Fossil SCM
Several clarity improvements to the discussion of cryptocurrencies in blockchain.md.
Commit
70523a718c24d9237765a419362502d33cfcfc4d8b019d83c6d34bd3fca65f53
Parent
a92365d72213c6d…
1 file changed
+28
-26
+28
-26
| --- www/blockchain.md | ||
| +++ www/blockchain.md | ||
| @@ -56,18 +56,20 @@ | ||
| 56 | 56 | * **Type 1** is modification of existing currency. To draw an analogy |
| 57 | 57 | to paper money, we wish to prevent someone from using green and |
| 58 | 58 | black markers to draw extra zeroes on a US $10 bill so that it |
| 59 | 59 | claims to be a $100 bill. Cryptocurrencies apply digital signatures |
| 60 | 60 | to each block so that a given block of currency’s face value cannot |
| 61 | - be changed after it is created. The [proof-of-work][pow] aspect | |
| 62 | - prevents the creator from setting its initial value fraudulently. | |
| 63 | - | |
| 64 | -* **Type 2** is making new counterfeit $10 bills that look | |
| 65 | - sufficiently like the original to pass in commerce. Cryptocurrencies | |
| 66 | - chain blocks together and establish a sufficiently hard work problem | |
| 67 | - to create new currency that Type 2 frauds are impractical short of | |
| 68 | - doing the actual mining needed to produce legitimate cryptocurrency. | |
| 61 | + be changed after it is created. | |
| 62 | + | |
| 63 | +* **Type 2** is creation of new fraudulent currency that will pass | |
| 64 | + in commerce. To extend our analogy, it is the creation of new | |
| 65 | + US $10 bills. There are two sub-types to this fraud. In terms of | |
| 66 | + our analogy, they are: | |
| 67 | + | |
| 68 | + * **Type 2a**: copying of an existing legitimate $10 bill | |
| 69 | + * **Type 2b**: printing a new $10 bill that is unlike an existing | |
| 70 | + legitimate one, yet which will still pass in commerce | |
| 69 | 71 | |
| 70 | 72 | * **Type 3** is double-spending existing legitimate cryptocurrency. |
| 71 | 73 | There is no analogy in paper money due to its physical form; it is a |
| 72 | 74 | problem unique to digital currency due to its infinitely-copyable |
| 73 | 75 | nature. Cryptocurrencies prevent Type 3 frauds by making the |
| @@ -108,16 +110,10 @@ | ||
| 108 | 110 | you don’t have any of their private signing keys, either. |
| 109 | 111 | Cyrptocurrencies also use the work problem to prevent Type 2 |
| 110 | 112 | forgeries, but the application of that to Fossil is a matter we get |
| 111 | 113 | to [later](#work). |
| 112 | 114 | |
| 113 | - If Fossil signatures prevent Type 1 and Type 2 frauds, why then are | |
| 114 | - they not enabled by default? Because they are defense-in-depth | |
| 115 | - measures, not the minimum sufficient measures needed to prevent | |
| 116 | - repository fraud in Fossil. Fossil provides its primary protections | |
| 117 | - through other means. | |
| 118 | - | |
| 119 | 115 | Although you have complete control over the contents of your local |
| 120 | 116 | Fossil repository clone, you cannot perform Type 1 forgery on its |
| 121 | 117 | contents short of executing a [preimage attack][prei] on the hash |
| 122 | 118 | algorthm. ([SHA3-256][SHA-3] by default in the current version of |
| 123 | 119 | Fossil.) Even if you could, Fossil’s sync protocol will prevent the |
| @@ -140,21 +136,27 @@ | ||
| 140 | 136 | question. (Inversely, enabling commit clearsigning is a good idea |
| 141 | 137 | if you have committers on your repo whom you don’t trust not to |
| 142 | 138 | commit Type 2 frauds. But let us be clear: your choice of setting |
| 143 | 139 | does not answer the question of whether Fossil is a blockchain.) |
| 144 | 140 | |
| 145 | - If you’re wondering why Fossil’s current commit signing feature is | |
| 146 | - not enabled by default and why it doesn’t verify signatures on | |
| 147 | - commits, it is because Fossil is not itself a [PKI], and there is no | |
| 148 | - way for regular users of Fossil to link it to a PKI, since doing so | |
| 149 | - would likely result in an unwanted [PII] disclosure. There is no | |
| 150 | - email address in a Fossil commit manifest that you could use to | |
| 151 | - query one of the public PGP keyservers, for example. It therefore | |
| 152 | - becomes a local policy matter as to whether you even *want* to have | |
| 153 | - signatures, because they’re not without their downsides. | |
| 154 | - | |
| 155 | -2. <a id="work"></a>**Work Contests.** Cryptocurrencies prevent forgery | |
| 141 | + If Fossil signatures prevent Type 1 and Type 2 frauds, you | |
| 142 | + may wonder why they are not enabled by default. It is because | |
| 143 | + they are defense-in-depth measures, not the minimum sufficient | |
| 144 | + measures needed to prevent repository fraud, unlike the equivalent | |
| 145 | + protections in a cryptocurrency blockcahin. Fossil provides its | |
| 146 | + primary protections through other means, so it doesn’t need to | |
| 147 | + mandate signatures. | |
| 148 | + | |
| 149 | + Also, Fossil is not itself a [PKI], and there is no way for regular | |
| 150 | + users of Fossil to link it to a PKI, since doing so would likely | |
| 151 | + result in an unwanted [PII] disclosure. There is no email address | |
| 152 | + in a Fossil commit manifest that you could use to query one of the | |
| 153 | + public PGP keyservers, for example. It therefore becomes a local | |
| 154 | + policy matter as to whether you even *want* to have signatures, | |
| 155 | + because they’re not without their downsides. | |
| 156 | + | |
| 157 | +2. <a id="work"></a>**Work Contests.** Cryptocurrencies prevent Type 2b forgeries | |
| 156 | 158 | by setting up some sort of contest that ensures that new coins can come |
| 157 | 159 | into existence only by doing some difficult work task. This “mining” |
| 158 | 160 | activity results in a coin that took considerable work to create, |
| 159 | 161 | which thus has economic value by being a) difficult to re-create, |
| 160 | 162 | and b) resistant to [debasement][dboc]. |
| @@ -178,11 +180,11 @@ | ||
| 178 | 180 | not. They do this in part by identifying the linear chain with the |
| 179 | 181 | greatest cumulative [work time](#work) as the legitimate chain. All |
| 180 | 182 | blocks not on that linear chain are considered “orphans” and are |
| 181 | 183 | ignored by the cryptocurrency software. |
| 182 | 184 | |
| 183 | - It inverse is sometimes called the “51% attack” because a single | |
| 185 | + Its inverse is sometimes called the “51% attack” because a single | |
| 184 | 186 | actor would have to do slightly more work than the entire rest of |
| 185 | 187 | the community using a given cryptocurrency in order for their fork |
| 186 | 188 | of the currency to be considered the legitimate fork. This argument |
| 187 | 189 | soothes concerns that a single bad actor could take over the |
| 188 | 190 | network. |
| 189 | 191 |
| --- www/blockchain.md | |
| +++ www/blockchain.md | |
| @@ -56,18 +56,20 @@ | |
| 56 | * **Type 1** is modification of existing currency. To draw an analogy |
| 57 | to paper money, we wish to prevent someone from using green and |
| 58 | black markers to draw extra zeroes on a US $10 bill so that it |
| 59 | claims to be a $100 bill. Cryptocurrencies apply digital signatures |
| 60 | to each block so that a given block of currency’s face value cannot |
| 61 | be changed after it is created. The [proof-of-work][pow] aspect |
| 62 | prevents the creator from setting its initial value fraudulently. |
| 63 | |
| 64 | * **Type 2** is making new counterfeit $10 bills that look |
| 65 | sufficiently like the original to pass in commerce. Cryptocurrencies |
| 66 | chain blocks together and establish a sufficiently hard work problem |
| 67 | to create new currency that Type 2 frauds are impractical short of |
| 68 | doing the actual mining needed to produce legitimate cryptocurrency. |
| 69 | |
| 70 | * **Type 3** is double-spending existing legitimate cryptocurrency. |
| 71 | There is no analogy in paper money due to its physical form; it is a |
| 72 | problem unique to digital currency due to its infinitely-copyable |
| 73 | nature. Cryptocurrencies prevent Type 3 frauds by making the |
| @@ -108,16 +110,10 @@ | |
| 108 | you don’t have any of their private signing keys, either. |
| 109 | Cyrptocurrencies also use the work problem to prevent Type 2 |
| 110 | forgeries, but the application of that to Fossil is a matter we get |
| 111 | to [later](#work). |
| 112 | |
| 113 | If Fossil signatures prevent Type 1 and Type 2 frauds, why then are |
| 114 | they not enabled by default? Because they are defense-in-depth |
| 115 | measures, not the minimum sufficient measures needed to prevent |
| 116 | repository fraud in Fossil. Fossil provides its primary protections |
| 117 | through other means. |
| 118 | |
| 119 | Although you have complete control over the contents of your local |
| 120 | Fossil repository clone, you cannot perform Type 1 forgery on its |
| 121 | contents short of executing a [preimage attack][prei] on the hash |
| 122 | algorthm. ([SHA3-256][SHA-3] by default in the current version of |
| 123 | Fossil.) Even if you could, Fossil’s sync protocol will prevent the |
| @@ -140,21 +136,27 @@ | |
| 140 | question. (Inversely, enabling commit clearsigning is a good idea |
| 141 | if you have committers on your repo whom you don’t trust not to |
| 142 | commit Type 2 frauds. But let us be clear: your choice of setting |
| 143 | does not answer the question of whether Fossil is a blockchain.) |
| 144 | |
| 145 | If you’re wondering why Fossil’s current commit signing feature is |
| 146 | not enabled by default and why it doesn’t verify signatures on |
| 147 | commits, it is because Fossil is not itself a [PKI], and there is no |
| 148 | way for regular users of Fossil to link it to a PKI, since doing so |
| 149 | would likely result in an unwanted [PII] disclosure. There is no |
| 150 | email address in a Fossil commit manifest that you could use to |
| 151 | query one of the public PGP keyservers, for example. It therefore |
| 152 | becomes a local policy matter as to whether you even *want* to have |
| 153 | signatures, because they’re not without their downsides. |
| 154 | |
| 155 | 2. <a id="work"></a>**Work Contests.** Cryptocurrencies prevent forgery |
| 156 | by setting up some sort of contest that ensures that new coins can come |
| 157 | into existence only by doing some difficult work task. This “mining” |
| 158 | activity results in a coin that took considerable work to create, |
| 159 | which thus has economic value by being a) difficult to re-create, |
| 160 | and b) resistant to [debasement][dboc]. |
| @@ -178,11 +180,11 @@ | |
| 178 | not. They do this in part by identifying the linear chain with the |
| 179 | greatest cumulative [work time](#work) as the legitimate chain. All |
| 180 | blocks not on that linear chain are considered “orphans” and are |
| 181 | ignored by the cryptocurrency software. |
| 182 | |
| 183 | It inverse is sometimes called the “51% attack” because a single |
| 184 | actor would have to do slightly more work than the entire rest of |
| 185 | the community using a given cryptocurrency in order for their fork |
| 186 | of the currency to be considered the legitimate fork. This argument |
| 187 | soothes concerns that a single bad actor could take over the |
| 188 | network. |
| 189 |
| --- www/blockchain.md | |
| +++ www/blockchain.md | |
| @@ -56,18 +56,20 @@ | |
| 56 | * **Type 1** is modification of existing currency. To draw an analogy |
| 57 | to paper money, we wish to prevent someone from using green and |
| 58 | black markers to draw extra zeroes on a US $10 bill so that it |
| 59 | claims to be a $100 bill. Cryptocurrencies apply digital signatures |
| 60 | to each block so that a given block of currency’s face value cannot |
| 61 | be changed after it is created. |
| 62 | |
| 63 | * **Type 2** is creation of new fraudulent currency that will pass |
| 64 | in commerce. To extend our analogy, it is the creation of new |
| 65 | US $10 bills. There are two sub-types to this fraud. In terms of |
| 66 | our analogy, they are: |
| 67 | |
| 68 | * **Type 2a**: copying of an existing legitimate $10 bill |
| 69 | * **Type 2b**: printing a new $10 bill that is unlike an existing |
| 70 | legitimate one, yet which will still pass in commerce |
| 71 | |
| 72 | * **Type 3** is double-spending existing legitimate cryptocurrency. |
| 73 | There is no analogy in paper money due to its physical form; it is a |
| 74 | problem unique to digital currency due to its infinitely-copyable |
| 75 | nature. Cryptocurrencies prevent Type 3 frauds by making the |
| @@ -108,16 +110,10 @@ | |
| 110 | you don’t have any of their private signing keys, either. |
| 111 | Cyrptocurrencies also use the work problem to prevent Type 2 |
| 112 | forgeries, but the application of that to Fossil is a matter we get |
| 113 | to [later](#work). |
| 114 | |
| 115 | Although you have complete control over the contents of your local |
| 116 | Fossil repository clone, you cannot perform Type 1 forgery on its |
| 117 | contents short of executing a [preimage attack][prei] on the hash |
| 118 | algorthm. ([SHA3-256][SHA-3] by default in the current version of |
| 119 | Fossil.) Even if you could, Fossil’s sync protocol will prevent the |
| @@ -140,21 +136,27 @@ | |
| 136 | question. (Inversely, enabling commit clearsigning is a good idea |
| 137 | if you have committers on your repo whom you don’t trust not to |
| 138 | commit Type 2 frauds. But let us be clear: your choice of setting |
| 139 | does not answer the question of whether Fossil is a blockchain.) |
| 140 | |
| 141 | If Fossil signatures prevent Type 1 and Type 2 frauds, you |
| 142 | may wonder why they are not enabled by default. It is because |
| 143 | they are defense-in-depth measures, not the minimum sufficient |
| 144 | measures needed to prevent repository fraud, unlike the equivalent |
| 145 | protections in a cryptocurrency blockcahin. Fossil provides its |
| 146 | primary protections through other means, so it doesn’t need to |
| 147 | mandate signatures. |
| 148 | |
| 149 | Also, Fossil is not itself a [PKI], and there is no way for regular |
| 150 | users of Fossil to link it to a PKI, since doing so would likely |
| 151 | result in an unwanted [PII] disclosure. There is no email address |
| 152 | in a Fossil commit manifest that you could use to query one of the |
| 153 | public PGP keyservers, for example. It therefore becomes a local |
| 154 | policy matter as to whether you even *want* to have signatures, |
| 155 | because they’re not without their downsides. |
| 156 | |
| 157 | 2. <a id="work"></a>**Work Contests.** Cryptocurrencies prevent Type 2b forgeries |
| 158 | by setting up some sort of contest that ensures that new coins can come |
| 159 | into existence only by doing some difficult work task. This “mining” |
| 160 | activity results in a coin that took considerable work to create, |
| 161 | which thus has economic value by being a) difficult to re-create, |
| 162 | and b) resistant to [debasement][dboc]. |
| @@ -178,11 +180,11 @@ | |
| 180 | not. They do this in part by identifying the linear chain with the |
| 181 | greatest cumulative [work time](#work) as the legitimate chain. All |
| 182 | blocks not on that linear chain are considered “orphans” and are |
| 183 | ignored by the cryptocurrency software. |
| 184 | |
| 185 | Its inverse is sometimes called the “51% attack” because a single |
| 186 | actor would have to do slightly more work than the entire rest of |
| 187 | the community using a given cryptocurrency in order for their fork |
| 188 | of the currency to be considered the legitimate fork. This argument |
| 189 | soothes concerns that a single bad actor could take over the |
| 190 | network. |
| 191 |