On Tue, Oct 15, 2013 at 11:31:02AM +0100, Cathal Garvey wrote:
4) It was supposed to be untraceable, but for architectural and simple network-analysis reasons, it's not untraceable to a large enough opponent. If you ask me, this is the reason the NSA hasn't just fired up its sha256 brute-forcing rigs to out-mine everyone and destroy the currency.
[...] the political, architectural and privacy goals are a flop, and the mining pools who control bitcoin at this point won't back the developers if they try to fix the architecture.
The mining pools have no protocol policy control. The users have control, if miners change their policy in a protocol incompatible way, they will have created an alt-coin which contains only them and their mining profits will evaporate. See bitcointalk thread on committed coins I posted in previous post for a big discussion of this topic. Its much better than you think, clearly committed-coins are not implemented, but they could be added relatively easily.
It's deadlocked; it needs replacing. And, as big and awesome as bitcoin is, nobody should every have expected us to get P2P anarchic crypto-currency right the first time.
About privacy features its not actually clear if that was intended or not. Some privacy fig leafs are offered in terms of new addresses automatically and no names on addresses. But the entire transaction log is public, clear text for anyone to see. If credit card transaction logs were that public (even with just card numbers and no name) people would be outraged. It also not clear if more privacy would have helped bitcoin to date - too much privacy too early could be inviting regulatory problems. Maybe its better for users to work on privacy themselves, or others to add privacy separately, or privacy features to be added to alt-coins etc. See also zerocoin, and homomorphic encrypted value coins. https://bitcointalk.org/index.php?topic=305791.msg3277431#msg3277431 btw speaking as someone who was fascinated by blind ecash and spent a lot of energy on this list years ago trying with others to figure out someway to make something deployable, I have to say bitcoin is a stellar success. Ever since the digicash betabucks $1m capped coins went out of existence with digicash filing bankruptcy, it became clear to everyone that a single company with a cental server was not going to work. From there we had a lot of interest to solve that deployment and design problem: hashcash distributed mining, Wei Dai's B-money/Nick Szabo's bitgold, Hal Finney's RPOW and finally bitcoin! As well numerous other cool stuff like David Wagner's blind-MAC (implemented by Ben Laurie as Lucre) (chaum patent workaround), Niels Ferguson's single term offline coins (still blindable but with more efficient offline fraud tracing than Chaum's cut-and-choose), Stefan Brands ecash/credentials (multiple attributes, efficient, many features) as well as Sander & Ta-Schma auditable anonymous ecash. Its not clear Satoshi is related to the other ones (other than using hashcash like B-money/bitgold & RPOW), he seemed to not be aware of B-money (or bitgold), but he couldnt pontificate for risk of narrowing the potential authorship :) Then you have open transactions. Anyway for deployed ecash and privacy tech political environment life has literally never looked better - NSA shot themselves in the foot, so public opinion is strongly in their dis-favor, the 9/11 death-pall to security vs privacy arguments finally get swept away. So by all means lets see some work on improving privacy, security, decentralization and scalability of bitcoin via alt-coins or direct protocol work. Adam