Lightning es maleable … El acero no lo es. por Craig Wright
Lightning es maleable … El acero no lo es
Maleabilidad
Se ha argumentado (engañosamente) que para que Bitcoin use los canales de pago, se requiere una corrección de maleabilidad. Este nunca será el caso. Los canales de pago han sido una característica de Bitcoin desde el lanzamiento inicial. Más tarde, muchas de las funciones que ayudaron a simplificar esto se deshabilitaron y eliminaron.
La verdad es que bitcoin es más fuerte como aleación. SegWit (Segregated Witness) se incorporó a bitcoin para eliminar una vulnerabilidad creada (de manera falsa) que nunca existió. La razón argumentada fue permitir que Bitcoin utilizara canales de pago [11]. La verdad es que los canales de pago no requieren transacciones no maleables. El único requisito para eliminar la maleabilidad es permitir que Lightning actúe como un pagaré sobre Bitcoin y otras cadenas de bloques. Es decir, permitirle consumir Bitcoin y eliminar el sistema económico que creó Bitcoin «.
—————————————————————————
Lightning is malleable… Steel is not
Craig Wright (Bitcoin SV is Bitcoin.)
Jun 19, 2018
https://medium.com/@craig_10243/lightning-is-malleable-steel-is-not-4e68bfdef31
A little-known fact is that even Bitcoin is a security. The mistake is thinking that this is the issue. Bitcoin is a security that is outside of the S.E.C.’s bailiwick. Bitcoin falls within a few extremely narrow exclusions in the law. These came about as the U.S. Congress “did not intend to provide a broad federal remedy for all fraud” [1]. Although Bitcoin is a security, the S.E.C. is constrained as to what it can act against [2]. There are securities, and there are securities that must be registered. Bitcoin, at least in the form of cash, is a currency and whatever may be created within it and the scripts it allows leaves Bitcoin itself as fundamentally an excluded security.
Items ruled to be securities
Too many armchair lawyers believe that they can understand law from a cursory review of Wikipedia. There are many reasons that I do not like Wiki, and the way it leads people to false conclusions is just the tip of this. That, however, is not the focus of this piece. There are many things under U.S. securities law that are securities. Some of these cover all the requirements to incorporate both Lightning and Bitcoin Core as a base instrument in the purview of the S.E.C.
Two commonly cited examples include cases involving commemorative medallions [3] and that of Gold Bullion sales [4]. These are far from extensive, and as the 1975 decision in United Housing Foundation v. Forman [6] demonstrates, there will generally be an expectation of profit.
The addition of a system that makes the underlying network redundant in the long term is a thought-provoking development in Bitcoin Core. The addition of a second layer fee structure [7] alters the nature of Bitcoin in fundamental ways, changing the requirements of the system and introducing an overlay network, Lightning, as an exchange system of promissory notes.
The fee for Lightning payments is paid by the sender. It is a requirement that the sender creates a transaction that contains adequate funds above the intended base transaction to pay fees to all lightning nodes along the route. Each hub in a channel acts as a paid money forwarder. It is interesting to note that Lightning is a form of security itself. The use of a promissory note has long been held to be a security, and a long history of judicial review covers this topic.
In “SEC v. Western Pac. Gold & Silver Exch. Corp.” [3], the SEC issued a No-Action Letter to protect investors. While the SEC does not directly regulate the bullion trade, it does act to regulate trade built around that using abstract instruments. The creation of a promissory note or futures instrument is undoubtedly an instrument the SEC regulates. In this, we see the strong analogy between commodity notes and Lightning. Lighting is a means to issue a promissory note over a commodity (Bitcoin Core). As a HTLC [8] is a Promissory note.
A promissory note is an unconditional promise in writing made by one person to another signed by the maker, engaging to pay, on demand or at a fixed or determinable future time, a sum certain in money, to, or to the order of, a specified person or to bearer. This is well defined in the [13] UK Bills of Exchange Act (1882). From this, we see the definition of a promissory note:
· The instrument must contain an unconditional order or promise (respectively)
· Must be in writing (Electronic communications are deemed to be in writing).
· Must be addressed by one person to another (this does not require the strict naming of a modern AML system, but can be a code
· Must be signed by the drawer (the person making the order or promise, and this may be using a digital signature)
· A promissory note is an unconditional promise in writing made by one person to another signed (digital signatures are ok) by the maker, engaging to pay, on demand or at a fixed or determinable future time, a sum certain in money, to, or to the order of, a specified person or to bearer.
In the UK for example, there are distinctions as to form with a “note which is, or on the face of it purports to be, both made and payable within the British Islands is an inland note. Any other note is a foreign note”. In this, the use of cross-border payment nodes would become more complicated.
Looking deeper into a system such as Lightning, we start to understand the creation of a promissory system and set of electronic notes that start through the use of a commodity backing and can later move to become a purely fiat based construction.
We see this in the traditional flow diagram below. This system has Lightning nodes act as the banks issuing a commodity secured note. In this, the note is secured using Bitcoin. That stated, it is analogous to any promissory note.
The securities case that is commonly cited as to what is not a security is erroneously used in the negative by most lawyers. The Howey case [5] did not constrain the court, rather, this case set the precedent that the courts will not be constrained into what they may interpret as what can constitute regulation as a “security”. This case sets the baseline as to what forms a security, not the bounds. The power of the S.E.C. and the courts is higher than this lower limit. From this case, the U.S. Supreme Court upheld the will of Congress to leave the scope of the term open to judicial interpretation was upheld.
That stated promissory notes fall within the range of SEC and other provisions. They are defined under AML/CTF laws as bearer instruments.
Longines Symphonette Soc’y [3] demonstrated how widely a security can be defined. In this scheme, the promoters of the commemorative medallion stated they would repurchase the product from the buyer. This guarantee of being able to move the collectable was itself a security.
Interestingly, Bitcoin is unbacked pure commodity currency. This places it under the exemptions of 15 U.S.C. § 77c(a) (2000) [2]. Not as “Digital Gold” but as cash. The system completes each exchange. Unlike Lightning, where a forward instrument is used (with penalties), Bitcoin is the commodity with a direct payment in that form.
An interesting case that can demonstrate this point is that of Sauve v. K.C., Inc. [10]. In this case, the US Supreme court acknowledged that Washington did not follow the risk capital test. This judicial assessment demarcates a security as “requiring only that risk capital be supplied with a reasonable expectation of a valuable benefit but without the right to control the enterprise.”[1] Lightning hubs are profit-seeking enterprises or ventures. The distinction from mining is in the scope of the exclusions to these laws and that used by the SEC.
It is also something that will require LN Hubs to comply under the various AML/CTF regulations. It is foolish to think any cryptocurrency cannot be stopped. It can unless it is used widely enough to ensure that it is not a political target. Right now, all the space is too small to be a real concern. It is not even 0.1% of the daily monetary velocity. This lack of concern can change rapidly.
Ability to move across chains
Let us now consider one of the sale points around lightning; that of Cross Chain payments. The image below from a site promoting Lightning details the effects of this system.
We see the aim clearly in the example. This is the exchange of multiple coins using the overlay system of promissory notes (an analogous system to modern debt banking). What is not explained in this system, is the requirement for extended life channels.
Parasitic
The last start of a system such as Lightning is the creation of a system that mirrors a Strangler fig. This is portrayed in the image below. The Lightning system itself becomes the token, leaving Bitcoin, Litecoin and all Blockchains as dead and hollow ghosts of their former state. The myth is that we need to have an underlying system such as Bitcoin. I say myth here as the truth is we live in a world where legal tender is no longer backed by sound monetary policy and is designed to support the goals of the state.
In time, if Lightning was to become a trusted medium of exchange, it leads to the perverse scenario where it no longer requires a commodity base to make it work. This leads to a system of State currency that eats cryptocurrency (such as Bitcoin) away leaving only the promise of what it was. Some will get rich from this, but the system will not be Bitcoin, it will be a form of government exchanges and banks that swap account balances.
You can be told how this will never occur, but there is no other end. Exchanges and Lightning hubs are already systems that come within the control of the legal system. Once the controls and requirements to alter balances are incorporated (and this path leads to a Proof of State system with a Ripple-like consensus), the system is just the shell of what created it.
Lightning becomes the system that enslaves, not the system that frees the world.
Miners
One major issue is the funding of the miners. Bitcoin has a looming issue. It needs to scale or die. In two (2) years, the Block Reward drops to only 6.25 Bitcoin every 10 minutes. In six (6) Years this drops again to only 3.125 Bitcoin and in ten (10) years, just 1.5625 Bitcoin reward each block.
In the same six and ten years respectively, the effects of Moore’s law on ASIC systems will increase the amount of computational power required to maintain the same level of security by 16 and 100 times respectively. If we add investment to this model, the requirement will be for a system to scale in power 4,000 and 1,000,000 times respectively. The reasons for these following values are to account for the increase in use. If Bitcoin is to grow to a global system in a decade, we can expect that the investment will allow the number of machines to increase as well as the level of computation power and efficiency.
The requirement is each block will need to earn more to be secure. With more machines available, the price per machine decreases. Even to maintain the same level of security as we experience today, the network will need to be at least 1,000 to 10,000 times more powerful in a decade.
This will require the mythical 100k to 1 million USD Bitcoin valuation. The problem is that this also requires direct use of the system, that is, on-chain. The problem few like to address is the division of fees between lightning hubs and miners, more, the ability to swap chains (as is only lightly alluded to in BTC to LTC swaps) and the fees required to use a system such as Bitcoin. We could expect a level of more than 1,000 times the number of systems in a decade. This is a world, where ASIC production starts to become extremely competitive (it is not competitive now).
As stated above, Lightning would become a parasite that takes from all mined coins. The system competes on fees, and the only equilibria that can come from this is a beggar thy neighbour strategy where the lowest fee not between competing miners, but in competing systems. This sounds good until you start to understand that the competition does not require long-term viability, it can be a simple system that fails in a year but can be easily exchanged. The promise of Bitcoin is diminished from this. Contracts that require long-term immutable storage end with the control of third parties and many use cases on Bitcoin vanish altogether.
However, it is digital
There is a false claim that is made all too often. In the Matter of Consolidated Investment Services Inc. [12], an Administrative Law Judge of the S.E.C. found that the securities dealer in question who offered non -existent high yield certificates of deposit could be subjected to the Anti-fraud provisions of the Securities Act. This finding started that the “[n]on-existence of an instrument does not logically preclude it from being defined as a security”[2]. The consequence of this being that a security formed using electronic means, and hence being more “real” than a fraudulently created offer can be a security.
The claims that systems such as Lightning are not or should not be recognised as a security thus fails to hold water. The issue is not if a cryptocurrency or even overlay (Lightning) is a security, but if the system in question falls outside the narrow range of exclusions that allow selected securities not to require registration. Unfortunately, as we have shown, many systems (including the Lightning Network) do not fall outside these provisions.
Malleability
It has been (deceptively) argued that for Bitcoin to use Payment channels, a malleability fix is required. This was and never shall be the case. Payment channels have been a feature of Bitcoin since the initial release. It was later that many of the features that helped make this simpler have been disabled and removed.
The truth is one of bitcoin being stronger as an alloy. SegWit (Segregated Witness) was incorporated into bitcoin to remove a (disingenuously) created vulnerability that never existed. The argued reason was to allow Bitcoin to utilise payment channels [11]. The truth is payment channels do not require non-malleable transactions. The only requirement for removing Malleability is to allow Lightning to act as a promissory note over Bitcoin and other blockchains. That is, to allow it to consume Bitcoin and to remove the economic system that created bitcoin.
The Lighting System differs from anything that Bitcoin used. It is a system of punishment-based bi-directional payment channels. It uses negative inducements rather than positive economic incentives as would be the case in Bitcoin natively. Punishment based channels of the form implemented in Lightning require a malleability fix. Payment channels and even atomic swaps can be completed without a malleability fix. A non-issue.
A high-frequency system such as we see discussed above never required malleability to be removed. Malleability is of no concern to this system.
The thing that matters far more than any of the technical uses of Malleability[3] is what malleability breaks. It makes the creation of a parasitic overlay more difficult and economically less viable. Bitcoin is a system that is resilient in many ways. The central aspect of this is that in its true form, it can capture other systems while remaining challenging to capture itself. More than anything else, SegWit and related “fixes” remove this resilience.
Without some level of transaction Malleability, the system can easily fragment into many coins, and these can then be captured (and consumed) by a system that is a digital equivalent of the existing fiat system. If you want to create a system that replaces fiat with a system controlled by the banks and government but which is more insidious… then you should be supporting SegWit and Lightning.
A miner of Bitcoin Core (BTC) should be concerned. BTC Hodl’ers should be concerned. Lightning required that malleability be removed as this allows the system to move to long-term channels that with cross chain swaps can eventually remove the underlying commodity cryptocurrency. As noted above, this in all forms is a security and is in the range of systems that require registering and management under the various AML/CTF laws.
In any system where there are asymmetries, one side has an advantage. In Bitcoin, the network was incentivised asymmetrically to allow for the growth of a small world and eventually a near complete graph. In Lighting, this forms a loose mesh with a small number of centrally controlled choke points. The economics of each system are designed with distinctly separate goals in mind.
Removing transaction malleability does not make Bitcoin more secure, it allows for a system of off chain swaps. It makes the creation and integration of side-chains simpler and removes one of the critical aspects of Bitcoin, scarcity. When Lightning (or another system in a similar form) can set the terms of the settlement and, in time even alter settlement to remove the requirement to hold the currency, we end where we are now. A system that has and will be debased.
At least Bitcoin Cash (BCH) managed to avoid this trap.
To conclude…
In the coming weeks, I am going to start to document and detail how many of the less well-known parts of Bitcoin (and any long-term viable cryptocurrency) all fit together.
We will explain later in the coming months how we can do Group signatures (as Schnorr is touted as a solution) using ECDSA. This is a method we have created that remains to many as impossible. For all of that, it is a form of signature that can be used on any ECDSA based system allowing for greater privacy. This system allows us to combine both keys and signatures privately without sharing keys. The added keys become a single valid key and Bitcoin address. The signature as seen on the Transaction and blockchain is a single signature. The process is additive with no sharing of the keys.
Oh, we do not require OP_Codes and protocol changes to make this work. Bitcoin supported the development of complex payment channels from Jan 2009. The difference is that these are channels that do not allow other systems to subvert and consume bitcoin.
A few of the other topics to be addressed include Partnership law, Securities law and more advanced tokens, Key aggregation and new security techniques and more.
Many deliberate that as they are not forming or a member of a company, that there is nobody in the group to go after, this cannot be further from the truth. As a development group, it is likely that the entity forms a Full Liability Partnership. This means that all members of the groups are exposed to all liabilities that can result from the actions of all other members. The truth is, incorporation protects the shareholders and members of a group. It allows for the limitation of liability such that the actions of one member do not always result in the reciprocal debt and liability of others.
Following this posting, I shall also start to delve into the positive uses of Malleability in scripts as well as more issues and problems that come about through misplaced “fixes” such as SegWit.
This is just the introduction. The topics posted here will be discussed in depth. Technology, legal issues and more going forward.
References
(1) Marine Bank v. Weaver, 455 U.S. 551 (1982).
(2) E.g. 15 U.S.C. § 77c(a) (2000) {Exempting from registration a narrow range of instruments that are otherwise securities}
(3) Longines Symphonette Soc’y, SEC No-Action Letter [1972–1973 Transfer Binder] Fed. Sec. L. Rep. (CCH) ¶ 79,151 (Nov. 10, 1972).
(4) SEC v. Western Pac. Gold & Silver Exch. Corp., [1974–1975 Transfer Binder] Fed. Sec. L. Rep. (CCH) ¶ 95,064 (D. Nev. Jan. 30, 1975)
(5) Howey, 328 U.S. at 294–96
(6) United Housing Foundation v. Forman, 421 U.S. 837 (1975).
(7) Lightning Fee Calculation: https://github.com/lightningnetwork/lightning-rfc/blob/master/03-transactions.md#fees
(8) Hashed Timelock Contracts https://en.bitcoin.it/wiki/Hashed_Timelock_Contracts
(9) BILLS OF EXCHANGE ACT 1882. Part IV, 1882 c. 61 (Regnal. 45_and_46_Vict), Part IV: https://www.legislation.gov.uk/ukpga/Vict/45-46/61/part/IV
(10) Sauve v. K.C., Inc., 91 Wash. 2d 698, 591 P.2d 1207 (1979)
(11) Working with micropayment channels https://bitcoinj.github.io/working-with-micropayments
(12) Consolidated Investment Services Inc., Admin. Proc. File №3–8312, Initial Decision №59, 1994 SEC LEXIS 4045 (Dec. 12, 1994)
(13) UK Bills of Exchange Act (1882)
Footnotes:
[1] [10], Id. at 702, 591 P.2d at 1209.
[2] Id. [12] At *19, Note 7.
[3] We will cover a series of techniques that can be created when a system allows for semi-malleable transactions and the ability to have some flexibility in the form of the signatures used in coming posts.
Lightning is malleable… Steel is not
Craig Wright (Bitcoin SV is Bitcoin.)
Jun 19, 2018
https://medium.com/@craig_10243/lightning-is-malleable-steel-is-not-4e68bfdef31
Dejar un comentario
¿Quieres unirte a la conversación?Siéntete libre de contribuir!