Hacker News new | past | comments | ask | show | jobs | submit login

The really obvious weakness in any blockchain setup is the software. Whoever controls the software upgrade channel will always have potential control of the blockchain, whether that's the official entity in charge, or some intermediary.

If you want really widespread distribution of full nodes, you need to make a consumer-friendly distribution of the node software, and package it and keep it updated in a way that regular users can run it and forget it. This same convenience introduces a centralization problem that obviates the whole point of running a distributed ledger.

This is a point so obvious I hesitate to make it, but I've learned that in blockchain territory there is no flaw too obvious to point out.




Ethereum proof of stake has 4 production implementations today that run the chain. They are from independent teams that are not part of the Ethereum Foundation


They are as independent as Mozilla is from Google. So they're not the same entity; but in practice they take orders from Eth foundation because they're funded by the Eth foundation.


Alternative interpretation is that while funded by the foundation, they follow what they think the community overall would like to follow, which is the protocol known as Eth 3.0. "Taking orders" being following specifications written by people who seem, after reviewing their work, to have a good heart in the direction of the project.

Jumping to "they are doing X because of Y" seems a bit intense, and would like to see how you're getting there.

What would it take for you to see it differently? That one of the clients diverge from the specifications to do their own thing? That's not in anyone's best interest either, so unlikely to happen.


never seen this sentiment before. Can you provide some sources/ any insights into mozilla and google colluding?


That's why some blockchains have multiple implementations and don't use auto-updates. There's also some work on taking governance out of developer's hands (e.g. Tezos where users vote on new features).


Software like this shouldn't need to be constantly updated. Users should only update full node software when they understand and trust the changes made from their current version. Of course tons of people can't be bothered or don't know how to evaluate the security of their software. Hopefully those people are good judges of character.

I agree, updating full node software is a problem for normal users. However, if we can develop a core set of first layer software that's stable enough, it could go many years without needing an update. And individual users may only need to update some of those times. So at least the burden could be arbitrarily low. But we certainly shouldn't have set-and-forget auto updating software - that would be a huge security flaw.


Miners control bitcoin more than people realize.


Less than most actually. Most have no practical means to act against the interest of pools, whose operators have most of the real control that people ascribe to miners.


For Bitcoin, Stratum v2 will solve this problem and return block creation power to the miners instead of the handful of large pool operators, which will be a huge win. However, even then, miners are beholden to the actively spending economic majority.


Miners want ROI. Running your own block creation infrastructure offers no benefit and only drawbacks and more services to keep online.


... You should look into what Stratum v2 is. By "running your own block creation infrastructure", do you mean running a pool? No infrastructure is needed. Creating a block is very easy and cheap. What's expensive is repeatedly hashing that block enough times to mine the block.

Stratum v2 doesn't get rid of mining pools, it just puts the block creation in the hands of individual miners. Pools still get a cut, and pool miners still share the rewards. This is because Stratum v2 makes certain requirements of blocks created by miners such that when they mine a block, the pool and everyone properly gets paid along with it.


"Miner-extractable value" changes this dynamic.


And at the same time less than some realise. E.g. UASF.


> you need to make a consumer-friendly distribution of the node software

https://bitcoinknots.org

It's a distribution of Bitcoin Core. It needs 5GB to store enough blockchain state to fully verify everything. AFAIK Bitcoin Core also has a convenient GUI interface.

I set up a node on my computer. I didn't touch the command-line once. It has a nice GUI and built-in wallet.


And how did you verify its integrity? And what is the upgrade path?


The releases are signed with well-known keys.

But if you don't trust the devs you'll need to use other software, yes.


Most transactions and legitimacy come from exchanges, not individual clients. I think they will have more clout than the client writers.


Then the exchanges will become the point of control (even more so than they are now).




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: