Bitcoin: charting the life and times of a cryptocurrency ...
Bitcoin: charting the life and times of a cryptocurrency ...
Can You Trust the Idea of Bitcoin? - dummies
How Long Does It Take To Mine 1 Bitcoin (BTC)? BTC Wires
Bitcoin: Continuation Long Setup Forming. Can You See It ...
How to Make Money With Bitcoin: Complete Guide for 2020
Everyday info sec, hardcore info sec, and DNMs
Edit: Currently writing a new version of this, dont know when it will be done. Edit: Since first post I have updated a few sections with additional information. I recommend reading it all even if it is very long, I might have placed some relevant info in different sections while thinking about what else needed to be added, plenty of steps remains mostly the same except when I comment directly on it. It is not necessary to do 100% security all the time, unless you absolutely need it, combining some high and some lower security ideas for a balance of security and convenience is useful. I will base this mostly on Windows, Linux users probably know this, and I have no idea how apple machines work (tho many things in here are still relevant for other operating systems, as they are just general tips) Disclaimer: There are certainly other steps that can make you more anonymous or safer, however I think for most people this will surfice. Any software I recommend should be independently verified for security, and examples of software are not to be taken as endorsements. I simply use examples and give recommendations when I believe it necessary, or helpful. I will not really differentiate between anonymity and security, they are often the same thing. As such the word security can mean either more anonymous, less vulnerable, or both. -------- Everyday Simple Info Sec:
Password for the device is an obvious one (8+ characters minimum, best if over +12), if there is sensitive information on any of the drives, either encrypt the entire drive or just the sensitive files, and make encrypted backups on a different memory storage device (There many programs to encrypt files and drives I'm sure a search will figure it out)
-There could be a hidden administrator user on your PC, make sure to change its password
Always use the device on a non admin account
a VPN that doesn't log (use with kill switch on, should be enough for everyday stuff, more safe stuff in the high security section) (VPNs that claim they don't log sometimes do, it's bad, but I would like to point out that not using a VPN will always expose your traffic to your ISP and also remove additional encryption. Even if the VPN tracks, there is no downside because your ISP would track anyways, and VPNs can be more anonymous, and also add extra encryption)
disable location tracking (preferably make all your privacy setting to release minimal info, get rid or cortana, change privacy settings in all of your accounts as well, there's no reason why you should allow Facebook to give you target ads. Use the setting they give you.
TOR, Firefox or similar browser, stay the fuck away from Google Chrome.
your preferred search engine should be duckduckgo (other privacy focused search engines exist as well)
use an adblocker that also prevents the adding of tacking cookies
Use pgp with all your friends or messaging services that implemented end to end encryption (Implemented services can still be bypassed, but are way more convenient so for everyday use they should suffice, some examples should be Telegraph, Signal, WhatsApp etc) (more info on pgp in high security section)
(Snapchat msgs, reddit dms, discord msgs, are just a few examples of msgs that are never encrypted) -Any info even send in encrypted msgs (and obviously non encrypted) should still be kept with possible deniability, don't say "I'm gonna do MDMA", say "I'm going out with molly."
use software (like ccleaner) that purges cookies and other data after every use, before shutting down your device
use a virus scanner daily (I like spy bot Search and destroy, many other options also exist)
never use the same password/passphrase twice (I will address what passphrase are below) (Better yet use randomized passwords that are stored in a master key chain, make them as long as possible (tho it is okay to go with the minimum of 12 never go below 7, I recommend 15+ depending on how often you have to manually enter the password instead of copying/pasting it) Don't generate too long keys for things you need to access regularly without copy/paste, except your master key ring)
its ideal to never use the same email or username as well, especially username, email is obviously tricky and also very annoying, but it would be best to always change the email.
-DO NOT STORE ANY PASSWORDS ON GOOGLE, IF GOOGLE LOGIN IS AUTHENTICATED IT WILL AUTFILL ALL PASSWORDS IT HAS SAVED (same with other similar services) (This means if you are logged in to chrome and someone has access to your machine, they can auto fill passwords without entering a single password) -use a rememberable passphrase, especially for your master key ring aka password manager A long sentence that is memorable makes an okay password (decent example,: "I met my wife at Little Ceasers for the first time on 07/09/20" better even if it's just something you know, if its impersonal, and if you can add special characters or numbers that you won't forget) (A better example for a passphrase is: "There is 0nly 0ne letter that d0esn’t appear in any U.S. state nameQ")
for your main password manager(key ring), I highly recommend Keepass 2, make backups of the file save to separate devices and drives (Flash drives, phone, PC, laptop, etc, if you loose that file, you lose all of your passwords) (Other good password managers exist as well, I don't recommend online password managers as you lose the control over passwords)
-Purge your internet activity frequently, there's a reason why I only have one post, and a few comments appearing in my account, but thousands of kama. Exposing information needlessly is not good. -Never post private information publicly, and if you do, do it vaguely as possible. (Example: Not "I'm 15", say "I'm a teenager") Do not post any vital information ever, no birthdays, mother's maiden name, age, or anything you have ever seen in a security question. Never post your current activities while they are ongoing. You going on a vacation? Don't announce it to the world, taking picture there? Post them when you are home.
Any account that is supposed to remain anonymous and as secure as possible should only be used on secured devices. A unsecured device can link you to the account.
always shutdown your machine when leaving it (To prevent access, and to prevent a possible attack vector)
2 factor factor authentication is not great anymore. Unless you can do it over a anonymous source. A cell phone is usually directly connected to you, so it is not a anonymous device. There might still be secure/anonymous 2 factor authentication methods that won't expose you, for example over a secure email. (If there is 2FA that doesn't need a device that removes anonymity and is secure, use it.) (Please don't misunderstand, 2FA is great, however it can remove the anonymity that you worked hard to establish)
-Rethink how you do security questions. Many answers to security questions can be found in your internet history. One could use the first word of the security question as an answer, or a different sceme that will mean you always remember it. (Security question need to go, the amount of personal info an average person puts on the internet makes it easy to attack anything using security question) -------_ High level crimimal information security: The motto here is, "All the Security, All the Time" As one fuck up can end with you leaving a lick of traceability, and you could be fucked. Pre Note: All of your software should always be up to date. Also even perfect info sec does not guarantee you are completely safe, a new zero day (exploit) can still fuck you, but good info security makes you significantly safer, by eliminating as many attacks as possible. -Get a new device (or make a already owned device seem like you never owned it, do this only if you know how to, there's a lot of stuff that goes into that, like changing your mac adress etc) buy with cash, and your face covered, preferably far away from where you live. (Do I need to specify to not bring your phone or anything else that tracks your location to anywhere you want to go anonymously?) (Be aware that even hardware can have vulnerabilities, many cpus have known vulnerabilities, I can't list them all, do some research before buying)
Do not EVER use a high security device at any lower level of security. There are unique identifiers to your device, exposing them once can expose you for everything you do.
-If you know how to use Tails (A linux distro designed for Info sec) use that, preferably on a USB. (Or learn how to use tails, its better, but complicated) Otherwise a clean copy of windows (make sure its not in any way associated with you) can do the job too, tho not as well. (Using a VM might give extra security, since VMs usually erase all data and RAM they were using on shutdown) -Get a non tracking VPN, Enable the kill switch (a setting that disables all traffic that doesn't go through the VPN) (change your firewall settings to only allow the traffic from the VPN, windows guide (Change settings so only traffic from the tor application is send) Edit: (Due to complaints: do not use vpn over tor, use tor over vpn. tor over vpn has no notable downside, if the VPN logs it makes no difference, your ISP will always log anyways, and vpns remove other attack vectors and also provide backup security should tor fail. Again even if the VPN tracks you only change the people doing the tracking, but now you are further removed making it more anonymous and also with less vulnerabilities) -rember privacy settings, cookie cleaner, and antivirus, password (There could be a hidden administrator user on your PC, make sure to change its password) -Always use the device on a non admin account
-Ideally use this device only on networks that are not connected with you. Such as public networks (try to never use the same public networks twice, move around) (a home network should be fine now, as it should never be exposed, but more security is always better) (Its just a conveniences vs security trade) -Never use accounts that have been exposed to lower security on higher security machines -your browser is now TOR (or your preferred security focused browser, if you dont plan on using onion ) Make sure you get the standalone version of tor not the addon build (the standalone is safer, because there are less settings and options to tweak) -Change your tor settings, to safest mode, enable a bridge (to my knowledge there's no difference in security between the build in bridges in tor), enable automatic updates, set duckduckgo onion as your primary browser. Set dark.fail onion page as your home page. (Or your preferred privacy search engine and onion directory)
set up a new pgp (can't use the same one you use for regular use, again less safer accounts are never used on safer devices) Cleopatra is my choice, its simple to use. Make sure you back up the private key multiple times, on safe devices. (Dont let the private key fall into anyone's hands) Give it a generic name like "HighSecurityPGP" do not give the pgp key pair a name that could identify you. (No initials etc) (Some pgp key pair programs want an associated email for a key pair, you can create a safe email, or which I recoend you can use a different program (like Cleopatra) (Feds & LEOs are known to copy private keys if they have your machine, so you will need to set up a new key pair if they ever take a device with a private key copy)
a high security machine that facilitates criminal activity can not use many programs. Many programs collect your devices mac adress, which is a unique identifier, amongst other things. It's should be used only for the activity you want to do.
-------_ How to use dark net markets (DNMs) If you finished your High Security setup, we can dive right in. Otherwise go do that. This is where all that is essential. Quick info on Tor, and onion sites. There is no search engine. It's all based of directories and addresses you are given by others. Tor will likely not be very quick, it has to pass through multiple networks to get to the destination. DNMs sometimes exit scam, an exit scam is when a market shuts down completely and takes all the money, this is a risk when using DNMs, it's not too common but happens maybe 0-4 times a year. The admins of thoese servers need to get out at some point, before they get jailed, so they exit the game, and scam everyone out of their money. -A very useful onion directory is dark.fail it has a lot of links, for all kinds of stuff. News, email, DNMs, Psychonautwiki (harm reduction website), forums etc. (Other directories also exist) -Pick a market, preferably one that handles secure connection server side instead of requiring you to establish the secure connection. Then create an account. Your account once created should include an entry box in your profile for a pgp key, post your PUBLIC key in there. (Verify the link is not a scam, most markets should provide a pgp signature) -Next is currency setup. All major cryptocurrency exchangers can be used, I can recommend coin base but there could be better ones out there. Unless you find a small non U.S., exchange, they will always ask for your identity. So unless you can find a trustworthy exchange that doesn't ID, you will need to give it to them. (Side note, all major crypto exchangers report to the IRS, if the IRS asks you if you bought cryptocurrency and you bought while having IDed yourself SAY YES, DO NOT COMMIT TAX FRAUD WHEN THEY KNOW YOU DID)
I recommend using Monero, it's hard to track, so it makes your job a lot easier. (If you use bitcoin you should run it through a scrambler, because BTC is tracable to anyone who knows what they are doing)
-Transfer (monero you can send directly, btc you should scramble) to your wallet. There are two options a cold wallet (physical) or a software wallet. Software wallets usually dont cost anything so I recommend them, even if often less safe. Electrum is easy to use, and pretty safe. You can also do your own research and find a wallet that fits your needs.
decide where you want to ship it. You can send to your home, to a PO box, to a PO box that you opened with a fake ID (I don't recommend), an abandoned house, general mail (sending to a post office instead of a street adress) pickup up with fake ID, use a remailing service. These are some options, sending it to your own home, isn't ideal, but its pretty much the only easy way.
-now you are ready to buy, only buy using escrow (it means the money is held by the market as a middle man until the product is delivered, they will also handle any issues like wrong quantity, cuts, etc), judge the reviews for a product, and if available look at the history of the vendor, until you find a product from a vendor you trust. (I recommend to buy within your country as much as possible, so it doesn't go through customs, it's very rare that something is found, but it can happen) -now you get to buy, depending on market, you either have cryptocurrency stored in their wallets (not recommend, you will lose it in an exit scam) or you can send it every order. When you send your delivery adress (or the one you want it to go to) encrypt the adress using the sellers public key. Make sure the adress is correct. -wait for the product, make sure to extend the escrow until the product arrives, if you can't extend it anymore dispute the order, and a moderator will step in -test the product, use it, and leave a review. PLEASE LEAVE A REVIEW, DNMs only work because of reviews. Edit: Didn't imagine I would write over 15000 words. Oh well, it was fun. Hope it helps, if you have any questions feel free to ask. No idea how long this will stay up, I might purge it in 7 days, or never.
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/ Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners? And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess. First, let's consider some principles of Bitcoin.
You the HODLer should be the one who controls where your money goes. Your keys, your coins.
You the HODLer should be able to coordinate and make contracts with other people regarding your funds.
You the HODLer should be able to do the above without anyone watching over your shoulder and judging you.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so). So, how does Taproot affect those principles?
Taproot and Your /Coins
Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash). (technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input). However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits! Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh? With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save! And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well! (P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1) Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service! So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win! (even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot) And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!
Taproot and Your Contracts
No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade. So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust. Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade. However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade. In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address. Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants). But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer). Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos). (technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).
Taproot and Your Contracts, Part 2: Cryptographic Boogaloo
Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code. This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded. And you can do that, with HTLCs, today. Of course, HTLCs do have problems:
Privacy. Everyone scraping the Bitcoin blockchain can see any HTLCs, and preimages used to claim them.
This can be mitigated by using offchain techniques so HTLCs are never published onchain in the happy case. Lightning would probably in practice be the easiest way to do this offchain. Of course, there are practical limits to what you can pay on Lightning. If you are buying something expensive, then Lightning might not be practical. For example, the "software" you are activating is really the firmware of a car, and what you are buying is not the software really but the car itself (with the activation of the car firmware being equivalent to getting the car keys).
Even offchain techniques need an onchain escape hatch in case of unresponsiveness! This means that, if something bad happens during payment, the HTLC might end up being published onchain anyway, revealing the fact that some special contract occurred.
And an HTLC that is claimed with a preimage onchain will also publicly reveal the preimage onchain. If that preimage is really the activation key of a software than it can now be pirated. If that preimage is really the activation key for your newly-bought cryptographic car --- well, not your keys, not your car!
Trust requirement. You are trusting the developer that it gives you the hash of an actual valid activation key, without any way to validate that the activation key hidden by the hash is actually valid.
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar". Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you. Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige). (Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key). So:
Privacy: PTLCs are private even if done onchain. Nobody else can learn what the private key behind the public key is, except you who knows the adaptor signature that when combined with the complete onchain signature lets you know what the private key of the activation key is. Somebody scraping the blockchain will not learn the same information even if all PTLCs are done onchain!
Lightning is still useful for reducing onchain use, and will also get PTLCs soon after Taproot is activated, but even if something bad happens and a PTLC has to go onchain, it doesn't reveal anything!
Trust issues can be proven more easily with a public-private keypair than with a hash-preimage pair.
For example, the developer of the software you are buying could provide a signature signing a message saying "unlock access to the full version for 1 day". You can check if feeding this message and signature to the program will indeed unlock full-version access for 1 day. Then you can check if the signature is valid for the purported pubkey whose private key you will pay for. If so, you can now believe that getting the private key (by paying for it in a PTLC) would let you generate any number of "unlock access to the full version for 1 day" message+signatures, which is equivalent to getting full access to the software indefinitely.
For the car, the manufacturer can show that signing a message "start the engine" and feeding the signature to the car's fimrware will indeed start the engine, and maybe even let you have a small test drive. You can then check if the signature is valid for the purported pubkey whose privkey you will pay for. If so, you can now believe that gaining knowledge of the privkey will let you start the car engine at any time you want.
(pedantry: the signatures need to be unique else they could be replayed, this can be done with a challenge-response sequence for the car, where the car gathers entropy somehow (it's a car, it probably has a bunch of sensors nowadays so it can get entropy for free) and uses the gathered entropy to challenge you to sign a random number and only start if you are able to sign the random number; for the software, it could record previous signatures somewhere in the developer's cloud server and refuse to run if you try to replay a previously-seen signature.)
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script. (technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)
Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable?? Well, in theory yes. In practice, they probably are not. It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash. When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key. So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key. (public keys should be public, that's why they're called public keys, LOL) And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions. So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort. Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers. For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
Current quantum computers can barely crack prime factorization problem for primes of 5 bits.
The 256-bit elliptic curve use by Bitcoin is, by my (possibly wrong) understanding, equivalent to 4096-bit primes, so you can see a pretty big gap between now (5 bit primes) and what is needed (4096 bit primes).
A lot of financial non-Bitcoin systems use the equivalent of 3072-bit primes or less, and are probably easier targets to crack than the equivalent-to-4096-bit-primes Bitcoin.
Quantum computers capable of cracking Bitcoin are still far off.
Pay-to-public-key-hash is not as protective as you might think.
We will probably see banks get cracked before Bitcoin, so the banking system is a useful canary-in-a-coal-mine to see whether we should panic about being quantum vulnerable.
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).
If you are a singlesig HODL-only Bitcoin user, Taproot will not affect you positively or negatively. Importantly: Taproot does no harm!
If you use or intend to use multisig, Taproot will be a positive for you.
If you transact onchain regularly using typical P2PKH/P2WPKH addresses, you get a minor reduction in feerates since multisig users will likely switch to Taproot to get smaller tx sizes, freeing up blockspace for yours.
If you are using multiparticipant setups for special systems of trade, Taproot will be a positive for you.
Remember: Lightning channels are multipartiicpiant setups for special systems of lightning-fast offchain trades!
I Wanna Be The Taprooter!
So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!
If you have developer experience especially in C, C++, or related languages
Review the Taproot code! There is one pull request in Bitcoin Core, and one in libsecp256k1. I deliberately am not putting links here, to avoid brigades of nontechnical but enthusiastic people leaving pointless reviews, but if you are qualified you know how to find them!
But I am not a cryptographeBitcoin Core contributomathematician/someone as awesome as Pieter Wuille
That's perfectly fine! The cryptographers have been over the code already and agree the math is right and the implementation is right. What is wanted is the dreary dreary dreary software engineering: are the comments comprehensive and understandable? no misspellings in the comments? variable names understandable? reasonable function naming convention? misleading coding style? off-by-one errors in loops? conditions not covered by tests? accidental mixups of variables with the same types? missing frees? read-before-init? better test coverage of suspicious-looking code? missing or mismatching header guards? portability issues? consistent coding style? you know, stuff any coder with a few years of experience in coding anything might be able to catch. With enough eyes all bugs are shallow!
If you are running a mining pool/mining operation/exchange/custodial service/SPV server
Be prepared to upgrade!
One of the typical issues with upgrading software is that subtle incompatibilities with your current custom programs tend to arise, disrupting operations and potentially losing income due to downtime. If so, consider moving to the two-node setup suggested by gmax, which is in the last section of my previous post. With this, you have an up-to-date "public" node and a fixed-version "private" node, with the public node protecting the private node from any invalid chainsplits or invalid transactions. Moving to this setup from a typical one-node setup should be smooth and should not disrupt operations (too much).
If you are running your own fullnode for fun or for your own wallet
Be prepared to upgrade! The more nodes validating the new rules (even if you are a non-mining node!), the safer every softfork will be!
If you are using an SPV wallet or custodial wallet/service (including hardware wallets using the software of the wallet provider)
Contact your wallet provider / SPV server and ask for a statement on whether they support Taproot, and whether they are prepared to upgrade for Taproot! Make it known to them that Taproot is something you want!
But I Hate Taproot!!
Raise your objections to Taproot now, or forever hold your peace! Maybe you can raise them here and some of the devs (probably nullc, he goes everywhere, even in rbtc!) might be able to see your objections! Or if your objections are very technical, head over to the appropriate pull request and object away!
Maybe you simply misunderstand something, and we can clarify it here!
Or maybe you do have a good objection, and we can make Taproot better by finding a solution for it!
Transcript of how Philip the tyrant admin of the Bitcoin Cash Telegram group called Spoice stupid, an idiot, a parrot among other insults then banned her instead of discussing Bitcoin Cash. That Telegram group is hostile, ABC/IFP shills run and follows the rBitcoin toxic censorship modus operandi.
David B., [18.10.20 01:46] https://www.reddit.com/btc/comments/jdagi3/whats_up_with_the_bchn_hypocrisy/ David B., [18.10.20 01:47] Wut x2 J Stodd, [18.10.20 01:49] [In reply to David B.] Their words are meaningless. They have no principles. Wish i could comment but bitcoinxio banned me from rbtc and never told me why David B., [18.10.20 01:59] These comments are so toxic Spoice, [18.10.20 01:59] In reality, the real continuation of Bitcoin as we all know it is what is carried on by BCHN, BU, BCHD and others Spoice, [18.10.20 02:00] ABC is changing the rules to something that is not Bitcoin Spoice, [18.10.20 02:00] anyone denying those facts is selling you snake oil Spoice, [18.10.20 02:00] If Blockstream tried to take some % to their own benefit, we would have never needed BCH in the first place Spoice, [18.10.20 02:00] everyone would have rejected them in a second J Stodd, [18.10.20 02:01] [In reply to Spoice] Bitcoin Cash is not Bitcoin to start with, so who cares? David B., [18.10.20 02:01] [ Album ] Spoice, [18.10.20 02:01] yet we have ABC trying to pull this theft and all those puppets think it's ok Spoice, [18.10.20 02:01] JSTodd that's bullshit David B., [18.10.20 02:01] Like trying to talk to a core maxi about altcoins Spoice, [18.10.20 02:01] Bitcoin Cash is the most Bitcoin out of all Bitcoins Spoice, [18.10.20 02:01] it is the continuation of what Satoshi started David B., [18.10.20 02:02] Tbh they aren't even toxic Michael Nunzio, [18.10.20 02:02] [In reply to Spoice] If the hash follows then it is Bitcoin Cash. Only if it doesn't is your claim true J Stodd, [18.10.20 02:03] [In reply to Spoice] Bitcoin is Bitcoin. Bitcoin failed to be Peer to Peer Cash, so Bitcoin Cash attempted to fix this by forking Bitcoin and attacking the root of the problem. This does not mean Bitcoin Cash is literally Bitcoin. Adopt a different argument. Sorry if you bought into that bc of Rogers rantings J Stodd, [18.10.20 02:05] Bitcoin Cash can replace Bitcoin, and if Bitcoin dies and BCH wins then sure maybe it can take its name from its grave, but they are different products, trying to say Bitcoin stopped being "Bitcoin" and became BCH is a self contradiction. Jingles, [18.10.20 02:08] Jstodd's got some good points. Jingles, [18.10.20 02:08] He's learnt so much in the last year ☺️ Spoice, [18.10.20 02:08] "Bitcoin is Bitcoin" is a false statement. BTC is just an instance of Bitcoin. Bitcoin is the set of rules defined in the whitepaper first and foremost, it is peer to peer electronic cash. BTC no longer fits that criteria. Bitcoin Cash meets them. The fork proposed by ABC also fails to meet that criteria. Therefore the continuation of Bitcoin is in whatever BU, BCHN, Flowee and others will continue. Jingles, [18.10.20 02:09] What rules were defined in the WP? Spoice, [18.10.20 02:10] Let's see which rules aren't: 1) No coinbase tax going to any centralized entity such as ABC 2) No throttling of TX throughput such as BTC Spoice, [18.10.20 02:10] therefore they both fail the simple "Is this Bitcoin?" test Spoice, [18.10.20 02:11] Finally, Michael, if you think Hash rate defines what Bitcoin is, you should stick to BTC Jingles, [18.10.20 02:11] 21 million coins isn't in the WP Jingles, [18.10.20 02:11] I asked what rules did the WP define. Spoice, [18.10.20 02:12] Because BCH failed that criteria since it forked, therefore your point is wrong Spoice, [18.10.20 02:12] https://www.metzdowd.com/pipermail/cryptography/2009-January/014994.html Spoice, [18.10.20 02:12] The announcement of the white paper included the 21 million limit, close enough Jingles, [18.10.20 02:12] HIs announcement isn't the WP Spoice, [18.10.20 02:12] show me where Satoshi said that Amaury shoudl tax the chain? Spoice, [18.10.20 02:12] Doesn't matter- close enough Jingles, [18.10.20 02:12] Bitcoin is the set of rules defined in the whitepaper first and foremost - You Jingles, [18.10.20 02:13] My ears pricked up on that comment, so I'm asking you what you meant. Spoice, [18.10.20 02:13] Correct. Changing the 21 million hard limit is still more Bitcoin than taxing the Coinbase, yet both will never ever happen. Not to Bitcoin anyway Jingles, [18.10.20 02:13] If you meant Satoj's writings pre and post WP then you should be clear about it Spoice, [18.10.20 02:13] some bastardized chain might, just not Bitcoin Jingles, [18.10.20 02:14] The closest we have to anything to indicate what is "Bitcoiness" is general things like "the longest chain" Spoice, [18.10.20 02:14] No, it is never a single thing David B., [18.10.20 02:15] REEEE Jingles, [18.10.20 02:15] trustless, no single trusted third parties, and rules can change due to incentives via consensus Spoice, [18.10.20 02:15] it is a set of common sense and experiment driven and historical relevance and initial parameters and "peer to peer electronic cash" definition indicators Spoice, [18.10.20 02:15] never a single thing Jingles, [18.10.20 02:16] [In reply to Spoice] This is like the exact opposite of what you said earlier Jingles, [18.10.20 02:16] Bitcoin is defined by the rules in the WP, I mean common sense. Jingles, [18.10.20 02:16] 🤷♂️ Spoice, [18.10.20 02:16] Nope, the rule set is defined in the white paper should never change, but I never said all rules are defined in the white paper Jingles, [18.10.20 02:16] What rules? Spoice, [18.10.20 02:16] It is a union Jingles, [18.10.20 02:17] What rules are there? Spoice, [18.10.20 02:17] Rules in the white paper + what continued to define Bitcoin thereafter J Stodd, [18.10.20 02:17] [In reply to Spoice] > "Bitcoin is Bitcoin is a false statement." Alas, if we cannot agree on the law of identity, aka A=A, then i dont understand how to hold a conversation with you using logic. > BTC is an instance of Bitcoin No, BTC is a ticker used optionally by exchanges. Other common tickers for bitcoin include XBC, XBT, BC (correct me if im wrong on any of these) > "Bitcoin is a set of rules in the whitepaper" Super hard to defend this. Theres no mention of a 21M supply cap, no blocksize limit *at all*, and it also says additional rules and incentives can be enforced (implying maybe they should). Jingles, [18.10.20 02:17] I go through this with BSVers all the time. We have no spec sheet of rules defining what Bitcoin is from Satoshi. Spoice, [18.10.20 02:18] Rules such as what defines a correct block, miners receiving the full incentive of mining it, etc Jingles, [18.10.20 02:18] The WP is a highlevel document Spoice, [18.10.20 02:18] The WP is a description of a scientific experiment Spoice, [18.10.20 02:18] if you want to start your own experiment, be my guest Jingles, [18.10.20 02:18] [In reply to Spoice] Valid tx rules aren't defined in the WP Spoice, [18.10.20 02:18] just don't try to call it Bitcoin Jingles, [18.10.20 02:19] The word majority is in the WP an awful lot wouldn't you say? Spoice, [18.10.20 02:19] Not valid TX rules, but what a proof of work block is and how it diverts the reward to the miner, etc Jingles, [18.10.20 02:20] [In reply to Spoice] and? what about BTC doesn't apply? Jingles, [18.10.20 02:20] I'm not arguing for any fork of BCH here. Spoice, [18.10.20 02:20] It no longer meets the very title of the white paper experiment, "Peer to peer electronic cash" Spoice, [18.10.20 02:20] The BTC instance of the experiment is destined to move away from the very title of the white paper Jingles, [18.10.20 02:20] It's electronic, and I use it like cash. Spoice, [18.10.20 02:20] that the maintainers even wanted to edit the white paper (Cobra and co) because of this fact J Stodd, [18.10.20 02:20] u/Spoice When did BTC stop being Bitcoin in your view? The day Amaury decided to launch the fork, before Segwit happened? If someone else launched a fork first, they would have been "the real bitcoin"? This is a game of whoever forks first becomes the real Bitcoin? What if two people launched a fork at the exact same time, maybe even with identical specs? Jingles, [18.10.20 02:21] Where did I go wrong? Jingles, [18.10.20 02:21] [In reply to Spoice] Did they? Spoice, [18.10.20 02:21] Doesn't matter if you use it today, its very technical fabric will have to move your transactions to 2nd layers and it will no longer be peer to peer electronic cash on chain Jingles, [18.10.20 02:21] peer to peer electronic cash on chain - Not in the wp Jingles, [18.10.20 02:22] We have satoj talking about HFT with sidechannels. Jingles, [18.10.20 02:22] So what? Jingles, [18.10.20 02:23] I think this is a good discussion Phil, nothing disrespectful is being said. I hope this is ok? Spoice, [18.10.20 02:23] Doesn't matter, the rule of common sense, which is closer to that title? Increasing a simple variable (Blocksize) to stay on track of the title and experiment, or introduce IOUs and Watchtowers and channels and locked BTC and that whole LN Bastardization? Which is close to the title? Jingles, [18.10.20 02:23] No one said that can't happen Michael Nunzio, [18.10.20 02:24] [In reply to Spoice] Congratulations you've made an argument which isn't an argument. Jingles, [18.10.20 02:25] The whole thing that was said was the system is based on majority rules, and incentives can be changed. Majority breaks any deadlock. David B., [18.10.20 02:25] How to kill a coin 101 Spoice, [18.10.20 02:25] Logic fails anyone who tries to claim BTC, ABC, BSV or any similar standalone experiments as Bitcoin, because of simple sanity checks and logic checks, often stemming out of common sense - If what you have moves you a single step away from what is otherwise the same old experiment which Satoshi wrote about and unleashed, you're not Bitcoin. If what you have moves you a step closer, it is Bitcoin. and so on and so forth. Phlip - Not giving away coins, [18.10.20 02:25] Wow, really fanatical almost religious statements. I guess its Sunday morning. Jingles, [18.10.20 02:27] [In reply to Spoice] There's nothing common about common sense. You point to the WP to make a point, and your point isn't in there. Spoice, [18.10.20 02:27] Throttled and you need off-chain IOUs and always-on services to function (BTC) ? Not Bitcoin. Requires permission to be used and could be centrally confiscated on the whim of the organization behind it (BSV)? Not Bitcoin. Premined (Bitcoin Gold, Diamond)? Not Bitcoin. Taxing the miners through Coinbase and changing the incentives which were at play since day 0 (ABC)? Not Bitcoin Spoice, [18.10.20 02:27] simple checks really, yet those who are set to benefit will of course be oblivious to these Phlip - Not giving away coins, [18.10.20 02:28] This whole “Bitcoin Cash is the true Bitcoin - see whitepaper” is really stupid. It also ignores the history of how Bitcoin Cash came into existence Jingles, [18.10.20 02:28] Phillip, remove anyone here that has said Bitcoin Gold was the original Bitcoin immediately Jingles, [18.10.20 02:28] ^^^^ Jingles, [18.10.20 02:29] [In reply to Phlip - Not giving away coins] It falls to pieces the moment it's questioned. Spoice, [18.10.20 02:29] It is not about "True" Bitcoin Spoice, [18.10.20 02:30] It is about the Bitcoin closest to the experiment which always was Spoice, [18.10.20 02:30] I don't care about "True" or not, they all are true Phlip - Not giving away coins, [18.10.20 02:30] [In reply to Jingles] Sorry, I hve stopped reading all the sillyness above. Will reread later Jingles, [18.10.20 02:30] [In reply to Phlip - Not giving away coins] I'm joking around 😂 Spoice, [18.10.20 02:30] but the rule of entropy says I shouldn't place my money nor effort in experiments which are set to fade eventually, because they have skewed incentives Phlip - Not giving away coins, [18.10.20 02:31] [In reply to Spoice] You get to chose that for yourself but you do not get to dictate it for others David B., [18.10.20 02:31] [In reply to Phlip - Not giving away coins] Don't read it. You will have no braincells left Spoice, [18.10.20 02:31] Bitcoin as we know it has a long track record of incentives which work Spoice, [18.10.20 02:31] I won't ever dictate it for others Spoice, [18.10.20 02:31] I only would dictate it for myself, just like how I never use BTC or BSV today, I won't use ABC tomorrow Spoice, [18.10.20 02:32] only because they're new experiments Spoice, [18.10.20 02:32] interesting, and I wish them luck Jingles, [18.10.20 02:32] "Bitcoin is Bitcoin" is a false statement - Spoice 2020 Spoice, [18.10.20 02:32] but I would rather stick to the Bitcoin I know Spoice, [18.10.20 02:32] that's all Jingles, [18.10.20 02:32] I won't ever dictate it for others - Also Spoice Phlip - Not giving away coins, [18.10.20 02:32] Bitcoin Cash came with a plan snd goals. They were clearly presented in two presentations that happened before viabtc announced they would mine with ABC software and create a coin and chain named Bitcoin Cash Spoice, [18.10.20 02:32] Yes, because he means BTC is Bitcoin, and that's a false statement Jingles, [18.10.20 02:32] How is it false? Spoice, [18.10.20 02:32] It is an instance of Bitcoin Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:33] [In reply to Michael Nunzio] you're looking intimidatingly handsome in your new profile picture Phlip - Not giving away coins, [18.10.20 02:33] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] Lol Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:33] [In reply to J Stodd] actually a good question Spoice, [18.10.20 02:34] Anyway, those are my two cents Spoice, [18.10.20 02:34] Everyone is free to choose which experiments to pour their effort on and their money in Phlip - Not giving away coins, [18.10.20 02:34] [In reply to Spoice] You are entitled to your opinion. Spoice, [18.10.20 02:34] Andreas is publishing Lightning Network books, I mean Spoice, [18.10.20 02:34] So to each his own Phlip - Not giving away coins, [18.10.20 02:35] [In reply to Spoice] Lets leave it at that Spoice, [18.10.20 02:35] but Bitcoin as I know it continues with no Tax, and that in my opinion is BCH with no tax Phlip - Not giving away coins, [18.10.20 02:35] Ah you had to continue Phlip - Not giving away coins, [18.10.20 02:36] Good thing no tax is proposed by anyone Spoice, [18.10.20 02:35] Isn't this the Bitcoin Cash telegram? Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:35] 😅 Spoice, [18.10.20 02:36] If I don't discuss Bitcoin Cash here, where should I? Spoice, [18.10.20 02:36] Tax, IFP, call it what you will Spoice, [18.10.20 02:36] from my perspective as a user, it's one the same J Stodd, [18.10.20 02:36] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] I bet nobody will answer it, either Phlip - Not giving away coins, [18.10.20 02:37] [In reply to Spoice] Apparently btc /s David B., [18.10.20 02:37] [In reply to Spoice] As a user what do you care? Jingles, [18.10.20 02:37] Ooh, can I shill the Bitcoin room in here? Spoice, [18.10.20 02:37] Nah, I prefer quick responses and chats Spoice, [18.10.20 02:37] Reddit is broken Phlip - Not giving away coins, [18.10.20 02:37] [In reply to Jingles] Lol J Stodd, [18.10.20 02:37] [In reply to Spoice] Nobody even pays it, it just comes out of the block reward. The block reward is not sentient, it cannot be stolen from or wronged Phlip - Not giving away coins, [18.10.20 02:37] Dont push your luck 😉 Jingles, [18.10.20 02:37] [ 😀 Sticker ] Michael Nunzio, [18.10.20 02:38] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] You too brother. 🙏 Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:38] [In reply to Michael Nunzio] but mine is the same....i need new ones everyone always calls me fat because of this one Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:38] literally if i say 1 thing to any troll anywhere first thing they say is "ok fatass" Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:38] i blame this dumb photographer Michael Nunzio, [18.10.20 02:38] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] Don't listen. Phlip - Not giving away coins, [18.10.20 02:39] u/spoice maybe write a read.cash article if you really feel you need to educate people Spoice, [18.10.20 02:39] David, as a user I believe that each new experiment carries risk with it, why should I take part in a new fork of Bitcoin which has a new set of game-theory rules which doesn't even benefit me, rather it benefits some other entity which will take 5% of any effort or economic activity I produce on this chain? They're also off-loading the risk to me as a usebuildebusiness who choose to join their experiment. Spoice, [18.10.20 02:40] Why should I take that risk while the Bitcoin I know and have known for over 10 years worked perfectly for me thus far? (BCH, that is) Jingles, [18.10.20 02:40] small fees and empty blocks? Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:41] It will insure that a centralized group has control over development and they are by decree in the code, it's a literal take over. Phlip - Not giving away coins, [18.10.20 02:41] [In reply to Spoice] “BSV-freeze the protocol - true Bitcoin” sounds like more your thing David B., [18.10.20 02:41] [In reply to Spoice] Better run bitcoin core 0.1 Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:41] Imagine if satoshi keyd his address in the code to be paid out of every block, but instead of paying himself started a company "Bitcoin Dev Co" Spoice, [18.10.20 02:42] Not really, BSV kills the incentives I am discussing too Phlip - Not giving away coins, [18.10.20 02:42] [In reply to Jingles] Please stay nice now Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:42] No one would ever be able to say Bitcoin was Decentralized, Bitcoin Dev Co would get paid directly from the reward. Jingles, [18.10.20 02:42] [In reply to Phlip - Not giving away coins] "BSV: We have all the Bad Idea. On chain" Spoice, [18.10.20 02:42] The Nash equilibrium we have tested for the past 10 years will be changed with ABC, it changed with BTC and BSV too Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:42] "Bad Solutions Verified" Spoice, [18.10.20 02:42] that game-theory set of incentives Spoice, [18.10.20 02:43] why would I want to take a risk with any of those experiments when I gain 0? David B., [18.10.20 02:43] Better run bitcoin core 0.1 Spoice, [18.10.20 02:43] Nope, you're talking technical freezing of development, that's not what I am addressing Jingles, [18.10.20 02:43] [In reply to David B.] Thats the BTC chain though Phlip - Not giving away coins, [18.10.20 02:43] [In reply to Spoice] O please share with us your background in the subject. Or are you now just parroting others Spoice, [18.10.20 02:44] BSV wants to freeze the technical development and they want a stable protocol from an API/development perspective Spoice, [18.10.20 02:44] but from an incentive ruleset perspective, they already butchered the equilibrium Bitcoin had Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:44] [In reply to Phlip - Not giving away coins] That's one of those phrases, when you hear it you know they are just a parrot of someones propaganda. "MUH NASH EQUILIBRIUM!" David B., [18.10.20 02:44] Stable = bad? Jingles, [18.10.20 02:45] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] I love you Spoice, [18.10.20 02:45] Philip, for an admin you are ought to be nicer, if you think I am parroting others you're free to think that, but to state it so bluntly in your position is just... wrong Spoice, [18.10.20 02:46] If you think the point I made is wrong, discuss it Phlip - Not giving away coins, [18.10.20 02:46] [In reply to Jingles] Maybe talk to him in DM about that?😉 Spoice, [18.10.20 02:46] not me Jingles, [18.10.20 02:46] [In reply to Phlip - Not giving away coins] working on it. Phlip - Not giving away coins, [18.10.20 02:46] [In reply to Spoice] I ought to be nicer...😂😂😂 Spoice, [18.10.20 02:47] Also, anyone who studied Bitcoin at length and its set of incentives and game-theory ruleset should know what a Nash Equilibrium is and who the players are in the Bitcoin game Phlip - Not giving away coins, [18.10.20 02:47] [In reply to Spoice] You state as fact. You get to dhow why your statements or opinions are even relevant. Spoice, [18.10.20 02:48] If it's not a fact, highlight how Spoice, [18.10.20 02:48] don't attack me Spoice, [18.10.20 02:48] prove me wrong Spoice, [18.10.20 02:48] if you fail that simple debate test David B., [18.10.20 02:48] How's that breakfast helping? Spoice, [18.10.20 02:48] you should rename from Janitor to Tyrant Jingles, [18.10.20 02:48] I'm still waiting to see the defined rules as per the wp Michael Nunzio, [18.10.20 02:49] [In reply to Spoice] Didn't know this was stand up comedy night in here. Michael Nunzio, [18.10.20 02:49] I missed the memo Phlip - Not giving away coins, [18.10.20 02:49] If I have to prove all idiots on the internet wrong I would have a hard time. You are starting to really waste everybody’s time. You state, you prove. Or you are just generating noise Phlip - Not giving away coins, [18.10.20 02:50] [In reply to Spoice] Be careful now. Michael Nunzio, [18.10.20 02:50] Noisy bugger. Phlip - Not giving away coins, [18.10.20 02:52] Getting close to just do some cleaning up. Spoice, [18.10.20 02:52] If you can't debate technical points I am making about Bitcoin Cash on a Bitcoin Cash Telegram, and within the span of 10 minutes you called me stupid, idiot, noisy and a parrot, you absolutely are a tyrant and I stand by my point: You should not be an admin here, nor anywhere actually. If you think I should be careful for the fear of you banning me, go ahead. You still fail to debate the simplest technical point and yet claim you can "but can't be bothered to". You remind me of that Thermos guy. Spoice, [18.10.20 02:53] How do people with 0 technical know how end up in these admin positions is beyond me Jingles, [18.10.20 02:53] I challenged your comments and you just changed the goal posts. Phlip - Not giving away coins, [18.10.20 02:53] [In reply to Spoice] Ok. You are not paying me and you are free to create noise elsewhere
List of current UI/UX issues & possible QoL improvements (Megathread?)
As some of you know, I only make stupidly long posts and also like to humbly brag about being a software engineer with fairly decent experience in QA, automated testing and testing in general (6+ years a C# dev). This is my personal list of things that either make no sense, are unpleasant, incoherent, or could be improved. Please feel free to add to the list, I will come back and edit every day. Numbers are also here to help you quote & provide your own criticism. Note that is is done with the following optimization mindset, in order of importance :
Remove redundancy / incoherence
Reduce time spent in menus/inventory (out of raid)
Reduce number of clicks / interactions
As you can see I worked under the assumption that the average player wants to spend more time in raid rather than in inventory ; obviously this falls apart if that is not the case. To do that I try to improve time spent on searching / arranging things without creating unecessary automation or remove important/immersive aspects of the game, even in inventory. I also try to improve time spent clicking through various windows as currently a lot of them are done to be fast & easy to for the devs, not for the players. I want to emphasize that I'm okay with that. I know the importance of having sub-optimal navigation to help you find out what your better navigation is. I also know a complete rework is not always possible, that is why I made my list without changing too much of the menus as well as keeping the vibe/current feel of those menus. Keywords like should & could are used as intended ; since this is not a professional report I'm emphasizing here, the meaning of the word is important. Should means it is adding an improvement over an existing issue, could means it's a possible improvement but requires further investigation. Would means investigation was done and is just one possible outcome usually relevant within the context. Please note that most of us now are very used to the current UI/UX, which will generate two reactions: - "It's fine as it is because I can do it quite fast." - "I don't want it to change again, I'm used to it now." I cannot emphasize how unefficient it is to let those emotions get the best of you. UI/UX is the study of common sense & ease of use in an interface. You should never have to get used to anything, it should be fluid and intuitive. If you think you're fast now, that means it's possible to be slow. This is extremely bad for a UI/UX standpoint. Everybody should be able to navigate/understand the menus just as fast the 1st time than the 100th time (ideally). Keep this in mind when you read everything down here, because some stuff you probably won't like at first glance, but you will get used to it very fast, and you will gain a lot of time in the future, as well as new players.
Currently when in the workbench (and I think others? now I doubt), the list of craftable items appears to be random. The order should always be the same for consistency. Does not provide meaningful gameplay experience to have to "look for the recipe" every time.
4. Collecting crafts
Hideout stations could display the finished craft on top for easy collection of craft, or there could be a "Get Items" or "Receive All" elsewhere to avoid unecessary scrolling. This is uncessary if ongoing crafts are moved on top of the list, or if the list is autoscrolled to the ongoing craft. "Collect All" on station level is not the best idea. If you go in a station, it's probably better that you know what you're collecting. I suggest moving the relevant craft on top or auto scrolling and not adding "receive all" on station level, although it would be a good help. This should be investigated. Receive All or Get Items could be moved or added at the top or bottom of the window.
5. "Receive All" could exist at hideout level
The same way we "receive all" from a trader, it would be nice to "Receive all" from the hideout. Either in the form of a trader (in which we can receive all / pick manually from) or by instantly putting it in inventory. If there is enough space it just works. If there isn't, it displays an error like it already does. This is not mutually exclusive with the previous suggestion.
6. Display crafts readyness/collection
6.1 Hideout The current behaviour is partially coherent. You get notified when an item is sold, and you get notified when a craft is finished. You have a display notification "Attachment" style when a trader has something for you, and you should get a display notification "attachment" style when the hideout has something for you. Ideally, there should also be such notifications for currently unused station Receive all on the right, Nutrition unit has finished crafting and Lavatory is currently NOT crafting 6.2 Traders There should be a way of knowing if something is waiting in trader inventory on a global level (quest rewards, money, insurance, unsold market items returns), like the nofication. The "new item" notification could be always visible as long as items are in the trader inventories, compared to now where it disappears as soon as you either click it or visit the messenger. In this hypothesis, there could be a change of color in the notification to show that there are still item waiting including some that haven't been seen yet (to still fulfill the current role of the notification)
Note : CTA = Call to Action, it's the button your user will press 99.3% of the time. Example, in the launcher, it's the "Start Game". Clearly visible, easily accessible, highlighted, much bigger, and at a very common CTA spot. That one is great. Some others are not. 7.1. "Receive All" should not be displayed when there is nothing to receive. 7.2 "Get" in single transaction messages from Ragman could be removed. There is no reason to take single items from the window when you can receive it all at once. 7.3 A "group collect" Receive all action could be added when you click on the attachment notification, or as an extra action next to the notification (just like shown on the Hideout in figure 6.0) that would specifically collect all. it would loop through all conversations and collect all and dump at the top of stash, either until its finished or there is not enough room, in which case it displays an error. It could also work like the scav case and not pick up anything until you have room, and in that case you would go in the window manually and/or make room (like we do now). 7.3 The "Receive all" is at the bottom when most CTAs in the game is at the top (dealer tabs, market tabs, character sheet tabs, settings...). Save in the settings is at the bottom too. It is incoherent. It would make more sense to have all CTAs at the bottom and options/tabs/menus at the top. 7.4 The "DEAL" button in trader view is much smaller and less visible than the "Fill Item" checkbox. The CTA should be getting more attention than a setting. New players pretty much *never* see it first and look around the "Fill Item" with eyes & mouse. DEAL should be at the bottom in the current \"Fill Item\" box. Fill Items should be removed entirely. 7.5 Quests could be automatically accepted (no need for CTA). I don't see a reason why someone would not accept a quest. The only reason we're Accepting them now is to let the user know he has a new quest. There are other means of notifying players of new stuff : usually notifications. If not, that button should at least be more visible/highlighted. Every new player ( 100%! ) I coach does not see it at first and never looks at the right spot the first time. 7.6 "Insure All" is the most commonly used button in the insurance screen and could be emphasized more. Example 7.5
8. Remove "Fill Items"
The Fill Items to automatically fill the trader's requirements should be removed and set as the default behaviour. There is no need to fill items manually nor tell the game to do so.
9. Expire / Delete pending requests
Friend requests should be cancellable and could expire. Requests should not be stuck until another user acts on them. Right clicking the request could display a "Cancel" or "Delete" request button. Ideally, the cell should include a CTA on the right, as the only action I would ever do in a cell in this context is cancel. Opening a submenu with only 1 item means youshould notbe opening a submenu, but displaying a button where the user right clicked instead. I can only re-send a friend request to someone that already denied me. This is incoherent.
10. Market Rows
From my somewhat small sample (about 60 players), nobody uses the expand button on the top right of a cell (see below). I think everybody uses the right click on item instead. An expanded cell with context menu opened, and a collapsed cell The extra information available on the right is the exact same as a right click, but is hidden behind a left click. This is incoherent. The only difference is the profile picture that I only get from expanding, but currently we all have the same one. This would need to be investigated. This could be an improvement, displaying the CTA's immediately (although BUY is definitely way too small). Notice profile picture on the left 10.1 The expandable cell feature should be removed altogether, as the other options are available on right click. 10.2 The whole row should provide the same context menu (right click). 10.3 The "Send friend request" could be included in the row's context menu, or could be removed entirely, as right now most requests are missclicks. Adding the Send Friend Request at the bottom of the context menu on the row would reduce the amount of missclicks. 10.4 Left clicking should not open the context menu. This is mostly the reason behind missclick friend requests, people double clicking slightly off the item icon sending a friend request by mistake. Now I have 4 just because I was trying to make a screenshot. F's in the chat. This would be resolved with 10.2 and 10.3. 10.5 Barter items have a "Barter" icon that is redundant, the first and second column are completely irrelevant to the player. Example 10.5
11. Filtering search
11.1 "Filter by Item" should not filter the browse list. If you're writing a valid keyword in the search field it should display the correct suggestions. Filtering content is good, filtering suggestions is incoherent. 11.2 Filters could be cleared as soon as you type text in the search field. This would resolve 11.1 Example 11 11.3 "My Offers" could not be affected by filters, or could reset filters. It is more trouble to remove the filter manually every time rather than browsing through the offer list. Currently we never have more than ~10 offers at the same time for most players, which is okay to display without filter. 11.4 Filters should not overlap with other UI elements, they could be resized to fit or the expandable filter list could include more elements so the visible ones fit. Example 11.4 11.5 The Remember Selected Filter / Reset Filter is unclear. Looks great, feels weird, and should be investigated to be more useful.
12. Context Menu in player lobby
The current lobby with context menu open All players in this list are looking for a group, there is no need to write a status "Looking for group", it's redundant. The exception is friends, which 99.633...% of the time is the group i'm about to play with. Those are displayed on top. The only action we do on the list on this screen is the "Invite to group" context menu action. It's a CTA and should not be hidden in a context menu, especially if the context menu only has one option. Since recently it has two, but we'll come to that in a minute. 12.1 The invite CTA should be on the player cell itself. 12.2 The report action should not be the default one from the context menu 12.3 Since there could be only one item in the context menu according to 12.1, the report action could be on the cell as well. A low quality suggestion for 12.x
13. Trader Buy/Sell
Trader screen needs to be reworked. I won't provide a solution that doesn't completely change how everything looks/works as I stated at the start of the post. That being said this should be improved. Example 13.1 13.1 Buying UI should be reworked. When buying, the price of the item is already displayed on the item itself in the trader view. The price is also displayed a second time in the tooltip of the item if you mouse-over. The price is also displayed a third time in the barter area on the right of the image (middle of the screen in game). This is redundant. I understand the item on the right is the physical item "Roubles" in a stack that is paid, like a barter, but it does not need to be displayed a third time. 13.2 Quantity limit (red box in the image) could be shown in the tooltip ; most of the time people will hit "DEAL" until they get an error insted of actually reading the red box. 13.3 The red box looks like an error even when at 0/x, this is not intuitive. Limited items can be listed in different ways that are not so invasive. We could add "out of X" at the right side of the quantity box. 13.4 Barter item prices (if we assume 13.1) would need to also displayed differently. This needs to be investigated 13.5 Selling UI should be reworked Example 13.5 Currently selling an item still displays the full available items to BUY, this is incoherent. Especially from the "Sell" tab. The whole left side of the screen is wasted, and cannot be used. 13.6 Items on the left are not greyed out (even though I can't buy them), but items on the right are greyed out (because I can't sell them). This is incoherent. 13.7 Trader sell space should be infinite 13.8 Buy/Sell could be done in a single tab if the whole screen is reworked. There are different levels to this. An easy one I could think : "Trade" Tab instead of "Buy". Displays the same as the current "BUY" tab. If you ctrl+click an item from your stash, it instantly sells without confirmation. The second tab would be a "Buyback" where you can see what you sold in the current trade session. If you leave the screen your buyback is reset and items cannot be recovered. Another way would be to keep buybacks for the last X items. You would need to pay what you received to get back. The item would not lose it's FiR status. This preleminary and simplistic rework has issues, notably that you have to know to right click to sell. One way to fix that would be to make right click sell to trader instead of control click, but that would definitely make missclicks the first few days (and buyback would be mandatory). This could be investigated. 13.9 Currency exchange rates should be easily available in relevant areas (Peacekeeper, Therapist and flea market) for all currencies (Rouble, Euro, Dollar, Bitcoin)
Items should be boxables and moved around. At least to be dropped in boxes, ideally to be moved around freely. There is a limit of 20 images. 🤷♂ Example 14
15. Quest inventory
If you loot too many quest items in a raid, you can end up not being able to loot it. I assume this is by design and it is why you have limited quest item space. The quest inventory could be infinite if it's not by design to be limited. The quest inventory should be manageable. In my case i had a 1 slot item blocking me from taking the suitcase, I should have been allowed to move that 1 slot item to the top or to the right of my inventory, clearing a whole line and letting me take the case. Quest items could be stored in backpack (and resized) ; since you lose them on death it's not relevant to the players looting you or you dying and that issue would be gone. Storing it in your stash would also prevent you from losing it by going in raid with it by mistake. Taking it in raid or giving it to trader would be a volontary action. It also makes much more sense that way as other quest items (that are also usable items) work that way. Alright this ended up taking more time than my lunchbreak, and there is *much* more to write but for the time being I'll leave it at that and come tomorrow to add your suggestions or mine. See you in 24 hours.
Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses. Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes. First, some background. Here is a summary of how custodians make us more secure: Previously, we might give Alice our crypto assets to hold. There were risks:
Alice might take the assets and disappear.
Alice might spend the assets and pretend that she still has them (fractional model).
Alice might store the assets insecurely and they'll get stolen.
Alice might give the assets to someone else by mistake or by force.
Alice might lose access to the assets.
But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
Alice can't take the assets and disappear (unless she asks Bob or never gives them to Bob).
Alice can't spend the assets and pretend that she still has them. (Unless she didn't give them to Bob or asks him for them.)
Alice can't store the assets insecurely so they get stolen. (After all - she doesn't have any control over the withdrawal process from any of Bob's systems, right?)
Alice can't give the assets to someone else by mistake or by force. (Bob will stop her, right Bob?)
Alice can't lose access to the funds. (She'll always be present, sane, and remember all secrets, right?)
See - all problems are solved! All we have to worry about now is:
Bob might take the assets and disappear.
Bob might spend the assets and pretend that he still has them (fractional model).
Bob might store the assets insecurely and they'll get stolen.
Bob might give the assets to someone else by mistake or by force.
Bob might lose access to the assets.
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are! "On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid". "Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since." "As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!" "Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?" "Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party." "Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!" "What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven." "Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!" "We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies. And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often". How many holes have to exist for your funds to get stolen? Just one. Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so? If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security. The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle. And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet? Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds. So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
ANY CERTAINTY BALANCES WEREN'T EXCLUDED. Quadriga's largest account was $70m. 80% of funds are in 20% of accounts (Pareto principle). All it takes is excluding a few really large accounts - and nobody's the wiser. A fractional platform can easily pass any audit this way.
ANY VISIBILITY WHATSOEVER INTO THE CUSTODIANS. BitBuy put out their report before moving all the funds to their custodian and ShakePay apparently can't even tell us who the custodian is. That's pretty important considering that basically all of the funds are now stored there.
ANY IDEA ABOUT THE OTHER EXCHANGES. In order for this to be effective, it has to be the norm. It needs to be "unusual" not to know. If obscurity is the norm, then it's super easy for people like Gerald Cotten and Dave Smilie to blend right in.
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
First report within 1 month of launching, another within 3 months, and further reports at minimum every 6 months thereafter.
No auditor can be repeated within a 12 month period.
All reports must be public, identifying the auditor and the full methodology used.
All auditors must be independent of the firm being audited with no conflict of interest.
Reports must include the percentage of each asset backed, and how it's backed.
The auditor publishes a hash list, which lists a hash of each customer's information and balances that were included. Hash is one-way encryption so privacy is fully preserved. Every customer can use this to have 100% confidence they were included.
If we want more extensive requirements on audits, these should scale upward based on the total assets at risk on the platform, and whether the platform has loaned their assets out.
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever. Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see. It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation. A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7. History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance. Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.) Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive. Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today. Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well. Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do. Facts/background/sources (skip if you like):
The inspiration for the paragraph about splitting wallets was an actual quote from a Canadian company providing custodial services in response to the OSC consultation paper: "We believe that it will be in the in best interests of investors to prohibit pooled crypto assets or ‘floats’. Most Platforms pool assets, citing reasons of practicality and expense. The recent hack of the world’s largest Platform – Binance – demonstrates the vulnerability of participants’ assets when such concessions are made. In this instance, the Platform’s entire hot wallet of Bitcoins, worth over $40 million, was stolen, facilitated in part by the pooling of client crypto assets." "the maintenance of participants (and Platform) crypto assets across multiple wallets distributes the related risk and responsibility of security - reducing the amount of insurance coverage required and making insurance coverage more readily obtainable". For the record, their reply also said nothing whatsoever about multi-sig or offline storage.
In addition to the fact that the $40m hack represented only one "hot wallet" of Binance, and they actually had the vast majority of assets in other wallets (including mostly cold wallets), multiple real cases have clearly demonstrated that risk is still present with multiple wallets. Bitfinex, VinDAX, Bithumb, Altsbit, BitPoint, Cryptopia, and just recently KuCoin all had multiple wallets breached all at the same time, and may represent a significantly larger impact on customers than the Binance breach which was fully covered by Binance. To represent that simply having multiple separate wallets under the same security scheme is a comprehensive way to reduce risk is just not true.
Private insurance has historically never covered a single loss in the cryptocurrency space (at least, not one that I was able to find), and there are notable cases where massive losses were not covered by insurance. Bitpay in 2015 and Yapizon in 2017 both had insurance policies that didn't pay out during the breach, even after a lengthly court process. The same insurance that ShakePay is presently using (and announced to much fanfare) was describe by their CEO himself as covering “physical theft of the media where the private keys are held,” which is something that has never historically happened. As was said with regard to the same policy in 2018 - “I don’t find it surprising that Lloyd’s is in this space,” said Johnson, adding that to his mind the challenge for everybody is figuring out how to structure these policies so that they are actually protective. “You can create an insurance policy that protects no one – you know there are so many caveats to the policy that it’s not super protective.”
The most profitable policy for a private insurance company is one with the most expensive premiums that they never have to pay a claim on. They have no inherent incentive to take care of people who lost funds. It's "cheaper" to take the reputational hit and fight the claim in court. The more money at stake, the more the insurance provider is incentivized to avoid payout. They're not going to insure the assets unless they have reasonable certainty to make a profit by doing so, and they're not going to pay out a massive sum unless it's legally forced. Private insurance is always structured to be maximally profitable to the insurance provider.
The circumvention of multi-sig was a key factor in the massive Bitfinex hack of over $60m of bitcoin, which today still sits being slowly used and is worth over $3b. While Bitfinex used a qualified custodian Bitgo, which was and still is active and one of the industry leaders of custodians, and they set up 2 of 3 multi-sig wallets, the entire system was routed through Bitfinex, such that Bitfinex customers could initiate the withdrawals in a "hot" fashion. This feature was also a hit with the hacker. The multi-sig was fully circumvented.
Bitpay in 2015 was another example of a breach that stole 5,000 bitcoins. This happened not through the exploit of any system in Bitpay, but because the CEO of a company they worked with got their computer hacked and the hackers were able to request multiple bitcoin purchases, which Bitpay honoured because they came from the customer's computer legitimately. Impersonation is a very common tactic used by fraudsters, and methods get more extreme all the time.
A notable case in Canada was the Canadian Bitcoins exploit. Funds were stored on a server in a Rogers Data Center, and the attendee was successfully convinced to reboot the server "in safe mode" with a simple phone call, thus bypassing the extensive security and enabling the theft.
The very nature of custodians circumvents multi-sig. This is because custodians are not just having to secure the assets against some sort of physical breach but against any form of social engineering, modification of orders, fraudulent withdrawal attempts, etc... If the security practices of signatories in a multi-sig arrangement are such that the breach risk of one signatory is 1 in 100, the requirement of 3 independent signatures makes the risk of theft 1 in 1,000,000. Since hackers tend to exploit the weakest link, a comparable custodian has to make the entry and exit points of their platform 10,000 times more secure than one of those signatories to provide equivalent protection. And if the signatories beef up their security by only 10x, the risk is now 1 in 1,000,000,000. The custodian has to be 1,000,000 times more secure. The larger and more complex a system is, the more potential vulnerabilities exist in it, and the fewer people can understand how the system works when performing upgrades. Even if a system is completely secure today, one has to also consider how that system might evolve over time or work with different members.
By contrast, offline multi-signature solutions have an extremely solid record, and in the entire history of cryptocurrency exchange incidents which I've studied (listed here), there has only been one incident (796 exchange in 2015) involving an offline multi-signature wallet. It happened because the customer's bitcoin address was modified by hackers, and the amount that was stolen ($230k) was immediately covered by the exchange operators. Basically, the platform operators were tricked into sending a legitimate withdrawal request to the wrong address because hackers exploited their platform to change that address. Such an issue would not be prevented in any way by the use of a custodian, as that custodian has no oversight whatsoever to the exchange platform. It's practical for all exchange operators to test large withdrawal transactions as a general policy, regardless of what model is used, and general best practice is to diagnose and fix such an exploit as soon as it occurs.
False promises on the backing of funds played a huge role in the downfall of Quadriga, and it's been exposed over and over again (MyCoin, PlusToken, Bitsane, Bitmarket, EZBTC, IDAX). Even today, customers have extremely limited certainty on whether their funds in exchanges are actually being backed or how they're being backed. While this issue is not unique to cryptocurrency exchanges, the complexity of the technology and the lack of any regulation or standards makes problems more widespread, and there is no "central bank" to come to the rescue as in the 2008 financial crisis or during the great depression when "9,000 banks failed".
In addition to fraudulent operations, the industry is full of cases where operators have suffered breaches and not reported them. Most recently, Einstein was the largest case in Canada, where ongoing breaches and fraud were perpetrated against the platform for multiple years and nobody found out until the platform collapsed completely. While fraud and breaches suck to deal with, they suck even more when not dealt with. Lack of visibility played a role in the largest downfalls of Mt. Gox, Cryptsy, and Bitgrail. In some cases, platforms are alleged to have suffered a hack and keep operating without admitting it at all, such as CoinBene.
It surprises some to learn that a cryptographic solution has already existed since 2013, and gained widespread support in 2014 after Mt. Gox. Proof of Reserves is a full cryptographic proof that allows any customer using an exchange to have complete certainty that their crypto-assets are fully backed by the platform in real-time. This is accomplished by proving that assets exist on the blockchain, are spendable, and fully cover customer deposits. It does not prove safety of assets or backing of fiat assets.
If we didn't care about privacy at all, a platform could publish their wallet addresses, sign a partial transaction, and put the full list of customer information and balances out publicly. Customers can each check that they are on the list, that the balances are accurate, that the total adds up, and that it's backed and spendable on the blockchain. Platforms who exclude any customer take a risk because that customer can easily check and see they were excluded. So together with all customers checking, this forms a full proof of backing of all crypto assets.
However, obviously customers care about their private information being published. Therefore, a hash of the information can be provided instead. Hash is one-way encryption. The hash allows the customer to validate inclusion (by hashing their own known information), while anyone looking at the list of hashes cannot determine the private information of any other user. All other parts of the scheme remain fully intact. A model like this is in use on the exchange CoinFloor in the UK.
A Merkle tree can provide even greater privacy. Instead of a list of balances, the balances are arranged into a binary tree. A customer starts from their node, and works their way to the top of the tree. For example, they know they have 5 BTC, they plus 1 other customer hold 7 BTC, they plus 2-3 other customers hold 17 BTC, etc... until they reach the root where all the BTC are represented. Thus, there is no way to find the balances of other individual customers aside from one unidentified customer in this case.
Proposals such as this had the backing of leaders in the community including Nic Carter, Greg Maxwell, and Zak Wilcox. Substantial and significant effort started back in 2013, with massive popularity in 2014. But what became of that effort? Very little. Exchange operators continue to refuse to give visibility. Despite the fact this information can often be obtained through trivial blockchain analysis, no Canadian platform has ever provided any wallet addresses publicly. As described by the CEO of Newton "For us to implement some kind of realtime Proof of Reserves solution, which I'm not opposed to, it would have to ... Preserve our users' privacy, as well as our own. Some kind of zero-knowledge proof". Kraken describes here in more detail why they haven't implemented such a scheme. According to professor Eli Ben-Sasson, when he spoke with exchanges, none were interested in implementing Proof of Reserves.
And yet, Kraken's places their reasoning on a page called "Proof of Reserves". More recently, both BitBuy and ShakePay have released reports titled "Proof of Reserves and Security Audit". Both reports contain disclaimers against being audits. Both reports trust the customer list provided by the platform, leaving the open possibility that multiple large accounts could have been excluded from the process. Proof of Reserves is a blockchain validation where customers see the wallets on the blockchain. The report from Kraken is 5 years old, but they leave it described as though it was just done a few weeks ago. And look at what they expect customers to do for validation. When firms represent something being "Proof of Reserve" when it's not, this is like a farmer growing fruit with pesticides and selling it in a farmers market as organic produce - except that these are people's hard-earned life savings at risk here. Platforms are misrepresenting the level of visibility in place and deceiving the public by their misuse of this term. They haven't proven anything.
Fraud isn't a problem that is unique to cryptocurrency. Fraud happens all the time. Enron, WorldCom, Nortel, Bear Stearns, Wells Fargo, Moser Baer, Wirecard, Bre-X, and Nicola are just some of the cases where frauds became large enough to become a big deal (and there are so many countless others). These all happened on 100% reversible assets despite regulations being in place. In many of these cases, the problems happened due to the over-complexity of the financial instruments. For example, Enron had "complex financial statements [which] were confusing to shareholders and analysts", creating "off-balance-sheet vehicles, complex financing structures, and deals so bewildering that few people could understand them". In cryptocurrency, we are often combining complex financial products with complex technologies and verification processes. We are naïve if we think problems like this won't happen. It is awkward and uncomfortable for many people to admit that they don't know how something works. If we want "money of the people" to work, the solutions have to be simple enough that "the people" can understand them, not so confusing that financial professionals and technology experts struggle to use or understand them.
For those who question the extent to which an organization can fool their way into a security consultancy role, HB Gary should be a great example to look at. Prior to trying to out anonymous, HB Gary was being actively hired by multiple US government agencies and others in the private sector (with glowing testimonials). The published articles and hosted professional security conferences. One should also look at this list of data breaches from the past 2 years. Many of them are large corporations, government entities, and technology companies. These are the ones we know about. Undoubtedly, there are many more that we do not know about. If HB Gary hadn't been "outted" by anonymous, would we have known they were insecure? If the same breach had happened outside of the public spotlight, would it even have been reported? Or would HB Gary have just deleted the Twitter posts, brought their site back up, done a couple patches, and kept on operating as though nothing had happened?
In the case of Quadriga, the facts are clear. Despite past experience with platforms such as MapleChange in Canada and others around the world, no guidance or even the most basic of a framework was put in place by regulators. By not clarifying any sort of legal framework, regulators enabled a situation where a platform could be run by former criminal Mike Dhanini/Omar Patryn, and where funds could be held fully unchecked by one person. At the same time, the lack of regulation deterred legitimate entities from running competing platforms and Quadriga was granted a money services business license for multiple years of operation, which gave the firm the appearance of legitimacy. Regulators did little to protect Canadians despite Quadriga failing to file taxes from 2016 onward. The entire administrative team had resigned and this was public knowledge. Many people had suspicions of what was going on, including Ryan Mueller, who forwarded complaints to the authorities. These were ignored, giving Gerald Cotten the opportunity to escape without justice.
There are multiple issues with the SOC II model including the prohibitive cost (you have to find a third party accounting firm and the prices are not even listed publicly on any sites), the requirement of operating for a year (impossible for new platforms), and lack of any public visibility (SOC II are private reports that aren't shared outside the people in suits).
Securities frameworks are expensive. Sarbanes-Oxley is estimated to cost $5.1 million USD/yr for the average Fortune 500 company in the United States. Since "Fortune 500" represents the top 500 companies, that means well over $2.55 billion USD (~$3.4 billion CAD) is going to people in suits. Isn't the problem of trust and verification the exact problem that the blockchain is supposed to solve?
To use Quadriga as justification for why custodians or SOC II or other advanced schemes are needed for platforms is rather silly, when any framework or visibility at all, or even the most basic of storage policies, would have prevented the whole thing. It's just an embarrassment.
We are now seeing regulators take strong action. CoinSquare in Canada with multi-million dollar fines. BitMex from the US, criminal charges and arrests. OkEx, with full disregard of withdrawals and no communication. Who's next?
We have a unique window today where we can solve these problems, and not permanently destroy innovation with unreasonable expectations, but we need to act quickly. This is a unique historic time that will never come again.
[OWL WATCH] Waiting for "IOTA TIME" 20; Hans's re-defined directions for DLT
Disclaimer: This is my editing, so there could be some misunderstandings... -------------------------------------------- wellwho오늘 오후 4:50 u/BenRoyce****how far is society2 from having something clickable powered by IOTA? Ben Royce오늘 오후 4:51 demo of basic tech late sep/ early oct. MVP early 2021 --------------------------------------------------- HusQy Colored coins are the most misunderstood upcoming feature of the IOTA protocol. A lot of people see them just as a competitor to ERC-20 tokens on ETH and therefore a way of tokenizing things on IOTA, but they are much more important because they enable "consensus on data". Bob All this stuff already works on neblio but decentralized and scaling to 3500 tps HusQy Neblio has 8 mb blocks with 30 seconds blocktime.This is a throughput of 8 mb / 30 seconds = 267 kb per second.Transactions are 401+ bytes which means that throughput is 267 kb / 401 bytes = 665 TPS. IOTA is faster, feeless and will get even faster with the next update ... ----------------------------------------------------------------------------- HusQy Which DLT would be more secure? One that is collaboratively validated by the economic actors of the world (coporations, companies, foundations, states, people) or one that is validated by an anonymous group of wealthy crypto holders? HusQy The problem with current DLTs is that we use protection mechanisms like Proof of Work and Proof of Stake that are inherently hard to shard. The more shards you have, the more you have to distribute your hashing power and your stake and the less secure the system becomes. HusQy Real world identities (i.e. all the big economic actors) however could shard into as many shards as necessary without making the system less secure. Todays DLTs waste trust in the same way as PoW wastes energy. HusQy Is a secure money worth anything if you can't trust the economic actors that you would buy stuff from? If you buy a car from Volkswagen and they just beat you up and throw you out of the shop after you payed then a secure money won't be useful either :P HusQy **I believe that if you want to make DLT work and be successful then we need to ultimately incorporate things like trust in entities into the technology.**Examples likes wirecard show that trusting a single company is problematic buttrusting the economy as a whole should be at ... **... least as secure as todays DLTs.**And as soon as you add sharding it will be orders of magnitude more secure.DLT has failed to deliver because people have tried to build a system in vacuum that completely ignores things that already exist and that you can leverage on. ---------------------------------------------------------------------------------- HusQy Blockchain is a bit like people sitting in a room, trying to communicate through BINGO sheets. While they talk, they write down some of the things that have been said and as soon as one screams BINGO! he hands around his sheet to inform everybody about what has been said. HusQy If you think that this is the most efficient form of communication for people sitting in the same room and the answer to scalability is to make bigger BINGO sheets or to allow people to solve the puzzle faster then you will most probably never understand what IOTA is working on. -------------------------------------------------------------------------------- HusQy **Blockchain does not work with too many equally weighted validators.****If 400 validators produce a validating statement (block) at the same time then only one can survive as part of a longest chain.**IOTA is all about collaborative validation. **Another problem of blockchain is that every transaction gets sent twice through the network. Once from the nodes to the miners and a 2nd time from the miners as part of a block.**Blockchain will therefore always only be able to use 50% of the network throughput. And****the last problem is that you can not arbitrarily decrease the time between blocks as it breaks down if the time between blocks gets smaller than the average network delay. The idle time between blocks is precious time that could be used for processing transactions. ----------------------------------------------------------------------------- HusQy I am not talking about a system with a fixed number of validators but one that is completely open and permissionless where any new company can just spin up a node and take part in the network. ------------------------------------------------------------------------ HusQy Proof of Work and Proof of Stake are both centralizing sybil-protection mechanism. I don't think that Satoshi wanted 14 mining pools to run the network. And "economic clustering" was always the "end game" of IOTA. ----------------------------------------------------------------------------- HusQy **Using Proof of Stake is not trustless. Proof of Stake means you trust the richest people and hope that they approve your transactions. The rich are getting richer (through your fees) and you are getting more and more dependant on them.**Is that your vision of the future? ---------------------------------------------------------------------------- HusQy Please read again exactly what I wrote. I have not spoken of introducing governance by large companies, nor have I said that IOTA should be permissioned. We aim for a network with millions or even billions of nodes. HusQy That can't work at all with a permissioned ledger - who should then drop off all these devices or authorize them to participate in the network? My key message was the following: Proof of Work and Proof of Stake will always be if you split them up via sharding ... HusQy ... less secure because you simply need fewer coins or less hash power to have the majority of the votes in a shard. This is not the case with trust in society and the economy. When all companies in the world jointly secure a DLT ... HusQy ... then these companies could install any number of servers in any number of shards without compromising security, because "trust" does not become less just because they operate several servers. First of all, that is a fact and nothing else. HusQy Proof of Work and Proof of Stake are contrary to the assumption of many not "trustless" but follow the maxim: "In the greed of miners we trust!" The basic assumption that the miners do not destroy the system that generates income for them is fundamental here for the ... HusQy ... security of every DLT. I think a similar assumption would still be correct for the economy as a whole: The companies of the world (and not just the big ones) would not destroy the system with which their customers pay them. In this respect, a system would be ... HusQy ... which is validated by society and the economy as a whole probably just as "safely" as a system which is validated by a few anonymous miners. Why a small elite of miners should be better validators than any human and ... HusQy ... To be honest, companies in this world do not open up to me. As already written in my other thread, safe money does not bring you anything if you have to assume that Volkswagen will beat you up and throw you out of the store after you ... HusQy ... paid for a car. The thoughts I discussed say nothing about the immediate future of IOTA (we use for Coordicide mana) but rather speak of a world where DLT has already become an integral part of our lives and we ... HusQy ... a corresponding number of companies, non-profit organizations and people have used DLT and where such a system could be implemented. The point here is not to create a governance solution that in any way influences the development of technology ... HusQy ... or have to give nodes their OK first, but about developing a system that enables people to freely choose the validators they trust. For example, you can also declare your grandma to be a validator when you install your node or your ... HusQy ... local supermarket. Economic relationships in the real world usually form a close-knit network and it doesn't really matter who you follow as long as the majority is honest. I also don't understand your criticism of censorship, because something like that in IOTA ... HusQy ... is almost impossible. Each transaction confirms two other transactions which is growing exponentially. If someone wanted to ignore a transaction, he would have to ignore an exponential number of other transactions after a very short time. In contrast to blockchain ... HusQy ... validators in IOTA do not decide what is included in the ledger, but only decide which of several double spends should be confirmed. Honest transactions are confirmed simply by having other transactions reference them ... HusQy ... and the "validators" are not even asked. As for the "dust problem", this is indeed something that is a bigger problem for IOTA than for other DLTs because we have no fees, but it is also not an unsolvable problem. Bitcoin initially has a ... HusQy Solved similar problem by declaring outputs with a minimum amount of 5430 satoshis as invalid (github.com/Bitcoin/Bitcoi…). A similar solution where an address must contain a minimum amount is also conceivable for IOTA and we are discussing ... HusQy ... several possibilities (including compressing dust using cryptographic methods). Contrary to your assumption, checking such a minimum amount is not slow but just as fast as checking a normal transaction. And mine ... HusQy ... In my opinion this is no problem at all for IOTA's use case. The important thing is that you can send small amounts, but after IOTA is feeless it is also okay to expect the recipients to regularly send their payments on a ... HusQy ... merge address. The wallets already do this automatically (sweeping) and for machines it is no problem to automate this process. So far this was not a problem because the TPS were limited but with the increased TPS throughput of ... HusQy ... Chrysalis it becomes relevant and appropriate solutions are discussed and then implemented accordingly. I think that was the most important thing first and if you have further questions just write :) HusQy And to be very clear! I really appreciate you and your questions and don't see this as an attack at all! People who see such questions as inappropriate criticism should really ask whether they are still objective. I have little time at the moment because ... HusQy ... my girlfriend is on tour and has to take care of our daughter, but as soon as she is back we can discuss these things in a video. I think that the concept of including the "real world" in the concepts of DLT is really exciting and ... HusQy ... that would certainly be exciting to discuss in a joint video. But again, that's more of a vision than a specific plan for the immediate future. This would not work with blockchain anyway but IOTA would be compatible so why not think about such things. ----------------------------------------------------------------------- HusQy All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time. ---------------------------------------------------------------------------------- HusQy Exactly. It would mean that addresses "cost" something but I would rather pay a few cents than fees for each transaction. And you can "take" this minimum amount with you every time you change to a new address. HusQy All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time. ----------------------------------------------------------------------------------- Relax오늘 오전 1:17 Btw. Hans (sorry for interrupting this convo) but what make people say that IOTA is going the permissioned way because of your latest tweets? I don't get why some people are now forecasting that... Is it because of missing specs or do they just don't get the whole idea? Hans Moog [IF]오늘 오전 1:20 its bullshitu/Relaxanidentity based system would still be open and permissionless where everybody can choose the actors that they deem trustworthy themselves but thats anyway just sth that would be applicable with more adoption [오전 1:20] for now we use mana as a predecessor to an actual reputation system Sissors오늘 오전 1:31 If everybody has to choose actors they deem trustworthy, is it still permissionless? Probably will become a bit a semantic discussion, but still Hans Moog [IF]오늘 오전 1:34 Of course its permissionless you can follow your grandma if you want to :p Sissors오늘 오전 1:36 Well sure you can, but you will need to follow something which has a majority of the voting power in the network. Nice that you follow your grandma, but if others dont, her opinion (or well her nodes opinion) is completely irrelevant Hans Moog [IF]오늘 오전 1:37 You would ideally follow the people that are trustworthy rather than your local drug dealers yeah Sissors오늘 오전 1:38 And tbh, sure if you do it like that is easy. If you just make the users responsible for only connection to trustworthy nodes Hans Moog [IF]오늘 오전 1:38 And if your grandma follows her supermarket and some other people she deems trustworthy then thats fine as well [오전 1:38] + you dont have just 1 actor that you follow Sissors오늘 오전 1:38 No, you got a large list, since yo uwant to follow those which actually matter. So you jsut download a standard list from the internet Hans Moog [IF]오늘 오전 1:39 You can do that [오전 1:39] Is bitcoin permissionless? Should we both try to become miners? [오전 1:41] I mean miners that actually matter and not find a block every 10 trillion years 📷 [오전 1:42] If you would want to become a validator then you would need to build up trust among other people - but anybody can still run a node and issue transactions unlike in hashgraph where you are not able to run your own nodes(수정됨) [오전 1:48] Proof of Stake is also not trustless - it just has a builtin mechanism that downloads the trusted people from the blockchain itself (the richest dudes) Sissors오늘 오전 1:52 I think most agree it would be perfect if every person had one vote. Which is pr oblematic to implement of course. But I really wonder if the solution is to just let users decide who to trust. At the very least I expect a quite centralized network Hans Moog [IF]오늘 오전 1:53 of course even a trust based system would to a certain degree be centralized as not every person is equally trustworthy as for example a big cooperation [오전 1:53] but I think its gonna be less centralized than PoS or PoW [오전 1:53] but anyway its sth for "after coordicide" [오전 1:54] there are not enough trusted entities that are using DLT, yet to make such a system work reasonably well [오전 1:54] I think the reason why blockchain has not really started to look into these kind of concepts is because blockchain doesnt work with too many equally weighted validators [오전 1:56] I believe that DLT is only going to take over the world if it is actually "better" than existing systems and with better I mean cheaper, more secure and faster and PoS and PoW will have a very hard time to deliver that [오전 1:56] especially if you consider that its not only going to settle value transfers Relax오늘 오전 1:57 I like this clear statements, it makes it really clear that DLT is still in its infancy Hans Moog [IF]오늘 오전 1:57 currently bank transfers are order of magnitude cheaper than BTC or ETH transactions Hans Moog [IF]오늘 오전 1:57 and we you think that people will adopt it just because its crypto then I think we are mistaken [오전 1:57] The tech needs to actually solve a problem [오전 1:57] and tbh. currently people use PayPal and other companies to settle their payments [오전 1:58] having a group of the top 500 companies run such a service together is already much better(수정됨) [오전 1:58] especially if its fast and feeless [오전 2:02] and the more people use it, the more decentralized it actually becomes [오전 2:02] because you have more trustworthy entities to choose of Evaldas [IF]오늘 오전 2:08 "in the greed of miners we trust"
Bitcoin is hesitating at a minor resistance zone which is a tough spot of both longs and shorts. Our recent series of trades have been mixed. A stop out, followed by targets reached, followed by a stop out again. At first glance this sounds like a negative outcome, but we actually came out ahead in terms of profit and that is because of our particular money management rules. Although chipmakers continually improve the efficiency of computation relative to power, bitcoin’s automatic reset means that as long as there is money to be made, miners will consume more power ... And just like the Internet, it will take a rather long period, many years at least, before bitcoin becomes mainstream technology. Even though several great bitcoin projects and platforms are in development, it will take a lot of time until they are ready to be used by the general public. On top of that, there need to be more educational efforts regarding bitcoin that focus on the underlying ... Business Bitcoin: charting the life and times of a cryptocurrency. What goes up must come down, old wisdom has decreed. Does it apply to the best-known digital token, Bitcoin? How Long Does It Take To Mine 1 Bitcoin (BTC)? By Prashant Jha. Mining Bitcoin has got complicated than ever before, and there are numerous factors which govern the mining process. Earlier mining process was intended to keep the Bitcoin network decentralized and the miners were rewarded with certain Block Rewards.
How to Mine Bitcoins Using Your Own Computer - YouTube
Bitcoin Mining: How Long Does It Take to Earn 1 Bitcoin? In this period, when the popularity of crypto coins increased rapidly, everyone started to see Bitco... How long does Bitcoin take to confirm? May 16, 2019 As mentioned earlier, a Bitcoin transaction generally needs 6 confirmations from miners before it’s processed. The average time it takes to ... Crypto Transaction Explained! In this video I will cover the basic process for sending/receiving coins, how long they usually take, what transaction fees are... Today's video shows you what it would take to mine 1 Bitcoin a day. To be honest, as soon as i calculated the actual numbers i was a bit shocked! But it does... How Long Does It Take To Get Your Ex Back? -----Take My FREE Quiz here----- http://www.breakupbrad.com/quiz -----...