📅 Original date posted:2017-04-01
📝 Original message:> So your cluster isn't going to need to plan to handle 15k transactions per second, you're really looking at more like 200k or even 500k transactions per second to handle peak-volumes. And if it can't, you're still going to see full blocks.
When I first began to enter the blocksize debate slime-trap that we
have all found ourselves in, I had the same line of reasoning that you
have now. It is clearly untenable that blockchains are an incredibly
inefficient and poorly designed system for massive scales of
transactions, as I'm sure you would agree. Therefore, I felt it was
an important point for people to accept this reality now and stop
trying to use Blockchains for things they weren't good for, as much
for their own good as anyone elses. I backed this by calculating some
miner fee requirements as well as the very issue you raised. A few
people argued with me rationally, and gradually I was forced to look
at a different question: Granted that we cannot fit all desired
transactions on a blockchain, how many CAN we effectively fit?
It took another month before I actually changed my mind. What changed
it was when I tried to make estimations, assuming all the reasonable
trends I could find held, about future transaction fees and future
node costs. Did they need to go up exponentially? How fast, what
would we be dealing with in the future? After seeing the huge
divergence in node operational costs without size increases($3 vs
$3000 after some number of years stands out in my memory), I tried to
adjust various things, until I started comparing the costs in BTC
terms. I eventually realized that comparing node operational costs in
BTC per unit time versus transaction costs in dollars revealed that
node operational costs per unit time could decrease without causing
transaction fees to rise. The transaction fees still had to hit $1 or
$2, sometimes $4, to remain a viable protection, but otherwise they
could become stable around those points and node operational costs per
unit time still decreased.
None of that may mean anything to you, so you may ignore it all if you
like, but my point in all of that is that I once used similar logic,
but any disagreements we may have does not mean I magically think as
you implied above. Some people think blockchains should fit any
transaction of any size, and I'm sure you and I would both agree
that's ridiculous. Blocks will nearly always be full in the future.
There is no need to attempt to handle unusual volume increases - The
fee markets will balance it and the use-cases that can barely afford
to fit on-chain will simply have to wait for awhile. The question is
not "can we handle all traffic," it is "how many use-cases can we
enable without sacrificing our most essential features?" (And for
that matter, what is each essential feature, and what is it worth?)
There are many distinct cut-off points that we could consider. On the
extreme end, Raspberry Pi's and toasters are out. Data-bound mobile
phones are out for at least the next few years if ever. Currently the
concern is around home user bandwidth limits. The next limit after
that may either be the CPU, memory, or bandwidth of a single top-end
PC. The limit after that may be the highest dataspeeds that large,
remote Bitcoin mining facilities are able to afford, but after fees
rise and a few years, they may remove that limit for us. Then the
next limit might be on the maximum amount of memory available within a
single datacenter server.
At each limit we consider, we have a choice of killing off a number of
on-chain usecases versus the cost of losing the nodes who can't reach
the next limit effectively. I have my inclinations about where the
limits would be best set, but the reality is I don't know the numbers
on the vulnerability and security risks associated with various node
distributions. I'd really like to, because if I did I could begin
evaluating the costs on each side.
> How much RAM do you need to process blocks like that?
That's a good question, and one I don't have a good handle on. How
does Bitcoin's current memory usage scale? It can't be based on the
UTXO, which is 1.7 GB while my node is only using ~450mb of ram. How
does ram consumption increase with a large block versus small ones?
Are there trade-offs that can be made to write to disk if ram usage
grew too large?
If that proved to be a prohibitively large growth number, that becomes
a worthwhile number to consider for scaling. Of note, you can
currently buy EC2 instances with 256gb of ram easily, and in 14 years
that will be even higher.
> So you have to rework the code to operate on a computer cluster.
I believe this is exactly the kind of discussion we should be having
14 years before it might be needed. Also, this wouldn't be unique -
Some software I have used in the past (graphite metric collection)
came pre-packaged with the ability to scale out to multiple machines
split loads and replicate the data, and so could future node software.
> Further, are storage costs consistent when we're talking about setting up clusters? Are bandwidth costs consistent when we're talking about setting up clusters? Are RAM and CPU costs consistent when we're talking about setting up clusters? No, they aren't.
Bandwidth costs are, as intra-datacenter bandwidth is generally free.
The other ones warrant evaluation for the distant future. I would
expect that CPU resources is the first thing we would have to change -
13 thousand transactions per second is an awful lot to process. I'm
not intimately familiar with the processing - Isn't it largely
signature verification of the transaction itself, plus a minority of
time spent checking and updating utxo values, and finally a small
number of hashes to check block validity? If signature verification
was controlling, a specialized asic chip(on a plug-in card) might be
able to verify signatures hundreds of times faster, and it could even
be on a cheap 130nm chipset like the first asic miners rushed to
market. Point being, there are options and it may warrant looking
into after the risk to node reductions.
> You'd need a handful of experts just to maintain such a thing.
I don't think this is as big a deal as it first might seem. The
software would already come written to be spanned onto multiple
machines - it just needs to be configured. For the specific question
at hand, the exchange would already have IT staff and datacenter
capacity/operations for their other operations. In the more general
case, the numbers involved don't work out to extreme concerns at that
level. The highest cpu usage I've observed on my nodes is less than
5%, less than 1% for the time I just checked, handling ~3 tx/s. So
being conservative, if it hits 100% on one core at 60-120 tx/s, that
works out to ~25-50 8-core machines. But again, that's a 2-year old
laptop CPU and we're talking about 14 years into the future. Even if
it was 25 machines, that's the kind of operation a one or two man IT
team just runs on the side with their extra duties. It isn't enough
to hire a fulltime tech for.
> Disks are going to be failing every day when you are storing multiple PB, so you can't just count a flat cost of $20/TB and expect that to work.
I mean, that's literally what Amazon does for you with S3, which was
even cheaper than the EBS datastore pricing I was looking at. So....
Even disregarding that, raid operation was a solved thing more than 10
years ago, and hard drives 14 years out would be roughly ~110 TB for a
$240 hard drive at a 14%/year growth rate. In 2034 the blockchain
would fit on 10 of those. Not exactly a "failing every day" kind of
problem. By 2040, you'd need *gasp* 22 $240 hard drives. I mean, it
is a lot, but not a lot like you're implying.
> And you need a way to rebuild everything without taking the system offline.
That depends heavily upon the tradeoffs the businesses can make. I
don't think node operation at an exchange is a five-nines uptime
operation. They could probably tolerate 3 nines. The worst that
happens is occasionally people's withdrawals and deposit are delayed
slightly. It won't shut down trading.
> I'm sure there are a dozen other significant issues that one of the Visa architects could tell you about when dealing with mission-critical data at this scale.
Visa stores the only copy. They can't afford to lose the data.
Bitcoin isn't like that, as others pointed out. And for most
businesses, if their node must be rebooted periodically, it isn't a
huge deal.
> Once we grow the blocksize large enough that a single computer can't do all the processing all by itself we get into a world of much harder, much more expensive scaling problems.
Ok, when is that point, and what is the tradeoff in terms of nodes?
Just because something is hard doesn't mean it isn't worth doing.
That's just a defeatist attitude. How big can we get, for what
tradeoffs, and what do we need to do to get there?
> You have to check each transaction against each other transaction to make sure that they aren't double spending eachother.
This is really not that hard. Have a central database, update/check
the utxo values in block-store increments. If a utxo has already been
used this increment, the block is invalid. If the database somehow
got too big(not going to happen at these scales, but if it did), it
can be sharded trivially on the transaction information. These are
solved problems, the free database software that's available is pretty
powerful.
> You have to be a lot more clever than that to get things working and consistent.
NO, NOT CLEVER. WE CAN'T DO THAT.
Sorry, I had to. :)
> None of them have cost structures in the 6 digit range, and I'd bet (without actually knowing) that none of them have cost structures in the 7 digit range either.
I know of and have experience working with systems that handled
several orders of magnitude more data than this. None of the issues
brought up above are problems that someone hasn't solved. Transaction
commitments to databases? Data consistency across multiple workers?
Data storage measured in exabytes? Data storage and updates
approaching hundreds of millions of datapoints per second? These
things are done every single day at numerous companies.
On Fri, Mar 31, 2017 at 11:23 AM, David Vorick <david.vorick at gmail.com> wrote:
> Sure, your math is pretty much entirely irrelevant because scaling systems
> to massive sizes doesn't work that way.
>
> At 400B transactions per year we're looking at block sizes of 4.5 GB, and a
> database size of petabytes. How much RAM do you need to process blocks like
> that? Can you fit that much RAM into a single machine? Okay, you can't fit
> that much RAM into a single machine. So you have to rework the code to
> operate on a computer cluster.
>
> Already we've hit a significant problem. You aren't going to rewrite Bitcoin
> to do block validation on a computer cluster overnight. Further, are storage
> costs consistent when we're talking about setting up clusters? Are bandwidth
> costs consistent when we're talking about setting up clusters? Are RAM and
> CPU costs consistent when we're talking about setting up clusters? No, they
> aren't. Clusters are a lot more expensive to set up per-resource because
> they need to talk to eachother and synchronize with eachother and you have a
> LOT more parts, so you have to build in redundancies that aren't necessary
> in non-clusters.
>
> Also worth pointing out that peak transaction volumes are typically 20-50x
> the size of typical transaction volumes. So your cluster isn't going to need
> to plan to handle 15k transactions per second, you're really looking at more
> like 200k or even 500k transactions per second to handle peak-volumes. And
> if it can't, you're still going to see full blocks.
>
> You'd need a handful of experts just to maintain such a thing. Disks are
> going to be failing every day when you are storing multiple PB, so you can't
> just count a flat cost of $20/TB and expect that to work. You're going to
> need redundancy and tolerance so that you don't lose the system when a few
> of your hard drives all fail within minutes of eachother. And you need a way
> to rebuild everything without taking the system offline.
>
> This isn't even my area of expertise. I'm sure there are a dozen other
> significant issues that one of the Visa architects could tell you about when
> dealing with mission-critical data at this scale.
>
> --------
>
> Massive systems operate very differently and are much more costly per-unit
> than tiny systems. Once we grow the blocksize large enough that a single
> computer can't do all the processing all by itself we get into a world of
> much harder, much more expensive scaling problems. Especially because we're
> talking about a distributed system where the nodes don't even trust each
> other. And transaction processing is largely non-parallel. You have to check
> each transaction against each other transaction to make sure that they
> aren't double spending eachother. This takes synchronization and prevents
> 500 CPUs from all crunching the data concurrently. You have to be a lot more
> clever than that to get things working and consistent.
>
> When talking about scalability problems, you should ask yourself what other
> systems in the world operate at the scales you are talking about. None of
> them have cost structures in the 6 digit range, and I'd bet (without
> actually knowing) that none of them have cost structures in the 7 digit
> range either. In fact I know from working in a related industry that the
> cost structures for the datacenters (plus the support engineers, plus the
> software management, etc.) that do airline ticket processing are above $5
> million per year for the larger airlines. Visa is probably even more
> expensive than that (though I can only speculate).
Jared Lee Richardson [ARCHIVE] /
npub149…5vasy
2023-06-07 17:58:41
in reply to nevent1q…uc3q
Author Public Key
npub149tvqh6gesh22h60jrehl5clrxscx6q65wznq9ty6pae8sxq00esg5vasyPublished at
2023-06-07 17:58:41Event JSON
{
"id": "41456f07a5163a3c157b3d78b609959bfcb9101f55f17cd5bca24f11e8c0fd13",
"pubkey": "a956c05f48cc2ea55f4f90f37fd31f19a183681aa385301564d07b93c0c07bf3",
"created_at": 1686160721,
"kind": 1,
"tags": [
[
"e",
"9de18e8747246c519dfd93894071f9ca31c192f802094b2015f860ba761743bd",
"",
"root"
],
[
"e",
"748e8ee1e8fc94f040b22ee39fe62393e350f38689453542964bd65d5d3c67fe",
"",
"reply"
],
[
"p",
"229d8ecfc40ac441a29414f9350f5a01da8c8c9a666fb25e607a6e6795aa0cdb"
]
],
"content": "📅 Original date posted:2017-04-01\n📝 Original message:\u003e So your cluster isn't going to need to plan to handle 15k transactions per second, you're really looking at more like 200k or even 500k transactions per second to handle peak-volumes. And if it can't, you're still going to see full blocks.\n\nWhen I first began to enter the blocksize debate slime-trap that we\nhave all found ourselves in, I had the same line of reasoning that you\nhave now. It is clearly untenable that blockchains are an incredibly\ninefficient and poorly designed system for massive scales of\ntransactions, as I'm sure you would agree. Therefore, I felt it was\nan important point for people to accept this reality now and stop\ntrying to use Blockchains for things they weren't good for, as much\nfor their own good as anyone elses. I backed this by calculating some\nminer fee requirements as well as the very issue you raised. A few\npeople argued with me rationally, and gradually I was forced to look\nat a different question: Granted that we cannot fit all desired\ntransactions on a blockchain, how many CAN we effectively fit?\n\nIt took another month before I actually changed my mind. What changed\nit was when I tried to make estimations, assuming all the reasonable\ntrends I could find held, about future transaction fees and future\nnode costs. Did they need to go up exponentially? How fast, what\nwould we be dealing with in the future? After seeing the huge\ndivergence in node operational costs without size increases($3 vs\n$3000 after some number of years stands out in my memory), I tried to\nadjust various things, until I started comparing the costs in BTC\nterms. I eventually realized that comparing node operational costs in\nBTC per unit time versus transaction costs in dollars revealed that\nnode operational costs per unit time could decrease without causing\ntransaction fees to rise. The transaction fees still had to hit $1 or\n$2, sometimes $4, to remain a viable protection, but otherwise they\ncould become stable around those points and node operational costs per\nunit time still decreased.\n\nNone of that may mean anything to you, so you may ignore it all if you\nlike, but my point in all of that is that I once used similar logic,\nbut any disagreements we may have does not mean I magically think as\nyou implied above. Some people think blockchains should fit any\ntransaction of any size, and I'm sure you and I would both agree\nthat's ridiculous. Blocks will nearly always be full in the future.\nThere is no need to attempt to handle unusual volume increases - The\nfee markets will balance it and the use-cases that can barely afford\nto fit on-chain will simply have to wait for awhile. The question is\nnot \"can we handle all traffic,\" it is \"how many use-cases can we\nenable without sacrificing our most essential features?\" (And for\nthat matter, what is each essential feature, and what is it worth?)\n\nThere are many distinct cut-off points that we could consider. On the\nextreme end, Raspberry Pi's and toasters are out. Data-bound mobile\nphones are out for at least the next few years if ever. Currently the\nconcern is around home user bandwidth limits. The next limit after\nthat may either be the CPU, memory, or bandwidth of a single top-end\nPC. The limit after that may be the highest dataspeeds that large,\nremote Bitcoin mining facilities are able to afford, but after fees\nrise and a few years, they may remove that limit for us. Then the\nnext limit might be on the maximum amount of memory available within a\nsingle datacenter server.\n\nAt each limit we consider, we have a choice of killing off a number of\non-chain usecases versus the cost of losing the nodes who can't reach\nthe next limit effectively. I have my inclinations about where the\nlimits would be best set, but the reality is I don't know the numbers\non the vulnerability and security risks associated with various node\ndistributions. I'd really like to, because if I did I could begin\nevaluating the costs on each side.\n\n\u003e How much RAM do you need to process blocks like that?\n\nThat's a good question, and one I don't have a good handle on. How\ndoes Bitcoin's current memory usage scale? It can't be based on the\nUTXO, which is 1.7 GB while my node is only using ~450mb of ram. How\ndoes ram consumption increase with a large block versus small ones?\nAre there trade-offs that can be made to write to disk if ram usage\ngrew too large?\n\nIf that proved to be a prohibitively large growth number, that becomes\na worthwhile number to consider for scaling. Of note, you can\ncurrently buy EC2 instances with 256gb of ram easily, and in 14 years\nthat will be even higher.\n\n\u003e So you have to rework the code to operate on a computer cluster.\n\nI believe this is exactly the kind of discussion we should be having\n14 years before it might be needed. Also, this wouldn't be unique -\nSome software I have used in the past (graphite metric collection)\ncame pre-packaged with the ability to scale out to multiple machines\nsplit loads and replicate the data, and so could future node software.\n\n\u003e Further, are storage costs consistent when we're talking about setting up clusters? Are bandwidth costs consistent when we're talking about setting up clusters? Are RAM and CPU costs consistent when we're talking about setting up clusters? No, they aren't.\n\nBandwidth costs are, as intra-datacenter bandwidth is generally free.\nThe other ones warrant evaluation for the distant future. I would\nexpect that CPU resources is the first thing we would have to change -\n13 thousand transactions per second is an awful lot to process. I'm\nnot intimately familiar with the processing - Isn't it largely\nsignature verification of the transaction itself, plus a minority of\ntime spent checking and updating utxo values, and finally a small\nnumber of hashes to check block validity? If signature verification\nwas controlling, a specialized asic chip(on a plug-in card) might be\nable to verify signatures hundreds of times faster, and it could even\nbe on a cheap 130nm chipset like the first asic miners rushed to\nmarket. Point being, there are options and it may warrant looking\ninto after the risk to node reductions.\n\n\u003e You'd need a handful of experts just to maintain such a thing.\n\nI don't think this is as big a deal as it first might seem. The\nsoftware would already come written to be spanned onto multiple\nmachines - it just needs to be configured. For the specific question\nat hand, the exchange would already have IT staff and datacenter\ncapacity/operations for their other operations. In the more general\ncase, the numbers involved don't work out to extreme concerns at that\nlevel. The highest cpu usage I've observed on my nodes is less than\n5%, less than 1% for the time I just checked, handling ~3 tx/s. So\nbeing conservative, if it hits 100% on one core at 60-120 tx/s, that\nworks out to ~25-50 8-core machines. But again, that's a 2-year old\nlaptop CPU and we're talking about 14 years into the future. Even if\nit was 25 machines, that's the kind of operation a one or two man IT\nteam just runs on the side with their extra duties. It isn't enough\nto hire a fulltime tech for.\n\n\u003e Disks are going to be failing every day when you are storing multiple PB, so you can't just count a flat cost of $20/TB and expect that to work.\n\nI mean, that's literally what Amazon does for you with S3, which was\neven cheaper than the EBS datastore pricing I was looking at. So....\nEven disregarding that, raid operation was a solved thing more than 10\nyears ago, and hard drives 14 years out would be roughly ~110 TB for a\n$240 hard drive at a 14%/year growth rate. In 2034 the blockchain\nwould fit on 10 of those. Not exactly a \"failing every day\" kind of\nproblem. By 2040, you'd need *gasp* 22 $240 hard drives. I mean, it\nis a lot, but not a lot like you're implying.\n\n\u003e And you need a way to rebuild everything without taking the system offline.\n\nThat depends heavily upon the tradeoffs the businesses can make. I\ndon't think node operation at an exchange is a five-nines uptime\noperation. They could probably tolerate 3 nines. The worst that\nhappens is occasionally people's withdrawals and deposit are delayed\nslightly. It won't shut down trading.\n\n\u003e I'm sure there are a dozen other significant issues that one of the Visa architects could tell you about when dealing with mission-critical data at this scale.\n\nVisa stores the only copy. They can't afford to lose the data.\nBitcoin isn't like that, as others pointed out. And for most\nbusinesses, if their node must be rebooted periodically, it isn't a\nhuge deal.\n\n\u003e Once we grow the blocksize large enough that a single computer can't do all the processing all by itself we get into a world of much harder, much more expensive scaling problems.\n\nOk, when is that point, and what is the tradeoff in terms of nodes?\nJust because something is hard doesn't mean it isn't worth doing.\nThat's just a defeatist attitude. How big can we get, for what\ntradeoffs, and what do we need to do to get there?\n\n\u003e You have to check each transaction against each other transaction to make sure that they aren't double spending eachother.\n\nThis is really not that hard. Have a central database, update/check\nthe utxo values in block-store increments. If a utxo has already been\nused this increment, the block is invalid. If the database somehow\ngot too big(not going to happen at these scales, but if it did), it\ncan be sharded trivially on the transaction information. These are\nsolved problems, the free database software that's available is pretty\npowerful.\n\n\u003e You have to be a lot more clever than that to get things working and consistent.\n\nNO, NOT CLEVER. WE CAN'T DO THAT.\n\nSorry, I had to. :)\n\n\u003e None of them have cost structures in the 6 digit range, and I'd bet (without actually knowing) that none of them have cost structures in the 7 digit range either.\n\nI know of and have experience working with systems that handled\nseveral orders of magnitude more data than this. None of the issues\nbrought up above are problems that someone hasn't solved. Transaction\ncommitments to databases? Data consistency across multiple workers?\nData storage measured in exabytes? Data storage and updates\napproaching hundreds of millions of datapoints per second? These\nthings are done every single day at numerous companies.\n\nOn Fri, Mar 31, 2017 at 11:23 AM, David Vorick \u003cdavid.vorick at gmail.com\u003e wrote:\n\u003e Sure, your math is pretty much entirely irrelevant because scaling systems\n\u003e to massive sizes doesn't work that way.\n\u003e\n\u003e At 400B transactions per year we're looking at block sizes of 4.5 GB, and a\n\u003e database size of petabytes. How much RAM do you need to process blocks like\n\u003e that? Can you fit that much RAM into a single machine? Okay, you can't fit\n\u003e that much RAM into a single machine. So you have to rework the code to\n\u003e operate on a computer cluster.\n\u003e\n\u003e Already we've hit a significant problem. You aren't going to rewrite Bitcoin\n\u003e to do block validation on a computer cluster overnight. Further, are storage\n\u003e costs consistent when we're talking about setting up clusters? Are bandwidth\n\u003e costs consistent when we're talking about setting up clusters? Are RAM and\n\u003e CPU costs consistent when we're talking about setting up clusters? No, they\n\u003e aren't. Clusters are a lot more expensive to set up per-resource because\n\u003e they need to talk to eachother and synchronize with eachother and you have a\n\u003e LOT more parts, so you have to build in redundancies that aren't necessary\n\u003e in non-clusters.\n\u003e\n\u003e Also worth pointing out that peak transaction volumes are typically 20-50x\n\u003e the size of typical transaction volumes. So your cluster isn't going to need\n\u003e to plan to handle 15k transactions per second, you're really looking at more\n\u003e like 200k or even 500k transactions per second to handle peak-volumes. And\n\u003e if it can't, you're still going to see full blocks.\n\u003e\n\u003e You'd need a handful of experts just to maintain such a thing. Disks are\n\u003e going to be failing every day when you are storing multiple PB, so you can't\n\u003e just count a flat cost of $20/TB and expect that to work. You're going to\n\u003e need redundancy and tolerance so that you don't lose the system when a few\n\u003e of your hard drives all fail within minutes of eachother. And you need a way\n\u003e to rebuild everything without taking the system offline.\n\u003e\n\u003e This isn't even my area of expertise. I'm sure there are a dozen other\n\u003e significant issues that one of the Visa architects could tell you about when\n\u003e dealing with mission-critical data at this scale.\n\u003e\n\u003e --------\n\u003e\n\u003e Massive systems operate very differently and are much more costly per-unit\n\u003e than tiny systems. Once we grow the blocksize large enough that a single\n\u003e computer can't do all the processing all by itself we get into a world of\n\u003e much harder, much more expensive scaling problems. Especially because we're\n\u003e talking about a distributed system where the nodes don't even trust each\n\u003e other. And transaction processing is largely non-parallel. You have to check\n\u003e each transaction against each other transaction to make sure that they\n\u003e aren't double spending eachother. This takes synchronization and prevents\n\u003e 500 CPUs from all crunching the data concurrently. You have to be a lot more\n\u003e clever than that to get things working and consistent.\n\u003e\n\u003e When talking about scalability problems, you should ask yourself what other\n\u003e systems in the world operate at the scales you are talking about. None of\n\u003e them have cost structures in the 6 digit range, and I'd bet (without\n\u003e actually knowing) that none of them have cost structures in the 7 digit\n\u003e range either. In fact I know from working in a related industry that the\n\u003e cost structures for the datacenters (plus the support engineers, plus the\n\u003e software management, etc.) that do airline ticket processing are above $5\n\u003e million per year for the larger airlines. Visa is probably even more\n\u003e expensive than that (though I can only speculate).",
"sig": "07c0f3e49dbfd032f4c6cd8def20f45701cb6d9ef345da4ce8dd134da359057e2cb65f586d589de534b56f848cea358668eaef6e6fcc711e6c37e5e1e1701f5d"
}