>So really “Segregated Witness” is about segregated signatures. Why the wacky name with the word “witness” then? I’m not sure… I think Bitcoin people just love inventing jargon.
Witness is standard term in cryptography, Bitcoin people did not invent it. For instance a signature can be a witness to the fact that you hold a particular private key[0].
>I am also confused about the security properties of the Lightning Network. What happens when one of the hubs gets popped? Can someone steal all of the unsettled transactions? Suddenly this proposed scaling element starts taking on the security properties of Bitcoin exchanges, which are notorious for being popped.
If "a hub gets popped" the attacker should be not be able to steal the unsettled transactions. If we were trusting the hubs, like say how we trust coinbase, the LN would be much much easier to design.
>I am also confused about the security properties of the Lightning Network. What happens when one of the hubs gets popped? Can someone steal all of the unsettled transactions? Suddenly this proposed scaling element starts taking on the security properties of Bitcoin exchanges, which are notorious for being popped.
No, the whole point of LN transactions is that you do not need to trust intermediary nodes, or 'hubs', as he calls them. Every transactor has a copy of a valid Bitcoin transaction that will settle payments owed to them and these debts are collaterized by lock-timed money on the blockchain. It is theoretically totally secure.
The whole blocksize debate is pretty strong evidence IMO that bitcoin's leadership is completely broken. They took what was a trivial to implement, obviously correct (in the sense of program correctness) fix: double the block limit. And turned it into two complicated solutions that do little to address the underlying issue.
It's hard to imagine a more clearcut example of exactly the sort of bad engineering practices that will doom any project.
Ethereum on the other hand has serious issues, but they seem fixable. If Vitalik is willing to seriously rethink the design of Solidity and make greater efforts towards formally verifiable contracts, and then they get proof of stake working, I think there's some chance it could actually achieve some of the hopes of cryptocurrency enthusiasts. Unfortunately i'm not sure how willing they are to modify the language to make it more verifiable.
Ya. It's absolute silliness. Rushing in these complicated solutions just to avoid some half-baked slippery slope argument about the block size. You don't need to keep raising the block size forever, just do it until you have a good, clean solution to the scaling problem.
Agree about slippery slope. There has been so much misinformation and propaganda spread that some people are now convinced that a fork to change any consensus rule could lead to the change of any consensus rule - even the 21M coin cap. The result is that the community has become polarized and toxic over something that ought to be noncontroversial.
I tried to read and understand the Lightning Network paper recently. Glad I'm not the only one:
If I’ve gotten anything wrong here, it’s because the Lightning Network is ridiculously complex: the paper is some 57 pages written in blockchainiac gobbledygook terminology. I’m the sort of person who reads academic papers for fun, and can attest that this is not a paper I remotely purport to understand or enjoyed reading. I think there are very few people on Planet Earth who have read this paper and understand it.
If you're one of these Very Few People and you're reading this, a question: do Lightning's channels only reduce on-chain transaction volume in the case of recurring payments (eg subscriptions)? What is the anticipated savings if the Lightning Network is rolled out -- how much of current transaction volume could be handled in channels?
Opening a payment channel requires an on-chain transaction, as does finalizing a sequence of transactions sent over the channel. So for every sequence of off-chain transactions on a Lightning Network, you must put two transactions into the blockchain.
Thus you need to make more than two transactions in a sequence before moving them off-chain can offer any benefit, either at the micro scale (in the parties' cost of transacting) or at the macro scale (to Bitcoin's aggregate transaction throughput, both on- and off-chain). In theory a sequence of transactions done over the Lightning Network can involve multiple recipients and be routed among many parties, however, so a sequence of off-chain transactions need not be a sequence of recurring payments in the usual sense.
Whether a Lightning Network offers any cost or scaling advantage, and how big those advantages might be, will depend in practice on (a) whether good methods can be found to route off-chain transactions between hubs and end-users of the network, and on (b) the statistics of the real-world patterns of transactions that people end up using the network for.
Personally, I think that unless Lightning Networks give rise to major new classes of transactions (e.g., micropayments), then we are unlikely to see any significant scaling win from them any time soon. There is a classic chicken-and-egg problem of gaining a critical mass of users, which will take time to overcome, and people today typically use Bitcoin fairly infrequently, which makes the two-transaction overhead to get in and out of the payment channel significant relative to the likely size of off-chain transaction sequences.
The question is what alternatives exist, and which will gain traction, in the case that on-chain capacity remains severely artificially constrained and on-chain fees continue to rise. Maybe people will switch rapidly to Lightning Networks, or maybe they will switch to altcoins, or maybe they will just stop using cryptocurrencies altogether (or never start). We'll see.
>[D]o Lightning's channels only reduce on-chain transaction volume in the case of recurring payments (eg subscriptions)?
Payment channels and consequently the Lightning Network (LN), assuming a sufficiently connection routing network (the people you want to pay are connected to the LN), reduce the volume of any amount of transactions. LN has the best cost advantage for use cases when the transaction volume is high (paying for wifi by the minute) but will also reduce on-blockchain transaction for anything.
If you're seeking a lucid explanation of what the LN is: Imagine a group of people with buckets of coins, to establish a financial-transaction connection with a person in the group you pay a small fee, after connecting to that person, you can pass some coins into that person's bucket who can then pass those coins onto another person's bucket (ad nauseam) all without requiring (but with option if you wanted) to settle the amounts to the blockchain. The LN paper goes into how this is done in a cryptographically enforceable method via the Bitcoin blockchain.
>What is the anticipated savings if the Lightning Network is rolled out
There are two things to assess the value of the LN. The transactional cost savings but also (and more importantly) the new use cases available to having transaction occur on a roughly 1-2 second timeframe (versus the 10-60 minute window currently). All off-chain databases would have the technological capability to have cryptographically enforced 'instant' payments. Right now, off-chain centralized actors (Coinbase, Bitfinex) just update entries to a database but don't have any blockchain-enforce DB updates. With LN, they could.
>how much of current transaction volume could be handled in channels?
Could: The majority of it.
Would: Depends on LN participant's appetite to dedicate funds to a payment channel (LN coin bucket). It's a trade off of avoided block-transaction fees vs time-value of money of dedicated funds.
I don't know Bitcoin well enough to understand the LN paper, but I've read articles on the basic ideas and think I understand enough to implement LN on Ethereum, where it's much easier.
If channels were not networked together, then they'd only be good for recurring payments.
But there's a trick that lets you network them, so A can have recurring payments to B, and B can have recurring payments to C, D, and E, and now A can pay all the others via his one channel to B. And it's done in a way that prevents B from being able to run away with money intended for C,D,E.
Bitcoin script provides a no elegant way to invalidate old states. There are various solutions to this in lightning network tx but they end up requiring actively watching the network in case an old state is broadcast. If you have a better mechanism for invalidate the previous state, the whole system can be massively simplified.
Since we're only talking about a single utxo in either case, the difference seems moot.
And writing and testing the opcodes took less than a day; that's not the hard part! (Though getting the convenient opcodes into bitcoin was definitely non-trivial!)
Lightning can greatly increase the number of transactions that Bitcoin can support, but there are questions about whether it creates a problematic potential for financial centralization if successful.
As a P2P system LN doesn't really work for decentralized payments other than micropayments, for reasons others have pointed out here.
If you allow some well-capitalized hubs to form, that help solve the routing problems, then LN can easily achieve significant scaling for most kinds of payments (think digital hawala). The issue is that this is likely to require hubs that create and hold lightning channels with lots and lots of users, creating the potential for the distorting effects of centralization.
The greater issue is one we've seen now with Ethereum: if a Layer 1 app (the DAO, or LN) running on a Layer 0 blockchain comes to dominate the blockchain's usage, then there exists the potential that failure of Layer 1 can traumatize Layer 0.
Tallying pages, flowcharts and formal specifications is no basis for scientific evaluation.
Coming from a Bitcoin background, I found the Lightning paper quite a refreshing read compared to pure academia papers. The ideas behind are very clever, several implementations are under way and implementors are building interoperability standards along the way (https://github.com/lightning-core/lightning).
Somewhat off topic, could someone post a list or examples of non-trivial (or relatively, non-trivial) decidable languages that have implemented compilers/interpreters? I should say no requirement on supported hw architectures, nor currently active development/maintenance.
Agda is a programming language where "each program in it must terminate and all possible patterns must be matched. Without this feature, the logic behind the language becomes inconsistent, and it becomes possible to prove arbitrary statements."
Since all programs terminate, reasoning about arbitrary properties about said programs becomes decidable.
Thanks for the pointer. It appears that proof assistants [0], like Aqda as you mentioned and one of its influences Coq [1], have the properties I were describing and indeed are examples of total functional programming [2].
Bitcoin's challenges seem to be a matter of current implementation, while Ethereum just seems like a bad idea, implemented as well as a fundamentally bad idea could be.
Ethereum is a platform for decentralised applications, it has far more pratical use than a simple blockchain like Bitcoin, but far more risks as well. Give it a chance, it's just starting, there is a lot more development to do, don't throw it away the first bad thing that happens. Can you imagine if the early internet architects thought this way? "Oh this computer in the network got hacked, lets give up on this whole internet thing, it's a fundamentally bad idea".
There will be ups and downs. IMO, right now Ethereum is the best chance we got at a truly decentralised web.
The idea of smart contracts is a good one. The design of this particular implementation (Ethereum) is a bad one, mostly for the reasons identified in the original post. The complexity -- and more importantly the undecidability -- of the contract language ensures that ethereum will never take off as a working solution. People will never be able to trust that a DAO-like attack isn't lurking just under the surface of their contracts.
The contract language is not Ethereum. Ethereum is the Ethereum Virtual Machine (EVM) which runs bytecode. Any language can be used to produce that bytecode. Solidity, the language being criticised as overly complex, is not part of Ethereum, and can be replaced without a change in the underlying consensus.
Well that's the same with any software and service isn't.. If I put my company precious data on AWS, there is a chance it will get hacked, it's a matter of taking precautions and trade offs.
We need to think of better tools & practices to secure contracts. It's still all new, there will be issues, there will be improvements. The end goal is worth it IMO. My main Interest in Ethereum (and Maidsafe) like most developers in the community is not so much money but the dream of having a truly decentralised web one day. Impossible? maybe, but I'm willing to try.
My main Interest in Ethereum (and Maidsafe) like most developers in the community is not so much money but the dream of having a truly decentralised web one day
Can someone explain to me how Ethereum fulfils the "dream of having a truly decentralised web"? From my understanding, it just sounds like Bitcoin with programmable contracts tacked on.
How would I run, say, a reddit-like site using Ethereum?
>Can someone explain to me how Ethereum fulfils the "dream of having a truly decentralised web"?
It doesn't. It's hyped up bullshit.
Every Ethereum node runs the exact same code (single threaded too) with heavy computing and storage restraints. There's no sharding or load balancing. Can you run the entire reddit website on a single 90s computer? The answer is no.
Don't get me wrong, Ethereum is an interesting experiment and blockchains are useful for a number of things, but the notion of "lets put everything on the blockchain" is a shitty, terribly inefficient solution looking for a problem.
It's true of any platform, but Etherium is at a far higher risk of getting hacked because the language is Turing complete. There could conceivably be a smart contract blockchain with a simplified language that was still capable of most of Etherium's good sides with the safety net of static verification tools.
> It's true of any platform, but Etherium is at a far higher risk of getting hacked because the language is Turing complete.
Ethereum, the VM/system is Turing complete, but Ethereum of course is not a language itself. [Correction: EVM code, that is Ethereum VM assembly, is indeed a language. Thus, Ethereum is technically both a VM and a language ("EVM assembly code") - which makes the assertion that "Ethereum is a language" correct after all.]
As far as I understand it, all current Ethereum languages (e.g. Solidity) are also Turing complete, though it should be possible to create a language for Ethereum to produce only algorithms constrained with some level of decidability. This is why Ethereum is likely not doomed yet as some have claimed recently. However, and especially due to The DAO fiasco, it's now a matter of building static verification tools as you suggest, or decidable languages for it, and new cryptosystems may show up before it can get to its first killer app.
Full disclosure: No horses in this race at the moment.
As an aside, I think that everyone posting anything about Bitcoin or Ethereum should be posting a disclosure in each discussion (even an abridged one of some sort, just a couple of characters).
ALL general purpose programming languages (C++, Java, etc..) are Turing Complete and this is an essential feature for creating decentralised applications (or any software really).
Um, no, that's just factually incorrect. You can do very, very many useful things without Turing completeness. You cannot be fully general, but there's active research on how far you can get. Restricted subsets of query languages like SQL and Datalog are perhaps the most common (though more or all SQL implementations are Turing complete) and indeed quite useful.
I can easily imagine a system built on a non-Turing complete logical query language that defines data and rules for presentation. You could get pretty far with that. You can't create _any_ application, but calling Turing completeness “essential … for decentralized applications” is incorrect. It's essential for a _subset_ of applications that require Turing completeness.
I've been saying ETH is broken for a while. Its computational ability means contracts _cannot_ be formally verified. This is why I didn't buy into the DAO, and sure enough there's a bug in the DAO (ironically recursion related).
People are under the impression that not being Turing complete is somehow enough to be feasibly verifiable. If we place (realizable) computational models on a scale, with 0 being no computation at all, and 10 being Turing completeness, then the computational models we can generally verify are somewhere between 0 and 1 (with 1 being, say, FSMs). A language with no loops, no recursion and just subroutines and binary variables -- i.e. it's an FSM -- is already PSPACE-complete to verify, meaning we can only verify only very short programs in that language. In other words, you need to get very far from Turing completeness to be generally verifiable.
This is why in general software verification doesn't try to come up with languages where all programs are verifiable, but aims to verify specific programs, sometimes regardless of the computational strength. Some programs in Turing complete languages can be verified (but certainly not all), just as some programs in FSM-strength languages can be verified (but certainly not all).
While it is certainly possible that a much bigger subset of, say, FSM programs can be verified than a subset of programs in TC languages, placing the bar at "Turing complete" is somewhat of a red herring.
Indeed, the LANGSEC link in the post[1] seems to understand that, noting that even verifying PDAs is undecidable, but it fails to note that even decidable verification tasks (for FSMs) are very often intractable, which -- for all practical purposes -- is just as bad as being undecidable.
You can implement safeguards in the contract to revert transactions for instance. A contract can be as centralised in the control sense as traditional software (while living in a decentralised system though), or as decentralised and out of anyone's control as you wish, it's all up to how it's programmed.
Sure I'm thinking more of the case where there is a bug in the said program. Formal proofs and verification could help but attackers just need to find one weakness.
I'm struggling to think of an application I'd prefer to be on Ethereum over Bitcoin. There is simply too much trust involved in distributed turing complete programs for the idea to be practical in the short term—what kind of fool would bet on a bug-free contract with their money?
It's not about the money, it certainly is with Bitcoin, but Ethereum goes beyond that. There are tons of possible applications (decentralized DNS, decentralized forums, marketplaces, etc..) that do not involve money in the same way a DAO does.
As Vitalik put it:
"An important point about this project is that we see ethereum as being a platform first. If you approach it from the perspective of ether being a coin, with all the smart contract stuff being just bells and whistles on top to make the coin more valuable, you are going to have a hard time understanding this community; it's really all about the applications first and foremost, and ether is there simply as a token to facilitate payment of transaction fees and incentivize mining."
Ok, I wouldn't attach anything of value to such a rigid contract system—money is far from the only pitfall here. There is simply no benefit to me over existing arbitration. At least with DNS I can contact my provider if someone steals my domains.
In terms of control the contract can as centralized or as decentralized as you code it to be, with the difference that it runs on a truly decentralized platform.
It does goes both ways as well, if you can contact your provider to get your stolen domains back, then your local dictator can also take them away from you because of something you said.
By pre-mine you mean crowdfunded to fund development ofc...
If there is a way to do something like Ethereum or Maidsafe WITHOUT the freaking money I would LOVE to hear about it. It would be nice if we could work on this type of technology without all the toxicity of get-rich-fast trolls and the silly tribalism.
>If there is a way to do something like Ethereum or Maidsafe WITHOUT the freaking money I would LOVE to hear about it.
Bitcoin started with a bunch of people running some hobbyist cryptographer's buggy cpp to generate worthless tokens. You don't need millions of dollars to build free software.
I think you believe a little too much. There are far better alternatives out there. The first thing that comes to mind for a truly decentralized web is IPFS. As for comparisons to the internet you're giving Ethereum too much credit and not enough credit to the original architects of the internet. Those folks were geniuses and academics, not web 2.0 up and comers. There is a world of difference between the two. One kind can do rigorous and scientific thinking and the other one can't and instead cobbles together a VM for a turing complete language to perform arbitrary computations in an untrusted, bug ridden, informally specified environment. As Alan Kay once said
> The Internet was done so well that most people think of it as a natural resource like the Pacific Ocean, rather than something that was man-made. When was the last time a technology with a scale like that was so error-free? The Web, in comparison, is a joke. The Web was done by amateurs. -- Alan Kay.
I upvoted you because I like your spirit. I'm very wary of cryptocurrencies in general because I think they're trying to solve a problem based on a flawed understanding of money.
In my view bitcoin's challenges are a bit deeper than just the implementation. What these challenges are, depends a bit what you think bitcoin is:
-as an investment, bitcoin is fundamentally a ponzi scheme. someone may argue that it is a challenge only if you are too late in the game, but for me, that is a reason I am not touching it as an investment.
-as a money (store of value and measure of value), there is a fundamental issue that there exists no mechanism whatsoever that would stabilize it's value (against neither a typical consumption basket, nor USD or any other currency)
-as a currency (means to make transactions). You might argue that it is only about implementation that the network can handle a couple of transactions a second. But a widely used currency should handle _lot_ more than that. Assuming one billion transactions a day means roughly one transaction per person per ten days globally. Every single byte you need to store a transaction implies a gigabyte of data per day into the however implemented network. I would call that a challenge beyond just implementation.
> -as an investment, bitcoin is fundamentally a ponzi scheme.
I don't believe you know what a ponzi scheme is if you think this because it's not remotely true. From google:
a form of fraud in which belief in the success of a nonexistent
enterprise is fostered by the payment of quick
returns to the first investors from money invested by later
investors.
There is no fraud in bitcoin, no phony investment with lying and paying out returns from later investor money. Absent fraud and a nonexistent fake "investment", something isn't a ponzi scheme. Early investors making money from the rise in value of something does not make something a ponzi scheme, that's how all investments work. There is nothing fraudulent about bitcoin and thus it is not remotely a ponzi scheme.
> s a money (store of value and measure of value), there is a fundamental issue that there exists no mechanism whatsoever that would stabilize it's value (against neither a typical consumption basket, nor USD or any other currency)
Absolutely true, but by design, they don't want a stable value, they want a fixed amount of currency and want value to fluctuate via supply and demand. Bitcoin is inherently anti-keynesian by design. This is why it'll never be more than a commodity.
Maybe I should have used "essentially" instead of "fundamentally". What I meant was that the only way your investment in bitcoin will return a profit, is if there are more people after you willing to invest in the scheme. This is identical to a ponzi scheme.
Now, you can argue that this is true for all commodities. But all other commodities have some other utility backing the value of the commodity. Bitcoin has practically none, as discussed in my other points of the challenges of bitcoin as money.
And even that bitcoin as fixed amount of currency theory is a bit questionable. There is no reason why a fractional reserve bitcoin bank could not pop up and create bitcoin-as-payment-money out of thin air, as the current financial sector does with fiat money. (This would obviously allow a mechanism to regulate the total bitcoin money supply, but then bitcoin would lose it's whole raison d'etre. Catch-22.)
> the only way your investment in bitcoin will return a profit, is if there are more people after you willing to invest in the scheme
Think of bitcoins as tokens or as tulip bulbs - it can be used for something - but the prices is not the main idea. If you buy them for the price rise you are creating your own "ponzi scheme"
> bitcoin as fixed amount of currency theory is a bit questionable.
The total amount ot bitcoins is not questionable.
> There is no reason why a fractional reserve bitcoin bank could not pop up and create bitcoin-as-payment-money out of thin air
If a bank lend out x times the value of the bitcoin deposited, they will not be able to pay them out as bitcoins.
If you dont have access to your bitcoins as bitcoins, but only as a bank statement about how much they owe you, you effectivly traded your bitcoins to an IOU.
> Think of bitcoins as tokens or as tulip bulbs - it can be used for something
I do not see what that "something" is, which makes it a ponzi in my eyes. (An open, honest ponzi, but a ponzi nevertheless)
> If a bank lend out x times the value of the bitcoin you deposited, they will not be able to pay them out as bitcoins.
But of course, if x < 1 (as is in fractional reserve banking), the bank can pay out bitcoins.
> If you dont have access to your bitcoins as bitcoins, but only as a bank statement about how much they owe you, you effectivly traded your bitcoins to an IOU.
Exactly. And if that IOU is from a credible enough institution, there is no reason[1] why I would differentiate taking a payment in that IOU or bitcoin. In which case that IOU is bitcoin-denominated currency and the amount of bitcoin-denominated currency in circulation is no more constant.
[1]Well, actually there may be at least two reasons to differentiate. First, the IOU may pay interest unlike bitcoin. Second, the practicalities in transacting bitcoins or IOU's may differ, which in all probability dictate that I prefer the IOU...)
I think the confusion in this discussion lies in different interpretations of the word "Ponzi". You're using an interpretation that defines as Ponzi any investment where the value is solely anchored on the collective confidence of the holders. In the interpretation I have (and which I think is the standard one), a Ponzi scheme is something else entirely: a scheme where old investors are paid from the arrival of new ones in such a way that is mathematically unsustainable.
Note that by this standard definition, Bitcoin is not a Ponzi scheme. You may doubt whether Bitcoin is a wise investment, but calling it a Ponzi is bound to cause confusion.
I agree that there are many definitions by which bitcoin is not a ponzi, most clearly it is not fraudulent. But we can have a look how Wikipedia[1] defines a ponzi:
"a fraudulent investment operation where the operator, an individual or organization, pays returns to its investors from new capital paid to the operators by new investors, rather than from profit earned through legitimate sources."
Now, with the obvious note that bitcoin is not fraudulent, you must agree that "bitcoin (as an investment) pays returns to its investors from new capital paid to the network by new investors, rather than from profit earned through any other source"
And any claim that bitcoin offers sustainable positive returns is precisely as mathematically unsustainable than any ponzi scheme. That holds as long as there is new money flowing in. Not longer. That is very similar to a ponzi.
(And of course, any commodity bubble has this same property.)
Overall, I think there are so many similarities between the investment logic between bitcoin and a ponzi, that the comparison is justifiable.
> Now, with the obvious note that bitcoin is not fraudulent
Which makes it not a ponzi, really that's all there is too it; fraud is a necessary pre-condition to call something a ponzi. No fraud, no ponzi.
If you remove the fraud element as you are attempting to do, then virtually every investment counts as a ponzi, all insurance counts as a ponzi, because paying investors with money from newcomers is a thing common to a lot more than just ponzi schemes. The world is Ponzi SCHEME, the scheme means fraudulent, scam, etc. If something isn't fraudulent it is not a ponzi no matter how many other traits it shares with ponzi schemes. The comparison is thus not justifiable.
>What I meant was that the only way your investment in bitcoin will return a profit, is if there are more people after you willing to invest in the scheme. This is identical to a ponzi scheme.
That is not what makes a ponzi scheme a ponzi scheme, that is one element of a ponzi scheme but it's no different than any investment in a company that takes off. This is insufficient to call something a ponzi scheme. There MUST BE FRAUD, or it's not a ponzi scheme.
> Bitcoin has practically none, as discussed in my other points of the challenges of bitcoin as money.
Absolutely wrong, bitcoin has utility, trust-less exchanges of value, that's a valuable service to provide and the reason bitcoin maintains value.
> There are so many ponzi schemes in Bitcoin many of them actually advertise that they are ponzi schemes.
I think you misinterpreted what I'm saying. Of course people run schemes using bitcoin just as they run schemes using USD; when I said "no fraud in bitcoin", I mean in bitcoin itself, the blockchain, the protocol, the currency. Bitcoin is a currency, and like any currency, fraudsters can and will use it, that doesn't make bitcoin fraudulent.
Nothing that provides people with optionality is a "bad idea". Trial and error, and development, will produce ever better (and more secure) applications on Ethereum.
Can someone explain to me how these decentralized systems make our current system more economically efficient? I just cannot see why anyone would actually use it outside of the illegal market.
Microtransactions will be the killer app. There is massive demand for the web economy to run off real money instead of bloated clickbait ads.
There's money in it. So it will happen.
Sending card details for small transactions is both insecure and too much mental overhead. Broadcasting single a transaction from a virtual bit of pocket change is not.
Once every browser has a wallet and people keep a few satoshis in there the web will go through another revolution.
Bitcoin also acts a store of value in a world where people want to save for the future in a form that can't be taken and devalued easily.
Whether people want smart contracts without the common sense back up of humans and courts I'm not so sure. Ethereum is interesting and will have some use cases but it's not a certainty that the risks will be overcome.
A couple benefits cryptocurrency brings over the traditional finance system, off the top of my head.
* democratic access. I don't need to ask Visa, PayPal, or any other payment processor to accept payments online. There are plenty of businesses underserved today. Some of these are in "gray" areas, others aren't.
* disintermediation of middle-men. There are tons of rent-seekers in finance (eg, banks protected by a regulatory moat). An open system that competes with them will lower prices for everyone.
> I'm going to hazard a guess that you have never sent money to family overseas.
Bitcoin is utterly useless in this regard. Converting bitcoin to usable currency is very impractical in most locales and nearly impossible in others (no, meeting up with strangers to exchange bitcoins for cash at a 20% markup does not count).
Maybe useless if you need to convert it to paper dinosaur money at the other end...
No middlemen taking a cut at every step is one advantage of Bitcoin, and very fast international transfers is another.
I think of Bitcoin as an awesome idea for a replacement of the current corrupt system, not something that integrates well with it. It is not perfect but it's certainly better than the current system. Might be unrealistically idealistic but I hope a cryptocurrency succeeds. Anyway, it is still possible for people to transfer Bitcoin between themselves with no middlemen.
> Maybe useless if you need to convert it to paper dinosaur money at the other end
The vast majority of people on this planet use "paper dinosaur money" because that is what the overwhelming majority of merchants accept. There's also the fact that most people will have to convert their local currency into bitcoin before sending it because they aren't bitcoin enthusiasts who have arbitrary sums of bitcoin at their disposal. Most of the time acquiring bitcoin requires a bank account and can take days to acquire because of KYC and bank account verification (and that assumes you're comfortable uploading your photo id and other documents to bitcoin services).
> I think of Bitcoin as an awesome idea for a replacement of the current corrupt system
The cryptocurrency ecosystem is infamous for its association with fraud, abuse and incompetence. Whenever a bitcoin company goes offline for more than a few hours it's actually a serious concern that the operators might have absconded with the funds leaving users utterly powerless to recover their money or bring the operators to justice. Bitcoin operators have lost or stolen MILLIONS of dollars worth of money from bitcoin users... yet the current system is the corrupt one. My "dinosaur money bank" has never lost or disappeared with my money. Literally never.
> it is still possible for people to transfer Bitcoin between themselves with no middlemen
Which is useless if your overseas family wants to pay for goods and services like groceries, rent, medical care and other basic needs. You can say whatever you like about the ease of moving bitcoins internationally but it's a fact that almost everywhere in the world bitcoins are not accepted in exchange for goods and services and most people are not technically sophisticated enough to safely convert their bitcoins into local currency.
Nonsense. I've been using it for years to send money to my family back home and it's been nothing but seamless and extremely useful in every single way. Send bitcoins to a local exchange, convert into fiat and withdraw into a local bank account. Total expended time: 10 minutes. Compare that with using WU, where someone physically has to go to a local WU office, or even worse, doing a wire transfer where the recipient bank puts a freeze on the money until AML documentation is cleared (typically handled by calling the bank and stating the source of the money, but still a pain).
Another way to send money is to get a bitcoin debit card, give it to a family member and load it every time you want to send money.
Uninformed opinions should be kept to oneself, lest one ends up looking like they're talking out of their ass.
Let's do a little thought experiment. Suppose that I, living in the USA, want to send money to my aunt living in the Caribbean. Let's also say that she has never used bitcoin (like most people) and that I don't have an account on a bitcoin exchange (like most people). How do I get her $1000 within 24 hours using bitcoin?
This depends on your country. The UK's "Faster Payments" system offers <10 minute times for free among UK bank accounts. America is behind a lot of the first world in the complexity, slowness and cost of its banking system.
Plans are in progress to roll out similar systems all across the Single European Payments Area.
Except that if you fail to include a transfer fee big enough, your transfer may take weeks, or never even get confirmed at all. Case in point: I've been trying to actually buy something with my BTC in the last few days, but because my wallet is an older version or something (with a small default transfer fee), my transfers are seen by just one peer and then are not confirmed. I dunno, last time , 2 years ago, when I paid / transfered bitcoins, it took 10 mins max. I guess the mining business has increased or changed since then.
Witness is standard term in cryptography, Bitcoin people did not invent it. For instance a signature can be a witness to the fact that you hold a particular private key[0].
>I am also confused about the security properties of the Lightning Network. What happens when one of the hubs gets popped? Can someone steal all of the unsettled transactions? Suddenly this proposed scaling element starts taking on the security properties of Bitcoin exchanges, which are notorious for being popped.
If "a hub gets popped" the attacker should be not be able to steal the unsettled transactions. If we were trusting the hubs, like say how we trust coinbase, the LN would be much much easier to design.
[0]: https://en.wikipedia.org/wiki/Proof_of_knowledge