# Last edited on 2015-01-04 22:39:04 by stolfilocal
# For the thread Re: Gold collapsing.  Bitcoin UP.

Please let me try again to spread my confusion abut sidechains.

Perhaps the sidechains project could be renamed "ways in which the bitcoin network (BCN) can interact with other internet services, and how the bitcoin protocol (BCP) would have to be extended to allow them".  These "other services" being the "sidechains".

Different people have different ideas of what sort of services would qualify for "sidechains", but let's not focus on that, focus instead on the interactions.  In order to exclude those assumptions, I will use the term "bitcoin-dependent service" (BDS) instead of "sidechain".

I belive I have seem three kinds interactions so far:

1. Bitcoins may be somehow be "moved"  from the BTC blockchain to the BDS, who would handle them in some way, and eventually "return" them to the BTC blockchain.  

   This kind of interaction does not require any  in the BCP or the BCN, and in fact is
   routinely used by exchanges and other similar servces,
   and It suffices to move the coins to BTC addresses whose
   private keys are managed by the BDS. To "return" the
   coins, the BDS has only to sign transactions out of those
   addresses. 
   
   The BDS is free to manage the private keys of its
   addresses any way it sees fit. The BDS may allow its
   users to generate those addresses and keep the keys, or
   it may keep the keys in its central servers, or it may
   use the standard bitcoin multisig mechanism, etc.
   
   Thus the bitcoin network does not even need to know that
   the BDS exists; and this use of the BCN by the BDS is
   "fair use" by tradition and design.

2. The BDS may exploit the power of the BCN to secure its data structures against tampering or rewind

   This interaction too does not seem to require any
   additional mechanism in the BCN or the BCP. The BDS
   computes SHA hashes of the data it wants to secure, and
   sends to the BCN a transaction request containing the
   hash, possibly disguised.  Once the transaction is
   included in the bitcoin blockchain, anyone can detect if
   the original data is tampered or not published.
   
   The BDS could do this operation at a rate higher than 1
   every 10 secods, in which case each bitcoin block will
   contain several of those hashes. However, users wishing
   to verify the hashes would still have to wait for the
   next bitcoin block, and possibly several blocks. These
   hashes may be Merkle-chained and combined with any
   Byzantine generals mechanism by the BDS to achieve other
   kinds of security.  The BCN does not need to know that.
   
   One thing "morally wrong" with this solution is that it
   is "parasitic": the BDS would enjoy the same level of
   security against tampering that would otherwise require a
   separate network with the same power of the BCN. The BDS
   would have to pay a transaction fee to the BCN for each
   stamp, but the fees currently are negligible compared to
   the cost of the BCN. That is an unfortunate consequence
   of the BCP, that offloads the cost of the BCN to the the
   buyers of new bitcoins.
   
3. The BDS could use the full power of the BCN to implement its own PoW mechanisms by merged mining

   I don't understand enough of the discussion to tell
   whether this kind of interaction would provide more
   utility to the BDS than item 2 above, but let's suppose
   it does.  On the other hand, it would provide more incentives to the BCN,
   though which may be important if the rewards and fees
   derived from bitcoin mining were to dwindle.
   
   If I understood correctly, in the simplest scheme each
   node in the BCN would collect work requests from the
   affiliated BDSes. Each request contains a hash of some
   arbitrary data that the BDS wants to secure. The node
   assembles a bitcoin block containing some bitcoin
   transactions and those hashes, and then tries to solve
   the PoW puzzle for that block, as in the current
   protocol. Each work request would also specify an
   associated difficulty level and a reward value, either in
   bitcoins or in tokens of the BDS. The bitcoin block
   itself is one of those requests. As the node keeps
   working, its best solution will satisfy an increasing
   subset of the work requests. At any moment the node may
   decide to stop, collect the rewards it has won, and start
   all over, or continue trying to find a better solution.
   To claim the rewards the node sends the whole bitcoin
   block, with the best nonce, to each BDS in that subset.
   
   Is this a vaguely correct description of merged mining?
   
   If so, I suppose that some nontrivial mechanism/protocol
   would be needed to ensure that the affiliated BDSes pay
   the promised rewards, either in BTC or in their own
   tokens.
   
   The miners would thus have an incentive to service
   any BDSes that pay enough rewards, and the BDSes would again
   get the power of the full BCN for a fraction of the cost.
   Indeed, merge mining would support a larger network than 
   could be supported by bitcoin alone.  A BDS could get 
   faster turnaround (say 1 request every 10 seconds)
   by lowering the difficulty and the reward.
   
   A possible "danger" that I see in this idea is that the
   bitcoin blockchain itself would be just like any other
   BDS, except that it dictates the solved block format,
   which the other BDSs would have to accept. Thus the
   miners may abandon bitcoin if it is not profitable enough
   compared with the other BDSes.
   
Does this make any sense?