Satoshi’s proof-of-work (PoW) can only end up a mining oligarchy or Hara-kiri self-destruct. Proof-of-stake (PoS) is only ever functional if it is already an oligarchy. I propose a solution to this mess* in the PoTM section below.
Oligarchies extract maximum rents from their ecosystems, unlike decentralized protocols such as the Internet.
On A Pale Horse
* And PoW could get quite messy because potentially many interesting surprises may lie along the road to defeating decentralization and forming the mining oligarchy or Hara-kiri outcome.
Blocks are a Tragedy-of-the-Commons
The tragedy is that the chronological ordering of blocks (of transactions) doesn’t have a decentralized objective consensus* which isn’t deleterious to the commons. Hence the commons is either dissolved, destroyed or a coercive power must step into the destructive power vacuum to enforce order.
At a cursory examination, PoW may appear to offer an objective consensus based on a randomized, decentralized competition to burn electricity. Dissecting it further though, the monolithic grouping of transactions into blocks is incompatible with a sustainable decentralized objective consensus.*
* The phrase “decentralized objective consensus” is a pleonasm because an objective consensus by definition doesn’t require a (top-down, subjective) centralized coercive power to enforce a protective order for the commons. Coercion isn’t a consensus. Objectivity in this context is every participant while acting in its objective best interest has only non-relativistic† strategy choices which are a Nash Equilibrium; thus providing objective consensus. An objective consensus’ relationship to the commons may be supportive and protective, or it can be dysfunctional and deleterious.
† In a Nash equilibrium, the participants’ strategies don’t change relative to (i.e. dependent on) the strategies chosen by each other.
I predicted in 2013, 2013, 2014, 2016, and 2016, that the flaw in Nakamoto proof-of-work was transactions fees and block size as the transaction fees rose in prominence relative to the minted block rewards.
Research has modeled and tested in a simulator that the PoW revenue incentivizes dysfunctional objective consensus (and “even non-equilibria in some circumstances”) when the revenue from transaction fees becomes incentives significant compared to* the revenue from the protocol dictated block reward. This isn’t some pie-in-the-sky academic conjecture. It’s the reality of what will happen. Vitalik was even aware of these “Game-Theoretic Attacks” before that research was published.
And the Byzcoin design didn’t resolve the problem (c.f. also longer explanation). Those who think that senders of transactions won’t be motivated to pay lower fees directly to an oligarchy of miners, fail to understand that fees on any PoW system must rise ever higher (in the case that block size is constrained as explained in the Oligarchy or Hara-kiri if Limited Block Size section, otherwise spiraling ever lower as explained in the Oligarchy or Hara-kiri if Adaptive Block Size Protocol section) until an oligarchy is formed to take control over fees.
Note regarding the flaw in Byzcoin which is the game theory of miners incentivizing transacting users to pay their transaction fees directly to miners out-of-band from the Byzcoin protocol, doesn’t apply to miners of Satoshi’s PoW offering to share their protocol dictated block rewards out-of-band, because the bribe to be shared is only at most of doubling of the reward for the “PettyCompliant” miner (and less than a doubling because the miner offering the bribe has to retain some reward). Thus PoW with significant protocol dictated block rewards is not vulnerable to the posited dysfunction.
Craig Wright of nChain explained this more generally from a microeconomics perspective:
Bitcoin was simplified to only involve the solution of securing the network to ensure that no alternatives could diminish the security of the system. This is, it forms a simple two-good, two-person Edgeworthbox economy form of a distribution problem. At each point, there is a known solution representing the way of distributing goods between members. Each of these states is mutually exclusive. Although each agent will express his or her own preferences for alternative uses, it remains simple to determine the overall maximal returns.
Without alternatives, the mining solution becomes Pareto efficient.
The primary problem with the addition of alternate forms of utility is how to choose which one is included, how much and then who decides. This additional created utility varies between the users of the network. That is, no two individuals will have the same preference for this use. This is even assuming a single use alternative and precluding the addition of multiple competing solutions. In these extended scenarios we come up against problems such as Condorcet’s paradox.
Unlike the block reward which is dictated by the protocol, the miner controls which of the available transactions waiting in the mempool (to be added to a block) are included in the block. When transaction revenue is significant, this range of choice available to the miner mandates a different optimum strategy—which is to create a proliferation of competing chains instead of mining on the longest chain. At best, after some intervals much longer than the target block period (e.g. much longer than 10 minutes for Bitcoin), these excessive competing chains are orphaned, yet the excessive delays (up to hours or days) and variance of delay in the confirmation of transactions is dysfunctional, with “a growing backlog of transactions”, more aggressive selfish mining, broken market for transaction fees, and lowered security against 51% attacks. At worst, consensus is lost and the blockchain diverges into ever increasing numbers of forks!
The figure shows a scenario where forking might be more profitable than extending the longest chain.
It becomes a tragedy-of-the-commons because if one miner publishes a block with X transaction revenue, other miners have the choice of instead of mining on that new block, continue mining on the prior block and publish a block with much less than X transaction revenue, leaving the excess transactions for the next miner to put in his block if he mines on that latter said chain instead of the former said one. Thus, instead of the miners being dictated to cooperate by an efficient longest chain strategy with the protocol dictated block reward, they instead create competing chains to divvy up the transaction revenue in different proportions. The research model and simulator determined that optimum revenue for the miner (absent negative externalities such as a collapsing usership and token exchange price) is to form a dysfunctional tragedy-of-the-commons strategy.
Even worse, my mathematical intuition causes me to doubt whether the complex “best case” dynamic equilibria of strategies depicted below can remain in equilibrium, because the complexity (chaos) is too high to presume there isn’t some strategy which dissolves the equilibria—with the outcome most definitely being bankrupting all lesser strategies (i.e. centralized control) and/or losing consensus. The authors admit this possibility, “we believe we have only scratched the surface of what can go wrong in a transaction fee regime” and:
Put another way, our results are only made stronger by simplifying assumptions, because we are claiming that weird and undesirable consequences arise even if one is willing to grant simplifying assumptions.
And the more effective selfish mining is one strategy that devolves to centralized control over time (“Any deviant miner behavior that outperforms the default is thus a serious threat to the security of Bitcoin”).
Readers might posit a shared “altruistic” incentive that miners wouldn’t defect to this dysfunctional strategy because of the negative impact on usership and token exchange price. But is negated by being an undersupplied† public good—i.e. miners each figure that a little bit of defection can’t hurt because “even if 66% of miners remain default compliant, undercutting is profitable”, yet this slippery slope drives the optimum strategy into the dysfunctional one in a spiraling feedback loop. The cited research states, “We can realistically predict that PettyCompliant miners will arise”. Vitalik Buterin wrote:
Unfortunately, altruism… cannot be relied on…, because the value of coins arising from … integrity is a public good and will thus be undersupplied (eg. if there are 1000 stakeholders, and each of their activity has a 1% chance of being “pivotal” in contributing to a successful attack that will knock coin value down to zero, then each stakeholder will accept a bribe equal to only 1% of their holdings).
* But not necessarily greater than if incentives are still significantly altered, although it was modeled only with zero block reward.
† Tangentially note for contrast that the disincentive to 51% double-spend attack is not an undersupplied good.
The Dysfunctional if Significant Transaction Revenue scenario applies always to PoS because there is no protocol dictated block reward;* thus the only incentive for appending a block is to collect transaction fees. For that reason alone, PoS will not function unless it is an oligarchy. Because of the race to bottom of which fork will accept the lowest fees. For which the only solution is an oligarchy which has a monopoly in order to extract the maximum parasitic rents from the system that the market can bear (which is what we see with every such system whether it be DPoS or masternodes).
Yet the nothing-at-stake problem is another reason PoS can (at least in the plausible model where the majority of all stakeholders are not always online†) only function if it’s an oligarchy.
Block forgers in PoS compete analogously to PoW miners to append their blocks to a chain yet in a nothing-at-stake tragedy-of-the-commons (c.f. also), which without an oligarchy in control of the “checkpoints” entropy† mechanism‡ enforcing the leader election process, would in theory devolve to a “precomputing attack” aka “stake grinding”† (which is effectively proof-of-work computation and rewarded only with transaction fees thus Dysfunctional if Significant Transaction Revenue).
There’s no mathematical nor algorithmic way to decide amongst all the potential forks that can be forged within any interval, which is the legitimate one. In PoS unlike in PoW, due to the nothing-at-stake problem because the interval is relative to the autonomous choice of timestamp and nothing is burned, then forgers (i.e. stake-based miners) have the incentive to build their forged blocks on top of every forged block. The choice of which forged blocks to mine upon is either based on enforcement power (e.g. the grouping of stake with the most stake) else PoS devolves as stated. Even if the stake grouping with the most stake is not a majority of the stake, it must necessarily be coordinated (not randomly autonomous) in order to maintain the longest chain—thus fulfills the definition of an oligarchy in control. Algorithmic changes that attempt to penalize those who forge on more than chain are necessarily always going to be flawed and not resolve the issue, because there is nothing-at-stake. Transactions as Proof-of-Stake (TaPoS) isn’t a solution to this near-term forking divergence issue. Andrew Poelstra failed to note that penalizing for signing multiple histories doesn’t resolve the power vacuum that no unique near-term history is distinguished from all the others in the absence of coordination and thus definitionally an oligarchy:
This scarcity may be recoverable by punishing stakeholders who sign multiple histories. For example, if they use Schnorr or ECDSA signatures and are constrained to a specific choice of nonce, they must sign two messages with the same (key, nonce) pair in order to sign multiple histories, and this allows anyone to algebraically solve for their private key.
I explained in more detail along with explanatory condemnation of NEM, Nxt, and IOTA. The leadership election process for PoS is ambiguous. Even if the potential stakers are ranked such that the one with the highest ranking forges the next block, and forgers are penalized for forging on more than one chain, this is a security hole because the highest ranked staker can pretend to be offline and so the next ranked must forge the next block. Then after honest stakers have done so, the higher ranked staker forges a block orphaning those, which creates an ambiguity over who is cheating. Propagation is not objective in an asynchronous network.
Vitalik’s analysis of the probability of attacker achieving a double-spend (on his Slasher 1 or 2 designs) is irrelevant to the my point of whether it requires an oligarchy to function. His analysis failed to point out that the entropy for and thus the next signer is chosen by the current (or 3000 blocks back) signer, thus the only chain that wins is the one that the oligarchy signs every block they want to. Always the issue distills down to there’s no objective reference point because of nothing-at-stake. Tangentially, Slasher’s timestampers add Byzantine agreement’s liveness and quorum weakness to PoS, and I can show the double-spend security is thus much worse than Vitalik computed unless most of the stake is always online. The Ouroboros† “provably secure” PoS alternative may solve this by creating objective entropy via secure multiparty computation presuming a majority of the stake is honest, but requires a majority of the stake to remain online and the network to remain bounded synchronous for said majority. I found the hidden liveness flaw in the proposed Proof-of-Approval and related it to and explained foundational issues of Byzanting Fault Tolerance (BFT).
In “theory devolve”, but I know of no documented cases where the theory was falsified in reality (without the deterministic “checkpointing” mechanism‡ that enables oligarchy control to be expressed), because every extant PoS cryptocurrency I know of was distributed to an oligarchy thus avoiding the falsification test! 😲 How convenient. 😏
For example:
- Nxt’s ICO was distributed to 73 “founders”.
- Steem’s studiously premeditated sneaky mine with obfuscated mining instructions which whale-ified the studious.
- EOS’s year-long ICO enabling the issuer to buy the ICO tokens from themselves over and over again recycling the same ETH (probably anonymized though mixers/exchanges).
- Bitshares’ ICO ProtoShares machinations.
- NEM’s distribution to their own sock puppets which was all distributed by one guy and his sock puppets.
- Qtum rant.
- etc…
* It’s pointless to distribute newly minted tokens in PoS because the probability of winning a block is proportional to stake (except worse in Nxt), thus all stake in the system would be debased proportionally by newly minted tokens such that no one would gain nor lose any relative wealth.
† The requirement for the oligarchy to “deterministically” control said “checkpoints” can be alleviated in so called “provably secure” PoS by employing secure multiparty generation of entropy, but at the cost of the “liveness assumption” that a majority (or “67%”?) of that stake is always online, and for a honest majority of the stake that the network is always synchronous (i.e. 100% reliable network transmission within a upper bounded latency threshold)—either of which seems to be onerous and unrealistic unless the majority of the stake is a tightly controlled oligarchy. The proposed solution to the liveness and synchrony requirements is a delegated PoS (DPoS) option, but which thus reverts it back to a power vacuum which requires an oligarchy. Note PoW in altcoins also needs checkpoints because PoW is Not Secure in Altcoins. Ethereum’s bonded penalties are also flawed, but that is a longer explanation than I can put here.
‡ Such PoS “checkpoints” become relativistic, proliferate discordantly, and thus don’t have a single-point-of-truth (SPOT) in the absence of an oligarchy with a majority of the stake grouping to agree on them, because the nothing-at-stake tragedy-of-the-commons provides no incentives for emergent (bottom-up) convergence of a majority of honest participants. Alternatives to “checkpoints” which also enable oligarchy control to be expressed, include for example delegated PoS (DPoS)—which is an elected oligarchy.
A PoW block size limit would mitigate transaction revenue growth somewhat by eventually kicking the minions (minnows) off chain. Yet transaction revenue could still grow. To avoid the Dysfunctional if Significant Transaction Revenue outcome, the block reward must perpetually remain significantly higher than the transaction revenue unless a coercive power steps into the power vacuum to enforce order. Such a perpetually inflationary coin wouldn’t be accepted by whales and speculators as the reserve* unit-of-account of cryptocurrency. Inflationary cryptocurrencies (i.e. the inflationary act of proliferating “altcoins”) are gamed to redistribute more of the reserve unit-of-account (e.g. BTC) to the upper tiers of the power-law distribution of wealth. Perpetually inflationary PoW is not an escape from mining oligarchy because it’s network hashrate is eventually (but asymptotically) entirely owned by the lowest-cost miner. C.f. more details.
Given that the whales and miners are economically the same entity that can form an oligarchy to make the dolphins pay all the transaction fees for the whales’ transactions via miner profits. Regarding this math, the miner that pays to self (or whale who owns the transaction) the transaction fee for those transactions with much higher fees, is not displacing significant transaction fee revenue that would otherwise be earned by not doing so (due to block size being limited), because the whales’ transactions have a much higher multiple of fee per KB than the transactions of the dolphins. Thus those miners who refuse to participate in these kickbacks to the whales are much less profitable and thus eventually lose hashrate relative to those more profitable miners that do. This is why the oligarchy forms naturally. And note the social harm (i.e. damage to the ecosystem) rises as the square or exponentially with the excessive transaction fees.
The oligarchy must cooperate to prevent (or will undoubtedly arise anyway due to the amplified selfish mining if not first succumbing to Hara-kiri in) the Dysfunctional if Significant Transaction Revenue outcome that otherwise results with most revenue coming from transaction fees as block reward declines asymptotically to zero. This oligarchy with limited block size and diminishing block reward, is the most likely outcome† for Bitcoin although most are fooled into thinking otherwise by the intentionally created dog and pony circus distraction of warring factions:
We’d be in Las Vegas already, if that disruptive BlackDog Cash (BDC) had helped pull the rope.
I’m Trevor:
Craig Wright of nChain argued that PoW is subject to defection from any oligopoly:
In a proof of work system, oligopoly strategies, or the formation of cartels fail due to the impact of the most profitable firm seeking to defect. In all cartels, the least profitable firm needs to be propped up by the other members. The scenario always leads to dissent and the eventual failure of the oligopoly.
He fails to account for the fact that ASICs are a monopoly, not a competitive market; and that an oligarchy must form in order to deal with the aforementioned multifaceted transaction fee constraints/pricing dilemma.
* In What is Money?, I explained that reserve currencies are not perpetually stable, but instead have a cycle of rise, peak, and fall (as all things in nature) that coincide with the consensus of PUBLIC CONFIDENCE in that unit-of-account, because otherwise a perpetual single standard-of-money would require a non-relativistic universe—i.e. where nothing can exist.
† The SegWit “Mt. Box” fractional reserve banking scaling will likely be only on Litecoin after the SegWit fork of BTC is destroyed. There’s also Ethereum’s Raiden.
Changing the PoW design to instead burn the transaction fees would disincentivize miners from including transactions; and as revenue for PoW mining declined with the declining block reward so would the security against chain reorganizations that enable stealing coins.
PoW in altcoins is especially not defensible against fork offs (c.f. also the footnote in the section Oligarchy or Hara-kiri if Adaptive Block Size Protocol because Monero is justifiably terrified about this).
C.f. more details.
In early 2016, I explained and claimed that Satoshi had not solved the Byzantine Generals Problem because there is no way to distinguish which miners are traitors (analogous to identifying which components are failing in Byzantine fault tolerance) due to the relativistic nature of BFT algorithms. My explanation was theoretically correct that even extreme effects such as high orphan rate (in the absence of network latency increase) and long-range chain reorganizations are plausible even without an “attacker” controlling a majority of the network hashrate—i.e. subjectivity over who are traitors and whether they’re attacking or in the linked example just speculating. Although in real world practice given subjective social context it might be determined that those effects are judged to be a majority hashrate attack (although it wouldn’t be 100% definitive). However as @smooth contemplated but didn’t articulate an appropriate example, it occurs to me now that long-term sustained egregiously high orphan rate or especially definitive the lack of Dysfunctional if Significant Transaction Revenue outcome would be effects that are (within 1 − P(unknowns) probability) only plausible if an oligarchy controls a majority of the network hashrate.
C.f. the section 5.1.2 Invisible Majority Hashrate Attacks excerpted from the (not yet published) 2016 rough draft of my Hypernet (formerly named Bitnet) consensus algorithm white paper.
If mining is sufficiently decentralized such that no oligarchy of miners can gain 51% network hashrate control in order to limit the block size, then as I had first stated in 2013 unlimited block size (which also means no protocol enforced minimum transaction fee) is a race to bottom with transaction revenue declining towards zero (c.f. also the explanation I made in the context of Monero if assuming it didn’t have a minimum fee). Thus without a block reward, also a race to the bottom for the security allowing long-range chain reorganization to double-spend (i.e. steal) coins.
But probably before that self-destruction point is reached, the marginal miners will have fallen away and a 51% oligarchy is able to take control in order to effectively limit the block size.
Bitcoin Unlimited’s FAQ originally (click “FAQ” at the linked archive) claimed that orphan rate would be a natural countervailing force against block sizes that are too large for the network to handle; thus they claimed would provide a decentralized free market equilibrium between competing forces determining block size which would scale with ever increasing network capacity.
However, I pointed out mathematically that proportional increase in propagation delay due to block size increase, results in proportional increase in orphan rate. Although proportional increases in block size due to including proportionally more transaction fees, would not result in proportional more revenue due to the non-increased factor (i.e. the protocol dictated block reward), I also explained that the proportional increase in orphan rate only causes a minuscule nominal reduction in revenue when the orphan rate is very low.
Thus Bitcoin Unlimited’s claims are incorrect because revenue increase provided by the block size increase, exceeds the minuscule revenue loss incurred by the resultant orphan rate increase. Thus, with the help of others such as @dinofelis I explained there is no equilibrium point because the block size would only be limited by failure of the entire system wherein the orphan rate would reach a high enough level that the consensus diverged into competing forks that couldn’t converge on a longest chain. I also explained the flaws in mathematical model in Bitcoin Unlimited’s research.
I explained that Andrew Stone’s theory of miners voting with empty blocks as a means of regulating average block size, is flawed because it starves the relative revenue of miners with less bandwidth, such that their share of the network hashrate declines relative to miners who can mine huge blocks. This is especially true if the transaction revenue in the huge blocks is significant relative to the protocol dictated block reward that every mined block receives. Thus Xthin is a way for large economy-of-scale miners to attack marginal miners leading to increased centralization of mining.
Also @dinofelis and I explained that since empty blocks can’t be validated, then this motivates a miner reputation system which is a slippery slope to a mining oligarchy. And I explained that Xthin’s prevalidation before block announcements is inapplicable to the case where the miner is creating an empty block because the miner’s bandwidth was insufficient to keep up with prevalidation propagation.
Craig Wright’s (nChain’s) arguments for scalability don’t prevent the outcome from being Hara-kiri in the Dysfunctional if Significant Transaction Revenue, unlimited block size, or Hara-kiri if Adaptive Block Size Protocol dysfunctional scenarios. In that case, an oligarchy can form to ameliorate/prevent a Hara-kiri devolution. Yet all alternative scenarios are ultimately an oligarchy also, because of the block size and transaction fees contention issue (c.f. the last paragraph of this section and the Oligarchy or Hara-kiri if Adaptive Block Size Protocol section) eventually overcomes any near-term appearance of semi-stable decentralization (e.g. such as with a myriad of large pools).
When its necessary to form an oligarchy by forcefully diminishing the hashrate of those who will not cooperate in an oligarchy, then whether validation costs decline towards epsilon is irrelevant because in the absence of a block size limit, miners with more hashrate can spam (with miner created transactions) large enough blocks (so validation costs are economically significant) thus forcing asymmetrically higher validation costs per unit of revenue (also per unit of hashrate) for miners with less hashrate. This is because miners with lower hashrate will do more validation per block they win (for their revenue) than the miners with higher hashrate. Note this is the mathematical reality because the spamming miner who creates his spam transactions doesn’t need to validate his own spam transactions. If despite Craig’s data of a 1.2 seconds network propagation diameter to 99% of the hashrate at current minuscule transaction volume, propagation delay becomes economically significant due to the egregious transaction spamming but at a lower level of spam than the validation costs become relevant, then we replace the asymmetrically higher validation cost flaw with the asymmetrically higher relative orphan rate (and thus less lower revenue per unit hashrate) flaw. Either way, economies-of-scale in mining drive PoW towards ever increasing centralization of hashrate control.
Oligarchy or Hara-kiri if Limited Block Size applies in the case of a block size limit. Else if the block size limit will be periodically raised by governance and not by Oligarchy or Hara-kiri if Adaptive Block Size Protocol, then said governance devolves to an oligarchy due to the power vacuum of the Iron Law of Political Economics.
In theory PoW mining can become centralized by continuous selfish-mining (and stubborn mining) given a miner (or complicit group of miners)—with at least 33% of the network hashrate (or much less than 33% when the orphan rate is very high such as in Dysfunctional if Significant Transaction Revenue outcome)—is unopposed by an environment in which selfish-mining game theory is not dominant. Such as not with the threat of mutual destruction due to other opposing large hashrate pools which could also selfish-mine. Craig Wright claimed that he would debunk selfish-mining, but ostensibly he failed. Craig appears to have modeled the honest and selfish miners as independent events, but the 33.3% hashrate selfish miner gains a probabilistic informational advantage because only wins a hidden block in 33.3% of the cases; thus can disregard 66.7% of the other cases.
That evidence of selfish-mining hasn’t been detected on Bitcoin so far is expected given that Bitcoin is mined by large opposing pools and (as Craig Wright correctly pointed out) has very high (hashrate weighted) network connectivity centrality. Selfish-mining is probably not viable unless the network is already dysfunctional such as in Dysfunctional if Significant Transaction Revenue outcome or some highly volatile PoW altcoins, in which case detection by orphan rate or timing gap analysis would be inconclusive and countermeasures within difficulty adjustment delays would be infeasible.
IOW, selfish-mining is a defense mechanism which kicks on only to form an oligarchy to ameliorate when the blockchain is (and would otherwise) diverging into dysfunctionally high orphan rate.
Monero’s* (and any that can possibly be contemplated) adaptive block size protocol (c.f. also) avoids the Hara-kiri if Unlimited Block Size outcome by limiting the block size to the intersection of the demand curve with an enforced† minimum transaction fee equation regime wherein for Monero the minimum fee per transaction automatically (per the equation) declines proportionally to the increase in median block size. The supply of block size adapts dynamically (per the equation) to said demand.
Remaining design options for any adaptive block size algorithm:
-
Transaction fee regime revenue is kept sufficiently below the block reward revenue to avoid the Dysfunctional if Significant Transaction Revenue outcome:
- Oligarchy or Hara-kiri outcome because the block (aka tail) reward is allowed to decline too low (with transaction revenue even lower per the prerequisite of #1); thus the low security is self-destructive. Oligarchy must 51% attack to enforce an Oligarchy if Limited Block Size outcome so as to rectify the low security; otherwise Hara-kiri outcome chaos of forks offs and double-spends that will occur due to 51% attacks.
- Oligarchy outcome because the block reward is perpetually inflationary (and significantly so); thus the lowest-cost miners asymptotically takeover the network hashrate. That oligarchy may retain the high inflation or may 51% attack to enforce a Oligarchy if Limited Block Size outcome to remove the inflation and force the dolphins to pay the costs of the security for the whales (c.f. the Oligarchy or Hara-kiri if Limited Block Size section for explanation).
-
Oligarchy or Hara-kiri outcome for the Dysfunctional if Significant Transaction Revenue outcome.
The eventual unavoidable oligarchy control outcome of Adaptive Block Size Protocol is particularly damning for a cryptocurrency which offers (especially explicit) anonymity set mixing such as Cryptonote/Monero’s* ring signatures, because it guarantees (if not already is, then) it will eventually be a honeypot!
Because it applies to miners who exceed the median block size, adaptive block size penalty prevents large economy-of-scale miners from attacking marginal miners with extra zero cost transaction spam demand fabricated with transactions that pay the fees to self. Yet note if this cost is only ~2% of protocol dictated block reward, it isn’t likely sufficient (also archived) to suppress transaction spam for a deanonymization honeypot.
. . .
* Monero’s research lab has initiated a discussion in a search for possible solutions to its quagmire. @fluffypony deleted the post I made but it is archived here, here, and here. I responded to @fluffypony and that comment is also archived here and here. @fluffypony continued to deleted more of my comments, and he banned me. The deleted comments are here.
† The governance which sets and periodically adjusts the human chosen constants in the minimum fee equation according to dynamic market exchange price and market demand factors, is a centralized political control which is corruptible according to the Iron Law of Political Economics.