I don't understand your "bad actor" scenario. There is no reason for a miner to "contract with themselves", because the contract transactions are not made public, and don't appear on the blockchain until one of the two nLockTimes becomes valid. Why would you send coins to yourself? Nobody sees the proof of power responses except the node creating the bounty.
i put the idea into many many scenarios (most not wrote down) as im always personally and professionally into seeing if things are feasible. so this is not a personal attack on you. i actually liked your video and thought you were good.. but this is about the protocol now, as for why 'bad actor' would form a contract. well in the first post i scenario'd that GHash (being the bad actor) just wouldnt even bother entering into a contract. and just fool the system switing off units then switcing on, but then i thought that for the PoI protocol to even have a chance to work, it would have to be coded into everyones mining software that everyone had to be in a contract.. else who would even bother.. so thats why i envisioned the bad actor forming a contract with itself, just to cover the bases that all miners had to have a contract to be able to mine. Also, if smaller miners who were hoping to idle their hash power and receive a bounty see that the network is running at a high rate, they will assume the bounties will not be fulfilled and adjust their hash rates to the optimum without a bounty payout. So if at 00:03 am, some mining pool starts running full blast, well, everyone can see that, and the whole PoI contract is off, mining continues as before, and the bounties are returned to the sender a few days later.
in reply to jjdub7 also: but this can also be faked. lets say someone wants to be an idler.. they set up their miners for the test. make the test address. and then they pretend to be in idle. yet, they have switched their miners over to a different IP address a different pool, a different receive address and mined there. thus they get a reward from the contract from one person that they tested with on eligius by pretending to idle. and they get part of the block rewards by actually mining on ghash or btcguild. without the contract partner knowing. after all the address on eligius that is attached to the contract is not showing any rewards or hashpower in the stats  Sorry if this wasn't clear in the talk, I'll try to have a nice PDF of it out soon. The slides linked on the youtube page explain most of it though.
you seem smart, well educated etc, all i would say is you do seem to like your graphs and numbers. but in many cases statistics on a graph are not everything, and normally just theory. put things into real life case scenarios too, experiment with actual examples. EG with those graphs you made in the video. before making the graphs did you ever put 2 computers side by side and set both to mine.. then.. one to mine-one to idle.. or then.. rev up the threadconcurrency on one- and have low thread concurrency on the other.. and mine a crap altcoin with low hashrate to see your idea in action? This does not help with decentralization at all in fact. I'm not advocating this idea, I'm just saying that my research has indicated that it is possible, optimal, and likely to be inevitable if the right conditions are met (mainly a low opex profitability and somewhat stable network with large mining entities). Miners would still need to have equipment to pose credible threats to mine, but would not have to mine at full capacity.
(Also this should possibly be moved to Development & Technical Discussion, but I didn't create the thread.)
I'll post responses tomorrow if people have other questions. Thanks for the interest!
don't get me wrong we do need people like you thinking of solutions.. just dont be afraid when others feasibility test them.. usually people find it helpful as it makes you realise some flaws that need to be worked out, or helps you save time by not working weeks on an idea that could be spent on a better or different idea. in my eyes there is no problem with POW.. the cost of mining going up is the reasons miners refuse to sell for $2 and only want something over $500 (above their costs).. if gold mining for instance still only cost a pickaxe and a days labour to mine 5 ounces of gold.. then today 5 ounces of gold would be on the market for a hell of alot less then it is now.. |
|
|
|
will people move away from the sheeple training of FIAT (to trust third parties) and truly move into the bitcoin mindset.. OWN your coins in your OWN wallet
I see your point but sorry, I trade on Cryptsy regularly so had a couple BTC there, I wanted to pay for goods so I used that BTC I had there, I have most my BTC in my personal local wallet. At the time I didnt think it would be an issue paying with MY BTC on MY account on Cryptsy. How wrong I was :/ atleast you know now, dont feel too bad, many people have had the same issue. especially the early users of things like satoshidice. they paid using exchanges then realised their wins went to someone else. a couple people that bought miners (i think it was BFL) that only refunded to the payment address, which yep you guessed it, the refund went to someone else |
|
|
|
|
alot of impatient people hear.
most companies that have text support (email/forum/ticket) do not rspond in a few hours... always expect 48 hours....
then ontop of this remember unlike your bank or a corporation with teams of people employed for support. bitcoin businesses are start-ups, with probably only a handful of employee's where support is not their main task but part of multiple tasks. so BE PATIENT.
and as for the OP, the lesson to learn and for others to learn
STOP USING THIRD PARTIES AS A WALLET!!!
everything from exchanges being dodgy
not owning the privkey
hacking
forgetting passwords
websites going offline/shutdown
will people move away from the sheeple training of FIAT (to trust third parties) and truly move into the bitcoin mindset.. OWN your coins in your OWN wallet
|
|
|
|
Guinness is known to slide past reality as far as "internet" goes.
For example, they gave "World of Tanks" record for "most users online on single server" even tho, game is NOT MMO, nor users are playing on same server. It's easy to cheat Guiness. All WoT has is single "login" system so basicly, by that rule Google or Facebook can go under same category as many games use their login system.
Anyway, it's cool PR stunt (Bitcoin in Guinness), nothing more, nothing less.
but with the same point is why i dont feel GBR is a big deal, i have not really bothered to see who is record breaking eac year.. ever since i was a kid.. as the records themselves are just...... not that good. its like winning the egg and spoon race.. great someone won. but.. its an egg and spoon race! still any PR is good PR, i wont rant on about what i think would really help bitcoin |
|
|
|
|
everyone watch out for a guy trying to sell domain names with a country followed by bitcoin(s).com
EG
frenchbitcoin.com
germanybitcoin.com
he is a known scammer with many "coming soon" websites, all asking people to make a name, username, email and password, for some stupid "update" newsletter the website is soon to offer.
he hopes that people use the same details email/username/password combinations on other legit services, so that he can raid them dry.
and has tried to sell domains but kept the funds as non refundable deposits. and then just changes the supposed owner of the domains. (though its the same guy)
|
|
|
|
What I'm saying is that you have to think about the scale mining is expected to reach. Let's assume that by the time we're hitting the next reward half (2017), we're floating at around 1000 PH/s on the network (by 2017, a realistic number). Let's set an idle hashrate at 60% of capacity - 600 PH/s, which could be sent over the network at random intervals to avoid the issue of locking the timing to a specific time zone (to address your first point).
Now let's say there's a potential bad actor controlling 40% of the network's maximum capacity - 400 TH/s, PoI hashrate 240 PH/s. With the network capacity this large, with their test hardware they could potentially pull 400 of 760 max PH (52.6%) of the network by cheating and building their own hidden chain (more by adding hardware, but at that scale its just not feasible). The odds that they'd be able to mine 120 blocks in a forked chain and confirm before everyone else realized would be astronomical - they have to have what, 200-some PH/s on reserve? If they had that much hidden hashing power, why not just attempt a blunt 51% attack?
Another mitigation strategy that would probably be less than desirable to most here on the forum would be to have a centralized authority hold reserve hashing power (a kind of failsafe). While many would argue that this defeats the entire purpose of Bitcoin due to reliance on a centralized authority, keep in mind that we're talking about BTC being valuated at a price so high that allowing the blockchain to collapse in a 51% attack would have catastrophic effects on world economies as the markets fled from billions of dollars in wealth. Not much of an incentive for the regulator to allow the blockchain to fail.
using your example 1000 PH/s normal speds before idle protocol in place - bad actor has 400PH/s at 11:58 "bad actor" hides 200ph.. then at midnight, everyone is doing the test and forming the contracts to pay idlers... "bad actor" contracts thmselves (the 200ph now idle).. everyone else EG eligius, guild, unknown have dialed down theirs too and formed contracts with lazy non worker wannabe's. now then.. the 30 second test is done. the time is now 00:01AM the network is now 500PH coz everyone is working at half the hash time 00:02AM, "bad actor" turns back on 100PH/s, so (was 200ph now 300ph) meaning was 40% of network, now 60% of network and still under the 600PH limit. reward wise "bad actor" is getting more bitcoins per block meaning eligius reward has decreased. plus eligius needs to pay contracts out too, yet "bad actor", because they contracted themselves.. they dont care if they breach contract as the amount in the contract still goes to them. again this plan is NOT about petahashes, not about trying to make actual active miners have a fair share. its purely about making those that dont mine get free money. proof if idle protocol is a basement dwelling freeloader's wet dream.. just like proof of stake. it will not help decentralise mining AT ALL. decentralising the mining is NOT the hidden agenda here |
|
|
|
I am kind of surprised the US hasn't seen more of that yet. I have apps for my bank accounts but they can only transfer funds between my own accounts or send them through billpay.
well the UK started with a kind of 'billpay' system then made it open up to consumers to be recipients, using the same system.. so expect 'billpay' to expand to the consumer side. as thats what happened in the UK. going back to the topic, in conjunction with these app systems. is that banks are now outsourcing their fiat ledgers. for instance banks are moving childresn bank account ledgers over to visa/mastercard. UK banks are moving the ledger systems over to the companies that made and maintain the Apps.. soon with bitcoin too.. banks in the traditional sense WILL be a thing of the past. and i think that is the news story that people are not realising.. we bitcoiners knew it would happen. most thought it would take decades, but stuff like outsourcing fiat ledgers will make it happen sooner |
|
|
|
but bitcoin is not the most decentralised network.
the internet is.
then banking network (remember every ATM, cashier PC are all connected to their servers, which then connect to other bank servers)
then online gaming network (millions of users conncting to microsoft)
then government agencies
then bitcoins
just because there is alot of hashpower, does not mean there is alot of desktop computers/laptops hashing..
Are the internet and banking really decentralized? internet has a centralised motive, data sharing banks have a centralised motive, money transfer bitcoin has a centralised motive, ledger transfer gaming has a centralised motive, kill streaks but they are all location on different machines in different companies, in different countries.. |
|
|
|
If it were a bit coin backed card the media types would be frothing at the mouth over exposing children to the straw man of the week. Get them trained to live on plastic early I suppose.  many banks in the UK are starting to offer person to person payments (like wire transfer) via phone apps.. this is banks trying to get into the whole paypal esq payment category also. where it uses your phone number as the recipient rather then bank account numbers (much like how paypal uses email addresses) halifax: pay-a-contact barclays: Pingit the plastic card is old tech now |
|
|
|
True - the mining network in theory was supposed to be much more fragmented to prevent this kind of attack.
However, this PoI scheme could still work:
If every miner dialed their hashrate down to 51% (maybe something like +2 standard deviations to be safe/compensate for overclock potential and ability to add hashing power with more equipment) during the normal, non-test period, then shouldn't this prevent the possibility of the attack you describe? It could still save >50% electricity due to people having no incentive to overclock. It would also behoove possible attackers to do this as well to save their equipment from depreciating (especially after said depreciation is already on the books).
It only becomes more feasible as the size of the network grows, and even more so as we near the next block reward halving (large scale operations won't want to put in capex if current price is maintained).
lets say electric was a round number of 100, if everyone (using my example in last post) at midnight halved their miners, so its now 50 electric use. eligius, guild and unknown are now under contract to stay at their 50. now ghash only has to turn on their other rigs to 75 to eat half of eligius,guild,unknowns reward. thus ghash.io is saving electric buy eligius,guild,unknown are getting less reward and also paying out contracts to lazy non miners. as for jjdub7 idea: you cant prevent hashpower being added after the midnight test. otherwise, all them people that wake up in the morning and turn their miners on, or new miners just wanting to start mining.. they all have to be awake for a 30 second period just to be able to mine during the day? what about people that get glitches during the day, oh no they have to lose out for the rest of the day and wait till midnight to get back in. stake and idle are just selfish idea's for the lazy people that dont want to do any work. this idea will last 1 day before its back to business as usual. |
|
|
|
|
bank: "how do we teach people to be sheeple before they realise bitcoins"
puppetmaster: "give younger people a debit card"
bank: "so we should do it now before kids start paying for school lunches with bitcoins"
puppetmaster "yes, you only got a couple months to get there first, so hurry"
|
|
|
|
You would still need a public address to act as a username as the website would otherwise not know which address to validate the signature against.
no, but yes, but no.. all depends on how the website sets up its registration system. scenario 1 imagine this forum whn you signed up asks for your username, password and email address... simply remove email, remove password requirement at registrations and replace with just username and bitcoin PUBLiC address at registration. so now id when logging typ in username copy th passphrase, sign it, paste th signed passphrase as the password. scenario 2 your username is your bitcoin public address so this forum, instead of being 'franky1' its 1frankyblahblahlbalhlblalhsdlsdfds but this requires me to paste in a long username, then copy the passphrase then paste the signed passphrase... and of course on sites like this having usernames as a bitcoin address is just ugly and not 'personal'/'friendly' .. either way i find it easier to trust a bitcoin signed passphrase. which means unique passwords at every use (anti-phishing) high entropy(anti-bruteforce/guessing) password is not stored as clear text on members database. (anti-insider*) *people that make "coming soon" websites to get people to sign up for updates, or nasty exchange and other services that look at the members database, and use their members usernames and passwords on other services. after all no user can prove for definite that the services they use only store a hash of a password and not clear text(which should be default, but we know thats not the case all the time) |
|
|
|
|
but bitcoin is not the most decentralised network.
the internet is.
then banking network (remember every ATM, cashier PC are all connected to their servers, which then connect to other bank servers)
then online gaming network (millions of users conncting to microsoft)
then government agencies
then bitcoins
just because there is alot of hashpower, does not mean there is alot of desktop computers/laptops hashing..
|
|
|
|
I did an interview with Michael Moriarty in May.
In that interview, I claimed he was a good guy on the up and up....
Now I'm not so sure.
he is not.. his name is a word play. just like pirate@40 pirates steal from people on the intrnational waters... moriarty is a (sherlock holmes character) that is a notorious criminal with a network of criminal enterprises.. i knew this months ago, and even recently he has proven no clue about business, or FIAT regulation or wanting to obide by the law. h smelled fishy to me for months, and i stayed far far away from any of his businesses. |
|
|
|
|
FLAWED
how to work around and trick the system:
imagine this
at 11:58pm GhASH turns off 50% of its miners. then puts the one priv key to the 50% of its active miners
at midnight, the challenge begins, 30 seconds to prove theres a equal amount of active hashing
there done.. 30 seconds later the system thinks mining will be done at half the speed.
now all ghash has to do is bring their hidden 50% of terrahash miners online (turned off at 11:58) to ensure no one else gets a bigger slice of the pie, while laughing at other people that are trying to stay at half speed to stay to their contracted terms they agreed at eligius and btcguild etc.
meaning if before 11:58 GHASH.IO was getting 12btc, eligius was getting 8btc and Guild was getting 4btc, unknown 1btc.. after midnight ghash.io is getting 18.5btc eliguis 4btc(less after paying contracts) Guild 2btc(less after paying contracts), unknown 0.5btc. all because while eligius, Guild, unknown are in contracts.. ghash.io are not.. they are laughing at the others while running back at full steam but 00:01AM knowing if the other pools and miners ramped up their rigs, they would end up paying higher contract fee's to the non miners
miners are not angry about mining as the security of bitcoin needs a difficult hash to secure it. they are just angry that they are not getting a slice of the reward.
its not a mining problem, its a selfishness problem. people want "free money" and all of these idea's about getting bitcoins for no work at all are more selfish then GHASH getting big rewards for all their hard work and investment.
GHASH is not simply going to 'collude' with 1000 lazy arsed people and say if you do nothing but sit in your basement ill give you half my reward. they would rather get 1000 raspberry pi's to just sit there, thus keeping their reward. or other methods of cheating the system such as description above
why would anyone that is actually spending money and investing in hardware give away reward to lazy selfish basement dwellers that dont want to work..
MAN UP GUYS if you want 12btc every 10 minutes, roll up your socks and do some work!!
|
|
|
|
|
lol
people suggesting to use retailers as a means of proof of legitimacy is one thing, but id suggest you show the IRS, HMRC tax office announcements of USA and UK that show thy have both declared it an asset... aswell as the merchants list.
the tax office announcements and even videos of bloomberg, nasdaq and others moving into the bitcoin arena should hit the spot, then say her wifes employers are just running scared of the future of bitcoins affecting their jobs. after all if people hold bitcoins who needs bank tellers/cashiers.
|
|
|
|
what i find strange is that this concept of veryfying identity has been part of bitcoin community for years now, but no website service is using it.. they all get people to sign up to google
then how should it happen, you can give your best ideas? working demo would be great
go to IRC #bitcoin-otc choose a username. then sing the link above follow the instructions to register, then verify.. then imagine the same copy and paste method to verify each time.. but as a webpage instead of a chat box. if you like it, find out who made the code and if thy have a javascript/php version. sorry i cant hold your hands all the way to the finish line |
|
|
|
i guess is more easy to just wirte the google password than copy a string, sign an address with the string, an paste back the result in order to tell the system you are the real user,
google 2FA go to website, type in username, type in password. press subitmit. get the google code, switch tabs type google.com, click sign in. type in email. type in password. click login. go to authenticator. paste it into authenticator, press ok. copy response code. switch tabs back to website, paste code. pres submit bitcoin type in username, press submit, get passphrase. go to bitcoin program. click sign message paste passphrase. press sign button, press copy to clipboard. switch back to website, paste signed message. press login hmmm bitoin seems shorter and no need for 30 second time limit to irritate people maybe some standar in HTML5 or a browser extension that allows you to register and login to websites just by pressing a mouseclick and send the string to the hardware wallet, press the hardware button that sign it, and you are logged, registered, or whatever, no need to remember password, no spam, no mails, no option to access the private keys...
no need for extensions that need the privkey saved (to sign messages) i can already smell fishy implications.. most SMART bitcoiners already have their bitcoin nodes running in the background so its just a click down at the task bar.. not that hard how could anyone hack an user account that way? maybe a "man in the middle" virus would work? i mean, the virus shows him the string to sign, he signs it, i get the signed string and i can log in? if thats possible then its not that safe... [/quote] nothing is perfect. but: trying to remember a lengthy single password, people end up using a short password. trying to remember a password that changes per use, most would just use an incremental number at the end trying to remember the password at all... yea some forget. but with a bitcoin message login, no memory, no possibility of weak "entropy/dictionary attacks". simply verifying a bitcoin address safely stored in your existing wallet.. which you SHOULD!!! already have adequate precautions to secure anyways (not downloading bogus software or extensions) |
|
|
|
|
blah blah bah
european announce incoming
"investor warning: trading in bitcoins is risky, investors can lose aswell as gain"
.. and now to get on with my life..
|
|
|
|
|
Show Posts
