I posted this to bitcoin-ml and bitcoin-dev mailists and to reddit and bitcointalk, but no one seems interested.
========
Has anyone used difficulty to get constant-dollar developer or node
fees? Difficulty is exactly proportional to network hashrate, and
network hashrate is closely proportional to coin price.
Say a coin is currently $1.23 and someone wants to get a fixed income
from the coin like $0.01 each time something occurs. To achieve this
they could use a constant that is multiplied by the difficulty:
fee = 0.0123 * difficulty_at_$1.23_per_coin / current_difficulty / reward_per_block_at_$1.23 * current_reward_per_block
Dollar value here is constant-value relative to when the ratio was
determined (when difficulty was at $1.23). If hash power is not able
to keep up with coin price (which is a temporary effect), the value
would be larger than expected. Otherwise, the real-world value slowly
decreases as hashing efficiency increases, which may be a desired
effect if it is for dev fees because software gets outdated. But
Moore's law has gotten very slow for computers. Hashing should get
closer to being a constant hardware cost per hash.
To get constant value:
Q1/Q0 = D0 / D1 * moores_law_adjustment
Q = quantity of coin in circulation
D = difficulty
0 = baseline
1 = current
Electricity is more than half the current cost of hashing and
could soon be 3/4 or more of the cost. Worldwide electricity cost is
very stable and possibly the best single-commodity measure of constant
value.
Also, all coins for a given POW (if not in an even more general sense) will have the same factor above, adjusted only by multiplying by 2^(x-y) where x is the number of leading zeros in maxTarget for the other coin, and y is the number in the coin above.
In a very idealized situation where the algorithms running on computer hardware control all physical resources with a certain constant level of efficiency, then any increase in the hardware capabilities (Moore's law) would be proportional to the increase in the efficiency of the economic system, so there would not be a Moore's law adjustment. This is hyper-idealized situation in the distant future, but I wanted to point out the quantity ratio with difficulty has deep roots.
Wednesday, December 27, 2017
Tuesday, November 21, 2017
Best difficulty algorithm
I'm changing this as I find improvements. Last change: 12/1/2017.
Newest information is here:
https://github.com/zawy12/difficulty-algorithms/issues/3
This first one appears to be the best all around:
In an simple average (SMA), a multiplicative error like this only causes a proportional error in solvetime, not a compounded error.
There is a T/solvetime ratio in two places. It must be the same in both places. I don't know how it would be coded to give something different, but it's something to be aware of.
==========
The following attempts to make it smoother while having some ability to respond to faster to big hashrate changes.
Newest information is here:
https://github.com/zawy12/difficulty-algorithms/issues/3
This first one appears to be the best all around:
# Jacob Eliosoff's EMA (exponential moving average) # https://en.wikipedia.org/wiki/Moving_average#Application_to_measuring_computer_performance # ST = solvetime, T=target solvetime # height = most recently solved block # N=70 # MTP should not be used for (i=height - 10 to height) { # check timestamps starting 10 blocks into past) previous_max = max max=timestamp[i] if timestamp[i] > max } ST = max - previous_max ST = max(T/100,min(T*10, ST)) next_D = previous_D * ( T/ST + e^(-ST/T/N) * (1-T/ST) )A word of caution with the above EMA: when converting to and from bits field (aka target) to difficulty, it is important to not make a consistently wrong "rounding" error. For example, if previous difficulty was 100,000, it is important that nothing in the code make it consistently +50 more or consistently -50 less (0.05% error). That would cause the EMA at N=70 to have 3.5% error in solvetime. At 0.5% error per block, there is 35% error in the solvetimes (difficulty is 30% too high or low). The error that develops seems to be based on about 1.005^70 = 41%. If half the time it is +1,000 too high and the other half -1,000 too low, then it's OK. just don't be consistently wrong in the same direction. Error in the value for e=2.7183 does not hurt it.
In an simple average (SMA), a multiplicative error like this only causes a proportional error in solvetime, not a compounded error.
There is a T/solvetime ratio in two places. It must be the same in both places. I don't know how it would be coded to give something different, but it's something to be aware of.
==========
The following attempts to make it smoother while having some ability to respond to faster to big hashrate changes.
# Dynamic EMA difficulty algo (Jacob Eliosoff's EMA and Zawy's adjustable window). # Bitcoin cash dev(?) came up with the median of three to reduce timestamp errors. # For EMA origins see # https://en.wikipedia.org/wiki/Moving_average#Application_to_measuring_computer_performance # "Dynamic" means it triggers to a faster-responding value for N if a substantial change in hashrate # is detected. It increases from that event back to Nmax Nmax=100 # max EMA window Nmin=25 # min EMA window A=10, B=2, C=0.37 # A,B,C = 10,2,37 or 20, 1.65 0.45, # TS=timestamp, T=target solvetime, i.e. 600 seconds # Find the most recent unusual 20-block event for (i=height-Nmax to height) { # height=current block index if ( (median(TS[i],TS[i-1],TS[i-2]) - median(TS[i-20],TS[i-21],TS[i-22]))/T/A > B or (median(TS[i],TS[i-1],TS[i-2]) - median(TS[i-20],TS[i-21],TS[i-22]))/T/A < C ) { unusual_event=height - i + Nmin } } N = min(Nmax, unusual_event)) # now do the EMA shown above with this NHere's another algorithm that seems to be about as good as the EMA
# Weighted-Weighted Harmonic Mean (WWHM) difficulty algorithm # Original idea from Tom Harding (Deger8) called "WT-144" # No limits, filtering, or tempering should be attempted. # MTP should not be used. # set constants # N=60 # See Masari coin for live data with N=60 # T=600 # coin's Target solvetime. If this changes, nothing else needs to be changed. # adjust=0.99 # 0.98 for N=30, 0.99 for N=60 # k = (N+1)/2 *adjust * T # there is not a missing N. # height = most recently solved block # algorithm d=0, t=0, j=0 previous_max=timestamp[height - N] for ( i = height-N+1; i < height+1; i++) { # (N most recent blocks) max_timestamp=max(timestamp[i], previous_max) solvetime = max_timestamp - previous_max solvetime=1 if solvetime < 1 # for N=60, 10*T solvetimes drives difficulty too far down, so: solvetime = 10*T if solvetime > 10*T previous_max=max_timestamp j++ t += solvetime * j d += D[i] # sum the difficulties this is how WWHM is different from Tom's WT. } t=T*N if t < T*N # in case of startup weirdness, keep t reasonable next_D = d * k / t # limits on next_D do not need to be used because of the above solvetime restrictions # but if you still want limits on D's change per block & expect max 5x hash rate # changes or want to replace the solvetime restrictions, use # limit = 5^(3/N) # next_D = previous_D*limit if next_D > previous_D*limit # next_D = previous_D/limit if next_D > previous_D/limit
Monday, November 13, 2017
Maximizing options as the basis of memory-less intelligence
There seems to be some big news in A.I. and cosmology. To give an example of how far-reaching this idea is, view walking upright and the ability to use our hands as something that maximizes our options rather than something that gives us more power in any other sense. This simple algorithm can successfully play games without any training at all, other than defining "maximize future options" for a given set of rules.
I am far from certain his general view is correct (or even expressed clearly enough to criticize. I still can't view it as anymore than a method of problem solving when his claims are much greater than that, but I can't exactly understand his claims. It sounds like he is saying things appear intelligent because nature somehow keeps options open.
Ted Talk
https://www.ted.com/talks/alex_wissner_gross_a_new_equation_for_intelligence
General idea:
https://physics.aps.org/articles/v6/46
How it's good at playing atari without training:
http://entropicai.blogspot.com/2017/06/solved-atari-games.html#more
On freedom in society making us more powerful:
https://www.edge.org/response-detail/26181
Basic physics of causal entropy and intelligence
http://www.alexwg.org/publications/PhysRevLett_110-168702.pdf
How it can predict the cosmological constant by following the anthropic principle:
http://www.slac.stanford.edu/cgi-wrap/getdoc/slac-pub-12353.pdf
I am far from certain his general view is correct (or even expressed clearly enough to criticize. I still can't view it as anymore than a method of problem solving when his claims are much greater than that, but I can't exactly understand his claims. It sounds like he is saying things appear intelligent because nature somehow keeps options open.
Ted Talk
https://www.ted.com/talks/alex_wissner_gross_a_new_equation_for_intelligence
General idea:
https://physics.aps.org/articles/v6/46
How it's good at playing atari without training:
http://entropicai.blogspot.com/2017/06/solved-atari-games.html#more
On freedom in society making us more powerful:
https://www.edge.org/response-detail/26181
Basic physics of causal entropy and intelligence
http://www.alexwg.org/publications/PhysRevLett_110-168702.pdf
How it can predict the cosmological constant by following the anthropic principle:
http://www.slac.stanford.edu/cgi-wrap/getdoc/slac-pub-12353.pdf
Sunday, October 15, 2017
Smoothing coin release rate for bitcoin
If a coin wants to implement a continuous reward adjustment to give the same number of coins released as the same rate as bitcoin use:
C/block = 69.3*(0.5)^(-height/210,000)
But to implement it in an an existing coin, it takes a little more work to find a solution:
The halving events in BTC seem absurb in being such a powerful step function. Due to rounding error and trying to keep the same quantity of satoshis emitted every 4 years, it takes some effort to find a formula that exactly ends in 1/2 as many coins per block after 4 years (210,000 blocks) and gives the exact same number of Satoshis in those 4 years. Here's what I came up with.
Once every 4 hours, starting half-way into a halving event, set coins awarded to
BTC=C*int(1E8*A*B^(N/8750))/1E8
where
C = number of coins supposed to be emitted in this halving event.
A = 1.072026880076
B = 0.46636556
N = blocks after the 1/2-way point, up to 8750 when N goes back to 1 and C is cut in half.
8750 is 4 years' worth of 4-hour periods. I didn't like 5, 7, or 10 hours because it is not a multiple of a day. 2 hours would have been harder to check in excel, having 2*8750 adjustment per halving. Other options were not an integer number of blocks. I guess 8 hours is an option.
I guess it could be improved to not have to reset C and N every 4 years.
I believe there is a starting point that is better in the sense that it results in a simpler equation that is good for all time, like ln(2) = 0.693 into a halving event or maybe 1/e into it or 1/e before the end.
Wednesday, October 11, 2017
The ideal currency (new)
This does not replace my previous ideal currency article that talks about a p2p coin that depends on "reputation" as the coin itself. I want to connect the lowering of physical entropy on Earth to currency.
Previously I described how all characteristics of an ideal currency such as Nick Szabo's list (scarcity, fungibility, divisibility, durability, and transferability) can be derived from the desire to have constant value in space and time. The best measure of "value" results in a more specific definition: ideal constant value currency is proportional to the net work energy available per person. A legal system creates the relevance of the currency and guides system-wide goals. Otherwise it is an anarchy-type asset where individuals are not necessarily cooperating for a larger goal such as survival and promotion of a society. I'm not talking about that type of currency. The assumed legal system dictates how the energy may be used, which includes enforcing the concept of ownership of "the work energy assets" and enforcing law (settling disputes, collecting taxes, etc) in that particular currency (unless the transfer of other "work energy assets" in certain cases is more appropriate). Intellectual property does not have a visible net work energy that is proportional to its numerical value, but it ostensibly increases the net work energy available in other assets by making the use of them more efficient, even if only by entertaining people which may enable them to work better. Assets have a real net physical work energy, but in calculating how much more currency should be in the system due to those assets, the costs of anything such as intellectual property needed in its conversion to work should be first subtracted out.
There is waste energy as heat when work energy is expended, and the amount depends on the form of the original energy. There is also wasted energy when work energy is expended to get other work energy where it is needed. These and other forms of waste are not included in the "net total work in the system per person" that I'm talking about. So, I can't say this work is exactly based on Gibbs free energy ( E = U + pV - ST) of a set of atoms in some system because that is measured before these wastes. Gibbs free energy is the precise definition of "available work energy". So what I'm talking about is the Gibbs free energy minus the waste which includes cost of the intellectual property. Gibbs free energy includes a subtraction from the total that is due to the energy having an amount of disorder (entropy) at a given temperature (S*T). In a sense, the waste and I.P. expense is like a pre-existing "disorder" (or inefficiency) in the assets. If the size of the system under a common legal and currency control is stable, the new total net work energy coming into the system in a given time is equal to the waste energy going out. The infrastructure that acquires the input energy is a potential energy that will be depleted over time as the infrastructure depreciates. Every asset is similarly a potential energy. So the net work energy I've defined is probably better viewed as a potential energy and new energy coming in and going out in a stable system keep that potential energy constant. If the incoming energy coming is greater than the waste going out, the potential energy of the system is increasing, which should be accompanied by an increase in currency. Also, if the I.P. costs in the system decreases, it is like the S*T part of Gibbs free energy decreasing, enabling more of the potential energy to be converted into work energy. This also demands more currency creation.
The currency is proportional to the net work energy in the system, but not equal to it. All assets in a legal system should have a reference such as a document that defines the owner. The currency gains control of a portion of those assets (say, 10%) by owners having debts as well as assets which places a lien on their assets, so they do not exactly have full ownership of the assets they own. The debts may be expressible in other assets, but the legal system typically allows settlement in the currency. So not all debt is currency, but all currency is based on a debt. An immediate question I have is "Should the total debt-currency (as a percentage of the assets in the system) be constant?" My first guess is "yes" to keep things simple and therefore more measurable and predictable.
The rest is highly suspect that I need to investigate further. I have it here for my future reference.
coins = bytes = DNA = synapses => used to create economically beneficial arrangements of atoms and potential energy
The usefulness of energy depends on the form it is in as well as the pre-existing order of the matter it needs to move. For example, oil in the ground is not as valuable as oil in a tanker. Gold in an vein is not as useful as gold in sea water. So the order in the mass of commodities has value like energy commodities due to making itself more amenable for energy to move. A.I. systems like evolution and economies use energy to move mass to make copies of themselves to repeat the process. More precisely, the historical position of mass and potential energy gradients cause matter to form self-replicating way. Genes, brains, and A.I. are not forces that do anything of their own free will, but they are the result of forces from pre-existing potential energy gradients that created them. They are enzymes that allow energy and mass to move in an efficient direction, not forces. The following is mathematically exactly true: Intelligence = efficient prediction = compression = science. I am referring to the "density" of each of these, not the total abilities. For example, science seeks to predict the most in the least number of bytes. The least number of bytes is known as Occam's razor in science and is the 2nd of two fundamental tenants of science. The first is that observations should have the potential to prove a theory wrong (falsifiability), and that those observations always support the theory (reproducible observations). So the 1st science tenant is prediction and the 2nd is compression or efficiency. Total currency in an A.I. system = bytes / time that are destroyed in CPU computations and memory writes. Every computation in a CPU and memory write to RAM or a hard drive generates heat and entropy. The theoretical minimal entropy per byte destroyed is S =kb * ln(2). kb is boltzmann's constant. The minimal heat energy created (the energy lost) is Q = Temperature * S. In economics, the "bytes" are "dollars" that represent energy spent like a CPU computation to create a mass of a commodity (like the storage of a byte). When we write to memory in A.I. we are creating value that can be used in the future. Typically the writes are assigning weights to the connections in neural nets or the probabilities to a Bayesian net or making copies of a gene in genetic algorithms. Bytes in evolution are DNA. The bytes in our bodies are cellular energy like glucose and energy stored in the crystals of DNA. Energy-based commodities are spent to create mass-based commodities that are used for an economic system to replicate (expand), just like evolution and A.I. Total currency is the total available commodities per economic cycle. Approximating a constant number of economizing agents like people or neurons in a brain or nodes in a neural net means that the currency is also a bytes per economic cycle per economizing agent. Agents compete for the limited number of bytes in order to increase the number of bytes per agent per cycle. Coins are bytes that represent a percent ownership of the total commodities available per economic cycle per person.
Previously I described how all characteristics of an ideal currency such as Nick Szabo's list (scarcity, fungibility, divisibility, durability, and transferability) can be derived from the desire to have constant value in space and time. The best measure of "value" results in a more specific definition: ideal constant value currency is proportional to the net work energy available per person. A legal system creates the relevance of the currency and guides system-wide goals. Otherwise it is an anarchy-type asset where individuals are not necessarily cooperating for a larger goal such as survival and promotion of a society. I'm not talking about that type of currency. The assumed legal system dictates how the energy may be used, which includes enforcing the concept of ownership of "the work energy assets" and enforcing law (settling disputes, collecting taxes, etc) in that particular currency (unless the transfer of other "work energy assets" in certain cases is more appropriate). Intellectual property does not have a visible net work energy that is proportional to its numerical value, but it ostensibly increases the net work energy available in other assets by making the use of them more efficient, even if only by entertaining people which may enable them to work better. Assets have a real net physical work energy, but in calculating how much more currency should be in the system due to those assets, the costs of anything such as intellectual property needed in its conversion to work should be first subtracted out.
There is waste energy as heat when work energy is expended, and the amount depends on the form of the original energy. There is also wasted energy when work energy is expended to get other work energy where it is needed. These and other forms of waste are not included in the "net total work in the system per person" that I'm talking about. So, I can't say this work is exactly based on Gibbs free energy ( E = U + pV - ST) of a set of atoms in some system because that is measured before these wastes. Gibbs free energy is the precise definition of "available work energy". So what I'm talking about is the Gibbs free energy minus the waste which includes cost of the intellectual property. Gibbs free energy includes a subtraction from the total that is due to the energy having an amount of disorder (entropy) at a given temperature (S*T). In a sense, the waste and I.P. expense is like a pre-existing "disorder" (or inefficiency) in the assets. If the size of the system under a common legal and currency control is stable, the new total net work energy coming into the system in a given time is equal to the waste energy going out. The infrastructure that acquires the input energy is a potential energy that will be depleted over time as the infrastructure depreciates. Every asset is similarly a potential energy. So the net work energy I've defined is probably better viewed as a potential energy and new energy coming in and going out in a stable system keep that potential energy constant. If the incoming energy coming is greater than the waste going out, the potential energy of the system is increasing, which should be accompanied by an increase in currency. Also, if the I.P. costs in the system decreases, it is like the S*T part of Gibbs free energy decreasing, enabling more of the potential energy to be converted into work energy. This also demands more currency creation.
The currency is proportional to the net work energy in the system, but not equal to it. All assets in a legal system should have a reference such as a document that defines the owner. The currency gains control of a portion of those assets (say, 10%) by owners having debts as well as assets which places a lien on their assets, so they do not exactly have full ownership of the assets they own. The debts may be expressible in other assets, but the legal system typically allows settlement in the currency. So not all debt is currency, but all currency is based on a debt. An immediate question I have is "Should the total debt-currency (as a percentage of the assets in the system) be constant?" My first guess is "yes" to keep things simple and therefore more measurable and predictable.
The rest is highly suspect that I need to investigate further. I have it here for my future reference.
coins = bytes = DNA = synapses => used to create economically beneficial arrangements of atoms and potential energy
The usefulness of energy depends on the form it is in as well as the pre-existing order of the matter it needs to move. For example, oil in the ground is not as valuable as oil in a tanker. Gold in an vein is not as useful as gold in sea water. So the order in the mass of commodities has value like energy commodities due to making itself more amenable for energy to move. A.I. systems like evolution and economies use energy to move mass to make copies of themselves to repeat the process. More precisely, the historical position of mass and potential energy gradients cause matter to form self-replicating way. Genes, brains, and A.I. are not forces that do anything of their own free will, but they are the result of forces from pre-existing potential energy gradients that created them. They are enzymes that allow energy and mass to move in an efficient direction, not forces. The following is mathematically exactly true: Intelligence = efficient prediction = compression = science. I am referring to the "density" of each of these, not the total abilities. For example, science seeks to predict the most in the least number of bytes. The least number of bytes is known as Occam's razor in science and is the 2nd of two fundamental tenants of science. The first is that observations should have the potential to prove a theory wrong (falsifiability), and that those observations always support the theory (reproducible observations). So the 1st science tenant is prediction and the 2nd is compression or efficiency. Total currency in an A.I. system = bytes / time that are destroyed in CPU computations and memory writes. Every computation in a CPU and memory write to RAM or a hard drive generates heat and entropy. The theoretical minimal entropy per byte destroyed is S =kb * ln(2). kb is boltzmann's constant. The minimal heat energy created (the energy lost) is Q = Temperature * S. In economics, the "bytes" are "dollars" that represent energy spent like a CPU computation to create a mass of a commodity (like the storage of a byte). When we write to memory in A.I. we are creating value that can be used in the future. Typically the writes are assigning weights to the connections in neural nets or the probabilities to a Bayesian net or making copies of a gene in genetic algorithms. Bytes in evolution are DNA. The bytes in our bodies are cellular energy like glucose and energy stored in the crystals of DNA. Energy-based commodities are spent to create mass-based commodities that are used for an economic system to replicate (expand), just like evolution and A.I. Total currency is the total available commodities per economic cycle. Approximating a constant number of economizing agents like people or neurons in a brain or nodes in a neural net means that the currency is also a bytes per economic cycle per economizing agent. Agents compete for the limited number of bytes in order to increase the number of bytes per agent per cycle. Coins are bytes that represent a percent ownership of the total commodities available per economic cycle per person.
ideal cryptocurrency:
This is jumbled, but I want to save it for future review to pick up where I left off.
The general idea is for people to gain "reputation points" as their own personal coin by "giving" something away, someone receives and gives "reputation to you". It costs them reputation to give to you. So you want to give only to people you trust to stay within the system. You vouch for them and they vouch for you. You lose reputation if they cheat on others in the future. You keep each other's transactions on a blockchain, and those of your mutual nearest neighbors. Everyone will have a different blockchain, supporting your "local" buyers/sellers, who support you. Trust before a transaction is from a potential buyer/seller checking your past transactions and confirming with those people that your blockchain is correct and complete. The exchange rate for reputation depends on how close buyer and seller are in their network of connections. It should be possible to limit the amount of your transactions potential buyers/sellers can see, but your exchange rate will not be good if you are too secretive about your past. Transaction speeds to check everyone and proceed should be very fast, less than a minute. Your reputation could be recoverable from your "local network" if you lose your keys. Outsiders not wanting to disclose information about themselves will not be able to decrypt blockchains that contain your data.
=======
Here's another "insane idea" to be added onto to the timestamp idea (again, not necessarily the stars). People get more coin by having more "friends". It might be a slightly exponential function to discourage multiple identities. Your individual coin value is worth more to your "local" friends than to "distant" friends. The distance is shorter if you have a larger number of parallel connections through unique routes. A coin between A and D when they are connected through friends like A->B->C->D and A->E->F->D is worth more than if the E in the 2nd route is B or C. But if E is not there (A->F->D) then the distance is shorter. More coin is generated as the network grows. Each transaction is recorded, stored, timestamped, and signed by you and your friends and maybe your friends' friends. Maybe they are the only ones who can see it unencrypted or your get the choice of a privacy level. Higher privacy requirement means people who do not actually know you will trust your coin less. Maybe password recovery and "2-factor" security can be implemented by closest friends. Each transaction has description of item bought/sold so that the network can be searched for product. There is also a review and rating field for both buyer and seller. For every positive review, you must have 1 negative review: you can't give everyone 5 stars like on ebay and high ranking reviewers on Amazon (positive reviewers get better ranking based on people liking them more than it being an honest review). This is a P2P trust system, but there must be a way to do it so that it is not easy tricked, which is the usual complaint and there is a privacy issue. But look at the benefits. Truly P2P. Since it does not use a single blockchain it is infinitely faster and infinitely more secure than the bitcoin blockchain. I know nothing about programming a blockchain, let alone understand it if I created a clone. But I could program this. And if I can program it, then it is secure and definitive enough to be hard-coded by someone more clever and need changing only fast as the underlying crypto standards (about once per 2 decades?)
zawy [9:54 AM]
Obviously the intent is to replace fiat, amazon, and ebay, but it should also replace FB. A transaction could be a payment you make to friends if you want them to look at a photo. The photo would be part of the transaction data. Since only you and your friends store the data, there are no transaction fees other than the cost of your computing devices. Your friends have to like it in order for you to get your money back. LOL, right? But it's definitely needed. We need to step back and be able to generalize the concept of reviews, likes, votes, and products into the concept of a coin. You have a limited amount dictated by the size of the network. The network of friends decides how much you get. They decide if you should get more or less relative power than other friends. (edited)
zawy [9:58 AM]
It would not require trust in the way you're thinking. Your reputation via the history of transactions would enable people to trust you. It's like a brand name, another reason for having only 1 identity. Encouraging 1 identity is key to prevent people from creating false identities with a bot in order to get more coin. The trick and difficulty is in preventing false identities in a way that scams the community.
zawy [10:04 AM]
Everyone should have a motivation to link to only real, known friends. That's the trick anf difficulty. I'm using "friend" very loosely. It just needs to be a known person. Like me and you could link to David Mercer and Zookoo, but we can't vouch for each other very well. That's because David and Zookoo have built up more real social credibility through many years and good work. They have sacrificed some privacy in order to get it. Satoshi could get real enormous credibility through various provable verifications and not even give up privacy, so it's not a given that privacy must be sacrificed. (edited)
zawy [10:07 AM]
Right, it should be made, if possible, to not give an advantage to people because they are taking a risk in their personal safety.
zawy [10:15 AM]
The system should enable individuals to be safer, stronger, etc while at the same time advancing those who advance the system. So those who help others the most are helped by others the most. "Virtuous feedback". This is evolution, except it should not be forgotten that "help others the most" means "help 2 others who have 4 times the wealth to pay you instead of 4 others with nominal wealth". So it's not necessarily charitably socialistic like people often want for potential very good reasons, but potentially brutally capitalistic, like evolution.
zawy [6:26 AM]
It does not have to be social network, but it does seem likable social people would immediately get more wealth. It's a transaction + reputation + existence network. Your coin quantity is based on reviews others give you for past transactions (social or financial) plus the mere fact that you were able to engage in economic or social activity with others (a measure of the probability of your existence). There have been coins based on trust networks but I have not looked into them. It's just the only way I can think of to solve the big issues. If the algorithm can be done in a simple way, then it's evidence to me that it is the correct way to go. Coins give legal control of other people's time and assets. If you and I are not popular in at least a business sense where people give real money instead of "smiles" and "likes" like your brother, why should society relinquish coin (control) to us? The "smiles" might be in a different category than the coin. I mean you may not be able to buy and sell likes like coin. Likes might need to be like "votes". You would get so many "likes" per day to "vote" on your friends, rather than my previous description of people needing to be "liked" in order to give likes, which is just a constant quantity coin. Or maybe both likes and coin could be both: everyone gets so many likes and coins per day, but they are also able to buy/sell/accumulate them. I have not searched for and thought through a theoretical foundation for determining which of these options is the best. Another idea is that every one would issue their own coin via promises. This is how most money is created. Coin implies a tangible asset with inherent value. But paper currency is usually a debt instrument. "I will buy X from you with a promise to pay you back with Y." Y is a standard measure of value like the 1 hour of laborer's time plus a basket of commodities. Government issues fiat with the promise it buys you the time and effort of its taxpayers because it demands taxes to be paid in that fiat. This is called modern monetary theory.
zawy [6:40 AM]
So China sells us stuff for dollars, and those dollars gives china control of U.S. taxpayers, provided our government keeps its implicit promise to not inflate the fiat to an unexpectedly low value too quickly, which would be a default on its debt. So your "financially popular" existence that is proven by past transactions of fulfilling your debt promises gives you the ability to make larger and larger debt promises. How or if social likes/votes should interact with that I do not yet know. But I believe it should be like democratic capitalism. The sole purpose of votes is to prevent the concentration of wealth, distributing power more evenly. This makes commodity prices lower and gives more mouths to feed, and that enabled big armies, so it overthrew kings, lords, and religions. Then machines enabled a small educated Europe and then U.S. population to gain control of the world.
[6:43]
If my ideas ever solidify, I'll program it in Python.
The end game of currency will be a trust network where your reputation among friends and past buyers/sellers is the amount of currency you own to purchase things in the future. You can't lose your keys because your reputation is stored on the network. It's not centralized in any way like bitcoin, except for the protocol people should agree on. Complete anonymity is not possible, but only sociopaths don't have any friends and don't deserve any currency. A super-majority of friends can rat you out or give your keys back. You can't exchange with strangers until the network grows tentacles via 6 degrees of separation. You are penalized if a friend cheats and vice versa. You can have multiple identities but it means you would have to split friends among them, not getting any net benefit except fall-back security and dispersion to distant networks. There is no currency except how friends of friends of friends etc choose to score your reputation. There's no profit to being a dev or adopting early. There's huge profit in not being anonymous.
your productivity would show in high scores from things youve sold. As I mentioned last time I'm using "friends" losely. The guy in india who gets me cheap meds is a friend. I sent him bitcoin blindly and hope i get the products
[9:26]
he and i benefit based on trust which is based on our reputation with each other
zawy [9:45 PM]
Again, the network would have to really grow "grassroots" style among people like you and me. You and I have not trust with the bots sending us spam and whatnot, and we would not believe anything posted on bitcointalk unless we had a history of knowing someone
[9:47]
the whole point is to solve these problems. I mean I have these problems in mind as a reason for designing it. I just havent worked on any of the details
[9:49]
our computer would check a potential sellers network for connections to ours, and we buy nothing from them because the reliability settings we've chosen would indicate low reputation no matter how many friends they have simply because we and our friends have no experience with them. an interesting side effect is that you're more likely to do business with people you know.
[9:50]
but in the beginning, we would trust strangers as much as we do people on ebay and openbazaar
zawy [9:53 PM]
we are each basically issuing our own credits and debits like the tally sticks. We are issuing our own currency. The settings people choose depend on how much they score our reputation.
[9:54]
so there would be 7 billion currencies and (7B)^2 exchange rates
zawy [9:56 PM]
total currency should equal total energy controlled by the legal system divided by the number of people
and recovering lost coins is not possible. I'm talking about trying to get perfect even distribution and lightening speed pf the network everywhere and the ability to recover lost keys and potentially losing anonymity only among friends
zawy [10:02 PM]
i mean i could be an anonymous person on the internet like Satoshi who has enormous reputation despite the physical body being unknown
your "blockchain" would be only a recorded of your friends transactions. so a buyer and seller's computer would request data from your past buyers and sellers (your friends) to take his own measure of your reputation score
zawy [10:07 PM]
so I should really say friends, but that's the way it could start. Really maybe it's more likely to start with strangers you just have to trust like I do cpeople in india and china. So instead of "friends
I should say "past buyers and sellers"
The general idea is for people to gain "reputation points" as their own personal coin by "giving" something away, someone receives and gives "reputation to you". It costs them reputation to give to you. So you want to give only to people you trust to stay within the system. You vouch for them and they vouch for you. You lose reputation if they cheat on others in the future. You keep each other's transactions on a blockchain, and those of your mutual nearest neighbors. Everyone will have a different blockchain, supporting your "local" buyers/sellers, who support you. Trust before a transaction is from a potential buyer/seller checking your past transactions and confirming with those people that your blockchain is correct and complete. The exchange rate for reputation depends on how close buyer and seller are in their network of connections. It should be possible to limit the amount of your transactions potential buyers/sellers can see, but your exchange rate will not be good if you are too secretive about your past. Transaction speeds to check everyone and proceed should be very fast, less than a minute. Your reputation could be recoverable from your "local network" if you lose your keys. Outsiders not wanting to disclose information about themselves will not be able to decrypt blockchains that contain your data.
=======
Here's another "insane idea" to be added onto to the timestamp idea (again, not necessarily the stars). People get more coin by having more "friends". It might be a slightly exponential function to discourage multiple identities. Your individual coin value is worth more to your "local" friends than to "distant" friends. The distance is shorter if you have a larger number of parallel connections through unique routes. A coin between A and D when they are connected through friends like A->B->C->D and A->E->F->D is worth more than if the E in the 2nd route is B or C. But if E is not there (A->F->D) then the distance is shorter. More coin is generated as the network grows. Each transaction is recorded, stored, timestamped, and signed by you and your friends and maybe your friends' friends. Maybe they are the only ones who can see it unencrypted or your get the choice of a privacy level. Higher privacy requirement means people who do not actually know you will trust your coin less. Maybe password recovery and "2-factor" security can be implemented by closest friends. Each transaction has description of item bought/sold so that the network can be searched for product. There is also a review and rating field for both buyer and seller. For every positive review, you must have 1 negative review: you can't give everyone 5 stars like on ebay and high ranking reviewers on Amazon (positive reviewers get better ranking based on people liking them more than it being an honest review). This is a P2P trust system, but there must be a way to do it so that it is not easy tricked, which is the usual complaint and there is a privacy issue. But look at the benefits. Truly P2P. Since it does not use a single blockchain it is infinitely faster and infinitely more secure than the bitcoin blockchain. I know nothing about programming a blockchain, let alone understand it if I created a clone. But I could program this. And if I can program it, then it is secure and definitive enough to be hard-coded by someone more clever and need changing only fast as the underlying crypto standards (about once per 2 decades?)
zawy [9:54 AM]
Obviously the intent is to replace fiat, amazon, and ebay, but it should also replace FB. A transaction could be a payment you make to friends if you want them to look at a photo. The photo would be part of the transaction data. Since only you and your friends store the data, there are no transaction fees other than the cost of your computing devices. Your friends have to like it in order for you to get your money back. LOL, right? But it's definitely needed. We need to step back and be able to generalize the concept of reviews, likes, votes, and products into the concept of a coin. You have a limited amount dictated by the size of the network. The network of friends decides how much you get. They decide if you should get more or less relative power than other friends. (edited)
zawy [9:58 AM]
It would not require trust in the way you're thinking. Your reputation via the history of transactions would enable people to trust you. It's like a brand name, another reason for having only 1 identity. Encouraging 1 identity is key to prevent people from creating false identities with a bot in order to get more coin. The trick and difficulty is in preventing false identities in a way that scams the community.
zawy [10:04 AM]
Everyone should have a motivation to link to only real, known friends. That's the trick anf difficulty. I'm using "friend" very loosely. It just needs to be a known person. Like me and you could link to David Mercer and Zookoo, but we can't vouch for each other very well. That's because David and Zookoo have built up more real social credibility through many years and good work. They have sacrificed some privacy in order to get it. Satoshi could get real enormous credibility through various provable verifications and not even give up privacy, so it's not a given that privacy must be sacrificed. (edited)
zawy [10:07 AM]
Right, it should be made, if possible, to not give an advantage to people because they are taking a risk in their personal safety.
zawy [10:15 AM]
The system should enable individuals to be safer, stronger, etc while at the same time advancing those who advance the system. So those who help others the most are helped by others the most. "Virtuous feedback". This is evolution, except it should not be forgotten that "help others the most" means "help 2 others who have 4 times the wealth to pay you instead of 4 others with nominal wealth". So it's not necessarily charitably socialistic like people often want for potential very good reasons, but potentially brutally capitalistic, like evolution.
zawy [6:26 AM]
It does not have to be social network, but it does seem likable social people would immediately get more wealth. It's a transaction + reputation + existence network. Your coin quantity is based on reviews others give you for past transactions (social or financial) plus the mere fact that you were able to engage in economic or social activity with others (a measure of the probability of your existence). There have been coins based on trust networks but I have not looked into them. It's just the only way I can think of to solve the big issues. If the algorithm can be done in a simple way, then it's evidence to me that it is the correct way to go. Coins give legal control of other people's time and assets. If you and I are not popular in at least a business sense where people give real money instead of "smiles" and "likes" like your brother, why should society relinquish coin (control) to us? The "smiles" might be in a different category than the coin. I mean you may not be able to buy and sell likes like coin. Likes might need to be like "votes". You would get so many "likes" per day to "vote" on your friends, rather than my previous description of people needing to be "liked" in order to give likes, which is just a constant quantity coin. Or maybe both likes and coin could be both: everyone gets so many likes and coins per day, but they are also able to buy/sell/accumulate them. I have not searched for and thought through a theoretical foundation for determining which of these options is the best. Another idea is that every one would issue their own coin via promises. This is how most money is created. Coin implies a tangible asset with inherent value. But paper currency is usually a debt instrument. "I will buy X from you with a promise to pay you back with Y." Y is a standard measure of value like the 1 hour of laborer's time plus a basket of commodities. Government issues fiat with the promise it buys you the time and effort of its taxpayers because it demands taxes to be paid in that fiat. This is called modern monetary theory.
zawy [6:40 AM]
So China sells us stuff for dollars, and those dollars gives china control of U.S. taxpayers, provided our government keeps its implicit promise to not inflate the fiat to an unexpectedly low value too quickly, which would be a default on its debt. So your "financially popular" existence that is proven by past transactions of fulfilling your debt promises gives you the ability to make larger and larger debt promises. How or if social likes/votes should interact with that I do not yet know. But I believe it should be like democratic capitalism. The sole purpose of votes is to prevent the concentration of wealth, distributing power more evenly. This makes commodity prices lower and gives more mouths to feed, and that enabled big armies, so it overthrew kings, lords, and religions. Then machines enabled a small educated Europe and then U.S. population to gain control of the world.
[6:43]
If my ideas ever solidify, I'll program it in Python.
The end game of currency will be a trust network where your reputation among friends and past buyers/sellers is the amount of currency you own to purchase things in the future. You can't lose your keys because your reputation is stored on the network. It's not centralized in any way like bitcoin, except for the protocol people should agree on. Complete anonymity is not possible, but only sociopaths don't have any friends and don't deserve any currency. A super-majority of friends can rat you out or give your keys back. You can't exchange with strangers until the network grows tentacles via 6 degrees of separation. You are penalized if a friend cheats and vice versa. You can have multiple identities but it means you would have to split friends among them, not getting any net benefit except fall-back security and dispersion to distant networks. There is no currency except how friends of friends of friends etc choose to score your reputation. There's no profit to being a dev or adopting early. There's huge profit in not being anonymous.
your productivity would show in high scores from things youve sold. As I mentioned last time I'm using "friends" losely. The guy in india who gets me cheap meds is a friend. I sent him bitcoin blindly and hope i get the products
[9:26]
he and i benefit based on trust which is based on our reputation with each other
zawy [9:45 PM]
Again, the network would have to really grow "grassroots" style among people like you and me. You and I have not trust with the bots sending us spam and whatnot, and we would not believe anything posted on bitcointalk unless we had a history of knowing someone
[9:47]
the whole point is to solve these problems. I mean I have these problems in mind as a reason for designing it. I just havent worked on any of the details
[9:49]
our computer would check a potential sellers network for connections to ours, and we buy nothing from them because the reliability settings we've chosen would indicate low reputation no matter how many friends they have simply because we and our friends have no experience with them. an interesting side effect is that you're more likely to do business with people you know.
[9:50]
but in the beginning, we would trust strangers as much as we do people on ebay and openbazaar
zawy [9:53 PM]
we are each basically issuing our own credits and debits like the tally sticks. We are issuing our own currency. The settings people choose depend on how much they score our reputation.
[9:54]
so there would be 7 billion currencies and (7B)^2 exchange rates
zawy [9:56 PM]
total currency should equal total energy controlled by the legal system divided by the number of people
and recovering lost coins is not possible. I'm talking about trying to get perfect even distribution and lightening speed pf the network everywhere and the ability to recover lost keys and potentially losing anonymity only among friends
zawy [10:02 PM]
i mean i could be an anonymous person on the internet like Satoshi who has enormous reputation despite the physical body being unknown
your "blockchain" would be only a recorded of your friends transactions. so a buyer and seller's computer would request data from your past buyers and sellers (your friends) to take his own measure of your reputation score
zawy [10:07 PM]
so I should really say friends, but that's the way it could start. Really maybe it's more likely to start with strangers you just have to trust like I do cpeople in india and china. So instead of "friends
I should say "past buyers and sellers"
Monday, September 25, 2017
What's wrong with global warming?
What’s bad about global warming? Plants generally love the doubling of CO2, possibly offsetting the destruction of marine life. Shifting of farmlands is probably not going happen faster than we can adapt, as evidenced by Netherlands (of all places) being 2nd largest exporter (in dollars) of vegetables. I read a study that concluded it has no impact on manufacturing. It appears solar cells for fueling cars and homes (with thorium reactors for night?) could stop the CO2 increases. Worse, I do not even see global warming as relevant. We will still continue destroying species at roughly 5,000 the background rate until we are left with only the ones we find economically relevant. But it’s not exactly “us” destroying biology. The “rise of the machines” makes other species irrelevant to the point of unintentional destruction. Even human thought and labor are already so irrelevant that it’s hard to imagine of what use humanity will be to our economic machine 50 years from now other than spending basic guaranteed income. Free money destroys culture and seems to create needless violence (research on the result of the past 50 years of U.S. welfare). Even now “the machines” don’t even need capital to suddenly change everything via 1 or 2 decent programmers and/or someone making good marketing decisions. I mention capital because it has always been thought of as the tool by which the machines and a few capitalists would enslave everyone else without government intervention. The tech that makes capital irrelevant could make everyone wealthier and more independent (for example: solar cells and hydroponic gardening packages for your backyard, not to mention peer-to-peer blockchain technology replacing governments and financial industry). But I do not believe the physics that governs evolution (closed thermodynamic system receiving energy and emitting energy and entropy to the universe) that results in economizing structures of lower and lower entropy per mole is going to forever blindly find it optimal to merely fulfill human desires. Even now thinking we are somehow in control is a suspect idea. We are merely one of the many resulting enzymatic pathways physics uses to move matter via potentials. The machines are vastly better than biology at every aspect of evolution: capturing energy from the sun, moving matter with that energy, having strong structures to do it, and to model and optimize future scenarios with thinking machines. It’s taking my children 4 hours a day for 6 years and ~100 grams of grey matter to understand spoken and written Chinese as well as 1 gram of silicon on my smart phone learned in 30 seconds. It’s because the low entropy per mole of silicon allows the control of electrons instead of ions in wet brains that weigh 40,000x more. Global warming is irrelevant because biology as we know it will soon be irrelevant.
Thursday, August 24, 2017
BitcoinCash difficulty algorithm problems
BitcoinCash allows a drop in difficulty down to 1/4 if the last 5 blocks took > 12 hours. But the rise in difficulty takes 2016 blocks (two weeks if the difficulty matches hashrate) like bitcoin. They did this so that difficulty could drop quickly after the fork. But this asymmetry (long time to adjust up, but short time to adjust down) is causing unexpected feedback that will cause oscillations that could cause too many coins to be issued and the price go towards zero until there is a fork to fix it.
This is how it starts and why it gets worse: Assume price is stable and difficulty matches hashrate correctly. If for some reason price relative to bitcoin falls at the end of a set of 2016 blocks, some will jump ship but next difficulty adjustment will still be too high because it is a long averaging window. A short rolling averaging window would not have caused a problem (and does not even need the attempted BCH "fix" to get difficulty lower). But as it is, difficulty will be too high for the next block, so miners are still discouraged from mining. The slower issuance of coins may actually support price, but maybe he longer solve times, seen as a problem, can cause an even more negative effect on price. If price falls a little more due to this, the threshold of mining profitability may be passed, so a flood of miners could exit, causing really long solvetimes. This can cause the price to drop even further due to not being able to get transactions to go through. So REALLY long solvetime could occur. As soon as the 5 blocks take more than 12 hours, difficulty in the next 2016 set (only the 3rd in this sequence) will go to 1/4. remember difficulty in the 2nd block had actually dropped a little, so the 1/4 is not fixing an accidental 4x increase in difficulty. Suddenly, it is really profitable to mine, unless the price also dropped to 1/4. Let's say it had dropped to 1/2 or less. So the blocks will come at a fast rate. But as soon as that 2016 set ends, difficulty will be massive in the 4th set of 2016 blocks, and the price may be even lower due to people seeing the problem and due to too many coins being mined too quickly and sold. No longer have long solvetimes is "fixed" for that set, but it is only replace by the opposite problem. The 4th set will have very high difficulty and last maybe only 5 blocks as it will take too long to solve, then the 6th block will get the difficulty down to 1/4. If there was more than 4x increase in hashrate due to miners jumping on, then 1/4 downward change may not be a lower difficulty than it was in the 3rd set of 2016. The price should also be worse. These two effects may reduce the oscillation. But notice it depends on a huge number suddenly jumping on AND a worse price, and this is the best case scenario for reducing the size of the oscillations. The alternative of larger oscillations will also have a negative effect on price. So it's an unavoidable downward pressure on price. I saw a buy/sell opportunity in BCH and made good on it. This is actually looking like an impending buying opportunity, right before a fork that fixes it.
A huge part of this is that BCH miners can go back and forth to BTC. But notice large BTC miners have no place to go if there was a similar problem in BTC. It's kind of another reason 1 big coin naturally results.
edit:
Summary
Causes:
1) Asymmetrical math in how difficulty rises verses falls.
2) There is a threshold to mining profitability, so that only a minor fall in price can cause many miners to jump ship
3) Miners can switch back to BTC while waiting for the difficulty to fall which magnifies the problem caused by 2).
3) 1 and 2 may not have been a problem if it was a short rolling average window to determine the difficulty instead of being like BTC and suddenly changing every 2016 blocks.
4) This problem erodes price from reducing the quality of the coin by have 2 hour solvetimes if not issuing too many coins too quickly.
This is how it starts and why it gets worse: Assume price is stable and difficulty matches hashrate correctly. If for some reason price relative to bitcoin falls at the end of a set of 2016 blocks, some will jump ship but next difficulty adjustment will still be too high because it is a long averaging window. A short rolling averaging window would not have caused a problem (and does not even need the attempted BCH "fix" to get difficulty lower). But as it is, difficulty will be too high for the next block, so miners are still discouraged from mining. The slower issuance of coins may actually support price, but maybe he longer solve times, seen as a problem, can cause an even more negative effect on price. If price falls a little more due to this, the threshold of mining profitability may be passed, so a flood of miners could exit, causing really long solvetimes. This can cause the price to drop even further due to not being able to get transactions to go through. So REALLY long solvetime could occur. As soon as the 5 blocks take more than 12 hours, difficulty in the next 2016 set (only the 3rd in this sequence) will go to 1/4. remember difficulty in the 2nd block had actually dropped a little, so the 1/4 is not fixing an accidental 4x increase in difficulty. Suddenly, it is really profitable to mine, unless the price also dropped to 1/4. Let's say it had dropped to 1/2 or less. So the blocks will come at a fast rate. But as soon as that 2016 set ends, difficulty will be massive in the 4th set of 2016 blocks, and the price may be even lower due to people seeing the problem and due to too many coins being mined too quickly and sold. No longer have long solvetimes is "fixed" for that set, but it is only replace by the opposite problem. The 4th set will have very high difficulty and last maybe only 5 blocks as it will take too long to solve, then the 6th block will get the difficulty down to 1/4. If there was more than 4x increase in hashrate due to miners jumping on, then 1/4 downward change may not be a lower difficulty than it was in the 3rd set of 2016. The price should also be worse. These two effects may reduce the oscillation. But notice it depends on a huge number suddenly jumping on AND a worse price, and this is the best case scenario for reducing the size of the oscillations. The alternative of larger oscillations will also have a negative effect on price. So it's an unavoidable downward pressure on price. I saw a buy/sell opportunity in BCH and made good on it. This is actually looking like an impending buying opportunity, right before a fork that fixes it.
A huge part of this is that BCH miners can go back and forth to BTC. But notice large BTC miners have no place to go if there was a similar problem in BTC. It's kind of another reason 1 big coin naturally results.
edit:
Summary
Causes:
1) Asymmetrical math in how difficulty rises verses falls.
2) There is a threshold to mining profitability, so that only a minor fall in price can cause many miners to jump ship
3) Miners can switch back to BTC while waiting for the difficulty to fall which magnifies the problem caused by 2).
3) 1 and 2 may not have been a problem if it was a short rolling average window to determine the difficulty instead of being like BTC and suddenly changing every 2016 blocks.
4) This problem erodes price from reducing the quality of the coin by have 2 hour solvetimes if not issuing too many coins too quickly.
Friday, August 11, 2017
Strong Drink mix for Parkinson's
I have been putting together a really strong drink. I guess it's about $15 a day, with most of the cost being in the powder extracts, $2 to $3 per day each, straight from China in bulk.
12 oz pomegranate juice from Hispanic store (not the expensive POM)
added sweet concentrates:
=================
black cherry concentrate 12 g
black molasses 12 g (sugar cane juice after most of the white sugar is removed)
Jallab 12 g (Arabic grape skin extract plus others)
powder 10:1 extracts:
==================
blueberry extract 12 g (my eyesight sharpened enough to not need my barely-needed glasses in 4 days)
strawberry extract 12 g
apple peel extract 12 g
tangerine peel extract 12 g
Citrus flavonoids with animal studies in PD, bought from china in bulk.
These doses are 1/4 the human-equivalent doses because the studies are "shock" studies on the animals by which I mean they are very short term to see how the chemicals work in response to PD-like toxin challenges.
===================================
nobiletin 500 mg
naringin 300 mg
tangeretin 100 mg
Other stuff in pills with strong animal and epidemiological evidence for PD and ability to absorb and cross blood brain barrier (pills not in the drink):
====================
black tea extract
green tea extract
grape seed extract
fisetin
(inosine to be added)
The American producer of patented fisetin is not clear that it is pure fisetin and the brand is hiding details about what it is, so I'll spend 1/3 as much to get pure fisetin from China and then sell the excess on ebay. Inosine in bulk is also 1/3 the cost from china.
Canola mayonnaise, the bomb!
Broccoli, Sardines, home-made very yeasty beer, olive oil
1 hour exercise, then drink it to absorb the sugar.
12 oz pomegranate juice from Hispanic store (not the expensive POM)
added sweet concentrates:
=================
black cherry concentrate 12 g
black molasses 12 g (sugar cane juice after most of the white sugar is removed)
Jallab 12 g (Arabic grape skin extract plus others)
powder 10:1 extracts:
==================
blueberry extract 12 g (my eyesight sharpened enough to not need my barely-needed glasses in 4 days)
strawberry extract 12 g
apple peel extract 12 g
tangerine peel extract 12 g
Citrus flavonoids with animal studies in PD, bought from china in bulk.
These doses are 1/4 the human-equivalent doses because the studies are "shock" studies on the animals by which I mean they are very short term to see how the chemicals work in response to PD-like toxin challenges.
===================================
nobiletin 500 mg
naringin 300 mg
tangeretin 100 mg
Other stuff in pills with strong animal and epidemiological evidence for PD and ability to absorb and cross blood brain barrier (pills not in the drink):
====================
black tea extract
green tea extract
grape seed extract
fisetin
(inosine to be added)
The American producer of patented fisetin is not clear that it is pure fisetin and the brand is hiding details about what it is, so I'll spend 1/3 as much to get pure fisetin from China and then sell the excess on ebay. Inosine in bulk is also 1/3 the cost from china.
Canola mayonnaise, the bomb!
Broccoli, Sardines, home-made very yeasty beer, olive oil
1 hour exercise, then drink it to absorb the sugar.
Tuesday, August 8, 2017
Potential value of bitcoin, empires, and taxes
M3 is roughly "all cash". For US dollars, it's about $30 trillion. The rest of the world I'll estimate at $25 trillion because the Euro is about $12 T in USD. I expect bitcoin and alts to roughly follow this ratio, so BTC would be compared to dollars. so the max would be 30T/21M = $1.5M per BTC. As this happens, dollars all over the world will come flooding home making them worthless, so it's more important for Americans to switch early than in other countries, to maintain current lifestyle. The ability to print dollars and the growing world economy accepting them has been the biggest boon any country has ever seen. We were basically allowed to print them as fast as the world's economy grew. We spent half the surplus on a military which pushed and supported the use of the dollar, enabling stability and exchangeability in the same way MicroSoft "helped" software. Bitcoin is the Linux of money. Wealth will be more evenly distributed as the dollar monopoly in currency ceases.
Not just the U.S. but all governments will lose power to control if they lose control of the currency that their citizens demand. Countries enforce a currency by demanding taxes and legal disputes be settled in their dollars. Empires use currency to enslave other countries. So countries can start their own cryptocoin, enabling them to enforce law more directly and automatically extract taxes by being privy to every transaction. This would relegate BTC to replacing only gold for private holders, which is $7T, $350,000/BTC, but potentially a lot more since a lot of countries want to be more fair in international exchange instead of being stuck with the dollar. Gold is harder to move so there's a great desire to switch to BTC. Also, buying stuff directly from other countries instead of Amazon will need BTC, which is a "black market" as far as the U.S. government will be concerned. It takes away their power as the dollars come home. They can make it illegal to import things from other countries without dollars. The U.S. desperately needs dollars to stay out of the country. When foreigners like the Chinese government start giving us wads of dollars to get BTC, that is NOT the time to switch back to dollars. That is the end of the U.S. as the world power. That is when great powers fall: they spend too much on military to support a coin or gold, lose their skills at production due to enslaving people in the distant lands (via the coin supported by the military), then find themselves powerless as their coin collapses. In the case of Spain getting gold, they just spent it all, then the armada fell and Britain's superior skill at ship building took over. There is also the possibility that BTC will be a basis for establishing ownership of assets and enforcing smart contracts, again putting it well over the $1M/BTC range. I do not expect it to go over $500,000 in 20 years. If it reaches $100,000 it will be a primary way of buying $1M beach houses as old money finds itself increasingly poor and BTC millionaires start looking for something to do with their gains.
50x = $150k/BTC does not need BTC to be lucky. It only needs to be the best idea. When BTC reaches $150k it will be because it is starting to be used as an international standard for trade. It will be because dollars are coming home which will make them lose all their value. The U.S. government will then have to decide to cancel all social security and most government expenses (pollution, law, roads, retirements) and foreign debts, or print money (hyperinflation). That will not stop the inflation because there will be 3x more dollars inside the U.S. from foreigner not wanting them. If it takes 15 years, that will be 7% inflation plus our current 3%. 10% inflation is far from hyperinflation, but still a disaster. Actually the disaster was letting there be a "balance of payments" surplus the past 50 years which means more money going out (via free trade, military, and dept) than what was coming in. This results in erosion of the country's ability to support itself. Free trade is a disaster if it makes the balance of payments worse. The U.S. (like China) got out from under enslavement of a foreign currency by enacting trade tariffs. China's devaluation of currency is in effect a trade tariff on the external world's imports which forces its people to work harder and develop more skill. I believe the U.S. is sophisticated enough not to have hyperinflation. When it reaches $150k, it is NOT the time the sell, but a time to keep holding, unless you see a better option. But I think a capped-quantity coin is not a good solution and not the solution the rest of the world will want due to late-comers being at a disadvantage. But unless a new coin lets smartphones determine their own time via the stars or random or 3rd party consensus trust, and combine it with a local trust network to decentralize the coin (protecting it from big miners), BTC may be the best option. This is because all alts subject to 51% can be destroyed via simple forward-stamping timestamps, and if BTC miners are hodlers, they will soon find it more profitable to destroy alts than to mine, forcing more money into a few coins. They may even use their BTC value gains to buy more equipment to retain power by destroying alts instead of mining BTC. The miners may turn into BTC's military. This is what happens to all empires: they win by might is right until all the slave countries figure out a way to get out from under the coin that controls them. The coin is backed by a military. Coins are how governments exert control. Some argue BTC has no government, that devs are not really in control. However that may be, anyone who holds BTC will be the new lords, enslaving the late comers, backed by our military, the miners. At least this is our best-case scenario in our search for personal profit.
Not just the U.S. but all governments will lose power to control if they lose control of the currency that their citizens demand. Countries enforce a currency by demanding taxes and legal disputes be settled in their dollars. Empires use currency to enslave other countries. So countries can start their own cryptocoin, enabling them to enforce law more directly and automatically extract taxes by being privy to every transaction. This would relegate BTC to replacing only gold for private holders, which is $7T, $350,000/BTC, but potentially a lot more since a lot of countries want to be more fair in international exchange instead of being stuck with the dollar. Gold is harder to move so there's a great desire to switch to BTC. Also, buying stuff directly from other countries instead of Amazon will need BTC, which is a "black market" as far as the U.S. government will be concerned. It takes away their power as the dollars come home. They can make it illegal to import things from other countries without dollars. The U.S. desperately needs dollars to stay out of the country. When foreigners like the Chinese government start giving us wads of dollars to get BTC, that is NOT the time to switch back to dollars. That is the end of the U.S. as the world power. That is when great powers fall: they spend too much on military to support a coin or gold, lose their skills at production due to enslaving people in the distant lands (via the coin supported by the military), then find themselves powerless as their coin collapses. In the case of Spain getting gold, they just spent it all, then the armada fell and Britain's superior skill at ship building took over. There is also the possibility that BTC will be a basis for establishing ownership of assets and enforcing smart contracts, again putting it well over the $1M/BTC range. I do not expect it to go over $500,000 in 20 years. If it reaches $100,000 it will be a primary way of buying $1M beach houses as old money finds itself increasingly poor and BTC millionaires start looking for something to do with their gains.
50x = $150k/BTC does not need BTC to be lucky. It only needs to be the best idea. When BTC reaches $150k it will be because it is starting to be used as an international standard for trade. It will be because dollars are coming home which will make them lose all their value. The U.S. government will then have to decide to cancel all social security and most government expenses (pollution, law, roads, retirements) and foreign debts, or print money (hyperinflation). That will not stop the inflation because there will be 3x more dollars inside the U.S. from foreigner not wanting them. If it takes 15 years, that will be 7% inflation plus our current 3%. 10% inflation is far from hyperinflation, but still a disaster. Actually the disaster was letting there be a "balance of payments" surplus the past 50 years which means more money going out (via free trade, military, and dept) than what was coming in. This results in erosion of the country's ability to support itself. Free trade is a disaster if it makes the balance of payments worse. The U.S. (like China) got out from under enslavement of a foreign currency by enacting trade tariffs. China's devaluation of currency is in effect a trade tariff on the external world's imports which forces its people to work harder and develop more skill. I believe the U.S. is sophisticated enough not to have hyperinflation. When it reaches $150k, it is NOT the time the sell, but a time to keep holding, unless you see a better option. But I think a capped-quantity coin is not a good solution and not the solution the rest of the world will want due to late-comers being at a disadvantage. But unless a new coin lets smartphones determine their own time via the stars or random or 3rd party consensus trust, and combine it with a local trust network to decentralize the coin (protecting it from big miners), BTC may be the best option. This is because all alts subject to 51% can be destroyed via simple forward-stamping timestamps, and if BTC miners are hodlers, they will soon find it more profitable to destroy alts than to mine, forcing more money into a few coins. They may even use their BTC value gains to buy more equipment to retain power by destroying alts instead of mining BTC. The miners may turn into BTC's military. This is what happens to all empires: they win by might is right until all the slave countries figure out a way to get out from under the coin that controls them. The coin is backed by a military. Coins are how governments exert control. Some argue BTC has no government, that devs are not really in control. However that may be, anyone who holds BTC will be the new lords, enslaving the late comers, backed by our military, the miners. At least this is our best-case scenario in our search for personal profit.
Thursday, August 3, 2017
Shaking marbles in a jar as a bare-bones model of evolution, A.I., and economics
"...that we give off heat is not accidental, but essential. For this is precisely the manner in which we dispose of the surplus entropy we continually produce in our physical life process. This seems to suggest that the higher temperature of the warm-blooded animal includes the advantage of enabling it to get rid of its entropy at a quicker rate, so that it can afford a more intense life process. ... [But] the parallelism between body temperature and 'intensity of life', which I believe to exist, may have to be accounted for more directly by van't Hoff’s law: the higher temperature itself speeds up the chemical reactions involved in living."
- Erwin Schrodinger, What is Life?Physical evolution in its simplest form is shaking a jar of randomly-packed marbles in a gravitational field. In short, cyclic energy injected into a "closed thermodynamic system" results in entropy being released to the universe as black body radiation (more low-energy photons go out than high-energy photons came in, keeping a constant internal energy balance). Since entropy is a conserved quantity, the entropy inside the container is reduced (a feature of closed thermodynamic systems but not for "isolated" systems). A reduction in entropy exhibits itself as a higher degree of order by becoming more densely packed, harder, and repeating patterns.
The physics of shaking marbles in a jar
When you randomly and slowly place marbles in a jar they will pack with about 56% fill ratio, leaving 44% space. If you shake them afterwards, starting first with hard and then softer shakes, they will pack with > 63%. The harder shakes allow for the bottom layer to form first. The softer shakes allow the higher levels to settle without upsetting the lower levels. This is what the moon has done to Earth: it was initially a lot closer and is getting further away each year. The highest theoretical packing is 75%. Random forces in shaking do not have this effect. Non-random shaking can be thought of as a "periodic" or "semi-periodic" force (or energy injection). For packing differently sized and shaped particles much higher packing can be achieved by adding heat while lowering pressure, then raise pressure as the heat drops, and then repeat, but lowering the temperature and pressure each time (see "Simulated annealing"). The heat checks particle-orientation options while the pressure that follows secures and compacts the solutions. The pressure is a force like gravity. The heat is the shaking.
Chemical bonds
The reduction in entropy in the products of life can be measured via molar aka specific entropy. There exists in chemistry potential energy gradients due to charges that causes atoms and molecules to acquire lower-entropy states due to sticking better than previous arrangements, very much like the previous sections's packing. Again, the excess entropy is released to the universe. The cycle of seasons (surface temperature variation) caused by the collision that created the moon and the moon itself cause a shaking of the atoms and molecules that assists the discovery of the "tighter packings". A side effect of the moon and seasons is more lightning strikes, ocean vents, tides, and ore concentrations, all of which are lower-entropy events that are believed to have assisted the development of life.
Correlation between the jar and life on Earth
The Sun, moon, and Earth's rotation are the initial source of non-random energy coming into the biosphere. The "non-random" (low entropy) placement of the moon's mass away from the Earth has been crucial for life's development (Isaac Asimov once discussed this). Its effect has decreased with time as the moon has gotten further away each year. The effect of the moon is apparent to NASA's life-hunters: the most promising places seem to involve an external gravitational force periodically affecting a celestial body (usually moons close to a planet). Water is important as it helps atoms and molecules find lower-entropy arrangements as in the marbles being somewhat "fluid" in a jar. The Sun is more important via photosynthesis these days, but life probably initially capitalized on (or extracted?) the low entropy accident of the moon's initial placement, and axis tilt. I calculated in a previous post that today the Sun is providing 150x more energy than the yearly loss in Earth's rotational energy due to the moon, but at the beginning of life, the moon was >3x closer with >9x more gravitational effect, and the Earth was turning a lot faster. My calculation (from available data) indicated the moon provided about 20% of what the Sun was providing. This is a "mass moving" quality of energy rather than simple "heating" provided by the Sun. The combination may have been crucial: periodic heating was a "periodic shaking" at the molecular level while the "mass moving" shaking provided a larger-scale directional force to where the resulting molecules would go. There might be a parallel here with government providing a macro-scale container and forcing function to individual micro "high-energy" (thermal agitation) market transactions.
As the moon gets further away, the entropy of the Earth-moon system is increasing due to a volume increase. The Earth's rotation rate is slowing, giving some energy to the moon in order for it to get further away, but a much larger percent is used to churn the air, seas, and mantle via the moon's gravity. To what extent were an excess of ocean vents present (where the oldest known life fossils have been found) due to the moon churning the mantle? The second oldest place fossilized life has been found is in bays with ocean tidal zones, which is more obviously assisted by the moon. To what extent would our massive economic machine not have been possible if the moon had not churned the mantle enough to make more low-entropy ore concentrations possible via volcanic activity? Most commodity production that is crucial to our economics depends massively on concentrations of things like metal ores and good soil.
DNA is a very low entropy crystal that lasts a long time, as should be expected form the thermodynamics of Earth described above. It is important to keep in mind genes have no force of their own. They are just enzymes. Only energy gradients can move them and help them to make copies. The copies are in some sense lower entropy (a "copy" is almost by definition lower entropy). Certainly DNA crystals are lower entropy than a random arrangement of those same atoms and molecules in soil and air. This requires tapping into an external source of low entropy (for a given temperature and pressure). My thesis here is that the moon and seasons have been re-injecting lower entropy and thereby made life more pervasive.
If there had not been a collision that created the moon, the Earth would have still been rotating (giving a daily cycle of temperature changes and resulting air current "forces") and water, so it's far from clear the moon was a necessary condition.
Correlation to artificial intelligence
A large part of A.I. in finding solutions to complex problems is starting with random values in neural nets, Bayesian probabilities, and genetic algorithms. The "marbles" are the neural nodes, Bayesian nodes, or genes. You typically start with random values and give the program computational energy (shaking) for the nodes or genes to request CPU time and memory (energy) while they are under a system-wide A.I. algorithmic constraint (the jar). The "shaking" has to be periodic (low entropy), not random. A good parallel in A.I. is competing against a copy of itself in games. Non-efficient solutions will show many patterns in the node weights, probabilities, or genes. The patterns may be eliminated for condensing the node weights, probabilities, and genes into a smaller set of nodes that is more random on a per weight/probability/gene basis. This is like taking marbles out of the jar which is less entropy by a factor of roughly equal to N2/N1 (this is exact if it's a specific molar entropy) and it allows a smaller jar which is also less entropy by a factor described at the note at the bottom.
Correlation to economics
The A.I. must have some sort of direct, implied, or unnoticed limited-quantity currency that corresponds to the amount of CPU time (FLOPS) and memory that is available, if there is a limit on them. The currency is the energy being transmitted from the jar (the algorithm constraints) to each marble (the weight/probability change or gene replication). The CPU time and memory are kinetic and potential energies. The hardware itself is a potential energy. The currency quantity corresponds to computing quantity. If the hardware increases then the currency can be expanded by the algorithm (the government) to keep constant value so that nothing else in the algorithm needs to change. This is like increasing the level of shaking: the currency is the amount of energy being transferred from marble to marble from the jar. The energy comes from the governing jar or A.I via the permission granted by possession of the currency and eventually goes back to it (taxes). In my jar there is no currency I can point to except the energy itself. Although the energy coming in and size of the jar may not change, the entropy of the system gets smaller as it gets more efficient. The lower entropy means better command, control, and strength that is typically used to increase the incoming energy, the "size of the jar", and the number of "marbles". If the allowable nodes or genes are increased, then the value of the currency per node or gene decreases by that same proportion if the hardware has not improved because they will have to compete to get the same computer time and memory. So the currency quantity needs to decrease if the currency should represent the same amount of FLOPs and byte space.
In other words, for contracts to remain valid, the currency quantity should change in proportion to the energy per person that is under the system's control.
Physics note: All other things being equal, the entropy increase of the moon getting further away is S=S2-S1 where S1=a*[ln(b*V1) + c] where V is the volume of the Earth-moon system and a, b, and c are constants. There is rotational energy decrease and gravitational energy increase, but these are internal energies that do not change the kinetic energy of the system (that could have affected the entropy) because the Earth's temperature is about a constant. But those lost energies do emit a lot of entropy away from the system as waste heat. As another example important to the following: harder materials have lower entropy due to the atoms having fewer places per volume that they can occupy. Specifically, for a single harmonic oscillator (in a solid) S=k*ln(kT/hf + 1) where f is frequency of the oscillations which is higher for stronger bonds.
Wednesday, July 19, 2017
A P2P cryptocurrency to replace FB, Amazon, Fiat, and Bitcoin.
Posted to HUSH slack. A prelude to this
Here's an idea for a cryptocoin to build upon the timestamp idea I posted a few days ago (again, that does not necessarily use the stars).
People get more coin by having more "friends" (actually, people you know to be distinct individuals). It might be a slightly exponential function to discourage multiple identities. Your individual coin value is worth more to your "local" friends than to "distant" friends. The distance is shorter if you have a larger number of parallel connections through unique routes. A coin between A and D when they are connected through friends like A->B->C->D and A->E->F->D is worth more than if the E in the 2nd route is B or C. But if E is not there (A->F->D) then the distance is shorter. More coin is generated as the network grows. Each transaction is recorded, stored, timestamped, and signed by you and your friends and maybe your friends' friends. Maybe they are the only ones who can see it unencrypted or your get the choice of a privacy level. Higher privacy requirement means people who do not actually know you will trust your coin less. Maybe password recovery and "2-factor" security can be implemented by closest friends. Each transaction has description of item bought/sold so that the network can be searched for product. There is also a review and rating field for both buyer and seller. For every positive review, you must have 1 negative review: you can't give everyone 5 stars like on ebay and high ranking reviewers on Amazon (positive reviewers get better ranking based on people liking them more than it being an honest review). This is a P2P trust system, but there must be a way to do it so that it is not easy tricked, which is the usual complaint and there is a privacy issue. But look at the benefits. Truly P2P. Since it does not use a single blockchain it is infinitely faster and infinitely more secure than the bitcoin blockchain. I know nothing about programming a blockchain, let alone understand it if I created a clone. But I could program this. And if I can program it, then it is secure and definitive enough to be hard-coded by someone more clever and need changing only fast as the underlying crypto standards (about once per 2 decades?)
Obviously the intent is to replace fiat, amazon, and ebay, but it should also replace FB. A transaction could be a payment you make to friends if you want them to look at a photo. The photo would be part of the transaction data. Since only you and your friends store the data, there are no transaction fees other than the cost of your computing devices. Your friends have to like it in order for you to get your money back. LOL, right? But it's definitely needed. We need to step back and be able to generalize the concept of reviews, likes, votes, and products into the concept of a coin. You have a limited amount dictated by the size of the network. The network of friends decides how much you get. They decide if you should get more or less relative power than other friends.
It would not require trust in the way you're thinking. Your reputation via the history of transactions would enable people to trust you. It's like a brand name, another reason for having only 1 identity. Encouraging 1 identity is key to prevent people from creating false identities with a bot in order to get more coin. The trick and difficulty is in preventing false identities in a way that scams the community.
Everyone should have a motivation to link to only real, known friends. That's the trick anf difficulty. I'm using "friend" very loosely. It just needs to be a known person. Like me and you could link to David Mercer and Zookoo, but we can't vouch for each other. That's because David and Zookoo have built up more real social credibility through many years and good work. They have sacrificed some privacy in order to get it. Satoshi could get real enormous credibility through various provable verifications and not even give up privacy, so it's not a given that privacy must be sacrificed. It should be made, if possible, to not give an advantage to people because they are taking a risk in their personal safety.
The system should enable individuals to be safer, stronger, etc while at the same time advancing those who advance the system. So those who help others the most are helped by others the most. "Virtuous feedback". This is evolution, except it should not be forgotten that "help others the most" means "help 2 others who have 4 times the wealth to pay you instead of 4 others with nominal wealth". So it's not necessarily charitably socialistic like people often want for potential very good reasons, but potentially brutally capitalistic, like evolution.
It does not have to be social network, but it does seem likable social people would immediately get more wealth. It's a transaction + reputation + existence network. Your coin quantity is based on reviews others give you for past transactions (social or financial) plus the mere fact that you were able to engage in economic or social activity with others (a measure of the probability of your existence). There have been coins based on trust networks but I have not looked into them. It's just the only way I can think of to solve the big issues. If the algorithm can be done in a simple way, then it's evidence to me that it is the correct way to go. Coins give legal control of other people's time and assets. If you and I are not popular in at least a business sense where people give real money instead of "smiles" and "likes" like your brother, why should society relinquish coin (control) to us? The "smiles" might be in a different category than the coin. I mean you may not be able to buy and sell likes like coin. Likes might need to be like "votes". You would get so many "likes" per day to "vote" on your friends, rather than my previous description of people needing to be "liked" in order to give likes, which is just a constant quantity coin. Or maybe both likes and coin could be both: everyone gets so many likes and coins per day, but they are also able to buy/sell/accumulate them. I have not searched for and thought through a theoretical foundation for determining which of these options is the best. Another idea is that every one would issue their own coin via promises. This is how most money is created. Coin implies a tangible asset with inherent value. But paper currency is usually a debt instrument. "I will buy X from you with a promise to pay you back with Y." Y is a standard measure of value like the 1 hour of laborer's time plus a basket of commodities. Government issues fiat with the promise it buys you the time and effort of its taxpayers because it demands taxes to be paid in that fiat. This is called modern monetary theory.
So China sells us stuff for dollars, and those dollars gives china control of U.S. taxpayers, provided our government keeps its implicit promise to not inflate the fiat to an unexpectedly low value too quickly, which would be a default on its debt. So your "financially popular" existence that is proven by past transactions of fulfilling your debt promises gives you the ability to make larger and larger debt promises. How or if social likes/votes should interact with that I do not yet know. But I believe it should be like democratic capitalism. The sole purpose of votes is to prevent the concentration of wealth, distributing power more evenly. This makes commodity prices lower and gives more mouths to feed, and that enabled big armies, so it overthrew kings, lords, and religions. Then machines enabled a small educated Europe and then U.S. population to gain control of the world.
=====
see that the Ithaca NY local HOUR coins are a simplified version of what I was trying to invent. The things missing are: 1) digitize it 2) enable seamless expansion (exchange rates) to other "local" communities (in other words, "local" would be a continuous expansion from yourself, to your "friends" to the world. "friends" would have a better exchange rate as they are trusted more. "friends" is a bad word: "trusted market participants" is better. So Amazon (at least for me) would get a high beginning trust setting. There would be an algorithm for determining the exchange rate based on how much your trusted connections trust the secondary connections. Then your own history with secondary marketplace connections (such as buying from an Amazon chinese source directly) would increase your trust of them if your exchanges with them have been good. "Trust" aka "history of good reputation" would be the currency (not "friends"). A missing 3) item is the ability to include a review by both buyer and seller next to the history of exchanges. Your history of exchanges are stored in your most highly trusted connections. Future buyers or sellers wanting to interact with you (or you with them) would be able to see your hisotry of transactions. There would be a setting of how private you want to be. If you want to be intensely private, your exchange rate with distant buyers/sellers would not be as good because they can't verify your reputation. "Reputation" is the primary coin and it would be treated like any other asset. But the creation and destruction of the coin would be managed on a system-wide level so that your reputation can be compared to others, so those with least reputation are weeded out via the marketplace. If you give nothing measurable to society, then you would get nothing from it. You can sell your reputation for dollars or whatever. "likes" might be a 1 to 10 integer that goes beside the "review" field that adds or subtracts from your reputation. But giving likes comes at a cost of your own reputation. I have not worked out the details of this. These likes are just like the 10 signatures on the back of script in the Ithaca NY HOURS coins. So I could learn a lot from their 26-year experiment on how to enable it to expand. They need to be in contact with some really good blockchain devs who could implement something like I'm describing. It could be like an explosion emanating from Ithaca NY that changes the world. Proven there, it could pop-up in other places independently but instantly tap into Ithaca via a few extensions of trust. Extension of trust is the creation of a debt and credit, the source of all fiat-like currency. But by managing the total on a system-wide level without a trusted 3rd party prevents it from being like current gov-backed fiat. Some features: your personal blockchain of transactions is not publicly disclosed unless you want. It is also recoverable and reversible if > 50% of your most local trusted sources agree to your request for recovery. So no permanently lost coins. A thief and those who accepted funds from thieves would lose out. But if you get hacked too much, then the reversals hurt your reputation.
zawy [8:59 AM]
There are several crucial good features this has: 1) there's not exactly a single coin, but a continuous spectrum of exchange rates between reputations in keeping with an evolvability 2) security/protection of value via reversibility by local consensus. 3) The local consensus that determines reputation points and reversals can be penalized by the wider market if it has a reputation of being a bad or dumb consensus. 4) It's not a fixed-quantity coin (quantity of coin is determined by the market rather than an arbitrary decision by core devs, under the constraint of a protocol I haven't defined) 5) there is not a central blockchain which has security, privacy, anonymity, and failure problems. 6) the protocol can have various parameters chosen by the user. The user can chooses his reputation coin's characteristics. The wider market will decide how to value that coin. The users decide parameters that determine how to value other's reputation. I might trust chinese manufacturers to send product more than other people. You could decide this by haggling on price, but auto-searching for buyers and sellers needs you to define how you're going to rate potential candidates. Even the protocol has the potential of being changeable (evolvable). 7) OpenBazaar is not needed because it's inherent to the protocol. If you have a history of selling an item and allow your buyers to make it public, then scans of the network reveal you. Certain requirements are needed such not being able to pick and choose which past buyers can reveal past transactions. 8 ) Besides having "cross chain atomic swaps" and openBazaar built-in via a very simple protocol (Even Zcash-level anonymity might be choosable for individual transactions), I think it could also include STEEM and LBRY objectives as well as smart contracts.
9) government would have to bend over backwards to justify taxing your marketplace reputation. Even VAT taxes might have trouble if every reputation credit you issue creates a reputation debit. This could turn bank manipulation of government against both gov and banks: we are not taxed for taking out loans which enables banks to charge more interest. When we buy a house, our signature to promise to repay the debt is an asset on the bank's balance sheet. This enables them to create money out of thin air via the Fed, which is somehow connected to the FED's overnight interest rate. You pay 6%, bank gets 5%, FED get's 1%, or something like that. The rest of the money (your house's value) came from no-where to pay previous owner, and goes back to nowhere as you pay it off, except for the interest you gave to the banks and FED. Our promise to pay it back is the source of the initial money. Banks might be limited in their ability to do this by reserve requirements. Anyway, the system I'm describing makes your local trusted marketplace connections your bank. They are basically issuing credit to relative strangers by vouching for your reputation to repay. Your local network is taking the risk of you not repaying them. You repay the debt to your creditors via future transactions. The amount you buy must equal the amount you sell. Your expenditures equal your income so there is no net income to tax, as long as you do not convert your reputation credit to dollars. You and your local network have no net asset to be taxed. Any net assets you gain for resell are inventory that is not taxed (if less than $10 M)
I do not propose any mining, but local connections validate and record your transactions (including smart contracts). Everyone "mines" by giving more than they receive. Best summary of the idea: By initially trusting people more than your measurement of their reputation justifies, you are loaning trust to the system that the system will pay back to you. So "trust" is the debit side (what you give) and "reputation" (what you receive) is the credit side of your personal balance sheet that the system records on your local "connections" (these are not simple network peers but people with who you have a history of transactions). Let's say I send you a 2 pound bar of tellurium for nothing except to gain reputation points in the system. I need you to be a part of the system and to record the transaction. That still does not benefit my reputation unless you also gain reputation by buying or selling with others. Then those others and myself trust each other's reputation more since we all trust you. A history with them builds trust without you, so you could default out and things not crash. The trick is for the protocol to keep track of things so that it is not tricked by false identities into unjustly increasing or decreasing reputations. There needs to be a pre-existing trust to get it started. The system does not create any trust. It only keeps track of who deserves a credit of trust from past giving of trust and who owes a debt of trust by receiving goods or services or other likes without trusting anyone.
The only way to get a good reputation is to sell goods or services to someone who is not in your network. You get more reputation if you send the goods or services to someone who is not in anyone's network, provided they subsequently add others to their network who are not in yours. This should only add to your reputation after the fact only 1 level and decreases after they've added a few, so it's not a pyramid scheme. The goal is not to reward you for bringing in others, but reward you for making a real sale to a real independent person (not your personal friends who did not receive anything in return) who will use the system on their on. This is the same thing as "burning" something such as human labor (in antiques) or computing resources. Nick Szabo has also stressed the importance of the age of an item and it's history of use as a currency as increasing its value. So the length of time someone has been holding and building reputation without violating trust would add value to their reputation. This causes some added value for early adoption and for sticking with the system. The formulas for calculating reputation need to be derivable by statistical theory or determined by the marketplace.
Here's an idea for a cryptocoin to build upon the timestamp idea I posted a few days ago (again, that does not necessarily use the stars).
People get more coin by having more "friends" (actually, people you know to be distinct individuals). It might be a slightly exponential function to discourage multiple identities. Your individual coin value is worth more to your "local" friends than to "distant" friends. The distance is shorter if you have a larger number of parallel connections through unique routes. A coin between A and D when they are connected through friends like A->B->C->D and A->E->F->D is worth more than if the E in the 2nd route is B or C. But if E is not there (A->F->D) then the distance is shorter. More coin is generated as the network grows. Each transaction is recorded, stored, timestamped, and signed by you and your friends and maybe your friends' friends. Maybe they are the only ones who can see it unencrypted or your get the choice of a privacy level. Higher privacy requirement means people who do not actually know you will trust your coin less. Maybe password recovery and "2-factor" security can be implemented by closest friends. Each transaction has description of item bought/sold so that the network can be searched for product. There is also a review and rating field for both buyer and seller. For every positive review, you must have 1 negative review: you can't give everyone 5 stars like on ebay and high ranking reviewers on Amazon (positive reviewers get better ranking based on people liking them more than it being an honest review). This is a P2P trust system, but there must be a way to do it so that it is not easy tricked, which is the usual complaint and there is a privacy issue. But look at the benefits. Truly P2P. Since it does not use a single blockchain it is infinitely faster and infinitely more secure than the bitcoin blockchain. I know nothing about programming a blockchain, let alone understand it if I created a clone. But I could program this. And if I can program it, then it is secure and definitive enough to be hard-coded by someone more clever and need changing only fast as the underlying crypto standards (about once per 2 decades?)
Obviously the intent is to replace fiat, amazon, and ebay, but it should also replace FB. A transaction could be a payment you make to friends if you want them to look at a photo. The photo would be part of the transaction data. Since only you and your friends store the data, there are no transaction fees other than the cost of your computing devices. Your friends have to like it in order for you to get your money back. LOL, right? But it's definitely needed. We need to step back and be able to generalize the concept of reviews, likes, votes, and products into the concept of a coin. You have a limited amount dictated by the size of the network. The network of friends decides how much you get. They decide if you should get more or less relative power than other friends.
It would not require trust in the way you're thinking. Your reputation via the history of transactions would enable people to trust you. It's like a brand name, another reason for having only 1 identity. Encouraging 1 identity is key to prevent people from creating false identities with a bot in order to get more coin. The trick and difficulty is in preventing false identities in a way that scams the community.
Everyone should have a motivation to link to only real, known friends. That's the trick anf difficulty. I'm using "friend" very loosely. It just needs to be a known person. Like me and you could link to David Mercer and Zookoo, but we can't vouch for each other. That's because David and Zookoo have built up more real social credibility through many years and good work. They have sacrificed some privacy in order to get it. Satoshi could get real enormous credibility through various provable verifications and not even give up privacy, so it's not a given that privacy must be sacrificed. It should be made, if possible, to not give an advantage to people because they are taking a risk in their personal safety.
The system should enable individuals to be safer, stronger, etc while at the same time advancing those who advance the system. So those who help others the most are helped by others the most. "Virtuous feedback". This is evolution, except it should not be forgotten that "help others the most" means "help 2 others who have 4 times the wealth to pay you instead of 4 others with nominal wealth". So it's not necessarily charitably socialistic like people often want for potential very good reasons, but potentially brutally capitalistic, like evolution.
It does not have to be social network, but it does seem likable social people would immediately get more wealth. It's a transaction + reputation + existence network. Your coin quantity is based on reviews others give you for past transactions (social or financial) plus the mere fact that you were able to engage in economic or social activity with others (a measure of the probability of your existence). There have been coins based on trust networks but I have not looked into them. It's just the only way I can think of to solve the big issues. If the algorithm can be done in a simple way, then it's evidence to me that it is the correct way to go. Coins give legal control of other people's time and assets. If you and I are not popular in at least a business sense where people give real money instead of "smiles" and "likes" like your brother, why should society relinquish coin (control) to us? The "smiles" might be in a different category than the coin. I mean you may not be able to buy and sell likes like coin. Likes might need to be like "votes". You would get so many "likes" per day to "vote" on your friends, rather than my previous description of people needing to be "liked" in order to give likes, which is just a constant quantity coin. Or maybe both likes and coin could be both: everyone gets so many likes and coins per day, but they are also able to buy/sell/accumulate them. I have not searched for and thought through a theoretical foundation for determining which of these options is the best. Another idea is that every one would issue their own coin via promises. This is how most money is created. Coin implies a tangible asset with inherent value. But paper currency is usually a debt instrument. "I will buy X from you with a promise to pay you back with Y." Y is a standard measure of value like the 1 hour of laborer's time plus a basket of commodities. Government issues fiat with the promise it buys you the time and effort of its taxpayers because it demands taxes to be paid in that fiat. This is called modern monetary theory.
So China sells us stuff for dollars, and those dollars gives china control of U.S. taxpayers, provided our government keeps its implicit promise to not inflate the fiat to an unexpectedly low value too quickly, which would be a default on its debt. So your "financially popular" existence that is proven by past transactions of fulfilling your debt promises gives you the ability to make larger and larger debt promises. How or if social likes/votes should interact with that I do not yet know. But I believe it should be like democratic capitalism. The sole purpose of votes is to prevent the concentration of wealth, distributing power more evenly. This makes commodity prices lower and gives more mouths to feed, and that enabled big armies, so it overthrew kings, lords, and religions. Then machines enabled a small educated Europe and then U.S. population to gain control of the world.
=====
see that the Ithaca NY local HOUR coins are a simplified version of what I was trying to invent. The things missing are: 1) digitize it 2) enable seamless expansion (exchange rates) to other "local" communities (in other words, "local" would be a continuous expansion from yourself, to your "friends" to the world. "friends" would have a better exchange rate as they are trusted more. "friends" is a bad word: "trusted market participants" is better. So Amazon (at least for me) would get a high beginning trust setting. There would be an algorithm for determining the exchange rate based on how much your trusted connections trust the secondary connections. Then your own history with secondary marketplace connections (such as buying from an Amazon chinese source directly) would increase your trust of them if your exchanges with them have been good. "Trust" aka "history of good reputation" would be the currency (not "friends"). A missing 3) item is the ability to include a review by both buyer and seller next to the history of exchanges. Your history of exchanges are stored in your most highly trusted connections. Future buyers or sellers wanting to interact with you (or you with them) would be able to see your hisotry of transactions. There would be a setting of how private you want to be. If you want to be intensely private, your exchange rate with distant buyers/sellers would not be as good because they can't verify your reputation. "Reputation" is the primary coin and it would be treated like any other asset. But the creation and destruction of the coin would be managed on a system-wide level so that your reputation can be compared to others, so those with least reputation are weeded out via the marketplace. If you give nothing measurable to society, then you would get nothing from it. You can sell your reputation for dollars or whatever. "likes" might be a 1 to 10 integer that goes beside the "review" field that adds or subtracts from your reputation. But giving likes comes at a cost of your own reputation. I have not worked out the details of this. These likes are just like the 10 signatures on the back of script in the Ithaca NY HOURS coins. So I could learn a lot from their 26-year experiment on how to enable it to expand. They need to be in contact with some really good blockchain devs who could implement something like I'm describing. It could be like an explosion emanating from Ithaca NY that changes the world. Proven there, it could pop-up in other places independently but instantly tap into Ithaca via a few extensions of trust. Extension of trust is the creation of a debt and credit, the source of all fiat-like currency. But by managing the total on a system-wide level without a trusted 3rd party prevents it from being like current gov-backed fiat. Some features: your personal blockchain of transactions is not publicly disclosed unless you want. It is also recoverable and reversible if > 50% of your most local trusted sources agree to your request for recovery. So no permanently lost coins. A thief and those who accepted funds from thieves would lose out. But if you get hacked too much, then the reversals hurt your reputation.
zawy [8:59 AM]
There are several crucial good features this has: 1) there's not exactly a single coin, but a continuous spectrum of exchange rates between reputations in keeping with an evolvability 2) security/protection of value via reversibility by local consensus. 3) The local consensus that determines reputation points and reversals can be penalized by the wider market if it has a reputation of being a bad or dumb consensus. 4) It's not a fixed-quantity coin (quantity of coin is determined by the market rather than an arbitrary decision by core devs, under the constraint of a protocol I haven't defined) 5) there is not a central blockchain which has security, privacy, anonymity, and failure problems. 6) the protocol can have various parameters chosen by the user. The user can chooses his reputation coin's characteristics. The wider market will decide how to value that coin. The users decide parameters that determine how to value other's reputation. I might trust chinese manufacturers to send product more than other people. You could decide this by haggling on price, but auto-searching for buyers and sellers needs you to define how you're going to rate potential candidates. Even the protocol has the potential of being changeable (evolvable). 7) OpenBazaar is not needed because it's inherent to the protocol. If you have a history of selling an item and allow your buyers to make it public, then scans of the network reveal you. Certain requirements are needed such not being able to pick and choose which past buyers can reveal past transactions. 8 ) Besides having "cross chain atomic swaps" and openBazaar built-in via a very simple protocol (Even Zcash-level anonymity might be choosable for individual transactions), I think it could also include STEEM and LBRY objectives as well as smart contracts.
9) government would have to bend over backwards to justify taxing your marketplace reputation. Even VAT taxes might have trouble if every reputation credit you issue creates a reputation debit. This could turn bank manipulation of government against both gov and banks: we are not taxed for taking out loans which enables banks to charge more interest. When we buy a house, our signature to promise to repay the debt is an asset on the bank's balance sheet. This enables them to create money out of thin air via the Fed, which is somehow connected to the FED's overnight interest rate. You pay 6%, bank gets 5%, FED get's 1%, or something like that. The rest of the money (your house's value) came from no-where to pay previous owner, and goes back to nowhere as you pay it off, except for the interest you gave to the banks and FED. Our promise to pay it back is the source of the initial money. Banks might be limited in their ability to do this by reserve requirements. Anyway, the system I'm describing makes your local trusted marketplace connections your bank. They are basically issuing credit to relative strangers by vouching for your reputation to repay. Your local network is taking the risk of you not repaying them. You repay the debt to your creditors via future transactions. The amount you buy must equal the amount you sell. Your expenditures equal your income so there is no net income to tax, as long as you do not convert your reputation credit to dollars. You and your local network have no net asset to be taxed. Any net assets you gain for resell are inventory that is not taxed (if less than $10 M)
I do not propose any mining, but local connections validate and record your transactions (including smart contracts). Everyone "mines" by giving more than they receive. Best summary of the idea: By initially trusting people more than your measurement of their reputation justifies, you are loaning trust to the system that the system will pay back to you. So "trust" is the debit side (what you give) and "reputation" (what you receive) is the credit side of your personal balance sheet that the system records on your local "connections" (these are not simple network peers but people with who you have a history of transactions). Let's say I send you a 2 pound bar of tellurium for nothing except to gain reputation points in the system. I need you to be a part of the system and to record the transaction. That still does not benefit my reputation unless you also gain reputation by buying or selling with others. Then those others and myself trust each other's reputation more since we all trust you. A history with them builds trust without you, so you could default out and things not crash. The trick is for the protocol to keep track of things so that it is not tricked by false identities into unjustly increasing or decreasing reputations. There needs to be a pre-existing trust to get it started. The system does not create any trust. It only keeps track of who deserves a credit of trust from past giving of trust and who owes a debt of trust by receiving goods or services or other likes without trusting anyone.
The only way to get a good reputation is to sell goods or services to someone who is not in your network. You get more reputation if you send the goods or services to someone who is not in anyone's network, provided they subsequently add others to their network who are not in yours. This should only add to your reputation after the fact only 1 level and decreases after they've added a few, so it's not a pyramid scheme. The goal is not to reward you for bringing in others, but reward you for making a real sale to a real independent person (not your personal friends who did not receive anything in return) who will use the system on their on. This is the same thing as "burning" something such as human labor (in antiques) or computing resources. Nick Szabo has also stressed the importance of the age of an item and it's history of use as a currency as increasing its value. So the length of time someone has been holding and building reputation without violating trust would add value to their reputation. This causes some added value for early adoption and for sticking with the system. The formulas for calculating reputation need to be derivable by statistical theory or determined by the marketplace.
Saturday, July 15, 2017
Best difficulty algorithm: Zawy v6
This page will not be updated anymore.
See this page for the best difficulty algorithms
Without nodes enforcing real time and letting miners set the time, any >50% attacker can drive difficulty to zero with any algorithm. BTW if you have a real time available to nodes, you do not need consensus (i.e. POW mining) because you could create a synchronous deterministic network which does not have the Byzantine of FLP problems.
The +/- 6*T limit works out to be about the same as the 10^(2/N) limit. They overlap, so it is not an additive benefit.
I tried many different schemes for difficulty such as a dynamic averaging window, least squares fitting, and most-recent-block-more-heavily-weighted. Nothing worked better than simple:
```next_D=avg(past N D) * T / avg(past N solvetimes) / (1+0.67/N)```
with the two options for solvetime limits above (+/- 3600 on each solvetime or X^(2/N) and X^(-2/N) on the average, where X is the expected max hash attack size as a multiple of baseline hashrate). The (1+0.67/N). Note that ```next_D= sum(N D's) * T / [max timestamp - min timestamp]``` as is usually used is not as accurate if timestamps are being manipulated. The implied N's in the denominator of my averages will not cancel during a manipulation as this alternative equation assumes .
Difficulty has a seductive illusion of being "improvable". Any "fix" that tries to predict attacker behavior without employing a symmetrical "fix" to counter him acting exactly the opposite (and everywhere in between) will leave an exploitable hole or cause an undesirable side effect. Any fix that is symmetrical is limited in scope before it has undesirable side effects. We want fast response to changes in hashrate and a smooth difficulty when hashrate is constant. My best theoretical approach was a dynamic averaging window in Zawy v2 that triggers on various measures detecting a change in hashrate. For complex reasons, this still does not do better than simple average.
========
post to Zcash github:
Any upper limit you apply to timestamps should be reflected in a lower limit. For example, you could follow the rule that the next timestamp is limited to +/- 750 seconds from the previous timestamp +150 seconds (+900 / -600). If you don't allow the "negative" timestamp (-600 from previous timestamp) AND if miners can assign timestamps without a real-time limit from nodes, then a miner or pool with > 20% of the network hashrate can drive the difficulty as low as he wants, letting everyone get blocks as fast as he wants, in less than a day.
A symmetrical limit on timestamps allows honest miner timestamps to completely erase the effect of bad timestamps. ( You do not need to wait 6 blocks for MTP like Zcash does in delaying the use of timestamps for difficulty, see footnote. ) If you allow the symmetrical "negative" timestamps, you do not need nodes to have the correct time with NTP or GPS unless miners collude with > 51% agreement on setting the timestamps further and further ahead of time to drive difficulty down. It's a real possibility if miners decide they do not like a certain fork due to not providing them with enough fees.
But if you do not allow the apparently negative solvetimes, you better do like ETH and depend on 3rd parties for your node times in order to limit how low a timestamp manipulator can drive your difficulty.
But if your nodes have an accurate time, you do not need mining. The only fundamental reason for mining is to act as a timestamp server to prevent double spending. If you have an accurate time on all nodes, then you can make it a synchronous network to eliminate the need for consensus to eliminate the need for byzantine protection via POW.
BTC and ETH depend on nodes to limit the future time assigned to blocks. Zooko was the only one here who seemed to know there is something wrong about strong reliance on nodes having the correct time. The extent to which BTC and ETH need those forward-time limits to be enforced by real time is the extent to which they do not need mining.
Footnote:
MTP does not stop a 25% attacker who can set timestamps > 4 blocks ahead if other miners are not allowed to assign a "negative" timestamp to eliminate the error in the next block. But if you allow the "negatives" then MTP is not needed. Putting your tempering aside, this assumes you use
next_D = avg(D's) * T / avg(solvetimes, allowing negative solvetime)
instead of
next_D=sum(D's) * T / [max(Timestamps) - min(Timestamps) ]
because the N's of the denominator and number of the first equation do not cancel like you would think and hope (in order to use the second equation) when there are bad timestamps at the beginning and end of the window. With the MTP, your difficulty is delayed 5 blocks in responding to big ETH miners who jump on about twice a day. That's like a gift to them at the expense of your constant miners.
Also, your tempered N=17 gives almost the same results as a straight average N=63. I would use N=40 instead, without the tempering. It should reduce the cheap blocks the big ETH miners are getting.
Your 16% / 32% limits are rarely reached due to the N=63 slowness. This is good because it is a symmetry problem, although it would not be as bad as BCH. Use "limit" and "1/limit" where limit = X^(2/N) where N=63 for your current tempering and X = the size of the larger ETH attackers as a fraction of your total hashrate, which is about 3. This allows the the fastest response up or down at N for a given X with 80% probability. Change the 2 to 3 to get a higher probability of an adequately-fast response. The benefit is that it is a really loose timestamp limit on individual values, as long as the aggregate is not too far from the expected range.
See this page for the best difficulty algorithms
# Tom Harold (Degnr8) "wt-144" # Modified by Zawy to be Weighted, weighted Harmonic Mean (WWHM) # Zawy-selected N=30 and timestamp handling for all coins. # No limits in rise or fall rate should be employed. # MTP should not be used # set constants N=30 T=600 # (target solvetime) adjust=0.98 # 0.98 for N=30 k = (N+1)/2 *adjust * T # algorithm d=0, t=0, j=0 for i = height - N+1 to height # (N most recent blocks) solvetime = TS[i] - TS[i-1] solvetime = 10*T if solvetime > 10*T solvetime = -9*T if solvetime < -9*T j++ t += solvetime * j d +=D[i] next i t=T if t < T # in case of startup weirdness, keep t reasonable next_D = d * k / t and apparently better and amazing in that there's not even a loop or looking at old data: ======================= # Jacob Eliosoff EMA (exponential moving average) # ST = previous solvetime # N=15 (Zawy-selected) # MTP should not be used ST = previous timestamp - timestamp before that ST = max(T/50,min(T*10, ST)) next_D = previous_D * ( T/ST + e^(-ST/T/N) * (1-T/ST) )The following is older text. The important stuff is above.
# Zawy v6 difficulty algorithm # Newest version of Zawy v1b # Based on next_diff=average(prev N diff) * TargetInterval / average(prev N solvetimes) # Thanks to Karbowanec and Sumokoin for supporting, testing, and using. # (1+0.67/N) keeps the avg solve time at TargetInterval. # Low N has better response to short attacks, but wider variation in solvetimes. # Sudden large 5x on-off hashrate changes with N=12 sometimes has 30x delays verses # 20x delays with N=18. But N=12 may lose only 20 bks in 5 attacks verse 30 w/ N=18. # This allows timestamps to have any value, as long as > 50% of miners are # approximately correct and as long as timestamps are ALLOWED to # be out of order to correct bad timestamps. # Miners with >50% can be prevented from driving difficulty down to 1 if # nodes do like bitcoin and have a median time and forbid blocks to have a timestamp # more than 2 hours ahead of that time. # For discussion and history of all the alternatives that failed: # https://github.com/seredat/karbowanec/commit/231db5270acb2e673a641a1800be910ce345668a # # D = difficulty, T=TargetInterval, TS=TimeStamp, ST=solveTime N=16; # Averaging window. Can conceivably be any N>6. N=16 seems good for small coins. X=6; # Size of expected "hash attacks" as multiple of avg hashrate. X=6 for new small coins. # An X too small is unresponsive. X too large is subject to timestamp manipulation. # The following is how X is used. limit=X^(2/N); # Protect against timestamp error. Limits avg_ST and thereby next_D. # Instead of X and limit, there can be a limit on the individual TS's in relation # to previous block like this: # R=6; # multiple of T that timestamp can be from expected time relative to previous TS. # Then nodes enforce that the most recent block have a TS: # TS = TS_previous_block +T+ R*T if TS > TS_previous_block +T+ R*T; # TS = TS_previous_block +T-R*T if TS < TS_previous_block +T - R*T; # adjust = 1/(1+0.67/N); # Keeps correct avg solvetime. # get next difficulty ST=0; D=0; for ( i=height; i > height-N; i--) { # go through N most recent blocks # Note: TS's mark beginning of blocks, so the ST's below are shifted back 1 # block from the D for that ST, but it does not cause a problem. ST += TS[i] - TS[i-1] ; # Note: ST != TS D += D[i]; } ST = T*limit if ST > T*limit; ST = T/limit if ST < T/limit; next_D = D * T / ST * adjust; # It is less accurate to use the following, even though it looks like the N's divide out: # next_D = sum(last N Ds) * T / [max(last N TSs) - min(last N TSs];=============== post to Bitcoing Gold github: That was Digishield's reasoning. In reading the history of the Digishield development, it gives the impression the asymmetry caused problems, so they added the "tempering" to "fix" it, maybe not realizing this fix was just making it so slow the 32/16 became irrelevant. Either way, the main problem is the opposite: not returning to normal difficulty fast enough after a big hash miner leaves, causing long delays between blocks. Bitcoin Cash tried to solve this by doing the reverse asymmetry of dropping a LOT faster than it rises. This has caused oscillations and issuing coins too fast, and a few blocks every 2 cycles with really long delays. Asymmetry in the allowed rise and fall will change how fast coins are issued at the least, requiring an adjustment factor. Rising fast protects your constant miners, although if a large miners come on and off at the right times and have a bigger coin to always return for a base profit, they can always get 1/3 of the coins issued at "zero excess cost" in difficulty (the difficulty algo was not rising fast enough to adjust to the increase in hashrate). The only thing that can help is to have a shorter averaging window to respond faster, but it turns out this also allows more frequent accidental drops in difficulty and if they simply attack more often for shorter periods, they can still get 1/3 of the block for "zero excess cost". Approximately, they just need to attack for 1/2 a window averaging period and stay off the next full averaging period, or just choosing when difficulty seems a little low on accident. Dropping fast prevents a lot of long-delay blocks after an attack and prevents your constant miners from suffering a long period of high difficulty. By leaving in the +/- 16% limit I am only trying to prevent catastrophic attacks on the timestamp. For example, if the code keeps bitcoin's node-enforced 2 hour limit on how far forward miners assign timestamps, and if a pool has >50% hashrate, then after a few blocks they would "own" the MTP (median time past) and can set it to 2 hours ahead of time (12 blocks). Zcash will likely reduce this to 900 seconds which is close to the 1000 seconds I recommended before they launched a year ago. Their current limit might be 3600 seconds. It appears BTCG copied Zcash's difficulty code. It should be kept in mind Zcash is 2.5 minute blocks, so if BTCG is using a stricter time limit than BTC like Zcash, it should not go below 3600 seconds. Zcash can do a 900 second limit because that is 6 blocks for them. An equivalent time in BTCG is 3600 seconds. With N=40 like I've proposed, the 2-hour limit would allow a miner with 10x the normal hashrate to make the difficulty think it needs to drop to 40/(40+12) = 77% of correct difficulty when they begin to own MTP. After 12 blocks difficulty would be low by ```40^12 / [(40+12)*(40+11)*(40+10)*(40+9)*.... = 17%``` of the normal difficulty which is only 1.7% of the correct difficulty if they have 10x the normal hashrate. By limiting the drop to 16% per block, difficulty will get down to 43% instead of 17%. A tighter limit of +/- 12% instead of 16% may be good (69% would be the low). This is with bitcoin's 2-hour limit. I think BTCG has copied Zcash so maybe it is reduced to 1 hours. The +/- 12% is stricter than a 1 hour limit, so changing from 2 hour to 1 hour will help at a limit like +/- 16%, but not make a different at +/- 12%. A 1 hour limit on time with no other limit would allow a timestamp attacker to get difficulty down to 61% which is why I said the +/- 12% in allowing 69% drop is stricter (better). The two don't combine to help. Using the MTP like Zcash and probably BTCG does prevents < 50% miners from manipulating the timestamp. But it makes the difficulty 5 blocks slower in responding. There is a fix to this that would require more code changes. See my [Zawy v6](http://zawy1.blogspot.com/2017/07/best-difficulty-algorithm-zawy-v1b.html) I'll show the +/- 12% (or 16%) does not prevent the N=40 from responding as fast as it can. ( I'm going to edit my previous post to recommend 12% instead of keeping the 16%. ) Let's say an attack has 10x the normal hashrate. With N=40, the avg time it takes the difficulty to completely respond to meet the challenge is 40 blocks. So it will rise, on avg, this much per block: 10^(1/40). In my testing, it appeared a limit on the rise equal to 10^(2/40) = 12.2% was only reached about 10% of the time. I don't expect BTGC to experience a 10x "attack" very often so 12% with N=40 seems correct. Another way to reduce the effect of timestamp manipulation is to limit how far the next timestamp can be from previous timestamp. I've found a good choice to be +/- 6*T from where you expected the solve to occur and where T = 600 seconds for BTCG. You expect the solve to be 600 seconds from previous timestamp, so you would limit the timestamps to 600 +/- 3600 the previous timestamp. This allows timestamps to be out of order which is important in Zawy v6, but if BTCG does like Zcash and uses the MTP protection / delay AND the nodes are enforcing the +3600 limit based on real time instead of comparing to the previous timestamp, then you can set the minimum to 1 second after the previous timestamp. Otherwise, without the nodes enforcing a real UST time limit, a miner with with >20% hashrate could drive difficulty to "0" in a few hours or days if a "negative" timestamp from previous one is not allowed even if using MTP and a 3600 forward time limit.
Without nodes enforcing real time and letting miners set the time, any >50% attacker can drive difficulty to zero with any algorithm. BTW if you have a real time available to nodes, you do not need consensus (i.e. POW mining) because you could create a synchronous deterministic network which does not have the Byzantine of FLP problems.
The +/- 6*T limit works out to be about the same as the 10^(2/N) limit. They overlap, so it is not an additive benefit.
I tried many different schemes for difficulty such as a dynamic averaging window, least squares fitting, and most-recent-block-more-heavily-weighted. Nothing worked better than simple:
```next_D=avg(past N D) * T / avg(past N solvetimes) / (1+0.67/N)```
with the two options for solvetime limits above (+/- 3600 on each solvetime or X^(2/N) and X^(-2/N) on the average, where X is the expected max hash attack size as a multiple of baseline hashrate). The (1+0.67/N). Note that ```next_D= sum(N D's) * T / [max timestamp - min timestamp]``` as is usually used is not as accurate if timestamps are being manipulated. The implied N's in the denominator of my averages will not cancel during a manipulation as this alternative equation assumes .
Difficulty has a seductive illusion of being "improvable". Any "fix" that tries to predict attacker behavior without employing a symmetrical "fix" to counter him acting exactly the opposite (and everywhere in between) will leave an exploitable hole or cause an undesirable side effect. Any fix that is symmetrical is limited in scope before it has undesirable side effects. We want fast response to changes in hashrate and a smooth difficulty when hashrate is constant. My best theoretical approach was a dynamic averaging window in Zawy v2 that triggers on various measures detecting a change in hashrate. For complex reasons, this still does not do better than simple average.
========
post to Zcash github:
Any upper limit you apply to timestamps should be reflected in a lower limit. For example, you could follow the rule that the next timestamp is limited to +/- 750 seconds from the previous timestamp +150 seconds (+900 / -600). If you don't allow the "negative" timestamp (-600 from previous timestamp) AND if miners can assign timestamps without a real-time limit from nodes, then a miner or pool with > 20% of the network hashrate can drive the difficulty as low as he wants, letting everyone get blocks as fast as he wants, in less than a day.
A symmetrical limit on timestamps allows honest miner timestamps to completely erase the effect of bad timestamps. ( You do not need to wait 6 blocks for MTP like Zcash does in delaying the use of timestamps for difficulty, see footnote. ) If you allow the symmetrical "negative" timestamps, you do not need nodes to have the correct time with NTP or GPS unless miners collude with > 51% agreement on setting the timestamps further and further ahead of time to drive difficulty down. It's a real possibility if miners decide they do not like a certain fork due to not providing them with enough fees.
But if you do not allow the apparently negative solvetimes, you better do like ETH and depend on 3rd parties for your node times in order to limit how low a timestamp manipulator can drive your difficulty.
But if your nodes have an accurate time, you do not need mining. The only fundamental reason for mining is to act as a timestamp server to prevent double spending. If you have an accurate time on all nodes, then you can make it a synchronous network to eliminate the need for consensus to eliminate the need for byzantine protection via POW.
BTC and ETH depend on nodes to limit the future time assigned to blocks. Zooko was the only one here who seemed to know there is something wrong about strong reliance on nodes having the correct time. The extent to which BTC and ETH need those forward-time limits to be enforced by real time is the extent to which they do not need mining.
Footnote:
MTP does not stop a 25% attacker who can set timestamps > 4 blocks ahead if other miners are not allowed to assign a "negative" timestamp to eliminate the error in the next block. But if you allow the "negatives" then MTP is not needed. Putting your tempering aside, this assumes you use
next_D = avg(D's) * T / avg(solvetimes, allowing negative solvetime)
instead of
next_D=sum(D's) * T / [max(Timestamps) - min(Timestamps) ]
because the N's of the denominator and number of the first equation do not cancel like you would think and hope (in order to use the second equation) when there are bad timestamps at the beginning and end of the window. With the MTP, your difficulty is delayed 5 blocks in responding to big ETH miners who jump on about twice a day. That's like a gift to them at the expense of your constant miners.
Also, your tempered N=17 gives almost the same results as a straight average N=63. I would use N=40 instead, without the tempering. It should reduce the cheap blocks the big ETH miners are getting.
Your 16% / 32% limits are rarely reached due to the N=63 slowness. This is good because it is a symmetry problem, although it would not be as bad as BCH. Use "limit" and "1/limit" where limit = X^(2/N) where N=63 for your current tempering and X = the size of the larger ETH attackers as a fraction of your total hashrate, which is about 3. This allows the the fastest response up or down at N for a given X with 80% probability. Change the 2 to 3 to get a higher probability of an adequately-fast response. The benefit is that it is a really loose timestamp limit on individual values, as long as the aggregate is not too far from the expected range.
Monday, July 10, 2017
Doing better than the simple average in cryptocoin difficulty algorithms
I am still trying to find a better method than the simple avg, but I have not found one yet. I am pretty sure there is one because estimates of hashrate based on avg(D1/T2 + D2/T2 + ....) should be better than avg(D)/avg(T) if there is any change in the hashrate during the averaging period. This is because avg(D)/avg(T) throws out details that exist in the data measuring hashrate. We are not exactly interested in avg(D) or avg(T). We are interested in avg(D/T). The avg(D/T) method does not throw out details. Statistical measures throw out details. You don't want to lose the details until the variable of interest has been directly measured. I learned this the hard way on an engineering project. But avg(D/T) does not hardly work at all in this case. The problem is that the probability distribution of each data point D/T needs to be symmetrical on each side of the mean (above and below it). I'm trying to "map" the measured D/T values based on their probability of occurrence so that they become symmetrical, then take the average, then un-map the average to get the correct avg(D/T). I've had some success, but it's not as good as the average. This is because I can't seem to map it correctly. If I could do it, then another improvement becomes possible: the least squares method of linear curve fitting could be used on the mapped D/T values to predict where the next data point should be. All this might result in a 20% improvement over the basic average. Going further, sudden on and off hashing will not be detected very well by least squares. Least squares could be the default method, but it could switch to a step-function curve-fit if a step-change is detected. I just wanted to say where I'm at and give an idea to those who might be able to go further than I've been able to.
Numenta's CLA needs 6 layers to model objects
posted to numenta forum
====
Back when there were only 2 white papers and a few videos I became interested in the HTM and saw a video of a 2D helicopter being detected and wondered about the relation between the layers they used and the ability to recognize objects. I remembered 6 equations with 6 unknowns (the degrees of freedom) are required to solve the dynamics of 3D rotation and translation. The layers of the helicopter HTM matched with what it was able to detect if they were unknowingly being used in a subtle 2-equations and 2 unknowns methodology. Of course this begs the question "Are the 6 layers in the cortex required to see the 3D world?" Numenta's view of the cortical column implies that the 6 layers have nothing to do with this but I would like to question that view. Jeff has also warned against pursuing the reverse black hole question no one has ever escaped: "Is the 3D world the result of a 6-layered brain?" But an understanding of the relation between mass and space-time prevents me from abandoning the reverse question. More importantly, physics has an elephant in the room that is rarely acknowledged and questioned: the only integers that appear in physics are the result of 3D spacetime and Feynman states no fundamental aspect of QED requires an extension beyond 1D. QED is sort of the core of all physics except for gravity and nuclear stuff. An expert in the area informed me that spin is what creates 3D space, so my line of questioning is suspect. But my view is that we may have invented spin to maintain the view that objects are independent of our perceptions. I admit I am immediately deep in a recursive black hole: the 6 layers is a mass of neurons that I'm proposing we can see only because we have the 6 layers. BTW, if we had 10 layers to support the perception of 4D objects in 4D space then I believe all velocities would be static positions and all accelerations would be velocities. instead of E + mc^2 = 0 we would have E+mc^3=0 (now really getting side-tracked on the physics: by keeping relativity units correct there is a missing negative in some equations. Another example is F+ma=0 where the "F" is more correctly defined as the reactive force of the object which is in the opposite direction of the "a". This comes from meters=i*c*seconds which comes from Einstein's "Relativity" appendix 2 which he stated allows use of Euclidean instead of Minkowski space-time which is in keeping with the Occam's razor requirement.)
What I'm suggesting is falsifiable. Others posting here will know if it takes 6 layers to fully recognized objects in 4D space time. The degrees of freedom is N translational plus N(N-1)/2 rotational. I tried testing the theory via observation and thought of ants. It seems to be supported there: their eyes that need to detect only 2D "shadows and light" without rotation have roughly two layers. And yet their feelers and front legs, having to deal with 3D objects in 3D space, have 6 layers. There's a great extension to this observation: wasps are the closest cousins to the ants and have 6 layers for their eyes.
I posted this question nearly a decade ago in the old forum, but I'll ask again. Is a 6 layer HTM required for fully characterizing 3D objects in 4D space-time?
=====
I think a single layer would require a lot more new training on every object. For example, it sees a circle moving about and learns its behavior. Then it turns sideways and turns out to be a cylinder, and then it starts rotating, so training has to start over. I don't think it could conceive very well "this is the same object" and/or generalize the lessons learned on past objects to future objects. It just seems like it would have difficulty understanding objects like we do. I believe 6 layers would be able to perceive the laws of dynamics but 1 layer would not. These six layers are not an HTM but the foundation of a single cortical column. Each CLA layer of the HTM would require the 6 layers. So the CLA would need to be redone if you want it to think like mammals and see like wasps. The motor control of layer (5th layer of cortex) may serve may also serve part of this "inherent object modelling", not just motor control. The motor control part might be crucial to developing the concept of inertia (mass). Mass is another variable ("dimension") which implies 7 layers should be present. To get out of that mathematical corner, I have to conjecture mass is something special in the modelling like "the higher dimensions that 6 layers can't model and that have permanence".
I do not mean to say that 6 layers is necessarily inherently needed in A.I. to be superior to humans even in the realm of understanding physics, but that it is needed to think more directly like animals. But if 6 layers per HTM layer is actaully needed for a higher intelligence, then 10 layers to do 4D space should be even more powerful. 15 layers are needed for 5D. I do not accept the conjecture that objective reality, if there is one, depends on a specific integer of spatial dimensions like "3".
The visual cortex by itself with its 6 layers does not seem to have any concept of objects, but I think the 6 layers are still needed for encoding the information so that the concept of the objects is still extractable by the higher levels in the "HTM" of the brain (e.g. frontal lobes). But the concept of an object seems to be possible in the 6 layers just "behind" the eyes of flying insects: wasps certainly have a better concept of the object nature of people than ants, judging by the way they identify and attack. Ants are virtually blind to what people are, except for detecting skin and biting.
====
Back when there were only 2 white papers and a few videos I became interested in the HTM and saw a video of a 2D helicopter being detected and wondered about the relation between the layers they used and the ability to recognize objects. I remembered 6 equations with 6 unknowns (the degrees of freedom) are required to solve the dynamics of 3D rotation and translation. The layers of the helicopter HTM matched with what it was able to detect if they were unknowingly being used in a subtle 2-equations and 2 unknowns methodology. Of course this begs the question "Are the 6 layers in the cortex required to see the 3D world?" Numenta's view of the cortical column implies that the 6 layers have nothing to do with this but I would like to question that view. Jeff has also warned against pursuing the reverse black hole question no one has ever escaped: "Is the 3D world the result of a 6-layered brain?" But an understanding of the relation between mass and space-time prevents me from abandoning the reverse question. More importantly, physics has an elephant in the room that is rarely acknowledged and questioned: the only integers that appear in physics are the result of 3D spacetime and Feynman states no fundamental aspect of QED requires an extension beyond 1D. QED is sort of the core of all physics except for gravity and nuclear stuff. An expert in the area informed me that spin is what creates 3D space, so my line of questioning is suspect. But my view is that we may have invented spin to maintain the view that objects are independent of our perceptions. I admit I am immediately deep in a recursive black hole: the 6 layers is a mass of neurons that I'm proposing we can see only because we have the 6 layers. BTW, if we had 10 layers to support the perception of 4D objects in 4D space then I believe all velocities would be static positions and all accelerations would be velocities. instead of E + mc^2 = 0 we would have E+mc^3=0 (now really getting side-tracked on the physics: by keeping relativity units correct there is a missing negative in some equations. Another example is F+ma=0 where the "F" is more correctly defined as the reactive force of the object which is in the opposite direction of the "a". This comes from meters=i*c*seconds which comes from Einstein's "Relativity" appendix 2 which he stated allows use of Euclidean instead of Minkowski space-time which is in keeping with the Occam's razor requirement.)
What I'm suggesting is falsifiable. Others posting here will know if it takes 6 layers to fully recognized objects in 4D space time. The degrees of freedom is N translational plus N(N-1)/2 rotational. I tried testing the theory via observation and thought of ants. It seems to be supported there: their eyes that need to detect only 2D "shadows and light" without rotation have roughly two layers. And yet their feelers and front legs, having to deal with 3D objects in 3D space, have 6 layers. There's a great extension to this observation: wasps are the closest cousins to the ants and have 6 layers for their eyes.
I posted this question nearly a decade ago in the old forum, but I'll ask again. Is a 6 layer HTM required for fully characterizing 3D objects in 4D space-time?
=====
I think a single layer would require a lot more new training on every object. For example, it sees a circle moving about and learns its behavior. Then it turns sideways and turns out to be a cylinder, and then it starts rotating, so training has to start over. I don't think it could conceive very well "this is the same object" and/or generalize the lessons learned on past objects to future objects. It just seems like it would have difficulty understanding objects like we do. I believe 6 layers would be able to perceive the laws of dynamics but 1 layer would not. These six layers are not an HTM but the foundation of a single cortical column. Each CLA layer of the HTM would require the 6 layers. So the CLA would need to be redone if you want it to think like mammals and see like wasps. The motor control of layer (5th layer of cortex) may serve may also serve part of this "inherent object modelling", not just motor control. The motor control part might be crucial to developing the concept of inertia (mass). Mass is another variable ("dimension") which implies 7 layers should be present. To get out of that mathematical corner, I have to conjecture mass is something special in the modelling like "the higher dimensions that 6 layers can't model and that have permanence".
I do not mean to say that 6 layers is necessarily inherently needed in A.I. to be superior to humans even in the realm of understanding physics, but that it is needed to think more directly like animals. But if 6 layers per HTM layer is actaully needed for a higher intelligence, then 10 layers to do 4D space should be even more powerful. 15 layers are needed for 5D. I do not accept the conjecture that objective reality, if there is one, depends on a specific integer of spatial dimensions like "3".
The visual cortex by itself with its 6 layers does not seem to have any concept of objects, but I think the 6 layers are still needed for encoding the information so that the concept of the objects is still extractable by the higher levels in the "HTM" of the brain (e.g. frontal lobes). But the concept of an object seems to be possible in the 6 layers just "behind" the eyes of flying insects: wasps certainly have a better concept of the object nature of people than ants, judging by the way they identify and attack. Ants are virtually blind to what people are, except for detecting skin and biting.
Wednesday, June 28, 2017
Argument that low N is best in difficulty algorithms and why dynamic averaging window is not a benefit
I can't recommend a switch from v1 to v2 (static N to dynamic N). The smoothness gained by the higher N is not much: surprisingly, the std dev of solve times increases only 5% from N=30 to N=8. The std dev of D goes from 0.18xD to about 0.45xD for N=30 verses N=8. For N=8 this means 97.5% are less than D=1.96x0.45=2 times more than they should be) . Long story short (due to Poisson median being 0.693 of average): going from N=30 to N=8 means only a 47% increase in 4xT solvetimes. The dynamic window does not capture this benefit: those > 4xT solvetimes are exactly the statistically unlikely times that will trigger the dynamic window back to a lower N, canceling the primary benefit of it rising back up to large N. It looks a lot smoother and nicer _**most**_ of the time when hash rate is constant, but the painful small N events are not reduced.
Tuesday, June 27, 2017
Cryptocurrency difficulty algorithm postulates
Here are my "difficulty algorithm postulates" I want people to consider before creating or changing a difficulty algorithm.
- For a given hashrate with gentle variation, the simple average below is the best algorithm:
- Next D = avg(past N Ds) x TargetInterval / avg(past N solve times)
- For whatever reason, it needs an adjustment factor for low N to keep solve time on track and make D more accurate: Next D x 1/(1+0.7/N).
- The N used for averaging past D must be set to the N used for past solve times.
- Using median is not near as good as using average and there is no benefit to using median.
- A faster response to hashrate changes will come at a cost in solve time stability. This is not a bad thing. Use the lowest N you can tolerate to get the fastest response. Low N causes large non-attack solve time variation. Consider down to N=8 if hash-attacks are a problem.
- Limiting the rise and fall in the difficulty per block is similar to increasing N, but is much less accurate.
- I place limits on the rise and fall to be equal to what I think possible only as a security measure.
- Placing limits on the rise and fall to block an event you do not want is denying the truth of the observation that you have asked the average to report.
- Enforcing asymmetric limits on difficulty and timestamp changes are risky.
- There is a temptation to allow faster decreases than increases in the difficulty per block (that results from the average above) in order to get back to normal after an attack. This may help keep block emission rate on schedule and reduce normal miner loses. But it also enables attacks to resume more quickly which might exactly negate the two benefits. Avoid this more seriously if the attacker is intelligent. If timestamps are assigned by miners, forward-stamping (combined with this asymmetry) will make D begin artificially lower in the next attack, amplifying the original problem instead of helping it. But if the allowed increase and decrease in D is symmetrical, then a subsequent accurate timestamp that negates the previous bad timestamp will be able to get D back to its proper value.
- Conversely, there is a temptation to allow faster increases than decreases in difficulty per block in order to dissuade on-off hash attacks. This directly will slow block emission rate. It potentially increases normal miner loses if it does not actually dissuade attacks. Avoid this more seriously if the attacker is dumb. It better enables a malicious attack that is not interested in profit to drive the D up, or to drive it up for the purpose of causing future oscillations if the diff algo is unwisely advanced and complex..
- Limiting the amount the timestamp can be ahead of time more than it can be negative is like allowing D to increase faster than decrease, with the same type of side effects.
- Limiting the amount the timestamp can be negative is like allowing D to increase faster than it can decrease, with the same type of side effects.
- Symmetrical in the above is not exactly linear because the median of a Poisson with mean TargetInterval (T) appears to be ln(2) x T = 0.693% of T but I have not addressed this.
- Timestamp limits: I believe the forward timestamp should be limited to +6x and -5x previous timestamp instead of my previous statements of +6x and -6x because the "expected" timestamp is 1x, so +6x and -4x is mathematically required. But I want a -5x limit in violation of perfect symmetry out of more fear of greedy +6x occuring than -4x accidents or maliciousness. Reminder: two -5x in a row could cause a negative difficulty if N=8, so there needs to be protection against a negative difficulty.
- Despite 3 and 4, there may be a way to use them to enable D to return to normal more quickly in post-attack. This is really needed because the avg solve time increases (delaying coin release) when there are a lot of large on-off instances because even with low N, D is getting stuck high in post-attack.
- There is no way to stop >50% miners from using the timestamp to make difficulty = 0. This assumes there is not a trusted third party enforcing a clock (like ETH) which is in violation and Szabo and Satoshi mandates.
- Might is right. 51% power is truth.
- 51% (or the trusted 3rd party) controls the clock which means they control coin emission rate.
- Bitcoin uses > 50% consensus to certify not only single-spend transactions but also the time.
- Fear of a hard fork may be what prevents miners from doing this overtly.
- Difficulty algorithms should not have momentum. Predictive algorithms that look at the slope of recent changes in D to estimate a future D are vulnerable to large on-off miners (and possibly even an accidental and unconscious consortium of miners in search of personal profit) who can force the algorithm into oscillations, turning on when D is low and is starting to rise, and off before it reaches a peak. This is the Derivative part in PID controllers. PI controllers such as the average of the past are safer.
- Algorithms that try to protect against specific attack behavior are inherently vulnerable.
- It should be assumed that protection against specific attacks is automatically leaving an unexpected hole.
- If an opponent can see the strategy you've employed that assumes something beyond your scientific observations, he can change his plan of attack but you can't change your defense.
- For example, if you choose a fixed N based on how long you expect attacks to last, the attacker may make the attacks shorter but more frequent.
- Miners acting in their own best interests weed out weak coins, are the mothers of invention, and/or are encouraging adoption of a single coin. Each of these might be "good" instead of an "attack".
- Item 6 may mean all coins that are not the largest for a specific type of hardware are destined for a limitation on their size (if not outright failure) that is more brutal than Zipf's law. We currently see something like Zipf's law in cryptocurrency market caps but if item 5 is correct, it might become 1/Rank^2 or worse in market caps instead of 1/Rank. This enforces Satoshi's original vision that the largest coin's "might is right" will make it less subject to attack than its clones.
Subscribe to:
Posts (Atom)