[marknadal]

There is already a word for what you are talking about, and you used it:

Consensus.

So I counter your argument. It is useless to call "Blockchain" something that must necessarily have consensus. Or else we should just call it a consensus mechanism, not a blockchain. So instead, I propose the following:

A blockchain, is a cryptographically signed linked list.

Note, things like "a distributed ledger" aren't included in that definition. Why? Because a distributed ledger is only possible if writes are cryptographically signed. Else, it is too easy to fake, sybil, forge, exploit, manipulate, lie, or mutate the ledger in a public setting.

I've done a lot of work on commutative transformations (CRDTs, at https://github.com/amark/gun ), and while they are a very different (and more scalable) approach to arriving at consensus (through deterministic means), I still think it is appropriate to call such CRDT/DAG/Merkle/other cryptographically based systems a blockchain. Why? Simply because they can be used as a distributed ledger, and that is the point that most people actually talk about/intend.

At the end of the day, what people intend when they talk about "blockchain" isn't even cryptography or technology, it is simply an economic model. An economic model that doesn't require institutional trust.

So in that sense, would a FedCoin pass as being a "blockchain"? From a technology standpoint, sure, but not from an economic perspective.

Would love to hear your counter-thoughts!

[FreakLegion]

> A blockchain, is a cryptographically signed linked list.

I've always assumed this definition by analogy with Cipher Block Chaining (https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation...), but of course where a word starts out and where it ends up can be two very different things.

[therein]

> Ehrsam, Meyer, Smith and Tuchman invented the Cipher Block Chaining (CBC) mode of operation in 1976

Seriously, even the term was coined back then and the concept is actually pretty identical if you think about it.

[icebraining]

What about a cryptographically signed linked list that can't be used as a distributed ledger?

Because if those are blockchains too, then my country had dozens of developers writing blockchains before Bitcoin ever appeared, since we had to implement https://en.wikipedia.org/wiki/SAF-T

[masterbit]

... like your classification. My version of that is in short:

Blockchain is a technical protocol ( crypto signed list over a P2P network with consensus). DLT is a higher level function on top of a blockchain which adds social / legal / economic status to the data in a blockchain.

[geofft]

"Consensus" was a word used in the distributed systems literature for all sorts of problems well before the Bitcoin paper. (As was "Sybil-attack-resistant", which is another phrase I ~used that was also in common use.) Bitcoin is interesting because it allows reasonably trustworthy consensus in a Sybil-attack-resistant way for a particular problem, namely, a distributed ledger that permits anyone to participate without permission from a central authority. There were lots of other systems for distributed consensus for other problems: a random example is BitTorrent.

I would actually dispute the definition of "cryptographically signed linked list" for Bitcoin. What makes Bitcoin blocks valid is not that they're cryptographically signed (signatures are over transactions, from the address that is trying to send money, but you can sign two different transactions and now you have double-spend). What makes them valid is the inclusion of a solution to the mining problem that incorporates the data being sent, and I think that in any context other than Bitcoin, "a message that includes a random nonce such that the hash has certain properties" wouldn't be called a "signature" at all. Take Hashcash, the proof-of-work system for email anti-spam that somewhat inspired Bitcoin: the web page and paper calls the authentication token a "stamp", and doesn't use the word "signature". The FAQ suggests an extension for mailing lists using the phrase, "A hashcash specific approach (avoiding signatures)".

I am super excited about CRDTs but they seem like an entirely unrelated problem space to Bitcoin, so using the term "blockchain" doesn't make sense to me. (In the same way that I am excited about DVCSes like git using Merkle trees to allow mergeable offline work without a central coordinator, but git is definitely not a blockchain.) That said, I did say this on an IRC channel the other day:

    < geofft> I would define "blockchain" as "a Merkle tree that solves the double-spend problem in a way that's resistant to Sybil attacks"
    < geofft> if your transactions commute, you don't have a double-spend problem, and therefore "blockchain" isn't meaningful
    < ...> geofft: doesn't stop people hawking blockchain solutions though :P
    < geofft> oh, sure
    < geofft> I would also define "blockchain" as "the word you should use instead of Merkle tree on your investor pitch"

So if that's your reason for using the word "blockchain," good for you :-)

I am reading through your Distributed Matters slides - exciting stuff and the point about ATMs not being strongly consistent is a very good one. Will need to reread a few times to make sure I get it!

[marknadal]

You bring up so really good and fair points, specifically around the double-spend problem.

BitTorrent doesn't need to solve the double-spend problem. Yes, it wasn't the cryptographic signatures that solved that in Bitcoin, BUT at the same time, they could have used PAXOS/RAFT to "elect" a random leader to prevent double-spend AND you'd still have consensus.

But it isn't the "consensus" alone, as you note, that makes Bitcoin special - but this is exactly my point in the previous post about why "blockchain" should mean something other than just consensus. It was the ability, as you say, to get consensus without using leader-election algorithms (that would ultimately depend upon trusting that random leader).

Now, if you suggest, instead, that "blockchain" should mean specifically that, a trustless non-leader double-spend solution, I think I can buy that. However, immediately PoS and similar algorithms have to be thrown out as not blockchains then (which hey, I'm okay with that).

This is exactly where, according to what I think you are saying, then things like CRDTs/DAGs could still match your definition, despite being commutative. Sybil-attacks become irrelevant (because the CRDT/DAG approach only cares about the validity of signatures, not who is trading/mining/elected the most, which might be vulnerable to Sybil-attacks), because if a 1000 extra peers/bots commute the same operation, it doesn't change its significance compared to a single peer that commutes the operation.

So wouldn't that match even your own "blockchain" definition?

Oh, I'm glad you found that explainer! I'm glad you enjoyed it :).