Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UySHs-0004DY-I9 for bitcoin-development@lists.sourceforge.net; Sun, 14 Jul 2013 19:48:52 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of googlemail.com designates 209.85.215.176 as permitted sender) client-ip=209.85.215.176; envelope-from=john.dillon892@googlemail.com; helo=mail-ea0-f176.google.com; Received: from mail-ea0-f176.google.com ([209.85.215.176]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UySHr-0002Gc-L3 for bitcoin-development@lists.sourceforge.net; Sun, 14 Jul 2013 19:48:52 +0000 Received: by mail-ea0-f176.google.com with SMTP id z15so7340755ead.35 for ; Sun, 14 Jul 2013 12:48:45 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.15.44.67 with SMTP id y43mr20393588eev.20.1373831325326; Sun, 14 Jul 2013 12:48:45 -0700 (PDT) Received: by 10.223.12.131 with HTTP; Sun, 14 Jul 2013 12:48:45 -0700 (PDT) In-Reply-To: <201307141933.13754.luke@dashjr.org> References: <20130705140140.GA23949@netbook.cypherspace.org> <201307141933.13754.luke@dashjr.org> Date: Sun, 14 Jul 2013 19:48:45 +0000 Message-ID: From: John Dillon To: Luke-Jr Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -1.4 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (john.dillon892[at]googlemail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (john.dillon892[at]googlemail.com) -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1UySHr-0002Gc-L3 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] libzerocoin released, what about a zerocoin-only alt-coin with either-or mining X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 19:48:52 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Sun, Jul 14, 2013 at 7:33 PM, Luke-Jr wrote: >> Merge mining is very much mining a coin for free. Ask not what the total >> reward is, ask that the marginal cost of merge mining an additional coin >> is. > > But the total reward is what mining will tend toward equalizing in costs. > In any case, the cryptocurrencies are neutral to cost of mining, or perhaps > even benefit from it being as cheap as possible: if it's cheaper to mine, you > can get an even higher difficulty/security out of it. Again, you forget that there may exist miners for which the value of the coin is negative. Never mind that in practice you want there to exist a cost to encourage miners to actually pay attention to what they mind and to encourage them to update software when required and participate. >> The issue is that unless there is a cost to mining a *invalid* block >> the merge mined coin has little protection from miners who mine invalid >> blocks, either maliciously or through negligence. If the coin isn't worth >> much, either because it's market value is low or the worth is negative to >> the malicious miner, your theories of value have nothing to do with the >> issue. > > Invalid blocks are rejected by validating clients in all circumstances. Validating clients, not SPV clients. > I suspect you may mean a block that doesn't include transactions you want > confirmed. In that case, you must not be paying sufficient fees for the miner > to consider it worth their time, or must be doing something the miner > considers fundamentally objectionable (in which case they won't be satisfied > by any fee). But these miners, unless they are able to acquire over 50% of the > hashrate (in which case the cryptocoin is compromised), are not the only ones > mining blocks, and if another miner accepts your transactions there is no > issue. All those things simply change the amount of alt-coin the miner gets, which to the miner may have no reward. You also have the issue that we may be talking about a non-currency chain where reward is more nebulous. In any case, regarding a zerocoin chain, Peter's observation that proof-of-sacrifice allows a strong 51% attck defense is very clever and IMO is significantly stronger than proof-of-work mining, merged or not, would provide. It's essentially the ability to conjur up mining capacity on demand, but only by those who have a stake in the crypto-coin. It does depend on the existance of a proof-of-work chain, but we have a perfectly good one handy. PS: good to see you signing you email! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBCAAGBQJR4wCFAAoJEEWCsU4mNhiPIcwH+gLYbUPDi/7ITK02wftqEV2E FSlzZ0W8aw7z7sF7hqPm7jpmtqbXdvQRSSy+XRDgWUxvF72o5oRTwOpY7xN8KOct 9rMwF35nld8An9FOjOB6NR3sIQxmAg9q7xoilZrOHyRFcz/UT0BexSZ3x5DrKIAB 6S7qalrGT0NWZx8CI0PRAzY8Nx+WouaoofBaypRaXBVJxigFqJlWNxgUM1FuoCL+ C1wn0hlbWfO42Mh9jdnFZXhH2Omd5V3PzIS/t2cJGTjrwr7nT6VAJu+0hbNZHI/q yg0TGbO/01pp4OVe7WdLz9OktMqqDdDZJd6HWLQk07zqHS3iRJ2cpRIO6k9UCk0= =oicX -----END PGP SIGNATURE-----