When you read this sort of document, keep a few things in mind that don't normally come across well from non technical authors. There is no such thing as "blockchain technology", that is, you can't separate the block chain from Bitcoin without making it hopelessly vulnerable to attack. The functionality and security of the system relies on the premise that miners are only mining due to the financial reward. If you don't a reward you don't have miners, you have a highly inefficient way of storing transactional data. As such, concepts that claim to take Bitcoin and turn it into Uber, Craigslist, eBay, messaging, twitter, video distribution, file storage are all complete nonsense spewed out by an author with little or no concept of the functioning of the network.
If anybody is claiming to take "block chain technology" and cram it into another system to make it decentralised, you ought to be showing them the door.
> Ripple disputes that they are affected, stating “All is fine and well with the Ripple protocol.
What Ripple/Stellar (same thing, different name) is a system which absolutely can not come to consensus under normal operational conditions. To solve this they have made the system entirely centralised, which isn't a problem for them but is for anybody who believes it to be decentralised. When you read things about Ripple know that there's two flavours: "Ripple", which is the original concept, and OpenCoin's "Ripple", which has a different technical underpinning. A lot of the early praise you'll see for Ripple was for the pre-OpenCoin version, which wasn't so heavily flawed as the one known today is.
I don't quite get why it's even mentioned in the parent article, it doesn't even have a block chain to begin with.
> the potentially extraordinary Ethereum project, built to "decentralize the web" with its blockchain, which recently raised $15 million (in bitcoin, of course) by pre-selling its cryptocurrency prior to next year’s launch
I've still not met anybody who can tell me what Ethereum is without using the words "turing complete" (which it's not due the halting problem, just like Bitcoin). Most of the information you can get from secondary sources seems to just mirror Bitcoin (you can do this awesome thing, but you'll need an oracle to do it..).
The idea with ethereum is that oracles will be able to have a much finer granularity; whether this allows for more useful apps still remains to be proven by us in the ethereum community.
(Also, there are plenty of folks like myself working on oracle-free apps, but since these are based on unproven economic models at this point, it would be negligent for us to promote them widely before we have evidence that such designs work in practice, on the live ethereum blockchain)
It allows for arbitrary rules. For instance, you could make some currency that has the concept of grain and wood, and then you could make a transaction that converts one of each into roads. I'm not sure why that would be useful, but it's something that could be done, that couldn't be done in bitcoin.
From a user's perspective: Bitcoin's client lets you pay people. Ethereum's client has a bunch of apps that let you do all sorts of financial activities: gamble, invest, loan, borrow, crowdfund, insure, etc. Anyone can write an app and put it on the network without bothering to maintain a server.
"Decentralizing the web" comes from bringing in other p2p protocols for messaging and storage. Eg., if you can use cryptocurrency contracts to pay for verified storage, you can make sure files stay available without using servers.
Oracles could be useful for contracts that depend on external data but aren't the only solution.
> To solve this, they have made the system entirely centralized
True for Stellar, untrue for Ripple. It's a stopgap while they work things out and reimplement the consensus algorithm; as the article said, distributed systems are hard. And I'd rather they try to replace mining with something not horribly energy-inefficient than assume that PoW is the only way to achieve consensus.
And yes, their ledgers are blockchains, they work in identical fashion, with consensus replacing mining.
Bitcoin in it current form will (most likely) never replace traditional currencies because it is either to easy to attack or prohibitively expensive. Right now the Bitcoin network consists of mining hardware worth 100 million Dollars and consumes electricity worth 219 million Dollars per year [1]. While 100 million Dollars is not nothing it would still be affordable by most states and even large companies or rich individuals to effectively shut down the Bitcoin network by gaining a large share or even the majority of the network hash rate.
If Bitcoin would gain widespread adoption and see transaction worth billions of Dollars every day, it could easily become a worthwhile attack target even at the mentioned attack costs. The only protection would be to use a lot more mining hardware worth billions of Dollars to make an attack to expensive but this in turn would also raise the energy consumption proportionally and in the end the costs per transaction. I think that in this regard Bitcoin is fundamentally flawed because - up to some limit - you want the transaction volume protected by a proportional amount of mining hardware causing proportional energy and transaction costs which then imposes a lower bound on the costs per transaction.
but this in turn would also raise the energy consumption proportionally
I'm curious about this point. Is this true? Does the energy cost increase in proportion to the hardware cost? It seems like bitcoin mining hardware becomes much more energy efficient with each new generation.
The mining efficiency - hashes per Joule - is unimportant. The important quantity is power consumption over hardware price and I admittedly just eyeballed that from the linked mining hardware list [1].
EDIT: Deleted parent comment suggested hard forks to prevent 51 % attacks.
See my response to your first comment - you can not simply prevent any 51 % attack by changing the protocol. By the way, I am not downvoting your comments, I am (usually) not voting on any responses to me but let the other users judge.
The cost of securing the network doesn't really mirror the transaction volume. The effort is the same irrespective of the number of transactions in a block.
It's actually a lot cheaper to attack the network than you are stating, almost all mining uses Stratum which has been successfully redirected using BGP route hijacking in the past. It has no methods of authentication and does no way of integrity checking what it is mining against. A simple "mistake" in routing could have all of a countries hash power redirected to a malicious actor. You don't need power, datacenter or miners, a $5 wrench applied to the right head would do the trick just fine.
The cost of securing the network doesn't really mirror the transaction volume. The effort is the same irrespective of the number of transactions in a block.
They don't have to be proportional but you want them to be. You neither want to transfer billions of Dollars only protected by mining hardware and energy worth a couple thousand Dollars, nor do you want to protect transfers worth a million Dollars with mining hardware and energy worth billions of Dollars.
It's hard to quantify what is secure and what is not. Actually working out what the incentives are for the system is surprisingly tricky, miners have all sorts of different motivations that conflict even when they would appear to be highly illogical on paper. Miners today include transactions with zero fees, where in a naive model of the network they probably wouldn't. The justification is often that it's financially sensible for them to do this because it inspires confidence in the system, making the price higher, which in turn makes their income higher.
The lack of possibility for a pricing feedback loop makes this all a little tricky too, as the system can't make any changes based on external influences.
Can you spell out the specific attack that you think could take place? In practice, I don't think a large scale double spend would work.
Someone with 51% of the network (as you say, costing $100M+ of mining equipment currently) could execute an arbitrary double spend attack. If they are financially motivated, they might try an attack like this:
1) Buy a large asset (say a publicly traded company, a huge tract of real estate, a closet full of gold) with bitcoin.
2) Wait for the transaction to clear. For a large asset purchase such as the above, this could take weeks.
3) Once the asset is in hand, use your mining power to reverse the transaction.
There is a critical flaw in this plan: you are obviously stealing, and the justice system will treat your actions as theft. If you try this for a reversible asset transfer, like real estate, they will reverse the transfer in addition to punitive measures. For gold, you might be able to hide the gold somewhere, but again at that point it is just common theft.
Attacks that are not financially motivated are a different story; a nation state or other party could try to 51% the network simply to destroy bitcoin. Of note here is the fact that nation states have more straightforward ways of hurting bitcoin, starting with outright bans.
I am not thinking about attacks for financial gains - if you already have 100 million Dollars there are probably better ways to get some more money than trying to double-spend Bitcoins. The really bad scenarios are probably adversary states or terroristic organization shutting down the circulation of money in case a state or a couple of states decide to use Bitcoin as the primary currency.
I just wanted to state why I don't share the more or less common believe that Bitcoin can replace traditional currencies, I did not want to imply anything else about what Bitcoin can, can not or should do. But if you bring it up, I don't think Bitcoin is competitive with alternatives like credit cards or PayPal because of the high transaction costs.
What high costs? the miner fee is like 4 cents whether you send 1$ or 1$ million, and you don't have to pay it if you are cheapskate at expense of waiting longer for confirms.
The article lines out how to neutralize an attacker mindlessly building a chain of useless transaction but this obviously does not solve the problem. What if the attacker forks and rebuilds the chain of the last week but randomly leaves out every tenth transaction while slowly poisoning the genuine chain with useless transactions until the algorithm decides to switch? You just undid thousands of transaction originally confirmed a week ago. If you could just make up a couple of rules to prevent all 51 % attacks they would not be an issue in the first place. But this again would imply that it does not matter how the computing power is distribute between the good guys and the bad guys which obviously completely contradicts the fundamental design of Bitcoin.
EDIT: Deleted parent comment quoted the attackers-can't-list from [1].
You are quoting the wrong part. This only holds if the attacker does not try to build a side-chain.
It's much more difficult to change historical blocks, and it becomes exponentially more difficult the further back you go. As above, changing historical blocks only allows you to exclude and change the ordering of transactions. It's impossible to change blocks created before the last checkpoint.
The "Bitcoin battle" exists mostly in the minds of people promoting some get-rich-quick scheme of their own. There were about 175 altcoins the last time I looked. Only a few have any significant liquidity.
"Blockchain technology" runs into one of the biggest problems on the Internet - identities are too easy to create, so anything based on voting has spam problems. Distributed identity is an unsolved problem. There's a long track record of failures, from Web of Trust to Facebook's "real names" policy. Bitcoin deals with this using "mining". The effect is to require operations the size of Google data centers to maintain a database and transaction rate one desktop machine could handle easily. Bitcoin isn't very distributed any more; there are about half a dozen big players. That wasn't the plan.
None of the alternatives look good. There's centralization (Ripple, Paycoin 2), proof-of-stake (the rich get richer), using algorithms unsuitable for ASIC or GPU implementation (big floating point matrix calculations, maybe), and various tweaks to make the block chain a tree so not everybody has to store the whole chain. So far, those are mostly talk, except for the centralized altcoins.
8 have a daily volume over $100,000: Bitcoin, Litecoin, Ripple, Dogecoin, Stellar, NewBits, Paycoin (XPY; there are two Paycoins), and Bitshares. Those, you might be able to sell without crashing the market. (Maybe not Paycoin, which looks like a pump and dump in the "dump" phase. See Reddit or any Paycoin message board for details.)
A clickbait battle is needed for TechCrunch while the bitcoin/blockchain users and developers experiment with new fields of use. And because it didn't really work for TC when they posted it a few weeks ago, let's try again! :-(
But after that soft fork, most subsequent blockchain innovation and experimentation will probably happen on sidechains
It's far from clear that will in fact happen - mined sidechains that aren't widely adopted by miners are insecure, just like small altcoins are vulnerable to 51% attacks. Even worse the 2-way-peg mechanism Blockstream proposes trusts hashing power to determine where coins go so an attacker not only destroys the sidechain, but has a direct financial incentive to do so because destroying the sidechain lets them steal all the money that has been moved to it. Equally even if a majority of miners support a given sidechain, they can always change their minds later and take the funds. (quite possibly due to a temporary problem, like a hack or a a court order)
To solve this problem Blockstream explicitly proposes that smaller or experimental sidechains without majority support use a "federated" model where one or more trusted authorities controls the sidechain. Of course, needless to say needing a trusted third party to keep the sidechain secure isn't a good solution in many cases - they're essentially acting as a bank and it's extremely difficult to design systems where that bank can't profitably steal all the funds.
That's the problem: merge-mining means there's zero cost to attacking a sidechain. Of course, people like to invoke economic incentives here and say there's opportunity cost with the idea that the sidechain will pay ongoing fees or something. But this is a very untested idea to put it charitably - keeping Bitcoin itself secure with only fees is widely considered to be an unsolved problem, and that problem doesn't have a reward in the form of a bunch of 2-way-pegged Bitcoins waiting to be stolen.
Ultimately I think media coverage of this is really misunderstanding how sidechains are very far from a proven idea, except in the centralized model where you trust someone to maintain the sidechain. Equally it's pretty clear that they have a high risk of making the incentives behind Bitcoin mining even further tilted towards centralization of hashing power.
I feel that the other side: zero cost to protect a sidechain, is a much bigger benefit. Presumably, the sidechain has mining rewards as well, which devalue the amount of BTC you get when going back to the main chain.
Most of the time when an author uses an analogy to help explain something to do with computers, the analogy wastes more time and causes more confusion IMHO than it is worth.
Bitcoin is a nice tech, but all I see is libertarians and other fed haters using its hype to bolster a political agenda, like the internet could change the economy or something like that.
The blockchain could be used for many other things though that could be game changing, like a publicly distributed database with trusted data. but I don't think many really are able to understand how it really works, and I don't users would really trust it.
"Bitcoin true believers think it will ultimately do to Wall Street what the Internet did to fax machines"
Uhhhhhh yeah, because the internet totally killed fax machines right? The last three fortune 500 companies I've worked for still actively used fax machines which were integrated into their copy machines. They're very much far from being extinct.
I'm not sure where you came to the conclusion that it meant complete and utter annihilation vs something much less dramatic like moving from the primary way to send and share important documents to a marginalized secondary player kept alive mostly due to legacy/dated procedures. Trust me no one who is 10 years or under today is ever going to send a fax in their professional life.
Bitcoins are worthless. They have no value. The whole thing is a scam. The ASIC manufacturers have been raided by the government, the major exchanges have been shut down for fraud. I mean, even their inventor keeps himself anonymous.
Bitcoins entered 2013 worth $14, a historic high at the time. By November 2013 it hit $1160 on the hype cycle. It has only fallen since then - it is <$320 currently, a historic post-high low.
It is going to keep sinking. It is worthless. It has no value. It is going to $0. All those who talk about bubbles and the dot-com bubble can see how the $5 billion Bitcoin market cap was created out of nothing. I mean, this is the central demonstration of a bubble, a scam, a Ponzi scheme in our time. Look at all the VC's and angels etc. shilling for this scam. Why not? They will make money, only the suckers who believe them and shell out $320 for these worthless hashes will lose money.
It's pointless to dwell on this too much, but the Bitcoin scammers are rampant on HN. They are trying every means to hype their worthless, valueless product, so this post will surely get downvoted to oblivion. Anyone who listened to me when Bitcoins were worth $460 and I said the same thing ( https://news.ycombinator.com/item?id=6753545 ) would have saved themselves a 30% loss. But the scammers here don't want suckers warned, this post will be downvoted to oblivion so people don't see it and the next round of suckers will get robbed by the scammers.
