"Rep" or "Reputation" is the currency that is owned by the members of the oracle. If you want to participate in the oracle, you have to buy rep from someone who already has it.
Augur's security model says that the rep owned by the oracle has to be worth more than all the outstanding shares in all the markets that the oracle judges over.
As Paul Sztorc talks about in this essay: http://www.truthcoin.info/blog/pow-cheapest/ The cost of locking up 1/2 of all the coins is very expensive. It is as expensive as the interest rate applied to the locked up coins.
My hope is that it is possible to use rep worth 1 to judge over markets worth 100. A > 1/100 ratio. Is my dream impossible?
Here is the reasoning Augur is using the justify their > 1/2 ratio: If the oracle lies, the value of rep will drop to zero. The oracle will only lie if the profit exceeds how much they lose in rep. The maximum profit is smaller than the value of all the outstanding shares. You can only steal one side of a bet, bets that are very unequally probable are most profitable to attack.
His central argument: when miners allow the creation of a sidechain, they need to use the same caution as a soft-fork. Support for this argument: * Since oracles are paid by trading fees, sidechains create a free-rider problem. Participants on the sidechain can bet in hivemind markets without paying fees. * It is possible to make a sidechain for stealing bitcoins from the main chain.
His arguments apply to alt-coins in the same way they apply to sidechains. It is impossible for bitcoin miners to stop someone from creating an altcoin.
At this point it would seem that blockchain prediction markets are an impossible goal. Anyone can make an altcoin to ruin it for everyone. Read a little more, hope is not lost.
Here is a meme illustrating Paul's contradictory claims.
Flying Fox is being designed under the assumption that Truthcoin dominant assurance contracts do solve the free rider problem. So we don't collect fees from gamblers at all. Instead, a dominant assurance contract is used to raise money to pay the oracle to make a new market.
===Focusing on the "sidechain steals 1% of coins" problem.
If bitcoin was a flavor of delegated proof of stake consensus, like Flying Fox, then the sidechain attack to steal 1% of the coins would fail. If some miners started participating in an attack like this, the users would stop delegating power to those miners. Ambiguity isn't enough to protect the miners. Users will demand the miner include a transaction from the designated frozen list. Failure to comply means the miner will lose their power. Even if there is only a 10% chance that a miner is participating in an attack, that would be enough justification for people to stop delegating power to that miner.
Paul has made a very convincing argument for adding DPOS characteristics to blockchain consensus.
I heard that Augur was using some other algrithm instead of SVD.
making SVD deterministic, and having it be a part of an erlang release for flying fox is very difficult. Existing SVD algorithms use mutable lists, which erlang does not have. The C version isn't deterministic.
So I rolled something similar to SVD that is easy to write in erlang.
I let oracle participants choose between 4 things. true/false/need more time/bad question.
I use the weighted mode to decide which of the 4 is correct.
Next I calculate new weightings for each oracle participant. Every question they got wrong lowers their power to 9/25ths what it was before. Unless they choose "need more time" and the outcome was true/false, or if they choose true/false, and the outcome was "need more time". In those cases their power only lowers to 3/5ths what it was before.
I use the new weightings to re-calculate the outcomes of each decision. This is the final outcome.
Is this a reasonable alternative to SVD? Are there any negative repercussions to doing this? Should I have the constant 3/5ths be a variable based upon the number of things they are betting on or the number of oracle participants?
I was involved in augur's development, and will own some of the REP when it launches. I want to sell it for bitcoin now. We can use a 2 of 3 multisig like Hedgy as our escrow, so you don't have to trust me. I am willing to lock up some of my bitcoins too, to show you I am not wasting your time.
a state channel is like the channels that make up the bitcoin network, but they contain arbitrary state. The 2 participants of the channel can make bets with each other without wasting space on-chain.
Before this new discovery, if there was a dispute the entire contract is published on-chain, and computed over.
With this new design, only a single word of the code gets revealed, and a single moment of state. If the code is X words long, closing the channel involves log(X) transactions.
This new design for channel state will allow us to do more intense computations. Opening up the possibility for anti-arbitrage smart markets like koeppelmann suggests. It will be affordable to compute intense SVDs off-chain.
Maybe it is time for bitcoin hivemind to move the oracle resolution off-chain.
As Vitalik explains on his blog: https://blog.ethereum.org/2016/01/15/privacy-on-the-blockchain/ "The requirement of trust on the participants is also an onerous one; note that, as is the case with many other applications, the participants have the ability to save the data and then collude to uncover at any future point in history. Additionally, it is impossible to tell that they have done this, and so it is impossible to incentivize the participants to maintain the system's privacy; for this reason, secure multi-party computation is arguably much more suited to private blockchains, where incentives can come from outside the protocol, than public chains."
Truthcoin oracles will not work. There is an attack that costs very little. Bribe the oracle participants to lie. Commit to paying them dependent on the attack failing. They will all lie for you, and you don't have to pay any of them.
I know several dozen people who will honestly tell me whether they filed taxes, and facts about how they filed in the last few years. With this information, I could train an oracle to report on facts about arbitrary people's taxes. Once such an oracle exists, it becomes possible to offer a new type of insurance. People who don't like taxes would buy this insurance. To continue getting coverage, they have to reduce how much taxes they pay. If the IRS tries to punish them for refusing to pay enough, then the insurance will cover the cost.
Once we train an oracle to report on who the IRS is punishing, then this insurance can be 100% on the blockchain, There will be no central authority who could turn it off. Anonymous traders will offer insurance coverage because they expect to make a profit.
The American book publishing industry is worth more than the movie and music industries combined. The average college student spends over $1000 a year on books. Most college students prefer to torrent their book when it is available. Most books are not available by torrent. Why would someone go through the effort and risk of uploading a torrent when they don't get any benefit? Truthcoin changes the rules. A dominant assurance contract can be created to pay the person who uploads the torrent.
I have implemented 5 separate blockchain so far to discover how to best build truth coin.
1) Basiccoin is a proof of work blockchain written in python. It has an advanced difficulty retargeting algorithm. 2) augur-core is a proof of work blockchain on top of basiccoin that implements a simple version of truth coin 3) slasher is a proof of stake blockchain written in python. 4) FlyingFox is a proof of stake blockchain written in elixir that has some parts of truth coin. 5) flying fox is a blockchain written in erlang that implements the lightning network. It has a scripting language that will allow us to write truth coin bets off-chain, and even judge the outcome of bets off-chain. It has a new proof of stake method optimized for the lightning network.
Truthcoin is partially able to stop front running at this time. It's current solution is inefficient.
The truthcoin whitepaper describes their answer to this problem on the bottom of page 40. It involves doing POW for every bet. People with the fastest computers will be able to trade faster, so this method funds the creation of miners, and encourages traders to make bets through those miners to bet faster, which means those miners will be able to see every bet before it is published.
The only solution to front running I like so far is to do a lightning bet through a hub. Some people have been incorrectly assuming that lightning bets use more liquidity than on-chain bets. This is not true.
At DEVCON1 today in London, a guy named Jeff Coleman gave a talk explaining how we can use IPFS to make weak subjectivity secure. He calls his technique "universal hash time".
If someone has a block from 4 months ago in a proof of stake chain, then they should be able to prove that the block was available before other information that became available 3.8 months ago. We can examine the merkel tree to know that order that information became available.