The sole purpose of blockchain is to prevent double spending without a trusted party
Other proposed applications are mostly dumb / misguided, like immutable storage, social network posts, etc, these can be done with hashing or digital signatures alone
If you have a better way to avoid double spending than blockchain folks woukd get very excited. Traditional database can’t do that (requires a trusted party)
I’ve read several technical, non-fluff books on the topic, and I’ve developed smart contracts on Ethereum for decent hourly wage (paid out in fiat).
And I’ve still come to roughly the same conclusion as you. Either my reading comprehension is poor, or there is little actual value in the vast majority of blockchain applications. Digital cash, as defined in the Bitcoin whitepaper, still seems like the only real use case.
Other uses are fun for a developer to read and learn about, but that’s just about the only real value you can extract from them.
Well, and making quick developer buck, which is the equivalent of selling shovels to prospectors in a gold rush. The main difference being that it’s merely a jpeg of a shovel.
But even 'digital cash' doesn't need this, for most definitions and use cases.
Even if we're talking about smuggling money out of authoritarian regimes, or buying soft drugs, or hiring hitmen online, I'm not sure it makes any actual sense compared with alternatives.
Feels like a way for people who've been convinced that government doesn't work to feel like they're re-inventing government with extra steps, mixed with a cult/mlm/ponzi scheme.
You can also use it to buy goods from oversea retailers without paying exorbitant fees, bad conversion rate. If you live outside of America and Europe, banks charge a hefty amount of fees for international transactions.
The world is volatile. Syria, Afghanistan, Ukraine, Russia, and in the future who know if China and Taiwan won't become a crappy place to be. The needs to store your wealth and get out of the country quickly is very real. You can't just queue for ATM and holding dollars and gold bars come with significant risk of confiscation or being robbed.
We're not talking about tax evasion. If you don't have hundreds of thousands of dollars in assets, then banks have all sorts of fees that they ding you for just like the phone company when you travel, and they won't waive them as they have no incentive to keep your business. Folks with lots of money who track every penny are often unaware of the landscape for these fees, because banks actually do have an incentive to keep your business and they do waive them without even asking.
If you think there's something illicit about seeking to pay the least in fees and with the broadest reach, or if you think that paying fees to every company who comes along that gets to play middle-man is exactly the same as paying your fair share in taxes then I'm not sure what I can do to dissuade you of this notion.
You know I would not actually mind seeing all the gov budget spending get tracked on a blockchain. I often wonder where the trillions in budget spending goes.
Don't you want some verifiable continuity in those books?
How do you guarantee that continuity breaches are easy to spot when they're "books" and you can publish as many of them as you want, or skip one if it turns out we don't want transparency somewhere because of "national security"?
This argument always seems to start with "there is no application for blockchain" and then moves the goal post to "that application doesn't NEED a blockchain" when we didn't even want ONLY that one application, we came for the whole package.
Do you really trust the government to publish accurate data if there is no transparent mechanism to keep them accountable for their accuracy? What is your alternative proposed mechanism for ensuring that the books are not cooked? (Is it another law, this time that says "books SHALL be balanced" and links to the RFC that provides specific definitions for modal verbs like MUST, SHALL, MAY, COULD?)
We certainly COULD invent another system that all tax money passes through, which ties out and all tax revenue is required to pass through, but how far will you stretch the spec in the opposite direction just to make sure that we didn't use "blockchain" which I'm assuming you consider as "scam tech" and you are apparently convinced that we don't need?
What's realistic is a policy of "no backsies". You can't prevent a party from lying (without remaking the world so that everything happens on your favorite blockchain, which ain't gonna happen), so what you do is you catch them in their lies.
Just so you understand me, I have basically zero expectation that anyone is going to choose "my favorite blockchain" for their next big project and send the price soaring. It's just not going to happen.
With that out of the way, what stops the government from implementing their own CBDC and saying "tax revenues SHALL be paid downstream via the US-CBDC Token" and requiring approved vendors to implement it for their US-Gov Receivables? This seems very likely to happen. I would actually bet on it.
You're telling me on one hand, the problem is solved (example TLS) and on the other hand, I need to be realistic about my expectations, since it doesn't solve the whole problem... which seems to indicate to me that your solution is actually not solving the problem you expected me to have, which is there is no effective or continuous transparency about how much money our institutions have in-flight and where it's going or gone, and there is no sponsored route for institutions to "opt in" to such transparency and actually enforce it permanently.
That's what the blockchain is for.
What's un-fixably wrong with the blockchain solution exactly? I fully expect this US-CBDC is going to look nothing like I wanted my blockchain to look (it won't be in any way decentralized at all, it will have some government-sponsored "oracles" instead of user-sponsored nodes, so that it will be a blockchain in name and in function, but you won't be able to mine it, and it won't be "ours" – it might actually go on Ethereum, but I doubt it will and I definitely won't hold my breath. It will probably be super green for the environment, whatever it is.)
So how can you simultaneously believe this is a solved problem, which can't be solved, and yet already has been solved by Blockchain (but we don't need it?)
> without paying exorbitant fees, bad conversion rate
What the hell would you call gas fees, then? And if you don't already have assets in the crypto coin of your vendor's choice, you're going to pay conversion fees, too.
I was convinced government doesn't work and indeed that is the only reason I am interested in blockchain applications. Watching first hand how badly the entire affair has gone has been very useful into getting insight into why government doesn't work, which I still firmly believe. However I am no longer under the illusion doing away with it and replacing it with a blockchain based substitute is either cheap or easy, and if we skipped a hundred years into the future and it turned out that the end result looked almost indistinguishable from what is presently described as government I would not be altogether shocked. I would however consider that amongst the worst possible outcomes.
It may well be that there is a necessary deadweight economic loss to pay based on the nature of human social interaction at scale and this loss cannot be avoided entirely, only minimised to a certain extent.
So, at no point did you consider that you were wrong in your base assumption and government does in fact work? Because it looks like you examined anarchistic alternatives to government, found them all worse than government, and then didn't do the (to me) obvious thing if updating your "government can be good" possibility.
> So, at no point did you consider that you were wrong in your base assumption and government does in fact work?
Of course, many dozens of thousands of times throughout my life, desperately wished for that to be the case. Unfortunately there is no evidence for this and immense amounts of evidence for the contrary.
> Because it looks like you examined anarchistic alternatives to government, found them all worse than government
I didn't say I found them worse than government at all, I said the first hand experience was very useful for seeing directly why government is as broken as it is, because all the same "incentive of last resort" mechanisms are typically in play in blockchains. It still turns out to be much better so far if measured by deadweight economic loss for economic coordination between a given transaction volume.
This is also why I said I would not be too surprised if it just becomes the next iteration of government. People who think that the government is desirable and its political structures are useful, parliamentary democracy, voting, departments that run projects and are accountable to elected officials, all of that kind of thing. You could clone it with a blockchain much more reliably and with much more auditability than you have with the multi-century old variations thereof running on some variant of "trust me" that we have currently.
Thus you could at least say "Yeah sure this is bad, but at least we can prove that everybody is following the rules on all elections, transactions, etc, and we have all the signed blocks to prove that from genesis" rather than the current trust-free alternative of an endless propaganda machine spinning whatever it wants people to believe at any given point in time with zero proof whatsoever.
> Of course, many dozens of thousands of times throughout my life, desperately wished for that to be the case. Unfortunately there is no evidence for this and immense amounts of evidence for the contrary.
I think the fact that 7 billion people live overwhelmingly under a multi-hundred-year improving standard of living [1], leveraging low-friction global trade, commerce and communication in among the most peaceful period in human history [2] is a pretty clear indication that government does in fact work.
Is it perfect? No, nobody will say that. But of course the solution to problems in any overwhelmingly complex system with a long track record is not re-invention but continued optimization. [3] Takes a long time to turn a big boat, and anyone promising you otherwise is selling you a crock.
Blockchain based systems over the duration of their existence by contrast have killed nowhere near as many no matter how you scale it, and although I believe the system to be rife with fraud and inefficiency, the amount of capital growth that has taken place is breathtaking pretty much any way you look at it.
I believe the state as a structure needs to die and blockchains so far look like the obvious sword. Nothing else has even come close.
It’s the largest preventer of death lol. Citation needed there. People will always die. Government minimizes this to the best of our abilities. How many do not die each year because of government?
As in software testing we don’t often measure the impact of our work in terms of things that don’t happen because our system exists. It is far easier to count instead the failures. But this misses the whole point. Count the deaths that don’t happen.
Meanwhile bitcoins thirst for coal kills thousands per year and achieves literally nothing.
Blockchains can only represent true state of things wholly representable on chain, which is why only currencies actually work. As soon as you try and ledger things off chain reality gets in the way and reality supersedes the chain.
> How many do not die each year because of government?
I'd honestly like to see any kind of attempt to quantify that, I've seen a few for example that gave credit for removing lead from fuel to the government and then tried to by extension say that the positive externalities from that should be attributed to government. Which of course runs afoul of the point that the government was responsible for promoting leaded fuel to begin with, right up to the point of suppressing alternatives. Which in turn begs the question, what will the government actually do generally speaking? And as far as I can tell the answer is work in its own interests and accrue benefits to those on the inside at the expense of those on the outside, and that's all. If hundreds of millions die in the process, that's totally fine.
That almost everybody accepts that entity should have a monopoly on violence and basically unlimited power strikes me as increasingly crazy as every year goes by and it does progressively more insane stuff and we slide closer and closer to the possibility of an extinction level event war.
> Meanwhile bitcoins thirst for coal kills thousands per year and achieves literally nothing.
I'm not interested in defending BTC generally speaking, as I despise it. I should however point out that proof of work has no intrinsic "thirst for coal". Merely the lowest possible cost of energy, right up to the point of subsidising alternative renewable low cost energy projects, which many POW miners have done and why hydroelectric power is such an oft-constituted part of their energy supplies.
My point in the first half is that you can’t look solely at the costs without looking at the benefits - unless you evaluate both you can’t make a meaningful judgement on the efficacy of a system. Yes for sure the government is the largest source of death — but only because the government stamped out all other sources of death. Removing the government would shift that death to elsewhere and not remove it. And if history is anything to go by, dramatically amplify it. That’s why government needs to be iterated on not removed.
Re: renewables in bitcoin, it’s all greenwashing. Every kWh wasted guessing nonces on renewables isn’t spent decarbonizing the grid where we do actual productive things. While generating inordinate quantities of e-waste. I mentioned in another reply 97% of all bitcoin mining hardware will be thrown out, burned, crushed or buried all without ever mining a block successfully in its entire useful life.
I know there are other consensus mechanisms but they just rely on feudalistic control of the supply and just create systemic inequality without accountability.
There’s no good that comes of this. In basically every case decentralization and permissionlessness is not what anyone actually wants or needs.
> My point in the first half is that you can’t look solely at the costs without looking at the benefits
There is no benefit from a political authority wielding entity which has not been provided by an entity that does not wield political authority. Therefore the political authority is not necessary for those benefits.
> Removing the government would shift that death to elsewhere and not remove it.
Removing the hundreds of millions of people who were killed in the name of national security and the maintenance of political authority would not magically make them die for some other reason instead.
> That’s why government needs to be iterated on not removed.
Whether you call providing the benefits of typical governments without their horrendous costs an iteration or a removal is semantics. My concern is that it gets done.
> Every kWh wasted guessing nonces on renewables isn’t spent decarbonizing the grid where we do actual productive things.
This would assume that those energy forms restricted to specific geographic locations are not so restricted. This is not true.
> I mentioned in another reply 97% of all bitcoin mining hardware will be thrown out, burned, crushed or buried all without ever mining a block successfully in its entire useful life.
Most e-waste won't mine a block successfully in its entire life. If it could contribute to the peaceful destruction of the state, hard to imagine a better use it could've been put to, given the statistics.
> I know there are other consensus mechanisms but they just rely on feudalistic control of the supply and just create systemic inequality without accountability.
You mean like being born economically so deep underwater it's impossible to ever even break even because of the economic mismanagement of your political authority wielding organisational unit? At least ledgers using those consensus mechanisms only levy debt on people who choose to participate.
> There’s no good that comes of this. In basically every case decentralization and permissionlessness is not what anyone actually wants or needs.
It's clearly what a whole lot of people want, as to whether they need it or not, time will tell. For all the aforementioned reasons, I think the case couldn't be clearer that they do, however.
> Removing the hundreds of millions of people who were killed in the name of national security and the maintenance of political authority would not magically make them die for some other reason instead.
Citation needed. This institutionalized protection system is actually exactly how we got government in the first place.
But also, in the last 50 years, which hundreds of millions have died? If there's clear trajectory that deaths are decelerating, why are we now more than ever eager to overthrow the system?
> Whether you call providing the benefits of typical governments without their horrendous costs an iteration or a removal is semantics. My concern is that it gets done.
Again you only speak in terms of costs and refuse to speak to or quantify benefits. That's not an objective evaluation. It's like saying computers are bad because people get hacked, and therefore we should throw out computers and start over from the abacus. You must quantify the good and the bad to evaluate.
> You mean like being born economically so deep underwater it's impossible to ever even break even because of the economic mismanagement of your political authority wielding organisational unit? At least ledgers using those consensus mechanisms only levy debt on people who choose to participate.
I reject the former premise and the latter isn't a reason to participate in a distributed ledger system.
> It's clearly what a whole lot of people want, as to whether they need it or not, time will tell. For all the aforementioned reasons, I think the case couldn't be clearer that they do, however.
Respectfully disagree. The overwhelming majority of participants are just speculators. They couldn't care less so long as number go up. The overwhelming majority of holders bought on an exchange (off-chain) and never, ever transact. They may as well hold micro BTC futures.
> Citation needed. This institutionalized protection system is actually exactly how we got government in the first place.
I'm not even sure I understand your hypothesis here. In the absence of the organisational units that engage in the mass killing of their citizenry in order to sculpt their polities to the ideology which holds sway within their murderous structure, those people will still die because "reasons". Please expand on "reasons" here.
> But also, in the last 50 years
Nobody ever did anything wrong if you can arbitrarily timeslice it in order to make your case. And even there, if you look at the things done under colour of political authority in the past 50 years, you'd still be hard pressed to find a bigger villain on the planet. It just looks good in comparison to the preceding 50 years.
> Again you only speak in terms of costs and refuse to speak to or quantify benefits.
Because once again, no benefit provided under the banner of political authority has ever failed to be provided absent the banner of political authority. When the apparatus in question reduces to an entity that has a monopoly on force in order to compel people to engage in transactions that they otherwise would not of their own free will, it is hardly surprising that all of the good things that apparatus has ever provided might in fact be easily done by the free will of the participants in question.
> I reject the former premise and the latter isn't a reason to participate in a distributed ledger system.
You can reject it all you like, but you're wrong based on the mean economic output per capita vs their debt calculated at birth plus their lifetime cost. And that is indeed a reason to participate in a distributed ledger system, the former basically guarantees collapse, it is only a matter of time, therefore moving to a system not so afflicted of your own free will is access to an easy yield in the meantime.
> Respectfully disagree. The overwhelming majority of participants are just speculators.
The participants in question is not the reason I say it's clearly what a whole lot of people want, it's because of the amount of times the exact conversation we're having about destroying the state being the exact reason any given participant in the cryptosphere is there, including myself. There is indisputably a great degree of desire to do away with political authority.
I believe audits and transparency are amongst the tools that can and do improve 'government' / 'democracy'. I can see ways that crypto (in it's old generic sense) can help but I don't particularly see any way that blockchain tech can help though?
Probably much the same way you can see that crypto in its old generic sense could do these things, with the additional security of the applications running on a blockchain, and the assurances about transaction integrity, censorship resistance, availability etc.
You can have a cryptographically secure platform for whatever governance platform you like, but if it's running on a traditional centralised server infrastructure within a political jurisdiction, it's completely vulnerable to tampering of government agencies within that political jurisdiction. This is a well acknowledged issue referred to as "data sovereignty" with the limitation that the way to ensure it's handled is to pick a reliable jurisdiction.
If we acknowledge that no jurisdiction is reliable, however, blockchains are the only choice.
That seems a bit of an unwarranted leap and very hand-wavy.
Why would blockchain be better than a decentralized, non-blockchain tech, hosted in multiple jurisdictions for transaction integrity, censorship resistance, availability and so on?
And why is a blockchain a better alternative? If the blockchain assumptions fall (51% control) then it's game over. Even the founding fathers were a step ahead of that and trying to prevent tyranny of the majority (probably code for "the rich staying rich", but that makes it an even better analogy) It all feels a bit like wishful thinking to me.
No matter where FAANG host their infrastructure, if a particular set of states want to tamper with, censor, or surveil that infrastructure, they will be able to do it.
The legal structures and the ability to identify ultimate beneficiaries guarantees this for pretty much any legal corporate structure organised under a state. The only chance this has of not being true is a blockchain, the ultimate beneficiaries can't be identified, the infrastructure is not linked to a particular legal structure. There is no guarantee the state can identify the appropriate necks to apply the appropriate boots to.
If an organisational unit is to exist that will destroy the state, at the moment the only candidate for its infrastructure is blockchain.
It was you that claimed blockchain could improve the state, now you've switched to only blockchain can destroy it? And replace it with "an organisational unit" which is apparently, not a state/government/democracy?
None of this sounds like a good idea, even in theory.
Monarchy was an improvement on despotism, maybe constitutional republics were an improvement on democracy, etc etc etc. The organisational units could be considered destroyed, or they could be considered reconstituted, the point is that the functions handled by the OUs in question went to another ostensibly more efficient instance thereof. This is much easier if the new OU does not rely on its underlying infrastructure from the old OU.
Things should improve somewhat is a pretty hard ask for something that doesn't sound like a good idea, letalone in theory. Of course, it's an open question as to what the end result of all of this will actually be, and maybe it will indeed be the worst catastrophic case of making the largest cause of non natural death in the past century even worse, but you'll excuse me if I find that hard to believe and think clearing that particular hurdle ought to be pretty easy, especially because this would be a non violent form of revolution, and the only competition is war. In a world of weapons of mass destruction that's a horrendous problem space to be working with.
You don't want a national system to be truly decentralized because if it is, adversaries can simply co-opt and control it. If you have to look out for that and roll off onto a different system (and have a mechanism to do so) then its by definition centralized and you can skip the whole blockchain chicanery.
You can just throw up a tamper-evident log based system. [1]
I dont think its much of a selling point in favor of government that the considered so far "anarchistic alternatives" are worse. That is by no means a recommendation
"What is a lose-lose situation?" Seriously, the idea that every option available is a bad one is not that difficult. Hell, even voting in the US is sometimes described as picking the lesser of two evils by those who don't feel well represented by the de facto realistic candidates.
Government is formed as a way to manage a society/community of people, if blockchain/crypto gets big enough to have hundreds of thousands of adherents, you'll also need a way to manage that "society". Some people think "the algorithm rules all", but as we've seen the algorithm is messy and has bugs and allow for thefts where you lose everything in a split second. It'd be like joining a society where muggers are free to roam and mug you, and to mug them back you have to find a cleverer exploit as your knife.
A blogger I read once laughed that an exchange/crypto-coin who suffered such a hack decided, to get their money back, they would contact... the police/FBI. Yeah, so much for that "We can't trust the government!" mentality.
The nihilist position that e everything is broken, except for a highly volatile system of digital signatures that require massive “fiat” capital investments to function.
The latest trillion $peso$ spending "package" has less of a direct impact on $globalrupee$. Hurricane $Chucky$ in $greentown$ does not as directly impact the $globalrupee$. If that is starting to sound more like an insurance policy, and less like a bunch of tin-foil hat wearing conspiracy theorists talking about "muh freedoms", well maybe that's because it is.
If you've developed smart contracts, I'm surprised you don't consider the capability of trustless financial instruments (peer-to-peer lending and pooled lending, for example) to be pretty useful as well
Your smart contract is only smart inside your Blockchain.
As soon as you use it for anything outside of it, you have the same issue.
How do I proof to someone else that I did what I should have done to get paid? By trust. Your smart contract can't verify that I did my part of the contract if it is outside of the Blockchain.
So what did you win?
Nothing.
Now you can work up a network of trust but you know this concept is much older than crypto and doesn't need a Blockchain.
And certain blockchains are looking for trust worthy entities to decentralize their own blockchains.
Now you even splitting up your trust in independent trust areas.
Do you know what trust system already exist? Which unites a lot of people? And is based on PoS?
Our current fiat and geopolitical system. Is it perfect? No. But we develop this system for a long time now
The current state is, roughly: Government-backed contracts are ultimately enforced by litigation, which is judged by a judge, who is appointed and judged by the state government, who are appointed and judged by the governor, who is appointed and judged by democratic elections.
A couple factors make the current system powerful:
- Each decision-maker is roughly motivated to seek truth and behave honestly by the judgement of the next level up, so i.e. impeachment of judges should be rare
- The hierarchical structure makes enforcement exponentially cheaper than every human voting on every contract outcome.
Neither government contracts nor smart contracts can offer 100% correct validation of every contract. All they can do is attempt to set up a structure which tries to motivate the right thing and tries to make litigation somewhat cheap.
It seems a bit silly, though, to think there's no room for improvement there, both in performance and correctness.
1) By making all decisions public, you can make judging those decisions easier
2) By making all decisions public, you can easily reuse a single judgement in many decisions
3) By using machines instead of humans, there is dramatically more bandwidth for a much broader range of contracts
4) The topology of this network only really lets people vote at a single point – where a governor is elected every n years, which is hardly robust feedback.
etc.
I mostly agree with your conclusion on most parts of crypto but we shouldn't thing that "government is a solved problem" is a sweeping rebuttal of all smart contracts.
Of course there's room for improvement, what's silly is thinking a coal-powered linked list is an improvement :)
You don't want true decentralization for state level activities such as voting. If it's truly decentralized and permission less, allowing anyone to control the ledger, your adversaries will take control. If you have to build a system that accounts for that, you rely on a central authority to switch you over, which invalidates the permissionless and decentralized premise.
There's a reason we've been talking about killer applications of the blockchain for 14 years and zero of them have taken hold - they're all fundamentally flawed. Like concert tickets! Should be easy, everyone hates Ticketmaster. Killer NFT use case right? Of course not, because the venues are owned by LiveNation, the performers are managed by LiveNation and TicketMaster is owned by, wait for it, LiveNation. You can throw up a ticketing system on AWS in like 5 minutes flat, that's not the reason TicketMaster has been successful.
> Of course there's room for improvement, what's silly is thinking a coal-powered linked list is an improvement :)
Again, Proof of Work is not the only consensus model for blockchains (and while I dislike PoW, it's worth noting that while there's a lot of "greenwashing", many mining farms have legitimately been moving towards using more renewable energy)
That renewable energy is still a net negative for society because it’s not being used to decarbonize the actual grid we do productive things with - while generating mountains of ewaste.
You know 97% of all bitcoin mining hardware will be thrown out without ever mining a single block in its entire useful life? Just heating up the ol planet.
It’s an embarrassment that we even try to justify any aspect of it as a profession. Society needs us to step up and call this emperor nude.
You know every time the price goes up, the waste budget does too, and the perverse incentive is miners are rewarded for wasting more.
Trustless financial instruments are not very useful to begin with, because finance requires trust (as does any economic activity). For example, there is no way to actually do financing (that is, trading future consumption for present consumption) without a trusted authority that has the power to re-allocate assets.
If you’ve ever written code, and if you’ve ever written a bug, then you will understand that code as law is terrible idea, especially when it comes to finance.
Yikes. Wasn't aware of that one. Thanks for sharing it.
I like smart contracts but you really have to be super careful with them, and ideally they should all be audited by a third party before launch, to help catch stuff like this. But even that's not a guarantee crap like this won't happen sometimes.
1) Upgradeable - where an authority has the right to replace the live contact at any time and rug-pull everyone. That's not trustless, and it's no better than running an app in AWS.
2) Non-upgradeable - where you simply have a self-funding bug bounty waiting to get popped. Even if they're audited.
They're not smart, and they're not interesting, to me anyways.
Re: Upgradeable contracts, there is often some governance method that removes the power from just one person, but there's usually also a time-delay, so that in theory at least, users of the contract can see that an upgrade has happened and remove their interaction with it if they don't like the new contract.
This is quite different from having money in a bank where policy changes and government seizures or freezes may happen without warning.
If there's some actual benefit, then crappy code that can be iterated is fine. Anything you do today with computer code was likely done worse in the past with worse code.
So what is the actual benefit of "peer-to-peer lending and pooled lending" that blockchain technology provides that makes it worth iterating through these early mistakes?
I'd guess the answer usually involves dodging regulations in some way. Which isn't blockchain specific, lots of 'innovations' in tech or business are basically workarounds that let you dodge taxes or regulations or exploit externalities.
The whole point of the legal system is that whilst it's defined as clearly as possible, there is always going to be some flexibility and interpretation, and a human element, so if someone finds a technical loophole but is clearly defrauding everyone they can still be put in jail. Of course, it isn't perfect, but the idea of law being absolute (as in code is law) is absurd as we lack the capability to consider every eventuality when we release code.
Yeah, but it's the absolutism that's the issue, not the buggy code.
When designing automated replacments for any business process you have to deal with the same 'exceptions'. You could just accept "computer says no" as the desired outcome in exchange for the efficiency, and let hackers take your money because "hey, they beat the system! It's theirs now" but that's a choice, not a limitation of the tech itself. Unless the tech's only benefit is that "computer says no" or "hacker took your money" is final, which doesn't actually sound like a benefit.
The problem is that if you allow overrides in the computer absolutism, corrupt governments will use these overrides to their benefit. And you’re back to the square one.
If the government is corrupt, then you've got problems regardless.
The general solution to this issue has been more and better democracy, which despite a lot of effort being spent undermining it, still seems to be the best solution available today.
I am a laymen who is skeptical of cryptocurrency tech, mostly because of what I'm seeing (hype, greed, fomo, and apparently no real use-cases).
If... crypto were to be able to reverse transactions... would that completely undermine the whole point of it and make it look absolutely stupid?
Do you think the solution to irreversible transactions would be to then have some kind of algo that would then send back a mistaken transaction after getting checked by some intermediary checkpoint? Would that then make the whole point of cryptocurrency also completely pointless?
What on earth are people dumping resources into all this as digital currency or even investment/ speculation vehicles if they don't address the irreversible transaction part, or try to compensate for it somehow? It seems utterly anxiety inducing otherwise, where you'd have to quadruple check, then quadruple check again, and then sleep on it and then quadruple check 4 more times before you do any kind of sizable transaction.
> It seems utterly anxiety inducing otherwise, where you'd have to quadruple check, then quadruple check again, and then sleep on it and then quadruple check 4 more times before you do any kind of sizable transaction.
That's mostly due to transactions being non-interactive. If the receiver has to prove their ability to spend the received funds before being allowed to receive them, then most of this anxiety disappears. Certain blockchain designs require transactions to be interactive in this way.
> If the receiver has to prove their ability to spend the received funds before being allowed to receive them
If I want to send you some crypto money in exchange for you mowing my lawn, how do you prove that you can spend the received funds? And if I accidentally send it twice, why would I care that you can spend them twice, unless I have some way to compel you to send half back?
> how do you prove that you can spend the received funds?
You prove it by producing a partial signature for the transaction (a transaction essentially requires a multisig by both sender and receiver).
> And if I accidentally send it twice
You couldn't send it twice because the transaction consumes an input utxo. Paying twice would require two different transactions with two different multisignatures.
> You prove it by producing a partial signature for the transaction (a transaction essentially requires a multisig by both sender and receiver).
Oh, ok, I misunderstood what this meant.
> You couldn't send it twice because the transaction consumes an input utxo. Paying twice would require two different transactions with two different multisignatures.
This assumes the receiver is trust-worthy, that they counter-sign the transaction if it was accidental. So if I accidentally pay twice for a single item, the seller can just sign both transactions and send me only one item, and I can't do much about it. Of course, they can also send 0 items, which is why blockchains can't secure transactions in a useful sense - you need the law and insurance and other social mechanisms for that.
I don't know exactly what you mean by 'code as law', and I'm sure there are extremists that think smart contracts make law obsolete, but they are just wrong. Fraud via smart contract is still fraud. Theft via smart contract is still theft.
There's nothing about having automatic processing of transactions that means you get to just ignore the legal system in your country.
And that's fine, proper and good. Automatic processing of complex transactions is phenomenally useful, even if it doesn't make legal systems obsolete.
Simplest example - with smart contracts transacting assets where the canonical record of ownership is on the blockchain, you can have a smart contract act as escrow for you, making sure that the transaction happens atomically without having to pay someone to hold the assets for you and release them once they have both. It is a better, more efficient solution than any that the traditional financial system has been able to come up with.
In fact, it is exactly linking the legal world and the blockchain world that means that you can apply some of the same benefits of immediacy and atomicity to more assets in the real world. All that is needed is for the legal system to recognise blockchains as the canonical record of ownership of real assets. The real world legal system makes blockchain technology more useful, not less.
With smart contracts there is only the code. There is no external trusted documentation that says what the intention of the code is. If the contract allows for an action to occur, then that action is permissible.
It's the old quote taken to an extreme, "The good news about computers is that they do what you tell them to do. The bad news is that they do what you tell them to do."
If there is a 'bug' that allows anybody to empty a smart contract, well it turns out that you were just hosting a complex coding competition with a prize.
> There is no external trusted documentation that says what the intention of the code is.
Working out what both parties intended a contract to mean and what it should mean, sometimes in contradiction of what it actually says is exactly what the legal system does.
You can't evade the legal system by writing your contract in a different form. Weirdly I think this idea comes from thinking law is code when it isn't.
A judge is supposed to read the smart contract source code and determine the intent?
The parties are frequently anonymous and have never interacted outside of the publication the smart contract to the blockchain and another party interacting with it. There is no basis for determining intent besides the code itself.
Are you thinking that the contracts have analogs to legal contracts? Usually (exclusively?) they only mediate transactions and behavior that is contained within the blockchain itself. There isn't an exchanging of assets that exist externally to the blockchain like real estate.
Although I think crypto fanatics think that the world will trend that way. Truly programmable money has never existed before. If more of our monetary infrastructure migrates to blockchains it will be interesting to see how current contract law adapts and is applied.
If you want to argue with 'code is law' proponent, ask them how they feel about the DAO hack and ensuing hard fork of Ethereum. That was an interesting case where the ETH community as a whole decided that code was not in fact law.
>A judge is supposed to read the smart contract source code and determine the intent?
If it's hard for a judge, it's presumably also hard for anyone using the smart contract.
>There is no basis for determining intent besides the code itself.
I'll bet you any frequently used contract has an associated website.
Basically, conducting your business on a blockchain doesn't exempt you from the law. You - the squishy human at the end of the transaction - are not on the blockchain, and neither is the author of any smart contract you might use. As long as the law recognizes blockchain assets as valid consideration in contracts, contract law trumps blockchain law.
Does participation in a smart contract imply any kind of legal agreement? You're essentially interacting with an api/bot that's being hosted by whatever blockchain community at large. Anybody can publish anything, and any unrelated parties can interact with it.
Here's a thought experiment for you.
If I were to publish a public webpage where you entered a routing number into a textbox and money was immediately transferred from my account to the specified account for the purpose of sending money to a friend of mine, but somebody else found the website and entered their routing number and drained my account. Would I have legal recourse?
This is essentially the Parity wallet exploit. The API was only slightly more complicated than the example above, initWallet().
It's an interesting paradigm shift. If contracts are automatically enforced, what features of the existing legal system are obsolete? If monetary/financial contracts are completely logically unambiguous in their execution and there is no need to appeal to a designated wielder of physical force to ensure their execution...
I think that notion, which sounds unrealistic to me, is what appeals to lot of crypto absolutists. It fails in a lot of the ways that smart contracts currently struggle, how to computationally, and in an unbiased way, relate crypto to the world outside of the blockchain. A good example of this is oracles, which are so flimsy in so many situations.
As you said we don't exist on the blockchain, the physical world doesn't exist on the blockchain, so how can we do away with our existing systems for mediating disputes, determining intent etc?
> how can we do away with our existing systems for mediating disputes, determining intent etc?
I think everyone in this conversation fully agrees on this point. As I said earlier, "I'm sure there are extremists that think smart contracts make law obsolete, but they are just wrong." We absolutely shouldn't do away with our existing systems for mediating disputes and determining intent.
I think perhaps the crux of the disagreement is that I think we need to apply those systems to smart contract systems in a sensible way and I take it that you think that the fact that we won't do away with our existing systems means there's no reason to use blockchain at all.
I don't think we're in disagreement; I'm more or less agnostic on the points I brought up, just thinking out loud. My original intent was to explain what I think the ethos is behind, 'code is law', which was in response to your statement, "I don't know exactly what you mean by 'code as law'".
But I do think there will be technical difficulties in applying the existing legal system to smart contract execution if there is no other artifact related to its execution (e.g. website, documentation, communication b/w parties etc.), which probably represents the vast majority of such contracts.
I've seen contracts representing complex derivatives, and some insane things like collateralized NFTs. The financial ecosystem within crypto is becoming incredibly complex. Many grey area strategies within traditional finance have been recreated within crypto, e.g. HFT and front-running, and there are some complex strategies like vampire attacks a la sushiswap that I don't think have analogs.
If one participates in complex smart contracts and get hosed, in a lot of cases I think it will be essentially impossible to differentiate between fraud vs. speculation, bugs vs. proper execution, exploitation vs poorly understood secondary effects. I'm curious to see how the legal system will try to keep up. Then again, I'm not sure it has kept up that well with the traditional financial system to begin with.
> A judge is supposed to read the smart contract source code and determine the intent?
If necessary, they can call on experts to provide testimony in such cases. It's probably not necessary all that often though because there's usually more relevant auxillary information to help work this stuff out. Who wrote this smart contract? Why are the parties using it? What information persuaded them to use it? Was the outcome of using the smart contract different to what a reasonable person would have expected?
This is exactly what courts are for! The fact that some of the procedure of the interaction has been mechanised does not mean the participants get to ignore the law.
>All that is needed is for the legal system to recognise blockchains as the canonical record of ownership of real assets.
Then theft via smart contract can't be theft because it acted on the canonical record of ownership. This also causes tons of other problems. What happens if someone loses access to their wallet? Now there's a house that simply can't ever be sold?
> There is no external trusted documentation that says what the intention of the code is.
No, if someone fraudulently updated a canonical record of ownership, then the legal system can provide remedies. If it were me, I'd write the smart contract to enable corrections in case of a legal decision but that's at the choice of whomever sets up the smart contract that provides the canonical record of ownership.
Same situation for if someone loses their keys. All these problems can be solved with appropriately written smart contacts.
OK, so ... which courts of which legal jurisdictions can correct which contracts? Are courts in Guinea-Bissau allowed to correct contracts between counterparties in the US?
This stuff is all normal when you're dealing with international contracts - it's not like nobody thought of doing international deals before satoshi.
Some of the answers do depend on the specifics of course. If the asset being traded is US real estate for example I would expect the smart contract to be set up so it requires a US court decision to correct the register.
My point is that there's an entire subbranch of the law, generally called private international law, that has been created to deal with conflict of laws and jurisdictional issues. You're implying that there are simple deterministic rules to determine those kinds of questions but in fact it's a meta-problem.
It sounds like we agree then. I'm not saying it's simple or deterministic, I'm saying it's not new and it's not made inapplicable just because the systems we're using have changed.
The problems that are raised as if they are uniquely issues to blockchain solutions are not in fact specific to blockchains at all. We can and should apply the same rules to blockchain transactions and smart contracts give us a fantastic way of encoding those rules. For example you can have a token that represents proof that you have been kycd by a particular authority and you can restrict transactions of particular assets to those between addresses holding one of those tokens.
A terrible idea, or just terrible in practice, and in particular with the current state of tooling and understanding etc.?
For every lawyer relishing a loophole there's surely another wishing for a more codified less ambiguous language than even Legalese English.
(I'm no cryptocurrency advocate, hold a small amount, have never written a 'smart contract', I just find it interesting and somewhat compelling. As an idea at least, yes I've written bugs.)
"If you’ve ever written code, and if you’ve ever written a bug, then you will understand that code as law is terrible idea, especially when it comes to finance."
If your argument is that there could be bugs in the code, then how is this different from the law today? The legal system is rife with abuses and injustices. It most certainly has bugs as-is.
^ you will understand that code as law is terrible idea, especially when it comes to finance.
Why are we relying on code for controlling Safety-critical system? e.g. Nuclear Reactors, Autopilot of aircrafts, docking of two separate free-flying space vehicles, and weapon of mass destruction launch and control machines. All of them use "code", is finance more critcal than systems which are kill capable.
Why are we relying on code for controlling
Safety-critical system? e.g. Nuclear Reactors
Because humans can't perform calculations quickly enough to compute math millions of times per second?
Computers work well when there are a finite set of fixed, quantitative inputs and outputs: if x < 20, do y
Many parts of law are a lot more complex and can't be reduced to such formulas. Suppose you're suing an employer for wrongful termination. They say your job performance sucked and that's why you were fired. You say it was a hostile workplace, and when you tried to point that out you were fired in retaliation.
Go write some code to evaluate that. Let us know when you're done. Should be pretty exciting. Hopefully we can retain all of the judges and lawyers now that they're not needed any more.
All of that code usually has a human override, and it can be turned off, fixed and upgraded. Also, it isn't (in the main) in the public and under constant probing attack.
In the cases of those I'm familiar with, most code in the system does not need to be bug-free for safety, and the code that does is kept simple and heavily reviewed at the binary level.
For most contacts, it is not financially feasible to use the techniques developed for safety-critical software.
Well, nuclear reactor use dumb electronics overrides, and each time an operation is done inside, each operation is done with human supervision. Override mechanisms are regularly tested and used. If your override is not dumb/simple enough, and you rely on code, you have the 380 max.
What are the override, who are the supervisors for cryptocurrency?
If you have digital cash, you might want to spend it somewhere.
Services tailored to work with the system from the ground up, then later they can be absorbed into conventional companies.
When I first heard about Ethereum I figured the value it would bring was incentivising everyone to create a worldwide supercomputer of the sorts we've never even seen before that can do really amazing computational work as opposed to bitcoin which just seems to crunch numbers entirely pointlessly. Any ideas why that never happened?
For one, the computational work for checking everyone's transactions on everyone's computer (i.e. blockchain) is consuming the computing power of the people interested.
Until sharding provides a tunable level of security, we will see this waste of computing power.
Then, that might enable more payments for cheaper, which might let you pay by the minute and such.
But the second main brake in adoption is legal. Many countries' jurisdictions require lots of bureaucracy to earn money from various places of the world. For example, EU has VAT, which requires bureaucracy for EU country-to-country payments even if you are exempt (Register of Intra-Community Operators). This negates pretty much all the advantage of trustless/decentralized businesses (ease of payments).
>For one, the computational work for checking everyone's transactions on everyone's computer (i.e. blockchain) is consuming the computing power of the people interested.
With ZKP there won't be a need to run every transaction on everyone's computer
> Digital cash, as defined in the Bitcoin whitepaper, still seems like the only real use case.
IMO the big breakthrough of crypto past bitcoin is that we figured out that cryptocurrencies can use money incentives to run other applications than just payments. People are doing all sorts if things, many scams but also many useful applications.
I don’t believe the OP was asking if people are doing things or if there are useful applications, but rather if there are useful applications that can only be done, or done better, in crypto.
I think electronic cash such as Bitcoin indeed has value. A decentralized world computer such as Ethereum imo can also have tremendous value, but NFTs are.. pretty dumb. The ecosystem is still in its infancy. Whenever a new technology appears, it takes a while for people to discover good use cases. This process involves a lot of trial and error. I believe most crypto projects out there today will be dead within a few years. Similar to what happened with the internet around the dot-com bubble.
>The sole purpose of blockchain is to prevent double spending without a trusted party
That is most accurate description of blockchain I have read.
Unfortunately, the mechanism for that (Proof-of-work) is slow, expensive and planet destroying at scale. And while we may remove a trust provider third party, we aren't getting rid of centralization with blockchain anyway.
> That is most accurate description of blockchain I have read.
It might interest you to know then that the short, digestible 8 page whitepaper on Bitcoin, which originally described the blockchain, specifically used this definition. It's the most accurate because it is what a blockchain was designed for. I recommend giving it a read and ignoring any project which doesn't follow its core tenants.
I have read that whitepaper. That was the first think I read when I started researching about the whole crypto and blockchain space. And this is the culmination of my research https://bit.ly/3OB5G18
PoW is not needed at all its just a puzzle do "randomizes" who can write the next block. Its comically inefficient and p much the worst known working solution.
Some BTC devs realized this and created Federated Byzantine Agreement (FBA) which used Byzantine Agreement rather than a puzzle to created the consensus and then federated the whole system to prevent 51%-like attacks.
Obviously if the peers work together with the goal to reach consensus based on fix rules it becames way more efficient. Only a few year after bitcoin this was already invented theoretically and shortly after build an went online 2012/13. It essentially depreciated PoW (and Bitcoin) long before all the BTC clones existed and even before ETH.
People just tend to stick to "the first of something" and fight whatever comes after.
tl;dr
The secret sauce of blockchain is not PoW, its a public state of a ledger that can be verified to be correct by anyone without trusting anyone simply by applying the rules of the system yourself.
PoW is needed for the "trustless" qualifier. Other schemes like PoS can be very low trust but not fully trustless. They also tend towards ever increasing centralization.
No, its really not. It is literally just a puzzle which solves the "problem" as to who gets to write the next block.
Instead if you define the rules for the next block as strict as possible so it essentially eliminates a huge variety of possible blocks, participants can instead easily agree on one (the best) block (one that follows all rules and is objectionably better than all other possible blocks). There is no need to "fight" over who can add that block, agreeing is way more efficient. And Consequentially the puzzle is no longer needed.
PoS is not what I'm talking about at all. PoS just replaces the PoW puzzle with a "virtual puzzle" that acts as if higher stakes are higher hash power thus more chance to win the puzzle. Other than that its still the same "fight" over who gets to write the next block.
PoW and PoS at scale leads to more centralization over time because of the economy of scale principle. While FBA (Federated Byzantine Agreement) leads to more decentralization because its in everyones interest to increase the number of participants, they are helping the system not competing.
So you make your objective rules as to what is the best block by defining some measure of quality (maybe include the most transactions that fit in, maybe sorted by fee-per-byte or so).
Now all the good nodes agree on the next block B1 and then start working on B2 (not much work to do, because no PoW, but whatever, they build the next block B2.) Meanwhile, evil actor Eve has transferred a lot of money in B1 to Alice, and received something worthwhile. Now she makes an alternative block B1', transferring the money to her friend Bob instead of Alice, where B1' has even higher quality (higher fee, say), and quickly creates B2' and then B3'.
How is a new node coming in to decide between the chain B1->B2, and the chain B1'->B2'->B3'? The latter chain is longer and has higher quality.
There is no block 2 created if block 1 is not final. Once consensus is reached on what is in B1 it doesn't matter anymore if someone comes around with a different idea what should be in B1. So by the time the nodes "debate" over B2, Alice has the money and its final. There can not be a double spend with time delay in between because the second transaction ties to move already moved funds so its objectively invalid.
A double spend would need to happen in the same block but all transaction are ordered sequentially so the second one will fail anyway as it still tries to moved funds that are already moved.
The nodes just have to agree on one, it doesn't matter which one. If someone internationally tries to send the same funds to Bob an Alice he's just flipping a coin as to who will get it. Alice doesn't care and Bob doesn't care either. They only care about it being final if they see the funds in their account. And the rest of the network doesn't care that Eve is being a bit silly and wants a "decentral coin flip" to decide where the money goes.
> Once consensus is reached on what is in B1 it doesn't matter anymore if someone comes around with a different idea what should be in B1.
So, when a new node comes online, and some of the existing nodes say that they've agreed on B1 and B2, and some other nodes say that they've agreed on B1' and B2', how does that new node decide which is the consensus? [0] With PoW, the decision criterion is easy: the longest chain rule (LCR) [1]. In your system, what's the rule?
[0] This is trivial with a central authority. But remember, here we have an open public blockchain, where anyone can join as a node, and they might be malicious.
[1] And as long as there are competing chains of equal length, just pick one randomly. That procedure, rather than picking the first one encountered, improves resistance to the selfish mining attack, IIRC
Well there are no second or different options in reality. Since it can only fork intentionally you will only have the one chain that everyone uses unless there is an intentional fork but then the networks are separated and you pick the one you want. But to answer the question theoretically, it simply boils down to which one you choose.
A new node MUST choose the chain he wants to join and he does so by selecting the nodes he want to connect to. From all the nodes he selects over 80% (hard coded quorum in the code) must be on the same chain if not his node will be in a state where it can not reach consensus and it will force the owner to remove/add nodes until the quorum can be reached.
> the longest chain rule (LCR) [1]. In your system, what's the rule?
There is no direct equivalent to the longest chain rule because blocks are final on every chain. There is no "chain switching" possible (that would directly contradict finality). Instead the system is made so that forks dont happen. The system will produce empty blocks rather than fork if the 80% quorum can not be reached (for example if huge parts of the world are temporary discontented from each-other).
So any actual fork would need to be intentional and thus actually produce 2 immutable chains in 2 different networks with finality. Nodes wont be able to switch between these chains, the intentional fork separates the network. If a nodes wants to switch later on that is the equivalent of turning it off and starting a new one on the other chain.
BTW this is not MY system its been implemented multiple times with the oldest running since 9+ years [1].
It has never forked so this is not an actual problem in the real world. Dude to the quorum of 80% every change (in the code) goes trough an amendment process and will only ever get activated if it has 80% support. If a node is overruled it still is on the same chain. Unless the owner refuses to update in time then his node becomes incompatible with the rest and is ignored.
[1]The oldest running distributed ledger ("blockchain") that uses this system is the XRPL.
You can read about its consensus mechanism on xrpl.org/intro-to-consensus.html and xrpl.org/consensus-network.html
There are ofc many other projects that build upon the same principles.
Its trustless in the sense that you yourself can apply the rules and verify that each block follows the public rules.
The "agreeing" is only within the rules and the rules are in the code.
So you have to trust (or verify) that the code actually does implement the rules the way you want them to be.
It's supposed to be slow. That's what secures it. The production speed comes from layer 2 solutions built on top of it (analogous to how a secure VM can go faster with a JIT while still maintaining security).
It's not expensive. Transaction fees are just fine and getting cheaper over time.
It doesn't destroy the planet. You're thinking of the fossil-fuel industry.
> It doesn't destroy the planet. You're thinking of the fossil-fuel industry.
But the fossil-fuel industry has had very real benefits (whether we like it our not!). It's surely debateable whether fuelling crime, scams, and what is tantamount to a massive casino is of any benefit to humanity. Especially when running it consumes more energy than Argentina [1]
Of course there are plenty of other aspects of human existence that requires energy, and therefore has an impact on our home. That doesn't give individuals who are engaged in this casino an 'out'. It is an entirely greed driven exercise right now.
Perhaps something will come along that makes blockchain and other crypto concepts viable and valuable to society, it ain't here yet though. So I don't see how anybody can justify an Argentina's worth off energy usage.
>Perhaps something will come along that makes blockchain and other crypto concepts viable and valuable to society, it ain't here yet though. So I don't see how anybody can justify an Argentina's worth off energy usage.
Central banking finally has a freer market and you can choose (or create) an asset with your preferred monetary policy...
Avoiding or atleast limiting exposure to global currency debasement is now a possibility when you choose the right product/chain/coin. That's a problem that costs workers around the world 100s of trillions of dollars and it's being solved.
> analogous to how a secure VM can go faster with a JIT while still maintaining security
…what? You can’t JIT your way out of the underlying machine being slow. The machine is a watch; JITs typically achieve performance by speeding up an interpreter running on the machine (in other words, taking advantage of missed performance opportunities).
This analogy doesn’t work for POW schemes, since wasting energy is the entire point. My understanding of “L2” solutions is that they’re really just pseudo-verified batching techniques, where transactions are rolled up off-chain and settled in bulk. That doesn’t “solve” PoW; it fundamentally undermines the original integrity promise.
Planet destroying is a bit extreme. The traditional finance system is no more energy efficient overall. It’s certainly not environmentally friendly, but that’s more a function of the dirty power we use for anything and everything. We just need to fix our methods of generating energy, not criticize everything that uses a lot of it.
> The traditional finance system is no more energy efficient overall.
Using more power[1] to process vastly more transactions makes it more efficient. There are over a billion credit card transactions per day as it is, and that doesn't include debit cards, wire transfers, BACS, Swift, PayPal, WU, AliPay, WeChat and all the others. And cash while we're at it, that's part of the system too.
[1]: Lets say it does, though transaction processing is only a small part of the financial industries. I don't even know how much the whole industry uses, let alone what fraction is transaction handling.
> We just need to fix our methods of generating energy, not criticize everything that uses a lot of it.
The problem isn't that proof-of-work "uses a lot of [energy]"; the problem is that proof-of-work only exists to waste energy.
"Fix[ing] our methods of generating energy" is a red herring, since proof-of-work will automatically scale to consume any difference. It's a Red Queen's Race, which cannot be won.
Bitcoin uses PoW to be "trustless", which is precisely why it's designed to waste energy.
Bitcoin is a distributed consensus algorithm, and the way it establishes consensus is simple: pick the longest chain. Spamming dummy blocks on to an old chain will cause that consensus to switch, allowing double-spends, so Bitcoin requires PoW as an anti-spam mechanism to slow everything down by wasting energy ( https://en.wikipedia.org/wiki/Hashcash ).
I wouldn't go so far as calling blockchains "trustless", since PoW has its own vulnerabilities, e.g.
- Lottery-like incentives for mining favours centralisation, to reduce volatility. That gives mining pools a lot of control, e.g. whether to back forks or not.
- Centralised mining is vulnerable to existing power structures, e.g. those with deep pockets can purchase warehouse-sized mining rigs, can launch legal or physical attacks on the rigs of others, etc.
Trustless means you don't have to trust anybody to know that a transaction you initiate will happen as you expect. No one can block or alter a transaction you make. This is achieved through multiple cryptographic mechanisms - one of them is PoW.
PoW makes it expensive to attempt a double spend. You can't practically double spend because it is too expensive to do. The high cost of PoW is what gives the network security from double spend. Therefore it is not wasted energy. It is energy spent to secure against double spends.
You could use PoS but that is centralized and vulnerable to manipulation just like fiat.
Slow depends on what you are needing the system to do. If you need to pay for groceries, then Bitcoin is slow. If you need to do remittances or settlement then Bitcoin is extremely fast - much faster to reach finality than anything else. Therefore Bitcoin is only really useful as a base layer of the financial world. But that is also extremely useful. Faster layers like Lightning can be built on top.
> The traditional finance system is no more energy efficient overall.
The traditional finance system easily does tens of thousands of times more transactions than cryptocurrencies. Visa alone does a thousand times more transactions than Bitcoin.
Cryptocurrency uses over 0.5% of the world's electricity to do less than 0.01% of the world's transactions.
So, no, your statement is wildly wrong. I have zero problem calling it a lie, because you made it up out of your head and made no attempt to justify it with facts.
There are many "cryptocurrencies" that have vastly more number of transactions than visa. They aren't being bought at the same rate and therefore don't have the same market cap as Bitcoin. The market has chosen Bitcoin as their favorite, because it aligns with the wants of the free market. The free market wants secure distributed and _trustless_ store of value. That's the thing that Bitcoin does better than anything.
Also you can transfer any amount in a single transaction, so the transaction value throughput in Bitcoin is still infinite. This makes Bitcoin useful as a secure settlement layer for other systems.
What do you think needs more energy: several systems (2, with some intermediaries) that talk to each other, one decrementing a number in a bank account, and another incrementing a number in another bank account, vs. thousands of systems that compete with each other trying to find some hash the fastest by guessing?
Both need to talk to each other over the network, but in the second, it's thousands of systems needing to synchronize the information.
What a stupid lie you're telling yourself to justify that "this is fine!".
Blockchain (or more correctly "hashchain"[1] data structure) doesn't solve the double spend problem, because anyone can create a new entry with a hashpointer pointing to the last entry (aka "block") with transactions.
This problem is inherent in all Nakamoto Consensus style implementations (basically Leader Election algorithms), not just Bitcoin's PoW.
Simpler: anyone can fork the blockchain and over-write the ledger with the new transactions. So in reality the double spend solved by the social consensus on the right fork, not by technological solutions.
EDIT: Leaving aside the question of transaction finality and probabilistic nature of the Nakamoto Consensus, which making it even worse.
> The sole purpose of blockchain is to prevent double spending without a trusted party.
Yes, and avoiding the trusted party makes it more inefficient by a factor of around 100,000,000 (-ish), if you consider that BTC uses around 23 GW and can do no more (5 transactions a second) than a single trusted PC could do.
What are use cases were you actually need this and the high cost is worth it?
The power is used to secure the system, not to perform transactions. The transaction rate has always been the same, the power use has gone up with the value of the contents (to resist a 51% attack)
Some people feel strongly this security is worth it. Some feel strongly that it isn’t (but one suspects their objection is really to the lack of central control)
Climate change may be the problem that defines our generation.
In that light, and given the ludicrous power estimates that blockchains use, are we not morally obligated to kill all the blockchain projects if these estimates are in the right ballpark?
At most we might be obliged to kill the worst (and a lot of other non-crypto things) but killing all makes no sense when there's many with fairly neglible impact.
Nature abhors a vacuum: if you kill the most popular PoW scheme, the little ones will dutifully step up and use just as much power. I don’t think there’s any world we can live in where PoW schemes will have “negligible impact,” which only heartens the justification for banning all of them, now.
To the extent that blocks are assembled and validated not by one node (which is all that would be necessary), but by (tens? hundreds? of) thousands, there is massive duplication of the actual work by a factor of 1e4 or 1e5 or more.
But, you are right, even that enormous inefficiency is peanuts compared to the Proof of Waste, which ramps it up to unimaginable proportions. (A single BTC transaction uses up as much electricity as a 2 person household in Germany in a year, and produces 2 iPhones worth of electronic waste.)
We agree. Around 0.000001% of the power is used for transactions, which is way more than necessary due to duplication, and 99.999999% for "protection".
> The power is used to secure the system, not to perform transactions.
This looks to be the case now, with block reward being dominated by the block subsidy. But by design, the latter reduces exponentially over time, so that within a few decades, the security will have to come predominantly from transaction fees.
"Why use the most popular and most well-known and most used and most heavily-invested-in example of this technology, when I know of this obscure one that promises something that it certainly hasn't demonstrated yet?"
Fundamentally the transaction rate is limited by how much data you're willing to store. Bitcoin's 5tx/sec translates to ~5gb/month added to the blockchain - improving upon this requires either making the data stored per transaction smaller, increasing the blockchain growth rate, or moving transactions off-chain.
A 22kb fixed size reads like transparent bullshit to me. Fundamentally you cannot store infinite information within such a block, and "participant X has the right to send Y amount" is information. To me this implies that either there is a limit to the number of participants, that there is information stored off-chain, or that there will be data loss over time - possibly all three.
And the fact that you've mentioned one cryptocurrency to fix the transaction rate issue, and another to fix the blockchain size issue, but not one to fix both issues at the same time, has not escaped me.
It's funny how people keep moving the goal post :) read more about it instead of spending 5min on a page and finding negative things to say about it. If you want to hate on the technology for the sake of hating it then you won't go far in life
If it takes more than 5 minutes to even mention how you're sidestepping some very basic information theory concepts, then it's probably a scam.
And speaking of moving the goalposts... You recommended Sui as a blockchain with "basically unlimited transactions per second", and then recommended Mina when I commented about chain sizes. It sure seems like you have a mutually-exclusive blockchain for each set of goalposts to me.
Longs long solved problem.
You only need to store the last state of the ledger and the chain of hashes that lead there to validate that any give block actually did happen.
If you dont care about validating past block you dont even need the chain of hashes but just the last state.
Instead of huge transaction chains to get to the balance people use snapshots where they basically sum up everything in the past to a give point in time and add new transaction from there on.
More "modern" systems like the XRPL or ETH directly use accounts with balances. If you have the last state so all accounts and all balances you can move (subtract from one and add to the other) you dont have to sum past transaction to know if someone actually has a balance to move.
You can also easily sum all balances which must give the total (if the supply is fixed).
>"If you have a solution for this that does not require trusting anyone...."
You do not need to trust anyone you need to trust EVERYONE at one point in time exactly when you want to join and use the system. If you decide to use for example the XRPL today maybe even run a node and validate transaction yourself, then at the time "now()" the last state that everyone else agrees on that is what you need to "trust" or rather accept.
You need to accept that to this date the people who ran it before you didn't never collude to "fix" or manipulate the ledger state of the past. If you think they colluded in the past and the current state is not how it should be then the system is useless to you. It doesn't matter if you can point to the exact event in some historical data. And you dont need the historical data to know such an event happen because it obviously would be hugely controversial and well documented outside of the transaction history (probably would result in a fork etc. so you could pick the chain you agree on).
If you are worried about a mistake in the past that no one even noticed then that is not a problem since by definition the code everyone runs is the rules. A bug is a bug in the rules and if everyone agrees on the current state it doesn't matter that something went wrong somewhere in the past, its only important that the current state is agreed on. If you assume the past is immutable then a past bug has no effect on the future function of the system (Exception ofc is when the past was changed then you need to assume that people collude again to do it again).
People think the past is immutable if we have it recorded but actual it is immutable if there is agreement on the current states finality.
Think of the whole system like a closed room with people who together hold a fix number of coins.
Once everyone knows the balance of everyone and there is no dispute on the balances everyone can transact with everyone. There is zero need to know the past transactions that took place. If someone has 5 coins he can give you 3 and everyone sees that he now has 2 and you 3 more. If a new person enters the room he must have zero coins else the total increased. He can then instantly accept coins from anyone once he know the current undisputed balances of everyone. Again he does not need to know from whom you got your coins just that everyone agrees that you own them.
Cardano is a cryptocurrency that offers ~250 transactions per second but should soon scale without a layer 2 solution. I mention this as I run a validator on a 8gb raspberry pi with ZRAM swap enabled with no issues consuming ~5W the whole network could run this way if needed. This is lower power due to a mechanism called proof of stake. BTC uses proof of work. Ethereum has been 'trying' to migrate to POS for some time.
As for layer 2's this could partly be the solution to some high costs. But risks sacrificing decentralization.
Proof of stake is useless.
It just give all the powers to the current stakeholders.
So it’s not trustless by definition since you need to trust the stakeholders.
Well, PoW needs to assume that 51% of miners is honest, while PoS needs to assume that 51% of stakers is honest. The bigger downsides of PoS to me are that
1) a pure PoS system starts with the creators holding all supply and can keep an arbitrary portion for themselves while selling the rest as they please
2) the truth in PoS is subjective (nodes need to rely on other nodes to determine what is the current state of the system).
In PoS systems validators can vote for both chains in case of a fork, as there is nothing at stake. It's not about honesty. It's about resources being committed.
Exactly. The ETH PoS FAQ is a good introduction to the problem. In a nutshell, when there are two competing chains,
A) in PoW you
A1) either put all your resources (hash power) behind one chain, and get the block, thus the mining reward, with probability equal to your proportion of the total hash power (as before) assuming that chain ends up the longest chain (so you have a strong incentive to pick the "correct" one), or
A2) distribute your hash power between the two competing chains, but then each of them only gets half the hash power, and you reduce your probability of getting the mining reward to half, thus halving your expected reward.
At any rate, as soon as one of the chains is ahead, there is a very strong incentive to fall in line with the LCR (longest chain rule) and place all your bets on the putative winner, rather than diluting your expensive hash power.
B) In PoS, you can just continue staking on both competing chains, and whichever wins, you got get your mining reward (as usual, with probability equal to your proportion of the total stake). No incentive to settle on a winner early ("nothing at stake"), so just keep your options open by supporting both chains, and thus no incentive to congeal on a winner quickly.
> The sole purpose of blockchain is to prevent double spending without a trusted party
I would add that in nearly all cases it is totally reasonable to have a trusted party, and therefore that the value of the blockchain collapses down to a very, very small number of use cases (the ones that we all know about - fraud, extortion, money laundering, tax avoidance).
If I may inquire... could there be a better way to do this that's not blockchain tech? It's a noble cause, for sure. Like, viscerally most people will automatically agree with this cause.
But to prop up the entirety of cryptocurrency's shortcomings for this one thing... seems like.. it would make more sense... to just make a product/ technology that simply addresses this one use case that everyone by and large agrees is a good thing... nah?
A database does this. The trusted party isn't eliminated by blockchain, because someone has to code the implementation of the software. Unless you checked the software for bugs or backdoors camouflaged as bugs and compile it yourself, you trust someone else.
The trust 'problem' is overrated, because nothing in this world works without trust.
I'm blockchain skeptical, but I think you're slightly throwing out the baby with the bathwater here.
> the trusted party isn't eliminated by blockchain, because someone has to code the implementation of the software
I don't think is relevant in practice, and I think the blockchain does solve this problem regarding double-spending. Yes, there's a centralized set of developers, but that does not seem to be a problem in practice, 13 years in
> The trust 'problem' is overrated, because nothing in this world works without trust.
Bingo, this is the real problem. The world has very few problems where a trusted authority / arbitrator isn't a massive benefit.
Why the set of developers is considered centralised? I can write an implementation according to the specification and have no relationship with developers of another implementation.
My understanding is that the specification changes over time, and if your implementation doesn't match the central one, then the rest of the network stops interacting with you. That is: there is a massive network effect of people using github.com/bitcoin/bitcoin as canon, and there is a central group of devs with write-access there. While you can fork it, unless the rest of the network gets in on it, you've just created some altcoin that nobody cares about.
Maybe you can, but have you? Has anyone? Are there any nodes on the bitcoin network not running the same code written by the same handful of people?
Also, saying that "all you have to do to participate in this new trustless economy is to read the spec and implement your own validation node and client, and maintain it as the protocol changes" is a pretty different promise than "just download this app".
Machine 2 machine payments are a massive problem you can solve with a blockchain. Which can solve a whole lot of other problems, like automation. Which can solve another set of problems.
Can I just say, on a rather unrelated note, that this just sounds very toxic and will trigger most people into "defense mode". I understand that "wrong" thoughts and opinions don't come out of nowhere, someone must have produced them, but it just reads so much nicer when the attack is explicitly targeting the opinion, and not the author.
In your other comments in this very thread you're using "Your comment goes in all directions...", "Your example is implemented in...". This is so much nicer! Thanks for going the extra mile! Let's keep the discussion going and reduce the chances of someone getting triggered and starting a flame war.
To be more precise, the nature of trust shifts. In case of a central database, one must trust the organization running the database. In case of blockchain you need to trust the math behind it, its implementation _and_ that the network structure preserves the assumptions the math makes. This might be preferable for some but not for others.
The trust shift to a lower layer, which is always what you want to unless this adds a huge amount of overhead or complexity that leads to security issues. In our case it looks like blockchains are solving real world problems.
you keep repeating this mantra, but this is exactly what Op is asking... what problem is it really solving. Its not solving a tech problem, because the tech exists.
It tracks double spends of cryptocurrency on the blockchain, which is only as useful as the currency itself is.
Since BTC/ETH/etc is only “valuable” because of wild speculation and greater fools, the “value” part kind of collapses, leaving the “currency” aspect moot. Which brings us back to “no value”.
Preventing double spending is possible even without trust. A centralised authority could publish the transactions in a signed append only log. Independent verifiers could pull the log with some frequency and verify that no one spent twice.
Good point - blockchain also prevents transaction censorship (your proposal prevents double spend but allows the central authority to block transactions)
Central authorities might do wild stuff like block Folks They Don’t Like (certain truck drivers, etc). Some people think that’s really good, others feel the opposite
well... sort of. Naturally, government can regulate and censor the on- and off-ramps [0], exchanges can censor [1a - Coinbase blocking Russian addresses][1b - Coinbase blocking scammer addresses], and developers or "the community", ie other unelected players, can decree a software change if something happens on chain that they don't like [2a - The DAO/ETH/ETC][2b - BTC 0.7/0.8 accidental fork].
If the miners don’t like you what stops them from not including your transactions in the chain?
It is my understanding that if a large enough pool of miners decides they don’t like you (>50%) they can completely prevent your ability to spend money.
> what stops them from not including your transactions in the chain
The only thing that could stop them is being unable to identify what outputs belong to you. Which generally requires a more privacy focussed design than what Bitcoin offers.
Can you expand on this a bit? Which element regarding censorship does Blockchain help prevent?
I ask earnestly as it feels like a forgone conclusion but depending on what you refer to I'm not sure it is.
My initial thought is about freedom of spending and transactions as a concept of the chain but I guess it's not exactly censorship in the most common sense.
In this case, censorship as in blocking/refusing transactions.
Any miner can decide that they won't include your transaction in a block, but as long as any one miner that occasionally mines a block is willing to include your transaction, your transaction will eventually make it onto the blockchain.
A majority of miners (by hashpower) could still decide to censor (orphan) the entire block, but unless a majority of the hashpower is willing to do that, your transaction will stay there.
In practice, I'm not sure this is entirely true. Banks largely don't care who they're dealing with and are glad to sponsor transactions among terrorists and Nazis and what not, just like a blockchain. Governments lean on them by spot checking records and punishing when they can identify transgressions of law. Even with a blockchain, the same governments can tell anyone within the reach of its gun or goons that it is going to punish you if you transact with some forbidden party. Not having a single narrow waist at which they can stop it doesn't mean they can't stop it, just that it got harder. Further, the transaction that is censorship resistant, not censorship proof, is the public mapping of wallet id to coin id. Usually, supplier and purchaser are really interested in the movement of physical goods at some point, not just the transfer of digital coin. Whether that be drugs, slaves, or just food, governments can still find ways to stop delivery of those goods even if an immutable ledger somewhere says the party that currently possesses them is supposed to give them to you.
You might argue this as a theoretical possibility, but it's never going to happen in practice. In practice the trusted entity is always going to selectively allow certain double-spends, and even though it will get caught doing that, people will accept its current revision of the ledger and the world goes on.
For example, the trusted entity might reverse a donation to Canadian truckers due to political reasons (allowing the donator to "double spend" by doing something else with the money later).
Your example is implemented in Certificate Transparency to monitor certificate authorities on the web. It does not help you prevent attacks, it merely helps you detect them after the fact.
> Without a single trusted party. You're trading trust for one entity for trust for many entities.
The notion of “single” entities in society is, I think, flawed. A bank is not a single entity, for instance—they are not just a single actor—they are governed by a board and bylaws and shareholders and government regulations and judges, etc. If something goes wrong, which is expected and built into the system process,there is due process. And the strength of that due process is governed by the self interest of all the parties at play.
The main purpose of blockchain is to attempt to replace the messiness of human governance with the certainty of algorithmic governance. But it is an illusion in many ways and dangerous, in a sense, to put so much trust in an algorithm. I think that much of the philosophy around blockchain comes from the lack of faith in human governance—which is to say, a certain kind of misanthropy.
> The main purpose of blockchain is to attempt to replace the messiness of human governance with the certainty of algorithmic governance.
Right, and as is shown inevitably in real life (The DAO, BTC 0.7/0.8 fork, censoring of scam or Russia related BTC addresses, ...), the messiness of reasonably well understood and regulated human governance (law, elections, ...) is replaced by governance of the algorithm plus a bunch of unelected, unaccountable, and largely even unknown humans.
> I think that much of the philosophy around blockchain comes from the lack of faith in human governance—which is to say, a certain kind of misanthropy.
So the blockchain gets two things right: avoiding double-spending and an honest assessment on human nature.
Replacing trust in humanity with trust in an algorithm created by humanity doesn't really get you anywhere. Like it or not, you are human, I am human, and we live a society of humans! Everything in society is created and run by humans! The blockchain cannot change this fundamental fact, it can only obscure it.
You have to trust the people who figured out the math, when they say "this math is secure". Then you have to trust the people who programmed that math, when they say "this code implements this math correctly". And then you have to trust the binary, unless you compiled it yourself, when it says "this binary compiles this code correctly", and finally you have to trust the machines when they say "this computer executes this binary correctly", all the while trusting youself not to have made any mistakes at any step which will quickly cost you everything you put into the system.
If you are an expert mathematician, programmer, electrical engineer, and white hat you might not have to trust anyone else. How many people are all of these though?
> You have to trust the people who figured out the math, when they say "this math is secure".
Not really. I'm convinced the math is secure given the current knowledge, because there's a massive financial incentive to break it. I don't have to trust anyone.
I have a better way: with a trusted party. Seriously. And if these suck, then perhaps there's not enough competition between them. I mean, Mastercard and Visa is practically a duopoly, and while a duopoly is better than a monopoly, it still sucks.
I also know a good use case for blockchain: scamming. Practically all the current use cases revolve around that. The trusted party wasn't so bad after all, eh?
But to be honest, I feel like there's one good use case for cryptocurrencies which isn't a use case for me, but is for people who live in oppressed regimes: the ability to not use the currency of the autocratic government. This would be true for some South American countries, but also nowadays for a country like Russia. Other than that, I see no use case.
I get the value of having a chain of "blocks" of data, but that could also describe git. I don't see the added value of proof of work or proof of stake here.
Why isn't putting that data (or a hash of it) in a publicly available git repository just as good? You can even publish the newest branch hash in the newspaper everyday if you want.
Oh in this instance it's not about having a public record. It's about every transaction having a hash of the previous. Then it gets hard to forge old data without altering all records after the forgery. It's still possible but takes more work and can make the tampering easier to discover.
And for data loggers not connected to the internet this helps. It would be just as good to put it in a central repo if there was an internet connection available. But if you're logging a refrigerator temp on a container traveling between countries there isn't going to be a cheap option for internet.
That's why I mentioned git, not just putting it in a text file.
Every git commit contains a hash of all the previous commits, and is itself referred to by a hash. So if you change an old commit, all commits descending from that get a new hash, and so a new identity.
If you publish the latest hash in the newspaper, you've locked down all the previous commits also.
It's transactional anyway so it's possible to make the file/dir structure as merge friendly as possible. In the simplest case just 1 file per operation with unique filenames.
Speaking of trusted parties, (multiple) of those could be set up using a chain of trust in every network segment that do as much cross-signing/-verification as deemed necessary. Once it goes online again, the performed operations could go on-chain.
Such usecases actually run into an economic problem.
You can't just create a proof-of-work blockchain to hold your records. That blockchain also have to be a functioning economy with a large enough market cap to pay out mining rewards that are large enough to make a 51% attack economically nonviable. If you fail to do so, or the economy falls apart, all tamper-resistance just disappears.
It actually ends up being cheaper just to trust a group of authorities, and pay auditors to make sure they are being trustworthy.
>> Other proposed applications are mostly dumb / misguided,
That is the key. Crypto currency is a thing. I don't think that has a future either but whatever. All other uses are just hype and those applications make no sense except to fool investors.
I thought that the blockchain (itself) afforded some anonymity, while still preserving trust, through cryptographic signing.
Which sounded beautiful, until I realized that there must needs still be some other market around the blockchain, in order to interface with reality and older currency systems. There, all privacy bets are off.
Thus, even if one wanted to conduct and election, and put all votes on a block chain, maintaining a secret ballot seems impossible, as far as I can tell.
Sometimes, a primitive solution like a paper ballot has crucial superior aspects.
How do you build Alchemix with a hashing / digital signature algorithm? How about Uniswap? Balancer? Curve? Aave?
Don't know these names? Together they hold over $100B in assets. It's crazy how out of touch with what's going on in DeFi HN is. That you can say there is nothing useful meanwhile there are tens of thousands of people using billions of dollars with these apps all of which depend on a Blockchain to function.
The current Mexican government is trying to take control of elections, banana republic style, from the INE, the independent institution in charge of those. Our president is suggesting blockchain tech to make votes electronic, and defunding the INE since physical votes won't be needed anymore. A blockchain would not guarantee fair elections, is just a buzzword.
"The sole purpose of blockchain is to prevent double spending without a trusted party"
I agree with this. I would add that by removing the need for a trusted party, it can increase speed.
For example, stock trades are currently T+2 to handle settlement through the various institutions. There is a push to start using blockchain to speed it up to T+1 or faster.
Other proposed applications are mostly dumb / misguided, like immutable storage, social network posts, etc, these can be done with hashing or digital signatures alone
If you have a better way to avoid double spending than blockchain folks woukd get very excited. Traditional database can’t do that (requires a trusted party)