Oddbean new post about | logout
TheGuySwann | 1 months ago (raw) | full thread 
 A #Bitcoin node audits the entirety of the history from the beginning and at all times. It’s all open and I’m sure you know this.

But your argument is essentially the equivalent of saying that nobody has any idea if they ever did their accounting properly because they’re just trusting their calculator… I’m sorry, but that’s a very poor argument that has no value in the real world, only in some silly hypothetical. (I.e. in practice it actually just works very easily)

It would be extremely obvious if a node software didn’t do the simple job of auditing the open #Bitcoin timechain history. You can just look to see if something’s wrong.

Funny that you use that example actually, because something like Monero doesn’t get that benefit. If the BTC audit was messed up you *could* check it very easy on pen and paper. If there’s something wrong with bulletproof or ring signature implementation/value outputs, how long before somebody figures it out? Literally nothing would stand out as obviously incorrect or flawed. 🤔

In addition, all cryptography has a shelf life. If your amounts are separate from the signatures, you can update the cryptography to fix a vulnerable system. Bitcoin can continue to work indefinitely, even if/when quantum computers start to threaten its ownership assurances. Something that uses cryptography to obscure the amounts, however, doesn’t get that benefit. You’d have to disallow any and all use of the old system, essentially a reset, because broken cryptography means you now have no clue how many coins there are. Even allowing 1 old signature becomes a risk to the entire thing. The supply matters first and foremost above everything. Without it being immutable, the “money” doesn’t even exist. This is why, despite all the reasons we’ve wanted privacy in the foundation of Bitcoin, nothing has persisted and the trade off on the long term is too much. It just makes more sense to build it into higher layers, than at the base, unless we can find some way to obscure the ownership of many different amounts within a UTXO that doesn’t threaten the full audit in any way.

(Also I don’t see what note you are responding to, so I might have missed some context)