will appreciate indefinitely; in fact quite the opposite. It can (and does) lose value.
This also overlooks the benefits of a non-fiat currency, such as protection against things like hyper-inflation (most of us don't think about this right now, but if you have any friends in Venezuela ask them how important this protection is).
I'd imagine very useful - just sell it for a few thousand and then "Including Venezuela's equivalent of food stamps, the total pay package now rises to 250,531 bolivars, or $32.19 a month" so it should cover that for a while. Or a flight out.
Except that Bitcoin was mostly minted by a small group of users who simply horde it, hoping to sell it to other users who due to the software will not be able to generate it for as low cost as the early users.
It's zero sum (minus the cost wasted in maintaining the network), and the game theory Satoshi designed will inevitably disincentive new users from adopting it as the barrier to entry increases and alternative options will likely obsolete BTC.
Bitcoin is still deflationary, which makes it unusable as money. Inflationary currencies like USD incentivize people to spend and invest. Deflationary currencies incentivize people to hoard.
Bitcoin is inflationary until the mining period ends, which it hasn’t. You could then still increase the virtual money supply through fractional reserve banking; also “investing” is a lot more like hoarding than it is spending…
So far I don't really know if you can call it inflationary or deflationary because while it's true that the supply keeps increasing the main source of variation for the currency's value is speculation. BTC barely qualifies as a currency today so I don't think we can think in these terms, it's more about what it could end up being if it manages to turn into a proper currency.
>You could then still increase the virtual money supply through fractional reserve banking
You can't do fractional reserve banking on-chain as far as I know so that would mean having your money managed by 3rd party banks who would take ownership of your coins, pool them with other people's coins and manage them for you. So... Back to the start?
Furthermore I don't think it solves the problem of deflation, even with a fractional reserve the bank has no incentive to invest the money if the expected return are less than what it would end up with by not doing anything at all (and therefore not taking any risks either). If you have inflation of, say, 2% then any investment expected to create value or even lose less than 2% is a good one. If you have deflation of 2% then an investment that managed to generate 1% of additional value over your investment actually made you lose money because you'd have been better off not doing anything.
Therefore deflation will make it a lot harder to loan money, fractional reserve or not. Interest rates will be a lot higher to make up for it. The poor will pay the price for being poor, the rich will reap the reward for being rich.
>“investing” is a lot more like hoarding than it is spending…
Depends what you invest into I suppose, if you "invest" in gold bullions then you're right, if you're investing in a startup or loaning money to people buying houses then you're powering the economy.
If you compare the thousands of years where deflationary currencies were working well to the modern Era I think most would prefer an inflationary currency.
It would appear the choice between deflationary and inflationary monetary systems was, at some point along the way, democratised.
And the majority chose inflationary monetary systems.
Each of us is free to offer to pay for goods and services with, say, for example, gold, and each of us is free to ask you trade your gold for legal tender and give us that instead - yeah, the one the tax agency accepts.
The only thing stopping deflationary currency from being used by most people is that most people are too busy surfing / skiing / rock climbing / recovering from a hang over / what have you to care much about how monetary value is exchanged. People, on the whole, only seem to really care about convenience. And more specifically, the more convenient it is to spend money, your own or credit, the better.
But is that the way it should be? Also, this isn't universally true. There are some vendors that started accepting Bitcoin as payment. Some of them stopped accepting it a few months ago when transaction fees were insane, but there are still some that do. You can even get debit cards that automatically convert to fiat on the backend, so the consumer can hold crypto and pay in fiat.
Actually, it's the exact opposite. The security of a blockchain is fundamentally dependent on mining being expensive. That is the only defense against a 51% attack. Cheap energy just drives up consumption to the point where mining is expensive enough to deter attacks.
This is ultimately what I think will sink blockchain as a medium of exchange (not necessarily as a store of value). By its very nature it cannot be cheap, so TTPs will always be able to beat it on price.
I'm not even sure that mining being expensive is a great defense against a 51% attack.
If things do end up being an oligopoly, then any one of the members of that oligopoly will only have a relatively small sprint between their current position and a 51% attack. And quite a few options for how to attempt such a sprint.
I meant that the variation in electricity costs harms the reputation of the blockchain. Work needs to be approximately the same difficulty for everyone.
Work needs to be approximately the same difficulty for everyone
Unfortunately the main design and math of of Satoshi's PoW means that users who ran the BTC software app 2009-2014 worked far far far less and spent much less CAPEX and OPEX to generate the majority of BTC that will ever exist.
No, the fundamental assumption is that distributed consensus in itself is useful. So far, there are some applications (databases), but for the stuff they are using the blockchain for, not so much.
Are there other means of distributed trustless consensus as secure as PoW? Secure being the operative word here. Lots of attempts, but none yet convincingly as or more secure.
People who are not crypto-anarchists don't realize that the only reason for proof of work is so you don't have to trust anyone. If there is trust, a centralized database is better in every way vs. Blockchain.
People who do not read modern research don't realize lots of the things they think are true about the state of research are totally false.
They also think that it's Proof of Work that provides a lack of trust. While that's involved, what's actually more meaningful is the demand to quickly select a "profitable" branch to mine and re-mine on. That can exist in PoS as well.
Hedera Hashgraph recently revealed that it supports more than a million transactions per second based on current usage by developers, that's enough to support decentralized servers and open source MMO environments. It uses gossip protocol and a form of voting protocol.
I'm invested a bit in Credits which claims it'll do a million transactions per sec but it's kind of bs - they can do nearly half a million in very limited conditions but in the real world the numbers will probably be far less and I'm a bit skeptical of such claims. I'm not sure that fast is necessary though - credit cards do a few thousand transactions a sec globally so if you can handle that you could potentially at last use crypto to pay for your coffee etc https://medium.com/@viruseslovers45/credits-the-best-blockch...
Yeah, Hashgraph appears to do high tps at relatively small number of nodes, aka will probably work in permissioned/consortium style environment with limited nodes, but whether it can scale in a public environment with unlimited nodes is an open question.
A non sharded public blockchain that doesn't do some kind of validator delegation will always be bottlenecked by a single validators computational capacity, which is on the order of 100-1000. Hedera is really pushing the line on making fraudulent claims here.
Hashgraph doesn't use blockchain - look into interviews with Dr Baird if you're interested. MachineZone, the big game company, is now building on Hashgraph:
Of course, but those aren't trustless per my question. They're designed for single administrative environments like corporate data centers where a trusted entity controls the environment.
The other two possible environments being multi-administrative (permissioned DLT deployed among a consortium of banks or entities sharing administrative privileges) or no-administrative (public permissionless blockchains like Bitcoin/Ethereum). The hard problem is developing consensus algos for the latter that scale while maintaining security of the shared ledger.
There is a large amount of r&d being put into BFT-style proof of stake for Ethereum, it’s always been part of the roadmap. Much work still needs to be done beyond the test net, but so far no fundamental showstoppers have been found. There is also constant collaboration between the researchers and developers of major projects to move the entire field forward.
It’s still early days, unfortunately the hype got far ahead of the tech but progress is being made everyday. I think the same of VR/AR.
If only someone could think to google "BFT Raft extension" or "BFT paxos extension" and find published research. And if only papers from that search had citations. And if only those cited had links to foundational research on generalized BFT strategies. Oh if only we lived in such a world.
If only. If Only. IF ONLY. iF oNLY. If OnLy. iF oNlY.
But one of the biggest selling points of Bitcoin itself was mathematically limited supply. A new cryptocurrency appearing every day fundamentally undermines the value proposition.
Blockchain may have value as a decentralized ledger in other areas, but “lots of blockchain based currencies” aren’t really one of them since it’s self-sabotaging.
And by prospered I mean, never made money, never became self-sustaining at all.
Facebook is still expanding in its 15th year.
MySpace never earned a profit pre Fox acquisition (the Google deal gave it a one time bump).
In historical terms, MySpace is barely a bump in the road, about the size of an Ask.fm type service (ie trivial in today's hyper scale). It's like looking back and thinking Excite was a juggernaut and therefore a supporting piece of evidence that Google is going to die soon.
Facebook will earn ~$20 billion in 2018 and will end the year with $50 billion in cash. That's 86 times what MySpace sold to Fox for.
MySpace peaked in size at a mere 75 million monthly active users. Facebook is nearly 30 times larger.
MySpace then is to Facebook now, what AltaVista at its peak is to Google today.
That doesn't mean that creating a new social network automatically besets the network effects of the most dominant platforms. I realize that platforms sometimes get replaced. It is early days for crypto, to be sure. It certainly hasn't reached maturity yet. However, there are examples of other monopolies (AT&T, Microsoft, GE, etc) that have lasted for many decades.
Network effects, yes like how BTC is owned by a tiny pool of oligarchs who need other users to transfer real capital in for their zero sum pyramid scheme.
One important point: if we actually include all 7 billion
people on the earth, most of whom have zero BTC or
Ethereum, the Gini coefficient is essentially 0.99+. And
if we just include all balances, we include many dust
balances which would again put the Gini coefficient at
0.99+. Thus, we need some kind of threshold here. The
imperfect threshold we picked was the Gini coefficient
among accounts with ≥185 BTC per address, and ≥2477 ETH
per address. So this is the distribution of ownership
among the Bitcoin and Ethereum rich with $500k as of July
2017.
In what kind of situation would a thresholded metric like
this be interesting? Perhaps in a scenario similar to the
ongoing IRS Coinbase issue, where the IRS is seeking
information on all holders with balances >$20,000.
Conceptualized in terms of an attack, a high Gini
coefficient would mean that a government would only need
to round up a few large holders in order to acquire a
large percentage of outstanding cryptocurrency — and with
it the ability to tank the price.
With that said, two points. First, while one would not
want a Gini coefficient of exactly 1.0 for BTC or ETH (as
then only one person would have all of the digital
currency, and no one would have an incentive to help boost
the network), in practice it appears that a very high
level of wealth centralization is still compatible with
the operation of a decentralized protocol. Second, as we
show below, we think the Nakamoto coefficient is a better
metric than the Gini coefficient for measuring holder
concentration in particular as it obviates the issue of
arbitrarily choosing a threshold.
...However, the maximum Gini coefficient has one obvious
issue: while a high value tracks with our intuitive notion
of a “more centralized” system, the fact that each Gini
coefficient is restricted to a 0–1 scale means that it
does not directly measure the number of individuals or
entities required to compromise a system.
Specifically, for a given blockchain suppose you have a
subsystem of exchanges with 1000 actors with a Gini
coefficient of 0.8, and another subsystem of 10 miners
with a Gini coefficient of 0.7. It may turn out that
compromising only 3 miners rather than 57 exchanges may be
sufficient to compromise this system, which would mean the
maximum Gini coefficient would have pointed to exchanges
rather than miners as the decentralization bottleneck.
Conversely, if one considers “number of distinct countries
with substantial mining capacity” an essential subsystem,
then the minimum Nakamoto coefficient for Bitcoin would
again be 1, as the compromise of China (in the sense of a
Chinese government crackdown on mining) would result in
>51% of mining being compromised.
For a decentralized currency, the limited supply is the only value proposition that made it viable. Otherwise the currency itself becomes flooded by mining rather than purchased with other forms of currency, which leads to more miners trying to cash out than people trying to buy in, which leaves the currency itself into a constant, downward price based on sheer supply and demand.
Any type of currency that doesn't have something limiting the supply (not fixed, but at least constrained) becomes valueless by default.
Even if Bitcoin is limited, if cryptocurrencies themselves are not then we're all just giving people a license to print money.
At least with the Federal Reserve there is a governing body limiting the supply of new dollars entering into the system.
> "Satoshi invented a useful solution to decentralized consensus".
I think that even if decentralized consensus is workable, it's irrelevant for Wall Street projects because these organizations already have experience creating strong trust relationships and useful governance for collaboration (e.g., traditional contracts).
PoW is just one of available consensus algorithms. Blockchain doesn’t imply decentralised consensus, you can run it on paxos, raft, authority round or something else, especially for internal, private or semi-private networks. What you get is trail log with proofs that’s immutable and strongly protected against temper.
If your definition of "blockchain" is any distributed database with signed rows and a public read-only API, it's miles away from what Satoshi was talking about... Why don't you just call it a "distributed database with signed entries" or something.
When meeting my company's Head of Blockchain (not sure if the pun is intended) a while ago, I asked him if git would qualify as blockchain technology. He replied that "blockchain is not a technology, It's a paradigm shift". Literally. That statement was so absurd I didn't even know what to say, so it worked out well for him.
This is exactly what's driving my skepticism. The people who I've met who are most vocal about "blockchain" are also the ones who know little to nothing about the algorithm itself (and algorithms in general).
That is exactly the kind of thing I would expect to hear from a "Head of Blockchain". Your company made a great hire, and they will clearly push the boundaries of marketing bullshit with regard to blockchain.
No, very much not. There is no such thing as consensus in blockchain. Can you
(you in particular) even define the term "consensus"? Can you explain how does
your definition relate to what is commonly used in computer science and how it
works with the impossibility proofs?
> (and also enabling things like money laundering, drug trafficking, etc.).
If you're trying to take a dig at blockchain technology for its decentralized nature and ability to circumvent government controls, you should be aware that this is considered a good thing. See https://news.ycombinator.com/item?id=16702684, for instance. The recent SESTA/FOSTA debacle is one example of why such decentralized networks are needed.
I disagree with 1, because the real controller in any cryptocurrency is the software users of the coin are running. You could have trillions in mining hardware but that doesn't matter a bit if a popular implementation changes the mining algorithm to no longer work on your hardware and the userbase starts using that hard fork.
Its the problem that the advocates for larger blocksizes in BTC ran into. So long as the ecosystem itself was predominantly going to stay on the bitcoin core implementation, the advocates for change couldn't force it. Eventually they just hard forked into BCH, while the more popular original chain keeps on going.
That also means that nothing is really decentralized unless you can cause sea change amongst all participants in a cryptocurrency - if you disagree with what the most common implementation is doing, you can't do squat about it, and commit access is never decentralized or democratized. Theres always someone with the master key to the repo. And we have seen plenty of evidence that once established unseating a popular implementation of any crypto is nigh-impossible, regardless of what the developers do.
Aside from the fact that proof-of-work on a world scale utterly defies the CAP theorem, there has never been an economic system that can scale to the level of, say, one order of magnitude close to ubiquity where there are no trusted intermediaries. Human civilizations just won't organize this way.
There is another, more social, assumption he is making: value that is stored on mathematical concepts (e.g., blockchain) is more appealing as value that is stored on more traditional concepts (e.g., reputation, trust).
The social question is the more interesting one. Tech history has suggested that people slowly but surely gravitate to more open systems, but asking folks to hold their life savings in digital currencies that rely on mathamatical promises completly foreign to the average user seems like quite a stretch. It does not exactly help that just about day there is a news article of some new data breach of an online system.
Mainly because known markets were shut down (maybe some new ones have cropped up which are not in that tracker?) and the dominant use of bitcoin transactions currently is wild speculation.
> If you change the consensus ruleset...then you need an oracle to tell you which chain to choose.
What are you talking about? The rule to choose the correct chain is well defined and simple. The longest chain, i.e. the one with the most work done, is the correct chain.
I'm not sure if you've spoken to any Bitcoin developers recently, but they'll tell you you're wrong and that it is the valid chain with the most work, not the chain with the most work. They'll then tell you what valid means.
Some developers would agree with you though, like Gavin Andresen [0].
Either way, you end up with either centralized miners deciding the fate of the chain, or centralized developers deciding the fate of the chain. Both outcomes are contrary to what Satoshi envisioned.
It has always been the longest valid chain though. If miners were to introduce double-spending transactions in a block, full nodes would--by default--reject the blocks, regardless of how much work the chain contains. This also highlights why miners don't control the network and never had.
My understanding is that the danger of miner control is not "double-spending" but making multiple spends and being able to pick the most favorable one after the fact.
As a non-controller if you try to double-spend, you can't know which one of your attempted transactions will be recorded in the ledger and which will be rejected. As a 51% controlling miner, you can choose the 'correct' transaction.
This allows the 51% controlling miner to engage in futures arbitrage.
Double-spending just means spending the same output in multiple transactions--there are many ways to perform a double-spend attack. Your interpretation of a 51% attack is correct.
If it wasn't clear, my comment was referring to a double-spend that would result in an invalid block i.e. both transactions are on the same chain. I simply used an example to argue that it's always been the case that invalid chains are rejected by honest nodes.
A sufficiently large miner could, right now, create a block which created a million bitcoins from nowhere and gave those to them and it would - for a while at least - be the longest chain. No other clients would accept it, of course, but by your definition the chain where someone just made themselves a billionaire would be Bitcoin.
The really funny thing is that we are going to see more and more coins moving towards regular changes to their algorithm to keep ASICs out, and effectively surrender their decentralization.
Taken to the logical conclusion, a supernode that is issuing algorithm changes is no different from a supernode that is signing blocks directly, just vastly more inefficient. Since you are already centralized, there is no reason to have miners at all. It becomes a ponzi scheme where the rewards are paid out randomly to participants.
> and also enabling things like money laundering, drug trafficking, etc.
At this point, I don't worry about those; criminals would operate with or without Bitcoin and we have government agencies dealing with those; I'm more concern about suicide rate that will spike due to BTC/altcoins losing 80% of value.
I have too many acquaintances on my Twitter that last summer were showing me "this cool blue app that helps make 15% a day" and now they remain silent. I tried to contact two of them via cell and it goes nowhere.
Looking at BTC/ETH/altcoins charts, I can only image brain-halt it caused so many people that we putting second/third mortage on their house just to "invest in a blue iphone app" and many cashing out their 401k just to be lest with 5% of their money not even year later.
What people don't realize is that Satoshi's solution only works if two assumptions hold true:
1. Mining is decentralized: If mining is centralized than relying on proof-of-work for consensus is waste since the centralized entity controls the blockchain anyway.
2. Consensus rules don't change: If you see the threat of #1 and so take power away from miners (like Bitcoin has done), then you cannot ever change the consensus ruleset because aside from proof-of-work, Satoshi did not give any solution to the problem of choosing between 2 chains that have slightly different consensus rules. If you change the consensus ruleset (ie. make any changes where 2 nodes disagree on if a block is valid or not), then you need an oracle to tell you which chain to choose. We've seen this when Core developers chose the 0.7 Bitcoin chain in 2013 and when Vitalik chose the forked Ethereum chain in 2016.
At the end of the day, the blockchain's decentralization is a myth because it relies on false assumptions. Satoshi invented a Rube Goldberg machine that is currently using as much electricity as a medium-sized country (and also enabling things like money laundering, drug trafficking, etc.).