[bitcoin-dev] Why Satoshi's temporary anti-spam measure isn't temporary

Eric Lombrozo elombrozo at gmail.com
Wed Jul 29 12:03:45 UTC 2015


> On Jul 29, 2015, at 4:15 AM, Mike Hearn <hearn at vinumeris.com> wrote:
> 
> Irrelevant what term was used - and as brilliant as Satoshi might have been at some things, he obviously got this one wrong.
> 
> I don't think it's obvious. You may disagree, but don't pretend any of this stuff is obvious.
> 
> Consider this:  the highest Bitcoin tx fees can possibly go is perhaps a little higher than what our competition charges. Too much higher than that, and people will just say, you know what .... I'll make a bank transfer. It's cheaper and not much slower, sometimes no slower at all.
> 
> And now consider that in many parts of the world bank transfers are free.
> 
> They aren't actually free, of course, but they appear to be free because the infrastructure for doing them is cross subsidised by the fees on other products and services, or hidden in the prices of goods sold.
> 
> So that's a market reality Bitcoin has to handle. It's already more expensive than the competition sometimes, but luckily not much more, and anyway Bitcoin has some features those other systems lack (and vice versa). So it can still be competitive.
> 
> But your extremely vague notion of a "fee market" neglects to consider that it already exists, and it's not a market of "Bitcoin users buying space in Bitcoin blocks". It's "users paying to move money".
> 
> You can argue with this sort of economic logic if you like, but don't claim this stuff is obvious.

100% granted - it was not obvious…and we speak today with the benefit of hindsight.

I’ll clarify my argument, for the sake of anyone who thinks I’m looking to play word games rather than trying to figure out a good way forward.

Point is…processing blocks requires computational resources that someone needs to put up. Unless the people who are putting up these resources are properly incentivized to continue doing it, the network will fail.

Unfortunately, it was unforeseen that most nodes on the network would turn out to not be miners…and that most miners wouldn’t even run full nodes. Yes, I speak with the benefit of hindsight, had I been discussing this in 2008 I very well could have made the same mistake or worse. But it isn’t 2008, it’s 2015…and we’ve learned a thing or two since.

Given that things are what they are, it is clear that larger blocks externalize costs onto the rest of the network.

Waiting until we can no longer count on the altruistic goodwill of volunteers because they suddenly decide that they have better uses for their computers is probably not such a wonderful idea. But even worse is further burdening the network with externalized costs before we’ve solved these important issues…especially given the evidence that larger blocks tend to lead to network forks. No, I’m not talking about regular run-of-the-mill reorgs…I’m talking consensus forks - a network partition that cannot be reconciled without manual intervention, so please don’t distract the issue. Yes, each incident occurred for a very different reason…but you’d have to be blind to miss the correlation between bigger blocks and the propensity for forks.

What Satoshi might have thought in 2008-2009 is fascinating from a historical perspective, but his early pioneering insights don’t appear to be of much help in addressing these particular issues.

> Nobody threatened to start mining huge blocks given how relatively inexpensive it was to mine back then?
> 
> Not that I recall. It wasn't a response to any actual event, I think, but rather a growing realisation that the code was full of DoS attacks.
> 
> 
> Guess what? SPV wallets are still not particularly widespread…and those that are out there are notoriously terrible at detecting network forks and making sure they are on the right one.
> 
> The most popular mobile wallet (measured by installs) on Android is SPV. It has between 500,000 and 1 million installs, whilst Coinbase has not yet crossed the 500,000 mark. One of the most popular wallets on iOS is SPV. If we had SPV wallets with better user interfaces on desktops, they'd be more popular there too (perhaps MultiBit HD can recapture some lost ground).
> 
> So I would argue that they are in fact very widespread.
> 
> Likewise, they are not "notoriously terrible" at detecting chain forks. That's a spurious idea that you and Patrick have been pushing lately, but they detect them and follow reorgs across them according to the SPV algorithm, which is based on most work done. This is exactly what they are designed to do.
> 
> Contrast this with other lightweight wallets which either don't examine the block chain or implement the algorithm incorrectly, and I fail to see how this can be described as "notoriously terrible".
> 
> 
> I understand that initially it was desirable that transactions be free…but surely even Satoshi understood this couldn’t be perpetually self-sustaining…and that the ability to bid for inclusion in blocks would eventually become a crucial component of the network. Or were fees just added for decoration?
> 
> Fees were added as a way to get money to miners in a fair and decentralised way.
> 
> Attaching fees directly to all transactions is certainly one way to use that, but it's not the only way. As noted above, our competitors prefer a combination of price-hiding and cross subsidisation. Both of these can be implemented with tx fees, but not necessarily by trying to artificially limit supply, which is economically nonsensical.
> 
> 
> We’re already more than six years into this. When were these mechanisms going to be developed and tested? After 10 years? 20? Perhaps after 1024 years?(https://github.com/bitcoin/bips/blob/master/bip-0042.mediawiki <https://github.com/bitcoin/bips/blob/master/bip-0042.mediawiki>)
> 
> Maybe when there is a need? I already discussed this topic of need here:
> 
> https://medium.com/@octskyward/hashing-7d04a887acc8 <https://medium.com/@octskyward/hashing-7d04a887acc8>
> 
> Right. Turns out the ledger structure is terrible for constructing the kinds of proofs that are most important to validators - i.e. whether an output exists, what its script and amounts are, whether it’s been spent, etc…
> 
> Validators don't require proofs. That's why they are validators.
> 
> I think you're trying to say the block chain doesn't provide the kinds of proofs that are most important to lightweight wallets. But I would disagree. Even with UTXO commitments, there can still be double spends out there in the networks memory pools you are unaware of. Merely being presented with a correctly signed transaction doesn't tell you a whole lot ..... if you wait for a block, you get the same level of proof regardless of whether there are UTXO commitments or not. If you don't then you still have to have some trust in your peers that you are seeing an accurate and full view of network traffic.
> 
> So whilst there are ways to make the protocol incrementally better, when you work through the use cases for these sorts of data structures and ask "how will this impact the user experience", the primary candidates so far don't seem to make much difference.
> 
> Remote attestation from secure hardware would make a big difference though. Then you could get rid of the waiting times entirely because you know the sending wallet won't double spend.
> 
> 
> Yes, let’s wait until things are about to break before even beginning to address the issue…because we can “easily create” anything we haven’t invented yet at the last minute.
> 
> bitcoinj already has a micropayment channel implementation in it. There's a bit of work required to glue everything together, but it's not a massive project to start using this to pay nodes for their services.
> 
> But it's not needed right now:  serving these clients is so darn cheap. And there is plenty of room for optimising things still further!
> 
> 
> I’m one of the very few developers in this space that has actually tried *hard* to make your BIP37 work. Amongst the desktop wallets listed on bitcoin.org <http://bitcoin.org/>, there are only two that have always supported SPV (or at least I think MultiBit has always supported it, perhaps I’m wrong). One is MultiBit, the other one is mine. I give you credit for your work…perhaps you could be generous enough to extend me some credit too?
> 
> MultiBit has always supported it. I apologise for implying you have not built a wallet. I think yours is mSIGNA, right? Did it used to be called something else? I recognise the website design but must admit, I have not heard of mSIGNA before.
> 
> Regardless, as a fellow implementor, I would appreciate it more if you designed and implemented upgrades, rather than just trashing the work done so far as "notoriously terrible", Satoshi as "not a systems architect" and so on.
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150729/8e1ccf9c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150729/8e1ccf9c/attachment.sig>


More information about the bitcoin-dev mailing list