On Sun, Feb 15, 2015 at 11:40:24PM +0200, Adam Gibson wrote: > > > On 02/15/2015 11:25 PM, Troy Benjegerdes wrote: > > > > Most money/payment systems include some method to reverse or undo > > payments made in error. In these systems, the longer settlement > > times you mention below are a feature, not a bug, and give more > > time for a human to react to errors and system failures. > > > > Settlement has to be final somewhere. That is the whole point of it. > Transfer costs in current electronic payment systems are a direct > consequence of their non-finality. That's the point Satoshi was making > in the introduction to the whitepaper: "With the possibility of > reversal, the need for trust spreads".
The problem with that statement is I trust a merchant that I went into a store and made a payment with personally more than I trust the firmware on my hard drive . The attack surface of devices in your computer is huge. A motivated attacker just needs to get an intern into a company that makes some kind of component or system that's in your computer, cloud server, hardware wallet, or what have you that has firmware capable of reading your private keys. With the possibility of mass trojaned hardware, if we are going to trust the system, it must somehow allow reversal through a human-in-the-loop. > There is nothing wrong with having reversible mechanisms built on top > of Bitcoin, and indeed it makes sense for most activity to happen at > those higher layers. It's easy to build things that way, but > impossible to build them the other way: you can't build a > non-reversible layer on top of a reversible layer. We built 'reliable' TCP on top of unreliable ethernet networks. My experience with networking was if you tried to guarantee message delivery at the lowest level, the system got exceedingly complicated, expensive, and brittle. Most applications, in particular paying someone you already trust, are quite happy running on reversible systems, and in some cases more reliable and lower risk. (carrying non-reversible cash is generally considered risky) The problem is that if the base currency is assumed to be non-reversible, then it's brittle and becomes 'too big to fail'. Where the blockchain improves on everything else is in transparency. If you reverse transactions a lot, it will be obvious from an analysis. I would much rather deal with a known, predictable, and relatively continous transaction reversal rate (percentage) than have to deal with sudden failures where some anonymous bad actor makes off with a fortune. We already have zero-conf double-spend transaction reversal, why not explicitly extend that a little in a way that senders and receivers have a choice to use it, or not?  http://www.reuters.com/article/2015/02/16/us-usa-cyberspying-idUSKBN0LK1QV20150216 ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoinemail@example.com https://lists.sourceforge.net/lists/listinfo/bitcoin-development