[Bitcoin-development] My thoughts on the viability of the Factom token

Brian Deery brian at factom.org
Fri Mar 20 05:46:18 UTC 2015

Greetings mailing list.

Not sure that this content is 100% appropriate here, but Peter Todd
invited me to post this for archival purposes.  The original thread
has been removed from the search results, but is still up here:

I have added more thoughts too.


> The idea behind Factom is to create a proof-of-publication medium where facts for some purpose can be published

That is only part of the story.  Factom is attempting to make a
publishing platform which is simultaneously censorship and spam
resistant.  This is what makes Bitcoin magical, and what Factom is
trying to accomplish.  Last Summer, I went down the road that you are
going down and kept coming up with a system that was susceptible to
either one or the other.  I gave the entities you described the
glorious name **Compaction Service Providers** (CSP) and even wrote
about it [here](https://github.com/FactomProject/FactomDocs/commit/2791c51917e3ecc65dc52bfc434ca6dec0b3a1fd)
back when we were Notarychains.  With free entry of CSPs, censorship
would be limited, but the entire system would get spammed quickly, and
there would not be a good way to accurately locate the data you
needed.  Without free entry, once a specific CSP (or proofchain
packager) was selected by a network, the CSP could selectively censor
within that network.  Lock in effects would be strong, so switching
the entire network over to a new CSP would be expensive.

The CSPs (and Proofchain packagers) could "exclude, delay, or reorder
the customer's timestamped entries".  This is fine as long as the CSP
doesn't have an incentive to do these things.

You claim that proofchains packagers will be the very business that
issues a stock.  Since stockholders are trusting the company to return
dividends in the first place, the trust can be expanded to managing
all the stock trades too.  In my mind, the company who issues the
stock still may game the system they control for their personal
benefit.  What is needed is a scalable disimpassioned 3rd party.
Something of the scale where if the company president calls up and
says "Delay these disfavored parties" that the packagers tell him his
company isn't big enough to push them around.

I think **Factom sits in a sweet spot between** your proposed
**centralized** solution **and** Bitcoin's anonymous membership
authority set (**Proof of Work**).  The Federated servers must
cooperate to move Factom forward, but like Bitcoin, require a majority
to effectively censor a transaction.  It is a whole lot easier to
censor with Proofchains.

>The issue is if the Factom servers ever publish a Factom ledger anchor in the Bitcoin blockchain but don't make the data available you have no way of proving...

Yes, to this point, Factom being forked is way worse than seizing up.
The Federated servers are constantly watching their peers and keeping
them honest.  Since we have a defined majority instead of an anonymous
membership set, if one Federated server goes rouge, the honest
majority will all place the correct anchor.  You will see 1 anchor
where someone is maybe trying to defraud you, and 31 anchors that have
the correct data.

> Those servers are voted in by a (quite complex) consensus algorithm

I had considered merge mining, but your [arguments against
in reference to sidechains is compelling.  Without a majority of
miners, then the system is vulnerable to consensus attack.  We gain
the non-reversability by placing anchors in bitcoin without needing to
recruit mining pools.

We could have gone to proof of stake, but then someone who funded it
early on would have a disproportionate say in how the system was run.
Since we have the two step payment process, we can leverage that to
determine who is actively participating in the system, and let them
determine who sets policy.

>but ultimately they are trusted third parties that can break your ability to prove your Factom-secured records are honest

We are making the system so that it is visible if someone is trying to
do this, and the other members fight against it.

>skipping step #3 and the dependency on trusted third parties

But what you are proposing is a single trusted third party.

>is you have to pay transaction fees to do it
>we need Bitcoin transaction fees to rise greatly
I disagree.  Bitcoin is optimized for proving a negative over the
domain of Bitcoin value transactions.  Lets take a closed system like
Counterparty's current implementation.  To prove the negative (that an
asset has not been sent to someone else first) you need to parse the
entire Bitcoin blockchain looking for Counterparty transactions.  One
of two things will happen soon.  The 1MB limit will be raised, or not.

* Raised blocksize.  In order to see if your Counterparty asset was
doublespent, you will need to parse through many terabytes of Bitcoin
transactions to find the few MiB of Counterparty transactions.  You
would also need to wade through all the other embedded protocols like
Omni, ProofOfExistence.com, and all the others in your search for
Counterparty transactions.  Factom is setup so that interpreted
protocols like Counterparty do not need to wade through all other
protocol's data.

* Block limit stays.  Each Bitcoin transaction becomes expensive.
Each transaction might rise to $5, $10, $15, who knows.  Distributions
to asset holders would cost hundreds or thousands per dividend.

>I'm very skeptical about the long-term viability of Factom and the value of the Factom token.
>tl;dr: For the Facom token to rise in value we need Bitcoin transaction fees to rise greatly

You are making economic statements with technical arguments to back
them up.  I think the economics and technicals are not as tightly
bound as you imply.

Factom is trying to be a censorship and spam resistant disimpassioned
3rd party, like Bitcoin.


I like to think in audited vs interpreted protocols.  Think Bitcoin vs
Counterparty.  Bitcoin won't let an invalid transaction into the
system.  Counterparty filters out invalid transactions after the fact.

Proofchains are good for audited protocols where there is a
predetermined auditor.  There is a gatekeeper who only adds in valid

Factom is good for interpreted protocols.  A user's software will
filter out transactions which do not pass a ruleset that they agreed

Both are immutable and serve as proof of publication (POP).  Sure the
POP in Factom is more complicated, but the publishing powers are

On the bitcoin wizards
phantomcircuit seems to have gotten close, the conversation resolved
with Alice burning her house down.

There are applications where proofchains will work just fine.  If you
are securing your own blockchian for your own data, proofchains will
work.  You are not worried about censoring yourself.

If two rivalrous institutions are sharing a blockchain, then giving
one of them exclusive power of making the blockchain is undesirable
for the non-authoritative institution.  No need to discuss that
arrangement anymore.

With threshold multisig, now multiple institutions would need to
cooperate amongst each other to create a communal blockchain. In this
example, a majority of keyholders can directly censor the minority.
The minority might have recourse like in Szabo's property club blog
post to fork the chain and start an alternate system, but if the
minority is too small, then the network will not jump to the fairer

OK, lets move authority to an industry group.  For something like
property records, it is shown to work in a centralized model.  Making
that model immutable with proofchains will certainly work.  Property
records are highly gated as of now at the county seat.  Transitioning
the county property database to a proofchains based POP will work.
They are audited records, and the auditor is predetermined.  They
already have censorship powers, and would in Factom too.  The only
difference would be that in proofchains an invalid record would not
exist, and in Factom, an invalid record would exist, but not be signed
by the county.

As the individual players in a system become more numerous and less
powerful, it becomes harder to have a disimpassioned industry group.
This is similar to politics where we see dispersed costs and
concentrated benefits.

Lets jump to the end and try to imagine how Counterparty would run on
proofchains.  Who would be the one to package the transactions?  The
counterpart devs can censor now, by updating the software to blacklist
certain addresses.  They are already the predetermined auditor.  The
Counterparty Foundation could package the transactions in a
proofchain.  The difference to me lies in how easy it is to censor.
It feels harder to censor by baking specific blacklists into the
software than keeping a blacklisted party from ever publishing at all.
One is very visible and the latter maybe not as much.  (Something like
proofchains is how I initially imagined Mastercoin and Counterparty
would work, since it seems silly to have every transaction be a BTC
transaction too.  I underestimated their desire for censorship

In the end it comes down to the data being published, and how/when it
is audited.  Proofchains prefilters data and couples the auditor with
the packager.  Factom allows the users to choose how they audit data
independent of the packager.  How much power do you want to invest in
one entity?  Factom allows splitting of those powers.

-Brian Deery
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150320/5cfde684/attachment.html>

More information about the bitcoin-dev mailing list