CRDT-like crypto currency

[michielbdejong]

I wonder if the following would be possible:

• Put a ledger into a CRDT. Transactions should be signed by the source account, then timestamped by each node that sees that transaction. To make it more efficient it's not necessary to timestamp each transaction individually, they can be hashed into blocks and then you only have to sign a single timestamp onto the hash of that block.
• If a double spend is detected, then both transactions are marked as invalid.
• If there are 6 degrees of freedom and one second needed for a bilateral interchange of new transactions between two neighbouring nodes, then it takes max 6 seconds for a transaction to have spread across all nodes that are currently online
• This means that any transaction can be considered confirmed after roughly 6 seconds.
• The first nodes to accept a signed transaction into their version of the ledger would take a transaction fee, and it's up to peering agreements to spread that value to other nodes that do work.
• The edge case is of course if a transaction is submitted into a node that is offline. Then it will take longer for that transaction to spread. So Alice submits a transaction to Bob into the well-connected parts of the network, shows Bob that he has been paid, convinces Bob to do some work for her, and then later submits a competing transaction from her to Charlie, and when that propagates across the network, the money Bob thought he had received rolls back to Alice
• To prevent this, there should maybe be a time limit on how long it takes for a transaction to get spreaded.
• But then if you recover from a network split you have to decide what the large part and the small part of the network is, and you would want the large part to win.
• So maybe you have to count how many nodes have been active in each part of the network during the split
• And then to win a rejoin after a network split, all you have to do is look like your part of the network contains a lot of nodes, which can be easily done if you just invest some computation power
• So maybe then you're back at proof-of-work :)

[michielbdejong]

I have to think some more about this, maybe it's just not possible to implement a robust decentralised ledger this way.

I think the way Holochain does it is that each ledger account has a home node. That does make it easier than when you allow (signed) transactions to be submitted anywhere in the network, of course.

[michielbdejong]

Ah so if your only assumption is that attackers will spend limited amounts of money then you probably need proof of work. But if it’s enough that attackers get a majority of stakeholders to approve their fork then you can use proof of stake. The use case and guarantees offered are actually different

[michielbdejong]

I think proof of stake should be possible in a CRDT?