Why Won’t Blockechain save the world? Gaps? What’s an alternative?/What Doesn’t go on blockchain?

From IIW

Why Won’t Blockchain Save the World?

Tuesday 3C Convener: Maria Vachino, Christopher Allen

Notes-taker(s): Kevin Marks

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Christopher Allen: I am deeply involved with blockchain but it is definitely overhyped. We really don't want to put identity on the blockchain - bitcoin is a permissionless system - no-one can stop you mining or transacting - on the permissioned side there are different groups that need permission for certain roles

Maria Vachino: the different consensus protocols are about who gets to be the leader: PAXOS, POET etc - blockchain it's mining

Christopher Allen: what I need to know to suggest a consensus algorithm depends on the roles and number of players

Maria Vachino: if scale is locked in at the beginning, what happens when you mis-estimate it?

Christopher Allen: if just you and I have a transaction, there's no reason to use a blockchain

Joaquin: Under your research, what did you find that blockchain wasn't suitable for?

John W: There are use cases for things that need to expire - must go away after 7 years - blockchain is too persistent

Maria Vachna: our identities do change, and we don't always want them to persist - think of refugees fleeing persecution

Christopher Allen: there may be existing signing agencies, trust agencies that you would prefer to the blockchain

John W: if one of the requirements is compliance with the right to be forgotten or deleted, a persistent history is bad - if information has to be revocable, that doesn't imply that it will delete all copies

Shen: You could use blockchain for key distribution and unique identifiers, not for storing volatile information

Maria Vachino: if a database solves it, we don't need to be told about this - what new ideas are there? - a blockchain identity is first come, first based - bankers say you can't fix a mistake or reverse a transaction - a secure blockchain needs a very high amount of traffic - it may go away if there is too much bickering

Dale: Bitcoin is based on a proof of work that is hard to game, but the work provides no value in the world. Is there one that does?

Shen: Blockstack's system is blockchain agnostic - it can work on bitcoin or other chains - you don't necessarily want work that is useful, as that makes it more gameable

Christopher Allen: blockchain can't do small trust - other things are a lot easier. zero-knowledge proofs can do a lot that don't require blockchain

John W: you can't use blockchain for ephemeral trust the same way that you can with OTR

Jack: where rely on an oracle you can't use blockchain as it adds an external dependency - say I have a website and I want future blocks to depend on that site - if that is removed blocks can't be validated

Christopher Allen: we understand problems with very large like bitcoin and things under 50 where paxos works but there are edges - anything with latency requirements doesn't work on blockchain

Jason: do you rely on immutable ledger or consensus protocol? You could have a triple-signed receipt to reveal proof

Christopher Allen: if you need to revert a transaction a year ago, you can't

Kevin Marks: you can revert by creating a mirror transaction but it leaves a record.

Christopher Allen: if you are logging a history, you can do things like certificate transparency rather than a blockchain.

Jack: turing complete computation is not necessary for the blockchain, but you can just log the verification

Jim Fenton: reading the board I see that blockchain is not good for small, trust, medium trust or large trust

John Best: I work with ledgers all the time, and a big issue is converting from one to another if you take it from a go forward basis, migrating onto a blockchain means you don't have a creation history

John W: I have seen the size of storage be an issue so I am worried about the ever-growing size of the chain

Christopher Allen: with Segregated Witness we are moving the signatures away from the transactions to use less data - there are models where you mark a point in time and forget everything before that and move on - the root of this capability is to have a ledger; if you have something done with a ledger it might be a candidate

Jason: if you have a distributed consensus you could just store hashes

Christopher Allen: there are a lot of things implied by identity that don't belong on the blockchain - we're working to making sure that you can't put anything human readable in the blockchain itself

Drummond Reed: there are different kinds of blockchains that have different properties

Ryan Shea: you could replicate ICANN in blockchain by having a federated namespace that you delegate through for domains

Jack: what we are getting at here is the blockchain microkernel - what is the minimal thing we need for the blockchain to exist - I care about how big blocks are and how fast they propagate, and the federation model; we can simulate anything else

Christopher Allen: other forms of leader election have problems when the parties are changing a lot - eg Stellar is vulnerable to changes

John W: if you roll your own encryption it's usually a bad idea; is the same true of a blockchain

Andy: last iiw the argument was blockchains was for everything, now we're seeing skepticism which is interesting

Maria Vachino: that was why I proposed this

Andy: What are the things that you can get with the blockchain that other tools provide

Christopher Allen: don't be on the bleeding edge of blockchain; there are lots of things you can do without that - with 8 parties you could ahave a round robin consensus model and still have a blockchain ledger - if someone comes up with something better than proof of work we'll shift over

Kevin Marks: Blockchain is not provably collusion resistant - the 2013 fork resolution was solved by collusion

Joaquin: is blockchain resistant to bad implementations?

Christopher Allen: there's 7 billion dollars of reward if you can crack bitcoin

Kevin Marks: well, there's the ability destroy 7 billion dollars if you crack bitcoin; you don't get them

Christopher Allen: bitcoin is arguably antifragile as it absorbs a lot of attacks

Ryan Shea: what blockchains are bad at is like what databases are bad at - they need to be part of a system. some people have talked about storing data in the blockchain - that has always been a bad idea

Christopher Allen: there are things created in blockchain that don't have to be used in it - multisig and hd signature are examples - Merkle Trees are cool