Bitcoin Forum

It's been a while since I posted here about eMunie but it's news time :)

Before that though, there has been a number of threads recently that Ive lurked in, both with support and opposition, which is cool, free world and free speech :)  

I decided to keep out of those threads, primarily as I was of course busy working, and secondly, I didn't feel a response to some of the challenges aired in those threads to me warranted a reply just yet.

Some of them still don't, namely the closed source nature of the project for a period of time post launch, and the "pre-mine".  There are reasons for both, reasons that are justified and the decision is made...not by me, but by supporters of the project as a collective vote.  These are subjects I will not comment on in this thread, so I wouldn't waste your or my time posting about them.

One thing that does come up a lot is the lack of whitepaper and specifics, which is a fair point.  However, the way that I like to develop eMunie, and have so with (very large) projects in the past that have all seen great success, is with an agile methodology.  Talk less, code more, that gets things done, talking does nothing more than heat up the air around you.

On a few occasions we have had an implementation almost ready, only for someone, somewhere to have a better idea v's that implementation.  A member of this board in one of the threads (I forget who) called me out on that and challenged it, arguing that it was bad development practice.  I think that in-fact the opposite is true, it would be bad practice to have a better implementation on paper, and continue with the inferior one.

This is the reason behind the lack of whitepaper and concrete specifics, this project has been an evolution, it is my only endeavor at present, and I have sunk a lot of time money and effort into.  I am going to get the best implementation, no matter how long it takes, how much it costs, or who I piss off :)  That also means not wasting my time on whitepapers and specifics due to a potential better implementation being discovered that would warrant a re-write of any documentation or communication.

As of this week, a part of the system has been finalized and will not be changing as it is perfect for our needs and meets all the requirements we had in terms of anonymity and security.  Thus I am prepared to disclose some more technical information regarding its operation.

So, with that said, on to the good stuff :)

Over the past few days, the final components of eMunie's new transaction protocol have been implemented and initially tested. The results are as expected, the protocol functions perfectly.  This protocol improves drastically on the previous implemented protocol, and indeed over all other crypto-currency models currently available.

This protocol targets 2 key important requirements of any financial system, especially an online, public, distributed system such as eMunie. That is anonymity and security.

At present, existing crypto-currencies employ a pseudo anonymous protocol for transactions, whereas the sender is difficult to determine, but the receiver of the transaction isn't. Should one have knowledge of an individuals "address", it is easy to discover all incoming transactions to that address and the value. With additional work and effort, it is possible to uncover information pertaining to the senders of these transactions.

The public nature of this information could potentially leave the owner of that address open to attacks from scammers, fraudsters and other illegal activities in an event to steal that owners wallet and the funds within, especially if they hold a large balance.

Many people publish their addresses for alternate crypto-currencies on internet forums and websites, and such undesirable individuals may research that address and the funds it may hold, and target the owner of that address.

eMunie now provides a 100% secure and anonymous transaction protocol, which is able to serve all the other components of the system (POS interest, hatching (mining for the un-educated) earning, etc...), and ensure that all transaction information is safe.

The only publicly available information regarding any transaction is the value of said transaction, and the time it was sent, all other information is encrypted and secure. Information such as the sender, receivers, embedded transaction messages, and other information is private between ONLY the sender and receiver of that transaction.

Operation

Transactions are now composed of multiple, separate components, namely:

    Transaction header containing total transaction value (TV), transaction time (T) and transaction signature (TS)
    Transaction outputs containing receiver data (RD), sender data (SD), output value (OV) and transaction secret pt.1 (S1)
    Transaction data packet which contains information regarding the sender, receiver, user message, transaction secret (S2), and transaction signature key (TSK).
    Transaction input containing source unspent transaction (UT), transaction secret (S2)

We have developed a ECDSA/ECIES hybrid that allows both EC algorithms to use the same key pair without compromising security of either algorithm, which are then used to encrypt the transaction data packets, and sign the transaction signature.

Upon sending a transaction, the sender will provide a list of unspent eMu that are able to honor the outgoing transaction. With this list (known as transaction inputs), the corresponding (S2) and (TSK) for those unspent eMu , which are available in the Receiver Transaction Data packets of those transaction inputs, are populated into (S2) of the relevant transaction input.

Transaction Data packets are encrypted with the receivers public ECC key (the sender has the same data encrypted with theirs) embedded in these transactions. Only the receiver and sender can decrypt this information and only the receiver can spend. By ensuring that only the receiver can access and use the (S2) and (TSK), it can be proven that these eMu now belong to them.

Transaction outputs are then created to the new receiver of the eMu being spent, sender data and receiver data are created and encrypted with the sender and receivers public ECC keys.
An (S1) - (S2) pair is created, and stored in the transaction output (S1) and the Transaction Data packets (S2). "Throwaway" key pairs are created, one is used to sign the transaction (TS) and the public key is placed in (TSK) for the receivers.

Upon a hatcher receiving this transaction, it is able to verify the unspent transactions are not modified by checking the transaction signature (TS) against the provided (TSK) and that the spender is allowed to spend by matching the one way mathematical function (S1) to (S2).

Save for a general ECC exploit and breach, or the senders keys being stolen, it can be assumed that the sender is permitted and is indeed the owner of these eMu and that they can be spent, as no other party would have access to the required (TSK) and (S2) values.

Anonymity

From the above, you may have noticed that at no point is the receiver and sender eMu address publicly available. It is stored in the Transaction Data packets, but these are encrypted and can only be decrypted by the sender and receiver of that transaction alone.

ECIES (the encryption algorithm used) is strong and currently unbroken (and will likely be for many many years), so it is at very small odds that a 3rd party could crack, and view this information.

Clients will receive a record of all transactions in the network, and will attempt to decrypt them. If that decryption is a success, then the transaction is for that client, if it fails then it is not and there is no way to see the contents of that transaction other than the publicly available data.

Closing

The above is a short, but concise description of the fundamentals of the system and protocol now in use. Some elements have been omitted, as we may want to pursue patent applications at a future date for these particular elements. However, the omission of them does not in any way dilute the description of the protocol operation above.

As you can see, eMunie is 100% anonymous in the block tree / transactions and is secure.

Sounds like eMunie is some unusual kind of vexel rather than cryptocurrency.
Quoting in full to preserve text for future generations, just in case :)

Very interesting. I'm excited that there is another innovative ALT currency coming on the scene. It seems that development is moving along nicely. I wish you good luck on the development & release.

All the pump and dump/copycat coins will be worthless in comparison to something that is truly ground breaking such as eMunie.

Cheers,

Ch

If only the recipient (and sender) can read a transaction, how can you verify that the transaction is valid and based on previous unspent transactions (that you can't read)? You then have to be able to verify those previous unspent transactions are valid by checking the previously unspent transactions they depend on too.

I can't imagine how any sort of anonymous system could work besides one that abused BIP 32 or used Zerocoin's innovations.

eMunie can potentially improve how cryptocurrency works at the most fundamental level, rather than a patch up here and there. Definitely one to watch.

Which you can do, as the inputs (and thus the required S2 component) are stored in the block tree.  The S2 component can only be provided by the valid receiver of those EMU's, so you can be sure that the input & outputs in question are legitimate and can be spent, without ever divulging the address.

All you need to know is that whoever is sending them, is allowed to, which this protocol can achieve.  You need to know nothing about sender and receiver.

If I catched the idea correctly, every address (in Bitcoin sense of word) is covered by an alias unique for each transaction. Were addresses used once and only once, there is no edge over Bitcoin system. But for reusable addresses such aliasing reduces the load on private ECDSA key and provides some protection from bad entropy sources (google "Debian SSL fiasko").

UPD. Probably I was wrong comparing eMunie with vexel, but let's wait for whitepapers.

Indeed, you are kind of on the right track.  The "throw away" key pair with the S1-S2 pair is your proof that you own those eMu from that transaction.  So your actual address is never seen.

It is only in the sender and receiver data packets for records sake, so you can use the same address for receiving transactions over and over.  

That address, or public key, is publicly available in the block tree, as it is needed for actually encrypting the receiver transaction data packets (public key/addr pairs are broadcast to all clients), they are also used sending encrypted messages and other services.

I had a major gripe with Bitcoin (and Litecoin and *insert alt here*) with the following use case that will IMO severly hinder mass adoption...

Imagine that Bob has a subscription with John's service/product.  Bill sends a payment to John, John saves address 12345 as Bill.   Next month Bill sends another payment, but due to the nature of the beast, BitCoin creates a new spend address, say 56789.   John gets a payment from 56789, but he has no idea who it is from unless Bill contacts him, OR, John has to call ALL his customers to find out who it is.

Bill public, and John merchant now have extra admin to do to use/offer services, and it just wont cut it.

If BitCoin was able to use the same address for all transactions, then there wouldn't be a problem, but it can't do that, otherwise anyone could see who was sending what to where.

With eMunie, you can now meet the re-use address requirements for that exact scenario (and many others), safely and without worry.

For subscription services (or mining pool payouts, exchange deposits etc) new unique address is generated for every payer and all payments to this address are deemed to be from the same person. But to spend coins payee have to use his private key repetitively (or hoard money at that address). And my concern is that such reuse of private key causes the key to wear out.

So then all text messages sent with eMunie is also encrypted?

Looks like they are. But it's really bad idea to use the blockchain to IM-style chat. Imagine that you've sent a bit frivolous message with it. Time passes and after ten years, divorce and new marriage your words are still here, waiting for Moore law and cryptography to catch up. What's worse, when your message finally gets decrypted there is a bold chance that it can be provably linked to you.

Yes they are encrypted with the same address keys, but messages are not stored in the block tree, they are handled by a different service withing the client.

Only transaction messages are stored in the block tree.

Sounds pretty interesting.. I might have to give this a try when available.

Join us at forum.emunie.com

What a coincidence!

I think you are confusing k to mean key, it doesn't.  k is a random number that you apply to components of the key to create a signature.  The same private key can be used many times providing that k is random for each successive signing/encryption.

As per your referenced wiki doc...

CURVE    the elliptic curve field and equation used
G    elliptic curve base point, a generator of the elliptic curve with large prime order n
n    integer order of G, means that n * G = O


    Calculate e = \textrm{HASH}(m), where HASH is a cryptographic hash function, such as SHA-1.
    Let z be the L_n leftmost bits of e, where L_n is the bit length of the group order n.
    Select a random integer k from [1, n-1]. - This is what counts
    Calculate the curve point (x_1, y_1) = k * G.
    Calculate r = x_1 \pmod{n}. If r = 0, go back to step 3.
    Calculate s = k^{-1}(z + r d_A) \pmod{n}. If s = 0, go back to step 3.
    The signature is the pair (r, s).

If k is static then yes you can recover the private key.  eMunie doesn't use a static k, that would be rather foolish.

Where is Etlase2 (https://bitcointalk.org/index.php?action=profile;u=28832)?

Oh.. wait! ...is he busy coding Decrits?  :o

That is strange. I saw him on our forums after this post was made, but nothing here. booo.

Even proper reuse of ECDSA private key makes it less secure. Satoshi did very good work protecting Bitcoin from possible future advances in cryptography - new addresses are created whenever it is appropriate, before first (and, ideally, the last) use public key is secret, only hash of it (address) is exposed to the public. But Satoshi did not forbid intentional address reuse, thus making key reuse possible.

And every (r, s) pair derived from the same dA and exposed to the public means more food for hyperlinearization and SAT-solvers. (Some day those two beasts will meet together and produce fertile offspring :))

Looks like key wearing problem is solved by eMunie, be it intentionally or accidentally :) And I certainly don't suspect you in using constant as random number generator :)

That I understand.

Perhaps I need to make some particulars of the operation a little more clear.  The public key of an address is used only to encrypt the data, and "wear" of a private key in that manner I have seen no evidence of.  Even if the same "issue" is apparent, with data I would imagine it is a LOT harder to solve the private key as the data is not a fixed length or quantity or form as a hash, as the data could be anything, which adds to the entropy in that scenario.  If you have a link to anything that suggests otherwise, then I would like it read it :)

Signatures you are correct, using the same private many times on many signatures can open a possibility of finding that private key eventually as you have many samples to test against.

In eMunie, the signatures use "throw away" key pairs, they are used once and discarded, the private key is never stored or transmitted.  In this manner it is impossible for any situation like you describe as each transaction has a new key pair to sign signatures.

So "Looks like key wearing problem is solved by eMunie, be it intentionally or accidentally" is VERY intentional. :D

OK, OK, take no offense :) Your main concerns are (as I understand your posts) anonymity and ease of use for merchants and customers; I was concerned about key wear problem. So if there was any miscommunication I'm sorry for it.

Oh I was just double checking that the guy proposing to patent this didn't know what ECIES was a week ago (http://forum.emunie.com/threads/encryption-ideas.202/).

There is also prior art (https://bitcointalk.org/index.php?topic=5965.msg87757#msg87757), and what looks to be a much better idea than yours and that one here (https://bitcointalk.org/index.php?topic=246245.0). Time for a rewrite again, lol. Also prior art (https://bitcointalk.org/index.php?topic=196378.0) on using ECDSA to encrypt.



What does ECDSA security have to do with double spending? (Nothing.) This does not answer anything about the viability of the network's security model. It also throws out any notion of your eMugraph, as if it had any viability to begin with. Still working on that AI to determine how much money to create?

There is no "key wear" problem with ECDSA as long as k is random, so it's rather odd that you've fixed a vulnerability that doesn't exist.

Bitcoin v09 will offer significant merchant improvements including recurring payments support - http://thegenesisblock.com/significant-merchant-improvements-planned-for-bitcoin-v0-9

Is your opinion based on your own research?

UPD: I saw an odd hint in one of http://en.wikipedia.org/wiki/Nicolas_Courtois (http://en.wikipedia.org/wiki/Nicolas_Courtois) publications that some very novel approach is being developed in this area. For me that's enough to start worry.

From those links u posted it looks similar but it is not the same, also from what I can tell it looks like a lot of talk but no action. Has there been any implication on these ideas? If so please provide links.

Actually, I am partially incorrect, it should be (apparently) as long as k is chosen carefully (http://eprint.iacr.org/2009/363.pdf).

Piss-poor implementations of ECDSA such as the thread you linked to earlier is hardly evidence of a problem of key wearing.

Consider me discussing this on wrong forum :) Alternate cryptocurrencies are not alt.crypto :)

Whatever, it's hard to take you seriously when you bring up a bad implementation of ECDSA as evidence of a problem with ECDSA. I am always open to learning more about cryptography, but coming out of the blue with implied theoretical attacks requires a bit of exposition, don't you think?

I don't :)

No problem and no offense taken.  Constructive communication is whats key.

Last time I checked transmission was different to encryption.  Encryption was only the part of it.

I've never attacked anything of yours, your decrits idea is not a bad one, and yet you seem to be hell bent on criticizing me and my work. I aspire to be professional at all times but tbh I'm getting quite royally fucked off with it.

Regardless of if I succeed or not, at least I'm actually attempting it instead of just blabbering on about it for 13 months.

+1

omg statements like these... How is this in any way a response to what I said? It doesn't even mean anything.


Right, criticizing meaning: I asked questions in the initial thread about the security model that are unanswered to this day, and someone asked me to provide thoughts on emunie in my thread to which your puppet army took to task. And the only reason I posted in this thread, because it once again is meaningless if your security model is inept, is because puppet #1 just had to send a pm going "look, it's secure!" when this is clearly no network security model.

The major questions of emunie's viability remain unanswered, thus any proposed bells and whistles are uninteresting. There is nothing for me to criticize except the lack of detail.

If that the case then so be it, and those questions will be answered as and when I am confident that the systems that deal with them are complete and comprehensive.  This post was about anonymity and the security of the transactions themselves, not about double spending, or wallet theft or a multitude of other security related issues.

Your problem is the aggression in your pursuit of answers to these questions, which comes across as acute arrogance and a disrespectful attitude. Both of which I have no patience for.

I am neither an inexperienced developer, or full of hot air, and while I more than have the credentials and experience to back myself up, preaching about these on various forums would make me sound a complete twat, so I refrain from doing so.  The proof is in the pudding so to speak, but that pudding isn't ready yet, so calling bluff on something unfinished is just childish.  That not being your intention matters not, as your execution of it is what causes friction and disgruntlement.

For what its worth, puppets require puppet masters, and I don't influence supports of eMunie on what they post, they have their own minds and the opinions they express are there own.

Additionally to the above, there have been MANY people that have questioned eMunie and what I want to do with it.  Some of which have pointed out potential flaws that have been investigated, others that had concerns that weren't justified when looked at.

Point being, I had zero problem at all with these questions or queries as they were presented in the correct and respectful manner, not "demanded" which is how your queries come across with a hint of ridicule.

I gave up that pursuit. You've made it clear that it will bear no fruit by not bothering to respond on your board to some simple, direct questions--this was after encouragement from the emunies to post there.


I haven't called your bluff on anything. I came here to respond only to those who think that this post somehow answers an unanswered question. It is, however, an ongoing trollfest at this point and I will end it here. The mentions of prior art was a touch over-dramatic, but I did recall the first thread I linked to offhand. ;)

Your cryptography experience is suspect. I am sure you are learning quickly, but you have made some posts that do not sound like someone who understands deeply things like BFT and sybil attacks and double spending.

If you are calling out my cryptography experience then perhaps I should call out your general developer experience, 12 months of an idea and not even an Alpha.

I understand plenty enough to complete this project, and anything that I happen to come across that I don't, I will learn until I do...there's no shame in that!  Perhaps I should expect you up to create a AAA first person shooter, or a mobile phone operating system, or some RFID hardware and when you can't ridicule you for it?  No, that would be immature.  None of us knows everything, sore fact to swallow I know.

There's a saying you know, you might want to take heed to, it taught me a lesson a long time ago....."The greatest mistake that smart people make, is thinking that no one is smarter than them."

Was it not you that programmed this somewhere in the background without any review and announced an official release date in your initial post regarding emunie? Was that not somewhat immature? There are not simple solutions to BFT, sybil, and double spending, not to mention scalability, and all this without proof of work--it is a lot to chew on.


Are you not following the same words? Presuming that you can fix all conceivable problems with no peer review? It seems like you've already had to fix an awful lot just based on the few tidbits gleaned here and there.

The release data was never "official" I believe in my initial thread it was a "around 21st June".   That changed because once there was support a number of new ideas were formulated that were better than the originals, isn't that peer review of a fashion?  Granted "around the 21st" was probably a little hasty.

Which leads to my next point, nothing was ever "broken", just better, more efficient ways of doing the job were found.  As I said in the initial post here, what good is discovering a different and better method only to go with an original inferior one?

Bottom line, you don't like the project, the idea, whatever that might be, then that's your opinion and you are entitled to it.  My issue with you is the way you present yourself...almost demanding that I answer your queries as if I am obligated to do so and require YOUR approval to proceed.  

Unless you are a "big dick" in the world, that approach of social communication will never get you anywhere. With that in mind, unless there's something you haven't told us, there is no evidence of you being a "big dick" so perhaps take a slice of humility cake and you'll find that people are more interested in what you have to say

+1

~sumdood~

You are mistaking directness for demanding. I see no need to beat around the bush. This is also the internet--fuck pleasantries. You ran away pretty quick from the tough questions in the original thread, and it only makes it look like you don't have a valid answer. It's OK if you don't, but if you won't answer, the only thing you leave is for those who can speculate to speculate. I will like the project if the project is not some pyramid scheme and is defensible under heavy scrutiny. I will not like it if a bunch of people get carried along into losing their time and/or money. While the situation with emunie is somewhat different, it is still a safe historic bet to go with the latter scenario--until proven otherwise, which you can change at any time.

edit: I should note that I consider bitcoin and all of its clones just a long con, and really the only other two (solidcoin and ripple) are quite shady in their own right, so I have a pretty poor view of cryptocurrencies in general. So I do applaud the fact that you are working on something different, especially in regards to the money creation process, but it has to be bullet-proof.

Something I'm in total agreement with you on.
I can be a bit of a troll here on btt, pretty much because I mostly believe btc and its million clones are not what they present themselves to be; ie a fair alterative currency to the 'evil' bankers fiat.
You'll see a common theme over time I present, that it seems to me most in the crypto community want an alternative to the 'evil' gov/bankers controlled currencies, yet cryptos are a clear proof that most people act the same when given the similar powers to the 'evil' bankers.

I've said it time and time again all cryptos that come from within this community are instamined (in terms of being accepted by the broader community, which is most's stated goal).

imo Bitcoin (or any of the rest) are only considered a success because of their price verses USD, none are all that useful to average joe as a genuine alternative currency to the bank controlled fiat (thats my opinion and it hasn't changed being in the crypto community for many years).

Now I entered the emunie community and questioned Dan from that perspective, I can say for probably the first time in cryptos I've been happy with well let say 75% of the answers.
I've attack aspects of emunie pretty hard (and we still agree to disagree on many areas), but Dans has always treated me respectfully.

From many chats with Dan, I've seen he's not an expert in every single area that such a large project covers, he's brilliant in some areas, though where he lacks he's a pretty quick learner, the big positive is where he lacks he has the advantage of looking at it with fresh eye's (and in this he has certainly thrown in a few surprises).

Dan is working tirelessly on the project with the aim of making a geniune useable currency for joe public, I see for him he's very motivated about the project not about making bundle of money.
For me thats a good start in getting my support, and from being in all the beta's (I think we're closer to omega though) and extensive questioning I think he has a great chance in achieving emunie's aims.

Smart people don't think others are stupid (http://sivers.org/ss)  ::)

A man after my own heart. After witnessing the sheer horror that has become the crypto scene as of late, emunie in my eyes is a very strong breath of fresh air that I personally am throwing a lot faith behind simply because of the sheer potential game change that it could mean for the crypto scene. You should come beta test with us.

Game changer or not? I don't know.

One thing I know - eMu is backed by at least half a dozen of people who have the balls to walk the talk -> that is what refreshing to me.

Sure, eMu doesn't have all the best of the best, not yet! But for a pre-launch, have you seen anything better?

mikaelh, for example, is a brilliant coder, but he did not get involved with Primecoin until it was launched.

As an analyst, I predict there will be a flood of people wanting to join the team once eMu is on exchanges and has proven it's rock-solid system as a currency.

The BTC trolls will hate it, because eMu is immune to GRQ parasites, so they can't make quick bucks of it, but the smart ones will not fail to recognize its true potential to change the way we:

• trade
• communicate
• store things online.

yes, it's not just trading, there are lots of ambitious plans with eMunie, just not publicly annouced yet.

I want to learn more. Is eMun inflationary deflationary or something else? Where can I read more about it? I want to learn why traders will not be able to profit from trading it (if I understood that part properly?!).

forum.emunie.com and emunie.net

Holy shit this thread is hilarious. "eMunie" - that sounds pretty funny to start, and the creator denoucnes Bitcoin but lurks and trolls on BTT ? WTF is going on - I think socialists will do anything before reconsidering the whole resource allocation problem apparently.

Can I ask honestly for clarification on why you believe the PoW and blockchain principal of cryptocurrency a long con?

Please see my question with no ill intention i want to take on your point of view as a part of my analysis. 

Ripple is an obvious scam , I cant comment on solidcoin as I dont even know what it is .

But what specifically about these principals leaving aside obvious scams like ripple etc.  do you find in error , obviously much of the excution has been questionable by many of the entities in question , but leaving that aside , where do you see the main problems ?

It is not PoW or the blockchain that I have the major issues with, though those are terribly inefficient. The main issue I have is with this notion that a pyramid distribution of currency where 50% or more is distributed to a few thousand people will succeed at doing anything but creating the next Wall Street or London. I do not see exchanging one boss for another with grandiose promises of "this time, it's different" as anything other than a way to relieve the ignorant of their money.

When currencies start appearing that break this trend, I believe you will see a strong run to the bottom for all of the currencies that require an influx of new suckers to maintain the charade of the sustainability of closed, pyramid money supplies. And somebody with a fat stack of bitcoins is probably going to speed the process along leaving thousands holding the bag.

You think you can change over a 100 years of brainwashing and programming with some software? No, that is not how it works and you must be incredibly ignorant to think it can.

Kids are instilled with this idea that fiat money "makes sense" when it doesn't. The first time you tell a kid about fiat money they don't know how it can be so, but a few years later it's accepted as reality. To change this reality is near impossible, like changing someone who is muslim to atheism. Such programming takes many years to change, it's very gradual.

What I do know is you etlase2 have been talking down others work for year(s) now and still haven't done anything about it. Why is this? Do something if you think others can do what you say is possible. Show us the (right) way.

Even though I don't think Ripple is any good technically I applaud them for trying something new and doing something. You never know with actually DOING things what it can inspire in others even if you doing something is a failure.

firstly thank you for replying ..

Ok i broadly agree with you here -

except to say that , if executed correctly , I don't believe that the block chain and/or PoW principal is much like a "Pyramid" structure - i believe , (and i believe i will be proven correct)   that BTC is fantastically centralized that is simply to say , that by 2012 or even 2011 , when it was even being discovered by any people , you can see the history now it jumped like this :


2009 Zero information first of a first in a respect.~~~~~~~~~~~2012 some exposure ~~~~~~~~~~~~~2012/2013 ASIC takeover - further centralization.

When the hype is gone , after a few ASICs have been sold , people are going to stand back and start to say " Wait where are all the BTC " ?


so in this respect i can completely agree with you , however I disagree with the Pyramid analogy  because the price can certainly go very far downwards , and there is no Pyramid structure collapse , its definitely not needing new investors in that sense .   

I just think , a studious investor has to look at it as some thing that was fantastically unintentionally at the beginning  pre-mined and  then intentionally centralized after .

so for me BTC will have that hanging over it , and its price stability will live or die on those large holders , but i think this model can be improved upon.

bag holders don't forget , will be loosing the bag only if they sell low, this is a pretty pure market.

I don't think people are brainwashed into believing fiat money makes sense, I think the majority of people don't know and don't care how it works. Although one could probably argue this has to do with the fact that very, very little is taught about it in school, so people just assume that "it works." The problem with bitcoin is that its following is great about educating people about the ills of fiat, but not so good about the problems of deflation. Hell, even Lew Rockwell had an oft-cited article around here for awhile reinforcing the "goodness of deflation" by using the example of computers and appliances, because clearly deflation due to technological and productivity increases in an inflationary currency is the same as general deflation.

It seems to me that an outside observer would see bitcoin proponents attempting to "brainwash" new recruits in the same way you accuse the educational/government(?) system of doing. It's astonishing how quickly I see some newbie posters regurgitate some of the bitcoinomics arguments I've seen and heard refined here over the last couple of years.


How is designing and discussing alternatives not doing anything about it? Rome and Bitcoin weren't built in a day.