fred/wallet
1
0
Fork 0
forked from cheng/wallet
Code Pull Requests Activity

Since "proof of stake" already means something else

Browse Source 
changed it to proof of share.
Made a small start on populating the horizontal navbar
discovered that no end of my documentation has been broken
by events and should not be linked in.
This commit is contained in:
reaction.la 2023-09-04 20:04:59 +10:00
parent 3c3a22578d
commit b5beb723c4
No known key found for this signature in database
GPG Key ID: 99914792148C8388
23 changed files with 372 additions and 436 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/blockdag_consensus.md
View File

@ -3,13 +3,16 @@
title: Blockdag Consensus
...
Not ready for publication. "stake" is currently used in a different sense on blockchains, and this describes
a system in which wallets are peers and peers are wallets, which is a pretty bad idea.
# The problem
For the reasons discussed, proof of work is incapable of handling a very large number of transactions per second. To replace fiat money, we need a consensus algorithm capable of a thousand times greater consensus bandwidth. There are plenty of consensus algorithms that can handle much higher consensus bandwidth, but they do not scale to large numbers of peers. They are usually implemented with a fixed number of peers, usually three peers, perhaps five, all of which have high reliability connections to each other in a single data centre.
In a decentralized open entry peer to peer network, you are apt to get a very large number of peers, which keep unpredictably appearing and disappearing and frequently have unreliable and slow connections.
Existing proof of stake crypto currencies handle this by "staking" which is in practice under the rug centralization. They are not really a decentralized peer to peer network with open entry.
Existing proof of share crypto currencies handle this by "staking" which is in practice under the rug centralization. They are not really a decentralized peer to peer network with open entry.
## The solution outlined
@ -549,7 +552,7 @@ And bitcoin consensus is slow, because the way a fork is resolved is that
blocks that received one branch fork first continue to work on that branch,
while blocks that received the other branch first continue to work on that
branch, until one branch gets ahead of the other branch, whereupon the
leading branch spreads rapidly through the peers. With proof of stake, that
leading branch spreads rapidly through the peers. With proof of share, that
is not going work, one can lengthen a branch as fast as you please. Instead,
each branch has to be accompanied by evidence of the weight of stake of
peers on that branch. Which means the winning branch can start spreading
@ -684,7 +687,7 @@ We intend that peers will hold no valuable or lasting secrets, that all the
value and the power will be in client wallets, and the client wallets with
most of the value, who should have most of the power, will seldom be online.
I propose proof of stake. The stake of a peer is not the stake it owns, but
I propose proof of share. The stake of a peer is not the stake it owns, but
the stake that it has injected into the blockchain on behalf of its clients
and that its clients have not spent yet, or stake that some client wallet
somewhere has chosen to be represented by that peer. Likely only the

2
docs/contracts_on_blockchain.md
View File

@ -145,7 +145,7 @@ flexibility is likely to bite people.
# Atomic Swaps on separate blockchains
A proof of stake currency is like a corporation, like shares in a
A proof of share currency is like a corporation, like shares in a
corporation.  So we are going to have many corporations, and individuals
will want to exchange shares in one corporation, with shares in
another.  We would like to do this without direct linking of

2
docs/index.md
View File

@ -1,7 +1,7 @@
---
title: How to Save the World
...
I have almost completed an enormous design document for an uncensorable social network intended to contain a non evil scalable proof of stake currency, and I have a wallet that can generate secrets, but the wallet is missing no end of critical features it is pre-pre alpha. When it is early pre alpha, I am going to publish it on Gitea, and call for assistance.
I have almost completed an enormous design document for an uncensorable social network intended to contain a non evil scalable proof of share currency, and I have a wallet that can generate secrets, but the wallet is missing no end of critical features it is pre-pre alpha. When it is early pre alpha, I am going to publish it on Gitea, and call for assistance.
Here is a link to one version of the [white paper](social_networking.html), focusing primarily on social media. (But though information wants to be free, programmers need to get paid.)

5
docs/libraries.md
View File

@ -2,6 +2,11 @@
title: Libraries
...
This discussion is way out of date because a rust recursive snark library
is now available, and making it public would impose a huge burden on me
of keeping it current and accurate, when events would render it continually
out of date.
# Wireguard, Tailwind, and identity
Wireguard is a secure vpn.

2
docs/merkle_patricia_dag.md
View File

@ -400,7 +400,7 @@ valid, you have an enormous number of small proofs that each
particular part of the blockchain is valid. This has three
advantages over the chain structure.
1. A huge problem with proof of stake is "nothing at stake".
1. A huge problem with proof of share is "nothing at stake".
There is nothing stopping the peers from pulling a whole
new history out of their pocket.\
With this data structure, there is something stopping them. They

4
docs/names/names.md
View File

@ -147,9 +147,9 @@ cryptographic identifiers, which is a pain. We would like to be able to send
and receive money without relying on identifiers that look like line noise.
So we need a system similar to namecoin, but namecoin relies on proof of
work, rather than proof of stake, and the states computers can easily mount
work, rather than proof of share, and the states computers can easily mount
a fifty one percent attack on proof of work. We need a namecoin like system
but based on proof of stake, rather than proof of work, so that for the state
but based on proof of share, rather than proof of work, so that for the state
to take it over, it would need to pay off fifty one percent of the
stakeholders and thus pay off the people who are hiding behind the name
system to perform untraceable crypto currency transactions and to speak the

195
docs/program/May_scale_of_monetary_hardness.html
View File

@ -1,195 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
max-width: 30em;
margin-left: 2em;
}
.center {text-align:center}
.red{color:#BF0000; background-color:#FFFFFF;}
.green{color:#00C000; background-color:#FFFFFF;}
body{color:#000000; background-color:#FFFFFF;}
</style>
<link rel="shortcut icon" href="../rho.ico"><title>May scale of monetary hardness</title>
</head>
<body>
<h1>May scale of monetary hardness</h1>
<p><a href="./index.html"> To Home page</a> </p>
<p>
J.C. May defined the following scale of monetary hardness.
The following is mostly his words, edited to bring them up to
date.</p>
<table border="1" cellpadding="6" cellspacing="0" width="95%">
<tbody>
<tr>
<td colspan="2" style="background-color: #99CC66;
text-align:center;">May Scale of monetary hardness </td>
</tr>
<tr>
<td style="text-align:center;"><b> Hardness</b> </td>
<td> <br/>
</td>
</tr>
<tr>
<td colspan="2" style=" text-align:center;">Hard</td>
</tr>
<tr>
<td class="center"><b>1</b></td>
<td>Street cash, US dollars</td>
</tr>
<tr>
<td class="center"><b>2</b></td>
<td>Street cash, euro currencies, japan</td>
</tr>
<tr>
<td class="center"><b>3</b></td>
<td>Major crypto currencies, such as Bitcoin and Monaro</td>
</tr>
<tr>
<td class="center"><b>4</b></td>
<td>Street cash, other regions</td>
</tr>
<tr>
<td class="center"><b>5</b></td>
<td>Interbank transfers of various sorts (wires etc),
bank checks</td>
</tr>
<tr>
<td class="center"><b>6</b></td>
<td>personal checks</td>
</tr>
<tr>
<td class="center"><b>7</b>
</td>
<td>Consumer-level electronic account transfers (eg
bPay)</td>
</tr>
<tr>
<td class="center"><b>8</b></td>
<td>Business-account-level retail transfer systems</td>
</tr>
<tr>
<td colspan="2" style=" text-align:center;">Soft</td>
</tr>
<tr>
<td class="center"><b>9</b></td>
<td>Paypal and similar 'new money' entities, beenz</td>
</tr>
<tr>
<td class="center"><b>10</b></td>
<td>Credit cards</td>
</tr>
</tbody>
</table>
<h2 class="green">Three essays from different periods follow</h2>
<hr><p>Observe that say stock brokerages definitely do not accept credit cards or
paypal to fund an account. They will only accept instruments that are very hard,
such as wire transfers or certified bank checks.</p><p>
When hard money is required, only money-types with a hardness of about 5
or better will do the job.</p><p>
On the other hand, if you're purchasing an online subscription, or
consumer goods from a large retailer, softer money-types are more acceptable.</p><p>
When dealing with conversions <b>between</b> different types of money,
generally you can only go "downwards" on the May scale.</p><p>
Thus, for example it is very easy to accept cash-dollars, and handout
paypal-dollars in return. But it would be almost impossible to accept credit cards or
paypal-dollars,and hand out cash in return.</p>
<hr/>
<p><em>It is extremely significant that <b>individuals</b> tend to require harder money in their transactions.</em></p><p>
Corporations and large bodies <b>can get away with</b> using softer money, as they have more political (in the broad sense) power to affect the outcome of dubious or revoked transactions.</p><p>
For instance, selling you a car, I could only trust you if you pay me
with a hard money. Say, no softer than 5 on the may scale.
No-one takes a personal check when selling a car.</p><p>
A car dealership, though, can trust you with somewhat softer money .. say up to 7/8 on the May scale (they probably would not take credit cards, though).</p><p>
WalMart can trust you all the way through to 10 when you buy goods at WalMart. (WalMart have more political recourse if a payment repudiates.)</p><p>
<b>We are entering the age of the "sovereign individual" where individuals will have ever-more power.</b> More and more, individuals will be able to behave in ways previously reserved for large government or corporate entities. More and more, individuals will be able to fulfill functions previously dominated by large government or corporate entities.</p><p>
For instance, it would have been in inconceivable in <b>1900</b> for one individual to, say, set up and operate a stock market. That would be and could only be the work of a large, powerful, social-political-corporate group.</p><p>
However in <b>2000</b>, one individual could completely program and operate stock market with a few hours programming and a web site.</p><p>
Money systems that are higher up on the may scale are <b>more suitable for individuals</b>.</p><p>
As we move more and more into the age of the "sovereign individual", where individuals will replace many of the functions of corporate/government entities, <b>there will be more and more demand for money systems that are higher-up on the may scale</b>.</p>
<p class="green"> The above essay turned out to be optimistic, but a successor to bitcoin may accomplish what e-gold failed to accomplish.
<hr>
<p class="green">
Original (oldest) essay, where Tim May first proposed the May Scale of Monetary Hardness:<br/>
This essay was written in the time when e-gold appeared to be successful. E-gold attempted to do what Bitcoin is attempting to, and failed. Bitcoin was inspired in substantial part to fix the problems that killed e-gold. The centralized single-point-of-failure ledgers of e-gold came under attack by the state, by scammers, and by state backed scammers.</p>
<pre>
&gt;Your question provokes us to focus on a major factor inhibiting the growth
&gt;of e-gold that theres no common way now to put money into an account fast
&gt;(as in a matter of minutes instead of hours or more likely, days and weeks).
&gt;An ironic situation, considering that e-gold is destined for greatness as
&gt;the currency of the internet.
</pre><p>
Its worth noting that funding say a trading account with your
stock broker is just as "difficult" as buying e-gold. </p><p>
For that matter, funding a new BANK ACCOUNT is just as difficult as
buying e-gold.</p><p>
When you open a stock broking account at etrade or whatever, you
certainly cannotget funds there instantly your options are wire
and wait days, bank check or cashiers check and wait a week or a
personal check and wait a couple of weeks.</p><p>
A stock broking account, like buying e-gold, is a very HARD form of
money. Whenever you are trying to buy a very HARD form of money,
using a softer form of money.
</p>
<p>
Here is the "May Scale" of money hardness (comments invited)
</p>
<pre> --hard--
1 street cash, US dollars
2 street cash, euro currencies, Aus, japan
3 egold
4 street cash, other regions
5 interbank transfers of various sorts (wires etc)
6 checks
7 consumer-level electronic account transfers (eg bPay in Australia)
8 business-account-level retailer transfer
--soft--
9 paypal and similar 'new money' entities
10 credit cards
--ludicrously soft!--
</pre>
It is not meant to be definitive (eg, 6 and 7 could perhaps be
swapped; I left out cash on call at your stock broker, which is
probably around "2", etc) but gives a framework to think in.<p>
Now if you're a retailer and you're selling VCRs, sure, you can take
poxy money around the May Scale of 8, 9 or 10.</p><p>
But if you're a "retailer" and what you're selling is money itself
ie, you are selling e-gold, or you are Quick &amp; Reilly it
is EXCEEDINGLY DIFFICULT to accept anything with May Scale &gt; about 5.</p><p>
(Note that at coconutgold, we simply only accept wires! All the exchange providers for e-gold who accept money on the May Scale of 9 or 10 are very brave, tough, and quite understandably have to charge fairly high premiums to do so!)</p><p>
Again the point --- its no surprise or horror that it is somewhat DIFFICULT to get e-gold, to fund e-gold .... its for exactly the same reason that you cant instantly fund a stock broking account.</p><p>
Observe that at Bananagold, we TAKE IN #3 and PUT OUT #8 .. so thats a very 'secure' transaction. The #3 transactions is essentially not reversible, whereas the #8 transaction is a joke, we could reverse it anytime with a short argument on the phone.)</p><p>
What a surprise! that banks will only accept money that is at the 1 to 4 end of the May Scale, and they are only really happy giving you money on the 6 to 10 end of the May Scale!</p>
<p style="background-color : #ccffcc; font-size:80%">These documents are licensed under the <a rel="license" href="http://creativecommons.org/licenses/by-sa/3.0/">Creative Commons Attribution-Share Alike 3.0 License</a></p>
</body>
</html>

187
docs/program/May_scale_of_monetary_hardness.md Normal file
View File

@ -0,0 +1,187 @@
---
lang: en
title: May scale of monetary hardness
---
Long ago, cypherpunks created e-gold, to solve the problem of the seigniorage tax (inflation), and intermediaries blocking, reversing, and confiscating internet transactions. J. C. May explained the reasons for e-gold.
E-gold was gold remaining in place, while ownership of the gold moved around. Then, naturally, governments confiscated the gold.
In response to this problem, Satoshi came up with Bitcoin. So e-gold is no more, but J. C. May's discussion of e-gold is as relevant as ever.
J.C. May defined the following scale of monetary hardness.
The following is mostly his words, edited to bring them up to
date.
```{=html}
<table border="1" cellpadding="6" cellspacing="0" width="95%">
<tbody>
<tr>
<td colspan="2" style="background-color: #99CC66;
text-align:center;">May Scale of monetary hardness </td>
</tr>
<tr>
<td style="text-align:center;"><b> Hardness</b> </td>
<td> <br/>
</td>
</tr>
<tr>
<td colspan="2" style=" text-align:center;">Hard</td>
</tr>
<tr>
<td class="center"><b>1</b></td>
<td>Street cash, US dollars</td>
</tr>
<tr>
<td class="center"><b>2</b></td>
<td>Street cash, euro currencies, japan</td>
</tr>
<tr>
<td class="center"><b>3</b></td>
<td>Major crypto currencies, such as Bitcoin and Monaro</td>
</tr>
<tr>
<td class="center"><b>4</b></td>
<td>Street cash, other regions</td>
</tr>
<tr>
<td class="center"><b>5</b></td>
<td>Interbank transfers of various sorts (wires etc),
bank checks</td>
</tr>
<tr>
<td class="center"><b>6</b></td>
<td>personal checks</td>
</tr>
<tr>
<td class="center"><b>7</b>
</td>
<td>Consumer-level electronic account transfers (eg
bPay)</td>
</tr>
<tr>
<td class="center"><b>8</b></td>
<td>Business-account-level retail transfer systems</td>
</tr>
<tr>
<td colspan="2" style=" text-align:center;">Soft</td>
</tr>
<tr>
<td class="center"><b>9</b></td>
<td>Paypal and similar 'new money' entities, beenz</td>
</tr>
<tr>
<td class="center"><b>10</b></td>
<td>Credit cards</td>
</tr>
</tbody>
</table>
```
[Three essays from different periods follow:]{.bigbold}
<hr>
Observe that say stock brokerages definitely do not accept credit cards or
PayPal to fund an account. They will only accept instruments that are very hard,
such as wire transfers or certified bank checks.
When hard money is required, only money-types with a hardness of about 5
or better will do the job.
On the other hand, if you're purchasing an online subscription, or
consumer goods from a large retailer, softer money-types are more acceptable.
When dealing with conversions **between** different types of money,
generally you can only go "downwards" on the May scale.
Thus, for example it is very easy to accept cash-dollars, and handout
PayPal-dollars in return. But it would be almost impossible to accept credit cards or
PayPal-dollars,and hand out cash in return.
<hr>
*It is extremely significant that **individuals** tend to require harder money in their transactions.*
Corporations and large bodies **can get away with** using softer money, as they have more political (in the broad sense) power to affect the outcome of dubious or revoked transactions.
For instance, selling you a car, I could only trust you if you pay me
with a hard money. Say, no softer than 5 on the may scale.
No-one takes a personal check when selling a car.
A car dealership, though, can trust you with somewhat softer money .. say up to 7/8 on the May scale (they probably would not take credit cards, though).
WalMart can trust you all the way through to 10 when you buy goods at WalMart. (WalMart have more political recourse if a payment repudiates.)
**We are entering the age of the "sovereign individual" where individuals will have ever-more power.** More and more, individuals will be able to behave in ways previously reserved for large government or corporate entities. More and more, individuals will be able to fulfill functions previously dominated by large government or corporate entities.
For instance, it would have been in inconceivable in **1900** for one individual to, say, set up and operate a stock market. That would be and could only be the work of a large, powerful, social-political-corporate group.
However in **2000**, one individual could completely program and operate stock market with a few hours programming and a web site.
Money systems that are higher up on the may scale are **more suitable for individuals**.
As we move more and more into the age of the "sovereign individual", where individuals will replace many of the functions of corporate/government entities, **there will be more and more demand for money systems that are higher-up on the may scale**.
The above essay turned out to be optimistic, but a successor to bitcoin may accomplish what e-gold failed to accomplish.
<hr>
::: myabstract
Original (oldest) essay, where Tim May first proposed the May Scale of Monetary Hardness:\
This essay was written in the time when e-gold appeared to be successful. E-gold attempted to do what Bitcoin is attempting to, and failed. Bitcoin was inspired in substantial part to fix the problems that killed e-gold. The centralized single-point-of-failure ledgers of e-gold came under attack by the state, by scammers, and by state backed scammers.
:::
> >Your question provokes us to focus on a major factor inhibiting the growth
> >of e-gold that theres no common way now to put money into an account fast
> >(as in a matter of minutes instead of hours or more likely, days and weeks).
> >An ironic situation, considering that e-gold is destined for greatness as
> >the currency of the internet.
Its worth noting that funding say a trading account with your
stock broker is just as "difficult" as buying e-gold.
For that matter, funding a new BANK ACCOUNT is just as difficult as
buying e-gold.
When you open a stock broking account at etrade or whatever, you
certainly cannotget funds there instantly your options are wire
and wait days, bank check or cashiers check and wait a week or a
personal check and wait a couple of weeks.
A stock broking account, like buying e-gold, is a very HARD form of
money. Whenever you are trying to buy a very HARD form of money,
using a softer form of money.
Here is the "May Scale" of money hardness (comments invited)
--hard--
1 street cash, US dollars
2 street cash, euro currencies, Aus, japan
3 egold
4 street cash, other regions
5 interbank transfers of various sorts (wires etc)
6 checks
7 consumer-level electronic account transfers (eg bPay in Australia)
8 business-account-level retailer transfer
--soft--
9 paypal and similar 'new money' entities
10 credit cards
--ludicrously soft!--
It is not meant to be definitive (eg, 6 and 7 could perhaps be
swapped; I left out cash on call at your stock broker, which is
probably around "2", etc) but gives a framework to think in.
Now if you're a retailer and you're selling VCRs, sure, you can take
poxy money around the May Scale of 8, 9 or 10.
But if you're a "retailer" and what you're selling is money itself
ie, you are selling e-gold, or you are Quick & Reilly it
is EXCEEDINGLY DIFFICULT to accept anything with May Scale \> about 5.
(Note that at coconutgold, we simply only accept wires! All the exchange providers for e-gold who accept money on the May Scale of 9 or 10 are very brave, tough, and quite understandably have to charge fairly high premiums to do so!)
Again the point --- its no surprise or horror that it is somewhat DIFFICULT to get e-gold, to fund e-gold .... its for exactly the same reason that you cant instantly fund a stock broking account.
Observe that at Bananagold, we TAKE IN #3 and PUT OUT #8 .. so thats a very 'secure' transaction. The #3 transactions is essentially not reversible, whereas the #8 transaction is a joke, we could reverse it anytime with a short argument on the phone.)
What a surprise! that banks will only accept money that is at the 1 to 4 end of the May Scale, and they are only really happy giving you money on the 6 to 10 end of the May Scale!

10
docs/program/crypto_currency.md
View File

@ -2,19 +2,21 @@
title: Crypto currency
...
This discussion is obsoleted and outdated by the latest advances in recursive snarks.
The objective is to implement the blockchain in a way that scales to one hundred thousand transactions per second, so that it can replace the dollar, while being less centralized than bitcoin currently is, though not as decentralized as purists would like, and preserving privacy better than bitcoin now does, though not as well as Monaro does. It is a bitcoin with minor fixes to privacy and centralization, major fixes to client host trust, and major fixes to scaling.
The problem of bitcoin clients getting scammed by bitcoin peers will be fixed through Merkle-patricia, which is a a well known and already widely deployed fix though people keep getting scammed due to lack of a planned bitcoin client-host architecture. Bitcoin was never designed to be client host, but it just tends to happen, usually in a way that quite unnecessarily violates privacy, client control, and client safety.
Monaros brilliant and ingenious cryptography makes scaling harder, and all mining based blockchains tend to the same centralization problem as afflicts bitcoin. Getting decisions quickly about a big pile of data necessarily involves a fair bit of centralization, but the Paxos proof of stake protocol means the center can move at the speed of light in fiber, and from time to time, will do so, sometimes to locations unknown and not easy to find. We cannot avoid having a center, but we can make the center ephemeral, and we can make it so that not everyone, or even all peers, know the network address of the processes holding the secrets that signed the most recent block.
Monaros brilliant and ingenious cryptography makes scaling harder, and all mining based blockchains tend to the same centralization problem as afflicts bitcoin. Getting decisions quickly about a big pile of data necessarily involves a fair bit of centralization, but the Paxos proof of share protocol means the center can move at the speed of light in fiber, and from time to time, will do so, sometimes to locations unknown and not easy to find. We cannot avoid having a center, but we can make the center ephemeral, and we can make it so that not everyone, or even all peers, know the network address of the processes holding the secrets that signed the most recent block.
Scaling accomplished by a client host hierarchy, where each host has many clients, and each host is a blockchain peer.
A hundred or so big peers, who do not trust each other, each manage a copy of the blockchain.
The latest block is signed by peers representing a majority of the stake, which is likely to be considerably less than a hundred or so peers.
The latest block is signed by peers representing a majority of the shares, which is likely to be considerably less than a hundred or so peers.
Peer stake is delegated from clients probably a small minority of big clients not all clients will delegate. Delegation makes privacy more complicated and leakier. Delegations will be infrequent you can delegate the stake held by an offline cold wallet, whose secret lives in pencil on paper in a cardboard file in a safe, but a peer to which the stake was delegated has to have its secret on line.
Peer share is delegated from clients probably a small minority of big clients not all clients will delegate. Delegation makes privacy more complicated and leakier. Delegations will be infrequent you can delegate the stake held by an offline cold wallet, whose secret lives in pencil on paper in a cardboard file in a safe, but a peer to which the stake was delegated has to have its secret on line.
Each peers copy of the blockchain is managed, within a rack on the premises of a peer, by a hundred or so shards. The shards trust each other, but that trust does not extend outside the rack, which is probably in a room with a lock on the door and a security camera watching the rack.
@ -46,7 +48,7 @@ those assets. Delegated power representing people, not so much.
In bitcoin, power is in the hands of a very small number of very large miners. This is a problem, both in concentration of power, which seems difficult to avoid if making decisions rapidly about very large amounts of data, and in that miner interests differ from stakeholder interests. Miners consume very large amounts of power, so have fixed locations vulnerable to state power. They have generally relocated to places outside the US hegemony, into the Chinese or Russian hegemonies, or the periphery of those hegemonies, but this is not a whole lot of security.
Proof of stake has the advantage that stake is ultimately knowledge of secret keys, and while the state could find the peers representing a majority of stake, they are more mobile than miners, and the state cannot easily find the clients that have delegated stake to one peer, and could easily delegate it to a different peer, the underlying secret likely being offline on pencil and paper in someones safe, and hard to figure out whose safe.
proof of share has the advantage that stake is ultimately knowledge of secret keys, and while the state could find the peers representing a majority of stake, they are more mobile than miners, and the state cannot easily find the clients that have delegated stake to one peer, and could easily delegate it to a different peer, the underlying secret likely being offline on pencil and paper in someones safe, and hard to figure out whose safe.
Obviously, at full scale we are always going to have immensely more clients than full peers, likely by a factor of hundreds of thousands, but we need to have enough peers, which means we need to reward peers for being peers, for providing the service of storing blockchain data, propagating transactions, verifying the blockchain, and making the data readily available, rather than for the current pointless bit crunching and waste of electricity employed by current mining.

33
docs/program/crypto_currency_as_a_wide_area_distributed.md Normal file
View File

@ -0,0 +1,33 @@
---
lang: en
title: Crypto Currency as a wide area distributed database
---
::: myabstract
[abstract:]{.bigbold}
In [Scalable and private blockchain](scalability.html){target="_blank"} I note that the proposed blockchain structure maps directly to sql, and is often easiest to design if one thinks about it as if an sql database. Eventually we want everything in the world that relates to property ownership, contracts, agreements, financial relationships, and ongoing disputes, that Ann chooses to make accessible to Bob, accessible through sql code running on Bob's computer, and included in the pre-image of the blockchain root hash, so that Ann can prove to Bob that she is showing the same thing to Bob as to everyone else, and is not re-inventing the past, it is the same thing, or validly derived from, what she always showed.
:::
Much of this material is shamelessly plaigarized without [attribution.](http://docplayer.net/14501083-Blockchain-throughput-and-big-data-trent-mcconaghy.html)
Bitcoin has dangerously few miners, subject to dangerously few political authorities, and miner interests are insufficiently aligned to currency user interests.
[sovereign corporation]:social_networking.html#many-sovereign-corporations-on-the-blockchain
{target="_blank"}
The solution is to create a crypto currency that relies on weight of share, rather than weight of processing power.  Such a currency is equivalent to a [sovereign corporation], or rather the easily traded shares of a [sovereign corporation].  And independently of whether we need yet another crypto currency, we need sovereign corporations.
The blockchain is a database, as are modern Big Data NoSQL and NewSQL databases. They re all distributed. Distributing a database by making a full copy on every node scales extremely poorly. Distributed DBs need a consensus algorithm
We need a sharded [crypto currency](./crypto_currency.html{target="_blank"}), that can scale to arbitrary sizes.
Nakamoto consensus is a database that sacrifices consistency for availability.  Suppose Sam the Scammer double spends the same money to Alice and Bob:
Immediately afterwards the database might tell you that Sam has not spent the money, or that he has spent it on Alice, or that he has spent it on Bob, or that he spent it on Alice, and then attempted to spend it on Bob, but the attempted spend on Bob was disallowed, or that he spent it on Bob, and the attempted spend on Alice was disallowed.
After an unpredictably long time, it will eventually reach a consensus in favour of Bob, or in favour of Alice, but the consensus is unpredictable, the time required to reach consensus could be quite long, and you can never be entirely sure that you are looking at the final consensus.
[Recursive snarks]:scalability.html
{target="_blank"}
[Recursive snarks] allow sharding within a group where the nodes do not trust each other

64
docs/program/crypto_currency_launch.html
View File

@ -1,64 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
max-width: 30em;
margin-left: 2em;
}
p.center {
text-align:center;
}
</style>
<link rel="shortcut icon" href="../rho.ico">
<title>Crypto Currency Launch</title>
</head>
<body>
<p><a href="./index.html"> To Home page</a> </p>
<h1>Crypto Currency Launch</h1><p>
The total value held in the form of gold is ten trillion. But gold has problems if you try to transport it through an airport, security will likely take it from you. Hard to travel with it hidden. </p><p>
Hard to transfer it from one person to another, or from one identity to another. Hard to do international transactions in gold, hard to pay for oil with gold, or be paid for oil with gold, because transporting large amounts of gold is slow and dangerous.</p><p>
So, something better than gold, more transportable, more hideable, people would probably keep more than ten trillion in that form.</p><p>
The current value of bitcoin is about three hundred billion. Arguably crypto currency, if it works, if safe against the state, should be rather more than ten trillion. Say thirty trillion. This provides an upside of another hundred fold increase in value. On the other hand, the bitcoin is traceable in ways that gold is not. People are waiting to see what happens when the government cracks down.</p><p>
A crypto currency needs to be totally traceable and totally untraceable. Ann wants to be able to prove to Carol that she paid Bob, and that therefore her debt to Bob is cleared, or Bob has an obligation the Ann. But Ann and Bob likely do not want a powerful hostile party to be able to discover that Ann made a payment to Bob. Existing crypto currencies suffer from total traceability.</p><p>
Money is a store of value, a medium of exchange, and a measure of value. Gold sucks as a medium of exchange, because of transportation risks and costs. Crypto currency is very good as a medium of exchange, better than anything else, because banks are so remarkably incompetent, inefficient, and lawless. </p><p>
As a measure of value, gold has immense and ancient history, which makes it the best for long term measure of value. If you graph the prices of something, such as oil, over decades and centuries, you get far saner and more plausible data when you graph in terms of gold than in dollars, or even supposedly inflation adjusted dollars. Gold is the best measure of value over time. Inflation adjusted dollars give results that smell of politics and propaganda. Bitcoin, because of volatility and extremely rapid deflation, is really bad as a measure of value, but time will slowly fix this.</p><p>
The current price of bitcoin reflects a substantial possibility that it replaces the dollar as the currency of international transactions, in which case the dollar finds itself on the bitcoin standard, like it or not.</p><p>
To attract a significant portion of the wealth of the world, we do not want to have any mining, since this basically a fee against large accounts. We want a per account fee, because every account results in accountancy costs, and a transaction fee, because every transaction results in transaction costs, but not a charge against holding enormous amounts of wealth in an account. Mining is a charge against the value of accounts, which is a bad idea if we want wealth holders to hold their wealth in our crypto currency.</p><p>
We want it to be impossible to find who holds a large account if he does not want to be found, so that he is safe from rubber hose cryptography. We want it to be easy for him to keep control, and hard for anyone else to get control. He should be able to take the wallet that controls the bulk of his money offline, so that it cannot sign anything, because he has the signing key on a scrap of paper hidden somewhere, or on several such scraps of paper.</p><p>
And then, bringing together the scraps of paper that are the secret number that controls his account paper, he can sit down at a computer anywhere in the world, and send that money hither and yon.</p><p>
Gold has problems as the medium of international exchange, because of the problems of moving it. So everyone left their gold in Fort Knox, and moved ownership of that gold around, but it gradually became more and more obvious that America has embezzled all that gold.</p><p>
Because of problems with gold, people wound up using the US$ as the medium of international exchange. Which works fine if the US Government likes you, but from time to time it decides it does not like someone, for reasons that grow increasingly capricious and unpredictable. </p><p>
Bitcoin is moveable. Big advantage over gold.</p><p>
Bitcoin is governed by consensus, which has serious problems because it is a consensus of miners, rather than a consensus of people who hold large amounts of bitcoin, but it has the advantage that the miners are rational, self interested, and competent, and are therefore predictable, while the US government is increasing crazy, self destructive, and criminal, and therefore unpredictable.</p><p>
The coin to invest in needs to be able to scale all the way to wiping out the US$ as a world currency. But it also needs to gain initial critical mass.</p><p>
How do we start up the coin?</p><p>
Bitcoin got started because everyone and his brother and his brothers dog could mine, thus getting the software and and a small amount of coin into the hands of a large number of interested people. But a coin that relies on weight of stake, rather than weight of processing power, does not have mining. Instead, the coin is effectively shares in the startup. Founders, investors, and initial employees get the coins. But for the coins to be useful, have to get them into the hands of a wider circle of people.</p><p>
At the core of a crypto coin is a mechanism for determining and globally witnessing a global truth. That is a service that needs to be available on a for profit basis</p>
<p style="background-color : #ccffcc; font-size:80%">This document is licensed under the <a rel="license" href="http://creativecommons.org/licenses/by-sa/3.0/">CreativeCommons Attribution-Share Alike 3.0 License</a></p>
</body>
</html>

42
docs/program/crypto_currency_launch.md Normal file
View File

@ -0,0 +1,42 @@
---
lang: en
title: Crypto Currency Launch
---
The total value held in the form of gold is ten trillion. But gold has problems if you try to transport it through an airport, security will likely take it from you. Hard to travel with it hidden.
Hard to transfer it from one person to another, or from one identity to another. Hard to do international transactions in gold, hard to pay for oil with gold, or be paid for oil with gold, because transporting large amounts of gold is slow and dangerous.
So, something better than gold, more transportable, more hideable, people would probably keep more than ten trillion in that form.
The current value of bitcoin is about three hundred billion. Arguably crypto currency, if it works, if safe against the state, should be rather more than ten trillion. Say thirty trillion. This provides an upside of another hundred fold increase in value. On the other hand, the bitcoin is traceable in ways that gold is not. People are waiting to see what happens when the government cracks down.
A crypto currency needs to be totally traceable and totally untraceable. Ann wants to be able to prove to Carol that she paid Bob, and that therefore her debt to Bob is cleared, or Bob has an obligation the Ann. But Ann and Bob likely do not want a powerful hostile party to be able to discover that Ann made a payment to Bob. Existing crypto currencies suffer from total traceability.
Money is a store of value, a medium of exchange, and a measure of value. Gold sucks as a medium of exchange, because of transportation risks and costs. Crypto currency is very good as a medium of exchange, better than anything else, because banks are so remarkably incompetent, inefficient, and lawless.
As a measure of value, gold has immense and ancient history, which makes it the best for long term measure of value. If you graph the prices of something, such as oil, over decades and centuries, you get far saner and more plausible data when you graph in terms of gold than in dollars, or even supposedly inflation adjusted dollars. Gold is the best measure of value over time. Inflation adjusted dollars give results that smell of politics and propaganda. Bitcoin, because of volatility and extremely rapid deflation, is really bad as a measure of value, but time will slowly fix this.
The current price of bitcoin reflects a substantial possibility that it replaces the dollar as the currency of international transactions, in which case the dollar finds itself on the bitcoin standard, like it or not.
To attract a significant portion of the wealth of the world, we do not want to have any mining, since this basically a fee against large accounts. We want a per account fee, because every account results in accountancy costs, and a transaction fee, because every transaction results in transaction costs, but not a charge against holding enormous amounts of wealth in an account. Mining is a charge against the value of accounts, which is a bad idea if we want wealth holders to hold their wealth in our crypto currency.
We want it to be impossible to find who holds a large account if he does not want to be found, so that he is safe from rubber hose cryptography. We want it to be easy for him to keep control, and hard for anyone else to get control. He should be able to take the wallet that controls the bulk of his money offline, so that it cannot sign anything, because he has the signing key on a scrap of paper hidden somewhere, or on several such scraps of paper.
And then, bringing together the scraps of paper that are the secret number that controls his account paper, he can sit down at a computer anywhere in the world, and send that money hither and yon.
Gold has problems as the medium of international exchange, because of the problems of moving it. So everyone left their gold in Fort Knox, and moved ownership of that gold around, but it gradually became more and more obvious that America has embezzled all that gold.
Because of problems with gold, people wound up using the US\$ as the medium of international exchange. Which works fine if the US Government likes you, but from time to time it decides it does not like someone, for reasons that grow increasingly capricious and unpredictable.
Bitcoin is moveable. Big advantage over gold.
Bitcoin is governed by consensus, which has serious problems because it is a consensus of miners, rather than a consensus of people who hold large amounts of bitcoin, but it has the advantage that the miners are rational, self interested, and competent, and are therefore predictable, while the US government is increasing crazy, self destructive, and criminal, and therefore unpredictable.
The coin to invest in needs to be able to scale all the way to wiping out the US\$ as a world currency. But it also needs to gain initial critical mass.
How do we start up the coin?
Bitcoin got started because everyone and his brother and his brothers dog could mine, thus getting the software and and a small amount of coin into the hands of a large number of interested people. But a coin that relies on weight of share, rather than weight of processing power, does not have mining. Instead, the coin is effectively shares in the startup. Founders, investors, and initial employees get the coins. But for the coins to be useful, have to get them into the hands of a wider circle of people.
At the core of a crypto coin is a mechanism for determining and globally witnessing a global truth. That is a service that needs to be available on a for profit basis.

66
docs/program/crypto_currency_new_index.html
View File

@ -1,66 +0,0 @@
<!DOCTYPE html>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
max-width: 30em;
margin-left: 2em;
}
p.center {text-align:center;}
</style>
<title>***************</title> </head><body>
<p><a href="./index.html"> To Home page</a> </p>
<h1>************</h1>
Bitcoin and everything blockchain is a centralized ledger. Worse than that its the One True Ledger. It isnt like gold. Gold one can have directly on ones person or indirectly in a vault somewhere.<p>
It is possible to have a crypto currency similar to bitcoin where though there is one global ledger recording what public keys own what, there is no way to tell which human actors know the private keys corresponding to those public keys. </p><p>
The downside of Chaumian e-cash is very simple. You need a single centralized trusted server holding a small number unshared secrets. At two in the morning Mueller kicks down your door and demands you alter the behavior of your server in ways that make it profoundly untrustworthy. While he is at, holds a gun to your head and takes the secrets, charges you with tax fraud, money laundering, etc, and puts you in solitary confinement pending trial so as to make it impossible to organize your defense. </p><p>
A crypto currency needs to be centerless it needs to able to survive the seizure of key servers by a hostile powerful party. </p><p>
Trouble with bitcoin is that it is not centerless proof of work winds up being centralized in a small number of extremely powerful and extremely expensive computers. </p><p>
Thus we need a system with proof of stake, and not only proof of stake, but proof of client stake the power over the system needs to reside with peers that have a lot of wealthy clients and it needs to be hard to find who the clients are, and where they are keeping their secrets, so that even if Mueller seizes important peers on charges of tax evasion and money laundering, does not thereby gain control. </p><p>
If the system handles an enormous number of transactions, peers are going to be big and expensive, thus vulnerable to people like Mueller armed with vague and open ended charges of tax evasion and money laundering. Hence the power of peer over the currency needs to be proportional to the wealth controlled by the secrets held by that peers clients. And that peers clients need to be free to move from one peer to the next, and apt to move to peers that make it difficult for Mueller to find their clients. </p><p>
Need a crypto currency where Bob can prove to the whole world that he paid Ann such and such amount, in accord with such and such a bill, but no one else can prove he paid Ann, nor that there ever was such a bill, except he shows them. Bitcoin is far too traceable. We need controlled traceability, where the parrticipants can prove a transaction to third parties and the world, but the world cannot. And Bob needs to be able to prove what the payment was about, that it was part of a conversation, a meeting of minds. </p><p>
The reason we have end user demand for crypto currency is the same as the reason we have end user demand for gold. </p><p>
When quasi governmental entities started freezing the accounts of "Nazis", "racists", "Russian trolls", and suchlike, a lot of "Nazis" and "Russian trolls" moved to crypto currency, shortly thereafter followed by a great many very wealthy men who were worried that when they needed their wealth in a hurry, they would suddenly become Nazis and Russian trolls also, and their wealth would suddenly become inaccessible or worthless. </p><p>
For a long time the big demand for crypto currency has been wealthy Chinese evading currency controls, but with the recent crackdown on hate speech, we are seeing massive American and European demand, which directly resulted in the recent spike in crypto currency values. </p><p>
Another substantial source of demand for crypto currency, which has been around since the beginning, is buying steroids and suchlike over the internet, but the really huge move in crypto currency demand came during the recent crackdown on political activists. </p><p>
Obviously political activists do not in themselves have enough wealth to cause such a huge move in market value, but when you go after political activists, you are going to make a whole lot of wealthy people reflect that they are none too popular either. If you are a rich man, makes sense to put a significant chunk of your wealth in crypto currency in case you suddenly become a refugee. For example, if, as is looking increasingly likely, there is a pogrom against whites in the USA, a whole lot of rich people will flee to Singapore, China, Russia, Hong Kong, the Philippines, and Dubai with nothing but the clothes they stand up in, and the master secret controlling their crypto currency in their heads. </p><p>
So that Bob can contract with Ann without the transaction becoming visible to the world, the crypto currency needs to embed an encrypted overlay network, a method for people to have forbidden conversations about forbidden things. Contracts imply conversations, and secret contracts imply secret conversations. Untraceable payments imply untraceable conversations. </p><p>
Full bore totalitarianism sufficient to shut down crypto currency is not far from full bore totalitarianism sufficient to shut down the internet. </p><p>
Full bore totalitarianism sufficient to shut down the internet is going to strangle your economy. If your enemies are markedly wealthier than you are, it is likely to be a problem. North Korea is poor in substantial part because it dares not allow something like the internet to exist. Any contact with the west is used by the state department as a vector for subversion and color revolution. </p><p>
North Korea wants to open up, and has repeatedly attempted to open up, but wants it to be safe for it to open up. If it does open up, expect a lot of North Koreans to buy crypto currency. </p><p>
To create an internet where I cannot send arbitrary packets to an arbitrary machine, you are going to have to license every hub that is allowed to accept packets. Expect some serious disputes as to who gets to do the licensing. </p><p>
Turning the whole world into one big North Korea is not going to be feasible, and attempting to do so is likely to result in a large part of the world glowing in the dark. </p><p>
However, turning the US into Venezuela is entirely feasible, might well happen. We have a potential Democratic Party president who proposes to do exactly that. </p><p>
Which is exactly why wealthy Americans are buying crypto currency, so that they can run to those parts of the world that do not turn into North Korea or Venezuela. </p><p>
The best example of repression which does not bother people too much is China, and the great firewall of China. And until recently, the major demand for crypto currency came from Chinese evading currency controls. </p><p>
So, to accomplish the goal of shutting down crypto currency requires world wide internet repression at levels considerably more repressive than China, which is likely to be disruptive and damaging within a single nation and a single economy, and apt to lead to conflicts if attempted globally. </p>
<p style="background-color : #ccffcc; font-size:80%">These documents are
licensed under the <a rel="license" href="http://creativecommons.org/licenses/by-sa/3.0/">Creative
Commons Attribution-Share Alike 3.0 License</a></p>
</body></html>

69
docs/program/crypto_currency_on_wide_area_distributed.html
View File

@ -1,69 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
max-width: 30em;
}
p.center {
text-align:center;
}
</style>
<link rel="shortcut icon" href="../rho.ico">
<title>Crypto Currency on wide area distributed database</title>
</head>
<body>
<p><a href="./index.html"> To Home page</a> </p>
<h1>Crypto Currency on wide area distributed database</h1><p>
Much of this material is shamelessly plaigarized without <a href="http://docplayer.net/14501083-Blockchain-throughput-and-big-data-trent-mcconaghy.html">attribution.</a></p><p>
Bitcoin has dangerously few miners, subject to dangerously few political authorities, and miner interests are insufficiently aligned to currency user interests.</p><p>
The solution is to create a crypto currency that relies on weight of stake, rather than weight of processing power.&nbsp; Such a currency is equivalent to a crypto corporation, or rather the easily traded shares of a crypto corporation.&nbsp; And independently of whether we need yet another crypto currency, we need crypto corporations.</p><p>
Hence my interest in threshold signatures that do not require a "trusted" dealer.</p><p>
Because of shareholder ignorance, and scaling law problems with enormous thresholds, I envisage that ordinary shareholders, or rather the laptops and cellphones of ordinary shareholders(wallets), would grant their voting rights to a rather small number of board members (massive server farms in the cloud).&nbsp; Every time you do a transaction through some web server, the recipient of the shares(currency) by default revocably grants his voting rights to whatever web server the recipient uses, thus reducing the scale problem to a moderate number of large entities with adequate connectivity and processing power.&nbsp; From time to time one board member (server farm) is elected CEO (leader for the Paxos protocol) If it goes down, loses connectivity, loses too many packets, or engages in Byzantine deviation from the Paxos protocol (possibly as a result of being raided by the cops for money laundering), they elect a new one after twenty seconds or so.&nbsp;</p><p>
“There is only one consensus protocol, and that is Paxos” -Mike Burrows, “all other approaches are just broken versions of Paxos.&nbsp;The Paxos protocol, conceived by Leslie Lamport, is famously subtle and a bit difficult to understand.”</p><p>
The Paxos protocol is not actually a solution to the consensus problem.&nbsp; Rather it is a tool, a necessary step in the larger solution to any one particular consensus problem, one step of a great many.</p><p>
The blockchain is a DB, as are modern Big Data NoSQL and NewSQL DBs.&nbsp;They re all distributed.&nbsp;Distributing a DB by making a full copy on every node scales extremely poorly.&nbsp;Distributed DBs need a consensus algorithm and the Bitcoin consensus algorithm is a horribly broken variant on Paxos.&nbsp;</p><p>
We need a sharded <a href="./crypto_currency.html">bitcoin</a>, that can scale to arbitary sizes.</p><p>
Bitcoin is a database that sacrifices consistency for availability.&nbsp; Suppose Sam the Scammer double spends the same money to Alice and Bob:</p><p>
Immediately afterwards the database might tell you that Sam has not spent the money, or that he has spent it on Alice, or that he has spent it on Bob, or that he spent it on Alice, and then attempted to spend it on Bob, but the attempted spend on Bob was disallowed, or that he spent it on Bob, and the attempted spend on Alice was disallowed.</p><p>
After an unpredictably long time, it will eventually reach a consensus in favor of Bob, or in favor of Alice, but the consensus is unpredictable, the time required to reach consensus could be quite long, and you can never be entirely sure that you are looking at the final consensus.</p>
<p>The Paxos protocol can potentially do better than this, in that it can definitively announce the final consensus, though there may be large delays in getting to it.</p>
<p>The solution is Paxos, sharding, and sidechains.&nbsp;Sidechaining is visible to the user and explicitly organized by the user with some formal and explicit organization with a website, while sharding happens automagically and invisibly.&nbsp; No one has figured out how to sharding automatically in the background without it being possible for some shards to cheat on others.</p>
<p>You can shard within a group where the nodes trust each other to fail only in a non byzantine manner, and we will need such sharding to handle arbitrarily large numbers of transactions.&nbsp; There is no obvious way of sharding without a shard being potentially capable of cheating either some people in the shard, or else other shards.</p><p>
This suggests a system where nodes belong to an indentifiable entity, and nodes belonging to the same entity trust each other to only fail in a non byzantine manner, while suspecting nodes belonging to a different entity of potentially byzantine failure.</p><p>
Google bigtable uses chubby, which uses Paxos.&nbsp; Bigtable does pretty much what a currency database would need to do.</p><p>
The variant of Paxos you need is Generalized Byzantine <a href="https://infogalactic.com/info/Paxos_(computer_science)#Multi-Paxos">Paxos</a> (nearly all operations commute) You probably also want semi stable leadership and a distinguished learner (normally the last guy to resolve a dispute resolves the new dispute.) </p><p>
Sharding is grouped by payments made, rather than payments received, since receiving a payment always commutes</p>
<p>To reduce coordination costs, we would like the global hash to be unchanged under commutative transactions.&nbsp; The global hash should reflect the presence, absence, or failure of transactions, not their precise order.</p>
<p>We need consensus on generating a bounce, which is a rare event.&nbsp; What about the problem of attributing a time bucket to a transaction.&nbsp; I guess we generate the checksums for a time bucket sometime after that bucket, and transactions that do not make it into the appropriate bucket get discarded by consensus with a recommendation to retry.</p>
<p>Each shard should be an accounting entity, tracking the total transferred between each shard which should follow from commutativity should be a detail of optimizing for commutativity.</p>
<p>See also <a href="http://www.cs.yale.edu/homes/aspnes/pinewiki/Paxos.html">failure detection</a> we would like to know what entities are currently responsive and who was leader and designated learner last time.</p>
<p style="background-color : #ccffcc; font-size:80%">This document is licensed under the <a rel="license" href="http://creativecommons.org/licenses/by-sa/3.0/">CreativeCommons Attribution-Share Alike 3.0 License</a></p>
</body>
</html>

0
docs/cyperhpunk_manifesto.md → docs/program/cypherpunk_manifesto.md
View File

0
docs/eric.jpg → docs/program/eric.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 184 KiB

After

Width:  |  Height:  |  Size: 184 KiB

55
docs/program/motivation.md Normal file
View File

@ -0,0 +1,55 @@
---
lang: en
title: Why we need a better crypto currency
---
::: myabstract
[abstract:]{.bigbold}
Why we need to build internet protocols that rest on
the consensus of the blockchain, rather than the authority
of giant organizations
:::
To secure the a crypto currency against hostile forces, we need to secure people's ability to hold conversations, including conversations about payment, contracts, and money, against hostile forces, so we need to replace the domain name system and tcp-ip, and build an overlay network inside and on top of that capable of hiding ip addresses from the parties to the conversation. (Though such a conversation will necessarily be slow and inefficient, so not used routinely.)
Bitcoin and everything blockchain is a centralized ledger. Worse than that its the One True Ledger. It isnt like gold. Gold one can have directly on ones person or indirectly in a vault somewhere.
It is possible to have a crypto currency similar to bitcoin where though there is one global ledger recording what public keys own what, there is no way to tell which human actors know the private keys corresponding to those public keys.
A crypto currency needs to be centerless it needs to able to survive the seizure of key servers by a hostile powerful party. Trouble with bitcoin is that it is not centerless proof of work winds up being centralized in a small number of extremely powerful and extremely expensive computers.
Thus we need a system with proof of share, and not only proof of share, but proof of client stake the power over the system needs to reside with peers that have a lot of wealthy clients and it needs to be hard to find who the clients are, and where they are keeping their secrets, so that even if someone seizes important peers on charges of tax evasion and money laundering, does not thereby gain control.
If the system handles an enormous number of transactions, peers are going to be big and expensive, thus vulnerable to people armed with vague and open ended charges of tax evasion and money laundering. Hence the power of peer over the currency needs to be proportional to the wealth controlled by the secrets held by that peers clients. And that peers clients need to be free to move from one peer to the next, and apt to move to peers that make it difficult for Mueller to find their clients.
Need a crypto currency where Bob can prove to the whole world that he paid Ann such and such amount, in accord with such and such a bill, but no one else can prove he paid Ann, nor that there ever was such a bill, except he or Ann shows them. Bitcoin is far too traceable. We need controlled traceability, where the participants can prove a transaction to third parties and the world, but the world cannot. And Bob needs to be able to prove what the payment was about, that it was part of a conversation, a meeting of minds.
The reason we have end user demand for crypto currency is the same as the reason we have end user demand for gold.
When quasi governmental entities started freezing the accounts of "Nazis", "racists", "Russian trolls", and suchlike, a lot of "Nazis" and "Russian trolls" moved to crypto currency, shortly thereafter followed by a great many very wealthy men who were worried that when they needed their wealth in a hurry, they would suddenly become Nazis and Russian trolls also, and their wealth would suddenly become inaccessible or worthless.
For a long time the big demand for crypto currency has been wealthy Chinese evading currency controls, but with the recent crackdown on hate speech, we are seeing massive American and European demand, which directly resulted in the recent spike in crypto currency values.
Another substantial source of demand for crypto currency, which has been around since the beginning, is buying steroids and suchlike over the internet, but the really huge move in crypto currency demand came during the recent crackdown on political activists.
Obviously political activists do not in themselves have enough wealth to cause such a huge move in market value, but when you go after political activists, you are going to make a whole lot of wealthy people reflect that they are none too popular either. If you are a rich man, makes sense to put a significant chunk of your wealth in crypto currency in case you suddenly become a refugee. For example, if, as is looking increasingly likely, there is a pogrom against whites in the USA, a whole lot of rich people will flee to Singapore, China, Russia, Hong Kong, the Philippines, and Dubai with nothing but the clothes they stand up in, and the master secret controlling their crypto currency in their heads.
So that Bob can contract with Ann without the transaction becoming visible to the world, the crypto currency needs to be built inside and on top of an encrypted overlay network, a method for people to have forbidden conversations about forbidden things. Contracts imply conversations, and secret contracts imply secret conversations. Untraceable payments imply untraceable conversations.
Full bore totalitarianism sufficient to shut down crypto currency is not far from full bore totalitarianism sufficient to shut down the internet.
Full bore totalitarianism sufficient to shut down the internet is going to strangle your economy. If your enemies are markedly wealthier than you are, it is likely to be a problem. North Korea is poor in substantial part because it dares not allow something like the internet to exist. Any contact with the west is used by the state department as a vector for subversion and color revolution.
North Korea wants to open up, and has repeatedly attempted to open up, but wants it to be safe for it to open up. If it does open up, expect a lot of North Koreans to buy crypto currency.
To create an internet where I cannot send arbitrary packets to an arbitrary machine, you are going to have to license every hub that is allowed to accept packets. Expect some serious disputes as to who gets to do the licensing.
Turning the whole world into one big North Korea is not going to be feasible, and attempting to do so is likely to result in a large part of the world glowing in the dark.
However, turning the US into Venezuela is entirely feasible, might well happen. We have a potential Democratic Party president who proposes to do exactly that.
Which is exactly why wealthy Americans are buying crypto currency, so that they can run to those parts of the world that do not turn into North Korea or Venezuela.
The best example of repression which does not bother people too much is China, and the great firewall of China. And until recently, the major demand for crypto currency came from Chinese evading currency controls.
So, to accomplish the goal of shutting down crypto currency requires world wide internet repression at levels considerably more repressive than China, which is likely to be disruptive and damaging within a single nation and a single economy, and apt to lead to conflicts if attempted globally.

11
docs/program/scalability.md
View File

@ -7,16 +7,7 @@ notmine: false
::: myabstract
[abstract:]{.bigbold}
Bitcoin does not scale to the required size. The Bitcoin reliable broadcast
channel is a massively replicated public ledger of every transaction
that ever there was, each of which has to be evaluated for correctness
by every full peer. With recursive snarks, we can now instead have a
massively replicated public sql index of private ledgers.
Such a blockchain with as many transactions as bitcoin, will,
after running for as long as Bitcoin, only occupy a few dozen megabytes
of disk storage, rather than near a terabyte, and each peer and client wallet only has to
evaluate the root recursive snark to prove the validity of every transaction
that ever there was, including all those lost in the mists of time.
Bitcoin does not scale to the required size. The Bitcoin reliable broadcast channel is a massively replicated public ledger of every transaction that ever there was, each of which has to be evaluated for correctness by every full peer. With recursive snarks, we can now instead have a massively replicated public sql index of private ledgers. Such a blockchain with as many transactions as bitcoin, will, after running for as long as Bitcoin, only occupy a few dozen megabytes of disk storage, rather than near a terabyte, and each peer and client wallet only has to evaluate the root recursive snark to prove the validity of every transaction that ever there was, including all those lost in the mists of time.
:::
# Scaling, privacy, and recursive snarks

8
docs/program/social_networking.md
View File

@ -996,7 +996,7 @@ focus on creating value and making profit.
[sox]:sox_accounting.html
"Sarbanes-Oxley accounting"
A proof of stake currency works like a startup company used to work
A proof of share currency works like a startup company used to work
before [SOX] -- the founders get shares, then they sell or issue shares to
angel investors, and then with the angel investors money they pay early
developers with both shares and fiat.
@ -1129,7 +1129,7 @@ liquidity event will be considerably more persuasive if the system actually
is useful as a censorship resistant social media platform at the time of the
liquidity event.
A proof of stake blockdag is a [sovereign] corporation, but in order to
A proof of share blockdag is a [sovereign] corporation, but in order to
actually function as a corporation it needs a human chief executive,
corporate funds that the the chief executive can dispense, a human board
of directors to keep an eye on what the chief executive is doing with those
@ -1138,7 +1138,7 @@ executive, and the shareholders keep an eye on the board.
So, after the first liquidity event (cross blockchain trades on the blockdag)
we implement the standard corporate infrastructure, accounting, board of
directors, CEO, over proof of stake instead of under a quasi governmental
directors, CEO, over proof of share instead of under a quasi governmental
stock exchange, [triple entry accounting] with immutable journal entries
instead of [sox] accounting, for the final liquidity event, the
final liquidity event being the first [sovereign] corporation on this
@ -1252,7 +1252,7 @@ of truckers who each owned their own truck. The coup was in large
## source of corporateness
State incorporated corporations derive their corporateness from the
authority of the sovereign, but a proof of stake currency derives its
authority of the sovereign, but a proof of share currency derives its
corporateness from the cryptographically discovered consensus that gives
each stakeholder incentive to go along with the cryptographically
discovered consensus because everyone else is going with the consensus,

10
docs/program/white_paper.md
View File

@ -241,11 +241,11 @@ the blockchain) far less traceable, because lightning transactions happen
off chain and inherently mingle coins, thus making crypto coins fully
fungible, thus increasing their desirability as a direct substitute for cash.
# proof of stake, Byzantine fault, and statehood
# proof of share, Byzantine fault, and statehood
A proof of stake currency is a corporation. Its currency is shares in that
A proof of share currency is a corporation. Its currency is shares in that
corporation. Corporations derive their corporateness from the authority
of the sovereign, but a proof of stake currency derives its corporateness from
of the sovereign, but a proof of share currency derives its corporateness from
each stakeholder (shareholder) playing by the rules because all the other
stakeholders play by those rules.
@ -312,7 +312,7 @@ mathematical facts about the nature of collective action.
[that sovereign corporation]:social_networking.html#many-sovereign-corporations-on-the-blockchain
A successful proof of stake currency would be a non state corporation,
A successful proof of share currency would be a non state corporation,
[a sovereign corporation]. What is a sovereign corporation but a state? The
power of the US is in substantial part that it is a world currency, albeit a
major reason why it is a world currency is airsea war superiority, and as its
@ -328,7 +328,7 @@ the CIA.) USG establishes the worlds narratives which control what
everyone cool across the world believes that gay marriage is justice, for
example, or that “trans” people are a real thing and not just crazy and/or
sexually deviant, or that global warming is real, human-caused, and
disastrous, or that black lives matter. A proof of stake currency is not very
disastrous, or that black lives matter. A proof of share currency is not very
functional, unless, like the Jitsi blockchain, it provides a namespace and
service, because you need to interact with peers that have authority over
the consensus the shareholders, or their computers, need to interact with

14
docs/program/white_paper_YarvinAppendix.md
View File

@ -2,6 +2,18 @@
title: >-
Bitzion: how Bitcoin becomes a state
...
This a publication by Moldbug. Full of good ideas, but it is a digression from
my focus, and like all Moldbug, unduly verbose. Core idea. Hodlers, not miners,
should have the power, and hodlers need a human board that represents them.
But representing this as forming a state is going get us killed. Safer to represent it
as forming a sovereign corporation.
#Moldbug
It probably wont happen. It probably should.
Statelike nonstates fascinate all political engineers. Can a nonstate
@ -348,7 +360,7 @@ are shamelessly looted like Houston lifting the Nazi space program, many
have also innovated in governance. Scholarship asks us to start by
noticing their work; and we will start by following it.
While proof of work is one thing, proof of stake is a huge family of
While proof of work is one thing, proof of share is a huge family of
things. This family is united by one general principle. The general
principle of proof-of-stake is that the ledger belongs to its
owners—who must therefore be charged with governing it.

18
docs/proof_of_stake.md
View File

@ -1,13 +1,13 @@
---
title:
Proof of Stake
proof of share
...
::: {style="background-color : #ffdddd; font-size:120%"}
![run!](tealdeer.gif)[TL;DR Map a blockdag algorithm equivalent to the
Generalized MultiPaxos Byzantine
protocol to the corporate form:]{style="font-size:150%"}
The proof of stake crypto currency will work like
The proof of share crypto currency will work like
shares. Crypto wallets, or the humans controlling the wallets,
correspond to shareholders.
Peer computers in good standing on the blockchain, or the humans
@ -15,7 +15,7 @@ controlling them, correspond to company directors.
CEO.
:::
We need proof of stake because our state regulated system of notaries,
We need proof of share because our state regulated system of notaries,
bankers, accountants, and lawyers has gone off the rails, and because
proof of work means that a tiny handful of people who are [burning a
whole lot of computer power]
@ -57,7 +57,7 @@ Because current blockchains are proof of work, rather than proof of
stake, they give coin holders no power. Thus an initial coin offering
(ICO) is not a promise of general authority over the assets of the
proposed company, but a promise of future goods or services that will be
provided by the company. A proof of stake ICO could function as a more
provided by the company. A proof of share ICO could function as a more
direct substitute for an initial public offering (IPO).  Thus we want it
to be easy to issue your own coins, and [to perform coin swaps between
chains without the need for an exchange] that would provide a potential
@ -376,7 +376,7 @@ actually does set the total order i decided retrospectively, equivalent to
continuous retrospective leader election in the classic Byzantine fault
resistant algorithms.
Proof of stake works like the corporate form, or can work like the
proof of share works like the corporate form, or can work like the
corporate form, with the crypto currency as shares, the wallets, or the
humans controlling the wallets, as shareholders, the peers in good
standing, or the humans controlling the peers in good standing as the
@ -384,7 +384,7 @@ board, and the primus inter pares, or the human controlling the primus
inter pares, as the CEO.
Thus the crypto currency works, or can work, like shares in a
corporation.  Proof of stake means that the shareholders can less easily
corporation.  proof of share means that the shareholders can less easily
be screwed over, since the shareholders elect the board from time to
time, and the board elects the CEO from time to time to time.
@ -396,7 +396,7 @@ privilege of being the source of root names, and its shares are the most
liquid, the most readily exchangeable, and this is the primary thing
that makes it “main”.
# Implementation of proof of stake
# Implementation of proof of share
Good blockdag protocols with high consensus bandwidth rely on forming
a consensus about the total past of the blockchain during the gossip
@ -451,7 +451,7 @@ than a dozen, less than a thousand, and an enormous number of client wallets,
billions of client wallets.  And we need to give client wallets power and
prevent the peers from having too much power.
Power to the wallets means our system has to run on proof of stake, rather
Power to the wallets means our system has to run on proof of share, rather
than proof of work. But since a wallet is not always on the internet, cannot
routinely exercise power moment to moment. So, we need a system where unspent
transaction outputs are hosted by particular blockchain peers, or large
@ -559,7 +559,7 @@ Byzantine failure, if intentional and malicious, is lying, either explicitly - g
In a blockdag, this always going to become visible eventually, but the problem is, it may become visible too late.
Mechanisms to protect against Byzantine failure look superficially like
proof of stake shareholder democracy but they are subtly different. They
proof of share shareholder democracy but they are subtly different. They
protect against the ten percent attack, but assume that any one outcome
selected by any one correctly functioning peer is equally acceptable, that
the problem is selecting one of many equally possible and equally

2
docs/scale_clients_trust.md
View File

@ -143,7 +143,7 @@ None of these are yet implemented, and we will not get around to
implementing them until we start to take over the world. But it is
necessary that what we do implement be upwards compatible with this scaling design:
## proof of stake
## proof of share
Make the stake of a peer the value of coins (unspent transaction outputs)
that were injected into the blockchain through that peer. This ensures that