pull down to refresh
10 sats \ 6 replies \ @freetx 3 Jun \ parent \ on: Are you comfortable with Bitcoin's security model? AskSN
The electricity is not free, so having an ASIC laying around doesn't matter.
Look mining started with CPUs and GPUs....you probably have several of those laying around your house....does that present a "threat" to bitcoin?
Mining is always going to operate at the margins of profitability. Its the nature of the industry...
Sure, but why didn't Satoshi choose PoW that CPUs or GPUs could already do efficiently back then? Because that would give some countries and companies with huge datacenters the possibility of attacking Bitcoin when it was still wearing diapers.
If at some point ASICs that consume more than X W/Th are being disconnected because they're no longer profitable, and someone can get access to those for very cheap, there could be more hashrate in machines of X+1 W/Th laying around than in the network. And if by then the cost of an attack is just 10x of the security budget, and the security budget does not even reach 0.1% of what's protecting, it's simple math for someone to do an attack for profit or just reckless to “end” Bitcoin.
It's better explained here: https://www.youtube.com/watch?v=0bUpF0wJrxo
reply
Because Satoshi never intended for PoW to be the end-all be-all solution to the double spending problem. How could anyone believe that a cypherphreak trying to implement a workaround to totalitarian power would create something that gives the most money to the most powerful. It's the exact opposite of decentralized (aka p2p). Just ask yourself, does this benefit peers in a p2p network? If the answer is no, then it is not what Satoshi intended.
Satoshi posted a lot about Proof of Stake and Web of Trust, terms that he repeatedly noted had novel definitions. He defined proof-of-stake as the hash of your stake in a given system. Your participation. In a txting app, it's your conversations. Where there exists public and private data. Public data is that which can be agreed upon by other actors (generals), such as your name and phone number and length of time online. Private data is the content of the texts between two parties. If encrypted in an append only hashed timechain, that content can be used to do one-way authentication and signing, which is very useful for circumventing surveillance. This concept can be applied to any p2p app, such as a Bitcoin ledger.
Once the initial network is generated and agreed upon using proof of work, you no longer need to use PoW to ensure byzantine consensus, or perhaps it is not needed at all, if the network is agreed upon in some other way, perhaps by wide publication of the genesis block.
How can anyone mention "$100k per transaction fees" as being logically sound? Obviously that is not how Bitcoin is supposed to work. How does that facilitate "probably there will always be miners willing to accept zero fee transactions" from the whitepaper?
Remember the difficulty is auto adjusting. Obviously everything should be auto adjusting to facilitate all beneficial transaction types. Miners should only be eligible for reward when they have a block that contains sufficient diverse attributes defined such that they facilitate the network goals. Goals like micro transactions, large cheap transactions, time-stamping documents, encrypted communication, fast tx for messaging apps, proof of replication for archival purposes, reputation/reviews for spam/DOS prevention, distributed p2p network health, etc...
When Satoshi wrote one-cpu-one-vote he proffered that as an alternative to one-IP-one-vote in order the prevent large orgs buying up many IPs and getting a disproportionately high voting power. The system should be designed to distribute the wealth and power fairly to each person and use this distributed network to disincentivise concentration of power.
Why are we worried about Cybill attacks? Doesn't the timechain automatically buffer against them? Oh look, here's a transaction signed by this address with a prior sequence (block) number and a prior time, sent from these coins, to recipientX, now here's another transaction spending the same coins but with different attributes. Why would anyone do that in good faith? If only we had a distributed network that could broadcast information about such haxxor attempts to prevent them from being performed secretly. Oh, we do? Why isn't it being used?
Satoshi said the network would ignore invalid transactions automatically, so no need to track bad actors. This is generally true, unless there is a huge state level actor doing a Cybill attack and rewriting a long chain of blocks. Well, this is easily preventable because why did all of the Western hemisphere not hear about any of the last 20 blocks then all the sudden everyone else is spamming us with 20 blocks different from our 20 blocks?? If there is not already coded alarms/logs for such anomalies, then the system was designed to facilitate them.
so... is Bitcoin designed to facilitate theft?
reply
Because Satoshi never intended for PoW to be the end-all be-all solution to the double spending problem. How could anyone believe that a cypherphreak trying to implement a workaround to totalitarian power would create something that gives the most money to the most powerful. It's the exact opposite of decentralized (aka p2p). Just ask yourself, does this benefit peers in a p2p network? If the answer is no, then it is not what Satoshi intended. Satoshi posted a lot about Proof of Stake and Web of Trust, terms that he repeatedly noted had novel definitions. He defined proof-of-stake as the hash of your stake in a given system. Your participation. In a txting app, it's your conversations. Where there exists public and private data. Public data is that which can be agreed upon by other actors (generals), such as your name and phone number and length of time online. Private data is the content of the texts between two parties. If encrypted in an append only hashed timechain, that content can be used to do one-way authentication and signing, which is very useful for circumventing surveillance. This concept can be applied to any p2p app, such as a Bitcoin ledger. Once the initial network is generated and agreed upon using proof of work, you no longer need to use PoW to ensure byzantine consensus, or perhaps it is not needed at all, if the network is agreed upon in some other way, perhaps by wide publication of the genesis block. How can anyone mention "$100k per transaction fees" as being logically sound? Obviously that is not how Bitcoin is supposed to work. How does that facilitate "probably there will always be miners willing to accept zero fee transactions" from the whitepaper? Remember the difficulty is auto adjusting. Obviously everything should be auto adjusting to facilitate all beneficial transaction types. Miners should only be eligible for reward when they have a block that contains sufficient diverse attributes defined such that they facilitate the network goals. Goals like micro transactions, large cheap transactions, time-stamping documents, encrypted communication, fast tx for messaging apps, proof of replication for archival purposes, reputation/reviews for spam/DOS prevention, distributed p2p network health, etc... When Satoshi wrote one-cpu-one-vote he proffered that as an alternative to one-IP-one-vote in order the prevent large orgs buying up many IPs and getting a disproportionately high voting power. The system should be designed to distribute the wealth and power fairly to each person and use this distributed network to disincentivise concentration of power. Why are we worried about Cybill attacks? Doesn't the timechain automatically buffer against them? Oh look, here's a transaction signed by this address with a prior sequence (block) number and a prior time, sent from these coins, to recipientX, now here's another transaction spending the same coins but with different attributes. Why would anyone do that in good faith? If only we had a distributed network that could broadcast information about such haxxor attempts to prevent them from being performed secretly. Oh, we do? Why isn't it being used? Satoshi said the network would ignore invalid transactions automatically, so no need to track bad actors. This is generally true, unless there is a huge state level actor doing a Cybill attack and rewriting a long chain of blocks. Well, this is easily preventable because why did all of the Western hemisphere not hear about any of the last 20 blocks then all the sudden everyone else is spamming us with 20 blocks different from our 20 blocks?? If there is not already coded alarms/logs for such anomalies, then the system was designed to facilitate them. so... is Bitcoin designed to facilitate theft?
Thanks for the thoughtful response.
The 100k transaction fee scenario was in sats, not USD. It's basic math about what would be needed to maintain current security levels if block rewards continue halving and the security budget shrinks relative to network value. The whitepaper's mention of "zero fee transactions" was written when block rewards were 50 BTC and the network was tiny. Economic incentives evolve.
On difficulty adjustment - yes, it adjusts to maintain block times, but it doesn't magically solve the security budget problem. If total mining revenue (subsidy + fees) becomes too small relative to what's being secured, the network becomes vulnerable regardless of difficulty.
The "Sybil attack" concern you mention is actually exactly what I'm worried about, but in reverse. When mining becomes unprofitable for honest actors, attackers can potentially acquire cheap hashrate (from miners shutting down) and reorganize the chain. Maybe it's enough to add a limit of how many blocks in the past can be rewritten. But that's not yet part of the consensus rules or Bitcoin client implementations.
Bitcoin isn't "designed to facilitate theft" - but any system with economic incentives can become vulnerable if those incentives break down. That's why this conversation matters.
reply
No"Bitcoin isn't 'designed to facilitate theft'"
The Balthazar Grecian said, "Never attribute to malice that which can be explained by incompetence."
Therefore inexplicable incompetence must be malice. The completely undocumented source code we are led to believe came from Satoshi is so awful it must be malice, IMHO.
The MtGOX fiasco and whitewashing, is so inexplicable... e.g. why is there no media investigation of the missing 850,000 bitcoins? Do I have to do it myself??? How could Karpeles receive no jail time when he was caught committing fraud unrelated to the exchange theft? Inexplicable coverup = malice.
The 1MDB fiasco.. supposed 6 countries and Malaysia with the full advisement of Goldman Sachs thought it was smart to steal billions of dollars from Malaysia by depositing the money directly into the Prime Minister's personal bank account? Really? You believe that? Or did Satoshi try to help the people of Malaysia and cash himself out to the tune of $1B USD, by selling a million or so BTC to the 1MDB fund.... and that transaction was then covered up and stolen by state level actors? Which seems more likely? It's easy to trace the 11 50,000 BTC transfers and the other 10,000 and 20,000 transfers in the year 2011 to laundering operations involving vanity addresses starting with 1DMB. (Funny right?). Also, MtGox, and a vanity wallet called Ross Ulbricht. But what you will see immediately is a 500,000 Bitcoin transfer that immediately in the ensuing hours and days sends out round number txs in 100, 200, or 300 BTC amounts every few hours. Exactly as Prime Minister Najib was instructed to do by Satoshi, an employee of Goldman Sachs at the time. Those 100-300btc magnitude txs should be able to be easily traced back to individual persons and govt officials cooperating with Najib in full knowledge of the whole Goldman Sachs-Malaysia-Satoshi-1MDB Bitcoin deal to promote the economic development of the Malaysian people.
Bitcoin was definitely designed to do that!
reply
I appreciate you sharing your perspective, but I think we're looking at very different interpretations of Bitcoin's history and design.
The technical concerns I raised about mining economics and security budgets are based on Bitcoin's current implementation and well-documented game theory. When I mention potential vulnerabilities from shrinking security budgets, I'm referring to established economic models that many researchers have analyzed - not claiming Bitcoin was intentionally designed with flaws.
Regarding the historical events you mention - while financial scandals like Mt. Gox and 1MDB certainly happened, the connections you're drawing to Satoshi seem highly speculative. The blockchain is transparent, so if there were clear evidence of the transactions you describe, it would be independently verifiable by anyone.
My original concern remains focused on the practical question of Bitcoin's long-term security model as block subsidies continue halving. Whether that's addressed through higher fees, protocol changes, or other solutions is an open question that deserves serious technical discussion rather than speculation about past conspiracies.
The math around security economics isn't about malice - it's about ensuring Bitcoin remains secure as its incentive structure evolves over the coming decades.
reply
"The blockchain is transparent, so if there were clear evidence of the transactions you describe, it would be independently verifiable by anyone."
There were eleven 50,000 BTC transactions resulting in a half-million BTC wallet sending out small 100BTC magnitude transfers every few hours. Do you know why?
If the Blockchain is being successfully independently verified then I would expect a single tx 10X bigger than all the other txs in 2011 to be common folklore among all the hardcore hodling old-timers. Why would someone receive 500,000 BTC and then just send small round number txs every few hours. A good guess might say that is logical behavior for someone trying to let such a large transaction mature while spreading out a paper trail by creating outgoing transactions to official, public and/or undeniable personal associates as a defense tactic against who-knows-what unforeseeable attack/theft. I'm saying Prime Minister Najib of Malaysia did that when he sent those 100-300 BTC txs, which can be traced to Najib and his associates, and the 500kBTC incoming transfer can be traced back to Satoshi.
Surely my above claims are easily refuted.
Can someone please spend 15 minutes clicking through the blockchain starting with a search for "largest Bitcoin tx of 2011"? Thanks.