That problem already has solutions. The problems cryptocurrency is supposed to solve are, I want to buy subversive literature from someone I already trust not to rip me off, or for an amount I'm not worried about losing, without anyone requiring me to give them a government ID. Or I want to sell it to people without requiring them to give anyone an ID. I want to donate money to Wikileaks. I want to commission art or software from someone in South America who doesn't have access to US banks. I have the same name as someone on a list and I want a way to move money without the government ruining my life. I live in an oppressive country and I want to finance the rebellion, or buy contraception or some other thing which is banned by the baddies when it ought not to be.

It's for doing the things where the existing system fails you, not the things where it works. But it can do those things too. Cash works the same way. You're not worried about a restaurant stealing your money because by the time you pay them you've already eaten. You're not worried about Newegg sending you a brick with "lol" written on it instead of a GPU because they're a well-known company and if they did that it would cost them more in damage to their reputation than they'd gain from the theft and people would sue them independent of payment method.

You don't always need your trust in other people to come from the payment system when it can come from a dozen other things instead.

> That problem already has solutions

The solution to that problem is "the court orders the bank to send the funds back to my account", including all the way up to clawing back any funds the scammer spent. This is possible when the government controls the currency. It is not possible with crypto.

The only remaining purpose of crypto is funding crime. Some crime you might approve of (buying subversive literature), but that's dwarfed 100000:1 by ransomware, scams, and much more nefarious activity (drugs, sex trafficking, etc.)

I see this as a very naive statement. A big story in Russia - popular singer sold her appartment, then told court she was scammed to sell appartment and have sent all money to scammers. Appartment returned to the singer, court suggested the buyer to get money from unidentified scammers.

So much for court orders :))) Poor buyer has lost > $1M. There are over 3000 similar cases all across Russia. Appartment sellers get their apartments back in court without compensating buyers. This madness is going to be resolved someday, next will appear immediately.

Another story - a prosecutor's office tells that largest pasta producer in Russia was actually illegally bought from the government some 20 years ago. Boom, entire business goes to government (to prosecutor friends, really). I can go on and on, there are literally hundreds such stories just in Russia just in the past couple of years.

The point is - having certain independence from the government is good. For the majority of world population (China, Middle Wast, all Africa) government is not a friend but either an unpredictable force of nature or a foe.

> I see this as a very naive statement. [words]

Ok, you clearly have a lower opinion on the ability of your government to help than I do, but it doesn’t matter one bit: credit card chargebacks, escrow, and fraud departments exist and work every day without requiring a perfect government. It doesn’t matter at all that there exists cases of government abuse.

What does matter, is that crypto was designed to avoid needing any of the above, and with it, you have absolutely no recourse whatsoever if things go wrong. The only recourse you have is the government you’re supposedly trying to distance yourself from.

Imagine if the same house buyer bought the house from the scammer using crypto: There would be zero ability, even in principle, to get anything back. Those coins are gone. Even a perfect government with unlimited power could not recover them.

I’m sorry your country has shit courts and never helps you. Mine does. My credit card company’s fraud department does.

What about cases of private abuse? Suppose you're using Paypal or Stripe and they lock your account for no apparent reason. Money you were paid for goods you've already shipped is now locked up, stolen from you, with no explanation or recourse.

> Imagine if the same house buyer bought the house from the scammer using crypto: There would be zero ability, even in principle, to get anything back. Those coins are gone. Even a perfect government with unlimited power could not recover them.

Suppose someone commits fraud by having you send them $50,000 in computer hardware or precious metals or bearer bonds. What happens? The government arrests them, seizes the goods and ultimately returns them to the owner. It's not any different when it's a hard drive with a private key on it instead of a bag of expensive rocks. But then they can't just take your stuff, i.e. reverse a transaction, without due process -- which is good.

Meanwhile the scammer in that case is the property owner in cahoots with the government. If the government isn't corrupt then there is no scam, because then either the person you're paying actually owns the property and having paid them the agreed upon price that is now your real estate, or they don't own it and then when you go to confirm that they actually own the property the non-corrupt government says that they don't and then you don't pay them.

> I’m sorry your country has shit courts and never helps you. Mine does. My credit card company’s fraud department does.

Except when they don't. US banks are not exactly known for their customer support, and their fraud departments don't have the investigative resources of a government. If Alice says she sent the goods and Bob says he didn't receive them, how's the bank supposed to know who's lying without sending them both to court? But every time they get it wrong they're a party to a theft.

What about it?

Your entire point boils down to “fiat has flaws therefore crypto is better”, while completely ignoring that crypto is worse at the very things fiat is flawed at. Fiat sometimes doesn’t protect you, but crypto NEVER does, and CAN’T, even in principle.

None of your CONSTANT whataboutism across this entire thread is going to change this, so please, just stop posting.

You're selling your old PC. The buyer pays you with Paypal or a check or some other digital fiat transfer, you give them possession of the PC, then they reverse the charge and steal your money.

That's the thing cryptocurrency protects you from, in the same way and for the same reason as cash does. And if the fiat system would provide that over the internet -- irreversible anonymous cash transfers -- then cryptocurrency would be a lot less useful. But it doesn't, so it's not.

Nope, chargebacks in Russia do not work the way they do in US, not even close. The reason - government does not represent consumers, it represent bank owners. Also primary reason why scams in Russia are so widespread (and why internet is so cheap) is telecoms freely selling personal data (again, government representing telecoms).

Majority of world population live under a shitty government. Primary method a government uses to control population is monetary. First thing happening to a blogger opposing war in Russia is foreign agent status primarily limiting their ability to make money advertising. Government prints money to fund stupid war slowly extracting from population via inflation. Think of China or Iran where the only asset one can invest is real estate. In Iran leaders seriously discussing moving capital to a new city because they ruined local ecology. In China property prices aren’t doing well primary because of government mismanagement. This puts life savings of millions at risk without reasonable hedge. Coming back to Russia - devaluation in 1991, then again in 1998, then again in 2008, then in 2014, then expropriating private pension funds, then the war with western countries making it very hard to move assets out of the country while also freezing assets of tens of thousands Russians in EuroClear. How am I supposed to save for retirement?

Having alternative monetary system is the hedge from a shitty government. If stock market tokenization ever happens I expect a huge influx of funds into US/EU markets from people of China, India and Russia in an attempt to save their life savings from government greed and stupidity.

In this context your point about irreversibility is a desirable property making system independent from a shitty government. Don’t get me wrong, I’m well aware of all crypto shortcomings and would love to have something in between current chaos and more orderly system.

A smart contract is a shitty alternative to a good government but a decent alternative to a shitty government. At the end of the day I don’t need sorry, I need a solution.

Ok, fine with me.

A judge can order a lien or seizure of their assets. I presume people that deal in crypto still want a car, a place to stay, some nice chairs or maybe to stay out of a cage when a judge determines they are willfully avoiding a court order to pay the money back.

Of course if they have no tangible assets or the entire operation is out of jurisdiction then that's an issue, but for a random joe are you really that worse off than trying to get the Chinese government to refund you for that knockoff you bought on aliexpress?

Of course, Amex deals with small instances of fraud all the time and has built that into the cost, and that’s why I or the merchant pay for the privilege.

For larger things, like actual large international theft, the government absolutely does step in and seize assets.

None of this is possible with crypto, despite what you say.

You can’t seize assets if the destination wallet key is only in someone’s head. You can wrench attack them, but that’s the only option. You better not torture too hard because once the key is gone, the coins are unrecoverable.

The only way it’s possible for there to be recourse even if the scammer is noncompliant, is for there to be a fiat money system. The only way around this is for there to be protections on top of crypto, which is antithetical to it: sure, you can have exchanges where the exchange gets a copy of every key, in case of government order, but then you’re talking the same government orders you’re trying to avoid. You can have the government order everyone to consider certain wallets “stolen” and compel everyone to not accept them, but that’s more government interaction that crypto was entirely designed to avoid.

You can either have decentralized currency, or government protection, but not both.

That's not the only option for a government. You don't need those specific coins, you only need anything of value. Their car, their house, the wages their employer would have paid them, anything else they'd already bought with the money, etc. And they're criminals, they're going to jail, and they're staying there a lot longer if they don't give back the money, which has a way of making non-compliant people more compliant without hitting them with a wrench.

> The only way it’s possible for there to be recourse even if the scammer is noncompliant, is for there to be a fiat money system.

That doesn't give you recourse either because they can spend the money right away. Which transaction are you going to reverse if they use it to buy a physical commodity or foreign asset? Then the scammer has the asset, not the money, so the only thing a fiat money system can do is cause the victim to be the innocent asset seller instead of the potentially negligent or actually in on it person claiming to be the original victim.

Only as long as its use for the former doesn't outweigh its use for the latter. Trying to resist a government by using a digital currency is putting the cart before the horse. The dollar is an abstraction and an accounting convenience over the genuine temporal powers of the consensus that issues it.

That's just a self-fulfilling prophecy. Obviously the early adopters are going to be the people for whom the existing system fails, but if you use that as an excuse to ban it or otherwise make it an insurmountable inconvenience for ordinary use through regulatory suppression then you're just preventing people from using it to buy lunch, not preventing them from using it to buy drugs. Which is useless and spiteful, especially when you're not going to address any of the problems that caused people to want it to begin with.

Subversive literature printed on blotter paper.

Outside of buying sex and drugs the only uses for cryptocoins are, and always has been, ransoms, scams and gambling.

Your argument seems like "only criminals want privacy" which is a no.

Before you could just buy Pocky at any old Walmart in the US, I remember mailing Celga[1] a money order to purchase some directly from Japan…

[1] https://www.celga.com/

The argument is right here:

> Outside of buying sex and drugs the only uses for cryptocoins are, and always has been, ransoms, scams and gambling.

It doesn't contain the word "primarily" which indeed makes it false, and the rebuttal to your different claim is this one:

https://news.ycombinator.com/item?id=46190260

> Also, if you want privacy, don't use crypto.

Can you tell me another way of buying something over the internet without tying the purchase to a government ID?

> Can you tell me another way of buying something over the internet without tying the purchase to a government ID?

Isn't the real question more, does crypto actually allow you buy things without tying the purchase to a government ID?

I'm no expert but I regularly see articles about de-anonymisation. This leads me to be sceptical about claims to privacy, certainly given enough time and motivation by a government actor.

The deanonymization comes from tying any transaction performed by a particular wallet to your identity and thereby deanonymizing all of the other transactions. Which doesn't work if the wallet only ever has two transactions and neither of them are tied to your identity.

That's assuming traditional chains. Privacy coins also exist.

By using a prepaid (debit|gift) card bought for cash in a convenience store? Much better anonymity that way. And much less volatility.

If your concern is the webshop finding out your address, well I’m unsure how you solve this when you buy with crypto, but again ship to your home. If you have an alternative place to get it delivered for privacy, might as well do that with fiat transactions the same way.

* It's becoming more common for sites to ask for ID, I've gotten prompted for it buying a cellphone online, to access an old Facebook account and even Hetzner (Before ever using it) because I got flagged as high risk

How did you first obtain your crypto? What level of anonymity was available for that tx?

Where do you store your crypto short and long term? How do you make it available for spending on online platforms? What percentage of your income and expenditures is in crypto? How do you balance between fiat and crypto anonymously?

What are you buying with the crypto? Why does it need to be purchased with crypto?

Where are you having it shipped? Are you faking all contact details when making the purchase?

Are you completely obscuring yourself physically while collecting said package? Are you obscuring your movements along the way as well to prevent leading back to your home?

Often, proponents love to portray citizens in economically ruinous governments in SAmerica as ideal usecases. Why do they need to use your specific crypto coin? Why can’t they use a locally invented (read: forked) one? It feels much more useful to regulate supply/demand where all said economic activity will take place, instead of replacing your entire net worth from a dying currency to a speculative one mostly propped up by foreigners like you who have zero skin in their local game.

I could go on and on, but it is exhausting to reiterate common sense - no one ever thinks this through fully from the comfort of their air conditioned first world white collar desk job office. How are you ensuring perfect info and op sec in your crypto journey?

Suppose you mined it or received it as payment for selling something to a stranger who doesn't know your identity.

> Where do you store your crypto short and long term?

If you're using it as a payment method you don't store it long-term. You either spend it promptly or convert it into some ordinary form of investment.

> What are you buying with the crypto? Why does it need to be purchased with crypto?

Whatever you want to buy with it. Suppose you want a VPN subscription. Suppose you want to make an anonymous donation. Suppose you're just eating at a restaurant and don't want a record of that on your bank statement.

> Where are you having it shipped?

There are lots of things you can buy that don't need to be shipped.

Also, that's a separate problem. If you actually had such requirements then you would have to deal with them, but first you'd need to solve the problem of not having a charge for the thing you want to be private appearing on your credit card statement tied to your government ID.

> Why do they need to use your specific crypto coin? Why can’t they use a locally invented (read: forked) one?

Because a major benefit is to be able to make transfers between countries.

But, you are mischaracterizing me, I AM a South American migrant that did scape and has benefited from crypto for what little economic interaction I do have with my ruinous home country

On the same idea, I don't need/care for perfect opsec because my threat model doesn't need it, what little I've directly bought with crypto has always been digital, so that's whay I've cared to figure out

Still details on income/transactions and such, all feel a bit unnecessary for public display, but a small percentage, and my first crypto came from mining and selling back when it wasn't taken that seriously specially not in Venezuela of all places

Basically all web shops in Brazil require you to give a government ID to buy anything (usually your CPF number).

Immigrants can request a CPF (the 'national ID'). I don't think being in the country 'legally' is a requirement, that isn't enforced the way it is in the US.

> people living in Favela who essentially don't even recognize the state

Most people get assigned an ID at birth. And people who live in a favela often have to work outside it, and they interact with most companies/state services that aren't utilities as usual.

Utilities OTOH often get MITM'd by militia/narcos these days though.

> I assume it's something like the US where 10 illegals work under one social security number or a tax ID

No need for anything fancy like that. The poorest people are willing to work based on verbal agreements, as the alternative is either starving, or hoping the public social security network has your back. And in case your employer requires one, that's a non-issue because, except for rare circumstances, everyone has one.

Digital banking, install payments and general smartphone usage is widely popular, including favelas.

Apparently Black Rock and such buy billions of dollars worth of sex and drugs. I wonder where they keep it.

That is a very shallow take. There are real non-criminal uses for crypto that people in stable, wealthy countries often overlook. Millions rely on it simply to move money between family members across borders when traditional banking is slow, blocked, or outright inaccessible due to politics. In several countries, people use crypto to buy food, medicine, or basic goods because their local currency is collapsing or their banking system is dysfunctional, or their entire nation has been cut off from the global financial system as a decision of few politics persons.

Its fine to criticise the scams and speculation — there is plenty of that — but pretending thats the only use case ignores the people who depend on it for everyday survival.

Oh, my, all those poor people that died prior to 2009.

The reality is that crypto became a lifeline in places where the traditional financial system collapsed or simply abandoned people: Venezuela, Argentina, Lebanon, Nigeria are good examples of people dealing with real crises, using whatever tools actually work, including crypto currencies.

But the restaurant is worried about you stealing their food and dashing off without paying.

Any transaction requires some level of trust to function. Crypto is a pipe dream for people who want to participate in society without confronting their pathological aversion to trusting and depending on others.

Except that they serve you before collecting payment regardless of which payment method you use.

And even if they didn't, having the customer pay at the same time they receive the food isn't a trust problem for the restaurant or the customer, because the customer gets the food before the restaurant gets the money but the restaurant gets the money before the customer eats the food. And if someone comes into your kitchen to steal food without paying, that isn't really a payment system issue to begin with.

Most exchanges, etc won't really touch accounts or UTxO that are messing with mixers.

Because of that it's generally just better to use "properly" private and anonymous blockchains instead. If they are fully opaque then tracing becomes effectively impossible.

Bitcoin came about to solve the trustless component and provides weak anonymity.

Then Monero, ZCash, etc built on that to add privacy and anonymity.

If you use bitcoin nowadays and expect anonymity or privacy you are clearly mistaken but there are plenty of platforms built for privacy and anonymity on extensions of that same underlying technology.

Like basically every vendor that accepts cryptocurrency and values privacy/anonymity is going to offer monero as an option.

So literally 0.1% of the financial needs of the average person. What a revolution

"Thing that solves some problems for some people doesn't solve all problems for all people" is not a very useful criticism.

1. Payments which you can't make today inside a legal system are two types. And if you enable system you automatically enable both types. For libertarians that is a clear 100% positive. For regular centrist citizens, not so much. At minimum it's a topic for debate.

2. BTC and a few other tokens actually make this problem worse. Since blockchain is public, you can always trace "bad" or real bad payment to the source wallet. That i one issue, and another is that since BTCs are non-fungible, the tokens used in such payments are forever tainted. Even in the current anarchic and almost unregulated environment some exchanges are blacklisting some of the tokens, to limit own exposure.

The problem with this argument is that cryptocurrency now exists whether it's legal or not and using it for illegal things is already illegal. Drug dealers are committing a felony by selling drugs and if that hasn't deterred them then neither will making something else they're doing a crime too.

So all of the negative uses are going to happen regardless of whether you also ban the positive uses. At which point, what are you gaining by making it illegal or inconvenient for innocent people to use it for something that isn't otherwise illegal?

> Since blockchain is public, you can always trace "bad" or real bad payment to the source wallet. That i one issue, and another is that since BTCs are non-fungible, the tokens used in such payments are forever tainted.

People keep making this claim and it keeps not making sense.

You don't need someone's permission to send them Bitcoin. Meanwhile large exchanges keep billions of dollars in a single wallet and have single wallets that do billions of dollars in transactions over a short period of time.

So let's consider the two possible ways this can work: First, if you get coins directly from a tainted wallet then you get in trouble, but if it was several steps back then it doesn't matter. This is, of course, useless, because then people would just transfer the coins through a couple of other wallets first.

Second, any wallets that receive any tainted coins become tainted forever. Then immediately the vast majority of the chain is tainted because the coins have made the rounds through a large exchange at some point. Worse, it's pointless to try to defend against it by refusing tainted funds, because you can't actually refuse funds. Your billion dollar wallet or freshly mined Bitcoin can be tainted by any troll who sends you a dollar from a tainted wallet without your permission, and trying to treat coins as non-fungible is probably a good way to get someone to troll you like that.

Which gives you two alternatives again. The first is that all coins can be tainted by trolls, which will in practice cause exactly that to happen and thereby make the premise meaningless. The second is that you can try to say that it doesn't count if someone sent them without your permission, but now you can't tell if something is tainted by looking at the chain because it can't tell you which transactions were unauthorized by the recipient, and moreover you would then have a mechanism for getting dirty coins into a clean wallet.

In other words, when anyone can send you money without your permission, your options are "everything is dirty" or "everything is clean".

The problem is scale. The more widespread is such system, the lower is the barrier to entry and the higher is cost to actually prosecute users to their amount and rate of usage (which we already see today).

Also this whole legal/illegal divide is often presented as if there was approximately same order of magnitude of both users. While I guess that actually the illegal use is way way larger than the legal use, simply because it is so crude and slow and buggy and unsafe by design. (excluding gambling, since that use is kinda derivative, depending on the all other uses making up a base on which to gamble)

And this is why token systems by rights should be heavily restricted, since they are so disproportionate in impact. We can all legally buy a knife in any shop, despite the fact that if used for attack a knife almost inevitably produces at least one body. Small arms are also available almost anywhere but with a lot of restrictions. Big arms are almost never available for purchase, just like explosives. And then the stuff like a canister of zarin is totally out of the question. That's because of the disproportionate effect. Same with financial instruments. Tokens are an Abrams of the finance world, and currently we let anyone have one, which is mindboggling to me.

> In other words, when anyone can send you money without your permission, your options are "everything is dirty" or "everything is clean".

You are correct. Afaik all tries to ban Tornado laundered tokens were eventually dropped. But the mechanism and potential still remains.

Also, please correct me if I'm wrong, in the case of BTC specifically we can track tokens from the "dust" attack and separate them from the legal and nice tokens, since they will stay in the different UTXO in the same wallet. Though I'm not very familiar with that, if it possible to pick which UTXO to transfer selectively.

And many of them aren't things that are illegal, they're false positives or limitations that the existing system doesn't care about because they affect minorities or disenfranchised people instead of anyone with significant political power. It's not illegal to have the same name as someone on a list. In the US it's not illegal to buy many things but people are still deterred from doing it if they know it won't be private. Prohibiting donations to Wikileaks was never claimed as an official government requirement -- probably because it would've been unconstitutional -- but the major payment networks still did it. Transferring money to someone in South America isn't inherently illegal, the existing system just makes it a pain through normal channels.

It does the things the existing system doesn't. Which isn't always because they're illegal. Sometimes it's just because the existing system sucks and doesn't care about you.

It was an ad that started off like a typical quality coffee ad, nice pictures of beans, people harvesting, some roasting etc. But than it switched to the topic if making sure that "fair trade" was really applied - switching to IBM Blockchain and claiming that through the use of Blockchain there is safety that everything went fair trade.....

And i just thought.... sure... your blockchain approves that those workers harvesting got paid fair... or does it? All it actually does is proof that someone inserted the information that they got paid fair. If it really happend? Noone knows. Therefor Blockchain is a representation of what you feed into it nothing more and nothing less. At the moment it touches real life - as in the fair trade/payment for coffee bean harvesting - especially in countries where alot of payment is still for dayjob/cash - there's no way the Blockchain can assure that everything went the way it is stored as.

For example, international conglomerate using exclusively slave labor inputs "these bananas are small farmers fair trade bananas" into blockchain.

That's it. That is the "transparency".

An attempt to pass off a lie as truth would be much more damaging to a company's reputation than would be just not addressing an issue. By addressing the issue and introducing a channel for transparency, the company is demonstrating that they are willing to put their reputation on the line.

I would agree that as a regulatory measure, this would not solve any problem. But as a self-imposed measure, it builds consumer trust.

With crypto you don’t need to trust the authority that holds your digital money, the authority that executes the transaction, or the authority that manages the issuance of currency and other factors that may affect its value (interest rates, fixed exchange rates…).

That being said, I agree that in practice this is a rather niche problem to solve, and among the people with this problem, there are far more bad faith ones that good faith ones.

And it is never completely trustless anyway, for most crypto you need to trust a single dodgy implementation, the issuance policy of the founders hoarding the vast majority of the tokens, and whatever backdoors they have put in place for disaster recovery or other purposes. And then there are all the surrounding systems that make crypto actually practical to use, like exchanges, that are absolutely not trustless.

It’s absurd how the top exchanges keep their customers crypto in big joint accounts that the exchange controls and transactions mostly just happen in their closed database outside the blockchain, canceling out most advantages of crypto anyway.

Yes it is possible for the state to inflict violence on you, and if the state wants to, it probably will do so. Putting your money into internet tokens instead of state backed money will probably just get you tortured more until you give up the keys, or die. Crypto isn't some "one weird trick" to prevent the state from taking your property and possessions.

Let's go through these. To begin with, "fraudulent transactions" is redundant because that's either someone stealing your credit card number or someone you paid not doing what they said. So let's consider those two:

> people stealing their credit card number

This is the problem caused by the existing system, which is designed with such poor security that breaching a merchant allows the attackers to make charges to their innocent customers' cards at a different merchant. They get zero credit for providing a mitigation to the problem they created themselves.

> businesses charging them and not delivering goods

This gets sold as a benefit, but it's also a cost, because then it becomes a mechanism to commit fraud. People go to a business that does deliver the goods and issue a fraudulent chargeback. The merchants then have to pass the cost of that onto everyone else, which means that it's also a fraud against every other customer.

Meanwhile we have other solutions to that problem that don't do that. Established businesses don't want to ruin their reputation. If someone rips you off you can sue them. Sometimes you're just paying someone for something they're already delivered.

And most importantly, there instances when you would trust someone to deliver the goods independent of the payment system, and other instances when you wouldn't. Which is why you want both payment systems to be available instead of just the second one, so you don't have to pay for the chargeback fraud when you don't need to buy your trust from the payment system.

While it is possible for the state to inflict violence, it's relatively difficult to scale. The state can freeze your USD accounts with the stroke of a key (as they did for Russian accounts recently). Whereas rounding up and torturing all those account-holders is just obviously infeasible.

It obviously has no pseudo anonymity, is literally the least democratized banking system in existence, and is subject to the government’s whims in a whole host of ways. But it is a digital ledger of massive sums of real dollars (the banks can ask for it in cash if need be), and you couldn’t really steal the money even if you managed to create an unauthorized transfer on some bank’s master account.

Ehhh, can they? I suspect any bank that tried would pretty soon find that it actually couldn't.

Just like those airplanes of bills shipped to Iraq, etc. in the past.

The externalities of the crappy US banking system are so vast though. Musk, crypto, ...

https://en.wikipedia.org/wiki/Faster_Payment_System_%28Unite...

Believe it or not, banks don't ferry around cash to each other. It's all just numbers in a computer.

http://arxiv.org/abs/2110.09857

> Finally, assuming that the parties are rational agents and the smart contract language is Turing complete, we argue that it is impossible to implement the basic sales escrow as a smart contract without trusted third-parties or vulnerability to extortion. In other words, any escrow smart contract has one of the following three demerits:

> – Assuming irrational agents who are willing to punish the other side, even if it is not in their own interest; or

> – Relying on a third-party; or

> – Enabling at least one of the two parties to extort the other.

> In summary, we illustrate that the smart contract and Dapp community is wrong in assuming that the current implementations of two-party escrows have a well-designed mechanism that incentivizes rational actors to be truthful. More shockingly, we show that the smart contracts on programmable blockchains have inherent limitations that make it impossible to implement such a contract. In a sense, this can be considered the first incontractability result on programmable blockchains.

----------

This is exactly what I was arguing.

I never claimed that two party escrow is ideal. I was explicitly saying that two party escrow is an intractable problem and that you must formalise your trust assumptions instead and either accept some level of trusted third parties OR without third parties accept some level of risk of exploitation by one party or the other. Even with third parties there is still risk for exploitation but depending how it is implemented that risk is lesser.

Again this is a matter of formalising trust assumptions and explicitly outlining who you are trusting, what you are trusting them to do, and how much you trust them to do it. And in doing so up front both parties can evaluate their risk tolerance based on the agreed upon contract before progressing.

No smart contract can prove you were not actually delivered your goods without trusting someone else.

You are taking all the implicit trust, lowering it into explicit trust assumptions, and formalising who is allowed to make what decisions when, what happens when they do, and how the other parties are permitted to respond.

You are moving all of those implicit assumptions about how a contract, interaction, or relationship work and formalising them into something explicit and upfront so that all participants can evaluate their risk tolerance and trust levels prior to agreeing to a given contract or interaction.

And of course you are also sprinkling in a heavy dose of automation to smooth out the complexities of these explicit, mechanised contracts such that the happy paths are buttery smooth and the unhappy paths are at the least bearable and correspond to the contract you signed on to at the beginning of your interaction.

TLDR: It's low trust automation + formalising implicit assumptions into explicit ones.

1. https://news.ycombinator.com/item?id=46181371#46192445

> The point of trustless architectures (of which blockchain and smart contracts are one) is that you are eliminating implicit trust.

That is also the point of laws and contracts as we have them today. How does, explicitly, blockchain improve on that?

> You are moving all of those implicit assumptions about how a contract, interaction, or relationship work and formalising them into something explicit and upfront so that all participants can evaluate their risk tolerance and trust levels prior to agreeing to a given contract or interaction.

What implicit assumptions aren't removed by laws and contracts as we have them today that are removed by blockchain and smart contracts?

> And of course you are also sprinkling in a heavy dose of automation to smooth out the complexities of these explicit, mechanised contracts such that the happy paths are buttery smooth and the unhappy paths are at the least bearable and correspond to the contract you signed on to at the beginning of your interaction.

Without any examples of what is being automated, how and what it is that is made buttery smooth... you really aren't saying anything here. Can you expound on any of those claims?

TLDR: By what you said the only thing that blockchains and smart contracts bring is a new medium to write contracts on.

https://news.ycombinator.com/item?id=46192445

--------

> That is also the point of laws and contracts as we have them today. How does, explicitly, blockchain improve on that?

It's essentially automated tooling. The happy path (i.e. buyer and seller are in agreement) "just works" but when there's a disagreement you can rely on the contract to walk through all of the conflict resolution paths with whatever level of complexity the contract builds in for consensus from multiple third parties, etc.

i.e. It's tooling that replaces manual bureaucratic arbitration with state machines and consensus algorithms.

For two party smart contracts this means there's no third party but there's an inherent risk of exploitation by one party or the other by the design of the contract. It's inherent to two party contracts relying on any physical exchange but if you trust the party the contract is weighted in favor of, it cuts out any opportunity for arbitration and the complexity that comes with that. Now the only trust assumption is the two parties trust in each other.

For contracts with some arbitration process however things get more complicated. Who all is involved in arbitration. Who does the buyer trust. Who does the seller trust. What's the reputation of one of these arbiters? This reputation can be loosely represented as a set of markets for the arbiter with demand from sellers and demand from buyers. If those two markets are out of sync from each other that suggests an impartial arbiter and both parties can reason about that.

> What implicit assumptions aren't removed by laws and contracts as we have them today that are removed by blockchain and smart contracts?

Well. Part of it is that laws are an inherently fuzzy thing and how they are upheld is entirely dependent on a long running and constantly evolving chain of interpretations from past court decisions. And of course how they are upheld in a specific case comes down to how well lawyers are able to convince a judge or a collection of jurors who were more or less selected at random with anyone semi-literate about the law thrown out ahead of time. So it boils down to "who is best able to sway the opinions of this random collection of people who are as illiterate about the law as the lawyers could manage to get them". Which mostly just boils down to feelings.

Of course contracts often go to arbitration instead of to court proper so it's a different case there but arbiters are single authorities that almost universally side with the bigger entity (i.e. whoever is paying them to handle arbitration). So unless you are two large orgs, arbitration is inherently biased.

So an alternative is a largely automated system where multiple third parties who are selected ahead of time by the buyer and seller can be relied upon for arbitration and where their decision is for all intents and purpose final. The buyer and the seller have equal decision making power in the selection of these third parties and they can evaluate the reputations of these third parties prior to entering the contract.

i.e. you are moving away from trust in a large system with a thousand moving parts all performed by infallible people swayed by emotions and an endless process of appeals OR a single arbiter almost always paid by the larger party who will always rule in their favor. Instead putting your trust into a strict set of automated rules with a formal analysis of outcomes backing it + some optional assortment of selected third parties + a consensus mechanism for those third parties.

> TLDR: By what you said the only thing that blockchains and smart contracts bring is a new medium to write contracts on.

Yes. It is exactly that. A new medium to write contracts on. Manual bureaucratic systems and thousands upon thousands of people working in a complex legal system are replaced by a machine. Humans are still in the loop of course but only for making specific decisions at specific times in the process.

And at the time of agreeing to the contract the relevant parties can ideally rely on tooling to explicitly outline at what points each party is taking on a degree of risk, the likelihood of that risk, and the process for moving forward in those cases.

An extremely reductive TLDR is that the goal is to take a system that relies on an army of lawyers and legal analysts and reduce it down into something digestible and navigable by a single lawyer (or even a well educated layperson) with all the existing complexity abstracted away by formal methods tooling.

Umm, you are agreeing with the person you are responding to.

The issue is that crypto boosters (including a few already here) claim it solves a whole host of other problems without thinking things through, kind of like some communists. Then if you argue enough they'll point out that things can be fixed ... but bitcoin is now indistinguishable from any other currency, other than its payment system that will no longer be widely used.

Like, you can make it easy to use if there are banks. And those banks will be subject to regulations. Boom, now you have banks and regulations.

You can get a loan from those banks. Now there's fractional reserve banking, with something like a virtual gold standard.

If it ever gets big enough, the fed can write bitcoin denominated bonds, and it's now prerty much a fiat currency, not even virtual gold.

Yes you still have a shadow sector where you can use bitcoin to buy drugs or dodge the taxman. But all the other supposed benefits have gone.

You use monero to do those things or zano or freedomusd and similar things for these but I didnt understand the conclusion of this statement

Basically you are saying crypto is just an less regulated fiat nowadays?

A legal curry of tech jargon just meant to replace laws and regulations?

The US has a large bitcoin strategic reserve. Banks offer bitcoin accounts (in some countries). You can get a loan backed by your bitcoin.

We're not yet at the point where you can get a credit card and 60 year home loan denominated in bitcoin, with the fed writing bonds or even issuing fiat to stabilise rates, but if it was more popular then is there any technical reason we couldn't get there?

However, the US having a strategic reserve of a currency makes it a lot like other currencies. The next logical step is that banks can use it (already in the works - also Trump). If you can get a bank account it bitcoin, the next logical step is towards a fractional reserve system (loans, banks effectively "printing money"). The strategic reserve can cover a run on banks - think interbank lending, bailouts. Then the fed can offer bonds and IOUs (fiat).

All the things q lot of bitcoin advocates say bitcoin should stop, but you can't stop the government writing an IOU and demanding everyone treat it as currency.

What you put on top is not the core value proposition of cryptocurrencies? It's what's underneath that's different, that was always the point. Fiat currency is built on a foundation of gov't control, whether it's the physical currency or the money in your bank account. Cryptocurrencies, fundamentally, are under no such control. If you're stupid enough to go get a 5mil loan in bitcoin from a bank who is only holding 1.7mil, and the delivery of said bitcoin is a slip of paper saying "iou btc lol" that's not the currency failing you, it's you acting stupidly.

Cryptocurrency doesn't need to do everything for everyone at all times to be a useful thing to have in the world. It only needs to be helpful to a subset of people, in a subset of situations, some of the time.

I'm happy paying by card for ~100% of my daily transactions, but I want cryptocurrency to exist should the need arise. The rise of authoritarian governments and policies across the world should've made that obvious by now. What's legal and perfectly moral today can become a crime tomorrow.

Instead, you give criminals a tool for crime. And gamblers a new casino.

We, the people, make the rules. Replacing our democratic processes with finance controlled by the one with the most computing power, control of the software, or having horded the most of the tokens, is in no way desirable or realistic.

Even if the proposition wasn't borderline idiotic in the first place, there is no clear explanation how such a system should reward early adopters and allow them to cash out at a profit many times exceeding inflation.

It's all a scam.

Finally:

  We, the people, make the rules.

No idea where I'm supposedly making "wild leaps" here. You on the other hand...

And guess where "the hell" I am getting the idea that early adopters would need to be cashed out at a profit many times exceeding inflation: reality. As cashing out at a large profit is exactly what has been happening for over a decade. It is the sole reason for virtually all participants joining the scheme in the first place.

Since when? We merely vote for politicians who promise to enact laws and regulations that are beneficial for us but they almost universally fail to do that, succumbing to self-interests and corruption.

If a government implements authoritarian measures that curb our freedom in an unpopular manner, "we the people" can't do anything about it. In a few years we may or may not vote them out, and the people who replace them may (or may not) do what we, the people, want.

Whatever your feelings on the topic may be, we will not be giving up government control of the financial system in favor of a blockchain and profits for crypto-bros.

A truly democratic leadership with stringent limitations on how they can meddle with financial transactions would be preferable, but that's just a dream at this point.

If we take from the government the ability to freeze bank accounts of protestors, we can't just also remove the ability to freeze the accounts of criminals, enemies, or even terrorists.

It seems like a clear non-starter, yet many proponents of crypto seem to think it would be an obvious improvement.

That's really the crux of the issue here: Having to choose one over the other, would you rather some criminals go free, or some innocents be imprisoned?

I suspect anyone's position to this depends heavily on which sides they've been on more on their lives: Victimized by criminals or unjustly punished.

But realistically we're not seriously going to entertain stripping all controls from the financial system because we don't trust the government to do a reasonable job. Perhaps you'll agree that this is a very unlikely thing to happen.

Now my issue here is that many proponents of crypto, among other fallacies, use this exact scenario as a justification for why eg. Bitcoin will go to $1M, and why they should deserve to cash out at a 10x return in the future.

It's not going to happen, and even if it was, there's still no reason for early adopters to profit in what has so far been a zero sum wealth redistribution scheme with negligible value generated.

>realistically we're not seriously going to entertain stripping all controls from the financial system because we don't trust the government to do a reasonable job

I kind of am. What I'm seeing happen is the opposite: The government stripping more and more agency from the individual because it does not trust its citizens do do a reasonable job(of anything). Every sector freed from the Leviathan, every tiny bit of life that can proceed without being subject to gov't interference is a huge win for me. Again, this is essentially a position born from my seeing what happens when "safety over liberty" goes too far.

>negligible value generated

Depends on what you value. I happen to like drugs and gambling. On the other hand, giving someone who falls for a hustle the ability to get their money back is something that I personally do not value at all.

I believe what I said is a fairly accurate summary of Proof of work / Proof of stake mechanisms and Core developer's influence on the protocol.

btw I was banned from r/bitcoin Discord for saying that exchanges are banks.

Things like banks and governments. Or incentives and heirarchy.

ANYONE can calculate the sums, anyone can verify and proof hashes, identity is kept secret, trust is installed with hash checks for each and every voter - etc etc etc.

It's certainly more airtight than the solution we have today - where trust and efficiency can both be compromised fairly easy.

> ANYONE can calculate the sums, anyone can verify and proof hashes

This is completely false. In fact, at the scale of a country, almost no one can actually do this. 95+% of the population doesn't have the knowledge required to do something like this and understand why it works. And while in principle they could learn to do it, they don't have the time and energy and other resources to spend on this.

And this is a deal breaker, as having the population believe and easily able to convince themselves that their elections are free is an extremely important part of democracy, especially when things are not that rosy.

Answered them. Introducing 0 knowledge proofs was a good point but blockchain can still be a medium to utilize these possibilities. I don't believe a conventional database or transparency log can meaningfully substitute the decentralized nature of blockchain for such an operation, though; and I said as much in my replies.

>"This is completely false. In fact, at the scale of a country, almost no one can actually do this. 95+% of the population doesn't have the knowledge required to do something like this and understand why it works."

Why can't I apply this logic to current election systems? You can memorize and regurgitate a usa.gov or National Archives article to articulate it - but 95% of the populace doesn't actually know about those ballot counts, ballot transportation, result tallying, transmission and communication of said results, implications of Independent State Legislature Theory and how challenging it - at least on originalist grounds - can cause 50 different processes for each of the 50 different states, etc etc etc.

There is no more wasted time, energy, or blind trust than in the current system, and at least introducing zero knowledge proofs, blockchain (or another system) and cryptography to the electoral system can be rooted in the pragmatic AND be abstracted to a layman from any given savvy person, of which there's many. Even in the long term. As it its, it's not like independent researchers or cryptography nerds haven't called out institutional-wide folly; it's what happened with Dual_EC_DRBG, and was promptly laughed out the door for any serious cryptographer and highly publicized.

As for the rest, it's well known that the data is collected and retained on voter information as it is. We're seeing states like Colorado, just this past week, deny giving the current federal administration voter data from the previous election. You can reasonably predict roughly half of America's voting anyway; when their timeline of party affiliation AND the knowledge of whether they voted or not is already public information.

The paper voting system is extremely simple, it takes maybe an hour or two at most to explain in any detail you want to anyone who wants to understand it. People can, and many do, register to participate and see it working first hand. The US presidential election system is slightly more complex because of its legal nature, but I am discussing paper based voting in general; and all of the legal complexity would persist even if each state moved to a blockchain or digital based voting system.

In contrast, understanding zero-knowledge proofs requires college-level mathematics knowledge, probably requiring some months or even years to teach to someone who works in a non-mathematical domain, and at least a day or two to really get it even for someone with enough math knowledge who hasn't seen it before. And this is only the theory - the practical parts are in fact MUCH MUCH more complex - to the point that it is almost certain that there isn't a single person in the whole world who could actually confirm for himself that an electronic voting system actually implements the algorithms promised. Establishing that a CPU is executing the code you think it is is extraordinarily difficult, and doing so for the many such systems that would compose an electronic voting system is way past any human.

what you're arguing for is a system that you understand and can verify, but not other people.

You're also missing the bigger issue which is that voting systems vary by state, which means to do what you need to do would require federal/constitutional change.

Plus how do you verify and guarantee the terminals are not tampered with (especially as they are all going to be digital, and securing hardware in remote locations is fucking hard. )

Much as its not fun, paper votes with local counting stations are harder to corrupt universally (unless you have government collusion)

I don't think people really need it. We're used to using and trusting systems we don't understand. So, I think if the system is open, people will readily accept it. They'll be content with knowing that all the experts say the system is reliable, and they themselves, theoretically, can, if they want, understand its structure and confirm its reliability.

And the real reason for its non-use is somewhat different: The elites believe that the introduction of such a system would almost immediately lead to demands for real direct democracy, and the stupid masses, using this democracy, would make decisions that would destroy society and civilization.

>>And this is a deal breaker, as having the population believe and easily able to convince themselves that their elections are free is an extremely important part of democracy, especially when things are not that rosy.

And it's currently not the case at all.

I think blockchain is a terrible idea for about anything. Electronic voting is hard. Voting is hard. It doesn't change the fact that the current system is a complete security joke .

Plus, the system overall is dead simple, first grade math skills are enough to understand it: we just count the votes in every precinct, and sum up the votes later up. No hashes, no smart group theory schemes, nothing complex.

>>First grade math skills are enough to understand it: we just count the votes in every precinct, and sum up the votes later up. No hashes, no smart group theory schemes, nothing complex.

-people are bad at counting

-some people might be bad at counting on purpose

-some people might try to influence the results

This happens all the time as proven by multiple recounts. I am not talking about USA here but about EU countries but I imagine it's the same in USA. You just hope those swings are small enough to not influence the end results. I am sure this is usually true but sometimes it's close and then the odds are at least some of those elections went the wrong way.

You can't make blanket statements about "the current election system" in the US because of this; you're going to have to talk about things in more specifics, or people in states with well-designed systems are just going to keep popping up explaining why their system genuinely is good.

Typically one of the properties people want from elections is the inability to prove to soneone how you voted, e.g. to stop someone from going, prove you voted for my candidate or i beat you up (or dont give you the bribe). Your scheme wouldn't support that.

Neither of these are how you actual voted so they don't really matter.

That said, as a non-american, the party affiliation thing is super weird.

---

> If you give someone your block ID that says how you voted, then yeah ok - but you can do that today by taking a picture of your ballot.

And in many countries this would be a crime and have legal consequences.

They still negate 2/3 of his necessities.

How do you stop inauthentic licenses?

Perhaps some sort of central authority?

This is the main problem with most of the blockchain/crypto issues is that its all fine until a dispute, and then we all fall back to the state to sort it out (ie the legal system)

There are ways to decentralize that as well; and it probably wouldn't be a bad idea. Decentralization is empowerment, it innately builds a freedom of choice, forcing of transparency, AND a flexibility for more direct and meaningful checks and balances on both an individual level, and a collective level.

I would urge you to look at where the voter fraud takes place, I can't think of a place that spends that much time, money and effort to fake votes that way. Russia, Georgia, turkey and zim just use good old fashioned violence and lies. Its far far simpler.

Look I get that you are worried about vote counting and fraud, but seriously thats not how the mid terms are going to be swayed (if they are) The people that want to do fraud are lasy and not very clever. They'll just gerrymander and lie. Its that simple. Just look at the 2020 elections. Fraud was pretty evenly split, but miniscule and easy to spot. Yet, here we are, all it took was a constant stream of bollocks to news outlets and useful idiots to propagate it on the web.

I mean sure you _could_ print 20 million IDs/SSN/Drivers license, then pay a few hundreds of thousands of people to go and vote illegally. But thats expensive, take time, and leaves a massive massive paper trail back to you. its much easier to buy access to a dipshit billionaire and get them to force the bullshit down their network.

> Decentralization is empowerment

In some instances yes, but for things that backstop identity, its an opportunity for fraud (just look at the state of the internets)

> it innately builds a freedom of choice, forcing of transparency,

transparency requires a stronger authority to enforce. Be that monetary or legal.

There's a lot more on the line for first-world nations, financially and functionally. Also, you'll notice I conceded that point in the last sentence in that same paragraph: "And that's one of the less intuitive methods for bypassing current election systems."

>"Look I get that you are worried about vote counting and fraud, but seriously thats not how the mid terms are going to be swayed (if they are) The people that want to do fraud are lasy and not very clever. They'll just gerrymander and lie. Its that simple. Just look at the 2020 elections. Fraud was pretty evenly split, but miniscule and easy to spot. Yet, here we are, all it took was a constant stream of bollocks to news outlets and useful idiots to propagate it on the web."

I'm not actually that concerned about midterms, I'm concerned about the macro implications of the existing electoral process (and theory, but that's a separate discussion) when we have better tooling for decentralized transparency/accountability and leverage - both for an individual and the collective - than we did during its ratification. I'm concerned its ripe for abuse with a passionate actor in general (that may or may not include individuals within our current administration), and your dismissal isn't too assuring.

>"its an opportunity for fraud (just look at the state of the internets)"

A lot of initiatives are trying to fix deterministic identification in digital formats now, some with good intentions and others with not.

>"transparency requires a stronger authority to enforce. Be that monetary or legal."

This isn’t actually true; transparency always rests on some power structure that both has access to the relevant information and can punish non-disclosure. That power doesn’t have to be a single superior authority, though. You can design systems where transparency is enforced laterally - a network of entities with roughly symmetric power, each able to observe and sanction the others, so that the tension between them produces real transparency and accountability.

Everybody gets a copy of a verifiable hash etc when voting, allowing voters to mathematically check their vote.

The kind of knowledge allowing to design such clever algorithms is the real meaning of the word "crypto" (cryptography).

Even if every voter gets a hash and can check that their vote is in the log, you still have a bunch of places where a central actor can misbehave: Deciding who gets to write to the log in the first place, rate-limiting or dropping submissions, or running split-view logs in the event that there's not a ton of replication - hoping that wouldn't be the case in an election.

With a (properly designed) blockchain, you at least push those assumptions into a consensus layer with many writers/validators and game-theory penalties for rewriting its history. It's still not magic; but for something like elections, I'd rather minimize the points where a single operator can tilt the playing field, which is why I was thinking "blockchain" instead of "centralized transparency log"

> identity is kept secret,

Except to anyone who sees your driver license.

>"If you somehow get access to someone's license plate, their hash won't tell you how they voted - just that they have already voted."

If they beat you to your drivers license information (or whatever form of government ID is decided for the hash, they're all numbers anyway - we can just as well do social security), then in the current system that's bad, but id.me and real are already doing early-stage multi-factor authentication use cases for otherwise deterministic identification mediums. Which is long overdue anyway, and I'm not sure too many people who would morally oppose such election reform if a byproduct of it being passed and enforced is an additional reform on deterministic identification.

Indeed. Good paper driving the point home:

Irrationality, Extortion, or Trusted Third-parties: Why it is Impossible to Buy and Sell Physical Goods Securely on the Blockchain

http://arxiv.org/abs/2110.09857