Wait what? Salt should be random and per record/account. Anything less doesn't prevent a parallel execution attack. Yeah, that's the best practice. I use a user unique salt for Inputs. For CoinLenders it is one salt. This doesn't matter because you need to get into a Inputs account to get coins from CL anyway. So one site has no salt, one site uses a weak static salt and one site does it "right"? That makes sense.
|
|
|
2) I am not disclosing my salt
Wait what? Salt should be random and per record/account. Anything less doesn't prevent a parallel execution attack.
|
|
|
Anyone who has a problem with a small pre mine, has never coded and released a coin. Period.
Guess Satoshi never coded or released a coin.
|
|
|
A security researcher has predicted SHA 256 will be cracked this year. When that happens the algorithm may change.
Cite? There are not even any "academic attacks" against SHA-2 at this time. An academic attacking being a method which is faster than brute force but still computationally infeasible to exploit in the real world.
|
|
|
I think Let's Talk Bitcoin covered the issue pretty well in Episodes 21 and 22. I've had the same beliefs for some time, and with the way the ASIC world is going, it is playing out. If the community doesn't step up and make the change, or at least have an open discussion on the issue, I see Bitcoin dead in less than a year.
Andreas is grossly wrong on this one. +1 Also didn't like the misquoting of Satoshi (or technically the Bitcoin paper). Also the whole idea of some miners having "4, 5 magnitudes of efficiency over other miners" is just silly. It won't happen. If someone is that inefficient the competitive market means they simply will not mine. They will use competitive hardware or they won't mine. Competitive doesn't necessarily mean the absolute best. If someone releases a 40nm ASIC it doesn't obsolete all other ASICSs. Sure their resale value goes down, they are less competitive, they spend more per BTC on energy but they can still compete. A 1 or 2 level process improvement (i.e. 110nm vs 85 vs 60 nm) doesn't produce a magnitude improvement. In theory a 2x improvement in electrical efficiency and maybe a 1.5x improvement in capital efficiency however real world often falls short (even by major players like Intel and AMD). So the question comes looking forward 18-24 months will ASICs be widely available from multiple sources competing in an open free market? Nothing I have seen indicates it won't. So instead of debating buying used AMD 5000 series cards vs the new HD 7970 it will be "should I buy this used BFL SC Single" or spend more on this next gen ASIC Miner board. Can someone please articulate an argument that in 18-24 months there won't be multiple ASICs, reasonably available from multiple vendors.
|
|
|
51% of the network in agreement pretty much.
uh. "51%" has nothing to do with anything here. This I wish this myth would just die. You can fork Bitcoin easily. Clone the github, make an incompatible change and publish it. Assuming you have at least one node mining TADA you have forked Bitcoin. You can do it with 1% of the hashing power or 99%. In either case two incompatible forks will exist. Technically there would be two different "Bitcoins". "Will the real Bitcoin please stand up?" Now convincing people to use your fork over the original... well that is the tough problem. It is a societal problem not a technological one. So for the OP example one could make a scrypt fork in probably less than a day. Now how are you going to convince people to use it?
|
|
|
The shorter the confirmation time, the less time available for an attacker to calculate valid blocks to subvert the chain. Nonsense. Where do people come up with this junk? http://we.lovebitco.in/bitcoin-paper/#ch11Yeah that cite doesn't prove what you said. It doesn't because what you said was wrong. Difficulty and block window are arbitrary. The amount of hashpower that the attacker has relative to the global hashpower is all that matters. If the attacker has 10% of the hash power he has a 10% chance of solving the next block. He has a 10% chance of solving the next block if the block window is 600 seconds or 1 second. The risk with many of these yet-another-copycoins is the low hashpower on the chain. That makes it far easier for an attacker to have the resources necessary for an attack.
|
|
|
The shorter the confirmation time, the less time available for an attacker to calculate valid blocks to subvert the chain. Nonsense. Where do people come up with this junk?
|
|
|
Under all scenarios possible, sending 300 BTC should cost more in transaction fees than sending less BTC. In real world, we already have fucked-up monetary system that favours rich over poor, do we want the same or similar system online as well? No.
The critical resource is space in the blockchain. Fees need to reflect that. Bitcoin achieves this by having a fee per kb*. Having a 300 BTC tx which takes 200 bytes cost more (potentially a magnitude more) than a spammy 1 BTC tx which requires 10,000 bytes of space makes no sense. * Commonly people will say the fee is 0.1 mBTC per KB but this is only the default min mandatory fee for low priority transactions. Users can pay more or less (even none) but what matters is still the fee per KB.
|
|
|
It doesn't matter if you don't call it bitcoin, if it is possible to make transactions it's a currency.
Too bad if bitcoin were to lose that ability. What happens when miners leave in a rush is what you saw with namecoin back before the merge. Only this time you need an asic to even make those baby steps to the next adjustment during your lifetime.
You speak of miners as if they are a single borg-like entity. If some miners abandon ship to a unprofitable doomed fork then the miners which remain will reap larger profits. If enough miners leave them it will leave a vacuum and new miners will deploy hardware into the gap. While it is true Bitcoin difficulty lags hashing power under most scenarios it is a non-issue. The time between difficulty adjustments is 2016 blocks or ~14 days under normal conditions. Say 50% of miners leave right after a difficulty adjustment (worst possible time) then the next difficulty adjustment takes one month. Transacitons take twice as long, it is annoying but hardly earth shattering and in a month the network adjusts. Lets take an even more unrealistic scenario where 75% of miners leave (once again right after difficulty change) it will take about two months to adjust and network will be back to normal. Sure if 99% of miners left it would cripple the network but miners are highly fragmented the idea that 99% of miners would agree to anything is laughable.
|
|
|
Quantum computing will be big for many things, but cracking bitcoin keys - or running Windows 8 - are probably not two of them. Well in theory a true general purpose quantum computer with a massive number of quibits (say 30,000+) would be very useful for breaking all types of public key cryptographic including ECDSA used by Bitcoin. The good news is like you said it is one of those things (economical fusion power being another) which has been "so close" for decades now. The other thing is that DWAVE computer isn't a general purpose quantum computer so while the threat exists it is still academical at this point.
|
|
|
Um there is nothing that prevents Scrypt based coins from being merged mined. Then again they are all copy and paste pump and dumps so nobody spent the time and effort to write the code. When merged mining was added to namecoin nobody did it to make a fortune they did it to "save" namecoin.
Thank you, I didn't know that. I just haven't seen any merge mining pools for scrypt like I have for Sha256. Maybe it's due to the much higher demand for Bitcoins. It is simply nobody has written (ported) the code. Period. If tomorrow someone released a coin which was merged mineable with LTC as the parent chain it would exist. Until that happens you aren't going to see any pools as no Scrypt based coins support merged mining. So can they make one coin, a MergeCoin that people can then mine and essentially mine 3 or 30 various coins? Cause as difficulty skyrockets the only way for most people to make money at that point would be via merged mining. Like mark said, you get say a few bitcoins to pay for the elctricity and then make money from the other smaller merged mined coins and once in a while one of those coins, like BBQ coin, will take off and that would be a huge break for those who merge mined. That isn't how merged mining works. One coins is the parent or master coin. This coin doesn't even need to be aware that it is being used for merged mining. It would make sense for this coin to have lots of hash power. For Scrypt based coins it would make sense for the parent coin to be LTC. Then each coin that wants to be merged mined along side LTC (and other merge mining capable coins) needs to be modified so that it supports finding block solutions either in its own chain or in its parents chain (LTC).
|
|
|
Um there is nothing that prevents Scrypt based coins from being merged mined. Then again they are all copy and paste pump and dumps so nobody spent the time and effort to write the code. When merged mining was added to namecoin nobody did it to make a fortune they did it to "save" namecoin.
|
|
|
And people aren't going to build Scrypt ASICs. God, when is this myth going to die? You can build a specialized processor to do only Scrypt, but it'll cost just as much as a GPU because you need a large amount of fast memory for it.
Define large. Is 128KB (yes kilobytes not Megabytes or Gigabytes) large? You are aware the Scrypt memory parameters chosen are far below what is recommended for low security real time use by the Scrypt designer. It is roughly 1/100th as memory hard as recommended for low security applications and about 1/8000th as memory hard as what is recommended for high security applications.
|
|
|
microgram is a millionth of a gram, is there a micro coin?
Yes. Bitcoin is divisible to the 8th decimal place 0.01 uBTC (microBitcoin). This is commonly called a "satoshi" as an honorific for the creator of Bitcoin. 1 Satoshi = 0.00000001 BTC.
|
|
|
You should really add to the poll that the poll is what would be the best encryption for a new alt coin. And not what is the best in existence. Since your on a Bitcoin forum. Things are going to be a bit biased towards SHA256 if they think in any way the question is related to Bitcoin vs Litecoin.
Cryptography not encryption. Neither BTC or LTC use encryption in the protocol. Both use AES to encrypt client files. So can you do a hard fork then in the future to turn say a Scrypt coin into a SHA256 coin? Thanks. You can do a hard fork to do anything in the future. You could fork Bitcoin so the mining reward goes up to 50,000 BTC per block. You could fork Bitcoin so that transactions are irreversible. You could fork Bitcoin so early adopter coins which haven't been spent are erased. You could fork Bitcoin so that the UN has complete oversight of address allocation and the ability to block transactions, seize funds, and identify users. Technically these are trivial changes to the codebase. However it is very likely 99.9999% of people will never use your fork. It is unlikely that any crypto-currency will have a hard fork on a fundamental aspect. You will never get the consensus necessary for it to be effective.
|
|
|
If you can modify a simple desktop computer you can make it a more energy efficient bitcoin miner. Start with removing your mouse. ASICS are just for showing off.
Sarcasm or stupid? I just don't know. (most serious miners have run rigs headless for a long time sempron processor, linux on usb stick, no mouse, no keyboard, no monitor, a power cable and ethernet).
|
|
|
You should really add to the poll that the poll is what would be the best encryption for a new alt coin. And not what is the best in existence. Since your on a Bitcoin forum. Things are going to be a bit biased towards SHA256 if they think in any way the question is related to Bitcoin vs Litecoin.
Cryptography not encryption. Neither BTC or LTC use encryption in the protocol. Both use AES to encrypt client files.
|
|
|
I'm only saying I'd like to give the small miners a bit of an edge and make mining more exciting.
Then large miners will simply appear on the network as multiple "small" miners are you are back where you started.
|
|
|
First of all not sure why you want to reward less security however with the nature of anonymous peers a single "large" miners can appear as hundreds or thousands of "small" peers.
i.e. if I have 1 TH/s of hashing power I can easily make that look like 1x 1000 GH/s worker, 10x 100 GH/s workers, 100x 10 GH/s workers, 1000x 1 GH/s workers, etc.
|
|
|
|