> In Bitcoin "the show must go on" and someone must pay for it. Active [and/or] passive users 

I certainly agree. 

> or more precisely: tiny inflation

👍

> Right now security comes from almost fully from ~1.8% inflation.

Best I could find, fees make up about 13% of miner revenue. So yes, the vast majority of security comes from coinbase rewards. I assume you're implying that ~13% of today's security is not enough? I would love to see any quantitative thoughts you have on how one might determine that. 

Have there been any thoughts put out in the community as to what size of threat is unlikely enough to arise that we don't need to worry about it? Maybe 1% of the yearly government budgets of the world would be an upper bound on how much anyone would expect could realistically be brought to bear? Today that would be maybe around $350 billion. 

Or perhaps a better way to estimate would be calculating the size of the motivation of an attacker. For example, this paper seems to conclude that the US government was extracting a maximum of ~$20 billion/year in 1982 dollars (so maybe $60 billion/year in 2022 dollars if you go by CPI). If we scale this up to the entire world of governments, this seems like it would place an upper bound of $180 billion/year of seigniorage extraction that would be at risk if bitcoin might put the currencies they gain seigniorage from out of business. Over 10 years (about as far as we can expect any government to think), that's almost $2 trillion. 

Whereas it would currently cost probably less than $7 billion to purchase a 50% share of bitcoin miners. To eventually reach a level of $350 billion, bitcoin's price would need to reach about $800,000 / bitcoin. That seems within the realm of possibility. To reach a level of $2 trillion, you'd need a price of $4.3 million/bitcoin. That's still probably within the realm of possibility, but certainly not as likely.  If you then assume we won't have significant coinbase rewards by that point, and only 13% of the equivalent revenue (from fees) would be earned, then a price of ~$6 million would be needed to support a $350 billion and $34 million to support a $2 trillion security. I think that second one is getting up towards the realm of impossibility, so if we think that much security is necessary, we might have to rethink things. Its also quite possible, as the network of people who accept and use bitcoin as payment grows, that the fee market will grow superlinearly in comparison to market cap, which would make these kind of high levels of security more realistic. 

Anyways if it turns out that fees alone don't look like they're supporting enough security, we have a good amount of time to come to that conclusion and do something about it. 

> Deflation in Bitcoin is not 1:1 matter like in gold, for example...  Deflation in Bitcoin is more complex issue

It's helpful to keep our language precise here. Price inflation and deflation act identically in bitcoin and gold and anything else. What you seem to be talking about at this point is monetary inflation (specifically, a reduction in it) which of course operates differently on the machinery of bitcoin than it does in the machinery of gold or other things. Whereas my comment about you mentioning Gresham's law was specifically talking about price inflation, not the effects of the coin emission machinery in bitcoin. 

On Mon, Jan 2, 2023 at 5:02 PM <jk_14@op.pl> wrote:


Right now security comes from almost fully from ~1.8% inflation.
In November mempool was inflated to ~150MB and people were rather waiting for cheap transactions back.
Instead of being happy that system is closer for a while to default working area.

Deflation in Bitcoin is not 1:1 matter like in gold, for example.
If all plain gold available to mine would be finished - gold mines as unprofitable enterprices are immediately closed.
And it doesn't affect security of gold already in circulation.
In Bitcoin "the show must go on" and someone must pay for it.
Active and passive users together (balanced by market play) or: only active users (in current scenario, long-term).

Deflation (or more precisely: tiny inflation) in Bitcoin is more complex issue with more repercussions than in gold.
In case of drop of network security - the tax will be paid anyway, in Bitcoin price.
So, there is an self-regulating mechanism here. The harsh one, but still.



W dniu 2023-01-02 05:53:57 użytkownik Billy Tetrud <billy.tetrud@gmail.com> napisał:
> is surely better than not delaying it.
 
I might agree, but I don't think it really solves the problem well enough to be worth it. Any solution that would solve the problem better would make delaying halvings unnecessary. 
 
> there is non-zero risk that people will hoard it more and more, according to old Gresham's law


Gresham's law doesn't apply here. Gresham's law is about the interaction between two currencies with a fixed, usually government-enforced exchange rate. You seem to be saying that Bitcoin will be hoarded because Bitcoin inflation reduces every halving. But even with 0 inflation, it certainly won't cause all Bitcoin to be hoarded. Also, "hoarding" is also known as "saving", and there's nothing wrong with saving. The spectre of deflation comes from a misunderstanding of deflation and why it happens during bad economic times. It is an effect, not a cause.


On Sun, Jan 1, 2023, 15:23 <jk_14@op.pl> wrote:

Yes, the idea is:
if mining activity is growing - let's execute consecutive halvings
but if miner exodus has happened - let's delay next halving until mining activity is recovered to previous levels

If it gets to the point where a sudden drop in mining difficulty happens - delaying the next halving may be not sufficient to correct, but is surely better than not delaying it.

While Bitcoin is better and better money with every halving in comparision to other types of money - there is non-zero risk that people will hoard it more and more, according to old Gresham's law ("HODL"). And this way decreasing liquidity / transactions volume. The positive feedback loop - is my real concern here.

Regarding the relationship between difficulty and security - I fully agree.
But ASIC technology is already matured. And also any technology breakthrough is a short event within 4 years period.
So growth of difficulty could be gained by technology breakthrough, but any sudden drop of difficulty would be always an issue, while there is no such thing as: ASIC technology regression.

Obviously, not complicated solution would be better than complicated one.




W dniu 2022-12-30 19:21:10 użytkownik Billy Tetrud <billy.tetrud@gmail.com> napisał:
If the idea is to ensure that a catastrophic miner exodus doesn't happen, the "difference" you're calculating should only care about downward differences. Upward differences indicate more mining activity and so shouldn't cause a halving skip.


But I don't think any scheme like this that only acts on the basis of difficulty will be sufficient. If it gets to the point where a sudden drop in mining difficulty happens, it is very likely that simply delaying the next halving or even ending halving all together will not be sufficient to correct for whatever is causing hashrate to tank. There is also the danger of simple difficulty stagnation, which this mechanism wouldn't detect. 


The relationship between difficulty and security becomes less and less predictable the longer you want to look ahead. There's no long term relation between difficulty and any reasonable security target. A security target might be something like "no colluding group with less than $1 trillion dollars at their disposal could successfully 51% attack the network (with a probability of blah blah)". There is no way to today program in any code that detects based on difficult alone when that criteria is violated. You would have to program in assumptions about the cost of hashrate projected into the future.


I can't think of any robust automatic way to do this. I think to a certain degree, it will have to be a change that happens in a fork of some kind (soft or hard) periodically (every 10 years? 30 years?). The basic relations needed is really the cost in Bitcoin of the security target (ie the minimum number of Bitcoin it should take to 51% attack the system) and the cost in Bitcoin of acquiring a unit of hashrate. This could be simply input into the code, or could use some complicated oracle system. But with that relation, the system could be programmed to calculate the difficulty necessary to keep the system secure.


Once that is in place, the system could automatically adjust the subsidy up or down to attract more or less miners, or it could adjust the block size up or down to change the fee market such that more or less total fees are collected each block to attract more or less miners. 


On Tue, Dec 27, 2022, 09:41 Jaroslaw via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

It seems like the more elegant solution could be by using a chainwork parameter instead.
i.e. comparison just before halving - if the last 210,000 block interval has a higher chainwork difference between the begining and the end of interval
than any other such inter-halving interval before.

LIttle digression yet:
A system in which all users participate in ensuring its security looks better than one in which only some (i.e. active) of them participate (and passive stakeholders are de facto free riders)
In my opinion this concept above is only the complement of currently missing mechanism: achieving equilibrium regarding costs of security between two parties with opposing interests.
It's easy to understand and - most important - it has no hardcoded value of tail emission - what is the clear proof it is based on a free market.
And last but not least, if someone is 100% sure that income from transactions will takeover security support from block subsidy - accepting such proposal is like putting the money where the mouth is: this safety measure will never be triggered, then (no risk of fork)


Best Regards
Jaroslaw



W dniu 2022-12-23 20:29:20 użytkownik Jaroslaw via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> napisał:
>
Necessary or not - it doesn't hurt to plan the robust model, just in case. The proposal is:

Let every 210,000 the code calculate the average difficulty of 100 last retargets (100 fit well in 210,000 / 2016 = 104.166)
and compare with the maximum of all such values calculated before, every 210,000 blocks:


if average_diff_of_last_100_retargets > maximum_of_all_previous_average_diffs
        do halving
else
        do nothing


This way:

1. system cannot be played
2. only in case of destructive halving: system waits for the recovery of network security


Best Regards
Jaroslaw
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev



_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev