I guess the most possible large country that will recognize bitcoin is Switzerland, their traditional secret banking service has been heavily affected by the US after 911, bitcoin could give them another opportunity

And I have explained in this post  https://bitcointalk.org/index.php?topic=1283729.msg13211430#msg13211430  it does not really matter if there is a country behind bitcoin, because anyway people will not use their precious bitcoin to exchange useless goods and services, they already have fiat money for that purpose. Bitcoin's main advantage is to store value and do international remittance, both resides in finance area. It has almost nothing to do with legacy economy, and is not affected by any legacy economy either

XT is too radical thus barely can get some agreement, but the proposal I see in segregated witness is more radical than that, he promote to change the whole bitcoin architecture, do you think that is under consideration? Someone already pointed out increased sybil attack risk in SWclient, check Lauda's thread here
https://bitcointalk.org/index.php?topic=1279444.msg13227840#msg13227840

You can check Pieter's segregated witness proposal video here
https://www.youtube.com/watch?v=fst1IK_mrng#t=36m

It is a large change to bitcoin protocol (in fact changed pretty much everything in bitcoin) but still can be implemented using a soft fork, means backward compatible. I'm still scratching my head of how this is possible, but I guess it is using a technology similar to master coin, they can make the new design totally invisible to the old client, maybe embedded some key data in some trivial field, so the old client feels that nothing has changed

The question is: Who will be dropped from the network, miners or majority of nodes?

Suppose that 7 largest mining pools are running 0.11, while 5000 nodes (including exchanges) have upgraded to 0.13, which is a softfork and backward compatible, then which one is the real bitcoin?

The difference is, in 0.13 you can spend Satoshi's one million coin with a newly defined key, because the block structure is different. But in 0.11 you can not. So the decision falls on these miners: They either stay at 0.11 and protect Satoshi's coins which no one cares, or they join majority of the nodes and share Satoshi's coins  

What if they only steal Satoshi's one million coins, not any one else's? That is a large enough motivation to push out such a change

Then why is there an XT version out there? Does this mean these ABC guys are more trust worthy than those XYZ guys? What is the criteria to judge? And how do you make sure you are not biased

What could average bitcoin user do about this? Not a lot, but install full node at your home definitely helps to reduce such risk. And you must make sure your full node do not have malicious code

So, unlike gold locked in your strongbox, in order to make sure that your bitcoin in your cold wallet is safe, you must also care about the things happening at the protocol level

However, this is easier said than done, what if some weak code is hidden in a very complex design upgrade that almost no one can understand? So you have to put your faith on those devs who don't push in ugly codes

I never doubt the ethics of core devs and I believe making a secure system is also in their best interest. But what if they have a conflict of interest like we see in XT split, have some personal relationship with large actors, or made a mistake or missed something during their design?

This is the question of code fidelity and quality. In a complex design, it is very difficult to evaluate the security of each implementation when you are not the original designer. Everyone knows that it is a hell to read other's code

Do you think your bitcoin in cold wallet is protected by law of mathematics and also the most powerful computer network in the world? Think again

The recent proposal by Pieter Wuille revealed that core devs can push in a soft fork change that pretty much changes every way bitcoin works, thus hackers can spend your money without your consent

How is that possible? Because bitcoin is essentially an agreement (protocol) among nodes, if majority of the nodes around you agree that your bitcoin is gone, then it is gone! It does not matter how strong ECDSA is, all it takes is a group of nodes around you changed their rules (or so called sybil attack)

Somebody might wonder: Aren't miners suppose to be the honest nodes and stop all this? Unfortunately, in this case, miners or so called most powerful computer network in the world can not do anything about it

Why? Because everything in bitcoin is decided by its agreement among nodes. If the nodes changed their way of calculate blocks, then all the miners will be dropped from the new network, and all those ASICs in large mining farms will just become paperweight

This becomes a real threat when mining has become too centralized, e.g. only a few large pools are doing mining. So, even they are running the original version of bitcoin, if large group of nodes have upgraded to a different version, these miners will just be ignored as minority (new version can easily change the way that miner works). Of course without hash power the new version will worth nothing later on, but I guess the thieves only need to sell their stolen coins before others realize the problem

The critical point that have real financial impact are exchanges and web wallet services. If one of these nodes together with a group of malicious nodes changed their protocol, then they could easily take others' coin, sell on exchange and profit. If you are really paranoid and assume that every exchange might be a potential malicious actor like MTGOX, then they have many ways to profit unethically through a protocol change

When your banks are closed during weekend, do you use Chinese RMB because their banks works during weekend? If you are afraid of being taken over by alt-coins, get some alt-coins, just in case  

As statistics show, most of the users don't spend their bitcoin, simply because they will spend depreciating fiat money first and hold bitcoin to protect them from inflation. If you have $4000 and 10 bitcoin, which one do you spend first?

So, given people mostly purchasing bitcoin for long term saving, then they will purchase once a while and should not be very sensitive to transaction frequency and fee. Also, today there are more and more realtime mobile payment system that charges user 0 fee for instant transactions, it is a waste of time trying to scale bitcoin in order to get close to the speed and cost of any centralized solutions today

Maybe there is a real pressure for pools, exchanges and wallet service providers. But these organizations, being centralized, they should pursue clearing based solution to solve their problem, instead of giving pressure to core devs to let the blockchain serve them: Bitcoin is not designed to serve the institutions but person to person

Let's recheck Gavin' quote here:
"Segregated witness transactions won’t help with the current scaling bottleneck, which is how long it takes a one-megabyte 'block’ message to propagate across the network– they will take just as much bandwidth as before. There are several projects in progress to try to fix that problem (IBLTs, weak blocks, thin blocks, a “blocktorrent” protocol) and one that is already deployed and making one megabyte block propagation much faster than it would otherwise be (Matt Corallo’s fast relay network)."

So, a solution changes nodes' architecture, reduces their security, but does not help to reduce the major bottleneck, why rush with that? It is a smart way of thinking but the involved code change and potential security risk just make it less attractive than simply raise the block size to 2MB to deal with current block size limitation. In fact it is a very long term solution to totally change the bitcoin architecture,  thus require much more time and effort to test

Everyone who heard about bitcoin will start an altcoin in a couple of months, banks are no exceptions, and they will all return to bitcoin later

Did you read my post or just say no to every thing you see

Inflation is not high? Look how many times those stocks and housing price has been rising. Do you know why all those things that bankers buy are not included in inflation index?

I had a feeling that this solution seems quite sudden and not very well prepared, might because they are afraid of a transaction volume surge during the next rally, but in that case I'd prefer Jeff's approach to simply raise the block size limit, it does not change the code too much and can buy people more time to work on more long term solution

In fact I think even we do nothing, bitcoin still works. People will adjust themselves to their beloved bitcoin and create solutions outside of blockchain to solve the scaling problem. It is a habit that devs always want to do something to prove that they are working, but even as large as FED, considered to be the top wisdom on the planet, what they do is just print a bit more money or print a bit less money, change interest rate by step of 0.25%, nothing more than that, and they did that for decades. When you are commanding a monetary system, every step of change should be extremely cautious and small

I remember one of the core dev said a few month ago that we should wait until the block become full and see how the situation develop and then start to apply measures accordingly, I still think this is a good approach. People won't die because the banks are closed during week end, similarly, if the block become too congested, they will just reduce the transaction frequency and plan their transaction accordingly, that gives us at least 3-4 times of block space to maneuver, at least one years time to react

Exactly, and this is just one of the security risk that is possible under the new implementation, and typically an honest dev will barely understand or test how malicious users exploiting the weakness of the system. So the real damage might only happen when the software is in live traffic

If full nodes are still needed then they are still the slowest bottleneck of the system, the SW implementation won't improve the bottleneck then what's the benefit?

Anyway this is just a generalized talk, I am not aiming SW, just showing by changing the protocol you can do whatever thing to bitcoin. So a change to protocol should be very carefully tested and reviewed, but due to the complexity of the codes, the review will be quite difficult

Sorry, I have changed the order a little bit to make it more realistic, they should first push for mass adoption and then do the malicious transaction

Exchanges and merchants accept such a new version simply because they heard that it can bring more transaction capacity, can fix bugs, can reduce the block size and increase performance. etc... And because the code and the implementation is so complex they don't have time to check every detail

In this order:

1. Some large miners start to run a new version that can spend satoshi's coin without signature (in new version you can redefine what is a valid transaction)
2. These miners promote the new version to be widely accepted by exchanges and merchants
3. These large miners moved satoshi's coin to their own address in the new version
4. They sell those 1 million coins and gone

Since no one else except Satoshi will notice the difference, and in this case majority of the miners already get Satoshi's coins and be satisfied with the new version. Even Satoshi comes out and protest, it does not make any sense any more

In fact, this possible change in bitcoin architecture raised a question: Are your bitcoin safe in a cold storage?

I used to believe that it is protected by the public-private key cryptography, e.g. without the signature generated from private key, the coin at certain address can not be spent

But now I realized that this really depends on the client running on the nodes

If a group of nodes are running a new version which does not need the signature to spend coins, then that version can spend anyone's coin without their signature (The new version can use a new signature scheme to protect their new address). Of course this transaction would not be known to the old client since that is not part of the old protocol, so in the old client coins are still there but in the new client the coins have already been spent. After the old client upgraded to new, the coins are gone

And there is really motivation in doing this: Since by the time when over 99% of the client is running new software, the old client essentially becomes minority thus have to upgrade to the new version because almost no node is using the old version anymore. So, by successfully rolling out a new version you can steal other's coins, especially Satoshi's 1 million coins, doesn't that sounds like a good idea?

I'm not talking about developer's ethics here, it is just a technical possibility that will attract lots of criminals, and criminals really does not care about bitcoin's long term success, they just need to cash out the stolen coins at exchanges and they are done. In a word, if nodes could not prevent the protocol from being changed to something malicious, then you essentially can not protect your bitcoin at all. And the more complex the code is, the easier to hide malicious implementations

As you can see, unless you heavily tamper the code, none of these solutions is going to work

Still I prefer the simplest solution of direct clearing and settlement between service providers, two major benefit:
1. you don't need to change the bitcoin code, thus maximum code stability
2. clearing based solutions is a mature solution in financial industry, maybe more risky at each service provider level but no risk for bitcoin network, it can give you 0 transaction fee and instant payment, which bitcoin network can never achieve no matter what kind of scaling solution

Or by ignore new updates and let others become lab rats