I.e. the problem is that hashing is wasteful. But we have demand for distributed computing.
Could the work that's being evidenced actually be performing useful computations? Perhaps by structuring a distributed computation platform that accepted standard units of compute work. Like perhaps an Erlang reduction.
Hashing is wasteful, but its redeeming quality is that it takes negligible work to validate, despite taking significant work to find values whose hashes have certain characteristics. Just hash the value produced by the worker node and make sure it conforms to the parameters. Should take microseconds.
With proof of useful work, it's probably significantly harder to find similar problem domains where the validation is fast but the useful work is laborious.
Useful cryptographic problems are usually in the intersection of NP and co-NP.
Current best guess is that NP and co-NP are different.
Thus NP complete problems can't be in co-NP, and thus are probably not cryptographically useful. There's a way to make this argument a bit less vague, but it basically explains why cryptographers have stopped looking at NP complete problems.
There was a cryptosystem based on solving knapsack problems. But they had to patch problems until people stopped paying attention.
You can do it by checking that the solution provided is a valid traversal of the graph, and does not touch two vertices twice. If there are N vertices, you can check in O(N) time.
I would dispute the assertion that hashing is wasteful. That implies it's inefficient or you're not getting something of equal value in return for what you're paying. But in PoW you spend energy and get in return the security of a global public accounting ledger, which has considerable potential social value, easily comparable to the cost of it. It should not even be surprising that such a thing has great cost, given that economics is certain of only two things - incentives matter and there's no free lunch. There's no free lunch in blockchain. (well, maybe there is, but it would take a considerable CS breakthrough).
And if you're concerned about the environment, don't worry, most of Bitcoin is secured by hydropower right now anyway, and in the foreseeable future will probably migrate to solar power (https://finance.yahoo.com/news/why-california-giving-away-el...).
It may have a lot of potential, but currently cryptocurrencies have at most as much social value as traditional currencies - which cost considerably less energy. (That's assuming they are actually used as currecies and not just as a hype and speculation vehicle)
As for energy consumption, I see no fundamental reason why mining has to stay green. If the valuation should climb high enough that renting a nuclear plant becomes profitable then someone will probably do that.
Even with hydro, the mining spends energy that could have been used for other things.
Finally, what I find most worrysome is the combination of PoW and self-adjusting difficulty. The practical effect seems to be that not just is constant energy required to maintain the system but that energy demand is also steadily growing.
I agree, but I want to break it down a little more:
Effort ->
You do a lot of hashing to try and win the 10 minute lottery by finding the magic hash that lets you make the next block.
Rewards ->
You win a block reward (or portion of one if you're pooling work with others) that has economic value.
You win transaction fees for the transaction included in the winning block.
Profitability ->
If you are generating enough hash power per your operational expenses, these rewards are profitable, even though you don't win every block.
Some may mine unprofitably because they are speculating on the future value of those rewards rather than the immediate value.
Side Effects ->
This scheme increases the security of the global ledger. Making it more viable and bolstering the value of the rewards you're getting above.
If the overall system is valuable to society, that also bolsters the value of the rewards, but also has a value to society approximately equivalent to the value of the system.
Thus, bitcoin, which does consume energy, is currently, in my opinion providing a better monetary solution at lower cost than the system it is disrupting (banks use power, employ people, etc. etc.)
The perception that it is wasteful could only come, to my mind, if one thought bitcoin was not providing value to society, or that bitcoins were going to zero in economic value.
which has considerable potential social value, easily comparable to the cost of it.
The value is 'potential,' the cost is real.
What evidence or milestones are there to indicate this considerable potential social value panning out is increasingly more or less likely? What exactly is the social value that the average HNer could perceive firsthand, rather than some mythical "unbanked" or whatever?
How long has bitcoin been around, a decade? Has anyone putting it to use in a sustainable, self-perpetuating use case that isn't a dark market or ransomware?
It's been around less than a decade and jury is still out whether it will even succeed or not yet, hence why I wrote "potential". But assuming it does prove sound and reliable over the long term, then its best value is as a hedge against governments screwing up their currency, like Venezuela and other distressed economies. There are already US dollar black markets in those places, and new cryptocurrency black markets are starting to form now too.
As for "unbanked", I don't even know why you mention it unless you're setting up a strawman to knock down. But here, let me do that for you - people who are unbanked don't have access to financial services b/c they don't have money, b/c they live somewhere that economic norms, institutions, and growth all have problems that make it hard to create wealth. Solve those problems and the banks and finserve folks will come running and those people won't be unbanked anymore. But I have yet to see a good case for how cryptocurrency in its current incarnation will solve those problems.
In the Bitcoin industrial space most of us are of the belief that only the marginal value of the work matters for security.
For example, if you can combine mining the Bitcoin chain and calculating ads for google, and the Bitcoin mining pays $1 and the ad crunching pays $5, then this process is really only providing $1 in security. The reason for this is that the for the security of the chain we care about your lost opportunity to mine one chain vs another, which keeps you working to say on the eventual winning chain so that you get paid that $1.
It's also inaccurate to describe mining as not useful. It makes Bitcoin secure. This is very useful, at least to those of us who use Bitcoin!
From a practical perspective the general constraints on what makes a proof of work good for a system like Bitcoin (e.g. that it must be largely optimization and approximation free and that you can randomly generate instances all with roughly equal hardness and that it be cheap to verify) broadly exclude most classes of work you'd likely call otherwise useful.
>Bitcoin is widely regarded as the first broadly successful ecash
system. An oft-cited concern, though, is that mining
Bitcoins wastes computational resources. Indeed, Bitcoin’s
underlying mining mechanism, which we call a scratch-off
puzzle (SOP), involves continuously attempting to solve computational
puzzles that have no intrinsic utility.
We propose a modification to Bitcoin that repurposes its
mining resources to achieve a more broadly useful goal: distributed
storage of archival data. We call our new scheme
Permacoin. Unlike Bitcoin and its proposed alternatives,
Permacoin requires clients to invest not just computational
resources, but also storage. Our scheme involves an alternative
scratch-off puzzle for Bitcoin based on Proofs-ofRetrievability
(PORs). Successfully minting money with this
SOP requires local, random access to a copy of a file. Given
the competition among mining clients in Bitcoin, this modi-
fied SOP gives rise to highly decentralized file storage, thus
reducing the overall waste of Bitcoin.
Using a model of rational economic agents we show that
our modified SOP preserves the essential properties of the
original Bitcoin puzzle. We also provide parameterizations
and calculations based on realistic hardware constraints to
demonstrate the practicality of Permacoin as a whole.
I.e. the problem is that hashing is wasteful. But we have demand for distributed computing.
Could the work that's being evidenced actually be performing useful computations? Perhaps by structuring a distributed computation platform that accepted standard units of compute work. Like perhaps an Erlang reduction.