a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by spencerflem
spencerflem  ·  356 days ago  ·  link  ·    ·  parent  ·  post: Exposing violent watch thieves and their young female 'spotters'

Again, I don't think a blockchain is a fundamentally wrong thing here, I just don't think it's needed. It all depends on your threat model. With a decent policy you could run this on a standard database and even if the front line verifiers are corrupt ,if the DB admins are not then they can't cover it up. If you don't trust the DB admins you can pawn the trust off to Amazon, and if you don't trust Amazon or the company , but do trust whoever the miners are then a blockchain is needed

We've had car deeds etc. for years without a blockchain. Maybe it would be more transparent and auditable with one but I agree with Rusty's final conclusion that for most things its not necessary.

Also: if the blockchain is 100% private to Rolex they could trivially 51% attack it, or rather 100% attack it.





kleinbl00  ·  356 days ago  ·  link  ·  

sigh

Look.

That's page 26 of the World Economic Forum's 2023 NFT report. I didn't come up with this. It became pretty obvious to me, though, fifty-odd economics books and several dozen books on luxury industries.

To your credit, I did invite you to fight me so my bad. This is on me. I can tell you're feeling charitable when you say "I don't think a blockchain is a fundamentally wrong thing here" because as with most people who know just enough to justify their contempt, you've never really thought about it before.

It depends not at all on your "threat model." It depends utterly and completely on your "trust model" and blockchains are really and truly the first trustless thing in the world. You get there yourself: if you can't trust the verifiers of your database (pawn shops in Lahore, for example), the admins of the database (Pakistani vendors), the iron (AWS) or the iron's owner (Amazon) then as you say yourself, you need blockchain.

So why not just skip all the bullshit

Yes. We've had car deeds for years without a blockchain. And the reason we don't have DMV-level verification on everything is you need to interact with the DMV to get it. That's what blockchains fix: there's no more DMV. If it'll hold a serial, I can track it cradle-to-grave every time it changes hands without needing to stand in line for an hour to fill out a form in triplicate to be typed in manually by a state employee that hates their job. Because all that shit? Is a trust mechanism and the whole purpose of blockchain is it solves it away. Your solution is to invoke AWS. My solution is to invoke a Raspberry Pi. How am I the extremist here?

You agree with Rusty because you also refuse to question your assumptions and your knee-jerk assessment of the situation. Know how I know? Because you just flatly state that you can 51% attack a proof-of-stake blockchain. And you presume Rolex would attack their own network for some reason.

You're not ready for this shit. I say that as a professional courtesy. When it hits you in the face you'll be playing catch-up. 'cuz lemme tell ya. Databases are not trustworthy. I deal with two or three database corruptions a week - and that's in the land of PHI! And the owners of those corrupt databases? They're reliant on 3rd party contractors to un-fuck them. And nobody trusts that shit. That's why my office goes through a few hundred pages of fax transmission a day.

As of last year, Nike had made $91m in royalties on 2nd-party sneaker sales using NFTs for authenticity.

Thank you for stating what you think. I am telling you what I know. I suspect you'd freely concede I know more about watches than you do. I suspect you'd grudgingly concede I know more about blockchains as well. Is it really a stretch, then, that I have a better handle on the intersection of watches and blockchains?

spencerflem  ·  355 days ago  ·  link  ·  

I think maybe i'm confused at the setup -

is this running on an existing blockchain network like Etherium, or a private chain, and if a private one, who is being trusted as validator?

& @ 51% attack: valid, for Etherium it's a 66% attack: https://ethereum.org/en/developers/docs/consensus-mechanisms/pos/attack-and-defense/#attackers-with-66-stake

Either way, if one entity controls all the validators I don't see how it's better than a regular database. If it's running on a public chain, gas fees are expensive and there's definitely disadvantages but I can see how it can make sense, especially for users who might be worried about Rolex folding or shutting things down on their end

kleinbl00  ·  355 days ago  ·  link  ·  

Have you... priced a 66% attack?

# of validators, today: 1,068,000

Ethereum required per validator: 32

Price of Ethereum, right now: $2,368

Price of 66% of ethereum validator network: $53.4B

And note that you gotta get it all at once. Proof-of-stake is kept honest by slashing, whereby disunity is automatically ratted out via penalization and bounty.

We could get further into this? But you have to realize how little incentive I have for doing so when regardless of what I say or how elaborately I explain it, your response is some variation on "it's just a database."

spencerflem  ·  354 days ago  ·  link  ·  

Yea this is why I think I may have misunderstood the setup you were talking about,

if this is on the main etherium network obviously you can't 66% it.

Honestly tho, the more I think about it, the more I feel like

1. This might actually be a pretty reasonable use of NFTs

2. Blockchain is totally just a database with interesting security characteristics

Devac  ·  354 days ago  ·  link  ·  

    2. Blockchain is totally just a database with interesting security characteristics

I mean, database is essentially a list with fields, so it's not exactly a unique structure or data representation/storage.