0

I want to create a cryptocurrency that's backed by bitcoin, that's running on it's own different blockchain and consensus algorithm.

Is it possible have a decentralized exchange between bitcoin and the new currency so that the only way to get the new coin is to exchange your bitcoin and if you want you can get your bitcoin back by returning your new coin?

And this to be done in a safe way without a central exchange and ANYONE having access to all of the new coin, and without risk for your bitcoin as long as both the bitcoin and new crypto blockchains are both alive and by nodes running the blockchain.

Here's an example:

  1. You send 1 btc to a bitcoin address.
  2. When that's confirmed let's say with 6 confirmations the "decentralized system" sends you 1 coin of the new coin to your "new coin" address of choice.

And if you want you can trade your new coins back for bitcoin.

So the total supply of the new coin = the supply of bitcoin

And no one has access to the total supply of the new coin, the only way to get the new coin is to deposit bitcoin. And you can get your bitcoin back automated and decentralised whenever you want by returning your "new coin" to the system.

Is this possible?

I know about atomic swaps but that relies on 2 parties exchanging coins. What if 1 of the parties is the new blockchain itself? Is this even possible?

Ivelin
  • 65
  • 6

2 Answers2

0

No, this is impossible (so far as we know). But the reason is very, very subtle.

The crux of a decentralized system is that nobody gets to decide what the rules are. Otherwise, whoever gets to decide the rules effectively centralizes the system.

Bitcoin is decentralized because anyone who wants to can use whatever rules they want. Those who agree form a useful blockchain.

The problem with this scheme is that there has to be some mechanism to decide what controls the real bitcoins that back the system. For example, bitcoin and bitcoin cash forked off and nobody got to decide which chain was "real". Both chains now compete in the market.

If your system forks, who or what decides which side of the fork gets the actual bitcoins that back your currency? They can't both get all the bitcoins -- that would require the number of bitcoins backing your currency to double.

There is no known decentralized way to make such a choice.

Think it through -- what do you think should happen if two groups of people using your currency disagree over what the system's rules should be? They can't each get what they want because they are arguing over how a fixed amount of bitcoin should be used.

David Schwartz
  • 51,308
  • 6
  • 106
  • 177
  • Thank you! Yeah, that makes a lot of sense. I guess (as far as we know now) the only way to this is with a level of centralisation. Let's say I create my own cryptocurrency with 21 million supply and set up an exchange where I sell 1 "new coin" for 1 BTC so this way each coin is backed by BTC but then that will be a huge level of centralisation and also people have to trust that I'm not just going to run away with the BTC lol so not sure if people will participate in my new cryptocurrency. It can still have independent nodes validating transactions but will be centralized cryptocurrency. – Ivelin Aug 03 '20 at 09:39
  • I'm a beginner to all this, but cryptocurrency fascinates me :) Thank you for your reply! Much appreciated. I'll mark the answer as accepted. – Ivelin Aug 03 '20 at 09:41
  • I wish there was a way to do it where no one individual has to control the backing BTC and people can still withdraw it back by selling their new coin with some kind of a super smart contract. :) – Ivelin Aug 03 '20 at 09:44
  • It doesn't have to be one individual. But whatever it is, that thing will control the backing and thus which side of the fork is real. Since a fork can change anything, one who can choose which side of a fork is real has ultimate power. – David Schwartz Aug 03 '20 at 16:43
  • David, I got another idea :) What if no one gets the backing bitcoin and instead this bitcoin is wasted to a random bitcoin address like "11111111111111111111..." that no one has the private key to. Let's say that I subscribe to the idea that any bitcoin wasted to that address creates the same amount of coin in the new coin to the address that wasted this bitcoin. The process is irreversible but now this new coin has value because you wasted real value to create it. And I believe that idea, and anyone who choses to believe that, too will participate in the new coin. – Ivelin Aug 03 '20 at 18:13
  • So that's 1 way to create supply from the new currency that's verifiable and all people participating in the new coin agree and believe that. People can chose not to, or believe in something else and that will form the new fork? The new coin would use the same address format as bitcoin so that people who have the private/pub key for bitcoin also have the same in the new coin. – Ivelin Aug 03 '20 at 18:16
  • This way, the only way to obtain from the new coin is to either waste bitcoin (which people can verify if you've actually done that) or to have someone else send it to you. – Ivelin Aug 03 '20 at 18:23
  • @Ivelin You can certainly do that. The problem will be that if the value of the coin is not equal to or greater than the value of the bitcoin you need to burn, nobody will create any. Realize that in no sense will this result in your currency being backed by anything. – David Schwartz Aug 03 '20 at 18:25
  • Yeah, that makes sense. People will probably be able to buy for cheaper :) than wasting 1 bitcoin to create 1 new coin. It will still create some value for it because I will not want to sell my new coin for much lower than what I burnt to create it :) but it will not be equal value or backed. Makes sense. At least it's a way to create a new coin that's different from mining it :) or pre-mining it and distributing it in some other way. Still have problems to solve :) – Ivelin Aug 03 '20 at 18:31
0

Yes, it is possible with Noel Tiernan’s atomic exchange protocol​

Step 1 A generates H(x) A sends coins to <B's public key> and x for H(x)

Step 2 B knows that A has sent his coins, so B sends coins to <A's public key> and x for H(x)

Step 3 A sends x to B.

The can now both spend the coins they received.

If A refuses to perform step 3, when A spends the coins B sent, he has to provide x to the chain. At that point B can spend his coins.

Bookmarks
  • 1