Classic rereading|Nick Szabo on the advanced social expansion attributes of blockchain

Classic rereading|Nick Szabo on the advanced social expansion attributes of blockchain

Loading

If we use computers to directly replace human beings, there is still much room for improvement in social scalability.

Further reading: “Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 1)”

Original title: “Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2)”
Written by: Nick Szabo
Translation & Proofreading: Jan, Joey & A Jian, Min Min

Social scalability of network security technology

A long time ago, we used clay and later paper. Today, most commercial transactions are carried out through programs and protocols running on computers and data networks. Although this progress has greatly improved transaction matching and information flow, it has led to a decline in human defense against malicious behavior.

With the development of the Internet, more people who do not understand each other’s behaviors and constraints join in. The security system based on root trust-based access control is only suitable for small offices, such as Bell Labs, where workers are familiar with each other, and income and expenditure are controlled through paper processes rather than electronic programs on office computers. However, as organizations become larger, organizational boundaries are more intricate, and more valuable and concentrated resources (such as currency) are entrusted to computer management, this security system becomes no longer efficient and no longer secure.

The more emails you receive from strangers, the more likely you are to receive phishing attacks or receive malware. Traditional computer security systems do not have good social scalability. As I described in “The Dawn of Trusted Computing” [7]:

When we use a smartphone or laptop on a cellular network or the Internet, the other end of our interaction usually runs on another independent computer, such as a web server. In fact, architecturally speaking, all these machines are designed to facilitate the control of a person or a group of people who know and trust each other . From the perspective of remote network or application users, these architectures are based on complete trust in an unknown “root” administrator. This administrator can control everything that happens on the server:

They can read, change, delete or block any data on the computer at will. Even if the data sent through the network is encrypted, it will eventually be decrypted and fully grasped by a controlled computer. Using network services (in fact, we are vulnerable to attacks in such networks) means that we believe that the computer (or someone who controls the computer, possibly an internal employee or a hacker) will faithfully execute any of our commands and protect Our payment. If someone tries to filter out or tamper with your network instructions on the other end, there are no good security measures to stop them, and they can only rely on some unreliable and expensive man-made systems, and these systems often cannot go beyond the borders of the country.

Many servers do not have enough attack value for insiders or outsiders. However, more and more servers are frequently attacked because they contain valuable resources. A centralized security system based on root trust is difficult to expand. As computer-controlled resources become more valuable and more concentrated, traditional security mechanisms based on root trust are becoming more and more like the real world of “seeking the police for something”. Fortunately, with blockchain technology, we can do better in most important computing scenarios.

Blockchain and cryptocurrency

Scalable markets and prices require scalable currencies. Scalable currency requires scalable security, so that more and different people can use the currency, and the currency will not become invalid-it cannot be forged, inflation, or stolen.

In 2009, someone or a group of people named Satoshi Nakamoto created Bitcoin. Satoshi Nakamoto’s breakthrough in currency is to provide people with social scalability through trust minimization: reducing counterparty risks and third-party risks. Satoshi Nakamoto uses a high computational cost but automated security system to replace the traditional security system with low computational cost but high institutional cost, which greatly increases social scalability. A group of intermediary agencies that only need partial trust replaces the original single intermediary agency that requires full trust.

Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2)Hit “calculate stimulants” Financial control: by the block chain like an army of robots, each check each other’s work.

When we can use computer science instead of traditional accountants, regulators, investigators, police, and lawyers to protect the most important functions of the financial network, we will tend to be an automated, global and safer system, rather than human control Inconsistent, local, local and inconsistent security systems. If we implement cryptocurrency on the public chain in the correct way, we can use a large number of computers to replace a large number of bureaucrats in the traditional banking industry.

By using computers to maintain the blockchain, we can put the most critical part of the interconnection protocol on a more reliable and secure basis, making possible trust interactions that we dared not try on the global network before .”[ 8]

For blockchain technology, especially Bitcoin, the most valuable features include:

The blockchain has these characteristics because it can maintain a high level of security and reliability without human intervention. If there is no high security, the blockchain will be just a distributed database technology with extremely low resource utilization. It still needs to rely on the local bureaucracy to ensure its normal operation.

Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2)

Since the mid-20th century, the efficiency of computers has increased by several orders of magnitude, but the human brain has not changed much. New computing capabilities have created many possibilities for breaking through the limits of human beings, and as human thinking has reached its limit, systems designed based on human minds have also reached its limit. As a result, human beings have no remaining minds to improve our existing system.

But if we use computers to directly replace humans to perform functions, there is still much room for improvement in social scalability . (Important note: This conclusion depends on the slope of the diagonal line in the figure above, not the absolute position of the line of human ability. The position of the line of ability shown above is arbitrary and only depends on our estimation of human ability).

A new centralized financial entity, a third party that needs to be trusted, if it does not have a system equivalent to an “artificial blockchain” like traditional financial institutions, it is very likely to become the next Mt. Gox. If there is no bureaucracy, it cannot be a credible financial intermediary.

The cost of computers and networks is very low. The cost of additional resources required to expand computing power is also very low. If we want to expand the management scope of the traditional human system in a safe and reliable way, we need more accountants, lawyers, supervisors and police, and we must also face the bureaucracy, risks and pressures that follow. Attorney fees are high and supervision costs are higher. Computer science is far superior to accountants, police officers, and lawyers in ensuring currency security.

In computer science, there is a fundamental trade-off between security and performance. The automated reliability of Bitcoin comes from the high cost of its operation and resource usage. Until now, there has not been a way to greatly improve the computational scalability of the Bitcoin blockchain (such as transaction throughput) while ensuring that such improvements will not affect the security of Bitcoin.

For Bitcoin, there is probably no way to have the best of both worlds (maintain reliability while greatly improving performance), which may be one of the trade-offs that cannot be avoided. Compared with existing financial information technology, Satoshi Nakamoto has made some important trade-offs to improve security at the expense of performance. Among these trade-offs, the mining process that seems to waste resources is the most obvious, but not the only one .

Another trade-off is the high degree of redundancy in message delivery. To achieve mathematically provable reliability, the message needs to be fully broadcast among all nodes. Bitcoin cannot achieve this, but even if it is to achieve an approximate goal, it requires extremely high redundancy. Therefore, a 1 MB block consumes far more resources than a 1 MB web page, because the former requires higher redundancy in transmission, processing and storage in order to realize the automatic reliability of Bitcoin.

These necessary trade-offs all sacrifice performance to achieve the security necessary to support independent operation, globalization, and automation reliability. This means that the Bitcoin blockchain cannot reach the level of Visa’s transaction processing per second while maintaining automation reliability, which is its unique advantage over traditional financial systems .

Correspondingly, we only need a peripheral payment network (such as Lightning [9]) with low requirements for trust minimization to undertake a large number of small bitcoin transactions, while the bitcoin blockchain only needs to periodically perform batches of peripheral network transactions proceed to checkout.

Although the transaction throughput supported by Bitcoin is lower than that of Visa or PayPal, it has stronger automated security and is suitable for important transactions . Anyone who meets the Internet access conditions and owns a smartphone can pay a transaction fee of US$0.20-2 (which is much lower than the current exchange rate fee), and then use Bitcoin services anywhere in the world. And low-cost small transactions can be processed on Bitcoin’s peripheral network.

You can use Bitcoin for daily consumption like legal currency. For example, bitcoin-denominated credit and debit cards have the same second-level transaction and refund request functions as legal currency credit or debit cards [10]. We can also achieve peripheral bitcoin micropayments through other clever methods, that is, placing micropayments off-chain for processing, and only regular batch settlements on the bitcoin blockchain. As the use of bitcoin increases, the amount of bitcoin blocks will develop into a large settlement layer, and small bitcoin payments will be processed by the peripheral network.

When designing Bitgold, I have realized that consensus cannot be extended to high-throughput scenarios while ensuring security, so I designed it into a two-tier architecture: (1) Bitgold itself, as the settlement layer; (2) ) Chaumian digital cash, as a retail-level peripheral payment network with high throughput and privacy (achieved by Chaumian blind signature), but this peripheral network is a third party that needs to be trusted like VISA, so it needs to be composed of accountants and other roles. Artificial Blockchain” to ensure reliability.

This peripheral payment network only involves small transactions, so it only requires a small amount of manpower to avoid repeating the mistakes of Mt. Gox.

Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2)Ralph Merkle: Pioneer of public key cryptography and inventor of hierarchical hash tree structure (Merkle tree)

In terms of design, currency must be socially scalable on the basis of security. For example, money must be difficult to forge by any user or intermediary (so as not to dilute the supply curve and lead to excessive or unexpected inflation). Gold has value anywhere in the world, and it will not be affected by hyperinflation, because its value does not depend on any central authority. Bitcoin is also outstanding in these aspects and can run on the Internet. It allows people in Albania to pay Bitcoin to people in Zimbabwe without trusting a third party and/or paying sky-high fees.

There are various definitions of “blockchain”, but almost all of the definitions are for the purpose of marketing hype. I suggest giving “blockchain” a clear definition that can convey its connotation to laymen. Blockchain should have both blocks and chains. Chain refers to Merkel tree or other cryptographic structure with unforgeable integrity function. In addition, in order to tolerate the worst case and malicious participants as objectively as possible, transactions and other data protected by the blockchain should be copied in a reasonable way (usually, even if there are 1/3 to 1/2 of the The server does evil, the system can still run normally).

Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2) To

Bitcoin’s socially scalable security is based on computer science, not police and lawyers, so it supports cross-border payments. For example, customers in Africa can make seamless payments to Chinese suppliers. It is difficult for a private chain to do this because it requires authentication, digital certificates, and public key infrastructure services (PKI) that can be shared between different jurisdictions.

Because of this feature, and (hopefully rarely) software update requirements that may invalidate historical blocks (a dangerous situation called a hard fork), the blockchain also needs an artificial governance layer (although this layer Will also face the risk of political struggle). The most successful blockchain (Bitcoin) can maintain its immutability, on the one hand because of the decentralized decision-making among technical experts, and on the other hand because of the principle of immutability. Under this principle, only a few important bug fixes and design improvements without any other feasible solutions can use hard forks.

Under this governance philosophy, decisions at the accounting or legal level (for example, changing account balances or canceling transactions) cannot be reasons for executing a hard fork, and they should be implemented by traditional governance mechanisms outside the system (or at the upper level of the system) ( For example, through court injunctions, Bitcoin users are forced to send a new transaction, which has the effect of revoking the old transaction, or the key of a specific user is confiscated, thereby confiscating the tokens controlled by the key).

The so-called post-event unforgeability and immutability means that once data is submitted to the blockchain, it cannot be tampered with unknowingly. Contrary to the concept of some hype, we have no way to guarantee whether the source of the data before it is on the chain is true, or whether the data itself is true or false. This requires additional measures, usually involving high-cost traditional systems .

Blockchain cannot guarantee the authenticity of data; it just preserves the truth and lies in a way that cannot be tampered with, so that later people can analyze the information objectively, thereby revealing the lies more confidently. The daily computer is a computing power drawing board; the blockchain is computing power amber . Important data should be encapsulated into the blockchain amber as soon as possible, preferably directly provided by the device that generates the data after signature encryption, to maximize the advantages of the blockchain in ensuring data reliability.

Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2)A Merkel tree with four transactions (from tx 0 to tx 3). Let the blocks composed of exchanges form a linked list structure through the proof-of-work mechanism, and then appropriately disseminate and replicate them. The Merkel tree structure can rely on the consensus mechanism to create the post-event unforgeability of transaction data. In Bitcoin, these data are calculated in a secure way to obtain the root hash of the Merkel tree, which is used to verify whether all transactions in the block have been tampered with.

The “Proof of Safe Property” framework that I proposed in 1998 uses Merkel trees and data replication mechanisms to tolerate objective software errors or malicious behaviors, but there is no concept of blocks yet. This architecture proves my theory that we can protect the integrity of global shared data and transactions, and design a cryptocurrency (Bitgold) on this basis. But Bitgold does not have a more efficient and computationally scalable block and accounting system like Bitcoin. And it is the same as today’s private chain, based on the design premise of nodes that can be safely distinguished and counted.

Because the security goals of some public chains (such as Bitcoin and Ethereum) are limited by 51% computing power attacks, we are all concerned about how to distinguish the identities of big miners and infer “Is it possible to launch 51% in conjunction with others? Computing power attack”.

The security of the blockchain has its objective upper limit , and the governance of the blockchain will be severely affected by the 51% attack probability. Of course, the attacker would certainly not call it an “attack”, but might say it was “enlightened governance” or “democratic action.” Some software updates used to fix vulnerabilities or improve protocols require soft forks. Other software updates require hard forks, which will bring greater security and continuity risks to Bitcoin than soft forks.

Compared with other network protocols, although blockchain has greatly reduced the trust requirements, it is still far away from trust-free . Miners are considered part of the trusted party. Those who are not engineering experts or computer scientists but have invested a lot of time in learning the principles and codes of blockchain design must fully trust the developer community, just like those non-professionals who want to understand the research results of a professional discipline as scientists in the field The same attitude. During the hard fork, exchanges have great influence because they can decide which fork their market and trading symbols support.

Therefore, the public chain can relatively (but not absolutely) avoid the identity problem, and try to confirm the identity of the most powerful miner at a higher level of reality or society. This may be better than trying to blur the identity (based on the brain). The concept of mapping to the protocol layer is more appropriate, and the hard attempts of public key infrastructure in this regard are a lesson learned.

So I think there are some “private chains” that qualify as true blockchains; others should be classified under the broader categories of “distributed ledgers” or “shared databases”. Their social scalability is completely different from permission-free public chains (Bitcoin and Ethereum).

The following schemes all have requirements for securely identifying (distinguishable and computable) server identities, rather than allowing anonymous identities like public chains. In other words, they need other solutions that are much less socially scalable to solve the witch attack problem:

  • Private chain

  • The “joint” model of sidechains (well, no one now knows how to develop sidechains while reducing trust requirements, even though there have been so many visions and promises before). The side chain can be a private chain, and the two are very matched because they are very similar in architecture and external dependencies (to the public key infrastructure);

  • Multi-signature-based schemes, even through smart contracts based on blockchain;

  • The “information input mechanism” that moves off-chain data to on-chain based on threshold.

To identify the identity of the server, the mainstream but generally low social scalability method is based on the PKI system of a trusted certification authority (CA) . In order to prevent trusted third parties from becoming security loopholes, reliable CAs themselves must be high-cost labor-intensive bureaucracies. These organizations usually conduct extensive background checks on their own or by other organizations (such as the commercial research company Dun&Bradstreet). ;). (I once led the team to design and build such a CA). CA also acts as a goalkeeper, protecting these systems that require permission. CA can become a single point of global control and failure. “The public chain is automated, secure, and global, but identity authentication is labor-intensive, insecure, and local .”

PKI-based private chains are a good choice for banks and large enterprises because they already have a mature internal PKI system to authenticate and approve employees, partners, and private servers involved in important transactions. Bank PKI is relatively reliable. We also provide a semi-reliable CA for the web server, but this generally does not include the web client, even though people have been trying to solve the client certificate problem after the invention of the web: for example, advertisers would want a more secure way , Can replace phone numbers and cookies to track customer identity. But this has not yet been achieved.

PKI can work well for a few important things and people, but for less important entities, it is not so good or easy to use. Its social scalability is limited by the traditional identity authentication bureaucratic system it relies on .

To Echo | Nick Szabo: Currency, Blockchain and Social Scalability (Part 2)The picture above shows some major thefts in the Bitcoin ecosystem. Given that the Bitcoin blockchain may be the most secure financial network available (in fact, Bitcoin is far more secure than traditional payment networks in order to maintain its low governance costs and the ability of peer-to-peer cross-border transfers), based on the old Peripheral services created by the centralized web server are not safe. (Source: Author)

We need to use a more socially scalable method to count the number of nodes. In other words, we need a more robust method to resist corruption as much as possible, and to evaluate the contribution of nodes to the integrity of the blockchain. This is the key to proof-of-work and broadcast replication: greatly sacrificing computational scalability to improve social scalability.

This is Satoshi Nakamoto’s genius trade-off. Its genius lies in the realization that humans are much more expensive than computers, and this gap is widening every year. Its genius is that it allows people to safely and seamlessly collaborate across human trust boundaries (such as national borders) . It is no longer dependent on the “Find the police” architecture like VISA or Paypal, which is expensive, error-prone, and even There is corruption, and these bureaucracies can provide a certain degree of reliability only during normal work.

in conclusion

With the rise of the Internet, various network organizations have sprung up, including social networks, long-tail retailers (such as Amazon), and various service providers (eBay, Uber, AirBnB, etc.) that provide trading platforms for small buyers and sellers. These are just the first attempts at our new capabilities. Due to the tremendous advances in information technology in recent decades, it is no longer computers and networks that limit the number and types of participants in network organizations, but human thinking and system designs that have not fully kept up with technological progress.

The initial Internet attempts were very centralized. Blockchain technology achieves data integrity through computer science instead of “seeking the police for something”, making it possible to minimize trust in currency (cryptocurrency), and it will inevitably bring to other financial fields and scenarios where transactions are mainly based on online data. progress.

This does not mean that adapting our system to our new capabilities is an easy task, or that it will be less difficult under certain circumstances. Utopia ideas are very common in the blockchain community, but they are not a viable option. Reverse-engineering our highly developed traditional systems, or even reshaping some old systems in new forms, is usually much better than starting from scratch or talking about grand plans and game theory.

Satoshi Nakamoto showed us such a key strategy-sacrificing computational efficiency and scalability (consumption of relatively cheap computing resources) in order to reduce the social institutions (such as markets, large companies, and governments) needed to achieve collaboration between strangers The waste of manpower in China, make better use of this precious resource.

references:

[1]: http://whatsupnah.com/2009/02/twitter-vs-the-dunbar-number-and-the-rise-of-weak-ties/
[2]: https://en.wikipedia.org/wiki/Alfred_North_Whitehead
[3]: http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/tradition.html
[4]: http://www.lifewithalacrity.com/previous/2005/10/dunbar_group_co.html
[5]: https://nakamotoinstitute.org/the-playdough-protocols/
[6]: https://www.econlib.org/library/Essays/hykKnw.html?chapter_num=1#book-reader
[7]: https://unenumerated.blogspot.com/2014/12/the-dawn-of-trustworthy-computing.html
[8]: https://unenumerated.blogspot.com/2014/12/the-dawn-of-trustworthy-computing.html
[9]: https://lightning.network/lightning-network-paper.pdf
[10]: https://en.wikipedia.org/wiki/Chargeback