Bitcoin Blockchain ================== The bitcoin block-chain format is: block ::= uint32 magic_number (0xd9b4bef9) uint32 nbytes (excluding magic_number and nbytes) blockhdr hdr varint ntxs {tx}+ transaction array blockhdr ::= uint32 version_number (0x00000001 or 0x00000002) uint256 prev_block_hash uint256 merkle_root uint32 time_stamp uint32 difficulty_bits uint32 nonce tx ::= uint32 version_number varint ninputs {input}+ input array varint noutputs {output}+ output array uint32 lock_time input ::= uint256 prev_hash uint32 prev_index script input_script uint32 sequence output ::= uint64 amount script output_script Input scripts generally just push data (e.g., a signature as proof of possessing the private key) onto the stack which when used with the previous output script evaluates to true (e.g., OP_CHECKSIG). The hash of a block is the two-round sha256 hash of the blockhdr. The hash of a transaction is the two-round sha256 hash of the tx. The merkle_root is the root of the merkle tree of all hashes of the transactions. Example output scripts: Standard Generation Transaction (pay-to-pubkey): script = OP_PUSHx41 publickey_uncompressed OP_CHECKSIG | OP_PUSHx21 publickey_compressed OP_CHECKSIG Standard Transaction to Bitcoin address (pay-to-pubkey-hash) script = OP_DUP OP_HASH160 OP_PUSHx14 pubkey_hash OP_EQUALVERIFY OP_CHECKSIG | OP_HASH160 OP_PUSHx14 pubkey_hash OP_EQUAL Standard Multisig script = OP_X {OP_PUSH public_key}N OP_N OP_CHECKMULTISIG Example input scripts: Standard Signature: script = OP_PUSHxXX {DER_sig SIGHASH_ALL} OP_PUSHx41 publickey_uncompressed | OP_PUSHxXX {DER_sig SIGHASH_ALL} OP_PUSHx21 publickey_compressed DER_sig ::= uint8 DER_type (sequence: 0x30) uint8 DER_length (nbytes of sequence) uint8 DER_type (integer 0x02) uint8 DER_length (nbytes of the integer) {uint8}+ r uint8 DER_type (integer 0x02) uint8 DER_length (nbytes of the integer) {uint8}+ s DER_sig is the standard DER format of a pair of integers. The signature values (r,s) are the ECDSA values to sign the two-round hash of the current tx (except that the previous transaction's input script is used and the SIGHASH_ALL tag is added to the end): txsig ::= uint32 version_number varint ninputs {inputsig}+ input array varint noutputs {output}+ output array uint32 lock_time uint32 SIGHASH_ALL inputsig ::= uint256 prev_hash uint32 prev_index script previous tx's output script uint32 sequence Hivemind Blockchain ================== Bitcoin's block chain can be viewed as a ledger of actions on a dataset. The dataset is the set of all coin allocations to addresses and the actions are the transfers of coins from a subset of addresses to other addresses. Hivemind is a generalization of both the dataset and the set of actions. Hivemind's dataset consists of sets of: 1. bitcoin allocations to public addresses 2. votecoin allocations to public addresses 3. branches 4. decisions within each branch 5. markets across a subset of decisions 6. trades in each market 7. sealed votes in each {branch, tau multiple} 8. steal votes in each {branch, tau multiple} 9. revealed votes in each {branch, tau multiple} 10. outcomes of each decision (and hence market) Hivemind's actions consists of: 1. all bitcoin-type transfers of bitcoins. 2. creation of branches (note: this is done in a very limited fashion) 3. creation of decisions 4. creation of markets 5. creation of trades 6. creation of sealed votes 7. creation of steal votes 8. creation of reveal votes 9. publishing outcomes with transfers of bitcoins. 10. redistribution of votecoin allocations Anyone with bitcoins may initiate any of the actions 1,3,4,5. Anyone with votecoins will be obligated to initiate actions 6,8. The miners will initiate 9 and 10. Each hivemind-specific action is a bitcoin-like transaction where the output script designates one of the actions to be taken. The format of the output script is simply: output_script = OP_PUSHxXX number of bytes char action_type {uint8}+ action_data OP_MARKET 0xc0 If viewed as a stack operation, action_type and action_data are simply pushed onto the stack and then OP_MARKET acts as an operation to (1) do the action specified by the action_type using action_data as inputs and (2) clear the stack with a TRUE result. The action_type byte will specify one of the hivemind-specific actions 2-8 above. The specific format for action_data is as follows. Create Branch ------------------ action_type = char 'B' (createbranch) action_data = string name string description uint64 baseListingFee uint16 freeDecisions uint16 targetDecisions uint16 maxDecisions uint64 minTradingFee uint16 tau (in block numbers) uint16 ballotTime (in block numbers) uint16 unsealTime (in block numbers) uint32 consensusThreshold uint64 alpha (for smoothed reputation) uint64 tol (for binary decisions) Note 1: Each branch has its own set of votecoins. When a new branch is created, it is simply a many-address-to-many-address votecoin transaction along with a single createbranch action in the output list. The input votecoins will no longer be a part of their previous branches and the output votecoins will now be a part of the new branch. Note 2: Each block number ending in a multiple of tau denotes the start of a voting period for the branch's recently ended decisions. The schedule is block number / range ----------------------------------- ----------------------------------- n*tau ballots available for all decisions ending ((n-1)*tau, n*tau] (n*tau, n*tau+ballotTime] sealed ballots may be submitted (n*tau, n*tau+ballotTime+unsealTime) unsealed ballots may be submitted n*tau + ballotTime + unsealTime miner runs outcome algorithm We must have ballotTime + unsealTime less than tau so that the change of votecoins in an outcome is set before the next run of the outcome algorithm. It is desirable to have tau correspond to approximately two weeks (for 10 minute block spacing, tau = 2016). Note 3: The outcome algorithm is best when there are many decisions on a ballot, but not too many. The cost to create a decision for a ballot is thus structured to depend on how many decisions have already been created for that specific ballot. The parameters freeDecisions <= targetDecisions <= maxDecisions. are required. For the N-th decision ending in (n-1)*tau, n*tau], the "listing fee" cost to create another decision in that interval will be cost N ----------------------------------- ----------------------------------- 0 [0, freeDecisions) baseListingFee [freeDecisions, targetDecisions) (N - targetDecisions)*baseListingFee [targetDecisions, maxDecisions) impossible [maxDecisions,infty) Note 4: TODO: consensusThreshold requirement for the outcome algorithm Note 5: TODO: minTradingFee Note 6: TODO: The creation of a new branch is a controlled process. Create Decision ------------------ action_type = char 'D' (createdecision) action_data = uint160 bitcoin public key uint256 branchid string prompt uint32 eventOverBy (block number) uint8 is_scaled (0=false, 1=true) uint64 if scaled, minimum uint64 if scaled, maximum uint8 answer optionality (0=not optional, 1=optional) Note 1: The creator of the decision pays a listing fee according to the branch parameters and will receive a portion of the trading fees of all markets on that decision. The outcome algorithm will allocate 25% of each market's trading fees across the bitcoin public keys in the market's decision list. Create Market ------------------ action_type = char 'M' (createmarket) action_data = uint160 bitcoin public key uint64 B (liquidity parameter) uint64 tradingFee uint64 maxCommission string title string description string tags (comma-separated strings) uint32 maturation (block number) uint256 branchid varint number of decisionids {uint256}+ decisionids {uint8}+ decisionFunctionids uint32 txPoWh transaction proof-of-work hashid uint32 txPoWd transaction proof-of-work difficulty level Note 1: The market will be dependent on the outcome of each decision in the list. The maturation is set to be the maximum of the decision's eventOverBy numbers. Note 2: The market may depend on a function of the scaled decisions. The initial list of functions are id f(X) ---------------------- ------------------ X1 [default] X X2 X*X X3 X*X*X LNX1 LN(X) Note 3: Liquidity Sensitivity. The market author purchases an initial minShares shares in each of the N states. Those minShares will never be sold (money to be returned to the author upon market conclusion). The number of minShares is derived from the maxCommission parameter minShares = B log N / maxCommission. Before the shares are purchased the account value is B log sum exp(0/B) After the shares are purchased the account value is B log sum exp(minShares /B) The initial purchase of minShares in each state then costs = B log sum exp(minShares / B) - B log sum exp(0/B) = B log [N exp(B log N / maxCommission / B)] - B log N = B log [exp(log N / maxCommission)] = B log [N / maxCommission] = minShares A zero maxCommission will designate the market to be "non-LS". Create Trade ------------------ action_type = char 'T' (createtrade) action_data = uint160 bitcoin public key uint256 marketid uint8 isbuy uint64 number of shares uint64 price uint32 decision state uint32 nonce Create Reveal Vote ------------------ action_type = char 'R' (createrevealvote) action_data = uint256 branchid uint32 height uint256 voteid varint ndecisionids {uint256}+ decisionids {uint64}+ votes uint160 votecoin public key Note 1: The voteid is a previously submitted sealed vote. Note 2: voteid must match the hash of the outcome with zeros in place of the voteid. Create Sealed Vote ------------------ action_type = char 'S' (createsealedvote) action_data = uint256 branchid uint32 height uint256 voteid Note: voteid is the hash of the createrevealvote outcome with zeros in place of the voteid. Create Steal Vote ------------------ action_type = char 'L' (createstealvote) action_data = uint256 branchid uint32 height uint256 voteid Note 1: The voteid is a previously submitted sealed vote. Create Outcome ------------------ action_type = char 'O' (createoutcomes) action_data = uint256 branchid uint32 number of voters {uint64}+ old reputation {uint64}+ this reputation {uint64}+ smoothed reputation {uint64}+ NA row {uint64}+ participation row {uint64}+ participation rel {uint64}+ bonus row uint32 number of decisions {uint256}+ decision ids {uint64}+ is scaled array {uint64}+ first loading {uint64}+ decisions raw {uint64}+ consensus reward {uint64}+ certainty {uint64}+ NA column {uint64}+ participation column {uint64}+ author bonus {uint64}+ decisions final {uint64}+ vote matrix uint64 NA value uint64 alpha value uint64 tolerance value tx payout / reputation transaction action_type = char 'R' (redistribution of votecoins) action_data = varint noutputs {output}+ output array (pay-to-pubkey-hash)