Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 583461B53 for ; Fri, 2 Oct 2015 21:37:12 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com [209.85.212.170]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id EA64F365 for ; Fri, 2 Oct 2015 21:37:10 +0000 (UTC) Received: by wicge5 with SMTP id ge5so50290189wic.0 for ; Fri, 02 Oct 2015 14:37:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=xEjy7YGGV7fBAhLmqEXVmTflv0PvCWpcfMP6UtRAygQ=; b=xX2zNTRm8edZ0y9r2lYVLTzDk8gHv18qeZEFUd1yexORnkN66URaUoIDf/IMabLv/H jxDvUcyxAepllftTuTyygoUKkk/FxG1QMRjmTmdVGWHT4LCcTHNo0PvnbAKm3Q6gYpwC ImLPX2077SPXOgGnXw5Wn2GjU4zGrhZlFJjfIZSa1Ugx5tcZGnJNAw0bBkFSU6Gn/zxm cK1PFLVBJnANYIfcwMWM7MM9g0kzt1KMwEdh3TTrKrdOpNI9s/uA4bKVGq//Pk3+kYek M6inyDK+95vlgn7QuXeALAHOPEV3zP97kDD5UWy9w7ry/yY4uEmcRJs3+08EEOwJnEiF qySQ== MIME-Version: 1.0 X-Received: by 10.194.76.67 with SMTP id i3mr20713569wjw.5.1443821829731; Fri, 02 Oct 2015 14:37:09 -0700 (PDT) Sender: dscotese@gmail.com Received: by 10.27.211.132 with HTTP; Fri, 2 Oct 2015 14:37:09 -0700 (PDT) In-Reply-To: References: Date: Fri, 2 Oct 2015 14:37:09 -0700 X-Google-Sender-Auth: bJgJ5zGXgpFxqpSi2_xLdJwDejo Message-ID: From: Dave Scotese To: Bitcoin Dev Content-Type: multipart/alternative; boundary=047d7bdc87aa47bf7c052125f7de X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Dev-list's stance on potentially altering the PoW algorithm X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Oct 2015 21:37:12 -0000 --047d7bdc87aa47bf7c052125f7de Content-Type: text/plain; charset=UTF-8 If the PoW function is changed, it ought to change slowly so as not to drop a brick wall in front of the miners speeding toward the ever-receding goal of protecting the blockchain. Who's going to get on that path if the bitcoin community does that? But it can be done slowly. If most of the entries is the list of possible PoW functions are double-SHA256, then the few that aren't will offer the healthy goal sought by those who like the idea of changing it. The healthy goal is for general computing machines to help protect the blockchain in an incentivized way. There's a sick goal too, which is to destroy large investments in mining. I hope no one has that goal. At http://bitcoin.stackexchange.com/questions/35679/is-it-possible-to-make-pow-asic-resistant-through-dynamically-generated-hash-cha/40475#40475 I proposed that ongoing competitions for the creation of new hash algorithms could feed an ASIC-resistant PoW, defined using the as-yet-unknowable winners of such competitions. It is possible to make an ASIC resistant algorithm, but it isn't a programmable algorithm - it's one that requires human intervention. The hash of the next block is a good example - there's no programmable algorithm that can find it because too much human intervention is required, but it's an algorithm well-enough defined for us to build a billion dollar system on top of it. That being said, I've started looking at two different kinds of decentralization. The literal actually-in-different-places kind is categorically different than the much more important, virtual impervious-to-coercion kind. The behavior of the "centralized" oil cartel is a good example. The participants cheat. This is a fundamental principle in the debate between free-marketeers and authoritarians regarding the emergence of monopoly. Without coercion, monopolies fall apart. There's nothing coercive about our use of the double-SHA256, so in my mind, the centralization it has so far produced is not dangerous. It's scary, sure, but until coercion is used to prevent me and my friends from buying our own ASICs, it remains impervious to coercion. Sorry for the long email that didn't make any apparent progress. The thinking is what matters to me, and seeing two kinds of decentralization and recognizing that a change in PoW can be slow enough to avoid hurting existing miners are items I haven't seen anyone else recognize, so I had to bring them up. notplato On Fri, Oct 2, 2015 at 9:45 AM, Gregory Maxwell via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > On Fri, Oct 2, 2015 at 8:30 AM, Daniele Pinna via bitcoin-dev > wrote: > > The recently published paper I referenced cite's the Cuckoo cycle > algorithm, > > discusses its limitations and explains how their proposed algorithm > greatly > > improves on it. > > They discuss a very old version of the Cuckoo cycle paper, and I > believe none of their analysis is applicable to the most recent > revision. :( > > In any case, I commented more about functions of this class here: > > https://www.reddit.com/r/Bitcoin/comments/3n5nws/research_paper_asymmetric_proofofwork_based_on/cvl922x > > I don't believe changing the POW function is impossible in principle, > but I expect it would only happen due to problems with the composition > of current hash-power and not even if it were universally agreed that > some other construction were technically better (though that is a high > bar.) > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > -- I like to provide some work at no charge to prove my value. Do you need a techie? I own Litmocracy and Meme Racing (in alpha). I'm the webmaster for The Voluntaryist which now accepts Bitcoin. I also code for The Dollar Vigilante . "He ought to find it more profitable to play by the rules" - Satoshi Nakamoto --047d7bdc87aa47bf7c052125f7de Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
If the PoW function is changed, i= t ought to change slowly so as not to drop a brick wall in front of the min= ers speeding toward the ever-receding goal of protecting the blockchain.=C2= =A0 Who's going to get on that path if the bitcoin community does that?=

But it can be done slowly.=C2=A0 If most of the entries is th= e list of possible PoW functions are double-SHA256, then the few that aren&= #39;t will offer the healthy goal sought by those who like the idea of chan= ging it.=C2=A0 The healthy goal is for general computing machines to help p= rotect the blockchain in an incentivized way.=C2=A0 There's a sick goal= too, which is to destroy large investments in mining.=C2=A0 I hope no one = has that goal.

At http://bitcoin.stackexchange.com/questio= ns/35679/is-it-possible-to-make-pow-asic-resistant-through-dynamically-gene= rated-hash-cha/40475#40475 I proposed that ongoing competitions for the= creation of new hash algorithms could feed an ASIC-resistant PoW, defined = using the as-yet-unknowable winners of such competitions.=C2=A0 It is possi= ble to make an ASIC resistant algorithm, but it isn't a programmable al= gorithm - it's one that requires human intervention.=C2=A0 The hash of = the next block is a good example - there's no programmable algorithm th= at can find it because too much human intervention is required, but it'= s an algorithm well-enough defined for us to build a billion dollar system = on top of it.

That being said, I've started looking at two= different kinds of decentralization.=C2=A0 The literal actually-in-differe= nt-places kind is categorically different than the much more important, vir= tual impervious-to-coercion kind.=C2=A0 The behavior of the "centraliz= ed" oil cartel is a good example.=C2=A0 The participants cheat.=C2=A0 = This is a fundamental principle in the debate between free-marketeers and a= uthoritarians regarding the emergence of monopoly.=C2=A0 Without coercion, = monopolies fall apart.=C2=A0 There's nothing coercive about our use of = the double-SHA256, so in my mind, the centralization it has so far produced= is not dangerous.=C2=A0 It's scary, sure, but until coercion is used t= o prevent me and my friends from buying our own ASICs, it remains imperviou= s to coercion.

Sorry for the long email that didn't make a= ny apparent progress.=C2=A0 The thinking is what matters to me, and seeing = two kinds of decentralization and recognizing that a change in PoW can be s= low enough to avoid hurting existing miners are items I haven't seen an= yone else recognize, so I had to bring them up.

notplato

On Fri, Oct 2= , 2015 at 9:45 AM, Gregory Maxwell via bitcoin-dev <bi= tcoin-dev@lists.linuxfoundation.org> wrote:
On Fri, Oct 2, 2015 at 8:30 AM, Daniele P= inna via bitcoin-dev
<bitcoin-dev@li= sts.linuxfoundation.org> wrote:
> The recently published paper I referenced cite's the Cuckoo cycle = algorithm,
> discusses its limitations and explains how their proposed algorithm gr= eatly
> improves on it.

They discuss a very old version of the Cuckoo cycle paper, and I
believe none of their analysis is applicable to the most recent
revision. :(

In any case, I commented more about functions of this class here:
https://www.reddit.com/r/Bitcoin/comments/3n5nws/research_paper_asymmetr= ic_proofofwork_based_on/cvl922x

I don't believe changing the POW function is impossible in principle, but I expect it would only happen due to problems with the composition
of current hash-power and not even if it were universally agreed that
some other construction were technically better (though that is a high
bar.)
___________________________________= ____________
bitcoin-dev mailing list
bitcoin-dev@lists.= linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev



--
I like to provide some work at no cha= rge to prove my value. Do you need a techie?=C2=A0
I own Litmocracy and Meme Racing (in alpha).
I= 'm the webmaster for The Voluntaryist which now accepts Bitcoin.
I also code for = The Dollar Vigila= nte.
"He ought to find it more profitable to play by the rules&= quot; - Satoshi Nakamoto
--047d7bdc87aa47bf7c052125f7de--