Debates among devs are normal and important. submitted by
Debates between programmers are the epitome of decentralized development and as such they are arguably the
most important mechanism that will ensure the ongoing success of the Bitcoin (or cryptocurrencies) project.
Therefore, we would be wise to encourage such debates, rather than trying to make them go away by calling them "personal attacks".
In the real world, there aren't a whole lot of different ways to hammer a nail into a board or pour cement into a hole - but in the abstract world of mathematics and programming, there are many, many different ways to represent and manipulate a data structure, limited only by our imaginations, so it is actually appropriate to expect and even demand lots of jostling and critiquing from our programmers as they "try to invent a better mousetrap."
In fact, this is the kind of informal jockeying and shop talk that always has gone on and always will go on among mathematicians and programmers - and quite rightly so, because it is precisely the mechanism whereby they maintain order among their ranks, by making subtle and cogent observations about who knows what.
A famous example of this typical sort of jockeying and shop talk can be seen elsewhere in the ongoing debates between programmers of the "procedural" / "object-oriented" school (C/C++, Java) versus the "functional" school (Haskell, ML). It's always quite an eye-opener for a procedural programmer who's been using "loops" all their life, when they finally discover how to use an "iterator" in functional programming. They both "accomplish" the same thing of course - but in radically and subtly different ways, since an iterator in a functional language is a "first-class citizen" which can be passed around as an argument parameterizing a function, etc. - allowing much more compact and expressive (and sometimes even more efficient) code. Different Bitcoin dev skill sets are required for different stages of Bitcoin's life cycle
An example of the debate between various devs can be seen here:
It is "clear that Greg Maxwell actually has a fairly superficial understanding of large swaths of computer science, information theory, physics and mathematics."- Dr. Peter Rizun (managing editor of the journal Ledger) https://np.reddit.com/btc/comments/3xok2o/it_is_clear_that_greg_maxwell_unullc_actually_has/
What Peter R is saying here is simply that a different skill set is needed to usefully contribute to Bitcoin development now that it has moved well beyond its "proof-of-concept and initial rollout" stages (hey, this thing actually works) and is now trying to move into its "massive scaling" stages (let's try to roll this thing out to millions or billions of people). Bitcoin's "proof-of-concept and initial rollout" stages
Initially, during the "proof-of-concept and initial rollout" stages, the skill set that was required to be a "Bitcoin dev" merely involved knowing enough cryptography, hashing, networking, "game theory", rudimentary economics, and C/C++ programming in order to be able to understand Satoshi's original vision and implementation, doing some simple and obvious
refactorings, cleanups and optimizations while respecting the overall design decisions captured in the original C/C++ code, and maintaining the brilliant "game theory" incentives baked therein - the most notable of all being of course that thing which some mathematicians have taken to calling "Nakamoto Consensus" (which could be seen as a useful emerging mathematical-historical term along the lines of Nash Equilibrium, etc.) - ie, Satoshi's brilliant cobbling-together of several existing concepts from crypto and hashing and game theory and rudimentary economics in order to provide a good-enough solution to the long-standing Byzantine Generals Problem which mathematicians and programmers had heretofore (for decades) considered to be unsolvable.
In particular, during the "proof-of-concept and initial rollout" stages, the crypto and hashing stuff is all pretty much done: the elliptic-curve cryptography has been decided upon (and by the way Satoshi very carefully managed to pick one of the few
elliptic curves that is NSA-proof) and the various hashing algorithms (SHA, RIPE) are actually quite old from previous work, and the recipe for combining them all together has been battle-tested and it should work fine for the next few decades or so (assuming that practical quantum computing is probably not going come along on that time scale).
Similar, during the "proof-of-concept and initial rollout" stages, the networking and incentives and game theory are all pretty much done: the way the mempool gets relayed, the way miners race to solve blocks while trying to minimize orphaning, and the incentives provided currently mainly by the coinbase subsidy and to be provided much later (after more halvings and/or more increases in volume and price) mainly by transaction fees - this stuff has also been decided upon, and is working well enough (within the parameters of our existing imperfect regulatory and economic landscape and networking topology, where things such as ASIC chips, cheap electricity and cooling in China, and the Great Firewall of China have come to the fore as major factors driving decisions about who mines where). Bitcoin's "massive scaling" stages
Now, as we attempt to enter the "massive scaling" stage, a different skill set is required. As I've outlined above, the crypto and the hashing and the incentives are all pretty much done now - and mining has become concentrated where it's most profitable, and we are actually starting to hit the "capacity ceiling" a few times (up till now just some spam attacks and stress tests - but soon, more worryingly, possibly even with the next few months, really
hitting the capacity ceiling with "real" transactions). Early scaling debates centered around blocksize
And so, for the past year, we've gone through the never-ending debates on scaling - most of them focusing up till now (perhaps rather naïvely, some have argued
) on the notion of "maximum blocksize", which was set at 1 MB by Satoshi as a temporary anti-spam kludge.
The smallblock proponents have been claiming that pretty much all "scaling solutions" based on simply increasing the maximum blocksize could have bad effects such as decreasing the number of nodes (decreasing this important type of decentralization) or increasing the number of orphans (decreasing profits for certain miners) - so they have been quite adamant in resisting any such proposals.
Meanwhile the bigblock proponents have been claiming that increased adoption (higher price and volume) should be more than enough to eventually offset / counteract any supposed decrease in node count and miner profits that might happen immediately after bigblocks would be rolled out.
For the most part, both sides appear to be arguing in good faith (with the possible exception of private companies hoping to be able to peddle future, for-profit "solutions" to the "problem" of artificially scarce level-one on-chain block space - eg, Blockstream's Lightning Network) - so the battles have raged on, the community has become divided, and investors are becoming hesitant. New approaches transcending the blocksize debates
In this mathematical-historical context, it is important to understand the fundamental difference in approach taken by Peter__R
. He is neither arguing for smallblocks nor for bigblocks nor for a level-2 solution. He is instead (with his recently released groundbreaking paper on Subchains
- not to be confused with sidechains or treechains =) sidestepping and transcending those approaches to focus on an entirely different, heretofore largely unexplored approach to the problem - the novel concept of "nested subchains":
By nesting subchains, weak block confirmation times approaching the theoretical limits imposed by speed-of-light constraints would become possible with future technology improvements.
Now, this is a new paper, and it will still undergo a lot of peer review before we can be sure that it can deliver on what it promises. But at first glance, it is
very promising - not least of all because it is attacking the whole problem of "scaling" from a new and possibly highly productive angle: not involving bigblocks or smallblocks or bolt-ons (LN) but instead examining the novel possibility of decomposing the monolithic "blocks" being appended to the "chain" into some sort of "substructures" ("subchains"), in the hopes that this may permit some sort of efficiencies and economies at the network relay level. "Substructural refactoring"-based approaches
So what we are seeing here is essentially a different mathematical technique
being applied, for the first time, to a different part of the problem
in an attempt to provide a "massive scaling" solution for Bitcoin. (I'm not sure what to call this technique - but the name "substructural refactoring" is the first thing that comes to mind.)
While there had indeed been some sporadic discussions among existing devs along the lines of "weak blocks" and "subchains", this paper from Peter R is apparently the first time that anyone has made a comprehensive attempt to tie all the ideas together in a serious presentation including, in particular, detailed analysis of how subchains would dovetail with infrastructure (bandwidth and processing) constraints and miner incentives in order for this to actually work in practice. Graphs reminiscent of elasticity and equilibrium graphs from economics
For example, if you skim through the PDF
you'll see the kinds of graphs you often see in economics papers involving concepts such as elasticity and equilibrium and optimization (eg, a graph where there's a "gap" between two curves which we're hoping will decrease in size, or another graph where there's a descending curve and an ascending curve which intersect at some presumably optimum point).
Now, you can see from the vagueness of some my arguments and illustrations above that I am by no means an expert in the mathematics and economics involved here, but am instead merely a curious bystander with only a hobbyist's understanding of these complex subjects (although a rather mature one at that, having worked most of my long and chequered career in math and programming and finance).
But I am fairly confident that what we are seeing here is the emergence of a new sort of "skill set" which will be needed from the kind of Bitcoin developers who can lead us to a successful future where millions or billions of people (and perhaps also machines) are able to transact routinely and directly on the blockchain.
And if a developer like Peter R wants to direct some criticism at another developer who has failed to have these insights, I think that is a natural manifestation of human ego and competitiveness which is healthy to keep these guys on their toes. A new era of Bitcoin development
The time for tweaking the crypto and hashing is long past - which means that the skills of guys like nullc
may no longer as important as they were in the past. (In fact, there are entirely other objections can be raised against Peter Todd, given his proclivity for proving that he can, at the mathematical
level, break systems which actually do work "good enough" by relying on constraints imposed at the "social level" - a level which PTodd evidently does not much believe in. For the most egregious example of this, see his decision to force his Opt-In (soon to become On-By-Default) Full RBF - which breaks existing "good-enough" risk mitigation practices many business had up till now relied on to profitably use zero-conf for retail.)
Likewise the skills of adam3us
may also not be as important as they were in the past: he is, after all, the guy who invented ecash, so he is clearly a brilliant cryptographer and pioneer cypherpunk who laid the groundwork for what Bitcoin has become today, but it is unclear whether he now has (or ever had) the vision to appreciate how big (and fast) Bitcoin can become (at "level 1" - ie, directly on the blockchain itself).
In this regard, it is important to point out the serious lack of vision and optimism on the part of nullc
TL;DR: Times are a-changin'. The old dev skill sets for Bitcoin's early years (crypto, hashing, networking) are becoming less important, while new dev skill sets are becoming more important (such as something one might call "substructural refactoring"). We should encourage competition as new devs emerge who have these new skill sets, because they may be the way out of the "dead end" of the blocksize-based approaches to scaling, opening up massive and perhaps unlimited new forms of "fractal-like" scaling instead.
- During the cex.io 51% mining threat a few years back, petertodd publicly declared that he was selling half his Bitcoin to buy Viacoin. As it turned out, that good ole "social pressure" (which Peter Todd doesn't believe in) actually did its magic, when the community pulled together and told cex.io to get lost - which they did, and they now have only a tiny sliver of global hashpower.
- When Bitcoin was first starting, around 5-6 years ago, adam3us didn't believe in it - and thus he failed to become an early adopter. Evidently even though he was able to invent much of the crypto that underlies it, he was perhaps too much of a perfectionist and/or pessimist to believe that the economics and game-theory incentives would be "good enough" for the thing to actually work in real life. So now he's probably playing catchup: drawing a salary in fiat from the backers of Blockstream, and trying to come up with a bolt-on level-2 solution with a cool name (Lightning Network), which many people are unconvinced would even work.
- nullc, as Peter R has stated, does indeed turn out to have a rather "superficial" understanding of many of the fields related to Bitcoin. While he is of course quite good at the C/C++ and game theory required to maintain Bitcoin "as it was" during its "proof-of-concept and initial rollout" stages, he apparently is totally lacking in the kind of vision and imagination and know-how needed in other emerging areas of mathematics and programming and economics which will be needed to usher Bitcoin into its "massive scaling" stages. This is not to disparage his contributions, which have been significant. But the kind of tunnel-vision and divisiveness he has displayed - where it's either my way or the highway - is probably not the kind of thing which will help Bitcoin transcend its current scaling debates based on smallblocks versus bigblocks plus Lightning Network. All of those approaches may be dead-ends, and entirely new and fresh perspectives may be required now.
- gavinandresen, while being a pragmatist in favor of rolling out bigblocks as soon as needed to avoid the system clogging up and dying, is also a visionary who is able to understand many of these newer approaches - in fact, he has been involved in several approaches dealing with novel ways of building and relaying blocks, such as IBLT (Inverted Bloom Lookup Tables) and Weak Blocks (which is part of Peter R's Subchains proposal), and he was involved as a reviewer on Peter R's current paper.
- I would also like to mention (in this discussion of skill sets and overall mathematical perspectives) the brilliant work of Pieter Wuille on Segregated Witness. Somewhat similar to Peter R's new work on Subchains, Pieter Wuille's work on Segregated Witness attempts to perform subtle reorganizations and optimizations at a "substructural" level, splitting or "factoring" a block's "merkle tree" quite neatly into two separate subtrees at the top level: one top-level subtree containing the "witness" (ie, the validation info or signature for the block), and the other top-level subtree containing the rest of the data (who sent how much to whom) - which provides very natural, straightforward methods of "pruning" the data to be stored on certain types of nodes (since you can drop all the "witness" or validation data and just keep the data on who sent what to whom), while also supporting a "refutational" style of Fraud Proofs which reduces the amount of data needed to relay on the network (by transmitting information which "proves a negative" rather than information which "proves a positive"). I have written up an appreciation of this work in more detail elsewhere.
Currently Bitcoin uses secp256k1 with the ECDSA algorithm, though the same curve with the same public/private keys can be used in some other algorithms such as Schnorr. secp256k1 was almost never used before Bitcoin became popular, but it is now gaining in popularity due to its several nice properties. Most commonly-used curves have a random structure, but secp256k1 was constructed in a ... In the particular case of bitcoin, the elliptic curve that is used is known as the Koblitz curve secp256k1, ... and two other parameters: the difficulty and a nonce (a number used only once). These two parameters play a very important role in the bitcoin mining process. By its own design, the time elapsed between the inclusion of two consecutive blocks in the bitcoin blockchain should be about ... the elliptic curve secp256k1 can be considered as somewhat ’rigid’ meaning that almost all parameters are transparent to the public and hence can be assumed to benotgeneratedinordertobeweak. Bitcoin uses elliptic curve cryptography for its keys and signatures, but the specific secp256k1 curve used is rather unusual. The ECDSA keys used to generate Bitcoin addresses and sign ... Elliptic Curve Digital Signatures and Their Application in the Bitcoin Crypto-currency Transactions Benjamin K. Kikwai 16 October 2017 Abstract- . The Elliptic Curve Digital Signature Al- gorithm (ECDSA), de nes a technique for generating and validating digital signatures. We start by review-ing the mathematics behind the Digital Signature Algo-rithm (DSA) and its elliptic curve analogue ...
Learn more advanced front-end and full-stack development at: https://www.fullstackacademy.com Elliptic Curve Cryptography (ECC) is a type of public key crypt... Elliptic curve cryptography is the backbone behind bitcoin technology and other crypto currencies, especially when it comes to to protecting your digital ass... Elliptic Curve Cryptography (ECC) Parameters and Types: secp256k1, Curve 25519, and NIST - Duration: 12:37. Bill Buchanan OBE 3,064 views. 12:37. Elliptic Curve Cryptography Overview - Duration ... This feature is not available right now. Please try again later. A short video I put together that describes the basics of the Elliptic Curve Diffie-Hellman protocol for key exchanges. There is an error at around 5:30 wher...