There are TONS of documents about URL and URI standards available.  People should really read them before they start cooking up schemes of their own so that they don't make basic simple mistakes.

Sorta, but not really.  The exchanges have margin requirements and provisions for cash settlement, so it is pretty much never a problem.  Some of the exchanges are now so distant from the physical markets that physical settlement is unusual.


This is called FTD fraud, and it is illegal.  The brokerages have set up elaborate systems to ensure that a broker can always borrow shares in advance.  The system even allows cycling, where a broker borrows shares, sells them to a client, and then since the brokerage has control of the client's account, the shares return instantly to the borrowing pool to be borrowed again and again and again.  Extra bonus WTF ensues when the brokerage sells borrowed shares to the very same client it borrowed them from.  Even with this system set up to mock the SEC rules, FTD is still a regular daily thing, and as far as I can tell, no one ever gets prosecuted just for doing it.  But if the SEC is already planning to piss on a broker it'll usually get included in the book that they throw at him, which is how you get headlines like "Broker charged with 372 counts of securities fraud".

I seem to recall that some dot coms that got killed by this sort of thing, and the SEC did nothing even though there was plain evidence of FTD fraud.  Covered shorting can make it look like a thing has more supply on the market than it really has, which drives the price down.  Naked shorting can make it look like supply is infinite, which can destroy companies and lives.

Oh, and FTD isn't always fraudulent.  Sometimes there are legitimate errors and mistakes, but if I recall correctly, most of it is bogus.

You seem to be forgetting all of the other ways to attack a website that don't involve bitcoin.

If we assume that the attacker ignored all of the eleventy billion ways to mess with a website and instead concentrated only on the cryptographically strong system that spreads evidence worldwide in a matter of seconds, then yes, I think it is pretty safe to conclude that the attacker was Tom.

If, however, the attacker was allowed to attack something other than the strongest link in the chain, then we don't really have any idea what happened.

You want to believe that mybitcoin was built to steal by a diabolical mastermind with a planning horizon of more than a year.  I think it far more likely that it was just run by a guy that didn't ever expect his website to be as tempting as it eventually became when bitcoins got to be worth several dollars each.

Keep in mind that the single confirm assumption totally makes sense at a time when bitcoins were nearly worthless and that humans are incredibly bad at assessing risk, particularly when we get away with something risky the first few times.  As an example, both Challenger and Columbia were both lost to problems that were known in advance, but not properly addressed because they didn't cause catastrophic failures on the previous launches.

Except that both parties need to pay their trillion up front, and it all goes to charity no matter which party wins the bet.

Ahh, I understand where you are coming from now.

Personally, I think your theory is nutty, for various reasons.  Just one reason is that I haven't seen any evidence of #5, or for the intentionality of #1.  For what it's worth, I don't really care either, so don't bother presenting whatever you have, unless it would satisfy some very high standards of evidence.

At any rate, your scenario doesn't apply here, because Furyan is looking for a way to pay his miners faster than the commonly accepted 120 block coinbase delay.  That is, he is looking to reduce the amount of trust that people need to have in him, not increase it.

Things don't become facts just because people say them, not even if they say them often and emphatically.  And the 1 confirmation story has been questioned because no evidence to support it has ever been found.  Read this post I made a week ago (below), then go look at the block forwarding mechanisms in the code.


If there really had been a spend redirection attack done against mybitcoin, there would be ample evidence for it, and so far no one has presented any.  The only way for there to have been an actual attack, and no evidence found is if the attacker was able to totally isolate his node by taking full control of his network connection for several days, and faking all bitcoin traffic to it for the entire duration, all without anyone noticing.

And even then I'm not sure it could be done cleanly, because when the attacker had to transfer out, he would need to force mybitcoin's node to create outgoing transactions that didn't use any of the fake incoming transactions as inputs.

I categorize forks into normal and abnormal.  If it wasn't clear before, my comments are only about normal forks that happen naturally because of network latency.

Because abnormal forks are, well, abnormal, I don't think there is any way to do a meaningful analysis of them.

I would expect 5 to be fine, but I would go with at least 6 anyway.  Remember that your node is the source of forks, not the recipient.

It is really hard to say, but I would think the longest widespread fork was 2 blocks, but a tiny minority of nodes may have seen local forks of 3, or maybe even 4 blocks.

Blockexplorer is showing 25 reorgs since block # 129453, or roughly one reorg per 667 blocks.  Any given node will, on average, see half of all forks as reorgs, so forks will be roughly twice as common as what you'd see from any one node.  This is pretty well in line with my earlier estimates of one fork per 300 blocks.

If the real rate of widespread single block forks is 1 in 300, we can expect one every other day.  Widespread double block forks would then be about 1 in 90000, or every 1.75 years or so.  Widespread triples would be every 27,000,000 blocks, or twice per millennium.

By the way, I keep putting widespread in italics because it is important.

For those of you that don't already follow Mish:  No Hiding Spots Except Despised US Dollar: Equities Red, Metals Red, Energy Red, Grains Red.

In your idea, you have 10,000 copies of a database, each with several millions or billions of rows.  And you need two do three passes through it every minute or two, and the third pass will require a hash of each of those millions or billions of rows.  And when a miner finds a new block to send out, everyone in the system needs to do several millions or billions of hashes just to verify it.

By the time that is feasible on regular computers, we'll have wristwatches running full bitcoin nodes and storing the entire bitcoin blockchain internally.

Not to mention that your system produces the starting conditions of every hyperinflation ever, namely the thought that "I must get rid of this fucking currency as quickly as I possibly can because it will be worth less in a couple of minutes".

And yes, I'm sure you can find ways to tweak the system to mitigate the technical problems, but I doubt that you'll ever be able to do anything about people's preference for money that gains value over time, instead of losing it.

Except that transactions are not from one address to another.  Transactions are from transaction outputs to scripts.

I don't mean for this to be a metaphysical discussion, like whether or not the color blue exists.  It clearly exists, except that it doesn't; in the same way with addresses and balances.  What I'm trying to do is help you understand the bitcoin system by explaining what parts of it are really there, and which parts have been imagined to help us work with it.

We can count up all of the unredeemed transaction outputs in the block chain that correspond to private keys that we control, and we can call that a balance, but there is no concept of a balance in the bitcoin system.  And we send coins to addresses, but addresses don't really exist in the system either, we just use them to create scripts.  And bitcoins don't really exist, but the system refuses to accept transactions where the outputs sum to more than the inputs, and we call the basic unit in those calculations a bitcoin.

We rarely deal with the system directly, but use metaphors to make it resemble things we already understand.  But the metaphor isn't the reality, and if you apply the metaphor too literally, you end up with a very incorrect understanding of the system.  So, sometimes it is necessary to look under the metaphor and see the naked system as it really is.

Pretty much all of you are confusing transactions, outputs and addresses.

There are no bitcoins, there are no addresses, there are no balances.  There are only transaction outputs.

In acolombo's scenario, yes, D can be traced back to either A or B, but not both (assuming no fee).

In a more complicated scenario, like if C wanted to send 1.5 BTC to D, he would have to redeem both A and B, and would get change back.  D would have coins that had come through both A and B, but we couldn't say that half were from A and half from B, or that 1 BTC was from A, and 0.5 was from B, or any other combination like that.  But we certainly can say that both A and B were both involved.

The 7 slot thing is WAY older than 2010.  I'm pretty sure it was in the ATX 1.0 spec way, way back in 1995.  The good news is that with the popularity of double width video cards, high end cases are now far more likely to have room for the 8th bracket than ever before.

ZOMG!  Conspiracy!

Oh, wait.  5.01901 * 1.0025 * 1.0025 = 5.044136, and these were at 5.04643, for a miniscule profit, after fees.

No, they can tell exactly where they came from.

The block chain is a chain because each node depends on the node just before.  A tree won't help this.

The transactions, however, are already in a sort of a tree, in that each input is either a coinbase, or a pointer to a previous transaction (which eventually ends in a coinbase).  Forest might be a better word than tree, or maybe "tangled mess of overlapping trees" would be better yet.

No one really knows what a light client is going to look like yet, but my guess is that it will involve a small application asking a trusted node for blocks on an as-needed basis so that it can verify accounts and generate new transactions.  Actually, it will probably ask two or more nodes just to be sure the first one isn't lying, but that's just a detail.

That's not how markets work.  He could sell them, but it would be to whoever has the best bid price.  So they only way he could sell them to himself is if he was paying the prevailing market rate.

No, the stats shown are estimated from your work submissions.  They are almost always lower than what your local client reports.

Real agglutinative languages aren't very common any more.  It seems that many thousands of years ago, virtually everyone decided they wanted the vast majority of their adjectives as distinct words.  Arctic languages are pretty cool in that we can usually trace the main lines of their divergence from other known languages, but they've usually retained structures from way, way back; structures that were already seriously on the decline when the Sumerians invented writing.

The "X words for Y" meme makes frequent appearances on Language Log.  Here is a good one from way back.