Comments for MetaStable http://metastablecapital.com Long-term value investing crypto asset hedge fund Thu, 01 Jan 2015 04:53:59 +0000 hourly 1 https://wordpress.org/?v=4.9.5 Comment on Thoughts on Sidechains by Adam Back http://metastablecapital.com/thoughts-on-sidechains/#comment-11 Thu, 01 Jan 2015 04:53:59 +0000 http://metastablecapital.com/?p=277#comment-11 Alternative PoW schemes can work on sidechains. I dont believe any of them work, and Andrew Poelstra has a proof that PoS for example doesnt work https://download.wpsoftware.net/bitcoin/pos.pdf and Greg Maxwell was warning ripple their protocol doesnt work and can fork https://bitcointalk.org/index.php?topic=144471.0, for years before stellar copied and then network-forked. But there are other PoS and PoW hybrid proposals. I personally claim ASIC resistant PoW is a fallacy that misunderstands basic computer science hardware-wins and it doesnt have to win by much in a commodity priced PoW scheme to constitute a fail. Changing to a hash which is less power-dense just results in more ASIC vulnerability (ASICs are underclocked because SHA256, as common crypto hashes designed for efficient hardware implementation, is very power dense, very high toggle rate – aka all gates firing all the time; if they didnt underclock it would overheat in seconds and fail or burn the chip. Changing to one that is memory intensive is also less power-dense, and therefore more ASIC-weak and we’ve seen Scrypto triple-fail: first to be GPU-hard (when the GPU miner was significantly faster than CPU), and now there are Scrypt ASICs (again faster than GPU) and actually offering a higher speed up ratio than SHA256 mining. Changing to a different hash (Blake2) which has a lower gate count/Hash just results in the difficulty jumping by the gate count ratio between SHA256 and Blake2 and makes no difference. Changing to multiple hashes (X11/X13) lowers the toggle rate, allows higher clocks, and is also ASIC-weaker as well as needlessly complex, harder to design resulting in more centralisation. Its sort of the perpetual motion of bitcoin design – it has an allure – and a utility (more decentral maybe) – but its impossible in a slightly subtle way. There are dozens of broken or net loss schemes lying around, all motivated by bitcoin. (Prior to 2008 there was hashcash a public key precursor due to Dwork & Naor, less efficient/compact, more complex and probably non-poisson if attacked; post 2008 there are dozens that mostly out right failed, and the rest are net loss to ASIC resistance I expect in conclusion, or insufficiently different to be worth changing to unless there is a pressing need – Hashcash-SHA256^2 is good enough.

Finally if there was one that was a marginal improvement and someone wanted to try it, actually you’re incorrect and it can be done on a sidechain in a slightly non-obvious way. You have a PoW translating sidechain that pegs to bitcoin using SHA256 and pegs to the actual sidechain using the perpetual-motion-hash.

Bitcoin btw is not being hostile to innovation, people are actually interested in PoS like things and so on. Its just that they investigated and broke them, and the people who like them wont listen because they have an alt resting on them and want to make money from speculation or whatever. If some actual usable innovation were to emerge from the sea of 1000+ clone-coin and few feature coins, innovation is innovation and bitcoin could more easily validate and incorporate complex changes via sidechains.

Thats it for PoW, there’s more, but overall nice article.

Adam

]]>