Bitcoin and Cryptocurrency Technologies
1Qqc4BN
1Qqc4BN
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
long, Alice might be able to go home with both deposits. But this is not a problem: we are happy as<br />
long as there is no way for a player deviating from the protocol to cheat the other player.<br />
Finally, blocks in <strong>Bitcoin</strong> or any altcoin don’t arrive in fixed time steps, which introduces some<br />
messiness, particularly as the two chains may not be synchronized. Let’s say both block chains have an<br />
average time of 10 minutes between blocks. Then we’d want to pick a “time unit” of say 1 hour. In<br />
other words, we’d want to have T 1<br />
be at least current_altcoin_block+12<strong>and</strong> T 2<br />
be at least<br />
current_bitcoin_block+6, possibly with a greater safety margin.<br />
Unfortunately, there’s a small but nonzero chance that the next 12 altcoin block blocks will be found<br />
before the next 6 <strong>Bitcoin</strong> blocks. In this case Alice might be able to claim both deposits. This<br />
probability can be made arbitrarily small by increasing the time unit, but at the expense of speed.<br />
This is a neat protocol, but as of 2015 no one uses it. Instead, cryptocurrencies are traded on<br />
traditional, centralized exchanges. There are many reasons for this. The first is the complexity,<br />
inconvenience, <strong>and</strong> slowness of the protocol. Second, while the protocol prevents theft, it cannot<br />
prevent a denial of service. Someone might advertise offers at amazing exchange rates, only to quit<br />
after step 1 or step 2, wasting everyone else’s time. To mitigate this <strong>and</strong> to aggregate <strong>and</strong> match<br />
people’s offers, you probably need a centralized exchange anyway ‐‐ albeit one you don’t need to<br />
trust not to steal your coins ‐‐ further diminishing the usefulness of the protocol.<br />
10.6 <strong>Bitcoin</strong>‐Backed Altcoins, “Side Chains”<br />
Earlier in this chapter we talked about two ways in which we can allocate units of a new altcoin to<br />
existing owners of bitcoins: either requiring provably burning bitcoins to acquire altcoins, or simply<br />
allocating altcoins to existing holders of bitcoins based on bitcoin addresses that own unspent<br />
transaction outputs. As we saw, neither of these allows bilaterally pegging the price of the altcoin to<br />
that of <strong>Bitcoin</strong>. Without such pegging, the price of an altcoin is likely to be volatile during its<br />
bootstrapping phase. The motivation for sidechains is the view that this price volatility is problematic:<br />
it is a distraction <strong>and</strong> makes it difficult for altcoins to compete on their technical merits.<br />
Here’s what we need in terms of technical features to be able to actually peg the altcoin’s price to<br />
<strong>Bitcoin</strong>’s at a fixed exchange rate. First, you should be able to put a bitcoin that you own into some<br />
sort of escrow <strong>and</strong> mint one altcoin (or a fixed quantity of altcoins). You should be able to spend this<br />
altcoin normally on the altcoin block chain. Finally, you should be able to burn an altcoin that you own<br />
<strong>and</strong> redeem a previously escrowed bitcoin. This is similar to Zerocoin, where we escrow basecoins to<br />
create zerocoins, but the difference is that here we need to do it across two different block chains.<br />
The bad news is that as far as we know, there is no way to achieve this without modifying <strong>Bitcoin</strong>,<br />
because <strong>Bitcoin</strong> transactions can’t be dependent on events happening in another block chain. <strong>Bitcoin</strong><br />
script simply isn’t powerful enough to verify an entire separate block chain. The good news is that it<br />
can be enabled with a relatively practical soft‐fork modification to <strong>Bitcoin</strong>, <strong>and</strong> that’s the idea behind<br />
282