Major Meltdown

What if a major flaw is discovered in BC's cryptographic soundness?  Is there any way to prevent the complete dissolution of the system and of everybody's wealth?

Perhaps one way to do it would be to create a voluntary registry of non-anonymous addresses, to be shared and verified publicly.  Then, if a major flaw arose (maybe someone solved the factoring problem ), then there would still be a record of everybody's wealth that could be used in a new system (supposing everybody could agree on the latest time that no fraudulent transactions could have taken place).  Of course, people who chose to stay anonymous (and therefore did not include their address in the registry) would see their wealth disappear, but alas that risk would prove the price of anonymity.

Wealth would not have to be transferred per say.  Rather, a new, cryptographically sound system would be adopted, and previous owners would be given new currency in proportion to their old balance of BC.  The exchange rate would be determined solely by the market's usage of the new currency. 

Imagine a verified public registry that voluntarily ties BC addresses to email addresses (by signing your email address with your private key for the BC address).  If BC failed, the new system would take a certain historical block from BC at a fraudless time.  Then, supposing again that 21 million units of new currency were being generated, and that 80% of the old BC currency had been registered, then each time a node generates a block for the new currency they would get to keep 20% of some number of new currency while every registered address would receive some tiny share of the other 80% in proportion to their registered BC at their registered email address.  When all new currency generation is done, the owners of the 80% of registered BC money will have 80% of the new money, while the lost 20% is reissued.

I would bet that if BC had seen widespread adoption, and if many people had registered their addresses, then the new currency would be readily accepted because so many people would be getting it for free and in their "fair" amount.


That's another interesting idea.  Basically, some individual could choose to setup their own insurance company for BC where people pay a certain percentage of their protected BC amount.  This company would then keep a registry similar to that above, but only for its clients (It's necessary to verify that clients have the BC amount they claim). Instead of issuing new currency in case of catastrophic failure, they could simply issue USD's.  Again, the biggest challenge would be setting clear terms for when payout would occur and which block would be treated as the truth.  Perhaps they could pay out from the last block issued before a mathematical proof of the system's unsoundness was offered?

Max,

Your comments make total sense, as long as there is time to switch over to the new currency when a threat looms.  This is pretty reasonable.  For example, people might start to find some small flaws with SHA-256, and so people would have time to buy into the new currency before the whole system unravels.

However, supposing somebody found a major flaw while BC was in widespread usage, that person could commit a lot of fraud without people even realizing immediately.  In this case, it might be valuable to have some kind of registry, because people might want to buy into a new currency that does include some distribution in proportion to formerly registered wealth (game theoretically, only the wealthier registered 50% would prefer this currency, but that's the topic of another discussion).

Now, it seems like a pretty good solution would be for everyone to hold a diversity of digital currencies, which are backed by a diversity of cryptographic methods.  However, this solution has many costs of its own, since the marketplace would need to support many currencies.  Among other things, it would be absolutely necessary to have many competing, cheap exchanges.

No not a centralized registry.  There's no "agency" controlling it.  It's just something that users would agree to, just like every other rule of BC.  Deentralized and public, just like BC does transactions.

Here's an answer to a similar question about how to recover from a major meltdown.
https://www.bitcoin.org/smf/index.php?topic=191.msg1585#msg1585

If you're worried about elliptic curve cryptography being broken, then don't store any significant wealth in Bitcoin.   Just like if you're worried about your (real, physical) wallet being stolen don't hold more cash than you need to get through a couple of days of purchases.

By the way: I think an economical method for separating gold atoms from seawater will be found before elliptic curve cryptography is broken (and I think both are unlikely in the next 25 years).