Ray Dillinger has been around in the Bitcoin space for years, in fact, he was on the same cryptography mailing list that Satoshi announced Bitcoin back in 2008.
Over the years he has made a number of comments over at Bitcoin Talk. Below are several related to the challenges facing this cryptoledgers especially related to the block rewards (seigniorage subsidies). Recently he noted:
For what it’s worth, I’ve been looking at the question of mining (and premines, etc) a bit differently.
In my estimation, the block subsidies and transaction fees are what the investors (or holders) pay the miners to keep the blockchain secure. If these payments get too low relative to the value secured, then the blockchain becomes insecure and you get 51% attacks etc.
In that light the “standard” model we’ve been pursuing of block subsidies halving as the value secured grows larger seems dangerous. As the value we’re trying to secure grows larger, we intend to pay less for security. We shall, in that event, GET less security. I’ve been watching alt chains with faster halving periods dying like flies, and I can tell you for sure that this is something that’s real.
That brings us to transaction fees. We are paying to secure value, and we are not paying transaction fees relative to value. We are paying transaction fees relative to space. Space – which is to say hard drive sectors and network bandwidth – is not what secures our value; what secures our value is a monetary hardware investment in ASICs and powerplants. Which we need in proportion to the value we’re trying to secure. And which we will not get in proportion to the value we’re trying to secure by paying for space instead.
My conclusion is that if we want to keep the network at zero inflation and pay for security out of transaction fees, we should be paying transaction fees relative to the value of each transaction. And if we want to keep the network going without transaction fees that cost a percentage of the transaction, we should accept an inflationary model where each year the block rewards are, eg, 5% larger than they were the previous year. So, in the long run that approaches 5% inflation.
Both of these options are not popular with the current crop of BTC holders.
Another germane, sobering comment:
Colored Coins etc. make it much harder to know how much value we need the blockchain to protect. The fact that these values are essentially “hidden” from the protocol means we can’t tell what we need to do to maintain any kind of parity with them.
One popular (and possibly correct) view of things is that in the long run the cheapest available price of electricity times the amount of electricity spent per block, will approach the value of the block reward in a PoW system.
Right now we have a Bitcoin block reward worth approx. $12000. If this view is correct, we should expect, worldwide, to see about $12000 worth of electricity (increasingly concentrated where electricity is cheapest) expended per block by hashing rigs.
Right now transaction fees are providing a very small percentage (one third of one percent? I think?) of the block rewards.
At some point in the future, moving to transaction fees as a primary source of mining revenue, implies that each kilowatt-hour of electricity invested in securing the blockchain will have to secure three hundred times as much value (relative to its own value) from attack as it does now.
I’m convinced that’s not really enough. If we stick with Proof-of-work, we’re going to have to start charging transaction fees based on how much value is changing hands, because we want to buy security proportional to the value we’re trying to secure, not proportional to the amount of space it takes to store the transaction. And that means the amount of value changing hands has to be visible, and that therefore Colored Coins etc will have to be more ‘transparent’ in terms of the protocol knowing how much they’re worth (and therefore how much security we need to buy to keep them secure).
The potential death of certain of proof-of-work altcoins:
The hash power devoted to securing altcoin chains is orders of magnitude smaller than the hash power devoted to bitcoin, and the cost of an attack in general is therefore orders of magnitude smaller. Doge got a special mention because it was used as an example recently of the economic effects of reward halving on hash power distribution – the author of that paper made the point that every time doge cuts their block subsidy in half the hashing power devoted to securing their blockchain will also be cut in half. Doge was mined too quick; its block reward is cut in half many times more often than Bitcoin’s. But it isn’t the quickest-mined coin out there by any means; just one that’s a bit remarkable for the size of its current market cap. All of the quick-mined coins have this problem, and many of them are already gone. But that’s only the technical side of blockchain safety, and unfortunately that isn’t even the main type of risk.
Altcoins, in general, are a cesspool right now. In fact it would not be too much to say that the *AVERAGE* altcoin is a scam. Exchanges are openly taking bribes to list altcoins regardless of merit. Some of them are even developing their own altcoins in house for the sole purpose of trading fraud. Other people are more or less openly accepting payments to hype coins on Reddit, Twitter, etc, then engaging in blatant price manipulation in order to drive prices up on a particular day so scammers can sell their premines at maximum profit. Several coins a week that are doing “crowdfunding” or “IPO” to sell their initial distribution of coins are simply scammers who then disappear with the money.
If you even consider investing in altcoins, you should first have a definite reason to believe that the one you’re investing in isn’t a scam. You should second have legal recourse (meaning, you know AND CAN PROVE exactly who the scammers are and where they live) if it does turn out to be a scam. If you have trouble following that second rule, it’s not because it’s an unreasonable rule; it’s because scams ARE THE NORM in the altcoin world and scammers will not give you enough information for legal recourse. While some non-scam coins exist, they are rare exceptions. Nobody in that business is entitled to the benefit of a doubt.
That’s a completely separate issue from chain security w/r/t large (or small) transactions – but once again, if you don’t fully understand why a blockchain is (or isn’t) secure and what resources are required to attack it – then you don’t know enough to even evaluate the security of an altcoin that’s operating with different rules, and if you can’t evaluate the security of its blockchain, then you shouldn’t be investing in it even if it’s a non scam.
On the possibility of failure for a variety of “coins” (including appcoins):
A coin which can survive has at least the following properties.
1. The dev is not anonymous. If a coin has an anonymous dev, it’s about three times more likely to be a scam than not. Further, if the dev is not anonymous, there are things you can legally do if it does turn out to be a scam and if the dev is anonymous there aren’t.
2. It doesn’t halve its remaining coin supply more often than it can double its value. That’s kind of hard to predict, but at this point I think the double-value time for cryptourrency is up to about a year, maybe two. It’ll get longer until it catches up to double-value period for the rest of the economy, which is 7 to 15 years depending on the industry. This is important because whenever the block reward goes down, the hash rate goes down in the same proportion; and when the hash rate gets too low, the blockchain becomes vulnerable to an attack which can destroy its value completely. Expect any coin that mines out its coin supply too fast, to collapse. I think even Bitcoin is going to be too fast in the long run; there’ll come a point when its double-value time is slower than its block-reward halving time and alts will start sucking up the hashing power making bitcoin vulnerable to attacks.
3. It isn’t an IPO where you’re supposed to “buy” coins for some other form of money. A few of those are honest, but most turn out to be scams.
4. The dev actually knows how to fix problems in the software. This is hard to judge straight out of the gate.
5. There’s a point. To put it gently, in order for it to be reasonable for someone who’s not scamming to release an altcoin, there has to be something wrong with Bitcoin and they have to believe that they can do better. In order to believe any altcoin has a long-term future, there has to be something wrong with Bitcoin and that altcoin has to be able to survive where Bitcoin cannot. Anytime there’s an alt, ask what it does that bitcoin cannot do. Then ask, does that enable it to survive where bitcoin cannot?
6. Don’t be taken in by talk of philanthropy. Money, when functioning as money, has no morals whatsoever, good or bad. It flows in the reverse direction of the profitable allocation of resources. Any money that attempts to do anything else will cause market distortions that cripple the economy it’s working in and ultimately cause it to function less well than its competition.
7. If there’s a premine, be sure that the devs are absolutely honest about the premine. If they claim that it’ll be used for the good of the community, then the community is entitled to know how every last dime of it gets spent.
8. If there is any difference at all between the block reward structure they advertise and the one they implement, stay away.
On Nicolas Courtois’ paper (self-termination chains):
It’s true that we don’t know how to implement some of the author’s proposed solutions, but he has a pretty good grasp of some very serious problems.
In particular, he has a good point about what happens when block rewards are multiplied by half.
There’s an investment (in ASIC mining equipment) constantly seeking its most profitable allocation. That allocation is an equilibrium in which each option pays identically.
At the point where there’s a block reward halving, one of the allocation options has its return cut in half, and the equilibrium has to find a new balance point.
If you’re UNO, and you cut your block reward in half, the total rate of return is hardly affected at all because you represent such a tiny fraction of the total available income. The allocation of that investment to mining your blockchain, though, gets cut approximately in half, because that’s the point at which the return for mining it remains competitive.
If you’re BTC, and you cut your block reward in half, the total rate of return is cut by almost half. Suddenly, every *other* allocation opportunity is suddenly worth twice as much of the miner’s remaining hash power investment as it was before, because that’s the rate at which the return for mining it stays competitive with BTC.
Of course, the latter doesn’t account for mining rigs that are no longer profitable to run at all….