drivechain

Previous topic - Next topic

zack

Paul Sztorc made this video about how blockchains can interact destructively.
https://www.youtube.com/watch?v=2OOKgTSrITs&list=PLw8-6ARlyVciMH79ZyLOpImsMug3LgNc4

His central argument: when miners allow the creation of a sidechain, they need to use the same caution as a soft-fork.
Support for this argument:
* Since oracles are paid by trading fees, sidechains create a free-rider problem. Participants on the sidechain can bet in hivemind markets without paying fees.
* It is possible to make a sidechain for stealing bitcoins from the main chain.

His arguments apply to alt-coins in the same way they apply to sidechains.
It is impossible for bitcoin miners to stop someone from creating an altcoin.

At this point it would seem that blockchain prediction markets are an impossible goal.
Anyone can make an altcoin to ruin it for everyone.
Read a little more, hope is not lost.

=== Focusing on the "free rider" problem.

Paul has previously claimed that hivemind will solve the free rider problem in general. He talks about it on page 14 of the applications document: http://bitcoinhivemind.com/papers/3_PM_Applications.pdf

Here is a meme illustrating Paul's contradictory claims.


Flying Fox is being designed under the assumption that Truthcoin dominant assurance contracts do solve the free rider problem. So we don't collect fees from gamblers at all. Instead, a dominant assurance contract is used to raise money to pay the oracle to make a new market.

===Focusing on the "sidechain steals 1% of coins" problem.

If bitcoin was a flavor of delegated proof of stake consensus, like Flying Fox, then the sidechain attack to steal 1% of the coins would fail.
If some miners started participating in an attack like this, the users would stop delegating power to those miners.
Ambiguity isn't enough to protect the miners.
Users will demand the miner include a transaction from the designated frozen list. Failure to comply means the miner will lose their power.
Even if there is only a 10% chance that a miner is participating in an attack, that would be enough justification for people to stop delegating power to that miner.

Paul has made a very convincing argument for adding DPOS characteristics to blockchain consensus.

psztorc

A perfect likeness. : )

However, I do not see the contradiction. Conditional on prediction markets existing, one might use a type of market to address the free-rider problem.

X = Blockchain Prediction Markets Exist
Y = Use of PMs to (potentially) address FRP.

So I do argue that X --> Y.

However, in the presentation, I argue that a different free rider problem interferes with the use of blockchain oracles, which are required for blockchain prediction markets.

If we assume:

V = Permissionless Implementation
W = Blockchain Oracles are Possible

I do argue that V --->  not-W.

Since we all agree that W is necessary for X,

V --> not X
V --> not Y.

It's like saying that a sorcerer could use magic to keep himself alive forever. If he's dead now, for any reason, it doesn't matter what he *could* do if he were alive.

Nullius In Verba

zack

#2
To fund the oracle, we want a dominant assurance contract that succeeds if a certain amount of money is raised.
We don't need an oracle to create this type of PM.
The blockchain doesn't have to learn any meatspace information. It knows how much money was given to the crowdfund.
I think you can already do this type of crowdfunding with bitcoin.

If we make a PM that doesn't have an oracle, then it will be safe from FRP.
We can use this PM to bootstrap funding for oracle-powered PMs.

Couldn't anyone make an altcoin to commit these same attacks that you describe for sidechains?

psztorc

> We don't need an oracle to create this type of PM.
> The blockchain doesn't have to learn any meatspace information. It knows how much money was given to the crowdfund.

Yes, you do need meatspace information, to set the Schelling Indicator. Otherwise there's no way to control who gets the money.

> I think you can already do this type of crowdfunding with bitcoin.

Yes this is the Lighthouse project / Anyone-can-spend.

> Couldn't anyone make an altcoin to commit these same attacks that you describe for sidechains?

Yes, but the altcoin would not have sufficient mining power. This is discussed in the blog post "Oracles are the Real Smart Contracts".
Nullius In Verba

zack

Quote from: psztorc on May 20, 2016, 03:50:14 PM
This is discussed in the blog post "Oracles are the Real Smart Contracts".

The argument in "Oracles are the Real Smart Contract" seems to be about turing completeness, but the attack I am talking about doesn't require turing completeness at all. Any cryptocurrency that lets you make bets based off bitcoin/hivemind's state is good enough.

Quote from: psztorc on May 20, 2016, 03:50:14 PM
the altcoin would not have sufficient mining power.

Mining power doesn't matter. A government sponsored blockchain could be the attacker.
Their authority doesn't come from mining, it comes from law and enforcement and the format they accept taxes in.

For example, if Mexico decided to move the peso onto a blockchain, and they taught their blockchain to be aware of bitcoin and hivemind's state, then anyone in Mexico could make bets without paying trading fees.
The market cap of Mexican peso is high enough to be a problem.

Ethereum is popular today, but don't get too distracted by it. Anyone can make an altcoin.

Quote from: psztorc on May 20, 2016, 03:50:14 PM
Yes, you do need meatspace information, to set the Schelling Indicator.

One of us is confused about something.
Most types of crowdfund do need meatspace information. Because we usually crowdfund something in meatspace. Like having a new song written by a famous artist. We only pay the artist if the song actually gets written.
One type of crowdfund does not need meatspace information. If the crowdfund is a success just by virtue of the money having been raised, then we don't need any meatspace info. The blockchain already knows how much money was given to the crowdfund.

We can raise money to pay the oracle without collecting any trading fees.

psztorc

> The argument in "Oracles are the Real Smart Contract" seems to be about turing completeness, but the attack I am talking about doesn't require turing completeness at all. Any cryptocurrency that lets you make bets based off bitcoin/hivemind's state is good enough

Yes, you an use a Turing-Complete computer to make an Altcoin which is specialized for this purpose.

> Mining power doesn't matter. A government sponsored blockchain could be the attacker.

Only by offering prediction market services to the public.

(Mission accomplished!)

> One of us is confused about something.

It is you. The Schelling Indicator has nothing to do with "whether the event happened or not".
Nullius In Verba

zack

Quote from: psztorc on May 24, 2016, 01:11:10 AM
> Mining power doesn't matter. A government sponsored blockchain could be the attacker.

Only by offering prediction market services to the public.

(Mission accomplished!)

The oracles would lie if they aren't paid enough.
What mission would a lying oracle accomplish?

Paying the oracle by some method other than trading fees is important, because eventually there wont be trading fees.
One method to pay the oracles could be a dominant assurance contract.