"Applications that cannot be shut down" (really!);
For reasonably low transaction fees (eg. 300 or more transactions / USD).
Modified ethereum that is more efficient, environmentally friendly, and
transaction fees stay low regardless of the market value of fuel currency (1 ether).
Otherwise minimal changes, and compatible EVM.
Ethereum is so good, it's worth to make it work as it was meant in the first place.
Supereum is meant to supplement; NOT meant to replace the uncensored ETC chain (which runs as it was advertised "Applications that cannot be shut down",
and is currently the best chain to execute ethereum contracts),
or the forked (censored) ETH chain
(which waived the principles and chose to shut down an application contract
- the infamous DAO; but than the ether fuel monetized to the point that it became a "better bitcoin",
but 10 times more expensive than ETC to run the same contract - in other words it effectively lost its primary function/service).
ETH transactions cost (400 szabo = 0.4 finney =) $0.14 (7 transactions / USD in other words: 50..100 times more than thay should).
Benefits: handle transactions with reasonable transaction fees. (or handle more transactions with similar infrastructure cost: eg. invest in HW that can provide useful transaction processing to the network, instead of GPU or ASIC that just burn electricity).
How: The mining needs some (simple, and hopefully easy to understand) changes. Either "Proof of Authority" with regular, but low duty mining, or "Proof of Usefulness". Not just depending on "Proof of Waste" (also known proof of "Work", but useless work should be called waste).
Traditional Ethereum (the classic and forked chains combined) wastes an immense amount of power, roughly equivalent to 1 reactor block (1400MW thermal, 450 MWatt electric, 240-300 MWatt at the enduser because of losses ) of a nuclear power station :
49 / 20 * 100 = 245 MWatt (assuming 100 Watt GPU dissipation at 20MHash/sec - the average efficiency is probably worse). More importantly, continuously growing. This immense waste is not justified at all, and absolutely unnecessary and useless (especially for something around only 10 transactions / second)..
How can I contribute ?
Ideas, testing, recipes, drawing illustrations, criticism, or funding, or, of course, running a full node of the chain (=protocol compatible code, and appropriate genesis block).
Please come back after a few days.
How will ideas / code contributions be collected ?
How will funds be collected ?
Using an existing ethereum based blockchain, at least as efficient as Ethereum classic (or better). Most likely ETC funds will be directly accepted. (Ethereum hard forked ("official ETH") tokens are convertible via market, eg. poloniex.com).
Proof of waste => Proof of usefulness
GPU mining undermines the redundancy of the network. Proof of waste (misleadingly called "proof of work") encourages investing into an incredibly sized farm of electricity wasting GPU-s or ASICs next to a reasonably powerful full node (which is useful and contributes to the health of the network).
10 (or just 1) full node is more useful than 1 million miners mining in pool (usefulness of which is rather negative, causing environmental damage).
It was shown in practice how stupid the concept really is: at one point approximately half of the "network" was mining in the largest pool (it happened in bitcoin, but any chain is similarly broken where mining does not dive back into the transaction data ). It is important to notice that the GPU-s do NOT provide any useful service because they chew on ad-hoc numbers, not diving into the blockchain data at all. Millions of computational units chewing on numbers without "cross-checking" validity of stored data or the originating transactions => they happily chew on invalid input indefinitely without noticing. An unintentional fork (grave) is less likely if investing in useful system "following and cross checking transactions" instead of electricity wasting expensive miner/heaters.
If the algorithm dives back into the blockchain data (perhaps the full, or just some partition of it), then it might be called
"proof of usefulness". "Proof of work" as a naming is unfortunate, best to avoid it, because it was abused misleadingly for a long time). A "Hashimoto", if implemented properly, dives back into the blockchain, so valid result cannot practically be computed without actually storing the blockchain.
Note: of course, the bitcoin sha256 mining is even worse
, because even special hardware is manufactured which becomes completely useless when sane schemes are deployed - the GPU-s might be used in workstations (those that survive the mining abuse they were not designed for).
A small patch (on top of the otherwise nice and smart ethereum codebase) can save 2..3 billions of dollars in real assets
(power station and freeing GPU to help people, not just to warm them :-) (most likely much more later ; as of 2017-Q2 it just caught up and growing ).
Note for programmers:
What is the risk of an authority ? How can an authority hijack a blockchain ? It is important to note that a "magical" uncensorable bulletin board would immediately solve the "money problem" (problems related to the monopolistic MMM creation of money, currency exchange, and financial clearing). Double spending is not possible: noone would accept a payment if 2 (or more) signed transactions are posted with same (account,nonce).
An authority (or spammers, hackers) cannot fake transactions: any block containing a single transaction not signed by the account is considered invalid automatically.
The only risk of an authority (same as many cooperating miners) is that it might censor transactions based on factors other than gas-price. Miners also censor transactions: if(gasprice ≥ min_gasprice)... that is considered normal (or rather essential, to prevent excessive spamming).
If an authority censors transactions based on account (or factors other than min_gasprice threshold), the victim should have some method to post transaction anyway (perhaps with some delay; eg 5 mins instead of 15 seconds).
"Proof of waste" mining is not optimal, but certainly a proven method for this. If PoW or PoU (see Proof of Usefulness below) mining is applied in certain time windows, eg 0 < (time%300) < 15 with difficulty adjusted to yield result appr 1..3 seconds, than authority censorship would become ineffective (if authority is unwilling to include a transaction, miners will include, with minimal delay), while the mining environment damage would be roughly 100 times lower.
With near 99% of the original design's waste eliminated, the gasprice could drop to compensate elevated fuel price. Block times would be practically predictable (conditions based on block numbers are simpler and cheaper than timestamp based). Supereum full nodes need small network bandwidth, but some power-miners with powerful network connection could service (run full nodes of) 20..100 blockchains (with sufficient memory for the working set - more useful investment than electricity burning GPU-s), and run value added services for clients. Any chain is naturally limited by bandwidth (NN transactions/sec), but the total infrastructure should not, and will not be limited. Authority assisted mining is Light client friendly. (light clients can easily verify Authority signature, or Proof of Waste mining; But not Proof of Stake mining. Proof of Usefulness is questioned: probably need some invention to be light client friendly, for now we can consider it is NOT light client friendly.
Is that the same as Proof of Stake ? No. Proof of stake is so complex and risky (and hostile to light clients) that Ethereum developers simply didn't dare to deploy to production (every proof of stake testnets failed, and it might destabilize the production network; It seems reasonable to start a new PoS chain, but silly to spoil the ETH chain ). In the ethereum community, many favored cross-chain transactions since the start, in favor of "one-chain-fits-all (possibly with internal threads, that resembles cross-chain operation)".
For most part of every 300 second time window, the simple authority signed blocks (with valid transactions, based on community mined block based on previous authority blocks) can be a simple solution without the risks of complex Proof of Stake. While it can guarantee reasonably low transaction fees the Censored ETH chain failed; unfortunately it cannot protect against some unlikely (but theoretically possible) phenomena. Eg. serious limitation of internet (or internet fragmentation, eg. near complete shutdown between USA and Eurasia), due to natural (eg. solar storm, similar to Carrington Event), technical (internet infrastructure brought down by software/firmware error), or political cause (beyond the scope of this writing).
stateRoot (Hr < 2**256 / difficulty) might be a valid condition. Please review Ethereum Yellow paper p5. Maybe it would be practical to hash in some other values also (but almost certainly not the ommersHash !). The best approach needs some thinking, especially the effect on "light client"-s. (eg. incentive to include legitimate transactions, and max 1 "made-up" transaction; better than excessive network traffic and transactional data to store). Full nodes have no problem verifying "Proof of Usefulness" or other more complex schemes. Even than: to prevent DoS = spending resources on invalid adversarial data (spam-blocks) before it turns out they were invalid: some small hashcash is usually acceptable - this is well known and properly applied in ethereum: mixhash and nonce "together").
Light clients try to get a view about the state of certain transactions/account/storage with a minimum amount of network storage, preferrably in a short time, with high confidence: usually relying on some full nodes to provide Merkel proofs on demand - any robust real world system must assume that some of the full nodes are friendly, others are adversarial.
Min 100 chains are needed to service 100 million transactions/day (as a comparison: the infamous Visa/MC~150M/day > 10000 GBytes / year). Although only a few thousand TPS (thousand times less than the LMAX exchange, core logic executing on 1 CPU thread with a reasonable design and easily parallelized "disruptors"), the multiple blockchains are necessary for reasonable bandwidth of <100 GByte / year. The 25+ MBit/sec lines are usually an illusion that cannot be sustained, many network users see their contract terminated at appr 200..250 GByte / month, well below 1 Mbit/s (= 324 GByte / month = 1 * 86400 * 30 / 8000 ). And perhaps the internet uplink could be used for conferencing and content also (not just blockchain data of 99.999% other's transactions). Those lines that can afford hundreds of GB/months are usually subject to contract/political influence (or in educational institutions), that can be shut down by law, regulation or order in a coordinated way (eg. referring to some anti-terrorist law).
more advanced versions of "atomic swap"-s are available, and in continuous development, by interested parties (not just the eth foundation) that can handle complex states using minimal on-chain processing, and merkel-proofs coming from the interested party when necessary to always end up at the right result. These are almost certainly fundamental building blocks of interchain communications (same schemes can be used in some "sharding" ethereum/supereum later, to relieve dependencies that currently prevent scaling).
Largely inspired by David Chaum many of us invested a lot during the last 20 years that culminated into the ether success. (we worked on concepts and code, developed and produced real goods to be able to develop crypto and pay programmers to develop crypto currencies who later took their code and knowledge and assembled into the eth git). We encourage David Chaum (who we consider to have contributed most to the success) to create accounts using a cold wallet (on an offline HW, either via geth, or node.js or other suitable method), so we can donate (or for the IRS' happiness: sell for 1 USD) the most significant fraction of the "premine" (which is the usual practice, same as with bitcoin, eth and virtually all other cryptocurrencies), instead of spending it on electricity to burn in a useless way.
What if authority signs multiple (otherwise valid) blocks with same block number (fork) ? The signed valid block with shorter merkel proof should be considered: the authority closer to the merkel tree root, or if on the same level: the lower pubkey (truncated to 160 bit); or if signed by the same pubkey (which should not normally happen), then the block with lower blockhash value should be considered. Any invalid block (eg. block containing any invalid transaction, or block without parent) should be neglected, obviously.
NOTE6: Random numbers
Contracts that are fine with random numbers (in the ethereum sense) of age upto 5 minutes (most contracts) can look at the community mined blocks to avoid the possibility of authority bias. The usual practice of contract specific const1,const2 in hash(const1 . pseudorandom_from_blockheader . const2) makes authority bias inpractical except for 1 or very few high value transactions each block. If a contract needs high frequency randomness (quite rare, but not unthinkable), it can rely on external feed (eg. from the ETC blockchain) to avoid authority bias. Might sound like paranoia, but better safe than sorry.
- Faraday cave: a Faraday cage implemented in a certain way, and deployed in an environment to prevent unintentional information leakage, or interference (eg. external manipulation of how it generates keys or random numbers). Involves insulation from environmental effects, such as acoustic, light and radio waves, temperature or supply line signals / variations that could transmit information without consent of the operator. Useful for "very cold wallets".
- "Proof of waste" instead of "proof of work" when "work" is just consuming electricity and generating useless waste numbers (generated without frequently diving into the state trie).