Bitcoin Forum

Everyone here believes, that Bitcoin system is fully decentralised and is not
affected by any authority.

Almost everyone at this forum understand, that bitcoin nodes work by some rules and
the nodes, that do not obey that rules are simply ignored.

Well. Then I have a question.

We have a single authority, that provided that rules, right?
The same authority is in the posession of the majority of the nodes, as far, as they update to new versions of the software.
Right?

So, we have a single center, that not only presented us The Idea, The Rules, The Standard, The Protocols, The Software - in the past,
but can and will inevitable change the rules, the standarts, the protocols and the software.
Well, software may be reimplemented by the third parties, that is a not a problem.

But the rules? The nodes, that do not obey The Rules are ignored, remember?
One single center have the freedom to manipulate the rules.

Who is the center? Is it a person, or just an account on a hosting? I think, that accessing an account will be enough to manipulate the system.
So, the system is as secure/vulnerable, as the hosting account used to distribute the software, or what?
Your money is as secure as some hosting? OMG...

Eh, you want to tell me how you know how many nodes "the authority" has? And how many there are?

The rules are already on my computer, no one can change them. If "the authority" changes his rules, he'll be ignored.

You can distribute software.

If you are thinking that there are some rules written somewhere other than in the code you are running then you are wrong.

Fiat of the code.  It's the code that's king, not any central ruling body.  Satoshi wrote the code, and published it (not just the compiled mysterious binaries, but the entire code base, which several people have successfully compiled), so you're more than welcome to read said code and understand the rules.  Also, it's unreasonable to assume that satoshi has more than half the nodes, consider a) someone had 1000 cores running at some point, meaning satoshi would have had to have 1001 at least.  Not to mention all the people here who have nodes, and all the lurkers.

This post sounds like the ramblings of a paranoid nut-job, and reads like many conversations I've had with people under the influence of drugs ("The man", "The authority" etc.).  If you are seriously concerned, I appologize for making the comparison, but you're more than welcome to verify the behavior of the network yourself.

I find it ironic that bitcoins are the first scarce commodity money created purely by fiat!

Does that make it fiat-commodity money?

"The authority" has ALL the nodes.
He published the code. You installed that code, look, it's not microsoft's code.

And you will update your code, as soon as new release comes out. Or sooner, to test.
If not, your node will get ignored by the others, who updated and play by the new rules. By the majority, I suppose.

"The autority" will continue to have ALL the nodes.
Fork the code and your nodes will be ignored.
Fork the code and you split the network, splitting it's strength, breaking the system.

"The authority" is single and central.

...

I suppose, that is a valuable argument about Bitcoin system security.
Don't forget, we are thinking about using Bitcoin for transferring the values between each others, not for just talking about it.

If you've got some valuable arguments, show 'em,
you didnt so far.
yeah, "the authority", if you want to call him like that, wrote and published the code
and guess what?
you can READ it and compile it yourself, no need to trust anyone but yourself.
that's what open source is all about.

If it were microsofts code, you weren't able to read it, you'd have to trust (and pay) Bill, but you'r right, it's not.

Yep. You are right.
We all can read and compile. But we have to trust single source of the code, that implements some standard, or
we have to trust the standard, that defines the rules, and implement them by ourselves.
But to do decentralized development, we have to agree on the rules before.
The rules must become public,  static and standard. This is not the case for an experimental phase of operation.

So, you can read the code. No, you can ever write the code, really. So can I.
So what if my code gets rejected by the majority? And your's too?
We do not have enough authority to overtake the majority.

Well. I just want to point out, that saying, that Bitcoin have no centralized authority IS NOT CORRECT.
Because it has. No more. I didn't say it is bad.

The only "centralized authority" is the mathematics behind it.

It's the mathematics that makes it secure, not the "single source".  It just so happens that he's providing the source code, but anyone can write their own client which adheres to mathematics, and have it work on the network.

actually they are.
the rules of "creating bitcoins" doesnt change, its fixed, static and public too,
same goes for transactions and the way they'r saved, in blocks, that's what the whole generating-process is all about,
also static, also public.
what else do you need?
i dont get your point.

Why do people ask to change the rules?

Like changing the thasaction fee value? Isn't it fixed in the static rules already? So why do we still discuss things like that?
Only because Satoshi may change that at any moment, or after some delay when he decides to do that. Or he can't already? Correct me, please.

Why do people discuss the deflation feature, isn't it already a part of the fixed rules?

People propose to change the block generation period, after which the difficulty changes to accomodate to the overall CPU power.
Like changing it to 100 blocks, instead of ~2014 (I don't remember exactly, sorry).
Isn't it the part of the static rules yet? Someone still have the power to change it?
Someone proposing to change the 50 BTC award for "winning a block :)", why don't anyone reacts with "Sorry, it is too late to change now" ?
Is there some other rules, that still discussed and may be changed in the future?

Am I wrong? Is Bitcoin really a final standard? Will it become a final standard?
Until then, Satoshi is the central authoritative provider of the rules of the system.
It is lie to say, that there is nothing like that in Bitcoin.
I do never said anything about Satoshi is going to do evil things with his power.
But he has the power. You cannot disprove that.

We accept the code voluntarily, not by coercion. If better code comes along, we are welcome to leave the current code for the better code. The author of the code holds no power over us or our ability to choose any code available. Therefore he has no authority over us. We have accepted his judgment because he has not sought dominion over us or our common currency.

Satoshi have as much power as Google has over the internet, which is none.

The internet interpreted censorship as damage and route around it. The internet will also interpreted bad money as damage and route around it.

The very fact that we discuss the rules disproves you.  If satoshi was the "central athoritative provider", what point would there be discussing?  We simply ask satoshi to implement it, because he's most familiar with the code and because he's willing to do so.  We're the ones with the power to change the system, as WE'RE the ones who choose which client to run.  Case in point, Olipro wrote his own code to change the system that many of us are now using, converting it to 64 bit calculations.  Is he, also, in control of "all the power"?

Stop with your doomsaying and incoherent nonsense, and put forth an actual argument that ISN'T filled with vague generalities and disconnected sentences.

At this point, if someone released a new client with better features and that was backwards compatible with the old clients, I think people just might adopt it in favor of the old client ... even if it also accepted more rapid block creation or whatever.  Especially if this hypothetical client were to be released by Satoshi and put on the main page.  Once we get a fuller ecosystem with a whole bunch of clients (think how many clients implement Bittorrent) that will be hard - if not impossible - to do.

The official rules of bitcoin aren't written in stone, they're written into the clients.  As long as it is possible that 50%+ of the network could switch to a new client, it is possible that bitcoin could radically change.

Hepatzion: Still, even if 50% of the clients took on a new system, the old clients could maintain their own sub-economy if they so choose.  A merchant can refuse to sell/buy from "version 9" clients, and only deal with people earlier.  While this would cause the economy to be fractured, it'd still prevent a complete dictatorial takeover of the system.  Those who didn't like the changes in the new code COULD, by choice, choose to not use it, and maintain the current economy.  There's no central authority who will arrest/enforce you to switch to the new system.

True.

But let's imagine some fantastic, but still real situation.
Some evil power, like government, terrorists, mafia, you decide, catches some real person, one, who is used to be Satoshi, the originator of the idea.
They do evil things to him, feed him with drugs, beat him, etc... I wish it never really happens.
Imagine, they manage to get the access to his accounts, so they get the power to impersonate him on the web.
Imagine, they are well trained people, well supported and have access to all kind of expert knowledge.

Doesn't that power implies the power to propose new changes to the rules?
Doesn't that power implies the ability to modify the code, that will be used by every Bitcoin user later, after
everyone updates?

I don't know how it is possible, but can anyone please comment on why possessing that power does not
allow anyone to achieve one or all of these goals:
1) ruin the system
2) manipulate the system to harm it's users

Well, you may as well say it's just a paranoia, relax and take a rest.
But then I do not understand why it is not a paranoia to expect Bitcoin to sustain some large power attack.
Sorry, so far you have considered, that some large evil power plays by the same rules, by the rules of mathematics.
But if it is not forced to, why should it? It is cheaper to introduce it's own rules if it have a goal to undermine Bitcoin stability.
It will just use the people factor.
How sustainable the Bitcoin to that sort of attacks?

Open source software prevents such attacks. Bitcoin is still a small project, yet we already have watchmen guarding the code, the operation of public binaries and the block chain.

We have people here who review the code for differences each time an update is released.  I have begun doing this as of the last release.

There are two types of changes that such an impersonator could make:

1) Non-breaking change.  A change can only be non-breaking if it cooperates with existing clients.  It can only do this if it follows the mathematics of the system, because anything which changes the mathematics will be rejected by the other clients.  There is absolutely no threat from a breaking change, unless someone cracks the factoring problem and can solve the hashing problem instantaneously, in which case we have bigger issues to worry about.

2) Breaking change.  This changes the protocol or mathematics of the way the client operates.  Thus, other clients will refuse to work with newer clients.  This raises huge red flags.  This is the only kind of change which could potentially allow said power to compromise the system.  If someone releases a breaking change, I'm sure as hell going to read the code in order to find out what changed.  I'm sure there are many others who would do so as well.  Through open communication, word would spread of this, and releases from said power would no longer be trusted.

So, you agree, that the group of people, or more accurately, the set of accounts, that have the permission to
modify the code, plays the role of the central authority in Bitcoin, and still may affect the rules of operation?
I think, that fact is too obvious to discuss further.
But the whitepaper says it is impossible. Please correct me if I'm wrong and misread the documentation.

Are you angry with me? I have nothing against you personally. I have nothing against you at all.
Sorry for making you so angry, that wasn't my goal at all.

Not so much angry, just irritated by your speech pattern.  You waltz in, claim that "we're not really decentralized" without understanding how it works.

EVERYONE has permission to modify the code, and EVERYONE has the CHOICE to choose what they run.    There is no "central authority".  There just happens to be one person right now who provides bitcoin source.  If that were interrupted, either the system would die, or someone else would take up that mantle.  That fact isn't "too obvious to discuss further", you're simply not understanding the idea behind Open Source Software.

Thank you for your answers.

Then my questions is:
1. What about attack against all or majority of developers, not just one person?
2. What about attack, that involves only one person, but is based on the "plausible deniability"?
What if a modification to the code is hard to identify as something evil in the first place?
And after it is identified, it is hard to ever confirm someone's responsibility to the fact.
Yes, things like that sometimes happen in the real world. And even in the Open Source part of it.

And what if it is a modification to the rules with some untransparent consequences, not visible to your code guards?
Not saying anything in particular, just vague generalities.
What if it will be accepted by the devs? Aren't they the central authority then, that can be silently hijacked?
I am not talking about the interruption of the development team!
What about the well-planned impersonation of the development team of the Bitcoin software.
There is only one team. Well, I suppose, that would be difficult to catch just EVERY developer, but if we talk
about difficulty, then we should compare that to other difficulties, like cracking the SHA function, for example.
What method is less impossible, how do you think?

If someone launches a simultaneous attack on an entire community, there are larger concerns than bitcoin being compromised.  This would require government cooperation between at LEAST 5 countries (maybe more), operating with complete precision, outside the bounds of the law, and violating personal liberties.  Like I said, in that case, bitcoin would be the least of our issues.
What does it matter if that person meant to or not?  If the code is bad, we don't accept it, regardless of if it was malicious or not.
Given that we have a complete history of the code, we can compare VERY specifically the areas that changed.  We know what it did before, and that specifically highlights the areas that changed.  It's unimaginably hard to hide something malicious in a couple lines of code under close scrutiny.
Again, what does it matter who's responsible?  Bad code, don't use it.  If it happens repeatedly from the same person, just stop using their code base.
Again, see above.
That's my whole problem with your posts.  It's nothing but vague generalities, backed up by nothing but your own whim in creating fantastical and inaccurate situations in your head.
Not everyone who reviews the code is a developer who supports the system.  Some people want to specifically see it fail, and are looking for any excuse to point out a flaw.  Again, see above about the simultaneous hijacking.
There isn't one dev "team".  I'm not on a "team" with satoshi any more than I'm on a "team" with the microsoft developers.  Just because we're both programmers doesn't mean there's "one team".

If you're going to follow that logic, isn't there only one "team" of people who use the software?  Doesn't that make everyone who uses it but ISN'T a coder a central authority?

Thanks, you got my point. International corporations may afford such business, given the interest.
Bitcoin should have a sustained development community or freezed codebase. An attack in the latter case is less feasible, IMHO.
An attack against developers community is still possible, again strongly IMHO. This is not a weakness of the algorithms.
This is because payment system depends on it's software codebase. And it maybe cheaper to attack the codebase or the rule-base,
than fighting against the running algorithms. What do you think?

Disrupting the community is easier, than disrupting the argorithm complexity.

... No, I don't get your point.  I'm done arguing with you, you seem to be incapable of processing information.

Bitcoin takes a wide variety of attacks into account. Sure, a rich corporation could attack members of the community, but there's no incentive. While the user base is small, it's vulnerable, but there is no incentive for it to be attacked. A corporation is not going to spend millions to have people killed if those people are not a threat. As the size of the community grows, the incentive to attack increases, but the difficulty to attack increases faster than the incentive.

Edited by adding a sentence.

You have a lot more patience than I do... >_>

As the community grow, the number of developers may grow as well. Thus, it become increasingly more difficult to hide clever malicious code.

But not as much as others... (http://bitcointalk.org/index.php?topic=342.msg5152#msg5152) ^_^

I really think what he is trying to point out is that the scarce commodity backing bitcoin's accounting was created by code fiat. Anyone who changes the fiat changes everything.

Obviously, everone here already knows that.

Also obviously, clarity isn't his first language.

I want the drugs this guy is on.I will even pay him in bitcoins  :D

Aren't you paying attention? He doesn't want your damn centralized money, he was those decentralized paper ones.

1) Solving the hashing problem (finding a message with SHA256 hash lower than given threshold) has nothing to do with factoring. It's RSA encryption that breaks if the factoring problem is solved. Bitcoin does use RSA and will break if the factoring problem is solved, but in completely other way.

We definitely should have economical and mathematical FAQs, because mathematical or economical nonsense appears now and then on the forum and scares new users.

2)  So you message should read "unless someone can solve the hashing problem instantaneously, in which case we have bigger issues to worry about"

These "bigger issues" were already discussed somewhere at the forum, and nothing catastrophic would happen if the cryptographic functions Bitcoin depends on are broken. This again should be a FAQ.

there are several fallacies in your beliefs:

1) because you can't actually comprehend C++, you assume nobody else can.

2) you assume that if satoshi suddenly goes crazy with the code, everyone's just going to let him do it.

3) if we were attacked, you assume people couldn't agree to do a rollback or some other sort of response.

We have better hackers than the government. :D

Seriously,if you live your life in constant fear you will forget to live your life.

Thanks, dear community.

You proved a tendency to discuss my person, instead of my words, well...

Here, satoshi discuss some measures some group of people will take in case of SHA-256 gets broken.
http://bitcointalk.org/index.php?topic=191.0

He talks there as if he was an administrator of the whole payment system. And he is. And I, the user, am not. Do you see that difference, that I see?

For my external point of view, I see no practical difference between the Paypal's board of directors as a group, that
is a central authority for the Paypal payment system, and the group of people, that forms a developers community for
a BitCoin as a software.

Ofcourse, you do see the difference! If you are part of that developers community, you will argue about the complete difference between you and *EVIL*
Paypal (or whatever else), since for you Paypal is an external thing and you (I believe) do not participate in it, but you maybe
not perceive yourself as a part of group which is a central authority for a Bitcoin as a payment system.

But you know what, your personal perceptions is very important, but is not an objective thing. It does not define
my reality, it does not define Bitcoin users' reality. For us, not developers of BitCoin, you are the board of directors of BitCoin
payment system, along with BitCoin as a software project.

Bitcoin do have a central authority, no matter how do that authority perceive themself.
I do recognize, that their influence is somehow limited, compared to Paypal's directors, they cannot do just arbitrary things to all accounts.
But whitepapers will only be honest with readers if they mention what kind of the influence is possible from the developers community.
What is possible right now, while there is only single working implementation.
What threats are actual if we suppose, that majority of users only download the binary on upgrades.
And what really changes when there are active several distribution channels for binaries.
What will be possible later, when current implementation will dominate among majority of users.
What will be possible, when current client's userbase will not form a majority of the network, and there will be no client dominance at all.
What will be possible, if some other client will form a majority.
Etc.

I feel, like that are all open questions, without answers yet, since the community is so distracted by the qualities of my person and the drugs what I take.
I hope, that is because of my person (and my drugs), not because of general ignorance of difficult problems and, ofcourse, not because of any intentions to hide that problems from the public.

PS: I haven't found where is the public key and the signatures for binary packages you are distributing via sourceforge.net. I hope they are really buried somewhere deep in the site, but still exists.

Your person makes no difference to me. Only your words live here.

And your words either point out what is obvious to even the most casual observer.
1) Everyone is not a developer.
2) The code makes the rules.
3) Therefore, developers of the code make the rules.

No shit Sherlock! That really does go *without* saying.

The rules can change! That is not a revelation. What will be considered a valid transaction in the future is unknown. However, what was a valid transaction in the past cannot change. That is the important thing. And the future rules cannot change if the consensus of users doesn't want them too. If it tries, people just convert their value out of bitcoins using the existing system, and move on to another currency. There is no way to steal the existing bitcoin value by anyone, developer or not.

If there is, you certainly haven't pointed anything out.

In the case where you do say something that is not obvious to everyone, it is generally either misguided or nonsensical.



I mean really, WTF!

Oh God! They understand me!
Yes!
But that is not just an obvious property, but is also something, that have a security implications.
And I thought, that it should get duscussed from a security point of view.
At least, that doing so will somehow contribute to security and robustness of a payment system.

1) The rules are buried deeply into the binary.
2) The authority, that guarantees the tamperproof transactions is the rules that runs on the majority of the nodes.
3) The majority of users will download the binaries, not compile them.
4) Right now, there is only one distribution channel for binaries, the sourceforge.
5) No, binaries are not cryptographically signed.
...
PROFIT?

You [only] need a keylogger on the computer, that uploads binaries to sourceforge, to fully control the rules.
Does anybody run NOW intentionally dishonest nodes to inject dishonest transactions to check that they are really and continuously rejected by the majority?
If not, nobody will notice, that rules became weaker in the subverted binaries.
So, the only person, who knows that secret will remain the attacker, who subverted them.
He will only need to wait, until his version dominates the network.
He will steal all your transactions with another version of a client,
since binaries, that are running by the majority, were specifically set up to allow dishonest transactions,
but not to make them.

Perhaps, that could become disclosed and fixed later, but that will hit the reputation of the system very much.
Perhaps not.
Why don't you tell what you think of that?

1. Who said that?
2. Does others agree on that?
3. Can that be proven?
4. Is that proven?

Why not steal bitcoins with transactions, that are dishonestly injected into the blocks, honestly solved by the subverted binaries?
Who will prevent that from going, if the majority is specifically subverted to accept such transactions?
Well, that still may become disclosed. Or not? If it will, how and after which amount of time/bitcoins?
Why not send every transaction to a different Bitcoin address,
just ask it every time from a web-site, or just from DNS?
Or just to a randomly generated address, to destroy the value?

After all, why only I do the analysis?
Do you care?
Or, is that already discussed and known to everyone and obvious for all, except me?
Then, please, tell me. It is not obvious. Really not!

Sorry, that is me.

I'm wondering, why does anyone not discuss obvious security features of the system?
I am trying to invent attacks (sometimes stupid attacks), but nobody says, that everything
is already protected, because somebody worried before me.
They just say it is because of my drugs.
And my drugs aren't really appreciated here. :'(

My apologies, I meant "unless someone cracks the factoring problem OR can solve the hashing problem instantaneously".  I can see where my comment might have been misleading.

I happen to agree with at least the basic premise of this thread, that there still is some central authority related to the development of this concept of Bitcoins.  What Satochi did was to write up essentially a "constitution" in the form of a network protocol in a reference implementation of Bitcoins.  This is useful, but there is a need to add to this with two very important things:

• Protocol Documentation - The specification of the Bitcoins protocol really needs to be nailed down and defined in a formal manner, equivalent to an RFC or an ISO specification document.  BTW, this is something I'm actively working on right now so I'm not merely trying to cry about this particular issue, although I'd like to get some help along these lines or at least some pointers on what parts in the current code base would be better to look at in terms of pulling out the network protocol in a formal sense.  I'll get it down eventually, but "many hands make light work" on a project of that magnitude.
• Alternative Implementations - For a robust network to really take root, many different implementations of the networking protocol need to be made above and beyond the reference implementation.  Preferably, no particular implementation should have more than 50% of the network in terms of keeping the concept decentralized and to be robust in terms of keeping it from getting "hijacked" by government control or other problems of a single person or a small group thwarting the network as a whole.

Mind you, the reference implementation is always going to be needed, and I don't want to dismiss Satochi's contributions to the project in any way at all.  I haven't seen nearly the resistance to getting these kind of tasks getting accomplished compared to other peer to peer networks that I've been involved with, but it is something that should be discussed.  Of these, simply documenting the protocol is IMHO even more important in the short term.

I have to add to this list of the very important things a set of software tests, that will validate any implementation
and tell us, whether or not it comply with the protocol specification and with the rules currently active and whether it is "honest" or not, etc.
That set of tests together with a complete protocol specification should produce sooner or later
some alternative implementations.
A lot of alternative implementations, and they will be as good at interoperating with the others, as good
are the tests and the specification.

However, I still doubt, that such alternative implementations will be functional, interoperable and secure and still will be independent of
any central authority.  :P
Somebody still have to decide on specification and tests. It just cannot self-organize out of thin air.
Do you get my point? You have to have some Working Group/Consortium/Standards Committee/Development Center/Whatever you name it to be recognized as an authoritative source of decisions on specifications and validity tests for BitCoin implementations.
It is obvious, that it is required for future interoperability, but still nobody recognizes himself as such an authority.

Ofcourse!
I'm happy you understand that!

A careful set of tests boosts the speed of development process, making it test-driven.

Open-sourcing the code, that is thoroughly and automatically tested, is the best way to strenghten confidence in the correctness of the code. :P
By "honest" I meant what is meant in the whitepaper, particularly, whether or not it accepts or produces incorrect transactions.
Ofcourse tests are of no use, if we testing a black box, which is simulating a honest Bitcoin node.
We can only test how well does it simulate the honest node.
I'm happy, that everyone here understand that.

But of course a good open source test suite can be added to and strengthened over time, giving the advantages of both a test suite and an open source implementation.  Frankly, I think this is a good thing to implement too, and I like the idea.  The point being that there are things which can be done to strengthen Bitcoins  Sure, a verification is only as good as its test, but tests can be useful for independent confirmation that a particular implementation may be compliant to a specification.

The operable word here is "may", as most of computer science doesn't deal with a mathematically tight proof of conformance.  Most of the time computer software development doesn't have the time or the resources (read manpower) to perform such a rigorous proof.  Even the programming gold standard for bug-free development, the software for the Space Shuttle guidance computers, doesn't ever really go that far.  No sane software development company could ever devote the resources to perform that kind of test and no sane individual would ever spend that kind of effort even with an open source software application except for only the most critical kernel parts of an operating system.

I want to point out that I have heard of several existing "alternative implementations" all created by people other than Satoshi.

People have replace the SHA-256 algorithm with a faster one. Made it work on many different operating systems and hardware configurations. Each of these is a separate and equal alternative implementation.

When you create an alternative implementation that doesn't mean you have to start from scratch or understand the details. You could let a C++ to Java or C# translator do most of the work, while you remain oblivious. Others could pick up your work, learn specific parts, make modifications and remain oblivious to the rest of the system.

Now, I'm not against protocol specifications written in an abstract language. Nor am I against regression testing. However, neither is required for BitCoin to become successful.

The advantage of focusing on the protocol rather than the implementation is that changes in a protocol specification are easier to spot, to review, and to vet.  In addition, if an "upgrade" in a specification introduces a harmful behavior, the various implementations will announce such a problem very quickly and there may be many or most implementors who refuse to go along with the changes in the implementation.

By relying upon "documentation in the implementation", it provides fewer speed bumps on the road to subversion of the network and provides more vectors for a central authoritarian organization of some sort to make changes without consensus from a much larger group of concerned individuals.  That is my point.  It isn't a perfect solution, but it is a solution that can help to strengthen the de-centralization of the project and put the network into the hands of the users.

So who develops the tests?  Wouldn't they become some central authority?

FTW!

No.  Especially if it becomes a suite of tests instead of simply a single test, and merely having various algorithms posted from concerned individuals that want to get involved.  The posting forum may be a "central authority", but not the tests themselves.

I hate to point out the obvious, but by posting here you are implicitly endorsing the central authority of this forum too.

The "They" in that sentence was those who wrote the tests.

The fact of the matter is, by throughput's reasoning, there will ALWAYS be a central authority, because he's twisting and bending the term "decentralized" to unreasonable extents.  Eventually, you reach the point of "Well, I'm trading with someone else, aren't they the central authority of my transaction?  Aren't I the central authority of my own funds?  Isn't the people who exchange bitcoins for USD a central authority?"

Sorry, no, you completely misunderstood my topic.
I'm trying to point out, that instead of just screening themself from hard security problems, that come from the fact of
them being a central authority, developer community would better analyse the threats and protect the project from them.
Right now, whitepaper says, that there is NO such authority, so you may conclude, that the project is totally free from such threats.
1. That is not true. It is obvious to everyone here, I hope.
2. I'd like to read in whitepaper, why those threats are low risk. For me that are threats to my money.
3. I'd like to see the list of known threats with their risk rating and their consequences OPEN and well discussed,
not just brave wording about invulnerabilities of the BitCoin compared to others.

PS: Having a paranoia does not release you from under surveillance, I hope you got the joke.

There is something you may have missed.The developers will not be the first "targets" it will be the merchants who accept bitcoins that will be the canaries in the mine,so to speak.An attack will follow the money first rather than going for the harder targets.As a merchant I wouldnt be taking the risk if I didnt believe that the project was as vulnerable as you claim.The biggest risk is lack of confidence ,which you appear to be trying your best to bring about.This is an issue I have with people such as Alex Jones who push fear and have no answers to the problem.There are enough things to worry about in everyday life without postulating on things you cannot control.Your fears are similar to worrying about some overarching world government when the local gang poses the most danger to your life.You should go away and think about the constructive efforts you can take rather than indulge in destructive thinking.

The whitepaper refers to no central authority in the system.  The algorithm and protocol set forth by the whitepaper DO have no central authority, as anyone can write a client for the bitcoin network.  The fact that there's only one community of developers right now is not a flaw in bitcoin which makes it "only partially decentralized", but a flaw in the breadth and scope of it's current community.

For example, let's suppose some common technology or product hadn't been invented yet, say, telephones.  If they were invented tomorrow, and someone started selling them, there would be only one company producing and selling them.  By your arguments put forward, you would classify this as a monopoly.  While in the strictest sense of the word it is, when taken in context it is not, because there's been no CHANCE for competition to be established.  Soon, more companies will start selling phones, and more people will start buying them.  Some providers might change the underlying technology of the phone to, for example, be encrypted, or transmit data wirelessly.  They're still phones, but the original company has no more "centralized control" over them than satoshi will have over bitcoin, should it take root.

If you want to see a list of known threats and their risks, read the forums.  There's plenty of discussion about 50% attacks, cracking the hashing problem, the factoring problem, DDOS attacks, etc.

In marketing terms bitcoin has the "first mover advantage" . :) This is not a sinister central monopoly it is an age old advantage for the entrepeneur to spot a market need before anyone else does.In the days before government granted monopolies through patents and copyrights it was how merchants could establish brand recogniton and beat other competing companies with exactly the same products.First to market is an extremely important thing in a system where government monopoly is impossible.The solution is to find a niche that no one else has recognised and establish trust with your customers.An example is google as the default search engine in most browsers.How many people never change their default search engine even though something else might be better?Its because google was the first to do what they do best and people had a need for it.Once you fulfill  a need as a merchant customers are extremely loyal.

Poor example, because there IS nothing better. ;)

I think I went over this before but I'll do it again, albeit in harsher terms this time:

just because you are too stupid to evaluate the system in both source code and binary form does not mean that everyone else is

Which means that in order for your ridiculous ideas to bear fruition it would require that EVERYONE capable of understanding the code and binaries be part of a HUGE CONSPIRACY in order to successfully defraud everyone who is unable to understand it.

Let me give you an extremely simple real-world example that will utterly destroy your paranoid rants.

The Linux Kernel

Need I say any more?

Fucking win.

I didn't notice this earlier or I would have responded.


Who wrote the code doesn't have security implications. What the code does, has security implications. If you don't believe the binaries match the source, then build the source yourself. If you can't ask for a binary from someone you trust that has. If you can't do either. You are what we call SOL.


This makes no sense to me. See above.


This almost makes sense, but not really. Most of your points are off enough to be dismissed out of hand. However, I thought of a better example that others might grasp so I'll mention it in a follow up post.


1. I did.
2. Yes, others agree. Just ask.
3. Implemented correctly, yes it can be proven and the risks of the system documented based upon the strength of the crypto. If there are bugs in the code, it is open for anyone to point them out and/or fix them. I tried. I failed. Others may try as they think weakness.
4. Yes, he did a great job in the white paper.


You can't put inconsistent transactions into blocks. The other nodes will reject your blocks.
The entire transaction log is public. Even if you were able to subvert most of the nodes, if you expect the other nodes to accept your transactions they have to be consistent valid transactions.

If you can subvert all the nodes, then by definition you are not running a bitcoin network. You are running a "your silly coin" network.

The rest is nonsense.


Everyone analysis. Just ask Knightmb. Do you think he would have spend one nickel on server time if stealing coins was easier?

You are foolish, to not presume that the community has not already considered every point that pops off the top of your head.



Everyone tries. Everyone fails. Everyone tries again.

You should try again. Just try to understand the system first. Then hack it.

As close as I figure everything throughput is babbling about, comes down to a single use case.

1. Superhacker "Red" wants to steal bitcoins without anyone finding out.
2. Red downloads the bitcoin source from sourceforge.
3. Red adds a little extra bit of hidden code that covertly uploads the node owner's wallet (private keys) to Red's super secret hacker server.
4. Red uploads the hacked binary to sourceforge or somewhere else that people will think it is an official version.
5. People trust the hacked version and begin to use it.
6. As the wallet files come in, Red uses their public keys to submit valid transactions sending the coins to untraceable super secret bitcoin addresses.

He suggests this scenario could be avoided by signing the binaries with a trusted public key/certificate.

no, because Throughput will just say that someone will hack the person in possession of the key and compromise it.

You win the 1BTC Kiba Giggle Award.  :D

While I think the signed binary bit is a non-solution to the problem, that attack vector is really quite likely. Especially while people are competing to run specialty builds that hash fast than everyone else.

A real solution would be to factor the key generation and private key storage into a separate process. The bitcoin client would communicate with the signing process through a well defined interface that took the data to be signed as input and returned a signature as output. It would never expose the actual public key to the bitcoin client.

This is equivalent to what some USB encryption dongles do. http://goldkey.com/

The signing process would have to prompt the user to review the generated transaction, and unlock the wallet prior to signing it.

A user review of the actual generated transaction is necessary to prevent the other obvious fraud vector. Covertly replacing the bitcoin address on a user's intended transaction with an alternate, prior to signing.

What if you had as many wallets as you had bitcoins so that there is only 1 bitcoin in each ?At the moment there is 1 wallet file that would be relatively easy to find on someone's system.Having only 1 unencrypted file that holds your wealth is a vulnerability.Having 1000 files each needing a different pgp key to open would be a nice security feature.

Sounds like a maintenance and management headache.  Nobody will want to remember 1000 different passwords, or manage 1000 different keys all over the place, so that just moves the problem from one location (wallet) to another (key management and automation).

I'll repeat.

1. There is two separate entities, both sharing the same name NOW, which is not required at all:
    a) Bitcoin payment system as idea, mathematic model, protocol standard, rules
    b) Bitcoin software project, the implementation of the idea, the model, the protocols, etc, the binaries.

2. Payment system have it's own set of (possible) weaknesses and vulnerabilities,
    only some of them are caused by the software implementation, that is NOW available
    for public download from sourceforge. Diversity of implementations helps
    in isolating the software vulnerabilities in smaller subset of nodes, which does not
    necessarily form a majority.

3. The Bitcoin payment system heavily depends on the majority of the nodes to be "fair"
    and play by the rules. This is by design, not an implementation specifics. Somehow we just
    hope, that majority will just be fair. There is not any protection from nor detection of the otherwise case.
   
4. To control the payment system an adversary only need to control the majority of the nodes,
    whatever reason he want to control the payment system for, we do not limit his motives for
    the purposes of our analysis and never try to define them, dear Red. He may aswell just
    wish to hit a competing payment system, never try to steal your coins. The less users
    accept bitcoins, the less they are worth, do you understand the idea? Reputation is everything.
    However nothing restricts him in his deeds.
    Question to all: What exact threats to the payment system arise in the event of an adversary
    temporarily controlled the majority of nodes for a long enough amount of time? Perhaps going
    undetected. I count that threats as real world threats, not only imaginary, so request
    them be documented, at least here.

5. In the situation, where there are several equally popular implementations and no
   implementation run on the majority and at every moment every user may decide to
   switch to another implementation, then the payment system becomes less affected by
   the vulnerabilities of a single implementation and the vulnerabilities of implementation's
   software management process.

6. Even when there is only single implementation, diversifying the binary distribution, as with
   GNU/Linux, makes it much harder to subvert only one binary
   and write on the forum something like: to force the majority to upgrade to subverted binary and become controlled.

7. Signing binaries, publishing signatures, diversifying the binary distribution channels
   makes it harder to subvert just one single binary for subverting the whole network.
   Just adding a Bittorrent channel improves on that, but does not solves the problem
   completely.

As usual, system security is as strong, as it's weakest link's.
And I found, that the current process of distributing the binaries for Bitcoin payment system makes that payment
system too risky to convert real quantities of real money into bitcoins.
There is only one "official" site distributing binary. That makes the entire Bitcoin
payment system as secure as desktop of the user who have write-access to sourceforge.
I hope he trusts his desktop and network. But why should I? Even if I distrust his computer
and compile by myself, that does not protect the majority, which I believe, just downloads
the binary.

What is your opinion?
Would you object against my perceived value of the risk or against the vulnerability as a matter of principle?

Meantime, haven't I found too much central points from which Bitcoin can be controlled for it to become enough centralized?  ;)
I always thought, that one central point is already enough for that... But, well, okay, that is your forum, your rules.

How else it is going to work, throughput?

I don't understand your question.

Are you asking me to propose a better design solution?
No, I'm definitely not going to propose a better design, I'm just discussing the current,
if I have promised to do that somewhere, I take my words back!

I meant that the Bitcoin payment system depends on the majority, but nothing is proposed
to even monitor, whether the majority is playing be the rules or not.
If the majority is the inherent key concept of the system and Bitcon depend on that so hard,
then, shouldn't that concept be protected better? Well, just diversifying the distribution of binaries
will improve that a lot, I think.

This is an economic nonsense. It what people believed that make money "real money". The fact is, people are exchanging USD for bitcoins, and then use that to purchase various services and and goods.

However, it is an economic nonsense that we would like potential adversaries to believe in.

I got your point.

If you have built that system for yourself only, that is OK to ignore something, that you don't believe in,
until it strikes you, which may not happen at all, since you may be protected by your low significance from
being targeted by any adversary via such exotic method.

But then you will not get wide adoption, if that same thing is perceived as quite real by the others.

If you are not for adoption, that may be OK. Do others agree with you?
You may aswell ignore others too, what's the heck.

I have presupposed, that Bitcoin is going to be widely accepted as a international payment method,
sorry, if that was not the intents of the developers.

If Bitcoin manages somehow to get used widespread, which is not at the moment, then there will be enough
possibility of any adversary.

If you mean, that by that time Bitcoin will be managed properly and will invent some means of protecting the majority
from being overtaken by, then I object to that. It will not become widespread, since it ignores obvious security
problems. It will just not get enough trust to be used as money by a people.
It will only be used by crypto exremists, like me and you. And will not get adopted in the wild.

The bitcoin network strengthen with an addition of a node. Thus, the bitcoin is quite secure from the perspective of controlling the majority of nodes problem.



Security is not everything, throughput. It is also a tradeoff. You can have the most secure system in the world but what's the point of using it if it is massively inconvenient? Sure, we should try to increase security and fix vulnerability, but then we have to weigh against opportunity cost of such security.

This is very true.  It is a major weakness that Satoshi does not PGP-sign the hash signatures posted on the front page of http://www.bitcoin.org/ (http://www.bitcoin.org/).

I don't believe, you meant, that distributing the compiled binaries via diverse channels, like GNU/Linux do now, makes Bitcoin
payment system massively inconvenient.
I don't believe you mean that... If you feel to argument further, you may continue in PM.

That is only true, if the majority don't download and run binary executable from a single site.
Single site (like any other) may be aswell just get eventually hacked, after all.
I propose the possibility of adversary controlling the nodes by controlling their code.
If new node run subverted binary, then what? You can't believe that can ever happen?
Then I believe it is real. I have had similar experience in my past, so I believe, that is REAL.
I have a hosting of a half of a thousand of sites, and there is always one to three sites in
a hacked state showing SEOs garbage, and logs shows accesses from foreign IP addresses,
but always with valid passwords.
Stolen accesses to the hostings are being sold in the black market, they are demanded by black SEOs.
Sourceforge account looks like a possible target to be stolen and sold, doesn't it?
Who knows, maybe it is being actively sold right now, but nobody wishes to by it...
Guessing that may drive you crazy.

Signing the binaries and publishing the signatures of all versions helps to identify and prove the problem
after it happens. No signatures, as NOW, makes subverting possible to go completely undetected
and unprovable later.
Nobody will ever notice the trouble is happening and start coordinating their efforts.
That makes risk for me as a user higher.
Everybody else is free to ignore that aswell.

You guys are still arguing with this buffoon?

He's arguing that the system should be secure even if the majority of people are compromised.  There's no way to control that.  If over half the people in the entire US economy conspired to specifically thwart the others, they would succeed.  If over half the computers coordinated to falsify the internet, they would most likely succeed.  But, if you control over half the internet, what's the point of subverting it?

This very fact is what MAKES it decentralized:  The majority controls the system, not some subset/minority of the population.  Not even to mention the fact that 51% would probably be insufficient to overpower the system convincingly, as it's still dependent on luck.

Everyone is free to read my posts and discover, that I'm arguing, that the majority of people should be better
protected from being compromised. And that the authors of the Bitcoin should get concerned by
that security risk.

I'll not cite him here ;) ...

But how exactly should they be better protected?

By giving them a chance to download binaries, compiled and distributed by several trusted parties, like with GNU/Linux, instead of just single trusted party via single channel, like NOW.
And by distributing tamperproof checksums of the binaries in a public places, like news sites and forums.
Right now there is only one download location for the lazy and unwary - sourceforge,
but that is not required by design.

Actually there are several people on the forums who are working on doing exactly what you just advocated, I'd advise finding them and contributing.

No you aren't. Unless I misunderstand you want a minority of honest users to be able to stop a majority of thieving botneters. The system as it is right now protects the majority, you are advocating ending that.

Not everyone automatically updates to new versions right away when they are released. New versions have to work with old versions or not work really at all.

Still rules are not embedded in stone. they are embedded in code which is really pretty easy to change. Just making changes that work right is slightly harder. If someone comes up with a change that people think is good they will use it. If it is a disruptive change the of course disruption is possible till one version wins and the other version gives up. If conflicting versions continue then forks could happen, then we have bitcoin and bitcoin-v2 or some such with floating exchange rate between the two.

None of this frightens those who understand it.

How's that?
Can you elaborate on that?
Whatever your intentions are, nobody is forced to accept my point of view here.
Nobody is either forced to know or understand it. So, ofcourse, you don't have to understand me.

The system as it is right now FORCES the majority, NOT you, to download precompiled executables from sourceforge.net download page.
I can imagine that as a kind of protection for them, but only if all the links in the chain from the source code store through the build node to the download page are as protected, as international banks payment systems are.
The protection you talk about is in effect only in the case when the files, that are downloaded in binary form are not
hiddenly patched by a third parties for whatever reasons.

I want, that a majority of honest nodes will never become thieving botneters behind their backs, without ever knowing that.
Some here just said, that is impossible to stop, I say NO, that is not true, you just need to diversify software delivery channels for the end users.
That risk exists even for GNU/Linux distributions, but it is small, since it is thoroughly mitigated, and compared to Bitcoin, Linux does not depend on the majority of nodes to be honest to survive.
So, everybody is free to take the best practices of Open Source software management, everybody is free to ignore them either.

You may also argue, that I'm pursuing my own evil interests here, I'm just waiting when you say that.
I won't be surprised, promise.

Here, that man is going to change what is right now and bring you what I want.
http://bitcointalk.org/index.php?topic=686.0

Thank God, obvious security threats are being mitigated by that.
Community will benefit further, if it will be possible to download Bitcoin software from a hundred of
diverse locations, and all they will not be controlled by a single person, like NOW.

Good answer...

Bitcoin use criminals only 0,1 %
Others people use Btc for good purposes..

Criminals use fiat currencies 😏 💱



Again...

80 % bitcoin speculation...

20 % real use for buying, selling items and other...

Many thanks for watching

Best regards

Donatas Leonavicius