Also a good time to point out that there are energy efficient blockchains that work differently from bitcoin -- not all crypto is as power hungry (some use disk space, or memory, or even just the tokens themselves to replace bitcoin's proof of work model).
Heat generation really is the stupidest way of doing things. With things like storage, at least you can reuse it after the fact.
Tho, all these systems require some ressource scarcity and will inherently maintain/promote scarcity. This is completely unacceptable in the coming years. People don't realize how much we need to cut back on natural ressource extraction and energy expenditure. Out whole world is build on massive mineral and energy debt. E.g. natural cycles do not allow for biomass generation for food and energy on today's scale. It's simply impossible, the math doesn't check out. See peak phosphorus or dive into the viability of bio-plastics. If we don't tap into some unlimited energy source soon, we have to massively cut back in everything we consume. It's madness to use any unnecessary energy or resource on crypto finance, when there are more energy efficient alternatives.
Heat generation is the only way we know to get the fairly robust security guarantees we need. Proof-of-stake and other “efficient” schemes have vastly worse security properties.
Financial security isn't worth anything in face of extinction. Bitcoin inherently works against human prosperity. No matter the riches we achieve, PoW will take a massive cut.
Please, play it through in your head: What would happen to the PoW system, if we achieve almost infinite energy proliferation? E.g. some scifi space solar energy harvesting. Don't you see how Bitcoin works against our future?
Do you mean "capitalism" as in the dogmatic belief an unregulated market will somehow manage human needs to their benefit?
Yeah, I think that's an extremely ignorant and outdated ideology. Which is evidently progressing towards human extinction.
Optimizing towards the metric of monetary reward/economic growth is just horribly disconnected from human welfare.
There is also the fallacy of assuming all things interchangeable for market dynamics when in reality some things running out means "down-regulating demand" by killing off most of the population, e.g. phosphate rock.
Capitalism isn't set up to get us two cookies later. There is just no incentive for the market to give a fuck about humans. It's like the "stamp making AI" thought experiment. Or the attention optimizing algorithms mindlessly destroying political culture. Oversimplified metrics spiralling out of control.
Tho, economists have realized this and most markets are recognized to fail without regulation for their inherent nature. E.g. housing, water, electricity, education, ...
C'mon dude, any day now it will become profitable to stop exploiting natural resources, house the homeless, and build towards a future where we aren't completely replaced by robots (see dominos, see boston dynamics, see fruit picking robots)....any day now...bum da ba dum if you believe in magic... /s
It can be both in different ways. You're stuck in either or thinking.
And keep in mind, capitalism (when working properly) is supposed to find minima. Not create further barriers to getting things done. The group that gets the job done at the highest output:input ratio for as long as the problem they are solving is relevant was the intended optimization point. Irrational markets being what they are, this frequently does not converge as planned.
Capitalism's search for minima isn't linked to human welfare tho. Therefore the minima may or may not align with humanity's long term interests. Right now the system seems on track to optimize for our extinction.
Without regulation, most essential markets fail humans.
And finally an ancap "free market economy" was the default state of the world and the whole of human history has been the struggle to overcome/refine that stake based hell.
How secure is Bitcoin? How secure does it need to be? Can we put a number on any of these - are we at the optimum security level now? Are we maybe at 150%?
Thats why the only cryptocurrency that really appeals to me now is Chia with its Proof of Space. Not zero power usage, but better, and I like the design goals and its approach.
Chia’s consensus mechanism, while probably the cleverest of non-PoW mechanisms (their white paper explains why most Proof-of-Whatever mechanisms besides proof-of-work are broken), is pretty sketchy. Their reliance on “time lords” seems to be pushing a lot of the consensus mechanism towards hyper-centralization. It’s complicated enough that I can’t spot exactly what the weak point is, but that in itself is pretty concerning.
I don't think there are any rewards for running Time Lords or any vulnerabilities inherent in them. Chia relies on VDFs and I think its just "altruistic" to run a Time Lord. I think Chia Inc. does and will continue to run most of them.
Chia is pretty complicated but I'm not sure its much more complicated than other cryptocurrencies. The complexity seems pretty inherent in them.
I assume you mean storage space. There you run into the same problem if you scale the system. The proof still needs scarcity in whatever storage is made of.
For many natural resources, the local concentration is key to viability. See phosphorus, or helium depletion. Once the reserves are gone, we cannot maintain our scale of production, as alternative extraction usually is too energy intensive to scale. Please consider this on an interdependent scope, where it all comes down to burning through the geological work of millennia as the fundamental ressource. 500 years ago, people were already hitting the limits of ecological sustainability where they settled and back then all of earth was home to something like 500 million people.
Maintaining just the food production for 7 billion humans is gonna be an overbearing challenge the next years. Anarchocapitalist delusions have no future.
That's my point. Phosphorus is also plenty around. Yet it's practically unobtainable. We depend on phosphorus rock for our food production. There is no way around it.
The person you replied to mentioned some random project no one has heard of, what are you talking about here?
You went on a rant that started barely connected and ended up talking about food production for 7 billion people (which is currently happening by the way since there are about 7 billion on earth).
> Heat generation really is the stupidest way of doing things. With things like storage, at least you can reuse it after the fact.
For what it's worth - something like a house heating unit could easily be done by a coin miner, and there have been such projects presented on Reddit and HN before.
Yeah, except the days of mining bitcoin in your closet are long over, and a substantial part of the energy budget for the datacenters we're actually talking about is cooling.
This doesn't matter at all. It's a flaw in principle, which will sooner or later manifest. This is the case for any definition of "work" the system encodes, that comes down to the fatalistic reductionism of "increasing entropy". At some point your house becomes an oven, while the systems starts folding random amino acid chains.
'Work' cannot be losslessly reduced to heat generation and market value does not represent contribution to human welfare.
It's the fallacy of conflating correlation with causation, when the free market economic systems aligns with human interests for a moment. And PoW crypto currencies aim for giving up all governance control to this fallacy. Earth becoming absolutely oxidized into a lifeless rock a valid possible equilibrium for free market economic systems.
Isnt this kind of like saying we should bring back incandescent light bulbs so people will heat their houses with them?
Like, I appreciate trying to dual purpose energy use... but I dont see a specialized computer that pumps heat as practical. I'm pretty sure it's going to be wasted watts too instead of using a real heater. My 800w box doesn't generate anywhere near as many BTUs as a 600w ceramic box heater. Even though I may joke otherwise. While on hot days in Florida, there is a difference when it's on or off in a room... on the 5 actual cold days we get, it can barely keep my feet warm. When I lived in Colorado... Haha no. The little office I had with a buddy, there were 4 servers in a room, either rendering or doing video analytics crunching. They didnt do shit when ambient was 60f, plus our desktops. Using bitcoin miners as home heaters seems as practical as Juiceroo was to "fresh juice".
800 watts is not actually very much heat. A typical small space heater is 2000W. I have no idea what you intend by implying that 800 watts is not as many BTUs as 600 watts--watts are literally a measure of power, i.e. can be converted to BTUs per hour. And yes, all those 800 watts of power your computer draws do end up as waste heat [1].
> I'm pretty sure it's going to be wasted watts too instead of using a real heater.
That makes no sense. You literally cannot "waste" waste heat, unless you are venting it to outside or something. If your space is not getting warm enough, it's because your computer is not generating enough heat!
[1] only a very miniscule amount of the power consumed by a PC actually permanently flips bits on harddisks or SSDs or transmits bits across the network. These take extremely low amounts of power.
I know that in theory a heat pump can do better, but in cold enough climate it can't because one side collects condensation and freezes making it less than 100% efficient. So no, we can't do better.
I agree on everything you said, but I have the suspect that if we untapped an unlimited energy source that would quickly put a (near) expiration date on our civilization, and maybe on our planet. Scarcity is necessary to maintain balance.
It's unobtanium anyway. Not even fusion energy will give us that. Most technological salvation promises, ignore the reality of our massive overexploitation and fossil carbon dependency. We don't have the building material and energy left to bootstrap abundance.
However, the theoretical thought of a near infinite energy source inevitably pushing a PoRessource currencies system into finding (another) limitation again is outrageous. With all those free market edgelords in the cryptosphere, why don't they see the catastrophic flaw of dependency on scarcity? That's just insane. No matter the material/energetic efficiency technology will ever achieve, PoR will automatically counterbalance it.
It's full commitment into the long known failings of a free market economy. Giving up all control to the reward delay capacity of a toddler. A modern take on the easter island collapse on a holistic, global scale.
That’s true. But it’s important to point out that proof-of-work (PoW) is more decentralized than e.g. proof-of-stake (PoS).
For example, with PoW you only need a single honest node to arrive at the correct chain during initial sync. With PoS there is no such guarantee, since there’s no inherent way for a new node joining the network to decide which chain to pick when presented with two different, but equally valid, chains.
>But it’s important to point out that proof-of-work (PoW) is more decentralized than e.g. proof-of-stake (PoS).
The opposite is true in multiple aspects. PoW has infinite economies of scale which inevitably leads to total centralization as all miners but the most efficient one have to shutdown.
PoS can stay decentralized forever because new stakers arriving aren't going to make existing staking unprofitable, forcing them to shutdown, as actual running costs are negligible.
Regarding resistance to government interference aspect PoS absolutely demolishes PoW. Overwhelming majority of mining is done in big industrial warehouses owned by registered companies. They're trivial to find, very hard to relocate and easy to take physical control of.
In contrast, staking only requires a node, which could conceivably even be on a satellite, on a ship, or anonymized using tor or other anonymity network.
>For example, with PoW you only need a single honest node to arrive at the correct chain during initial sync
This argument doesn't make sense, from the start the user has to choose some specific chain and has to download node software for it. Even soft forks starting from the same genesis block may require a manual choice, as it's possible for old nodes to diverge from the new if majority of miners ignores the soft fork.
Chain names are not defined by code over medium to long term, but by dynamic social consensus.
I've been mining for about 4 years now (1btc/month and 35-40eth/month since March 2017), and this is the first time I've heard someone trying to say PoS would lead to MORE decentralization. To be fair, I don't regularly converse online with other miners. I mean, I see what your arguments are here, but I'm just not sure I agree.
Usually the only people trying to promote PoS are the ones who are financially well-off enough to buy the masternodes. You could make the same argument for mining -- to do it on any worthwhile scale you better be prepared to spend a minimum of $500k -- but "worthwhile" is subjective, and some people are fine only making a residual income off of their mining, because they feel like they are contributing to the "cause" -- to keep the network flowing -- amongst other reasons. Initially, I got started with mining out of pure idealism about decentralization, anonymous currencies, and the cypherpunk roots of it all. That turned into me making significant investments to mine on a larger scale. Maybe people doing it for those reasons will be less important as time goes on and it's more mainstream...I don't know.
My other business is legal MJ cultivation in California and Michigan, and it's the same thing in that industry -- the only people wanting, or not minding, the expensive licensing and startup costs in California are the well-financed companies who can afford it all, who can wait many years for profits if necessary. Everyone else wants a way for easy entrance in the market, low licensing costs, etc.
As for government interference, I was a "traditional market" operator for ~14 years in the MJ business, and have experience with avoiding scrutiny from the government. In fact, the issues with bitcoin mining are identical to that of growing marijuana on a large scale -- exhausting large amounts of heat, the intake of large amounts of fresh air or cooling BTU's, using large amounts of electricity, the need for good airflow in the facility, etc. With that said, you could structure your mining operation so that only a very targeted, focused investigation could find you -- it wouldn't be easy to "fish" and find it. For example, the main indicator would be the electricity usage, but there are tons of legitimate businesses that use far more electricity than a mining operation. Establish a business that is in that industry, buy a warehouse for that purpose, get your electrical installed, and then run all your miners through your own VPN or Tor (I've never tried to run them on Tor, because I was always worried about speed/connection problems.) They would see large electrical usage, yes, but that is normal for your registered business.
In this hypothetical government overreach scenario, hiding a mining business -- if you really had to -- wouldn't be any more difficult than hiding a large scale grow operation, or a meth lab, or anything illicit really. You just have to know what you are doing, but people have been doing this for decades and decades without problem.
> this is the first time I've heard someone trying to say PoS would lead to MORE decentralization.
As time goes by, the number of people holding a token goes up, and competition among the staking services goes up, which results in more decentralization.
Take for instance on Tezos, with better internet we can eventually get RPi connected to Starlink which can be installed by the users themselves and start staking.
As hardware technology progresses, PoW goes in the opposite direction. Initially anyone can mine, but later only the most specialized optimized hardware will mine irrespective of the number of people holding the token.
>Establish a business that is in that industry, buy a warehouse for that purpose, get your electrical installed, and then run all your miners through your own VPN or Tor (I've never tried to run them on Tor, because I was always worried about speed/connection problems.) They would see large electrical usage, yes, but that is normal for your registered business.
The comparison with illegal mj grow operation breaks down because long-term profit margins on mining collapse to very small percentages, so risking prison for that would be idiotic, especially as legal operators (that eg. enforce some government blacklists) would have lower running costs due to not having to pretend they are something else. In addition, contrary to a mj grow op, you have to order asics from Taiwan/China at least once every few years which would be very hard to hide (gpu mining is going away).
This even assumes that you can order profitable asics at all, indefinitely in the future. The market is structured in such a way that really big mining companies are incentivized to make their own asics - the design of a sha256 asic is relatively trivial (compared to pretty much all other chips) and ordering directly from TSMC or Samsung would save them a fortune. For all we know, it's already happening - it's not like any mining op has an incentive to tell.
The deciding factor is that in PoW a majority can force anything on a minority - smart regulation would enforce blacklists via orphaning once compliant miners achieve a comfortable hashrate majority, totally killing the non-compliant operations. Legal miners would have an enormous financial incentive to comply: orphaning a minority of hashrate directly increases their revenue.
In the most extreme case, states could start mining themselves to take control of the industry - something that's borderline impossible in PoS, because they would have to buy the staking tokens from the market, and there's simply not enough supply available at any reasonable prices.
Then there's the defense issue: assume a PoW chain has been captured in such a way. If the PoW algorithm relies on asics, users could fork to a gpu PoW, but there's no second move - nothing can be done to fork away hostile gpu miners, short of going away from PoW entirely. Potentially, this could be used to kill _all_ PoW blockchains - a state first makes enough asics to obtain a majority, then kills the chain by exclusively mining empty blocks and orphaning everything else, then repeats the process with gpus. The victory would be absolute and the cost would be in the low XX billions of dollars.
Right now there's really no reason for any state to attack as non-speculative use is very limited - but imagine that Iran somehow switches to bitcoin for all external trade and relies on its bitcoin stash to function. Suddenly an attack becomes a very realistic possibility.
Even if somehow some state controlled enough stake in a PoS system to censor everything, the defense fork can be repeated indefinitely - by deleting deposits of a hostile majority staker(s) on a community fork. For this reason, I expect decentralized PoS networks (those that can be run on home machines and without on-chain governance, not cloud-run DPoS or PoS networks with governance) to never be attacked in such a way - there's no way to truly win, short of total global surveillance I guess.
A blockchain is, fundamentally, a consensus mechanism which decides which transactions are valid.
Proof of Stake is self-referential; the parties with value at stake have value because the blockchain says they do. It's a perpetual motion machine. When the shit hits the fan (say, a controversial fork) the people who thought they had control ("stake") will learn who really makes the decisions WRT which blockchain is canonical. That would be the exchanges, and what they agree on will rule no matter who stakes what.
The reason Proof of Work works is because someone has to pony up the compute power.
> Well of course they have to determine it themselves otherwise they are centralized and dependent on a third-party.
PoW doesn't have that problem.
> Please expand on what you think is flawed and what are the downsides.
If I make a parallel version of the chain where I got all the mining rewards from block one and ended up with a majority stake, how do you decide between that and the other chain?
>For example, with PoW you only need a single honest node to arrive at the correct chain during initial sync. With PoS there is no such guarantee, since there’s no inherent way for a new node joining the network to decide which chain to pick when presented with two different, but equally valid, chains.
The reader will find dozens of suggestion in this thread about how coin X is more "efficient".
Note that efficiency would mean producing the same properties but with less resources. Not merely using less resources. While experimentation is certainly desired, it's a fallacy that any coin has actually reproduced bitcoin in a more efficient way.
To name a couple,
- Bitcoin had what some call an "immaculate conception" where there was no expectation that such a system would work in the first place and where the founder was anonymous. This creates a very different history in comparison with the founder led, pre mined, frothy market launches of today.
- Bitcoin has stood the test of time. With each year in production that passes, there is more confidence that the system and specific implementation is sound.
Once these other coins have stood in the market for 10 years straight and continued to retain the confidence in their protocol, the comparisons can start.
At which point, Bitcoin proponents will up the requirements again. This is an excuse people use to avoid talking about the fact that Bitcoin has spent the last 2-3 years consistently proving that it doesn't scale and that it is unusable as a currency.
> had what some call an "immaculate conception"
Or, it was a good first try that needs iteration now that we understand that hyper-deflation is a bad thing for a currency, now that we understand that pseudononymous addresses don't provide any real privacy guarantees at all, and now that we understand that transaction speed and cost has to be something that's optimized for early on in a coin's life and that those issues can't be fixed by pasting an ad-hoc, unproven non-blockchain solution on top of the coin 10 years later.
The weird, religious loyalty people have to reinterpreting Bitcoin's flaws as strengths is setting the entire crypto ecosystem back. If you want to appeal to 'stability', then banks have been around for centuries. But if you're trying to build something new, you're going to have occasionally innovate and iterate on the thing you're building.
> Or, it was a good first try that needs iteration now that we understand that hyper-deflation is a bad thing for a currency
in what sense is bitcoin "hyper-deflation"ary? i think you are thinking of the word "deflation" but i know that doesn't sound as smart
>The weird, religious loyalty people have to reinterpreting Bitcoin's flaws as strengths is setting the entire crypto ecosystem back. If you want to appeal to 'stability', then banks have been around for centuries. But if you're trying to build something new, you're going to have occasionally innovate and iterate on the thing you're building.
there is nothing stopping anybody from making something better, so go on
> there is nothing stopping anybody from making something better
They already did. Half the crypto ecosystem is already better than Bitcoin if you're trying to build a functional currency. We're talking about a coin that doesn't have any privacy guarantees, it's not exactly hard to improve on that.
When I talk about religious loyalty, what I'm getting at is that it turns out the Bitcoin ecosystem doesn't seem to care that much about stuff like privacy, and whenever anyone brings up Bitcoin's flaws, or the fact that it has been outclassed by other coins, suddenly the conversation is all about "stability" and the trust of having an old coin that hasn't fixed its problems in 10 years.
It turns out that having a fixed number of coins that fluctuate wildly in price is very bad for building a currency, but we have people on here arguing that it's a good thing. It turns out that PoW is unscalable and prohibitively expensive, which is a barrier to real decentralization, but we have people on here arguing that's a good thing. It's understandable that Satoshi didn't know in advance every problem, but it's not understandable that in all of the years since then, the Bitcoin community has largely failed to evolve or learn anything about the initial flaws that the coin had.
And this is honestly a tricky conversation to have because we have to keep dancing around the fact that Bitcoin is a speculative asset and that very little of the community cares about making a currency at all. But the community won't acknowledge that, so instead we get a lot of weird deflection around "stability" and we all have to pretend that the community is in good faith actually trying to create an alternative to cash, and that people genuinely believe that Bitcoin's tech is the best way to do that.
But obviously that's not what's happening. Nobody would really look at the state of Bitcoin and argue that it's best-positioned to replace traditional currency. It's worse than cash for privacy, it has higher transaction fees than almost any other payment method, it doesn't scale environmentally, and it takes 10 minutes to add a new block. But... it is for the moment an excellent speculative investment because the speculative market is irrational and doesn't care about technology. And the speculative market benefits from pretending that it exists for some kind of grand purpose rather than just as an end to itself, even if doing so makes it harder to accomplish any of the original goals behind the coin.
> It turns out that having a fixed number of coins that fluctuate wildly in price is very bad for building a currency, but we have people on here arguing that it's a good thing.
sorry, is that just because you say so? the success of bitcoin is the only thing i need to point to contra every point you make. if it's so bad, why does it work? maybe that won't always be the case, but so far the market has deemed it sufficient. nobody is making anyone use bitcoin, it's just the best schelling point.
btw, wrt privacy -- chaumian coinjoin has made great strides in popularity in the last year. it may not be zcash but it is still quite possible to use bitcoin in a private manner.
As a currency? It doesn't. Do people actually think that Bitcoin is succeeding as a currency right now? If you want to talk about the market deeming something sufficient, the market has broadly, almost universally decided that credit cards are preferable to cryptocurrency.
As a speculative investment? Because of what I said in my last paragraph.
> chaumian coinjoin
I've seen multiple vulnerabilities pop up with coinjoin wallets, plus the process costs extra money to do, plus it's not network-wide so the coins involved can still be blocked from future transactions. I don't understand why a community would go down that route when solutions like zero-knowledge proofs already exist and have a better track record. I mean, that's supposedly the whole thing with Bitcoin, right? Stability and security?
The single advantage that coinjoins have is that they don't require iterating on Bitcoin itself, which the community seems to be desperate to avoid. This is something that pops up a lot with Bitcoin-centered "solutions". We have coinjoin, because having a coin with real privacy guarantees would require iterating on Bitcoin and we can't have that. We have the lightning network (which also has serious privacy problems) because building a completely separate layer that operates off of the blockchain is preferable to the community over fixing the problems with transaction delays and fees in the coin itself.
> I don't understand why a community would go down that route when solutions like zero-knowledge proofs already exist and have a better track record
you don't understand why a community at a nash equilibrium wouldn't jump at the opportunity to break consensus? bitcoin is favorable because it is relatively speaking the minimum viable collection of traits needed to function as a cryptocurrency, reduced complexity leaves less attack surface. if zk proofs become obviously necessary or superior to cj because of coin blacklisting, people will switch to zcash or whatever else uses it, but in a world where regulators or businesses block cj'd coins, i don't know why you think zk coins would be any better off. in any case these alternatives still exist and people use them, so why does it even matter? if you're right, everyone will see and you will probably be rich.
> the market has broadly, almost universally decided that credit cards are preferable to cryptocurrency.
man in 1910: the market has universally declared horses superior to automobiles
Reduced attack surface only matters if the remaining surface is secure. Privacy-wise, the comparison here is that you've got a door with no locks, and you're arguing against putting a lock on it because "that'll make it more complicated, and then people will get in and steal my stuff."
There is no particular reason to be confident that coinjoins will protect your privacy in the long run. They've both broken in the past and they're easier to regulate than something built into the core design of the coin. This is a situation where you need a more fundamental guarantee, because Bitcoin at its current complexity level is not capable of protecting your privacy well, and I don't see strong evidence that coinjoins will solve that. You've got to put a lock on your door, even if it makes your door more complicated.
Even disregarding the fact that coinjoins are unproven, paying coordinator fees every time you want to make a private wallet is a bad solution anyway. Even if you could be confident that coinjoin wallets weren't going to leak information, you still wouldn't want a solution that had those fees, because we don't want a world where only rich people have privacy.
> at a nash equilibrium
I think the whole point of what I've been saying is that the nash equilibrium of Bitcoin is terrible. If the crypto market stays in the state it's in, it will not become a viable currency. So yeah, I don't understand why a community in a nash equilibrium where >50% of the network is subject to interference by the PRC, where transaction fees are spiraling out of control, and in which tracking is already a serious problem -- I don't understand why a community would be happy to stay in that state, complexity or equilibrium be damned.
That's what I've been saying. Bitcoin as it exists today is terrible, and making it better is going to require actual iteration, not just sitting around and trying to pump the market so somebody can buy a porche.
> why does it even matter?
Because some of us would like a functional, private, inexpensive online payment system at some point, and the entire crypto market is intertwined in the public eye, and silliness like speculative investing and NFTs distort that purpose and get in the way of other coins doing anything useful.
There's a reason why cryptocurrencies are now classified by the IRS as an investment. If you're trying to build a currency, then that's a bad outcome, but none of that matters if the only thing you care about is "becoming rich" instead of building something that's actually useful for the world.
> man in 1910: the market has universally declared horses superior to automobiles
Well OK, then don't act like 5-10 year temporary consolidation around Bitcoin means that the crypto market has decided that Bitcoin is the technologically superior option for a currency, rather than a temporarily valuable speculative asset. Particularly, don't act like Bitcoin prices prove its superiority during the same week that heckin Dogecoin prices spike.
You can't have it both ways here, either the market is always rational or it's not.
If the market is always rational, then credit cards are better than cryptocurrency in its current state. If the market isn't always rational, then speculative investment based on FOMO does not indicate anything about Bitcoin's quality as a tool for transactions.
People often say, BTC has stood the test of time. What was the test exactly. Test to see how many people are greedy? Test to see how much energy can be wasted? How much more can we pollute the environment ? How it can not be used as a currency ? Yes I see, it is still here. But in my view, it shouldn't be. There needs to be another way to solve ledger consensus, other than POW.
it's a fallacy that any coin has actually reproduced bitcoin in a more efficient way
It's a fallacy to consider bitcoin as an apriori better system than either traditional currencies or other coins when it has failed to achieve the hoped-for results.
I like Tezos. Its has a very interesting and developed smart contract technology stack: https://tezos.com/developer-portal
and is Proof of Stake. You can run a node on a cheap laptop.
First of all I want to preface my comment with the disclaimer that proof of stake is nonsense in many ways (vulnerable to coordinated bribery attacks - we don't know how to coordinate well enough to execute them yet but the math checks out, also plutocracy..)
However it is a pretty expedient way to get something out the door fast (it's literally the simplest form of anti-sybil you can make and a cryptocurrency is anti-sybil + consensus).
So given that we accept proof of stake as a good way to prototype different approaches then a cryptocurrency that meets you criteria is the avalanche cryptocurrency (AVAX).
The way it works is via "stochastic gossip", whenever there is a conflict (double spend or some kind of decision problem where a node is unsure what is reality) then a consensus "game" is started. The way the game works is that you sample some reasonable sample of peers in the network (say 30-40 peers) and ask them "is A or B the legal state of the world?", now an honest participant will naively believe whatever the majority decision is.
Due to how stochastic probability stuff works the network will converge if you repeat this game sufficiently often. The idea is that if the initial state is 60% think A is the correct transaction then after a few rounds (they do 17 rounds which is overkill, you get like nine nines of probability or something) the whole network will have come to that conclusion (each time you run a round of the game the majority will _probably_ grow, eventually only the byzantine nodes are still saying B and if they are not the majority then all conflicts are solved).
Now bear in mind, there are some drawbacks, if someone is stubborn or does the opposite of what they should then maybe they can have some outsized influence, but in general this works pretty well and you can have a _lot_ of nodes participate in the network (much much more than in nakomoto consensus due to the different nature of the consensus mechanism). Furthermore you get finality in 3 seconds (even with the 17 rounds) so that is also quite nice (if you want to reach VISA level of transactions...
A validator in the avalanche network doesn't need some crazy hardware either.. a raspberry pi is fine, the limitation is you need the machine to be online 80% of the time they stake for.
That is one solution. There are others. For example amoveo, which is proof of work BUT it solves the second order byzantine fault tolerance problem (also known as the "oracle problem") which means that you can account for externalities (like energy usage) and throttle the mining rewards or adjust parameters in response.
I am working on a very raw but next-gen project myself, it's called datalisp (I wrote a very bad "whitepaper" in one sitting a couple of weeks ago... it's at datalisp.is - there is a telegram channel.. we're trying to figure out a lot of hard problems and we'd rather show than tell so if the whitepaper is somewhat up your alley then there is a lot more elaborate stuff happening in the channel).
The point of what I am saying is: if we want to kill bitcoin then the simplest way is to just make a better solution and change the narrative around the whole scene. I hate all this nonsense proof of stake ponzi nonsense, if a cryptocurrency is well designed then there is no advantage from being an early adopter (i.e. we solve byzantine fault tolerance _AND_ tragedy of the commons).
Please don't shit all over those of us who want to solve hard problems in a good way just because there's a bunch of assholes trying to get rich quick.
The bribery can be solved with slashing and making it economically unviable to cede to bribery.
Regarding plutocracy, it depends on proof-of-stake vs delegated-proof-of-stake. In one, everyone can become a staker and earnings are spread to all, in the other, some stakers are elected and earnings will be concentrated to them.
Proof-of-work has inequality issues:
- economies of scale for those that have the capital to rent a power plant and a large datacenter in a location with cheap electricity and/or cheap cooling.
How is that pull request relevant to our chat here?
By the way I don't think it's a good argument to say that your job depends on proof of stake being secure and therefore it must be secure (or "therefore you would know if it wasn't").
The coordinated bribery attack can be done by having people stake on a different chain until a majority is reached and then softfork and slash the minority.
If you don't believe the attack will work why not collect the bribe (since the defecting can be done anonymously / out of band) and if you believe it will work then you'd rather be on the winning side.
^ This is a rough sketch of the argument. As I said, it's hard to implement since you need an oracle to decide whether to pay the bribe, so it can only be done if you have second order byzantine fault tolerance and a few constructs. I believe we will see such attacks in this decade though (but ofc it only works if the PoS network is actually decentralized and it will keep working until the network becomes centralized).
It's a relevant answer to your personal attack "I don't think you've studied how the attack would work."
My job is literally implementing proof-of-stake securely. Also when I work and implement an algorithm, I provide references and sources, which my PR is.
> The coordinated bribery attack can be done by having people stake on a different chain until a majority is reached and then softfork and slash the minority.
Changing the vote is a slashable offense in the Gasper paper (cited in my PR). https://arxiv.org/abs/2003.03052 A change of vote will be ignored and the validator will be deemed malicious and ejected.
I'm sorry you took offense. My intention was not to slight you, how can you have time to study everything in the world?
W.r.t. to the proofs in the paper, they happen within certain assumptions, assumptions that do not hold when the attack is as I described because the majority will be byzantine!
The key idea in the argument is not computer science but economics. If you can earn more we have to assume you will do that (charitable behavior exists but is not a good thing to rely on for security) the issue is that PoS is vulnerable to the tragedy of the commons in a similar way to democracy (the amount of influence each person has is small but time investment of being a rational voter big, hence it is rational to be ignorant - in PoS setting the idea is that you defecting is unlikely to change things so the bribe does not need to be big). Once you've obtained a majority you can censor the minority. How much you can do with your soft fork depends on the chain in question but in general the very fact that you can stop byzantine behavior works against you when the majority is malicious.
The reason we cannot do the same in proof of work is because of how expensive the bribes are.
Anti-sybil based in racing is hard to censor but when you start voting you can do bullying.
Regarding formal verification, you can formally verify the algorithm, implement it safely and still it will not work in the real world due to the game theory considerations. However bittorrent worked and that was largely charity. Similarily the data availability problem has not been a problem (e.g. all bitcoin blockchain is accessible even though there is no monetary incentive to make the archive accessible). While there is no way to exploit known vulnerabilities they may as well not exist.
From our exchange you have been appealing to authority but I suggest working through the math and looking at tragedy of the commons. Since you are intimately familiar with how proof of stake works you will be able to convince yourself one way or the other.
The "stochastic probability stuff" falls apart once ISPs discover they can profitably influence the consensus outcome by messing with packet arrival times between nodes.
Yeah that's an interesting angle. I believe the problem in the first place is forcing the network to come to global consensus. In my project the idea is to form "lazy consensus" (i.e. just enough consensus for everyone to have a consistent outlook on the world).
Datalisp is a data interchange format rather than a cryptocurrency though.. so it behaves a bit different.
Edit: To be a bit less standoffish and make my position clear.
You only need to form a consensus with the part of the network you are aware of. Datalisp leans into the properties of propagator networks (fully CP systems) to avoid needing to synchronize everyone eagerly.
Yeah, so if you look at some commentary around that paper there is a variant of the problem with "approximate agreement" that can solve for example the 3 person variant. This fits with the theory (really just a hypothesis at this point but actively worked on) that I have w.r.t. datalisp.
I'm not (yet) very good at probability theory so it's a bit slow going filling in the model I have in mind (that is; deciding the message format) but propnets are the correct framework to fit it into.
If you read the Avalanche paper, you'll see early on that all of its claims to being BFT stem from an assumption about the distribution of message arrival rates in the system. That is a very generous assumption that can easily be wrong. Also the original BFT literature makes no assumptions about the arrival times or even reliability of the network -- BFT constraints apply even if the network is 100% reliable. It only gets worse from there; 2/3 honest votes is the best you can do under ideal circumstances.
I am in no way trying to defend avalanche. I have been speaking from the standpoint of datalisp.
Again, the Byzantine generals problem of the paper is not an accurate description of what is happening in the datalisp network and does not apply except locally (in a 'neighbourhood' of the dispute) so it's not 2/3 of the whole network but rather 2/3 of the echo chamber that needs to agree...
Anyway you seem to be eager to dismiss off-hand so I am losing interest in debating with you as-is.
Could you please read our exchange from your first comment and tell me how you parse it?
From what I can tell; I agree with your dismissal of avalanche and offer an intuition for what may be the problem by contrasting it to my work-in-progress idea, then we have a series of back-and-forths where I consistently mention datalisp but never once talk about avalanche..
Regarding global agreement of state, yes it is not a criterion for datalisp. Datalisp approaches the network like a sheaf (locally consistent but globally not necessarily so) and uses the properties of propagator networks (which are fully CP, therefore they converge on a fixpoint) to reason about convergent consensus that executes lazily.
The casual dismissal of datalisp (as it stands) is that the message format for communicating your beliefs w.r.t. probability of signal-to-noise is not fully worked out yet and all we have is a series of heuristical arguments.
However, datalisp is a data-intechange format first and foremost and optimized for building authenticated datastructures. It is not specialized for cryptocurrencies per-se (since the focus is on second order byzantine fault tolerance).
This would be going a lot more smoothly if you could articulate which distributed systems properties, exactly, you intend datalisp to provide. So far, you're contradicted yourself at least once here:
> I believe the problem in the first place is forcing the network to come to global consensus. In my project the idea is to form "lazy consensus" (i.e. just enough consensus for everyone to have a consistent outlook on the world).
So, which is it? Not coming to global consensus and "just enough consensus for everyone to have a consistent outlook on the world" seem mutually exclusive.
Don't be afraid to lay down a bold system description, and don't hold back on the specifics. Not trying to brag, but I have a PhD in distributed computing, I work on a blockchain at my day-job (https://github.com/blockstack/stacks-blockchain), and I chair its governance process. I'm pretty sure I'll be able to understand a rigorous system design. But, I don't have very much patience for weasel-wording, pussyfooting, or hand-waving.
I had already looked at your profile so I am aware of your credentials.
In the original comment I mention my project and point to resources for learning more. I don't know why you think I am "weasel-wording, pussyfooting or hand-waving" when what is in fact happening is that we are having this discussion in a place that is not exactly optimal for writing pages and pages of explanations but rather for high-level discussion (which is necessarily brief on details but may link to resources).
I will be the first to admit that what I am doing is not fully worked out yet. Then again you are familiar with research work so you know things take a while to become polished enough to stand up to the "surface level scrutiny" even if the ideas may have merit from the beginning. The fact that I am working in the open and engaging people like you in discussion should not be considered "weasel-wording" or whatever slur you come up with.
You claim I am contradicting myself yet you do not elaborate on how so. I have already given you the argument for why it is not a contradiction (global consensus happens eventually due to convergence and "lazy" in computer science is another way to say "demand driven" - i.e. we converge as much as we need to in each "neighbourhood" of the network, the sheaf reference should further enhance your mental image of what is going on).
If you want to go into details with me and discuss things more thoroughly then I suggest you join the datalisp channel on telegram. I would be happy to hear your criticism and try to understand better in which ways I may be lacking. After all, what we all want is better systems of governance and if you are intrigued by this approach (or rather; high level description of a possible approach) then from my point of view our interests are aligned.
> But, I don't have very much patience for weasel-wording, pussyfooting, or hand-waving.
This was meant in a general sense; it wasn't an accusation. I apologize if it was interpreted otherwise.
I was hoping to see more about what distributed systems properties datalisp will be providing? It's fine if you're not ready, but if so, then maybe you could speak more to the specific problems you're trying to solve?
First we take canonical S-expressions (made by Ron Rivest for cryptographic signing) as the syntax of the "language" (again it's primarily a data-interchange format meant to be used to build distributed systems).
We enforce the restriction that the csexps must have versioned operators, that is (2:op1:0...) would be a the operation `op` and version `0`, the version is a natural number.
That's it for the data interchange format, now for the semantics of the language.
As I have been saying the primary idea is to use propagator networks (propnets). The name of datalisp comes from datafun which is an extension of datalog. Datalog is something you are probably familiar with, it's not turing complete and is a constructive logic programming language that uses "relations" and postulated "facts" to infer new "facts" - i.e. it builds out a transitive closure of sorts.
Datafun takes this and tries to extend it as much as possible without becoming turing complete, so rather than being limited to the boolean lattice of normal logic it uses any lattice and monotone functions, e.g. a propnet. However it tries to do type inference and be a "programming language".
One nice property of datalog is that the evaluation semantics coincide with the shortest vector path algorithm used to do routing on the internet, except datalog is declerative rather than imperative so it's an interesting way to do routing. The idea of datalisp is to make the "XPath of canonical S-expressions" be a datafun-ish language that can then also do the routing.
Now the reason this has anything to do with cryptocurrencies is based on the claim that the internet is a propnet where each place is a "max-signal lattice". The idea being that each user tries to put the computer into a state that most aligns with their intent (`max` over a total order - in this case ordered by "signal" - is a lattice), therefore they will not choose to persist messages that are spam i.e. messaging in the network is monotone (at the limit you have security and only choose to replace information if it rewards you with higher signal).
The goal of the datalisp network is to make this intuition concrete. There is a lot of details but this is the general gist.
So the anti-sybil mechanism in the network is called "proof of trust" we make participants in the network sign their messages and include a prediction of the signal-vs-noise of their message. Peers in the network will have a prior how much to trust the self-evaluation of this key that they then use to order the message.
Second order byzantine fault tolerance is a class of problems and the representative problem we try to solve (i.e. a "second order decentralization complete problem") is deciding whether to merge a patch and rebuild your system in a byzantine setting. If you can do that then you can of course also do a ledger that simulates some formal language. This is a fancy way to say we want a way to do updates in a distributed system with no single source of truth.
The consensus mechanism is based in lattice theory, we have "join consensus" which is a race of sorts, that is you can always merge a patch ahead of the network if you like (stay on the "bleeding edge" so to speak) and then there is a "meet consensus" which is based on the avalanche algorithm and is used to move up the bottom and collapse all patches (or more generally; metadata) into its state.
So the semantics of datalisp end up being something similar to "probabilistic datafun" if you are familiar with semi-naive datalog evaluation semantics then it's a bit like that except we also have a cutoff w.r.t. how much confidence we are willing to tolerate to use a fact / inference. Instead of programming datalisp in a text editor it is more like a graphql of sorts, it /is/ the internet, or rather it reifies the propnet datastructure. The reason we care so much about canonicality and consensus is so that we can take advantage of content addressing.
I have some ideas about building on top of this framework mixnets and simulations of different political systems, then the idea is to do composition via constant function market makers since they are convex and therefore solve the tragedy of the commons (local optimization is global optimization). Since the network is decentralized you can be byzantine, that is you can make your own identifiers in datalisp (each operator has an infinite namespace due to versioning, we use the probabilistic logic programming and metadata gossiping in the network to find out what schema the data is supposed to fit, if there is a namespace clash we form a local consensus to re-version one of the clashing names to the first unused version).
The properties of lattices allow you to "zoom out" of such echo chamber bickering.. this is how anti-sybil works...
There's a lot of ideas basically, I hope you can see the general picture of what I am planning.
> However it tries to do type inference and be a "programming language".
"tries to do"? It either does or it doesn't. If you're not sure which, then it doesn't. Let's not use weasel words and misrepresent what the system actually does.
> One nice property of datalog is that the evaluation semantics coincide with the shortest vector path algorithm used to do routing on the internet,
Routing on the Internet is famously not shortest-path, so I don't know how to interpret the rest of this.
> The idea being that each user tries to put the computer into a state that most aligns with their intent (`max` over a total order - in this case ordered by "signal" - is a lattice), therefore they will not choose to persist messages that are spam i.e. messaging in the network is monotone (at the limit you have security and only choose to replace information if it rewards you with higher signal).
You seem to be describing a system where anyone can submit as many messages as they want, but it's up to each node to decide which ones are worthy of consideration ("not-spam") and which ones are not ("spam").
Identifying messages as spam is a notoriously hard problem. It's not even truly solved with email, for example; Cory Doctorow's humorous checklist applies here: https://craphound.com/spamsolutions.txt
Which brings me to:
> So the anti-sybil mechanism in the network is called "proof of trust" we make participants in the network sign their messages and include a prediction of the signal-vs-noise of their message. Peers in the network will have a prior how much to trust the self-evaluation of this key that they then use to order the message.
This is not an anti-sybil mechanism in any sense of the word. If anyone can send arbitrary amounts of messages (of which an arbitrary amount can be spam), and run arbitrarily many nodes, then any attempt to predict the ratio of not-spam to spam messages is going to fail. Someone who wanted to break this system can choose how many nodes to run and how many spam/not-spam messages to send in order to trick other nodes into mis-classifying messages 100% of the time.
But, know that sybil-resistance is not the same as BFT.
> Second order byzantine fault tolerance is a class of problems and the representative problem we try to solve (i.e. a "second order decentralization complete problem") is deciding whether to merge a patch and rebuild your system in a byzantine setting.
Making up new words is a great way to confuse and annoy your readers. If you want nodes to decide whether to make forward-progress when other nodes can fail arbitrarily, you need Byzantine fault tolerance. There's a plethora of papers and real-world implementations of high-performance BFT agreement protocols. The language and data format has absolutely nothing to do with the agreement problem.
> The consensus mechanism is based in lattice theory, we have "join consensus" which is a race of sorts, that is you can always merge a patch ahead of the network if you like (stay on the "bleeding edge" so to speak) and then there is a "meet consensus" which is based on the avalanche algorithm and is used to move up the bottom and collapse all patches (or more generally; metadata) into its state.
It sounds like your nodes execute some kind of speculative execution for state-transitions that they somehow believe will be accepted by the network, even though they have no confirmation that they have or will. This is all well and good -- speculative execution of a happy path is a well-known design tactic. But that's not the hard part of distributed system design; the hard part is how to handle the case where the happy path is unavailable. What's the unhappy path look like?
> So the semantics of datalisp end up being something similar to "probabilistic datafun" if you are familiar with semi-naive datalog evaluation semantics then it's a bit like that except we also have a cutoff w.r.t. how much confidence we are willing to tolerate to use a fact / inference. Instead of programming datalisp in a text editor it is more like a graphql of sorts, it /is/ the internet, or rather it reifies the propnet datastructure. The reason we care so much about canonicality and consensus is so that we can take advantage of content addressing.
It sounds like your nodes have no way to actually agree with one another with any certainty, so I take this with a huge bucket of salt.
Alright, I realize that what I wrote out on the spot was quite hand-wavy. The devil is in the details, also I honestly am a bit perplexed why you are so insistent on not looking at the (terrible) paper but willing to invest in the discussion at all.
For example the spam comments; in the paper I mention a construction from a project called Vac that deals with this. Bandwidth can be throttled per node per epoch by leaking secret shares of a key that put up collateral.
Regarding shortest path; interesting, I thought it was. Guess I was wrong. Still it is a valid way to do routing and is how I'd intended to do it in the prototype network. The big idea of versioning the operators is to be able to converge on the desired semantics.
The reason I focus on the proof of trust part is because that is how a bunch of decisions are made (such as amount of bandwidth to allocate). You still need a bunch of other constructions to use this data.
The anti-sybil is not just anti-spam it is also about finding correlated intent and packaging that whole echo chamber up as an individual so that you can rate limit / adjust visibility. Major news from an uninteresting group may be more interesting than minor news from an interesting group.
Regarding "making up words" - there are precise definitions that I didn't reproduce because I figured you would want to hear a different narration than the one presented in the paper / the channel.
The way nodes participate in the network is by pinning content addresses and gossiping metadata about pins. At any given time the "commons" is made explicit because it is pinned by a bunch of nodes. The nodes build metadata on top of the bottom (commons), when a consensus is reached, i.e. there is some metadata that everyone has join-ed into their state, then we have a meet consensus and the pin can be moved.
You are still thinking in terms of first order BFT which is why your criticism is a bit.. off base. The network is not trying to start off automatic but rather manual and then discovered patterns will be automated once proven correct.
If you read (and understand) how the amoveo oracles work and look into the properties of prediction markets then you can see that this is actually a social network built on a data-interchange format that is optimized for building authenticated datastructures (i.e. amenable to automation of any first order problems that can be solved with MPC).
Edit:
W.r.t. Datafun "trying to" do type inference. Datafun is a research project, he has found most of the type inference rules but some are still missing. The language is not really usable as-is but it "tries to" be, carrying around two typing contexts (one for lattice types and another for algebraic types) and having modal subtyping and such things is complicated and hard to do well. Datalisp is less interested in such things and is closer to being a probabilistic datalog. Again, the versioning of operators is so that we can converge on desired semantics; the mvp is going to be using bayesian factors for inferences and odds of signal:noise for priors attached to facts, this is just for pragmatic reasons (easy to code / reason about) it is probably insufficient for the economic model and composition of prediction markets.
I haven’t evaluated and run the code for these 8 cryptocurrencies but the most energy efficient cryptocurrencies with the highest market caps are:
Stellar Lumens & Ripple: More centralized but that centralization means there no no wasteful proof of work needed
Tezos: like a cheaper version of Ethereum for NFTs. Already powered by proof of stake.
Polkadot: Many new coins are beginning to be released on polkadot’s proof of stake network just as they are on Ethereum’s network.
Binance coin- centralized and proof of stake. The whole Binance Smart Chain network is powered by just 21 nodes (validates) that stake about 3.5M of Binance coin.
Cardano - has a cool name and is powered by proof of stake. Has lots of PHD research papers but most of which are over my head.
Algorand- a fast and cheap new cryptocurrency that is powered by two different kinds of validator nodes, one centralized and the other decentralized.
Ethereum 2.0 - will probably take 2-3 years to migrate to proof of stake but once it does, it’s possible that many of the above cryptocurrencies will be rendered obsolete unless they’ve captured large amounts of the market before then.
All 8 of these coins/tokens should meet your standards of being efficient on all levels. When evaluating cryptocurrencies you’ll notice this pattern. The cryptocurrencies with the cheapest transaction fees tend to use the least amount of energy.
XRP and Stellar were the pioneers in this regard. Since about 2013 and 2014 respectively (or thereabouts). Such systems have negligible energy usage.
In general, anything using some flavour of Byzantine Fault Tolerance - of which there are a few - as a method of consensus, consumes very little energy for the payback.
If appropriately deployed (similar issue to PoW, decentralisation needs to be maintained) BFT-type consensus mechanisms also exceed the consensus security offered by PoW or PoS.
BTC and other PoW models are typically constrained by a 51% corruption of the network. BFT systems typically do better than that, as they often require numbers in excess of 50% to reach agreement (I believe I've seen around 80% - but it's been a while). The way the system usually works is it's constantly reassessing malicious nodes so it becomes difficult for a minority to gain a foothold to cause disruption. They also have the possibility to exhibit less destructive effects if breached (temporary network halt rather than network takeover).
Finally, in such systems modifications to the network protocols are voted upon democratically by participants on the network itself, and so far - at least in XRP's case - this appears to have worked well. Ripple has proposed a few changes that have been rejected by the network using this voting process, while others proposed by them or other participants have been approved and become part of the protocol.
XRP is whatever any holder wants it to be. If users hold it as a store of value instead of Bitcoin, your strange opinions have absolutely no dominion over that.
I'll second Algorand. Founded by Silvio Micali, Turing and Gödel Prize winner MIT prof who got a bunch of MIT people and now has probably solved the problems of speed, safety and energy consumption of the old blockchains. Check out their white papers if you're interested. I would also suggest checking out Hedera Hashgraph for a newer approach on distributed ledgers.
No scheme besides proof-of-work provides the same security guarantees as proof-of-work. Proof-of-stake, the most popular alternative, is vulnerable to attacks like “grinding” because casting conflicting votes doesn’t cost anything. The end result is a much less secure cryptosystem. Attempts to address this are still under active research, and may not be possible at all.
I would say grinding is a solved problem. We have practical constructions of verifiable delay functions now, e.g. [1] or [2]. (For anyone not familiar with VDFs or how they fit in with , I would recommend one of Dan Boneh's talks, like [3].)
Verifiable random functions are another good option -- unlike VDFs, they do allow some manipulation (e.g. the last miner in an epoch can influence one bit by skipping their block), but we've analyzed the effects and (with reasonable parameters) the advantages from manipulation are fairly negligible. We can also combine VDFs with VRFs, so if the VDF was somehow broken, security reduces to VRF security.
Also a good time to point out just because a product is technically superior doesn't mean it'll be adopted if it relies on network effects. There are a lot of sleazy heavily pre-mined crypto assets that are basically pump and dump
To call out one I heard about recently, Chia is doing proof of space and time. Computationally heavy to set up a “plot”, like 6-8 hours of work. Then virtually zero overhead unless you’re chosen as a “winner”.
Could you or someone else say how the model that uses the token itself to replace the "proof of work model" works? Which crypto(s) is using this model?
Several of the top 10 cryptocurrencies (by market cap) use "Proof of Stake" (PoS) to replace "Proof of Work". Cardano is one example, but you may not have heard of it, so let's talk about another one. The second largest cryptocurrency, Ethereum, is in the process of transitioning to PoS. This is the one that will likely have the largest impact on reducing energy use and graphics card demand.
Here's a brief excerpt of how PoS makes sense: "Unlike proof-of-work, validators don't need to use significant amounts of computational power because they're selected at random and aren't competing."
System vary. I'm most familiar with Ethereum's, which is the biggest one in production.
It starts with a fairly traditional BFT protocol that reaches consensus as long as everyone follows the rules. These have been known in computer science for decades.
The twist is that if anyone breaks the rules, you can prove they did it. So everybody deposits some ETH as a security bond, and if they break the rules, any other staker can submit proof of that to get a small reward, and inflict a penalty on the offender.
An offense by a small amount of stake does no damage and is assumed to be an accident, so the penalty is small. An offense by enough stake to cause problems is completely destroyed so the attack can't continue.
The goal is to maximize immutability, not minimize energy usage. Energy expenditure is what roots Bitcoin in reality and what protects against changes (you would have to expand even more energy to change).
Other blockchains are relatively easy to mutate and hence not good candidates for the World's reserve currencies.
Other blockchains using proof-of-stake over proof-of-work are not ‘relatively easy to mutate’ for any definition of easy. Can you point a single occurrence of this happening on a top 30 market cap PoS crypto, such as Cardano, Tezos, or Algorand?
I said that PoS isn't much easier to mutate than PoW. EOS isn't really decentralised so it's not a fair comparison to other PoS chains and the other two are PoW just like Bitcoin.
On a side note my colleagues are working on improving ETC against 51% attacks at the moment so hopefully that works out. Definitely wouldn't refer to Ethereum as a 'shitcoin'.
I didn't expect this, the security argument invalidates 99% of cryptocurrencies and leaves Ethereum and Bitcoin as the only winners. Bitcoin is technologically unimpressive and Ethereum is quite successful technologically but it is having scaling problems.
You know, this is quite ironic because cryptocurrencies are reaching a dead end, through their own flaws.
Energy expenditure is what roots Bitcoin in reality
"Reality" is itself a fairly mutable concept if you're using that term to a refer to system that produces abstract "coins" with values that float against other world currencies in a system of finance that itself consists of multiple layers of indirection that evolved to solve the scaling problems of direct bartering.
A very large amount (something about 25-47% [1]) of homes use electricity without getting any computation for their electricity to heat conversion. Those homes could use computing devices (albeit at a high capital cost) with 0 marginal energy or environmental cost. Especially if their device is a sunk cost. Yes heat pumps are better than 100% efficient, but they're inappropriate in many circumstances, and can be as expensive as ASIC miners, but it seems that miners also have a much better ROI (~1-2yrs payback) than the energy savings a heat pump would give (~5-10yrs payback).
This ROI could be then funneled into carbon offset projects, renewables, and research.
[1]: A quick google brought up a few results spanning those ranges
> This ROI _could_ be funneled into carbon offset projects, renewables, and research.
They could also just take the costs that would go to ASICs and instead put that into the investments in the first place. What actual utility is there in some mathematical computations for society as a whole?
If the btc has greater value than the outputs from the renewables, then the market is "voting" on what is actually the most valuable thing to that society.
I know it's tempting to argue along the lines of "What could be more important than the environment?" and that is a good question, but that is a shift in societal values question, not an economic one. Economics simply helps one optimize the outcomes towards a values set.
Let's assume that this is true and there is a way to leverage waste heat from mining perfectly. This would reduce the cost of mining and the savings can be invested into more mining.
I mean, the 600w of waste heat blowing on my cold feet in the morning is pretty well leveraged. But I definitely agree with your point!
I think datacenters should be providing waste heat for industry, pools, residential hotwater etc. Similar idea for miners. If they can consume 1kw of electricity but then sell 500w of waste heat, that can be quite good for the environment and bottom line.
A friendly reminder that PoW runs just fine on 100% renewables. It's the job of regulators to make sure all PoW runs this way. Just like it's the job of regulators to mandate renewable energy for literally all other industries.
“Runs fine” doesn’t mean it’s energy efficient. If we can get whatever value out of a payment system with 1 wind turbine instead of 10,000, the former is obviously a better choice. And right now it’s not obvious that PoW provides anything that other technologies can’t. Bitcoin itself has shown that when PoW doesn’t produce the results people want, developers can just release code that makes users ignore the most work chain... so the system ends up just as political as any other money system, and PoW is just a clever trick to fool investors into thinking there’s some magic “decentralization” going on.
If all it's using is surplus green energy (something regulators can enforce), then efficiency isn't a concern. That energy was wasted either way.
Re: PoW, the thing it does provide that no other tech can't is Sybil-resistant open-membership replicated state machines. Anyone can join in deciding state transitions because the barrier to entry (access to mining tech and electricity) is decoupled from the system's operation -- there are no protocol-defined gate keepers. Sybil-resistance comes from the fact that votes on the next epoch of state transitions comes from an irreversible expenditure on the voter's part (i.e. you can't vote for 2 conflicting blocks in PoW without having 2x the mining power). Making the system process state transitions at a fixed pace under these two constraints is the scientific breakthrough that PoW contributes.
Of course you can mine 2 “conflicting blocks” in PoW cryptobeans, you can just tweak the clients of a fork to require negligible work for the next block and convince everyone that the most-work chain is a hostile takeover. Satoshi did not anticipate how forking clients with tweaked implementations invalidate the whole security model.
This is the same attack model that leads there being a public debate about “Segwit coin VS BCash”. It’s also what happened with the 2013 fork[0]. The system ends up needing politics and power games just like the current financial system. The technology is a distraction to fool intelligent engineers into thinking this system is different. It isn’t.
> you can just tweak the clients of a fork to require negligible work or the next block and convince everyone that the most-work chain is a hostile takeover
If I have the power to tweak any/all peers of any p2p system arbitrarily, then I already have supreme authority over what that system does. So your hypothetical is vacuous and uninformative. Wake me up when you've found a way to reliably mine two conflicting Bitcoin blocks using the same amount of PoW guesses.
> This is the same attack model that leads there being a public debate about “Segwit coin VS BCash”. It’s also what happened with the 2013 fork[0].
Wanna know something truly mind-blowing? You can fork Bitcoin at any time! And yet, none of the forked pretenders have come close to replacing the original Bitcoin. The biggest pretender by marketcap has a measly _2.21%_ of Bitcoin's hashpower [0], despite having the same PoW algorithm.
> The system ends up needing politics and power games just like the current financial system
Per the above, PoW has so far done a great job indicating which system is the real Bitcoin, and which are the pretenders. Wake me up when one of them overtakes the original.
> The technology is a distraction to fool intelligent engineers into thinking this system is different. It isn’t.
Yeah? Well, you know, that's just like, uh, your opinion, man.
> If I have the power to tweak any/all peers of any p2p system arbitrarily, then I already have supreme authority over what that system does.
This is not my argument and is your straw man. The point is most clients run whatever the politicians tell them to. What makes it even harder for engineers to see what’s actually going on with Bitcoin is that we suck at politicking and don’t even see it when it’s happening: the shaming if you’re running the wrong version, the worshipping of certain devs to help identify shepherds the sheep should follow, the scapegoating of dissenters, etc. You’re doing it right now by calling a specific chain a “pretender”.
If PoW actually worked as advertised, none of these games would be necessary.
> The point is most clients run whatever the politicians tell them to.
What makes it even harder for engineers to see what’s actually going on with Bitcoin is that we suck at politicking and don’t even see it when it’s happening: the shaming if you’re running the wrong version, the worshipping of certain devs to help identify shepherds the sheep should follow, the scapegoating of dissenters, etc.
Woah there buddy, speak for yourself, and only yourself. You may be terrible at politics, but I can assure you, not every engineer is.
Also, you are the one who's trying to make the case that the ability to make a derivative work of Bitcoin means that PoW has somehow failed. I'd say it's just the opposite -- the fact that one chain has a lot more PoW than the other is a very strong reading of the collective affinities borne by each chains' stakeholders. That's something you couldn't measure in pre-Bitcoin p2p systems. If anything, it means political shenanigans are harder to come by -- in order to legitimately claim one chain is more well-received than another other, you have to pony up actual energy. Hype, paid followers, ad blitzes, charismatic leaders, etc. only get you so far.
> You’re doing it right now by calling a specific chain a “pretender”.
Bitcoin came first. BCash, BSV, etc. are derivative works, not the original. Bitcoin has nearly two orders of magnitude of hashes per second behind it than the rest. Each project styles itself as "Bitcoin."
These are all facts. My characterization of these other systems as "pretenders" is meant to convey these facts, and nothing more.
> If PoW actually worked as advertised, none of these games would be necessary.
Bitcoin is still Bitcoin, derivative works notwithstanding, but people will believe whatever they want at the end of the day. Honestly, I don't care, because as of right now, far more people believe that the original Bitcoin is the Bitcoin, as evidenced by its significantly higher PoW.
> you are the one who's trying to make the case that the ability to make a derivative work of Bitcoin means that PoW has somehow failed
No, I never said this and this another straw man. The point is that the most-work chain is allowed to be ignored if the politics are done right. You just need the right people pushing for adoption of the minority chain, and to label the most-work chain as an “attack” or a “bug”. In this event, there is no protocol defining which chain gets the name “Bitcoin”, it becomes a game of power, of who has more social capital in the space and who can maneuver exchanges and users into agreeing which chain is “real” and which chain is “pretender”.
Maybe a picture will help: imagine all the existing investors who strongly insist on deflationary policy are gone in 100 years, and they get replaced with folks who care a lot less about “sound money” arguments. Imagine devs, exchanges, miners, all agree that a constant supply inflation would be preferred. Then, all they need to do is release a new version of reference software that keeps the block subsidy in perpetuity, and make a very strong case that this fork is for the security and stability of the Bitcoin economy (to make that case here is beside the point). In this example, the handful of folks who will be fussing about Austrian economics and declaring “that chain is not the real Bitcoin!” will be relegated as outcasts, even if they insist on keeping the name “Bitcoin” and release an “original Bitcoin” client, it won’t matter, because the market will have decided for them which chain the rest of the world uses. And it’s this chain that wins the political game that will keep the name “Bitcoin”.
Again, the argument for which monetary policy is best is irrelevant, and how likely you see this event as happening is also irrelevant. The fact that this hypothetical is even _possible_ and that Satoshi’s system doesn’t preclude it from happening, is the argument for why proof-of-work fails. PoW is ultimately subject to politics which means the whole system is subject to politics.
You can also look at the BCash fork itself. The events leading up to that fork were not smooth at all, and the outcome of the fork was wholly uncertain at the time. Popular blockchain analytics sites had public trackers of which ideology had more brainshare, devs drew the party lines, exchanges issued statements declaring party allegiance, miners signaled support in their blocks, users took to Twitter to unite the herd. If Roger/Gavin/Mike had been the only ones with a public platform and Core had never responded with their own campaigning, miners would’ve easily abandoned the “real Bitcoin” and Coinbase and crew would’ve easily pushed for the fork to keep the name “Bitcoin”. It is the political campaigning of the incumbent party that kept them in power and that kept the hash rate on that chain. None of these mechanics are outlined in any Bitcoin whitepaper I know of.
> The point is that the most-work chain is allowed to be ignored if the politics are done right.
If the best argument against PoW is that people can ignore it, then I don't know what to say to you. Like, don't let me stop you then: go run a Bitcoin miner that ignores PoW, and see if you can convince anyone else to accept your forked coins at 1:1 parity with real Bitcoin.
> Maybe a picture will help
I never once brought up monetary policy, so I'm just going to ignore what you wrote about it. You're answering questions I never asked.
> PoW is ultimately subject to politics which means the whole system is subject to politics.
PoW is ultimately subject to market forces. Miners regularly switch between Bitcoin and BCash, depending on what's profitable at the moment. This indicates that miners are not loyal to any ideology; they're only trying to optimize revenue. Thus the simplest explanation as to why Bitcoin has a much higher PoW than BCash is that Bitcoin has higher demand. Hate to break it to you, but the market has spoken -- there's far more demand for Bitcoin than BCash.
But, let's not mistake that for some grand conspiracy against it. No one is stopping BCash from overtaking Bitcoin; the onus is on the BCash project to convince people to value it more than Bitcoin.
> If the best argument against PoW is that people can ignore it, then I don't know what to say to you. Like, don't let me stop you then:
Your counter-argument is "try it, then!". I'm not sure why I have to say this and we can't have an intelligent conversation, but here we go: just because something is possible to do and an argument can be made for its possibility, that doesn't mean that I specifically have the means to pull it off. And talking about my capacity to pull it off derails us from having a meaningful discussion about the potential attack. You're not discussing in good faith I think...
> I never once brought up monetary policy, so I'm just going to ignore what you wrote about it
It wasn't about monetary policy, that was just the context. It was about how the hashrate just goes where the money is, and the money is subject to politics, therefore PoW is subject to politics.
but anyway if you're not going to read my comments, we can't have any meaningful exchange here... especially since you're trying to make this about the BCash cryptobean for some reason, but my point has nothing to do with it. My point is about Proof of Work being ultimately useless.
Why 100% renewables? Biofuel is renewable but also emits lots of carbon and air pollution. Nuclear is not considered renewable but is low carbon and clean air. Seems like the the term allows undue wiggle room. Might want to require that it be generated with energy that emits less than 50 gCO2-eq/kWh on a lifecycle basis or something more specific.
how would they do that practically? would require a huge surveillance state with constant monitoring to make sure you’re not mining on non allowed power
Mining rigs already require tremendous amounts of power, and there are already laws on the books that allow the government to know what you're doing with that power (i.e. for safety and environmental reasons). You can easily determine which power sinks are mining rigs, and require them to use only excess renewable power, or off-grid renewable power (it's pretty easy to tell if you're using off-grid fossil fuels with satellite imagery -- you can't hide the CO2).
Governments can easily enforce this -- simply require all blocks to be signed by a government-issued keypair to attests to the green-ness of the power used to produce them, and require exchanges under its jurisdiction to deny, limit, or tax the sale of non-green coins.
That may be true, but the toothpaste is out of the tube. If we can't abruptly stop the use of fossil fuels to stop climate change, I don't think any amount of pointing out how much energy BTC uses is going to change the fact that it's been well established.
Although I believe it is well-established, there's still a lot of people spreading industry talking points about how it's mostly renewables, in spite of stories like this to the contrary. Motivated reasoning is a helluva drug.
Well mining in China moves with the seasons. During rainy season excess hydro power in Sichuan and Yunnan is used for mining, during dry season its coal in Xinjiang
But you can talk people into selling BTC and buying ADA or some other proof of stake coin.
I think if pension funds etc go into bitcoin it'd be an environmental disaster so it's probably worth campaigning against that. The energy consumption comes out kind of proportional to the bitcoin price.
Has anyone tried to calculate the energy expenditure of the fiat currency system as a comparison, ideally per "unit worth" (whatever that might be) since fiat still vastly outcapitalises cryptocurrency?
Yes, and it’s vastly less than Bitcoin. Simply because it’s centralized, and a centralized system is always more efficient than a decentralized one. It’s a well known trade off.
A better comparison would be gold versus Bitcoin, as they’re both similarly decentralized. Just comparing energy consumption between the two probably wouldn’t make sense, though, as gold mining e.g. ruins vast areas of land.
Naturally, a summation of the energy expenditure of all of the related components of the existing fiat system must be included, from the totality of all people operating the various functions that facilitate the existing fiat system; i.e. their commutes, aggregate expenditures due to needing to operate physical banks, power usage at these physical banks, etc. are all factored into this calculation... right? All the way to the minting of new currency (probably almost negligible in the aggregate), to all of the security apparatus that ensure that bills are legitimate, to major parts of the US Secret Service that verify that bills are legitimate (including all of their expenses scaled to the proportion of agents dedicated to this task force)... I honestly don't believe that the electricity usage of BTC is higher than fiat currency operation, in the aggregate.
Please share any sources if you have any information that contradicts this. It's an interesting area of open research + I'm curious if I've missed any publications recently.
This is a bit of crypto-delusion I have never understood: why compare Bitcoin with the financial system as a whole to get out of the "it is mostly powered by coal plants in China"-argument?
Does Bitcoin assess credit risks of governments, companies and people and then extend+manage credit?
What does Bitcoin offer in regards to risk management/hedging for operating businesses?
Maybe Bitcoin has some liquidity management feature for real businesses that I am not aware of?
Bitcoin has very low uptake in payments, so trying to compare its energy consumption to all retail branches and the oil burned by the employees on their commute strikes me as misleading and ignorant
Modern banks and financial institutions are much more than a long list of payments. Please learn a little bit about what a company like Bank of America actually does
I worked at Goldman Sachs for 3 years in technology and trading roles so I'm fairly confident that I am largely familiar with how a bulge bracket investment bank as well as how most consumer banking firms operate work.
It's not misleading at all. It's important to consider that a large group of human operators, using a separately large set of semi automated processes, are a large component of the current energy spend of aggregate financial activity - all those busy worker bees are using energy.
Not really interested in doing some super thorough calculation, hopefully this general outline makes a little bit of sense. I'm just asserting that if we are going to criticize one thing's energy spend, you need to actually define what you are measuring and determine a baseline with respect to what the current thing's energy consumption is, ideally as line items and then sources for each input component.
Looking forward to some sources. (If you are referring to the Argentina article, please just identify that as your source). No need to be antagonistic, we're all friends here.
>It's not misleading at all. It's important to consider that a large group of human operators, using a separately large set of semi automated processes, are a large component of the current energy spend of aggregate financial activity - all those busy worker bees are using energy.
A lot of that is compliance though. Some (or maybe even most, I'm not in the industry) of that doesn't need to exist for the system to function - the banking system would work just fine without suspicious activity reports. I don't think it's an apples to apples comparison as these checks don't and can't exist in cryptocurrency.
That's just scratching the tip of the iceberg, as mentioned above the traditional financial system provides lots of services that cryptocurrencies can't provide or don't provide at any meaningful scale.
Look up e.g. VISA corporate responsibility report for 2019. It’s been some time since I’ve seen that, but iirc Bitcoin hash power takes like 120 TWh, “Big Tech” combined is like 50 TWh, and VISA with all the nuts and bolts (and people) is like 0.2 TWh - with proven consumption of renewable energy.
But institutions like Goldman Sachs aren't going away if Bitcoin suddenly became the world currency, so including them in such calculations is misleading.
I've done this before. No, I'm not going to share my sources because a) I haven't saved the exact ones I found before and b) whatever I include, you're always going to criticize me for not including yet more calculations in my side of the ledger. But the answer is going to come out the same anyways: Bitcoin uses orders of magnitude energy more than traditional currency.
Take a simple thought experiment. Someone makes a transaction with VISA. That requires updating the seller's bank's ledger, the buyer's bank's ledger, and VISA's computer. Let's round that up to a dozen computers who need to know about that transaction. Now consider Bitcoin. Those same three computers need to know about that transaction... and so does everybody else who runs a full node. We haven't considered a picojoule of energy consumed by proof-of-work yet, and Bitcoin has already consumed far more energy than VISA.
So how about that proof-of-work? Well, let's compare a bank's energy consumption. Go to their financial statements, and pick out the line item that includes energy costs. If you're not sure which line item that is, add all of the plausible ones together (and round up, because what's the harm in overestimating here?). I don't know how much they pay for energy, so let's say it's 1¢ per kWh because what's the harm in rounding up? Crunch the numbers, and banks still use far less energy than Bitcoin's proof-of-work, even by our wastrel overestimation numbers. Oops, I forgot to account for the different volumes. Doesn't matter--banks are moving more money on less energy than Bitcoin.
Much of the ancillary functions you want to include to make Bitcoin's energy consumption seem less embarrassing would still exist even if the world magically switched from USD to BTC overnight. The loan officer evaluating how much interest to offer on a mortgage to a first-time home buyer would still be doing exactly the same thing. The loan shark driving to bust someone's kneecaps for not paying back loans on time would still be doing exactly the same thing.
> The loan shark driving to bust someone's kneecaps for not paying back loans on time would still be doing exactly the same thing.
Tangential thought...
I might be mistaken, but how can one even collect on defaulted debt denominated in BTC? I thought that the BTC owner still has to transfer BTC themselves, since only they would know the private keys.
Wouldn't the collector literally have to physically threaten the individual to transfer the BTC back, since it's not like they can get a court to order the bank to do it.
I know that ETH supports smart contracts that could in theory automate the terms of the loan, but then what happens if the debtor goes bankrupt?
> Wouldn't the collector literally have to physically threaten the individual to transfer the BTC back, since it's not like they can get a court to order the bank to do it.
What makes you think the court can't order the bank to do it? The court can order you to give some assets up, and if you refuse, they can order your employer to deposit wages directly into creditor's accounts, or the creditor can seize other assets for nonpayment. (For example, some creditors managed to temporarily have an Argentinian Navy ship seized after their default.)
You make a good point wrt. physical cash (coins and bills) versus electronic currency. I think it's sensible to analyze the two separately.
Also, it's important to consider that commercial banks do much more than just keep track of "who owns how much USD". Banks are primarily middle men in the credit markets, and this is not related to establishing people's balance (which is all the Bitcoin network does). If Bitcoin persists then BTC credit markets will also develop, which would be very different from just keeping track of "who owns how much" (which is all the Bitcoin blockchain does).
I agree, consumer banks (and general financial technologies/innovations offered by private equity firms, private trading companies, financial engineers, etc on the whole) offer a greater breadth of services than crypto-asset financial innovations at present. This is obvious - I'm not sure anyone would argue against the validity of that statement.
The largest single asset within the category is bitcoin + the majority of crypto-assets (in market cap terms, in aggregate) are currently PoW based systems (exception of Eth2 if you're just looking at top 5 but the bridge isn't live yet to my knowledge) so it makes sense to take a step back and really try to understand whether we are measuring the same things across both systems - the terms (in a linguistic sense) need to be defined for any serious discussion/analysis can be undertaken. Basically the Fed Reserve system's budget (some % of their budget) + cost of operating basic banking operations across all banks needs to be part of the calculation, at a minimum. Any other terms (in the equation that represents the relative spend across the two systems) could add greater accuracy, but the record keeping seems like the biggest cost that needs to be factored in to accurately reflect the energy consumption differences between the two systems.
But fiat has different properties so a bit apples to oranges in terms of efficiency. You could compare how efficient is USD vs GBP, but not USD vs BTC.
Ponder, for a moment, the way in which governments use the "printing" of fiat money to fund wars (for private sector profit, revolving back into that private sector's lobbying those governments for even more war and military spending).
Ponder, for a moment, the amount of energy and Earth's resources expended to materialize these wars and military spending.
Bitcoin (or, the proof-of-work cryptocurrency concept as such) by its design prevents (or at least very severely inhibits) this type of governmental hijacking for a mere fraction of the resources spent.
This applies to other heavily-subsidized sectors/areas/industries with a powerful lobbying influence/revolving doors/etc.
Imagine if we could vote by paying our taxes in Bitcoin (in a Bitcoin full-blown, mainstream Bitcoin economy) in proportion to specific Bitcoin addresses/accounts allocated for specific policy issues or target governmental groups, and thus have an actual, real and direct democracy instead of a 4-year theatre of false puppets and promises.
Again and again this claim... I fail to imagine how anyonr believes that the US or China could be stopped from going to war by not having enough BTC of all things... In a BTC world they would simply borrow BTC (if they wluldnt control 50% of hashpower anyway) and that would be it.
If you imagine that people wouldn't lend BTC to the US, remember that, when Standard&Poor's reduced America's credit rating, US bonds shot up in price (even though technically they were the one asset that S&P's rating was about the most).
Not really though, are they? Inflation is the loss of value of a currency over time, while counterfeiting is a basic form of fraud where someone claims they have more money than they have.
You could say that money printing and counterfeiting are similar things on opposite sides of the law. But that is still a shallow, high-school level understanding. When a con artist pays for things with counterfeit money they don't typically invest this back into the economy and produce more value, so counterfeiting is virtually guaranteed to produce inflation if it is not curtailed.
But governments print money in huge quantities all the time with minimal inflation.
They have an extremely detailed explanation and process to determine the footprint of Bitcoin transactions.
Anyways, they also have the numbers for Visa based transactions, which can start to give you an idea how efficient the old system of digital transactions are. Its 980,000+ Visa transactions to equate the energy used for 1 bitcoin transaction.
This is comparing Visa's use of energy to Bitcoin's. It is not comparing Visa's use of all resources to Bitcoin's. It is like saying hybrid cars are more efficient than electric or gas cars, because they use less electricity than fully-electric cars and less gas than ICEs.
It is comparing the energy consumed by Visa to the energy consumed by Bitcoin. If you want to get into other resources e.g. supply chains for all the computing hardware used by Visa versus Bitcoin...is there any reason to think Bitcoin would do better here? Mining operations have become enormous, thousands of machines all churning away, and there are many such operations. I suspect Visa has a smaller footprint here as well.
So you're telling me that Bitcoin can make up ground for being almost a million times less efficient on a basic and everyday use case of currency in some other way? Please, go ahead and tell me. That's like saying you have the fastest drive thru hamburger shop even though it takes an hour for someone to get their food. But the burger joint is faster "elsewhere". Where else could Bitcoin make up the energy efficiency problem? Especially efficiency where it actually matters.
Does VISA create and secure an asset that is open source, decentralized, censorship resistant, permissionless to participate in?
Apples to oranges. VISA can't do those things, it is a centralized settlement layer for US Dollar transactions. So when we selectively compare the transactions per energy metric, we are conveniently ignoring the fact that VISA is not responsible for securing the stability of the global US Dollar network.
And... does any of those addons actually matter? I have yet to see why the average person should care. If I was a drug dealer or trying to side step customs or hiding wealth in general, dude, I'm going crypto. But I do none of that. It's just extra layers of hassle for me to go buy a bottle of rum, pack of chicken breasts, and pay for my electric bill.
There was an article on HN regarding money laundering in the past week. Lots of people were surprised and denounced how easy it is to launder money... so... with Bitcoin's features making it a beautiful means of money laundering... if it becomes truly adopted as a currency, those features are going to go bye-bye. Stealing bitcoin hasn't been rare either. Search engine of choice look up, "bitcoin stolen". It doesn't really seem that much better that current systems. There's always a way to steal from someone. That xkcd comic on security makes a good joke on it. The best hash doesn't protect you from someone hitting you with a $5 wrench.
So what visa isnt responsible for securing the stability of the dollar? Who in their right mind thinks they are responsible for shit other than skimming off the top when communicating between two banks? Seriously? You think a mainstream bitcoin transaction service is going to be a non-profit? Visa is simply part of the network. If they go down, there are other services that still function. Best part, if all telecom goes down, paper money still works. Crypto doesn't. Anything that affects visa, Mastercard or any other high or low level merchant service, affects crypto too. Generally, crypto is just another merchant service using it's own chucky cheese tokens instead of an multi organization agreed upon one.
Most of the "benefits" are either rare, extremely niche or just brute forcing a wall that just requires stepping around it.
Feel free to look through my comment history to see some of my arguments against fiat currency and federal reserve. I don’t think you’re familiar enough with the economics, the ideas of hard money/soft money and hyperinflation.
VISA is a layer 2 solution, it makes no sense to compare it to Bitcoin directly.
Compare Bitcoin to the energy usage of federal reserve and resources spent on securing the US Dollar (implicit and explicit), because that's what the Bitcoin network does. It secures immutable property via a decentralized, open source protocol.
If you want to compare layer 2 solutions, compare Coinbase or Paypal's internal settlement of Bitcoin transactions to VISA. Those metrics are much more relevant.
Not only are fiat currencies cheaper, they are also useful... Bitcoin is no longer a practical currency, so comparisons to fiat currencies are pointless.
You must be living under a rock then, because bitcoin just had a sizable correction last night. Sounds too volitile to protect any savings.
>also to send anonymous donations to causes I support.
Nope. The ledger is public and your transactions can be seen on it basically forever and, with some sleuthing of the ledger by interested parties, you could be deanonymized.
> You must be living under a rock then, because bitcoin just had a sizable correction last night. Sounds too volitile to protect any savings.
If you invested less than a month ago, you are down. If you invested any other time in the last 10 years than you are up. You might be the one under a rock.
That's not what I'm arguing here. If you mean to say you like to take the chance on having your number over a short time go up OR down, and you like to consider gambling, then yes, I'd say Bitcoin is more aligned for that purpose. Also... I did say the word "volatile"... both positive or negative wild volatility are not something you want in an instrument meant to protect your savings. You want slow and steady gains and, most importantly, consistency, so my critique is still valid here.
As the old saying goes "Past performance is no guarantee of future results." Bitcoin could get legislated into oblivion causing a massive decrease in the value of your holdings (especially if world governments take climate change seriously, they may see Bitcoin mining as a major threat), a quantum computer could literally "break" into wallets and steal, Satoshi's wallet could suddenly move and expect billions of USD to be extracted out at once.
Too many variables here to suggest that your savings are secure. You're a braver man (or woman) than I would be.
I'm not sure. The trouble is you're comparing apples to oranges. On the one hand you have money which, while not essential for civilisation, is generally agreed to be a good thing. On the other you have this thing that absolutely is not money by any stretch. How do you possibly calculate how much value each of these adds to society?
I think that money is essential for civilization. I support what Jeremy Irons said Kevin Spacey in movie Margin Call: “Money is just a made up thing that helps we don’t kill each other for food.”
That's kind of like saying the wheel is not essential to civilization, but that it is "inevitable." An accounting system of some kind is necessary to organize the limited resources available to any civilization, and that is exactly what money is and how it emerged in early civilizations.
Well, for a start, there have been loads of civilisations that didn't have wheels. Don't make the mistake of thinking our current civilisation is the only one that can exist because it exists right now. Those other civilisations existed in their time too.
There is a big difference between necessary and inevitable. Crime is inevitable. Is it necessary? I believe a civilisation could exist if the people decided to outlaw money. There are so many other ways to allocate resources: bartering, contracts (which get you asynchronicity), centralised allocation (which can be at a national level, e.g. communism or a local level, like a feudal system), gift economies. All of these have existed and worked for a time.
I don't see where's that even relevant? You just see the transaction, until they mesh it. You don't know who and there is no accountability if there's abuse.
It's the preferred method of payment for scammers, so visibility means absolutely nothing.
Assuming there is a detected 51% attack, what would be done against this? Spinning up more nodes to counter attack is not an incentive for other "good" (whatever this means) miners because keeping unused mining capacity at hand is equal to losing money.
Detection is worthless without applying counter measures.
The ability to turn electricity into money is not the problem, or if it is, then lump all of modern endeavors in capitalism alongside of Bitcoin.
The problem is we (the world) are not effectively taxing carbon emissions. Right now it should be unprofitable to use coal or oil energy. If this was done right, Bitcoin would be a massive stimulus to renewables.
How is Bitcoin a boon to renewables? Bitcoin consumes energy, and that energy is not being used for other things. Taxing one form of energy will just mean everything that uses energy becomes more expensive; Bitcoin fees would rise or mining operations would simply move to places without the tax.
The actual problem is that Bitcoin's incentive structure works against energy efficiency. Usually we would expect to see improvements in technology result in reductions in energy consumption. Instead, when a new hashing machine is built that computes the same number of hashes for less energy, the response from Bitcoin miners is to compute more hashes using the same amount of energy. That is what Bitcoin incentivizes, and that is why Bitcoin will always be an environmental catastrophe even if we only had renewable power sources (take a look at the environmental cost of producing a solar panel -- there is more to the environment than carbon emissions).
> How is Bitcoin a boon to renewables? Bitcoin consumes energy, and that energy is not being used for other things.
The utopian view is that not all energy is currently being used for other things. On grids with heavy penetration of renewables, peak production can overwhelm demand, causing bulk power to become effectively free.
In a suitably regulated environment, bitcoin or an equivalent could act as a last-resort user of such power. Doing so would provide a baseline demand for excess generation, effectively subsidizing renewable buildout.
This effect becomes stronger with carbon taxes, which would make non-renewable power comparatively much more expensive and effectively reduce bitcoining-demand from such sources relative to renewables.
However, the non-utopian view is that this possible arbitrage is global, not local. Through bad regulation, corrupt governments, or outright theft, miners somewhere on the planet can access power even more cheaply than from the excess renewables contemplated above.
...or we could work on better energy storage and distribution technologies and move away from "base load" approaches to power generation. I am also not seeing how Bitcoin, which consumes power regardless of whether or not there is any excess, helps in any way. Why do you think Bitcoin miners would shut their operations down during periods of high demand in any regulatory environment, other than one which specifically punishes Bitcoin miners (in which case, why should anyone think Bitcoin would continue to exist)? Bitcoin would just push up the floor on how much electricity must be supplied at any given time.
> or we could work on better energy storage and distribution technologies
That's a "both and" issue. An energy generator could hypothetically mine cryptocurrencies to buffer their excess-power periods right now with little capital investment, whereas developing new storage technology is an expensive and long-term problem.
> Why do you think Bitcoin miners would shut their operations down during periods of high demand in any regulatory environment
A non-criminal bitcoin miner (the argument applies to any other proof-of-work coin in the same way) will reduce their mining effort if the marginal cost of mining (the power bill) is larger than the reward from doing so (mining rewards plus transaction fees).
The problem then is one of value, but cryptocurrency valuations aren't fixed. If the price of bitcoin durably collapses for some reason, miners will turn off their rigs and the energy cost per coin will fall. (Note that I'm not a "bitcoin bull," but I also know better than to predict future prices with false confidence.)
It isn't, but it could be. If we had proper taxes on carbon emissions; The cheapest power would always be from renewables, bitcoin miners would invest in renewable energy which would make it cheaper in the long run as mass production scales with demand.
Energy efficiency is not important in carbon neutral energy production, and in fact can stifle development and raise prices making fossil fuels more attractive.
Technically speaking, western China has a lot of renewable power and not as much demand for it as eastern China. If they were mining in western China to take advantage of lower rates, and that energy can’t be transmitted East anyways, then it might make sense (or they could just move some industry from eastern China to western China to take advantage of renewables, or get that UHV grid working so they can move renewable electricity East to where it’s needed).
It doesn’t matter where it is used up, the point is that it is unnecessary work taking a huge amount of energy, that could be used for better things. Even using up purely renewable energy makes every other industry rely more on non-renewables, so it is a lose-lose either way.
Maybe with the simplistic perspective that Bitcoin has a value that you can calculate.
Energy usecases are worth what energy they use. Energy exists in a mostly free market and that's the best way to determine value. Everything else is conjecture.
I sure hope the free energy market doesn’t respond to Bitcoin mining like the free graphics card market does. Thankfully, the energy market is heavily regulated in many parts of the world, so something can be done.
Bitcoin, nor how it's implemented is useless. You just don't understand it. And it doesn't matter, you don't have to. People value and understand the world differently.
Is there really an objective definition of useless? Media consumption, games and movies are pretty close to useless in my opinion. That does not however give them any less of a right to consume energy.
>we don’t live in a fictional world where infinite growth exists.
we do. One just need to see the world beyond their own planet.
>Useless energy expenditure is useless and objectively bad.
your comment cost some energy to be expended. Basically most of computer use by humans is a useless energy expenditure, yet somehow some people single out crypto.
> we do. One just need to see the world beyond their own planet.
Heat death of the universe would like a world with you. And before you say that it is so damn far we should not care about it, meaningful space travel is similarly so. We should save our own planet because a goddamn apocalyptic Earth after ww3 is still a more livable place then any planet in the Solar system.
Also, is being globally connected to each other with comparatively less energy expenditure bad? How about hosting free educational resources, but even just fun things? It is not comparable to hashing random numbers for proof of work levels of useless.
> It is not comparable to hashing random numbers for proof of work levels of useless.
Bitcoin exists because there is no alternative decentralised, self sovereign currency. PoW exists because there is no other method to achieve that. It is by no means useless. You are not the user.
> Bitcoin exists because there is no alternative decentralised, self sovereign currency.
I do question whether we need one. We choose our governments to create laws protecting our values. I do agree that they are pretty far from perfect, but I don’t see why should we circumvent said laws. If I got a failed product, how will I get it replaced, when the seller could have disappeared? Yeah, there are smart contracts, but it’s not like our entire financial system was made up on the spot. It has many many warts, but it does solve real world problems.
> PoW exists because there is no other method to achieve that.
And as others mentioned in the thread, there are cryptos not dependent on PoW
as i already said - that is mainly because we fail to see the world beyond our planet.
>It is not comparable to hashing random numbers for proof of work levels of useless.
you find something not important to you and declare it useless. Other people do seems to value the planetary-scale decentralized consensus at like a $1T.
> as i already said - that is mainly because we fail to see the world beyond our planet.
Well, closer to the Sun it is way too hot, further away it is way too cold. There are also tiny problems like not having an atmosphere, too great or too small gravity, or small details like not having a solid surface, but sure, which planet would you like to travel to?
If energy is portable, sure. If not, then it might make sense to mine where energy is abundant and not put to better use. Eg plant a satellite with solar cells close to the sun just to do crypto currency mining? Maybe not crypto, but perhaps some other computations that don’t require too much bandwidth to transmit results.
The government has put out policies to encourage industry to move to western China. It is not so much about energy, it is mainly to deal with the imbalance of development between western China and eastern China (more so Northern China and Southern China).
As far as I can recall, there was power shortage a few months ago, and I have suspected bitcoin mining would contributed to some of it.
Depending on what's flooded Hydro can actually be the dirtest power out there.
There's a hydro plant in brazil that contributes 3 times the number of ghg emissions as it's equivalent coal plant.
The vegetation now covered by water will start to rot and release lots of methane and other goodies. Unless it is cleared away first. This is only practical with trees though.
It is due to the decomposing vegetation under the water. However, it depends on what is under the water. Some hydro reservoirs actually are carbon sinks while others are worse than coal plants. You also have to take time of operation into account. Hydro becomes cleaner as time passes. A 50 year old hydro plant will have had a lot of the vegetation decomposed already vs a 5 year old one.
Not really. It's from rotting trees, and when they decompose in an anaerobic environment they take 3-5 times long to decompose. Most trees will take well over a hundred years to fully decompose.
In theory yes, but in practice it's rather infeasible to do 51% attacks IRL --- the main constraint is the people not the math.
A 51% attack mainly lets you double spend, so you have to:
(1) get a lot of coins and spend them on something
(2) start mining a fork where that spending didn't happen (but other real transactions continue to happen) --- your hash power will now need to be dedicated to this new fork at the exclusion of the old "real" fork since all future hashes will diverge
(3) wait until the thing you paid for with coins can no longer be "taken back", all while continuing efforts on the alternate fork
(4) do the 51% attack to swap out the old "real" fork with your new fork where you never bought the thing, thus keeping the thing _and_ the coins you spent on them
(5) all this needs to be balanced with the opportunity cost had you just continued mining on the real chain...
Such an attack would trigger immediate attention since at (2) the main chain would suddenly see a drop in contributions. Also realistically most things you can purchase with coins (like fiat or other goods/services) can be relatively easily "taken back" unless a considerable amount of time is spent to launder them --- say if you "buy" a car with crypto and reverse the transaction, what you've really done is just stolen a car with a lot of extra steps... Which means your only real viable path is to redeem for some other cryptocurrency... Now given that a big attack just happened on the largest market cap crypto, there's a pretty good chance the other coins are going to take a hit and exchanges might even temporarily limit activities while this situation is "investigated", greatly reducing what you can actually do at the end of the day.
This kind of thing is more reasonable on the smaller market cap "meme" coins where you can just exchange them for for a mass-market crypto.
You're thinking too small on the impact--China doesn't need to double spend bitcoins. What they could do is cause a loss of confidence in Bitcoin overnight and collapse the price.
How is that even remotely strategically good for China......?
These miners are probably making USD or some other foreign fiat at the end of the day which adds to the supply of foreign reserves without needing to use trade... And if they're siphoning power to get around currency exchange limits moving wealth abroad then a traditional crackdown to confiscate their equipment would be much more effective (you can't exactly "hide" a mining operation).
Frankly China, with so much mining output, benefits more from seeing crypto moon than crash...
(Also "collapsing the price" is something that can be done (and may have actually even already been done in the past) with far far less effort than an attack...
(As one example, articles pointing out that "China can do 51% attacks" are much more effective in crashing crypto prices... maybe keep an eye out for those
The minors are not making USD for foreign reserves to be honest, they are mostly a way to transfer wealth out of the country (buying equipments and electricity and sell bitcoins abroad or not selling it at all). That's why China has banned its bank to do crypto related transactions and exchanges mostly. However, it is hard to enforce. You can find many exchange use Bank Transfer, AliPay and WeChat pay.
Owning Bitcoins are legal in China. Who knows once the digital RMB is out.
Every time a miner exchanges crypto for RMB (like with Alipay or WeChat), China overall benefits a bit. Because Chinese banks (as you correctly stated) are not allowed to hold crypto and exchanges are illegal, what really happens is the crypto gets exchanged for foreign fiat (like USD) where exchanges are legal, which then gets exchanged for RMB, building up foreign reserves.
In the past, a lot of miners were "foreign investors" (likely other Chinese "nationals" rather than citizens) who lived abroad and would keep the exchanged fiat in foreign bank accounts, which _is_ harmful as they pay for electricity with RMB but get to keep USD. In recent years, a lot of local mining outfits are appearing, and because they ultimately need to spend RMB, the government has no problem with turning a blind eye to them.
What you are saying in second paragraph is not true. Mainly because if you mine BTC in China, you buy equipments and energy using RMB. After mining, you have BTC. If you sell BTC for USD, most likely those USD will not come into China. Bring USDs to China is not as easy as you think, there is also a quota for it (50k per year). If you sell BTC for RMB, there is no transaction to USD at all.
Yes, it is illegal for Chinese banks to do transaction for cryptos, but it is still legal to transfer money to others in exchange for crypto (p2p). WeChat, Bank Transfer and AliPay all being available in exchange. Holding crypto is not illegal in China, also mining is not illegal.
I believe there are still a lot shady business going on for those buying cryptos with RMB. It is quite easy for Chinese to buy/sell crypto at the moment.
Actually the same happens in stock market. When Chinese companies go for IPO in the US, they will typically keep the fund in US, rather than bring them back to China to make it easier to do business in dollars without restriction of Chinese financial system.
But it is individuals, not governments, who mine Bitcoin. In fact, the people who mine Bitcoin don’t like governments very much, and wouldn’t cooperate with a government-imposed Sybil attack that would devalue their state-independent store of wealth, any more than they would cooperate with said government going to war with a country they’ve exported all their investments to. Such people would actively seek to use their wealth to oppose such a government.
If a government moved to confiscate all mining operations and run them itself to perform such an attack, the fight such people put up against that would be so obvious that it would be incredibly easy for parties external to the situation (Bitcoin devs + Node operators outside of China) to stop any ensuing Sybil attack. They’d just blacklist Chinese IPs from the network statically in the client code—effectively hard-forking the other 49% of the network in advance so it doesn’t later become confused.
> But it is individuals, not governments, who mine Bitcoin.
Bitcoin mining has outgrown this stage. It's more like companies, now.
> the people who mine Bitcoin don’t like governments very much, and wouldn’t cooperate with a government-imposed Sybil attack...
Early Bitcoin proponents don't like governments much. Chinese miners are another story. They see a business opportunity and have no interest in losing social credit points or, worse, going to a labor camp.
Because the government cannot afford the resources to untangle it all, and the rich can afford the lawyers to exploit all the loopholes, and cover the tracks after little white-collar crime "indiscretions". Who funds the lawmakers who make the tax laws? Ah...
Cryptocurrencies are absolutely taxable — at least in the USA. It’s a gigantic pain in the ass that I feel every April. I don’t know why the USA makes taxes so painfully difficult and complex but that’s another topic and something they can improve on.
A crash would save energy for China and everyone else. Miner revenue from block rewards is proportional to market price. The cost of electricity can’t exceed that or it will be unprofitable for miners.
How is it good for China to destroy Bitcoin?
This question does not recognize China has over a billion people.
The Chinese government has shut down Bitcoin transactions in China before because it goes counter to their centralized economic control. If uppity insurgents or billionaires who they wish to punish (e.g. Jack Ma) are heavily invested in Bitcoin, they may want to crash it. Alternatively, it may be seen as a way of people to launder money outside of China and their control. Maybe just want to throw other financial markets into chaos.
Why would the miners cooperate? I can think of 7.62 reasons why.
China stands to gain the most from bitcoin mooning at the expense of other countries' currencies. Every yuan exchanged for bitcoin siphons value out of the chinese monetary network and into the global cryptocurrency network. Ideally, if china secured a large portion of bitcoin and then ceased all bitcoin trading within their borders, they could allow other countries to foot the bill of economic instability while the net value of their assets increase.
Bitcoin is an economic weapons created by the chinese government.
Yep. And China has done exactly that in the past when people were using crypto to launder RMB into USD.
The fact that mining operations still exist today at large scales in China means that at least the government has found a way to profit off of crypto (strategically or economically).
> The fact that mining operations still exist today at large scales in China means that at least the government has found a way to profit off of crypto (strategically or economically).
Or government do not really care. If it is officially discouraged/illegal: it also means that officials are happy to take bribes.
Yeah. It's also very likely that in some cases only the local government benefits (bribes etc.) rather than necessarily the central/federal government.
I was just using the terminology of the person I replied too but your comment made me look into this topic further and I agree country would be a better word.
What is the legal mechanism for a unilateral world ban on use of a technology?
Closest thing to that I can think of is nuclear proliferation but you’d have to get countries to agree and play strong arm tactics. Possible I guess but not “easily”
> What is the legal mechanism for a unilateral world ban on use of a technology
Might makes right, aka USA foreign policy since its inception. US sanctions are applied for everyone - e.g. if the US sanctions Iran, a French company does business in Iran, the US fines them heavily. And considering the US market is more lucrative than the Iranian one, most companies would prefer to have the US one. For a recent-ish example, check BNP Paribas. The US has no legal right to forbid a French company with a US branch to not do business with another country from another branch besides when they say so. The same way they say so for crimes against humanity, or invading other countries.
So the US can absolutely ban cryptocurrencies on a global-ish scale.
I assume the idea is that a technology that, by definition, can only be used publicly faces a far different threat surface than nuclear proliferation.
A significantly powerful actor could exert sufficient force. Russia or the US threatening nuclear war over bitcoin would probably lead to a worldwide ban, although obviously the repercussions would be dramatic. More realistically, the US could state that any bank that does business with bitcoin isn't welcome to participate in the US economy. The US economy is big enough that such a threat might work. This is similar to how the embargoes against Iran worked, and why that Chinese executive is being extradited to the US from Canada.
In reality, if Bitcoin got the point of destabilization where the US felt the need to ban it, the effects would probably be widespread enough that the EU, Japan, the various Commonwealth countries would be convinced to take coordinated action.
Let's say I'm a bad actor in us. I hear about this event in China and I start to do the 2nd chain. You'll think that China region was doing that 25% but maybe they were only doing 1% and I did the other 24%.
They're is literally no way to know what really happen.
If you were running your own pool then people would likely be tracking your pool and know where you're located. But if you are keeping a low profile and participating in a variety of other pools, then you might go unnoticed. But still, the pool operators might track which IPs are submitting work, and geolocate them, and see which countries are dropping in their work submissions. If you had ran all your stuff through a Chinese VPN historically, then it would make sense. Although usually you want the lowest latency possible when mining to avoid losses due to submitting stale work. A VPN would probably hurt your profits a little.
Do you really think that 1s delay will influence any income... I really doubt it.
But considering that there is so much money at stake, an elaborate plan like this... It's possible. Actually it's not even that elaborate. You just need a vpn, and do the split based on news.
Yes latency does matter. It matters more the faster the block speed is, so for bitcoin it doesn't matter as much as for cryptocurrencies with a faster block speed. But here are some people talking about it:
Uhh, not for the coins themselves but certainly for the goods that were exchanged with them?
I mean if you did this IRL, the party providing the goods would just report them as stolen and the traditional legal system can be used to retrieve them. Have fun arguing in court that a 51% attack somehow means you get to keep the thing. This is no different from paying for the thing and stealing the money back IRL. The only thing crypto allows you to do is to distance yourself _physically_ (i.e. you don't actually have to break in and steal money), it means f*ck all _legally_. A similar existing situation analogous for 51% attacks is "paying for something with a personal check and later having it bounce".
In fact all major breaches of crypto today involve stealing the coins themselves, which as commenters below have mentioned, cannot be done with a 51% attack---you still don't have the private keys.
Yes it does. And if/when a large enough player finds it in their interest to mount such an attack, they might very well do it. See https://www.crypto51.app/ for a (somewhat outdated) price chart.
Remember the first law of cryptocurrency though: "in case of emergency, betray your core principles."
In the event of such an attack, the rest of the system (miners, developers) may be able to simply declare the "evil" side of the fork "untrue" and hardcode the other fork as true. The fact that this is exactly opposite to Bitcoin's stated goals is no problem at all. See e.g. Ethereum's response to the "DOA Attack" as an example.
No, it means that theoretically a 51% is possible but the levels of coordination required to do that and the ability of the bitcoin network to figure it out and ignore it are means that it is unlikely to be effective.
Plus, the model of BTC as “digital gold” is pretty resilient to 51% attacks: if you don’t touch your coins, no one can take them away from you. (A 51% attack can’t reassign coins.)
Of course, the price of BTC might tank in response to the news of a successful 51% attack, but it’ll probably bounce back just like every other event in BTC history.
> if you don’t touch your coins, no one can take them away from you. (A 51% attack can’t reassign coins.)
it can't generate new unsigned transactions but it can roll back the network to a state when someone else owned those coins. from a practical perspective there is no difference, you no longer have those coins.
"Rolling back" the network means successfully creating a new longest chain that forks off of an arbitrary old block.
The further back in time you to "rollback" to, the less probable it is for the 51% to successfully mine all those needed blocks to get up to par with the existing longest chain.
Realistically speaking, this sort of attack is highly improbable.
> The network nodes only accept the first version of a transaction they receive to incorporate into the block they're trying to generate. When you broadcast a transaction, if someone else broadcasts a double-spend at the same time, it's a race to propagate to the most nodes first. If one has a slight head start, it'll geometrically spread through the network faster and get most of the nodes.
> A rough back-of-the-envelope example:
1 0
4 1
16 4
64 16
80% 20%
> So if a double-spend has to wait even a second, it has a huge disadvantage.
I'm not sure anyone has put the infrastructure into place, though.
Oh, you're probably right. It seemed related because the further back an adversary wanted to roll back to, the more hash power they'd need to get ahead. But it's a different category.
I wonder if there has been an analysis of how much hash power you'd need relative to how many blocks in the past you'd want to roll back.
If you have 51% of the power, you can roll back everything if you spend enough time on it. If you have 30%, you have a 4% chance of being able to catch up from 10 blocks behind, even if you spend infinite time on that specific fork.
I'm curious, has anyone done any back of the envelope calculations on this?
Let's say the US Government started a side-chain starting at the very first transaction and has kept it within it's own firewall, and has been mining for years at optimal difficulty levels so that they have to put in the least amount of work. Which now that I think about it, would just be difficulty 1, and the only reason to go above difficulty 1 would be because you started after the original chain, and you would only up the difficulty right before you were going to release it to the public.
Could they at any moment open it up and everyone would move over to their chain since it is the longest, where suddenly the US Gov owns every single coin and there's never been a single transaction?
You'll need way more hash power for that. Remember if you have 51% hash power, you'll be able to do the 51% attack roughly half of the time.
To rollback the Bitcoin chain, you'll probably need 90-95% of the hashing rate to eclipse all other miners. That requires that the other 50% becomes 5%; or in other words you multiply your hash rate by 10. Which is not even remotely possible.
Couldn’t you retransmit the transaction to the nodes (assuming you had a copy of the old
blockchain) and assuming let’s say Kraken/Coinbase etc isn’t wanting to profit from the attack and already spent it to another address,
you can receive the funds “again”
> doesn't this effectively mean China can force a 51% attack by just strongarming the pools that operate there?
Yes, in theory. There's a coordination problem to get all the pools to do what you want, but if they (or anyone) could pull that off, then yes.
So then what happens?
If a single entity controls >50% of the hash power of the network, they could start finding blocks with arbitrary (invalid) transactions and adding them to the chain. The transactions they'd be able to insert are called 'double-spends', which is that wallet A sends its balance to wallet B, and then in the next block sends the same balance (magicked into existence) to some third wallet C.
All this can happen. The way the network is supposed to work though, miners don't just commit new blocks and call it a day, the 'full nodes' have to accept the blocks. The miners are more or less offering up solved blocks to the full nodes for their acceptance.
As a full node it's trivial to take a look at this double-spend from A->C and say 'nope this doesn't look like a valid block to me, try again'. At this point if enough full nodes do this, the 51% of 'bad' miners are just wasting their time, the true hashrate of the network is now 49% of what it was a moment ago, and the remaining 'good' miners will continue to find blocks. Business as usual.
It's a much harder problem to control >51% full nodes, mostly because they're more geographically distributed. This is because they're pretty simple to set up at home and run, without worrying about up front cost of miners, electricity and noise and so on. A bitcoin full node can run on a raspi with a 1tb external hard drive, and a normal consumer internet connection.
Another interesting tidbit is that with control of 51% of the miners, this still only means a malicious actor finds a block first 51% of the time... to get the 6 blocks usually required for confirmation (in a row) is a ~3% chance. Not a perfect safeguard, but just some perspective on how hard it is to execute an attack like this.
The idea is that the miners are beholden to the full nodes, who are the actual actors in the distributed consensus system.
There's some other game theory around why one would want to do obvious double spends after having that much control (why not just sell the bitcoin and take profits?). But there are definitely reasons a state actor would want to try to destroy the network.
inserting invalid transactions is not the double spend issue.
If their hash rate is over 50% they can "unconfirm" a confirmed transaction by making a chain with more work on it. This is how the attack plays out in simplified form:
Bitcoin is sent to an exchange by the attacker, confirmed, sold and withdrawn for cash. Attacker then makes a chain with more work on it than the chain where the Bitcoin was sent to the exchange. Now as far as Bitcoin network is concerned, the coins were never sent to the exchange, but the exchange already let the user sell the Bitcoin and cash out. So now the exchange has neither the cash or the Bitcoin. The attacker has both.
> Yes, in theory. There's a coordination problem to get all the pools to do what you want, but if they (or anyone) could pull that off, then yes.
A strongly worded memo from Xi should sort that out, unless of course they want to switch from mining coins to mining minerals. They're in the right region already.
I'm not sure about that. Most miner operations in the US run only a fraction of the day to take advantage of electrical savings that a lot of operations in China wouldn't be doing. So if miners started returning higher yields we would output a larger hash rate. If we actually needed to protect against a 51% attack we could ramp up accordingly.
The difficulty adjustment only happens every 2016 blocks (~2 weeks), so the higher yields wouldn't happen unless they're down for an extended period of time.
That statement was to show why there is room to increase hash rate and not how you'd defend against a 51% attack. Most of the miners in the US are not mining for a significant portion of the day.
It depends on how long ago the previous retarget is and the current hashrate. The retarget is based on blocks, so if the retarget was 1008 blocks ago, but hashrate dropped by 50%, then it'll take 2 weeks until the next retarget.
I've been wondering about possible subtle benefits hashrate dominance could bring other than double spending. I'd be surprised if there wasn't some way to benefit nicely from being able to load the dice of which transactions are committed and which have to wait for some minority miner to win the race? Certainly nothing on the scale that it would pay for the hashrate by itself, but that's already covered by regular fees and reward.
yeah, well more specifically they could force a preferred fork to assume the "Bitcoin" ticker (BTC) by denying power to chinese miners on the disfavored fork. exchanges and miners, rather than the developers, ultimately determine this, as there's no in-band way to control what ticker is used for trading what token.
That's not how it works. In the event of a hard-fork, when the two forks adopt different rules about what blocks are valid, the actual users of BTC still decide which rules to follow. If a miner produces blocks that are invalid according to the rules that are adopted, the blocks that it produces are just disregarded. Thus, the hash rate competition between miners is only within each fork.
If you are talking about denial-of-service by producing empty blocks or blocks that exclude certain addresses, that's another matter...
That was tried a few years ago with the segwit2x fork. A group of miners comprising 82% of the hashpower got together and agreed to activate the segwit2x fork. Despite having a overwhelming majority of the hashpower the fork was never happened due to lack of community consensus.
the consensus vote to activate sw2x on existing BTC network was an in-band mechanism, and set to some super impossible threshold like 95 or 99% to activate a protocol change.
this is a different situation, where an out of band entity can selectively shut off a significant fraction of hashpower, and unlike the weedy obscurity of an architectural spat between largely unknown (by the mainstream) such a move would (indeed, will) make major waves in mainstream Joe Pension Fund/ Number Go Up news, who will not be familiar with nor interested in the technical arguments for the fork that is being actively suppressed. there's no weeks-long debate window here.
the stakes are very different now than in the Jihan boogeyman days, you can't handwave away this critical risk to stability or spin it as technical trivia of no concern to non-specialists.
>the consensus vote to activate sw2x on existing BTC network was an in-band mechanism, and set to some super impossible threshold like 95 or 99% to activate a fork.
> such a move would (indeed, will) make major waves in mainstream Joe Pension Fund/ Number Go Up news, who will not be familiar with nor interested in the technical arguments for the fork that is being actively suppressed. there's no weeks-long debate window here.
Fair point, given how the markets reacted to this drop in hashrate.
> Fair point, given how the markets reacted to this drop in hashrate.
What makes you think the market reacted to the drop in hash rate? A 20% move is pretty typical in crypto. IMO this is more likely due to Bitcoin not having moved in price in almost 2 months (it's below its 2/18 price now, by a lot). People moved their get-rich-quick energy over to Doge. And once that sputtered out, they tried to cash out.
Tether by the way, had its two biggest outflow days ever on Thursday and Friday (200 and 300M respectively via the Kraken USDT:USD pair). If Tether is actually just backed by crypto and hope as we suspect, they'd have had to sell crypto to refill their depleted cash reserves. To be clear this is pure speculation.
Another possibility is the market is reacting to all the Coinbase executives dumping massive quantities of equity on retail bag holders, signaling a potential top.
Since all cryptos are dumping, primary and alt, it's probably a more systemic issue.
> Their SegWit code, defined by BIP141, activates if 95 percent of hash power within a single difficulty period of about two weeks signals readiness before November 15th.
> the National Mine Safety Supervision Bureau has reported three recent coal mine accidents, including an April 10 “water penetration accident” in Xinjiang that caused 21 people to be trapped.
> Significantly, the Xinjiang and Sichuan regions of China combined account for more than 50 percent of the overall Bitcoin mining hash rate
This is horrific on so many levels, I’m not even sure where to begin. My heart goes out for those poor miners slaving away for... what?
I don’t know why you’re being downvoted. Coal and nuclear are fairly interchangeable. Since nuclear was shut down and some coal remains, it’s fairly clear Germany chose coal over nuclear for the medium term.
I'm guessing because it's an impossible counterfactual to suggest that an advanced industrial country could fully replace/de-carbonize 70% of their electricity production in the time span under discussion. Suggesting impossible counterfactuals doesn't advance the discussion in any way.
And Germany did not "chose coal over nuclear". While they have reduced nuclear production by about 30 TWh in the last 7 years, they have slashed coal-based electricity production by far more - 140 TWh - in the same period.
And it's not like Germany is bucking some trend with respect to nuclear - nuclear has been in decline globally since its peak in the mid 1980s.
Both nuclear and coal are shrinking since ~ 2000 and both sources of energy have been replaced by renewables since then. Currently ~40% of power produced in Germany comes from renewables. Wind energy has become #1 source of power from 0 twenty years ago.
Germany mix is still very dirty compared to some neighbors[0], it’s a fact that they chose politics over CO2 reduction (choosing to close all nuclear power plants overnight as a reaction to fukushima when the renewable capacity was not there and rely on coal until 2038). Wether you are pro nuclear or not it’s an environmental catastrophe.
> it’s a fact that they chose politics over CO2 reduction
True but the timeline is:
2002 - Ban of construction of new nuclear reactors and limitations on the normal operating life of existing reactors to 32 years. Last shutdown ~ 2021.
2010 - Government wants to increase the limit of some newer reactors to ~2030-2035.
2011 - Fukushima. 77% of Germans are against a increase of the operating life of the remaining reactors, 48% want all turned off immediately. Government (in a election year) goes with the opinion of a vast majority of Germans.
So the current exit was planned since 1990-2000. Municipal power plants have planned for increase in demand and invested billions. The need for renewables increases spending & investment enormously (after our wise government killed of solar in the early aughts and handed technological leadership to China).
With this years election the Green party will probably be the second most powerful party in Germany. A party that was founded with the goal to end German reliance on nuclear power and bombs.
Ah Sweet, the old “exportweltmeister” scam never seems to get old.
Germany is exporting so much energy because (and only because) without the base load provided by conventional power plants it’s energy grid routinely is on the brink of collapse, whenever there are weather based shifts in renewable energy production.
This causes the electricity price to routinely go negative because our neighboring countries don’t want to have it either.
What a failure. And what a failure that people still fall for that exportweltmeister lie
Do you have a source for your claims? I mean its obvious that renewables are dependent on the weather, but that's no issue since a neighbour can always produce & Germany is building up power storage capacity. Including a fat line to Norway where Germany sends wind power and receives renewables power when there is a need.
Additional the German power grid is super stable, black- or brownouts simply don't happen.
> This causes the electricity price to routinely go negative because our neighboring countries don’t want to have it either.
This has and probably will always happen. For example Aluminum smelters are getting paid to burn electricity almost since the beginning of the industrialization, otherwise this industry wouldn't exist.
> What a failure. And what a failure that people still fall for that exportweltmeister lie
So building up massive renewable capacity while starting to sell more and more of it is a failure to you? Either your expectations are crazy high or very low...
And, while yes, the prices tend to spike into negativity for short periods, that's actually pretty normal to happen for countries which partake in the Synchronous grid of Continental Europe then and now.
The base issue, or at least a bigger part of that then wind/solar is, of that is actually coal. A coal plant needs tens of hours, up to days to shut-down; and then another few days to start up again - and such starts-stops are quite taxing on the plant; it can only survive a dozen of those before requiring major maintenance to happen.
Wind can actually be turned off quite dynamically (rotate the blade such that the angle of attack for the wind goes down to zero), not milliseconds, but a few seconds to minutes.
For the reverse you need storage, things like batteries or hydro (pumped storage) can and are used for that already.
Using terms like "Exportweltmeister" (export champion) in context of the European energy market is just rather non-sense, Germans energy politic is far from perfect, but it was never trimmed for export.
This is why you build continent-sized electric grids. It’s always sunny somewhere.
Making a nation-sized renewable-based electric grid is very hard to stabilize, because you’re not working at the right scale. It’s the same with other large infrastructure like freeways: they’re only worth the investment if you connect vast areas.
There's always something. Did you know that nuclear-power producing France comes close to crashing the grid basically every other winter? See eg https://www.cre.fr/Actualites/RTE-fait-appel-aux-industriels... for the announcement from 2019, but I remember reading articles about this at least as early as 2012.
This is because a lot of French households use electrical heating (because it was encouraged by the government to use the huge sovereign electrical capacity), so cold put a huge stress on the grid. This is not related to nuclear power per se.
It's not entirely unrelated: Nuclear plants make bad peakers, and I suspect the older plants probably also aren't too good at load-following. The French also not only get into trouble when demand is high in winter, but also when it's too hot ín the summer because they don't want to boil their rivers...
No. Literally Germany's coal is specifically because its their own coal, a natural resource within their own borders they control. For national security, they maintain a coal capacity. Germany's coal burning is national security, nothing to do with environmentalists.
Arguments about Germany's energy independence would be far more compelling if they were not, for example, currently building giant pipelines to import Russian natural gas.
That's mostly for heating, though. Heat pumps are being increasingly used in new homes but nearly all homes older than 10 years are using gas or oil furnaces. Electricity prices are also very high, amongst the highest in the world, so heat pumps aren't as cheap to run as in other countries. It's definitely a problem that needs to be fixed, potentially within the next 30 years because that's the timeframe where the law requires old furnaces to be replaced.
They literally break down cute little towns and pay them pennies to relocate to increase the coal mining holes. Germany really is somewhat strange in this
What kind of sovereignty do you have if a powerful neighbour can put your people to freeze in the winter by cutting your energy supplies, forcing you to accept their conditions? National security is more than weapons.
Nuclear reactors are very much hardened against such attacks, and of course, those were both very different situations. No need to spread FUD about the safest form of electricity in the entire world in terms of deaths per TWh. [1] It's also roughly zero carbon.
You know the worst nuclear accident, Chernobyl, killed 4000 people in the full course of time - and we've learned a ton since then. Fukushima killed 1 person.
On the other hand the worst hydro accident, Banqiao Dam, killed 200,000 people instantly. [2] Such an outlier it's frequently excluded from all analyses on hydro safety. No such luck for the Soviets though.
Chernobyl shortened the life of a few thousand people, maybe - the estimate keeps dropping - over a 35 year time period. A few dozen were killed quickly. The rest are estimates of deaths based on increased cancer occurrences.
The reason for making the distinction here, is that while some certainly can be reasonably said to have been killed by Chernobyl, and the 4k number may well be reasonable, that number is an estimate based on possible effects on cancer rates over 35 years that have kept being adjusted down as the early high predicted cancer deaths didn't happen. E.g. there was a spike in childhood leukemia, but the death rate was extremely low. Not all of those projected deaths have even happened yet, and then represent often tiny reduction in the total life expectancy for people exposed 35 years ago and counting.
Notably, given the discussion here, coal does exactly the same thing - it keeps persistently, slowly affecting the life expectancy of everyone, only new particulates released keep being released year after year. And incidentally also includes uranium dust. Yet it's a lot easier to ignore those deaths because there's no single specific event for people to link them to.
Yep, agreed - and in particular, my understanding from the USCEAR report [1] is the majority of the cancers expected were thyroid cancer. That's the one, if you have to get cancer, you hope to get since it's over 99% curable. I went with 4000 (per UNSCEAR) because it's an up-hill battle to get folks to even hear you out if you suggest even that.
It's worth emphasizing the point that coal plants produce large quantities of radioactive waste dispersed over a wide area. Nuclear reactors simply do not do this. Coal ash is more radioactive than nuclear waste [2].
Who do you imagine would like to attack Germany with bunker piercing missiles but don't have their own radioactive material?
Even just a dirty bomb would have far greater damage potential than slightly increasing cancer rates for the next several decades by replicating something like Chernobyl.
Modern reactors simply can’t fail catastrophically. The concrete hull can easily withstand two airplanes falling on them, and if one were to cut totally throw the inner loop circulating water, the reaction would just stop instantly (because the highly pressurized water would escape, and it is the moderator)
There are a few steps in between, but if the chain of events really is: coal mine accidents > coal shortage > power blackouts > drop in bitcoin mining, then the end result is effectively they were indeed slaving away for bitcoin.
I think you got cause and effect reversed. The correct chain of events is: coal miners slave away to produce coal, which is generally burned to produce heat. Part of that heat is used to run turbines to electric generators[1], and part of the generated electricity is used for bitcoin mining. Does this mean they're slaving away for bitcoin mining? I guess, but only partially. Saying they're slaving away for bitcoin mining is as correct as saying they're slaving away for steel smelting.
[1] there are other uses, like for cooking or for heating a house
I guess we should think about what percent of the power was used for bitcoin mining. If only 1% was used for bitcoin mining that it's pretty hard to say that bitcoin mining was the cause.
Bitcoin mining consumes about 0.6% of global electricity consumption [0]. According to TFA, global mining dropped by 50% from the issues above, so 0.3% of global electricity consumption is in China. China in total produced 5920 TWh in 2016 (last year I could easily get data [1]), out of a global total of 21877 TWh in that same year [2]. China's been growing faster than global trends, but that means that in 2016 they generated ~27% of global electricity (5920/21877). That means your ballpark of about 1% of China's power generation being used on bitcoin (0.3%/27%) is pretty spot on.
> Without the bitcoin driven demand, there would be less pressure to mine faster than feasible and fewer accidents.
I don't buy that demand has suddenly exceeded the operators capacity, forcing them to trades safety for production. I would assume the pressure is constant and trading safety for production is done for profit.
So in effect:
Without the bitcoin driven demand, there would be less miners leading to less accidents.
The Chinese text in this screenshot basically says:
"Some ISP datacenters were required to shut down and prepare for inspection. Others, because of the local government for 'reducing risk', they want to avoid the spotlight, so they shut down themselves. And then wait until inspection team from central government[1] leave, after that they restart"
That "Some ISP datacenters" in the first sentence were shut down because they do hosting for Bitcoin mining.
If you don't trust me, here are the copy-pastable replication of the original text. It is not very machine-translatable because it is spoken Chinese gone through WeChat's speech-to-text. Verify with someone you trust who can understand Chinese.
I can understand Chinese alright. The other screenshot of some "AICoin news" says "big data data centers" are almost all shut down for a week; are Bitcoin mining operations in any sense "big data"? Also, the quote you use simply isn't clear about whether the inspections are Bitcoin mining-related. It is also consistent with all data centers connected to the power grid in the affected counties being shut down, although of course there's the possibility that all data centers in the region are Bitcoin mining operations, so in that case it would be distinction without a difference.
Doesn't bitcoin mining run on cheap surplus electricity? If they shut down the coal mines the power generation will eventually be impacted. They likely want to shut down bitcoin mining before impacting supply to other users, as bitcoin miners operate in the grey area.
Transaction cost isn’t determined by hash rate. The difficulty adjusts to the hash rate such that a block is mined every X minutes. Because the block size is fixed, transaction fees are determined by the market for being included in a block, so the more transactions the higher the fees.
An alternative to Bitcoin’s fixed size is Monero’s adaptive block sizing. Monero blocks expand to fit more transactions, resulting in lower fees and higher throughput.
The difficulty doesn't magically adjust right away.
It adjusts after two weeks on 10 minute blocks.
When the has rate drops suddenly as it just did, the block rate drops and the transaction capacity drops with it. The time to adjust also stretches out since it is based on a number of blocks and not on absolute time. If hash rate drops 50%, then the transaction capacity drops 50% and the time to adjust extends to about three weeks instead of two.
An alternative is anything else but bitcoin and ethereum. Those are the only two with high transaction costs. Bitcoin cash, monero, dogecoin, litecoin and whatever else are still viable, although when dogecoin shot up the transactions started to cost 50 cents to $1 USD.
Changes in hash rate (volatility) are linked to transaction cost for reasons I explained in detail in a reply to the other person who said the same thing.
Hash rates dropping suddenly means transaction throughput drops suddenly, which makes transaction costs go up. That is the dynamic and that is exactly what happened.
Indeed, though it's a nice flex/wink to show their current CCP controlled Bitcoin mining capacity; Peter Thiel's stated dislike of Bitcoin is for exactly this reason, international security and integrity.
Bitcoin is meaningfully decentralized because miners alone do not decide the fate of Bitcoin - there are also users, businesses, and developers as major actros. The 51%++ actor cannot kill Bitcoin, only cause inconvenience. The worst that could happen is a successful DoS that would force a hard fork to another PoW algorithm.
PS1 The full nodes are actually very well decentralized.
PS2 The physical hash power is skewed towards China, which is not ideal, but it tends to decentralize to US, Canada and to lesser extent other countries. It is improving.
Modern financial markets are Ponzi schemes, and they are much larger than bitcoin.
How did you decide to compare the risk of nuclear holocaust to global warming? Anecdotally, I'd rather see temperatures rise over time and have a chance to adjust for it rather than die in a nuclear blast or issues immediately after.
People really have trouble understanding run-off events. You do realize that global temperature increase will not be linear? A slight increase in temperature melts ice that previously trapped plenty of CO2, which will increase the green house effect, increasing temperatures, and here is your feed back loop.
No. True decentralization requires proof of person. Proof of work, stake, capacity, etc. all make it possible for a single person to buy their way into higher voting power.
You are right... I think it might be unsolvable. Nothing stops two people from conspiring to vote in the same direction.
Either party A and B decide (off-network) to vote together, or party A pays party B to vote in the same direction. I don't see a way to solve the problem. Crypto is next-generation wealth redistribution technology, but it is likely that "true decentralization" is a utopia. At the end of the day, people are gonna listen to their family and friends before anyone else, hence vote polarization and pockets of centralization.
Even if you're bearish on the dollar, owning assets is still reasonable, and most millionaires don't just hold cash. Real estate (foreign and domestic) and equities have done will since the 70's.
The other difference is Bitcoin is less like a currency and more like baseball cards in how people are using it. It's already failed as a currency because its price is too unstable.
Systemic risks in Bitcoin do exist but primarily around fungibility and privacy.
Risks strictly related to PoW, hashrate volatiliy, or "51% attacks" are not existential by any means. We do know how to mitigate them and multiple examples exist how altcoins managed to survive such attacks.
Can some explain what's happening better than I understand bitcoin? Wouldn't the idea that there is less miners be a positive for the price point? Supply and Demand? I mean if you have market of frozen orange juice, and they announce dry season will produce LESS juice, the price will skyrocket. So wouldn't less miners for something like Bitcoin with hard set limit of coins, be a positive for its price?
The production rate of BTC does not depend on the number of miners as long as there's one miner (with zero miners no BTC is produced). A block is produced every 10 minutes by a computer that produces the smallest hash for a randomly arranged set of inputs (transactions and previous block's hash). This lowest hash serves as an identifier for that block and all input transactions are recorded on the new block with that hash and appended/linked in the chain. Currently, each mined block is associated with a miner reward of 6.25 BTC (I think) that's given to the computer which produced the lowest hash. It doesn't change if there are more/less miners in the network. So, there's no "dry season" just because the mining rate cut in half. There's just less energy being spent competing to generate the lowest hash and get block rewards. So, all the miners not running are failing to potentially earn money and the system is, theoretically, less decentralized, now.
I know it’s a flawed analogy, but considering the influence China has on Bitcoin, on some level buying into Bitcoin seems not unlike shorting the US dollar.
If you live in the US, your real estate is in the US, your salary is in US dollars, and your pension is in US stocks, you are already pretty deep in long US dollar. Might as well diversify your egg basket a bit, just from financial risk management perspective.
You’re getting downvotes, but I think (correct me if I’m wrong) you meant something like the hash difficulty will adjust down if this is an extended downtime. So we would have fewer miners, easier hash difficulty and the same block rate. This would indeed be better for the environment, at least for the short term. This and the reduction in centralization could be argued as being “good” for Bitcoin.
It hurts short term. This means the fees for Bitcoin transactions increase.
If not by the old mining power coming back online, it will be solved either by the next difficulty change, after which the Bitcoin network will again operate at full speed but using less energy, or by market powers if there are miners standing by due to not being profitable, which they now may be due to fewer miners to share the rewards with.
Fork BTC to Pure Proof of Stake consensus. Balances mapped 1:1. No Environmental problems, no scalability problems, no latency problems. It's not a question of if this fork happens, but when.
frustrating that the ongoing use of bitcoin is never going to require less power. transactions take ages because of how much work is required to update the chain.
when the imaginary currency goes away, maybe we can move onto something more efficient like giant rocks with holes drilled in them?
But the network is still operating despite government intervention? If the government sent Men With Guns to SWIFT headquarters then it will be actually down.
Kinda far stretched for a decentralized curreny to call it controlled by someone. Everbody of us can see themselfs that there hasnt been a 51% attack next to many reasons why we likely wont see one with BTC
[1] https://news.ycombinator.com/item?id=26828479