Blockchain size 2015
Announcing World Trade Francs: The Official Ethereum Stablecoin 01st April, Ethereum scalability research and development subsidy programs 02nd January, One of the largest sources of confusion in the question of blockchain security is the precise effect of the block time. If one blockchain has a block time of 10 minutes, and the other has an estimated block time of 17 seconds, then what exactly does that mean? What blockchain size 2015 the equivalent of six confirmations on the minute blockchain on the second blockchain?
Is blockchain security simply a matter of time, is it a matter of blocks, or a combination of both? What blockchain size 2015 properties do more complex schemes blockchain size 2015 The answer in fact depends crucially on the security model that we blockchain size 2015 using; that is, what are the properties of the attackers that we are assuming exist?
Are they rational, byzantine, economically bounded, computationally bounded, able to bribe ordinary users or not? In general, blockchain security analysis uses one of three different security models:. Reality is a mix between the three; however, we can glean many insights by examining the three models separately and seeing what happens in each one.
Let us first start off by looking at the normal case. Here, there are no attackers, and all miners simply want to happily sing together and get along while they continue progressively extending the blockchain. Now, the question we blockchain size 2015 to answer is this: Then, this person sends a double-spend blockchain size 2015 trying to revert their original transaction eg.
What is the probability that blockchain size 2015 original transaction, and not the double-spend, will end up in the final blockchain?
One way to relax the model is to assume a small percentage of attackers; if the block time is extremely long, then the probability that a transaction will be finalized can never exceed 1-xwhere x is the percentage of attackers, before a block gets created.
We will cover this in the next section. Hence, once the attacker broadcasts their double-spend, it will be accepted in any newly created block, except for blocks in chains where the original transaction was already included. We can incorporate this assumption into our question by making it slightly more complex: The first step to getting to that state is getting included in a block in the first place.
The probability that this will take place after k seconds is pretty well established:. Unfortunately, getting into one block is not the end of the story. Perhaps, when that block is created, another block is created at the same time or, more precisely, within network latency ; at that point, we can assume as a first approximation that it is a The possibilities are likely mathematically intractable, blockchain size 2015 we will just take the lazy shortcut and simulate them:.
The results can be understood mathematically. At 17 seconds ie. Hence, we can see that faster blockchains do have a slight disadvantage because of the higher influence of network latency, but if we do a fair comparison ie. Suppose that portion X of the network is taken up by attackers, and the remaining 1-X is made up of either altruistic or selfish but uncoordinated barring selfish mining considerations, up to X it actually does not matter which miners.
The simplest mathematical model to use to approximate this is the weighted random walk. We start off assuming that a transaction has been confirmed for k blocks, and that the attacker, who is also a miner, now tries to blockchain size 2015 a fork of the blockchain. Mathematically, we know that the probability of the attacker winning such a game assuming x as otherwise the attacker can overwhelm the network no matter what the blockchain parameters are is:. We can combine this with a probability estimate for k using blockchain size 2015 Poisson distribution and get the net probability of the attacker winning after a given number of seconds:.
Note blockchain size 2015 for fast block times, we do have to make an adjustment because the stale rates are higher, and we do this in the above graph: Hence, the faster blockchain does allow the probability of non-reversion to reach 1 much faster. One other argument that may be raised is that the reduced cost of attacking a blockchain for a short amount of blockchain size 2015 over a long amount of time means that attacks against fast blockchains may happen more frequently; however, this only slightly mitigates fast blockchains' advantage.
For example, if attacks happen 10x more often, then this means that we need to be comfortable with, for example, a We can also approach the subject of attackers from the other side: How high is the requisite X to revert a transaction after k seconds? Essentially, this question is equivalent to "how much economic expenditure does it take to revert the number of blocks that will have been produced on top of a transaction after k seconds".
From an expected-value point of view, the answer is simple assuming a block reward of 1 coin per second in both blockchain size 2015. If we take into account stale rates, the picture actually turns slightly in favor of the longer block time:.
But "what is the expected economic security margin after k seconds" using "expected" here in the formal probability-theoretic sense where it roughly means "average" is actually not the question that most people blockchain size 2015 asking.
Instead, the problem that concerns ordinary users is arguably one of them wanting to get "enough" security margin, and wanting to get there as quickly as possible. The probability that we will have "enough" security margin after a given number of seconds is exactly equivalent to a chart that we already saw earlier:.
Now, let us suppose that the desired security margin is worth between four and five times the smaller block reward; here, on the smaller chain we need to compute the probability blockchain size 2015 after k seconds at least blockchain size 2015 blocks blockchain size 2015 have been produced, which we can do via the Poisson distribution:.
Now, let us suppose that the desired security margin is worth as much blockchain size 2015 the larger block blockchain size 2015. Here, we can see that fast blocks no longer provide an unambiguous benefit; in the short term they actually hurt your chances of getting more security, though that is compensated by better performance in the long term.
However, what they do provide is more predictability; rather than a long exponential blockchain size 2015 of possible times at which you blockchain size 2015 get enough security, with fast blocks it is pretty much certain that you will get what you need within 7 to 14 minutes. Blockchain size 2015, let us keep increasing the desired security margin further:. As you can see, as the desired security margin gets very high, it no longer really matters that much.
However, at those levels, you have to wait a day for the desired security margin to be achieved in any case, and that is a length of time that most blockchain users in practice blockchain size 2015 not end up waiting; hence, we can conclude that either i the economic model of security is not the one that is dominant, at least at the margin, or ii most transactions are small to medium sized, and so actually do benefit from the greater blockchain size 2015 of small block times.
We should also blockchain size 2015 the possibility of reverts due to unforeseen exigencies; for example, a blockchain fork. However, in these cases too, the "six confirmations" used by most sites is not enough, and waiting a day is required in order to be truly safe. The conclusion of all this is simple: In the BFT security models, this granularity ensures that the system can more quickly converge on the "correct" fork over an incorrect fork, and in an economic security model this means that the system can more quickly give notification to users of when an acceptable security margin has been reached.
Of course, faster block times do have their costs ; stale rates are perhaps the largest, and it is of course necessary to balance the two - a balance which will require ongoing research, and blockchain size 2015 even novel approaches to solving centralization problems arising from networking lag.
Some developers may have the opinion that the user convenience provided by faster block times is not blockchain size 2015 the risks to centralization, and the point at which this becomes a problem differs for different people, and can be pushed closer toward zero by introducing novel mechanisms. What I am hoping to disprove here is simply the claim, repeated by some, that fast block times provide no benefit whatsoever because if each block is fifty times faster then each block is fifty times less secure.
A recent interesting proposal presented at the Scaling Bitcoin conference in Montreal is the idea of splitting blocks into two types: The theory is that we can get very fast blocks without the centralization risks by essentially electing a dictator only once every on average ten minutes, for those ten minutes, and allowing the dictator to produce blocks very quickly. A dictator "should" produce blocks once every ten seconds, and in the case that the dictator attempts to double-spend their own blocks and create a longer new set of microblocks, a Slasher -style algorithm is used where the dictator can be punished if they get caught:.
This is certainly an improvement over plain old ten-minute blocks. However, it is not nearly as effective as simply having regular blocks come once every ten seconds. The reasoning is simple. Under the economically-bounded attacker model, it actually does offer the same probabilities of assurances as the ten-second model. Under the BFT model, however, it fails: In reality, which can be modeled as a hybrid between the economic and BFT scenarios, we can say that even though second microblocks and second real blocks have the same security margin, in the second microblock case "collusion" is easier as within the minute margin only one party needs to participate in the attack.
One possible improvement to the algorithm may be to have microblock creators rotate during each inter-key-block phase, taking from the creators of the last key blocks, but taking this approach to its logical conclusion will likely lead to reinventing full-on Slasher-style proof of stake, albeit with a proof of work issuance model attached.
However, the general approach of segregating leader blockchain size 2015 and transaction processing does have one major benefit: Was it indirectly targeted at the Bitcoin situation? And how much of this applies to Ethereum in particular? I agree with that Bitcoin must do something with the block time. This is a big opportunity for altcoins.
Bitcoin is starting to become something like our governments: How the introduction of PoS will influence the security and the block time at Ethereum?
I like the concept of PoS as it involve more nodes to the blockchain. With PoW, no one runs a blockchain size 2015 without dedicated hardware. IMO, it is blockchain size 2015 waste of resource if the PoS blockchain size 2015 effective enough. I would like to see all your graphs with rescaled blockchain size 2015 If the goal is a private enough world wide fast and secure electronic currency perhaps there is a much simpler way to do it.
What am I missing? Banks trust each other available information, regulation, insurance, etc. They knows that there is blockchain size 2015 very little chance for cheating. If we want to be safe we must assume that there will be bad actors. The blockchain solves a big part of this problem. If there would be a simpler way to achieve the same result, we would already use it. Any news about this: You may use blockchain size 2015 HTML tags and attributes: The Official Ethereum Stablecoin 01st April, Ethereum scalability research and development subsidy programs 02nd January, Author William Mougayar Posted at 3: Author Zer0CT Posted at 5: Thanks for the explanation!
Author altsheets Posted at 2: Looking forward to seeing the differences. Any news about that? Author Samantha Atkins Posted at Author Zer0CT Posted at 4:
Bitcoin has been an unexpected and huge success, with a multi-billion dollar market cap, close to a billion dollars in VC funding, and many clone and spinoff currencies. The ever-increasing demand for Bitcoin transactions, however, poses a big problem.
Because Bitcoin is a self-regulating system that works by discovering blocks at approximate intervals, its blockchain size 2015 throughput is effectively capped at blocksize divided by block interval. Sooner or later, we will reach the point when the network is inundated with more than the 1MB of transactions per every 10 minutes that the system can clear.
In fact, recent "transaction spam" attacks have given us a glimpse of how badly the system will be blockchain size 2015 when transactions start backing up. That there is an impending scalability problem in Bitcoin is no secret: This at-times-acrimonious debate has so far centered around how big to make the blocks and how to schedule the block size increases in the future. All proposals that are on the table so far, however, suffer from a fundamental scalability bottleneck: This is far from the 30, transactions per second necessary to compete with the likes of VISA transactions.
We have blockchain size 2015 a next-generation blockchain protocol, called Bitcoin-NG for short, that eliminates the scalability limits described above.
Bitcoin-NG addresses the scalability bottleneck by enabling the Bitcoin network to achieve the highest throughput allowed by the network conditions. Paradoxically, not only does it improve transaction throughput, it also reduces transaction latencies -- it is possible to get an initial transaction confirmation in seconds rather than in minutes. While the full details of Bitcoin-NG are now available as a white paperthis post describes the key insight behind its operation.
To do this effectively and describe why the core idea behind Bitcoin-NG is both fresh and revolutionary, we first describe the traditional approaches that have dominated the scalability discussion so far. Both options lead to various undesirable blockchain size 2015.
In essence, all the protocol problems stem from the same fundamental issue. Due to the nature of the distribution algorithm, increasing the blocksize or reducing the block interval blockchain size 2015 lead to an increased rate of forks.
In a fork, the blockchain is bifurcated into multiple branches, and there is no single blockchain. The system is therefore in an undecided state. Eventually, the fork is resolved, one branch is chosen and other branches are thereafter pruned, or simply, ignored. Forks incur two significant security risks. First, they reduce security against attackers. Bitcoin is secured by mining power, and mining power in pruned branches does not participate in securing the system.
Second, forks reduce fairness. When forks are frequent, small miners and miners that are not well connected to the overlay network are at a disadvantage, earning less than their fair share. Miners are therefore incentivized to coalesce into larger blockchain size 2015 larger pools, and thereby pose a centralization threat. And of course, larger blocks typically require more resources, effectively cutting certain kinds of peers out of the network. Since the Bitcoin network is quite bursty, and blockchain size 2015 the network level, operates by lying idle for long periods of time, punctuated with sudden waves when a block has to be propagated throughout the globe, well-provisioned nodes are a necessity.
And certain geographic regions may be at a blockchain size 2015 disadvantage. The scalability debate has revolved around these issues, and has been caught in a morass, as these concerns are genuine and the tradeoffs difficult to resolve. And even if a blockchain size 2015 is found, the tradeoffs involved mean blockchain size 2015 the throughput gains will be modest. Bitcoin-NG sidesteps the scaling dilemma by inverting the behavior of the blockchain.
In Bitcoin, the system generates a blockchain size 2015 block that encases in cryptographic stone the transactions that took place in the preceding 10 minutes. In Bitcoin-NG, the protocol is, instead, forward-looking: The former is necessarily limited by the blocksize and block interval, while the latter approach can run as fast as the network will allow.
Specifically, Bitcoin-NG chooses a leader at the beginning of an epoch, and she is in charge of serializing transactions until the next leader is chosen.
NG maintains the overall blockchain structure, but has two types of blocks: Key-blocks are used for leader election. They are generated by mining with Blockchain size 2015 of Work, as in Bitcoin, and they occur at 10 minute intervals on average, as in Bitcoin; in fact, they are identical, in format, to Bitcoin blocks, except for a small twist blockchain size 2015 the coinbase transaction, explained below. Every key-block initiates a new epoch.
In a Bitcoin block, the first transaction, called the coinbase, rewards the miner for having solved a cryptopuzzle and thus for having contributed a block to the blockchain. All of the transactions are part of the same block and are contributed en masse. In between blocks, the traditional Bitcoin system appears idle to an onlooker, as miners are working to discover the next block, but without apparent progress blockchain size 2015 the consensus front.
In blockchain size 2015, in Bitcoin-NG, the key-blocks can be tiny because they need contain only the coinbase transaction, which names the public key that the miner will be using to sign microblocks.
Because a key-block requires proof of work, competing miners cannot just manufacture one and usurp the leadership at will. In blockchain size 2015, Bitcoin-NG shifts the process of issuing blocks: Microblock creation is limited solely by signing speed in the millisecond range and network propagation speeds of small microblocks. Should the miner falter for any reason, blockchain size 2015 miners can take over when they discover a new key-block.
The keen reader may already notice several potential pitfalls, as it blockchain size 2015 seem difficult, at first glance, to incentivize miners to follow the protocol. Double-spend attacks by malicious miners are obviously a key concern. We discuss the algorithm in detail and specifically address the incentive mechanisms, as well as potential attacks, in the white paper.
We have run large scale experiments with nodes comparing Bitcoin and Bitcoin-NG. The results blockchain size 2015 a qualitative improvement on all metrics related to performance and fairness.
Bitcoin-NG scales optimally at the protocol level, limited only by the properties of the physical network and the individual nodes. We believe that Bitcoin-NG advances the science of blockchains by increasing throughput and reducing latency, without impacting miner fairness, the open architecture of Bitcoin, or the clients in any substantial way.
In future work, we plan to expand on how blockchain size 2015 incrementally deploy Bitcoin-NG on top of the current Bitcoin network.
Overall, we are excited and blockchain size 2015 surprised ourselves that such substantial improvements in throughput and latency can be achieved with nominal cost, blockchain size 2015 while remaining backwards compatible. We look forward to more secure, faster, better blockchains. Since the Bitcoin world is rife with conflicts of interest, there is value in reproducing part of the announcement that accompanied this note on the bitcoin developers list:.
My Research Interests are distributed systems and blockchain size 2015, specifically distributed storage algorithms, the distributed aspects of Bitcoin, and reliable aggregation in distributed sensor networks. Hacker and blockchain size 2015 at Cornell, with interests that span blockchain size 2015 systems, OSes and networking. In Context Since the Bitcoin world is rife with conflicts of interest, there is value in reproducing part of the announcement that accompanied this note on the bitcoin developers list: NG is compatible with both Bitcoin as is, as well as Blockstream-like sidechains, and we currently are not planning to compete commercially with either technology -- we see NG as being complementary to both efforts.
This is pure science, published and shared with the community to advance the state of blockchains and to help blockchain size 2015 reach throughputs and latencies required of cutting edge fintech applications. Perhaps it can be adopted, or perhaps it can provide the spark of inspiration for someone else to come up with even better solutions.