this post was submitted on 09 Dec 2023
11 points (73.9% liked)
Monero
1675 readers
29 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Actually both since it is an important way to avoid and resolve payment disputes. Private ledgers mean nothing in a payment dispute. It's so important that without it, for large payments everyone will have to involve a "trusted third party" to keep everyone honest. It's the reason why good cashiers never put payments in the cash register until the customer leaves...without this "trick" it's easy to be scammed. It's the whole reason double entry accounting exists. MW also doesn't completely fix the issue of exploding blockchains. With 6 billion people on MW (arbitrarily chosen number) and each person having multiple wallets and wallets being lost and new people coming into MW regularly due to new births the number of wallets will explode. There needs to be a regularly get rid of abandoned and locked out wallets. Hard forks like Seraphis are a good way to find out who still has a wallet and eventually clear out the old wallets, but you can't keep doing that for a stable money supply. I've stated before, I fully support transaction fees being partially based on how big your blockchain footprint is as long as you can "close the books" and compact your footprint. I'm also open to fair schemes dropping abandoned wallets (e.g. calculate a "fee" based on blockchain footprint and time of last access. If the "fee" is less than the amount in the wallet, then do nothing. If it is greater than the amount, then the wallet can be pruned.).
In MW, if you keep a copy of every transaction you've ever signed that has been broadcast, their signature is in it as well so it is trivial to prove payment was made. You don't get to store it for free forever on other people's hard drives if they turn around and spend the output, but you're free to keep a ledger of your own payments and they are provable.
Cahsiers have to put the money in the register to get change.
You make a good point about the ever growing blockchain of unspent outputs in lost wallets. And with an ever growing supply like grin or Monero, this will ultimately grow to infinity. The curve is very different than linear growth with the size of all combined transactions every block, so nowhere near as bad but it's still there. Pruning ancient ones... I don't know that I like that. We do pay a cost to continuous record on the blockchain, and that is in the form of inflation of the supply forever. It acts as a tax to use the blockchain to store our wealth, it doesn't go to every done but it does go to miners. We even pay on proportion to the value we get, since every unit is debased the same amount.
I was trying to come up with a scheme by which you could prune transactions if they're too old, but allow for someone to broadcast the unspent tx again to get it included again, but we run into the problem you mentioned, once it's gone from the ledger there's no previous transaction to reference that it is valid. You can show the signed transaction but there's no way yo know if it was valid when you signed it.
Currently MW is Andrew Poelstra's modification to it, which includes block kernels, so there is always proof that an old transaction happened. This defeats the memoryless purpose of MW the way it was initially designed, it was done to give MW programmability, and it does solve this problem of the entire record being gone, but it leaves us with an ever growing blockchain, albeit a much slower growing one because you only need the last unspent output and the transaction kernels from it's history rather than the whole set of them from every block. Like I said above, I think we can get programmability without these kernels, but we wouldn't be able to prune ancient unspent outputs while giving the owner a way to prove they existed if in fact the wallet isn't dead, and that is unsound if you want to be able to store value indefinitely, pruning ancient wallets in an irreversible way is just not an option.