1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
|
Return-Path: <truthcoin@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id D35DB258
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 22 Jun 2017 20:30:43 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-qt0-f172.google.com (mail-qt0-f172.google.com
[209.85.216.172])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id F0B4F3F2
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 22 Jun 2017 20:30:42 +0000 (UTC)
Received: by mail-qt0-f172.google.com with SMTP id i2so21005680qta.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 22 Jun 2017 13:30:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=subject:to:cc:references:from:message-id:date:user-agent
:mime-version:in-reply-to:content-language;
bh=iYU8SQvyhZ01zT6jHnIS6BRFOIXoY5O226K72BQhT5s=;
b=ixdThDrg/0lbVlAN21pOV6fL9/bKYv7sg4pv+wEF0sQq4FQm1llqOnGklEy4iU2jTs
WW06lWD+QMi5GYULVE9AzcC6hd5DpU7QdBOeWVp/CQnbjBECqlfYNlK+yJsOkRsE9ZNv
ivkFqwuZ1xu4sOfCm9cr6q7YAncfes3lmvlwb8xeL2LPZlxk2/PRfI1VQCSD+UPcHV2Z
6+NaoyChWMW8xMRg4cZDWoDsmpEW6WvwO65thzEJfc2xQb0k3QZU8/5t/U1YzKpCr+IK
nLGDBYA4YRrjtIqulSf25pUBj6PR1M0n7/hhxyY9d2IOZ4Muh8lMEYgX/wUALLd0HLLg
8DAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:subject:to:cc:references:from:message-id:date
:user-agent:mime-version:in-reply-to:content-language;
bh=iYU8SQvyhZ01zT6jHnIS6BRFOIXoY5O226K72BQhT5s=;
b=dD62QbKuF/GNFEmYe999zLSqMzTKi0WZ3MxCBtbyd6HbuKUQ23gbXnu9BQBA4pOcvc
+tnKHCPltFGj8ny340v5LpoY7/tGdtJPjarSfhm2AtxIkCTHORw0MhVzKnMCW5BaQRB9
rE7k4ncXuxMM705YiBx/6L1CTb7Oj2vt5Dwi3RL2rhhIK5OrunJgaP4w+U89B0S7QIaj
IelX7IniKerMZgueIzixjz7ePYVAQd+gktZ0pPjudpmjLTwBbAYXa5k1gZESRmME86QG
XOKodyNRtSIr5NBX1NI2pEjb4an9PEhhAIVJSMGu6/fgqMYZTlcbGKdZbxQr6EK5D8JO
TIEg==
X-Gm-Message-State: AKS2vOyUhJ5hs+46NvAfnQwsQSLSK7OS/d6a3EgnAfO1AtQ/mTHAk+lU
8nSkMo5QOAszb3RJ
X-Received: by 10.200.39.178 with SMTP id w47mr5088659qtw.87.1498163441262;
Thu, 22 Jun 2017 13:30:41 -0700 (PDT)
Received: from [192.168.1.101] (ool-45726efb.dyn.optonline.net.
[69.114.110.251]) by smtp.googlemail.com with ESMTPSA id
o76sm1626209qke.7.2017.06.22.13.30.39
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Thu, 22 Jun 2017 13:30:39 -0700 (PDT)
To: Erik Aronesty <erik@q32.com>
References: <24f2b447-a237-45eb-ef9f-1a62533fad5c@gmail.com>
<83671224-f6ff-16a9-81c0-20ab578aec9d@gmail.com>
<AAC86547-7904-4475-9966-138130019567@taoeffect.com>
<6764b8af-bb4c-615d-5af5-462127bbbe36@gmail.com>
<CAJowKgLJW=kJhcN4B7TbWXLb7U51tzYU3PFOy1m8JqKXqFsU4A@mail.gmail.com>
<33d98418-10f0-3854-a954-14985d53e04b@gmail.com>
<CAJowKgKT2rn3N3L+79JEY_uNfKDewcmgkiEB2mJYx1mg+YjGCQ@mail.gmail.com>
<cd96b01e-46ca-9328-2a0a-82ba96d5183c@gmail.com>
<CAJowKg+u64ZQFEeKMyRXjaLj92o=uJzhpU_jHpPz1CmDNnwOKA@mail.gmail.com>
From: Paul Sztorc <truthcoin@gmail.com>
Message-ID: <ca4c117e-3dba-cf44-775d-dcb49591593e@gmail.com>
Date: Thu, 22 Jun 2017 16:30:39 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <CAJowKg+u64ZQFEeKMyRXjaLj92o=uJzhpU_jHpPz1CmDNnwOKA@mail.gmail.com>
Content-Type: multipart/alternative;
boundary="------------E555BAA90A8066BA4B831A59"
Content-Language: en-US
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Drivechain RfD -- Follow Up
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2017 20:30:43 -0000
This is a multi-part message in MIME format.
--------------E555BAA90A8066BA4B831A59
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Responses inline.
On 6/22/2017 9:45 AM, Erik Aronesty wrote:
> Users would tolerate depreciation because the intention is to have a
> cheap way of transacting using a two-way pegged chain that isn't
> controlled by miners. Who cares about some minor depreciation when
> the purpose of the chain is to do cheap secure transactions forever?
Thus far you've claimed that these transactions would be "cheap", "[not]
controlled by miners", and "secure".
They would certainly not be cheap, because they are relatively more
expensive due to the extra depreciation cost.
I also doubt that they would be free of control by miners. 51% hashrate
can always filter out any message they want from anywhere.
For the same reason, I don't understand why they would be any more or
less secure.
So I think your way is just a more expensive way of accomplishing
basically the same result.
>
> Add in UTXO commitments and you've got a system that is cheap and
> secure-enough for transfer. storage and accumulation of a ledger...
> before moving in to the main chain.
As I posted to bitcoin-discuss last week, I support UTXO commitments for
sidechains.
> Seems better to me than messing with the main chain's incentive
> structure via merged mining.
I don't think that blind merged mining messes with the main chain's
incentive structure. Miners are free to ignore the sidechain (and yet
still get paid the same as other miners), as are all mainchain users.
Paul
>
> On Thu, Jun 22, 2017 at 9:27 AM, Paul Sztorc <truthcoin@gmail.com
> <mailto:truthcoin@gmail.com>> wrote:
>
> Hi Erik,
>
> I don't think that your design is competitive. Why would users
> tolerate a depreciation of X% per year, when there are
> alternatives which do not require such depreciation? It seems to
> me that none would.
>
> Paul
>
> On 6/20/2017 9:38 AM, Erik Aronesty wrote:
>> - a proof-of-burn sidechain is the ultimate two-way peg. you
>> have to burn bitcoin *or* side-chain tokens to mine the side
>> chain. the size of the burn is the degree of security. i
>> actually wrote code to do randomized blind burns where you have a
>> poisson distribution (non-deterministic selected burn). there
>> is no way to game it... it's very similar to algorand - but it
>> uses burns instead of staking
>>
>> - you can then have a secure sidechain that issues a mining
>> reward in sidechain tokens, which can be aggrregated and redeemed
>> for bitcoins. the result of this is that any bitcoins held in
>> the sidechain depreciate in value at a rate of X% per year. =20
>> this deflation rate pays for increased security
>>
>> - logically this functions like an alt coin, with high inflation
>> and cheap transactions. but the altcoin is pegged to bitcoin's
>> price because of the pool of unredeemed bitcoins held within the
>> side chain.
>>
>>
>>
>> On Tue, Jun 20, 2017 at 7:54 AM, Paul Sztorc <truthcoin@gmail.com
>> <mailto:truthcoin@gmail.com>> wrote:
>>
>> Hi Erik,
>>
>> As you know:
>>
>> 1. If a sidechain is merged mined it basically grows out of
>> the existing Bitcoin mining network. If it has a different
>> PoW algorithm it is a new mining network.
>> 2. The security (ie, hashrate) of any mining network would be
>> determined by the total economic value of the block. In
>> Bitcoin this is (subsidy+tx_fees)*price, but since a
>> sidechain cannot issue new tokens it would only be
>> (tx_fees)*price.
>>
>> Unfortunately the two have a nasty correlation which can lead
>> to a disastrous self-fulfilling prophecy: users will avoid a
>> network that is too insecure; and if users avoid using a
>> network, they will stop paying txn fees and so the quantity
>> (tx_fees)*price falls toward zero, erasing the network's
>> security. So it is quite problematic and I recommend just
>> biting the bullet and going with merged mining instead.
>>
>> And, the point may be moot. Bitcoin miners may decide that,
>> given their expertise in seeking out cheap sources of
>> power/cooling, they might as well mine both/all chains. So
>> your suggestion may not achieve your desired result (and
>> would, meanwhile, consume more of the economy's resources --
>> some of these would not contribute even to a higher hashrate).=
>>
>> Paul
>>
>>
>>
>>
>> On 6/19/2017 1:11 PM, Erik Aronesty wrote:
>>> It would be nice to be able to enforce that a drivechain
>>> *not* have the same POW as bitcoin.
>>>
>>> I suspect this is the only way to be sure that a drivechain
>>> doesn't destabilize the main chain and push more power to
>>> miners that already have too much power.
>>>
>>>
>>
>>
>
>
--------------E555BAA90A8066BA4B831A59
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Responses inline.<br>
<br>
On 6/22/2017 9:45 AM, Erik Aronesty wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAJowKg+u64ZQFEeKMyRXjaLj92o=uJzhpU_jHpPz1CmDNnwOKA@mail.gmail.com">
<div dir="ltr">
<div>Users would tolerate depreciation because the intention is
to have a cheap way of transacting using a two-way pegged
chain that isn't controlled by miners. Who cares about some
minor depreciation when the purpose of the chain is to do
cheap secure transactions forever?<br>
</div>
</div>
</blockquote>
<br>
Thus far you've claimed that these transactions would be "cheap",
"[not] controlled by miners", and "secure".<br>
<br>
They would certainly not be cheap, because they are relatively more
expensive due to the extra depreciation cost.<br>
<br>
I also doubt that they would be free of control by miners. 51%
hashrate can always filter out any message they want from anywhere.<br>
<br>
For the same reason, I don't understand why they would be any more
or less secure.<br>
<br>
So I think your way is just a more expensive way of accomplishing
basically the same result.<br>
<br>
<blockquote type="cite"
cite="mid:CAJowKg+u64ZQFEeKMyRXjaLj92o=uJzhpU_jHpPz1CmDNnwOKA@mail.gmail.com">
<div dir="ltr">
<div><br>
Add in UTXO commitments and you've got a system that is cheap
and secure-enough for transfer. storage and accumulation of a
ledger... before moving in to the main chain. </div>
</div>
</blockquote>
<br>
As I posted to bitcoin-discuss last week, I support UTXO commitments
for sidechains.<br>
<br>
<blockquote type="cite"
cite="mid:CAJowKg+u64ZQFEeKMyRXjaLj92o=uJzhpU_jHpPz1CmDNnwOKA@mail.gmail.com">
<div dir="ltr">
<div>Seems better to me than messing with the main chain's
incentive structure via merged mining.<br>
</div>
</div>
</blockquote>
<br>
I don't think that blind merged mining messes with the main chain's
incentive structure. Miners are free to ignore the sidechain (and
yet still get paid the same as other miners), as are all mainchain
users.<br>
<br>
Paul<br>
<blockquote type="cite"
cite="mid:CAJowKg+u64ZQFEeKMyRXjaLj92o=uJzhpU_jHpPz1CmDNnwOKA@mail.gmail.com"><br>
<div class="gmail_extra">
<div class="gmail_quote">On Thu, Jun 22, 2017 at 9:27 AM, Paul
Sztorc <span dir="ltr"><<a
href="mailto:truthcoin@gmail.com" target="_blank"
moz-do-not-send="true">truthcoin@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div class="m_3722835584705217683moz-cite-prefix">Hi Erik,<br>
<br>
I don't think that your design is competitive. Why would
users tolerate a depreciation of X% per year, when there
are alternatives which do not require such depreciation?
It seems to me that none would.<span class="HOEnZb"><font
color="#888888"><br>
<br>
Paul</font></span><span class=""><br>
<br>
On 6/20/2017 9:38 AM, Erik Aronesty wrote:<br>
</span></div>
<span class="">
<blockquote type="cite">
<div dir="ltr">
<div>- a proof-of-burn sidechain is the ultimate
two-way peg. you have to burn bitcoin *or*
side-chain tokens to mine the side chain. the
size of the burn is the degree of security. i
actually wrote code to do randomized blind burns
where you have a poisson distribution
(non-deterministic selected burn). there is no
way to game it... it's very similar to algorand -
but it uses burns instead of staking<br>
</div>
<div><br>
</div>
<div>- you can then have a secure sidechain that
issues a mining reward in sidechain tokens, which
can be aggrregated and redeemed for bitcoins.
the result of this is that any bitcoins held in
the sidechain depreciate in value at a rate of X%
per year. this deflation rate pays for increased
security</div>
<div><br>
</div>
<div>- logically this functions like an alt coin,
with high inflation and cheap transactions. but
the altcoin is pegged to bitcoin's price because
of the pool of unredeemed bitcoins held within the
side chain.</div>
<div><br>
<br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Jun 20, 2017 at
7:54 AM, Paul Sztorc <span dir="ltr"><<a
href="mailto:truthcoin@gmail.com"
target="_blank" moz-do-not-send="true">truthcoin@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0
0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div
class="m_3722835584705217683m_-7917178296017049299moz-cite-prefix">Hi
Erik,<br>
<br>
As you know:<br>
<br>
1. If a sidechain is merged mined it
basically grows out of the existing Bitcoin
mining network. If it has a different PoW
algorithm it is a new mining network.<br>
2. The security (ie, hashrate) of any mining
network would be determined by the total
economic value of the block. In Bitcoin this
is (subsidy+tx_fees)*price, but since a
sidechain cannot issue new tokens it would
only be (tx_fees)*price.<br>
<br>
Unfortunately the two have a nasty
correlation which can lead to a disastrous
self-fulfilling prophecy: users will avoid a
network that is too insecure; and if users
avoid using a network, they will stop paying
txn fees and so the quantity (tx_fees)*price
falls toward zero, erasing the network's
security. So it is quite problematic and I
recommend just biting the bullet and going
with merged mining instead.<br>
<br>
And, the point may be moot. Bitcoin miners
may decide that, given their expertise in
seeking out cheap sources of power/cooling,
they might as well mine both/all chains. So
your suggestion may not achieve your desired
result (and would, meanwhile, consume more
of the economy's resources -- some of these
would not contribute even to a higher
hashrate).<span
class="m_3722835584705217683HOEnZb"><font
color="#888888"><br>
<br>
Paul</font></span>
<div>
<div class="m_3722835584705217683h5"><br>
<br>
<br>
<br>
On 6/19/2017 1:11 PM, Erik Aronesty
wrote:<br>
</div>
</div>
</div>
<div>
<div class="m_3722835584705217683h5">
<blockquote type="cite">
<div dir="ltr">
<div>It would be nice to be able to
enforce that a drivechain *not* have
the same POW as bitcoin. <br>
<br>
</div>
<div>I suspect this is the only way to
be sure that a drivechain doesn't
destabilize the main chain and push
more power to miners that already
have too much power.<br>
</div>
<br>
</div>
<div class="gmail_extra"><br>
</div>
</blockquote>
<p><br>
</p>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<p><br>
</p>
</span></div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<p><br>
</p>
</body>
</html>
--------------E555BAA90A8066BA4B831A59--
|
