Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Um1Eh-0001bh-Nl for bitcoin-development@lists.sourceforge.net; Mon, 10 Jun 2013 12:30:11 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.217.181 as permitted sender) client-ip=209.85.217.181; envelope-from=melvincarvalho@gmail.com; helo=mail-lb0-f181.google.com; Received: from mail-lb0-f181.google.com ([209.85.217.181]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Um1Ef-0004Hr-0I for bitcoin-development@lists.sourceforge.net; Mon, 10 Jun 2013 12:30:11 +0000 Received: by mail-lb0-f181.google.com with SMTP id w10so3546655lbi.12 for ; Mon, 10 Jun 2013 05:30:02 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.152.5.7 with SMTP id o7mr1458493lao.43.1370867402281; Mon, 10 Jun 2013 05:30:02 -0700 (PDT) Received: by 10.112.2.8 with HTTP; Mon, 10 Jun 2013 05:30:02 -0700 (PDT) In-Reply-To: References: Date: Mon, 10 Jun 2013 14:30:02 +0200 Message-ID: From: Melvin Carvalho To: Pieter Wuille Content-Type: multipart/alternative; boundary=089e01419d8a8c197b04decbf0a2 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (melvincarvalho[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Um1Ef-0004Hr-0I Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Proposal: Vote on the blocksize limit with proof-of-stake voting X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jun 2013 12:30:11 -0000 --089e01419d8a8c197b04decbf0a2 Content-Type: text/plain; charset=ISO-8859-1 On 10 June 2013 10:35, Pieter Wuille wrote: > On Mon, Jun 10, 2013 at 10:14 AM, Melvin Carvalho > wrote: > > However, Bitcoin's fundamental philosophy was one CPU one vote. > > This is perhaps the largest misconception that keeps being repeated. > Bitcoin is not a democracy; it is a zero-trust system. The rules are > set in stone, and every full node verifies all rules and must > independently come to the same result as everyone else. Obviously, if > everyone changes their software, anything can change, but from within > the system there is no way to change which blocks are considered > valid, and there is certainly no voting mechanism about that. > > What is voted about, is the one single thing that cannot be decided by > each node individually: namely the order of otherwise valid and > non-conflicting transactions, and that's just because it's a > necessity. Because deciding the order includes delaying transaction > potentially indefinitely, a majority of miners can indeed choose the > enforce an additional rule about which transactions are considered > valid, but the rules implemented in full nodes do not change without > changing the software. For example, miners cannot decide to raise the > block subsidy, even if every single miner out there would want that. > They'd just end up being ignored by everyone else. > > > Voting is easily gamed. While this may work in one particular case, it > is > > perhaps a bad precedent to set. Establishing methods of voting can lead > to > > single points of failure. > > The problem is that at some point, you have to look at the system from > a higher level than just the technical part. And because ultimately > the possibility exists where everyone changes their software, and > there is an exceedingly high incentive for consensus (a deliberate > hard-fork where two groups of users decide to use different and > incompatible rules, aware of eachother, is suicide for the system, in > my opinion). This results in the fact that proposed changes can indeed > become new adopted hard rules in the system, and I don't think there's > anything that can be done about it. Bitcoin is a consensus system - at > the technical level - but also a consensus of the people using it, and > ultimately they decide the rules. > OK I accept that the timestamping is one CPU one vote. However rule changes seem rather arbitrary. Towit if you use a voting/consensus system and want to destroy bitcion it seems quite easy. Iterate on picking a rule chance that will divide the consensus in such a way as to create ensuing chaos. I think voting is too easy gamed for it it to be meaningful other than a straw poll. If there's a bug, and everyone is unanimous that it's a bug, it can be fixed. If there's a controversial rule change, we should be extremely cautious and not do it unless there's a very good reason. Keeping to satoshi's model as much as possible without introducing human factors, unnecessarily. > > > > Unless there's a very good reason not to, e.g. miners are clearly abusing > > the system, we should stick with 1 CPU one vote. > > So you're saying that instead of a zero-trust system, we should move > to a system where miners can decide _everything_ - as opposed to just > being in charge of ordering transactions? I don't think you understand > the system at all, if that is what you're proposing. > > -- > Pieter > --089e01419d8a8c197b04decbf0a2 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable



On 10 June 2013 10:35, Pieter Wuille <pieter.wuille@gmail.c= om> wrote:
This is perhaps the largest misconception that keeps being repeated.<= br> Bitcoin is not a democracy; it is a zero-trust system. The rules are
set in stone, and every full node verifies all rules and must
independently come to the same result as everyone else. Obviously, if
everyone changes their software, anything can change, but from within
the system there is no way to change which blocks are considered
valid, and there is certainly no voting mechanism about that.

What is voted about, is the one single thing that cannot be decided by
each node individually: namely the order of otherwise valid and
non-conflicting transactions, and that's just because it's a
necessity. Because deciding the order includes delaying transaction
potentially indefinitely, a majority of miners can indeed choose the
enforce an additional rule about which transactions are considered
valid, but the rules implemented in full nodes do not change without
changing the software. For example, miners cannot decide to raise the
block subsidy, even if every single miner out there would want that.
They'd just end up being ignored by everyone else.

> Voting is easily gamed. =A0While this may work in one particular case,= it is
> perhaps a bad precedent to set. =A0Establishing methods of voting can = lead to
> single points of failure.

The problem is that at some point, you have to look at the system fro= m
a higher level than just the technical part. And because ultimately
the possibility exists where everyone changes their software, and
there is an exceedingly high incentive for consensus (a deliberate
hard-fork where two groups of users decide to use different and
incompatible rules, aware of eachother, is suicide for the system, in
my opinion). This results in the fact that proposed changes can indeed
become new adopted hard rules in the system, and I don't think there= 9;s
anything that can be done about it. Bitcoin is a consensus system - at
the technical level - but also a consensus of the people using it, and
ultimately they decide the rules.


=A0

> Unless there's a very good reason not to, e.g. miners are clearly = abusing
> the system, we should stick with 1 CPU one vote.

So you're saying that instead of a zero-trust system, we should m= ove
to a system where miners can decide _everything_ - as opposed to just
being in charge of ordering transactions? I don't think you understand<= br> the system at all, if that is what you're proposing.

--
Pieter

--089e01419d8a8c197b04decbf0a2--