[jafaku]

1. What do you mean?

2. Countries can be attacked too. I don't know what your point is here. If bitcoin survives its infancy, it could become more resilient than any other currency.

3. Could you explain it in practical terms? Because as long as it works, why should I care about what theorists say? Bitcoin's creator said himself that it was an experiment, and rightly so, we have never seen anything like Bitcoin taking off before. Seems like he nailed it on his design.

Yeah, I have seen a lot of people raging. How is that evidence of anything, other than fear of the unknown?

[betterunix]

Typically cryptographers will define a security goal in rigorous terms, then prove that their system meets that goal (at least for "cryptomania" type applications like digital cash). There are good reasons for doing this:

1. It makes proofs of security possible, which make us a lot more confident about cryptosystems.

2. It allows us to be clear about what it means to "break" a system. If we are not clear about this, someone could claim that their system cannot be attacked by simply defining security to be the exact behavior of whatever they created. This is analogous to having a falsifiable hypothesis in a scientific experiment.

The original Bitcoin paper did not have such a definition. I am aware of one attempt at making such a definition, but it resulted in a very weak notion of security that placed unrealistic restrictions on what an attacker could do (basically, the authors were trying to find some definition that Bitcoin could satisfy; see point 2 above). In general, Bitcoin's security is highly suspicious, since by design the honest parties must scale their work in proportion with the work done by the attacker.

"Countries can be attacked too. I don't know what your point is here. If bitcoin survives its infancy, it could become more resilient than any other currency."

If you are admitting the possibility that an army might attack a country, then you are allowing Bitcoin to be fractured by an army destroying the outgoing Internet connections of a country. In the past, countries have been cut off from the Internet by accident (e.g. anchors being dropped on undersea cables). You could keep an attacking army outside of your territory and still wind up unable to communicate with the rest of the Bitcoin network. This is not a highly convincing argument.

Of course, this is all irrelevant, because a polynomial time attack is not the same as an act of war. There are a lot of organizations with the resources needed to perform the "51% attack" on Bitcoin and no compelling reason to think that a faster attack is not possible. You could attack Bitcoin by performing a lot of computation locally, without ever needing to step foot out the door. Bitcoin also does little to prevent attacks based on sending malicious messages into the network, despite the fact that cryptographers began developing techniques for dealing with that decades ago and despite the fact that almost all that work is freely available.

"3. Could you explain it in practical terms?"

Sure. Let's start with a thought experiment: I have something very rare, which has no practical uses but which is easy to give to others. Will you give me your car for a big pile of it?

Unless you are crazy you would not give up your car. The reason is that you are receiving something that is useless in exchange, and that you would have to go find some other person willing to take a pile of useless (but rare) items. Would your landlord accept some of these rare items as a rent payment? Would the bank accept some as loan repayment? Would the government accept it as a tax payment (let's just pretend that you are a law-abiding citizen who pays their taxes)?

How is Bitcoin any different? A lot of hype was generated about it, but at the end of the day you will not be able to pay your taxes with it, banks are unlikely to accept it for loan payments, and the majority of businesses that claim to accept Bitcoin payments actually accept payments in fiat currency via a Bitcoin exchange. Bitcoin currency has no practical uses (it is basically an energy sink) so the Austrian school does not support it, and it is not legal tender nor is it accepted for tax purposes by the government so modern monetary theory does not support it either.

"why should I care about what theorists say?"

For the same reason you should care about what cryptography theorists, physicists, and doctors have to say.

"we have never seen anything like Bitcoin taking off before."

That is because Bitcoin is the first of its kind. It is the first attempt to create a currency without a legal system. Even gold had value as currency because of a legal system.

"Yeah, I have seen a lot of people raging. How is that evidence of anything, other than fear of the unknown?"

You are calling the informed opinions of dozens of experts in cryptography and economics "raging" because they are saying that the system you love and support is based on dubious technical and economic ideas. It sounds more like you started out believing that Bitcoin is the future and are not willing to accept any argument that concludes anything else.

[jafaku]

> There are a lot of organizations with the resources needed to perform the "51% attack" on Bitcoin and no compelling reason to think that a faster attack is not possible.

I'm aware of that. There are also lots of organizations with the power to kill you, yet you won't lose your sleep, because they have nothing to gain from that, so you are pretty sure that it won't happen. It could be argued that the central banks have a lot to lose to Bitcoin, so they should attack it. But after giving it a bit of thought, I remembered that most people just try to pass the current problems to the next guy (think of presidents, bankers, etc), so why would they bother? Right now, Bitcoin is not big enough to be a threat to anyone. It will keep growing as a threat, but everyone will pass the problem to the next guy, until Bitcoin becomes too big to be stopped. If there is a future that makes sense, this is it. Bitcoin takes over because lazy politicians don't do what they have to (in this crazy world, where their function seem to be to ruin everything), and ironically, that will be the best for everyone.

> For the same reason you should care about what cryptography theorists, physicists, and doctors have to say.

I was thinking about economists mostly (which in many cases will have vested interests), but still, if it works it works. Many theorists have spoken against the phone, the internet, the email, the aeroplanes, etc, and see what happened. I'm no cryptographer, but Bitcoin doesn't seem like something that would require one to begin with since all its crypto was done at the user level, it's pretty simple. Satoshi didn't try to create his own hashing algorithm or anything like that.

> You are calling the informed opinions of dozens of experts in cryptography and economics "raging" because they are saying that the system you love and support is based on dubious technical and economic ideas. It sounds more like you started out believing that Bitcoin is the future and are not willing to accept any argument that concludes anything else.

There are quite informed people on the other side too. So what do we do about them? Ignore them? I said raging, because Bitcoin has this crazy effect on a lot of people. They will hate Bitcoin for no reason, spread outright lies, and try to convince everyone that it is a scam. Why? We still don't know what causes it, so we just call it fear of the unknown.

[betterunix]

"Satoshi didn't try to create his own hashing algorithm or anything like that."

No, he tried to create his own digital cash system, and digital cash is a cryptography problem that has been extensively studied by cryptographers (and had been studied for decades prior to Bitcoin). Bitcoin is also a system that involves multiparty computation, and secure multiparty computation has also been studied extensively by cryptographers, also going back decades. It is a mistake to think that the only relevant cryptography in Bitcoin are digital signatures and hash functions.

This is really the crux of the issue here. Bitcoin is not a hash function. It is not a digital signature system. The security of hash functions and digital signatures is not in question here; Bitcoin could be vulnerable to attack even if it is built using secure hash functions and secure signature systems. The point of having a security definition is to be clear about these things. We need to be clear about what the meaning of "security" is in the case of Bitcoin if we want to make any statements about whether or not Bitcoin actually achieves that security goal. It is not hard to see that the definition of security for a hash function or a digital signature system is not what we want for Bitcoin; what is not so clear is what we actually do want.

[drewblaisdell]

> Sure. Let's start with a thought experiment: I have something very rare, which has no practical uses but which is easy to give to others. Will you give me your car for a big pile of it?

How does the success/value of gold not completely destroy this line of reasoning?

I'm not saying it is destined for success or failure, just that this is not a coherent argument against Bitcoin.

[westicle]

I read that whole thought experiment assuming that "something very rare, which has no practical uses but which is easy to give to others" was cash.

Which is awkward.

[betterunix]

Go buy your lunch with a lump of gold if you need to be reminded that gold is not used as a currency outside of a few highly niche markets.

[aryastark]

This line of reasoning is inane, and comes up every time gold or Bitcoin is mentioned.

Gold and Bitcoin are merely stores of value. Just like your paper bills with dead presidents on them. Or stocks or bonds. Which has next to nothing to do with how you pay for something. You can easily barter for an item, or pay with credit cards. Some places still do not accept American Express. Some places don't accept any credit cards. That doesn't take away from the fact that they are convenient. Likewise, I can see that Bitcoin could eventually become very convenient for micropayments, since credit cards charge merchants a fee. AFAIK, Bitcoin transfers are cheap or entirely free, thus making micropayments possible.

[betterunix]

Currencies are not just stores of value. Real estate is a store of value also, but nobody uses land or buildings as currency.

Once upon a time, gold was used as currency. Merchants would have scales, weights, and other equipment needed to deal in gold. That is not how gold is used in today's world; there are only a few highly niche markets where gold is used as currency, and everywhere else you have either fiat currency or currency that is backed by gold (with fiat currency being vastly more popular these days).

It is also wrong to separate printed money from the rest of the money supply when you are talking about fiat currency. Paper money is just a representation of the currency; the value of a dollar bill is equal to the value of four quarters and equal to the value of a bank account with one dollar in it. Fiat currency is an abstraction created by laws, which is implemented in various ways (paper money, coins, electronic transactions, etc.).

[jafaku]

I guess the Yen and the Pound Sterling are not currencies either then, since my local restaurant doesn't accept them.

[betterunix]

The Yen and the Pound are currencies in certain markets. Lumps of gold are used as currency only in highly niche markets. I did say that gold is a currency in such markets, but it is not generally used as currency in most of the world.