Rather than jacking the press hits thread, I thought I'd start a discussion here. As Jeff said, he emailed some journalists and "corrected" their idea that Bitcoin is anonymous. I think he may have gone too far in the other direction. Jeff Garzik, a member of the Bitcoin core development team, says in an email that bitcoin is not as anonymous as the denizens of Silk Road would like to believe. He explains that because all Bitcoin transactions are recorded in a public log, though the identities of all the parties are anonymous, law enforcement could use sophisticated network analysis techniques to parse the transaction flow and track down individual Bitcoin users.
"Attempting major illicit transactions with bitcoin, given existing statistical analysis techniques deployed in the field by law enforcement, is pretty damned dumb," he says. I agree that it is important for people to understand that all Bitcoin transactions are recorded in a publicly available log. However, his statement seems to imply that it is trivial to link a transaction to an identity. I believe that this is just about as incorrect as saying that Bitcoin is completely anonymous. For instance, Silk Road has a built in coin mixer. When you add coins to your account, they are sent through a bunch of dummy transactions, split up and recombined with the coins of other people. This would make it much more difficult to associate a specific sale with a Bitcoin transaction and individual identity. Another precaution that can be taken from the buyer's point of view is to only spend virgin coinbase transactions. These have no history so cannot be traced via information leakage (associating a previous address with your identity accidentally or purposefully). These can be obtained by mining yourself, or via "proxy mining", where a miner creates the coinbase transaction for a public key whose private key you control. If the proper precautions are taken, I believe that nothing short of seizure of the hard drive containing the wallet can prove the link between a transaction and an identity. Further, once the transaction is complete, the used private keys can be removed from the wallet, negating even this risk. Any thoughts? |
|
|
|
thanks mcgruder. i just want to share my hobby with people. the other dude didnt need to be a dick.
I think you might be visiting the landing page on the regular internet, not the Silk Road itself. Try this link instead. Also, I would highly recommend downloading the Tor browser bundle in order to use Tor in the most secure way possible. |
|
|
|
Silk Road scare mongering. Didn't really seem like scare mongering to me... I thought it was a fairly positive article overall. |
|
|
|
|
A pyramid scheme requires an ever increasing number of investors to pay off the earlier investors. When there are no more investors, the scheme collapses as the latest groups of investors realize that there is no more money.
When the exchange rate of bitcoin stabilizes at is maximum value, all of the people who bought bitcoin at its highest price can still trade with bitcoins. How is this like a pyramid scheme?
|
|
|
|
|
No, it's nothing like a ponzi scheme. When the very last bitcoin is mined and sold, people can still trade all of the bitcoins in existence.
|
|
|
|
I wouldn't say greed, Bitcoin is promoted as a more fair store of wealth than the USD? If something appears to threaten that, should we be ashamed to point that out? Am I greedy for worrying that my buying power could potentially lose a third of its value on the whim of any of ten people or so? Calling me greedy for this sounds as silly as a Federal Reserve claim that "hey, we deserve the interest we charge you as compensation for all the years of "stability" we brought". It's ironic that I can be sitting here saying I have gained a huge sum I feel I don't deserve, and wouldn't be bothered to sacrifice if it took away a certain unfairness for everybody, and yet be called greedy at the same time.
So then why don't you donate 10,000 BTC to the faucet then, to more fairly distribute your unearned wealth? Or perhaps set up a trust, such that if a person can prove their identity to a reasonable degree (to minimize fraud), they will receive 1 BTC from you? Or pay a developer to start a new block chain? Seriously, there are so many things you could do rather than bitch about how unfair it is that the early adopters were able to make boatloads of bitcoin. Have you considered that if Bitcoin seriously takes off, buying at $9 could be considered an early adopter in the future? Oh my god, people were able to afford HUNDREDS of bitcoins! The distribution of wealth is soooo unfair! |
|
|
|
I think we're not that far off. I think we both see hoarding as similar to saving, but different in degree. I don't think there's anything wrong with hoarding, and I don't think the definition I proposed implies that there is anything wrong with hoarding. As several posters have noted, hoarding can serve as a value to society, as the profit motive rewards people who recognize trends or future developments and accumulate/preserve the appropriate resources for later distribution.
The definition I proposed simply offers an objective way to tell whether someone is accumulating a significant amount of something for a particular purpose (expected significant increase in prices). What are normal uses of the word that my definition does not fit? Accumulating liquor and guns for an apocalypse would seem to fit, hoarding bitcoins with the anticipation of significant profits would seem to fit, putting 10% of my weekly paycheck in a CD would seem not to fit (and would be considered saving, which I think comports with the generally accepted use of the word)? What does my definition exclude that should be included? Again, I'm not looking for the bounty, just interested in pursuing the discussion at this point.
I still disagree, but since I worded the challenge poorly I sent you 5 BTC. Maybe this is more in line with my intention: What makes saving good but hoarding bad? |
|
|
|
The question is: why bitcoin should benefit the US government?
What do you mean "why"? Because Bitcoin can be a useful tool, for good and for bad, for individuals and for government agencies. |
|
|
|
If you want to look at this as an attack or a vulnerability, the real attack vector (if it can be called that) is how non intuitive, user unfriendly, and buggy the client is and how it is being improved so incrementally slowly. I have had to redownload the block chain a dozen times because there are so many ways for the database files to lose sync with the wallet it is outrageous. I certainly don't want to poo on the whole cryptocurrency concept, which I believe is truly novel, but the app is proof-of-concept quality at best. Many serious problems exist (scalability an elephant size one) that haven't even begun to be addressed.
The fact is, the first person to show up with a vastly improved client gets a ripe opportunity to dictate how it is going to work, especially if it remains backward compatible with the classic ruleset and becomes a worthy upgrade even for those with no interest in the changed rules.
If you want to do something about it, work on the UI and fix the bugs before someone with an agenda does it for you.
Works fine for me, but there are other clients in the works as well. If it's so fucking easy to fix, why don't you do it? Alternatively, you could pay Gavin to quit his job and develop the client full time. I mean, you've got all that money sitting around that you didn't actually earn, you owe it to the community to give back. LOL @ the "someone with an agenda fixing bugs". It's open source software. PLEASE make a better client "with an agenda". As long as I or someone I trust can audit the code, nothing will make me happier. |
|
|
|
Hoarding was an unintended consequence of GPU mining that raised the difficulty factor against CPU mining. Unless more people get GPUs, the majority of bitcoins will be in the hands of a few people. Bitcoin will die unless they are spread around. It is up to the bitcoin holders to develop a means of getting bitcoins into the hands of others or all interest will be lost in them. No one else cares enough about bitcoins to do this for them.
The initial distribution of bitcoins probably doesn't matter. That said, I believe the early users were able to generate tens of thousands of bitcoins on CPUs; GPU mining did not come until late 2010. Currently the difficulty is so high that even with a high end graphics card, you cannot generate a significant number of bitcoins (compared to what was generated by CPUs earlier). |
|
|
|
|
It's not an attack.
If someone wants to value certain coins over others, that's their choice.
Gold in raw form is not widely used as currency, and you could discriminate based on a shape instead of minting date or design.
It really doesn't even matter at all. As Cusipzzz said, if this became widespread, coin mixing services could become more widely used.
|
|
|
|
|
Fungibility does not require that the units be indistinguishable, just that they can be seen as such. Notes have serial numbers and coins have mint dates, some people discriminate based on this but they are a minority.
|
|
|
|
|
Why don't you tell us what you are attempting to do, and we'll help you find the best way to do it?
|
|
|
|
Can I manually generate a public/private key that corresponds to a given address
What themos said. A public key can be derived from a private key, and an address can be derived from a public key, but those operations cannot be reversed. In order to get a private key from a public one you would have to break ECDSA, and in order to get a public key from an address you'd have to break SHA-256 (or scan the block chain). |
|
|
|
Thanks for the answers theymos and BitterTea! Guess I wasn't asking quite the right questions then... I assumed that each wallet only had one public key! What I am getting at is, how could I generate a list of addresses that I was sure would go to the same wallet? Looks like theymos's PHP code is most of the way there too...  Also, bittertea, in your equation, is checksum multiplied by the result of "version+ripemd-160(sha-256(public_key))"? A wallet is merely a container of public-private keypairs. You cannot tell whether two addresses belong to the same wallet without scanning a wallet file for the keys represented by the addresses. Check out the wiki page I linked, it should be more clear. A bitcoin address is in fact the hash of a ECDSA public key, computed this way:
Version = 1 byte of 0 (zero); on the test network, this is 1 byte of 111
Key hash = Version concatenated with RIPEMD-160(SHA-256(public key))
Checksum = 1st 4 bytes of SHA-256(SHA-256(Key hash))
Bitcoin Address = Base58Encode(Key hash concatenated with Checksum)
|
|
|
|
But that's just it. Economics is the study of personal preferences, either in small (micro) or large (macro) scales. Personal preferences are how people make value decisions, which they express through trades.
Also, I should point out that no one else in the entire world would ever come up with your definition of hoarding, and you've really only twisted "saving that society finds distasteful" to "saving that society finds statistically abnormal".
I think it was a trick. I suppose it was a trick in that I didn't expect anyone to come up with a satisfactory answer. It wasn't a trick in the sense that I thought it was a self contradictory question or it was impossible to answer. There is a lot of talk of hoarding, especially revolving around the concept of deflation. The idea is that if the purchasing power of a currency is rising, people will hoard it instead of spending it, as if the only correct way to use money is to spend it. Hoarding, or saving as I prefer to call it, is merely the action an individual takes when they prefer a liquid cash balance as oppose to less liquid investments. When people refer to saving as hoarding, to me what they are saying is that the person is saving an excessive amount. Again, excessive is completely subjective. I feel like the definition that you presented was carefully crafted to exclude things that you do not consider "excessive", but does not fit the normal use of the word. That is why I do not feel obligated to pay you the bounty. |
|
|
|
First - How can I get the public key of someone else's wallet? Or better yet, can a public key be derived from an address? To build an address, a double hash (first SHA-256 then RIPEMD-160) of the public key is appended to the version. Then the first four bytes of the checksum (SHA-256 x 2) of this value are appended. The entire thing is base58 encoded. When you send someone a transaction, you put the hash of their public key in the scriptsig of the output. When they claim the output, they must have the private key whose public key hashes to that value. Second - How can I generate an address based on that public key? What mathematical calculations, hashes, encryption is being done behind the scenes? base58encode(version+ripemd-160(sha-256(public_key))+checksum(version+ripemd-160(sha-256(public_key)))) Where checksum is the first four bytes of sha-256(sha-256(data)). Third - Would an address still "work" even if it was not generated by the wallet owner's client? In other words, if I had the public key of someone's wallet, and generated an address for them without them knowing, could I send them bitcoins to that newly generated address and they would receive them? see this wiki article: https://en.bitcoin.it/wiki/Protocol_specification#AddressesYes, as long as they own the private key from which the public key is derived, and it is a valid bitcoin address. |
|
|
|
casascius isn't claiming any kind of authority, nor is he proposing any kind of centralisation. i wish people criticising him would read more carefully and think more sensitively about subjects they expound on, rather than staying in the realm of idealised theory and apparently assuming that anyone who proposes something new must be a communist.
he's made what's at heart the same point many others have made: the seigniorage of bitcoin is arbitrary, is probably not priced into the value of coins in the current block chain because of informational asymmetries, ultimately serves no productive function, and has contributed to what is likely a functional pyramid scheme from the public's perspective. this is not a crazy or extreme point; it's consistent with almost all economic literature on productive rather than unproductive investment.
I have no problem with others creating alternate block chains with whatever rules they want. It is my opinion that competition is always good and I applaud anyone that expends the effort to do so. Even if I didn't want there to be alternate chains, there's nothing I or anyone else could do about it. However, to claim that early adopters did nothing to deserve their easily mined bitcoins is fucking preposterous. If they had not invested time and resources into the bitcoin community, you would not be here now in order to complain. So go and create your own chain, or use your considerable amount of unearned exploited wealth to pay someone to do it for you. Put your money where your mouth is, so to speak. The constant complaining about the unfairness of the rules of the main chain just makes it sound like you're bitter that you didn't get in earlier and you want to punish the early adopters for taking a risk. Come back when you have something of substance, I'm sure you will be more warmly welcomed. |
|
|
|
How so? My definition, and the distinction between saving and hoarding, is completely agnostic about personal preferences, whether anybody has a personal preference for the asset being saved or hoarded is of no consequence, all that matters is expectation of future value increase and divergence from the mean in amount of acquisition. As I stated above, I could hoard guns and liquor in anticipation of the apocalypse, and have absolutely no preference for either.
It's because you're defining hoarding based on the preference of others. If nobody prefers to own guns, but I do, then I own a statistically significant number of guns. It's essentially saying that nobody should own more than the average number of something. Completely and utterly subjective. |
|
|
|
|
What you are doing should work, but as I said the use of your CPU may slow down your GPU generation.
My recommendation is to turn off generation in the Bitcoin software and see if the poclbm's rate increases. If not, you can leave them both on if you want.
Bitcoin will not report the hashing that is done by external sources, but you can be assured that it is working if poclbm's not giving you an error.
|
|
|
|
|
Show Posts
