public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [bitcoin-dev] Security problems with relying on transaction fees for security
@ 2022-07-11 18:12 Bram Cohen
  2022-07-11 18:38 ` micaroni
                   ` (7 more replies)
  0 siblings, 8 replies; 35+ messages in thread
From: Bram Cohen @ 2022-07-11 18:12 UTC (permalink / raw)
  To: Bitcoin Protocol Discussion

[-- Attachment #1: Type: text/plain, Size: 3021 bytes --]

If transaction fees came in at an even rate over time all at the exact same
level then they work fine for security, acting similarly to fixed block
rewards. Unfortunately that isn't how it works in the real world. There's a
very well established day/night cycle with fees going to zero overnight and
even longer gaps on weekends and holidays. If in the future Bitcoin is
entirely dependent on fees for security (scheduled very strongly) and this
pattern keeps up (overwhelmingly likely) then this is going to become a
serious problem.

What's likely to happen is that at first there will simply be no or very
few blocks mined overnight. There are likely to be some, as miners at first
turn off their mining rigs completely overnight then adopt the more
sophisticated strategy of waiting until there are enough fees in the
mempool to warrant attempting to make a block and only then doing it.
Unfortunately the gaming doesn't end there. Eventually the miners with
lower costs of operation will figure out that they can collectively reorg
the last hour (or some time period) of the day overnight and this will be
profitable. That's likely to cause the miners with more expensive
operations to stop attempting mining the last hour of the day preemptively.

What happens after that I'm not sure. There are a small enough number of
miners with a quirky enough distribution of costs of operation and
profitability that the dynamic is heavily dependent on those specifics, but
the beginnings of a slippery slope to a mining cabal which reorgs everyone
else out of existence and eventually 51% attacks the whole thing have
begun. It even gets worse than that because once there's a cabal
aggressively reorging anyone else out when they make a block other miners
will shut down and rapidly lose the ability to quickly spin up again, so
the threshold needed for that 51% attack will keep going down.

In short, relying completely on transaction fees for security is likely to
be a disaster. What we can say from existing experience is that having
transaction fees be about 10% of rewards on average works well. It's enough
to incentivize collecting fees but not so much that it makes incentives get
all weird. 90% transaction fees is probably very bad. 50% works but runs
the risk of spikes getting too high.

There are a few possible approaches to fixes. One would be to drag most of
east asia eastward to a later time zone thus smoothing out the day/night
cycle but that's probably unrealistic. Another would be to hard fork in
fixed rewards in perpetuity, which is slightly less unrealistic but still
extremely problematic.

Much more actionable are measures which smooth out fees over time. Having
wallets opportunistically collect their dust during times of low
transaction fees would help and would save users on fees. Also making UX
which clarifies when things are likely to take a day or week but that it's
reliable would be a reasonable thing to do, but users unfortunately are
very averse to transactions taking a while.

[-- Attachment #2: Type: text/html, Size: 3207 bytes --]

^ permalink raw reply	[flat|nested] 35+ messages in thread
* Re: [bitcoin-dev] Security problems with relying on transaction fees for security
@ 2022-07-12  3:56 Peter
  2022-07-12 11:57 ` Erik Aronesty
  0 siblings, 1 reply; 35+ messages in thread
From: Peter @ 2022-07-12  3:56 UTC (permalink / raw)
  To: bitcoin-dev

[-- Attachment #1: Type: text/plain, Size: 3582 bytes --]

The Bitcoin emission curve requires a 2x value increase per 210,000 blocks to maintain the existing security level.

Transactions are practically irreversible when the value the miners expend (not receive) is greater than said transaction value.

If you send 1000 gold grams of value in a transaction then it's finalized after 1000 gold grams worth of energy have been spent on mining blocks.

Bitcoin is bootstrapping from the English population and its final steady state is to eliminate fiat and be a global reserve currency and a daily transactional currency. So, we should engineer for other language and religious communities to join in. Saturday and Sunday are business days in a large portion of the planet.

Bike shedding a tail emission to try to support Bitcoin with the current 2% to 4% global adoption (in terms of holding not spending) as the world's premier pet rock is a poor strategy.

We can expect Bitcoin to never have a steady value because businesses turn profits on average of 10% so there will be a steady increase in hoarding to fuel number go up technology. Prices will be more reliably accounted for in gold grams, as well as corporate and government accounts being denominated in gold grams not satoshis. We can expect the boom and bust economic cycle to disappear when the price of money (interest rates) is set by the market. The value of money will still be set by the government via average government wages.

With 3000 Lightning open/ close tx per block and 6 billion adults it's 38 years of backlog to onboard the entire adult population. That's not including corporations.

If we assume 20% of people use non-custodial Lightning but they each have 5 channels open we are back to 38 years backlog.

There's a cost and risk to reorganize the chain to chase fees in a zero block reward world. And as stated miners can leave honey in the mempool pot. We shouldn't expect empty mempools with occational transactions with outlier large fees that cause overnight reorganizations.

In a state of victory, nation-states will use solar power during the daytime to ensure local entities have priority access to confirmations and Bitcoin will receive nation-state altruism in such a future as it receives person-based altruism today. Because we as individuals and nation states all win if we keep the Schelling point of 21M bitcoins.

We shouldn't make naive miner centralization models when there's national security considerations to keep the chain moving forward in a stable way. Big miners won't take all the fees and put small miners out of business because energy production itself is decentralized and idle energy will always keep a diverse set of miners on the network.

Block rewards are no guarantee of security as we have seen with lesser PoW coins (Ethereum Classic and others). And during the Bitcoin immaculate conception period of 2009 to 2012 the block reward served mainly as a distribution method since JP Morgan had enough GPU power to reorganize us to block 0 but that didn't happen. So, the block reward offered little security in those days.

Bitcoin works but in order to win it needs global adoption. No amount of arbitrary inflation can ensure a sufficient security budget.

Block rewards are to distribute the money we can expect mining to transition to a public service from the current for-profit business model when there's a 38 year backlog and every nation is on board for the game theoretic reason to deny any single nation the power of seigniorage of the global reserve currency.

Regards

Peter Kroll

(pointbiz / BTCCuracao)

[-- Attachment #2: Type: text/html, Size: 4102 bytes --]

^ permalink raw reply	[flat|nested] 35+ messages in thread
[parent not found: <mailman.82083.1657699581.8511.bitcoin-dev@lists.linuxfoundation.org>]

end of thread, other threads:[~2022-07-15  6:04 UTC | newest]

Thread overview: 35+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-11 18:12 [bitcoin-dev] Security problems with relying on transaction fees for security Bram Cohen
2022-07-11 18:38 ` micaroni
2022-07-11 18:43 ` Erik Aronesty
2022-07-11 19:45 ` vjudeu
2022-07-11 20:35 ` Russell O'Connor
2022-07-11 20:52   ` Erik Aronesty
2022-07-11 21:36   ` Peter Todd
2022-07-11 21:56     ` Peter Todd
2022-07-12  0:21       ` Russell O'Connor
2022-07-12  0:37         ` Peter Todd
2022-07-14  0:54         ` Anthony Towns
2022-07-11 21:18 ` Pox
2022-07-11 21:53 ` Peter Todd
2022-07-12  2:47   ` Bram Cohen
2022-07-11 22:19 ` James MacWhyte
2022-07-11 22:26   ` Peter Todd
2022-07-12  0:01     ` James MacWhyte
2022-07-12  0:31       ` Peter Todd
2022-07-13  0:38     ` Tom Harding
2022-07-13 12:18       ` Erik Aronesty
2022-07-11 23:29 ` Anthony Towns
2022-07-12  3:56 Peter
2022-07-12 11:57 ` Erik Aronesty
2022-07-12 15:08   ` Peter
2022-07-12 17:46   ` Ryan Grant
     [not found] <mailman.82083.1657699581.8511.bitcoin-dev@lists.linuxfoundation.org>
2022-07-13  9:43 ` John Tromp
2022-07-13 11:56   ` John Tromp
2022-07-13 12:11   ` Gino Pinuto
2022-07-13 13:29     ` Manuel Costa
2022-07-14  9:33       ` vjudeu
2022-07-14  9:57         ` Erik Aronesty
2022-07-14 11:42           ` Gino Pinuto
2022-07-14 16:01             ` Erik Aronesty
2022-07-14 16:27             ` Manuel Costa
2022-07-15  6:03               ` vjudeu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox