The awesome thing about Safecoins is that they are actual coins: they exist on the network as actual objects; one can own a coin, pass it on, burn it, etc. Payments are like those in real life: no history is kept as we exchange payments (not as a side-effect; we may or may not keep records of payments, but it's not part of the system.)
So, here I am, joining in with the fad. This coin (name pending) uses memory and computing power as its basis, much like "classic" cryptocurrencies, where your mining gear doubles as a heating system for your apartment I support solar.
Instead of divisibility, I'm introducing denominations. This way, we can use the same mechanism (i.e. no virtual whatnots just to allow for divisibility) for micropayments and buying small islands while retaining the concept of discrete coins.
It's nothing revolutionary, just a combination of existing ideas:
- Let's have a series of denominations, following the powers of 2, each with a fixed supply of coins. With properly chosen parameters, this can result in a supply of coins and market cap that approximate real-life requirements.
- A coin therefore is the combination of a denomination (signed 8-bit integer) and a serial number (unsigned 32-bit integer).
- Vaults determine the block address of the coin based on a hash of this 40-bit coin id. This makes it easy to look up a given coin and verify its existence.
- Vaults must check if this block is already taken (in which case: sorry), and if the given nonce (see later) satisfies the requirement. They can decide about the lowest/highest accepted denominations as defense against DoS attacks.
- Coins are mined:
- The address is combined with a nonce, pushed through a hashing algorithm; it's found if the result is smaller than a static number.
- The difficulty depends on the denomination as this:
- The memory requirement doubles with each larger denomination.
- The number of hashing steps almost doubles with each larger denomination.
- In effect, the most economic choice is to go for the larger possible denomination.
- The hashing algorithm needs the original address and nonce at each step to make pooled mining infeasible. The miner needs to know everything at each step to be able to continue, so there's nothing to hide that can be used for the pool.
- Coins inflate very slowly as memory and computing power are becoming more available. It would take years (decades?) for the next higher denomination to take the place of the current one.
Wallets would need to handle matters such as keeping the right mix of coins, handling rounding errors, exchanging them when necessary, etc.
Sanity check: We could cover just beyond the current USD coin & bill market cap and number of coins/bills in circulation with about 30 denominations of values between 1e-6 and 1e+3 USD. Having very small denominations would allow for micropayments.