this post was submitted on 05 Mar 2024
7 points (64.0% liked)

Monero

1675 readers
24 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
 

Monero is striving to be a currency that everyone can use, the growth of the blockchain is starting to hamper this goal IMO.

I think we should consider dropping blocks off of the chain tail once we reach block height of 4000000. This will give us 10 years of storage capacity, more than enough IMO.

Similar to how you have to exchange bills of cash once they get worn, you would simply churn your coins to get your outputs into younger blocks.

We are trying to be digital cash not an inheritance vault. If we had this feature from the start 99% of the community would agree with it.

Please consider this.πŸ™‚

*Edit: @4KB/tx * 100,000tx/day we are looking at ~400MB chain growth daily, this is not sustainable, let's take care of this now before it becomes a big problem

**Edit: A possible solution could be that nodes would have the option to set chain retention duration. So when syncing a new node you can select that you would like to retain 5 years of chain data, with a minimum boundary enforced that retains sufficient security. This way the network decides in a fair way how much chain data is useful to store.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 10 points 8 months ago (2 children)

@tusker @monero Chain growth is a real problem that is often dismissed because storage prices are falling. This makes sense when you're small and there is not much activity, but that could change in the future.

However, I don't think you can simply drop old blocks without burning someone's savings? One probably should look into what Ethereum people are doing with their state expiry proposals.

[–] [email protected] 2 points 8 months ago (7 children)

@silverpill @monero @tusker

If you were to take old transactions and roll them over to new genesis transactions at the same address but without a need to validate a history, I think you could safely drop the history of those coins without any affect to the end users. Probably would need to have the new genesis transactions on the chain for a few hundred or thousand blocks before the history was dropped to prevent malicious actors from forcing history to be dropped early.

[–] [email protected] 7 points 8 months ago

Having the possibility of a full archive node and a fast syncing node that builds on top of snapshots is a great way to satisfy both the need for history keeping and block size management.

load more comments (6 replies)
[–] [email protected] -1 points 8 months ago* (last edited 8 months ago) (1 children)

I don’t think you can simply drop old blocks without burning someone’s savings?

No, but Monero is not a savings account, it is a currency, using it to store coins for over a decade is detrimental to those trying to use it for transactions by forcing everyone to keep old data around.

Wallets can simply notify users telling them to churn their coins into fresh blocks. Small inconvenience that will greatly benefit new users and those who use Monero everyday.

We would see 10 times the nodes on the network if the chain was only a few GB's and not growing, because just about anyone could run one.

[–] [email protected] 2 points 8 months ago (1 children)

So just like CDBC with expiration date from conspiracy theories?

[–] [email protected] 1 points 8 months ago

So just like CDBC with expiration date from conspiracy theories?

Never heard of it. There is something called CBDC though and it has been publicly announced by war criminals and theives with having expiration dates, no theory needed.

If I could roll over CBDC to a new account before it expired by the click of a button I would have no issue with it expiring.

[–] [email protected] 10 points 8 months ago (1 children)

You can't just do that. First of all, you can't even tell what outputs are spent in Monero. Trying to remove spent outputs to prune the chain is very difficult.

People pay to have their funds stored indefinitely in monero, via debasement with the tail emission. Unlike bitcoin, where holders free ride, in Monero we lose some value over time as compensation to the network for storing our unspent outputs forever.

The security model with blocks missing from the beginning of the chain is not the same as with them. You might think this is no big deal, but it does fundamentally change the model.

These sorts of schemes have been proposed before, even before Monero. We didn't have this feature from the start because people didn't agree with it.

Dropping whole blocks globally is no good. Locally dropping blocks that a user doesn't have transactions in is fine, and we already do that (pruned nodes keep some subset of the rest of the blocks to ensure that a complete copy of the chain is out there, distributed among the nodes). So we already do something like what you're proposing, except nobody is forced to do it. If you've got the space for the whole thing, good, if not, run a pruned node.

Chain growth is a problem, but it's not such a big problem that taking a hammer to the protocol and consensus is worthwhile. What you're proposing is a drastic, not well thought out thing. We are better off chugging along until we can figure out some way to get full privacy without having to store spent outputs. We are very close to it, already MW exists that gets us ~80% of the way there.

[–] [email protected] -4 points 8 months ago* (last edited 8 months ago) (1 children)

The tail emission pays miners to process transactions. If storing all tx data was only required by miners then you would be right. However, to use the network you have to obtain and store all the data.

It takes days to sync the chain, weeks on low power devices. You should be able to sync the chain in a few hours and this should decrease with faster connections and devices so people can start using Monero properly quickly. This can only happen is we eliminate chain growth by dropping old blocks.

Decade old transactions are useless data for a cash like currency, Monero is not a storage vault it is a currency, it needs to be fast and light.

It would actually improve the practical security of Monero to not retain the data by putting the burden on those who wish to analyze the data to store it themselves.

We will get to a point relatively soon where the chain is growing 1GB per day, it is best to have something in place now that can eliminate the chain from growing to unusable levels.

Users would need to churn their outputs or they can opt to retain the chain data if they wish.

All systems are finite you cannot just store all data forever, there needs to be a cut off limit set at some point, better to do it sooner rather than later. I am not saying we need it done next month, but we should have something in place in 3-5 years.

[–] [email protected] 7 points 8 months ago* (last edited 8 months ago) (1 children)

Yeah, the tail emission pays miners. Nobody else has to run a full node, maybe you want to just to do it in which case you don't expect payment, maybe you do it because you have a lot of monero, in which case you're paying directly for your own storage, nobody is doing it on your behalf.

You're right, it takes too long to sync the chain. I'm not saying we don't need a solution, I'm saying your proposed solution is not the correct one. I think the only solution is to remove the need to keep spent outputs forever, and this being Monero, to do it in a way that preserves current privacy guarantees. This is currently not possible, you can do one or the other, not both. I think we will get there.

On the topic of syncing the chain, again it is perfectly possible right now to sync only from your restore height. This means the only people who are stuck syncing forever are people who have unspent outputs in old blocks. If you want a faster sync time, take your own advice and sweep to a new address into a brand new block, then you don't have to really worry about syncing forever, you get exactly what you're asking for, complete with reduced security, without forcing it on the rest of us.

Money is a storage vault and a medium of exchange. You can be fast and light without deleting people's savings. We just have to figure out how. Cash is not cash if I can't put it under my mattress and expect it to be there whenever I determine it's time to use it. Money that evaporates isn't money.

Users would need to churn their outputs or they can opt to retain the chain data if they wish.

Yes, that's currently how it works. We just opt to retain chain data more often than you'd like. If you want to, you can sync only from your restore height, if you want to churn outputs so your sync time is less you can do that. You get what you want, I get what I want, everybody wins. What you're proposing is already an option for you if you want.

There needs to be a solution, yes. Not your solution. I think 3-5 years is a great timeline, in time for seraphis and jamtis to roll out and significantly improve the status quo, and plenty of time for someone to figure out a real solution, such as a scheme that preserves complete privacy while allowing all spent outputs to be discarded by nodes. I hope it happens. But discarding unspent outputs globally, forcing people to do it across the whole network, is simply not an option.

[–] [email protected] 0 points 8 months ago* (last edited 8 months ago)

To use Monero properly you have to run a node, using remote nodes is just a workaround. Pruned nodes are a good solution for now. Either way someone has to run a node for you to use the coin.

It is not possible to sync a node from restore height, you are talking about syncing a wallet, I am talking about syncing a node. If you could sync a node from a desired height this conversation would be moot.

A user should be able to download the GUI wallet sync the chain and be ready to use Monero properly in an hour or two on a modern PC without any worry of running out of disk space.

About forcing people, we should not be forced to sync and store old data to use Monero because someone is too lazy to click a button every 10 years.

The health, performance, ease of on-boarding and use of the network is much more important than someone trying to store coins over a decade.

The network is not capable of infinite storage, it will become unusable by most. If there is a better solution than dropping blocks I am all for it, until then dropping aged blocks is a valid solution.

[–] [email protected] 7 points 8 months ago (2 children)

I agree blockchain growth could become a problem someday. I think it's not right now and it probably won't be in the next few years (as @monerobull already pointed out).

I'd recommend watching this monero talk episode, because near the end Luke Parker (kayabaNerve) talks about what's next for monero after seraphis/jamtis. And to me it sounded like there is a solution for the blockchain growth problem in there (nova or what it's called?). https://www.youtube.com/watch?v=GhNljgiQKp8

I think for now full chain membership proofs are one of the most important things for us (i.e. fixing the weakest link in the system aka ring signatures). After that we're mostly set on privacy and focus on other things like blockchain growth/accessability etc. (which seraphis/jamtis also tackles).

About the currency and store of value topic: In the literature it's often said money or a currency has three functions -> store of value, transfer of funds and unit of accounting. Thorsten Polleit argued in one of his latest books that these three functions actually can be condensed into a single one -> transfer of value. Store of value is just a transfer of funds through time. And unit of accounting is just that a business wants to pick the most liquid exchangeable good which circles back to transfering funds effectively and efficiently.

If you're now saying monero should be aiming for becoming the best currency, but not a store of value, you limit it's capability as a currency as transfering value (through time) is the fundamental function of a currency.

So we need to find a technical solution to that problem without compromising on the currency aspect.

So to wrap up, I appreciate your input as I agree, we need to always keep the shortcomings of monero in mind and work on improving them. I think the discussion around and permanent reevaluation of monero is one of the things that made it what it is today and if we can keep the spirit going it's what it'll make it successful in the future too :)

[–] [email protected] 5 points 8 months ago

What a great comment.

I am not saying Monero should not be used to store coins long term and my suggestion only adds a small inconvenience by requiring a churn once in a long while.

I hope you are correct about the future developments which will finally bring a solution to the eternal chain growth problem and I am glad these types of conversations are still allowed in Monero. πŸ™‚

[–] [email protected] 2 points 8 months ago

Here is an alternative Piped link(s):

https://www.piped.video/watch?v=GhNljgiQKp8

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] [email protected] 5 points 8 months ago (1 children)

I disagree with the idea that one commenter opined: "Monero is not a savings account".

Who are you to tell me what to do with my XMR?

That being said, I am not opposed to the idea of implementing some kind of condensing/snapshot that some have outlined here.

The question I'd ask is if it would ever be possible for someone to use that data maliciously?

[–] [email protected] 2 points 8 months ago (1 children)

People can use Monero how ever they wish, but rules should be in place to prevent their use from negatively affecting the network.

If we have a giant spam attack and someone adds 100GB to the chain in a week there should be a mechanism in place to drop this data eventually.

Since there is no way to determine good data from "bad" we have to just drop all data that is aged.

[–] [email protected] 2 points 8 months ago

Though this setup could probably be abused if funds were illegitimately taken and then ddos the network as a coverup, so all logs of it were deleted

[–] [email protected] 2 points 8 months ago (1 children)

I think all cryptocurrency blockchains that function as money or store of value should do this. However I think 1 years worth is better than 10 years worth of data, or perhaps even less than a years worth of data.

As long as the blockchain size remains small enough for the adverage Joe to store the entire chain onto their mining computer for when or if Monero reaches mainstream mass adoption usage. By mainstream mass adoption I mean Monero is used as much as Visa or Mastcard is globally which I would assume will mean that Monero will need to handle 1 million transactions per second.

[–] [email protected] 2 points 8 months ago (1 children)

Best of all worlds is if those running nodes can select how much they want to store on their node, then the network as a whole would decide and your vote is running a node with that setting.

[–] [email protected] 1 points 8 months ago (1 children)

Not a bad idea as long all nodes will allow any wallet to recover all funds, not all transaction history, just balance.

[–] [email protected] 1 points 8 months ago

@trymeout @tusker In Monero there is no such thing of recovering all funds without transaction history.. Monero is not like bitcoin where you can see what transactions where spend already and you can discart them... in Monero (with some exceptions) you cant tell if a transaction has been spent or not, so nodes can never delete them, otherwise they will not know theyr existence if someone try to spend that outputs

[–] [email protected] 2 points 8 months ago (1 children)

Can the older data be compressed somehow? Instead of being removed?

[–] [email protected] 1 points 8 months ago (1 children)

I think the best option would be if node operators can decide how much they want to store with some safe minimum imposed of say 1 year.

[–] [email protected] 2 points 8 months ago (1 children)

I think every node needs the same dataset for the blockchain to be valid.

Maybe a rolling dataset, with the earliest transactions falling off after their data is somehow archived (but accessible to the current nodes)?

OR

The current nodes could do a hardfork (NewNodes), with the ability to reference the legacy chain snapshot for the next X years.

Wallet1 created in 2015. Contains 1 XMR. Hardfork in 2025 to truncate the entire DB which becomes a balance reference copy. After the snapshot, they would have a balance on the "new" chain. In order to transact, they'd have to use a New Node which knows their previous balance from the legacy chain.

Is that possible?

[–] [email protected] 2 points 8 months ago

I don't think so. Since the data is all encrypted you need to have all the data to validate if someone had a balance. Unless someone invented a type of proof where you can create a transaction from the old chain and the network would be able to validate it even though the network no longer has that data or maybe some small part of the old data could be saved to allow for this.

[–] [email protected] 2 points 8 months ago (1 children)

Agreed but that's the wrong approach. You cannot just drop old blocks since old wallets would lose their money. A better approach would be to have wallets specify a 'preserve records for N months ' feature. The larger the number of months, the higher transaction fees are so people are incentivized to use a small number.. A small number would also help with privacy since if the view key is ever leaked or quantum computing ever takes off, old your old records would not be leaked. Once N months passes. Old transactions are replaced by a single forwarding transaction with the total amount in the account.

[–] [email protected] 3 points 8 months ago

Note that when you first deposit money into a wallet, you would prepay the cleanup fee and you would pay the cleanup fee on any transaction made after the N months. This would ensure that only N months of records are present. And if you do not touch you account for 20 years, no problem. You still have all your money and you only have N months of payments

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (1 children)

Hi, indeed this is not possible with Monero for various reasons (coinbase verification; can't identify spent TX outputs). In case you don't know, the Mina cryptocurrency has solved this blockchain storage issue. A fixed-size (<30KB) cryptographic proof is enough to validate the entirety of the current state (the latest block).

It requires a network of proof generators with incentives in addition to the block producers. Scalability is not great (similar to BTC) and does not provide anonymity (not a priority either). Checking the state is computationally intensive too (not suitable for smartphones; requires around 10GB of RAM).
It is improving on relatively new cryptography techniques (ZKSnarks), likely to evolve (less stable protocol than BTC; security not battle-tested).

[–] [email protected] 1 points 7 months ago

This is pretty exciting. I hope as this kind of technology develops we can integrate it into Monero. It would be great to not have to worry about spam attacks bloating the chain and making it more difficult for everyone to use Monero.

[–] [email protected] 1 points 8 months ago (1 children)

@tusker I dont think this makes sense in any layer 1... you should be able to store your value for an undefined period of time and not have to worry about it expirity date..

[–] [email protected] 1 points 8 months ago (1 children)

I think it would be great if you can run your own node with full chain history and still be compatible with the network which may have a shorter chain.

That way you can store your coins in the first block as long as you are willing to spend for the storage. Once you run out of storage you can just send the coins to yourself and drop 200GB off the chain on your node. πŸ‘

[–] [email protected] 1 points 8 months ago (1 children)

@tusker what you are sugesting is that we can have a pruned blockchain (that already exist by the way), but in order to validate the transactions the miners nodes would have to have the full history (like we have already) is that it or I am missing anything ?

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)

We would need a new proving mechanism to handle it, where the node with the full chain can generate a verifiable proof against some known constant that is able to be validated by the network without the network having the actual block. "Voodoo proof."

Otherwise we can just let node operators set their desired chain retention and you can click a button every 10 years to not lose your funds. Until a better solution is found,...while solving chain storage issues forever.

[–] [email protected] 1 points 8 months ago (1 children)

Yes. Radical ideas are the best.

Some might say that disk space is cheap, but what if Monero comes back to $1? Will you waste 500GB of disk space to keep your $50 safe?

[–] [email protected] 4 points 8 months ago

The reality is 99% of people will not go out an buy an extra disk just to store chain data, they will just use a remote node or stop using Monero.

I am very much into Monero and would be hesitant to attach extra disk to store the chain.

[–] [email protected] 1 points 8 months ago

This is what fees are for. Just raise them so the spam transactions aren't viable. People want to write to the blockchain? They need to pay to do it.

[–] [email protected] 1 points 8 months ago (1 children)

@tusker This should be a good idea. Also users who keep their funds as a mean of wealth storage can just move their funds into a new wallet every 10 years.

This would also help with eliminating the lost coins of wallets whose recovery keys have been lost. It would increase the value of the coin continuously.

[–] [email protected] 2 points 8 months ago* (last edited 8 months ago)

Yes, and they would not even need to move it to a new wallet, they can just send the balance to themselves in their existing wallet and it would be sitting in the latest block. Ready for another 10 years of storage.

This difficult but vital decision should have definitely been made right from the start, as it is blatantly obvious they we cannot store all data forever. Then as tech improved it could be adjusted to 20 years in the future.

[–] [email protected] 0 points 8 months ago (2 children)

No blockchain size is not problem. 16 TB it is a problem.

[–] [email protected] 6 points 8 months ago (1 children)

Agreed. Currently we are at ~190 GB with ~8.5 GB growth over the last 3 months. This is just 34 GB per year and a 500 GB SSD would last another 7 years at the current growth-rate. You can already get 2 TB SSDs for less than 150€. Storage really isn't the issue, the biggest limitation is bandwidth.

[–] [email protected] 3 points 8 months ago (1 children)

Recently we saw transactions spike to 100k per day, that is ~400MB per day, 146GB per year of data.

If this tx volume were to be sustained it already makes the chain growth concerning and adoption is just starting.

[–] [email protected] 1 points 8 months ago (1 children)

I don't actually think 150GB per year is an issue. This still gives you +5 years on a 1TB SSD. That's half a decade of time, Monero is only 10 years old. Plenty of time for storage to advance.

[–] [email protected] 1 points 8 months ago (1 children)

@monerobull @tusker is not only an issue, it is awful. Some people barely afford a storage drive of half a TB. Many nodes are actually ran on raspberry PIs.

And that 150gb is growing exponentially according to adoption. We could easily exceed 2TB every 10years.

Now, someone has to wait hours to sync the block chain already.

[–] [email protected] 1 points 8 months ago (1 children)

So what? It takes 3 days to sync an ETH node, 10 days for a chia node. These aren't lightwallets, this is network infrastructure.

Many nodes are actually ran on raspberry PIs.

I very much doubt that considering how raspberries don't have physical AES and already took +3 weeks to sync before the transaction spike.

We could easily exceed 2TB every 10years.

I'd be perfectly fine with that. Right now you can get 2 TB SSDs for about 1 XMR. At the current rate (and it's been similar for decades) they will be worth less than 20$ in a couple of years. Monero turns 10 this April and we are currently at only ~200 GB. And we still have pruning!

Storage isn't the limiting factor, it's bandwidth.

[–] [email protected] 1 points 8 months ago

The size of the chain also affects bandwidth. Many people have bandwidth caps so trying to sync 200GB could take 3+ months.

I hope we can at least have a higher pruning factor where the chain could be cut down to at least 1/10th the size as the amount of nodes continues to grow there would still be more than enough copies of the chain out there.

[–] [email protected] 0 points 8 months ago

and by then it's too late, hence this post before then...

load more comments
view more: next β€Ί