I used to be a big proponent of proof-of-work schemes, but I've scaled back my preference significantly. There's two problems with them:
1) An attacker can use economies of scale to get better results than an ordinary user. If a user takes 5 minutes, an attacker can use GPUs or ASICs to take 20 seconds. 2) Attackers almost never, or would never, pay or use their own computers to compute proof of work schemes - they use victims of a botnet. In which case the only person hampered by a proof of work scheme are the legitimate users.[0] Mike Hearn has given a good amount of thought to deposit-based systems. Pay a server $5 or 5 bitcoins, and if you're a legitimate user (not dormant) for X months you can get the money back. (Or you never get the money back, and the payment is smaller). In this scenario, the cost of an account cannot be reduced via scaling; and while you can use a botnet to mine bitcoins, now that GPU/ASIC/FPGA bitcoin mining is the norm CPU-based botnets will be more expensive that the income they generate. I like this theory a lot, many many times I've tried to purchase something, over Tor, but been rejected because I've come from an anonymous proxy. I don't even care about paying 25% more at that point, I just want to do it anonymously. These days, my opinion is that I hope bitcoin matures to the point where a system like this is both possible and widely implemented. [1] -tom [0] There's definitely some parallels to DRM there... [1] I reserve the right, as always, to change it if swayed by a good argument ;) _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
