Re: DECENTRALIZED crypto currency (including Bitcoin) is a delusion (any solutions?)

Seems I am banned from Reddit, because the following posts have been removed:

Quote from: https://www.reddit.com/r/Bitcoin/comments/5cerbi/researchers_suggest_new_method_to_scale_bitcoin/d9x35zi/

Afaics, Byzcoin can't possibly fix the most fundamental flaw in Satoshi's design when block rewards come predominantly from transaction fees, which is that the transaction fees either decline to mining costs or the throughput must be limited (e.g. by block size) so that transaction fees must rise to those the larger valued transactions are willing to pay.

One might argue that some transactions are willing to pay a higher transaction fee to be included sooner in a block, yet without any restriction on throughput (e.g. block size), this merely means one has to pay a transaction fee that makes the marginal miner profitable. But there is no such fee, because the marginal miners aren't just one level of cost. Thus gradually the most marginal miners go bankrupt, which proceeds until the lowest cost miners control 51% of the network and can raise fees to what ever level the market will bear.

The marginal miners rejoin the network if the cartel raises the level of transaction fees accepted but this is only stable if there remains a 51% cartel to raise fees. Due to the economics of Satoshi's design (e.g. minority mining on the wrong block during propagation delay, selfish mining, and even stubborn mining), those with more hashrate earn more profit than their proportional hashrate should, thus the 51% cartel over time trends towards 100% and so as their percentage of the systemic hashrate rises, the cartel can raise transaction fees to higher levels up to what the market can bear. So eventually we will be right back at Visa and Mastercard levels of centralized control and fees.

The "greedy mining attacks" are essentially a manifestation of the same underlying economic problem which is that given no restriction on throughput, then game theory incentives cause transaction fees to decline to the mining costs. Byzcoin may fix some of these attacks, but it can't fix the fundamental problem with Satoshi's proof-of-work, because it is insoluble. And no, Monero didn't fix this problem as TPTB_need_war explained to ArticMine earlier this year.

I (as @AnonyMint) had pointed out back in 2013 that transaction fees are the Achilles heel of Satoshi's design.

Ultimately what this all means is that mathematically and microeconomically for Satoshi's design to survive, a cartel must control a monopoly on mining (e.g. 51% of the hashrate) so that it can dictate a level of fees which is profitable. This is potentially why the Chinese mining "cartel" has been afaik resisting block size increases, because at least this is more obfuscated and more immediate than a battle of attrition or 51% attack to rid the blockchain of miners not in the cartel for the purpose of increasing profit from transaction fees. And there may be other vested interests in preference for Lightning Networks.

There can't ever exist any solution for Satoshi's proof-of-work design that will prevent a devolution into a mining cartel.

The only way to improve on this might be to shift to a design which doesn't use proof-of-work with blocks.

Quote from: https://www.reddit.com/r/Bitcoin/comments/5cerbi/researchers_suggest_new_method_to_scale_bitcoin/d9x3c8w/

I have not yet studied in detail about those "greedy mining attacks" but here is another attack I was contemplating which I presume wouldn't be fixed by Byzcoin. However, I conclude this attack is probably not rational.

Currently the average Bitcoin transaction is roughly $100 with roughly 200,000 transactions per day which is fractionally more than 2 transactions per second throughput. That is roughly $200 million of transaction value per day. The minted mining reward is roughly (rounded down) $1 million per day, which is thus roughly 0.5% of transaction value minted reward per transaction. At this time transaction fees are insignificant.

Mathematically it should be possible to double-spend more than $50,000 in transactions (split perhaps into numerous smaller valued transactions) by spending $50,000 on mining for 6 blocks, with the excess being profit. The argument against this being as easy as it seems mathematically is that who will rent to you equivalent of 100% of the network hashrate? Assuming you could rent 51% of the existing hashrate, then you'd only need to spend $25,000 for 6 blocks. But again those who have invested in mining hardware probably have an incentive to not rent out 51% of the network hashrate so as to not enable such attacks on the value of their investment.

If transaction fees will end up being significantly lower such as 0.05% when minted block rewards decline to 0, then unless transaction volume multiplied by average transaction value has increased commensurately (e.g. 10X in my example), then the overall capital invested in the security will be commensurately lower.

Note I wrote recently that I presumed a rational entity or cartel that controls 51% of the mining hashrate would not have an incentive to short the market while 51% attacking for double-spends, because of insufficient market liquidity to extract all the value of their capital investment. Perhaps there is another strategy which might be rational. The 51% attacker could double-spend to drive the price down, extracting profits both on the double-spent theft and the shorting (which are much less than their capital investment) which they can then reinvest by buying more coins at the low prices. Pause their attack and let the market price recover, then repeat. They would need to hide their tracks very well or do this from a country where it is not illegal to do so, which may or may not be realistic at that scale? In this way they could keep the market price relatively depressed while they wait for a technical solution to the problem, or they later announce that 51% of the network has been acquired and will now sign every block with a public key and this public key is committed to a reputation that it will never allow a double-spend. Although that attack (and any subsequent commitment to a reputation not to attack) would admit 51% control of the network, which would probably have motivated a technical replacement for Bitcoin that doesn't use proof-of-work.

Thus it seems I am probably correct and this attack is probably not in the rational interest of any entity that can control 51% of the network hashrate, which is what Satoshi also thought:

Quote from: Satoshi@Bitcoin whitepaper

If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.