Profits, Performance, Trust & Efficiency

[Troglodactyl]

.dac and Toast both have some great points here.  My personal inclination is allowing multisig 1/n POS delegation, but clearly Dan has put a lot more thought into this than I have, so I would encourage him to do as he thinks is best...

[Empirical1]

I have to agree with Dan on this simply for the fact that the bitcoin centralization argument has thus far been nullified in practice, by the realization that the central mining power has little financial incentive to double spend because it will drive down the price of its stake. 

Time is money, and Dan’s time is cutting edge crypto.  He possess the vision of Tesla (Ethereum) who was designing a free energy wire around the planet, with the practicality of Edison (BTC).
 

1. I don't think we can know how much of the centralisation risk is priced into Bitcoin. I personally decreased my stake by about 40% once I'd analysed it.

Ghash.io for example is owned by who? At 40% plus some unknown hashing power they had a kill switch for Bitcoin they could flip at the most opportune moment. That is worth a lot more than $6 billion to TPTB. Even now, I have to factor a probability that in the event of a major financial event TPTB can decimate Bitcoin by getting to a handful of pool owners.

2. No doubt, the guy's a genius, but with practicality too as you said. I bitch but Bitshares is my biggest investment outside BTC, even though I don't always understand everything from a technical perspective, the quality of his insights into areas I do understand better is astounding & inspiring.

Edit: What's the advantage of holding funds in Bitshares using the trustee model vs. distributing them through a few well known Bitcoin exchanges that have provable BTC reserves & good contingency plans for raids/shut-downs?

[toast]

Greetings Bitshares community, I'm a longtime lurker, first time poster.

I have to agree with Dan on this simply for the fact that the bitcoin centralization argument has thus far been nullified in practice, by the realization that the central mining power has little financial incentive to double spend because it will drive down the price of its stake.  Yet countless hours have been spent debating this.  According to the current market cap of BTC, some amount of centralization works in a real world crypto.  If Sato had held back the launch of bitcoin because it was not perfectly 100% decentralized, then many of us would still have our wealth stored in the bank of Cyprus.

If you could quantify and compare the actual real world decentralization flaw risk models between bitcoin and bitshares (with the trustee system), what is the quantitative result?  Are we more or less at risk to attack than bitcoin?  That is the only question potential investors will have about this since they are simply comparing BTS to the current BTC benchmark, and not some theoretical 100% decentralized, 100% secure Bank of Star Trek crypto yet to be invented.

If this trustee system is at least as secure as centralized ASIC BTC, then we should implement this ASAP.  We are not trying to be perfect; we are trying to beat bitcoin.  Who is the top crypto out there? Ripple? Can you put a Ripple private key in cold storage? Ethereum? When? In the third quarter?  MSC? XCP?  Maybe if the bitcoin central authority modifies the code to assist them.  NXT?  PPC?  If you want your private keys exposed.

Yes, all of us have high hopes, and yes, of course a perfectly decentralized model is the ultimate goal of Dan’s DACs.  However, the more tangible, and realistic goal which Dan is trying to achieve here is simply a better bitcoin model where the risk imposed by the central authority is simply less.

The Bit-“share” meme conjures up an owner participation alternative to bitcoin, much like Memory Coin, FTC, DOGE, etc.  One where the active community of responsible stakeholders is operating like an ant colony under the major incentive which is to ensure a robust system.  As with most investments, you cannot simply buy and hold, but must perform due diligence on occasion, and the added effort we must apply because of this trustee model can be considered the necessary due diligence that we must do to ensure the robustness of the system. 

We all want our coins sit in cold storage forever and reap mad rewards.  This is not Mike Judge’s Idiocracy just yet; today’s investors must still apply effort on occasion.  You will still need to move your BTS annually or be penalized with a 5% laziness hit, so vote your shares when you do that.  It’s ok to strive for perfection, and maybe Dan will be the first to launch it, but right now, I will settle for being “better than bitcoin”.
 
Let's help him design the “best” trustee structure, or else that will be the first part of BTS that gets changed in the first “Lightshares” fork.  In fact, by opening this to discussion, Dan has just tipped his hand revealing to his competitors what an incredible shortcut in the BTS development process this could be, and that if utilized in the way Dan envisions, would let our competitors get a working “better than bitcoin” product to the market before our perfectly decentralized BTS is launched.   

Time is money, and Dan’s time is cutting edge crypto.  He possess the vision of Tesla (Ethereum) who was designing a free energy wire around the planet, with the practicality of Edison (BTC), who worked to make the average human’s life easier today.  Furthermore, Dan is asking (not telling) us where he should spend his time.  Please feel grateful he doesn’t abandon this project all together to go do whatever he wants.  He certainly seems capable of that to me.  I vote for launch imperfection like Edison, and let Vatalik go insane struggling for perfection if and only if the BTS trustee system is arguably at least as secure as BTC.  If it is not as secure, then we must debate the pros and cons.
 
In short, the main questions crypto investors care about today is this: Where can I get the security of blockchain cold storage at the lowest security cost relative to bitcoin?  As soon as that answer is bitshares, then launch it.  If I understand Dan correctly, I believe that is what he is saying here.  My apologies if I’m wrong.
 
This seems like we are at a critical fork in the road to the successful BTS launch.  A fork that our competitors will be the first to exploit by offering countless alternatives to.   

I’ve been lurking here for 5 months without a peep.  Why? Simply because I see that the man actually reads these posts.  What is five minutes of Dan’s time worth to us?

holy shit... 

[.dac]

you!

[Empirical1]

In bitcoin land, the mining pools are 'delegates' which then direct the voting power of the masses to rapidly resolve forks.   Shareholders should delegate their power in similar ways.

Imo, the mining pools are not 'delegates' directing the voting power of the masses, they are the result of the single biggest unintended major Bitcoin design flaw which allowed hashers to point their power to pools and still earn Bitcoins. That centralisation of power is one of the biggest risks to the future of Bitcoin.

This risk was demonstrated when 1. Ghash.io was used for double spending & 2. Their hashing power grew 15% in the following two months after the incident because enough voting masses (hashers) were obviously only concerned with their short term profitability.

Humans are greedy. Humans when acting as a group almost always choose short term pleasure over long term pain.

I'm pretty sure that any company with a future in this space has to be centred around trusting in maths more than in humans (Whether as voters or leaders) and doing it as decentralised way as possible so that is extremely hard to game or shut down.
 

[Empirical1]

What if there were two keys?

Private Key 1 lets  you use your balance for forging/processing. 
Private key 2 lets you spend the funds.

Private Key 1 can be altered with Private Key 2 making the previous one obsolete.

I don't forge with NXT and support the network because I'm worried about my private key being compromised/hacked if I type it into my computer all the time. But using the above approach (Is it technically possible?) I would be happy to support the network because if my computer was hacked they'd only be able to compromise my processing ability which I'd be able to change back to my control with private key 2 once I noticed someone else was forging my account.

(I'm pretty sure the community would sacrifice cost and efficiency for the sake of a decentralised solution.)

[bytemaster]

I want to thank everyone for their feedback so lets address some things:

1) Delegation of your stake is the way most people will prefer to operate.  Lets assume that any successful design will depend upon this delegation of votes to 'voting keys' which are independent of 'spending keys'.

2) A single Trustee can periodically abuse their power in 'politically acceptable ways'.... I can see them blocking any transaction attempting to spend funds stolen by the FBI without generating enough uproar to vote them out of office.  In effect, the trustee has defacto power to freeze funds of minorities so long as it was politically acceptable of the majority.   This is a potential problem, but one that is solved by competition.

3) If viewed as companies, each company is competing in the market and the value of its shares will be based upon how secure their network is and how 'fair' it is.  A network run by someone who refused to play politics would gain value much like low-regulation economic regions. 

4) There are many ways to select such a trustee and the result of market competition and eliminating barriers to entry would be the best form of decentralization.

Lets think in terms of 'value to customer'  vs 'risk to customer' and what is the customer willing to pay?   

Lets also realize that this particular problem is very hard and that the *real answer* is to have many competing systems and let the market sort it out.  Given the goal of competing systems, it is hard to compete with something when all you have is nothing.   So proving the business models work (BTS X anyone?) and then committing to improve DACs is the way to go.   I could see the trustee working to decentralize his block production process via Ripple Consensus.      I could see voting systems set up.

In bitcoin land, the mining pools are 'delegates' which then direct the voting power of the masses to rapidly resolve forks.   Shareholders should delegate their power in similar ways.  So long as it is easy to change and unambiguous we would have a solid system.   This delegation could even occur on the block chain itself.     If it happened on the blockchain the trustee could block votes for anyone else, but this type of hostile takeover is the grounds upon which a fork will be started with a new trustee.  Subverting the 'democratic' process supported by the chain would be clear signs that the trustee is no longer in charge.

99% of the time if a hard-fork is required to correct the problem, there will only be a single hard fork and a leader will step up to champion the cause.  The market will follow the chain with the most support.

Market is decentralization.   

[theoretical]

The sheer number of hypothetical attacks that are possible under these 'random selection' processes means that the network is likely less secure and predictable.

Since basically all existing cryptocurrencies use mining -- and the few proof-of-stake use another "random selection process" -- I would say that we have plenty of extensive, at-scale, real-world experience about networks that use random selection processes.  Random selection has its share of problems -- the Great Bitcoin Fork comes to mind -- but the trustee approach has a lot more unknown unknowns.

All of a sudden people start mining blocks that exclude bids/asks to their benefit or to trigger margin calls.

As I pointed out back when the UNL was proposed, centralization allows for transaction censorship.  A trustee may exclude a transaction indefinitely; as long as they're a trustee, there is no way to guarantee they'll be tossed out for excluding any particular transaction.  Whereas with random selection, assuming everyone controls less than p percent of the block production capability, the probability that the transaction hasn't been included after n blocks is bounded above by p^-n.  Since p < 1/2 (otherwise someone has already owned the network with a 51% attack), this means your transaction will be included within very few blocks with very high probability.

All of the random selection techniques discussed here (and with Nxt) depend upon people putting their private keys at risk.

As I've recommended in at least two other threads, you can allow nodes to delegate mining / minting power.  Allowing someone to revocably sign over their block production capacity does not require all block production to be channeled through a single dictator node.

All of the random selection (mining + POS / etc ) techniques have potential for forks (even if just for a few blocks) and this potential is highly problematic.

How exactly does the trustee approach avoid forks?  If there's e.g. a network split, won't one side of the split see the trustee's offline and elect a new trustee, and the other side of the split keep going with the old trustee?  How is any decentralized protocol even able to tell the difference between "a bunch of nodes all decided to quit at once" and "we're on the wrong side of a network split"?

Mining results in a kind of centralization and de-facto trustee that cannot be fired

On the contrary, the "trustee" in mining / minting is fired and replaced after every block.  Unless the network's been hit by a successful 51% attack, there's at least a 50% chance the new block producer isn't following the same agenda as the old one.  It should be obvious how much this limits the damage a rogue block producer can do.

POS requires peoples keys to be kept on line and ultimately a minority of nodes will participate in block generation

This is simply false.  As I discussed above, it's totally possible to allow people to revocably delegate the PoS power of their coins while keeping block production decentralized.

[luckybit]

With proof of stake your private key is your proof.   


Sent from my iPhone using Tapatalk

Do you mean private keys have to be risked with POS (forging) because they can not be used for forging when they are in cold storage?

They don't if you can sign for a delegate! Keep 90% in cold storage and have your 10% hot wallet sign for all of them. You could easily have revocation keys so you wouldn't have to take your shares out of cold storage to take away the voting power if your hot wallet is swiped.

This is a very good idea.

[theoretical]

Effectively 'delegation' using your stake is exactly what I am proposing.   Person A delegates to person B, who in turn can delegate to person C.   Eventually all of the delegates have to arrive at a 51% consensus on who produces the next block.   If someone sets up some software in a 'set it and forget it' manner then the network is perfectly safe unless this person is attacked.   If they are attacked then the network can quickly appoint (probably pre-arranged) the fallback. 

At any time someone with stake can change who they delegate their vote to. 

I proposed something quite similar to this two weeks ago in the TaPoS thread:  https://bitsharestalk.org/index.php?topic=3623.msg46238#msg46238

The only difference was that my proposal was to allow delegation of mining / minting power, rather than election of a singleton dictator to produce blocks.

[BldSwtTrs]

What's the difference between this method and the transparent forging of NXT? That's looks very similar.

[puppies]

Personally I don't like the single block issuing authority, nor the democracy that is used to select it.  Putting people into the mix seems like a bad idea. 

If this is what you need to do to in order to quickly release a stable product then I would support it, but with the stated of goal of launching a POS blockchain that is a little more decentralized, and autonomous.

Now I'm a very small fish, and if I sold all of the BTS-XT I had immediately on launch it would hardly be noticed, but I think others might feel like I do and not be interested in the final product if its going to involve human voting to centralize power.  Even if that power is temporary and transparent.

The thought that sprang to mind from your analogy of constitutional government was "Look how thats turned out in the past"

Most of what I know about POS I learned reading this very forum.  If I'm completely off someone please let me know.  Is the only real drawback to POS that you have to keep your wallet online?  Cause that seems like it would be really easy to fix.

[santaclause102]

Assumptions:
With the shares system we have an easy way to vote on anything.
With the TaPOS system the transaction ledger becomes immutable automatically over time as the ledger is confirmed by everyone on the network.
Generating the next block should be as efficient as possible to maximize dividends.
Transaction validation should be as quick as possible.

Solution:
Shareholders vote (off chain) on a trustee.
Trustee generates blocks every 30 seconds (or at will..... no need to require any particular rate)
If trustee is compromised or shutdown, shareholders can elect a new trustee by broadcasting their vote.
Once a new trustee has 51% of the shareholders support the network continues.

As a trustee you cannot double spend (you will be caught and fired).
As a trustee you cannot perform Denial of Service without being caught and fired.
As a trustee you cannot be coerced without being let go.

As a shareholder this maximizes your value (dividends, transaction speed, no potential of forks).

A trustee is not a paid position and requires almost no resources to run.  A trustee could even operate behind a tor node.

The result is like a 'constitutional company' where the laws are entirely defined in the constitution and the 'president' can be recalled at any time and has almost no power even when in office.

This same process can be used to resolve when a hard fork goes into effect.   

Thoughts?

Does this have the potential to delay the release of ME/XTS/Lotto/DNS .? I assumed the end of March for the first DAC (ME) to be released... 

anyone to comment on this?

This change has accelerated the process.  I think I could release something prior to going to NYC... but don't want to launch a chain and then be gone on travel for a week.

I think I will launch the test-test prior to NYC... then the real XT network when I get back.    Of course all software development times are estimates.

Oook Thought ME and XTS would be out in March. But no need to rush anything! This will be a longer competition...

[bytemaster]

Assumptions:
With the shares system we have an easy way to vote on anything.
With the TaPOS system the transaction ledger becomes immutable automatically over time as the ledger is confirmed by everyone on the network.
Generating the next block should be as efficient as possible to maximize dividends.
Transaction validation should be as quick as possible.

Solution:
Shareholders vote (off chain) on a trustee.
Trustee generates blocks every 30 seconds (or at will..... no need to require any particular rate)
If trustee is compromised or shutdown, shareholders can elect a new trustee by broadcasting their vote.
Once a new trustee has 51% of the shareholders support the network continues.

As a trustee you cannot double spend (you will be caught and fired).
As a trustee you cannot perform Denial of Service without being caught and fired.
As a trustee you cannot be coerced without being let go.

As a shareholder this maximizes your value (dividends, transaction speed, no potential of forks).

A trustee is not a paid position and requires almost no resources to run.  A trustee could even operate behind a tor node.

The result is like a 'constitutional company' where the laws are entirely defined in the constitution and the 'president' can be recalled at any time and has almost no power even when in office.

This same process can be used to resolve when a hard fork goes into effect.   

Thoughts?

Does this have the potential to delay the release of ME/XTS/Lotto/DNS .? I assumed the end of March for the first DAC (ME) to be released... 

anyone to comment on this?

This change has accelerated the process.  I think I could release something prior to going to NYC... but don't want to launch a chain and then be gone on travel for a week.

I think I will launch the test-test prior to NYC... then the real XT network when I get back.    Of course all software development times are estimates.

[santaclause102]

Assumptions:
With the shares system we have an easy way to vote on anything.
With the TaPOS system the transaction ledger becomes immutable automatically over time as the ledger is confirmed by everyone on the network.
Generating the next block should be as efficient as possible to maximize dividends.
Transaction validation should be as quick as possible.

Solution:
Shareholders vote (off chain) on a trustee.
Trustee generates blocks every 30 seconds (or at will..... no need to require any particular rate)
If trustee is compromised or shutdown, shareholders can elect a new trustee by broadcasting their vote.
Once a new trustee has 51% of the shareholders support the network continues.

As a trustee you cannot double spend (you will be caught and fired).
As a trustee you cannot perform Denial of Service without being caught and fired.
As a trustee you cannot be coerced without being let go.

As a shareholder this maximizes your value (dividends, transaction speed, no potential of forks).

A trustee is not a paid position and requires almost no resources to run.  A trustee could even operate behind a tor node.

The result is like a 'constitutional company' where the laws are entirely defined in the constitution and the 'president' can be recalled at any time and has almost no power even when in office.

This same process can be used to resolve when a hard fork goes into effect.   

Thoughts?

Does this have the potential to delay the release of ME/XTS/Lotto/DNS .? I assumed the end of March for the first DAC (ME) to be released... 

anyone to comment on this?