1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
|
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <melvincarvalho@gmail.com>) id 1Um1Eh-0001bh-Nl
for bitcoin-development@lists.sourceforge.net;
Mon, 10 Jun 2013 12:30:11 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.181 as permitted sender)
client-ip=209.85.217.181; envelope-from=melvincarvalho@gmail.com;
helo=mail-lb0-f181.google.com;
Received: from mail-lb0-f181.google.com ([209.85.217.181])
by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1Um1Ef-0004Hr-0I
for bitcoin-development@lists.sourceforge.net;
Mon, 10 Jun 2013 12:30:11 +0000
Received: by mail-lb0-f181.google.com with SMTP id w10so3546655lbi.12
for <bitcoin-development@lists.sourceforge.net>;
Mon, 10 Jun 2013 05:30:02 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.152.5.7 with SMTP id o7mr1458493lao.43.1370867402281; Mon,
10 Jun 2013 05:30:02 -0700 (PDT)
Received: by 10.112.2.8 with HTTP; Mon, 10 Jun 2013 05:30:02 -0700 (PDT)
In-Reply-To: <CAPg+sBh68-AcAVEfkRBT-x2O+DYHROYkFtG4dmZ1JfNGRr__Mg@mail.gmail.com>
References: <CAPaL=UWcKmnChw0zYGVduzHHdQ-AgG7uqbCLvjjuW6Q67zmS0g@mail.gmail.com>
<CAKaEYhLsSm6KTr3YV+GxQGiBBNX0psxxOYkgwR1pm4ZpBY0Ymw@mail.gmail.com>
<CAPg+sBh68-AcAVEfkRBT-x2O+DYHROYkFtG4dmZ1JfNGRr__Mg@mail.gmail.com>
Date: Mon, 10 Jun 2013 14:30:02 +0200
Message-ID: <CAKaEYh+6eKm0FxGnWQA6RLXC4WO37JJ3nHNqsnNbFqAuAmuUOA@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Pieter Wuille <pieter.wuille@gmail.com>
Content-Type: multipart/alternative; boundary=089e01419d8a8c197b04decbf0a2
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(melvincarvalho[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1Um1Ef-0004Hr-0I
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal: Vote on the blocksize limit
with proof-of-stake voting
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 10 Jun 2013 12:30:11 -0000
--089e01419d8a8c197b04decbf0a2
Content-Type: text/plain; charset=ISO-8859-1
On 10 June 2013 10:35, Pieter Wuille <pieter.wuille@gmail.com> wrote:
> On Mon, Jun 10, 2013 at 10:14 AM, Melvin Carvalho
> <melvincarvalho@gmail.com> wrote:
> > However, Bitcoin's fundamental philosophy was one CPU one vote.
>
> This is perhaps the largest misconception that keeps being repeated.
> Bitcoin is not a democracy; it is a zero-trust system. The rules are
> set in stone, and every full node verifies all rules and must
> independently come to the same result as everyone else. Obviously, if
> everyone changes their software, anything can change, but from within
> the system there is no way to change which blocks are considered
> valid, and there is certainly no voting mechanism about that.
>
> What is voted about, is the one single thing that cannot be decided by
> each node individually: namely the order of otherwise valid and
> non-conflicting transactions, and that's just because it's a
> necessity. Because deciding the order includes delaying transaction
> potentially indefinitely, a majority of miners can indeed choose the
> enforce an additional rule about which transactions are considered
> valid, but the rules implemented in full nodes do not change without
> changing the software. For example, miners cannot decide to raise the
> block subsidy, even if every single miner out there would want that.
> They'd just end up being ignored by everyone else.
>
> > Voting is easily gamed. While this may work in one particular case, it
> is
> > perhaps a bad precedent to set. Establishing methods of voting can lead
> to
> > single points of failure.
>
> The problem is that at some point, you have to look at the system from
> a higher level than just the technical part. And because ultimately
> the possibility exists where everyone changes their software, and
> there is an exceedingly high incentive for consensus (a deliberate
> hard-fork where two groups of users decide to use different and
> incompatible rules, aware of eachother, is suicide for the system, in
> my opinion). This results in the fact that proposed changes can indeed
> become new adopted hard rules in the system, and I don't think there's
> anything that can be done about it. Bitcoin is a consensus system - at
> the technical level - but also a consensus of the people using it, and
> ultimately they decide the rules.
>
OK I accept that the timestamping is one CPU one vote. However rule
changes seem rather arbitrary.
Towit if you use a voting/consensus system and want to destroy bitcion it
seems quite easy.
Iterate on picking a rule chance that will divide the consensus in such a
way as to create ensuing chaos.
I think voting is too easy gamed for it it to be meaningful other than a
straw poll.
If there's a bug, and everyone is unanimous that it's a bug, it can be
fixed.
If there's a controversial rule change, we should be extremely cautious and
not do it unless there's a very good reason. Keeping to satoshi's model as
much as possible without introducing human factors, unnecessarily.
>
>
> > Unless there's a very good reason not to, e.g. miners are clearly abusing
> > the system, we should stick with 1 CPU one vote.
>
> So you're saying that instead of a zero-trust system, we should move
> to a system where miners can decide _everything_ - as opposed to just
> being in charge of ordering transactions? I don't think you understand
> the system at all, if that is what you're proposing.
>
> --
> Pieter
>
--089e01419d8a8c197b04decbf0a2
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 10 June 2013 10:35, Pieter Wuille <span dir=3D"ltr"><<a href=
=3D"mailto:pieter.wuille@gmail.com" target=3D"_blank">pieter.wuille@gmail.c=
om</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Mon, Jun 10, 2013 at 10=
:14 AM, Melvin Carvalho<br>
<<a href=3D"mailto:melvincarvalho@gmail.com">melvincarvalho@gmail.com</a=
>> wrote:<br>
> However, Bitcoin's fundamental philosophy was one CPU one vote.<br=
>
<br>
</div>This is perhaps the largest misconception that keeps being repeated.<=
br>
Bitcoin is not a democracy; it is a zero-trust system. The rules are<br>
set in stone, and every full node verifies all rules and must<br>
independently come to the same result as everyone else. Obviously, if<br>
everyone changes their software, anything can change, but from within<br>
the system there is no way to change which blocks are considered<br>
valid, and there is certainly no voting mechanism about that.<br>
<br>
What is voted about, is the one single thing that cannot be decided by<br>
each node individually: namely the order of otherwise valid and<br>
non-conflicting transactions, and that's just because it's a<br>
necessity. Because deciding the order includes delaying transaction<br>
potentially indefinitely, a majority of miners can indeed choose the<br>
enforce an additional rule about which transactions are considered<br>
valid, but the rules implemented in full nodes do not change without<br>
changing the software. For example, miners cannot decide to raise the<br>
block subsidy, even if every single miner out there would want that.<br>
They'd just end up being ignored by everyone else.<br>
<div class=3D"im"><br>
> Voting is easily gamed. =A0While this may work in one particular case,=
it is<br>
> perhaps a bad precedent to set. =A0Establishing methods of voting can =
lead to<br>
> single points of failure.<br>
<br>
</div>The problem is that at some point, you have to look at the system fro=
m<br>
a higher level than just the technical part. And because ultimately<br>
the possibility exists where everyone changes their software, and<br>
there is an exceedingly high incentive for consensus (a deliberate<br>
hard-fork where two groups of users decide to use different and<br>
incompatible rules, aware of eachother, is suicide for the system, in<br>
my opinion). This results in the fact that proposed changes can indeed<br>
become new adopted hard rules in the system, and I don't think there=
9;s<br>
anything that can be done about it. Bitcoin is a consensus system - at<br>
the technical level - but also a consensus of the people using it, and<br>
ultimately they decide the rules.<br></blockquote><div><br></div><div>OK I =
accept that the timestamping is one CPU one vote.=A0 However rule changes s=
eem rather arbitrary.<br></div><div><br></div><div>Towit if you use a votin=
g/consensus system and want to destroy bitcion it seems quite easy.<br>
<br>Iterate on picking a rule chance that will divide the consensus in such=
a way as to create ensuing chaos.=A0 <br><br></div><div>I think voting is =
too easy gamed for it it to be meaningful other than a straw poll.<br><br>
</div><div>If there's a bug, and everyone is unanimous that it's a =
bug, it can be fixed.<br><br></div><div>If there's a controversial rule=
change, we should be extremely cautious and not do it unless there's a=
very good reason.=A0 Keeping to satoshi's model as much as possible wi=
thout introducing human factors, unnecessarily.<br>
<br></div>=A0<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;b=
order-left:1px #ccc solid;padding-left:1ex">
<div class=3D"im"><br>
> Unless there's a very good reason not to, e.g. miners are clearly =
abusing<br>
> the system, we should stick with 1 CPU one vote.<br>
<br>
</div>So you're saying that instead of a zero-trust system, we should m=
ove<br>
to a system where miners can decide _everything_ - as opposed to just<br>
being in charge of ordering transactions? I don't think you understand<=
br>
the system at all, if that is what you're proposing.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
Pieter<br>
</font></span></blockquote></div><br></div></div>
--089e01419d8a8c197b04decbf0a2--
|
