Warning: SQLite3::querySingle(): Unable to prepare statement: 1, no such table: sites in /home/admin/web/local.example.com/public_html/index.php on line 46
 Becoming a Bitcoin Miner - A Step by Step Guide - Paybis Blog

Becoming a Bitcoin Miner - A Step by Step Guide - Paybis Blog

VeriCoin

The home for the most innovative cryptocurrency, VeriCoin and Verium VeriCoin: Proof-of-Stake-Time Protocol. PoST Verified. Verium: Proof-of-Work-Time Protocol. PoWT Verified. CPU Mine-able (GPU and ASIC Resistant)
[link]

DOWNLOAD PDF The Bitcoin Capital: of the World: How to become a Bitcoin miner, invest in Bitcoin, maximize retirement, and achieve maximal health, wealth, and wellness. By John Van Leyden

Download Here
submitted by bestebook to u/bestebook [link] [comments]

Do you want to become a Bitcoin miner? Not sure what to do or how to proceed? Here to help out on your mining related questions AMA

little back ground - learned about Bitcoin about 1 year ago, instantly ordered an ASIC miner to learn more about the creation of Bitcoin first hand. 2 weeks later we scaled up to a rented warehouse with a decent amount of power. It was gruelling and I learned the world of experience from this. When I was trying to learn more about some of the intricacies of mining I quickly realised everyone had their own take. Back then it was a lot murkier This thread is designed to help anyone who is excited about mining or is seriously considering stepping into this space. ask away!
submitted by AnalyzerX7 to Bitcoin [link] [comments]

How to mine bitcoin: A guide to bitcoin mining at home - Could YOU become a bitcoin miner?

How to mine bitcoin: A guide to bitcoin mining at home - Could YOU become a bitcoin miner? submitted by feedimo to Feedimo [link] [comments]

How to Become a Successful Bitcoin Miner

How to Become a Successful Bitcoin Miner submitted by creativeprince to BitcoinAll [link] [comments]

If bitcoin becomes extremelly valuable, the people who will have the power to change the scheduled block reward halving will be the same ones that most profit from it. How does bitcoin ensures that a majority of miners won't decide not to keep the schedule?

During the paranoid saturday thread I posted this scenario and the more I think about it, the more I believe it's inevitable to happen sometime in the future.
Suppose bitcoin achieves the most optimist scenario where its an essential part of the modern world economy, used for trade worldwide and seen as something that's not going away ever. In this scenario, each bitcoin is worth a lot and mining equipment is very expensive, mostly owned by people who are in for the money — maybe they're banks, corporations or just individuals but what matters is that the pure idealists are the minority.
Now there's a schedule block reward halving coming up. Then someone finds some flaw with that: maybe its technical, maybe it's an economic argument, what matters is that, like the Y2K or bank bailouts, its very hard to actually know how big a problem it will be until it actually happens. There's a chance it's a non issue, but there's also a chance that it will be a problem and then the whole system will be crumbling down and we can't afford that risk now can we? Bitcoin will be too big to fail.
Many heated arguments are held but you know that saying: "it's hard to make someone understand something when their paycheck depends on him not understanding it".. In the end most miners have an economic incentive to believe the issue is real: after all this hipotethical issue is not completely made up, there's some nugget of true.. More than half then agree on postponing the block reward halving until the issue is addressed. They're not creating more money, just buying some time.
But then that temporary thing becomes permanent because no one wants to halve their paycheck voluntarily. And sudennly bitcoins are expected to go over the 21 million limit. People complain but since most of the complainers holds bitcoins they don't want for everything to crash..
Once the cat is out, no one can tell what happens next. Maybe the block reward goes up. Maybe the block rewards gets permanent. Who gets to decide it? The same people who profit from it.
TLDR: At some point miners will have the power to rule over their own rewards. What prevents them from abusing it?
submitted by avsa to Bitcoin [link] [comments]

How To Become a Hobbyist Bitcoin Miner

How To Become a Hobbyist Bitcoin Miner submitted by americancouponer to Bitcoin [link] [comments]

Why Amaury's stunt is clever, why it's a potentially recurring problem, and what can be done about it

TLDR: this isn't an Amaury problem, it's an incentive problem. If BCH splits and the ABC token retains even some residual value, then we're likely to see future "IFP splits" in other tokens and possibly BCH again.
Here's my take on The Amaury Situation.
I think he wants to get out of dealing with BCH and leading the ABC team. I think he's over it. I think he wants to go do something different.
He could quit and walk away. But why do that, when he could create a perpetual income stream for himself as well?
"Dead" coins hold value
A lot of people here seem to think the ABC split will be worthless. I disagree. It will have significant value:
Let's assume ABC is only worth $20. Even under this assumption, Amaury stands to get $10 every ten minutes in perpetuity - for doing absolutely nothing. That's $60/hr. (x 24 hours, or $1440/day) in mail money. That's a decent wage - a perpetual income stream (annuity) - with literally no work required.
But I think $20 is super low. Tokens strangely hold value long after the token appears dead. For example LTC is still worth about $50 - and that's AFTER it's champion announced it was a dead project and all the devs left (and LTC is much less scarce than BCH). FFS even BSV is worth $150 and the entire cryptosphere agrees its a scamtoken run by a con artist.
If LTC and BSV can do it, so can ABC. I predict ABC token will hold significant value.
If the ABC token can hold $50/coin, then Amaury looks to collect $150/hr. (x24 hrs - $3600/day). If it can hold $100/coin, then Amaury gets $300/hr (x24 hrs - ie $7200/day).
But even if it drops to $10/token, he still gets $720 every day.
For doing nothing.
Why is this a problem
This is a serious problem with our incentives. If he succeeds, Amaury will have piloted a repeatable exit-scam recipe for any reference implementation.
"Tired of supporting your halfass token and ragtag devs? Here's an easy escape hatch! Just create a version that pays you a nice annuity, let the token split, and retire with your annuity."
That's the problem. Amaury doesn't have to keep the ticker. He just has to successfully split the token into two tradeable tokens, and he wins his annuity.
What can be done
I'm not sure. I want Amaury to lose here. I want him to get zero annuity. I want to send a clear signal to the next Amaury that splitting the token in order to collect your annuity is a losing strategy.
But I can't see how to accomplish this.
One way would be to attack his chain through reorgs. But there is no direct incentive for miners to do this. And I don't support the notion that "bitcoin works because miners attack chains they don't support."
Another would be to try to drive the value of his token to zero. But that's basically impossible. I think it will be very hard to drive the value of his token even to $20. And at even $20 he gets a nice little annuity. Not a get rich quick scheme by any stretch, but still, it'll pay for a nice mortgage. I know I wouldn't turn down the chance to get an extra grand per day of mail money. So even at $20/token, Amaury will have demonstrated that his easy retirement plan will work. We need $2/token if we want to declare his strategy an unqualified failure. We can't.
And the problem here is that if/when BCHN (or anyone else) becomes the reference client, then its leaders will have the exact same incentive to cause a split when they're tired of managing the project and want out.
Conclusion
Amaury has surfaced a possible gaping vulnerability in the incentive system which creates a perverse incentive to continually create "IFP" type splits. This vulnerability exists in all bitcoin-like tokens. Unless we can find a way to completely block Amaury from his expected revenue stream, he will be setting a precedence that we can expect to see repeated on other tokens and possibly even on BCH again one day.
Edit: I wanted to point out that dskloet has reminded us there is a third option, and that is that instead of allowing Amaury to split the coin, we can soft-fork ABC in such a way that ABC considers the blocks to be valid, but the IFP funds are unusable. The obvious way to do this (as dskloet pointed out) is to blacklist the IFP address. But blacklisting has its own consequences. Another way to do this might be to do something like make the coins sent to that address "unmovable" so that ABC clients will see the blocks paying to IFP and therefore valid, but he can't spend the money.
Edit: to clarify
What's the difference between blacklisting and making the coins unmovable? Isn't that exactly what blacklisting is?
Blacklisting means not accepting transactions from address X.
I propose instead sending "fake coins" to address X. Like putting slugs into a coin-op machine. The machine owner can still try to spend the slugs, but nobody will take them. But the machine owner can still spend any valid tokens spent in the machine.
submitted by jessquit to btc [link] [comments]

Proposal: The Sia Foundation

Vision Statement

A common sentiment is brewing online; a shared desire for the internet that might have been. After decades of corporate encroachment, you don't need to be a power user to realize that something has gone very wrong.
In the early days of the internet, the future was bright. In that future, when you sent an instant message, it traveled directly to the recipient. When you needed to pay a friend, you announced a transfer of value to their public key. When an app was missing a feature you wanted, you opened up the source code and implemented it. When you took a picture on your phone, it was immediately encrypted and backed up to storage that you controlled. In that future, people would laugh at the idea of having to authenticate themselves to some corporation before doing these things.
What did we get instead? Rather than a network of human-sized communities, we have a handful of enormous commons, each controlled by a faceless corporate entity. Hey user, want to send a message? You can, but we'll store a copy of it indefinitely, unencrypted, for our preference-learning algorithms to pore over; how else could we slap targeted ads on every piece of content you see? Want to pay a friend? You can—in our Monopoly money. Want a new feature? Submit a request to our Support Center and we'll totally maybe think about it. Want to backup a photo? You can—inside our walled garden, which only we (and the NSA, of course) can access. Just be careful what you share, because merely locking you out of your account and deleting all your data is far from the worst thing we could do.
You rationalize this: "MEGACORP would never do such a thing; it would be bad for business." But we all know, at some level, that this state of affairs, this inversion of power, is not merely "unfortunate" or "suboptimal" – No. It is degrading. Even if MEGACORP were purely benevolent, it is degrading that we must ask its permission to talk to our friends; that we must rely on it to safeguard our treasured memories; that our digital lives are completely beholden to those who seek only to extract value from us.
At the root of this issue is the centralization of data. MEGACORP can surveil you—because your emails and video chats flow through their servers. And MEGACORP can control you—because they hold your data hostage. But centralization is a solution to a technical problem: How can we make the user's data accessible from anywhere in the world, on any device? For a long time, no alternative solution to this problem was forthcoming.
Today, thanks to a confluence of established techniques and recent innovations, we have solved the accessibility problem without resorting to centralization. Hashing, encryption, and erasure encoding got us most of the way, but one barrier remained: incentives. How do you incentivize an anonymous stranger to store your data? Earlier protocols like BitTorrent worked around this limitation by relying on altruism, tit-for-tat requirements, or "points" – in other words, nothing you could pay your electric bill with. Finally, in 2009, a solution appeared: Bitcoin. Not long after, Sia was born.
Cryptography has unleashed the latent power of the internet by enabling interactions between mutually-distrustful parties. Sia harnesses this power to turn the cloud storage market into a proper marketplace, where buyers and sellers can transact directly, with no intermediaries, anywhere in the world. No more silos or walled gardens: your data is encrypted, so it can't be spied on, and it's stored on many servers, so no single entity can hold it hostage. Thanks to projects like Sia, the internet is being re-decentralized.
Sia began its life as a startup, which means it has always been subjected to two competing forces: the ideals of its founders, and the profit motive inherent to all businesses. Its founders have taken great pains to never compromise on the former, but this often threatened the company's financial viability. With the establishment of the Sia Foundation, this tension is resolved. The Foundation, freed of the obligation to generate profit, is a pure embodiment of the ideals from which Sia originally sprung.
The goals and responsibilities of the Foundation are numerous: to maintain core Sia protocols and consensus code; to support developers building on top of Sia and its protocols; to promote Sia and facilitate partnerships in other spheres and communities; to ensure that users can easily acquire and safely store siacoins; to develop network scalability solutions; to implement hardforks and lead the community through them; and much more. In a broader sense, its mission is to commoditize data storage, making it cheap, ubiquitous, and accessible to all, without compromising privacy or performance.
Sia is a perfect example of how we can achieve better living through cryptography. We now begin a new chapter in Sia's history. May our stewardship lead it into a bright future.
 

Overview

Today, we are proposing the creation of the Sia Foundation: a new non-profit entity that builds and supports distributed cloud storage infrastructure, with a specific focus on the Sia storage platform. What follows is an informal overview of the Sia Foundation, covering two major topics: how the Foundation will be funded, and what its funds will be used for.

Organizational Structure

The Sia Foundation will be structured as a non-profit entity incorporated in the United States, likely a 501(c)(3) organization or similar. The actions of the Foundation will be constrained by its charter, which formalizes the specific obligations and overall mission outlined in this document. The charter will be updated on an annual basis to reflect the current goals of the Sia community.
The organization will be operated by a board of directors, initially comprising Luke Champine as President and Eddie Wang as Chairman. Luke Champine will be leaving his position at Nebulous to work at the Foundation full-time, and will seek to divest his shares of Nebulous stock along with other potential conflicts of interest. Neither Luke nor Eddie personally own any siafunds or significant quantities of siacoin.

Funding

The primary source of funding for the Foundation will come from a new block subsidy. Following a hardfork, 30 KS per block will be allocated to the "Foundation Fund," continuing in perpetuity. The existing 30 KS per block miner reward is not affected. Additionally, one year's worth of block subsidies (approximately 1.57 GS) will be allocated to the Fund immediately upon activation of the hardfork.
As detailed below, the Foundation will provably burn any coins that it cannot meaningfully spend. As such, the 30 KS subsidy should be viewed as a maximum. This allows the Foundation to grow alongside Sia without requiring additional hardforks.
The Foundation will not be funded to any degree by the possession or sale of siafunds. Siafunds were originally introduced as a means of incentivizing growth, and we still believe in their effectiveness: a siafund holder wants to increase the amount of storage on Sia as much as possible. While the Foundation obviously wants Sia to succeed, its driving force should be its charter. Deriving significant revenue from siafunds would jeopardize the Foundation's impartiality and focus. Ultimately, we want the Foundation to act in the best interests of Sia, not in growing its own budget.

Responsibilities

The Foundation inherits a great number of responsibilities from Nebulous. Each quarter, the Foundation will publish the progress it has made over the past quarter, and list the responsibilities it intends to prioritize over the coming quarter. This will be accompanied by a financial report, detailing each area of expenditure over the past quarter, and forecasting expenditures for the coming quarter. Below, we summarize some of the myriad responsibilities towards which the Foundation is expected to allocate its resources.

Maintain and enhance core Sia software

Arguably, this is the most important responsibility of the Foundation. At the heart of Sia is its consensus algorithm: regardless of other differences, all Sia software must agree upon the content and rules of the blockchain. It is therefore crucial that the algorithm be stewarded by an entity that is accountable to the community, transparent in its decision-making, and has no profit motive or other conflicts of interest.
Accordingly, Sia’s consensus functionality will no longer be directly maintained by Nebulous. Instead, the Foundation will release and maintain an implementation of a "minimal Sia full node," comprising the Sia consensus algorithm and P2P networking code. The source code will be available in a public repository, and signed binaries will be published for each release.
Other parties may use this code to provide alternative full node software. For example, Nebulous may extend the minimal full node with wallet, renter, and host functionality. The source code of any such implementation may be submitted to the Foundation for review. If the code passes review, the Foundation will provide "endorsement signatures" for the commit hash used and for binaries compiled internally by the Foundation. Specifically, these signatures assert that the Foundation believes the software contains no consensus-breaking changes or other modifications to imported Foundation code. Endorsement signatures and Foundation-compiled binaries may be displayed and distributed by the receiving party, along with an appropriate disclaimer.
A minimal full node is not terribly useful on its own; the wallet, renter, host, and other extensions are what make Sia a proper developer platform. Currently, the only implementations of these extensions are maintained by Nebulous. The Foundation will contract Nebulous to ensure that these extensions continue to receive updates and enhancements. Later on, the Foundation intends to develop its own implementations of these extensions and others. As with the minimal node software, these extensions will be open source and available in public repositories for use by any Sia node software.
With the consensus code now managed by the Foundation, the task of implementing and orchestrating hardforks becomes its responsibility as well. When the Foundation determines that a hardfork is necessary (whether through internal discussion or via community petition), a formal proposal will be drafted and submitted for public review, during which arguments for and against the proposal may be submitted to a public repository. During this time, the hardfork code will be implemented, either by Foundation employees or by external contributors working closely with the Foundation. Once the implementation is finished, final arguments will be heard. The Foundation board will then vote whether to accept or reject the proposal, and announce their decision along with appropriate justification. Assuming the proposal was accepted, the Foundation will announce the block height at which the hardfork will activate, and will subsequently release source code and signed binaries that incorporate the hardfork code.
Regardless of the Foundation's decision, it is the community that ultimately determines whether a fork is accepted or rejected – nothing can change that. Foundation node software will never automatically update, so all forks must be explicitly adopted by users. Furthermore, the Foundation will provide replay and wipeout protection for its hard forks, protecting other chains from unintended or malicious reorgs. Similarly, the Foundation will ensure that any file contracts formed prior to a fork activation will continue to be honored on both chains until they expire.
Finally, the Foundation also intends to pursue scalability solutions for the Sia blockchain. In particular, work has already begun on an implementation of Utreexo, which will greatly reduce the space requirements of fully-validating nodes (allowing a full node to be run on a smartphone) while increasing throughput and decreasing initial sync time. A hardfork implementing Utreexo will be submitted to the community as per the process detailed above.
As this is the most important responsibility of the Foundation, it will receive a significant portion of the Foundation’s budget, primarily in the form of developer salaries and contracting agreements.

Support community services

We intend to allocate 25% of the Foundation Fund towards the community. This allocation will be held and disbursed in the form of siacoins, and will pay for grants, bounties, hackathons, and other community-driven endeavours.
Any community-run service, such as a Skynet portal, explorer or web wallet, may apply to have its costs covered by the Foundation. Upon approval, the Foundation will reimburse expenses incurred by the service, subject to the exact terms agreed to. The intent of these grants is not to provide a source of income, but rather to make such services "break even" for their operators, so that members of the community can enrich the Sia ecosystem without worrying about the impact on their own finances.

Ensure easy acquisition and storage of siacoins

Most users will acquire their siacoins via an exchange. The Foundation will provide support to Sia-compatible exchanges, and pursue relevant integrations at its discretion, such as Coinbase's new Rosetta standard. The Foundation may also release DEX software that enables trading cryptocurrencies without the need for a third party. (The Foundation itself will never operate as a money transmitter.)
Increasingly, users are storing their cryptocurrency on hardware wallets. The Foundation will maintain the existing Ledger Nano S integration, and pursue further integrations at its discretion.
Of course, all hardware wallets must be paired with software running on a computer or smartphone, so the Foundation will also develop and/or maintain client-side wallet software, including both full-node wallets and "lite" wallets. Community-operated wallet services, i.e. web wallets, may be funded via grants.
Like core software maintenance, this responsibility will be funded in the form of developer salaries and contracting agreements.

Protect the ecosystem

When it comes to cryptocurrency security, patching software vulnerabilities is table stakes; there are significant legal and social threats that we must be mindful of as well. As such, the Foundation will earmark a portion of its fund to defend the community from legal action. The Foundation will also safeguard the network from 51% attacks and other threats to network security by implementing softforks and/or hardforks where necessary.
The Foundation also intends to assist in the development of a new FOSS software license, and to solicit legal memos on various Sia-related matters, such as hosting in the United States and the EU.
In a broader sense, the establishment of the Foundation makes the ecosystem more robust by transferring core development to a more neutral entity. Thanks to its funding structure, the Foundation will be immune to various forms of pressure that for-profit companies are susceptible to.

Drive adoption of Sia

Although the overriding goal of the Foundation is to make Sia the best platform it can be, all that work will be in vain if no one uses the platform. There are a number of ways the Foundation can promote Sia and get it into the hands of potential users and developers.
In-person conferences are understandably far less popular now, but the Foundation can sponsor and/or participate in virtual conferences. (In-person conferences may be held in the future, permitting circumstances.) Similarly, the Foundation will provide prizes for hackathons, which may be organized by community members, Nebulous, or the Foundation itself. Lastly, partnerships with other companies in the cryptocurrency space—or the cloud storage space—are a great way to increase awareness of Sia. To handle these responsibilities, one of the early priorities of the Foundation will be to hire a marketing director.

Fund Management

The Foundation Fund will be controlled by a multisig address. Each member of the Foundation's board will control one of the signing keys, with the signature threshold to be determined once the final composition of the board is known. (This threshold may also be increased or decreased if the number of board members changes.) Additionally, one timelocked signing key will be controlled by David Vorick. This key will act as a “dead man’s switch,” to be used in the event of an emergency that prevents Foundation board members from reaching the signature threshold. The timelock ensures that this key cannot be used unless the Foundation fails to sign a transaction for several months.
On the 1st of each month, the Foundation will use its keys to transfer all siacoins in the Fund to two new addresses. The first address will be controlled by a high-security hot wallet, and will receive approximately one month's worth of Foundation expenditures. The second address, receiving the remaining siacoins, will be a modified version of the source address: specifically, it will increase the timelock on David Vorick's signing key by one month. Any other changes to the set of signing keys, such as the arrival or departure of board members, will be incorporated into this address as well.
The Foundation Fund is allocated in SC, but many of the Foundation's expenditures must be paid in USD or other fiat currency. Accordingly, the Foundation will convert, at its discretion, a portion of its monthly withdrawals to fiat currency. We expect this conversion to be primarily facilitated by private "OTC" sales to accredited investors. The Foundation currently has no plans to speculate in cryptocurrency or other assets.
Finally, it is important that the Foundation adds value to the Sia platform well in excess of the inflation introduced by the block subsidy. For this reason, the Foundation intends to provably burn, on a quarterly basis, any coins that it cannot allocate towards any justifiable expense. In other words, coins will be burned whenever doing so provides greater value to the platform than any other use. Furthermore, the Foundation will cap its SC treasury at 5% of the total supply, and will cap its USD treasury at 4 years’ worth of predicted expenses.
 
Addendum: Hardfork Timeline
We would like to see this proposal finalized and accepted by the community no later than September 30th. A new version of siad, implementing the hardfork, will be released no later than October 15th. The hardfork will activate at block 293220, which is expected to occur around 12pm EST on January 1st, 2021.
 
Addendum: Inflation specifics
The total supply of siacoins as of January 1st, 2021 will be approximately 45.243 GS. The initial subsidy of 1.57 GS thus increases the supply by 3.47%, and the total annual inflation in 2021 will be at most 10.4% (if zero coins are burned). In 2022, total annual inflation will be at most 6.28%, and will steadily decrease in subsequent years.
 

Conclusion

We see the establishment of the Foundation as an important step in the maturation of the Sia project. It provides the ecosystem with a sustainable source of funding that can be exclusively directed towards achieving Sia's ambitious goals. Compared to other projects with far deeper pockets, Sia has always punched above its weight; once we're on equal footing, there's no telling what we'll be able to achieve.
Nevertheless, we do not propose this change lightly, and have taken pains to ensure that the Foundation will act in accordance with the ideals that this community shares. It will operate transparently, keep inflation to a minimum, and respect the user's fundamental role in decentralized systems. We hope that everyone in the community will consider this proposal carefully, and look forward to a productive discussion.
submitted by lukechampine to siacoin [link] [comments]

Minimum Viable Issuance - Why Ethereum’s lack of a hard cap on ETH issuance is a good thing.

This post will explain how the argument used by the average Bitcoin maximalist, thinking that they have found Ethereum’s achilles heel when talking about issuance is actually highlighting one of Ethereum’s strong points and one of the main threats to the longevity of the Bitcoin network.
So first let’s answer the question which I know many people have about Ethereum:

What is Ethereum’s ETH issuance schedule?

Ethereum has an issuance policy of Minimum Viable Issuance. So what does this mean exactly? It means that the issuance of ETH will be as low as possible while also maintaining a sufficient budget to pay miners (and soon to be stakers) to keep the network secure. For example, if ETH issuance was halved, miners would drop off the network and stop mining as it is no longer profitable for them to mine. As a result, the network would be less secure as it would cost less money for an attacker to control 51% of the hash power and attack the network. This means that the Ethereum community plans to change ETH issuance as time goes on to maintain a reasonable security budget which will keep the network secure but will also keep inflation in check. We have done this twice in the past with EIP-649 and EIP-1234 which reduced block rewards from 5 ETH per block to 3 ETH and from 3 ETH to 2 ETH respectively. I previously made a graph of ETH issuance over time here: https://redd.it/it8ce7
So while Ethereum doesn’t have a strictly defined issuance schedule, the community will reject any proposals which either put the security of the network at risk such as the recent EIP-2878, or we will reject proposals which will lead to excessive network security and therefore an unnecessarily high inflation rate (or we will accept proposals which reduce issuance after price rises and therefore the security budget rises). This means that when Bitcoiners accuse the Ethereum Foundation of being no better than a central bank because they can “print more Ether”, this is completely untrue. Any proposals made by the EF which would increase issuance unnecessarily would be rejected by the community in the same way that a proposal to increase the supply of Bitcoin from 21 million to 22 million would be rejected. There is a social contract around both Bitcoin’s and Ethereum’s issuance schedules. Any networks or proposals which break the social contracts of 21 million Bitcoins and minimal viable issuance of Ether would be a breach of these contracts and the new proposed network would be labeled by the community as illegitimate and the original network would live on.

So why is minimum viable issuance better than a hard cap?

Minimum viable issuance is better than a hard cap because it puts the most important part of the network first - the security. MVI ensures that the Ethereum network will always have a security budget which keeps the cost of a 51% attack impractically high. Bitcoin on the other hand, halves its security budget every 4 years until eventually only the transaction fees pay for network security. This means that every 4 years, the amount of money paying for network security halves until eventually, the value of attacking the network becomes greater than the security budget and someone performs a 51% attack (technically the security budget only halves if terms of BTC not in dollars. However, even if the price of Bitcoin more than doubles in the time that the security budget halves, the ratio of security budget to value secured on the network still halves, doubling the financial viability of performing a network attack). The strategy to pay for the security budget once Bitcoin issuance stops is for transaction fees to secure the network since transaction fees are paid to miners. Not only does this have its own security problems which I won’t detail here, but unless Bitcoin scales on layer 1 (layer 2 scaling solutions have their own security mechanisms separate from L1), then fees would have to cost well in the thousands of dollars to secure a trillion dollar market cap Bitcoin that is secured by nothing but fees. If Bitcoin maximalists want a 10 trillion or 100 trillion dollar market cap then expect fees to go up another 10 or 100 times from there.
Ethereum on the other hand, will be able to keep its network secure with approximately 1-2% annual issuance being paid to stakers under ETH 2.0. This is because not all of the network will be staking, so if 33 million of the approximately 110 million Ether in existence stakes under ETH 2.0, then paying this 33 million Ether 6% a year (a very decent yield!) would cost just under 2 million ETH per year which would equate to less than 2% annual ETH inflation. This is also before considering EIP-1559 which will burn a portion of transaction fees which will counter the effect of this inflation and potentially even make ETH deflationary if the sum of all burned transaction fees are greater than the annual inflation. Also, under ETH 2.0, an attacker performing a 51% attack would get his funds slashed (they would lose their funds) if they attack the network, meaning that they can only perform a 51% attack once. However, in Bitcoin, anyone who controls 51% of the mining hash power could perform multiple 51% attacks without losing everything like they could in ETH 2.0.
So in conclusion, while Ethereum doesn’t have the guaranteed anti-inflation security of a hard cap, it does have the guarantee of always paying it’s miners (or stakers under ETH 2.0) enough to keep the network secure. In contrast, while Bitcoin’s social contract may guarantee a hard cap of 21 million, it cannot simultaneously guarantee network security in the long run. Eventually, its users will have to decide if they want a secure network with more than 21 million coins or a tax to pay for security or an insecure network with super high fees and a hard cap of 21 million Bitcoin.
Disclaimer: The details I covered around 51% attacks and network security are simplified. I am not an expert in this field and things are a lot more nuanced than I laid out in my simplifications above.
submitted by Tricky_Troll to ethfinance [link] [comments]

HEX is basically a scam, a pyramid scheme

HEX is a cryptocurrency token built on Ethereum that promises infinity rewards for staking. In the official website, it says:
HEX IS NOT A PONZI.
Yes, I agree. It's not a Ponzi scam. It's a Pyramid scam.
In HEX, no one owes you anything. You mint your own HEX rewards yourself when you end your stake. Like how Bitcoin miners mint their own Bitcoin rewards. You are the network.
That's basically minting value out of thin air. Wow, maybe HEX has an angel backing it that loves to give away free money.
There are no middlemen or managers in HEX. HEX rewards are dynamic like Bitcoin mining rewards. No one in the world can promise you how much you might make running HEX, because no one knows how valuable HEX will become. HEX puts you in charge!
The funds in traditional banks can give interest because they use it to provide loans for businesses. Without anything of that sort, how the hell can HEX continue to provide "high interests"?
It's totally a Pyramid Scheme. It works by giving people a false hope that their money is going up in value. But they can't withdraw it as it is locked up.
It can go up and up by making stupid people believe the balance sheet they see in their portfolio is what they will get. It's basically utilizing the greed of people with the lure of more money without actually giving more money.
All the new money or interest is generated from inflation. It works by getting more people to buy it with referral programs. But when enough idiots of brought it, there won't be any more losers to refer to.
Hence, the pyramid will collapse.
submitted by littleboy0k to CryptoCurrency [link] [comments]

"Is there going to be a split?"

This question is (understandably) asked all the time by people coming to the BCHN telegram for clarity on what has become a pretty unclear situation. It's not an easy question to answer, though, so I wanted to make this post that people could refer to. Here's my take on answering that question:
It's impossible to know 100% for sure if there will be a split, because it's impossible to know for sure how all the relevant parties will behave. For there to be a split, two node implementations need to irreconcilably disagree on a consensus-related issue, both need to release code with those conflicting consensus rules, and then miners need to also be split enough on the issue for both chains to have enough hashpower to be viable.
The narrative that there is ALMOST DEFINITELY going to be a split seems to have been dumped on us out of nowhere a month or so ago, along with what I consider to be increasingly unreasonable behavior from Bitcoin ABC. The tin foil hat in my heart finds that suspicious. (And between the IFP and recent Grasberg proposal, it almost seems like ABC is doing it's best to propose things that make a split as likely as possible.) This political baggage doesn't really matter though, in the grand scheme of things.
What matters is that BCHN is, as far as I can tell, just trying to be a reasonable and professional node implementation for Bitcoin Cash. If sticking to those principals leads to a divergence from ABC on a consensus related issue, whatever issue that actually would end up being, then that's how it will be. And it wouldn't be the case that "BCHN split the chain", nor would it be the case that "ABC split the chain". It would just be the case that two groups released node implementations with different consensus rules from each other. (And then, if a non-negligible amount of hashpower mines using both clients, then there would indeed be a chain split caused by that situation.)
Keeping BCH unified is obviously a HUGE priority for BCHN. Their initial release of what was effectively a non-IFP version of Bitcoin ABC was even designed so that, if the IFP activated with a majority of the hashpower, miners mining with BCHN would follow that longer chain, instead of rejecting IFP blocks as "invalid" or anything like that. This is in stark contrast to the narrative I've seen flooding this sub recently with claims that BCHN tried to split the chain this past upgrade, and are trying to split the chain again this November. So please take the time to consider which sides of these inevitable disagreements are being reasonable, and which are not, make sure to fact check and ask for sources for any claims you see being made that you can't verify or debunk on your own, and remember that, while chain splits are messy unfortunate things (at least in the short term), if there's an irreconcilable disagreement, it's definitely better for those parties to go their separate ways. I hope that that doesn't have to happen anytime soon for BCH.
submitted by AD1AD to btc [link] [comments]

A theory of why Ethereum is perhaps better "sound money" than Bitcoin.

The idea of Bitcoin's supremacy as "sound money" is very frequently thrown around by the biggest talking heads in the crypto world. I know I will get a lot of hate for suggesting that this theory is not only flawed, but it is straight up wrong. As unintuitive as it may sound to Bitcoin maximalists (no offense intended) I believe Ethereum is on the path to becoming the global leading asset and model for sound money... give me a chance to explain why.

  1. The idea that nothing can change Bitcoin's issuance schedule is a myth. There is absolutely no divine power controlling the supply of Bitcoin. Contrary to what is commonly asserted, Bitcoin's issuance protocol is not primarily driven by what is currently implemented. The real driver is consensus: the majority of network participants must agree that what is currently defined cannot be changed. There is an underlying assumption that the consensus would never want to change Bitcoin's issuance. On the surface this makes for a nice "sound money" narrative, but it is false premise and sticking to it could be ultimately detrimental. It presents a long term sustainability issue (the hope that somehow Bitcoin's base layer will scale enough to maintain security entirely through fees). It also completely dismisses the possibility that an unforeseen event could create pressure to change the issuance. If Bitcoin managed to create a consensus mechanism that did not rely on mining, it is very likely there would be consensus to reduce issuance. On the other hand, if some potentially catastrophic event would create incentives to increase the issuance, it would only make sense for the network to do so.
  2. Issuance flexibility is not fundamentally bad. Etheruem's approach to adjust the issuance according to the contextual circumstances has resulted in a faster rate of issuance reduction than what was originally defined in the protocol. The rate of issuance will continue to decrease as new developments allow for it to happen without compromising the network security. There is a very high probability that Ethereum will achieve a lower issuance rate than Bitcoin in the next two years, and it could possibly achieve zero issuance in the next five years. This would be a result of a successful implementation of PoS, sharding and EIP-1559.
  3. The root of all evil is Proof of Work. PoW is by far the primary cost of operating the Bitcoin network. It is the primary determinant of how much issuance is needed as a financial incentive to keep miners doing their thing. The very mechanism that secures the network's decentralization is unfortunately quite wasteful. The degree of decentralization is a direct result of how much random mathematical operations are being done by miners.
  4. There is a better way. Some people will take offense by the use of the word wasteful, and they claim that it is not because those mindless calculations are what is actually securing the network. However, its wasteful aspect becomes clear if there is a different way to achieve equal or superior decentralization without the need to crunch difficult computational problems. This just so happens to be embodied in Ethereum's design of Proof of Stake. It will drastically reduce the cost of securing the network, while providing at least 2-3% annual returns for the ownership of Ether. When Ethereum's issuance becomes lower than its staking rewards, it will effectively have achieved the same effect as having zero (or possibly negative) issuance.
  5. The value proposition of Ethereum 2.0 is unmatched. There is just absolutely no asset in the world that has a 2-3% self-denominated annual returns and just so happens to be rapidly appreciating. When wall-street's greed sees this, it will create the mother of all bubbles.
  6. Don't dismiss the flippening. On February 01 2018 Ethereum reached 70% of Bitcoin's marked cap (it was even closer if you account for the amount of lost bitcoins). That happened before DEFI, before proof of staking was within reach, before multiple effective layer 2 solutions were a thing, before wrapped Bitcoins and before the first signs of mass adoption were on the horizon (like integration with Reddit , VISA and potential to compete with SWIFT). Utility is a huge factor in driving prices, lets not forget how Silk Road played a key role into propelling Bitcoin's value. Yes, Ethereum crashed hard after the peak in 2018, but perhaps it is simply manifesting a higher volatility pattern that is reminiscent of Bitcoin's early years. Bitcoin's first 5 years were characterized by aggressive price swings, why should it be different for Etheruem (considering it is about 5 years younger than Bitcoin)? If the volatility patterns stands on this bull market, we will see a flippening.
So... do I think Etheruem will flip? Yes I do, but I still hold Bitcoin. No one has a crystal ball, and nothing is certain. Perhaps Etheruem will crash and burn, perhaps Bitcoin will become the next Yahoo, and perhaps they will both thrive in this new exciting crypto world.
submitted by TheWierdGuy to ethereum [link] [comments]

Reasons why NANO fails and will keep failing until some things change

Dear NANO community,
This is going to be a long post where I will discuss why NANO under performed and will keep under performing in this bull run unless some things change.
I'm going to start up with straight facts with the famous quote of Floyd Mayweather: "Men lie, women lie, numbers don't lie".
If you feel offended by some of this, facts don't care about your feelings.
Technical Analysis
In the time where BTC Dominance fell from peak of 74% to 56% and keeps falling, NANO has moved from its low of 0.0000640 sats to a price of 0.0000950 sats. That is about 50% gain if you bought on the absolute low, but looking at the monthly chart, we can see that NANO has basically been in the range of 0.0001400 sats to 0.0000750 sats ever since July of 2019 (for more than 2 years).
https://charts.cointrader.pro/snapshot/zaXzV
The all time high of NANO was 0.0028, so this price is currently 96% down in terms of BTC .
https://charts.cointrader.pro/snapshot/tTF4J
With this price NANO is falling out of top 100 cryptocurrency based on market cap.

My thoughts: Considering that entire altcoin market is moving and that it keeps reaching new highs, this is very concerning for NANO and one can only ask themselves why does NANO keep falling behind?
Why does on every Bitcoin pump price falls hardest and on every day when other altcoins go up 30%, NANO only goes up 10%.
Reasons why NANO is lagging on the market:
We all know that NANO has near instantaneous transactions and is fee-less which is why most of us fell in love with this cryptocurrency.
Problem is that it has little to no adoption. What does it matter if NANO is feeless, when you don't have an exchange that will make a NANO/USD conversion for 0%.
Who cares if STR, XRP and other fast coins have like 0.01$ fee if either way, exchange will take 1% or more fees from you.?
If XRP has better exchange, they can easily be more cost efficient than NANO because of this problem. Devs need to be much more proactive rather than sit and wait while entire market is eating you alive.
Proposed solution: Nano needs to invest more in marketing and in making a deal with exchange that will be liquid enough and provide little to no fees on NANO.

I am a NANO holder ever since 2018 and it's been a long ride with constant buying at the end of each month with average buy of 2$ when I look at it totally.
This is not that bad considering NANO's massive fall and what some other holders had to go through.
Let's remind ourselves again, NANO has 0% inflation. And yet NANO's price doesn't grow. Where as other cryptocurrencies have 5-10% inflation and they are over-performing NANO massively.
NANO holders get no rewards from holding NANO which is a big problem. People call this an advantage and I somewhat agree, but NANO holders need to be rewarded with something, because crypto space doesn't care about inflation.
Proposed solution: Introduce POS (Proof of Stake) with inflation of 5% where NANO holders will be able to stake their NANO and receive 5% more NANO each year. You can do this or make it 6% and after each 2 years, there is halving of inflation. Imagine how coins get hyped when their rewards per year get cut in half. NANO has 0% inflation and it doesn't get any hype. It's already scarce, but people fail to see it.

Current bull run has been ignited with DEFI and because people see that they can earn up to 3-5% daily income just for holding ERC20 token like BAT, BAL, LINK etc. There's even been introudect WBTC (Wrapped Bitcoin) and WETH (Wrapped Ethereum), which means that people can hold their cryptocurrency which they would hold even if there weren't any rewards and they get 3-5% daily income + the chance of the DEFI coin actually pumping by 1000+% which many of them have done in the past month.
Because of all of this people are massively buying ERC20 tokens just to get these gains daily.
What has NANO do to interact with this entire DEFI space? Absolutely nothing.
Did they try to introduce wNANO (wrapped NANO) like Ethereum and Bitcoin did? No.
They just kept working on some other bullshit even-though protocol is in of itself 99% perfect and working. They keep focusing their energy on technology when technology is already better than anything else on the crypto market. NANO is currently the best fast cryptocurrency and it is not even close.
Proposed solution: Devs need to start focusing energy on things that matter and which will help the price and not dump their stash and blindly look how everything else keeps growing.

This is similar to reason number 2 but it has to be said separately. Just ask yourself, who benefits of BTC markets? Miners.
Who benefits of any other POS market? All of the holders.
And then with this money you can finance devs which will work on the currency and will by this raise the price and the whole cycle repeats itself.
So all of these things have in common that people are making money of doing something for the ecosystem. On one hand resources get paid, on the other people that are loyal to the project.
NANO has one of the best and largest communities in cryptocurrency and numbers confirm this, yet there is no special way for any of us to benefit of of this. Everything is open source and people make everything for free.
Proposed solution: Introduce mechanism so that community members can earn money of holding NANO.

Conclusion: Nano is an amazing currency, but there are many things that need to fall in place in order for it to stop falling behind the market.
It's sad that investing in what is called a "safest" altcoin Ethereum, would've made you much better gains than even buying NANO on the all time low would.
This post is meant to be constructive criticism and to in the end open peoples mind on current problem NANO has in the space.
Please share this post so more people and hopefully devs can see it and so that we all as a community can start working towards our goal of NANO becoming one of most utilized cryptocurrencies in the world.
submitted by bizi0909 to nanotrade [link] [comments]

Taproot, CoinJoins, and Cross-Input Signature Aggregation

It is a very common misconception that the upcoming Taproot upgrade helps CoinJoin.
TLDR: The upcoming Taproot upgrade does not help equal-valued CoinJoin at all, though it potentially increases the privacy of other protocols, such as the Lightning Network, and escrow contract schemes.
If you want to learn more, read on!

Equal-valued CoinJoins

Let's start with equal-valued CoinJoins, the type JoinMarket and Wasabi use. What happens is that some number of participants agree on some common value all of them use. With JoinMarket the taker defines this value and pays the makers to agree to it, with Wasabi the server defines a value approximately 0.1 BTC.
Then, each participant provides inputs that they unilaterally control, totaling equal or greater than the common value. Typically since each input is unilaterally controlled, each input just requires a singlesig. Each participant also provides up to two addresses they control: one of these will be paid with the common value, while the other will be used for any extra value in the inputs they provided (i.e. the change output).
The participants then make a single transaction that spends all the provided inputs and pays out to the appropriate outputs. The inputs and outputs are shuffled in some secure manner. Then the unsigned transaction is distributed back to all participants.
Finally, each participant checks that the transaction spends the inputs it provided (and more importantly does not spend any other coins it might own that it did not provide for this CoinJoin!) and that the transaction pays out to the appropriate address(es) it controls. Once they have validated the transaction, they ratify it by signing for each of the inputs it provided.
Once every participant has provided signatures for all inputs it registered, the transaction is now completely signed and the CoinJoin transaction is now validly confirmable.
CoinJoin is a very simple and direct privacy boost, it requires no SCRIPTs, needs only singlesig, etc.

Privacy

Let's say we have two participants who have agreed on a common amount of 0.1 BTC. One provides a 0.105 coin as input, the other provides a 0.114 coin as input. This results in a CoinJoin with a 0.105 coin and a 0.114 coin as input, and outputs with 0.1, 0.005, 0.014, and 0.1 BTC.
Now obviously the 0.005 output came from the 0.105 input, and the 0.014 output came from the 0.114 input.
But the two 0.1 BTC outputs cannot be correlated with either input! There is no correlating information, since either output could have come from either input. That is how common CoinJoin implementations like Wasabi and JoinMarket gain privacy.

Banning CoinJoins

Unfortunately, large-scale CoinJoins like that made by Wasabi and JoinMarket are very obvious.
All you have to do is look for a transactions where, say, more than 3 outputs are the same equal value, and the number of inputs is equal or larger than the number of equal-valued outputs. Thus, it is trivial to identify equal-valued CoinJoins made by Wasabi and JoinMarket. You can even trivially differentiate them: Wasabi equal-valued CoinJoins are going to have a hundred or more inputs, with outputs that are in units of approximately 0.1 BTC, while JoinMarket CoinJoins have equal-valued outputs of less than a dozen (between 4 to 6 usually) and with the common value varying wildly from as low as 0.001 BTC to as high as a dozen BTC or more.
This has led to a number of anti-privacy exchanges to refuse to credit custodially-held accounts if the incoming deposit is within a few hops of an equal-valued CoinJoin, usually citing concerns about regulations. Crucially, the exchange continues to hold private keys for those "banned" deposits, and can still spend them, thus this is effectively a theft. If your exchange does this to you, you should report that exchange as stealing money from its customers. Not your keys not your coins.
Thus, CoinJoins represent a privacy tradeoff:

Taproot

Let's now briefly discuss that nice new shiny thing called Taproot.
Taproot includes two components:
This has some nice properties:

Taproot DOES NOT HELP CoinJoin

So let's review!
CoinJoin:
Taproot:
There is absolutely no overlap. Taproot helps things that CoinJoin does not use. CoinJoin uses things that Taproot does not improve.

B-but They Said!!

A lot of early reporting on Taproot claimed that Taproot benefits CoinJoin.
What they are confusing is that earlier drafts of Taproot included a feature called cross-input signature aggregation.
In current Bitcoin, every input, to be spent, has to be signed individually. With cross-input signature aggregation, all inputs that support this feature are signed with a single signature that covers all those inputs. So for example if you would spend two inputs, current Bitcoin requires a signature for each input, but with cross-input signature aggregation you can sign both of them with a single signature. This works even if the inputs have different public keys: two inputs with cross-input signature aggregation effectively define a 2-of-2 public key, and you can only sign for that input if you know the private keys for both inputs, or if you are cooperatively signing with somebody who knows the private key of the other input.
This helps CoinJoin costs. Since CoinJoins will have lots of inputs (each participant will provide at least one, and probably will provide more, and larger participant sets are better for more privacy in CoinJoin), if all of them enabled cross-input signature aggregation, such large CoinJoins can have only a single signature.
This complicates the signing process for CoinJoins (the signers now have to sign cooperatively) but it can be well worth it for the reduced signature size and onchain cost.
But note that the while cross-input signature aggregation improves the cost of CoinJoins, it does not improve the privacy! Equal-valued CoinJoins are still obvious and still readily bannable by privacy-hating exchanges. It does not improve the privacy of CoinJoin. Instead, see https://old.reddit.com/Bitcoin/comments/gqb3udesign_for_a_coinswap_implementation_fo

Why isn't cross-input signature aggregation in?

There's some fairly complex technical reasons why cross-input signature aggregation isn't in right now in the current Taproot proposal.
The primary reason was to reduce the technical complexity of Taproot, in the hope that it would be easier to convince users to activate (while support for Taproot is quite high, developers have become wary of being hopeful that new proposals will ever activate, given the previous difficulties with SegWit).
The main technical complexity here is that it interacts with future ways to extend Bitcoin.
The rest of this writeup assumes you already know about how Bitcoin SCRIPT works. If you don't understand how Bitcoin SCRIPT works at the low-level, then the TLDR is that cross-input signature aggregation complicates how to extend Bitcoin in the future, so it was deferred to let the develoeprs think more about it.
(this is how I understand it; perhaps pwuille or ajtowns can give a better summary.)
In detail, Taproot also introduces OP_SUCCESS opcodes. If you know about the OP_NOP opcodes already defined in current Bitcoin, well, OP_SUCCESS is basically "OP_NOP done right".
Now, OP_NOP is a do-nothing operation. It can be replaced in future versions of Bitcoin by having that operation check some condition, and then fail if the condition is not satisfied. For example, both OP_CHECKLOCKTIMEVERIFY and OP_CHECKSEQUENCEVERIFY were previously OP_NOP opcodes. Older nodes will see an OP_CHECKLOCKTIMEVERIFY and think it does nothing, but newer nodes will check if the nLockTime field has a correct specified value, and fail if the condition is not satisfied. Since most of the nodes on the network are using much newer versions of the node software, older nodes are protected from miners who try to misspend any OP_CHECKLOCKTIMEVERIFY/OP_CHECKSEQUENCEVERIFY, and those older nodes will still remain capable of synching with the rest of the network: a dedication to strict backward-compatibility necessary for a consensus system.
Softforks basically mean that a script that passes in the latest version must also be passing in all older versions. A script cannot be passing in newer versions but failing in older versions, because that would kick older nodes off the network (i.e. it would be a hardfork).
But OP_NOP is a very restricted way of adding opcodes. Opcodes that replace OP_NOP can only do one thing: check if some condition is true. They can't push new data on the stack, they can't pop items off the stack. For example, suppose instead of OP_CHECKLOCKTIMEVERIFY, we had added a OP_GETBLOCKHEIGHT opcode. This opcode would push the height of the blockchain on the stack. If this command replaced an older OP_NOP opcode, then a script like OP_GETBLOCKHEIGHT 650000 OP_EQUAL might pass in some future Bitcoin version, but older versions would see OP_NOP 650000 OP_EQUAL, which would fail because OP_EQUAL expects two items on the stack. So older versions will fail a SCRIPT that newer versions will pass, which is a hardfork and thus a backwards incompatibility.
OP_SUCCESS is different. Instead, old nodes, when parsing the SCRIPT, will see OP_SUCCESS, and, without executing the body, will consider the SCRIPT as passing. So, the OP_GETBLOCKHEIGHT 650000 OP_EQUAL example will now work: a future version of Bitcoin might pass it, and existing nodes that don't understand OP_GETBLOCKHEIGHT will se OP_SUCCESS 650000 OP_EQUAL, and will not execute the SCRIPT at all, instead passing it immediately. So a SCRIPT that might pass in newer versions will pass for older versions, which keeps the back-compatibility consensus that a softfork needs.
So how does OP_SUCCESS make things difficult for cross-input signatur aggregation? Well, one of the ways to ask for a signature to be verified is via the opcodes OP_CHECKSIGVERIFY. With cross-input signature aggregation, if a public key indicates it can be used for cross-input signature aggregation, instead of OP_CHECKSIGVERIFY actually requiring the signature on the stack, the stack will contain a dummy 0 value for the signature, and the public key is instead added to a "sum" public key (i.e. an n-of-n that is dynamically extended by one more pubkey for each OP_CHECKSIGVERIFY operation that executes) for the single signature that is verified later by the cross-input signature aggregation validation algorithm00.
The important part here is that the OP_CHECKSIGVERIFY has to execute, in order to add its public key to the set of public keys to be checked in the single signature.
But remember that an OP_SUCCESS prevents execution! As soon as the SCRIPT is parsed, if any opcode is OP_SUCCESS, that is considered as passing, without actually executing the SCRIPT, because the OP_SUCCESS could mean something completely different in newer versions and current versions should assume nothing about what it means. If the SCRIPT contains some OP_CHECKSIGVERIFY command in addition to an OP_SUCCESS, that command is not executed by current versions, and thus they cannot add any public keys given by OP_CHECKSIGVERIFY. Future versions also have to accept that: if they parsed an OP_SUCCESS command that has a new meaning in the future, and then execute an OP_CHECKSIGVERIFY in that SCRIPT, they cannot add the public key into the same "sum" public key that older nodes use, because older nodes cannot see them. This means that you might need more than one signature in the future, in the presence of an opcode that replaces some OP_SUCCESS.
Thus, because of the complexity of making cross-input signature aggregation work compatibly with future extensions to the protocol, cross-input signature aggregation was deferred.
submitted by almkglor to Bitcoin [link] [comments]

Minimum Viable Issuance - Why Ethereum’s lack of a hard cap on ETH issuance is a good thing.

This post will explain how the argument used by the average Bitcoin maximalist, thinking that they have found Ethereum’s achilles heel when talking about issuance is actually highlighting one of Ethereum’s strong points and one of the main threats to the longevity of the Bitcoin network.
So first let’s answer the question which I know many people have about Ethereum:

What is Ethereum’s ETH issuance schedule?

Ethereum has an issuance policy of Minimum Viable Issuance. So what does this mean exactly? It means that the issuance of ETH will be as low as possible while also maintaining a sufficient budget to pay miners (and soon to be stakers) to keep the network secure. For example, if ETH issuance was halved, miners would drop off the network and stop mining as it is no longer profitable for them to mine. As a result, the network would be less secure as it would cost less money for an attacker to control 51% of the hash power and attack the network. This means that the Ethereum community plans to change ETH issuance as time goes on to maintain a reasonable security budget which will keep the network secure but will also keep inflation in check. We have done this twice in the past with EIP-649 and EIP-1234 which reduced block rewards from 5 ETH per block to 3 ETH and from 3 ETH to 2 ETH respectively. I previously made a graph of ETH issuance over time here: https://redd.it/it8ce7
So while Ethereum doesn’t have a strictly defined issuance schedule, the community will reject any proposals which either put the security of the network at risk such as the recent EIP-2878, or we will reject proposals which will lead to excessive network security and therefore an unnecessarily high inflation rate (or we will accept proposals which reduce issuance after price rises and therefore the security budget rises). This means that when Bitcoiners accuse the Ethereum Foundation of being no better than a central bank because they can “print more Ether”, this is completely untrue. Any proposals made by the EF which would increase issuance unnecessarily would be rejected by the community in the same way that a proposal to increase the supply of Bitcoin from 21 million to 22 million would be rejected. There is a social contract around both Bitcoin’s and Ethereum’s issuance schedules. Any networks or proposals which break the social contracts of 21 million Bitcoins and minimal viable issuance of Ether would be a breach of these contracts and the new proposed network would be labeled by the community as illegitimate and the original network would live on.

So why is minimum viable issuance better than a hard cap?

Minimum viable issuance is better than a hard cap because it puts the most important part of the network first - the security. MVI ensures that the Ethereum network will always have a security budget which keeps the cost of a 51% attack impractically high. Bitcoin on the other hand, halves its security budget every 4 years until eventually only the transaction fees pay for network security. This means that every 4 years, the amount of money paying for network security halves until eventually, the value of attacking the network becomes greater than the security budget and someone performs a 51% attack (technically the security budget only halves if terms of BTC not in dollars. However, even if the price of Bitcoin more than doubles in the time that the security budget halves, the ratio of security budget to value secured on the network still halves, doubling the financial viability of performing a network attack). The strategy to pay for the security budget once Bitcoin issuance stops is for transaction fees to secure the network since transaction fees are paid to miners. Not only does this have its own security problems which I won’t detail here, but unless Bitcoin scales on layer 1 (layer 2 scaling solutions have their own security mechanisms separate from L1), then fees would have to cost well in the thousands of dollars to secure a trillion dollar market cap Bitcoin that is secured by nothing but fees. If Bitcoin maximalists want a 10 trillion or 100 trillion dollar market cap then expect fees to go up another 10 or 100 times from there.
Ethereum on the other hand, will be able to keep its network secure with approximately 1-2% annual issuance being paid to stakers under ETH 2.0. This is because not all of the network will be staking, so if 33 million of the approximately 110 million Ether in existence stakes under ETH 2.0, then paying this 33 million Ether 6% a year (a very decent yield!) would cost just under 2 million ETH per year which would equate to less than 2% annual ETH inflation. This is also before considering EIP-1559 which will burn a portion of transaction fees which will counter the effect of this inflation and potentially even make ETH deflationary if the sum of all burned transaction fees are greater than the annual inflation. Also, under ETH 2.0, an attacker performing a 51% attack would get his funds slashed (they would lose their funds) if they attack the network, meaning that they can only perform a 51% attack once. However, in Bitcoin, anyone who controls 51% of the mining hash power could perform multiple 51% attacks without losing everything like they could in ETH 2.0.
So in conclusion, while Ethereum doesn’t have the guaranteed anti-inflation security of a hard cap, it does have the guarantee of always paying it’s miners (or stakers under ETH 2.0) enough to keep the network secure. In contrast, while Bitcoin’s social contract may guarantee a hard cap of 21 million, it cannot simultaneously guarantee network security in the long run. Eventually, its users will have to decide if they want a secure network with more than 21 million coins or a tax to pay for security or an insecure network with super high fees and a hard cap of 21 million Bitcoin.
Disclaimer: The details I covered around 51% attacks and network security are simplified. I am not an expert in this field and things are a lot more nuanced than I laid out in my simplifications above.
submitted by Tricky_Troll to ethtrader [link] [comments]

Technical: The Path to Taproot Activation

Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it!
(If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?)
(Pedants: I mostly elide over lockin times)
Briefly, Taproot is that neat new thing that gets us:
So yes, let's activate taproot!

The SegWit Wars

The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions.
So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!

BIP9 Miner-Activated Soft Fork

Basically, BIP9 has a bunch of parameters:
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two.
A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this.
So, first some simple questions and their answers:

The Great Battles of the SegWit Wars

SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain).
So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%.
Thus were the Great SegWit Wars started.

BIP9 Feature Hostage

If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage.
You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever.
With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you.
This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.

Covert ASICBoost

ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere
Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected.
Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway.
Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost!
But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage).
Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit.
Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!

UASF: BIP148 and BIP8

When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit.
Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit.
This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core.
Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout).
BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled.
This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9.
Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.

BIP91, SegWit2X, and The Aftermath

BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community.
One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym.
The text of the NYA was basically:
  1. Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
    • When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
  2. If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91.
Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit.
Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X).
This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists.
Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.

Taproot Activation Proposals

There are two primary proposals I can see for Taproot activation:
  1. BIP8.
  2. Modern Softfork Activation.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout)
So let's take a look at Modern Softfork Activation!

Modern Softfork Activation

This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
  1. First have a 12-month BIP9 (fail at timeout).
  2. If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
  3. Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation.
The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.

PSA: Being Resilient to Upgrades

Software is very birttle.
Anyone who has been using software for a long time has experienced something like this:
  1. You hear a new version of your favorite software has a nice new feature.
  2. Excited, you install the new version.
  3. You find that the new version has subtle incompatibilities with your current workflow.
  4. You are sad and downgrade to the older version.
  5. You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
  6. You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system.
And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk.
Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations.
So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
  1. One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
  2. The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist.
Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems.
When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well).
This recommendation is from gmaxwell on IRC, by the way.
submitted by almkglor to Bitcoin [link] [comments]

Quantum Resistance

Before jumping to conclusions about this post, know that I am not looking to spread any FUD but rather am trying to understand a forthcoming risk and potential solutions from an unbiased standpoint. My research has not yielded any definitive answer so I am turning here to seek direction from those more knowledgable than me.
--
When it comes to predicting quantum computing's ability to break Bitcoin cryptographically, I've seen estimates as small as two years and as large as 25 years. Either way, it is easily conceivable that quantum processors will improve to the point of threatening Bitcoin as a reliable form of currency and store of value.
One way to prevent vulnerability to quantum threats is by storing Bitcoin in an address that has only ever received Bitcoin and never sent it. Although, this is an unrealistic mitigant for an asset/currency that is intended to be bought and sold, for all trust will be lost in the network once quantum computing becomes powerful enough to hack Bitcoin. Nobody will place any value in a currency that can be hacked by sending a transaction.
Another argument I've seen is that once quantum computing is strong enough to hack Bitcoin's cryptography, Bitcoin will be a non-factor compared to the other digital security breakdowns that will have transpired. For example, nuclear codes, bank accounts, digital privacy, etc. However, those centralized networks will have the ability to preemptively update their internal security to the standard required in a quantum computing world. In a similar manner, cryptocurrency and blockchain as a whole will survive such transition via improved cryptography.
But when it comes to Bitcoin specifically, will it be possible to generate consensus among the miners to switch to a quantum resistant protocol? My research has found conflicting perspectives - one side being that in order to upgrade Bitcoin's security, it would require manual movement of coins to a new address by all users, and a burning of the coins that did not move after a "sufficient" amount of time. Burning one's assets would undoubtedly not hold in a court of law. Even if we are still several years away, an unsolvable existential threat on the horizon would be priced into the value of Bitcoin and drive it down to zero.
With that being said, are there any feasible solutions to bring Bitcoin to quantum resistance? How can Bitcoin survive this threat in the long run? What is being done currently to resolve such problem?
submitted by fuegoblue to Bitcoin [link] [comments]

This November...

Let's set aside the tickename issue for a second and think as scientists about the upcoming experiment. Assuming there will be a split, I think it's going to be interesting. (If the split is somehow avoided, then all of the following makes no sense, of course)
I frankly think the experiment of "hashrate-funded centrally-developed Bitcoin Cash" vs "hodler-funded multi-team-developed Bitcoin Cash" is very interesting. I don't mean "centrally-developed" as an offence here, it's just a fact - ABC will be developing it.
Before you start throwing in tomatos, let's think about it.
We all have front-row seats - each gets equal amount of both coins, so either coin wins - you have your cut.
It might even be that BOTH coins will be winners, since unlike the BSV situation, this is going to be probably developed under MIT license, so either side can copy code from other side. (Unless, of course, ABC goes BSV-way and protects their code with a restrictive license, while the other side will be using MIT/BSD licenses for sure)
Let's consider both sides' pros and cons.

ABC side

I don't really like IFP, but I think what Amaury did was pretty clever and worth considering. With this plan he gets to control his coin fully and impose any rules he sees as best for his coin, be it drift correction, 6-month releases or whatever else. He believes in his power to make this coin the best, so let's see if he can.
[+] Corporations are often pretty efficient at what they do. Usually, with capitalism and democracy they will perfect their game like no one, because of competition.
[-] But this won't be exactly like capitalism, more like socialism, because ABC/Amaury will get paid no matter their performance. They will always get 8%. That makes people lazy. Why bother if you get your salary anyway?
[+] ABC has a track record of 3 years and BCH didn't die, which gives them some credit that they could do it.
[+] Amaury and ABC will get paid in their own coin, so the more valuable it is, the richer they get. (Unless they sell for USD immediately) Also, they will get close to $8 million in funding in first year alone (at the current price), which would allow him to hire, well, best of the best in their class (cryptographers, developers, etc...). Amaury knows that and he's right - developers are freaking expensive ($100,000+/year). (Well, again, assuming Amaury will be hiring...)
[-] They don't have to listen to the community, so they have no force feedback if what they do is of any value or is it a useless distraction.

BCHN + others

[+] Hodler-funded means that you don't get paid unless you promise to deliver useful value and have proven to provide value in the past. So you have to perfect your game always - that's much closer to capitalism.
[-] Very hard to raise funds. Amaury will get $8m/year while BCHN and other nodes barely managed to collect $100-200K, probably for the next year or so. Hodlers don't want to give away their money too much, because it might 10x or 20x in very short amount of time.
[+] If BCHN/other nodes do their job well and the coin value raise - their money becomes more valuable, so $100K might become $1M in a year. Assuming they haven't sold for USD. Something tells me they didn't.
[-] Grass-roots things can be short-lived. People are free to join and leave any time, so eventually you get tired of everything.

Potential problems with the experiment

  1. Tickename, obviously pretty bad issue;
  2. Reputation/community loss (BCH splitting again);
  3. Confusion for next few years about what Bitcoin Cash is (just like it was with BCH/BTC split);
  4. No replay protection (this one is nasty), so it's hard to split your money at fork time, you need to wait to get some miner dust to mix in with your coins to split them properly;
  5. Potential that one side might be without wallets at first (i.e. if all wallets and services like Fountainhead/rest.bitcoin.com, which are used by wallets, leave ABC - how would you transfer your money?) - that surely will be a blow, but it's fixable. BCH started this way too.
  6. EDIT: Merchant dis-adoption. Many will be tired of non-stop drama and leave. Maybe, stability of BCHN site will lure some back later. (comment about this)
I don't see miners as an issue (I explained why here and here)
I'm actually curious. Whether corporate efficiency (but with a bit of socialism) or grass-roots (barely with any funding in comparison) will get ahead.
Even though there is already a similar experiment going (BSV), but it's still interesting - each corporation is different and where Apple succeeded, many other phone/computer companies failed. Is listening to market critical? Remember Henry Ford: "If I had asked people what they wanted, they would have said faster horses." On the other hand we have plenty of coins with a lot of funding not even in Top 10.
Get your tickets (coins) ready, we're in for a ride!
submitted by readcash to btc [link] [comments]

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

Cyptocurrency pegged to electricity price

Meter.io aims to create a low volatile currency following 10 kwh electricity price.
Meter uses a hybrid PoW/PoS solution; PoW mining for stable coin creation and PoS for txn ordering
  1. MTR is stablecoin soft pegged around the global competitive price of 10 kwh electricity
  2. MTRG is the finite supply governance token, which is used by PoS validators to validate transactions.
Pow mining in Meter is as open and decentralized as in Bitcoin but differs from that in Bitcoin in two fundamental ways
  1. Block rewards are dynamic. It’s determined as a function of pow difficulty. The wining Meter miner will earn more MTR if hash rate is high and less MTR if hash rate is low, ensuring a stable cost of production for each MTR at 10 kWh electricity price using mainstream mining equipment
  2. Miner’s don’t validate transactions. They simply compete to solve PoW. Txn ordering is done by PoS validators who secure the network and in return earn txn fees.
All stablecoins must essentialy have stability mechanisms to account for cases where demand is high and where demand is low. MTR has 2 stability mechanisms set to solve this mission.
Supply side stability mechanism (long term)
First and foremost MTR can’t be produced out of thin air. It’s issuance follows a disciplined monetary policy that solely depends on profit seeking behavior of miners. The only way to issue MTR is via PoW mining. When miners notice that price of MTR is getting higher than the cost to produce them (remember cost of production is always fixed at 10 kwh elec. price = around 0.9-1.2 usd) they will turn on their equipment and start creating new supply. If demand keeps increasing more miners will join, and more MTR will be printed to keep up with demand. Eventually supply will outperfrom the demand and price will get back to equilibrium.
When demand is low and MTR price is dropping below 10 kwh elec. price miners will not risk their profit margin to shrink and switch to mine other coins instead of MTR. In return MTR production will stop and no additional MTR will enter circulation. Given that mining is a competitive, open enviroment, price of MTR will eventually equal to the cost to produce it. (Marginal Revenue = Marginal Cost).
The long term stability is achieved through this unique and simple mechanism at layer 1 which doesn’t require use of capital inefficient collateral, complicated oracles, seignorage shares or algorithmic rebasing mechanisms.
Relative to nation based fiat currencies, switching cost between crytocurrencies is significantly lower. Sudden demand changes in crypto is therefore very common and must be addressed. Huge drop in demand may temporarly cause MTR to get traded below it’s cost of production making pow mining a losing game. How can the system recover from that and restart production? On the contrary, a sudden increase in demand may cause MTR to get traded at a premium making mining temporarly very profitable. Meter has a second layer stability mechanism in order to absorb sudden demand changes.
Demand side stability mechanism (short term)
An on chain auction (will become live in October 2020) resets every 24 hours offering newly minted fixed number of MTRGs in exchange for bids in MTR. Participants bid at no specific price and at the end of auction recieve MTRG proportional to their percentage of total bid. The main purpose of this auction is to consume MTR. A portion of MTR (initally %60) that is bidded in the auction ends up going to a reserve that is collectively owned by MTRG holders, essentially getting out of circulation. Future use of MTR in Reserve can be decided by governance. The remaining %40 gets gradually distributed to PoS validators as block rewards. This reserve allocation ratio can be adjusted via governance depending on the amount of MTR needed to be removed out of circulation at any point in time.
Meter team working to make Meter compatible with other blockchain. In fact both MTR and MTRG can currently be 1:1 bridged to their Ethereum versions as eMTR and eMTRG respectively. In near term, stablecoin MTR is set out on a mission to serve as collateral and a crypto native unit of account for DeFi.
submitted by cangurel to CryptoMoonShots [link] [comments]

[OWL WATCH] Waiting for "IOTA TIME" 20; Hans's re-defined directions for DLT

Disclaimer: This is my editing, so there could be some misunderstandings...
--------------------------------------------
wellwho오늘 오후 4:50
u/Ben Royce****how far is society2 from having something clickable powered by IOTA?
Ben Royce오늘 오후 4:51
demo of basic tech late sep/ early oct. MVP early 2021
---------------------------------------------------
HusQy
Colored coins are the most misunderstood upcoming feature of the IOTA protocol. A lot of people see them just as a competitor to ERC-20 tokens on ETH and therefore a way of tokenizing things on IOTA, but they are much more important because they enable "consensus on data".
Bob
All this stuff already works on neblio but decentralized and scaling to 3500 tps
HusQy
Neblio has 8 mb blocks with 30 seconds blocktime. This is a throughput of 8 mb / 30 seconds = 267 kb per second. Transactions are 401+ bytes which means that throughput is 267 kb / 401 bytes = 665 TPS. IOTA is faster, feeless and will get even faster with the next update ...
-----------------------------------------------------------------------------
HusQy
Which DLT would be more secure? One that is collaboratively validated by the economic actors of the world (coporations, companies, foundations, states, people) or one that is validated by an anonymous group of wealthy crypto holders?
HusQy
The problem with current DLTs is that we use protection mechanisms like Proof of Work and Proof of Stake that are inherently hard to shard. The more shards you have, the more you have to distribute your hashing power and your stake and the less secure the system becomes.
HusQy
Real world identities (i.e. all the big economic actors) however could shard into as many shards as necessary without making the system less secure. Todays DLTs waste trust in the same way as PoW wastes energy.
HusQy
Is a secure money worth anything if you can't trust the economic actors that you would buy stuff from? If you buy a car from Volkswagen and they just beat you up and throw you out of the shop after you payed then a secure money won't be useful either :P
HusQy
**I believe that if you want to make DLT work and be successful then we need to ultimately incorporate things like trust in entities into the technology.**Examples likes wirecard show that trusting a single company is problematic but trusting the economy as a whole should be at ...
**... least as secure as todays DLTs.**And as soon as you add sharding it will be orders of magnitude more secure. DLT has failed to deliver because people have tried to build a system in vacuum that completely ignores things that already exist and that you can leverage on.
----------------------------------------------------------------------------------
HusQy
Blockchain is a bit like people sitting in a room, trying to communicate through BINGO sheets. While they talk, they write down some of the things that have been said and as soon as one screams BINGO! he hands around his sheet to inform everybody about what has been said.
HusQy
If you think that this is the most efficient form of communication for people sitting in the same room and the answer to scalability is to make bigger BINGO sheets or to allow people to solve the puzzle faster then you will most probably never understand what IOTA is working on.
--------------------------------------------------------------------------------
HusQy
**Blockchain does not work with too many equally weighted validators.****If 400 validators produce a validating statement (block) at the same time then only one can survive as part of a longest chain.**IOTA is all about collaborative validation.
**Another problem of blockchain is that every transaction gets sent twice through the network. Once from the nodes to the miners and a 2nd time from the miners as part of a block.**Blockchain will therefore always only be able to use 50% of the network throughput.
And****the last problem is that you can not arbitrarily decrease the time between blocks as it breaks down if the time between blocks gets smaller than the average network delay. The idle time between blocks is precious time that could be used for processing transactions.
-----------------------------------------------------------------------------
HusQy
I am not talking about a system with a fixed number of validators but one that is completely open and permissionless where any new company can just spin up a node and take part in the network.
------------------------------------------------------------------------
HusQy
Proof of Work and Proof of Stake are both centralizing sybil-protection mechanism. I don't think that Satoshi wanted 14 mining pools to run the network.
And "economic clustering" was always the "end game" of IOTA.
-----------------------------------------------------------------------------
HusQy
**Using Proof of Stake is not trustless. Proof of Stake means you trust the richest people and hope that they approve your transactions. The rich are getting richer (through your fees) and you are getting more and more dependant on them.**Is that your vision of the future?
----------------------------------------------------------------------------

HusQy
Please read again exactly what I wrote. I have not spoken of introducing governance by large companies, nor have I said that IOTA should be permissioned. We aim for a network with millions or even billions of nodes.

HusQy
That can't work at all with a permissioned ledger - who should then drop off all these devices or authorize them to participate in the network? My key message was the following: Proof of Work and Proof of Stake will always be if you split them up via sharding ...

HusQy
... less secure because you simply need fewer coins or less hash power to have the majority of the votes in a shard. This is not the case with trust in society and the economy. When all companies in the world jointly secure a DLT ...

HusQy
... then these companies could install any number of servers in any number of shards without compromising security, because "trust" does not become less just because they operate several servers. First of all, that is a fact and nothing else.

HusQy
Proof of Work and Proof of Stake are contrary to the assumption of many not "trustless" but follow the maxim: "In the greed of miners we trust!" The basic assumption that the miners do not destroy the system that generates income for them is fundamental here for the ...

HusQy
... security of every DLT. I think a similar assumption would still be correct for the economy as a whole: The companies of the world (and not just the big ones) would not destroy the system with which their customers pay them. In this respect, a system would be ...

HusQy
... which is validated by society and the economy as a whole probably just as "safely" as a system which is validated by a few anonymous miners. Why a small elite of miners should be better validators than any human and ...

HusQy
... To be honest, companies in this world do not open up to me. As already written in my other thread, safe money does not bring you anything if you have to assume that Volkswagen will beat you up and throw you out of the store after you ...

HusQy
... paid for a car. The thoughts I discussed say nothing about the immediate future of IOTA (we use for Coordicide mana) but rather speak of a world where DLT has already become an integral part of our lives and we ...

HusQy
... a corresponding number of companies, non-profit organizations and people have used DLT and where such a system could be implemented. The point here is not to create a governance solution that in any way influences the development of technology ...

HusQy
... or have to give nodes their OK first, but about developing a system that enables people to freely choose the validators they trust. For example, you can also declare your grandma to be a validator when you install your node or your ...

HusQy
... local supermarket. Economic relationships in the real world usually form a close-knit network and it doesn't really matter who you follow as long as the majority is honest. I also don't understand your criticism of censorship, because something like that in IOTA ...

HusQy
... is almost impossible. Each transaction confirms two other transactions which is growing exponentially. If someone wanted to ignore a transaction, he would have to ignore an exponential number of other transactions after a very short time. In contrast to blockchain ...

HusQy
... validators in IOTA do not decide what is included in the ledger, but only decide which of several double spends should be confirmed. Honest transactions are confirmed simply by having other transactions reference them ...

HusQy
... and the "validators" are not even asked. As for the "dust problem", this is indeed something that is a bigger problem for IOTA than for other DLTs because we have no fees, but it is also not an unsolvable problem. Bitcoin initially has a ...

HusQy
Solved similar problem by declaring outputs with a minimum amount of 5430 satoshis as invalid ( github.com/Bitcoin/Bitcoi…). A similar solution where an address must contain a minimum amount is also conceivable for IOTA and we are discussing ...

HusQy
... several possibilities (including compressing dust using cryptographic methods). Contrary to your assumption, checking such a minimum amount is not slow but just as fast as checking a normal transaction. And mine ...

HusQy
... In my opinion this is no problem at all for IOTA's use case. The important thing is that you can send small amounts, but after IOTA is feeless it is also okay to expect the recipients to regularly send their payments on a ...

HusQy
... merge address. The wallets already do this automatically (sweeping) and for machines it is no problem to automate this process. So far this was not a problem because the TPS were limited but with the increased TPS throughput of ...

HusQy
... Chrysalis it becomes relevant and appropriate solutions are discussed and then implemented accordingly. I think that was the most important thing first and if you have further questions just write :)

HusQy
And to be very clear! I really appreciate you and your questions and don't see this as an attack at all! People who see such questions as inappropriate criticism should really ask whether they are still objective. I have little time at the moment because ...

HusQy
... my girlfriend is on tour and has to take care of our daughter, but as soon as she is back we can discuss these things in a video. I think that the concept of including the "real world" in the concepts of DLT is really exciting and ...

HusQy
... that would certainly be exciting to discuss in a joint video. But again, that's more of a vision than a specific plan for the immediate future. This would not work with blockchain anyway but IOTA would be compatible so why not think about such things.
-----------------------------------------------------------------------

HusQy
All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time.
----------------------------------------------------------------------------------

HusQy
Exactly. It would mean that addresses "cost" something but I would rather pay a few cents than fees for each transaction. And you can "take" this minimum amount with you every time you change to a new address.

HusQy
All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time.
-----------------------------------------------------------------------------------

Relax오늘 오전 1:17
Btw. Hans (sorry for interrupting this convo) but what make people say that IOTA is going the permissioned way because of your latest tweets? I don't get why some people are now forecasting that... Is it because of missing specs or do they just don't get the whole idea?

Hans Moog [IF]오늘 오전 1:20
its bullshit u/Relaxan identity based system would still be open and permissionless where everybody can choose the actors that they deem trustworthy themselves but thats anyway just sth that would be applicable with more adoption
[오전 1:20]
for now we use mana as a predecessor to an actual reputation system

Sissors오늘 오전 1:31
If everybody has to choose actors they deem trustworthy, is it still permissionless? Probably will become a bit a semantic discussion, but still

Hans Moog [IF]오늘 오전 1:34
Of course its permissionless you can follow your grandma if you want to :p

Sissors오늘 오전 1:36
Well sure you can, but you will need to follow something which has a majority of the voting power in the network. Nice that you follow your grandma, but if others dont, her opinion (or well her nodes opinion) is completely irrelevant

Hans Moog [IF]오늘 오전 1:37
You would ideally follow the people that are trustworthy rather than your local drug dealers yeah

Sissors오늘 오전 1:38
And tbh, sure if you do it like that is easy. If you just make the users responsible for only connection to trustworthy nodes

Hans Moog [IF]오늘 오전 1:38
And if your grandma follows her supermarket and some other people she deems trustworthy then thats fine as well
[오전 1:38]
+ you dont have just 1 actor that you follow

Sissors오늘 오전 1:38
No, you got a large list, since yo uwant to follow those which actually matter. So you jsut download a standard list from the internet

Hans Moog [IF]오늘 오전 1:39
You can do that
[오전 1:39]
Is bitcoin permissionless? Should we both try to become miners?
[오전 1:41]
I mean miners that actually matter and not find a block every 10 trillion years 📷
[오전 1:42]
If you would want to become a validator then you would need to build up trust among other people - but anybody can still run a node and issue transactions unlike in hashgraph where you are not able to run your own nodes(수정됨)
[오전 1:48]
Proof of Stake is also not trustless - it just has a builtin mechanism that downloads the trusted people from the blockchain itself (the richest dudes)

Sissors오늘 오전 1:52
I think most agree it would be perfect if every person had one vote. Which is pr oblematic to implement of course. But I really wonder if the solution is to just let users decide who to trust. At the very least I expect a quite centralized network

Hans Moog [IF]오늘 오전 1:53
of course even a trust based system would to a certain degree be centralized as not every person is equally trustworthy as for example a big cooperation
[오전 1:53]
but I think its gonna be less centralized than PoS or PoW
[오전 1:53]
but anyway its sth for "after coordicide"
[오전 1:54]
there are not enough trusted entities that are using DLT, yet to make such a system work reasonably well
[오전 1:54]
I think the reason why blockchain has not really started to look into these kind of concepts is because blockchain doesnt work with too many equally weighted validators
[오전 1:56]
I believe that DLT is only going to take over the world if it is actually "better" than existing systems and with better I mean cheaper, more secure and faster and PoS and PoW will have a very hard time to deliver that
[오전 1:56]
especially if you consider that its not only going to settle value transfers

Relax오늘 오전 1:57
I like this clear statements, it makes it really clear that DLT is still in its infancy

Hans Moog [IF]오늘 오전 1:57
currently bank transfers are order of magnitude cheaper than BTC or ETH transactions

Hans Moog [IF]오늘 오전 1:57
and we you think that people will adopt it just because its crypto then I think we are mistaken
[오전 1:57]
The tech needs to actually solve a problem
[오전 1:57]
and tbh. currently people use PayPal and other companies to settle their payments
[오전 1:58]
having a group of the top 500 companies run such a service together is already much better(수정됨)
[오전 1:58]
especially if its fast and feeless
[오전 2:02]
and the more people use it, the more decentralized it actually becomes
[오전 2:02]
because you have more trustworthy entities to choose of

Evaldas [IF]오늘 오전 2:08
"in the greed of miners we trust"


submitted by btlkhs to Iota [link] [comments]

Is Bitcoin Mining Profitable RIGHT NOW In Early 2020 ... How to Mine Bitcoins Using Your Own Computer - YouTube Roblox Bitcoin Mining Simulator - Becoming A Bitcoin Miner ... How to Hack bitcoin server mining app - YouTube I'm A Teenage Bitcoin Millionaire - YouTube

Over the course of a year, you could earn a little under $200 worth of Bitcoin with this miner, depending on the cost of your electricity. However, considering the miner costs between $1500 and $2000, it would still take you at least 7 to 10 years at that rate to start turning a profit, at the Bitcoin price of $4000. Become bitcoin miner and earn dollars on your PC mining without any risk. Learn how easy is to mine bitcoin and turn it into real money. If you want to become a Bitcoin miner, then you are required to have an advanced hardware which supports these operations. Considering that speed is measured in hashes, you need to perform a certain number of hashes in second, to mine. A high – end hardware will provide you desirable speed and help you earn Bitcoins faster. To become a Bitcoin millionaire you have to buy-and-hold the coins. The Bitcoin value had doubled in 2016 from the month of January to December; this shows why people would be so keen to make a million by investing in the crypto coin. Certified Bitcoin Expert is a skilled professional who understands and knows the fundamentals of bitcoin and also uses the gathered knowledge to build Blockchain based applications to re-invent the traditional running businesses. This Bitcoin certification will focus on the practical and theoretical fundamentals of bitcoin.

[index] [2184] [1904] [141] [3415] [535] [1536] [722] [4612] [5425] [2214]

Is Bitcoin Mining Profitable RIGHT NOW In Early 2020 ...

WANT FREE STOCK FAST? CLICK LINK And CLICK "SIGN UP NOW"! 💲💲💲 http://join.robinhood.com/jareds7 ALL VIDEOS ARE ONLY REPRESENTATIVE OF MY OPINION. ONLY INVEST... How to make money from Bitcoin?This video expains in detail how to get started in making money through bitcoin. Follow me on Facebook https://www.facebook.co... Easiest way to mine Bitcoins and other cryptocurrencies with laptop. Click here to register on MinerGate: https://minergate.com/a/69306d2babcd442ed23df5f9 Cl... Roblox Bitcoin Mining Simulator Today we become a bitcoin miner and find new ways to mine these btc. This is the most well known crypto currency. Some other ... Start trading Bitcoin and cryptocurrency here: http://bit.ly/2Vptr2X IMPORTANT!! This method only illustrates how mining works. You will not make any money f...

#