From: Gregory Maxwell <gmaxwell@gmail•com>
To: Mike Hearn <mike@plan99•net>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] replace-by-fee v0.10.0rc4
Date: Thu, 12 Feb 2015 19:49:29 +0000 [thread overview]
Message-ID: <CAAS2fgRx-UVWYji2iLqAS4nofFSHw_F8WtD+fRuw+VOe08M=LA@mail.gmail.com> (raw)
In-Reply-To: <CANEZrP2H2T2QFZceCc=YzwwiApJy7kY7FN0LoAZODGbW12SYsw@mail.gmail.com>
On Thu, Feb 12, 2015 at 1:18 PM, Mike Hearn <mike@plan99•net> wrote:
> history. Lots of miners have dropped out due to hardware obsolescence, yet
> massive double spending hasn't happened.
How many thousands of BTC must be stolen by miners before you'd agree
that it has, in fact, happened?
(https://bitcointalk.org/index.php?topic=321630.0)
On Thu, Feb 12, 2015 at 3:27 PM, Jeff Garzik <jgarzik@bitpay•com> wrote:
> The fundamental engineering truths diverge from that misty goal:
> Bitcoin is a settlement system, by design.
>
> The process of consensus "settles" upon a timeline of transactions,
> and this process -- by design -- is necessarily far from instant.
> Alt-coins that madly attempt 10-second block times etc. are simply a
> vain attempt to paper over this fundamental design attribute:
> consensus takes time.
>
> As such, the blockchain can never support All The Transactions, even
> if block size increases beyond 20MB. Further layers are -- by design
> -- necessary if we want to achieve the goal of a decentralized payment
> network capable of supporting full global traffic.
I just wanted to pull this out and say that I agree with this
completely; to the point where I'm continually surprised to see people
expressing other views (but they do).
I don't have much opinion about replace-by-fee; It has pluses and
minuses. In the past I've considered it a "oh perhaps best to not talk
about that" idea. I think making zero conf actively less secure would
be generally regrettable, though it might make building alternatives
for fast and acceptably safe transactions more attractive sooner. I do
favor a version of replace by fee that adds the extra constraint that
all prior outputs must be paid equal or more; which would capture many
of the 'opps paid too little' without opening up the malicious double
spends quite as much (so soon).
One challenge is that without rather smart child-pays-for-parent logic
the positive argument for replace by fee doesn't really work.
On Thu, Feb 12, 2015 at 12:52 PM, Alex Mizrahi <alex.mizrahi@gmail•com> wrote:
> This would be right if you assume that all Bitcoin miners act as a single
> entity. In that case it is true that that entity's goal is to maximize
> overall ROI.
>
> But each miner makes decisions on his own. Are you familiar with a concept
> of Nash equilibrium, prisoner's dilemma, etc?
>
> The fact that nobody is using this kind of a behavior right now doesn't mean
> that we can rely on it.
>
> For example, Peercoin was horribly broken in 6 months after its release
> (e.g. people reported that they are able to generate 50 consecutive blocks
> simply by bringing a cold wallet online) and yet nobody bothered to exploit
> it, and it managed to acquire non-negligible "market cap".
As a point for historical accuracy: PPC was actively attacked with
stake grinding and had to use developer signed blocks to prevent the
attacker from mining all the blocks and then later made a hard fork to
make it harder, and retains the developer block signing to stop it.
This doesn't contradict your point, which I agree with: an absence of
attacks doesn't mean an absence of vulnerability, and people counting
on things that they wouldn't if they understood them better is
something to avoid. And the prior point about game theory is one I
think some people have a hard time with: partipants are looking out
for their own interests, not some global optimum. It may not be the
case that everyone (or even anyone) is maximally short sighted; but
it's even more unreasonable to assume that no one will ever break rank
and do something selfish.
I don't know that RBF even needs to be debated on these terms, since
there is an argument for RBF as good even if we assume miners are all
fully protocol conforming.
next prev parent reply other threads:[~2015-02-12 19:49 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-12 6:47 Peter Todd
2015-02-12 7:23 ` Tamas Blummer
2015-02-12 7:45 ` Peter Todd
2015-02-12 8:27 ` Tamas Blummer
2015-02-12 8:49 ` Peter Todd
2015-02-12 9:01 ` Tamas Blummer
2015-02-15 20:51 ` Troy Benjegerdes
2015-02-12 8:16 ` Alex Mizrahi
2015-02-12 11:58 ` Mike Hearn
2015-02-12 12:23 ` Natanael
2015-02-12 12:49 ` Mike Hearn
2015-02-12 13:02 ` Natanael
2015-02-12 13:44 ` Mike Hearn
2015-02-12 14:36 ` Natanael
2015-02-12 14:53 ` Mike Hearn
2015-02-12 15:20 ` Natanael
2015-02-12 15:30 ` Justus Ranvier
2015-02-12 13:36 ` Oleg Andreev
2015-02-12 12:52 ` Alex Mizrahi
2015-02-12 13:18 ` Mike Hearn
2015-02-12 13:45 ` Alex Mizrahi
2015-02-12 13:52 ` Mike Hearn
2015-02-12 14:04 ` Tamas Blummer
2015-02-12 14:16 ` Mike Hearn
2015-02-12 14:25 ` Tamas Blummer
2015-02-12 23:08 ` Tom Harding
2015-02-12 14:32 ` Alex Mizrahi
2015-02-12 15:15 ` Mike Hearn
2015-02-12 15:32 ` Natanael
2015-02-12 15:42 ` Mike Hearn
2015-02-12 15:54 ` Natanael
2015-02-12 16:57 ` Btc Drak
2015-02-12 17:24 ` Oleg Andreev
2015-02-12 18:11 ` Justus Ranvier
2015-02-12 18:37 ` Allen Piscitello
2015-02-12 19:15 ` Alan Reiner
2015-02-12 19:34 ` Justus Ranvier
2015-02-12 19:45 ` Peter Todd
2015-02-12 19:49 ` Justus Ranvier
2015-02-12 19:47 ` Allen Piscitello
2015-02-12 19:52 ` Justus Ranvier
2015-02-12 20:02 ` Natanael
2015-02-12 20:36 ` Allen Piscitello
2015-02-14 14:47 ` Ross Nicoll
2015-02-12 20:06 ` Peter Todd
2015-02-12 19:49 ` Gregory Maxwell [this message]
2015-02-12 20:18 ` Peter Todd
2015-02-13 11:34 ` Mike Hearn
2015-02-12 12:54 ` Tamas Blummer
2015-02-12 14:42 ` Alex Mizrahi
2015-02-12 15:27 ` Jeff Garzik
2015-02-15 21:25 ` Troy Benjegerdes
2015-02-15 21:40 ` Adam Gibson
2015-02-19 8:56 ` Troy Benjegerdes
2015-02-21 19:09 ` Jorge Timón
2015-02-21 20:30 ` Mark Friedenbach
2015-02-21 22:47 ` Jeff Garzik
2015-02-22 1:15 ` Peter Todd
2015-02-22 3:25 ` Jorge Timón
2015-02-22 4:06 ` Jeff Garzik
2015-02-22 11:41 ` Eric Lombrozo
2015-02-22 12:06 ` Eric Lombrozo
2015-02-22 13:41 ` Eric Lombrozo
2015-02-22 13:53 ` Peter Todd
2015-02-22 23:29 ` Eric Lombrozo
2015-02-24 1:11 ` Jeff Garzik
2015-03-01 17:59 ` Troy Benjegerdes
2015-03-01 19:05 ` Neil Fincham
2015-03-01 17:44 ` Troy Benjegerdes
2015-02-12 16:15 ` Lawrence Nahum
2015-02-12 18:14 ` Tom Harding
2015-02-12 21:40 ` Josh Lehan
2015-02-22 16:36 ` Tom Harding
2015-02-22 17:12 ` Peter Todd
2015-02-22 19:25 ` Tom Harding
2015-02-22 21:50 ` Peter Todd
2015-05-04 4:36 ` [Bitcoin-development] New release of replace-by-fee for Bitcoin Core v0.10.1 Peter Todd
2015-05-05 2:23 ` Kevin Greene
2015-05-23 18:26 ` [Bitcoin-development] Replace-by-fee v0.10.2 - Serious DoS attack fixed! - Also novel variants of existing attacks w/ Bitcoin XT and Android Bitcoin Wallet Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAS2fgRx-UVWYji2iLqAS4nofFSHw_F8WtD+fRuw+VOe08M=LA@mail.gmail.com' \
--to=gmaxwell@gmail$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=mike@plan99$(echo .)net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox