[cryptography] The Wandering Music Band

Natanael natanael.l at gmail.com
Thu Jan 8 06:12:35 EST 2015


Den 8 jan 2015 11:54 skrev "realcr" <realcr at gmail.com>:
>
> Hey, thanks again for the reply.
>>
>> The only notable difference is that in my version you are checkpointing
the change in th blockchain.
>>
>> You still have the very same form of signing, but you sign a slightly
different message (transfer of a colored coin, one Satoshi worth of
Bitcoin, to a new address) instead of "group members XYZ are now the
official group instead of ABC".
>
>
> I disagree with you, or maybe I have misunderstood you idea. I think that
Bitcoin is not related here.
>
> Bitcoin is all or nothing. If I want to use it, all the participants of
the network have to be part of it.
> That means that all the participants of the network have to compute
hashes all the time.
> In addition, every Bitcoin transaction involves all the participants of
the network.

I think you overestimate the impact of using Bitcoin. It isn't all our
nothing as not all members need to be full nodes, in fact none of them have
to be. While it is true that all full nodes must store all the
transactions, and that it gets forwarded in the network among most online
nodes as it gets published, only the latest one would need to be kept in
their index of the unspent outputs (UTXO set) from the blockchain. The
Bitcoin developers is constantly working on scalability, and the network is
meant to one day be able to handle thousands of transactions per second
(this is years off, though). The blockchain can easily be stored on MicroSD
cards!

Verifying the headers alone for decades worth of hashes takes at most
minutes on smartphones. And that's a one-time job per header hash, per
device. Each new header takes much less than a second to process.
Publishing and verifying the colored coin transactions is trivial too.

> Secrecy is not required. I meant to say that the band has the
responsibility of keeping the signatures and show them on demand.

You still don't get any meaningful security if old band members are assumed
to be untrusted and you don't use a public checkpointing mechanism.
Transfer of the title of being the real group must be a one-time only thing
for each version of the group, and must be impossible to backtrack from.
Bitcoin enforces this by design.

Other standard public checkpointing mechanisms don't verify if there's
conflicting messages or not, so then ALL messages that has been
checkpointed must be stored.

There are cryptocurrencies with similar functionality (doublespend
protection, conflicting assignments not allowed) and other trust models (no
proof-of-work for chain selection). As an example, Ripple is federated, a
set of trusted nodes agree on the order of transactions. This removes most
of your performance related issues. But I don't trust it if security is
important, it seems too ad-hoc. Then there's proof-of-stake which is very
problematic for a million different reasons (no guarantee there will be
concensus), but the network performance issues from Bitcoin remains here.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20150108/7a3e8fd1/attachment.html>


More information about the cryptography mailing list