Page 1 of 1

A few thoughts - Monday, August 11, 2014

Posted: Mon Aug 11, 2014 9:23 pm
by Steve Sokolowski
Good afternoon! A few thoughts for dinner tonight:

Finally, some progress

It looks like there is finally some progress being made to address network efficiency. A "Technical discussion of Gavin's O(1) block propagation proposal" is going on at http://www.reddit.com/r/Bitcoin/comment ... _o1_block/. It seems as if I am not the only person who believes this development is very significant.

I hadn't appreciated this for the genius that it is. I saw the parts about reducing bandwidth for uploaded blocks and thought that was a good enough reason to implement the proposal. But it turns out that there is an interesting twist that can come out of this. If you don't have to upload the transactions a second time in every block that is mined, then why upload a list at all? In fact, why not simply make the default to include every transaction that is available, and then only submit differences from that list? The actual implementation is more complicated, but the idea changes the entire concept of the network.

While everyone else viewed the task as figuring out how to deal with increasing block sizes, Andresen came along and entirely bypassed the problem. It's a great example of overcoming existing thinking and coming up with entirely new assumptions. These are the sorts of ideas that will cause bitcoin to rise out of its current slump and resume its march towards widespread acceptance.

/u/lifeboatz thinks that it will take 6 months for implementation of this proposal, but I'd propose that experience is so important that he could implement it in one month. lifeboatz is correct in suggesting that testing will take much longer. If implementation requires x time, then testing is probably 6x, and political discussion to reach agreement is likely 18x.

After implementation, I think that what Andresen has done will be viewed as a significant breakthrough in computer science. He has demonstrated a way, when there are two copies of the same data across a network, to agree on a subset of the data with trivial bandwidth. If implemented successfully, the algorithm can be used for many other applications - like online video gaming, for example.


About spam

Right now, everyone assumes that the problem has always been how blocks can be propagated across the network efficiently, and the key to that was always to raise transaction fees high enough to cut out spam. What transactions are spam has been debated by a lot of people and is a sticking point for many of these arguments about how to make blocks bigger. But once you make it the default to include all transactions nodes have received, then there isn't much danger in including "spam." The "spam" transactions need to be received by every client anyway, even if just to determine they are spam and not include them in blocks. Spam costs money to send.

I think it's worth demonstrating how "spam" (which can also be called microtransactions) is a non-issue, even now, let alone in the future.

Let's suppose that we have 100MB blocks, which are filled entirely with transactions that have a fee of 10 satoshi, which is worth about $0.00006. You could send nearly 200 of these microtransactions before you would lose even a single cent to fees. Presume the transactions take up 256 bytes each. The total fees earned in this block would be about $23.40. A hard drive costs about 3.77 cents per gigabyte today, which makes 100MB worth about 0.37 cents. If there are 7000 nodes in the bitcoin network, then the total cost of all the 700 gigabytes in copies is about $25.90. Therefore, with today's technology, the blockchain storage for such transactions can be paid for with fees of $0.00006 using /u/gavinandresen's new method.

Of course, we can expect storage to decrease in cost, so in two years, blocks could be 200MB in size, and in four, 400MB, and so on. In just 10 years, 10-minute blocks can contain 3.2GB in "spam" and the transaction fees would be equal to the cost of the storage. Note that bandwidth costs are not relevant to these calculations because there is nothing we can do to stop people from using our download bandwidth, even if we don't want to receive the data. Bandwidth is what is called a "sunk cost."

There are some problems with these calculations: for example, node operators don't earn any fees; miners do. But since large banks and hedge funds are going to be the miners of the future, and these are the same people who have an incentive to run fast nodes, they will have a shot at winning these fees by mining.


Some mistaken ideas about decentralization

Expanding the network means giving up on the idea that everyone will be able to run a node at home in their basement without using specialized equipment. Even if Gavin's algorithm were implemented under the conditions where all transactions are included by default, it would still be possible for someone with just a few thousand dollars to set up a node. On the other hand, there will be a point where people who have laptops they want to use to install Bitcoin Core will be unable to do so.

A decentralized network is immune to interference, while a centralized network is more efficient. Bitcoin will probably end up somewhere between the two. There will be many nodes run by companies with powerful computers. The lower number of nodes will make the network faster, and as long as the number doesn't go too low, it still cannot be shut down by anyone. The goal should be to create the maximum amount of centralization that can be attained without introducing a risk of takeover.


A note about VISA

People keep mentioning VISA's transaction volume as something that bitcoin needs to be able to achieve. That is limited thinking. Bitcoin has the potential to make types of transactions possible that VISA cannot handle, like microtransactions for only a few cents. Saying that VISA has 1,000 transactions per second is irrelevant. The bitcoin network needs to be able to handle 100,000 transactions per second or more, because there will be new use cases that VISA doesn't handle, and which aren't possible with VISA.


Altcoins moving to avoid ASICs?

There are a lot of altcoins appearing nowadays that believe they can be "more secure" by using an algorithm that does not have ASICs (yet). Their creators believe that, by forcing miners to use CPUs or GPUs, then anyone will be able to mine, making the network more secure. This idea is flawed for many reasons.

First, using general purpose CPUs to secure a network is dangerous, because there are so many of them that can be repurposed for a brief period at minimal cost. For example, someone could rent a supercomputer for a few hours, and destroy every single altcoin that doesn't have ASICs protecting it. After the attack, the supercomputer is put back to its other work, so the only cost is the rental fee. The same person can rent the supercomputer a second time and perform the attack again, should the creators of the coins reissue their blockchains. If ASICs were required to destroy these coins, the attackers would have to spend a lot more to buy up all the ASICs, the price of which would skyrocket as supply dwindled (note that a pool with different miners cannot execute such an attack, because miners will leave the pool, so one person needs to buy up all the equipment). Then, his or her investment would be worthless after someone produced newer, more efficient ASICs. Even if it were possible to make an "ASIC-resistant" coin, then it is too easy for people to buy up a batch of CPUs and destroy hundreds of coins with 50 different algorithms.

But that assumes that it is possible to design an "ASIC-resistant" coin, which it is not. It is always more efficient to implement something in hardware than it is to do it in software. Even if the ASICs are only 1.2 times as fast as the CPUs, people will still buy them because they can make more money. Any coin that succeeds will have ASICs produced to mine it. My prediction is that within a year, we will start to see ASICs for other algorithms, like scrypt-n, scrypt-jane, x11, and so on.

The other way that new coins try to avoid ASICs, which aren't a bad thing in the first place, is to be 100% proof-of-stake. Since proof-of-stake causes the rich to get richer, a proof-of-stake economy reduces the incentive to buy anything and concentrates power. To earn money in a proof-of-stake system, you have to leave your node online all the time. But since doing that costs electricity and hardware, you need to be earning enough money to justify the odds of running the node. Since many POS coins pay 1% interest per year, and a typical computer and router and cable modem might consume 100W, I computed that at 7.79 cents per Kwh it costs $73/yr to run the node (but it might also cost $100/yr in hardware costs, for a $300 initial outlay depreciated over 3 years). To make $173 in one year at 1% interest, a POS miner needs to hold and not spend $17300 just to break even! That's an absurd figure - who would invest so much money in an altcoin that could go down the tubes when the much safer stock market has made an average of 7% for the past 100 years?

There is no innovation in the altcoin world when it comes to algorithms or mining. Bitcoin's SHA-256 mining is still as good as anything else out there, and it has the benefit of simplicity.


Other

* **Days until the initial New York comment period ends: 28**