How to generate a Bitcoin address — Technical address ...

Dragonchain Great Reddit Scaling Bake-Off Public Proposal

Dragonchain Great Reddit Scaling Bake-Off Public Proposal

Dragonchain Public Proposal TL;DR:

Dragonchain has demonstrated twice Reddit’s entire total daily volume (votes, comments, and posts per Reddit 2019 Year in Review) in a 24-hour demo on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. At the time, in January 2020, the entire cost of the demo was approximately $25K on a single system (transaction fees locked at $0.0001/txn). With current fees (lowest fee $0.0000025/txn), this would cost as little as $625.
Watch Joe walk through the entire proposal and answer questions on YouTube.
This proposal is also available on the Dragonchain blog.

Hello Reddit and Ethereum community!

I’m Joe Roets, Founder & CEO of Dragonchain. When the team and I first heard about The Great Reddit Scaling Bake-Off we were intrigued. We believe we have the solutions Reddit seeks for its community points system and we have them at scale.
For your consideration, we have submitted our proposal below. The team at Dragonchain and I welcome and look forward to your technical questions, philosophical feedback, and fair criticism, to build a scaling solution for Reddit that will empower its users. Because our architecture is unlike other blockchain platforms out there today, we expect to receive many questions while people try to grasp our project. I will answer all questions here in this thread on Reddit, and I've answered some questions in the stream on YouTube.
We have seen good discussions so far in the competition. We hope that Reddit’s scaling solution will emerge from The Great Reddit Scaling Bake-Off and that Reddit will have great success with the implementation.

Executive summary

Dragonchain is a robust open source hybrid blockchain platform that has proven to withstand the passing of time since our inception in 2014. We have continued to evolve to harness the scalability of private nodes, yet take full advantage of the security of public decentralized networks, like Ethereum. We have a live, operational, and fully functional Interchain network integrating Bitcoin, Ethereum, Ethereum Classic, and ~700 independent Dragonchain nodes. Every transaction is secured to Ethereum, Bitcoin, and Ethereum Classic. Transactions are immediately usable on chain, and the first decentralization is seen within 20 seconds on Dragon Net. Security increases further to public networks ETH, BTC, and ETC within 10 minutes to 2 hours. Smart contracts can be written in any executable language, offering full freedom to existing developers. We invite any developer to watch the demo, play with our SDK’s, review open source code, and to help us move forward. Dragonchain specializes in scalable loyalty & rewards solutions and has built a decentralized social network on chain, with very affordable transaction costs. This experience can be combined with the insights Reddit and the Ethereum community have gained in the past couple of months to roll out the solution at a rapid pace.

Response and PoC

In The Great Reddit Scaling Bake-Off post, Reddit has asked for a series of demonstrations, requirements, and other considerations. In this section, we will attempt to answer all of these requests.

Live Demo

A live proof of concept showing hundreds of thousands of transactions
On Jan 7, 2020, Dragonchain hosted a 24-hour live demonstration during which a quarter of a billion (250 million+) transactions executed fully on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. This means that every single transaction is secured by, and traceable to these networks. An attack on this system would require a simultaneous attack on all of the Interchained networks.
24 hours in 4 minutes (YouTube):
24 hours in 4 minutes
The demonstration was of a single business system, and any user is able to scale this further, by running multiple systems simultaneously. Our goals for the event were to demonstrate a consistent capacity greater than that of Visa over an extended time period.
Tooling to reproduce our demo is available here:
https://github.com/dragonchain/spirit-bomb

Source Code

Source code (for on & off-chain components as well tooling used for the PoC). The source code does not have to be shared publicly, but if Reddit decides to use a particular solution it will need to be shared with Reddit at some point.

Scaling

How it works & scales

Architectural Scaling

Dragonchain’s architecture attacks the scalability issue from multiple angles. Dragonchain is a hybrid blockchain platform, wherein every transaction is protected on a business node to the requirements of that business or purpose. A business node may be held completely private or may be exposed or replicated to any level of exposure desired.
Every node has its own blockchain and is independently scalable. Dragonchain established Context Based Verification as its consensus model. Every transaction is immediately usable on a trust basis, and in time is provable to an increasing level of decentralized consensus. A transaction will have a level of decentralization to independently owned and deployed Dragonchain nodes (~700 nodes) within seconds, and full decentralization to BTC and ETH within minutes or hours. Level 5 nodes (Interchain nodes) function to secure all transactions to public or otherwise external chains such as Bitcoin and Ethereum. These nodes scale the system by aggregating multiple blocks into a single Interchain transaction on a cadence. This timing is configurable based upon average fees for each respective chain. For detailed information about Dragonchain’s architecture, and Context Based Verification, please refer to the Dragonchain Architecture Document.

Economic Scaling

An interesting feature of Dragonchain’s network consensus is its economics and scarcity model. Since Dragon Net nodes (L2-L4) are independent staking nodes, deployment to cloud platforms would allow any of these nodes to scale to take on a large percentage of the verification work. This is great for scalability, but not good for the economy, because there is no scarcity, and pricing would develop a downward spiral and result in fewer verification nodes. For this reason, Dragonchain uses TIME as scarcity.
TIME is calculated as the number of Dragons held, multiplied by the number of days held. TIME influences the user’s access to features within the Dragonchain ecosystem. It takes into account both the Dragon balance and length of time each Dragon is held. TIME is staked by users against every verification node and dictates how much of the transaction fees are awarded to each participating node for every block.
TIME also dictates the transaction fee itself for the business node. TIME is staked against a business node to set a deterministic transaction fee level (see transaction fee table below in Cost section). This is very interesting in a discussion about scaling because it guarantees independence for business implementation. No matter how much traffic appears on the entire network, a business is guaranteed to not see an increased transaction fee rate.

Scaled Deployment

Dragonchain uses Docker and Kubernetes to allow the use of best practices traditional system scaling. Dragonchain offers managed nodes with an easy to use web based console interface. The user may also deploy a Dragonchain node within their own datacenter or favorite cloud platform. Users have deployed Dragonchain nodes on-prem on Amazon AWS, Google Cloud, MS Azure, and other hosting platforms around the world. Any executable code, anything you can write, can be written into a smart contract. This flexibility is what allows us to say that developers with no blockchain experience can use any code language to access the benefits of blockchain. Customers have used NodeJS, Python, Java, and even BASH shell script to write smart contracts on Dragonchain.
With Docker containers, we achieve better separation of concerns, faster deployment, higher reliability, and lower response times.
We chose Kubernetes for its self-healing features, ability to run multiple services on one server, and its large and thriving development community. It is resilient, scalable, and automated. OpenFaaS allows us to package smart contracts as Docker images for easy deployment.
Contract deployment time is now bounded only by the size of the Docker image being deployed but remains fast even for reasonably large images. We also take advantage of Docker’s flexibility and its ability to support any language that can run on x86 architecture. Any image, public or private, can be run as a smart contract using Dragonchain.

Flexibility in Scaling

Dragonchain’s architecture considers interoperability and integration as key features. From inception, we had a goal to increase adoption via integration with real business use cases and traditional systems.
We envision the ability for Reddit, in the future, to be able to integrate alternate content storage platforms or other financial services along with the token.
  • LBRY - To allow users to deploy content natively to LBRY
  • MakerDAO to allow users to lend small amounts backed by their Reddit community points.
  • STORJ/SIA to allow decentralized on chain storage of portions of content. These integrations or any other are relatively easy to integrate on Dragonchain with an Interchain implementation.

Cost

Cost estimates (on-chain and off-chain) For the purpose of this proposal, we assume that all transactions are on chain (posts, replies, and votes).
On the Dragonchain network, transaction costs are deterministic/predictable. By staking TIME on the business node (as described above) Reddit can reduce transaction costs to as low as $0.0000025 per transaction.
Dragonchain Fees Table

Getting Started

How to run it
Building on Dragonchain is simple and requires no blockchain experience. Spin up a business node (L1) in our managed environment (AWS), run it in your own cloud environment, or on-prem in your own datacenter. Clear documentation will walk you through the steps of spinning up your first Dragonchain Level 1 Business node.
Getting started is easy...
  1. Download Dragonchain’s dctl
  2. Input three commands into a terminal
  3. Build an image
  4. Run it
More information can be found in our Get started documents.

Architecture
Dragonchain is an open source hybrid platform. Through Dragon Net, each chain combines the power of a public blockchain (like Ethereum) with the privacy of a private blockchain.
Dragonchain organizes its network into five separate levels. A Level 1, or business node, is a totally private blockchain only accessible through the use of public/private keypairs. All business logic, including smart contracts, can be executed on this node directly and added to the chain.
After creating a block, the Level 1 business node broadcasts a version stripped of sensitive private data to Dragon Net. Three Level 2 Validating nodes validate the transaction based on guidelines determined from the business. A Level 3 Diversity node checks that the level 2 nodes are from a diverse array of locations. A Level 4 Notary node, hosted by a KYC partner, then signs the validation record received from the Level 3 node. The transaction hash is ledgered to the Level 5 public chain to take advantage of the hash power of massive public networks.
Dragon Net can be thought of as a “blockchain of blockchains”, where every level is a complete private blockchain. Because an L1 can send to multiple nodes on a single level, proof of existence is distributed among many places in the network. Eventually, proof of existence reaches level 5 and is published on a public network.

API Documentation

APIs (on chain & off)

SDK Source

Nobody’s Perfect

Known issues or tradeoffs
  • Dragonchain is open source and even though the platform is easy enough for developers to code in any language they are comfortable with, we do not have so large a developer community as Ethereum. We would like to see the Ethereum developer community (and any other communities) become familiar with our SDK’s, our solutions, and our platform, to unlock the full potential of our Ethereum Interchain. Long ago we decided to prioritize both Bitcoin and Ethereum Interchains. We envision an ecosystem that encompasses different projects to give developers the ability to take full advantage of all the opportunities blockchain offers to create decentralized solutions not only for Reddit but for all of our current platforms and systems. We believe that together we will take the adoption of blockchain further. We currently have additional Interchain with Ethereum Classic. We look forward to Interchain with other blockchains in the future. We invite all blockchains projects who believe in decentralization and security to Interchain with Dragonchain.
  • While we only have 700 nodes compared to 8,000 Ethereum and 10,000 Bitcoin nodes. We harness those 18,000 nodes to scale to extremely high levels of security. See Dragonchain metrics.
  • Some may consider the centralization of Dragonchain’s business nodes as an issue at first glance, however, the model is by design to protect business data. We do not consider this a drawback as these nodes can make any, none, or all data public. Depending upon the implementation, every subreddit could have control of its own business node, for potential business and enterprise offerings, bringing new alternative revenue streams to Reddit.

Costs and resources

Summary of cost & resource information for both on-chain & off-chain components used in the PoC, as well as cost & resource estimates for further scaling. If your PoC is not on mainnet, make note of any mainnet caveats (such as congestion issues).
Every transaction on the PoC system had a transaction fee of $0.0001 (one-hundredth of a cent USD). At 256MM transactions, the demo cost $25,600. With current operational fees, the same demonstration would cost $640 USD.
For the demonstration, to achieve throughput to mimic a worldwide payments network, we modeled several clients in AWS and 4-5 business nodes to handle the traffic. The business nodes were tuned to handle higher throughput by adjusting memory and machine footprint on AWS. This flexibility is valuable to implementing a system such as envisioned by Reddit. Given that Reddit’s daily traffic (posts, replies, and votes) is less than half that of our demo, we would expect that the entire Reddit system could be handled on 2-5 business nodes using right-sized containers on AWS or similar environments.
Verification was accomplished on the operational Dragon Net network with over 700 independently owned verification nodes running around the world at no cost to the business other than paid transaction fees.

Requirements

Scaling

This PoC should scale to the numbers below with minimal costs (both on & off-chain). There should also be a clear path to supporting hundreds of millions of users.
Over a 5 day period, your scaling PoC should be able to handle:
*100,000 point claims (minting & distributing points) *25,000 subscriptions *75,000 one-off points burning *100,000 transfers
During Dragonchain’s 24 hour demo, the above required numbers were reached within the first few minutes.
Reddit’s total activity is 9000% more than Ethereum’s total transaction level. Even if you do not include votes, it is still 700% more than Ethereum’s current volume. Dragonchain has demonstrated that it can handle 250 million transactions a day, and it’s architecture allows for multiple systems to work at that level simultaneously. In our PoC, we demonstrate double the full capacity of Reddit, and every transaction was proven all the way to Bitcoin and Ethereum.
Reddit Scaling on Ethereum

Decentralization

Solutions should not depend on any single third-party provider. We prefer solutions that do not depend on specific entities such as Reddit or another provider, and solutions with no single point of control or failure in off-chain components but recognize there are numerous trade-offs to consider
Dragonchain’s architecture calls for a hybrid approach. Private business nodes hold the sensitive data while the validation and verification of transactions for the business are decentralized within seconds and secured to public blockchains within 10 minutes to 2 hours. Nodes could potentially be controlled by owners of individual subreddits for more organic decentralization.
  • Billing is currently centralized - there is a path to federation and decentralization of a scaled billing solution.
  • Operational multi-cloud
  • Operational on-premises capabilities
  • Operational deployment to any datacenter
  • Over 700 independent Community Verification Nodes with proof of ownership
  • Operational Interchain (Interoperable to Bitcoin, Ethereum, and Ethereum Classic, open to more)

Usability Scaling solutions should have a simple end user experience.

Users shouldn't have to maintain any extra state/proofs, regularly monitor activity, keep track of extra keys, or sign anything other than their normal transactions
Dragonchain and its customers have demonstrated extraordinary usability as a feature in many applications, where users do not need to know that the system is backed by a live blockchain. Lyceum is one of these examples, where the progress of academy courses is being tracked, and successful completion of courses is rewarded with certificates on chain. Our @Save_The_Tweet bot is popular on Twitter. When used with one of the following hashtags - #please, #blockchain, #ThankYou, or #eternalize the tweet is saved through Eternal to multiple blockchains. A proof report is available for future reference. Other examples in use are DEN, our decentralized social media platform, and our console, where users can track their node rewards, view their TIME, and operate a business node.
Examples:

Transactions complete in a reasonable amount of time (seconds or minutes, not hours or days)
All transactions are immediately usable on chain by the system. A transaction begins the path to decentralization at the conclusion of a 5-second block when it gets distributed across 5 separate community run nodes. Full decentralization occurs within 10 minutes to 2 hours depending on which interchain (Bitcoin, Ethereum, or Ethereum Classic) the transaction hits first. Within approximately 2 hours, the combined hash power of all interchained blockchains secures the transaction.

Free to use for end users (no gas fees, or fixed/minimal fees that Reddit can pay on their behalf)
With transaction pricing as low as $0.0000025 per transaction, it may be considered reasonable for Reddit to cover transaction fees for users.
All of Reddit's Transactions on Blockchain (month)
Community points can be earned by users and distributed directly to their Reddit account in batch (as per Reddit minting plan), and allow users to withdraw rewards to their Ethereum wallet whenever they wish. Withdrawal fees can be paid by either user or Reddit. This model has been operating inside the Dragonchain system since 2018, and many security and financial compliance features can be optionally added. We feel that this capability greatly enhances user experience because it is seamless to a regular user without cryptocurrency experience, yet flexible to a tech savvy user. With regard to currency or token transactions, these would occur on the Reddit network, verified to BTC and ETH. These transactions would incur the $0.0000025 transaction fee. To estimate this fee we use the monthly active Reddit users statista with a 60% adoption rate and an estimated 10 transactions per month average resulting in an approximate $720 cost across the system. Reddit could feasibly incur all associated internal network charges (mining/minting, transfer, burn) as these are very low and controllable fees.
Reddit Internal Token Transaction Fees

Reddit Ethereum Token Transaction Fees
When we consider further the Ethereum fees that might be incurred, we have a few choices for a solution.
  1. Offload all Ethereum transaction fees (user withdrawals) to interested users as they wish to withdraw tokens for external use or sale.
  2. Cover Ethereum transaction fees by aggregating them on a timed schedule. Users would request withdrawal (from Reddit or individual subreddits), and they would be transacted on the Ethereum network every hour (or some other schedule).
  3. In a combination of the above, customers could cover aggregated fees.
  4. Integrate with alternate Ethereum roll up solutions or other proposals to aggregate minting and distribution transactions onto Ethereum.

Bonus Points

Users should be able to view their balances & transactions via a blockchain explorer-style interface
From interfaces for users who have no knowledge of blockchain technology to users who are well versed in blockchain terms such as those present in a typical block explorer, a system powered by Dragonchain has flexibility on how to provide balances and transaction data to users. Transactions can be made viewable in an Eternal Proof Report, which displays raw data along with TIME staking information and traceability all the way to Bitcoin, Ethereum, and every other Interchained network. The report shows fields such as transaction ID, timestamp, block ID, multiple verifications, and Interchain proof. See example here.
Node payouts within the Dragonchain console are listed in chronological order and can be further seen in either Dragons or USD. See example here.
In our social media platform, Dragon Den, users can see, in real-time, their NRG and MTR balances. See example here.
A new influencer app powered by Dragonchain, Raiinmaker, breaks down data into a user friendly interface that shows coin portfolio, redeemed rewards, and social scores per campaign. See example here.

Exiting is fast & simple
Withdrawing funds on Dragonchain’s console requires three clicks, however, withdrawal scenarios with more enhanced security features per Reddit’s discretion are obtainable.

Interoperability Compatibility with third party apps (wallets/contracts/etc) is necessary.
Proven interoperability at scale that surpasses the required specifications. Our entire platform consists of interoperable blockchains connected to each other and traditional systems. APIs are well documented. Third party permissions are possible with a simple smart contract without the end user being aware. No need to learn any specialized proprietary language. Any code base (not subsets) is usable within a Docker container. Interoperable with any blockchain or traditional APIs. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js. Please see our source code and API documentation.

Scaling solutions should be extensible and allow third parties to build on top of it Open source and extensible
APIs should be well documented and stable

Documentation should be clear and complete
For full documentation, explore our docs, SDK’s, Github repo’s, architecture documents, original Disney documentation, and other links or resources provided in this proposal.

Third-party permissionless integrations should be possible & straightforward Smart contracts are Docker based, can be written in any language, use full language (not subsets), and can therefore be integrated with any system including traditional system APIs. Simple is better. Learning an uncommon or proprietary language should not be necessary.
Advanced knowledge of mathematics, cryptography, or L2 scaling should not be required. Compatibility with common utilities & toolchains is expected.
Dragonchain business nodes and smart contracts leverage Docker to allow the use of literally any language or executable code. No proprietary language is necessary. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js.

Bonus

Bonus Points: Show us how it works. Do you have an idea for a cool new use case for Community Points? Build it!

TIME

Community points could be awarded to Reddit users based upon TIME too, whereas the longer someone is part of a subreddit, the more community points someone naturally gained, even if not actively commenting or sharing new posts. A daily login could be required for these community points to be credited. This grants awards to readers too and incentivizes readers to create an account on Reddit if they browse the website often. This concept could also be leveraged to provide some level of reputation based upon duration and consistency of contribution to a community subreddit.

Dragon Den

Dragonchain has already built a social media platform that harnesses community involvement. Dragon Den is a decentralized community built on the Dragonchain blockchain platform. Dragon Den is Dragonchain’s answer to fake news, trolling, and censorship. It incentivizes the creation and evaluation of quality content within communities. It could be described as being a shareholder of a subreddit or Reddit in its entirety. The more your subreddit is thriving, the more rewarding it will be. Den is currently in a public beta and in active development, though the real token economy is not live yet. There are different tokens for various purposes. Two tokens are Lair Ownership Rights (LOR) and Lair Ownership Tokens (LOT). LOT is a non-fungible token for ownership of a specific Lair. LOT will only be created and converted from LOR.
Energy (NRG) and Matter (MTR) work jointly. Your MTR determines how much NRG you receive in a 24-hour period. Providing quality content, or evaluating content will earn MTR.

Security. Users have full ownership & control of their points.
All community points awarded based upon any type of activity or gift, are secured and provable to all Interchain networks (currently BTC, ETH, ETC). Users are free to spend and withdraw their points as they please, depending on the features Reddit wants to bring into production.

Balances and transactions cannot be forged, manipulated, or blocked by Reddit or anyone else
Users can withdraw their balance to their ERC20 wallet, directly through Reddit. Reddit can cover the fees on their behalf, or the user covers this with a portion of their balance.

Users should own their points and be able to get on-chain ERC20 tokens without permission from anyone else
Through our console users can withdraw their ERC20 rewards. This can be achieved on Reddit too. Here is a walkthrough of our console, though this does not show the quick withdrawal functionality, a user can withdraw at any time. https://www.youtube.com/watch?v=aNlTMxnfVHw

Points should be recoverable to on-chain ERC20 tokens even if all third-parties involved go offline
If necessary, signed transactions from the Reddit system (e.g. Reddit + Subreddit) can be sent to the Ethereum smart contract for minting.

A public, third-party review attesting to the soundness of the design should be available
To our knowledge, at least two large corporations, including a top 3 accounting firm, have conducted positive reviews. These reviews have never been made public, as Dragonchain did not pay or contract for these studies to be released.

Bonus points
Public, third-party implementation review available or in progress
See above

Compatibility with HSMs & hardware wallets
For the purpose of this proposal, all tokenization would be on the Ethereum network using standard token contracts and as such, would be able to leverage all hardware wallet and Ethereum ecosystem services.

Other Considerations

Minting/distributing tokens is not performed by Reddit directly
This operation can be automated by smart contract on Ethereum. Subreddits can if desired have a role to play.

One off point burning, as well as recurring, non-interactive point burning (for subreddit memberships) should be possible and scalable
This is possible and scalable with interaction between Dragonchain Reddit system and Ethereum token contract(s).

Fully open-source solutions are strongly preferred
Dragonchain is fully open source (see section on Disney release after conclusion).

Conclusion

Whether it is today, or in the future, we would like to work together to bring secure flexibility to the highest standards. It is our hope to be considered by Ethereum, Reddit, and other integrative solutions so we may further discuss the possibilities of implementation. In our public demonstration, 256 million transactions were handled in our operational network on chain in 24 hours, for the low cost of $25K, which if run today would cost $625. Dragonchain’s interoperable foundation provides the atmosphere necessary to implement a frictionless community points system. Thank you for your consideration of our proposal. We look forward to working with the community to make something great!

Disney Releases Blockchain Platform as Open Source

The team at Disney created the Disney Private Blockchain Platform. The system was a hybrid interoperable blockchain platform for ledgering and smart contract development geared toward solving problems with blockchain adoption and usability. All objective evaluation would consider the team’s output a success. We released a list of use cases that we explored in some capacity at Disney, and our input on blockchain standardization as part of our participation in the W3C Blockchain Community Group.
https://lists.w3.org/Archives/Public/public-blockchain/2016May/0052.html

Open Source

In 2016, Roets proposed to release the platform as open source to spread the technology outside of Disney, as others within the W3C group were interested in the solutions that had been created inside of Disney.
Following a long process, step by step, the team met requirements for release. Among the requirements, the team had to:
  • Obtain VP support and approval for the release
  • Verify ownership of the software to be released
  • Verify that no proprietary content would be released
  • Convince the organization that there was a value to the open source community
  • Convince the organization that there was a value to Disney
  • Offer the plan for ongoing maintenance of the project outside of Disney
  • Itemize competing projects
  • Verify no conflict of interest
  • Preferred license
  • Change the project name to not use the name Disney, any Disney character, or any other associated IP - proposed Dragonchain - approved
  • Obtain legal approval
  • Approval from corporate, parks, and other business units
  • Approval from multiple Disney patent groups Copyright holder defined by Disney (Disney Connected and Advanced Technologies)
  • Trademark searches conducted for the selected name Dragonchain
  • Obtain IT security approval
  • Manual review of OSS components conducted
  • OWASP Dependency and Vulnerability Check Conducted
  • Obtain technical (software) approval
  • Offer management, process, and financial plans for the maintenance of the project.
  • Meet list of items to be addressed before release
  • Remove all Disney project references and scripts
  • Create a public distribution list for email communications
  • Remove Roets’ direct and internal contact information
  • Create public Slack channel and move from Disney slack channels
  • Create proper labels for issue tracking
  • Rename internal private Github repository
  • Add informative description to Github page
  • Expand README.md with more specific information
  • Add information beyond current “Blockchains are Magic”
  • Add getting started sections and info on cloning/forking the project
  • Add installation details
  • Add uninstall process
  • Add unit, functional, and integration test information
  • Detail how to contribute and get involved
  • Describe the git workflow that the project will use
  • Move to public, non-Disney git repository (Github or Bitbucket)
  • Obtain Disney Open Source Committee approval for release
On top of meeting the above criteria, as part of the process, the maintainer of the project had to receive the codebase on their own personal email and create accounts for maintenance (e.g. Github) with non-Disney accounts. Given the fact that the project spanned multiple business units, Roets was individually responsible for its ongoing maintenance. Because of this, he proposed in the open source application to create a non-profit organization to hold the IP and maintain the project. This was approved by Disney.
The Disney Open Source Committee approved the application known as OSSRELEASE-10, and the code was released on October 2, 2016. Disney decided to not issue a press release.
Original OSSRELASE-10 document

Dragonchain Foundation

The Dragonchain Foundation was created on January 17, 2017. https://den.social/l/Dragonchain/24130078352e485d96d2125082151cf0/dragonchain-and-disney/
submitted by j0j0r0 to ethereum [link] [comments]

Zano Newcomers Introduction/FAQ - please read!

Welcome to the Zano Sticky Introduction/FAQ!

https://preview.redd.it/al1gy9t9v9q51.png?width=424&format=png&auto=webp&s=b29a60402d30576a4fd95f592b392fae202026ca
Hopefully any questions you have will be answered by the resources below, but if you have additional questions feel free to ask them in the comments. If you're quite technically-minded, the Zano whitepaper gives a thorough overview of Zano's design and its main features.
So, what is Zano? In brief, Zano is a project started by the original developers of CryptoNote. Coins with market caps totalling well over a billion dollars (Monero, Haven, Loki and countless others) run upon the codebase they created. Zano is a continuation of their efforts to create the "perfect money", and brings a wealth of enhancements to their original CryptoNote code.
Development happens at a lightning pace, as the Github activity shows, but Zano is still very much a work-in-progress. Let's cut right to it:
Here's why you should pay attention to Zano over the next 12-18 months. Quoting from a recent update:
Anton Sokolov has recently joined the Zano team. ... For the last months Anton has been working on theoretical work dedicated to log-size ring signatures. These signatures theoretically allows for a logarithmic relationship between the number of decoys and the size/performance of transactions. This means that we can set mixins at a level from up to 1000, keeping the reasonable size and processing speed of transactions. This will take Zano’s privacy to a whole new level, and we believe this technology will turn out to be groundbreaking!
If successful, this scheme will make Zano the most private, powerful and performant CryptoNote implementation on the planet. Bar none. A quantum leap in privacy with a minimal increase in resource usage. And if there's one team capable of pulling it off, it's this one.

What else makes Zano special?

You mean aside from having "the Godfather of CryptoNote" as the project lead? ;) Actually, the calibre of the developers/researchers at Zano probably is the project's single greatest strength. Drawing on years of experience, they've made careful design choices, optimizing performance with an asynchronous core architecture, and flexibility and extensibility with a modular code structure. This means that the developers are able to build and iterate fast, refining features and adding new ones at a rate that makes bigger and better-funded teams look sluggish at best.
Zano also has some unique features that set it apart from similar projects:
Privacy Firstly, if you're familiar with CryptoNote you won't be surprised that Zano transactions are private. The perfect money is fungible, and therefore must be untraceable. Bitcoin, for the most part, does little to hide your transaction data from unscrupulous observers. With Zano, privacy is the default.
The untraceability and unlinkability of Zano transactions come from its use of ring signatures and stealth addresses. What this means is that no outside observer is able to tell if two transactions were sent to the same address, and for each transaction there is a set of possible senders that make it impossible to determine who the real sender is.
Hybrid PoW-PoS consensus mechanism Zano achieves an optimal level of security by utilizing both Proof of Work and Proof of Stake for consensus. By combining the two systems, it mitigates their individual vulnerabilities (see 51% attack and "nothing at stake" problem). For an attack on Zano to have even a remote chance of success the attacker would have to obtain not only a majority of hashing power, but also a majority of the coins involved in staking. The system and its design considerations are discussed at length in the whitepaper.
Aliases Here's a stealth address: ZxDdULdxC7NRFYhCGdxkcTZoEGQoqvbZqcDHj5a7Gad8Y8wZKAGZZmVCUf9AvSPNMK68L8r8JfAfxP4z1GcFQVCS2Jb9wVzoe. I have a hard enough time remembering my phone number. Fortunately, Zano has an alias system that lets you register an address to a human-readable name. (@orsonj if you want to anonymously buy me a coffee)
Multisig
Multisignature (multisig) refers to requiring multiple keys to authorize a Zano transaction. It has a number of applications, such as dividing up responsibility for a single Zano wallet among multiple parties, or creating backups where loss of a single seed doesn't lead to loss of the wallet.
Multisig and escrow are key components of the planned Decentralized Marketplace (see below), so consideration was given to each of them from the design stages. Thus Zano's multisig, rather than being tagged on at the wallet-level as an afterthought, is part of its its core architecture being incorporated at the protocol level. This base-layer integration means months won't be spent in the future on complicated refactoring efforts in order to integrate multisig into a codebase that wasn't designed for it. Plus, it makes it far easier for third-party developers to include multisig (implemented correctly) in any Zano wallets and applications they create in the future.
(Double Deposit MAD) Escrow
With Zano's escrow service you can create fully customizable p2p contracts that are designed to, once signed by participants, enforce adherence to their conditions in such a way that no trusted third-party escrow agent is required.
https://preview.redd.it/jp4oghyhv9q51.png?width=1762&format=png&auto=webp&s=12a1e76f76f902ed328886283050e416db3838a5
The Particl project, aside from a couple of minor differences, uses an escrow scheme that works the same way, so I've borrowed the term they coined ("Double Deposit MAD Escrow") as I think it describes the scheme perfectly. The system requires participants to make additional deposits, which they will forfeit if there is any attempt to act in a way that breaches the terms of the contract. Full details can be found in the Escrow section of the whitepaper.
The usefulness of multisig and the escrow system may not seem obvious at first, but as mentioned before they'll form the backbone of Zano's Decentralized Marketplace service (described in the next section).

What does the future hold for Zano?

The planned upgrade to Zano's privacy, mentioned at the start, is obviously one of the most exciting things the team is working on, but it's not the only thing.
Zano Roadmap
Decentralized Marketplace
From the beginning, the Zano team's goal has been to create the perfect money. And money can't just be some vehicle for speculative investment, money must be used. To that end, the team have created a set of tools to make it as simple as possible for Zano to be integrated into eCommerce platforms. Zano's API’s and plugins are easy to use, allowing even those with very little coding experience to use them in their E-commerce-related ventures. The culmination of this effort will be a full Decentralized Anonymous Marketplace built on top of the Zano blockchain. Rather than being accessed via the wallet, it will act more as a service - Marketplace as a Service (MAAS) - for anyone who wishes to use it. The inclusion of a simple "snippet" of code into a website is all that's needed to become part a global decentralized, trustless and private E-commerce network.
Atomic Swaps
Just as Zano's marketplace will allow you to transact without needing to trust your counterparty, atomic swaps will let you to easily convert between Zano and other cyryptocurrencies without having to trust a third-party service such as a centralized exchange. On top of that, it will also lead to the way to Zano's inclusion in the many decentralized exchange (DEX) services that have emerged in recent years.

Where can I buy Zano?

Zano's currently listed on the following exchanges:
https://coinmarketcap.com/currencies/zano/markets/
It goes without saying, neither I nor the Zano team work for any of the exchanges or can vouch for their reliability. Use at your own risk and never leave coins on a centralized exchange for longer than necessary. Your keys, your coins!
If you have any old graphics cards lying around(both AMD & NVIDIA), then Zano is also mineable through its unique ProgPowZ algorithm. Here's a guide on how to get started.
Once you have some Zano, you can safely store it in one of the desktop or mobile wallets (available for all major platforms).

How can I support Zano?

Zano has no marketing department, which is why this post has been written by some guy and not the "Chief Growth Engineer @ Zano Enterprises". The hard part is already done: there's a team of world class developers and researchers gathered here. But, at least at the current prices, the team's funds are enough to cover the cost of development and little more. So the job of publicizing the project falls to the community. If you have any experience in community building/growth hacking at another cryptocurrency or open source project, or if you're a Zano holder who would like to ensure the project's long-term success by helping to spread the word, then send me a pm. We need to get organized.
Researchers and developers are also very welcome. Working at the cutting edge of mathematics and cryptography means Zano provides challenging and rewarding work for anyone in those fields. Please contact the project's Community Manager u/Jed_T if you're interested in joining the team.
Social Links:
Twitter
Discord Server
Telegram Group
Medium blog
I'll do my best to keep this post accurate and up to date. Message me please with any suggested improvements and leave any questions you have below.
Welcome to the Zano community and the new decentralized private economy!
submitted by OrsonJ to Zano [link] [comments]

Bob The Magic Custodian



Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses.
Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes.

First, some background. Here is a summary of how custodians make us more secure:

Previously, we might give Alice our crypto assets to hold. There were risks:

But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
See - all problems are solved! All we have to worry about now is:
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are!

"On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid".
"Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since."

"As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!"
"Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?"

"Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party."
"Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!"

"What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven."
"Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!"

"We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies.
And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often".

How many holes have to exist for your funds to get stolen?
Just one.

Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so?
If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security.

The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle.

And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet?

Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds.
So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever.

Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see.
It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation.
A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7.

History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance.
Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.)
Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive.

Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today.
Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well.
Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do.

Facts/background/sources (skip if you like):



Thoughts?
submitted by azoundria2 to QuadrigaInitiative [link] [comments]

Urbit meetup in North Texas

Hi everybody, I'm holding a meetup in the DFW area for people interested in Urbit next month. If you're interested in the project or want to learn more about it, come hang out! Details are at the end of the post. I've got the blessing of u/ZorbaTHut to post this here contingent on explaining why Urbit is interesting, both in general and for this audience, so I'll give you a brief outline of the project if you're not familiar, and answer questions you may have once I'm home from work on Monday (though I encourage anybody else who'd like to to chime in until then -- I have to go to bed soon.)

What is Urbit?

Urbit is an interenet decentralization project, and a full networked computing stack from the ground up. Urbit's ultimate goal is to build a new internet on top of the old one, that is architecturally designed to avoid the need for centralized services by allowing individuals to run and program robust personal servers that are simple to manage. When Urbit conquers the world, your digital identity will be something you personally permanently own as a cryptographic key, not an line in a corporation's database; Facebook and Twitter will be protocols -- encrypted traffic and data shared directly between you and your friends & family, with no middlemen spying on you; your apps, social software and anything you program will have secure cryptocurrency payment mechanisms as a system call, payed out of a wallet on a device you fully control; and you will tangibly own and control your computer and the networked software you use on it.
As I said, Urbit is a stack; at its core is Nock, a minimal, turing-complete function. Nock is built out into a deterministic operating system, Arvo, with its own functional programming language. For now, Arvo runs as a process, with a custom VM/interpreter on *nix machines. Your Arvo instance talks to other instances over a native, encrypted peer-to-peer network, though it can interface with the normal internet as well. Urbit's identity management system is called Azimuth, a public key infrastructure built on Ethereum. You own proof of your Urbit instance's identity as a token in the same way you own your Bitcoin wallet.
Because the peer-to-peer network is built into Arvo, you get it 'for free' with any software you write or run on it. You run your own personal server, and run all the software you use to communicate with the world yourself. Because all of your services are running on computer you control using a single secure identity system, you can think of what it aspires to like a decentralized, cypherpunk version of WeChat -- a programmable, secure platform for everything you want to do with your computer in one place, without the downsides of other people running your software.

Why is it interesting?

Urbit is extremely ambitious and pretty strange. Why throw out the entire stack we've spent half a century building? Because it's a giant ball of mud -- millions of lines of code in the Linux kernel alone, with all the attendant security issues and complexity. You can run a personal server today if you're technically sophisticated; spin up a VPS, install all the software you need, configure everything and keep it secure. It's doable, but it sucks, and your mom can't do it. Urbit is designed from the beginning to avoid the pitfalls that led to cascading system complexity. Nock has 12 opcodes, and Arvo is somewhere in the neighborhood of 30,000 lines of code. The core pieces of Urbit are also ticking towards being 'frozen' -- reaching a state where they can no longer be changed, in order to ensure that they remain absolutely minimal. The point of all of this is to make a diamond-hard, unchanging core that a single person can actually understand in its entirety, ensure the security of the architecture, prevent insane dependency hell and leaky abstractions from overgrowing it, and allow for software you write today to run in a century. It also aims to be simple enough that a normal person can pay a commodity provider $5/mo (or something), log into their Urbit on their devices, and control it as easily as their phone.
Urbit's network also has a routing hierarchy that is important to understand; while the total address space is 128-bit, the addresses are partitioned into different classes. 8-bit and 16-bit addresses act as network infrastructure, while human instances use 32-bit addresses. To use the network, you must be sponsored by the 16-bit node 'above' you -- which is to say 'be on good terms'. If you aren't on good terms, that sponsorship can be terminated, but that goes both ways -- if you don't like your sponsor, you can exit and choose another. Because 32-bit addresses are finite, they're scarce and have value, which disincentivizes spam and abuse. To be clear, the sponsor nodes only sign/deliver software updates, and perform peer discovery and NAT traversal; your connections with other people are direct and encrypted. Because there are many sponsor nodes, you can return to the network if you're kicked off unfairly. In the long term, this also allows for graceful political fragmentation of the network if necessary.
The world created by Urbit is a world where individuals control their own data and digital communities live according to their mores. It's an internet that isn't funded by mass automated surveillance and ad companies that know your health problems. It's also the internet as a frontier like it once was, at least until this one is settled. Apologies if this comes off a little true-believer-y, but this project is something I'm genuinely excited about.

For TheMotte

The world that Urbit aims to build is one not dissimilar from Scott's archipelago communism -- one of voluntaristic relations and communities, and exit in the face of conflict & coercion. It's technical infrastructure to move the internet away from the chokepoints of the major social media platforms and the concentration of political power that comes with centralized services. The seismic shifts affecting our institutions and society caused by the internet in the last decade have been commented on at length here and elsewhere, but as BTO said, you ain't seen nothin' yet. I suspect many people with a libertarian or anti-authoritarian bent would appreciate the principle of individual sovereignty over their computing and data. The project is also something I've discussed a few times with others on here, so I know there's some curiosity about it.
The original developer of Urbit is also rather well known online, especially around here. Yarvin is a pretty controversial figure, but he departed the project in early 2019.

Meetup

There's a lot more that I haven't mentioned, but I hope this has piqued your interest. If you're in DFW, you can find details of the first meetup here. There will be free pizza and a presentation about Urbit, help installing & using it (Mac & Linux only for now), as well as the opportunity to socialize. All are welcome! Feel free to bring a friend.
If you're not in North Texas but are interested, there are also other regional meetups all over the world coming up soon.

Further reading:

submitted by p3on to TheMotte [link] [comments]

Crypto-Currency: A Guide to Common Tax Situations

STATUS: Majority of questions have been answered. If yours got missed, please feel free to post it again.
Introduction
All,
Based on the rapid increase in popularity and price of bitcoin and other crypto currencies (particularly over the past year), I expect that lots of people have questions about how crypto currency will impact their taxes. This thread attempts to address several common issues. I'm posting similar versions of it here, in several major crypto subs, and eventually in the weekly "tax help" threads personalfinance runs.
I'd like to thank the /personalfinance mod team and the /tax community for their help with this thread and especially for reading earlier versions and offering several valuable suggestions/corrections.
This thread is NOT an endorsement of crypto currency as an investing strategy. There is a time and a place to debate the appropriateness of crypto as part of a diversified portfolio - but that time is not now and that place is not here. If you are interested in the general consensus of this sub on investing, I would urge you to consult the wiki while keeping in mind the general flowchart outlining basic steps to get your finances in order.
Finally, please note that this thread attempts to provide information about your tax obligations as defined by United States law (and interpreted by the IRS under the direction of the Treasury Department). I understand that a certain portion of the crypto community tends to view crypto as "tax free" due to the (actual and perceived) difficulty for the IRS to "know" about the transactions involved. I will not discuss unlawfully concealing crypto gains here nor will I suggest illegal tax avoidance activities.
The Basics
This section is best for people that don't understand much about taxes. It covers some very basic tax principles. It also assumes that all you did during the year was buy/sell a single crypto currency.
Fundamentally, the IRS treats crypto not as money, but as an asset (investment). While there are a few specific "twists" when it comes to crypto, when in doubt replace the word "crypto" with the word "stock" and you will get a pretty good idea how you should report and pay tax on crypto.
The first thing you should know is that the majority of this discussion applies to the taxes you are currently working on (2017 taxes). The tax bill that just passed applies to 2018 taxes (with a few very tiny exceptions), which most people will file in early 2019.
In general, you don't have to report or pay taxes on crypto currency holdings until you "cash out" all or part of your holdings. For now, I'm going to assume that you cash out by selling them for USD; however, other forms of cashing out will be covered later.
When you sell crypto, you report the difference between your basis (purchase price) and proceeds (sale price) on Schedule D. Your purchase price is commonly referred to as your basis; while the two terms don't mean exactly the same thing, they are pretty close to one another (in particular, there are three two ways to calculate your basis - your average cost, a first-in, first-out method, and a "specific identification" method. See more about these here and here). EDIT - you may not use average cost method with crypto - see here. If you sell at a gain, this gain increases your tax liability; if you sell at a loss, this loss decreases your tax liability (in most cases). If you sell multiple times during the year, you report each transaction separately (bad news if you trade often) but get to lump all your gains/losses together when determining how the trades impact your income.
One important thing to remember is that there are two different types of gains/losses from investments - short term gains (if you held an asset for one year or less) and long term gains (over one year; i.e. one year and one day). Short term gains are taxed at your marginal income rate (basically, just like if you had earned that money at a job) while long term gains are taxed at lower rates.
For most people, long term capital gains are taxed at 15%. However, if you are in the 10% or 15% tax bracket, congrats - your gains (up to the maximum amount of "unused space" in your bracket) are tax free! If you are in the 25%, 28%, 33%, or 35% bracket, long term gains are taxed at 15%. If you are in the 39.6% bracket, long term gains are taxed at 20%. Additionally, there is an "extra" 3.8% tax that applies to gains for those above $200,000/$250,000 (single/married). The exact computation of this tax is a little complicated, but if you are close to the $200,000 level, just know that it exists.
Finally, you should know that I'm assuming that you should treat your crypto gains/losses as investment gains/losses. I'm sure some people will try and argue that they are really "day traders" of crypto and trade as a full time job. While this is possible, the vast majority of people don't qualify for this status and you should really think several times before deciding you want to try that approach on the IRS.
"Cashing Out" - Trading Crypto for Goods/Services
I realize that not everyone that "cashes out" of crypto does so by selling it for USD. In fact, I understand that some in the crypto community view the necessity of cashing out itself as a type of myth. In this section, I discuss what happens if you trade your crypto for basically anything that isn't cash (minor sidenote - see next section for a special discussion on trading crypto for crypto; i.e. buying altcoins with crypto).
The IRS views trading crypto for something of value as a type of bartering that must be included in income. From the IRS's perspective, it doesn't matter if you sold crypto for cash and bought a car with that cash or if you just traded crypto directly for the car - in both cases, the IRS views you as having sold your crypto. This approach isn't unique to crypto - it works the same way if you trade stock for something.
This means that if you do trade your crypto for "stuff", you have to report every exchange as a sale of your crypto and calculate the gain/loss on that sale, just as if you had sold the crypto for cash.
Finally, there is one important exception to this rule. If you give your crypto away to charity (one recognized by the IRS; like a 501(c)(3) organization), the IRS doesn't make you report/pay any capital gains on the transaction. Additionally, you still get to deduct the value of your donation on the date it was made. Now, from a "selfish" point of view, you will always end up with more money if you sell the crypto, pay the tax, and keep the rest. But, if you are going to make a donation anyway, especially a large one, giving crypto where you have a big unrealized/untaxed gain is a very efficient way of doing so.
"Alt Coins" - Buying Crypto with Crypto
The previous section discusses what happens when you trade crypto for stuff. However, one thing that surprises many people is that trading crypto for crypto is also a taxable event, just like trading crypto for a car. Whether you agree with this position or not, it makes a lot of sense once you realize that the IRS doesn't view crypto as money, but instead as an asset. So to the IRS, trading bitcoin for ripple isn't like trading dollars for euros, but it is instead like trading shares of Apple stock for shares of Tesla stock.
Practically, what this means is that if you trade one crypto for another crypto (say BTC for XRP just to illustrate the point), the IRS views you as doing the following:
  • Selling for cash the amount of BTC you actually traded for XRP.
  • Owing capital gains/losses on the BTC based on its selling price (the fair market value at the moment of the exchange) and your purchase price (basis).
  • Buying a new investment (XRP) with a cost basis equal to the amount the BTC was worth when you exchanged them.
This means that if you "time" your trade wrong and the value of XRP goes down after you make the exchange, you still owe tax on your BTC gain even though you subsequently lost money. The one good piece of news in this is that when/if you sell your XRP (or change it back to BTC), you will get a capital loss for the value that XRP dropped.
There is one final point worth discussing in this section - the so called "like kind exchange" rules (aka section 1031 exchange). At a high level, these rules say that you can "swap" property with someone else without having to pay taxes on the exchange as long as you get property in return that is "like kind". Typically, these rules are used in real estate transactions. However, they can also apply to other types of transactions as well.
While the idea is simple (and makes it sound like crypto for crypto should qualify), the exact rules/details of this exception are very fact specific. Most experts (including myself, but certainly not calling myself an expert) believe that a crypto for crypto swap is not a like kind exchange. The recently passed tax bill also explicitly clarifies this issue - starting in 2018, only real estate qualifies for like kind exchange treatment. So, basically, the vast majority of evidence suggests that you can't use this "loophole" for 2017; however, there is a small minority view/some small amount of belief that this treatment would work for 2017 taxes and it is worth noting that I'm unaware of any court cases directly testing this approach.
Dealing with "Forks"
Perhaps another unpleasant surprise for crypto holders is that "forks" to create a new crypto also very likely generate a taxable event. The IRS has long (since at least the 1960s) held that "found" money is a taxable event. This approach has been litigated in court and courts have consistently upheld this position; it even has its own cool nerdy tax name - the "treasure trove" doctrine.
Practically, what this means is that if you owned BTC and it "forked" to create BCH, then the fair market value of the BCH you received is considered a "treasure trove" that must be reported as income (ordinary income - no capital gain rates). This is true whether or not you sold your BCH; if you got BCH from a fork, that is a taxable event (note - I'll continue using BTC forking to BCH in this section as an example, but the logic applies to all forks).
While everything I've discussed up to this point is pretty clearly established tax law, forks are really where things get messy with taxes. Thus, the remainder of this section contains more speculation than elsewhere in this post - the truth is that while the idea is simple (fork = free money = taxable), the details are messy and other kinds of tax treatment might apply to forks.
One basic practical problem with forks is that the new currency doesn't necessarily start trading immediately. Thus, you may have received BCH before there was a clear price or market for it. Basically, you owe tax on the value of BCH when you received it, but it isn't completely clear what that value was. There are several ways you can handle this; I'll list them in order from most accurate to least accurate (but note that this is just my personal view and there is ongoing disagreement on this issue with little/no authoritative guidance).
  • Use a futures market to determine the value of the BCH - if reliable sources published realistic estimates of what BCH will trade for in the future once trading begins, use this estimate as the value of your BCH. Pros/cons - futures markets are, in theory, pretty accurate. However, if they are volatile/subject to manipulation, they may provide an incorrect estimate of the true value of BCH. It would suck to use the first futures value published only to have that value plummet shortly thereafter, leaving you to pay ordinary income tax but only have an unrealized capital loss.
  • Wait until an exchange starts trading BCH; use the actual ("spot" price) as the value. Pros/cons - spot prices certainly reflect what you could have sold BCH for; however, it is possible that the true value of the coin was highelower when you received it as compared to when it started trading on the exchange. Thus this method seems less accurate to me than a futures based approach, but it is still certainly fairly reasonable.
  • Assume that the value is $0. This is my least preferred option, but there is still a case to be made for it. If you receive something that you didn't want, can't access, can't sell, and might fail, does it have any value? I believe the answer is yes (maybe not value it perfectly, but value it somewhat accurately), but if you honestly think the answer is no, then the correct tax answer would be to report $0 in income from the fork. The IRS would be most likely to disagree with this approach, especially since it results in the least amount of income reported for the current year (and the most favorable rates going forward). Accordingly, if you go this route, make extra sure you understand what it entails.
Note, once you've decided what to report as taxable income, this amount also becomes your cost basis in the new crypto (BCH). Thus, when you ultimately sell your BCH (or trade it for something else as described above), you calculate your gain/loss based on what you included in taxable income from the fork.
Finally, there is one more approach to dealing with forks worth mentioning. A fork "feels" a lot like a dividend - because you held BTC, you get BCH. In a stock world, if I get a cash dividend because I own the stock, that money is not treated as a "treasure trove" and subject to ordinary income rates - in most cases, it is a qualified dividend and subject to capital gain rates; in some cases, some types of stock dividends are completely non taxable. This article discusses this idea in slightly more detail and generally concludes that forks should not be treated as a dividend. Still, I would note that I'm unaware of any court cases directly testing this theory.
Ultimately, this post is supposed to be practical, so let me make sure to leave you with two key thoughts about the taxation of forks. First, I believe that the majority of evidence suggests that forks should be treated as a "treasure trove" and reported as ordinary income based on their value at creation and that this is certainly the "safest" option. Second, out of everything discussed in this post, I also believe that the correct taxation of forks is the murkiest and most "up for debate" area. If you are interested in a more detailed discussion of forks, see this thread for a previous version of this post discussing it at even more length and the comments for a discussion of this with the tax community.
Mining Crypto
Successfully mining crypto coins is a taxable event. Depending on the amount of effort you put into mining, it is either considered a hobby or a self-employment (business) activity. The IRS provides the following list of questions to help decide the correct classification:
  • The manner in which the taxpayer carries on the activity.
  • The expertise of the taxpayer or his advisors.
  • The time and effort expended by the taxpayer in carrying on the activity.
  • Expectation that assets used in activity may appreciate in value.
  • The success of the taxpayer in carrying on other similar or dissimilar activities.
  • The taxpayer’s history of income or losses with respect to the activity.
  • The amount of occasional profits, if any, which are earned.
If this still sounds complicated, that's because the distinction is subject to some amount of interpretation. As a rule of thumb, randomly mining crypto on an old computer is probably a hobby; mining full time on a custom rig is probably a business.
In either event, you must include in income the fair market value of any coins you successfully mine. These are ordinary income and your basis in these coins is their fair market value on the date they were mined. If your mining is a hobby, they go on line 21 (other income) and any expenses directly associated with mining go on schedule A (miscellaneous subject to 2% of AGI limitation). If your mining is a business, income and expenses go on schedule C.
Both approaches have pros and cons - hobby income isn't subject to the 15.3% self-employment tax, only normal income tax, but you get fewer deductions against your income and the deductions you get are less valuable. Business income has more deductions available, but you have to pay payroll (self-employment) tax of about 15.3% in addition to normal income tax.
What if I didn't keep good records? Do I really have to report every transaction?
One nice thing about the IRS treating crypto as an asset is that we can look at how the IRS treats people that "day trade" stock and often don't keep great records/have lots of transactions. While you need to be as accurate as possible, it is ok to estimate a little bit if you don't have exact records (especially concerning your cost basis). You need to put in some effort (research historical prices, etc...) and be reasonable, but the IRS would much rather you do a little bit of reasonable estimation as opposed to just not reporting anything. Sure, they might decide to audit you/disagree with some specifics, but you earn yourself a lot of credit if you can show that you honestly did the best you reasonably could and are making efforts to improve going forward.
However, concerning reporting every transaction - yes, sorry, it is clear that you have to do this, even if you made hundreds or thousands of them. Stock traders have had to go through this for many decades, and there is absolutely no reason to believe that the IRS would accept anything less from the crypto community. If you have the records or have any reasonable way of obtaining records/estimating them, you must report every transaction.
What if I don't trust you?
Well, first let me say that I can't believe you made it all the way down here to this section. Thanks for giving me an honest hearing. I would strongly encourage you to go read other well-written, honest guides. I'll link to some I like (both more technical IRS type guides and more crypto community driven guides). While a certain portion of the crypto community seems to view one of the benefits of crypto as avoiding all government regulation (including taxes), I've been pleasantly surprised to find that many crypto forums contain well reasoned, accurate tax guides. While I may not agree with 100% of their conclusions, that likely reflects true uncertainty around tax law that is fundamentally complex rather than an attempt on either end to help individuals unlawfully avoid taxes.
IRS guides
Non-IRS guides
submitted by Mrme487 to personalfinance [link] [comments]

Want to start fresh after the crypto crash? Here is a comprehensive guide on how to invest and prosper over the long term.

Well its happened, the crypto market just experienced the worst crash since 2014, the bubble has burst. The idiocy of newbies FOMO-ing into anything with low nominal value lead to endless twitter timelines like this, and now nobody has any idea where the market settles. What do you do now?
In the following weeks it will be a good time to rethink your investment approach and how you arrive at your decisions. Just buying whatever is shilled on Twitter or Reddit and jumping from one crypto to another isn't going to work like it did these last two months.
The good news is that we're finally back closer and closer to our long term moving average which is much more healthy for entrants, the bad news is that the fear might continue compounding if outstanding issues are not dealt with. Tether is the big concern for me personally for reasons I've stated many times, but some relief in the short term may come if the SEC and CFTC meeting on February 6th goes well. Nobody really knows where the bottom is but I think we're now past the "irrational exhuberance" stage and we're entering a period of more serious inspection where cryptos will actually have to prove themselves as useful. I suspect hype artists like CryptoNick and John McAfee will fall out of favor.
But perhaps most importantly use this as a learning experience, don't try to point fingers now. The type of dumb behavior that people were engaging in that was rewarded in a bull market (chasing pumps, going all in on a shillcoin, following hype..etc) could only ever lead to what we are experiencing now. Just like so many people jumped on the crypto bandwagon during the bull run, they will just as quickly jump on whatever bandwagon is to be used to blame for the deflation of the bubble. Nobody who pumped money into garbage without any use case will accept that they themselves with their own investing behavior were the real reason for the gross overvaluation of most cryptocurrencies, and the inevitable crash.
So if you're looking for a fresh start after the massacre (or just want to get in now), here is a guide:

Part A: Making a Investment Strategy

This is your money, put some effort into investing it with an actual strategy. Some simple yet essential advice that should apply to everyone, regardless of individual strategy:
  1. Slow down and research each crypto that you're buying for at least a week.
  2. Don't buy something just because it has risen.
  3. Don't exit a position just because it has declined.
  4. Invest only as much as you can afford to lose.
  5. Prepare enter and exit strategies in advance.
First take some time to think about your ROI target, set your hold periods for each position and how much you are actually ready to risk losing.
ROI targets
A lot of young investors who are in crypto have unrealistic expectations about returns and risk. A lot of them have never invested in any other type of financial asset, and hence many seem to consider a 5-10% ROI in a month to be unexciting.
But its important to temper your hype and realize why we had this exponential growth in the last year and how unlikely it is that we see 10x returns in the next year. What we saw recently was Greater Fool Theory in action. Those unexciting returns of 5-10% a month are much more of the norm, and much more healthy for an alternative investment class.
You can think about setting a target in terms of the market ROI over a relevant holding period and then add or decrease based on your own risk profile.
Example: Calculating a 2 year ROI target
Lets say you want to hold for 2 years now, how could you set a realistic target to strive for? You could look at a historical 2 year return as a base, preferably during a period similar to what we're facing now. Now that we had a major correction, I think we can look at the two year period starting in 2015 after we had the 2014 crash. To calculate a 2 year CAGR starting in 2015:
Year Total Crypto Market Cap
Jan 1, 2015: $5.5 billion
Jan 1, 2017: $18 billion
Compounded annual growth return (CAGR): [(18/5.5)1/2]-1 = 81%
This annual return rate of 81% comes out to about 4.9% compounded monthly. This may not sound exciting to the lambo moon crowd, but it will keep you grounded in reality. You can aim for a higher return (say 2x of that 81% rate) if you choose to take on more risky propositions. I can't tell you what return target you should set for yourself, but just make sure its not depended on you needing to achieve continual near vertical parabolic price action in small cap shillcoins because that isn't sustainable.
Once you have a target you can construct your risk profile (low risk vs. high risk category coins) in your portfolio based on your target.
Risk Management
Everything you buy in crypto is risky, but it still helps to think of these 3 risk categories:
How much risk should you take on? That depends on your own life situation for one, but also it should be proportional to how much expertise you have in both financial analysis and technology.
The general starting point I would recommend is:
Some more core principles on risk management to consider:
You can think of each crypto having a risk factor that is the summation of the general crypto market risk (Rm), but also its own inherent risk specific to its own goals (Ri).
Rt = Rm +Ri
The market risk is something you cannot avoid, it is essentially the risk that is carried by the entire market over things like regulations. What you can minimize though the Ri, the specific risks with your crypto. That will depend on the team composition, geographic risks (for example Chinese coins like NEO carry regulatory risks specific to China), competition within the space and likelihood of adoption and other factors, which I'll describe in Part 2: Crypto Picking Methodology.
Portfolio Allocation
Along with thinking about your portfolio in terms of risk categories described above, I really find it helpful to think about the segments you are in. OnChainFX has some segment categorization but I generally like to bring it down to:
Think about your "Circle of Competence", your body of knowledge that allows you to evaluate an investment. Your ability to properly judge risk and potential is going to largely correlated to your understanding of the subject matter. If you don't know anything about how supply chains functions, how can you competently judge whether VeChain or WaltonChain will achieve adoption? If you don't understand anything about the tech when you read the Cardano paper, are you really able to determine how likely it is to be adopted?
Consider the historic correlations between your holdings. Generally when Bitcoin pumps, altcoins dump but at what rate depends on the coin. When Bitcoin goes sideways we tend to see pumping in altcoins, while when Bitcoin goes down, everything goes down.
You should diversify but really shouldn't be in much more than around 12 cryptos, because you simply don't have enough competency to accurately access the risk across every segment and for every type of crypto you come across. If you have over 20 different cryptos in your portfolio you should probably think about consolidating to a few sectors you understand well.

Part B: Crypto Picking Methodology (Due Dilligence)

Do you struggle on how to fundamentally analyze cryptocurrencies? Here is a 3-step methodology to follow to perform your due dilligence:

Step 1: Filtering and Research

There is so much out there that you can get overwhelmed. The best way to start is to think back to your own portfolio allocation strategy and what you would like to get more off. For example in my view enterprise-focused blockchain solutions will be important in the next few years, and so I look to create a list of various cryptos that are in that segment.
Upfolio has brief descriptions of the top 100 cryptos and is filterable by categories, for example you can click the "Enterprise" category and you have a neat list of VEN, FCT, WTC...etc.
Once you have a list of potential candidates, its time to read about them:
  • Critically evaluate the website. If it's a cocktail of nonsensical buzzwords, if its unprofessional and poorly made, stay away. Always look for a roadmap, compare to what was actually delivered so far. Always check the team, try to find them on LinkedIn and what they did in the past.
  • Read the whitepaper or business development plan. You should fully understand how this crypto functions and how its trying to create value. If there is no use case or if the use case does not require or benefit from a blockchain, move on.
  • Check the blockchain explorer. How is the token distribution across accounts? Are the big accounts selling? Try to figure out who the whales are (not always easy!) and what the foundation/founder account is based on the initial allocation.
  • Look at the Github repos, does it look empty or is there plenty of activity?
  • Search out the subreddit and look at a few Medium or Steem blogs about the coin. How "shilly" is the community, and how much engagement is there between developer and the community?
  • I would also go through the BitcoinTalk thread and Twitter mentions, judge both the length and quality of the discussion.
You can actually filter out a lot of scams and bad investments by simply keeping your eye out on the following red flags:
  • allocations that give way too much to the founder
  • guaranteed promises of returns (Bitcooonnneeeect!)
  • vague whitepapers filled with buzzwords
  • vague timelines and no clear use case
  • Github with no useful code and sparse activity
  • a team that is difficult to find information on

Step 2: Passing a potential pick through a checklist

Once you feel fairly confident that a pick is worth analyzing further, run them through a standardized checklist of questions. This is one I use, you can add other questions yourself:
Crypto Analysis Checklist
What is the problem or transactional inefficiency the coin is trying to solve?
What is the Dev Team like? What is their track record? How are they funded, organized?
How big is the market they're targeting?
Who is their competition and what does it do better?
What is the roadmap they created and how well have they kept to it?
What current product exists?
How does the token/coin actually derive value for the holder? Is there a staking mechanism or is it transactional?
Is there any new tech, and is it informational or governance based?
Can it be easily copied?
What are the weaknesses or problems with this crypto?
The last question is the most important.
This is where the riskiness of your crypto is evaluated, the Ri I talked about above. Here you should be able to accurate place the crypto into one of the three risk categories. I also like to run through this checklist of blockchain benefits and consider which specific properties of the blockchain are being used by the specific crypto to provide some increased utility over the current transactional method:
Benefits of Cryptocurrency
Decentralization - no need for a third party to agree or validate transactions.
Transparency and trust - As blockchain are shared, everyone can see what transactions occur. Useful for something like an online casino.
Immutability - It is extremely difficult to change a transaction once its been put onto a blockchain
Distributed availability - The system is spread on thousands of nodes on a P2P network, so its difficult to take the system down.
Security - cryptographically secured transactions provide integrity
Simplification and consolidation - a blockchain can serve as a shared ledger in industries where multiple entities previously kept their own data sources
Quicker Settlement - In the financial industry when we're dealing with post-trade settlement, a blockchain can drastically increase the speed of verification
Cost - in some cases avoiding a third party verification would drastically reduce costs.

Step 3: Create a valuation model

You don't need to get into full modeling or have a financial background. Even a simple model that just tries to derive a valuation through relative terms will put you above most crypto investors. Some simple valuation methods that anyone can do:
Probablistic Scenario Valuation
This is all about thinking of scenarios and probability, a helpful exercise in itself. For example: Bill Miller, a prominent value investor, wrote a probabilistic valuation case for Bitcoin in 2015. He looked at two possible scenarios for probabalistic valuation:
  1. becoming a store-of-value equal to gold (a $6.4 trillion value), with a .25% probability of occurring
  2. replacing payment processors like VISA, MasterCard, etc. (a $350 million dollar value) with a 2.5% probability
Combining those scenarios would give you the total expected market cap: (0.25% x 6.4 trillion) + (2.5% x 350 million). Divide this by the outstanding supply and you have your valuation.
Metcalfe's Law
Metcalfe's Law which states that the value of a network is proportional to the square of the number of connected users of the system (n2). So you can compare various currencies based on their market cap and square of active users or traffic. We can alter this to crypto by thinking about it in terms of both users and transactions:
For example, compare the Coinbase pairs:
Metric Bitoin Ethereum Litecoin
Market Cap $152 Billion $93 Billion $7.3 Billion
Daily Transactions (last 24hrs) 249,851 1,051,427 70,397
Active Addresses (Peak 1Yr) 1,132,000 1,035,000 514,000
Metcalfe Ratio (Transactions Based) 2.43 0.08 1.47
Metcalfe Ratio (Address Based) 0.12 0.09 0.03
Generally the higher the ratio, the higher the valuation given for each address/transaction.
Market Cap to Industry comparisons
Another easy one is simply looking at the total market for the industry that the coin is supposedly targeting and comparing it to the market cap of the coin. Think of the market cap not only with circulating supply like its shown on CMC but including total supply. For example the total supply for Dentacoin is 1,841,395,638,392, and when multiplied by its price in early January we get a market cap that is actually higher than the entire industry it aims to disrupt: Dentistry.
More complex valuation models
If you would like to get into more fleshed out models with Excel, I highly recommend Chris Burniske's blog about using Quantity Theory of Money to build an equivalent of a DCF analysis for crypto.
Here is an Excel file example of OMG done by Nodar Janashia using Chris' model .
You should create multiple scenarios with multiple assumptions, both positive and negative. Have a base scenario and then moderately optimistic/pessimistic and highly optimistic/pessimistic scenario.
Personally I like to see at least a 50% upward potential before investing from my moderately pessimistic scenario, but you can set your own safety margin.
The real beneficial thing about modelling isn't even the price or valuation comparisons it spits out, but that it forces you to think about why the coin has value and what your own assumption about the future are. For example the discount rate you apply to the net present utility formula drastically affects the valuation, and it reflects your own assumptions of how risky the crypto is. What exactly would be a reasonable discount rate? What about the digital economy you are assuming for the coin, what levers affects its size and adoption and how likely are your assumptions to come true? You'll be a drastically more intelligent investor if you think about the fundamental variables that give your coin the market cap you think it should hold.

Summing it up

The time for lambo psychosis is over. But that's no reason to feel down, this is a new day and what many were waiting for. I've put together in one place here how to construct a portfolio allocation (taking into consideration risk and return targets), and how to go through a systematic crypto picking method. I'm won't tell you what to buy, you should always decide that for yourself and DYOR. But as long as you follow a rational and thorough methodology (feel free to modify anything I said above to suit your own needs) you will feel pretty good about your investments, even in times like these.
Edit: Also get a crypto prediction ferret. You won't regret it.
submitted by arsonbunny to CryptoCurrency [link] [comments]

Is Crypto Currency truly at risk due to Quantum Computers, and what can you do about it?

Is Crypto Currency truly at risk due to Quantum Computers, and what can you do about it?

There is no denying that the Quantum revolution is coming. Security protocols for the internet, banking, telecommunications, etc... are all at risk, and your Bitcoins (and alt-cryptos) are next!
This article is not really about quantum computers[i], but, rather, how they will affect the future of cryptocurrency, and what steps a smart investor will take. Since this is a complicated subject, my intention is to provide just enough relevant information without being too “techy.”

The Quantum Evolution

In 1982, Nobel winning physicist, Richard Feynman, hypothesized how quantum computers[ii] would be used in modern life.
Just one year later, Apple released the “Apple Lisa”[iii] – a home computer with a 7.89MHz processor and a whopping 5MB hard drive, and, if you enjoy nostalgia, it used 5.25in floppy disks.
Today, we walk around with portable devices that are thousands of times more powerful, and, yet, our modern day computers still work in a simple manner, with simple math, and simple operators[iv]. They now just do it so fast and efficient that we forget what’s happening behind the scenes.
No doubt, the human race is accelerating at a remarkable speed, and we’ve become obsessed with quantifying everything - from the everyday details of life to the entire universe[v]. Not only do we know how to precisely measure elementary particles, we also know how to control their actions!
Yet, even with all this advancement, modern computers cannot “crack” cryptocurrencies without the use of a great deal more computing power, and since it’s more than the planet can currently supply, it could take millions, if not billions, of years.
However, what current computers can’t do, quantum computers can!
So, how can something that was conceptualized in the 1980’s, and, as of yet, has no practical application, compromise cryptocurrencies and take over Bitcoin?
To best answer this question, let’s begin by looking at a bitcoin address.

What exactly is a Bitcoin address?

Well, in layman terms, a Bitcoin address is used to send and receive Bitcoins, and looking a bit closer (excuse the pun), it has two parts:[vi]
A public key that is openly shared with the world to accept payments. A public key that is derived from the private key. The private key is made up of 256 bits of information in a (hopefully) random order. This 256 bit code is 64 characters long (in the range of 0-9/a-f) and further compressed into a 52 character code (using RIPEMD-160).
NOTE: Although many people talk about Bitcoin encryption, Bitcoin does not use Encryption. Instead, Bitcoin uses a hashing algorithm (for more info, please see endnote below[vii]).
Now, back to understanding the private key:
The Bitcoin address “1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm” translates to a private key of “5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf” which further translates to a 256 bit private key of “0000000000000000000000000000000000000000000000000000000000000001” (this should go without saying, but do not use this address/private key because it was compromised long ago.) Although there are a few more calculations that go behind the scenes, these are the most relevant details.
Now, to access a Bitcoin address, you first need the private key, and from this private key, the public key is derived. With current computers, it’s classically impractical to attempt to find a private key based on a public key. Simply put, you need the private key to know the public key.
However, it has already been theorized (and technically proven) that due to private key compression, multiple private keys can be used to access the same public key (aka address). This means that your Bitcoin address has multiple private keys associated with it, and, if someone accidentally discovers or “cracks” any one of those private keys, they have access to all the funds in that specific address.
There is even a pool of a few dedicated people hunting for these potential overlaps[viii], and they are, in fact, getting very efficient at it. The creator of the pool also has a website listing every possible Bitcoin private key/address in existence[ix], and, as of this writing, the pool averages 204 trillion keys per day!
But wait! Before you get scared and start panic selling, the probability of finding a Bitcoin address containing funds (or even being used) is highly unlikely – nevertheless, still possible!
However, the more Bitcoin users, the more likely a “collision” (finding overlapping private/public key pairs)! You see, the security of a Bitcoin address is simply based on large numbers! How large? Well, according to my math, 1.157920892373x1077 potential private keys exist (that number represents over 9,500 digits in length! For some perspective, this entire article contains just over 14,000 characters. Therefore, the total number of Bitcoin addresses is so great that the probability of finding an active address with funds is infinitesimal.

So, how do Quantum Computers present a threat?

At this point, you might be thinking, “How can a quantum computer defeat this overwhelming number of possibilities?” Well, to put it simple; Superposition and Entanglement[x].
Superposition allows a quantum bit (qbit) to be in multiple states at the same time. Entanglement allows an observer to know the measurement of a particle in any location in the universe. If you have ever heard Einstein’s quote, “Spooky Action at a Distance,” he was talking about Entanglement!
To give you an idea of how this works, imagine how efficient you would be if you could make your coffee, drive your car, and walk your dog all at the same time, while also knowing the temperature of your coffee before drinking, the current maintenance requirements for your car, and even what your dog is thinking! In a nutshell, quantum computers have the ability to process and analyze countless bits of information simultaneously – and so fast, and in such a different way, that no human mind can comprehend!
At this stage, it is estimated that the Bitcoin address hash algorithm will be defeated by quantum computers before 2028 (and quite possibly much sooner)! The NSA has even stated that the SHA256 hash algorithm (the same hash algorithm that Bitcoin uses) is no longer considered secure, and, as a result, the NSA has now moved to new hashing techniques, and that was in 2016! Prior to that, in 2014, the NSA also invested a large amount of money in a research program called “Penetrating Hard Targets project”[xi] which was used for further Quantum Computer study and how to break “strong encryption and hashing algorithms.” Does NSA know something they’re not saying or are they just preemptively preparing?
Nonetheless, before long, we will be in a post-quantum cryptography world where quantum computers can crack crypto addresses and take all the funds in any wallet.

What are Bitcoin core developers doing about this threat?

Well, as of now, absolutely nothing. Quantum computers are not considered a threat by Bitcoin developers nor by most of the crypto-community. I’m sure when the time comes, Bitcoin core developers will implement a new cryptographic algorithm that all future addresses/transactions will utilize. However, will this happen before post-quantum cryptography[xii]?
Moreover, even after new cryptographic implementation, what about all the old addresses? Well, if your address has been actively used on the network (sending funds), it will be in imminent danger of a quantum attack. Therefore, everyone who is holding funds in an old address will need to send their funds to a new address (using a quantum safe crypto-format). If you think network congestion is a problem now, just wait…
Additionally, there is the potential that the transition to a new hashing algorithm will require a hard fork (a soft fork may also suffice), and this could result in a serious problem because there should not be multiple copies of the same blockchain/ledger. If one fork gets attacked, the address on the other fork is also compromised. As a side-note, the blockchain Nebulas[xiii] will have the ability to modify the base blockchain software without any forks. This includes adding new and more secure hashing algorithms over time! Nebulas is due to be released in 2018.

Who would want to attack Bitcoin?

Bitcoin and cryptocurrency represent a threat to the controlling financial system of our modern economy. Entire countries have outright banned cryptocurrency[xiv] and even arrested people[xv], and while discrediting it, some countries are copying cryptocurrency to use (and control) in their economy[xvi]!
Furthermore, Visa[xvii], Mastercard[xviii], Discover[xix], and most banks act like they want nothing to do with cryptocurrency, all the while seeing the potential of blockchain technology and developing their own[xx]. Just like any disruptive technology, Bitcoin and cryptocurrencies have their fair share of enemies!
As of now, quantum computers are being developed by some of the largest companies in the world, as well as private government agencies.
No doubt, we will see a post-quantum cryptography world sooner than most realize. By that point, who knows how long “3 letter agencies” will have been using quantum technology - and what they’ll be capable of!

What can we do to protect ourselves today?

Of course, the best option is to start looking at how Bitcoin can implement new cryptographic features immediately, but it will take time, and we have seen how slow the process can be just for scaling[xxi].
The other thing we can do is use a Bitcoin address only once for outgoing transactions. When quantum computers attack Bitcoin (and other crypto currencies), their first target will be addresses that have outgoing transactions on the blockchain that contain funds.
This is due to the fact that when computers first attempt to crack a Bitcoin address, the starting point is when a transaction becomes public. In other words, when the transaction is first signed – a signed transaction is a digital signature derived from the private key, and it validates the transaction on the network. Compared to classical computers, quantum computers can exponentially extrapolate this information.
Initially, Bitcoin Core Software might provide some level of protection because it only uses an address once, and then sends the remaining balance (if any) to another address in your keypool. However, third party Bitcoin wallets can and do use an address multiple times for outgoing transactions. For instance, this could be a big problem for users that accept donations (if they don’t update their donation address every time they remove funds). The biggest downside to Bitcoin Core Software is the amount of hard-drive space required, as well as diligently retaining an up-to-date copy of the entire blockchain ledger.
Nonetheless, as quantum computers evolve, they will inevitably render SHA256 vulnerable, and although this will be one of the first hash algorithms cracked by quantum computers, it won’t be the last!

Are any cryptocurrencies planning for the post-quantum cryptography world?

Yes, indeed, there are! Here is a short list of ones you may want to know more about:

Full disclosure:

Although I am in no way associated with any project listed above, I do hold coins in all as well as Bitcoin, Litecoin and many others.
The thoughts above are based on my personal research, but I make no claims to being a quantum scientist or cryptographer. So, don’t take my word for anything. Instead, do your own research and draw your own conclusions. I’ve included many references below, but there are many more to explore.
In conclusion, the intention of this article is not to create fear or panic, nor any other negative effects. It is simply to educate. If you see an error in any of my statements, please, politely, let me know, and I will do my best to update the error.
Thanks for reading!

References

[i] https://www.youtube.com/watch?v=JhHMJCUmq28 – A great video explaining quantum computers.
[ii] https://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol4/spb3/ - A brief history of quantum computing.
[iii] https://en.wikipedia.org/wiki/Apple_Lisa - More than you would ever want to know about the Apple Lisa.
[iv] https://www.youtube.com/watch?v=tpIctyqH29Q&list=PL8dPuuaLjXtNlUrzyH5r6jN9ulIgZBpdo - Want to learn more about computer science? Here is a great crash course for it!
[v] https://www.collinsdictionary.com/dictionary/english/quantify - What does quantify mean?
[vi] https://en.bitcoin.it/wiki/Private_key - More info about Bitcoin private keys.
[vii] https://www.securityinnovationeurope.com/blog/page/whats-the-difference-between-hashing-and-encrypting - A good example of the deference between Hash and Encryption
[viii] https://lbc.cryptoguru.org/stats - The Large Bitcoin Collider.
[ix] http://directory.io/ - A list of every possible Bitcoin private key. This website is a clever way of converting the 64 character uncompressed key to the private key 128 at a time. Since it is impossible to save all this data in a database and search, it is not considered a threat! It’s equated with looking for a single needle on the entire planet.
[x] https://uwaterloo.ca/institute-for-quantum-computing/quantum-computing-101#Superposition-and-entanglement – Brief overview of Superposition and Entanglement.
[xi] https://www.washingtonpost.com/world/national-security/nsa-seeks-to-build-quantum-computer-that-could-crack-most-types-of-encryption/2014/01/02/8fff297e-7195-11e3-8def-a33011492df2_story.html?utm_term=.e05a9dfb6333 – A review of the Penetrating Hard Targets project.
[xii] https://en.wikipedia.org/wiki/Post-quantum_cryptography - Explains post-quantum cryptography.
[xiii] https://www.nebulas.io/ - The nebulas project has some amazing technology planned in their roadmap. They are currently in testnet stage with initial launch expected taking place in a few weeks. If you don’t know about Nebulas, you should check them out. [xiv] https://en.wikipedia.org/wiki/Legality_of_bitcoin_by_country_or_territory - Country’s stance on crypto currencies.
[xv] https://www.cnbc.com/2017/08/30/venezuela-is-one-of-the-worlds-most-dangerous-places-to-mine-bitcoin.html - Don’t be a miner in Venezuela!
[xvi] http://www.newsweek.com/russia-bitcoin-avoid-us-sanctions-cryptocurrency-768742 - Russia’s plan for their own crypto currency.
[xvii] http://www.telegraph.co.uk/technology/2018/01/05/visa-locks-bitcoin-payment-cards-crackdown-card-issue - Recent attack from visa against crypto currency.
[xviii] https://www.ccn.com/non-government-digital-currency-junk-says-mastercard-ceo-rejecting-bitcoin/ - Mastercards position about Bitcoin.
[xix] http://www.livebitcoinnews.com/discover-joins-visa-mastercard-barring-bitcoin-support/ - Discovers position about Bitcoin.
[xx] http://fortune.com/2017/10/20/mastercard-blockchain-bitcoin/ - Mastercard is making their own blockchain.
[xxi] https://bitcoincore.org/en/2015/12/21/capacity-increase/ - News about Bitcoin capacity. Not a lot of news…
[xxii] https://learn.iota.org/faq/what-makes-iota-quantum-secure - IOTA and quantum encryption.
[xxiii] https://eprint.iacr.org/2011/191.pdf - The whitepaper of Winternitz One-Time Signature Scheme
[xxiv] https://cardanoroadmap.com/ - The Cardano project roadmap.
[xxv] https://eprint.iacr.org/2017/490 - More about the BLISS hash system.
[xxvi] https://www.ethereum.org/ - Home of the Ethereum project.
[xxvii] https://en.wikipedia.org/wiki/SHA-3#Security_against_quantum_attacks – SHA3 hash algorithm vs quantum computers.
[xxviii] https://en.wikipedia.org/wiki/Lamport_signature - Lamport signature information.
[xxix] https://theqrl.org/ - Home of the Quantum Resistant Ledger project.
submitted by satoshibytes to CryptoCurrency [link] [comments]

How to Brute Force a Bitcoin Wallet with Hashcat - YouTube How Does BitCoin Work? - YouTube How to start Bitcoin mining for beginners (SUPER EASY ... Bitcoin Basics (Part 1) - Should you click on the Initiative Q invitation? Future Bitcoin or an Upright Scam?

When a WIF private key is imported, it always corresponds to exactly one Bitcoin address. Any utility which performs the conversion can display the matching Bitcoin address. The mathematical conversion is somewhat complex and best left to a computer, but it's notable that the WIF guarantees it will always correspond to the same address no matter which program is used to convert it. The Bitcoin ... The maximum valid length of an email address is 254 chars and should be the length specified in the database. Additionally having lists of email addresses in a single column signifies to me that your data is not normalized and thus invalidates your answer further. – Mario Sep 26 '16 at 13:48. 1 @MGOwen First, you don't know the purpose of the database, in certain settings someone being ... Technical Bitcoin Address generation steps:-Generate a private key using an open-source library.-Usually, it is better to use a library to handle Private and Public keys for you so that you don ... Input in this transaction imports 50BTC from output # 0 in transactions f5d8…, then the output sends 50 BTC to a Bitcoin address (expressed here in the form of a hexadecimal system – 4043…). When the recipient wants to spend their money, he will reference this transaction’s output # 0 for his own transaction’s input. Input . The mining ecosystem. Input is a reference to the output of ... A Bitcoin invoice address, or simply invoice, is an identifier of 26-35 alphanumeric characters, beginning with the number 1, 3 or bc1 that represents a possible destination for a bitcoin payment. Invoices can be generated at no cost by any user of Bitcoin. It is also possible to get a Bitcoin invoice address using an account at an exchange or online wallet service.

[index] [18878] [8911] [15755] [2904] [15691] [18919] [31902] [42740] [21527] [38115]

How to Brute Force a Bitcoin Wallet with Hashcat - YouTube

Critics say this is not really free, because they can at least use your name and email address for marketing in the future. Supporters say, what website do you know who doesn’t ask you for this ... Some Helpful Links: • Buy Parts for a Mining Rig: http://amzn.to/2jSSsCz • Download NiceHash Miner: https://www.nicehash.com/?p=nhmintro • Choose a Wallet: h... Start mining Bitcoin today: https://pool.bitcoin.com Video: Inside America’s largest Bitcoin mining operation http://bitshare.cm/news/inside-americas-largest... If money is only valuable when we believe in it, how much is a BitCoin actually worth? Jonathan explains the virtual currency as well as how to mine it and t... Learn how to Brute-Force your Bitcoin core wallet using Hashcat. Get the Bitcoin2John.py script here: https://github.com/magnumripper/JohnTheRipper/blob/blee...

#