Major Meltdown
What if a major flaw is discovered in BC’s cryptographic soundness? Is there any way to prevent the complete dissolution of the system and of everybody’s wealth?
Perhaps one way to do it would be to create a voluntary registry of non-anonymous addresses, to be shared and verified publicly. Then, if a major flaw arose (maybe someone solved the factoring problem ), then there would still be a record of everybody’s wealth that could be used in a new system (supposing everybody could agree on the latest time that no fraudulent transactions could have taken place). Of course, people who chose to stay anonymous (and therefore did not include their address in the registry) would see their wealth disappear, but alas that risk would prove the price of anonymity.
No not a centralized registry. There’s no “agency” controlling it. It’s just something that users would agree to, just like every other rule of BC. Deentralized and public, just like BC does transactions.
Amal, I admit: I got you wrong! I am just afraid that digital currencies will not stay legal for long because the government has not control over it. (The day they make it illegal, you should open a bottle of champagne, because that’s the sign that bitcoin is a success.) So at that point, they will also shut down your registry. And all the people who gave their address to that agency will get into trouble.
If there is a major flaw discovered in Bitcoin and there is no sufficient time to swap to a different system, I assume there is nothing you can do about a loss of your wealth.
Still, let’s suppose YOU have discovered a way to produce an unlimited amount of coins. Your goal would be to profit from that secret AS LONG AS POSSIBLE. So even people that have the power to cheat wouldn’t want a collapse of the digital fiat currency. And before the collapse of the old currency they would change their fake money for a better currency. But I am afraid that also goes for the so called “real” money. But.. somebody who has the brains to fool the algorithm of the digital currency at least gets a reward for his genius. In our paper fiat money system in the contrary, people who have access to the “printing press” of the government / central bank get rewarded for being just plain assholes.
Here’s an answer to a similar question about how to recover from a major meltdown. https://www.bitcoin.org/smf/index.php?topic=191.msg1585#msg1585
Quote from: satoshi on June 14, 2010, 08:39:50 PM
If SHA-256 became completely broken, I think we could come to some agreement about what the honest block chain was before the trouble started, lock that in and continue from there with a new hash function.
If the hash breakdown came gradually, we could transition to a new hash in an orderly way. The software would be programmed to start using a new hash after a certain block number. Everyone would have to upgrade by that time. The software could save the new hash of all the old blocks to make sure a different block with the same old hash can’t be used.
Satoshi,
That would indeed be a solution if SHA was broken (certainly the more likely meltdown), because we could still recognize valid money owners by their signature (their private key would still be secure).
However, if something happened and the signatures were compromised (perhaps integer factorization is solved, quantum computers?), then even agreeing upon the last valid block would be worthless.
If you’re worried about elliptic curve cryptography being broken, then don’t store any significant wealth in Bitcoin. Just like if you’re worried about your (real, physical) wallet being stolen don’t hold more cash than you need to get through a couple of days of purchases.
By the way: I think an economical method for separating gold atoms from seawater will be found before elliptic curve cryptography is broken (and I think both are unlikely in the next 25 years).
Quote from: llama on July 01, 2010, 10:21:47 PM
However, if something happened and the signatures were compromised (perhaps integer factorization is solved, quantum computers?), then even agreeing upon the last valid block would be worthless.
True, if it happened suddenly. If it happens gradually, we can still transition to something stronger. When you run the upgraded software for the first time, it would re-sign all your money with the new stronger signature algorithm. (by creating a transaction sending the money to yourself with the stronger sig)