Craig White - The Future of Bitcoin Conf (Arnhem, June 2017)

Satoshi Nakamoto [ahem] ok, I won’t start that one again … Craig White giving a storming talk (60mins + 20mins Q&A) in the last few days.

Lots of interesting stuff here on what Bitcoin is/isn’t, why Altcoins & Bitcoin forks (Ethereum), and anything that isn’t Bitcoin (Lightening, side-chains etc.) are a bad idea - actually break bitcoin.

Also raises a few questions for SAFE Network perhaps (on Sybil attacks for ex) so hope @dirvine will review this, and I’m intrigued at the possible application of his new “split keys” for offline transactions and whether Safecoin could make use of this too.

There’s a lot here, and I’m sure some will not enjoy CW’s brashness and arrogance, but I think it is worth listening and looking past that for insights both into Bitcoin, his plans to bring it back to a scalable universal solution, and for insight into issues for SAFE Network and Safecoin. I was intrigued by some of his points about virtexes v edges - pointing out that large Bitcoin nodes are good because they have more edges / connectivity, which is what gives both earnings and security etc.

His vision of bitcoin is counter to David’s for SAFE / Safecoin (he’s capitalistic, big nodes are fine, but provide solutions for everyone) whereas I think David goes more for democratisation. CW is scathing about that, pointing out that he’s no interest in everyone being able to mine (on Raspberry Pi etc) and that $20k for a node is fine, as is all mining being done by the world’s 17,000 banks.

As I said, a lot here! Please post any bits that stand out for you below with a time reference. I made a few below (wish I’d done more so please add yours).

45mins CW: it is mathematically proven that any network with hops >3 can be Sybilled. Bitcoin is <3 so it can’t be. I’m wondering if this has implications for SAFE?

59m CW: bigger nodes work better (increase security due to network connectivity / edges) and earn more for miners (so are incentivised and good)

1:00 CW: more here on how he’s going to set up a mining pool (also mentioned much earlier) and reject anything that undermines bitcoin (SegWit)

1:18 Q: how can we help people in Africa, specifically Zimbabwe access bitcoin? CW: solutions on mobile (e.g. mobile phones, using his new split-key system)

I completely agree with you that Craig Wright is Satoshi Nakamoto and also that this was an inspired and “storming talk”, in fact the most interesting views on bitcoin that I’ve heard in a long time. I’m not technically knowledgable enough to know whether his vision for how bitcoin should scale is the only one or the best, but I feel intuitively that it is.

There has been a huge backlash against him (mainly on Twitter), but absolutely none of it has challenged the content of his presentation. As a soon to be miner, I look forward to contributing hash power to his future pool.

Sorry, I don’t have a time reference, but I found his view that the velocity of money (ie how often it transacts) is the key element to its success as expressed by higher value to be an interesting observation. He expands on this here in his paper The illusion of scale in segregated witness.

Just on this part, it would be good to see the math and specifically the network assumptions. Taking extremes everything created/mutated by networks can be sybilled given enough resources (not existing signed content mind you), that does not need math though so the initial assumptions are very important. I have seen and heard so many vague statements like that. It’s not all that valid without much more info.

Split keys, I again have no info on that, intrigued mind you

The moors law points etc. I do agree with though, it’s my old statement, design today for tomorrows resources.

Yes it is easy to dismiss other methods by saying “mathematically proven it can be broken”, its like proving the negative to say he is wrong. And while he keeps claiming (by skillful methods of proving the negative) to be the Man himself people lap up his every word. So who is going to disagree.

Yes for mining rigs. But SAFE is not trying to do anything like a mining rig and SAFE’s connectivity issues are different to bitcoins. Each node in SAFE has a lot of connected nodes for the smallest of nodes whereas a mining rig could have as low as one. So for bitcoin larger rigs/nodes are way more secure than a minimal one. SAFE’s security is in the consensus mechanism and requires a minimum number of nodes in the group.

Easy to say when you are nearer the top of the pile (wealth/power) than most. Some people’s mindset is that wealth/power is society and the poor are needed, whereas there are more enlightened people who realise this does not have to be so.

No way around it, this is above my head but according to Craig Wright, Microsoft researchers did the math and found that any network with a distance between nodes of greater than 3 can always be sibyl attacked.

Link from the talk I’m listening to:

Has MaidSafe team heard of this? Again, above my head, but my understanding of how our routing is working our network would be above 3.

I think this is the 15 year old research he is talking about

https://www.microsoft.com/en-us/research/wp-content/uploads/2002/01/IPTPS2002.pdf

[quote]1. Introduction
We* argue that it is practically impossible, in
a distributed computing environment, for initially
unknown remote computing elements to present
convincingly distinct identities. With no logically
central, trusted authority to vouch for a one-to-one
correspondence between entity and identity, it is
always possible for an unfamiliar entity to present
more than one identity, except under conditions
that are not practically realizable for large-scale
distributed systems.
Peer-to-peer systems commonly rely on the
existence of multiple, independent remote entities
to mitigate the threat of hostile peers. Many
systems [3, 4, 8, 10, 17, 18, 29, 34, 36] replicate
computational or storage tasks among several
remote sites to protect against integrity violations
(data loss). Others [5, 6, 7, 16, 28] fragment tasks
among several remote sites to protect against
privacy violations (data leakage). In either case,
exploiting the redundancy in the system requires
the ability to determine whether two ostensibly
different remote entities are actually different
[/quote]

EDIT: Craig White has taken liberties in saying that its impossible if hops are > 3. This assumes the network runs in isolation. Even in the introduction they say that some simple systems will help to thwart a sybil attack on networks with > 3 hops.

[quote]Identification authorities can take various
forms, not merely that of an explicit certification
agency such as VeriSign [33]. For example, the
CFS cooperative storage system [8] identifies
each node (in part) by a hash of its IP address.
The SFS network file system [23] names remote
paths by appending a host identifier to a DNS
name. The EMBASSY [22] platform binds
machines to cryptographic keys embedded in
device hardware. These approaches may thwart
Sybil attacks, but they implicitly rely on the
authority of a trusted agency (such as ICANN [19]
or Wave Systems [35]) to establish identity.
[/quote]

So even using the IP address to assist will take the network out of the isolated situation and creates a method to resist or even defeat practical sybil attacks. But even the fact of non-infinite resources changes things.

[quote]
5. Summary and conclusions
Peer-to-peer systems often rely on redundancy
to diminish their dependence on potentially hostile
peers. If distinct identities for remote entities are
not established either by an explicit certification
authority (as in Farsite [3]) or by an implicit one
(as in CFS [8]), these systems are susceptible to
Sybil attacks, in which a small number of entities
counterfeit multiple identities so as to compromise
a disproportionate share of the system.
Systems that rely upon implicit certification
should be acutely mindful of this reliance, since
apparently unrelated changes to the relied-upon
mechanism can undermine the security of the
system. For example, the proposed IPv6 privacy
extensions [26] obviate much of the central
allocation of IP addresses assumed by CFS.
In the absence of an identification authority, a
local entity’s ability to discriminate among
distinct remote entities depends on the assumption
that an attacker’s resources are limited. Entities
can thus issue resource-demanding challenges to
validate identities, and entities can collectively
pool the identities they have separately validated.
This approach entails the following conditions:
• All entities operate under nearly identical
resource constraints.
• All presented identities are validated
simultaneously by all entities, coordinated
across the system.
• When accepting identities that are not
directly validated, the required number of
vouchers exceeds the number of systemwide failures.
We claim that in a large-scale distributed
system, these conditions are neither justifiable as
assumptions nor practically realizable as system
requirements.[/quote]