Andrew asks about Moore’s Law and Bitcoin scaling.
“It has been nearly six years since the
one megabyte block size debates began.”
“If Moore’s law has held true, computational speed
and memory capacity should have increased…
by a factor of 8x since then.”
“Accordingly, do you think decentralization would
be compromised by increasing the block size limit…
from one megabyte to eight megabytes?”
“Can the average node now handle an 8 megabyte block
as easily as it could 1 megabyte blocks in 2013?”
That is a great question. First of all, Moore’s Law
isn’t exactly a doubling [of capacity] every year.
At its peaking, it was an approximate doubling every
18 months, but we are already seeing Moore’s Law…
has slowed down.
In terms of the increase in clock speed
and the number of transistors on a chip,
things have slowed down.
Of course, everybody is writing articles about
why we have hit a wall and will never exceed it.
I’m skeptical about articles like that,
because we have heard it before.
Nevertheless, we are not quite at a factor
of 8x [anymore], but that is not the problem.
The real issue isn’t [so much] storage
or CPU capacity for validating blocks.
The really important bottleneck in decentralized,
open, public cryptocurrencies and blockchains is…
network bandwidth and network latency.
Moore’s Law has not operated on network bandwidth
at anywhere near the rate it [effects] CPUs and storage.
One of the big problems with network
bandwidth is ‘the last mile problem.’
Yes, you can stuff a hundred times more [data]
into optical fiber than you could ten years ago,
but that optical fiber hasn’t reached here,
[as in, residential end-users].
Maybe I have fiber-coaxial [cable]
if I am in an advanced country.
There are a few densely populated, first-world,
developed metropoles that have fiber to the home.
But that is a fairly rare phenomenon, representing
a tiny percentage of the overall installed fiber.
Maybe you have coaxial [cable] through your cable
modem, with speeds of about a hundred megabits.
It has been kind of stagnant in terms of development.
If you are down to DSL, then you are looking
at speeds of up to 25 megabits at best.
In most rural areas, you would be lucky to get
10 megabits. In many cases, not even get half that.
In talking about the impact these kinds
of choices have on decentralization…
Bandwidth is an important consideration,
not only on people running nodes, wallets,
and other activities on the Bitcoin network,
but also on the people mining nodes.
The end result of putting pressure on bandwidth and
latency would be further centralization of mining.
Mining is already centralized because of its
reliance on [the shipment schedule of chips].
Furthermore, the other impact it has is
on the initial blockchain download (IBD).
The initial blockchain download is when you bootstrap
a node completely fresh, with no reference to anything…
other than the hash of the genesis block.
To get the entire blockchain, they have to
not only download the entire blockchain,
but then validate every transaction
in every block from the beginning,
while simultaneously [adapting to]
consensus rule changes as it goes along.
Essentially, these nodes are going
back in time to January 3rd 2009,
and replaying history — as if it is happening
in real time — as fast as possible.
That initial blockchain download time takes, at best,
about six hours on a really powerful machine…
with very good bandwidth, able to download
about 250 gigabytes at this point in Bitcoin.
[IBDs] are almost impossible
to do on Ethereum right now.
We see these scaling problems
on many different blockchains.
Again, that affects decentralization of nodes. Moore’s
Law isn’t the be-all, end-all of the scaling problem.
There are broader scaling problems that have to do with
bandwidth, unequal access to hardware, relating to..
how you bootstrap a new node for the first time.
It means that increasing the block size may be possible,
from one megabyte to eight megabyte. Maybe.
But I’m not entirely sure it is necessary or
advisable to do that on the base block size.
There is another consideration. My personal opinion
in the scaling debate is that it demonstrated we have…
a very narrow window in which we can see
[significant] changes to the base protocol.
After that, eventually it [may become]
impossible to make any [significant] changes…
due to a lack of consensus, ossification of the protocol,
and it has been embedded in too many devices.
Then it becomes a matter of choices.
What changes need to be done in the base layer?
What changes that can be done in the base,
but could also be done on layer two?
My personal opinion: privacy is the change
that needs to be done in the base layer,
and it needs to be done before the window closes.
Scaling can be done in the second layer quite effectively.
We will also need some scaling on the base layer,
to support even more scaling on the second layer.
Our real focus right now should be privacy,
not increasing the block size further.
That is just my personal opinion.
[AUDIENCE] After the recent bug, there has been some
calls for more rapid ossification of the Bitcoin protocol.
[ANDREAS] Mm-hmm. [AUDIENCE] I would like
to hear more of your thoughts about that.
In the context of- If Bitcoin really succeeds,
eventually there will be pressure on developers..
to influence the protocol.
[ANDREAS Uh-huh. It is a good thing that they are
not really in charge, that no one is in charge.
It’s funny… If you look at the history of Bitcoin,
there has been a series of moments…
when one or another group says, “We’re in charge!”
and then quickly discovers that they are not in charge.
In Bitcoin, the very expression of power actually
causes it to evaporate. We are all in charge.
As long as none of us try to stick our head above
the parapets and pretend that we are in charge.
We will be yanked back down. Developers, miners,
merchants, exchanges all learned that lesson…
throughout different parts of Bitcoin’s history.
Developers may come under pressure.
I am glad you are using the term “protocol ossification.”
I think I coined that in 2013.
Like every other protocol and technology…
TCP/IP got stuck in IPv4 and then we said
“Oh, that’s ok. We will just upgrade everything to IPv6.”
[Laughter] Nineteen years later… “It’s happening,
any moment now. We are at 40% and growing.
This will happen to any protocol. The question is not
whether it will happen, or even when it will happen.
My most important question is, what can
we put into the protocol before it happens?
To that, the answer is: privacy.
I have been saying this for three years now.
At one point, I was really concerned about scalability.
Then I changed my mind because I realized…
The debate over scalability showed
that ossification was already happening.
We were unable to get agreement on a
hard fork that changed the core protocol.
[Since] we were unable to get agreement on that,
we may not be able to get agreement on other things.
Ossification was already setting in.
To me, privacy became the biggest urgency.
Scalability became a second importance.
You can solve scalability layer two.
You can’t fix privacy a layer two.
[AUDIENCE] Quick question about Bitcoin’s anonymity.
Will that issue be resolved on layer two?
[ANDREAS] I hope not. That is a really good question.
A lot of people think Bitcoin is anonymous.
It is not anonymous; it is loosely pseudonymous,
which means, if you expend an enormous amount
of effort on operational security and [transact] carefully,
you may retain anonymity for a limited period of time.
That doesn’t sound like a good thing, right?
Anonymity is a very touchy subject.
To some people, the idea of money being
spent anonymously is a terrifying possibility…
that will surely mean the end of our civilization.
Of course, the [other] form of peer-to-peer,
anonymous, untraceable money that has…
existed for thousands of years is called “cash.”
Completely peer-to-peer, anonymous,
fungible, and [somewhat] self-verifying.
Civilization didn’t come to an end. In fact, the idea
of surveillance on money is a relatively recent idea.
It was born in 1971 under the Bank Secrecy Act signed
by President Nixon, who we thought would be…
the worst president ever… [Laughter]
There is no bottom, don’t ever assume that.
‘Surely, they can’t go that low?’ Oh yes, they can.
There is no bottom.
That dream started in 1971
and died on January 3rd 2009.
Not immediately, but we put the first nail in that coffin.
Bitcoin needs to be much stronger in
confidentiality and privacy on the base layer.
We learned a very important lesson with the Internet.
IPv4 didn’t have enough security, encryption, anonymity.
We try to retrofit these things with IPsec, SSL, and Tor,
but when you try to do this on the second layer,
it is not as strong and the people who do use
the second layer stick out like a sore thumb.
“Why are you using encryption, man?
You must be doing something wrong!”
As a result, we must do this on layer one.
I think that is our biggest priority in Bitcoin.
There is a bunch of [options].
If you are interested, read up on Bulletproofs,
Taproot, Graftroot, and confidential transactions.
If we do that well on layer one, we can do it
even better and even stronger on layer two.