A careful read of the Nakamoto paper reveals that the original purpose of the blockchain is extremely specialized: A completely decentralized consensus among unreliable actors. I'd like to highlight the often overlooked fact that this is exactly what the blockchain is suitable for. Any change in the conditions and you are probably doing extra work. Data immutability is a good example. Recently, especially in the mainstream media, data immutability has been presented as something that has been pioneered by blockchain technology, though it's easier to achieve similar result with more conventional means.
This is a follow up of sorts to my fairly contentless rant that temporarily revived my interest in the topic. There is possibly nothing new here, but I don't hear a lot about trusted timestamping, so I thought it might be worth mentioning.
The RFC 3161, dating back to 2001, describes trusted timestamping, where a third party, a Time Stamping Authority (TSA), confirms that certain data existed before a particular time. The salient points are the following:
- A hash of data
x
is sent to a TSA. - The TSA timestamps the hash at time
t
and signs the timestamped hash. This signed data is then returned in the response.
Assuming that the TSA can be trusted, the signature is proves that the
data x
existed before t
. This could equally well be interpreted as
"immutable data x
was created at t
". Physical immutability is achieved by
replicating the signed data to a large number of locations.
What if you can't trust the TSA? It's trivial to make this into a sort of semi-decentralized system by introducing multiple TSAs and repeating the above process. With enough signatures from independent TSAs, creating false data quickly becomes impractical. Even under the assumption that some TSAs may not be reliable in all situations.
It's tempting to take this a step further and play with the thought of deprecating the blockchain in favour of some sort of a multi-TSA scheme. It's not often highlighted that there is a middle ground between a completely decentralized system, such as bitcoin, and a completely centralized system, where the transactions live in a single central database.
Consider the following rough outline for transaction, where B
pays A
:
- Each TSA stores a local copy of the entire transaction history and listens for transaction data to timestamp and sign. A transaction is only signed if there is sufficient balance.
A
givesB
a listL
of TSAs to validate the transaction with.B
creates a transaction and signs it with their private key (demonstrate ownership)B
obtains a signature from each TSA inL
(demonstrate no double-spending)B
sends the transaction toA
andA
validates all signatures against the public keys.
In this scheme, double-spending would require B
to collude with exactly
100% of L
. A single instance of transaction signed by B
proves that some
transaction was already made. As long as L
is sufficiently similar across
users, double-spending should not be practical.
I'm going to leave this section open-ended, because I'm not sure even if this could ever work; perhaps it still servers to create some discussion. What I'm absolutely certain about is that this would have a far more sustainable carbon footprint than the current PoW systems.
This has been on my contemplations for a long time. Thanks for referencing the RFC for TSA.
Great Work! Kudos @mapehe !