Recent posts
#31
Design / Incentives / Game Theory / Re: drivechain
Last post by zack - May 24, 2016, 09:58:45 PMQuote from: psztorc on May 24, 2016, 01:11:10 AM
> Mining power doesn't matter. A government sponsored blockchain could be the attacker.
Only by offering prediction market services to the public.
(Mission accomplished!)
The oracles would lie if they aren't paid enough.
What mission would a lying oracle accomplish?
Paying the oracle by some method other than trading fees is important, because eventually there wont be trading fees.
One method to pay the oracles could be a dominant assurance contract.
#32
Design / Incentives / Game Theory / Re: A critique of paul's drive...
Last post by psztorc - May 24, 2016, 07:46:12 PM> What I'm arguing is that you can't get the former without the latter. In other words, people won't be able to start viable blockchain business without giving them access to everyone's laboratory.
You may be right about that. I don't think you are, but you might be.
If you *are* right, however, it will just mean that no one ever starts a research laboratory. Instead, people will start something like a lemonade stand. The result will be that decentralized oracles are simply impossible for everyone.
An biological analogy would be that, if cells cannot be forced to cooperate, we will never have multi-cellular life. We will just have single-celled life.
> Because the parasite oracle depends on the real oracle, the real oracle can charge as much as it wants. They can force entire industries to make smart contracts that collectively pay for the information they need.
The real oracle must work for free, if there exist any parasites. This is because the parasites can steal the labor of the real oracles, for free. So the equilibrium price is zero.
> The real target is companies and industries who can ABUSE brand and trust through economies of scale and aggregation of users. Amazon does this to it's suppliers, Twitter did this to it's datafeed partners, Facebook does it to it's users, Uber is starting to do this as well.
All of these companies are considered incredibly successful. They delivered high quality products and services to users at unbelievably low costs and tremendous convenience. These companies gave people what *they* really wanted. You seem to want to give them something else, like Google+, which they really do not want.
I don't really understand your Android Phone analogy. Many iPhone owners "jailbroke" their phones to install new apps, and the Google Play store moderates for content (as do the individual developers who write apps). Apps are constrained, by the operating system of the phone, and by the user's choices...one reason for this, is specifically to prevent the apps from interfering with the phone's core infrastructure or with other apps.
> So the miner judgement thing was just an aside - the real idea here was that no matter how good your forecasting is, it will fall EVENTUALLY to a black swan. Relying on prescreening for security is inherently a fragile system.
No forecasting is "required". If there are unforeseen problems, the sidechain is closed down. Given that this closing-down is inevitable, it is simply more efficient to try to anticipate problems. It is also futile to attempt attacks.
> This of course is entirely dependent on how far you granularize "something". As a reductio-ad-absurdum, you could use this argument to say that as long as an economy has a single company that could fail, the entire economy is considered fragile.
Don't you mean "antifragile"? If layer 6 is made of fragile units, layer 7 might be antifragile.
> Over time, we'll figure out which types of walls work, and which walls still give you interaction with the entire ecosystem WITHOUT exposure to the entire ecosystem's risk.
That is what I have already figured out. It didn't take that long. : )
Assuming that "Cryptocurrency" is the anti-fragile layer, that would imply that the individual crypto-currencies are the fragile layer. So, you are arguing that we should try this experiment of yours, allow it to potentially destroy Ethereum and Bitcoin, and then later start up a new 3rd thing "SztorcCoin" which follows my principles, and have it outcompete the failed Bitcoin and Ethereum.
I don't think that money works that way.
Instead, my vision is that sidechain-systems should be the competitors. Bitcoin's 21,000,000 coin units can compete with Ethereum's ~whatever Ether units. If you think that Bitcoin's sidechains aren't good, start up your own Alt-chain with better sidechains.
You may be right about that. I don't think you are, but you might be.
If you *are* right, however, it will just mean that no one ever starts a research laboratory. Instead, people will start something like a lemonade stand. The result will be that decentralized oracles are simply impossible for everyone.
An biological analogy would be that, if cells cannot be forced to cooperate, we will never have multi-cellular life. We will just have single-celled life.
> Because the parasite oracle depends on the real oracle, the real oracle can charge as much as it wants. They can force entire industries to make smart contracts that collectively pay for the information they need.
The real oracle must work for free, if there exist any parasites. This is because the parasites can steal the labor of the real oracles, for free. So the equilibrium price is zero.
> The real target is companies and industries who can ABUSE brand and trust through economies of scale and aggregation of users. Amazon does this to it's suppliers, Twitter did this to it's datafeed partners, Facebook does it to it's users, Uber is starting to do this as well.
All of these companies are considered incredibly successful. They delivered high quality products and services to users at unbelievably low costs and tremendous convenience. These companies gave people what *they* really wanted. You seem to want to give them something else, like Google+, which they really do not want.
I don't really understand your Android Phone analogy. Many iPhone owners "jailbroke" their phones to install new apps, and the Google Play store moderates for content (as do the individual developers who write apps). Apps are constrained, by the operating system of the phone, and by the user's choices...one reason for this, is specifically to prevent the apps from interfering with the phone's core infrastructure or with other apps.
> So the miner judgement thing was just an aside - the real idea here was that no matter how good your forecasting is, it will fall EVENTUALLY to a black swan. Relying on prescreening for security is inherently a fragile system.
No forecasting is "required". If there are unforeseen problems, the sidechain is closed down. Given that this closing-down is inevitable, it is simply more efficient to try to anticipate problems. It is also futile to attempt attacks.
> This of course is entirely dependent on how far you granularize "something". As a reductio-ad-absurdum, you could use this argument to say that as long as an economy has a single company that could fail, the entire economy is considered fragile.
Don't you mean "antifragile"? If layer 6 is made of fragile units, layer 7 might be antifragile.
> Over time, we'll figure out which types of walls work, and which walls still give you interaction with the entire ecosystem WITHOUT exposure to the entire ecosystem's risk.
That is what I have already figured out. It didn't take that long. : )
Assuming that "Cryptocurrency" is the anti-fragile layer, that would imply that the individual crypto-currencies are the fragile layer. So, you are arguing that we should try this experiment of yours, allow it to potentially destroy Ethereum and Bitcoin, and then later start up a new 3rd thing "SztorcCoin" which follows my principles, and have it outcompete the failed Bitcoin and Ethereum.
I don't think that money works that way.
Instead, my vision is that sidechain-systems should be the competitors. Bitcoin's 21,000,000 coin units can compete with Ethereum's ~whatever Ether units. If you think that Bitcoin's sidechains aren't good, start up your own Alt-chain with better sidechains.
#33
Design / Incentives / Game Theory / Re: A critique of paul's drive...
Last post by MattGoldenberg - May 24, 2016, 06:40:19 PMThanks for the reply Paul.
What I'm arguing is that you can't get the former without the latter. In other words, people won't be able to start viable blockchain business without giving them access to everyone's laboratory.
Because the parasite oracle depends on the real oracle, the real oracle can charge as much as it wants. They can force entire industries to make smart contracts that collectively pay for the information they need.
The analogy I've used is how open source allowed Google to credibly commit to not treating its smartphone partners the same way Apple did with its iOS ecosystem. Google couldn't do the same thing with Google+ against Facebook, because while open source allows a company to commit to keeping its software beneficial to the ecosystem, it doesn't allow a company to credibly commit to keep it's data and user network beneficial. It was impossible to credibly commit to doing that until Ethereum came along. I can't do the argument justice in a forum post, but I go way in depth here: http://getcrystal.net/blog/index.php/2016/05/08/the-business-case-for-dapps-decentralization-as-a-strategy/
Yes, this is the scariest part of permissionless smart contracts.
So the miner judgement thing was just an aside - the real idea here was that no matter how good your forecasting is, it will fall EVENTUALLY to a black swan. Relying on prescreening for security is inherently a fragile system.
This of course is entirely dependent on how far you granularize "something". As a reductio-ad-absurdum, you could use this argument to say that as long as an economy has a single company that could fail, the entire economy is considered fragile.
Instead, I think what matters here is the level of "walls" that different parts of an ecosystem have that prevent them from collapsing when other parts of the system collapse. My point being, that with a permissionless system, we can test all sorts of different walls made of concrete, glass, mud, and air, some of which will essentially split the ecosystem into seperate fractal ecosystems. Over time, we'll figure out which types of walls work, and which walls still give you interaction with the entire ecosystem WITHOUT exposure to the entire ecosystem's risk.
[/quote]
Quote from: psztorc on May 24, 2016, 01:44:49 AM
A good metaphor is starting your own business. Anyone can start their own business, yes. But you should not be able to barge into someone else's pharmaceutical research laboratory and take photos of everyone's notes, and whatnot.
What I'm arguing is that you can't get the former without the latter. In other words, people won't be able to start viable blockchain business without giving them access to everyone's laboratory.
Quote
The parasite prevents the real oracle from scaling up -- it can only guard a small amount of value. So it will never truly be useful.
Because the parasite oracle depends on the real oracle, the real oracle can charge as much as it wants. They can force entire industries to make smart contracts that collectively pay for the information they need.
QuoteSo I think there's still a misunderstanding here. If you're still talking about restaurants, there's a fundamental disconnect. The real target is companies and industries who can ABUSE brand and trust through economies of scale and aggregation of users. Amazon does this to it's suppliers, Twitter did this to it's datafeed partners, Facebook does it to it's users, Uber is starting to do this as well.
One kind of trust is cheap for a computer to create, and extremely useful. The other kind of trust is extraordinarily expensive for a computer to create, and trustlessness would marginally add almost no effectiveness. Each day, people eat in restaurants without paying...until the very end. Or they purchase something online, and pay upfront (and wait -with trust- for it to be shipped).
The analogy I've used is how open source allowed Google to credibly commit to not treating its smartphone partners the same way Apple did with its iOS ecosystem. Google couldn't do the same thing with Google+ against Facebook, because while open source allows a company to commit to keeping its software beneficial to the ecosystem, it doesn't allow a company to credibly commit to keep it's data and user network beneficial. It was impossible to credibly commit to doing that until Ethereum came along. I can't do the argument justice in a forum post, but I go way in depth here: http://getcrystal.net/blog/index.php/2016/05/08/the-business-case-for-dapps-decentralization-as-a-strategy/
Quote
Oh, so you agree that there are problems? : )
Yes, this is the scariest part of permissionless smart contracts.
Quote
Miners do not need to "foresee all problems". They merely need to listen carefully to developers complaints, and refuse to incorporate anything which does not get widespread developer support. Because this filter would work, probably no malicious developer will bother trying to write anything which is clearly problematic.
So the miner judgement thing was just an aside - the real idea here was that no matter how good your forecasting is, it will fall EVENTUALLY to a black swan. Relying on prescreening for security is inherently a fragile system.
Quote
It is the reverse -- Taleb makes it very clear that there is a fractal structure: something can only be antifragile if it is made up of fragile pieces. So growth / complexity requires the ability to keep things removed (which will be harder for Ethereum than for Bitcoin Sidechains).
This of course is entirely dependent on how far you granularize "something". As a reductio-ad-absurdum, you could use this argument to say that as long as an economy has a single company that could fail, the entire economy is considered fragile.
Instead, I think what matters here is the level of "walls" that different parts of an ecosystem have that prevent them from collapsing when other parts of the system collapse. My point being, that with a permissionless system, we can test all sorts of different walls made of concrete, glass, mud, and air, some of which will essentially split the ecosystem into seperate fractal ecosystems. Over time, we'll figure out which types of walls work, and which walls still give you interaction with the entire ecosystem WITHOUT exposure to the entire ecosystem's risk.
[/quote]
#34
Design / Incentives / Game Theory / Re: A critique of paul's drive...
Last post by MattGoldenberg - May 24, 2016, 06:21:23 PM- Thanks for the reply Zack.
Quote from: zack on May 23, 2016, 06:41:29 PM
2) "bankrupting" isn't the failure mode we are afraid of. We need to pay the oracle enough, or it will lie.
All the rep in the oracle is sell-able all the time. If you can win X amount of money by getting the oracle to lie, and it costs Y amount of money to buy up enough rep to make it lie, and X>Y, then the oracle could profitably lie.
If there is a separate blockchain with a large volume of trading in parasite contracts, then the person doing the attack could earn money on both blockchains.
It sounds like Crystal and Hivemind are vulnerable to altcoin parasite contracts in the same way. Read some of my posts about it.
This is a more nuanced argument than Paul made in the video - I assume he was simplifying in order to reach a broader audience.
I have a few thoughts on this, but they're a little all over the place. Here are a few of them, and I'll have to think about this and get my thoughts in order before I can truly say one way or another whether this is a viable attack route:
- The true oracle can actually charge exactly as much as it needs to prevent this attack. It's profit's can't be undercut by a parasite contract, because the parasite depends in it getting paid, so it can charge enough to make entire industries enter into a smart contract to pay it.
- If someone is gaining money from this attack, then there's someone else losing money on the other side of the attack. This creates a bidding war for reputation in these types of attacks- those who stand to lose money from the truth vs. those who stand to gain. Just like in a prediction market, this means that the cost of the attack gets driven up to where it will almost always be unprofitable.
- Crystal has several mechanisms to make it incredibly expensive to sell and use reputation dishonestly.
For instance, if someone buys reputation who obviously shouldn't have it (based on recommendation algorithms), then the community takes a significant cut of that reputation.
In addition, bought reputation is "deactivated". Deactivated reputation can't be used to make money *in contest* and is also influence limited based on HonestyPoints, a separate identity based reputation (based on a Sybil-resistant version of Eigentrust) that can't be traded. The only way to reactivate reputation is to participate honestly in enough contests after the reputation is bought. If an account is caught being sold (instead of selling through the official channels) that account can be deactived and all it's reputation coins returned to the community.
These types of protections of course don't make attack impossible, but they make it significantly more expensive to buy reputation dishonestly. This in turn turns the bidding war above in favor of people who plan to use the reputation honestly.
QuoteJust like bitcoin, I see on-chain smart contracts being used to settle disputes, whereas offchain channels are used in the day-to-day. Crystal plans to implement the first version of this in the form of a "shadowchain", which is calculated offchain using a reputation system, and then only run onchain if somebody pays to check the results.
5) True. Permissionless implementation makes it much less fragile.
Ethereum style smart contracts is not how permissionless implementation will be standardized. Smart contracts belong in the channels. Storing state on-chain is unnecessary and expensive.
P.S. What is up with these Captchas? No idea what that last letter says.[/list]
#35
Design / Incentives / Game Theory / Re: Paying the oracle
Last post by psztorc - May 24, 2016, 01:45:53 AM> Even if there are zero trades and zero trading fees, the oracle still gets paid to judge on the outcome.
Not enough.
Not enough.
#36
Design / Incentives / Game Theory / Re: A critique of paul's drive...
Last post by psztorc - May 24, 2016, 01:44:49 AMCool. Thanks for engaging. I will watch it later tonight.
> 1. You can't have permissionless innovation without permissionless implementation, because innovation requires interaction with the market.
A good metaphor is starting your own business. Anyone can start their own business, yes. But you should not be able to barge into someone else's pharmaceutical research laboratory and take photos of everyone's notes, and whatnot.
> 2. The parasite contract attack can't succeed at bankrupting the real oracle, because it requires the real oracle to always get paid.
The parasite prevents the real oracle from scaling up -- it can only guard a small amount of value. So it will never truly be useful.
> 3. The type of trust you're talking about (trusting that the system won't fail) is different than the type of trust Ethereum is going for (trusting that people won't control the system for their own gains). Both types of trust can be created with blockchain technology, and neither is the "right way" to use the technology.
One kind of trust is cheap for a computer to create, and extremely useful. The other kind of trust is extraordinarily expensive for a computer to create, and trustlessness would marginally add almost no effectiveness. Each day, people eat in restaurants without paying...until the very end. Or they purchase something online, and pay upfront (and wait -with trust- for it to be shipped).
> 4. The voting mechanism for smart contracts is a fragile way to prevent feedback loops, because it's impossible to foresee all problems beforehand. Furthermore, miners aren't chosen for their ability to foresee these problems, but instead for their computing power.
Oh, so you agree that there are problems? : )
Miners do not need to "foresee all problems". They merely need to listen carefully to developers complaints, and refuse to incorporate anything which does not get widespread developer support. Because this filter would work, probably no malicious developer will bother trying to write anything which is clearly problematic.
> 5. A permissionless smart contract system is antifragile because many defenses to feedback loops can be created, and over time only the good mechanisms will survive.
It is the reverse -- Taleb makes it very clear that there is a fractal structure: something can only be antifragile if it is made up of fragile pieces. So growth / complexity requires the ability to keep things removed (which will be harder for Ethereum than for Bitcoin Sidechains).
> 1. You can't have permissionless innovation without permissionless implementation, because innovation requires interaction with the market.
A good metaphor is starting your own business. Anyone can start their own business, yes. But you should not be able to barge into someone else's pharmaceutical research laboratory and take photos of everyone's notes, and whatnot.
> 2. The parasite contract attack can't succeed at bankrupting the real oracle, because it requires the real oracle to always get paid.
The parasite prevents the real oracle from scaling up -- it can only guard a small amount of value. So it will never truly be useful.
> 3. The type of trust you're talking about (trusting that the system won't fail) is different than the type of trust Ethereum is going for (trusting that people won't control the system for their own gains). Both types of trust can be created with blockchain technology, and neither is the "right way" to use the technology.
One kind of trust is cheap for a computer to create, and extremely useful. The other kind of trust is extraordinarily expensive for a computer to create, and trustlessness would marginally add almost no effectiveness. Each day, people eat in restaurants without paying...until the very end. Or they purchase something online, and pay upfront (and wait -with trust- for it to be shipped).
> 4. The voting mechanism for smart contracts is a fragile way to prevent feedback loops, because it's impossible to foresee all problems beforehand. Furthermore, miners aren't chosen for their ability to foresee these problems, but instead for their computing power.
Oh, so you agree that there are problems? : )
Miners do not need to "foresee all problems". They merely need to listen carefully to developers complaints, and refuse to incorporate anything which does not get widespread developer support. Because this filter would work, probably no malicious developer will bother trying to write anything which is clearly problematic.
> 5. A permissionless smart contract system is antifragile because many defenses to feedback loops can be created, and over time only the good mechanisms will survive.
It is the reverse -- Taleb makes it very clear that there is a fractal structure: something can only be antifragile if it is made up of fragile pieces. So growth / complexity requires the ability to keep things removed (which will be harder for Ethereum than for Bitcoin Sidechains).
#37
Design / Incentives / Game Theory / Re: drivechain
Last post by psztorc - May 24, 2016, 01:11:10 AM> The argument in "Oracles are the Real Smart Contract" seems to be about turing completeness, but the attack I am talking about doesn't require turing completeness at all. Any cryptocurrency that lets you make bets based off bitcoin/hivemind's state is good enough
Yes, you an use a Turing-Complete computer to make an Altcoin which is specialized for this purpose.
> Mining power doesn't matter. A government sponsored blockchain could be the attacker.
Only by offering prediction market services to the public.
(Mission accomplished!)
> One of us is confused about something.
It is you. The Schelling Indicator has nothing to do with "whether the event happened or not".
Yes, you an use a Turing-Complete computer to make an Altcoin which is specialized for this purpose.
> Mining power doesn't matter. A government sponsored blockchain could be the attacker.
Only by offering prediction market services to the public.
(Mission accomplished!)
> One of us is confused about something.
It is you. The Schelling Indicator has nothing to do with "whether the event happened or not".
#38
Design / Incentives / Game Theory / Re: Hivemind Lightning Network...
Last post by psztorc - May 24, 2016, 01:08:07 AMYou are right that Ethereum can create parasite contracts.
I myself have written extensively about this.
But you said that:
> Because altcoins exists, and because you collect trading fees, lightning network introduces a flaw.
I don't see how the lightning network introduces a new flaw. In fact, it probably helps, because a lot of stuff happens off chain and with incentives for secrecy.
I myself have written extensively about this.
But you said that:
> Because altcoins exists, and because you collect trading fees, lightning network introduces a flaw.
I don't see how the lightning network introduces a new flaw. In fact, it probably helps, because a lot of stuff happens off chain and with incentives for secrecy.
#39
General / Re: Download error
Last post by zack - May 23, 2016, 10:47:03 PMI wanted to try it out on ubuntu again, and I ran into trouble. I can't remember how I fixed this last time.
configure tells me I need the bekeley db c++ libraries, so I tried to install like this:
sudo apt-get install libdb5.1++-dev
It looks like it isn't in the ubuntu software repository any longer.
configure tells me I need the bekeley db c++ libraries, so I tried to install like this:
sudo apt-get install libdb5.1++-dev
It looks like it isn't in the ubuntu software repository any longer.
#40
Design / Incentives / Game Theory / Re: A critique of paul's drive...
Last post by zack - May 23, 2016, 06:41:29 PM1) This is true
2) "bankrupting" isn't the failure mode we are afraid of. We need to pay the oracle enough, or it will lie.
All the rep in the oracle is sell-able all the time. If you can win X amount of money by getting the oracle to lie, and it costs Y amount of money to buy up enough rep to make it lie, and X>Y, then the oracle could profitably lie.
If there is a separate blockchain with a large volume of trading in parasite contracts, then the person doing the attack could earn money on both blockchains.
It sounds like Crystal and Hivemind are vulnerable to altcoin parasite contracts in the same way. Read some of my posts about it.
4) I agree with the voting mechanism being fragile because it can't adapt. You are right, miners are selected for computational ability first. Ability to censor is secondary.
5) True. Permissionless implementation makes it much less fragile.
Ethereum style smart contracts is not how permissionless implementation will be standardized. Smart contracts belong in the channels. Storing state on-chain is unnecessary and expensive.
2) "bankrupting" isn't the failure mode we are afraid of. We need to pay the oracle enough, or it will lie.
All the rep in the oracle is sell-able all the time. If you can win X amount of money by getting the oracle to lie, and it costs Y amount of money to buy up enough rep to make it lie, and X>Y, then the oracle could profitably lie.
If there is a separate blockchain with a large volume of trading in parasite contracts, then the person doing the attack could earn money on both blockchains.
It sounds like Crystal and Hivemind are vulnerable to altcoin parasite contracts in the same way. Read some of my posts about it.
4) I agree with the voting mechanism being fragile because it can't adapt. You are right, miners are selected for computational ability first. Ability to censor is secondary.
5) True. Permissionless implementation makes it much less fragile.
Ethereum style smart contracts is not how permissionless implementation will be standardized. Smart contracts belong in the channels. Storing state on-chain is unnecessary and expensive.