Decentralization can only really exist because your ISP is letting you do so. Obviously all of this traffic is encrypted, so they're only able to see the type of traffic which is occurring though they could use this to block bitcoin nodes and cripple the network. Though that would probably cause issues with other types of software in addition to bitcoin.
There are some ISPs that do block traffic traveling through port 8333 (the port that bitcoin software uses by default). This is mostly schools, libraries, and employers wanting bitcoin traffic not to take up their limited resources. ISPs can also see where your internet traffic is going unless you are using tor or a VPN, in which case, your ISP would be able to see the VPN or tor server your traffic is going. |
|
|
|
Etherum classic had three 51% attack this year and nobody seem to budge.
That is because nobody cares about altcoins at all. They all want to make profit from trading altcoins, in fact majority of people in crypto space don't even own any altcoins! They have custodial accounts that may hold some coins on their behalf (ie holding on exchanges) so that they can dump it at a moment's notice. Altcoins are vulnerable to 51% attacks because they share mining algos with other altcoins (or with bitcoin), and the hashrate being utilized towards the altcoin is less than a majority of the hashrate for that algo. In order to perform a 51% attack on bitcoin, an attacker would need to invest in mining equipment with mining capacity equal to >50% of the network hashrate. Once a 51% attacker executes his attack against bitcoin, the value of his mining equipment would decline substantially. This is not true for most altcoins. They don't provide any utility either so nobody cares if the coin is insecure or its blockchain mutable, they care about how much pump and dump is going to happen.
While this is often true for altcoins, this has nothing to do with their vulnerability to a 51% attack. |
|
|
|
Don't you have to be charged with some sort of crime to pardon yourself?
No. There are no limits to the pardon power, except that only the President can issue a pardon for crimes against the United States (Federal crimes). After the Civil War was over, President Johnson pardoned all the confederate soldiers in order to heal the country. Will he try to pardon himself??
Why? He didn't do anything wrong. Allegedly. Nor did any of his family members or family pets like Giuliani. Surely he wouldn't be pardoning them for no reason. Trump and his associates will likely be prosecuted for political reasons by the next administration, especially those associated with Harris. A pardon would preempt those political prosecutions. |
|
|
|
Fair point about the WH not having much negotiating power given the fact that they're on the way out. Never thought about that point. Though you'd think that the Trump admin would've at least put some public pressure on this if they knew that this is what Republican / Dem plans were at.
Trump usually isn't too shy with his usage of his twitter, ya know?
But onto the PPP stuff, I think it's fine. It should've ensured a bit better that people who really didn't need it -- like Kanye getting a few million from it -- and others shouldn't have gotten it. Highly doubt they were going to have to fire their employees anyway.
Then again, more bureaucratic mess is never good. Should've been all in on stimulus payments instead of $600. Would've been better for the economy and allowed less government bullshit.
I suspect this is part of Trump's long-term strategy in the event that he decides to run again in 2024. Trump can be seen as sticking up for Americans in trying to get them a bigger stimulus check and trying to get the pork that will go to special interests removed. My guess is this will result in a higher price tag, which goes against conservative principles, but this should expand Trump's overall support. The threshold for being eligible for PPP loans was very low. Part of this was so the money could get out the door to businesses as quickly as possible. The program itself was also negotiated quickly, which added to the mess. I suspect the panic in our country (and the world) in March/April was the result of Chinese propaganda and the amplification of fear-based social media posts via the Chinese government. IMO if the stimulus in the spring, along with the early response was thought-out much more methodically, we would be in a much better position today. Putting all the money towards direct stimulus payments will result in many people receiving money they have nothing to do with, and some people not receiving enough money to make ends meet while spending on only the basic necessities. There should be some amount of targeted stimulus for the needy, such as modest unemployment insurance payments (UI should never exceed the amounts an employee received while working, except in extreme edge cases). |
|
|
|
2020 ends. It has been a very interesting year for the crypto community.
My suggestion is to end this year in a positive way.
This is not my idea and it has already been implemented on the forum (unfortunately I cannot find links). I want to continue this tradition.
Share your 2020 achievement, any good news, success, and so on. Say something good about any user or how this forum has helped you succeed.
I am glad that 2020 is finally over. This has been the worst year in a generation, if not longer for many if not most people throughout the world. There has been a lot of pain and suffering this year, and I can only pray that the end of 2020 will bring the end to that. |
|
|
|
Because in the case of exchanges it starts to tie up more funds.
If 2 exchanges have large channels open between them then they can't use those funds for regular on-chain withdraws.
Then you add on a 3rd and 4th and you tie up even more funds.
Lets say exchange 5 opens, but does not have lightning. But it has a price higher enough or lower enough to make a lot of people want to move. Do you start closing channels. That makes for more TX fees. And I see a logistical nightmare.
And....for security a majority of the exchanges funds should be in cold or multi-sig wallets. Lightning by definition is a hot wallet.
-Dave
There could be reasons other than arbitrage that exchange customers will want to move their coin between exchanges. For example, one exchange might offer particular trading pairs that another exchange does not, one exchange may have different lending markets, or betting lending terms than another, one exchange may allow for fiat withdrawals under better terms, among other reasons. Exchanges charge for withdrawal fees today, and they may charge transfer fees when transferring via LN that are in line with what the exchange will anticipate paying for closing tx fees divided by the number of transactions the LN expects to be able to make before having to close the channel. Exchanges should keep most of their coin in cold storage, and you are correct coin in an open LN channel is part of a hot wallet. They could have the closing transactions go to their cold storage wallet, even if this will add minimal additional security. Having open LN channels will be something exchanges would have to manage. |
|
|
|
Plus if they are willing to accept the trade-off. I believe exchanges that want large transfers between them should join the federation of BTC-issued tokens in the Liquid sidechain.
The other side of that is that can cause exchanges to become more "bank like" All you need is of of them to start. There will be no BTC transferred till certain limits have been hit or till the end of the day everything else would just be a journal entry. Think about it. If I am going to send from a to b all they have to do is note it in their database someplace. Then if you send from b to a it's just notes BTC going the other way and deducts from the total owed. Overnight they settle up, and send in one tx. Unless the amount goes over over a certain level, then they trigger a settlement. You now have Chase and CitiBank but with BTC instead of $. Others want to join in. Look banking 2.0 same as 1.0 just with BTC. OK it's a worst case scenario and probably not going to happen but..... -Dave Exchanges are generally profitable, and should have assets in excess of their customer deposits if their business is run well. If an exchange has 10,000 BTC in their various wallets, but their customers have a total of 9,500 BTC on deposit, would you be concerned if the exchange accepted up to, say 400 BTC from another exchange that was not actually received until the end of the day? The exchange would be able to process all customer withdrawals if everyone withdrew all of their bitcoin. I would be more concerned if exchanges did what you describe and it resulted in fractional reserves. IMO, exchanges should use large LN channels amongst each other to facilitate transfers between exchanges. Exchange A could allow their customers to send coin to their accounts at Exchange B instantly, and the two exchanges could instantly settle the transaction via their open LN channel. There would be no need for the customer to generate/provide a LN invoice, only their account details of their other exchange account. |
|
|
|
$600
I think based on the timing, for those who have $600 in the bank, most of this stimulus money will be spent by consumers. Based on the savings rate earlier this year, most of the $1200 stimulus money was put into savings and paid down debt. Consumer spending was down in November, which may signal a slow Christmas shopping season this year. If there is too much inventory left over after Christmas, production of goods would have to go way down to avoid inventory glut, triggering a recession. Trump has signaled that he is not going to sign the bill in its current form, which has the $600 stimulus checks and is demanding the checks be increased to $2000 a person. Not sure why this wasn't something that the WH was negotiating for before, or if Trump just wanted some of the media power, would make sense if that was the case. Kind of a weird way of using the bully pulpit, as he could've just used it BEFORE negotiations were done and assembled his supporters to force the GOP to do that. I don't think the WH was part of the recent negotiations (he has limited ability to negotiate considering he is leaving office in a month). After the details of the bill were made public, there was backlash to some of the provisions in the bill, and there appears to be bi-partisan support for the changes Trump is asking for, including in Democrat leadership. I would expect Trump to get what he wants without giving major concessions. The small business loans are disgraceful. Like setting money on fire. Let's send money to movie theatres, a dying industry that will never recover. Great idea!
I have mixed feelings about the PPP loans. They were intended to keep employees on the payroll who otherwise would have been laid off. This meant that employers would not have to layoff, and subsequently rehire many of the same workers once the economy opened back up. It was intended to be a form of unemployment payments to workers via their employers. Unfortunately, many PPP loans were abused, and many businesses got them that didn't need them. It also gave political cover to local officials to impose lockdowns when they were really not necessary that early in the pandemic. |
|
|
|
Look, I'm not trying to crucify anyone here, but if I buy something online and give my delivery address, I definitely don't expect the data to become accessible to the entire world through some publicly available API. That is a very reasonable expectation, and I expect the same. My point is that if your information is leaked via the Ledger database hack, it will not be the end of the world. I don't think many people want to harm a person solely because they have a lot of money.
Are you serious? So it's perfectly normal for you to walk through a tough neighborhood at night with money sticking out of your pockets?  Walking through a tough neighborhood with money sticking out of your pockets would probably result in you getting robbed. They didn't leak data via a "publicly available API"... it was supposedly "a misconfigured, third-party API key" that allowed unauthorised access. How did this happen?
An attacker gained access to a portion of our e-commerce and marketing database through a third party’s API key, which allowed unauthorized access to our customers’ contact details and order data.
....
Since when does this issue exist?
The third party API key misconfiguration at issue has been running since August 9th, 2018. Based on the evidence and log we have, we believe it was discovered and exploited from April 2020 to June 28th, 2020.
It's not like they just left the data sitting out in the open for anyone to access... Unfortunately, that doesn't change the fact that a lot of private data was stolen and has now been placed in the public domain  Really sucks for the 272,000 who have been affected by this... I don't see Ledger's reputation recovering for a long, long while. It sounds like they were using a 3rd party service to help them with sending marketing emails, and they gave the 3rd party service access to the database via an API key. This could have been that the API key was somehow leaked, or it could mean the 3rd party service had something misconfigured on their end that allowed their service to leak information it had access to. |
|
|
|
$600
I think based on the timing, for those who have $600 in the bank, most of this stimulus money will be spent by consumers. Based on the savings rate earlier this year, most of the $1200 stimulus money was put into savings and paid down debt. Consumer spending was down in November, which may signal a slow Christmas shopping season this year. If there is too much inventory left over after Christmas, production of goods would have to go way down to avoid inventory glut, triggering a recession. |
|
|
|
There are no txid's disclosed in the databreach, so it will be difficult to conclude how much coin anyone who purchased a ledger had or has. If Ledger company were recording txids and later that fact were to disclosed, it would be immediately driven out of business. I doubt they would take such a risk. But who knows? They obviously have the txids of all the payments they have received, as they know the private keys of all the addresses they have received payment to. I don't think it would be a major breach of trust for a company to keep track of how each of their customers paid. They obviously need to keep track of if each customer paid or not. A person's address is generally public information, at least most of the time. I would not be terribly worried about my address being in this breach.
Of course the address is public information, but A) It doesnt say in the world wide web who lives there specifically B) It doesnt say anywhere (well now it does) that they are associated with Bitcoin C) All the info that goes with it, from phone number to email etc... This is a major breach even it does not include amounts held by certain person... The only real additional information leaked is the fact that each person at one point likely owned some amount of crypto at one point. Everything else is already public for many people. There are a lot of people who purchased a ledger to store nominal or modest amounts of coin. There are probably many more people who have purchased a ledger who no longer have coin for one reason or another.
It's possible, but some criminal could simply assume you have coin and decide to harm you. I don't think many people want to harm a person solely because they have a lot of money. It is probably more common for a criminal to threaten to harm someone unless they pay a ransom. If a criminal were to do this to someone without the means to pay, they would be risking years/decades in jail for nothing. |
|
|
|
|
In your bitcoin.config file, you can adjust some settings. You can set the minrelaytxfee to a higher fee rate.
Also, if you are not performing analysis frequently, you can set persistmempool=0, and restart your node immediately after completing your analysis. This will result in your mempool being wiped each time you stop your bitcoin node. If you stop and quickly restart your node with this setting, you will miss some number of transactions that would have been relayed during the brief period your node was not running.
|
|
|
|
If the transaction is associated with your wallet, you can do one of two things: *restart bitcoin with the -zapwallettxes option. This will cause bitcoin core to 'forget' all transactions associated with your wallet, and rescan the blockchain for transactions associated with addresses in your wallet. *use the RPC command removeprunedfunds, which will remove the transaction from your wallet. Please note that removing a transaction from your mempool will not affect any other node's mempool, and your transaction can still confirm in the future as long as it is valid. I want to analyze unconfirmed transactions, but there are more and more transactions in the memory pool, which leads to longer and longer analysis time of my program, so I hope to delete after the analysis, any good suggestions You could run the getrawmempool RPC command, add those txids to a list of txids you have analyzed that remain on the list for x days. When you run your analysis, you can compare the txids to what is in the mempool to the txids on your list. You can also review each confirmed block, and any transaction that has been confirmed can also be removed from your list. |
|
|
|
So now the leaked Ledger databased can be accessed publicly, just matter of time before Ledger user specifically targeted either through threat or violence.
Changing email address and phone number are relative easy, but it's hard to move to different house and i doubt anyone want to change their legal name.
There are a lot of people who purchased a ledger to store nominal or modest amounts of coin. There are probably many more people who have purchased a ledger who no longer have coin for one reason or another. There are no txid's disclosed in the databreach, so it will be difficult to conclude how much coin anyone who purchased a ledger had or has. A person's address is generally public information, at least most of the time. I would not be terribly worried about my address being in this breach. |
|
|
|
If the transaction is associated with your wallet, you can do one of two things: *restart bitcoin with the -zapwallettxes option. This will cause bitcoin core to 'forget' all transactions associated with your wallet, and rescan the blockchain for transactions associated with addresses in your wallet. *use the RPC command removeprunedfunds, which will remove the transaction from your wallet. Please note that removing a transaction from your mempool will not affect any other node's mempool, and your transaction can still confirm in the future as long as it is valid. |
|
|
|
I had used AWS as an example because I believed you used it for some of your other projects. Correct, loyce.club runs on AWS (sponsored). Yes, transferring data to the internet is very expensive. You can use a CDN (content delivery network) to reduce costs a little bit. 5 TB of data is a lot. I highly doubt I'd find a cheaper deal  I hope not to use the full 5 TB though, I expect some overselling and don't want to push it to the limit. I am not sure what level of access you have to the AWS account sponsoring your site. However, it is possible to setup a storage bucket so that anyone can access it, but that the requestors IP address is among the IP addresses of the same region the files are stored in. See this stack overflow discussion. You can also setup the storage bucket such that the requestor pays for egress traffic. The longer the list, the longer it will take to sort one additional line. At some point a database might beat raw text sorting, but for now I'm good with this  Using a database will not solve this problem. There are some things a DB can do to make sorting go from O^ 2 to O^ 2/n, but this is still exponential growth. You make the argument that your input size is sufficiently small such that having exponential complexity is okay, and you may have a point. I was under the impression that traffic out of the AWS network (for AWS) will count as egress traffic, and will be billed accordingly. AWS charges $0.09/GB, and especially since this one is sponsored, I don't want to abuse it. I love how stable the server is though, it has never been down. AWS is very reliable. I would not expect much downtime when using AWS or other major cloud providers. Egress traffic is very expensive though. Downloads are fast, I've seen 20-100 MB/s. Enjoy This works out to approximately a 24-minute download. I measured a download speed of ~125 Mbps using a colab instance. |
|
|
|
If it takes too long to download a block, you could potentially be accepting a transaction that relies on inputs that have already been spent. In other words, it opens you up to double spend attacks.
Are you talking about the possibility of forks being formed from the slow propagation of blocks? Compact block actually speeds up the process significantly in this regard, to the point which I don't think there would be too much delay from propagation of larger blocks. Given that the block intervals are 10 minutes and that there is no need for excessively large blocks, it wouldn't be too much of an issue. Not necessarily forks. If it takes a long time to download (and verify) a block, it becomes more difficult to quickly determine if a transaction is valid or not. This would make it difficult to even evaluate the risk of accepting an unconfirmed transaction. It is trivial to gain access to IP addresses. An attacker could use a single server that controls many IP addresses.
I think it wouldn't be difficult to configure Bitcoin Core to ban an entire subnet. Purchasing many addresses across different subnets would be cost ineffective. The cost of purchasing two IP addresses from different subnets would be the same as purchasing two IP addresses on the same subnet. This might be slightly more complex from a technical perspective if the same VPS is going to be associated with both IP addresses. Banning an entire subnet would potentially also ban some legitimate users. Banning an entire subnet would probably be something most node operators would want to do manually. Until the node operator discovers the high number of IP addresses acting maliciously, the attacker would be able to execute a DOS attack. If the banning of a subnet would be done via automation, an attacker could potentially buy rent IP addresses from many subnets that are sufficient to get nodes to ban the subnet, and cause the nodes to be more vulnerable to sybil attacks. |
|
|
|
Coinbase are an awful exchange, and their support is no different. In the past, other users have had to wait weeks or months to get simple things resolved. The best you can do is keep your issue on their radar. Keep sending tickets. Try PMing some of their staff who are active on reddit: https://www.reddit.com/user/coinbasesupport and https://www.reddit.com/user/justin_coinbase. Make some Twitter posts about it. Usually they are only actually motivated to help customers recover locked funds or accounts if it looks like there will be community backlash - they don't actually care about helping you get your money back. All exchanges have struggled with support in recent years as they have experienced growth their support teams cannot keep up with. Raising the issue on social media is a good way to get the attention of support, and may elicit a quicker response. I don't think opening multiple tickets will be helpful. |
|
|
|
Internet connection is an important factor in being able to effectively use a full node. If you cannot quickly receive a block, none of your bullet points matter because your node will not even start verifying if a block is valid in a timely manner.
High internet speed (low latency) is important for a mining node not a regular full node. For example you are downloading 4 MB tops and even with a slow internet speed you can get it in a very short time (shouldn't be more than 30 sec worse case). If it takes too long to download a block, you could potentially be accepting a transaction that relies on inputs that have already been spent. In other words, it opens you up to double spend attacks. and if the maximum block size were to be increased, the UTXO set will increase at a faster rate.
Not necessarily. UTXO count mainly grows with number of users not with block size. The UTXO set and number of on-chain users is constrained by the maximum block size. You could also say that the UTXO set is a factor of actual book sizes. It would also potentially expose nodes to a DDoS attack if an attacker were to send many invalid blocks to nodes.
The attacker would be banned 24 hours. It is trivial to gain access to IP addresses. An attacker could use a single server that controls many IP addresses. |
|
|
|
You are assuming that when there are two contradictory statements, that Trump is automatically wrong.
Trump has access to more intelligence than Pompeo and a wider range of people are advising Trump. There is the obvious incentive for Trump to blame China versus Russia for the hack, considering that China is in bed with Biden and the Democrats.
Without concrete evidence one way or another, I would not assume that either party is wrong based solely on their word.
Worth a read if you think Biden is the one in bed with China: https://www.nytimes.com/2020/10/20/us/trump-taxes-china.htmlHaving a bank account is not the same as receiving what amounts to bribes from the government/government-related entities. I also understand that Trump had attempted, unsuccessfully to do business in China and ended up not being able to make any money out of China, with all this being before Trump ran for President in 2015. I know that China invests heavily in technology, and also has a habit of stealing IP. China also tends to use Americans to betray their country and spy on America, and steal American technology. |
|
|
|
|
Show Posts
