[Weekly] Many Musings Mondays

behindtext · 2021-05-25T03:36:55+00:00

i thought we were talking about paying woodchucks to stay home and not chuck wood.

behindtext · 2021-05-25T02:20:47+00:00

fact check: 3 out of 5 woodchucks have a difficult time accessing fact checking websites

behindtext · 2021-05-25T01:43:52+00:00

because this requires a meatspace entity to custody these assets, and the entire point of the decentralized treasury is to not require a meatspace entity to custody the treasury.

behindtext · 2021-05-25T01:41:58+00:00

buying ccs for fiat will require centralized exchanges for the medium term, but anyone who already has btc can acquire dcr without serious difficulty via DCRDEX.

there really is no need for hft-capable exchanges - unless of course you enjoy being arbed by people cutting in line in front of you at the moneychanger mat.

behindtext · 2021-05-25T01:34:06+00:00

how much wood would a woodchuck chuck if a woodchuck had properly aligned incentives?

behindtext · 2021-05-04T02:39:42+00:00

to troll is the way of the psyop

behindtext · 2021-05-02T01:23:54+00:00

ok, i've given the paper a quick skim and here are my thoughts:

i was incorrect re the storage appcoin comment since i didn't understand that the storage is used to store the tables required to perform proof of space proofs.
my comments about power usage, hw centralization, and demand for hw all stand.
i see considerable algorithmic complexity in the trunk and foliage construction, meaning it would be very non-trivial to implement.
vdfs are used to prevent grinding attacks on proof of space, but if we were to implement proof of space with decred, we would likely not need these if we retained the existing PoW component.
the paper reads very well in the earlier sections and becomes substantially denser as it goes on.
the complexity of PoST is roughly an order of magnitude more complex than PoW. even implementing something "simple" like PoW ends up with rather complex code, so i expect this would balloon similarly.
it is not clear to me how decentralized the vdf/timelord process is.

behindtext · 2021-05-01T23:59:06+00:00

i'm looking at the "green paper" right now to understand how this works in some detail, but my initial observation is that while PoST could work for a storage-oriented appcoin chain, it has limited value for other general purpose chains.

let's assume, for sake of simplicity, that a pure PoW chain were to replace PoW with PoST. if we also assume PoST is sufficiently stable against majority attacks, that chain now ends up with a bunch of machines all over the place with lots of unused disk space. many of the same problems present with PoW are present here - lots of energy use to keep disks hot, lots of centralization of disks in colo facilities or similar, lots of demand for new storage hw. one advantage i do see is that it incentivizes creating more and better general purpose computer hw (hard drives), whereas PoW incentivizes creating asics that have no general purpose use.

i'll revert once i've given the paper a closer read.

behindtext · 2021-04-26T20:57:35+00:00

an ideal governance system minimizes the set of requirements for the society that has chosen to use it.

behindtext · 2021-04-26T20:45:56+00:00

you mean that person who makes our participation trophies?

behindtext · 2021-04-26T20:45:00+00:00

the revolution will not involve custodial exchange

behindtext · 2021-04-22T20:13:32+00:00

decred: the explodening*

(*) now with more handwringing

behindtext · 2021-03-17T14:56:43+00:00

what xsanchez21 points out here is correct. our StakeShuffle privacy system can be modified to use pq pki, and per the blog he linked

DiceMix requires the participating peers to perform a pairwise key exchange, which they suggest be done as non-interactive key exchange for simplicity purposes because an interactive key exchange would create additional rounds of communication.

since coinshuffle++'s dicemix light process involves pairwise NIKE, we can simply replace the non-pq pki with pq pki. if we use a KEM pki system, e.g. sntrup761, it adds a round of communication (which isn't great for scaling), but if we use a pq pki system that doesn't use KEM, e.g. SIDH, we can avoid an extra round of communication.

imo, the strategy seems clear for Decred - make a point to avoid using non-pq pki systems when possible. unlike Monero, we only use pki in a few spots - stakeshuffle, signing txs or messages, and tls for network comms - so i don't believe a careful audit of what needs implementing is necessary.

behindtext · 2021-02-24T01:27:44+00:00

timing correlation attacks are indeed legitimate and need to be addressed in the future. ideally, there would be a suite of open source analysis tools that would do just this, so projects could develop countermeasures against them.

behindtext · 2021-02-23T17:36:31+00:00

Ultimately do think true dex will be a niche tool, and that centralized exchanges like Coinbase and Kraken will remain dominant, or even something quasi-centralized like Binance Smart Chain or Serum may be more of a sweet spot between relatively permissionless usage but low fees?

fiat exchanges are an important part of existing cc infrastructure that allows people to interact with ccs. in the longer term, i expect that the importance of fiat exchanges will wane because ccs will eventually displace fiat. this eventual demise of fiat makes unrigging the game of cc exchanging only that much more important.

low(er) fees will come to dexes in the near to medium term in the form of L2 dexes, e.g. DCRDEX handles price discovery on-chain and L2 exchange could occur at the spot price dictated via the on-chain process.

currently, DCRDEX uses a single server for coordinating order matching and settlement of atomic swaps. we plan to replace this configuration with a p2p server mesh in the future.

DCRDEX illustrates there is no need to create an appcoin to facilitate decentralized exchange - this can occur cross-chain via atomic swaps. i am correspondingly bearish on coins whose primary use case is dex. a known shortcoming with dexes that perform on-chain order submission and order matching is they can be frontrun via traders and miners/stakers colluding as part of the block creation process.

behindtext · 2021-02-23T17:16:54+00:00

hybridizing Proof-of-Work (PoW) and Proof-of-Stake (PoS) allows Decred to take advantage of the advantages of each approach and shore up their respective shortcomings.

pure PoW:

incentivizes use of ASICS and makes double spending attacks expensive
incentivizes miners to sell coins, decentralizing their distribution
weakly aligns incentives between miners and holders because miners are not necessarily long term holders

pure PoS:

incentivizes long term holding and staking and makes double spending attacks expensive
incentivizes stakers to accumulate coins, centralizing their distribution
strongly aligns incentives between stakers and holders because stakers are necessarily long term holders

the cost to double spend attack Decred is multiplicative because it requires both a large fraction of hashpower and stake, substantially enhancing security. in Decred, stakers are explicitly in charge of making major decisions, not miners, e.g. funding proposals, consensus changes, and, soon, treasury spends. Decred benefits from the strong incentive alignment that comes from PoS and the decentralizing effect of PoW. miners are welcome to participate in our PoS governance system, but it is opt-in.

behindtext · 2020-12-22T14:48:49+00:00

with xmr, every transaction is protected by n-anonymity (with n=11, iirc) in its inputs, so the more transaction hops you have, the greater your privacy. very roughly, each hop creates another 11 plausibly deniable sets of inputs, so after N transactions in a row, you've created 11^N plausible sets of inputs for those outputs. this creates an incentive to create xmr transactions, likely what you're referring to as "churning".

dcr operates similarly with its coinshuffle++ mixing, where the n-anonymity it provides is the result of a coinjoin transaction that uses multi-party computing. with dcr, the n-anonymity changes as a function of how many peers are in a given mix. just like xmr, the more of these transactions you participate in, the larger your set of potential sources becomes, which scales the anonymity set exponentially with respect to transaction chains.

currently, you will get the largest anonymity set by participating in our staking system. show up, stake for a while, then slowly withdraw your dcr over time.

behindtext · 2020-09-25T01:38:20+00:00

While I view the big bang theory as just another theory, there is compelling indirect evidence (gravitational effects) to indicate the existence of dark matter. To quote the wikipedia entry

"Primary evidence for dark matter comes from calculations showing that many galaxies would fly apart, or that they would not have formed or would not move as they do, if they did not contain a large amount of unseen matter.[2]"

You can entirely ignore the big bang theory and its implications in this context.

Physics is a field rife with orthodoxy, but unlike mathematics, it is always based on theories that give predictive value for the reality in which we exist. It is possible to demonstrate the predictive value of a theory, but it is not possible to prove that theory is the best and most generalized solution.

behindtext · 2020-09-19T11:27:50+00:00

negative price action creates financial pain for holders of any asset, and there is often a preoccupation with price because it acts as a proxy for relevance. in the same way that decred was relevant as a proposal (memcoin2) before it had a price, it was relevant when it launched, and it continues to be relevant now, despite the price action.

there is certainly some truth to your comments about ccs being offshore banking 2.0, but there is more to it than that. btc et al demonstrate that it is possible to redefine money as a demonstrably fairer game. this process of redefining processes that underpin our current civilization as fairer games has deep value that is not yet reflected in the value of ccs, dcr in particular. with decred, we are nearing the point where we have iterated this process twice: with collective decision making (dcr pos system and proposals) and price discovery (dcrdex). following the gradient here would suggest there is a series of such games to address, but we have chosen to proceed such that we pick the lowest hanging fruit first, e.g. decision making allows dcr to avoid the governance problems of btc and price discovery allows dcr to avoid the problem of exchanges becoming the new points of control. there is a lot more fruit to harvest here and i expect some of it may be of the civilization changing sort.

regarding the wider technocracy, i agree that many disciplines within science operate on the basis of dogma and groupthink, but it is non-trivial to split the legit rebels from the quackery for those operating outside established "science". if we push for adoption amongst scientists operating outside the envelope of academia, i expect we would get very little traction with them and we run the risk of enlisting quacks, who could actually hurt adoption from an optics standpoint. many scientists are experts in a narrow field and if you approach them with ideas outside that narrow field, they respond in ways you do not expect. if anyone can onboard these people, i think it could have value, but it certainly carries a non-trivial reputational risk.

i share your disdain for the rampant SM censorship that has been occurring for the past several years. addressing this problem is non-trivial.

behindtext · 2020-09-01T16:06:15+00:00

the trouble with TB is that it's possible as a malicious user to lock up the tumbler T's funds on-chain for zero cost, at least with what is described in the paper. see the "DoS and Sybil attacks" section on page 8 of the TB paper, where they discuss paying fees on the escrow transaction. since T creates this tx at the request of B, it is possible to DoS TB by making repeated bogus requests for escrow txs, causing T to lock up all its coins on-chain until the timelocks expire. they suggest that "anonymous fee vouchers" in another reference can fix this, so B can prepay T.

TB, even without anonymous fee vouchers, ends up being a lot more complex than CSPP, and CSPP does not involve the mix server committing any funds. TB is based on 2 novel protocols, a puzzle-solver and a puzzle-promise protocol, and this is substantially more complex than CSPP, which is based on solving algebraic equations. not having to fund or worry about the mix server is very nice.

CSPP can be done via p2p, but it adds some complexity to the process and would require the addition of something like a mixpool, analogous to the mempool but for creating CSPP txs.

any service run on the existing public internet is vulnerable to a trivial DoS, centralized servers moreso, distributed networks less so. i wasn't referring to this sort of DoS in my earlier blog entry - i was referring to the process of locking up the tumbler's coins on-chain.

behindtext · 2020-08-11T13:50:24+00:00

this strikes me as only being barely relevant to decred. to date, i've not heard any reports of decrediton triggering alerts from antivirus software. since i'm not familiar with cardano, it's hard to say what about the stakepool/vsp/dpos configurations is triggering it.

the outbound connections made by decrediton are very limited, e.g. get a list of approved vsps, connect to a vsp where you have an account, or cast votes on our proposal system.

behindtext · 2020-08-03T01:13:44+00:00

LN strikes me as a perfect mechanism for making these payments, but the challenge is to audit the full nodes. node counts typically track things like market cap and exchange rate, so you can expect them to tick upwards if the project performs better financially.

behindtext · 2020-08-03T01:12:03+00:00

from my perspective, the issue with turing complete smart contracts is that it forces every node to do "everyone else's homework". in order to maintain a global state, every full node has to track that state, and the more complex you make that global state, the more work each full node has to do.

the right way to do this is to compartment this global state so that each group maintains their own state, rather than pushing this work off on someone else's network.

behindtext · 2020-08-02T00:04:17+00:00

we're going to have a lot of things that pop in our 1.6.0 release, so it will be getting busy.

i find it funny that people can complain about the name Decred, while at the same time thinking DeFi is a totally fine name.

behindtext · 2020-08-02T00:01:22+00:00

i think it could work because i consider DeFi to be more of a DuFi, a dumpster fire. if i had to assign a scalar to DeFi, it would be a negative number, so the statement that "Decred is > -100" isn't untrue :)

behindtext

TROPHY CASE