I don't think there is a real advantage to using bloom filters over Electrum servers.
If you are a bloom filter client, the bitcoind nodes you are talking to can hide some transactions to you, just like Electrum servers.
p2p bootstrap would be interesting though, to download the headers; that's something we will probably do.
The advantage is the p2p context. You don't depend on a server that could be compromised, it's harder to spy on you etc. |
|
|
|
This is not true.
An Electrum server can indeed forget tell you about money you received, but it cannot tell you that you received money when you actually didn't.
This is because the Electrum client verifies all the transactions reported by the server, using SPV.
Ah ok, I was not aware of that. Thanks for the clarification. So, wait... that means Electrum clients also download the block headers, like BitcoinJ... What's the difference between Electrum and a BitcoinJ (SPV) client configured to connect to a single server? I suppose Electrum tells its server the entire lists of address the client possess, so that the server only transmit relevant transactions together with the relevant chunks of the merkle tree, is that it? Would you consider making it possible for Electrum to behave like an actual SPV client (with p2p bootstrap) once Bloom filters are implemented on bitcoind? Meaning, those who want to keep relying on a single server stay as they are, and those that prefer p2p go SPV... |
|
|
|
I wouldn't go around recommending Mega as a secure storage solution yet because it is so new, and it appears to be an LEX magnet so people are going to try to be snooping on it.. Also it appears to be horrible for backups since they haven't rolled out password recovery yet to my knowledge.
Good points. I've been using Wuala for a while now, it hasn't disappointed me so far. And they accept bitcoins. ;-) |
|
|
|
In theory, Electrum is not as secure as the original client, but unless you are dealing with volumes in the thousands of bitcoins, Electrum is absolutely good enough.
I'd say Electrum is as secure as bitcoin-qt in what concerns the risk of being stolen. And Electrum is actually safer in what concerns backups due to its deterministic wallets - you only have to back it up once. The greatest problem with Electrum, IMHO, is the fact you depend on a server, who could theoretically spy on you (log all your transactions) and could eventually be compromised and then start lying to you (not telling about money you receive, not sending your transactions out, telling you received money you actually didn't etc - the server cannot steal the money you already have, though). To avoid these server-related issues and still be lightweight, you can use an SPV client like Multibit. They don't have deterministic wallets AFAIK though, so you'd have to back it up frequently, preferably have it as a link to a file in an encrypted cloud storage like Wualla or the new Mega (does Mega create a folder on your system you can point symbolic links to? I've never tested it). |
|
|
|
Well, I at least wouldn't want to have on my shoulders the responsibility of having to protect such an import key - nor the price tag on my head that would eventually come with it. At the end it's up to slush and stick to choose what they prefer: the risk of a recall or the risk of losing / being forced to give up the signing key. Perhaps the beta version could be modifiable, and once they're sure it's stable enough, they stop selling it and switch to a non-modifiable one. And perhaps once they become a multi-million dollars corporation with branches all over the world, they can afford to use multiple keys kept by different people on different continents, making an attack practically unfeasible.  |
|
|
|
And what if a security vulnerability is found in the software? Am I supposed to buy a new one? Shouldn't the sellers bear that cost?
What if there's a bug in the software that manages the breaks of your car? (many newer cars have electronic breaks, remember that Toyota scandal?) Even if it was possible to update the firmware of such software, most people wouldn't be capable of. A recall would be necessary. I'd expect the same for Trezor. If a critical bug is found, they should do a recall. So, yeah, they'd better test it a lot, and keep it simple. |
|
|
|
Wait, so the firmware can't even be reflashed to new signed builds? That seems like a pretty important feature for future-proofing. Otherwise you'll have to physically sell new devices whenever you add software features.
I was expecting it to be this way. It's like a hardware, if you want an upgrade, buy a new one. It can't be more secure than that. The usual way to implement that is have the locked firmware just contain a bootloader that verifies the signature on the next part of the code, and have that code loaded from reflashable memory. Sometimes the firmware has features like rollback prevention so a bad guy/virus cannot downgrade code to a known vulnerable version.
Although that's already more secured than any solution we currently have available, you'd have the risk of someone silently stealing the signing key and using it to infect some devices. Once you discover you'd need to make a callback of the product, what's already awful. And until then the hacker may be able to steal quite some money. I know that security experts like slush and his partner probably know how to secure a signing key very well, but why running the risk? This device is supposed to be so cheap that buying a new one every year or so would be perfectly feasible. Plus, once tens of thousands of bitcoins are being secured by Trezor wallets, and thus by its firmware signing key, attacking those who control such signing key in meatspace becomes quite profitable... |
|
|
|
|
Yes, AFAIK there's a difficulty that when hit will trigger a share submission. This difficulty can be as low as 1 and then increase gradually if the pool verifies that a particular miner is sending shares too frequently.
|
|
|
|
"Printing" DNA is simply awesome and revolutionary. Data storage is just a minor detail such technology may revolutionize. A persons DNA as public key/address would be great, but I don't think bitcoin works that way.
Anything can be converted to a private key. I just don't think you'd really like to use your DNA for that though...  |
|
|
|
|
It's not binary like that, "valid" or "invalid".
The difficulty is a target. You can have a share far away or quite close from that target, without necessarily hitting it. It's by measuring how close you get that the pool has an idea of how much processing power you're dedicating.
|
|
|
|
Just a tip: you should try to improve the search function. I noticed you had these slightly cheaper than in Amazon. So I wondered whether you also had a low-cost version of it. I typed "case sony prs-t2 light navitech". Almost 3k results were returned. Obviously, most of them were not really related. The official cover for Sony was among the first results though, so I suppose the low-cost cases just aren't available, otherwise they'd be among the first results... am I right? (I confess I didn't browse through the 3k results) Anyways, thank you for this great site. It's awesome to see lower-than-amazon prices, and realize they can only be thanks to Bitcoin (and, of course, the great hard work of the people behind BitcoinStore). |
|
|
|
Otherwise we'll need to get a moderator to move the posts out of this thread manually
I was actually expecting this to happen. As it didn't I've done it myself by quoting posts here: https://bitcointalk.org/index.php?topic=138169I'll delete my off-topic posts of this thread. It'd be nice if other posters quoted on that thread would do the same with theirs. |
|
|
|
The Trezor thread got slightly derailed, and as I contributed myself with a couple of off-topic posts, I thought it would be better to take them from that thread and create a new one. Actually I was expecting a mod to do it, but since none took the initiative, I'm doing it myself. The inconvenience is that I can only quote posts, not move them, so the formatting won't be the best (ctrl+ is your friend ). Mike. That was a really neat article! Truly among great minds. I feel humbled. This was one of my motivations that got me started on the Bitsafe HW Wallet project. It's so nice to see it on paper. Mike. That was a really neat article! Truly among great minds. I feel humbled. This was one of my motivations that got me started on the Bitsafe HW Wallet project. It's so nice to see it on paper. The whole paper is an expose on how the ultra-naive think about democracy. Here's a short quote: They can then walk away with their token, secure in the knowledge that it cannot be tied to their real identity.
Then they walk to the party headquarters where they exchange their voting token for one issue of election sausage. In addition to the above the paper has a whole section entitled "Vote buying" that completely omits the discussion of buying the voting smartcards. In summary: the whole paper meets the definition of ultra-naivette. May God bless the heart of its author. In addition to the above the paper has a whole section entitled "Vote buying" that completely omits the discussion of buying the voting smartcards.
It does, it clearly states that such risk is irrelevant. Buying individual votes like this is much less efficient than buying politicians today. Plus, the keys could expire once each 5 years or something. Also, selling your vote is not much different than blindly delegating it, or blindly voting. Do you really expect somebody that easily sells his vote rights like that to even mind about voting at all? What you seem to be criticizing is democracy per se, not his particular instance. OBS: I'm not sure I support his idea, although I'm inclined to think it might be a good improvement on status quo. A more direct democracy might considerably decrease the effect of "dispersed costs, concentrated benefits", which are pretty much the norm in democracies. But it's still far away from full decentralization of power, which is the "nirvana", let's say. In summary: the whole paper meets the definition of ultra-naivette. May God bless the heart of its author.
Do you honestly believe that the current widely adopted representative democracy models are so superior? Buying politicians is pretty much the norm on them. I guess you're the naive one there if you think otherwise. <off-topic> In addition to the above the paper has a whole section entitled "Vote buying" that completely omits the discussion of buying the voting smartcards.
It does, it clearly states that such risk is irrelevant. Buying individual votes like this is much less efficient than buying politicians today. Plus, the keys could expire once each 5 years or something. Also, selling your vote is not much different than blindly delegating it, or blindly voting. Do you really expect somebody that easily sells his vote rights like that to even mind about voting at all? What you seem to be criticizing is democracy per se, not his particular instance. OBS: I'm not sure I support his idea, although I'm inclined to think it might be a good improvement on status quo. A more direct democracy might considerably decrease the effect of "dispersed costs, concentrated benefits", which are pretty much the norm in democracies. But it's still far away from full decentralization of power, which is the "nirvana", let's say. In summary: the whole paper meets the definition of ultra-naivette. May God bless the heart of its author.
Do you honestly believe that the current widely adopted representative democracy models are so superior? Buying politicians is pretty much the norm on them. I guess you're the naive one there if you think otherwise. </off-topic> I made a full quote to protect against further editing. Buying politicians became an expensive requirement when the previous strategy of buying votes (one vote -> one sausage and/or beer) became hard to enforce by combination of voting in public but casting the actual vote in secret. Now we are dscussing a supposed improvement where for the cost of one sausage buyer gets all future votes cast with particular token. I'm just going to quote some select parts from the Wikipedia's article on idiots: An idiot in Athenian democracy was someone who was characterized by self-centeredness and concerned almost exclusively with private—as opposed to public—affairs. [...] Declining to take part in public life, such as democratic government of the polis (city state), was considered dishonorable. "Idiots" were seen as having bad judgment in public and political matters. Over time, the term "idiot" shifted away from its original connotation of selfishness and came to refer to individuals with overall bad judgment–individuals who are "stupid".
I can muse a little about how IQ is not an one-dimensional quantity. An individual can be a competent software (Mike Hearn) or hardware (allten) designer; and yet completely fail the basic civic class material where grade-school children are taught why everyone is asked to vote in public, but the actual vote marking process is obscured and why nobody is allowed to accompany the voter while marking the vote; not even a husband can assist his voting wife (or wives). This central-bank-killing-liquid-democracy device may become the killer gadget for Occupiers world-wide.
Again: may God bless your little hearts. The brown-shirted functionaries of our party will allow you your continuous use of your knees just for the cost of letting them watch while you press the buttons on your trezor in the privacy of your house. If you drop your trezor in our party headquarters you will be paid one sausage for your kindness and cooperation in furthering the efficient democracy.
Again: may God bless your little hearts. The brown-shirted functionaries of our party will allow you your continuous use of your knees just for the cost of letting them watch while you press the buttons on your trezor in the privacy of your house. If you drop your trezor in our party headquarters you will be paid one sausage for your kindness and cooperation in furthering the efficient democracy.
Geez, you think this is some sort of conspiracy or something? The Trezor represents an idea, not just a single device. Bitcoin is an experiment just like democracy was an experiment. The latter failed. Let's just give these little wide-eyed optimists the benefit of a doubt to play their own experiment out. You can sit by and make insults, but it doesn't really add anything except to the ignore files. Besides, there is nothing wrong with buying votes directly if you are not allowed to just print your money though monopolistic powers. Mike. That was a really neat article! Truly among great minds. I feel humbled. This was one of my motivations that got me started on the Bitsafe HW Wallet project. It's so nice to see it on paper. The whole paper is an expose on how the ultra-naive think about democracy. Here's a short quote: They can then walk away with their token, secure in the knowledge that it cannot be tied to their real identity.
Then they walk to the party headquarters where they exchange their voting token for one issue of election sausage. In addition to the above the paper has a whole section entitled "Vote buying" that completely omits the discussion of buying the voting smartcards. In summary: the whole paper meets the definition of ultra-naivette. May God bless the heart of its author. I didn't even read the paper but I already know I'd mostly likely agree with the above poster. (well except with the very last sentence  ) Mike Hearn I appreciate your coding work but man do I hope you never end up in any position of influence or decision making because your convoluted worldviews actually scare me. I can't even understand how a coder, working with logic and math everyday, can fall victim to such an obvious and blatant fallacy as is the belief in a democratic system as the system we should strive to improve and implement for our benefit. That just baffles me.  I apologize for my off topic post but I was very concerned with Mike for a long time now and I just couldn't hold it back anymore and had to get it off my chest. I just can't help it but psychopathic statists scare me. I didn't even read the paper but I already know I'd mostly likely agree with the above poster. (well except with the very last sentence ) Mike Hearn I appreciate your coding work but man do I hope you never end up in any position of influence or decision making because your convoluted worldviews actually scare me. I can't even understand how a coder, working with logic and math everyday, can fall victim to such an obvious and blatant fallacy as is the belief in a democratic system as the system we should strive to improve and implement for our benefit. That just baffles me. I've seen many of your posts and I'm aware you're a libertarian. So, I wonder (honestly, this is not an irony), why do you think representative democracy is less worse than a more direct one? Because that's the whole point of this discussion AFAICT. I have a tendency in believing the more direct a democracy is, the less susceptible to the "dispersed costs, concentrated benefits" problem it is. Plus, I tend to think that people in general accept more easily the idea that secession is a right than professional politicians whose power and earnings only increase with larger governments. Professional politicians view secession as a problem, since it decrease their revenues and power, but people in general tend to accept it as a right, after all, the whole myth of democracy turns around the nonexistent "social contract". A government which recognizes the secession right of individuals and of entire regions (while demanding that the new sovereign regions also recognizes the same right) would almost be a voluntary organization (assuming we could "forget" its past actions, how it was formed etc). I didn't even read the paper but I already know I'd mostly likely agree with the above poster. (well except with the very last sentence ) Mike Hearn I appreciate your coding work but man do I hope you never end up in any position of influence or decision making because your convoluted worldviews actually scare me. I can't even understand how a coder, working with logic and math everyday, can fall victim to such an obvious and blatant fallacy as is the belief in a democratic system as the system we should strive to improve and implement for our benefit. That just baffles me. I've seen many of your posts and I'm aware you're a libertarian. So, I wonder (honestly, this is not an irony), why do you think representative democracy is less worse than a more direct one? The reason is exceptionally simple: I do not agree to being governed by anyone without my contractually arranged explicit consent and so I do not and ever will agree to voting. The whole concept to me is repugnant and I could never understand how anyone could think they may force me or anyone else to do something or follow some rules just because they took a vote and some majority of some people somewhere voted so. The reason is exceptionally simple: I do not agree to being governed by anyone without my contractually arranged explicit consent and so I do not and ever will agree to voting. The whole concept to me is repugnant and I could never understand how anyone could think they may force me or anyone else to do something or follow some rules just because they took a vote and some majority of some people somewhere voted so.
Sigh.... You didn't answer my question. I did not ask whether you think scenarios A and B are "fair", "ethical" or whatever. I asked why do you think one scenario is less worse than the other. These are the off-topic posts so far. I'll delete those of mine from the Trezor thread. It would be nice if the authors of the other posts quoted here do the same. |
|
|
|
This is why we're doing the payment protocol work...
Otherwise what, a dns system for Bitcoin? Not exactly, it's more like a certificate-like protocol, similar to SSL, something that would allow strong authentication of addresses. This is an essential infrastructure brick if you want to have a decent level of security. If you don't understand why, please learn about it before opening your loud mouth. |
|
|
|
|
Even if one figures out a safe way to implement such insurance, aren't there more efficient ways to protect your coins? Insurance is never for free!
For example, suppose you have a multisig scheme with a "bank". You configure your account not to let you withdraw more than a certain limit per day. Trying to change this config to anything larger would generate notification alerts and would only be valid, say, 48h after.
Under this config, all that an eventual thief could steal from you is your maximum daily amount, which shouldn't be much larger than an insurance's deductible anyway.
Add to this a hardware wallet as the sole means of accessing your keys, and the thief would only be able to steal from you by physically stealing the hardware wallet and by forcing you to give him its encryption password.
The only way you could potentially "lose everything" is if the thief actually holds you hostage for the time necessary to change your configuration and transfer all the money out of your account. Perhaps to counter this, you could list a number of trusted people who would be authorized to freeze your account in case you "disappear". Or make just this particular risk (kidnapping) insurable - don't they exist already, insurances against kidnappings?
|
|
|
|
As Danny pointed out it is M1 vs M0. M1 is probably a better metric as under the extreme (and for the record highly implausible) scenario of Bitcoin replacing all currencies in the world not everyone is going to want to retain person local possession of their coins. Banks holding Bitcoin reserves would emerge so if BTC replaced all global currencies we are likely talking about M1 not just M0.
In that case maybe you shouldn't use the 21M BTC limit any longer, since the total "bitcoin" supply could be higher due to fiduciary inflation. I think it's more reasonable to compare the 21M limit with the monetary base, since that's what it represents. |
|
|
|
So lets ballpark it to say ~50,000 brand new nuclear reactors constructed and running continually to power nothing but this non-existent alien tech perfect computer for the next 10,000 years .... and it would still only have less than a 10% chance of brute forcing a Bitcoin address.
I'm quoting this just because, apparently, it can't be repeated enough. Thanks D&T. By the way, correct me in what I'm wrong. What I know about quantum computers is that they're capable of executing operations which normal computers simply cannot execute. With these different kind of operations, it is possible to execute a particular algorithm that exploits a ""flaw"" in some public-key encryption algorithms like ECDSA or RSA and then crack a private key out of its public pair with considerably less operations than a brute force would request. I have no idea how fast this algorithm can crack a a key, but I believe we have no reasons to worry right now. Quantum-proof public-key algorithms are not as much tested as ECDSA AFAIK, so it might not be a good idea to start using them right away. Hell, RSA is used all over and people are not worrying with this. We can stay cool for many years yet, I suppose. Finally, hash functions are not quantum-vulnerable. So as long as you use disposable addresses (i.e., never reuse an address), you're safe even against quantum computers. |
|
|
|
In the bitcoin world a fork would be something like Litecoin...
Although you may say Litecoin is a fork of the Bitcoin software, it is not a fork of Bitcoin's blockchain. AFAIK, Litecoin has its own chain, with its own genesis. |
|
|
|
|
Show Posts
