Adam B. Levine (AL) Host Andreas M. Antonopoulos (AA) Co-host Stephanie Murphy (SM) Co-host Peter Todd (PT) Bitcoin core developer, Chief Scientist at Mastercoin Foundation & Dark Wallet
AL: Today is April 26 th 2014 and this is Episode 104 of Lets Talk Bitcoin.
The following is intended for informational and educational purposes only. Cryptocurrency is a new field of study. Consult your local futurist, lawyer and investment advisor before making any decisions for yourself.
My name is Adam B. Levine. Im the editor-in-chief of the Lets Talk Bitcoin show. Thanks to the many who gave their opinion; we wont be changing the name. Today is Episode 104 the completion of one year worth of shows. Weve talked about how great we are and how much fun were having during previous episodes, but I do want to acknowledge both the listeners and especially those creating content, those building the platform along with me. Thank you. Todays episode is a long one, split in two distinct parts. For the third time in LTB history, Torontos recent Bitcoin conference saw all three of the LTB hosts in the same room talking about Bitcoin, once again. On Episode 99, I spoke with Austin Hill and Adam Back about the idea of sidechains of Bitcoin, instead of altcoins based off of Bitcoin. This idea caught fire and as many who thought theyd made up their minds about cryptocurrency, re-evaluating our future, but not everybody is so enamored with this proposal. Peter Todd recently spoke on LTB about stealth addresses and we caught up with him again, in Toronto, to talk about tree-chains a different way of looking at a blockchain that would also solve the mining centralization problem. You dont want to miss this. [1:27]
But first, Ive got a confession to make. Recently, Ive become very interested in the possibilities presented by user-created assets built on top of Bitcoin or Ethereum or whatever blockchain you prefer. Really, at the core here, this is a conversation about bootstrapping, which is something thats very interesting to me. Bootstrapping is the process all would be self-sustaining enterprise goes through, many unsuccessfully. There is a period of time, at the beginning of any new venture, where the sheer newness and smallness of the venture is a big, blinking, red light, warning off first potential users. After all, who wants to use a completely new unheard of or unknown service or eat at a deserted restaurant or register on a forum where nobodys posting. Its all a matter of comparison. In a world where eBay dominates the person to person auction market, what reason would a buyer have to choose a brand new website with no sellers and why would sellers list, when there are no potential buyers? Bootstrapping is a chicken/egg problem. Which comes first - the valuable users or the users to generate value? Satoshis solution with Bitcoin was novel. Give the privilege of receiving new bitcoins to the miners, enabling the usefulness of the network. In other words, the system has these tokens, bitcoins, that must be distributed somehow and the chosen strategy, as designated in the Bitcoin specification, says that it is miners adding their hashing power to the network who add the most value to the network itself. They enable it for other users, so especially in the early days, miners were 100% critical and the system needs all it can get to protect itself from bad actors. When this process started, the bitcoins themselves were functionally worthless. Over time, as the network grew and found success, these worthless tokens became incredibly valuable. Bitcoin, of course, has some problems the miner reward is only paid to a single miner which has led to pool centralization and some other not so great trends, but the fact remains that distributing new bitcoins by making miners compete with every other miner on the planet, has led to a wildly powerful Bitcoin network and spread the creation of an entire class of machines doing what is functionally make work. Although the power of the Bitcoin mining network dwarfs the most powerful government or commercial super computers, hashing SHA256 actually doesnt process transactions, its merely the measuring stick by which all participants in the system are compared against. [3:36]
This isnt a complaint; rather an attempt to illustrate the power of tokens released on a fixed, long term and deflationary schedule to participants adding the most value to the system. Imagine stumbling across a wishing well in a world where you only carry gold coins. Most people faced with the choice of throwing a valuable gold coin into a wet, deep hole in the ground, probably arent going to do it, even if its really magical looking with cartoon Disney birds flying around. From basically any angle you look at this, its a short term and long term, bad economic move. Faced with the choice, most people would walk on by because the cost of participation does not reflect the value they believe theyll get. Imagine finding the same well with a penny dispenser next to it. Each day, it gives out 10 pennies with distribution based on how many people visit it. Its out of the way, youre the first to find it and can take all 10 pennies if you want. Suddenly, the value equation has changed and where before the cost far outweighed the benefit, now your cost was just showing up. Given these conditions, Id personally feel much more comfortable using the service of a wishing well, where before, I probably never would have bothered. Over time, as other people find the well, the free pennies are split more ways until not everyone who visits each day can toss in a free coin. Its at this point where demand outweighs the freely available supply, that a market price is required and so the market establishes one. Lacking the free tokens, would the well have grown in popularity as much, or even at all? Probably not. The value of the token is a direct reflection of how popular the service is and those who found the well early, but saved some of the coins, can even profit from their early support of these systems. [5:08]
A user-created asset, at its core, is a crypto-token that does not give new tokens to the miners, instead riding on top of a platform, like Bitcoin or Litecoin or Ethereum, where the processing of transactions is the main focus. User-created assets utilize the miners of another already secure chain and so, because security isnt a concern, the size of these eco- systems and the purpose of the coins can be very specific to their need, without compromising on security. While it was never very hard to fork Bitcoin or Litecoin, it is technical and while hundreds have found a dev, changed a few parameters and struck out on their own, the reality is the only people who went down this path, believed they could do what Bitcoin was already doing but better. As Bitcoin mining has become more difficult and old hardware obsoleted, miners still holding that hardware have a very real incentive to look for the next network, where their transactional mining will be more valuable due to less competition and more deflationary potential. Thats a huge thing new crypto-tokens, whether attempting to compete with Bitcoin or riding on top of it, have much greater deflationary potential relative to the amount of time or money invested, simply because theyre so much earlier in their life cycle. User-created assets dont want to process transactions, have miners or developers, they dont want to have to worry about patching implementation vulnerabilities and by building on top of the already very secure Bitcoin network, they dont have to. [6:25]
If these new tokens arent given to the people securing the network, they can be given to the people adding value to whatever the project is. This is called non-computational mining. Although crowd-funding services, like KickStarter, have become very popular in recent years, through the use of crypto-tokens, we can do better. KickStarter brought the donate and get a reward model to the worlds stage, but what if you think a project is neat but dont see the value in the reward for yourself or anyone you know? Or maybe you like the reward but dont agree with the donation amount you want to give in order to receive it. The way things are now, if you dont want the reward, theres very little reason to support a project, even if its a good idea or you think it can succeed. Sure, you can just donate but, in practice, most people view their donation and its reward as a pre-order. Lock-in is another big thing in the world of crowd-funding. Ive supported many projects with estimated deliveries of six months, only to see delay pile on delay, multiplying the wait. Sometimes, its OK with me, sometimes its not but again, the reality is I have no choice in this situation. Im totally trapped. While refunds arent formally supported on crowd-funding platforms, since theyre donation based, people do occasionally give them when they feel as though theyve failed to meet the expectations of those viewing their donations as pre-orders. This is sometimes resulted in whole projects blowing up as the founder gives money they dont have or thats needed to finish the project for the backers who remain patient. Its a terrible situation for everybody. Adding a token eliminates this problem too. Think of crowd- funding a grocery store sure, you could pre-order a pallet of canned soup, but wouldnt it be better if you received store credit instead? While there are relatively few buyers for a pallet of soup, imagine if a token, call it store credit, was given instead? Store credit, as good or better than cash at the store in question, is much easier to find a buyer for. Just as backers can profit from a successful project, so can they escape a project they no longer want to be a part of. Of course, if thats the general sentiment, theyll certainly be selling these tokens at a discount to what they paid. Compared to the situation now, where the project succeeds and you get what you purchase, where the project fails and you get nothing at all, its better for everyone to have options. This is also non-destructive to the project, since the process doesnt even involve the founder or their project funding. People who want to get out can make their escape via the market, without disrupting the project for everybody else. [8:31]
Im working on a project called Tatianacoin with Tatiana Moroz. Its one of the first, so- called, crowd-funding coins, and its also one of the first artist coins. Tatiana wants to raise an amount of money, lets say $100,000 to record her new album and a tour to support it. The crowd-funding page, at first glance, looks pretty normal funding, goals and backer rewards but rather than signing on for a $40 album and T-shirt package, the individual receives back $40 worth of Tatianacoin when the project successfully funds. Those tokens trade on a centralized and decentralized market, so from the minute the funding is over and the tokens are created, and then distributed, the market is valuing them. Because these tokens are only issued in that one batch to support Tatianas specific project, if the thing you can use them for is something more people when the project is finished, the album is ready to shift, the tour is starting then at the beginning, before the album exists, they should be deflationary. If they are deflationary, early supporters of the project will see the value of the tokens they received, in exchange for their donation, increase. When the rewards are ready, the number of Tatianacoin required to purchase your desired reward has gone down. [9:31]
Really, what were doing here is creating an eco-system where people who support Tatianas music or activism or her other projects, can invest in her early, give her the resources to make a bigger impact than she would be able to do, lacking that support. Those supporters then profit from her successes, more people discover her work and also want to support her. A smaller eco-system, like Tatianacoin, is valuable because its a partnership between the funded project and the backers supporting it, where everybody gets what they want and backers arent trapped by a failing project but rather spiralling up a successful funding and effective use of those funds leads to a higher profile and successful project. After the first success, Tatiana can use the same coin to fundraise for her next project, except instead of tokens being created and distributed at the original fixed rate, theyre created at whatever the current market rate is. When the money supply expands, its being backed up by real value moving into the eco-system. Instead of deluding earlier donors, each new token coming in reinforces that the current market rate is the correct one because people are paying real money for it right now. When Oculus Rift, the prototype virtual reality headgear was funded on KickStarter, they received millions of dollars worth of support to develop a very speculative project. Not too long ago, they were purchased by Facebook for $2bn worth of cash and stock and the backers who put their collective millions that brought the project to that point, they got developer kits as promised and thats about it. My background is heavy in videogames so Oculus was always one of those projects that was interesting to me but I didnt want a developer kit so I didnt support it. If a token solution had been in place, not only would I have supported it but the purchase, by Facebook, would have skyrocketed the value of that token that everybody had bought. This would have happened at no cost to the Oculus Rift team, simply because the project has so many more eyeballs swivelling to look at what has become a very high profile project indeed. Id love to tell you how Permacredits, the local cryptocurrency for the global permaculture movement were getting ready to launch soon but its basically just this same type of idea applied to real estate and the scales about 10x or 20x as large as a Tatianacoin. [11:25]
Once again, tokens go to whomever is adding the most value to the network so in the example so far, thats people who donate funds which make the project happen. Its fairly simple. On the other hand, there are many situations where the activity adding value is actually non-monetary in nature. Imagine a jobs board, like Coinality.com people looking for workers go there to post, people looking for work go there to post but the thing that really adds value are successful, happy matches over the medium to long term between those two types of users. We could create a new token called Jobscoin which is distributed at a daily fixed rate to successful, happy matches that then has a check in feature six months later for a second round of it. If only one person successfully confirms they got the job and the employer successfully confirms that not only do they have the job but the fit is good, the two parties split the new tokens distributed that day. If there are a 100 such matches in a day, its split 100 ways. Again, the thing that we never want is complete inactivity. Services that have no users are useless services and inactivity broadcasts that fact, making the situation worse. Those tokens can be used for a variety of things, such as voting up or featuring positions of a chosen job posting your resume. By not fixing prices and letting users simply bid against each other for positional advantage, as the service becomes more popular, so will the competition become more fierce which means that those wanting prominence, itll be very important to acquire the coin, probably through the market and probably from people whove acquired less coin and would rather sell them than use them. Its a good interview with Peter Todd today, so Im not going to take up too much more of your time but I would like to talk really briefly about LTB coin. [12:56]
Letstalkbitcoin.com is a content network. We create original journalism and entertainment so there are three ways that individuals can add value to our system. The most valuable way is to create good, engaging content that meets our rather high quality standards and release it on our platform. Content creators receive the largest share of new LTBcoin distributed weekly, based on two sets of criteria. The first is proof of quality when you release a new piece and it meets LTBs rather strict publishing protocol, you get a share of the weeks new tokens. If theres one piece of content released, you get all of it. If there are 100 pieces of content released, and you all have the same point value a 600 word blogpost is worth less than a hour long produced video show, for example then they split the weeks allocation. Next is proof of value this is a composite metric that will grow over time as we figure out what works, but basically, its a combination of revenue generated and reach. This is a second round of compensation that takes place about a month after the piece has been released. This distribution is weighted to encourage people to create content that the audience finds valuable or that sponsors want to support. Engagement with the audience adds the next largest amount of value, and so we reward our favorite behaviors with new tokens - proof of commenting, proof of tipping and proof of sharing. Each day, the amount of tips, the number of comments weighted by community votes and how much impact and individual sharing had, are tallied up and compared against all other participants in those individual programs on that specific day. Those individuals then receive their share of the new token based on their contribution. [14:19]
Its easy to imagine on a slow day, sending a tiny tip to a content creator might actually make a profit from the new tokens that are awarded, simply because on that day, that small tip was the big spender. The value for LTBcoin comes from our sponsorships and advertising. Once we start this program, if you want to sponsor a show on the LTB network, advertise with a banner, whatever, youll need to bid in it on LTBcoin, in our auctions. This sounds like a barrier to entry, I mean who would bother, but our problem has never been demand from advertisers, rather its our ability to follow up with them because we dont employ sales people and I spend most of my time making content and talking with people. Rather than auction specific sponsorships that are locked and non-transferable, LTB will be publishing our sponsor standards and selling at auction for LTBcoin what were calling, Sponsor tokens. These Sponsor tokens use the same wallet as Bitcoin and LTBcoin and once purchased from LTB, can be traded or sold for any cryptocurrency to any group or individual who would find it more valuable than the value that original person paid in LTBcoin. This means that while I only have to worry about maximizing our LTBcoin sales by attracting more interested people, these people dont have to be sponsors. They can be profit seeking individuals who jump through our specific hoops to acquire LTBcoin, acquire these Sponsor tokens and then sell it to someone who values it for profit. Over time, frequent sponsors will probably find it more valuable to simply be in the deflationary LTBcoin eco-system and deal with us directly because its cheaper to cut out the middle man but thats going to take a while. In the interim, there is this opportunity for people to act as our sales reps and to profit from it. This solves both our short term and our long term problem, without requiring me to become a sales person or to pick someone whos going to be a great individual sales person. [16:01]
One of the most common reactions I get to talking about user-created assets is the thought that they wont be big enough and that the eco-system will be much smaller than Bitcoin. This is actually very true and I think its good. Small things are specific and small things are powerful and powerful, under-appreciated small things have the most potential to become very big things, once the base of the community and evangelism is established. User- created assets allow you to align the incentives of all participants in the system with the success of whatever your specific project is because the success of your project is their financial gain. What Id like you to take away from this is that any problem that you had in the past that involved trying to motivate people to get on the same page as you and to see the value in what youre doing, I really would encourage you to take a look at the problem through the lens of user-created assets and incentivizing behavior with tokens, because I think that many of these bootstrapping problems have been fundamentally solved now. We now have a good template by following the lessons of Bitcoin to bootstrap anything and to take any idea... I mean, the idea still has to be good, it still has to be enough that people want to participate and see the potential in it, but theres a way now for people to be invested in what youre doing, whether it be through monetary means or not, that I think is really going to change how these projects get implemented and what is possible and what is not. Take the logic of cryptocurrency and the logic of user-created assets and see if it changes your situation now and then, make it happen. I look forward to another very full year of cryptocurrency and Bitcoin with everybody. Thanks for listening. [17:38]
____________________________________________
ADVERT:
KryptoKit is the worlds first Chrome browser Bitcoin wallet. Its the easiest, fastest Bitcoin wallet payment system with a simple one click install, it takes just seconds to get your wallet set up and because KryptoKit finds the address and payment for you, theres no more fussing around or tab switching. KryptoKit is more than just a wallet. It comes with a pre- loaded PGP encrypted social network, newsfeeds from Reddit and Google and up to date charts from exchanges. Finally, KryptoKit directory allows you to make two click payments with any of the BitPay merchants. Once you install KryptoKit, you wont need anything else. For more information, or to download KryptoKit, visit www.KryptoKit.com. [18:26]
ADVERT:
Hey folks. Adam B. Levine here with an experimental sponsor today a hiring one. David Johnston said it best anything that can be decentralized, will be decentralized. Reverse Dealer is that idea applied to buying and selling of cars. At Reverse Dealer, the people are the dealership and the whole point is to save everybody money. The founder writes We are the exact opposite of a traditional dealer. We are the change we want to see in the world and we are currently hiring. Theyre looking for one skilled developer, a social marketing expert and theyre interested in speaking with additional investors as well. Interested? Send an email to ReverseDealer@gmail.com. [19:03]
_____________________________________________
AL: Were here again at the Toronto after party, so to speak, in Stephanies room. (Laughter) [19:10]
SM: Its where everyone wants to be. (Laughter)
AL: The day after the Toronto Bitcoin conference and sitting down with us now, we have, of course again, Andreas Antonopoulos and Stephanie Murphy. [19:19]
SM: Hello. [19:19]
AA: Hi. [19:20]
AL: We are joined today by Peter Todd. Hes the chief scientist of the Mastercoin Foundation and a myriad of other projects too. [19:27]
PT: Yeah, chief scientist at Dark Wallet now too. [19:29]
AL: Chief scientist at Dark Wallet too and youre a Bitcoin core developer. *19:32+
PT: People call me that, I guess. [19:34]
AL: Have you submitted changes to the core that have been included in shaping code? [19:38]
PT: I guess that means I am. [19:39]
AL: Well, I guess that means you are. (Laughter) Weve just had this conversation with Amir. (Laughter) On Episode 99, I had a conversation with Austin Hill and Adam Back talking about a proposal theyre calling sidechains, which is this idea that you can have alternative Bitcoin blockchains that dont have their own tokens on it, dont have their own bitcoins on it, so theyre not like an altcoin necessarily, but they can have other characteristics, such as a shorter block time, or larger block sizes and so do some of the things that conventional altcoins have done. The difference is that you can then move a token from the Bitcoin blockchain at a 1:1 peg ratio onto these other blockchains where it might be more useful to you at that particular point of time. This has been received by the Bitcoin community, broadly speaking, with kind of mixed response. Nobody really knows how to think of this and people who are very supportive of altcoins are concerned that there is something going on here. You and I had an interesting conversation, where you basically told me that we were completely wrong about this and actually, this is a terrible thing. Can you kind of summarize... did I do a good job of summarizing this in your eyes. Please correct me? [20:47]
PT: Maybe a little too harsh on terrible. [20:49]
AL: OK. [20:50]
PT: Ill go start by saying I think the basic ideas behind it, the basic push behind it, I think (??) you want to be able to give people options. You want to have more than just Bitcoin and completely separate systems, but where I dont like it is that theres this idea of using it with merge mining. The thing with merge mining is it lets a consensus system, like Bitcoin, say that OK... or actually I should say a better example is Namecoin, says OK, rather than a Namecoin block being valid because of someone doing a bunch of useless work, the hashing power associated with it, well reuse the work of a different blockchain. In some ways, this sounds pretty good. I mean, we can go secure Bitcoin and we can secure Namecoin at the same time. [21:44]
AA: Namecoin is one of the altchains that is merge mined, more than self-mined or solo- mined. [21:51]
PT: Absolutely. [21:51]
AL: Can we talk about merge mining real quick? Can you just recap that for the listeners? [21:54]
PT: Yeah. Namecoin was your first example of it. Namecoin is a DNS alternative; its supposed to be a decentralized domain name system and its not directly a financial system in itself. You can still buy and sell Namecoins but theyre really meant to (??) domain names. The issue there is How are you going to keep it secure? Initially, Namecoin was just a separate chain, just like Bitcoin is its own thing, but the people behind it came up with the idea of Why dont we go secure both at the same time? Well use the same hashing power that keeps Bitcoin secure to help to keep Namecoin secure, which basically means that if Im trying to mine Bitcoin blocks, I can, through the special protocol called merge mining, simultaneously mine Namecoin blocks, at the same time. [22:43]
AA: But you get the reward in Bitcoin which is your incentive, whereas if you were mining Namecoin, there would be no reward. [22:49]
PT: Actually, you get the reward in both chains. [22:51]
AA: OK. [22:51]
PT: Yeah, thats your incentive to go to the trouble of doing this in the first place. *22:54+
SM: Theres even an incentive for just straight up Bitcoin miners to do merge mining instead because then they get more coins. [23:01]
PT: Absolutely. Right now, I think the number works out to be Namecoin is roughly say of the Bitcoin hashing power. [23:09]
AA: So this is going with Namecoin? [23:12]
PT: Yes, yes, so of Bitcoin hashing power is also mining Namecoin. [23:16]
SM: Wow! Thats very interesting because without merged mining, it would probably be a tiny, tiny fraction of that. [23:24]
PT: Yeah, absolutely. [23:25]
AL: Isnt that good for Namecoin? *23:28+
PT: Namecoin happens to have of the hashing power for it. It cant be attacked. [23:33]
AA: Right. Whats the downside? Let me take it from a different perspective. Youre a miner and you have a choice of either mining straight up Bitcoin or merge mining Bitcoin and Namecoin, at the same time, or perhaps merge mining Bitcoin, Namecoin and a bunch of other SHA256 proof of work... [23:50]
SM: Can you pick like that or, if you do merge mining are you mining every coin that allows it? [23:54]
PT: The protocol most implementations merge mining use allows is... allows for an unlimited number of chains to be mined at once. [24:02]
AA: You choose that as the miner; you pick how many chains and what chains? Do they all have to be the same proof of work algorithm? [24:07]
PT: Yes. [24:07]
AA: Right, so if youre doing SHA256 mining, you can merge mine any altcoins that use SHA256 as a proof of work. [24:14]
PT: SHA256 merge mining. [24:16]
AL: Isnt it really all (??) *24:16+
AA: That use SHA256 merge mining. [24:18]
PT: Yeah. [24:19]
AA: OK but then is there a disadvantage to doing merge mining across multiple coins versus doing straight up Bitcoin mining? Do you lose something in the competition for Bitcoin reward? [24:29]
PT: You dont, however you do have to run a Namecoin full node and a devcoin full node, I think, IXcoin is another example. [24:41]
AL: For each of these that you add on as another chain that youre merge mining, it actually does require additional infrastructure? [24:47]
PT: Yep, absolutely. [24:48]
AA: Mostly storage which isnt too expensive to run. The actual mining difficulty which chews up a lot electricity, which is your main cost as a miner, that doesnt change? *24:57+
PT: For now. For now it is. [24:58]
SM: What is it if youre part of a mining pool, thats pretty much irrelevant, right? *25:02+
PT: Absolutely. [25:03]
SM: There is a popular mining pool, CEX.io which almost got to a huge scary percentage of the Bitcoin network, at one point. That just does merge mining for you. It doesnt even ask. [25:13]
PT: Heres a real question. Me personally, I have some Bitcoin mining equipment, not much but I run it at home and I go use P2Pool to mine. [25:25]
AA: Can you describe P2Pool thats a completely decentralized peer to peer mining pool without a pool operator, right? [25:32]
PT: I think you just described it. (Laughter) Of course, I had to go set up a full Bitcoin node to do that. Now, the Namecoin reward is pretty small and Ive never bothered setting up a Namecoin node. Its just why would I do it? [25:47]
AL: Even though the mining part is literally zero difference to what youre already doing, the barrier to entry is having to bother to set up this full node. [25:57]
PT: Yeah. [25:57]
AA: And maintain it and mostly that has some costs. Youve got to upgrade the software every time it gets a maintenance release and stay up to date otherwise you might get hacked or all kinds of things like that. [26:06]
PT: Its overhead. Yeah. *26:07+
SM: So then do you have unclaimed block rewards from the Namecoin mining? [26:12]
AL: It doesnt work like that does it? *26:14+
PT: Its not unclaimed, its more that I could have gone and did it at the same time but since I didnt, there just is no reward that I can get. *26;22+
AA: There are opportunity costs, if anything if you didnt take advantage of the opportunity to merge mine Namecoin, so youre just mining Bitcoins. *26:32+
SM: Doesnt each block have a block reward? Lets say, for purposes of discussion, that you were solo mining and you found a Namecoin block but you were doing P2Pool and you didnt set up a Namecoin node, what would happen to the block reward? *26:49+
PT: Oh well, thats it. If I dont set up this merge mining protocol, I do not find Namecoin blocks. [26:55]
AL: Because hes not mining Namecoin. *26:56+
PT: Yeah. [26:57]
AA: You have to set up a node. [26:59]
AL: It uses the same work.... [27:02]
SM: Oh, oh, oh, so youre not mining it unless you set up a node, I gotcha. *27:03+
AL: Exactly, but you have to set up... again, when I was thinking about sidechains, it sort of occurred to me that if this is something that can easily be merge mined, then you could have thousands of these, but it sounds like youre saying that, in practice, thats not really something thats going to happen. Individual miners might pick a few but theres actually a maintenance cost per sidechain they have to mine. [27:21]
PT: Absolutely. To put it in concrete numbers, last I checked, the Namecoin block reward in terms of value, its about 2-3% that of the Bitcoin block reward. Now, if Im a miner earning $100 a month on my little setup, I can justify the cost of setting up a Bitcoin node, thats not so bad, but can I justify the cost of also setting up a Namecoin node? No. [27:46]
AA: Im assuming there are other overheads too. One of the things that is an overhead for miners, or anyone running a full node, is keeping the mempool and the unspent transaction pool which is a load. For those who dont understand what that is, that would require you to have RAM on your system and RAM is obviously much more expensive than permanent storage. If you were running a full Namecoin node, youd also have to have the memory pool which means more RAM for that. [28:18]
PT: What it gets down to is like, suppose it took me an hour to go set up Namecoin and the only cost incurred was my time. I might go bill $100/hr to a client so lets say its $100 cost, well, that $100 cost, over the next, say, 12 months, Im going to earn something like, I dont know say, 12 times maybe $5/month. Im not going to make that back; Im not even going to bother. Will I make it back in Bitcoin? Sure. OK. Now, lets go do 1000 sidechains. Well, there is no incentive for me, as a small miner, to mine all these little chains. [28:52]
SM: With any kind of mining, the value or the price of the coin is always a wild card, right? For instance, if you set up to mine Namecoin with merge mining and then suddenly theres a rally in Namecoin a few months from now and youve been holding Namecoin, then it would be worth it. You just dont know that in advance. [29:11]
PT: Oh, sure. [29:12]
AA: Then youre not a miner, youre a speculator. You might as well buy Namecoin, in that case and it might be faster. If you were going to spend an hour of your time, earn $100 from your client, use five of those dollars to buy Namecoin and youve got the same advantage. [29:24]
SM: Sure, OK. I see that, yeah. [29:25]
PT: In the big issues that well... if mining these sidechains does have a positive return and say there are 1000 of them and they all earn, for me with my amount of hashing power, $1 each, I still cant, for me as a small miner, justify installing all the sidechains. The network (??) is still not positive but if I mine at say BTC (??) 25% of the whole hashing power, yeah Ill go make a lot more money. Im going to go move to bigger pools so I can take this overhead cost, which is fixed, to mine at all and spread it out a whole lot of people with hashing power. [30:04]
AL: Interesting. In a mining pool you only have to run one full node per pool as opposed to for individual miners where they have all the same cost of being a pool, basically... thats very interesting. [30:16]
AA: Or a P2Pool where its like solo mining only pooled. You still have to run the full node. [30:21]
AL: Right. [30:21]
PT: Yeah. [30:22]
SM: Its like an economy of scale. *30:24+
AA: Which then leads to centralization so merge mining creates an impetus for centralization because youd rather go to a pool that does all of the overhead for you. [30:33]
PT: Thats absolutely true. *30:35+
AA: Wow! Thats very interesting. *30:37+
AL: OK, so what else about these things. [30:40]
AA: How does this connect to sidechains and some of the other technologies that have been proposed? [30:44]
PT: That idea with sidechains is you have a separate blockchain that is somehow being kept secure and you create a protocol by which you can go securely move value between one chain and another. By securely, what I mean is on the Bitcoin side of things, you go provide Bitcoin with a proof that some amount of hashing power claimed that that transaction happened, to go move value back and the same way as the other way. Now, Bitcoins quite secure so moving value to the sidechain, from a sidechains point of view thats certainly secure, although you do have the problem that when youre moving value back, its not feasible to necessarily provide a full proof that in the entire history of this blockchain these coins were moved around according to the rules and eventually ended up being moved back to Bitcoin. What youll actually do, and whats being proposed, is provide whats called a SPV proof or Merkle path and... [31:55]
AA: This is Simple Payment Verification... [31:58]
PT: Exactly. [31:58]
AA: ... is the same protocol used for lightweight clients, so instead of carrying the full node verification of every block back to the genesis block, instead what youre doing is simply providing a path that shows sufficient confirmation within the other blockchain, the other sidechain. [32:13]
PT: Thats absolutely true. I mean, explaining SPV a bit, its important to remember that I have an Android phone, I have an SPV wallet and its only security is that it knows that the longest blockchain claimed that some coins were given to me. It does not check where the coins came from; it does no verification at all. It just assumes that whoever is mining the longest chain is honest. [32:42]
AL: Isnt that the assumption of the Bitcoin network? *32:45+
PT: No. If you run a full node, your node checks every single block and if they try to lie to you, from your point of view, theyre just not mining Bitcoin. *32:55+
AA: Its important to understand this. This is critical. This is the difference between height and depth in blockchain. When youre running a full node, lets say were currently mining block 290,000, right? Your node is checking the height of that blockchain, the block thats in there and its transactions and is validating, from that height of 290,000 blocks, all the way down to the genesis block and linking the entire chain and making sure that every component of it is part of a valid transaction. When youre doing Simple Payment Verification, youre looking at it from a different perspective. Youre saying How deep in the blockchain, from the longest path, is my block. Youre saying right now, this is what we call confirmations, youre saying Well, since that thing was given to me in a transaction, ten other blocks have been piled on top and Im relatively certain that ten blocks of weight above it, or height above it, which is really how deep it is embedded in the longest chain, that gives me some level of certainty that all the miners who looked at this and layered ten blocks above, thats the trust I have. I have ten blocks deep of trust, instead of having 290,000 blocks high of trust. Thats a very different proposal. *34:17+
AL: OK. If I am running a Satoshi client on my computer and Ive downloaded the blockchain, am I running a full node, even though Im not mining? *34:25+
PT: Absolutely you are. [34:26]
AA: Yes. [34:26]
AL: OK, great. Terrific. [34:27]
AA: You essentially have 290,000 blocks worth of trust in that chain. [34:34]
AL: This is a light client problem. [34:35]
AA: Exactly, exactly but now that applies to the mining of sidechains. [34:39]
SM: Fewer and fewer people are running full nodes. Isnt that right? *34:44+
PT: Absolutely. [34:44]
AA: Weve seen a precipitous decline, in fact, in the last three months. I dont mind but I run a full node on a couple of cloud computers just to contribute to the verification of the network. Thats the kind of thing that you would do as a volunteer. Very few people will do that. [35:02]
PT: Its important to note that when you say youre contributing to the verification of the network, thats kind of a bit of a misnomer in many ways because its not like you finding that something is wrong, actually automatically gets to the network. [35:14]
AA: No. [35:15]
PT: Your node just rejects that block and says I dont know what the hell theyre doing but... [35:18]
AA: Right. [35:19]
PT: Thats true. *35:20+
AA: You need mining in order to do that. [35:22]
PT: Yeah. Other technologies maybe possible in the future where your node might, say, produce a compact machine readable proof but they dont exist yet. Also, theyve got their own problems, not least of all, what if some fraud goes unnoticed for a week, someone produces a proof finally and Oh shoot. Now what do we do? [35:42]
AA: Yeah, you cant unroll everything thats happened in that week easily, without disrupting a lot of other transactions that depend on it. [35:49]
PT: Thats absolutely true. *35:50+
AA: Right, so youre saying that when you move something from a sidechain back into the main Bitcoin blockchain, the problem is that that move requires a proof of hashing power to verify the transactions that happen in the sidechain. [36:06]
PT: Yeah. [36:06]
AA: There isnt the depth of hashing power in some of these sidechains and youre only providing a simple proof thats based on depth, instead of height. *36:17+
PT: Heres a very concrete, pragmatic example. Lets pose for a moment that someone decided to implement Zerocoin as a sidechain. The way that would work is the Zerocoin protocol would be merge mined with some percentage of the hashing power. For the sake of argument, well say 50%, so it is secure but BTC Guild and maybe one other big pool gets hacked and for the next three hours, they end up producing some invalid Zerocoin blocks. Invalid Zerocoin blocks claim that all these zerocoins were spent and moved back to the main Bitcoin chain. All these bitcoins that are just held in stasis, waiting for bitcoins to be moved back from the sidechain, now theyre released off into Bitcoin again. When this gets noticed, and the Zerocoin chain gets properly rewritten, there are no more Bitcoins so they cant withdraw the money anyway. That one event, a hack of just a few hours, has permanently destroyed all of the bitcoins associated with this sidechain. [37:26]
AL: Its able to recover the bitcoins, even though its invalid work... [37:32]
PT: Yes. [37:32]
AL: ...because there is an incentive... [37:36]
AA: Sidechains expose you, potentially, to an attack on the weakest chain in the link of sidechains, that is accepted in Bitcoin because if you can attack the smaller hashing power, that is part of the merge mining for that sidechain and then export the effects of that attack into the larger Bitcoin, youve essentially achieved an attack with a lot less hashing power than would be required to attack Bitcoin full on. [38:09]
PT: To be clear, this isnt an attack on Bitcoin. If you hold bitcoins, your money isnt getting inflated, youre not losing any but Im saying... *38:18]
AA: No, but its an attack on money transferred from the sidechain. *38:20+
PT: Money goes to the sidechain, but its held in stasis until there is a proof that the money should then come back from it. It moves to the chain, where say Zerocoin transactions can happen and then it would go move back, based on SPV level proof that the Zerocoin chain now says money can move back. [38:42]
AL: Bitcoin transactions are irreversible, so once its been done, all you need to do is just even... so it might not even take hours, it would just take as long as it takes to get them to release and then youre... *38:51+
PT: Yeah, yeah. [38:52]
AA: Doesnt that introduce a problem with the fungibility of the coin, essentially, creating two classes of Bitcoin? Bitcoin thats always been in the Bitcoin blockchain and only the Bitcoin blockchain and Bitcoin that is of a somewhat lesser status because its spent some time in a sidechain and had a bit less proof on it and, therefore, might be somewhat suspect. [39:10]
PT: The idea there is not that its actually really spent time in the sidechain, rather it served as a backing to the sidechain. [39:18]
AL: Yeah. [39:19]
AA: Right. [39:19]
PT: Its like the gold in the vault... *39:20+
AL: Yeah. [39:21]
AA: Right. [39:21]
PT: ...that the bank notes are printed on. [39:22]
AL: It never actually leaves the (??) blockchain. [39:24]
AA: The problem is when Germany asks for it back and you cant produce it because the sidechain transactions didnt actually happen. It was sitting in the vault but then when Germany asks for it back in the main Bitcoin thing, you cant deliver it. *39:35+
PT: Yeah, yeah. Heres a great real world (??) well go say the US government and the German government, for once, they both now have vaults full of gold that are supposed to back the currency. A bunch of gold gets moved to Germany and a bunch of paper notes get created based on this and move around the economy and someone goes up to the Germany bank and says Hey, look. See these paper notes? I want my gold back. The German bank follows the rules and gives them their gold back. It turns out they were counterfeit and if you own German notes, now your notes are no longer backed by gold because someone managed to go steal them, based on a fake proof. Its the same thing with a sidechain system while it may be backed by bitcoins but when its attacked, its no longer backed. [40:24]
SM: Right. [40:25]
AA: This is an edge case, obviously, which occurs in particular scenarios. Its not the general case. How do you protect against those kinds of edge cases? How can you make it more robust as a system? [40:36]
PT: The proposal has been that, from the sidechains community, has been that we go have a quiet period, where we go spend, say, a day accumulating miner proof that this was the true chain and this is really agreement. [40:56]
AA: Thats not unprecedented, thats similar to what happens with mining rewards which have 100 block quiet period, where they cant be spent. *41:04+
PT: Or another example, if you try to go deposit feathercoins at an exchange, theyre not going to give you any bitcoins for a good day. [41:11]
AL: Why is that? [41:14]
PT: Feathercoins been 51% attacked. *41:16+
AA: Frequently. [41:18]
PT: Yeah, frequently. [41:19]
SM: Same thing with Terracoin, there was that time warp thing. If you deposit feathercoins at an exchange, theyre not going to give you bitcoins because Feathercoin has been 51% attacked a few times. [41:28]
AL: In the past, this has proven to be something where you shouldnt allow withdrawals quickly because its proven to be a danger. It seems like this is much the same here. *41:37+
PT: Although, it can be even worse than that because the protocol is just a dumb protocol. Its proof of work and it moves coins around. What if I go decide Alright, Im going to go use my pool to go and attack Zerocoin because I think anonymity is bad. I go up to GHash.io or something and I throw them some money and say Alright, Im just going and mining this sidechain but dont publish the blocks you find. If I can go get a majority of hashing power there, I can go mine in secret and I can go back to the Bitcoin chain and say Hey look, give me these coins. The Bitcoin chain will potentially respond and give me these coins. Now you have two chains and there is no good (?? programmable) way to respond there. [42:31]
AA: Hang on a second. This would be an example, similar to the selfish mining paper we saw a while back, where youre mining but hiding those blocks. In the case of the selfish mining paper, you were publishing them on the main blockchain, but what youre saying here is you publish the proof on the sidechain where youre moving the coins, but you dont publish it on the sidechain you were originally mining, so you create a discrepancy in the records, in the ledger. [42:56]
PT: Yeah, yeah, or it could do the other way round which is to go and give the Bitcoin blockchain the proofs that some mining was done but never actually publish the blocks themselves, essentially, proving to the Bitcoin chain that blocks should be taken out. Meanwhile, other people are trying to mine along but not seeing any proof. You can try to further hand wave around saying Alright, well make reorganization proofs to go prove there were two chains at once. I could also go destroy the chain by deliberately mining a reorganization at the same time... like, it just keeps on going. Yeah, you can go come up with a lot of solutions but there is a lot of fragility here, a lot of complexity and fundamentally, none of these solutions really work unless you have the majority of hashing power, but, weve already said, if you have a majority hashing power, weve made pools more centralized. [43:45]
SM: Yeah. This is really good to point out. (Laughter) [43:53]
AL: OK. [43:54]
______________________________________________
ADVERT:
EasyDNS is the Swiss Army knife for your domain names. Helping meet their customers individual needs since 1998. EasyDNS has been an outspoken critic of SOPA and CISPA. EasyDNS was an early supporter of Bitcoin and now they are proud to sponsor this show. Do business with a company that shares your values. Get a 13% discount when you pay with Bitcoin. Go to Bitcoin.EasyDNS.com and be sure to use discount code LTB. [44:34]
ANNOUNCEMENT:
AL: Hey everybody, Adam B. Levine here. Quick question one of the user-created assets that Im working on is a charity coin that essentially acts as a global charitable rebate program. Basically, charities have monitor donation addresses and whenever somebody donates to the charity, they earn a share in a charity token thats distributed to all the people giving to these charities around the world, based on how many other people are doing it at the same time. The question is to you would you be more interested in charitable giving if you were getting back some type of token that could then be used at fundraising events or auctions or things like that, as charities sometimes do, or alternatively, could be sold on the market? Leave a comment at Forums.LTBcoin.com or leave a comment at Letstalkbitcoin.com on Episode 104. Back to the show! [45:23]
______________________________________________
AL: I assume that youve articulated these concerns to the other side of the issue? *45:31+
PT: I have. They tell me that theyre working on a White paper which will address them but this is based on what I publically know. [45:39]
AA: This is an ongoing discussion, as with all of these proposals and this is great because that kind of scrutiny allows the problems to be better articulated and to get clarity. [45:49]
AL: What do you think about the problem theyre trying to solve? What do you think about the concept of sidechains in general? Do you think theres a problem to be solved here and this just isnt the way or that this is just a strange path to go down? *46:00]
PT: After all, Ive got my own competing idea called tree-chains which works differently but has very, very close similarities on a lot of levels as well. [46:09]
AA: If we take away the how you do it, underlying this idea of why people are interested in sidechains, is essentially the fluid exchange between coins to create a more unified and homogeneous set of currency baskets essentially, that allow us to ignore the differences between coins on a technical level and use them very fluidly and interchangeably. Youre saying you have a different how for the same why? *46:39+
PT: Yeah and I would also go further. To me, its not just coins that excite me, its new systems of transactions, new systems of auditing and new systems of publishing. Youve got to remember, Bitcoin can move value around, Bitcoin can move value around that happens to represent a lot of stuff, but you can also go use Bitcoin to go audit things by going and forcing people to publish results of audits. You can do things like make better decentralized publication platforms by ensuring that you actually see what may or may not have been published. [47:13]
AA: This is using the full power of decentralized ledger, proof of existence, cryptographic proof of state of systems in a consensus, regardless of currency. [47:24]
PT: Yeah, yeah. The way I see it is all these systems has... proof of work consensus is always more secure if its bigger. The fact is, every single system in this whole space should be working together for security. We should not have 100 different little altchains, with their own little bit of hashing power. Thats not secure. We should have all this stuff working together. Sidechains, I think, was an attempt at that and the merge mining was an attempt at that, but to do that, we also cant go and wreck the security by making things more centralized. [47:57]
AL: How does what youre doing accomplish decentralization, the way that they havent been able to? [48:03]
AA: You want decentralized unification. [48:05]
PT: Well, I guess I better explain tree-chains. [48:08]
AL: Sounds like it. [48:09]
SM: Yeah. [48:09]
PT: Ill actually start by explaining how embedded consensus systems work and this is your Mastercoin, your Counterparty and, to a lesser extent, your Coloredcoins. The idea there is given a set of data that you know was provably published in some order to some audience, a great example is the Bitcoin blockchain - anything in it has some very well defined order, I know exactly who had it, the mining community and I can go take that data and then apply my own rules to it. Mastercoin does this by taking special Bitcoin transactions that have had data encoded into them, extracting that data and saying OK, were going to create a new system that has new rules, based on top of that. [48:58]
AA: Weve spoken about this before. We talked about the hierarchy of knowledge which is the fundamental concept within the blockchain is not only that everyone knows how the rules work but that everyone knows that everybody else knows how the rules work and apply them in the same way and that everyone knows that everyone knew that, at the time. Those three layers create that shared knowledge, so when you publish something in there, you know that everybody else saw it, that everybody else validated it, that everybody else accepted it as true, which gives you the state of that time. [49:28]
PT: Lets see I claim that those three statements actually are somewhat independent of each other. [49:39]
AA: OK. [49:40]
PT: Ill give you an interesting thought experiment. Imagine if in Bitcoin, miners didnt validate. Any transaction you published, theyd go put it in the blockchain, they didnt care what it did. [49:50]
AA: So its just a time stamp. Its just a distributed time stamp, nothing else. *49:54+
PT: Not a time stamp, a proof of publication. [49:56]
AA: In this specific order and time. [49:58]
PT: Yes. Now, if youre running a full node, obviously a full node can just go through a blockchain, throw away the invalid transactions and come to consensus. In Bitcoin, using this model is completely secure. Its interesting that if you have that model, not only is it secure, but I can have two different systems running on top of it and theyre both contributing to the same security. You may want to have standard Bitcoin transactions, I may want to have Zerocash transactions. [50:29]
AA: This was one of the arguments I heard levelled as a criticism of metacoins like Mastercoin and Counterparty was that, while theyre transactions have been mined and time stamped and put in order into the blockchain, the clients that mined them didnt validate them. That was criticized as a Well, that doesnt count. Youre saying this is a feature. Youre saying We dont even need this for Bitcoin transactions, we can just get the order time stamped and then solve the transaction chaining on a per node basis, at a later time once you have an established order thats verified. Thats a very interesting perspective. [51:10]
PT: Yes, yes. Going back to what we were talking about SPV. With SPV... [51:14]
SM: Sorry... hold on...one sec... [51:16]
AL: Yeah sorry, I think youve lost both Stephanie and I here. *51:18+
SM: Yeah, sorry were not very technical. We just want to understand. Why would you not want somebody to validate a transaction? [51:29]
PT: Remember we were talking about SPV and how with SPV, essentially, youre trusting miners to validate for you? [51:36]
SM: Yeah. [51:36]
PT: If they lie to you, youre going to trust them and youre going to accept coins that dont actually exist. What Im proposing with this client side validation is really what Bitcoin users already do if theyre using Bitcoin in the most secure way, which is to run a full node. [51:56]
AA: They validate everything down to the root of the genesis block. The difference is that if you expect the miners to validate and you depend on the miners validating, you get a side effect which is rather damaging, and that is that if you want to make a change, or if you want to introduce something like Mastercoin, they cant validate it, they dont validate it, they dont include it, so you have no way of doing that later. If you just have them add everything and all theyre doing is recording, then you have the option of how you validate things later, at a different layer which opens the door for validating a lot more while still depending on structured ordered recording at the mining. [52:39]
AL: OK, I think I understand. The interpretation moves to the individual client side, so each individual user is interpreting for themselves, as opposed to the miners doing it all, the miners no longer are doing the interpretation. Theyre just doing the recording, so theyre notaries, basically. [52:53]
AA: Let me give you an example. Lets say you were writing a ledger of transactions and instead of doing it in English, youre doing it in Mandarin and you have no idea what the transactions say, but what you do is you just write down the Mandarin characters as they come through, you time stamp them, you put your signature next to it, then you rely on someone who, somewhere else, gets a copy of this ledger, reads the Chinese, understands the Mandarin and knows what this transaction means, but more importantly, they see your signature and they know when it got into the ledger and they know that it was, in fact, introduced at that time. You dont even need to understand the Mandarin. All youre doing is validating; youre narrowing the scope. Youre no longer validating you understand the transaction, youre simply validating that it existed. Youre doing proof of existence only. [53:36]
AL: OK, but doesnt this bring us back to the scalability problems that individuals have running full nodes? I mean, I was speaking with a miner, Kimber (??) today... [53:44]
SM: I was going to ask a similar question. Isnt there a cost to doing that notary service to record all the transactions? [53:50]
AL: No, no. The notary service is... thats carried by the miners. The miners already have that cost. The miners actually do less in this system. The miners just do the notary side, they dont do the verification side, so you can imagine that Visa has different sections. To this point, miners have been everything, now were dividing them into miners over here doing notary and users over here doing actual verification. [54:11]
AA: And chaining. [54:12]
AL: And chaining. [54:13]
SM: Both of those have costs to them, so whats the incentive to notarize and whats the incentive to verify the transactions? [54:23]
AA: Great question. [54:25]
SM: Whats required to do that? *54:25+
PT: The incentive to notarize, in a pragmatic system like this, you would end up in reality having some really, really basic layer to just move a bit of value round and thats just so you can go pay a miner Look, go publish this for me. [54:37]
AA: We already have that, thats Bitcoin and it works already so you can do it for the basic Bitcoin transactions. [54:42]
PT: Exactly, now in terms of the other part of scalability as well, I want to go have an Android wallet, thatd be lovely. I like this. I just want it to be secure. Coloredcoins is a great example thats because people always say Coloredcoin is not SPV compatible, its not efficient, yada yada yada... but hang on a second, if Im giving you a Coloredcoin, all I actually need to do is prove to you that that coin existed. I dont need to go prove to you that all other coins exist or that their valid or anything about that. You actually just need a very small subset of the total data of the system. [55:18]
AA: Youre talking about doing validation all the way down to the genesis of the Coloredcoin, so its not just a partial SPV, but it still ignores all of the other metadata for all of the other things that are going on. [55:31]
AL: I think its even more specific than that, right? Its like, I have some inputs in my wallet and I get some transactions and the only transactions that my wallet cares to verify are the ones that it thinks it got. Everything else... so you, basically, trim out 99.9999% because your fraction is the only part that you care about. [55:53]
AA: How is that different from SPV? [55:55]
PT: SPV wallets dont bother doing that. *55:57+
AA: They dont even do that. *55:59+
PT: No, they dont. *55:59+
AA: They just depend on... [56:00]
PT: They could if they wanted to. If we were in an eco-system where they were designed to do that, I think wed be in a much better state than we are. They dont. *56:09]
AA: Let me ask you... one of the criticisms of doing that in the lightweight manner, is that Im assuming that in order to do that, you would need to retrieve a chain, a Merkle tree, that takes you all the way back to the root of that Coloredcoin, so you can validate it. In trying to retrieve that tree, say with a bloom filter, or something like that, youre revealing to the world information. Theres a privacy implication here and theres been a lot of work among the developers here to say How can you say I want to learn about this transaction without telling everyone I actually own this coin? [56:44]
All agree.
PT: Heres an interesting model and this looks like it will probably implemented first on Coloredcoins is, when I go give you some coins, I can go give you a bit of proof. You dont need to go to the rest of the world and get that proof. I can go give you that. [57:01]
AA: Right, so you transport it so its self verifying. *57:04+
PT: Yes and thats actually what were moving towards with the Bitcoin payment protocol. [57:09]
AA: Thats part of the proposal for smart property too. *57:12+
PT: Exactly. [57:12]
AA: From what I remember, is that you hand the property and the Merkle chain that proves its chain of ownership. [57:19]
PT: Yeah, sure. [57:19]
SM: Whats a Merkle tree and whats a bloom... what did you say?... filter? [57:24]
AA: A Merkle tree is basically, simply describing a path from the current state of the system all through its history, narrowly defined as just the path of those coins as they changed hands, in a way that you can validate it. Rather than saying heres the entire blockchain, its heres a tiny branch of it, but its a branch that walks down just this specific asset thats been transferred. [57:49]
PT: Its a map. *57:49+
AA: A Merkle tree is a data structure, a tree of hashes but, essentially, its just a map, exactly. Rather than giving you the entire city, Im going to say start here and if you turn left, turn right, turn left, turn right, youre going to end up at the origin of these coins and now you know they arrived here correctly. You dont have the full map of the city. *58:11+
AL: Even without that, there are no security trade-offs for sacrificing everything but that one path? [58:20]
PT: I guess I should say if you have the path for your coins, yes, there are no security trade- offs because you dont care whether or not anyone elses coins werent valid, you just care that your coins were valid. [58:35]
AA: A bloom filter is basically... its almost like a search query but based on probability, so you say Tell me everything you know about this address but instead of saying this address, instead you provide a data structure that matches it to a probabilistic level. That way, the other person can give you the search results without knowing exactly which address you were asking for. They just know that when you did this search, this result matched at 99%, so it must be one of the things youre interested in, but I dont know what you were interested in but here it is. [59:13]
SM: Its like looking at a neighbourhood instead of a specific address or something like that. [59:17]
AA: Right, exactly. Youll go out and say Im interested in this zip code and the zip code is a bit more specific than the entire map, but its not as specific as a single address. Yeah, thats a great way of describing it; its like a neighborhood. Of course, its a much bigger data structure and it has a much broader range. Its a lot harder to find from the zip code you asked for which address you have. [59:43]
SM: Right. [59:43]
PT: Now that weve this concept of client side validation and having subsets, I think then the next obvious question is why does it need to be one monolithic block? Cant we split up this block into something a little smaller than an entire megabyte? What if we, say, made the block itself into something more like a tree, and let miners work on different parts of this? [1:00:09]
AL: When you say let miners work on different parts of it, do you mean work on different parts of it simultaneously? [1:00:16]
PT: Yes. [1:00:17]
AL: You could have multiple blocks going at the same time, each with different transactions included? [1:00:26]
PT: Remember when we were talking about merge mining, imagine you had a system where you had a root blockchain and its a linear blockchain just like one block follows another, follows another, but well have a rule where were allowed to merge mine two blockchains under it; a left and a right. [1:00:47]
AA: Like branches. [1:00:48]
PT: Yeah, and then we go say transactions with a unique identifier starting with bits for the first bit set to 1 are only allowed to be in the left blockchain, and the bits set to 0 are only allowed to be in the right blockchain. In the top blockchain any transaction can be in there. We can repeat this rule one step down. The prefix that it has to match, that were restricting where transactions can go, just gets longer and longer. [1:01:20]
AA: And it becomes a path. [1:01:21]
PT: Yeah. [1:01:22]
AL: Do miners select this? Is it a conscious choice to pick a particular branch that youre mining on theres more risk reward or is it just something that happens? *1:01:32+
PT: Its absolutely a choice but its a choice thats meaningless because transaction IDs are pretty much random. [1:01:40]
SM: Could it ever be chosen based on something that wasnt random, like mining for multi- signature transactions and certain kinds... [1:01:50]
PT: You certainly could, but I think this works best when you just have everyone contributing equally to the whole thing at random. The beauty of this is so if youre a miner, and we have this big tree structure for the blocks, now you only need to process the data for one half of the tree. Thats a fixed amount of data, it is not the entire system, yet all of our actions together create a much larger system. [1:02:15]
AL: What happens to the block reward in an environment like this? Right now, block rewards are giving... right now 25 bitcoins to a single miner, which is a pool and then its distributed out from there. What does this do? [1:02:28]
AA: Is this related to GHOST? [1:02:29]
PT: No. [1:02:30]
AA: OK, but it sounds similar in some ways. [1:02:33]
PT: The thing with GHOST is its about taking blocks that were orphaned. This is about spreading the load out so were not going to have that problem. *1:02:44+
AA: Does the distributor reward in the same way that GHOST does? [1:02:47]
PT: No, what Im thinking is to if your top blockchain is the full difficulty, you go a level down and you can go make each half the difficulty because half the miners are working on one side and half are working on the other. You go a level down after that and now, were into quarters. Theyre each working on the left, left chain or the left, right chain and so on. [1:03:11]
SM: Because the miners would be specializing more, then they would be able to mine at lower difficulty and it would decentralize mining more? [1:03:18]
AL: Its like random specialization. *1:03:20+
PT: Yes, yes. [1:03:21]
SM: Yeah. [1:03:22]
AA: Yeah, thats interesting. *1:03:23+
PT: If we all work together randomly working on bits, the sum total is that we still move the blockchain forward, and yet if Ive got, say, a GHash of mining power, Im still going to find a reasonable number of blocks, say, 5 levels down or 4 levels down. Ill occasionally find blocks 3 levels down and even less often 2 levels. Sometimes, Ill even go find the top block and if the reward is split across those in decreasing amount, on average, I still end up making a reasonable return and my variance is low, so I can mine profitably without involving a centralized pool. Im also contributing equally to the security of this entire system. [1:04:04]
AA: How deep can the tree go? [1:04:05]
PT: As deep as you want it to go. [1:04:07]
AA: In that case, I could be solo mining 64 levels down and still have a possibility of getting some, so the pool is now part of the data structure rather than part of a protocol? [1:04:17]
PT: Yes. [1:04:18]
AA: Essentially, its expressed as a distribution within the data structure rather than a distribution of nodes on the network. [1:04:23]
PT: Yeah. Another way to think about it too is that this is giving you a trade-off between security and scalability. Sometimes, you need to go publish data to the entire world. If youre moving a lot of money, you can go pay a bit of fees and you want this to be absolutely secure. Conversely, at some point, obviously youre going to get to the point where there is only one miner actually mining some chain, like 12 levels deep, 16 levels deep, whatever it takes and thats not going to be secure. In the same way that eventually, an altcoin isnt secure but theres a catch. Unlike an altcoin, you can then go say the rule is if this block up here gets reorganized, you can say its children also get reorganized, which means that now even though not the whole system saw some block, say, 16 levels deep, the time ordering is still secured by the whole system, which means if I want to accept payment from a block thats not very secure in of itself, I can just wait until its influence kind of propagates up and it cant be reorganized out, then its sure that when those coins got spent, there is no way theyre going to be unspent without a much more difficult block getting reorganized and so I can (??) [1:05:48]
AL: Even if its included in a really low level insecure block, like 16 levels deep, because it eventually migrates up because its part of the bigger picture... *1:05:58+
PT: Yeah. [1:05:58]
AL: ...over time, as blocks further up are found, it will be included and essentially, confirmed into existence even though, at the beginning, its unsafe. [1:06:06]
PT: Yeah, yeah, and if I have proof going back in time, I can go give you the proof that yes, those coins really were securely moved to that chain, they were not attacked, you can now trust this and you can then give that proof to someone else. [1:06:20]
AA: Does the tree of blocks, as its being mined, do you need to have completeness or can it be sparse? [1:06:29]
PT: It certainly can be sparse. [1:06:31]
AA: Essentially, not all branches need to be mined and if some branches are not mined, whats the impact of that? *1:06:37+
PT: Nothing. It just means that some transaction (??) [1:06:42]
AA: What about transactions that are in them? [1:06:42]
PT: It just means that if you are using a transaction thats in some block, by the time it gets sparse enough, no one really cares about it. It gets to the level of individual miners. You might have to go give some miners saying Could you go somehow get this mined? Usually, youd really go use it in a way that youre still at a level that has a decent amount of mining interest. [1:07:05]
AL: Ive had to do that before, in practice, with Bitcoin. Ive had to send a transaction that got... it took like a week. I sent it to a mining pool and they were able to include it very quickly. [1:07:17]
PT: Yeah, yeah. Its not unlike that kind of trade-off. [1:07:19]
AA: That means that, essentially, that gives opportunity for a much more fluid market for fees and for mining power, so you can dial in how much fee you want and how much mining power you want, which means you could have micro-payments chains within that, where you do that trade-off between time to completion and security. [1:07:42]
PT: Yeah, yeah. When it gets down to it, its like the usual criticism Bitcoin for micro- payments is why does the entire world need to know that I bought a coffee? With tree- chains, the entire world doesnt. We go pick some security trade-off thats good enough, but its much better than it would normally be because were all still working together in this. [1:08:02]
AL: I recently, this morning, I had a conversation with Rassah from Mycelium wallet and theyve got an interesting feature built into their local trader set thats a confidence graph, they call it, that deals with message propagation. When I send a transaction to you, usually, before youd feel comfortable, usually wed have to wait for a single confirmation at least. Even then, it would be better if we could wait for more, but a single confirmation is kind of the standard for person to person stuff. What this confidence graph basically does is it tracks the transaction as it goes through the entire global network. Once it has essentially, permeated the network, then you can have a pretty high... and it confirms that theres a fee and there are some other things in there... then theres a very highly likelihood that, even if its not included in the next block, it will be included in a future block just because its sitting everywhere, waiting to be included in a block. It seems like with tree-chains, this would work even better because, again, its just a notary system and once it gets past the mining layer, which is the notary layer basically, its already in there and its just waiting to be processed, whether that takes a minute or a day. Am I wrong on this? [1:09:12]
PT: Yeah, I think you are. [1:09:12]
AL: OK, OK. (Laughter) Please correct me. [1:09:15]
PT: I think this always comes down to the issue of when is something confirmed. Confirmed is kind of this sort of loose concept. [1:09:23]
AA: Its probabilistic; its not absolute, black or white. *1:09:26+
PT: Yeah, and its even worse than that. If its never been in a block at all, its not only that its not black and white; its not even a shade of grey. We dont even know what color it is, per se, we dont know... *1:09:38+
SM: Right. You dont know when it will be more... what the probability will be over time, yeah. [1:09:43]
PT: ...there is no... it could be up to any sort of thing. I mean, I may be a hacker whos hacked into some pool and changed the rules by which they confirm transactions. Maybe I accept the one with the higher fee because Ill make more money that way. Thats not against the rules of Bitcoin, its against what the default client does, but you can certainly argue there are a lot of good reasons to do the opposite and go just take whatever transaction pays whatever fee. [1:10:07]
AA: I believe Eligius does quite a few things that are not part of the default client and accept transactions that are not part of... not quite... in order to increase the diversity of that opportunity. [1:10:19]
PT: Yeah, yeah. I mean, Ive gone and argued to a lot of miners that it would actually be very smart if they changed their policies to mine the highest fee, precisely because we dont want to get in a situation where weve set a precedent that miners have an obligation to go keep unconfirmed transactions secure because its an unconfirmed transaction, you dont even know really if its been round the network. You dont have any proof about anything about it. Mycelium, they probably have a bunch of nodes around the world, but how do they really know that their nodes represent the actual Bitcoin network trouble is, they dont. Maybe there is a parallel Bitcoin network; you just dont know this stuff. You dont really know how data gets around. [1:11:06]
AA: The only thing you do know is proof of work and increasing difficulty in the blockchain. Thats the only guarantee. *1:11:12+
PT: An interesting thought experiment would be imagine if there was some way to be sure that after I publish a transaction it got to everyone reliably, couldnt I just go have a system based on - you know I cant double-spend you because you ran your Mycelium radar, or something, and it got round to the world. Everyone knows it. You dont need mining. If that was secure, you wouldnt need mining, but you need mining because you have no way of knowing whether or not the transaction was actually published. [1:11:42]
AL: Then again, youre talking about fringe attack cases, basically, and I think that he made a point of mentioning, Rassah made a point of mentioning to me that the graph never gets to 100%; it stays at 99% and thats where it maxes out. *1:11:55+
PT: This gets back to my comment of how its not black or white, or even grey. It may be a fringe attack case today but tomorrow the situation can completely change. [1:12:06]
AA: Yeah, a fringe attack case becomes a bot thats doing it 1000 times a second. We saw that with transaction malleability. It was a fringe attack case for two years and then we had to fix it because it happened to be the main thing that was happening on the network. [1:12:22]
PT: I could go spend $1000 and fire up 500 Bitcoin nodes on Amazon EC2 and very quickly change the rules that the network (??) follows. One of the rules could be that if Mycelium wallet is connecting to me, I go give them a different mempool and someone else is connecting to me, and if I can identify Mycelium versus other nodes, theyll never know. [1:12:47]
AA: Yeah. Theyll see a lot of nodes as propagating too, all of which you control. [1:12:53]
PT: Or, I might just go up to some big mining pool and say You know what? It would be in your best interest if you applied replace-by-fee and they may choose to go hit the switch on that tomorrow. [1:13:03]
AA: Weve had a discussion here where we looked at sidechains and then we looked at some criticisms of sidechains, or perhaps some things that need to be thought about and we need to explore a bit further. Youve presented tree-chains to us, now Im saying hash include, criticism (??). Im going to throw in any criticism that you think youve heard or other people have discussed. Assume that I just voiced all the criticisms youve seen in your discussions, what are those? How do you address them? What are the weak points that people have concerns about? Giving you an opportunity to talk about some of those now. [1:13:48]
PT: In tree-chains or sidechains. [1:13:49]
AA: In tree-chains. In tree-chains, yeah. Then well get Austin and Adam Back and then they can actually provide those criticisms, post facto. [1:13:57]
PT: I think that the catch is that using tree-chains efficiently is certainly hard. It requires a lot of, if not clever cryptography, at least, in the same way as Bitcoin, it was quite clever about how it structures its data. You need to go have these proofs, you need to be able to go and show someone else that something was published in some chain and thats significantly more complex logic than Bitcoin, which is really dead simple in terms of how the crypto works. On the other hand, Ive also got to point out that sidechains has all those issues too and (??) on sidechains, those solutions apply equally well to tree-chains. A way to go think about moving value from one node in this tree to... one block in this tree to another is, well thats a sidechain. Ive proven that that money was taken out of that block and now should be resurrected here. All the same techniques actually apply, so Im kind of excited to see all the stuff were going to come up with, with clever crypto, but I think the underlying layer shouldnt be merge mining, it should be something like tree-chains. [1:15:07]
AA: So you can implement many of the same goals, using many of the same primitives but in a way that doesnt require merge mining. *1:15:13+
PT: Absolutely. Ill bet you 90% of the work in implementing tree-chains is going to be the 90% of the work in implementing sidechains. Its that 10% base layer thats actually my criticism. Thats all. [1:15:25]
AA: What requires a hard fork here? Both things require a hard fork, right? [1:15:30]
PT: No. [1:15:30]
AA: No. Neither of these require a hard fork? [1:15:32]
PT: Yeah, neither. [1:15:33]
AA: How does that work? How do you implement something like tree-chains and sidechains, without doing a hard fork, without changing the core protocol in Bitcoin? [1:15:40]
AL: A hard fork, to be clear, is a protocol change to Bitcoin. A change in the way the rules of Bitcoin work, as opposed to a soft fork, which is... [1:15:48]
AA: A non-backwards compatible change, not just a change but a change that requires all clients from that point on to follow the new rules because the old rules cannot see the new rules. [1:16:00]
AL: I see, so everyone must change in the event of a hard fork... [1:16:03]
AA: Must change. [1:16:03]
AL: ...versus in a soft fork, where they do not necessarily have to change; its backwards compatible. [1:16:07]
PT: To be clear, what a soft fork does is it tightens the rules. After the soft fork, blocks to the nodes running old rules, appear to be valid. In a hard fork, we make changes where the new blocks following the new rules appear to be invalid. The thing is that... [1:16:26]
AA: Lets give a specific example. Multi-sig and pay-to-script hash addresses any old client seeing a pay-to-script hash address... [1:16:37]
AL: Which is? [1:16:37]
SM: What is that? [1:16:38]
AA: ...pay-to-script hash is the multi-sig addresses that start with a 3. Before November 2013, an old client that saw a 3 address on the network would say What the hell is this? And drop it. It would be considered invalid. Thats a hard fork because when you introduce... [1:16:56]
PT: No. [1:16:57]
AA: That wasnt a hard fork? *1:16:58+
PT: That was a soft fork. [1:16:58]
AA: That was a soft fork?
PT: Yes. [1:17:00]
AA: But it changed... it created... [1:17:02]
PT: It did not. [1:17:03]
AA: OK, great. Lets explain that. Rewind. Back to (laughter)... Steve. (Laughter) *1:17:09+
PT: P2SH is a good example of a soft fork where, its called pay-to-script hash, we go take a script, which are the rules required to spend a bitcoin. [1:17:21]
AA: The best example of that is multi-sig. [1:17:23]
PT: Exactly. We take them and we hash it and turn it into a little number and then we go say Can you go provide me a script that hashes to that hash? If you can, and you can also meet the rules of the script, you can go spend the money. [1:17:38]
AA: A 3 address. [1:17:40]
AL: Something like escrow, yes? [1:17:42]
PT: It can be used for escrow. [1:17:43]
AL: With multi-sig, it is escrow. It is escrow that its controlled by more than one key. [1:17:48]
PT: Yes. [1:17:49]
AA: Its a 3 address. That 3 address doesnt represent a wallet, it represents a script and that script has rules for escrow, multi-sig escrow in it and if you can provide the script that has the multi-sig rules in it and the signatures that validate that script, then you can spend whats in a 3 address. [1:18:06]
AL: OK. [1:18:07]
SM: The best explanation Ive heard yet. (Laughter) *1:18:09+
PT: Heres the crazy hack that made it a soft fork. Its that we added a new rule to the Bitcoin protocol that said If you saw a script that consists of nothing more than hash of that data, then check if that hash was equal to an existing hash. Well perform that as it always would but then well also go and take the data and then run it, as though it were a script. [1:18:36]
AA: Right and that was a really nasty kludge hack. [1:18:40]
AL: I dont know this means. (Laughter) *1:18:41+
SM: What does that mean? [1:18:44]
PT: You have a node and I go give you a script that says Well, these coins can be spent if I provide you with a piece of data, that when hashed, happens to go match an existing hash. [1:19:04]
AA: The 3 address. [1:19:06]
PT: Yeah. Your old node looks at that, runs a little bit (??) thats fine. Why did you include all that other stuff there? But thats OK by the protocol, so you just ignore it and youre good to go. We upgrade that and we say If you see that, in that little, very specific form, well add a new rule, where then you go take that data, treat it as though it was another script and then go validate it, according to the Bitcoin script rules. You, the old node, that sees new transactions by this, you just ignore them. Theyre valid, from your point of view. [1:19:44]
AA: The new nodes open it up and say Oh, this particular script is a multi-sig and requires escrow. Now, I need to count two out of three signatures to validate this. The old node isnt seeing the multi-sig, isnt seeing the escrow, isnt seeing the two out of three, it just sees a valid address and it says OK, whatever that is, Ill just take it. *1:20:03+
AL: It seems like this is analogous to what Mastercoin or Counterparty do, basically, where theyve got this... you can send Mastercoins to a Satoshi client, the Satoshi client cant see them but the address still controls them at the point that you move from that to the... yeah, OK. [1:20:19]
PT: The key difference with Mastercoin is because its client-side validation. You dont need a soft fork, you dont need miners to do anything. *1:20:25+
AA: This is layering of protocols and this is separation of concerns, so in a distributed system, this is very much equivalent to a TCP client forwarding things to Port 80, and it doesnt know what those things are, but if you have a web client, it can take those Port 80 things and say Hang on, let me open this up. Oh, this is a web request. Now were going to send web pages instead. The TCP client doesnt need to know any of that detail. It can just forward things to Port 80, not knowing whats inside them. In the case of Mastercoin, the exodus address is the equivalent of Port 80 and the underlying Bitcoin client forwards them along, without understanding whats inside. The more sophisticated Mastercoin is running a layer above and can unlock that and do additional things with it. [1:21:08]
AL: Now I understand the exodus address a little bit better too. [1:21:10]
AA: Its your Port 80. Its the HTTP address. [1:21:13]
PT: Going back to tree-chains and sidechains, how do you go soft fork tree-chains or sidechains to add them? You simply go add new rules; you go say if you have a transaction that has a special format that to old nodes looks like just meaningless data... [1:21:28]
AA: Meaningless but valid data. [1:21:30]
PT: Meaningless but valid data... and by valid, all we mean is that the data was encoded in the standard push data to stack format. Now, the new nodes go say OK, thats a sidechains proof, lets go apply this proof, lets go figure out whether its valid. In the case of tree-chains, you do this implementation and its even easier. Its actually just merge mining. Its merge mining where the rules follow a particular pattern, so that the whole system can go work in this multi-level deep thing, but for the old Bitcoin nodes seeing only the first top blockchain, all they ever see is Yeah, I guess theres a block in it; had two more hashes in it. Maybe if money needs to be moved from the lower parts of the tree up, you use the sidechains protocols. [1:22:23]
AA: I think this goes well to prove the underlying theme of the last several years and of many of the conferences Im going to this is not a damn currency! (Laughter) This is not about coins; you are missing the point! These little discussions really show how far weve come from... even from the title of the Satoshi paper A Distributed Digital Cash System. Its absolutely no longer about cash. Its so much more than that, both in terms of the applications but even in terms of the complexity of the implementation and the amount of innovation thats happening here has nothing to do with coins anymore. *1:23:03+
PT: Id like to go make the analogy of the telephone network versus the internet. I think something like sidechains is not unlike the way how do we add features to the telephone network, we went up to the telephone carriers and said Look, can we do this? Can we do this? Its the same as going up to miners and say Can you merge mine Mycoin? Can you merge mine this coin? Whereas, tree-chains is more like the internet where we have this really, really, really low level protocol IP and if all you want to do is just be an internet router and move IP packets around, thats great. Go for it. The fact that theres a whole bunch of other stuff built on top of that, you dont need to know about, you dont need to care. If I want to go and experiment, I can and it works just as well as your experiment. It works just as well as your production ready token transfer system or your Bitcoin system. Who knows what youre doing, but it all works because the underlying system works. [1:23:59]
AA: Its important to realize that if you do the protocol layering well, you get two very, very important side effects. The first one is that you can preserve the neutrality aspects of the core protocol, which means that as long as its from A to B and some content, you dont need to understand what that content is, you simply deliver it. That allows the innovation to flourish within that system. The second one is that if you structure it correctly, the layers above do not affect what happens in the layers below. That way, you have separation; you have modularity. You dont have weird side effects happening. Thats critically important because then, the innovation can go completely at the edges and you can have all of these applications flourish. [1:24:44]
PT: I go work for Mastercoin, Counterparty and some other ones. The fact of the matter is, I dont actually care that much whether or not Mastercoin survives or Counterparty survives. What I care about is they were given a chance to test their protocol, to see if they could make it work and they had the security, so that they werent going to be killed off by a small group of people who might decide this is a bad thing. I want the space to experiment and I think people should have that shot at trying. [1:25:13]
AL: No more monopolies. [1:25:14]
PT: Yes. [1:25:14]
AA: Yes because even if we get Counterpoint or Mastercoin or any of these other things wrong, once you open the door for things to be built on top, someone else will build it right and there will be a marketplace for people to try all variations and decide what is right for them, without having to ask the permission of the underlying layer. Thats the really important argument thats been going on in the Bitcoin space for a while now. Thats why the ideas of spam and dust and bloat of the blockchain can be seen from two different perspectives. One, its bloat but on the other side, its an opportunity to open up all kinds of applications, without having to stress the core development team or to request protocol changes in the core layer. [1:25:58]
AL: Whats next for tree-chains? It kind of sounds like this is at the ideation level and I mean, youve thought about it and it sounds like its an interesting solution to a similar type of problem that sidechains are trying to solve. Hows it going? *1:26:16]
PT: Its a matter of sitting down with a pad of paper and working out the details. An interesting and exciting possibility is, for instance, Ethereum. You could actually go ship Ethereum as a tree-chain thing, with no scripting at all, crazily enough and add scripting in layers in soft forks. If you did watch the miner validation on top of this idea, alright fine, add it piece by piece. If you didnt, thats OK too. Equally, you can take the same idea and apply it to Bitcoin. Im not quite sure yet in what form the first pieces of code will be written, but I expect that to be fleshed out much more in the coming months. Simultaneously, whatever the sidechains guys do, their experimentation will feed into the crypto in understanding thats going to make tree-chains work, in the same way that Mastercoin and Counterparty. Their experimentation with the concept of client-side validation will feed into making tree- chains actually work, from a pragmatic point of view. [1:27:20]
AA: You could implement this, not only use this to implement Ethereum on top of Bitcoin, you could also implement tree-chains within Ethereum, for example... [1:27:28]
PT: Yeah, exactly. [1:27:28]
AA: ...as its own mining approach, or any of the altchains. [1:27:33]
AL: This has been a pretty mind-expanding.... owww! (Laughter) [1:27:40]
SM: Yeah. Does your mind hurt when it expands? [1:27:42]
AL: A little bit. (Laughter) Lots of brow furrowing this one, but... [1:27:47]
SM: This was cool. Thanks for explaining a little more detail for those of us who dont have the technical background. I hope the listeners will be able to keep up and I think they will be. [1:27:58]
AL: Yeah, I think that when we learn along so hopefully they... OK, Peter, you do lots of projects. If somebody wants to get in touch with you, whats the way to do that? If somebody wants to support your work, is there any way to do that? [1:28:12]
PT: Email me. [1:28:12]
AL: Email you. OK. As simple as that. (Laughter) OK. You want to give that? [1:28:17]
PT: Yeah, PeterTodd.org. [1:28:20]
AL: PeterTodd.org. OK, well I think that wraps it up for us this time. [1:28:28]
SM: Were done. No more conference. *1:28:29+
AL: Yeah, no more conference. Alright guys. This closes out our recordings at the Toronto conference. Thank you all very much for being here. Andreas. [1:28:36]
AA: Thank you. [1:28:37]
AL: Stephanie. Peter. Thank you very much. This has been... Im going to be paying attention to this and trying to continue to keep up with you. Its good work. *1:28:47+
PT: Thank you. [1:28:48]
AA: I think the feedback weve received, at least the feedback Ive received is that when we do more technical, more in depth episodes like the one I did in... the first one I did in Vegas with Adam, I think that was probably the most in depth one weve done, up to that point. People go back and listen to it again and again and again and try to decompress all of the ideas and Ive had so many people come to me and say, that was just amazing. Not only did I learn a lot of new things but in trying to learn those new things, I learned a lot more about Bitcoin than I ever thought. I think we can challenge the audience and the audience absolutely loves it. [1:29:24]
SM: Theyre going to be challenged. (Laughter) *1:29:26+
AA: They like that. We dont need to patronize our audience. We have episodes that are great for beginners and we need to give them the real meat and episodes that are great for people to expand their understanding. [1:29:40]
AL: Thats what we do is we try to... its a learning process. Were learning along with it. I think its always good to have the three of us here because we represent a range of experiences and contexts. [1:29:49]
AT: You have a good dynamic. You should do themed ones as well, like some more techie, some more social kind of stuff. [1:29:59]
SM: Sidechains, yeah sidechains of Lets Talk Bitcoin. *1:30:01+
AL: Yeah, sidechains of Lets Talk Bitcoin. (Laughter) *1:30:03+
SM: Adam, whenever you say youre going to make different podcast feeds, I say theres going to be a hard fork. (Laughter) [1:30:09]
AL: I think that wraps it up for this time guys. Thanks everybody. [1:30:15]
________________________________________
CREDITS:
Thanks for listening to Episode 104 of Lets Talk Bitcoin.
Content for todays show was provided by Adam B. Levine, Andreas Antonopoulos, Stephanie Murphy and guest host, Peter Todd Music for this episode was provided by Nils Frahm and Jared Rubens