A few questions re: why "Ethereum is not going further than quadratic [sharding]."

The first reason given: there's a minimum number of nodes required for shard for safety guarantees. So, a couple hundred shards, each with 1000 users seems like a limit. But I wonder: 10 years from now, if the blockchain (maybe pipe?) dreams succeed, then why do we expect 1000 * 500 = 5M nodes? This seems like it's quite small.

Especially if running a node on a phone ever becomes reasonable, or at least participating in the data availability process is possible here, then why would we not go further?

The second reason for non-super-quadratic sharding is data permanence. But here, couldn't we design different shards with different appetites for data permanence. Sure, NFTs currently are forever, but I can think of many applications where users do not give a damn about data permanence, and even some applications where users would prefer if data was just forgotten about.

In which case, what's stopping us from saying "these shards, we save. The other ones, who cares about." We would want users to opt into such guarantees, of course, but it seems reasonably possible.

Of course, let's get a good sharded blockchain before we optimize for more.

I'm excited to see how sharding research continues to involve and drives the cost per TX (economic and environmental) down. Consider me a cheerleader rooting for you all!

For the second, if you don't care about data permanence, it's relatively easy to put the data on a second layer. Just host the data there and put merkle roots on the blockchain for consensus. If you want to verify state transitions on chain you can do that too, e.g. with zksnarks.

I'm talking about being paid crypto for hosting a tor node, and charged crypto for using a tor node. Using privacy technologies like ring signatures of course.

But privacy is indeed a big challenge since we're talking about Tor.

Really? He has consistently argued for on-chain scaling and for people to not validate the blockchain state much like Elon Musk, with his seemingly 101-level understanding of blockchains. This post is a strange 180 from Vitalik's usual "do the opposite of Bitcoin because that is good marketing".

Now Vitalik is aware of the importance of running a full node and validating the blockchain state, and how blockchains can't scale, and how keeping blockchain bloat limited to allow easy verification is important? I'm convinced Vitalik has been replaced by some Bizzarro version of himself because of how astonishing this 180 is.

It took creating an entirely new separate altcoin, complete with massive premine for himself, and the greater part of a decade, to finally realize Bitcoiners were right all along.

Such a strange mountain man fantasy!

"Now I personally can see that it’s not axiomatically true that doing nothing is safest, especially in the context of a changing environment (for example I continue to believe that Bitcoin’s failure to raise its blocksize by a significant amount in 2016–17 was a travesty and a great violation of many people’s expectations of the protocol, and one that led to more total losses due to excess txfees than the amount lost in the MtGox hack), but this is the argument that you need to be arguing against."[1]

[1] 12/26/2018 https://medium.com/@VitalikButerin/he-imagines-a-world-in-wh...

"An important property of a blockchain that users really value is permanence. A digital asset stored on a server will stop existing in 10 years when the company goes bankrupt or loses interest in maintaining that ecosystem. An NFT on Ethereum, on the other hand, is forever."

This is wrong 2 times.

First, there is no general requirement of permanent storage. Its not important at all. It solely depend on the use case. Thats why it is very much inefficient to use a DLT with that property to move value (btc/eth etc.). I dont care how my coins was moved 10 years ago. The only storage that is relevant for me, now, for value transfer is the current undisputed state (aka the balances). Sure the Tx history has use cases and people who need them should store them but making that a technical requirement is only going to degrade performance and drive up Tx cost.

BTW cash does not have a recorded Tx history who thought "p2p cash" should? Its only because of the way BTC works (chain of all Tx) that this "believe" became common. Its technically not needed at all. There is absolutely no reason to recreate the whole chain to come to the current state. You either use the current state or you cant participate. If you would find an error in the chain whatcha gonna do about? Nothing. The current majority accepted state is all that matters. The "validation" is placebo it does nothing. And by running the exact same software as anyone else your validation would simply do the same error if there would be one.

Second, the "forever" is a blatant lie. There is no way to know. Its will exist for however long at least someone is willing to store it. Exactly the same is true if storing is optional. But without the downside of crippling the performance and impose cost on the people running the DLT. The cost for storage should be paid by the user of the storage. If I can impose cost on all participants of a decentral system for all eternity with a one time payment then the system is deeply flawed. The possibility for abuse can be limited by simply making it expensive at any given time. But this obviously reduces the usefulness of the whole system especially for value transfer. The idea of an internet of value is to make value move like data, dirt cheap and decentral so no one takes a cut.

The good news though is that you don't need permanent storage of history to be supported by the base protocol itself. Consensus nodes don't need to know about history to verify the current chain. There are plenty of other mechanisms for storing historical data: bittorrent, centralized archives, Filecoin-style networks, etc etc. You just need the blockchain's throughput to be not _too_ high, so that it's actually possible for these protocols to store what comes out.

Definitely nothing is permanent, but you can get pretty close to "permanent unless civilization collapses", and that's much better than "data could drop at any time if a few people just forget"!

Let's be honest here and acknowledge that we're talking about "permanent unless your particular fork of one particular blockchain collapses". There's a vast chasm between that and all of civilization.

So a (at-one-point reasonably popular) blockchain or protocol forking or falling out of use won't actually result in that data being lost to time. You'd probably need a major worldwide catastrophe for there to be a significant risk of that.

You will have no way to tell if this data came from the legitimate Ethereum blockchain that was in use in 2021, a forked chain, or even a completely fake one which has zero blocks in common with the real one.

The authenticity guarantee in blockchains doesn't come from cryptographic schemes, it comes from the network agreeing on some shared truth. If the network is no more, you have no way to tell the truth.

If no one uses it anymore or if it's so little-used that it's schismed into tons of other chains over the years, I think you can still probably obtain the original data you're looking for, but it'll take more effort to verify its authenticity.

Especially if the data you're looking for occurred at a time when the network was healthy and intact (like 2020), all you need to do in 2040 is find a block number and corresponding root hash that existed in 2020. I think these'll likely be possible to find even if the network's dead, and you can compare them against several different sources to increase confidence that they're not fake. Then as you scour the internet and download different published blockchain copies, you can truncate it back to that block number and compare the hash.

It's possible your search will be futile and you'll be unable to find a trustworthy record of block numbers and root hashes or that you'll be unable to find a verified 2020 blockchain, but I think your odds will be pretty good if the internet hasn't collapsed. Either way, as Vitalik pointed out, the odds are way higher you'll be able to find that compared to some data you entered into some SaaS in 2020.

And how do you know the network you're joining is actually the original ethereum network and a completely different blockchain?

Like every peer to peer network in existence, an Ethereum node needs to connect to a reliable first node (a “tracker” in the bittorrent protocol, idk what's the name in the ethereum world). If they are down, you're on your own to join the network, and you have little guarantee that the network you're joining is working on the original ethereum blockchain.

In fact, after the ethereum foundation is gone, what guarantee do you have that you are running an actual ethereum node and not something running a modified protocol?

The "if you join the network" is contingent on the network still being active and widely used; presumably with the Ethereum Foundation or some successor also still being active. I may not've made that fully clear in the first paragraph.

If that were the case, you could ask the same question right now. And the answer is that they publish an official client you can download and should be able to trust. This would be the case in 2040 if the network is still active and the foundation still exists.

If the foundation is gone and the network is mostly dead, then it'd indeed be much harder or perhaps impossible. The second part of my answer covers that scenario:

>If no one uses it anymore or if it's so little-used that it's schismed into tons of other chains over the years, I think you can still probably obtain the original data you're looking for, but it'll take more effort to verify its authenticity.

>Especially if the data you're looking for occurred at a time when the network was healthy and intact (like 2020), all you need to do in 2040 is find a block number and corresponding root hash that existed in 2020. I think these'll likely be possible to find even if the network's dead, and you can compare them against several different sources to increase confidence that they're not fake. Then as you scour the internet and download different published blockchain copies, you can truncate it back to that block number and compare the hash.

>It's possible your search will be futile and you'll be unable to find a trustworthy record of block numbers and root hashes or that you'll be unable to find a verified 2020 blockchain, but I think your odds will be pretty good if the internet hasn't collapsed. Either way, as Vitalik pointed out, the odds are way higher you'll be able to find that compared to some data you entered into some SaaS in 2020.

For Ethereum 2.0 I believe it's something about asking a friend?

Mimblewimble[0] is one interesting solution to this. Unfortunately, the requirement in current implementations (such as Grin) that both wallets be online to complete a transaction, eliminates some valuable types of transaction, such as sending coin to a cold wallet.

I do think for a 'world computer' like Ethereum, being able to ignore a substantial amount of old state is going to be critical for long-term use.

I also think that "blatant lie" is unnecessarily harsh. A blockchain is aspirationally forever, and it is a massively replicated data structure: it's certainly durable, and I would expect it to last a long time relative to, say, a random torrent.

This is my major concern with the direction Ethereum is going, which I could caricature as "scale up massively and keep everything forever": it becomes so expensive to keep copies of all data, that only large institutional players will bother, and not many of them. This makes blockchain integrity a "take my word for it" kind of thing, and the whole system is only as durable as the increasingly-enormous data centers which hold all that information.

[0]: https://scalingbitcoin.org/papers/mimblewimble.txt

That is exactly what Ethereum's direction has been for years now. It is centralized on Amazon AWS via Infura's nodes (which they charge access to, mind you). It's not a world computer. It's EC2 with additional complexity (and fees).

The delegation of node operation to third party services is done more for convenience/up-time guarantees than any node operation cost considerations, and Ethereum would be fine if these third party services were all coopted or forced to shut down, because again, Ethereum's consensus protocol has zero dependencies on them.

https://hackmd.io/@vbuterin/state_expiry_paths

But you conclude with your worry that there are real costs, and zero pitch decks or white papers I've seen include arguably the most important competitive factor: cost of "how people do it now" vs. cost doing it "this new way;" and in-person, real life networks of trust networks has been how we've become as successful as we have as a society - and so works quite well - and doesn't inherently lineup with "trustless" propaganda of these popular blockchains; if blockchain is a valuable tool, say for legal institutions, they could create their own and run it themselves under agreement.

Regarding storage, you argument that transactions shouldn't matter, since the important thing is the state. But then we're back to the fundamental problem. Why should we trust a state created from thin air that has no proof of how it was created? That's just a distributed database, which has is uses, but it's not a distributed blockchain.

I talk about the "current and undisputed or better indisputable (final) state". Bitcoin does not have this. Hence it can not function without history. This is a property of BTC not one of blockchains in general.

Plenty other systems have a current state and a final state and there is no "better state" that can comer around and replace it. Final really means final. Its often called a closed ledger. Other systems have checkpoints and what not to reach a similar goal.

BTCs "final" is just to wait some blocks its never final its just becomes incredibly unlikely to change the longer you wait. This is objectively worse than having a final state and on top of that it requires the history rather than just the last final state.

>Why should we trust a state created from thin air that has no proof of how it was created? That's just a distributed database, which has is uses, but it's not a distributed blockchain.

You have no choice. Either you agree with the current final state or you dont use the blockchain. Your choice is to use it or not. You choice is not to validate or not or validate and fix something if its wrong.

The act of validating doesn't do anything. No matter what your validating gives you in the end you can only accept the current final state of the running network or not use it at all.

Also its not created out of thin air. It was validated by the code. If there is a mistake it is there because of the code people used back when it happened. If you were there running your node it would have made the same mistake. whats the point to find it now? (beside the fact that it was already found and fixed) It doesn't change the state the state is final. Bugs happen. If you assume cheating however then well you should assume someone would have screamed back when it happens so you would already know that someone cheated somehow. Whats the point of validating it? you already know you dont want to use that chain. Zero reason to detect the cheating yourself.

We know pretty well from all incidents where blockchains had to be "fixed" there is no way someone would find an unknown incident by the placebo validation act.

I'm a bit of a blockchain noob, but isn't this the opposite of how blockchain works?

What I mean is, yes, you can design it the way you're saying, but doesn't that open you up to double-spend attacks and enforced centralization? You need a central ledger at that point, since your "final state" has to come from somewhere.

I'm confused but intrigued.

EDIT: Ah, https://news.ycombinator.com/item?id=27259783 points out the problems with this approach much more eloquently than I did.

This is only ever possible if there is no final state.

Also not sure why you would need centralization for what. Simplified a final state is when a majority declares it as final not a central entity does that. A double spend would have to include both transaction into the final sate which obviously would violate the systems rules. You cant move the same balance again when you already move it away. So that just wont happen because the code does not allow it. The second Tx is simply invalid just like if you would try to move more coins than you have.

If you want to read more about final consensus see https://xrpl.org/consensus-network.html There are ofc other project with similar concepts this is just the oldest.

Also majority in a decentral system is not that simple. It can be done with FBA (Federated Byzantine Agreement). If that's the case, then yes, account balances are simply agreed on and they call it a day (or technically its called a closed ledger). Then they add the next. Now ledger are blocks of data and the best way to order them is to chain them with hashes depending on the previous ledger (block). And we are back to "blockchain". Its still misleading the "magic" part isn't the chain of blocks. Its the fact that the double spending problem can be solves without an arbiter of truth.

>Just like WebMoney did circa 1998.

I dont know about the technical way this was implemented back then but most likely the system was operated by a single entity. There is some kind of master balance database and the all other sync with that. A double spending can be prevented by rules applies to the master DB. AKA a write-sync is denied if it violates the balance rules. This is easy to do centralizes and obviously who ever controls it can circumvent the rules if he wants to.

A majority of what? How do you know if you really have a majority or someone is faking a lot of identities and/or hiding a lot of real ones from you?

And if you later find out you had the wrong "majority" what do you do, if the state is final from your perspective?

>How do you know if you really have a majority or someone is faking a lot of identities and/or hiding a lot of real ones from you?

You decide in advance from which nodes you want to have a majority agreement. It doesn't matter how many are out there only the ones you listen to matter (for you). However if you choose 1000 nodes and 900 of them are offline then your node will halt because it can not reach a majority. In other words you are forced to listen to reliable nodes if you want to have a reliable node. Also if you listen to 10 but they are all owned by a single person. He can lie to your node. In other words you are forced to listen to nodes operated by different entities. In reality there are for example companies, universities, maybe states non-profit organizations etc. Anyone who wants to use it has aligned interest to not collude with others especially competing entities like 2 different banks or payment provider.

This leads to a core of nodes who mostly all listen to each other. If you want to know the final state without even running a node this would be it. You ask as man nodes as possible form that core of nodes. What the core or nodes made final is final.

Spinning up thousands of nodes dont matter. No one will listen to them. They can all listen to each-other then you essentially created a fork. No one cares, you can no affect what is final and you cant fool anyone unless the voluntary listen to your nodes.

>.... hiding a lot of real ones from you?

The node network is p2p with signed messages there is no hiding. There is relaying ofc so each messages can go the fastest way possible but due to privet/public key encryption there is no tampering possible. If a node would block traffic it just goes another way. If a node "disappears" its considered offline so it is ignored but only if the rest still reaches majority. If too many go offline the network halts until majority can be reached again.

>And if you later find out you had the wrong "majority" what do you do, if the state is final from your perspective?

There can not be a "wrong majority" unless you listen to the wrong network of nodes. If you intentionally dont listen to the current core of the network you basically choose to listen to another network aka a fork.

Its like if you listen to BCH instead of BTC you are free to do so.

https://xrpl.org/consensus-principles-and-rules.html#how-con...

You can have that type of finality with centralized protocols built on top of the Bitcoin blockchain — Lightning Network being the standout example.

N.B. this issue is nuanced in PoS due to the complete absence of a quantitative fork ranking protocol. The PoW blockchains pow1, pow2, pow3 can be algorithmically ranked according to cumulative hash difficulty unfakeable sans external input (electricity). High difficulty == high certainty. Conversely, the PoS blockchains pos1, pos2, pos3, cannot be compared sans external information/trust. All theoretical finality in PoS is based on trust in central authorities — this type of “finality” is similar to the finality you have in a particular OSS project’s Git history, insofar as the history is dictated by trusted authorities in all cases.

As many commentators have quipped historically, you can build centralized systems on top of decentralized ones, but the reverse isn’t true.

Whats the point? No one wants that beside that LN needs BTC on chain Tx which if you dont arbitrary define as final after some blocks makes it exactly the same - not final.

PoS/PoW is rather irrelevant. we already have solutions to make blocks/ledgers final its doesn't need PoW or PoS its just a properties that BTC doesn't have because it was designed without. There is no fundamental reason why it cant have it.

> PoS/PoW is rather irrelevant

It’s an incredibly relevant fact that PoS blockchains pos1, pos2, pos3 cannot be compared without overtly trusting central authorities to give you the “correct” answer. Conversely, the PoW blockchains pow1, pow2, and pow3 can be objectively ranked by cumulative hashrate using simple mathematical comparisons.

Contrary to popular belief — and despite the endless handwaiving PoS acolytes engage in over social media — PoS blockchains continue to lack a meaningful answer to this predicament which doesn’t boil down to overtly trusting central authorities. Which begs the question: why do they need a blockchain at all?

You can't create trustless electronic systems for humans. There is simply too much complexity in even the simplest hardware and software for any single person to be able to understand without trusting others. And this doesn't just apply to the 'unwashed masses', but to every single CS researcher, OS programmer or Linus Torvalds.

All other cryptos are a fantasy and cannot provide any comparable guarantees.

It happened multiple times that a longer change was discoed shortly after. So in reality you have to wait some blocks to reduce the risk of a longer chain to almost zero.

Also the trust you missed is that you have to TRUST that at least 50% of the work is produces and controlled (pool owner) by honest humans, because if not they could collude and re-org/double-spend. which essentially means you will pick the wrong chain because they make you think its the longest while secretly mining a longer chain that will eventually repalce the once you picked. There is absolutely no way you would know before its to late so you blindly trust that from an unknown number of people the majority is honest.

If you take mining pools into account you trust a hand full of people who control them.

>All other cryptos are a fantasy and cannot provide any comparable guarantees.

Obvious nonsense, other tech has defined finality. Not pick the longest and if a longer shows up later you switch. These systems provide MORE guarantees.

You're trusting an awful lot of assumptions much more complex than 'the longest chain is right'.

I have seen you make this point before on here but I don't see how that is true. Can you elaborate? Don't PoS chains typically choose forks based on how much is staked? Last time we discussed this you never explained what is wrong with that approach.

In PoW, external input to the system — electricity — powers hashrate. Electricity is altogether foreign to the context of cryptocurrency, and by necessitating the wasting of electricity on one fork over another, PoW consensus systems ensure miners can vote on only one side of a fork without bearing additional costs.

When the PoS chain ‘pos’ forks into pos1 and pos2, however, with both sides claiming to be the original ‘pos’, there is no hashrate to base our decision on. External inputs are never burned in any PoS chain’s forward progress.

If a Bitcoin v Bcash political fork were to unfold in a pure PoS context, the general public would be faced with a situation where both pos1 and pos2 chains were equally secure. If pos1 claimed to be the rightful heir to the ‘pos’ title while defensively slashing pos2 sympathizers, it wouldn’t harm pos2’s ability to make forward progress on the pos2 chain while pos2 also slashes pos1 sympathizers and equally claims to be the rightful heir to the ‘pos’ title.

It’s as if an OSS project forked with both forks claiming to be the real thing. If both sides are steadfast, it is ultimately up to the public to pick winners and losers based on nothing besides social signaling. See: 2015-2017 block size debate in Bitcoin for pitfalls to this.

Notice how no math is involved whatsoever in the decision to pick pos1 over pos2.

Notice how human intervention is inherently required to reach a decision as to which side of the pos1/pos2 split is given title to ‘pos’.

Pure PoS consensus is substantially similar to Git repos. If people are just going to trust a nebulous human hierarchy to resolve disputes like this, then the system is de facto permissioned, and a public blockchain isn’t required.

In either case, after a fork, sympathizers of chain A or chain B will start mining/staking on the chain they like.

In either case, members of the public who just want the chain with the most security can pick the one with the most energy burned or most coin-days staked (that's the "hash rate" equivalent/external input with which to base your decision on).

What is the difference? How is human intervention inherently required in the PoS case any more or less than it's required in the PoW case?

To use a real world example, Bitcoin PoW mining consumes in excess of 100 Terawatt hours of electricity per year. If Bitcoin were to undergo a repeat of 2016 today, and the Bcash blockchain were to be serviced by miners consuming less than 10% of the energy spend of the incumbent (Bitcoin), Bcash could be easily 51% attacked.

But in the PoS corollary to Bitcoin v Bcash, coin-days staked would have no bearing on Bcash’s ability to continue making forward progress. Just so long as it remained difficult to either disrupt 1/3 of Bcash validators or acquire 51% of it, Bcash would continue functioning perfectly well (see: Jude C. Nelson [1]). At that point the rightful heir to the Bitcoin title would have to be determined socially. It could not be determined without top-down human intervention.

[1]: https://news.ycombinator.com/item?id=26810619

How wouldn't it? The ongoing coin-days staked in that fork specifically is what allows it to continue making forward progress. Just like how in a PoW fork, the ongoing consumption of energy in that specific fork is what determines the security of that fork.

The argument you link in that other thread is interesting but it doesn't appear to be exactly what you are talking about. They seem to be describing an attack where nodes are taken offline by the attacker.

Coin-days staked has no bearing on a pure PoS chain’s risk of being 51% attacked, nor does it have any bearing on the risk 1/3 or more of its validators get disrupted. Not so with PoW hashrate: enormous hashrate imbalances between forked PoW chains directly translate into decreased data immutability per the risk of deep chain reorgs.

Those risks are simply not present in the PoS corollary.

All that matters is the valid history with the largest weight (longest chain rule in PoW). If an invalid branch somehow acquires more weight, it simply gets ignored (except by SPV clients in bitcoin, which trust others to validate). Exchanges/pools that accept an invalid branch are completely untrustworthy and should similarly be ignored.

No, that exactly the believe that comes from BTCs implementation and while it may be true for BTC its completely irrelevant for other systems.

Imagine there is a room full of people all have a paper with the exact same transactions in order on it. Now a new person joins and copies someones paper and then verifies all Tx. Ok, now he only has the chain for one person that's not enough he needs the chain form as much other people as possible to assure he has the longest. Its perfectly fine to ask the others to only tell him the hash of the whole thing to see if he has the same chain.

So why even copy the chain first he could just start asking for the hash of the whole thing and if they all have the same there is no point to copy the chain.

He just needs to copy the last state (balances) so he can add Tx as well. (BTC does not have accounts with balances so BTC does not have the concept of "only the last state" but instead of the whole chain only the ends of the tree can be used to reduce the size. but again this is ONLY relevant for BTC and BTC clones/forks its NOT a property of DLTs in general)

There is nothing stopping someone malicious from spinning up thousands of nodes that all say the current hash is Y (with transactions that break the rules of the blockchain) while the remaining minority of nodes say the hash is actually X (the original longest chain). It is only by calculating the hash yourself, based on the full transaction history, that your node can be satisfied that it is on the longest chain. _*After*_ you have confirmed that you have the valid chain, it is possible to prune all the history to just the balances and to only validate new blocks as they come in, but in the case of a fork or malicious actors, your node may end up out of sync.

There may be other ways of tackling this issue that I am not aware of, but this problem in particular is one of the fundamental problems that Blockchains / Bitcoin were designed to solve (consensus among peers that is not disrupted by hostile actors). I have yet to see a better solution for this particular problem.

[1] https://en.wikipedia.org/wiki/Sybil_attack

However, this is also "zero trust," because you can write a program to verify every tweet as it's tweeted, and run that on a server somewhere.

But, now that I've written this, I suppose Vitalik's "Limits to Blockchain Scalability" addresses this: even if it's theoretically possible to validate the hashes on a supercomputer somewhere, you want your users to be the ones doing this validation, because otherwise it would be possible to compromise the "zero trust" model described above by compromising one twitter account and N verification servers. When N is small, this might be a realistic concern, especially if the verification servers are continuously pulling code changes from a central source code repo.

The XRPL does this by broadcasting. Every node tells everyone what they think is right, therefore everyone can see who lies and more importantly no one can see who you listen too. Its hard to trick me if you dont even know whom I listen too. And you cant test it because once you lie to me you lie to everyone and that the last time anyone listened to you.

The "zero trust" thing is an illusion. All decentral systems trust that the majority of something does "the right thing".

Some system use the majority of hashpower other use other metrics and some lets you pick and include or exclude participants. BTC for example doesn't give you any options you simply trust that from 100% hashpower more than 50% is controlled by honest people. Its not zero trust its more like zero choice trust.

There's a difference between assuming a majority of relevant nodes are honest and relying on your ability to identify that majority.

Identifying the majority is however optional. BTC for example does not. You pick the longest chain you can find at a given time. You assume the majority saw the same as the longest. If a longer shows up you switch and again you assume the majority saw that too and switched swell.

Other systems like the XRPL dont assume, every node defines from whom they want a majority. If 99% of them made a Tx final then there is no way that at a later point in time this final state can be changed because 1% can not ever reach a majority. The only thing that could happen is that the network forks and different parts of the network reach majority on different states. This problem is solved by raising the majority needed to 80% rather than >50% and on top of that is is further reduced by intentionally overlapping the nodes who are defined by each node. Essentially you need many nodes who listen to each other both ways. So I choose your node to be part of my nodes that must reach majority and you list my node. If you have 10 nodes all listen to the other 9 and require that form the other 9 80% agree then there is no way the network can ever fork. No 2 different states could ever reach 80%, its just not possible.

Now these 10 nodes are publicly known so if you operate a node you have to pick from these nodes the one you want but you must make sure that your node can not reach a majority without them. So you could pick all 10 and then add for example 5 others. Your node can hen also not fork because the 5 alone can never reach an 80% majority. and so on and on. every new node must have ~80% overlap to prevent forking. And all of that is super simple because the nodes are public and use public key encryption to identify themself.

That's the main thing that Bitcoin solved, how to resolve this exact situation. You can't just ignore this problem and claim to have a similarly resilient design.

> This problem is solved by raising the majority needed to 80% rather than >50% and on top of that is is further reduced by intentionally overlapping the nodes who are defined by each node.

The first part just makes it slightly more expensive to do a sybil attack. The second part relies on someone deciding what the overlapping nodes are, now you have to trust them.

> If you have 10 nodes all listen to the other 9 and require that form the other 9 80% agree then there is no way the network can ever fork.

And now you have a network that can't grow beyond 10 nodes, and if more than 10 show up you need to somehow choose the ones that are honest. Or someone needs to decide which nodes get to be the "special 10".

> Now these 10 nodes are publicly known

And chosen by whom? Can you trust the entity that chooses them? Can you trust them not to be hacked and share malicious nodes instead?

It this supposed to be a joke? Twitter is the exact opposite of that.

> Then the threat model moves to "do we trust the person with the keys to this twitter account?"

> However, this is also "zero trust,"

Ok, it's a joke.

You can compare the effort it takes for history A vs History B. Now, unlike traditional 51% attacks you don’t just need hashing power that instant but instead for very long periods. As such you can compute a minimum history such that actual 51% attacks are significantly cheaper.

That might seem weaker, but Bitcoin’s trust is simply an economic argument. The actual consensus risk is from someone hacking a few nodes thus enabling a 51% attack at near zero cost.

BTW if you would have full control over any 4 XRPL validator nodes at your choice you could do absolutely nothing. No double spend, not even halt the network, nothing at all. You could turn them off and only a few nerds who constantly check the network would notice. User of the actual network would not.

Validator nodes aren’t the weak points. It’s as you say the mining pools themselves, internally they need to be coordinated and have access to the Bitcoin network so they can’t be air gapped. So while all major pools have solid network security as they’re major targets, it’s still an actual risk.

The perfect exist scam if you want. If china for example would actually put an ultimatum on chines miners to shut down. It could potentially make perfect financial sense to leave with a big boom and make as much money as possible before closing.

Its based on trusting that never more than 50% hashpower colludes You still trust its just no defined whom you trust. Its an illusion of no trust. Any decentral system can somehow be fooled if someone has a majority of "something". There is simply no way to prevent that. For BTC this is "something" is hashpower for other system like the XRPL it is the scarcity of mutual trust. But the quorum is actually 80%. And an attacker cannot know how much "mutual trust" his nodes have with others.

>There is nothing stopping someone malicious from spinning up thousands of nodes that all say the current hash is Y

Thats true but is irrelevant because the node decides whom it asks. And if it gets conflicting answers it would not accept a final state.

As the owner of a node you add a list of other nodes that should be asked. Lets say you have 20 nodes on that list the fact that someone spins up thousands of nodes doesn't mean anything. No one connects to them and if they do only to send data or receive data that can be validated like a signed Tx. The nodes have no power. Listing to a node is completely voluntary. Obviously people listen to nodes which are publicly known who operates them and therefore it also clear that they are not operated by the same entities. In reality such nodes are run by exchanges, companies that use the network and universities that do blockchain research. But anyone could its just up to you how you convince anyone to use yours. Maybe you can create one that almost everyone will use. maybe even two. But your army of thousand nameless nodes is never gonna be added by anyone. They are just listing and if they speak no on listens to them.

Also very important is the fact that a successful Sybil attack could not do much that's useful. Even if all the 20 nodes my node was told to listen to, declares a double spend as final, my node would not. You cant change the code I run and the code says the state is invalid. You created more tokens and that's not possible. It doesn't need to know the Tx that lead to this to know its wrong. The node would simply halt and all I have to do is remove the dishonest nodes from my list an add honest nodes and it keeps going. And the fact that a node lied is public so once an attack was attempted the node is "burned" no one will ever trust it again. In other words an immense amount of work and month and month more likely years of luring people into trusting all your nodes would give you the power to halt the network once (or more likely only a certain node) for an indefinite time (because it depend on human interaction) then all your work is toast. Assuming you would even manage to get enough nodes. You dont see who listens to your nodes so you fire blind and only have once shot.

>There may be other ways of tackling this issue that I am not aware of, but this problem in particular is one of the fundamental problems that Blockchains / Bitcoin were designed to solve (consensus among peers that is not disrupted by hostile actors). I have yet to see a better solution for this particular problem.

The fundamental problem it solved was the double-spending problem without an arbitrator of truth. But it is technically only partially solved because there is no final state.

However if you can reach decentral consensus over anything (a single bit) then the double spending problem isn't even a real problem anymore. If there are 2 conflicting transaction at the same time simply pick one that render the later one invalid because it attempts to move non-existing tokens[1].

Here is the doc about Sybil attacks on the XRPL https://xrpl.org/consensus-protections.html#sybil-attacks there is probably more technical stuff to read about it the official forum threads from 2013 or so.

[1] https://xrpl.org/consensus-principles-and-rules.html#the-dou...

Well if I control enough nodes I can send you fake hashes (51% attack).

The type of attack you are thinking of is called a Sybil Attack [1].

[1] https://en.wikipedia.org/wiki/Sybil_attack

> BTW cash does not have a recorded Tx history

Sorta... The central banks know every coin that has been created and notes that have been printed. When you fill in your Tax forms you are creating this Tx history manually.

Also basic properties like the total amount of tokens can be validated on the last state alone. You can assure no one added more tokens simply by summing all balances. You dont need any history data for that.

>Sorta... The central banks know every coin that has been created and notes that have been printed. When you fill in your Tax forms you are creating this Tx history manually.

Yeah no, you are moving and stretching the goal post to far here. Notes are unique but that's not a Tx history at all and neither is a Tax form.

I don't have anything to add, but this has always struck me as inelegant, especially for Ethereum, which is more of a dApp platform. Can someone point me towards something that can run dApps and maintain current state with distributed consensus _without_ a blockchain (or explain why this is an ignorant question)? Also, what's wrong with truncating the chain after X blocks?

I would say nothing. Truncating history isn't explicitly built into the protocol, but that's what most users do in practice. I believe Geth and Parity both prune old state by default. There are "achive" nodes that store all history, but they're in the minority.

Bitcoin Core also has options for pruning old state, and for disabling some validation of old history. Though, unfortunately, it will still download blocks from the genesis even if both options are enabled.

As part of your expected obligations of the network, you're asked to seed those blocks.

If you want really widespread distribution of full nodes, you need to make a consumer-friendly distribution of the node software, and package it and keep it updated in a way that regular users can run it and forget it. This same convenience introduces a centralization problem that obviates the whole point of running a distributed ledger.

This is a point so obvious I hesitate to make it, but I've learned that in blockchain territory there is no flaw too obvious to point out.

Jumping to "they are doing X because of Y" seems a bit intense, and would like to see how you're getting there.

What would it take for you to see it differently? That one of the clients diverge from the specifications to do their own thing? That's not in anyone's best interest either, so unlikely to happen.

I agree, updating full node software is a problem for normal users. However, if we can develop a core set of first layer software that's stable enough, it could go many years without needing an update. And individual users may only need to update some of those times. So at least the burden could be arbitrarily low. But we certainly shouldn't have set-and-forget auto updating software - that would be a huge security flaw.

Stratum v2 doesn't get rid of mining pools, it just puts the block creation in the hands of individual miners. Pools still get a cut, and pool miners still share the rewards. This is because Stratum v2 makes certain requirements of blocks created by miners such that when they mine a block, the pool and everyone properly gets paid along with it.

https://bitcoinknots.org

It's a distribution of Bitcoin Core. It needs 5GB to store enough blockchain state to fully verify everything. AFAIK Bitcoin Core also has a convenient GUI interface.

I set up a node on my computer. I didn't touch the command-line once. It has a nice GUI and built-in wallet.

But if you don't trust the devs you'll need to use other software, yes.

Just taking the human population as a starting point, if we posit that in the future, non-human entities will also be doing transactions, and there may be orders of magnitude more of those entities than there are humans, and the entities will be networked and operating at machine speed… I don't know, but it seems like the thinking on scaling needs to be even more ambitious.

- Laws of any big country could change and trigger the sale for a lot of sellers of a country,

- Especially given BTC is used by Iran to bypass petrol restrictions, used by ransomware and all sort of dealers, as well as Chinese who want to flee,

- Currencies are in theory regalian = only emitted by the central bank;

- Once any country gets upset with this, they could blame terrorism on BTC and ask owners to prove their origin of wealth, which would be a major hurdle if the law was strict.

I’m adding this to the list. Volatility is desired because “you can make it big”, but the rest is only dangers.

[1]: https://www.youtube.com/watch?v=Lhf_2gJJS1I

Clearly. Watch the price after Musk's announcements.

> fleece unsophisticated investors

Someone speculating in an unregulated asset that's seen massive growth in the past year should have no expectation of not being on the bad side of a trade.

And yet some people dump their life savings into it.

Which is good because crypto is a lot more fun in bear markets.

I assume that soon they will let it drop to 9k and leave it there for a few years and the start the whole thing over again, with the next round of "investors". These "Maximalists" are unintentionally helping them set a floor.

I think it was more like: There's a risk _for Bitcoin_ if the US brings out the ban hammer, because bad countries use it.

Nowadays a lot of people are not libertarians that would see the US opposing it as a proof it's valuable, but more speculators whom would have nothing left if Coinbase and co. were to shut down.

-If you follow the herd, if you buy when people are talking it up positively, you are probably buying high and making less than average (less than zero).

-Covid 19 probably made crypto investment frothy because of unprecedented amount of government stimulus and fewer places than normal to spend money. The government benefits are going to taper over the summer so crypto prices will lose an important support, and the gradual reopening of everything will give people more places to spend their money instead of bidding up digital coins. There could be a third downward force if high inflation takes hold and central banks starts fighting it. They do this by raising interest rates which literally means banks are paying people to hold fiat or government debt instead of other assets. Gold and stocks usually have lower than normal prices during periods of high interest rates, crypto could do the same. At least stocks should have accelerating dividends with higher inflation, not so for gold and crypto.

So if you really want to buy cryptocoins, wait to see what the economic conditions look like in the fall or next year, if the economy is near done working through the above dynamics, prices could be near their lows and it should be a less terrible time to buy.

Any of these mean anything to ya?

>[big purchases] of any big country could change and trigger the [purchase] for a lot of [buyers] of a country.

>Especially given BTC is used by Iran to bypass petrol restrictions, used by ransomware and all sort of dealers, as well as Chinese who want to flee.

[Didn't actually have to change this one, seems like buying pressure to me]

>Currencies are in theory regalian = only emitted by the central bank; [New world currency outside of central banks is the whole vision for crypto, so i don't see how this conflicts.]

>Once any country gets upset with this, they could blame terrorism on BTC and ask owners to prove their origin of wealth, which would be a major hurdle if the law was strict.[ Don't actually understand this one, how could you make me prove ownership of coins in a cold-wallet?]

Our entire civilization and everything in it depends on networks of trust. Without it, we'd fall down instantly.

To require a system of 'absolute decentralization' when 'partial decentralization' would work just as well, doesn't make sense.

We technical people have an odd way of falling into these kind of traps - we're trapped in theory, unable to map to the real world pragmatically.

DNS on the internet works on the basis of 'partial decentralization' and it works very well. There wouldn't be that much point in making it 'fully decentralized'. We could push it maybe a few inches more that way, but there's zero requirement to go 'fully decentralized' for it.

You get vastly diminishing marginal returns to effort when you start to go absolutist.

Much like Rust, which has some very nice outcomes but trades absolutely everything for those outcomes, some small tradeoffs in decentralization for Blockchain would yield probably some big benefits.

Applications can be partially decentralized and that's often the best approach, sure.

While in reality it started as a cluster of nodes run by a single entity (centrally controlled just like BTC did) and moved to continually enlarge the number of entities to the point where the original nodes have absolutely no special permission or power left. There was even a software update amendment that was accepted by all other nodes but the original nodes so they overrules them. The system isn't based solely on trust however the people who run a node can pick trusted nodes[1]. This is important for reliability. If you trust crappy nodes that go offline your node could miss Tx and fork off with no way to detect that and if trusted nodes collude they could halt your node. However the validation is done locally there is no need to trust any other nodes to check if the Tx are valid. You see if a node lies and if you previously trusted that node you would simply remove it. You dont have to trust a single node you have to trust the majority of all nodes you trust. There is no way around the "trust the majority" anyway. In BTC for example you are forced to trust that 51% of hashing comes form honest people who do not collude. the difference here is you dont know who they are and you can neither pick the ones you trust nor exclude the once you dont trust or misbehave. Needless to says the this system outcompetes all the other systems for decentral consensus.

But Guess what. People still says the XRPL its centralized. Most people simply dont understand the tech in this space. They are in it for the gambling.

[1] https://xrpl.org/intro-to-consensus.html#trust-based-validat...

That's wrong. Debt existed before money and barter didn't exist at all without a medium of exchange like metals or spices.

When you give someone a chicken and the other side gives you bread you remember or even write down that this person owes you more bread in the future and you trust that this person will uphold his promise, the same way you trust that his bread is not rotten.

While we should never trust banks 'infallibly' we have layers and layers of protections.

We have 'backups' for regular people like FDIC insurance so when that trust invariably gets broken here and there - there are backups. How often has FDIC had to be used? Very rarely.

When someone steals your blockchain stash - which happens - where do you turn? Nowhere.

Commerce is subject to the Judicial system meaning that when there is a problem, we can backtrack and make ammends, people can sue one another there is accounting etc..

Second - it's well established that none of the cryptos thus far are usable as forms of currency, and frankly, they are poor stores of value.

Your local corner store does not accept BTC for the same reason they don't take Euros - because prices fluxuate wildly, far beyond their profit margin. To accept BTC is tantamount to wild currency speculation which, over time, is guaranteed to put them out of business. There's a 100% chance that BTC 'will go down' over some period below their operating credit and will kill them.

They could feasibly accept BTC and immediately transfer to USD, but what would be the point? You do that, it's your risk. And then it's 'not a currency'.

Third - the 'never talked about' Elephant in the room is Monetary Policy. The ability to control currency is extremely valuable - it's dangerous, yes - but also powerful. Using 'Gold' implies 'no monetary policy' but arguably more trust, however, we'd probably all be broke.

'Wars and Pandemics' illustrate this quite well - when a nation faces existential calamity, it definitely needs monetary policy above and beyond normal operations. The economic devastation of COVID without monetary policy would have knocked down the economy like a sequence of dominos and left nothing standing.

'No Monetary Policy' is like building 'Brick Homes in San Francisco'. Brick is 'stronger than wood' you say? Hello 7.7 earthquake, which is guaranteed to happen over time, and, which will knock down brick homes and leave the wood framed homes standing. 'Hard' things are often 'brittle' and without flexibility a single 'hard punch' will break it.

And those are just the obvious points.

So - instead of building something which is 'infinitely decentralized', you could feasibly build something that is partially decentralized and gain basically all of the advantages. Viatalin's notion of 'individuals running nodes' is essentially fundamentally flawed. Individuals should be 'running their own nodes' like they should be 'installing their own wiring, flooring, plumbing, adding their own additions without Engineering approved drawings'. Yes - you can do your own electrical work, but nobody does, because we have very effective division of labour and 'electricians' do that very well which is immensely valuable.

Let 3rd parties 'run nodes'. Make it so the tech requires minimal oversight. But there will never be 'no oversight', it's not feasible, and it never was.

I'd go so far as to argue that 'trust based systems' are probably a kind of biological development based on some kind of actual efficiency optimization: we 'trust our electrician' just like we 'trust the authority of the bank'. Neither are infallible, but it's better than doing it all yourself.

But if we’re only willing to put Doritos purchases on-chain for some reason because we stubbornly refuse to give up Fort Knox security, and demand a permanent record of our Doritos transactions until the heat death of the universe, we end up with a lot less decentralization, and our options for scaling narrow and become increasingly complex (e.g. sharding).

Worse still, Visa does 50,000+ tps — and that’s just one credit card company. Storing every financial transaction every human in the world ever makes on a blockchain requires infeasibly large block sizes well in excess of 1GB. Meanwhile end users already struggle somewhat to keep up with 1MB blocks on consumer hardware with residential network connections.

(Bear in mind most people interested in extreme on-chain scaling like this have historically also wanted on-chain scaling to handle all forms of cash and credit transactions, plus derivatives trading, “NFTs”, “decentralized exchanges” etc etc, which would demand still more transactional capacity).

Bitcoin could conceivably only increase its block size by a factor of 10-100 before nodes become only possible to run in datacenters. Condemning nodes to forever run in datacenters — lest we forget gargantuan blocks can never be discarded by full nodes — would only allow Bitcoin to hit a measely couple thousand transactions per second at best. What’s the point of doing that at all?

(The choice was obvious to highly technical people at the time of the block size debate, but their voices were drowned out by populist appeals. Also sorry, forgot this was a thread about Ethereum.)

City streets and computer hardware and blockchain throughput. We dream that 'make bigger, make faster' will alleviate congestion in all of these places, and make our commute and compute as fast and cheap as we want it to be.

But in practice, commuters are programmers are blockchain users.

For commuters, if more lanes get added to a local highway, driving to work becomes traffic free - so why not drive when you used to take the train? With all this extra capacity, there's traffic again.

For programmers, faster computers mean less need to be efficient. Less worry about writing efficient code, seemingly as much JSON parsing as one can tolerate, more dependencies, and higher level languages that make programming more pleasant but less efficient. And so computers are 100000X faster than they used to be, but opening a text editor is about as slow as it was 10 years ago.

For blockchain users, it will be the same. As block space increases, the applications users dream up to run on the blockchain will as well. And so transactions will end up costing the same.

That being said, the total capacity will be higher! So we are scaling - I just don't think it's gonna be the utopia it might appear at first glance.

[1] https://en.wikipedia.org/wiki/Induced_demand

Granted, low information people are still falling for it, but high information people increasingly aren’t, as evidenced by Ethereum failing to get even 3/4s of the way to its previous bitcoin-denominated valuation high over the most recent market cycle, despite ludicrous levels of hype.

As to your other ramblings, mere snobbish tripe meant to demean and belittle those that disagree with your opinion. In other words, yours is a low information post.

> As to your other ramblings, mere snobbish tripe meant to demean and belittle those that disagree with your opinion. In other words, yours is a low information post.

ETH broke 0.12 ETH/BTC last narrative cycle. This is trivial to fact check. Sorry to disturb you.

Asking because I don't think there's a viable strategy for keeping all shard data around indefinitely, without giving up either scalability or durability:

* If the system requires cross-shard state-transitions to be mirrored to on a "central" chain (e.g. the beacon chain) in order to stave off unavailability, then that central chain's capacity is the scalability bottleneck.

* If the system requires cross-shard state-transitions to be mirrored instead to both shards in order to stave off unavailability, then ultimately all shards will host a non-trivial fraction of each others' state, meaning that the scalability bottleneck is the most-loaded shard.

* If the system requires some nodes to store full replicas of all shards in order to avert shard unavailability, then the system is no more scalable than the nodes required to carry this burden.

Also, it's not clear to me that it's "thousands," nor is it clear to me that this even matters. If they're all in the same datacenter, and that datacenter temporarily gets disconnected from the other shards' nodes, then the shard is effectively dead as far as the rest of the network is concerned.

In Ethereum 2.0, nodes don't maintain a full copy of the chainstate -- not even block producers do. Therefore, Ethereum 2.0's resiliency depends on the continued availability of N > 1 partial copies of the chainstate, such that the full chainstate can be reassembled from them. This is strictly less resilient.

The beacon chain is the central chain, all shards write a hash of what they've done to this one. All nodes validate the shard they've been assigned to as well as the beacon chain.

- Why consider that a group of diverse group of developers is a governance danger while a group of users would be fine?

- What are the incentives to run a full node for an average user?

    For a blockchain to be decentralized, it's crucially important 
    for regular users to be able to run a node, and to have a 
    culture where running nodes is a common activity.

introduce a small form of reward for running a validating node and voila, nodes popping up everywhere.

The only remotely viable way would be to use recursive SNAKRs to prove that you verified block proofs in block chains like Mina

So running full nodes will have a monetary benefit. Running two will only give you more benefit if they have improved network reachability and latency.

That was bold, and his claim that Ethereum nodes need to be runnable on old laptops on residential internet is confused. Ethereum, worth many billions of dollars, most of which is controlled by whales and nerds with beefy gaming rigs, is deliberately sacrificing desperately needed scalability for a superficial narrative of “decentralization”.

I would almost get it if the post included a picture of some skinny African children; is “decentralization” just a euphemism for “diversity and inclusion” now?

Sometime soon, the DeFi “yield farming” free-money well is gonna run dry, and when it does, the Ethereum ecosystem will wake up in the freezing cold of a “dark forest” of their own creation.

But what about sharding? Sharding, like roll-ups, sidechains, and layer 2s including any of the forms of “Plasma”, are fundamentally less valuable than a high-scalability main chain. Reason being that transactions on the main chain are arbitrarily composable, while cross-shard communication with reasonable latency is an open problem.

And composability is important. Composability is an intrinsic aspect of DeFi, and the part that will remain even when the yields are brought down to parity with traditional finance.

Most of the "blockchains" listed on aggregators such as coinmarketcap.com are essentially clients communicating to a few nodes which, for all we know, sync up in a coordinated way to provide the illusion of a decentralized consensus system.

Like maybe we need to take a step back and ask "what problem are we actually trying to solve?".

Is an uncontrollable & anonymous currency truly the next big thing we need? Did we even stop to think of the potential issues of a system like that?

To me the future should be more audacious. Maybe we don't need some kind of unalterable decentralized database where capitalism can thrive from. Maybe we need to rethink society where money is not as crucial as it is today.

Hoping that the "next" cryptopunks can think of these ideas to really change the world for the better rather than ways to scale an unalterable database which, for all I can tell, just provides a distributed way to track who owes what to whom.

That's about is Lindy as it gets. I'm dubious of anyone who supposes we can "rethink society" to make money less crucial. It seems simpler to assure that anyone who doesn't have enough money gets some.

It's a dangerous experiment we're running, to have all currencies in the modern world be government-issued paper. Such currencies have a known and spectacular failure mode, which continues to happen right now, and "it can't happen to us" is just a bet, not a law of nature.

I'm glad that cybercoins exist, as a hedge against that occurring. Gold is the old standard, but difficult to transfer other than hand-to-hand.

Maybe it won't happen, perhaps Modern Monetary Theory is perfectly correct and the Fed and ECB will keep on trucking indefinitely with a manageable and smooth inflation curve. I'd prefer that, of course, a currency collapse tends to be a regime-ending event as often as not, and it's bad for commerce, which I need in order to eat, clothe myself, and travel more than about ten miles in a day.

But I'm grateful that there exists at-least-one distributed and uncensorable way to "track who owes what to whom". We might all be grateful for it one day. Or we might not.

But you will just dismiss all these ideas. Same way people dismissed all the ideas people were imagining when the internet is young.

If you want to broaden your mind— just detach the idea of blockchain from the price of Bitcoin. Yes, it’s insane to the point of being obscene.

Trading of any financial asset - why do we need Robinhood / Fidelity etc to trade shares? If shares in companies can be listed on a blockchain then people can trade them anywhere anytime directly with each other even when they don't trust each other.

Larger markets for digital goods: Many games have started putting their items on Etherum (or layer 2 solutions) so that players can easily trade them without the developers needing to run their own marketplace. This can then extend to being able to use items across multiple games, or trade items from one game with items from another.

Now there's ethereum tokens that allow the original creator to get a cut of all trades of that item. This opens an interesting funding model where a company could create an open source permissionless game where you download the client, connect to the public chain, play and acquire items, trade those items with others, and the game creators gain funds based on a cut of all trade happening around the game which allows them to further development. Then because it's open source people can create forks with their own art styles and mod the game easily and people can participate in the same world with many different clients.

I understand Bitcoin (in principle), it is not that hard to understand. I don't understand most of Ethereum.

For instance, if I feel my country's currency is heading towards hyperinflation, I can buy up tokenized USD as a hedge. There is no limit to how much I can buy nor do I ever need to visit a bank and comply with an oppressive regime - think Venezuela.

Except, you know, "trust us, this will never happen". Given that blockchain size is now 346GB while it handles a fraction of a fraction of a fraction of the number of transactions that the rest of the world runs.

That is not enough.

Blockchain is proposed for various things like, for example, land registries. They have to be kept around indefinitely long. In many countries financial institutions are required by law to keep financial transactions around for 4 years. Ans so on.

But yeah, sure, go ahead and remove all historical data "because new transaction is mathematically valid".

If you have a copy of the latest block and the older verified block headers, you can trustlessly verify older blocks that people give you.

> But yeah, sure, go ahead and remove all historical data "because new transaction is mathematically valid".

Archival nodes– nodes that store full history– still exist and are still needed. You can query them from a normal full node and get their blocks.

Still needed as in "must be there for the chain to function"? Is it possible to have a situation where every node on the chain has truncated its history?

Note also that currently bitcoin needs 300 GB to store data for a fraction of a fraction of transactions needed for the world to run [1]. And crypto enthusiasts people want to move everything onto a blockchain.

[1]

- Total number of transactions is ~640 million: https://www.blockchain.com/charts/n-transactions-total

- Visa alone processes 4.8 billion transactions per quarter: https://s1.q4cdn.com/050606653/files/doc_financials/2020/q3/... which amounts to ~52 million transaction per day

- To handle Visa traffic alone, for that same quarter, Bitcoin blockchain would grow by 9 terabytes. 36 terabytes a year.

And that's for Visa volumes alone. Even though Visa is the biggest one, there's the long tail as well.

"the total number of general purpose credit card transactions in the U.S. was 40.9 billion in 2018" https://www.creditcards.com/credit-card-news/market-share-st...

So, how long before even the archive nodes start truncating data?

[1] https://docs.elrond.com/

In its raw form a DTL does not compute an output but ofc all participants compute signatures and such stuff to validate input and reach consensus.

This is not a competition to a single computer as load is no distributed its the exact opposite. Everyone checks the rules of the system. (not to be confused with mining that does nothing, its just a puzzle to decide who can write the next block)

The problem is the global consensus. It's a very expensive operation to do per block.

From the first petrol engine (1879) to the Ford Model T (1908), the Arpanet (1969) to the Internet (1990), as also software development (Cyberpunk 2077 was developed over 8 years), these things have one thing in common: they need time.

When one day your every breath (and its payment) is recorded on a blockchain then you should be aware that such a technology capable to do so does not exist yet, but its basic features do.

[1] https://interestingengineering.com/9-interesting-failed-inve...

such innovations only appear now and then, one should have the intuition to recognize them as such, otherwise he will miss the opportunities of such developments.

That's the narrative of scam artists since before time.

its worth a hundred dollars, people use it to buy goods - its a scam.

its worth a thousand dollars, people start using it as a store of value and a hedge against inflation - its a scam.

its worth 65.000 dollars, theres also ethereum changing the face of banking forever - its a scam.

calling me a scam artist while disregarding all the givens of reality, at this point its really hard to convey how extraordinarily mind-bendingly narrow-minded this point of view is.

Empty words

> people start using it as a store of value

People are using for speculation, not for the store of value.

> theres also ethereum changing the face of banking forever

Ethereum is changing literally nothing

> while disregarding all the givens of reality

What you're describing are fantasies that have little to no bearing on reality.

> at this point its really hard to convey how extraordinarily mind-bendingly narrow-minded this point of view is.

At this point it's really hard to understand how anyone who talks about reality can be so far removed from reality.

>Nobody is using crypto as an alternative to fiat.

Ethereum is the best way to save in dollars outside of the developed world. High single digit or double digit yields (powered by speculators borrowing to speculate) vs ~0% in the banking system. Also much safer. Not compared to an American bank, but to Russian/Lebanese/Brazilian etc.

The history of defi can be traced back to mid-2013 (mastercoin) or earlier (colored coins).

And what the cool kids are calling “defi” today was called “appcoins” and “utility coins” several years ago. It’s all just marketing spin.

> It's indeed fair to say that bitcoin has completely failed in getting any adoption beyond speculation.

Digital gold is a euphemism for speculative store of value. Gold itself is a speculative SoV. For Bitcoin, that’s a sign of success — which is reflected in its market price.

There is not one single cryptocurrency on the market today which isn’t a speculative store of value primarily by real world usage. Rather there is Bitcoin which is upfront about this, and then there are other coins whose skilled sophists promote it as being something other than a speculative store of value as a hollow front. Peak behind the curtain and you’ll find a speculative store of value in 100% of cases, absolutely without exception. If anything has failed here it’s the moral compass of altcoin promoters globally, and investors for being so easily misled by hype entrepreneurs.

I disagree. Defi started with lending and borrowing dapps. If just tokens themselves are 'defi' then bitcoin itself is defi, which would make the definition pointless. Finance requires lending and borrowing.

>Digital gold is a euphemism for speculative store of value. Gold itself is a speculative SoV. For Bitcoin, that’s a sign of success — which is reflected in its market price.

The title of the bitcoin whitepaper is 'Bitcoin: A Peer-to-Peer Electronic Cash System' which means it objectively failed in its stated goal. Of course, it had to, as bitcoin is not backed by anything and money must be backed by something.

Now it's just a ponzi scheme that continues to make people poorer while fooling them that they're getting rich. The only way to make a profit on bitcoin is to take someone else's wealth - it's zero sum by itself. On top of that there's mining, which ensures bitcoin continuously destroys wealth and makes bitcoin buyers poorer as a group compared to everyone else.

And representing corporate shares on a blockchain isn’t in the purview of “finance”?

Everything old is new again.

In developed countries, I can tap with my phone or card to pay instantly, there's Venmo, and fees are low-ish. Currently, no cryptocurrency has competitive advantages to traditional payments...unless it's illegal, but even then, certain cryptocurrences are a really bad choice.

Supposedly phone apps are used for payments in developing countries, but I'm not entirely sure.