[Bitcoin-development] Coinbase reallocation to discourage Finney attacks

Mike Hearn mike at plan99.net
Thu Apr 24 07:58:42 UTC 2014

On Thu, Apr 24, 2014 at 12:06 AM, Alex Mizrahi <alex.mizrahi at gmail.com>wrote:
> Different approaches have different trade-offs, and thus different areas
> of applicability.
> Proof-of-work's inherent disadvantage is that it takes some time until
> transaction becomes practically irreversible. On the other hand, it has
> advantages like neutrality, censorship-resistance, high degree of security,
> etc.

Sure, they have different tradeoffs. My assertion is this:  the costs and
disadvantages that come with building what is in effect an entirely
parallel and separate system for stopping double spends, are much much
worse than making simple tweaks to strengthen the mechanism we already have.

Put another way, the cost/benefit ratio of this proposal seems much better
to me than the alternatives.

> In this case you get benefits of both approaches.

You also get the costs of both approaches, which are extremely significant.

 Censorship-resistance is irrelevant when one buys a cup of coffee with his
> pocket money, isn't it?

That's like saying banks can't censor you because you can always withdraw
all your money in cash. But in practice:

   1. That's a huge pain in the ass so nobody does it
   2. Many merchants will refuse non-trivial payments in cash and demand
   bank money because it's simpler for them

Analogously, having to wait some large expiry period to extract your money
from the "double spending prevention service" (a.k.a. bitbank) is a pain in
the ass, and many merchants would refuse to take your newly double
spendable money even if theoretically they could, because it keeps their
operations much simpler if they can just assume a sale is final and can't
be reversed.

So I think such a scheme would rapidly return to the a world that looks
much like the one we have now.

> For some reason, instead of considering these hybrid solutions (which can
> also address scalability problems), you want to make PoW-based system more
> complex to be applicable for real-time transaction too.

The complexity overhead is trivial - we already used coinbase scriptSigs
for voting on P2SH, I'm sure it'll be used for voting on other things in
future too. So that's already in place. Counting up votes and editing the
UTXO set is the sort of patch one guy can create, it's not very big. And
it's conceptually just the same as what miners can do today by re-orging
out blocks, but with much less impact on end users and less implementation
complexity (no giant reorgs that might themselves have to split recursively
whilst they're being built).

On the other hand, building an entirely separate system, with separate
trusted companies that have trusted brand names, adding support to all the
wallets, getting all sellers on board, making everything use an extended
BIP 70 (as that's the only real way to implement it), trying to explain to
users why they're now expected to pay extra fees when they previously
didn't and then discovering that you got a choice of only a handful of
double-spend-preventers everyone could agree on with little potential for
more .... that's hugely complex and messy.

> This will, likely, weaken advantages provided by PoW

Why? Remember deleting coinbases with nothing more than a simple majority
is already possible in the existing protocol and always has been.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140424/e9fea46d/attachment.html>

More information about the bitcoin-dev mailing list