[EM] A secure distributed election scheme based on Bitcoin's Proof-of-Work protocol

Sat Jun 18 01:59:33 PDT 2011

Bitcoin is a scam, but not for these cryptographic reasons. There are plenty
of people "mining" the proof-of-work chain for "new bitcoin", and developing
improved algorithms to do so. And even if there weren't, anybody who
suddenly developed a longer "all your bitcoin belong to us" chain would get
either nothing (as people simply rewrote a special case in their software to
reject the new chain) or nothing (as people abandoned bitcoin). There's no
incentive for what would be an unprecedented effort.

On the other hand, the first time it loses 40% of its value, it is toast.
There's no way the intrinsic value - replaceable "easy(ish) to send
digitally" and "I think it's neat" and "it was first" - can rescue it from a
death spiral then.

Anyway, "1 CPU 1 vote" schemes are not actually related to "1 person 1 vote"
schemes. The former is essentially decentralized, the latter is unavoidably
centralized in some way.

2011/6/17 Warren Smith <warren.wds at gmail.com>

> >As Satoshi's original Bitcoin paper showed, it becomes exponentially
> improbable that any attacker controlling less than 50% of the total CPU
> power could manufacture a verifiable chain that is longer than the longest
> one that is produced collaboratively by the P2P network.
>
> --I'm pretty unfamiliar with bitcoin but I consider this "security
> guarantee" to be pretty
> worthless.   If I join an e-money scheme, then dammit I do NOT want to
> be cranking
> my computer day and night in a a desperate battle to stay secure by
> expending more cycles than the bad guys.  I want to do some
> computation ONCE whenever I get or pay some money, then stop forever,
> and I still want permanent security against all the compute power in
> the universe for the life of the universe.  Many cryptographic
> protocols, including multiparty and voting and e-money protocols,
> already exist with the level of security I just described (under the
> usual assumptions, such as integer factoring is way hard).
>
> It is quite plausible in a bitcoin scheme with a million participants,
> that some "bad guy" team will spend an enormous amount of computing
> 24/7 in parallel trying to break it, while meanwhile the "good guys"
> do nothing with their computers because they are interested in using
> their computers for other purposes.  Or in turning them off.
>
> I consider bitcoin, if this is all the security it has, to be garbage
> proposed
> by incompetents.
>
>
>
> --
> Warren D. Smith
> http://RangeVoting.org  <-- add your endorsement (by clicking
> "endorse" as 1st step)
> and
> math.temple.edu/~wds/homepage/works.html
> ----
> Election-Methods mailing list - see http://electorama.com/em for list info
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.electorama.com/pipermail/election-methods-electorama.com/attachments/20110618/8db4ae9e/attachment-0004.htm>