Bitcoin Forum

Remember when one pool (GHash) took over 51% of bitcoin mining?  Did you forget about that?  You thought to yourself; nothing to worry about they spit up into separate pools so they no longer hold a 51% mining stake.  What a nice thought, must be comforting.  But how do you know what they didn't just break up in the public's eye but privately they still work together?  Well there is no attack on the network is there?  Besides why would anyone want to ruin thier cash cow?

All of these are thoughts to help yourself feel better.  A 51% attack on bitcoin would be subtle.  Stealing coins from zombie (inactive) wallets so no one would realize it.  That is probably all they have done so far.   But they want more.  And they don't want to ruin the bitcoin network to do it.

Enter SegWit.  What we can do is remove the signatures from the blockchain.  This way we can change who actually sent the bitcoin if we want to...and get away with it easier than if the signatures were a part of the real blockchain.  This will make stealing bitcoin from zombie wallets easier.  Sally could send 100 bitcoins to Bob then later say that it was actually Billy who sent the 100 coins to Bob.  And if Billy forgot the password to his wallet, he would never know.  The perfect crime.

Don't fool yourself into thinking that someone who won total monopoly of a quarter trillion dollar industry would give it up so easy.  Wouldn't you keep it a secret if you had a monopoly on bitcoin?

https://www.extremetech.com/extreme/184427-one-bitcoin-group-now-controls-51-of-total-mining-power-threatening-entire-currencys-safety

https://www.youtube.com/watch?v=VoFb3mcxluY

That was 2 1/2 years ago. Have you looked at the stats today?

What makes you think that pools would tell you if they are working together, or even if they are run by the same person?

How do you know that life isn't just a dream and one day you will wake up? Conspiracy theories are good for nothing. Once they are confirmed it is too late. Prep now and sell your bitcoin.   

I'm prepping by buying bitcoin.  Currently we are inside a pump and dump by china.  Know the indicators to when china will dump and you will be safe to ride the wave.  In terms of the 51% attack, they will only target zombie bitcoins in order to protect their investment.  But in the long term, bitcoin is in shambles.

Pray tell the indicators.

The signatures are still stored on the blockchain.

They have been put in a block section of their own, but they are still stored in ohe blockchain, hence you can't simply change transaction signatures after the fact. No data is lost. SegWit is effectively a blocksize increase, even though the blocks still get treated as 1MB blocks.

China unviels the CryptoYuan.  China says that they will give citizens CY in exchange for their bitcoins.

Watch the second link in my OP

If there's a meaningful counter-argument to my post above please summarize it in a sentence or two, as I'm not going to shift through 38 minutes of video based on what seems to be a misunderstanding of how SegWit works.

Miners will make more money by not checking the signature data when they verify transactions.  It is faster not to and you don't need to check it to post to UTXO.

Very much appreciated, thank you.

An interesting issue, but I'm not fully convinced of its practical implications as I don't see how this could be pulled off without triggering a hardfork due to non-colluding miners and node operators -- the very opposite of a subtle attack. But maybe there's more to it, thanks for the input.

Right it would have to be kept secret.  Its like a parasite or cancer evading the immune system.  You don't want to evoke an immune response.  The problem is the protocol incentivizes not waiting for the witness block to mine the UTXO block so when you incentivize bypassing security measures, inherently there is less security.  Before you had to save the signatures in order for your block to be valid and process transactions and get fees.  Now you simply don't have to.  Its like verifying/publishing the signatures (witness block) becomes optional because it isn't required for the transactions.

This is not possible with a 51% attack.  There are limits on what a 51% attack can do.  Creating transactions that take bitcoins from inactive wallets is NOT one of the things that a 51% attack is capable of.


No.  You can't.

It is clear that you do not understand what SegWit does or how it does it.


No. It won't. Please take some time to learn about that which you fear.  You may discover that your fear is unfounded.


No.  She couldn't.


Absolute nonsense.


Absolutely.  And it is possible that some of the largest mining pools could collude.  However, if they did collude, they could not do the things you are claiming.  They could choose which transactions get confirmed, and they could reduce the number of confirmations that a transaction has.  They could also replace confirmed transactions that they sent with different transactions that they sent.

1) Indeed, we can't know if all these pools are the same entity or not, and indeed, segwit (and im not an expert) addresses, don't make me feel entirely safe to keep big funds at.. which is why I just keep cold storage on legacy addresses. But it is ultimately a conspiracy. We would need to see hard proof of owned bitcoins stored in segwit addresses stolen to confirm it. All Core devs concluded that the chances of that happening are practically impossible, so if we actually see segwit funds stolen by colluding miners, it would be the end of Core and anyone involved in promoting segwit, and what's worse: The even bigger scammers (big blockers, Roger Ver etc) could seen as the ones that were right, when they are even worse.
I don't see how Core devs would risk their careers and possibly life by taking such a risk with people's funds. So I conclude that the segwit funds being stolen problem will never happen.

2) You or no one has no idea if "china is pumping bitcoin". Bitcoin is now global, too big, wall street is involved.. you can't time the top and you can't time the bottom, you can only buy the dips and hold very long term, because long term we are only going higher.

And if they include an invalid transaction (because it has invalid signatures), the block will be rejected by all of the full nodes on the network that are verifying all of this. Even if they have 51% of the hash rate, the network will reject those blocks anyways. Nodes do not follow just the blockchain with the most work, they follow the valid according to their consensus rules blockchain that has the most work. A miner cannot drag along the rest of the network and commit such fraud since all other full nodes will be verifying their blocks and throwing them away if they are invalid.

I do not see any problem.

Only maybe constructed paranoid panic....

Segwit is the process of increasing block size. So its not possible to rearrange or remove the digital signature.
Blockchain is the technology which is connected and match only with digital signature of each blocks. In simple it like a book where it has page number to connect each other. It doesn't make sense if you rearrange or remove any page.
We can avoid invalid transaction in the block. Blockchain has its own character we can't write a new process apart from segwit.

The risk in doing this, would out weigh the reward. Let's say it was possible and these miners have been doing it for a while. <unnoticed> and one day, someone notice this. Guess what will happen then. The coins they collected would drop in value or become worthless.

This will happen because people would lose faith in this technology and they will start dumping it.

Not a lot of things goes unnoticed in Bitcoin. <Example : ASICBOOST>

What signatures?  They aren't in the UTXO, (the real blockchain, the one that matters and the only blockchain miners have incentive to check).

It will be a disaster.  Can anyone tell me what incentive miners will have to check the witness data?  They would only loose time waiting for that witness block before they start mining the next UTXO block...

The incentive is that if they mine invalid block, it gets rejected by the network, and if it gets rejected by the network, then they are not mining Bitcoin, they are wasting electricity to mine some fork that they can't even sell on exchange. Miners do not control Bitcoin, they are simply hired to timestamp transactions, while the network of nodes enforces the rules.

The FUD is strong in this one. Hahaha.

The big blockers will keep spreading their propaganda and false analysis to give the newbies the wrong impression about Segwit, while they push for Bitcoin Cash as the "real" Bitcoin.

I do not have a problem with Bitcoin Cash personally, but you cannot go around and say it is the real Bitcoin. It's simply not true.

The brokers like Coinbase are scared to death by forks of the data and maybe this is why Bit-Gold was DDOSed when it split

You see anyone with coins held in the ledger before the split are entitle to a new coin in the new system so were has my money gone
and why won't Coinbase or other brokers allow access to Bit-Gold ???????????????????????????

Well you see they have this pool account thing in a database so if you sell a coin using a broker then
it just returns to the pool but they still charge you massive fees and then as someone buys the coin
they charge them a big fee too but this movement of digits does not take place on the block-chain even
if you think it does because they gave you a BTC public address.

No sir, these coins in the pool are fake and on any fork they won't tie up with data in the real block-chain
so kiss the free bit-gold goodbye

Each fork double the money/token supply and we have fake coins being generated by brokers so
when someone talks about having no inflation due to a limit of 21m digits then may i suggest that you turn
a blind ear because clearly this is not true.


 

If there is no incentive for you to verify then what incentive would there be for the network to verify?  The problem is everyone will be more competitive if they stop verifying the signatures.

Its like saying: You can mine gold here but you have to make sure that the gold is weighed before you take it.  Who is going to validate that you weighed the gold?  The other miners?  The other miners don't give a shit.  They will respond to you breaking the rules and getting more gold by they themselves breaking the rules so they can compete with you.  Is the little non-mining full node with the crossing guard uniform and whistle going to stop them?  No they will just bowl right over him.

The problem with segwit is the network requires a central enforcer to make sure everyone checks the signatures.  Even if people thought that was ok (which they wouldn't), the bitcoin protocol doesn't allow for a central enforcer.  You have to incentivize people to enforce, this is why there will always be many more mining nodes than non-mining full nodes.

Plus even in the slim chance that the block you mined was rejected by the network, you probably won 3 more extra blocks because you save time by not checking witness data.  A loss here and there is made up by the time you save and extra hashes you can get in.

I'm not a big blocker either.  I think bitcoin blocks are too big.  If I designed the blocksize I would make it so the block propagation time to 90% of the network is less than 5% of the blocktime.  This translates into an optimized value of roughly 45kb blocks and 3.5 minute blocktime.

Bitcoin Core Nodes verify. Nodes decide, what is valid a Bitcoin block. Not the miners. Miners can post as much invalid blocks as they want, the only effect is, that those blocks are rejected by the nodes and miners don't get reward. Every Core node checks each block independendly.

Your trolling is very poor quality (or you're totally insane, or unable to read)

You were just told what the incentive is, and that it's a very strong motivator.

And I made a pretty elaborate analogy to say why the network would tend to not verify, can you discuss how that is wrong?

The point is say you gain 10  seconds (1.6% blocktime) every block by not verifying the witness data.  One of your blocks is rejected by the network 1 out of 100 times (1%).  This practice gains you net profit.

0 out of 100 times is the correct figure

your attack is pure fiction, which is why no-one is doing it

The reason everyone verified signatures in the past is it was so quick (a few microseconds) to do that no one really thought it worthwhile to do a cost/benefit analysis of how much it is actually costing them and how much it is actually gaining them by verifying signatures.

Now verifying signatures becomes non-trivial and people will do that cost/benefit analysis sooner or later.  We can only assume some of them at some time might actually find it more favorable to stop verifying signatures.  And once one domino falls...

That is not true.

It is both

trivial to verify signatures with SegWit

AND

personally a VERY expensive mistake to skip verifying them.

I think it can be said for certain that it takes longer to verify segwit signatures than non-segwit signatures.  Can you provide a reference that disputes this?

I am trying to bang my head around your ideas.  ??? I cannot come to a conclusion  :-\
Is it looking for a flaw in the design (so far this was very poor), or just to challenge the audience and keep them busy?
DannyHamilton, HeRetik and achow121 all explained, why your assumptions are wrong, still you insist on cancer, epidemic stuff, domino effects and other buzz words.
You have posted in several threads here in this forum, with a theory, that is not accepted, and you already had fairly harsh comments on it. You do not show, that you have understood how the network (network is not miners) works, and could not underline this knowledge with hard facts (e.g. mathematical proof, in CPU seconds for sig verification, or what it means in Euro/Dollar/Pounds). In your last post you are asking DannyHamilton, to provide the figures, but hey, that's not how things work! You post a statement, it is up to you to underline it with reference data, otherwise it's wasting our time. Or you'd be ready to pay for someone to underline your logic...

Your wording is repetitive, stating that it is more beneficial (than what?) for a miner to work against the network, instead of playing the game.
Besides that this statement is lacking fundamental data, I try to turn it a bit around: the incentive that miners have to check the sigs, is to have valid tx into a block no matter if segwit or not. They can only gain money, if they propagate correct blocks, otherwise they loose potential earnings, and the whole power consumption costs.

on verification: it was explained, that every full node verifies the tx (and initially the blockchain), whereas e.g. SPV wallets do not. The danger behind SPV is well known, though people are still using SPV wallets, and others rely on full nodes. Full nodes give the proof (to me !), that a forwarded tx is valid or not, and that I am on the correct set of blocks since inception. If miners want to change the rules, they can do so, and need 51% (maybe even a bit less) - that is well known, and part of bitcoin's design. So let's try to think miners do not verify, then they might waste a lot of their processing power on the "potentially wrong" chain. Until it eventually comes to the point where they propagate with the majority (51%). I think this is, what you try to phrase in your words as "domino effect". But anyhow, words are not sufficient here to gain credibility for the statements made...

Is it up to me to provide proof that changing the blockchain is detrimental or is it up to them to provide proof that changing the blockchain is innocuous?

I'm a human so I don't work in proofs, proof is relative to an individual's current knowledge.

Non mining nodes don't vote.  If someone is standing on the sideline, what they say doesn't matter.  What matters is what the person says who has the ball, ie: the person who will either mine on your chain or not.  People vote by which chain they mine on.  If they aren't mining, they aren't in the game.

So if code is released that skips the signature verification part and makes miners make more money, then the more miners adopt this code, the fewer of their blocks will be rejected and the more "valid" blocks they will create.  Thus the amount of extra money they make will snowball and get bigger and bigger.

You can keep on saying that, and it will still never happen. It's impossible while there are still regular people running full Bitcoin nodes. And as long as people have the resources to run full Bitcoin nodes, they will.


Let's put it this way: your detractors in this thread are very confident you are wrong. Why not email the major mining pools & mining farm owners to tell them about this extra money you believe they can make? Responsible behaviour is certainly not a reason, you should be trolling contacting the Bitcoin developers about this privately, not exposing it publicly so that the miners (according to your non-logic) can make malicious use your "exploit"

That's not how I operate, I am open source.  I don't support centralization by telling only select people of flaws, I tell everyone so they can prepare properly and not be blindsided.

And please explain how non-mining full nodes vote on block validity?

The entire bitcoin network is made of nodes that verify signatures.  Everyone who uses bitcoins *wants* their node to verify signatures and they don't care if, assuming arguendo that it takes longer, it takes 10% (or 50%) more time to do so. If even 1% of the nodes stopped verifying it wouldn't matter to block verification because the other 156,520 (99% * 158,101) nodes would continue to do so and reject any blocks that had invalid signatures.  

It would be suicide for any miner to run node software that didn't verify signatures and to accept transactions with invalid signatures because the rest of the network - nodes and nodes other miners are using - would ignore them and they'd be on their own fork which would make them NO money.  In fact, it would open them up to a huge attack vector - other miners would sabotage them by submitting invalid transactions so their blocks would be ignored which would mean their hash rate would be worthless.

(And by the way your initial post is completely incorrect when it says "remove the signatures from the blockchain".)


*Number of nodes:
http://luke.dashjr.org/programs/bitcoin/files/charts/software.html

I think you missed the point. Carlton's point was: contact the pools and mining farm owners, let them know about this idea, and if it is a good one, they'll use it.  If it is incorrect they won't.  That way you won't have to argue with people here, you will have a real world demonstration as to whether the idea is good or not.  Unless you think the miners don't understand the bitcoin protocol either.  You could just direct them to this thread and then see how quickly (or never) they take up this idea.

As far as "voting": Nodes reject invalid blocks.  Go ahead an create an invalid block and see what happens to it when you broadcast it from your node.  It isn't a vote, it is an outright rejection of invalid blocks by anyone running a bitcoin node.

It all comes down to a business decision.  If miners determine that only 0.1% of blocks they skip verifying signatures is later rejected by the network and it saves them 10% of time to skip verifying signatures, then naturally they will start skipping signature verification.  I believe it is only a matter of time before this starts happening.  And like I said the more people skip verifying signatures, the amount of rejected blocks will decrease making it even more lucrative.

But yes I think you are right about the civil war you describe, when this starts happening people will try to skew that profitability metric by propagating false blocks to get the non-verifiers to mine wrong blocks.  But then if they are playing into the bad guys hands by ddosing the network and slowing it down.  So at that point bitcoin becomes a whirlwind of fraud and who is going to untangle it?

So who cares if a non-mining node rejects a block?

If a miner is mining blocks that the thousands of non-mining nodes are going to reject, then they simply aren't mining, they're just wasting millions of dollars of energy and hardware for the privilege of making blocks that nobody recognizes. Basically, they're mining fool's gold, except they don't even get to keep it.

Because no other node (including other miners) on the network will then accept any other blocks built upon that bad block and consequently no other transactions built on that block will be accepted.  So no miner will be able to spend the coinbase transactions - which means no reward for the miner.  Which means they aren't gaining anything, but are losing the entire block reward spending their electricity for nothing.  And wasting the capital invested in mining hardware.

Are we on the same page that the only node's vote that matters is miners?  Because the only vote you have is whether to mine on a block or not.  This act of mining on a block signifies you accept it.  So what do non-mining nodes have to do with this process?

What does it mean for a non-mining node to reject a block?  Does it mean they refuse to mine on it?  Because it's not like they were going to mine on it anyway.

Have you ever heard of a UASF? BIP 148 was a softfork that the nodes, not the miners, voted on. It said: after a certain time, make it illegal for miners to create blocks that don't vote for segwit. Since a lot of nodes adopted BIP 148, if miners didn't vote for segwit after that certain time, they would be mining "fool's gold" that they couldn't keep (as described in my post above). What happened when the nodes voted for BIP 148? The miners got scared and segwit was activated almost immediately. (First they voted for BIP 91, which also made it illegal to not vote for segwit, but from the miner's perspective too, not just the nodes.)

That bunch of dominos started falling because the nodes voted for BIP 148 by incorporating it in their software. It's why we have segwit today.

If all the non-mining nodes reject the block, then the vast majority of the network doesn't have a copy of it. It basically isn't a real block.

The network worked before there were ever non-mining nodes having a copy.  So if only the miners have a copy of the transactions then it is more than good enough.

Your example is like a straw poll.  The non-mining nodes had no real authority to actually enforce their conclusion.

Like I said the only vote that holds authority is if you win a block, then your vote on the previous block validity counts as a confirmation.

Sure the nodes have authority, as a group. If a miner violated BIP 148, they would have been forked off of the network, losing hundreds of thousands of dollars. If some miners want to make their own chain that breaks the rules of all the rest of the nodes, they can do that. But it will result in a currency split, creating two currencies, one where the miners are playing pretend and the other which was and still is the real bitcoin, where all the rest of the miners are still making money. That's if the dissenting miners aren't driven into bankruptcy before they can even confirm their own blocks, in which case it doesn't affect anyone else and there is no currency split.

How do you fork someone off the blockchain if you yourself do not create the blockchain?  The only way you can fork someone off is by mining faster then them on a different chain.  Yet non-mining nodes cannot do that.

If you mine an invalid block, you'll be forked off the chain. That's just how it works, you don't need to mine faster than someone for their invalid blocks to not be accepted.

Who enforces the invalidity of the block?  Is it not the fact that no miners will mine on top of your block if they determine it is not valid?  Therefore that would mean that the miners determine the validity of a block.

Definitely not.  All nodes matter and, as above, they aren’t votes. All nodes enforce the protocol.  Any node that enforces different rules is a fork of bitcoin.  

Just put it to the reality test (as Carlton suggested): contact the mining pools and farms and see if they’ll use this idea. The answer has been explained above is that they won’t, but it seems like you don’t understand how bitcoin works well enough to see the problems with the suggestion and so for you, perhaps asking the current miners why they haven’t already been doing this will help you to understand.

This summer's BIP 148 was a great example of it.

If you mine an invalid block your “vote” isn’t counted by anyone except you...everyone else ignores you, and probably blocks your node if you do it enough. And it still isn’t a vote.

If you want to be PayPal, it is good enough for only miners to have a copy.  All nodes enforce the protocol regardless of your insistence that they do not.  Look at the code.

How exactly do non-mining nodes enforce the protocol?  They can say it is invalid, but what can they do about it?

Duh, they can ignore invalid blocks and ban the IP addresses of anybody who sends one.  To the Bitcoin protocol, invalid blocks simply do not exist.  To full nodes, invalid blocks simply do not exist.

ir.hn, stop spewing the same gibberish simultaneously over multiple different threads whilst ignoring, twisting, or dissimulating around all the thoughtful explanations given to you by smart people.  (Smart people, please stop wasting your time trying to explain to someone self-evidently ineducable; IMO the only task is to provide sufficient answer that newbies who happen across these threads won’t be misled by ir.hn’s disinformation campaign.)

Charlie lee has been warning against this for sometime already

I trust him

So what is the net effect if all non-mining full nodes ignore a block they think is invalid and no longer acknowledge blocks from that IP address?  It would just be as if those nodes no longer exist, and as I've said before, bitcoin worked before anyone ever invented the "non-mining full node".  Unless you can stop other miners mining on the block you think is invalid, you have no power.  Or you actually mine and win the next block, then what you say matters.

To combat the destructive potential of a 51% attack, bitcoin's design and its system of economic incentives has been set up specifically. It has worked and 51% attack has remained hypothetical bogeyman until now.

What the hell are you talking about?  Due to all the idiots trying to stop Segwit in Bitcoin, Litecoin activated Segwit before Bitcoin did. (http://litecoin-segwit.info/)

Litecoin’s Charlie Lee is strongly pro-Segwit (https://segwit.org/my-vision-for-segwit-and-lightning-networks-on-litecoin-and-bitcoin-cf95a7ab656b); so if you trust him, trust him on this:

---

No, you have it backwards:  It would be just as if the miners who are mining invalid blocks did not exist.

Any miner building further upon an invalid block would mining on invalid chain, and thus similarly would be ignored.

When you say nonsensical gibberish such as “bitcoin worked before anyone ever invented the ‘non-mining full node’”, you clearly demonstrate that you have not even the slightest inkling of how Bitcoin ever worked.  Nodes run the network, and always have.  Miners are employees paid handsomely to provide Byzantine fault-tolerant transaction ordering.  Do you even care what that means?  I ask rhetorically.

Bitcoin is decentralized.  This means that no one has the authority to declare a block invalid.  The only person who has this authority is drawn at random according to their demonstration of Proof of Work.

Make sense now?

Bitcoin is decentralized.  This means that no one has the authority to force full nodes to accept invalid blocks.  Miners have no such authority, “drawn at random” or otherwise.

Make sense now?

Miners don't have blockchain. They only process individual blocks. As full nodes maintain blockchain invalid blocks would eventually disappear, as they would never be put to blockchain. When those invalid blocks would not be in blockchain, miners reward would not be in blockchain so miner would not get paid. Does this sound like incentive?

If nobody can declare a block invalid, then why can't I mine a block that pays myself 1,000,000 bitcoins?

The risk of 51% is always on the line, but it's less possible and almost irrelevant for small holders like me with just few btc.

I'm much more worried about the Ver-BCH attack at the moment. They are doing bad to the whole community.

Because Segwit removes signatures from the blockchain!!  Bitcoin Jesus told me so, in a vision.

(There is a problem with ir.hn having spread this garbage across multiple threads, then pretty much completely ignored the substance of all intelligent responses.  P.S., thanks for your intelligent response.)

---

Segwit sinner, dare ye blaspheme Bitcoin Jesus?  If you squint at it hard enough, you can see a 666 in the Segwit logo.  It is hidden and double-crossed inside itself within an ancient Satanic symbol called the Iron Knot of Thermopylae:


And if you play the Segwit jingle backwards, you can hear it say, “Hail Satan!”

The number 51 is also clearly a reference to Area 51.  If Segwit is a 51% attack against Bitcoin, as OP so cogently explained, then how could the grey aliens not be involved!?  Try explaining that away, Segwit shill.

I know this is all true, because I read it on /r/btc.

But that’s not the worst.  There is a frightening secret to Segwit; but I can’t tell you about it, because theymos would ban me.

ugh, my soul has been stolen.

probably the best post to terminate this unbelievable dumb thread here  ;D :D

Segwit is a 51% attack (aka a hard fork) solely because segwit coins have a different attack vector profile than non-segwit coins, making segwit coins non-fungible with regular bitcoins.  Unless you can somehow objectively prove segwit coins are equally or more secure, but if you did it objectively, the result would probably be that the attack vector on segwit coins is higher, such as miners turning them to anyone can spend.

Segwit is not a hard fork, and a 51% attack is not a hard fork. Segwit is a soft fork. You can choose to not use segwit.

The anyone-can-spend vector is complete nonsense. Did you know that pay-to-script-hash was the same way? To old nodes, P2SH was "anyone-can-spend". Today there are individual P2SH addresses holding over a billion dollars worth of bitcoins by themselves. Sounds pretty solid to me. Stop the FUD! It's not helping anyone, segwit has already been activated (and that's a good thing).

BIP 16 was an evil attempt to subvert the blockchain.  All versions of Core have been corrupted since version 0.6.  Now, I made my own fork of the Bitcoin with Satoshi’s original vision.  No P2SH!  To disinfect the chain, I helpfully added a transaction which spends to me all “anyone-can-spend” P2SH outputs since P2SH activation on 2012-02-15, Block #105571.

Also, to scale up and stop ripping off users with fees, I increased the blocksize to 32MB and decreased the block generation target to 30 seconds.  That scales up to 640x the tps of Blockstream bitcoin.  To avoid exploding UTXO growth and solve the problem of lost/burned coins, I added a consensus rule of coin aging; it consolidates all outputs more than 1 year old, and sends them to me for safekeeping.  This will be the fastest, cheapest Bitcoin ever.

Anybody want to join my chain?  Soon, I will post my fork code (it is taking awhile to make this, since I fired Core).  Download that, and connect to 198.51.100.127:8333 or dw7xvnkm4qsv5ikz.onion:8333.  Soon, we will kill off the legacy chain of P2SH-infected Blockstream bitcoin which is non-fungible and has cooties.  All will be flippening over to this chain.  I call my fork.lol Bitcoin Pyrite.

---

P.S., thanks, pebwindkraft.  I didn’t reply to you before, because I thought you’re probably right.  Sorry to seem rude.  Too bad SMF has no “like” button.

You completely disregarded the issue of fungibility.  Bitcoin is not fungible from the start, so people just ignore further issues that add to that problem, but it doesn't mean I'm not right.  Your stance is that fungibility doesn't matter at all.  Newsflash:  it's not money in the first place unless it's fungible.  If it's not fungible money, then all it is is a govt tracking and enslavement system.

How isn't bitcoin fungible? 1 BTC is 1 BTC, whether it's in p2pkh, p2sh or segwit. Bitcoins sent to segwit addresses can be sent to legacy addresses and vice versa.

Username checks out.

---

I quoted at length, to illustrate a point:  The truthfully named “realr0ach” is using textbook smear tactics, combining imaginary problems with real-but-irrelevant problems in an ever-shifting argument.  You properly answered the nonsense about “anyone-can-spend”; so realr0ach ignored what you said, and moved the goalposts (plus made a bizarre, groundless accusation about “your stance”).  As such, trying to squash realr0ach’s arguments will be like trying to exterminate real roaches by squishing them one at a time.

Of course, Bitcoin fungibility is a problem (with various ad hoc, but sometimes fun and creative fixes (https://bitcointalk.org/index.php?topic=139581.0)).  And of course, Bitcoin fungibility is not decreased in any way whatsoever by Segwit.  Actually, by introducing the script version system, Segwit opens the way for new features (such as Schnorr signatures) which will assist or enhance fungibility solutions (https://bitcointalk.org/index.php?topic=279249.0).

Meanwhile, you’re arguing with a self-identified disgusting insect.  Squish.

If you would just create a new address for each transaction as was the original intention it would be fungible would it not?

As illustrated above, you are replying to somebody who misapplied the fungibility issue to FUD Segwit.  That’s a totally nonsensical non sequitur, like saying that gold will crash because I have a headache.  (It is true that I currently have a headache, brought on by too much FUD.)  Segwit transactions are equally secure as to old-style transactions—actually, before confirmation, more secure due to Segwit’s tx malleability bugfix.  The only people ascribing “taint” to Segwit transactions are BCH shills, most of whom don’t own any Bitcoin anyway.

To describe the fungibility issue in itself, and answer your question:  You can create a new address for each transaction—you should do that; and it helps with, but does not solve the problem.  What is really needed is strong transaction unlinkability, so that nobody can consider a coin to have “taint” based on its prior history.  By analogy, consider a $100 bill being passed hand to hand:  Your bank can’t close your account and blacklist you if you deposit a $20 bill which, unbeknownst to you, passed through the hands of a drug dealer, who gambled it with a bookie, who used it to hire a plumber, who bought a widget from you.  Whereas some services such as Coinbase will do exactly that.  (Quick solution:  Don’t use Coinbase.)

Things like CoinJoin reduce the problem, by introducing confusion about which coins passed through whose hands.  Confidential Transactions will really help.  A sidechain with zerocoins would be great for fungibility.  I also expect Lightning Network to substantially increase fungibility:  On Lightning, coins will rapidly pass through many different hands without ever leaving a mark on the blockchain; on a mass scale, this will break up the transactional links which some people use to “taint” coins.  N.b. that Lightning is enabled by Segwit, depends on Segwit, and cannot be implemented by any forkcoin which lacks Segwit.  CoinJoin will also get a big boost from Schnorr signatures, an upcoming technology which will be implemented via—you guessed it, Segwit!

Thus as you can see, the lying little insect self-identified as “realr0ach” was building a pernicious half-truth out of a problem which is real, but here irrelevant.  Nobody is tainting Segwit coins.  Nobody has any reason to, except for Roger, Jihan, and their idiotic sycophants.

Disclosure of interests:  I am a privacy activist, and I lost a painful amount of money on a perfectly unlinkable, thus fungible altcoin; I can’t very well be accused of not caring about fungibility.

who is china after all?you speaks as if the chinese governments speaking
for this issues.and if chine really want to do those hearsays they will do it without
 this long notice because power is in their hands.so better not to engaged with
those nonsense issues.

Yep. Your best post ever.