Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(X) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(X) Users of email will not put up with it
(X) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
(X) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
(X) Unpopularity of weird new taxes
(X) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
(X) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
(X) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

A weakness, unlike a clean break, would automatically provide the sunset.  No action needed.

Cunicula, don't take this the wrong way, but could you please shut the fuck up, or maybe even go die in a fire or something like that?  Not every thread on these forums exists for you to go trolling in.

GPUs are already produced in pretty much top of the line fabs.  These custom ASICs will certainly not beat them in feature size or clock speed.  So, where is the waste that will be cut to achieve 100x or 1000x improvements?  Surely the PCIe interface and cache don't account for 99% to 99.9% of the real estate of the GPUs we use now.  Is there enough cruft in the ALUs that can be cut?

Fixed that for you.  If every single BTC already mined was lost today, the currency would still work just fine.  In 200 years, long after the subsidy was done, even if only a single satoshi remained, the currency would still work.

Bitcoin uses a scaled integer representation.  We can change the scale factor to renormalize, if needed.  We will almost certainly do it to match future CPUs many decades before we need to do it for economic reasons.

Oh God, not this post again.  Can you people please try to understand that saying something doesn't make it true?

But the old miners are only a small fraction of the network, and they consider the live chain to be valid too, so they will only be working on invalid blocks for a small fraction of the time.  While 100% of the blocks generated on that fork will be orphaned, most of the time their current block will be the same as our current block, because our chain keeps winning because we have much more hashing power.

So, even if the 0-tx miner was using an old node for his prevHash, that old node would be right most of the time, and most of his blocks would still be fine.

Although he seems to have disappeared, P2SH doesn't get the credit.  Something else does.

But the majority of the network would overrule him and even his broken node would have the correct current latest hash most of the time.  He would need to be using a node that not only is still accepting invalid blocks, but is only accepting invalid blocks.  I don't think that the recent changes have orphaned any old versions; my old 0.4.0 node is still going strong.

Also, the graphs don't show a sharp transition on the 1st.  Does anyone know when the first orphan fork happened?

Except that he wasn't including any transactions, so he wouldn't include the poison transaction or any that depend on it.

This is a good model for a hardware wallet.  It is essentially the same model as the "box with serial port" model that has been discussed in many other threads.

My only objection is that I think that smartcards are a lousy choice for this model.  But, in parts of the world where smart card terminals are common, the network effect may very well be more important.

Is your block chain current?

This is exactly right.  The card must sign the transaction itself, and it must do so only after showing the transaction to the user and getting confirmation.

But the details are tricky.

I wouldn't trust a device without a display and keypad (or at least a pair of buttons!) built-in.

I also dislike the idea of a device just signing a transaction presented to it, rather than generating the entire transaction internally.  But, this can be overcome.

Also, in my opinion, the device must generate all keys after it enters my exclusive possession, and it must include a genuine entropy source.  This may be extra paranoid on my part, but I'm not sure I even like the idea of importing keys into the device.

He's not talking about a general case.  He is saying that if we ever need to transition, we could do it by sending to this specific template.  They would be provably dead on the old network, and in a way that the new network can recognize.

I think it much more likely that components will be swapped in and out of the bitcoin framework, rather than needing to start over.

A problem with ECDSA, RIPEMD-160 or SHA256 would cause a migration away from those functions to secure replacements, but nothing that would require a new chain.  Think more like "Blocks after 1,000,000 MAY use SHA3 instead of SHA2 for the header has, and blocks after 1,200,000 MUST use SHA3" and "Transactions in blocks after 750,000 MAY use NewfangledDSA instead of ECDSA" etc.

I don't see the problem.

Finally got it after 31 hours.  I was starting to get worried.

Bitcoin uses a scaled integer representation.  The subsidy is 5,000,000,000 satoshis, or 1001010100000010111110010000000000 in binary.  We scale that by 100,000,000 when we show things to the user, and we call 100 million units to be 1 bitcoin.

Pay attention that this is not similar to fixed point.

The pre-scaled value (5 billion) is what gets shifted, not the post-scaled value (50.00000000).  In 33 years, the 9th shift will result in the subsidy being cut by slightly more than half for the first time.  (Or is it the 10th shift in 37 years?  Bah.  Not going to count the zeros again.)

Every binary machine will always get this subsidy calculation right, because right-shift-without-carry is one of the simplest operations in the binary world.  Every other scheme will have to figure out how to deal with inexact operations and rounding one way or another.


Well, it can't be implemented at all, as written.  To implement it, someone would have to answer the questions that I asked back in post 38.  If you don't care how the rounding gets handled, then yeah, I should think a couple of days should suffice, if even that long.

Actually, shit.  I just realized something.  If the subsidy drops by 0.000031746 % on every block, before long, you are going to need to calculate something like .999999968254^200000, which is going to be painful.  But, I guess we could cheat by embedding the current subsidy in the block or something, so that each node only has to calculate the next subsidy.

I've tried to follow this thread, but it meanders a bit.

Is the basic idea under discussion having a wallet-only client running in a small hardware device that can interact with POS terminals?

Most of the smartcards that I've seen are just (tiny) general purpose CPUs embedded in a card, usually with a small ROM containing a secret key.  This is not a useful model for bitcoin.  For bitcoin, you need the secrets in RAM (flash, etc) because you need to be able to add new secrets.  You also need to make sure that you don't ever let the device communicate with a hostile device using the same physical pins that can be used to reprogram or dump it.

Think more along the lines of a small custom device with a screen, a couple of buttons, and a serial port (or serial over USB, or serial over bluetooth, or serial over NFC, etc).  The programming interface, if it has one, must be internal, or it must load software from a memory card (like SD).

Satoshi's choice of integer representation is obvious enough, but I think that the choice of right shift for the subsidy was deliberate too.  It is exact and unambiguous right down to the final unit.