š
Original date posted:2019-11-26
š Original message:
Good morning Orfeas,
> Hi ZmnSCPxj,
>
> > > > requiring a fee is equivalent to requiring proof-of-work, incentive-wise.
> > >
> > > Not necessarily, given that
> > >
> > > 1. there is a finite bitcoin supply but an eventually infinite PoW
> > > supply (relevant in the unlikely case fees are burned)
> > >
> > > 2. sats are transferrable, whereas PoW isn't (relevant in the case fees
> > > are paid)
> > >
> >
> > Not actually.
> > Again, let me point out that PoW can be bought, that is precisely what Bitcoin blockchain layer does.
> > And the blockchain layer PoW is bought with two things: fees and subsidies (inflation).
> > Thus PoW, being purchaseable, is incentive-wise equivalent to paying somebody to spend electricity (possibly with efficiencies at scale).
> > Just cut the middleman.
>
> I wasn't clear enough, sorry for that. I agree that in general PoW can
> be bought. However if I understand this particular PoW proposal
> correctly, a brand-new PoW has to be created for each intermediary.
> These PoWs cannot be reused by the intermediary for later payments (or
> for anything else).
>
> I will now show that there exist spam-prevention schemes that differ
> only on whether the payer gives sats or PoWs to intermediaries, such
> that economically rational agents are incentivized to cheat in the case
> of sats but not so in the case of PoWs. This proves that fees are not
> equivalent to PoWs incentive-wise.
>
> In our model, an intermediary can follow one of three possible
> strategies (we make the assumption that other strategies are strictly
> dominated by one of the three). Each strategy results in different
> resource utilization and proceeds from fees.
> (A) do nothing. This results in resources_A = 0 and sats_A = 0
> (B) play honestly. resources_B < 0 (negative because they constitute
> an operating cost) and sats_B = anti_spam_fee + routing_fee
> (C) mount a plausibly deniable attack. Here resources_C < 0 and sats_C
> = anti_spam_fee.
> We assume that resources_C > resources_B + routing_fee (1).
>
> In case intermediaries receive PoWs as an anti-spam measure, it is
> anti_spam_fee = 0 which means that resources_C + sats_C < 0 =
> resources_A + sats_A, therefore strategy C is strictly dominated by A.
> (The fact that A also strictly dominates B is an interesting
> observation, but beside the point for the argument made.)
>
> OTOH, in the case of anti-spam sats, it is anti_spam_fee > 0. Therefore
> we have resources_C + sats_C > resources_B + sats_B (using (1)) and for
> a big enough anti_spam_fee, it is resources_C + sats_C > 0, therefore
>
> strategy C strictly dominates both A and B.
>
> In other words, by just changing whether we use anti-spam PoWs or fees,
> we change the economically rational behavior.
>
> I apologize for the previous ambiguity and I hope this has made my
> argument clearer.
This can be made "the same" by any of the following methods:
* Burning the up-front fees.
* Locking the up-front fees for a time, then reverting them to the original sender.
Fees and PoW are equivalent.
The artificial difference here is that in the PoW case, the PoW cannot be reused by the intermediate node.
Then we only need to make the up front fees also not reusable by the intermediate node, which can be done by either of the above.
I believe the latter would be more palatable: you pay fees, part of which is just there to prove you are not spamming the network, and which will be returned to you after a few days.
Or just provably burn the funds by sending it to a P2WSH containing `OP_RETURN "ZmnSCPxj is not an AI"`.
This lets us get around having to *design* a PoW, which devs have to change every few months to get around the inevitable ASIC targeting the algorithm, and just lets us reuse existing mechanisms (i.e. Bitcoin).
The same thing is used in spam prevention in defiads, for example -- the money backing an advertisement is locked, and this justifies the propagation of the advertisement as long as the money remains locked in the UTXO.
Regards,
ZmnSCPxj
ZmnSCPxj [ARCHIVE] /
npub1g5ā¦3ms3l
2023-06-09 12:57:09
in reply to nevent1qā¦2yw5
Author Public Key
npub1g5zswf6y48f7fy90jf3tlcuwdmjn8znhzaa4vkmtxaeskca8hpss23ms3lPublished at
2023-06-09 12:57:09Event JSON
{
"id": "c99d9ea273e7f496448142dc060dc50f911f83244398befdbccaf3811acee1e2",
"pubkey": "4505072744a9d3e490af9262bfe38e6ee5338a77177b565b6b37730b63a7b861",
"created_at": 1686315429,
"kind": 1,
"tags": [
[
"e",
"0c91e21e034533f122e94b0fd3031654ae905512e27a1262e64ae8c7923a76b8",
"",
"root"
],
[
"e",
"79fb7037765b61b9442443000452fbaac88042b6b76d272869ec8e89290f0d76",
"",
"reply"
],
[
"p",
"b9585ab0577711a034c2fb4843b128ab086ba56e05fbfce28c93867ba4cf4cc5"
]
],
"content": "š
Original date posted:2019-11-26\nš Original message:\nGood morning Orfeas,\n\n\u003e Hi ZmnSCPxj,\n\u003e\n\u003e \u003e \u003e \u003e requiring a fee is equivalent to requiring proof-of-work, incentive-wise.\n\u003e \u003e \u003e\n\u003e \u003e \u003e Not necessarily, given that\n\u003e \u003e \u003e\n\u003e \u003e \u003e 1. there is a finite bitcoin supply but an eventually infinite PoW\n\u003e \u003e \u003e supply (relevant in the unlikely case fees are burned)\n\u003e \u003e \u003e\n\u003e \u003e \u003e 2. sats are transferrable, whereas PoW isn't (relevant in the case fees\n\u003e \u003e \u003e are paid)\n\u003e \u003e \u003e\n\u003e \u003e\n\u003e \u003e Not actually.\n\u003e \u003e Again, let me point out that PoW can be bought, that is precisely what Bitcoin blockchain layer does.\n\u003e \u003e And the blockchain layer PoW is bought with two things: fees and subsidies (inflation).\n\u003e \u003e Thus PoW, being purchaseable, is incentive-wise equivalent to paying somebody to spend electricity (possibly with efficiencies at scale).\n\u003e \u003e Just cut the middleman.\n\u003e\n\u003e I wasn't clear enough, sorry for that. I agree that in general PoW can\n\u003e be bought. However if I understand this particular PoW proposal\n\u003e correctly, a brand-new PoW has to be created for each intermediary.\n\u003e These PoWs cannot be reused by the intermediary for later payments (or\n\u003e for anything else).\n\u003e\n\u003e I will now show that there exist spam-prevention schemes that differ\n\u003e only on whether the payer gives sats or PoWs to intermediaries, such\n\u003e that economically rational agents are incentivized to cheat in the case\n\u003e of sats but not so in the case of PoWs. This proves that fees are not\n\u003e equivalent to PoWs incentive-wise.\n\u003e\n\u003e In our model, an intermediary can follow one of three possible\n\u003e strategies (we make the assumption that other strategies are strictly\n\u003e dominated by one of the three). Each strategy results in different\n\u003e resource utilization and proceeds from fees.\n\u003e (A) do nothing. This results in resources_A = 0 and sats_A = 0\n\u003e (B) play honestly. resources_B \u003c 0 (negative because they constitute\n\u003e an operating cost) and sats_B = anti_spam_fee + routing_fee\n\u003e (C) mount a plausibly deniable attack. Here resources_C \u003c 0 and sats_C\n\u003e = anti_spam_fee.\n\u003e We assume that resources_C \u003e resources_B + routing_fee (1).\n\u003e\n\u003e In case intermediaries receive PoWs as an anti-spam measure, it is\n\u003e anti_spam_fee = 0 which means that resources_C + sats_C \u003c 0 =\n\u003e resources_A + sats_A, therefore strategy C is strictly dominated by A.\n\u003e (The fact that A also strictly dominates B is an interesting\n\u003e observation, but beside the point for the argument made.)\n\u003e\n\u003e OTOH, in the case of anti-spam sats, it is anti_spam_fee \u003e 0. Therefore\n\u003e we have resources_C + sats_C \u003e resources_B + sats_B (using (1)) and for\n\u003e a big enough anti_spam_fee, it is resources_C + sats_C \u003e 0, therefore\n\u003e\n\u003e strategy C strictly dominates both A and B.\n\u003e\n\u003e In other words, by just changing whether we use anti-spam PoWs or fees,\n\u003e we change the economically rational behavior.\n\u003e\n\u003e I apologize for the previous ambiguity and I hope this has made my\n\u003e argument clearer.\n\nThis can be made \"the same\" by any of the following methods:\n\n* Burning the up-front fees.\n* Locking the up-front fees for a time, then reverting them to the original sender.\n\nFees and PoW are equivalent.\nThe artificial difference here is that in the PoW case, the PoW cannot be reused by the intermediate node.\nThen we only need to make the up front fees also not reusable by the intermediate node, which can be done by either of the above.\nI believe the latter would be more palatable: you pay fees, part of which is just there to prove you are not spamming the network, and which will be returned to you after a few days.\nOr just provably burn the funds by sending it to a P2WSH containing `OP_RETURN \"ZmnSCPxj is not an AI\"`.\n\nThis lets us get around having to *design* a PoW, which devs have to change every few months to get around the inevitable ASIC targeting the algorithm, and just lets us reuse existing mechanisms (i.e. Bitcoin).\nThe same thing is used in spam prevention in defiads, for example -- the money backing an advertisement is locked, and this justifies the propagation of the advertisement as long as the money remains locked in the UTXO.\n\nRegards,\nZmnSCPxj",
"sig": "9ffd5c7eed6a4adfe29ba049467bd834f9182be08b8954b4ed3a9d16289535cae4050ea1312ce7fb9367fbd80c45dae5be7cf5ae24ac07af5e52f13cbfa3228c"
}