Bitcoin has experienced up-and-down fluctuations in value by more than 40% quite regularly. It dropped by more than 50% just last week. Yet, the longer-term trend is still that its value (and the computing power devoted to it) is increasing at more than 2x per month (10x per calendar quarter). The bitcoin network has grown by 10x for each of the last 6 consecutive quarters, and currently does it more ops/s than the Top 500 supercomputers put together!<div>
<br></div><div>For any particular group of "bad guys" to collaborate with each other to command more than 50% of this amount of computational power for any significant length of time (sufficient to corrupt the chain) seems like an extremely unlikely proposition to me - especially in light of Jameson's point. Any putative attackers would profit more by mining bitcoins cooperatively with the system.</div>
<div><br></div><div>I therefore find Bitcoin's security guarantees to be quite convincing...</div><div><br></div><div>-Mike<br><br><div class="gmail_quote">On Sat, Jun 18, 2011 at 4:59 AM, Jameson Quinn <span dir="ltr"><<a href="mailto:jameson.quinn@gmail.com">jameson.quinn@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Bitcoin is a scam, but not for these cryptographic reasons. There are plenty of people "mining" the proof-of-work chain for "new bitcoin", and developing improved algorithms to do so. And even if there weren't, anybody who suddenly developed a longer "all your bitcoin belong to us" chain would get either nothing (as people simply rewrote a special case in their software to reject the new chain) or nothing (as people abandoned bitcoin). There's no incentive for what would be an unprecedented effort.<div>
<br></div><div>On the other hand, the first time it loses 40% of its value, it is toast. There's no way the intrinsic value - replaceable "easy(ish) to send digitally" and "I think it's neat" and "it was first" - can rescue it from a death spiral then.</div>
<div><br></div><div>Anyway, "1 CPU 1 vote" schemes are not actually related to "1 person 1 vote" schemes. The former is essentially decentralized, the latter is unavoidably centralized in some way.<br>
<div><br><div class="gmail_quote"><div><div></div><div class="h5">2011/6/17 Warren Smith <span dir="ltr"><<a href="mailto:warren.wds@gmail.com" target="_blank">warren.wds@gmail.com</a>></span><br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div></div><div class="h5">
<div>>As Satoshi's original Bitcoin paper showed, it becomes exponentially improbable that any attacker controlling less than 50% of the total CPU power could manufacture a verifiable chain that is longer than the longest one that is produced collaboratively by the P2P network.<br>
<br>
</div>--I'm pretty unfamiliar with bitcoin but I consider this "security<br>
guarantee" to be pretty<br>
worthless. If I join an e-money scheme, then dammit I do NOT want to<br>
be cranking<br>
my computer day and night in a a desperate battle to stay secure by<br>
expending more cycles than the bad guys. I want to do some<br>
computation ONCE whenever I get or pay some money, then stop forever,<br>
and I still want permanent security against all the compute power in<br>
the universe for the life of the universe. Many cryptographic<br>
protocols, including multiparty and voting and e-money protocols,<br>
already exist with the level of security I just described (under the<br>
usual assumptions, such as integer factoring is way hard).<br>
<br>
It is quite plausible in a bitcoin scheme with a million participants,<br>
that some "bad guy" team will spend an enormous amount of computing<br>
24/7 in parallel trying to break it, while meanwhile the "good guys"<br>
do nothing with their computers because they are interested in using<br>
their computers for other purposes. Or in turning them off.<br>
<br>
I consider bitcoin, if this is all the security it has, to be garbage proposed<br>
by incompetents.<br>
</div></div><font color="#888888"><div><div></div><div class="h5"><br>
<br>
<br>
--<br>
Warren D. Smith<br>
<a href="http://RangeVoting.org" target="_blank">http://RangeVoting.org</a> <-- add your endorsement (by clicking<br>
"endorse" as 1st step)<br>
and<br>
<a href="http://math.temple.edu/~wds/homepage/works.html" target="_blank">math.temple.edu/~wds/homepage/works.html</a><br></div></div><div class="im">
----<br>
Election-Methods mailing list - see <a href="http://electorama.com/em" target="_blank">http://electorama.com/em</a> for list info<br>
</div></font></blockquote></div><br></div></div>
</blockquote></div><br><br clear="all"><br>-- <br><span style="font-family:courier new,monospace">Full name: Michael Patrick Frank</span><br style="font-family:courier new,monospace"><span style="font-family:courier new,monospace">Email addr.: <a href="mailto:michael.patrick.frank@gmail.com" target="_blank">michael.patrick.frank@gmail.com</a> (pers. email)</span><br style="font-family:courier new,monospace">
<span style="font-family:courier new,monospace">Snail mail: 820 Hillcrest Ave., Quincy, FL, 32351-1618</span><br style="font-family:courier new,monospace"><span style="font-family:courier new,monospace">Phone/voicemail: (413) 842-6670 (main number, uses Google Voice)</span><br style="font-family:courier new,monospace">
<span style="font-family:courier new,monospace">Webpage URL: <a href="http://www.facebook.com/M.P.Frank" target="_blank">http://www.facebook.com/M.P.Frank</a> (pers. profile)<br></span><input type="hidden"><input type="hidden"><div>
</div><input type="hidden"><input type="hidden"><div></div><input type="hidden"><input type="hidden"><div></div><input type="hidden"><input type="hidden"><div></div><input type="hidden"><input type="hidden"><div></div><input type="hidden"><input type="hidden"><div>
</div><input type="hidden"><input type="hidden"><div></div><input type="hidden"><input type="hidden"><div></div><input type="hidden"><input type="hidden"><div></div><br>
</div>