Network speed increases and increasing network hashing power and distribution make it less of an issue...but, the issue remains. Litecoin and Doge are less secure than Bitcoin in this regard and more susceptible to 50% attacks.
Edit: It's clear I don't actually understand all the implications of this. But, all of the replies below me don't seem to either. I need to re-read the Bitcoin paper.
An attacker in a 1-minute block network will have the same likelihood of winning 10 blocks (in 10 minutes) as if they were running bitcoin and won 10 blocks (in 100 minutes).
However, in the 1-minute network, there are ten times as many opportunities in the same amount of time to attempt to perform this kind of attack.
If I wait for 2 confirmations in Bitcoin, is this more secure than, less secure than, or equally secure to waiting for 20 confirmations in Dogecoin?
The analysis is a bit tricky.
Lower mining difficulty = Easier to beat network.
(Easier to beat PER BLOCK, no difference PER UNIT TIME)
e.x. if the confirmation time is 60 seconds, and it takes 30 seconds to propagate a block across the network, the miner that just mined a block will have a huge advantage in computing the next block.
On the flip side, I don't think mined blocks typically take more than five seconds, due to the efficiency of the highly-branching network (though I haven't looked at the numbers to confirm this...) But I admit I hadn't thought about that extra detail, thank for pointing it out.
The difficulty of attempting a double spend decreases linearly with the nominal length of the blocks, but it increases exponentially with the number of blocks required to confirm a transaction. So if for instance you decide you need an average confirmation time of 20 minutes, that'd be 2 blocks in Bitcoin and around 20 blocks in our hypothetical 1-minute Bitcoin. In general, for any given target confirmation time the 1-minute Bitcoin will be harder to attack than the 10-minute one - and this is especially true for the sub-10-minute and sub-20-minute confirmation times many merchants want.
If you're targetting an average confirmation time of say 5 minutes, that's a solid 5 confirmations with 1-minute-coin but a risky zero confirmation transaction with Bitcoin - and in practice a lot of services do accept transactions with zero confirmations because it's the only way to get the level of convenience their customers expect.
Lets assume chain A and chain B have the same hash power across their respective networks. Chain A has a block every 10 minutes, and Chain B has a block every 1 minute. The difficulty of finding a block in Chain B will be 10x easier than Chain A. Therefore an attacker will be 10x as likely to find a block on Chain B than Chain A.
On chain A, 6 confirmations provides a certain level of security against a double-spend. To get that same amount of security on chain B, you need 60 confirmations.
Your security against double spend is equal to the total network hashing power multiplied by the time since your transaction was added to the chain. Increasing the block speed does not affect your security.
Increasing the block speed only provides a smaller measure of your security. If you are OK with 3 minutes of security at the current network hashing power, you still have to wait for the first block on chain A (up to 10 minutes). On chain B, you would be satisfied after 3 blocks (max 3 minutes).
Lets take a hypothetical look at a coin that has a 1-hour confirmation time, and compare it against Doge, BTC. Lets call it HourCoin.
If you have 30% control of the mining pool, you have a 30% chance to "double-spend" anyone who accepts HourCoin after 1-hour (aka: one confirmation)
If you have 30% control of the BTC mining pool, you only have a 0.07% chance of double-spending any transaction after 1-hour. (aka: 6 confirmations)
If you have 30% control of the DOGE mining pool, you have a 4.23e-32 chance of double-spending a transaction after 1-hour.
If you're concerned with the 50% attack, then you should favor coins with faster confirmation times. It reduces the efficacy of "near 50%" attacks.
That's not right. If they want to maliciously double-spend, they'd just have to get 20 blocks in less time than the rest of the network got it in, and publish their result. This is not the same as beating the network at 20 individual blocks.
For instance, you can double spend by getting your 20 blocks in 19 minutes, when the rest of the network took 21 minutes. This is not the same as beating the rest of the network at all 20 blocks - some of yours may have taken longer.
So it isn't 2^n, but a convolution summation over n-choose-r. Yeah... I don't feel like doing the "correct" math on this one.
But the concept is still correct. It is exponentially harder for the malicious user to double-spend based. It is much harder to break ten "one minute" confirmation, than one "ten minute" confirmation.
I constantly see the argument that 6 confirmations on LTC == 6 confirmations on BTC. This is the argument the original poster was making, and this what I am arguing against.
For an organization with 45% hashing power to maliciously double-spend cross 20 confirmations, it'd have to win the coin flip 20 times, or 0.00001% of the time.
Methinks the faster hash rate is strictly better from a security standpoint... especially when you consider players who can perform a near-50% double-spend on the network. (A large 30% player may go for a "double-spend" within 2 confirmations, and will be successful 9% of the time)
The problem is that the "most convenient" BTC confirmation time is ~10 minutes (but can be as high as ~1 hour due to the random factor in finding the next block). You can always wait for more confirmations if you want security, but you cannot change the protocol to be faster once it is set.
10 minutes is far too long. I argue that 1 minute is still too long, but is far more acceptable. Again, if you really want high security, wait for 20 confirmations or more. It will take longer for BTC to reach 6 confirmations than for you to get 30+ confirmations on DOGE.
Due to their respective network size, it would actually take many hours on DOGE to equal the same security as 1 hour on BTC.
That's not actually true. Satoshi actually provided code in his original paper to calculate this which I've just run, and it turns out that if, say, an attacker controlled 30% of the total mining power of each network during their attack they'd have a 33% chance of successfully double-spending against BTC with its 3 confirmation requirement and a 0.015% chance of successfully double-spending against DOGE with its 30 confirmation requirement. That's a big difference.
Let's suppose we decided to take advantage of this to require less confirmations on DOGE, say 10. Then the chance of a successful double-spend goes up to 4%, still lower than Bitcoin. Of course, let's be generous and assume our attacker now has three times the opportunities to double-spend, upping that to a 12% chance of success. It'd still be safer to accept transactions with 10 confirmations taking 10 minutes on same-size-DOGE than ones with 3 confirmations taking 30 minutes on BTC.
Actually, it looks like if we give our attacker those extra attempts provided by a faster attack for free, 8 one-minute confirmations are at least as secure as 3 ten-minute ones for any size of attacker that BTC can realistically defend against at all. (And remember, we're already talking about attackers powerful enough that 3 confirmations in BTC isn't safe. If we assume a hacker with 10% of the total mining power, which is arguably all that 3 confirmations can realistically protect against, 5 DOGE confirmations are enough and take half the amount of time as a single BTC confirmation)
Its far far easier to get a 600 GH/s system in BTC than it is to get a similar system in DOGE or LTC.
> tl;dr: We suggest a protocol modification to the block chain that securely allows blocks to be generated around once per second, can handle over 200 transactions per second at these rates, and consumes under 0.5 MBps in terms of bandwidth (less at lower rates than 200 TPS). All of this with no increased susceptability to 50% attacks. This essentially solves the problem that caused Satoshi to set the 10 minute target for the block creation rate. We also analyze the number of transactions per second Bitcoin can handle with and without our modification. We note that block propagation times are the primary obstacle for scalability.
However, there are still those purposes for which that's not a good idea...
So, yeah, I agree...I just want to be clear about why the risk is low: Because most people aren't going to cheat you out of a cup of coffee.
You cannot monitor transactions being sent to miners if they aren't propagated through the normal bitcoin network.
Along with that, there have been cases where mining pools have doublespent unconfirmed transactions and stolen lots of bitcoins. GHash stole 3000btc from betcoin https://bitcointalk.org/index.php?topic=327767.0
This is due to the time it takes for newly mined blocks to propagate through the network. Miners work on old blocks a larger portion of time, leading to more forks and waste of mining resources.
Of course Bitcoin has far more hashing power than Litecoin or Dogecoin anyway, since the hashing power will correlate with the value of the mining rewards.
IMHO the real solution for both transaction speed and scalability is networks of "off-chain" transactions processors that occasionally "settle" on the blockchain. Of course such networks should retain the open and trustless properties of Bitcoin.
EDIT To expand on that: the longer block times can actually be an advantage because the probability of orphans is smaller. If my transaction ends up in some orphaned block and is not resend the merchant won't get any money.
To repeat what I said yesterday:
1. more coins for larger transactions instead of fractions
2. faster block rate (one a minute)
3. faster difficulty adjustment time (4 hours vs days or weeks)
4. faster reward halving time (every other month or so)
5. faster time to last block (mid 2015)
6. faster confirmations on transactions
7. random rewards
Their blockchain size is going to bite them though next year if not later this year. It is going to be massive and the client needs to only download block headers for performance.
Just because someone says this list of things make it better doesn't make it so, I seriously doubt the implications of those changes on security have received even a fraction of the attention bitcoin has received by those looking for attack vectors.
People seem to make it out as though the bitcoin developers didn't know how to make faster confirmations or quicker difficulty adjustments, and that the dogecoin devs discovered how to do it better. The truth is that the dogecoin devs decided to lessen the security in order to make the currency more attractive on the surface, even thought it undermines the stability of the coin in the long run.
(If anyone here hasn't paid attention to the technical details of Bitcoin, the number of confirmations is a lot more important than the total amount of time taken on them. A lot of Bitcoin proponents tend to argue otherwise in order to encourage people to use it over newer alternatives, but they're fairly unambiguously wrong and even Satoshi's original white paper explaining Bitcoin makes this clear.)
Gee, who whould have thought maintaining a massively replicated transaction database over a huge number of globally distributed internet nodes would be a bad idea?
Seriously though, you're right, their block chain is going to balloon. At this rate they will probably overtake Bitcoin (which is approaching 14gb) before the year is out.
That's the problem with these blockchain systems, you have to find a delicate balance between things like max block size (max TPS rate), confirmation times, blockchain size, p2p network size, etc. Basically none of these coins really scale in any direction.
Dogecoin is just a Litecoin fork with shibas, comic sans, and joke settings like generating billions of coins and 1-minute blocks. It's not like they tuned anything for long term usage.
Random rewards prevents easily predictable behavior and forces people to group together to mine because a miner could work all day and produce one block worth 10 coins, or collaborate with 10 other people and produce 10 coins, some of which are worth a 100k coins, to average out the 10 coins.
It's more social engineering than technical engineering but still.
Also, how is predictable behavior a bad thing? Perhaps the US mint should have super-mint months where they print 20 times as much currency as they usually do.
Funny comic about the relative seriousness of Bitcoin: http://i.imgur.com/4z9neQO.jpg
I'll hand it to these people: Dogecoin is one of the most successful culture jams in recent times.
It even goes beyond that though, Bitcoin enthusiasts actively downvote any negative stories on HN/Reddit because they don't want the price to go down. I can't remember the last time I've seen a fair and balanced discussion about the pros and cons of Bitcoin pretty much anywhere.
People get too sentimental about some things on the Internet sometimes.
The long-term success of Dogecoin is beside the point. It
doesn’t have anything close to Bitcoin’s developer
backing. And basing a currency on an internet meme
presents its own risks: for example, the joke might get
old. Those are two of many reasons that Bitcoin will keep
its lead for now. But it will be interesting to see where
and how smarter branding gets incorporated into new
Also, many thousands of people saying "to the moon" together, you don't think that's going to have an effect on consciousness, especially when they visualize it as well? Crikey.
There are big coins under threat, though. Because at the end of the day, they're all very much the same. Newcomers will want something they can relate to, and one that has opportunities and a future, and where they don't feel late to the party yet still supports them. Doge might fade, but not for ages and ages.
It's a brand, symbol and tool anyhow, not a meme, that fits perfectly with a currency.
It's also a brand that people are using for themselves and 'making their own' and this provides a powerful stimulus in itself. There's an entire subreddit of art: http://www.reddit.com/r/dogecoinart/
It's a self-perpetuating, crowdsourced brand and eco-system. This is way beyond meme. It's a marketer's dream. It unites people on their own terms, in a world where brands and currencies cannot be touched for fear of legal repercussions.
The image of the dog at the table with dollar glasses on: that's just one person's interpretation.
This dilutes the brand of the entire sphere of crypto-currencies. It also raises serious questions for how much normal people should ever trust these currencies. Do you have to hang out on hacker news or r/bitcoin just to know if there are any issues with a currency ? That makes these currencies unusable.
Is there a -coin yet aimed at replacing multi-thousand-dollar fashion accessories as a way for rich men to get laid?
You need a minimum of 4 accounts and can expect it to take 4-7 days your first time through. But so worth, to the moon!
EDIT: I only do this as part of a pool. I don't know how it is for solo mining.
When shares of big companies will be exchanged with a cryptocurrency-like protocol, then we'll be in business.