[Bitcoin-development] blind symmetric commitment for stronger byzantine voting resilience (Re: bitcoin taint & unilateral revocability)

Peter Todd pete at petertodd.org
Wed May 15 11:19:06 UTC 2013

On Wed, May 15, 2013 at 12:25:09PM +0200, Adam Back wrote:

Protocols aren't set in stone - any attacker that controls enough
hashing power to pose a 51% attack can simply demand that you use a
Bitcoin client modified to provide the attack with the full transactions
from the beginning. Any blocks containing transactions with unknown
contents will be attacked into oblivion.

On the other hand if the "attacker" has less than 50% of the hashing
power, they have no choice but to let other blocks through, and provided
miners are free from regulation imposed on them you can bid to get your
transactions mined with fees. Anyone using a blockchain-based
crypto-currency simply has to accept that mining is a random process and
getting a transaction confirmed is inherently unreliable.

> So in a previous mail I described a simple, extremely efficient and easy to
> implement symmetric key commitment that is unlinkable until reveal time (at
> bottom).  I think this can help improve the byzantine generals problem, that
> bitcoin only defends to simple majority (with one vote per CPU power), and
> so assumes most nodes by cpu power are honest.  With this simple protocol
> change you dont need any honest nodes, just some honest clients to spend to,
> to have your transaction accepted.  

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20130515/4fd75dd9/attachment.sig>

More information about the bitcoin-dev mailing list