I've spent the last few weeks considering some ideas about where Ethereum Classic should go given the resources available and the size of the community. It seems that we have a good base of miners- particularly in China. There are quite a few passionate members who have the ability to write code. Exchanges seem happy to list ETC as an asset. Wallet support will likely come over time as ETC proves resilient to outside attackers.
Thus the fundamentals of ETC look solid, outside of the threat of a few- potentially phantom- cabals of evil whales with malicious ETC or hash power. Yet such things are typically ephemeral and cabals usually fade when the cost of attacks outweigh any benefits. Hence, we as a community now need to solidify around a path forward.
This post will make a few suggestions to kickstart the conversation. My goal isn't to mandate, but rather ask what if as a thought experiment and see where it takes us. Some items will definitely need a considerable amount of fleshing out whereas others can easily be accomplished. Therefore, please do comment and go into as much detail as you'd like. I'd love to see better ideas presented.
The Consensus Epoch
As we've heard more than once, Ethereum has a bomb to force a consensus change. Preliminary research on Casper seems cautiously promising, but regardless of its success, the end result is the same- the miners get fired. This constituency has proved valuable and dedicated to the ecosystem since the beginning. It would be a shame for them to suddenly lose their jobs.
Rather, I'd love to see a gradual transition towards a hybrid scheme with two purposes. First, I'd love to see a useful proof of work algorithm with a strong connection to the DApp model in general (and yes that also means getting rid of the difficulty bomb). Second, I'd love to see ether holders be able to use their stake to make meaningful decisions about the future of the platform.
There is a formalized blending proposed by several VCU researchers that I believe can be used as a foundation towards this effort. With respect to usefulness of the PoW side, proposals like Permacoin and Spacemint have merit as they start a conversation about decentralized storage in the context of consensus (Elaine Shi has also extended it a bit with dynamic proof of retrievability). DApps should grow in complexity and storage requirements thus to promote the construction of a decentralized database concurrently with the security of the network is a novel solution.
IOHK is preparing to publish a paper inspired by Permacoin called Rollerchains that could be a nice stepping stone for the system. Somewhat ironically, we are also preparing to publish a provably secure proof of stake algorithm next week. I suppose this demonstrates our agnosticism towards consensus algorithms.
There are some improvements beyond changing the PoW mechanism to consider. First, the outsourceability of mining puzzles allows for pools and cloud hashing farms to form leading to federation of the overall mining power to a handful of actors. Andrew Miller has done some amazing work to resolve this issue while still allowing investments in mining to be a reasonable business model.
Two other items that require improvements are Ghost and validation times. Ghost changes the blockchain structure to a looser directed acyclic graph structure. Recent cryptanalysis has shown that Ghost has some issues. Second, smart contracts will grow in complexity, interaction and size. Their validation is not as trivial as a bitcoin transaction. It would be nice to reduce the validation time.
With respect to Ghost, the same authors are currently working on a replacement called Spectre, which has tremendous merit. I think there is a potential for a modified form to be installed into Ethereum Classic.
As for validation time, research like proof of proof of work and on SNARKs seems to present a nice direction to get contract validation into a sublinear complexity class. There is also an open question about how much should be on the main chain and how much could be offloaded to a private SMC group (see [1] [2] for an excellent tutorial on SMC in general) and validated with a proof of correctness (See Enigma and HAWK).
Now with respect to the proof of stake side of things, there are many options to arrange a system that permits meaningful voting of stakeholders on topics that concern governance, a treasury mechanic and adding a second layer of protection against unwanted or malicious forks. In the next section, I'll discuss the first two and the last is covered in the VCU paper mentioned above quite well.
As a parting thought on this topic, I do not believe it is wise to attempt to resolve the scalability problems alongside implementing a new consensus algorithm. I think scalability needs to be resolved organically using evolving cryptographic techniques, proliferation of overlay protocols and market mechanics.
The Governance and Monetary Epoch
The most significant problem with Ethereum is non-technical. The split of the communities was a result of bad governance. One can argue that the fork was the best option given a menu of bad choices. One can argue it was legally necessary. However, one cannot argue that the fork did not fracture the community. ETC is a sizeable and surprisingly well capitalized minority.
We have two interconnected problems on the horizon for ETC. As the dust settles from the fork, ETC needs to make decisions about its direction and roadmap and at the same time it has to pay for them. The Ethereum Foundation has made it abundantly clear they won't support ETC and a subset of the ETC community recently declared independence Succinctly, the marriage is over and daddy and mommy are moving to different states.
Hence, ETC needs some form of decision making apparatus and funding mechanism that is sustainable. I would also add that this system must prevent a cult of personality from forming and not be governed by a sole centralized entity or else what's the point of secession ?
The good news is that decades of innovation have created a nice pipeline of ideas that could provide a tremendous amount of growth, data for experiments and resilience to corruption. There are three I'll mention.
First, Dash has introduced a treasury model. Briefly, each block's coinbase award is split into three pools (45,45,10) with 45 percent going to miners, 45 percent going to a pool called masternodes and 10 percent to a treasury pool. Anyone can propose a funding request to the treasury for a small fee and voting is settled monthly. Masternodes vote on proposals and if there are ten percent more yes votes than no votes, the request passes.
Anyone with at least 1000 dash can become a masternode and there are currently more than 4,000 active nodes in the network. This website provides proposal and node information. As an example, this proposal is to pay the core developers of the system. Another cute proposal that passed was to add tipping support to the dash slack. I received my first dash a few days ago as tip when I recently joined their slack.
There needs to be a proper game theoretic and infosec analysis of the dash model, but I think the idea has merit in principle. Furthermore, it seems to be a novel solution to the tragedy of the commons problem all open source protocols suffer from. IOHK will study the Dash model and publish a whitepaper on our findings. My hope is that it can be improved and modified for Ethereum classic to solidify funding for DApp, core development and academic research.
Second, there needs to be a mechanism to evolve the ETC protocol outside of the meta effort of hard and soft forks. Arthur Breitman's Tezos system based on Peter Suber's Nomic provides a potential solution. The basic idea is to view a cryptocurrency as a combination of three distinct modules: consensus, network and transaction.
The Tezos model provides a mechanism to formalize these modules and then for stakeholders to propose a new configuration. The hypothesis is that all meaningful configurations can be represented this way (a completeness assumption). Second, that the system if properly parameterized at instantiation will evolve into ever more competitive states (a productive evolutionary assumption).
Arthur has stated that he plans to release some Ocaml code covering part or the whole of the model at Strange Loop in September and we look forward to studying the system for viability. The general concept seems sound and it provides an extremely nice mechanism for upgrading protocols in an organized and methodical process.
Finally, there is the idea of DAO Democracy proposed by Ralph Merkle. Merkle recently drafted a well written whitepaper and discussed it on epicenter bitcoin. The basic idea is inspired by futarchy in that we should separate values from beliefs and then create an incentivized system to get the most knowledgeable stakeholders to predict the future without them having a direct role in its execution.
The particular mechanics of how to achieve this end involve using prediction markets and other mechanisms, but my elaboration wouldn't add more over the whitepaper and interview. I will just add that Merkle's idea seems to shine brightest in composition with the Tezos concept.
Instead of a direct or delegated stakeholder voting process for modifications of the protocol, one could use the ballots with the highest predicted utility to the protocol to evolve the ledger. Constraints would have to be installed to protect the original social contract (think the ten commandments of the system). The model would also require some training wheels starting with the prediction market mechanics being just a reference instead of a mandate.
With respect to monetary policy, Ethereum was never originally designed to be a good store of value. It was represented, and the economics were proposed, as a computational fuel source. The pivot to proof of stake will change the monetary policy to make it more attractive from an inflationary perspective; however, ETC needs to decide it's own path.
If we stay on a mining model, then I propose a decay mechanism similar in spirit to Bitcoin's system with an asymptote at some amount X. It would be nice to do a comprehensive literature review to see if any whitepapers have been written on this model and if there is something more friendly to miners than sudden halfings of coinbase awards. It would also be nice to consult the miners in the ETC community to see what policy they would prefer, and if a Dash style treasury is something that they would support.
Code is Law Epoch
If your philosophy is that code is law and you have to accept the consequences of its execution, then you should probably have some strong guarantees of correctness. The topic of code validation is extremely rich and filled with many meaningful techniques and tools. Probably the most elegant text on the topic comes from Benjamin Pierce via his book Software Foundations.
Regardless of the richness of the topic, it's not a simple proposition to resolve the correctness issue. There are really three levels to the problem: the smart contract, the compiler and the VM. On the smart contract level, we need to have a functional DSL with a direct line to proofs. There was a recent paper using Idris for this purpose and the work done with Haskabelle is very promising. It would also be nice to have a meta-language to specify the intent of the contract. The prolog community may have some answers in this respect.
Smart contracts compile to run on the VM. Errors or artifacts reducing the security or correctness are a defect of the compiler and shouldn't be present given the intent of the paradigm. Therefore it seems prudent to have a fairly meticulous analysis of the quality of the compiler. The CompCert project at Inria is an example of such an effort for C. It would be an order of magnitude simpler to do this for a functional DSL.
Last, the nature of the EVM is beyond the scope of my knowledge and I'm certain there are wonderful theories to produce spectacular guarantees, but I can't offer much advice. The best I can suggest is to chain the evolution of the EVM to work being done by the broader VM community such as this paper. It may be prudent to move the EVM to run on something better understood and supported like the JVM. This transition would also permit more linguistic freedom for developers.
In summary, paradigms carry a cost. Code is law carries the high burden of correctness. This requirement at the very least admits the need for better pedagogy and a reference library of certified smart contracts for developers to use akin to a crypto library for us mere mortals. At most, it will require a serious look at best practices coming from research groups focusing on mission critical software and heavy investments to implement these practices.
A Conversation
If you've gotten this far, then I have to thank you for reading. This article is a suggestion intended to start a conversation for the community to carry on. I'd love to see better and more formed ideas. I'd also love to see these ideas turn into a cohesive roadmap that is realistic, understandable and accounts for the sins of the past.
In any event, I'll be part of the roadmap discussion and I look forward to helping implementing it.