GM
you can't prove to a boomer that
even if they get self-custody right,
nobody will be able to steal their Bitcoin.
or prove that I can't develop a secret exploit to spend Satoshi's utxos.
there's always a chance there's a problem with the DLP or the implementation is flawed.
we can't prove the non existence of something.
so when they say " but maybe some shadowy super hacker could hack my Bitcoin!"
all we can honestly do is say
"this thing has been going for a long time, it is well understood and the attack surface is small."
now,
nobody can prove that there ISN'T a hidden inflation bug in Monero. the transactions are more complicated than Bitcoin, giving it a greater attack surface. the proofs that verify supply are somewhat newer than the DLP.
all in all it is a more complicated system.
but let's be honest, the cryptographic primitives aren't THAT new or THAT complicated.
we're just like some Boomer who doesn't understand it and thinks that somebody who does will exploit the system.
and maybe somebody does.
maybe there IS an implementation failure and a hidden inflation bug and Monero goes to zero.
this is fine.
the next project will patch the problem and implement it correctly.
eventually there will be a chain with hidden amounts and a supply that is verified by cryptographic proof.
and people will consider the idea that the supply verification can't be trusted as ridiculous as the idea that I could hack Satoshi's coins.
#bitcoin #monero
Replies (8)
This is the best argument for Monero I have ever heard.
But, I still think we have to solve privacy upstream anyway, so maybe still moot. That said, it is a very solid argument. ๐
It made me think of trying to explain why CRQC is impossible to people who doesn't really have the intellectual tools to get it. (Which, to be fair is almost everybody, including lots of math genius physicists... and that's what makes quantum such an incredibly effective scam.)
The flaw in this argument is that you can conclusively prove that Satoshi's sats haven't been stolen, haven't been hacked. You cannot conclusively prove the total amount of Monero in existence is as expected.
I feel subtweeted lol. Well put though.
Not to drag it out too long, but I wanted to mention Kerckhoffs' principle the other day, I'm sure you're familiar. Basically gets at fact that eyeballs and time are best proof that a crypto system is secure (that's my takeaway). So, the only small point I was trying to make was that monero has fewer eyes on it (smaller community and newer/more primitives) plus the hidden txn amount thing COULD be argued to possibly hide an exploit that would otherwise be easy to spot in a more transparent system.
Hope that made sense. Kind of just heuristics as I haven't done the homework on details of xmr to say much more, and I hope I'm not falling into the knee-jerk-maxi objection to all alts stereotype by continuing to reply to you. Mostly just enjoy refining my own understanding...plus a little bit of cope, I'll admit
lol it did come out of our conversation the other day of course.
but I was just trying to find an example better than rambling on about unknown unknowns.
thanks for helping. I'm just refining my own understanding too.
and you're absolutely right in what you say.
The point is just that there should be SOME way of determining whether a system is sound and reliable.
The maxi position seems to just be " we should NEVER rely on cryptographic proofs to ensure supply. "
this isn't any different than people at the beginning of the 20th century refusing to ride in cars.
" I don't trust it because I don't understand an engine. show me the horse, I need my transportation to be easily personally verifiable. "
and sure, I get it. people died in those early cars.
but we figured it out and now it's normal.
trust in technical advancements increases over time.
I'd zap you, but it's not possible atm. Likewise on refining my thinking.
And I guess I forgot to include another point you made, which is implementation risk, which is again higher on xmr with less review and more frequent (I gather) make updates.
I'll admit though, your arguments, plus a bit of greed (I'm not shy about liking NGU, I think it's healthy to admit it) has me thinking. So, well done
I am accepting your zap in spirit.
it's absolutely true that if people are uncomfortable with the greater attack surface and risk of implementation failure, they should not get involved in Monero
(but I'd also say that if people are going to talk shit about it, they should actually learn about the risks of these things and not just spew FUD)
how do you conclusively prove Satoshi's coins haven't been hacked?
Hanshan
GM
I think there are two different points here. The first is about cryptographic proofs and whether they can be assumed to be solid.
I absolutely think we should have a discussion about the Bulletproofs that ensure Monero supply and how well they've been vetted and whether that is sufficient.
But maybe that's not the main gist of your point.
so let's talk about the second one, I think the point you bring up is actually about information theory and "unknown unknowns."
we can never be sure holes don't exist.
and having a larger attack surface means there are more places for those unknown holes to be.
thats absolutely correct.
this is true on every situation and system we encounter in our lives.
as a Bitcoin example, we *don't know that there's NOT some exploit where I could spend Satoshi's coins.
but because the attack service is relatively small, there is large incentive to attack it and theres been some time now, everybody assumes that this is impossible and there aren't any "unknown unknowns" in that system anymore.
this seems reasonable.
in that same way everywhere, once the attack surface is known and it's generally accepted that no "unknown unknowns" exist, we assume a system to be solid and sound.
are we ever 100% confident that there are no unknown unknowns?
No. we cannot prove the *non-existence* of something.
so the question then becomes, how much assurance is enough?
this also applies to cryptographic proofs that ensure supply.
once the attack surface is known and we've been over it and it's been tested and tested, how much assurance is enough?
So the point of this rant I'm on recently is just to say " there IS a point where there's enough assurance and we can have confidence in this system."
this isn't particularly radical, we do this all the time with everything. at a certain point we just say" it's verified enough" and start using the damn thing.
what is strange and weird is for maxis to say that NO assurance is EVER enough vis-a-vis supply verification and ONLY supply verification.
View quoted note →
They have not been moved. If there was a way to hack them and someone found it, the first thing they would do is move them in case someone else discovers the hack. It is a lot of money.
