Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 06F82891 for ; Thu, 22 Jun 2017 13:45:36 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qk0-f172.google.com (mail-qk0-f172.google.com [209.85.220.172]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3359818F for ; Thu, 22 Jun 2017 13:45:35 +0000 (UTC) Received: by mail-qk0-f172.google.com with SMTP id r62so12297407qkf.0 for ; Thu, 22 Jun 2017 06:45:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=EzhIDC440dhQAnuXRwrywgPsPQyj3U3KYrgR8EzQuO0=; b=DErorjHwedlfrLEziC/BLWiMksJNTgpmQSmGRMsIdSjt9U4iyB70IV7kjs/Dtr/0xS VxnFPcnF+D7rcVPNnS788FVtsSqUa2862yH0KydVza7gKlq4Y6kfb3146o2Ztnn307JD 1x0Y87p1bpdGFbqREI2LSWvdjIpDyJbNYSUopN428qaRyFaK9RGTg3c4anfnH/O0XZ2l OqIIoiYSf/GGFlJTSFKjbNqBsAkMes8Ct/y6cfcNTC3jfE0b+e6Bqzabwnl6KL0fYDkl 7y/QcRjk33ALU2NbVKE30W53vtfXUNjxVcgNLuNr2Rat4Xbaght2uuzuzwxSmS6Apk/d nFig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=EzhIDC440dhQAnuXRwrywgPsPQyj3U3KYrgR8EzQuO0=; b=dM4q4jhMPEsB8gxOlTT57huC/pwLUFR3l+AkGiJM+X9D9qCt4+F1pTEuXEwTuTFWiQ jYZt0HlC6pAQ6vVSwxn9eV8L2KVl0ZptFcJoap4kl3sqKrJOJzdV3e1gKTYaKDuo5vp6 SALwFfaDQuG+Lwkjh7JiTTeBGCWYCx7VWhevrwjPIhww7ZEbhHPObyObNKGy5XDI13JB Wd/os9SiKFz9QYACxnzcdQbmDTlDB6YXPv6Jy7QP1erGWjJIzxdad9rHs+HokwCs1W6J q/isEx+nhhm/SbppBKj8PnkXBr0qFCdoqPdXPbZyCWs6UDkHktvh7GiEg3zy/Jk1Joii GWMw== X-Gm-Message-State: AKS2vOwPPoO6fztNeKTuYEFYO93R/uGyFu4mfH3VhjsD7jx9A5D/shvj gwYfXHzqHgRHOsVu2OR0B69vFaklFfgK X-Received: by 10.55.17.209 with SMTP id 78mr3196992qkr.44.1498139134293; Thu, 22 Jun 2017 06:45:34 -0700 (PDT) MIME-Version: 1.0 Sender: earonesty@gmail.com Received: by 10.237.54.100 with HTTP; Thu, 22 Jun 2017 06:45:33 -0700 (PDT) In-Reply-To: References: <24f2b447-a237-45eb-ef9f-1a62533fad5c@gmail.com> <83671224-f6ff-16a9-81c0-20ab578aec9d@gmail.com> <6764b8af-bb4c-615d-5af5-462127bbbe36@gmail.com> <33d98418-10f0-3854-a954-14985d53e04b@gmail.com> From: Erik Aronesty Date: Thu, 22 Jun 2017 09:45:33 -0400 X-Google-Sender-Auth: NA4z38K7EKSL11UdQTnO6ZjqHq0 Message-ID: To: Paul Sztorc Content-Type: multipart/alternative; boundary="001a113ad022ec7bb505528cb26b" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Thu, 22 Jun 2017 14:22:36 +0000 Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] Drivechain RfD -- Follow Up X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 13:45:36 -0000 --001a113ad022ec7bb505528cb26b Content-Type: text/plain; charset="UTF-8" Users would tolerate depreciation because the intention is to have a cheap way of transacting using a two-way pegged chain that isn't controlled by miners. Who cares about some minor depreciation when the purpose of the chain is to do cheap secure transactions forever? Add in UTXO commitments and you've got a system that is cheap and secure-enough for transfer. storage and accumulation of a ledger... before moving in to the main chain. Seems better to me than messing with the main chain's incentive structure via merged mining. On Thu, Jun 22, 2017 at 9:27 AM, Paul Sztorc wrote: > Hi Erik, > > I don't think that your design is competitive. Why would users tolerate a > depreciation of X% per year, when there are alternatives which do not > require such depreciation? It seems to me that none would. > > Paul > > On 6/20/2017 9:38 AM, Erik Aronesty wrote: > > - a proof-of-burn sidechain is the ultimate two-way peg. you have to > burn bitcoin *or* side-chain tokens to mine the side chain. the size of > the burn is the degree of security. i actually wrote code to do > randomized blind burns where you have a poisson distribution > (non-deterministic selected burn). there is no way to game it... it's > very similar to algorand - but it uses burns instead of staking > > - you can then have a secure sidechain that issues a mining reward in > sidechain tokens, which can be aggrregated and redeemed for bitcoins. the > result of this is that any bitcoins held in the sidechain depreciate in > value at a rate of X% per year. this deflation rate pays for increased > security > > - logically this functions like an alt coin, with high inflation and cheap > transactions. but the altcoin is pegged to bitcoin's price because of the > pool of unredeemed bitcoins held within the side chain. > > > > On Tue, Jun 20, 2017 at 7:54 AM, Paul Sztorc wrote: > >> Hi Erik, >> >> As you know: >> >> 1. If a sidechain is merged mined it basically grows out of the existing >> Bitcoin mining network. If it has a different PoW algorithm it is a new >> mining network. >> 2. The security (ie, hashrate) of any mining network would be determined >> by the total economic value of the block. In Bitcoin this is >> (subsidy+tx_fees)*price, but since a sidechain cannot issue new tokens it >> would only be (tx_fees)*price. >> >> Unfortunately the two have a nasty correlation which can lead to a >> disastrous self-fulfilling prophecy: users will avoid a network that is too >> insecure; and if users avoid using a network, they will stop paying txn >> fees and so the quantity (tx_fees)*price falls toward zero, erasing the >> network's security. So it is quite problematic and I recommend just biting >> the bullet and going with merged mining instead. >> >> And, the point may be moot. Bitcoin miners may decide that, given their >> expertise in seeking out cheap sources of power/cooling, they might as well >> mine both/all chains. So your suggestion may not achieve your desired >> result (and would, meanwhile, consume more of the economy's resources -- >> some of these would not contribute even to a higher hashrate). >> >> Paul >> >> >> >> >> On 6/19/2017 1:11 PM, Erik Aronesty wrote: >> >> It would be nice to be able to enforce that a drivechain *not* have the >> same POW as bitcoin. >> >> I suspect this is the only way to be sure that a drivechain doesn't >> destabilize the main chain and push more power to miners that already have >> too much power. >> >> >> >> > > --001a113ad022ec7bb505528cb26b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Users would tolerate depreciation because the intenti= on is to have a cheap way of transacting using a two-way pegged chain that = isn't controlled by miners.=C2=A0=C2=A0 Who cares about some minor depr= eciation when the purpose of the chain is to do cheap secure transactions f= orever?=C2=A0=C2=A0=C2=A0

Add in UTXO commitments and you've go= t a system that is cheap and secure-enough for transfer. storage and accumu= lation of a ledger... before moving in to the main chain.=C2=A0=C2=A0
<= br>
Seems better to me than messing with the main chain's inc= entive structure via merged mining.


On Thu, Jun 22, 2017 at 9:= 27 AM, Paul Sztorc <truthcoin@gmail.com> wrote:
=20 =20 =20
Hi Erik,

I don't think that your design is competitive. Why would users tolerate a depreciation of X% per year, when there are alternatives which do not require such depreciation? It seems to me that none would.
Paul

On 6/20/2017 9:38 AM, Erik Aronesty wrote:
- a proof-of-burn sidechain is the ultimate two-way peg. =C2= =A0 you have to burn bitcoin *or* side-chain tokens to mine the side chain. =C2=A0 the size of the burn is the degree of security= . =C2=A0 =C2=A0i actually wrote code to do randomized blind burns w= here you have a poisson distribution (non-deterministic selected burn). =C2=A0 =C2=A0there is no way to game it... it's very s= imilar to algorand - but it uses burns instead of staking

- you can then have a secure sidechain that issues a mining reward in sidechain tokens, which can be aggrregated and redeemed for bitcoins. =C2=A0 the result of this is that any bitcoins held in the sidechain depreciate in value at a rate of X% per year. =C2=A0 this deflation rate pays for increased security

- logically this functions like an alt coin, with high inflation and cheap transactions. =C2=A0 but the altcoin is pegge= d to bitcoin's price because of the pool of unredeemed bitcoins held within the side chain.



On Tue, Jun 20, 2017 at 7:54 AM, Paul Sztorc <truthcoin@gmail.com> wrote:
Hi Erik,

As you know:

1. If a sidechain is merged mined it basically grows out of the existing Bitcoin mining network. If it has a different PoW algorithm it is a new mining network.
2. The security (ie, hashrate) of any mining network would be determined by the total economic value of the block. In Bitcoin this is (subsidy+tx_fees)*price, but since a sidechain cannot issue new tokens it would only be (tx_fees)*price.

Unfortunately the two have a nasty correlation which can lead to a disastrous self-fulfilling prophecy: users will avoid a network that is too insecure; and if users avoid using a network, they will stop paying txn fees and so the quantity (tx_fees)*price falls toward zero, erasing the network's security. So it is quite problematic and I recommend just biting the bullet and going with merged mining instead.

And, the point may be moot. Bitcoin miners may decide that, given their expertise in seeking out cheap sources of power/cooling, they might as well mine both/all chains. So your suggestion may not achieve your desired result (and would, meanwhile, consume more of the economy's resources -- some of these would not contribute even to a higher hashrate).

Paul




On 6/19/2017 1:11 PM, Erik Aronesty wrote:
It would be nice to be able to enforce that a drivechain *not* have the same POW as bitcoin.

I suspect this is the only way to be sure that a drivechain doesn't destabilize the main chain and push more power to miners that already have too much power.






--001a113ad022ec7bb505528cb26b--