pull down to refresh
60 sats \ 12 replies \ @freetx 3 Jun \ on: Are you comfortable with Bitcoin's security model? AskSN
There is no problem that needs to be fixed. You are unintentionally gaslighting.
If mining is unprofitable, then miners stop doing it.....once hash rate falls (or prices rise) it becomes profitable again.
The systems was designed to self-balancing. There is no need for there to be "ever increasing hashrate". Bitcoin is secure as long as present hashrate is sufficient to stop attacks on the chain...
Wall-street loves ultra-predictable, low-margin businesses, since they provide predictable yield that can operate in a more structured finance view of capital deployment, thus there will always be money available for such ventures.
The hashrate has to change to ensure the blocks are created at a predictable rate.
reply
reply
I think he means difficulty because hash rate and price are usually correlated
reply
Both. If difficulty doubles, the required hashrate to produce a block in the same amount of time also doubles. Could be either total # of hashes for all miners combined, or # of hashes per CPU. Whatever your hashrate, it has to "change to ensure the blocks are created at a predictable rate."
What did you mean?
reply
Sorry for the gaslighting, definitely not intentional. I want to be proved wrong and to learn.
The self-balancing part has a tradeoff. Less total hashrate, once ASICs have been manufactured, means that there's a lot of supply of powerful tools to attack Bitcoin laying around.
From another comment:
[...] leaves a lot of unprofitable ASICs for sale at very low prices. Something like having a lot of guns to defend something but stopping to pay the security guards. Some might stay out of conviction or whatever. But only from the ones that have the capacity to work for free. And now there are a lot of guns from the ex-security guys being sold for peanuts in the streets. It's the same guns used to protect than to attack.
reply
once ASICs have been manufactured, means that there's a lot of supply of powerful tools to attack Bitcoin laying around.
The electricity is not free, so having an ASIC laying around doesn't matter.
Look mining started with CPUs and GPUs....you probably have several of those laying around your house....does that present a "threat" to bitcoin?
Mining is always going to operate at the margins of profitability. Its the nature of the industry...
reply
Sure, but why didn't Satoshi choose PoW that CPUs or GPUs could already do efficiently back then? Because that would give some countries and companies with huge datacenters the possibility of attacking Bitcoin when it was still wearing diapers.
If at some point ASICs that consume more than X W/Th are being disconnected because they're no longer profitable, and someone can get access to those for very cheap, there could be more hashrate in machines of X+1 W/Th laying around than in the network. And if by then the cost of an attack is just 10x of the security budget, and the security budget does not even reach 0.1% of what's protecting, it's simple math for someone to do an attack for profit or just reckless to “end” Bitcoin.
It's better explained here: https://www.youtube.com/watch?v=0bUpF0wJrxo
reply
Because Satoshi never intended for PoW to be the end-all be-all solution to the double spending problem. How could anyone believe that a cypherphreak trying to implement a workaround to totalitarian power would create something that gives the most money to the most powerful. It's the exact opposite of decentralized (aka p2p). Just ask yourself, does this benefit peers in a p2p network? If the answer is no, then it is not what Satoshi intended.
Satoshi posted a lot about Proof of Stake and Web of Trust, terms that he repeatedly noted had novel definitions. He defined proof-of-stake as the hash of your stake in a given system. Your participation. In a txting app, it's your conversations. Where there exists public and private data. Public data is that which can be agreed upon by other actors (generals), such as your name and phone number and length of time online. Private data is the content of the texts between two parties. If encrypted in an append only hashed timechain, that content can be used to do one-way authentication and signing, which is very useful for circumventing surveillance. This concept can be applied to any p2p app, such as a Bitcoin ledger.
Once the initial network is generated and agreed upon using proof of work, you no longer need to use PoW to ensure byzantine consensus, or perhaps it is not needed at all, if the network is agreed upon in some other way, perhaps by wide publication of the genesis block.
How can anyone mention "$100k per transaction fees" as being logically sound? Obviously that is not how Bitcoin is supposed to work. How does that facilitate "probably there will always be miners willing to accept zero fee transactions" from the whitepaper?
Remember the difficulty is auto adjusting. Obviously everything should be auto adjusting to facilitate all beneficial transaction types. Miners should only be eligible for reward when they have a block that contains sufficient diverse attributes defined such that they facilitate the network goals. Goals like micro transactions, large cheap transactions, time-stamping documents, encrypted communication, fast tx for messaging apps, proof of replication for archival purposes, reputation/reviews for spam/DOS prevention, distributed p2p network health, etc...
When Satoshi wrote one-cpu-one-vote he proffered that as an alternative to one-IP-one-vote in order the prevent large orgs buying up many IPs and getting a disproportionately high voting power. The system should be designed to distribute the wealth and power fairly to each person and use this distributed network to disincentivise concentration of power.
Why are we worried about Cybill attacks? Doesn't the timechain automatically buffer against them? Oh look, here's a transaction signed by this address with a prior sequence (block) number and a prior time, sent from these coins, to recipientX, now here's another transaction spending the same coins but with different attributes. Why would anyone do that in good faith? If only we had a distributed network that could broadcast information about such haxxor attempts to prevent them from being performed secretly. Oh, we do? Why isn't it being used?
Satoshi said the network would ignore invalid transactions automatically, so no need to track bad actors. This is generally true, unless there is a huge state level actor doing a Cybill attack and rewriting a long chain of blocks. Well, this is easily preventable because why did all of the Western hemisphere not hear about any of the last 20 blocks then all the sudden everyone else is spamming us with 20 blocks different from our 20 blocks?? If there is not already coded alarms/logs for such anomalies, then the system was designed to facilitate them.
so... is Bitcoin designed to facilitate theft?
reply
Because Satoshi never intended for PoW to be the end-all be-all solution to the double spending problem. How could anyone believe that a cypherphreak trying to implement a workaround to totalitarian power would create something that gives the most money to the most powerful. It's the exact opposite of decentralized (aka p2p). Just ask yourself, does this benefit peers in a p2p network? If the answer is no, then it is not what Satoshi intended. Satoshi posted a lot about Proof of Stake and Web of Trust, terms that he repeatedly noted had novel definitions. He defined proof-of-stake as the hash of your stake in a given system. Your participation. In a txting app, it's your conversations. Where there exists public and private data. Public data is that which can be agreed upon by other actors (generals), such as your name and phone number and length of time online. Private data is the content of the texts between two parties. If encrypted in an append only hashed timechain, that content can be used to do one-way authentication and signing, which is very useful for circumventing surveillance. This concept can be applied to any p2p app, such as a Bitcoin ledger. Once the initial network is generated and agreed upon using proof of work, you no longer need to use PoW to ensure byzantine consensus, or perhaps it is not needed at all, if the network is agreed upon in some other way, perhaps by wide publication of the genesis block. How can anyone mention "$100k per transaction fees" as being logically sound? Obviously that is not how Bitcoin is supposed to work. How does that facilitate "probably there will always be miners willing to accept zero fee transactions" from the whitepaper? Remember the difficulty is auto adjusting. Obviously everything should be auto adjusting to facilitate all beneficial transaction types. Miners should only be eligible for reward when they have a block that contains sufficient diverse attributes defined such that they facilitate the network goals. Goals like micro transactions, large cheap transactions, time-stamping documents, encrypted communication, fast tx for messaging apps, proof of replication for archival purposes, reputation/reviews for spam/DOS prevention, distributed p2p network health, etc... When Satoshi wrote one-cpu-one-vote he proffered that as an alternative to one-IP-one-vote in order the prevent large orgs buying up many IPs and getting a disproportionately high voting power. The system should be designed to distribute the wealth and power fairly to each person and use this distributed network to disincentivise concentration of power. Why are we worried about Cybill attacks? Doesn't the timechain automatically buffer against them? Oh look, here's a transaction signed by this address with a prior sequence (block) number and a prior time, sent from these coins, to recipientX, now here's another transaction spending the same coins but with different attributes. Why would anyone do that in good faith? If only we had a distributed network that could broadcast information about such haxxor attempts to prevent them from being performed secretly. Oh, we do? Why isn't it being used? Satoshi said the network would ignore invalid transactions automatically, so no need to track bad actors. This is generally true, unless there is a huge state level actor doing a Cybill attack and rewriting a long chain of blocks. Well, this is easily preventable because why did all of the Western hemisphere not hear about any of the last 20 blocks then all the sudden everyone else is spamming us with 20 blocks different from our 20 blocks?? If there is not already coded alarms/logs for such anomalies, then the system was designed to facilitate them. so... is Bitcoin designed to facilitate theft?
Thanks for the thoughtful response.
The 100k transaction fee scenario was in sats, not USD. It's basic math about what would be needed to maintain current security levels if block rewards continue halving and the security budget shrinks relative to network value. The whitepaper's mention of "zero fee transactions" was written when block rewards were 50 BTC and the network was tiny. Economic incentives evolve.
On difficulty adjustment - yes, it adjusts to maintain block times, but it doesn't magically solve the security budget problem. If total mining revenue (subsidy + fees) becomes too small relative to what's being secured, the network becomes vulnerable regardless of difficulty.
The "Sybil attack" concern you mention is actually exactly what I'm worried about, but in reverse. When mining becomes unprofitable for honest actors, attackers can potentially acquire cheap hashrate (from miners shutting down) and reorganize the chain. Maybe it's enough to add a limit of how many blocks in the past can be rewritten. But that's not yet part of the consensus rules or Bitcoin client implementations.
Bitcoin isn't "designed to facilitate theft" - but any system with economic incentives can become vulnerable if those incentives break down. That's why this conversation matters.
reply
No"Bitcoin isn't 'designed to facilitate theft'"
The Balthazar Grecian said, "Never attribute to malice that which can be explained by incompetence."
Therefore inexplicable incompetence must be malice. The completely undocumented source code we are led to believe came from Satoshi is so awful it must be malice, IMHO.
The MtGOX fiasco and whitewashing, is so inexplicable... e.g. why is there no media investigation of the missing 850,000 bitcoins? Do I have to do it myself??? How could Karpeles receive no jail time when he was caught committing fraud unrelated to the exchange theft? Inexplicable coverup = malice.
The 1MDB fiasco.. supposed 6 countries and Malaysia with the full advisement of Goldman Sachs thought it was smart to steal billions of dollars from Malaysia by depositing the money directly into the Prime Minister's personal bank account? Really? You believe that? Or did Satoshi try to help the people of Malaysia and cash himself out to the tune of $1B USD, by selling a million or so BTC to the 1MDB fund.... and that transaction was then covered up and stolen by state level actors? Which seems more likely? It's easy to trace the 11 50,000 BTC transfers and the other 10,000 and 20,000 transfers in the year 2011 to laundering operations involving vanity addresses starting with 1DMB. (Funny right?). Also, MtGox, and a vanity wallet called Ross Ulbricht. But what you will see immediately is a 500,000 Bitcoin transfer that immediately in the ensuing hours and days sends out round number txs in 100, 200, or 300 BTC amounts every few hours. Exactly as Prime Minister Najib was instructed to do by Satoshi, an employee of Goldman Sachs at the time. Those 100-300btc magnitude txs should be able to be easily traced back to individual persons and govt officials cooperating with Najib in full knowledge of the whole Goldman Sachs-Malaysia-Satoshi-1MDB Bitcoin deal to promote the economic development of the Malaysian people.
Bitcoin was definitely designed to do that!