
Bitcoin P2P Cryptocurrency - micaelwidell
http://www.bitcoin.org
======
fexl
I wrote the software used at <https://loom.cc>. That is a site which allows
anyone to create and issue new types of digital assets. Typically the issuer
will write a contract pledging to redeem the digital asset for a specific
quantity of physical assets or services. Owners of the digital asset may spend
it freely on the server, similar to how they spend cash in the physical world.

One thing I like about Loom is that an asset type has a single issuer. This
means that an issuer can store some physical assets in a vault, create a
digital asset type redeemable for those physical assets, and issue the digital
asset type in a strictly limited quantity.

Then there's no question what a digital asset type is good for, because even
if no exchangers or merchants accept the asset type, at least the issuer is
contractually obligated to deliver the assets in storage or the promised
services.

I wish Mr. Nakamoto (the author of Bitcoin) could devise a way for a digital
currency to have a single issuer, but still trade in the wild like Bitcoin
does now without a central server. However, that may be a logical
contradiction and thus fanciful thinking.

So the best I've been able to come up with is Loom, which does indeed depend
on a central server. But I would like to see many Loom servers with trading
networks between them. That might be a way to realize the benefits of central
servers while avoiding much of their risk.

    
    
      (invite 42215c198e22c724d7cfd7887bda2a57)
    

P.S. Various source code references here:

[https://loom.cc/view/eae93b14a717a7f43e6354bade2a199ca2e3bef...](https://loom.cc/view/eae93b14a717a7f43e6354bade2a199ca2e3bef4971eddc5dba1636f026c94e7)

~~~
eru
I heard of cryptographic protocols that can achieve what you ask for here.

(I just have to dig up where I read about it.)

~~~
fexl
I've read up a bit on blinded signatures, Brands, etc. I have two problems
there.

First, I would need a reference standard implementation of blinded signatures.
I know if I tried to cobble something together myself, some crypto-guru would
laugh and point out that my prime factors weren't super-prime in a Zeta field
of modulus three or some such thing.

Second, basic blinding still _does_ require a central server. I believe the
Brands protocol allows blinded tokens to circulate without contact with the
server at every stage, and anyone who attempts a double-spend can be
identified cryptographically. But it's complicated and ultimately relies on
the technique of going after the bad guy with a baseball bat.

So if I went with blinded tokens on a central server, I'd be right back at the
central server problem. Blinding provides un-traceability at the cryptographic
protocol layer. With Loom, I figured that anyone that concerned with un-
traceability could just use a VPN or Tor.

~~~
derefr
What about a peer-to-peer solution? Every participant runs a brand server; to
"spend" a token, you contact any random server and tell it that you're doing
so. That notice then gets spread to every other server; a server who has
received the notice won't allow the same token to be spent again, and a server
that isn't "caught up" to the mesh won't be allowed to be authoritative (be a
source for spend announcements.) It would basically be like Bittorrent—except
the pieces are created after the torrent is, inserted into the "file"
(keyspace) one at a time, and the hash mutates with every spend.

------
illumin8
The problem with all cyber-currencies is that they can be used for money
laundering, so the feds will shut them down. I know, you're saying, "it uses
crypto so you can't track it and it's decentralized so you can't shut it
down." This is true, however, if you want to spend your bitcoins you need to
convert them into some recognizable currency, which means you need a bank to
do so, which can and will be shut down by the feds.

See the case of E-Gold for a similar comparison. E-Gold was doing something
very similar: letting people transfer money anonymously and untraceably, but
backing it with real gold in a vault so that it had some legitimate worth. The
feds shut them down.

Crypto currency sounds great, but unfortunately it always breaks down where
the rubber meets the road, or where the crypto currency gets converted into
real currency. These places are easy to shut down by any government.

~~~
dedward
So are you suggesting that a fundamental property of any workable currency
system is the ability for the government to track and control where every unit
of currency goes and how it is used?

~~~
illumin8
No, I'm just stating a reality of the banking and financial systems. If you
want to receive wire transfers, you need to be a federally licensed financial
institution, and therefore subject to regulation. Those regulations say you
must report all activity that meets certain patterns (ie, certain dollar
amounts, suspicious transactions, etc). So, by default all money transfers are
monitored by the government. If you want to turn bits into currency (ie wire
transfer) you need to pass through a federally regulated entity to do so.

------
TimothyFitz
"Third parties can’t prevent or control your transactions." But they can
devalue the currency by minting money and keeping it. Also the currently is
worthless by definition as no one is willing to pay money for it.

Both of these are common problems among all new currencies, and the most
common way to defeat both is to have the currency issuer back their currency
with something of known worth (gold, a fiat currency, etc). If conversion
to/from the backing currency is common, then most transactions become bound by
the problems of both currencies, for example paypal is effectively a currency
that is more or less worth USD * ##%, because of the currency switching costs.

I can't wait to see a crypto-based-currency jump these hurdles, but I can't
yet imagine how they'll successfully do it (and perhaps some already have that
I don't know about?).

~~~
Groxx
Minting it and keeping it _increases_ the value of others' money. It causes
deflation, because there's a strictly-finite amount of possible "coins"
(single-digit percentages of which will likely remain in a couple years.
Difficulty in finding them increases exponentially).

------
1053r
This currency suffers from the same major problem that all limited supply
commodity-based currencies have (assuming someone doesn't figure out a way to
counterfeit it) - deflation. Whether your fixed money supply is based upon
gold or hard cryptographic problems, a fixed money supply encourages people to
hoard money rather than invest it, because their money will be worth more
later. This causes the amount of money in circulation to fall, which causes
even more deflation, etc. (Google for "deflationary spiral").

Basically, you have 3 choices for currency. You can have debt-money (most
modern economies). This has the advantage that money is effectively created by
the market based upon the mutual agreement of a lender and a borrower, which
means that money is created and destroyed by the invisible hand. This is a
good thing. It is problematic, however, in that you get problems if large
sections of the economy ever start paying off their debts through very large
productivity gains because that destroys the money supply. Also, it tends to
support a "banker class", who does nothing but loan money and gets paid for
very little work (capital allocation isn't THAT hard compared to how much you
make doing it).

You can have commodity money, which is great because you don't get runaway
inflation. But because of deflationary spirals, you can get runaway deflation.
Also, people tend to hoard whatever commodities you are using, which are
typically useful for industrial or other uses.

You can have fiat money, but that only works if you have an incorruptible
central bank. Otherwise you end up like Nigeria.

Personally, I think we should use the Joule as a basic unit of currency.
Although energy supplies can fluctuate, they tend to grow and shrink with the
economy, which prevents either inflation or deflation. Different banks could
offer different baskets of energy types (wind farm or solar farm output
futures, barrels of oil, coal, etc.), and you don't end up with a banker class
living off of everyone else, but you don't end up with hyperinflation or
deflation. 500 MJ today would tend to buy a similar amount of things 10 years
from now as today (maybe a little more because of efficiency gains, but not a
lot more).

~~~
fexl
When paper money was redeemable for gold, yes there was mild deflation each
year, and that condition lasted for decades on end. But people still bought
things. The nice thing was, savings had its own reward: you could count on
your money buying slightly more next year than the year before. But people
still invested money when they could achieve better returns than deflation.
Interest rates could be lower too.

A nice steady mild deflation is nothing to worry about. That kind of deflation
was mostly caused by productivity gains, which benefited everyone. With
inflation, the beneficial effects of productivity gains are stolen, and given
to the privileged early recipients of the inferior irredeemable money coming
out of the spigot.

------
Groxx
> _To prevent A from transferring the already used coin to another user C, a
> public (but anonymous) list of all the previous transactions is collectively
> maintained by the network of Bitcoin nodes, and before each transaction the
> coin’s unusedness will be checked._

Sounds like that'll cost a lot of CPU/bandwidth... * continues reading __* I'm
curious how the whole thing is organized...

edit: technical paper link[1] is on the FAQ page.

[1]: <http://www.bitcoin.org/sites/default/files/bitcoin.pdf>

\-----------

edit2: from the technical paper:

    
    
      The steps to run the network are as follows:
        1) New transactions are broadcast to all nodes.
        2) Each node collects new transactions into a block.  
        3) Each node works on finding a difficult proof-of-work for its block.
        4) When a node finds a proof-of-work, it broadcasts the block to all nodes.
        5) Nodes accept the block only if all transactions in it are valid and not already spent.
        6) Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.
    

So, existing data is _always_ re-"proved", continuously, to out-pace any
would-be attacker (the longest chain is "correct"). A "proof-of-work" involves
repeated hashing of the previous hash + a nonce until X number of 0s prefix
the resulting hash. The theory goes that as long as more people are working
within the rules, they'll out-pace anyone trying to break the rules, by sheer
combined-computing-might.

I'm curious though: what happens when transactions get large compared to cpus-
which-can-prove-transactions? Wouldn't that cause the average rate of growth
of the histories to decline, making it easier to attack individual lines?

I don't see how this can scale. But please correct me if I'm wrong... I like
the idea of a distributed currency, and I'd love one to work.

~~~
Groxx
Now that I think about it a bit more, and have lost the ability to edit, I
think it may happen when it's a relatively low ratio, or maybe even _even_ ,
as _all_ histories must be continually re-proved to stave off attackers. It
seems there has to come a point where it becomes trivial to devote more
attacking CPUs to a single history than histories/CPUs devotes.

------
micaelwidell
I remember reading the book "The Sovereign Individual" which was written in
the 90's. The authors argue that as the internet becomes more abundant,
cybercurrencies will become popular and over time make it very hard for
governments to collect taxes. This would in turn change the world in a lot of
different ways.

Since I read the book, I have been waiting for someone to create something
like this. It will be exciting to see if this will work and if "cyber
currencies" will become more widely used.

~~~
dwiel
The cyber currencies which try to look like traditional currencies will be
shut down by the government while they have the power to as stated in other
comments. However, I see couch-surfing in a way, as a very lose cyber-
currency. It has its limitations: there is only one kind of product in the
market which uses the currency, and the amount of the currency you have isn't
exactly quantifiable. Still, you can use it to trade services at no cost (or
very little) and flies under the radar since there is no exchange of
quantifiable value taking place. Reputation becomes a new lose currency. Also
see LETS systems which are actively, legally in place around the world.

------
d4ft
A long time ago, in a land far away, I wanted to develop a p2p betting network
without a vig. This would have made that chore a million times easier. Very
cool stuff. What other applications might this be useful for?

~~~
junkbit
Farmville. Seriously though something like an open source Flattr without the
10% rake would be nice (micropayments)

------
mootothemax
Personally, I've always liked the look of eCache:
<https://ffij33ewbnoeqnup.onion.meshmx.com/>

Plus points for the top pun as well.

However, I think if we're ever going to escape the problems mentioned in other
comments here, what we really need is a huge PayPal-style system to take off,
integrate with common systems etc. Can you imagine the potential if eBay
supported this? Shame it won't happen, as that's the kick it needs in my
opinion :)

------
carl_
For anyone considering this, it's already been exploited by people running it
across 1000s of vms/processors causing massive rate fluctuations.

One to skip imho.

~~~
jackolas
Thats not exploitation. That makes the network stronger. The currency isn't
based in CPU power. The inflation method's reward is.

