There is inherent problem with digital assets, namely they can be perfectly copied. Until Bitcoin came along, there was no decentralized solution to digital scarcity. If you wanted a digital asset to be unique, you had to rely on a central authority who kept track of who owned the "real" one. Think of a piece of software that you were asked to register with the company. That's how digital scarcity used to work.
Bitcoin solves the problem by creating a single, public ledger that is copied between nodes on the network. A protocol was defined for the nodes to use in order to come to consensus on the state of that ledger. This protocol has some ingenious protections against malicious use. Specifically, the proof of work component makes it fiscally unviable to "cheat" for a sustained period of time.
Encoding an owner into the digital asset itself, does not solve this problem. Let's pretend a bitcoin was like a file that you can store on a hard drive (it's not, btw). Let's say Bob has one that has encoded in it some ownership indicator that says "I belong to Bob". Let's even suppose that this indicator was cryptographically signed by whomever gave the bitcoin to Bob. What stops Bob from making 10 million copies of his one bitcoin? If he did so, it would be cryptographically signed by the person who gave it to him, and Bob would have the ability to sign each one over to someone else.
In the case of my "system", you would prevent copying by generating a
unique random seed based off the keys of the two agreeing parties.
Kind of like normal serial numbers in paper bills now, ensuring each
two-party coin transfer agreement has a unique id, hence cannot be
copied.
You are incorrect; it could still be copied. The end result is still copyable, and it would do no good without an authority to verify the unique number with. If Alice gave Bob one bitcoin, digitally signing it with a unique random number agreed by both parties, and then Bob made millions of copies, who would ever know? Bob can pay Charlie and Dave with copies of the same coin, and neither would be any the wiser. This would require a central authority that knows about the Alice->Bob transaction, as well as the Bob->Charlie and Bob->Dave transactions. Recipients of payments would have to verify with this authority in order to be able to trust Bob. This solution solves nothing.
I don't get it. I don't see why Bob has to prove to Charlie he was the owner when the coin itself already says: "I belong to Bob". The fact the COIN is saying it belongs to Bob is proof enough. And to transfer ownership all you really need is to sign your coin off to Charlie and Charlie sign off that he received it. Then the coin simply says: "I belong to Charlie". Whether the coin first belonged to Alice or Dave or Zaphod Beeblebrox doesn't matter, does it? – epg – 2017-11-28T12:35:14.660
With the system as I'm describing, where the ownership record is embedded in the COIN itself, in fact, not only is there no double spend, but there's also no way of stealing coins, because the COINS know who they belong to. Not you. The coins.So if I take Alice's coins and try to give them to Dave, all Dave has to look at is the coin's ownership record and see that the coin says: "I belong to Alice", and see that it does not belong to me, thus rejecting the transaction. – epg – 2017-11-28T12:35:49.727
1But the coin is not physical entity. It is a sequence of bits so it can easily be copied. So Bob can make 10 copies of a coin and then change the ownership of each to M1, M2, M3, ... and give each copy to respective person. – croraf – 2017-11-28T12:43:53.590
But that's the thing. You can't change the ownership unless there's cryptographic agreement by TWO parties. You, and the person you're giving the coin to. It is like a two-way contract, or a lockbox with two keys. Without the key of the owner and the receiver, the coin doesn't change ownership. As for copying, well, what prevents me from copying a bunch of bitcoins now? I could flood the network with a bunch of fake coins and attack the network to see if they get accepted before the other nodes check their ledgers, no? – epg – 2017-11-28T12:46:39.220
In the case of my "system", you would prevent copying by generating a unique random seed based off the keys of the two agreeing parties. Kind of like normal serial numbers in paper bills now, ensuring each two-party coin transfer agreement has a unique id, hence cannot be copied. – epg – 2017-11-28T12:46:42.207
No you cannot attack bitcoin that way. Why is a question in itself. If your coin contains a serial number (based on the ID of current and previous owner), previous owner can copy its coin and with each party he sends one copy create a separate serial number. Then each new owner will have own copy of coin with own serial number. – croraf – 2017-11-28T13:21:13.060
Ok, I get it. But couldn't someone write some super clever software that whenever you make a bitcoin it has something that prevents it from being copied? Like how do they protect CDs and stuff? I dunno. It all seems very mysterious to me. I shall think about it. Thx for the comments. – epg – 2017-11-28T15:17:44.930
CD's are not protected from anyone with even a casual understanding of how their "protection" works. The entire concept of DRM is cryptographically flawed. DRM is basically the manufacturer encrypting content, and giving the key to the customer. The problem is that the customer is also the attacker, who is trying to gain access to it. If you want to play a CD, you need the key. Therefore they give the key to everyone with a CD player. It's not exactly protected if everyone has the key. – Jestin – 2017-11-28T16:56:34.417