Orphaning transactions to alleviate double spending & large theft
zawy12 opened this issue · 0 comments
Theoretical Overview
Small and even medium-sized coins (for a given POW) find it difficult to have value and survive without centralization techniques such as checkpoints and POS. This is due to double-spending attacks. On another front, BTC holders are more than an order of magnitude the biggest theft victims in history in terms of amount stolen per year per amount held or transferred. Fungibility fans will scream at this idea, but enabling the "orphaning" (reversing) of txs may largely prevent these problems. Since orphaning of blocks is a valid and crucial mechanism, extending and atomizing it to txs should provide even more value. POW security depends on miners being dedicated to the coin by virtue of their equipment investment, so they agree to not collude in packs of 50% (or even 25% according to Emin's et al paper) to do selfish mining and double spends. Unlike democracy that divides itself into 2-party systems that attack each other, POW consensus works because miners care more about the future of the coin than the immediate payoff of selfish mining and double-spends.
It has the enormous problem of what to do with all the descendant txs which may be voided or more coins would be emitted to make up for the descendant victims. Miners may also make this decision by a more complicated scheme.
Comparing to 0-conf
This idea capitalizes miners wanting to reach a consensus that is good for the coin. 0-conf that depends on miners agreeing to a mutually-held (semi-centralized) mempool and not letting a double spend with a higher fee change their commitment to it is another idea that capitalizes on untapped POW consensus potential. Merchants needing fast, small-value txs can be fairly sure the mempool will be honored so that they rarely have a loss. Similarly, this idea is far from perfect because it is not likely to reverse minor theft or thefts in the distant past. But chain work is already trusted absolutely in the sequence of blocks, so it's a small step extend the trust to fuzzy questions such as "Which tx came fist?" and "Was this a theft?". This 0-conf idea does not require any change to any code. For most coins, the largest pool can simply make it's mempool public for merchants to check. Similarly, protection against selfish mining does not necessarily require a code change. The honest miners could decide among themselves to ignore the longer chain "forever". The big miner will have to mine forever to win. But otherwise, a code change to reverse txs without throwing away the blocks (and thereby work) seems necessary for protection against known thefts and double spends.
Example of a Mechanism: Chain Work Rules
A block-winning miner signals desire to reverse a previous tx in a special txn. The miners may decide to agree to a reversal in an off-chain "human" consensus process where their intelligence and social awareness can be used to make the decision. Block winners agreeing with the reversal would include the same "reversal" txn. Those who do not agree would include do a special txn that is against it. Those who do not have an opinion would not do anything. When chain work supporting it exceeds the chain work since the initial txn, it is reversed. This gives the dedicated hashrate more power at the expense of short-term hashrate, which was the goal to make me consider this. Other than switching to POS-VDF-POW, or or selecting a different POW based on height, I do not have any other way for small and medium coins to be permissionless, decentralized, and viable.