On Mon, Jul 15, 2013 at 03:05:52PM +0200, Jorge Timón wrote:
> One way sacrifice (btc to zerocoin) is a non-issue since there's no
> modification required for bitcoin and you can't do anything to prevent
> it anyway.
> The controversial thing is sacrificing something outside bitcoin's
> chain and new btc appearing.

Which is why I'm not proposing that.

> On merged mining. It is true that "merged attacking" the other chain
> is free, but it is still more profitable to just follow the rules and
> mine the other coin!!
> If someone considers that something he can sell in a market for btc is
> "negative value"...well, he's just dammed stupid. Proof of work is
> designed for rational actors, if you stop assuming miners are more or
> less rational everything falls apart. It is possible that the "extra
> value" is too little for some miners to bother. But the extra costs of
> validating something else are so little compared to chance-hashing
> that miners not merged mining namecoin right now are just stupid
> (irrational agents). You can merged mine and sell for btc right away.

You are assuming value is the same for everyone - it's not.

If I mine in a jurisdiction where zerocoin is banned, and the blocks I
mine are public, the value of zerocoin blocks to me are at best zero.
Equally it would be easy for the local authorities to ask that I merge
mine zerocoin blocks to attack the chain - it doesn't cost me anything
so what's the harm? I may even choose to do so to preserve the value of
the coins I can mine legally - alt-coins are competition.

Incedentally keep in mind it is likely that in the future pools will not
allow miners to modify the work units they receive in any way as a means
of combating block-withholding fraud; there may not be very many people
willing or able to honestly merge-mine any given chain.

Proof-of-sacrifice can be done in a way that is opaque to the master
blockchain by creating txouts that look no different from any other
txout. Hopefully not required, but it would be a good strategy against
censorship of sacrifice-based chains.

> On prime proof of work...for me it's interseting only because it's
> moving towards SCIP-based mining but that should be the goal. Like
> Mark said, "let's cure cancer" while mining. That would end all
> "mining is wasteful" arguments about this great security system. This
> would make Ripple's consensus mechanism less attractive. People
> talking about new scrypts harder to ASIC-mine when that's the elephant
> in the room...
> Sorry, I'm going off-topic.
> SCIP-based merged mining for the win.

SCIP is for now a dream. Give it a few more years and see how the
technology shakes out.

--
'peter'[:-1]@petertodd.org
00000000000000582cc323897a582e9368a5c3dfbcdcf73e78b261703e1bd1ba