Thursday, September 22, 2016

Cryptocoins equally to all people w/o 3rd party OR transaction fee feedback to create constant value coin

Maybe there is a way to issue a fixed quantity of coin to all people on Earth without a 3rd party.

Your biomeasures are different kinds of "hashes" of your genes (and environment and chance). The following might work because single genes affect multiple systems. Given the right set of biomeasures it may not be feasible to generate a valid survivable human DNA sequence. One biomeasure constrains DNA one way, and another in another way, and so on. But given the biomeasures and DNA sequence the blockchain might prove a given pairing is valid. People would use the set of biomeasures and their DNA to apply to the blockchain for coins and a private key. DNA and private key would generate wallet addresses.

The key is that each gene usually affects multiple biometric measures, maybe in the same way a prime can be used to generate many different public keys when combined with other primes. Or maybe I should view the biometric measures as a hash of the genes. Either way, there seems to be a 1-way function that can be exploited. You can get biometrics from genes, but maybe not valid genes from biometrics.

Genes causing the expression of biometrics (genotype creates phenotype) is such a messy business (a huge and messy kind of hashing, not subject to strict mathematics and influenced by environment and randomness), traditional cryptography might not be usable. At first it might require a world class neural net to get started, then the blockchain would have to take over as the neural net. The neural net would take all available DNA and biometric data and find all patterns backwards and forwards (genes -> biometrics, biometrics -> genes) that it can. It would attempt to predict viable DNA from biometrics and vice versa. The vice versa (determining biometrics from genes) is relatively easy, but we are in its infancy. A lot of medical research is doing this because having a disease is a biometric result of the genes. But getting DNA from biometrics could be made very difficult if the right biometrics are chosen. A neural net could predict viable biometrics from DNA, but my thesis is that it could be really difficult to create viable DNA from a correctly chosen set of measured biometrics. The neural net's job is to discover the best biometrics to use (the ones it can't crack), and to constantly try to crack it. Successful cracks are rewarded. Along the way it is discovering what genes do as the preliminary step to cracking (it has to get its list of "primes"?).

Since population growth I think is around 2% and slowing, the inflation problem should be small, and even a benefit as I stated before, in contradiction to the usual cryptocoin beliefs concerning fixed-quantity coins.

It seems I am requiring people to apply for their coins using their biometric and DNA data before others get their DNA and generate viable biometrics.

BTW, a 3rd party is always present if the code can be changed at any time after launch. Developers being guided by users is the same as government being guided by voters. Lobbies like the rich or bankers (PoS and miners) that subvert the users' voting process is the same system we have for the dollar.  Observational evidence for this viiwpoint: we seek ethics in the developers in the same way we seek ethics in government leaders.

There is another way to achieve a constant-value coin that is a lot less difficult than using DNA, but does not retain the virtue of blocking machines out of human economics. **Let the market-determined transaction fees per coin determine the coin release-rate.** If the fee rises there is a shortage of nodes compared to daily coin transaction volume.  Additional fees per byte and a base fee per transaction would be needed, but not used to determine the coin release rate. This uses the velocity of money theory.  So the developers are not allowed (and not required) to decide the final quantity or release schedule of the coin. The market does.  A PID controller would take the transaction fee per coin as the input and output the coins per block.  If the fees drop too much, it indicates the coin is not being used much  and coins per block can go to zero, keeping coin quantity constant.  Miners would stop mining and nodes would live off the base fee for transactions.  Another controller would take the number of nodes per transaction as the input and drop the base fee and/or per byte fee if the ratio of nodes to transactions got unnecessarily high, which keeps the coin competitive and lean without oversight. The more feedback controllers used intelligently, the more intelligent the coin (and anything else) is.

 I am not saying the above is perfectly correct or complete. I wanted to show that some idea like it could create the cryptocurrency holy grail: a constant value coin not based on perception, opinion, miners, or developers.

Intelligent direction (i.e. controller feedback) of permission  (i.e. legal tender, aka currency) to use available resources is the basis of all intelligence. Be it glucose and molecules in the brain, energy and matter in economics, or CPU time (kinetic joules=expenses) and RAM/HDD space (potential joules=initial investment) in computing, the intelligent direction of the currency directs the energy and matter for personal profit (growth based on more and more energy and matter coming under control of the movement of the currency). Democracy uses the feedback of votes to guide the taxes which directs the energy and matter in government which a controller on the economics which gives voters what they want.   The most intelligence cryptocoin will be a growing, spreading, changing A.I.  of feedback controllers (smart contracts directing the coin) that enables the market place that falls under its control to be the most profitable and growing so that the cryptocoin itself can be profitable and grow by riding (lightly) on its back so that it is a symbiotic relation instead of viral/cancerous.  The end goal is congeal the matter on Earth into a more ordered form, releasing entropy to the universe. We are doing this by shifting from organic bonds to metal and metalloid bonds, removing oxygen from metals, silicon, and carbon so that we have greater control through lower entropy per kg of our economic machine. Earth's unusual because of the order injected by the Moon, and why we look for life on Titan and Io (geological disturbances are cyclic forces that inject order into thermodynamically-stable systems).

The market itself is just a bunch of feedback going on between agents, under the rules of some governing coin (i.e. legal tender).   So ideally, the feedback systems would probably be nested and complicated from bottom to top so that the distinction between government and market is not clear, while the coin would be very clear.  Separate "organs" of law (code) could easily have their own internal coins, but still be based on a system wide coin. Maybe the highest level coin describes the boundaries and definition of an entity. The highest I know of is energy (Gibbs free energy). Maybe there is some sort of negative entropy that could be higher.  But a single coin and system without distinguishable "organs" should be the most efficient, like a highly compressed algorithm.

But for current work on cryptocurrencies, it seems 1 to 5 feedback measures should be the limit.

There is currently no feedback from the market place  (other than the difficulty) to tell cryptocoins how the coins are to be issued in order to best benefit the market. The arbitrary nature of coin quantity, release schedule, and fees needs to be changed and connected to the coin's usage and computational power.
=====
Let transaction fee per coin control coins per block issued and never let difficulty fall. Problem solved? A base fee per transaction and fee per byte would also be needed. A standard PID controller on the transaction "error signal" would be used. Difficulty can easily get too high, but there is no incentive for attacks to make it go high because they can't profit on downturns. Large miners can't profit from random difficulty swings or manipulate it for profit. If difficulty is too high, miners will get out if fees are not high enough. But surviving this demonstrates the system is not a Ponzi scheme that will end when mining ends. A decrease in network hash rate might adjust the set point that the transaction fee error signal needs. With the right feedback (checks and balances) developers would not be required (or allowed) to choose any aspects of coin issuance (not total quantity, schedule, coins/block, difficulty, or fees). The market should be able to dictate everything without anyone needing to explicitly vote except by their marketplace choices (miners getting in or out, and transaction fees). If the market for the coin starts to dry up (it's fees were too high to sustain miners) then it merely shows a more efficient coin is taking its place, and it should dry up. But the quantity of the at the point is constant.

Friday, September 9, 2016

Ideal difficulty algorithms for cryptocurrencies

a post to github related to monero and zcash:

I've come to the conclusion that the best difficulty will be a simple rolling average:

next Diff = avg past N Diff * TargetInterval / Avg past N solve times.

The shorter the window average, the more protection against attacks, but there is more variation in solve times. This is unavoidable. There is a law written in stone: if difficulty is allowed to go down, you can have good protection or good solve times with a low standard deviation, but you can't have both. You have to choose how many blocks you want to "give away" by choosing the max time for say 10% of the block solves. Low block window averaging is higher protecting but wider swings in solve times. You could use N=5 for great protection if it is OK to have time to solve > 5x your target for 5% of the blocks. Once manipulators come in, you need to be prepared for 5x target 10% of the time. But such a short averaging window requires an accurate timestamp on blocks instead of miner generated times. Without that I would copy what Zcash is doing (N=17 window average with a median instead of mean for the solve times), except be sure not to use the 8% up and 16% down limits they are using, which I hope and suspect they drop before release. There is something weird with their method of getting the median that works better than the way I get the median, so us eit, which I guess comes from Digishield v3. But if you get an accurate timestamp, use the mean.

And low N averages have accidental spikes in difficulty and solve times. Miners can choose to come in immediately after those which makes the next difficulty and solve time spike even higher. so they can put it into oscillation for profit. But this might be a problem for all windows of even larger N.

The biggest protection against attacks might be to discover the methods and encourage and enable everyone to use them. That tends to block the profits of cheaters by actually leveling out the swings, helpig the constant-on miners. For example, in time warp attack is less and less useful if you initiate it and 10 people come in to take it away, splitting the profit. So maybe you shoulld give the code to enable everyone to do it. It might then become useless to everyone. Of you try to pick a bottom, but then someone comes in earlier so your bottom does not occur, and so on, until there is no bottom.

The only way I have found to get perfect protection against attackers (and fairness) and to have a perfect release schedule is to never let the difficulty drop but follow a slow steady rise, use a valid timestamp on solved blocks, and pay miners inversely proportional (Tim Olson's idea) to their solve time relative to the average time that is expected for the current difficulty setting. If a miner solves fast, he gets paid proportionally less. If he solves slow, he gets paid more. The coin release schedule stays as perfect as your clock, and there's zero profit from manipulations. The problem with a clock is that it is a third party. But it is not a problem if you're already using a subtle 3rd party going under the name of "trusted peers" who will set to a universal time clock. (The trusted timestamp also prevents timewarp attacks. ETH uses one.)

This has very important stable, real value implications. For example, miners are paid PER BLOCK for the amount of electricity needed, getting closer to the ideal of value=joules, not merely based on the average electricity expense per block expected. This requires abandoning the idea that blocks must be solved within a certain time frame. If the coin can survive post-mining on fees, then it should survive solve delays in the exact same manner to prove it can survive on fees ahead of time. But it may not result in substantial delays as everything is done so well.

This probably changes too much in bitcoin's core, and there are likely good reasons Satoshi did not do it. But it's best by starting with a known ideal and work backwards. In this case it means every time you let difficulty fall, you are harming constant-on miners relative to other types of miners.