Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Why the Bitcoin rules can't change (reading time ~5min)
by
iain
on 22/02/2013, 20:09:25 UTC
I wonder if it might be possible to decentralise the validation process itself, in a way that lets the blockchain become much bigger, but with spotting when rules are being violated remaining cheap?

I'm thinking of mathematical proof-of-correctness tools. (Disclaimer: I don't know much about the contemporary details of such beasts. I played with one called "Lego" a long time ago... there are probably better ones now.) The idea is, a future giant blockchain would be distributed (peer-to-peer torrented) in the syntax of a giant theorem: "THEOREM 0. Under rule-set R, the genesis block is valid. PROOF: blah blah blah. THEOREM 1: Under rule-set R, if block 0 is valid then block 1 is valid. PROOF: blah blah blah. THEOREM 2: Under rule-set R, if blocks 0 and 1 are valid then block 2 is valid. PROOF: blah blah blah. (and so on)"

The proof syntax would have the "wrongness is locally detectable" property (achieved by bounded fan-in and fan-out of the dependency of parts of it on other parts). That is, if any part of the proof was wrong, either by incompetence or malice on the part of a "super-miner", the community could detect this wrongness without any one member of the community having to parse their way through the whole thing. Sceptical community members would simply point their mathematical proof-of-correctness tool at any randomly chosen part of the giant proof object; and it only takes one person to strike lucky, and alight upon the invalid part, for the wrongness to be detectable (and exhibitable to others) extremely cheaply. The news would of course then spread like wildfire. (Through Tor-like channels, if necessary in some societies.)

The consequence once the news had spread? Blocks later than the point of invalidity would then be rejected by everyone following rule-set R, even though no one of them had (within their own node) the resources to parse the whole thing from beginning to end single-handedly.

I don't know if this would meet the "self-ownership" requirements of the OP. (There might, for example, be a worry along the lines of "How do I know that this giant proof object is a proper translation of the raw blockchain, and not an imposter?". Hopefully, though, the translation process itself would be of a "wrongness is locally detectable" character.) And I wouldn't like to try and judge if this is feasible with today's proof tools - they do have a reputation for being rather slow and clumsy in their main application, proof of correctness of code (or of chip architectures). Others more knowledgeable than me might care to comment on feasibility. At any rate, I offer this idea as something for people to think about!