I think the issue with 

I still think it is misguided to think that the "honest" (i.e. rule following) majority is to just be accepted as an axiom and if it is violated, well, then sorry.  The rules need to be incentive compatible for the system to be functional.  The honest majority is only considered an assumption because even if following the rules were clearly the 100% dominant strategy, this doesn't prove that the majority is honest, since mathematics cannot say what is happening in the real world at any given time.  Still, we must have a reason to think that the majority would be honest, and that reasoning should come from an argument that the rule set is incentive compatible.

epistemically is that even within the game that you prove the dominant strategy, you can't be certain that you've captured (except maybe through clever use of exogenous parameters, which reduces to the same thing as % honest) the actual incentives of all players. For example, you would need to capture the existence of large hegemonic governments defending their legacy currencies by attacking bitcoin.


I think we may be talking past each other if it is a concern / valuable exercise to decrease the assumptions that Bitcoin rests on to make it more secure than it is as defined in the whitepaper. That's an exercise of tremendous value. I think my point is that those things are aspirational (aspirations that perhaps we should absolutely achieve?) but to the extent that we need to fix things like the fee market, selfish mining, mind the gap, etc, those are modifying Bitcoin to be secure (or more fair is perhaps another way to look at it) in the presence of deviations from a hypothesized "incentive compatible Bitcoin", which is a different thing that "whitepaper bitcoin". I think that I largely fall in the camp -- as evidenced by some past conversations I won't rehash -- that all of Bitcoin should be incentive compatible and we should fix it if not. But from those conversations I also learned that there are large swaths of the community who don't share that value, or only share it up to a point, and do feel comfortable resting on honest majority assumptions at one layer of the stack or another. And I think that prior / axiom is a pretty central one to debug or comprehend when dealing with, as is happening now, a fight over something that seems obviously not incentive compatible.

--
@JeremyRubin


On Tue, Oct 18, 2022 at 10:30 AM Russell O'Connor <roconnor@blockstream.com> wrote:
On Tue, Oct 18, 2022 at 9:07 AM Jeremy Rubin via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

However, what *is* important about what Satoshi wrote is that it is sort of the "social contract" of what Bitcoin is that we can all sort of minimally agree to. This makes it clear, when we try to describe Bitcoin with differing assumptions than in the whitepaper, what the changes are and why we think the system might support those claims. But if we can't prove the new description sound, such as showing tip mining to be rational in a fully adversarial model, it doesn't mean Bitcoin doesn't work as promised, since all that was promised originally is functioning under an honest majority. Caveat Emptor!

I still think it is misguided to think that the "honest" (i.e. rule following) majority is to just be accepted as an axiom and if it is violated, well, then sorry.  The rules need to be incentive compatible for the system to be functional.  The honest majority is only considered an assumption because even if following the rules were clearly the 100% dominant strategy, this doesn't prove that the majority is honest, since mathematics cannot say what is happening in the real world at any given time.  Still, we must have a reason to think that the majority would be honest, and that reasoning should come from an argument that the rule set is incentive compatible.

The stability of mining, i.e. the incentives to mine on the most work chain, is actually a huge concern, especially in a future low subsidy environment.  There is actually much fretting about this issue, and rightly so.  We don't actually know that Bitcoin can function in a low subsidy environment because we have never tested it.  Bitcoin could still end up a failure if that doesn't work out.  My current understanding/guess is that with a "thick mempool" (that is lots of transactions without large gaps in fee rates between them) and/or miners rationally leaving behind transactions to encourage mining on their block (after all it is in a miner's own interest not to have their block orphaned), that mining will be stable.  But I don't know this for sure, and we cannot know with certainty that we are going to have a "thick mempool" when it is needed.

It is most certainly the case that one can construct situations where not mining on the tip is going to be the prefered strategy.  But even if that happens on occasion, it's not like the protocol immediately collapses, because mining off the tip is indistinguishable from being a high latency miner who simply didn't receive the most work block in time.  So it is more of a question of how rare does it need to be, and what can we do to reduce the chances of such situations arising (e.g. updating our mining policy to leave some transactions out based on current (and anticipated) mempool conditions, or (for a sufficiently capitalized miner) leave an explicit, ANYONECANSPEND transaction output as a tip for the next miner to build upon mined blocks.)