[xorcist]

> have to live with the fact that their money is lost on the "right" chain

It's not that simple. Transactions can, and will be, replayed on both chains. There would however be many opportunities for attacks such as double spends for a short window of time.

> The two forks could exist for a long time after the split simultaneously,

That's not realistic. As soon as there is some communications between the chains, the system will reconcile. It's sort of the whole reason why this proof-of-work thing exists. Without the need to reconcile chain splits it would be sufficient with some sort of voting of proof-of-stake scheme.

[sparkie]

> It's not that simple. Transactions can, and will be, replayed on both chains. There would however be many opportunities for attacks such as double spends for a short window of time.

My point was that a merchant who accepts a payment for some good or service, and later finds out that they were partitioned from the network after they have already released the goods, may find that they don't have any money on the other (main) chain because it was already spent. The merchant has no recourse to get back their money.

> That's not realistic. As soon as there is some communications between the chains, the system will reconcile. It's sort of the whole reason why this proof-of-work thing exists. Without the need to reconcile chain splits it would be sufficient with some sort of voting of proof-of-stake scheme.

This is what I was alluding to in the last paragraph. The majority of participants who do nothing will simply continue to operate on the main chain, but those who were partitioned (which may include miners) may resist operating on the main chain by forking their software. If enough people are affected by a partition, they would have the incentive to follow the partitioned chain and promote the forked software because their money doesn't exist on the main chain. They would probably operate both chains in attempt to spend the money they received whilst the partition occurred, but eventually the dominant main chain would account for most of their economic activity and the partitioned chain will become obscure, like Bitcoin Cash.

[xorcist]

> they don't have any money on the other (main) chain because it was already spent

Right, the double spend attack. It's feasible under certain circumstances, such as a chain split. That doesn't mean the system breaks down completely, but that it has to be mitigated. In the event of a multi hour long network partition, some participants are likely to take action.

> they would have the incentive to follow the partitioned chain and promote the forked software because their money doesn't exist on the main chain

My point was that their money do exist on both chains as long as transactions are replayed. That may be more or less hard depending on the nature of the split (say, a whole country falls on the Internet completely). Economic participants do have an incentive to replay transactions (for example by following the satellite feed, or a number of other ways).

It is enough that one participant does this to at least give everyone else the possibility to mitigate themselves. Not a good situation to be in, of course, but still. It doesn't require nodes to follow both chains, and certainly not promote minority chains. There is simply no economic incentive to do that should transactions be guaranteed on both chains.

[imtringued]

>That's not realistic. As soon as there is some communications between the chains, the system will reconcile.

If you think that is possible then you must not have paid attention to how blockchains work. By definition there is only one chain and it is always the longest chain in the network. The shorter chain will always be discarded and all the data within it is lost. Now we have a problem. Can't everyone just create their own chain with garbage data and then win by being the biggest spammer? (also known as 51% attack). This is why proof of work is necessary. It is basically a cryptographic lottery that ensures that there will only be one winner every 10 minutes. Since there will never be more than 1 winner there will also never be more than one longest chain. If you decide to disconnect from the network and solve the POW offline your chain will always be much shorter than the main chain. Only if you possess 51% of the miners can you do this offline attack and control which chain becomes the new one. It is possible to rewrite past transactions as well. Just start mining 3 blocks ago and remove transactions or add new ones. However, this becomes harder and harder the older the transaction is. Finding e.g. 10 blocks takes such a huge amount of mining resources that it is infeasible if don't control at least a super majority.