[Animats]

"2-way peg"

Moving coins from the side chain back to the main chain is the hard part. The white paper says you "use the proof to unlock a number of previously-locked outputs with equal denomination on the parent chain." You have to lock up N bitcoins to create N side chain coins, but those form part of a locked pool which can later be used to redeem sidechain coins. It's conceptually elegant, but the process is complex and delicate. Lots of things can go wrong, and it needs "challenge periods" of about a day during which things get sorted out.

"Security for the blockchain is provided by a set of predefined functionaries"

Uh oh. Remember Paycoin, with its "Prime Controllers" and "guaranteed minimum value". That didn't end well. The whole point of all this cryptographic machinery is supposed to be to eliminate the need to trust some central party or parties. This sidechain scheme doesn't do that.

[nadaviv]

The federated model is a temporary solution, as a workaround due to the lack of native support in Bitcoin Testnet. Once the Bitcoin network itself can validate the SPV proofs from the sidechain, this model will be replaced with a completely decentralized one.

[nickodell]

What's the incentive for people to merge mine this? Namecoin issues its own currency, and it only has a third of the hashrate of Bitcoin. If this sidechain follows that example, it seems like it will be much easier to mount 51% attacks and forge proofs.

[mappum]

A sidechain can be made to pay out bitcoin rewards to its miners, but it needs to get the coins from somewhere, as it can't generate them from thin air like the main blockchain. For example, it could get the coins from transaction fees, or demurrage (interest paid from everyone holding coins).

This is arguably a better incentive than altcoin mining since miners would be paid in real bitcoins.

[Animats]

The sidechain doesn't have mining. It has "trusted functionaries". Or so the white paper seems to say.

[mappum]

This is a temporary solution, the whitepaper addresses moving to merged mining (it's not being used in the beginning since sidechains that don't have a lot of hashpower are easily attackable).

[Animats]

This thing has a lot of moving parts.

[nickodell]

>Uh oh. Remember Paycoin, with its "Prime Controllers" and "guaranteed minimum value". That didn't end well. The whole point of all this cryptographic machinery is supposed to be to eliminate the need to trust some central party or parties.

Personally, I'd compare this to Ripple; semi-centralized transaction timestamping seems to work ok for them.

>It's conceptually elegant, but the process is complex and delicate. Lots of things can go wrong, and it needs "challenge periods" of about a day during which things get sorted out.

I agree.

[SuddsMcDuff]

Any degree of centralization leaves the network open to attack, whether by technical, regulatory, or financial means. Ripple Labs recently got hit with a hefty fine from FinCEN - http://www.coindesk.com/fincen-fines-ripple-labs-700000-bank...

[nickodell]

How would a decentralized method of preventing double-spending have protected them from that fine?

It seems like the only way to protect yourself from this would be to have no money in the first place, or to have no fixed address.