> Security is defined with respect to certain threats, and blockchain is rarely the most secure with respect to the threats in a monetary system.

Wow, this is a great way to frame this! What do you see as the largest threats to the effective operation of a monetary system?

I think this question is best answered by economists, and I'm certainly not one. But blockchain does seem to interfere with some of the best regulatory defenses against economic disasters.

Blockchain gives the impression that the primary threat it is designed to defend against, is a government deciding (like Germany between world wars) to inflate their currency for whatever reason. So, not surprisingly, in order to defend a currency against being decreased in value by a central authority, it is vulnerable to all of the threats that a central monetary authority might help you with.

Which of these threats you think is the more salient is, of course, a matter on which people may disagree. I personally find the risk of a central monetary authority devaluing my money, to be not one of my top concerns, but I could understand why others might think differently (especially if they were in a different country, that used a different currency).

Right, here in Argentina our currency has lost more than half its value this year, and the US dollar has lost 96% of its value since the end of the gold standard in 1973. I carry a Zimbabwe 100 trillion dollar bill in my wallet to remind people what real hyperinflation is.

I don't think that's the main threat Bitcoin is designed to defend against, though; I think there's a whole spectrum of confiscation threats, ranging from thieves tunneling into bank vaults (I know a woman here who lost her savings that way), to immigration authorities confiscating jewelry, to pirates, to trumped-up "money laundering" charges. And of course if we're mentioning Germany and World Wars, we must not forget the confiscation of Holocaust victims' entire possessions, including jewelry and fillings after the gas chambers. Bitcoin can't make genocide impossible but maybe at least it can make it unprofitable.

> the US dollar has lost 96% of its value since the end of the gold standard in 1973

It is more like 80-85%, not 96%. $1 in 1972 is $6-$6.5 in 2019. A 96% loss of value would mean $1 in 1972 is more like $25 in 2019, which is not the case.

Also to phrase it in context you should probably say "the US dollar has had an average annual inflation rate of 4% per year over the last 5 decades". Also for additional context you should point out that bonds slightly exceeded, and that $1 of stock in 1972 in the US market became ~$104 in 2019.

Context matters a lot here.

It depends on which particular data series you use for deflation. There are definitely things for which US$1 in 1972 is more like US$25 in 2019, such as gold and energy. To take one example among many, oil cost US$3 per barrel at the beginning of 1973, and despite the fracking boom in the US, it costs US$63 today, 21× as much. And, as you yourself point out, you need over US$100 today to buy shares of stock that cost US$1 in 1972. (And there are other things which are cheap in 2019 that were unavailable at any price in 1972, and vice versa; and there are borderline cases like videotape recorders and microcontrollers, on one hand; and 1963 Buicks, ivory, old-growth redwood lumber, and quaaludes, on the other.)

I agree that "an average annual inflation rate of 7.1%" (or, using your US$6 number, 3.9%) sounds much milder than "lost 96% of its value since 1973" (or 83%). Where I differ is on whether the milder presentation or the more dramatic presentation is more informative. I think that, except to financial traders, "3.9%" or even "7.1%" is a misleadingly insignificant number.

Consider that throughout the 1600s, 1700s, and 1800s, there were families that lived on the interest income from government bonds, both in the US and in England. Even throughout the 20th century, people would buy "savings bonds" as presents for children or as a means to save up for college or retirement; the bonds would reach maturity decades in the future, providing a healthy reward for the prudent and patriotic purchase. Since the end of Bretton Woods, that 3.9% or 7.1% has made nonsense of such ideas. Despite what you might think, this hasn't eliminated plutocracy or increased social mobility — rather the opposite has happened in the post-Bretton-Woods years, in fact. I think it's hard to obtain the historical perspective necessary to appreciate the importance of this radical experiment. But it is, I assure you, a worthwhile effort. I recommend it.

Perhaps inflationary monetary policy is a necessary instrument for avoiding financial panics; it's a plausible idea. But the evidence against it — particularly the 1970s stagflation in the US — suggests that, though plausible, it isn't such a clearly open-and-shut conclusion that we should deny everyone access to alternative, non-inflationary currencies. Moreover, in most scenarios, attempting to institute such a policy would only deny such access to everyone but the well-connected and influential.

Certain things outpace inflation, yes. Certain things are drastically cheaper. That's why we use an inflation measure that's sort of an aggregate, not pinned to one or two commodities. You don't spend 100% of your money on oil and gold.

Oil now is 3x more expensive even after a more average inflation of ~4% compared to the bottom of 1973 (though in the mid 90s it wasn't so bad). Energy as a whole though, is not 3x more expensive. Petrol is only about a third of energy consumption. Consumer electricity prices for instance are relatively constant from the 70s through now. Slight increase in the 80s, slight decrease in the 00s, but within say <5% of prices.

I'm not making assertions about the change to bond markets (which I agree are historically fascinating, and will continue to be so in the future too).

There isn't an objectively correct basket of goods that is obviously the correct deflator to use, which seems to be a significant underlying assumption of your line of reasoning. The debate about which ones are the important ones to include in statistics like the US BLS CPI is a politically charged debate resolved in part by political means, not purely by the disinterested pursuit of truth. The CPI in particular eminently susceptible to drift over the years, since the goods in it change over time according to the Consumer Expenditure Survey — in 1973 people in the US were buying washing machines that are still in use today and Saran Wrap made of actual Saran, for example, and today they're buying washing machines that wear out in five years and Saran-free Saran Wrap. And of course it measures the prices of only mass-market consumer goods, not services (such as the essentials, child care and elder care) or custom or unique goods such as hand-tailored suits or buildings — a political decision, not an objective one.

If we want to be skeptical of carefully tailored metrics with thousands of parameters produced by political appointees, what standard should we use to measure the value of the dollar? Precious metals have been the standard against which currencies have been measured for several thousand years — the gold standard for measuring the value of currencies, you could say — and by that standard the dollar's loss of value since 1973 is about a factor of 25. This compares to about a factor of 2 over the previous 40 years, since 1933, and a factor of about 1.1 over the previous 140 or so years since the dollar was introduced.

I suspect that if you compare other goods which are, like gold and crude oil, verifiably produced to the same standard of quality in 1973 and today, you will find a similar factor of 16–32 in their dollar prices. I'm thinking of the most common grades of steel, aluminum, brass, portland cement, window glass, industrial electric motors, and so on. There will definitely be some exceptions — ±1% resistors are much cheaper now, to the point where you can't even get the ±20% kind that were the norm in 1973, and I imagine the same is true of specialty steels, synthetic sapphire, and a number of other things that were barely feasible at the time; and presumably photographic film has become more expensive, as it has ceased to be a mass-market item. If you're right about the cost of electricity "staying the same" — by which I assume you mean that, in the US, it increases in line with the BLS CPI? — this suggests that my hypothesis won't be true of coal. Do you have any other ideas?

Let's take anthracite, because it's the purest grade of coal, so it should be less vulnerable to variation in value from drift in grading standards. https://www.eia.gov/totalenergy/data/annual/showtext.php?t=p... suggests that nominal anthracite coal prices have risen from US$13.65 per short ton in 1973 to US$70.99 in 2011; https://www.eia.gov/energyexplained/coal/prices-and-outlook.... says that in 2017 they were US$93.17 per short ton, FOB the mine. That's a factor of 6.8, which is a lot closer to 6 than to 25.

> If you're right about the cost of electricity "staying the same" — by which I assume you mean that, in the US, it increases in line with the BLS CPI?

Yes I meant real price, not nominal.

US electricity is somewhere around a third from coal.

I would be interested in a study showing a 15-30x increase in similar-quality construction materials.

The fixation on gold makes no sense to me. It's just a commodity, not a super useful one either. Gold's price floats wildly based on people's fears. It's not like everything became 4x more expensive between 2000 and 2015.

> Yes I meant real price, not nominal.

We were debating precisely which data series is best for computing the "real price" from the nominal prices. But it seems you take me for a fool and beg the question.

I see your point, but I think there are plenty of examples of people losing their Bitcoins through analogous nefarious activities (e.g. MtGox). For an expert in cybersecurity perhaps Bitcoin is safer, but for the average non-technical person (in the U.S.) it is probably _more_ likely to get your money taken by a thief than if you had it in fiat currency in a bank, though of course either one is possible.

Again, this could vary depending upon your nation's government and crime situation.

I think it's true that "for the average non-technical person (in the U.S.) it is probably more likely to get your money taken by a thief than if you had it in fiat currency in a bank." But I think you're locating the problem in the wrong part of the conjunction: the reason fiat currency in a US bank is more secure is because US banks are fairly secure, not because the fiat currency is secure.

It seems like some sort of confusion to blame the Mt. Gox heist on Bitcoin. Mt. Gox's depositors gave their Bitcoins to Mt. Gox; Mt. Gox didn't give them back and claims that an unknown party absconded with them. If you lent your car to a random French PHP programmer in Japan and he came back without the car, you wouldn't blame that on cars in general being an "unsafe" investment.

If the Mt. Gox depositors had kept their Bitcoins in a paper wallet in a Bank of America safe deposit box rather than in Mt. Gox, they'd still have their money. (In fact they'd have enormously more money, but that's sort of random; it demonstrates the fickleness of markets rather than any kind of fundamental security of Bitcoin.) Conversely, the investors and banks who invested or lent dollars and yen to Mt. Gox lost as much or more as the Bitcoin depositors.

Probably a BofA Bitcoin account would be better, but that's a matter of convincing BofA to offer Bitcoin or similarly secure currencies, instead of or in addition to dollar-denominated accounts. And that's where Libra comes from.

> But I think you're locating the problem in the wrong part of the conjunction: the reason fiat currency in a US bank is more secure is because US banks are fairly secure, not because the fiat currency is secure.

Fiat currency is secure in US banks because there is vast institutional protection for banks such as FDIC insurance and extremely strict laws against bank theft, the Federal Reserve, and so on. There are no such institutional protections for Bitcoin and there never really can be, by design.

> If you lent your car to a random French PHP programmer in Japan and he came back without the car, you wouldn't blame that on cars in general being an "unsafe" investment.

Sure I would - if lending a car to strangers was an effective necessity to use one in the same way using an exchange is an effective necessity to use Bitcoin, and there were "alternative cars" (aka fiat currency) that required no such lending to strangers.

Leaving your Bitcoin in an exchange is not now and has never been an "effective necessity to use" Bitcoin. However, for fiat-currency transactions, it is an effective necessity to leave your fiat currency in an "exchange" called a bank, if you want instant electronic transactions. Unlike with the banking system, you can engage in instant electronic transactions with Bitcoin you hold in your own wallet — although some counterparties may prefer to wait for a number of confirmations.

> There are no such institutional protections for Bitcoin and there never really can be, by design.

This is nonsense. Bitcoin's design permits all the same institutional protections available for dollar bills or precious-metal coins, and additionally permits others that are enormously more secure than the mere incentive structures we must rely on in the case of dollar-based institutions. For example, a bank holding gold or dollars cannot produce a mathematical proof of its reserves as a Bitcoin bank can, and there is no dollar equivalent of multisig wallets.

So, in both cases, you are incorrectly imputing advantages to fiat currencies that in reality belong to Bitcoin in this comparison.

> However, for fiat-currency transactions, it is an effective necessity to leave your fiat currency in an "exchange" called a bank, if you want instant electronic transactions

Yes. However there is also cash which allows for instant anonymous transactions in the physical world which is sufficiently widely accepted to be used to the exclusion of banks, if you so choose.

> you can engage in instant electronic transactions with Bitcoin you hold in your own wallet

Isn't the fact that transactions are not instant widely perceived in the Bitcoin community as one of, if not the, greatest barrier to adoption? If not, why all the investment in the Lightning network?

> Bitcoin's design permits all the same institutional protections available for dollar bills or precious-metal coins, and additionally permits others that are enormously more secure than the mere incentive structures we must rely on in the case of dollar-based institutions. For example, a bank holding gold or dollars cannot produce a mathematical proof of its reserves as a Bitcoin bank can, and there is no dollar equivalent of multisig wallets.

You're saying these words but not addressing the substance of what I said. There is no FDIC equivalent for Bitcoin - unless there's an exchange that guarantees replacement of lost/stolen Bitcoins? Replacing Bitcoin seems a difficult proposition when fiat currency can just be created out of thin air but Bitcoin cannot - once it's lost, it's lost, and can only be replaced in a zero-sum way.

> There is no FDIC equivalent for Bitcoin - unless there's an exchange that guarantees replacement of lost/stolen Bitcoins? Replacing Bitcoin seems a difficult proposition when fiat currency can just be created out of thin air but Bitcoin cannot - once it's lost, it's lost, and can only be replaced in a zero-sum way.

I didn't realize you were laboring under the misconception that the FDIC has the authority to mint money, like a central bank. That's why I didn't address it. Now I can. It doesn't. The FDIC is funded by premiums paid by its member institutions, not by creating currency out of thin air; an insurance scheme for Bitcoin depositors in a bank that provided fractional-reserve Bitcoin accounts could be funded in the same way. It could even be provided by the FDIC, which already provides deposit insurance for deposits denominated in foreign currencies.

> Isn't the fact that transactions are not instant widely perceived in the Bitcoin community as one of, if not the, greatest barrier to adoption?

Bitcoin transactions are instant; they reach everywhere in the mempool in a matter of seconds. It's just that until they're a few blocks deep in the blockchain, they might be reversed, like bank transactions can be for several months. This usually takes half an hour or so, and that's a hassle for some kinds of transactions. However, I think bigger barriers to adoption include the network effect of existing currencies, a sketchy reputation, and the fact that Bitcoin exchanges are now illegal in China.

> there is also cash which allows for instant anonymous transactions in the physical world which is sufficiently widely accepted to be used to the exclusion of banks, if you so choose

Cash limits you to transacting with people you can meet in person, which condemns you to poverty unless you are very lucky indeed.

> the US dollar has lost 96% of its value since the end of the gold standard in 1973

And Bitcoin lost over 90% of its value in just under 2 years. Where are you going with this, council?

> And Bitcoin lost over 90% of its value in just under 2 years.

When do you mean? Right now Bitcoin is US$9400, which is almost exactly half of its all-time high value of US$19891 (in 2017). There are several times it has lost more than half of its value, but I don't remember a time when it has lost 90% of its value.

The reason the dollar inflates and never deflates is that it's designed to inflate. On purpose. The underlying Keynesian monetary theory is a radical experiment in stimulating economic activity by maintaining the proper level of unemployment — when unemployment is "too low", central banks raise interest rates (in effect, printing less money), while dropping them when unemployment is "too high". Of course, deliberate inflation of coins by governments has a much longer history than Keynesian monetary theory or fiat currencies — not only did Song China experience it when it introduced paper "representative money", but it's also a well-attested phenomenon in Roman commodity money and later coinages (there known as "debasement", in a technical sense different from its metaphorical use in literary English to describe degradation.) But Keynesian monetary theory, which might be correct, provides a theoretical justification for believing that inflation is good under some circumstances and bad under others, and since 1973 we are all, for better or worse, participating in a radical large-scale experiment to test this hypothesis.

Bitcoin is, in significant part, a dissident response from a group of eccentric intellectuals looking for a way to opt out of that radical experiment. Consequently it is designed to make inflation (of Bitcoin) infeasibly difficult — the existing Bitcoin supply increases asymptotically toward a fixed quantity, known in advance. So, although Bitcoin's value will fluctuate, sometimes wildly, it doesn't have the secular inflation trend designed into the dollar's governance mechanism.

> we are all, for better or worse, participating in a radical large-scale experiment to test this hypothesis.

Well if you have a suitably sound and accurate economic model that you’ve been secreting away, let us know and save us the time. Additionally, it’s not like it’s been exclusively Keynesian economics since the 70’s: there’s been a huge amount of neoliberal economics going around-do you not remember the popularity of austerity measures during the 2008 GFC?

To me, bitcoin and co’s dogged insistence on the evils of inflation feels more like someone along the way had some personal issue with inflation alone and designed something to counteract it, plausibly at the expense of numerous other economic factors.

Yes, I agree.

> When do you mean? Right now Bitcoin is US$9400, which is almost exactly half of its all-time high value of US$19891 (in 2017). There are several times it has lost more than half of its value, but I don't remember a time when it has lost 90% of its value.

Looks like I overstated it slightly. It lost 85% of its value between its all time high December 17th 2017 ($19,891) and December 16th 2018 ($3,159).

The rest of your response, in my opinion, is immaterial. I can't imagine a soul who'd prefer their money to "fluctuate wildly"—to the tune of -85% in a year—vs slowly losing 1-3% per year. Especially when there are very accessible financial instruments (e.g., TIPS) to avoid even that.

Anyone who invests in a stock is taking a significant risk of losing 100% of their investment, a risk on the order of 5% per year. Anyone who invests in gold is used to seeing it fluctuate by a factor of 2 or 3 most years. Yet not only are these popular investments — they're better investments than dollars are over all but the shortest time periods. Anyone who invested a large amount of money in stocks or gold in 1973 would be rich today, unless they were very unlucky at picking stocks. Anyone who invested a large amount of money in a bag of dollar bills in 1973 would be poor today.

In short, if any soul you could imagine had won the lottery in 1973, they'd be poor again by now because of not knowing how to manage their money, incorrectly believing that a currency is not a kind of investment.

You're moving the goalposts. Are we comparing BTC to currency or investments?

People invest in things, generally understanding the risk. Risk is not all equal. BTC is far riskier (more volatile) than virtually all publicly traded stocks or commodities. See again the very recent 85% drop in 1 year.

And let's be clear: BTC is not comparable to a stock. Company stock is valuable because it gives you ownership (and therefore a stake in) the company's profits. Gold is a much more reasonable comparison, but even that has real practical value (e.g., use in electronics, jewelry, dental work, etc.) And funny enough, Gold is worth less today than it was in 1979. So... it's not a great investment. It's just volatile, and "investment" in it is basically a 0-sum game. Just like Bitcoin.

> Gold is worth less today than it was in 1979.

In 1979 the price range of gold was $226 to $512 per troy ounce, a slightly higher level of volatility than the Bitcoin level you describe with a bit of exaggeration as "far riskier than virtually all…commodities." The gold price today is $1485 per troy ounce.

I'd like to caution the people who have downvoted your other comment that there is a plausible reading that is sufficiently charitable to make your new comment not actually false. Namely, although if you measure it in dollars, it's "worth" 3 to 6 times more, even over the timespan you cherry-picked, the dollar has lost more than a factor of 6 since 1979, so gold really is worth less today than it was then. The attraction of gold — just as with Bitcoin — is precisely that it doesn't have a secular decline in value built in, so it's a good vehicle for preserving wealth through periods of instability, even though it doesn't generate a return in the way that stocks and bonds do.

> I don't think that's the main threat Bitcoin is designed to defend against, though; I think there's a whole spectrum of confiscation threats, ranging from thieves tunneling into bank vaults (I know a woman here who lost her savings that way), to immigration authorities confiscating jewelry, to pirates, to trumped-up "money laundering" charges. And of course if we're mentioning Germany and World Wars, we must not forget the confiscation of Holocaust victims' entire possessions, including jewelry and fillings after the gas chambers. Bitcoin can't make genocide impossible but maybe at least it can make it unprofitable.

You cannot mean this seriously. Every example you write is worse for bitcoins. If your coins are stolen, that's it, you can pretty much kiss them goodbye. If the government wants to confiscate someone's bitcoins, they will beat the private key out of the holder with a $5 wrench. If WW3 breaks out and the world order collapses, a wholly digital asset that relies on a large network of high upkeep, high-tech infrastructure is surely not a particularly safe bet. You can bet that datacenters will be among the first casualties in such an event, whether outright government confiscation or a denial of service attack by the enemy.

If a bank gets robbed, for most cases it won't impact account holders at all. Even if the bank goes bankrupt, there are various government schemes that will cover account holders up to some limit (e.g. $250k currently for the US). There is none of this for bitcoins. There could be of course, but then the argument is: what do cryptocurrencies actually offer beyond what is already possible with normal currencies?

To the best of my knowledge, the only practical benefit of cryptos is that they completely sidestep KYC/AML regulations and therefore one can easily move money between regions that draw regulatory scrutiny. Countries with at least semi-modern banking infrastructure already have instant transfers so let's not bring that argument up. In any case, that's not a feature uniquely enabled by cryptocurrencies.

The fact that bitcoins are deflationary I consider a bug, not a feature. Perhaps history will prove me wrong, but in my opinion money is not supposed to be an investment asset. People should not hold cash expecting it will appreciate. It should be reinvested as much as possible.

Basically, scams. The ability to block a planned payment or ask your bank to chargeback is one of the keys to trust in online economy.

If our banking system had used something like bitcoin to implement online transactions, odds are that e-business would have had much less successs and much higher barrier to entry.

Given a system with irreversible transactions you can always add structure on top to support escrow, chargebacks, or whatever other protection mechanisms you deem prudent. It doesn't work so well the other way around.

Protection from scams requires that a malicious actor with full technical control of some account is still unable to make irreversible transactions by opting out of whatever structure supports escrow, chargebacks, etc; so either those mechanisms (conditional reversibility, with technical controls defining a reasonable regime of when reversals will be possible and when not) are built in the core system and aren't optional, or the system doesn't have a sufficiently usable reversibility because all the really large scams will simply avoid that "structure on top".

The other alternative, of course, is someone taking on full legal liability for transactions that can't be secured technically. If Facebook would offer Libra to consumers in e.g. UK, then all that "transactions are technically irreversible" means is that Facebook would be required to "reverse" the transaction to customer while being unable to recover the funds from the beneficiary - and if they can afford to do that, that's their choice to make.

You're asking way too much. It's not as if the current system actively prevents you from opting out of all the safety measures and, say, irreversibly handing cash (or something else of value) directly to a scammer; nor should it. Reversible transactions come with costs, especially when the other side of the transaction is not reversible. Chargeback fraud, for example, is a big problem for merchants, and can only occur in a system with reversible transactions. Contracting parties should be free to negotiate both the form of payment and the degree of risk each side is willing to take.

The main problem is simply the novelty of it all. Once reasonable and customary structures to handle disputes are in common use asking people to bypass those structures without a very good reason will be just as much of a red flag as it is under the current system.

Facebook is not a party to a transaction between any other two Libra users and should have no liability in the event of a dispute over payments beyond maintaining accurate records and providing a fair and above all neutral platform to conduct business.

There's a bunch of "should" in this argument. I won't debate whether it should have liability, but I'll point out that no matter how it ought to be, according the law of the land at least in EU any payment service provider inavoidably has liability in certain cases e.g. when your account has been hacked; if they are unable to reverse a transaction that wasn't authorised by me but by someone else, well, that's their problem, they still have to compensate the consumer above a self-risk of 50 Eur.

The original article mentions UK Consumer Credit Act which IMHO is not appropriate (its scope is limited to credit relations, and the protections of that act generally exclude both debit cards and most e-money systems including Libra), so the scope for potential payment service provider involvement in disputes between buyer and seller is narrower than that - and probably closer to your "should" statement than the arguments of the original article.

However, it can't be a fully neutral platform distancing itself from all liability. It is illegal to "simply" offer payment services without incurring any liability for misuse of them, breaching AML/KYC regulations, etc. Facebook has not yet (as far as I know) stated what exact legal structure they'll use for compliance with the legal requirements, so I can't comment on that, but they did make statements that Libracoin will comply with the EU regulations so I presume that some legal entity regarding Libracoin (possibly co-owned by the consortium members, or possibly multiple entities) will (have to) be a licensed payment service provider in EU, and similarly (it's usually done with separate legal entities) in other major jurisdictions.

Technical structures that "just happen" such as Bitcoin can ignore regulations but any person or organization that wants to offer services using these technical structures is fully liable for meeting all the legal requirements - and if the technical structure makes impossible to do something, they're still fully responsible for any consequences of not achieving the impossible thing; if they don't want the liability, they're free to not use that technical structure and not use/offer/advertise anything with it.

This thread was originally about the social and technical issues of scams in the context of irreversible ledgers, not legal liability. As far as that goes I am in full agreement with you: Facebook and other Libra consortium members are likely to face quite a bit of legal heat from various jurisdictions desiring them to block or reverse transactions and willing to hold them accountable for others' actions on the network. In my opinion the only sane way to introduce something like Libra would have been to give up control entirely, along with the ties to fiat currencies, and make it a permissionless, decentralized system like Bitcoin. Exchanges in a decentralized system have various regulations applied to them but in the end they aren't inherently in the position of transmitting money on behalf of their users; nor are they strictly necessary for the network to function. Libra, on the other hand, will be seen as a payment system controlled by Facebook and the other consortium members, and Facebook itself as a money transmitter, not a mere buyer and seller of coins.

Personally I find it much more interesting and productive to debate what the law ought to be rather than what it is, but as a practical matter Facebook will obviously need to take the various injustices of the jurisdictions in which they intend to operate into account—and the centralized design of Libra doesn't seem very well suited to deal with that reality.

There are a lot of minor threats to monetary systems that blockchain does not address. Bitcoin addresses the rare but fatal threat of hyperinflation (runaway inflation). Historical examples https://en.wikipedia.org/wiki/Hyperinflation#Notable_hyperin...

The only known solution to this threat is not have a single supplier of money (i.e. a lot of independent miners digging metal out of the ground, or the block chain equivalent)

Exactly what I needed to hear, thanks again.

I reckon the only way to error-free is redundancy, i.e. 'out of the box' we just put two boxes, or actually three for "high availability"; the underlying controller being just a dead man's switch — if A's life signal dies, failover to B; set up C as new failover; reboot A.

> I personally believe that some formal methods can greatly improve correctness, and do so affordably, but the question of which formal methods are worthwhile when and by how much each of them improves correctness is very much an open question.

Oh I can see that.

In general terms, I think cost should be focused on the most critical components; like we don't need to test every single bit of code before production. You just crash gracefully and resume state when the loss (if any) is acceptable. When it's not, then it's not a choice to front the cost, it's an imperative, part of your 'spec' as a business/product/service/free thing. Tor is slower than normal browsing, but that's the tradeoff. Fast forward 10 years and costly workloads have become either accelerated by hardware or simply benefit from general improvements, like encryption is now fundamentally cost-free for usual things like TLS (AES-based things), or increasingly AI workloads.

> blockchain is rarely the most secure with respect to the most relevant threats in a monetary system.

I very much agree. Key words being "in a monetary system", and indeed it's about economics more than tech (what I alluded to in saying 'Earth circa 2019', i.e. globalized monetary system, central-bank driven, mostly insured for most customers, etc).

Hence why I advocate that blockchain proponents explore other domains. I know businesses are, but it has more to do with topics like compliance (internal, legal).

> I reckon the only way to error-free is redundancy, i.e. 'out of the box' we just put two boxes, or actually three for "high availability"; the underlying controller being just a dead man's switch — if A's life signal dies, failover to B; set up C as new failover; reboot A.

You can have a lot of this automatically with "lockstep" chips, such as TI Hercules: http://www.ti.com/en/download/mcu/SPRB204.pdf?DCMP=hercules&...

Very interesting! Duly noted, thanks for the pointer.

>That's not what I said. I said that merely creating a verified formal specification of a language is not in itself a good path to increasing correctness, and I wouldn't focus on that as a significant cause for concern given all others.

This seems to be poorly considered. Isn't it easier for an OS and a language to be verified once even at great cost than hoping future billions of lines of developer code already produced at lesser cost per line are actually correct?

https://microkerneldude.wordpress.com/2016/06/16/verified-so...

A formal specification for the programming language doesn't automatically verify all programs written in it; in fact it verifies none, or at most one. It serves two purposes: it defines what each language primitive does so that proofs of programs written in the lang can make use of those definitions, and sometimes it is also used to verify that a compiler indeed preserves the language's semantics, as defined in the spec, when translating it to some other language; in other words, it can be used to verify the compiler.

Focusing on a formal language spec is like saying that a good way to make your software more correct is to work hard to ensure your compiler doesn't have bugs. I'm sure you'll agree there are more important things. As to use by program proofs, often an approximate ad-hoc specification is good enough.

BTW, the article you linked to is about one particular formal method -- deductive proof. There are many others, with varying costs and benefits.