Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XBpQx-0003Wa-En for bitcoin-development@lists.sourceforge.net; Mon, 28 Jul 2014 18:14:03 +0000 X-ACL-Warn: Received: from nl.grid.coop ([50.7.166.116]) by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1XBpQt-00024O-8G for bitcoin-development@lists.sourceforge.net; Mon, 28 Jul 2014 18:14:03 +0000 Received: from localhost (localhost [127.0.0.1]) (uid 1000) by nl.grid.coop with local; Mon, 28 Jul 2014 12:33:30 -0500 id 000000000006E26D.0000000053D6896A.000065E0 Date: Mon, 28 Jul 2014 12:33:30 -0500 From: Troy Benjegerdes To: Mike Hearn Message-ID: <20140728173330.GC22640@nl.grid.coop> References: <53D1AF6C.7010802@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Score: -0.7 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.7 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1XBpQt-00024O-8G Cc: Bitcoin Dev , Ron OHara Subject: Re: [Bitcoin-development] Time X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2014 18:14:03 -0000 On Fri, Jul 25, 2014 at 12:30:11PM +0200, Mike Hearn wrote: > > > > Ok... 'time' on the blockchain could be 'gamed' ... but with great > > difficulty. > > > Unfortunately not: miners have in the past routinely gamed the timestamp in > order to use it as an extra nonce and squeeze some more gigahashes out of > their hardware/pool. > > > Also remember that currently the chain could be dominated by a coalition of > just two pools. There's a solution to both of these problems.. https://github.com/CatcoinOfficial/CatcoinRelease/commit/0d03a5b3d8bb7bc3c935e7196c5d807da997cf9c If you want a really reliable time source, use at least three block chains and make sure they all agree within an hour. > > > An application presented with a fake blockchain can use > > quite a few heuristics to test the 'validity' of the block chain. > > > > The app cannot tell if it was given a truncated chain. You could keep such > an app stuck in the past forever. This is often a problem. > > > > Reliable 'time' has been impossible up until now - because you need to > > trust the time source, and that can always be faked. Using the > > blockchain as an approximate time source gives you a world wide > > consensus without direct trust of any player. > > > > Much though I hate to be a party pooper, you could currently get > Bitcoin-level trusted time by just polling at least two or three > independent servers e.g. google.com, baidu.cn, yandex.ru (they all serve > time via HTTPS headers). Well, being as how I don't trust Bitcoin anyway because it includes SSL, yes, you could get 'bitcoin-level' trust. > If we crack the mining decentralisation problem then this argument becomes > a lot stronger, but for now ...... But if you actually want something secure, you look at the altcoin space which solved the mining decentralization problem when Litecoin came out, and this also solves the having to trust a single source code base. There is lots of code diversity out there in altcoins, and what appears to me to be a really strong cryptographically sound time source, but only if you use multiple diverse sources. -- ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash