Offline-generated paper wallet is the gold standard of wallet safety. Forget any electronic solutions. You still need multiple paper copies, of course.
Offline-generated it good, but there's no difference between a "paper" wallet and a cold storage electronic wallet (e.g. Armory, Electrum, BIP32) with a paper backup, or is there? At some point, you have to hand your private keys over to a computing device (an offline computer or a hardware wallet) to do the EC math (unless you do it yourself on paper, good luck with that!  ) By paper wallet I mean paper backup |
|
|
|
|
Offline-generated paper wallet is the gold standard of wallet safety. Forget any electronic solutions. You still need multiple paper copies, of course.
|
|
|
|
|
Blockchain.info looks nice but it could be buggy and provide misleading information
|
|
|
|
When behavior like this is fixed via limits great care must be taken to make sure the limits are implemented absolutely consistently everywhere or the result is a consensus splitting risk. Alt full node implementers have repeatedly implemented the limits wrong— even when they're obvious in the code, called out in the comments, documented on the wiki, etc... even by just simply not implementing them (... coverage analysis and testing against the blockchain can't tell you about limits that you're just missing completely).
I'm not a programmer so this may sound very stupid: MAX_BLOCK_SIZE = 1MB: not risky(?) Max push size = 520 bytes: not risky(?) Max script size = 10000 bytes: not risky(?) Max OP_CAT output size = 520 bytes: why risky? I mean, is there any fundamental difference between these cases? |
|
|
|
在localbitcoins在线求买比特币列表中,阿根廷用户长期占据前N位,这是有多饥渴啊!  這是因為localbitcoin排序用的是官方ARS->USD匯價, 但ARS的黑市價比官方價要低得多, 所以才會有這錯覺 |
|
|
|
As for the expodential groth, I read somewhere something like: Replacing two inputs from the stack with one output that is only as long as the two inputs together... Use OP_DUP and OP_CAT in succession, and you will double the size of your (single) input. To complete the lesson, for those who never liked homework: With a 201 cycle limit, OP_CAT lets you use approximately 534,773,760 YiB memory, vs 102510 bytes without it. is unlikely to exhaust the memory. And I agreed very much. And maybe you will realize why all these altcoins worry me so? Or perhaps you've got cheaper sources of ram than I do? I can't get it. If we could overflow the output of OP_ADD, why couldn't we do the same for OP_CAT? There is a big difference between overflowing a numerical value and overflowing memory. Say you have an 8bit unsigned int, then (200+100) would overflow because the highest value is 255. The result is then (200+100-256)=44, with a carry bit, or overflow. In that context, it just means that you passed the maximum numerical value which resets to zero. Concatenation of strings coupled with duplication would causes the memory (not a number) to overflow, and it could look like this: abc; OP_DUP; abc abc; OP_CAT; abcabc; OP_DUP; abcabc abcabc; OP_CAT; abcabcabcabc; OP_DUP; abcabcabcabc abcabcabcabc; OP_CAT; abcabcabcabcabcabcabcabc; OP_DUP; abcabcabcabcabcabcabcabc abcabcabcabcabcabcabcabc; OP_CAT; abcabcabcabcabcabcabcabcabcabcabcabcabcabcabcabc; OP_DUP; ...and after so long, that would cause a memory overflow, which would result in a CPU fart. You may read www.redefiningthesacred.com/math4.html which illustrates the power of exponential growth. I surely know what's exponential growth But the growth could be easily shut down by limiting the length of the output. For example, the script will stop and fail if the output of OP_CAT is bigger than 520bytes (which is also the upper limit of OP_PUSHDATA2) |
|
|
|
As for the expodential groth, I read somewhere something like: Replacing two inputs from the stack with one output that is only as long as the two inputs together... Use OP_DUP and OP_CAT in succession, and you will double the size of your (single) input. To complete the lesson, for those who never liked homework: With a 201 cycle limit, OP_CAT lets you use approximately 534,773,760 YiB memory, vs 102510 bytes without it. is unlikely to exhaust the memory. And I agreed very much. And maybe you will realize why all these altcoins worry me so? Or perhaps you've got cheaper sources of ram than I do? I can't get it. If we could overflow the output of OP_ADD, why couldn't we do the same for OP_CAT? |
|
|
|
Data from May to July 2014 | Date | NAV ($) | Net | Est | Est Net | Est New | Actual | | spaceholder | | Assets | Holding | Buying | Invest | Holding | | | (M$) | (XBT) | (XBT) | (M$) | (XBT) | | 29-Aug-14 | 49.74 | 53.82 | 106242 | 4 | 0.01 | | | 28-Aug-14 | 50.08 | 54.18 | 106238 | 3 | 0.00 | | | 27-Aug-14 | 50.46 | 54.59 | 106235 | -16 | 0.00 | | | 26-Aug-14 | 49.81 | 53.89 | 106251 | 111 | 0.06 | | | 25-Aug-14 | 49.45 | 53.44 | 106140 | -19 | 0.00 | | | 22-Aug-14 | 50.44 | 54.51 | 106159 | -7 | 0.00 | | | 21-Aug-14 | 50.95 | 55.06 | 106166 | 121 | 0.06 | | | 20-Aug-14 | 48.34 | 52.18 | 106045 | 82 | 0.04 | | | 19-Aug-14 | 46.48 | 50.13 | 105963 | -6 | 0.00 | | | 18-Aug-14 | 45.20 | 48.75 | 105969 | -39 | -0.01 | | | 15-Aug-14 | 49.20 | 53.07 | 106008 | 210 | 0.11 | | | 14-Aug-14 | 50.33 | 54.18 | 105798 | 3 | 0.00 | | | 13-Aug-14 | 53.51 | 57.60 | 105795 | -36 | -0.01 | | | 12-Aug-14 | 55.94 | 60.23 | 105831 | 13 | 0.01 | | | 11-Aug-14 | 56.99 | 61.35 | 105818 | 69 | 0.05 | | | 8-Aug-14 | 58.05 | 62.44 | 105749 | -26 | -0.01 | | | 7-Aug-14 | 57.37 | 61.72 | 105775 | -1766 | -1.03 | | | 6-Aug-14 | 57.08 | 62.43 | 107541 | 13 | 0.01 | | | 5-Aug-14 | 57.21 | 62.56 | 107528 | -17 | -0.01 | | | 4-Aug-14 | 57.69 | 63.09 | 107545 | 72 | 0.06 | | | 31-Jul-14 | 56.27 | 61.48 | 107473 | 4 | 0.01 | | | 30-Jul-14 | 56.46 | 61.68 | 107469 | -7 | 0.00 | | | 29-Jul-14 | 57.32 | 62.62 | 107476 | 141 | 0.08 | | | 28-Jul-14 | 57.01 | 62.20 | 107335 | 49 | 0.04 | | | 25-Jul-14 | 58.89 | 64.21 | 107286 | -6 | 0.00 | | | 24-Jul-14 | 59.34 | 64.70 | 107292 | -7 | 0.00 | | | 23-Jul-14 | 60.82 | 66.31 | 107299 | 200 | 0.13 | | | 22-Jul-14 | 61.00 | 66.38 | 107099 | 122 | 0.08 | | | 21-Jul-14 | 60.84 | 66.13 | 106977 | 30 | 0.04 | | | 18-Jul-14 | 61.25 | 66.54 | 106947 | 3 | 0.00 | | | 17-Jul-14 | 60.72 | 65.96 | 106944 | 43 | 0.03 | | | 16-Jul-14 | 60.71 | 65.92 | 106901 | 397 | 0.25 | | | 15-Jul-14 | 61.11 | 66.10 | 106504 | 3 | 0.00 | | | 14-Jul-14 | 61.17 | 66.16 | 106501 | 59 | 0.05 | | | 11-Jul-14 | 61.24 | 66.19 | 106442 | 43 | 0.04 | | | 10-Jul-14 | 60.56 | 65.42 | 106399 | 53 | 0.03 | | | 9-Jul-14 | 61.24 | 66.12 | 106346 | -269 | -0.16 | | | 7-Jul-14 | 61.47 | 66.53 | 106615 | -7 | 0.01 | | | 3-Jul-14 | 63.44 | 68.65 | 106622 | -55 | -0.03 | | | 2-Jul-14 | 63.55 | 68.80 | 106677 | 397 | 0.26 | | | 1-Jul-14 | 63.81 | 68.82 | 106280 | 82 | 0.06 | | | 30-Jun-14 | 61.19 | 65.94 | 106198 | -19 | 0.00 | | | 27-Jun-14 | 57.21 | 61.65 | 106217 | -6 | 0.00 | | | 26-Jun-14 | 55.92 | 60.26 | 106223 | -7 | 0.00 | | | 25-Jun-14 | 56.29 | 60.66 | 106230 | -16 | 0.00 | | | 24-Jun-14 | 57.79 | 62.28 | 106246 | 52 | 0.03 | | | 23-Jun-14 | 57.98 | 62.45 | 106194 | 20 | 0.02 | | | 20-Jun-14 | 58.26 | 62.73 | 106174 | 63 | 0.04 | | | 19-Jun-14 | 59.32 | 63.83 | 106111 | -16 | -0.01 | | | 18-Jun-14 | 59.90 | 64.46 | 106127 | 33 | 0.03 | | | 17-Jun-14 | 58.67 | 63.11 | 106094 | 3 | 0.00 | | | 16-Jun-14 | 58.47 | 62.89 | 106091 | -29 | 0.00 | | | 13-Jun-14 | 58.42 | 62.84 | 106120 | 92 | 0.05 | | | 12-Jun-14 | 61.68 | 66.29 | 106028 | -6 | 0.00 | | | 11-Jun-14 | 63.43 | 68.17 | 106034 | -27 | -0.01 | | | 10-Jun-14 | 64.34 | 69.16 | 106061 | 4 | 0.01 | | | 9-Jun-14 | 63.80 | 68.57 | 106057 | 50 | 0.04 | | | 6-Jun-14 | 64.51 | 69.29 | 106007 | 3 | 0.01 | | | 5-Jun-14 | 64.31 | 69.07 | 106004 | 53 | 0.04 | | | 4-Jun-14 | 63.12 | 67.75 | 105951 | -46 | -0.03 | | | 3-Jun-14 | 65.19 | 70.00 | 105997 | 299 | 0.20 | | | 2-Jun-14 | 62.76 | 67.20 | 105698 | -88 | -0.04 | | | 30-May-14 | 58.71 | 62.90 | 105786 | -6 | 0.00 | | | 29-May-14 | 55.91 | 59.90 | 105792 | 131 | 0.07 | | | 28-May-14 | 56.26 | 60.20 | 105661 | -65 | -0.03 | | | 27-May-14 | 56.51 | 60.50 | 105726 | 320 | 0.20 | | | 23-May-14 | 52.18 | 55.68 | 105406 | -7 | 0.00 | | | 22-May-14 | 50.09 | 53.45 | 105413 | -16 | -0.01 | | | 21-May-14 | 48.35 | 51.60 | 105429 | -26 | -0.01 | | | 20-May-14 | 46.28 | 49.40 | 105455 | -46 | -0.02 | | | 19-May-14 | 43.83 | 46.80 | 105501 | -49 | -0.01 | | | 16-May-14 | 43.91 | 46.90 | 105550 | 63 | 0.03 | | | 15-May-14 | 43.94 | 46.90 | 105487 | 369 | 0.16 | | | 14-May-14 | 43.53 | 46.30 | 105118 | -66 | -0.03 | | | 13-May-14 | 43.13 | 45.90 | 105184 | 93 | 0.04 | | | 12-May-14 | 43.17 | 45.90 | 105091 | -108 | -0.04 | | | 9-May-14 | 43.98 | 46.80 | 105199 | 3 | 0.01 | | | 8-May-14 | 43.61 | 46.40 | 105196 | 152 | 0.07 | | | 7-May-14 | 43.11 | 45.80 | 105044 | 4 | 0.01 | | | 6-May-14 | 42.08 | 44.70 | 105040 | -27 | -0.01 | | | 5-May-14 | 42.73 | 45.40 | 105067 | -98 | -0.04 | | | 2-May-14 | 44.20 | 47.00 | 105165 | 53 | 0.03 | | | 1-May-14 | 44.79 | 47.60 | 105112 | 1250 | 0.57 | |
|
|
|
|
|
As people are talking about scalability again, is there any new development in SCIP?
|
|
|
|
Just got this message from my bitcoin node: Warning: Large-work fork detected, forking after block 000000009cf297bc2a9610af823b49fc1d98e001239e99204c3c410e1ad3fe54 Looking at this forum and reddit, I see no further information about it. Is there anywhere I can get more detailed information about this event? According to the e-mail I received it happened ca. 22 mins before this post. The difficulty level is so low, like a block in year 2009. And this block hash isn't even on the blockchain. Well, I'm running "version" : 90201,
"protocolversion" : 70002,
"walletversion" : 60000,
In all fairness, I see I've set alerts to be sent to the same address from both bitcoind and bitcoind running on testnet, and I see that the block exists on testnet: http://blockexplorer.com/testnet/block/000000009cf297bc2a9610af823b49fc1d98e001239e99204c3c410e1ad3fe54So case solved then. My fault. BTW, how could you see the difficulty level, could you see that directly from the block hash provided? With so few leading zeros the difficulty must be very low. A typical hash today is like 00000000000000002c1115be03148ca4c5b42e5ed07c575a63e0e8a99e4cd645 |
|
|
|
Just got this message from my bitcoin node: Warning: Large-work fork detected, forking after block 000000009cf297bc2a9610af823b49fc1d98e001239e99204c3c410e1ad3fe54 Looking at this forum and reddit, I see no further information about it. Is there anywhere I can get more detailed information about this event? According to the e-mail I received it happened ca. 22 mins before this post. The difficulty level is so low, like a block in year 2009. And this block hash isn't even on the blockchain. |
|
|
|
Could we theoretically create an output that could only be spent after some proof-of-work?
stringtoconcatenate OP_CAT OP_SHA256 00000000839a8e6886ab5951d76f411475428afc90947ee320161bbf18eb6048 OP_LESSTHAN OP_VERIFY OP_DROP OP_DUP OP_HASH160 e6ee700d3b22c43b4ad5d4144ae16d35a0013bc0 OP_EQUALVERIFY OP_CHECKSIG
Our scriptsig would have first the signature and then the nonce.
The nonce and a string in the script - perhaps a recent headline, to prove work wasn't done prior to the transaction - would be concatenated (if OP_CAT wasn't disabled) and then we'd get the SHA-256 hash of the combined string. If that hash is less than a target, then yes, we can check the signature.
I think this could be useful (if not fun) for a trust fund, or proof-of-illiquidity, if our target has enough leading zeroes to make it (on average) take a few days to find a working nonce, and therefore make the output spendable. Perhaps the target could take years with a GPU farm.
Any comments? Would this be a good/bad idea? (assuming of course OP_CAT was enabled?)
Your example won't work even if OP_CAT is enabled because OP_LESSTHAN could only handle 32-bit integers. You need OP_SUBSTR (which is also disabled) to split the string first and use multiple OP_LESSTHAN to make the comparison. Anyway, I can't see how a probabilistic proof of illiquidity could be useful in any scenario. |
|
|
|
If that's true no one in China (and most parts of the world, actually) should be mining, as they could get more bitcoin by simply buying from the market. |
|
|
|
As there is a good chance many of the asics are already run at a loss.
This is statement is unfounded at all. Electricity could be very cheap in some part of China Maybe it's real but I don't buy it. Especailly as if "secret" in China, it would send out a massive heat signature and the authorities would think they are growing cannabis in those buildings.
So what? The police will just find a computer farm instead of a cannabis farm. |
|
|
|
2017年春,近乎绝望的比特币守望者们最终没有迎来比特币的春天。
是时,比特币的价格已经降到不足500人民币(此时中国刚刚发行500一张的人民币)。
大量的矿机商在挣扎几年后相继倒下。
曾经叱咤风云的南瓜张回到母校任教,他在走之前变卖完公司全部的资产,刚刚偿还清全部的债务。他赤裸裸的来,又赤条条的走,不带走一片云彩。
烤猫矿机成功转型成电热器生产厂,因名字取得好,倒也卖得不错。
蚂蚁矿机欲转型为鼠标垫生产商未果,不知所踪。
李笑来一再宣称比特币只是个实验,但是依然抵挡不住粉丝的热情,被迫出国。现在据说在某个小岛上教中文。
比特时代和比特儿早已宣布无限期关站,通知大家速度把币提出去,但是据说一些山寨币提了半年都没到账,可能是某些币早已死掉,只是大家没发现。
黄天威继续做他的网页游戏,韩林继续搞软件开发,仿佛从没来过。
何一重回旅游卫视主持节目,她说:“我来过,爱过,被黑过。我的生涯一片无悔。”
火币、OKCOIN、比特币中国经过多轮裁员之后,终于决定合并办公。总计不足20人在一间狭小的办公室维持了三家交易所的运转。雪白的墙上挂着四个大字:“相信未来!”
比特儿小酒儿去了某个幼儿园教书,比特时代小飞飞开了家外贸公司,走私丝袜。
当年的比特币玩家们一哄而散。
当年争论POW和POS,山寨币和二代币的玩家也一哄而散。
只有那些文字,依然在网络上流淌。
仿佛一个笑话。
2017年我會把這個頂起來 (如果還有這個論壇的話) |
|
|
|
No matter what algorithm you use, POW Mining is a Poisson process and the block interval follows exponential distribution. The variance is the square of the mean block interval. Since exponential distribution is the ONLY memoryless continuous distribution, it is the "best" and at the same time the "worst" we may have. http://en.wikipedia.org/wiki/Exponential_distributionMining is a renewal process, but I do not think it is Poisson, since even for single-function coins, the difficulty grows over time. (In fact, it should be non-homogeneous Poisson: the block interval distribution should get lower and flatter as the difficulty gets higher, although it is still exponential.) If the hashes are in a predetermined order, multi-hash-function (chained-PoW) mining block arrival times should also be exponential, since sums of Poisson processes are also Poisson processes. (Assuming a fixed difficulty level, for the sake of discussion.) However, choosing the hashes randomly results in an iterated (compound) Poisson process. Here, the block intervals should have a more complicated distribution: http://en.wikipedia.org/wiki/Compound_Poisson_processhttp://arxiv.org/abs/1107.2876If I remember right, Quark used randomly selected hashes. I'm not sure about X11/13/others. PoW schemes that include superblocks are also iterated Poisson processes, for the same reason. Difficulty changes over time only because the hashing power is increasing, and happens only once in 2016 blocks. We can just assume it is fixed. With some tricks we may reduce the variance without reducing the mean block interval. However, mining is no longer progress-free and the fastest miner will earn more reward than he should. This has been discussed here: https://bitcointalk.org/index.php?topic=572816.0I don't have much idea about those alt coins. If their mining are not Poisson process, they are flawed. |
|
|
|
Is there a way for two parties to agree on a fixed exchange rate for their transaction at a future date regardless of the actual bitcoin exchange rate? Does that capability exist?
You just re-invented options. Which was probably first used in ancient Greek: http://en.wikipedia.org/wiki/Option_(finance) |
|
|
|
Yes, assuming all players are honest, the network must converge after sufficient time, since mining is a random process.
Let's say the network delay is somewhere between 0s to 10s, and we have 2 competitive forks of the same length, fork A and fork B. Let delta be the difference between the time of finding the next block in the 2 forks. If delta is smaller than 10s, the network may not be able to decide the order of the the 2 blocks and the fork would continue. However, since mining is a random process, there is a chance (P) that delta is much larger than 10s. When this happens, the network will converge to the longest fork immediately. P approaches 1 as we wait longer.
That's why it's a bad idea to have a block interval of 1min or even shorter. When the block interval approaches the network delay, we will have more forks and more work is wasted.
Ah, right. That makes sense! Kinda seems obvious, now that you've explained it  Thanks very much for the explanation. Follow-up thought: To avoid forking, it seems like the "best" PoW scheme would be one where block-finding times are close to the mean (i.e., variance is low). Since mining is essentially random, I guess the right mental model would be a renewal process -- almost Poisson, actually, but mining always gets more difficult over time. Makes me think that the multi-hash-function algorithms popular in altcoins right now (X11, X13, etc.) are inherently more prone to forking, because of the extra among-hash-functions variance. And, coins with random "superblocks" would be bad for the same reason. Hmm. I wonder if this is true empirically. No matter what algorithm you use, POW Mining is a Poisson process and the block interval follows exponential distribution. The variance is the square of the mean block interval. Since exponential distribution is the ONLY memoryless continuous distribution, it is the "best" and at the same time the "worst" we may have. http://en.wikipedia.org/wiki/Exponential_distribution |
|
|
|
I have read several times that proof-of-work solves the Byzantine generals problem. I am curious how it does so. A bit of Googling turns up this page: https://bitcointalk.org/oldSiteFiles/byzantine.htmlAs I understand it, the problem described on that page is that disagreements could arise among the generals due to network delay. Each time the plan is broadcast, the likelihood of the same disagreement arising decreases. (Exponentially, if the disagreements are due only to random chance.) However, it is not clear to me what role proof-of-work plays in this scheme. My understanding of proof-of-work is, essentially, that its purpose is to prevent sybil attacks, by making forgeries computationally prohibitively expensive, and of course I get that this is crucial for Bitcoin. But, it seems to me this is sort of an auxiliary problem: now, in addition to network delay, the generals are also faced with an enemy who is trying to forge messages. What I'm trying to figure out is, does proof-of work also address the problem of network delays? It seems to me that the chaining the plan hashes together solves this problem -- at least, from a practical perspective -- without needing proof-of-work. Yes, assuming all players are honest, the network must converge after sufficient time, since mining is a random process. Let's say the network delay is somewhere between 0s to 10s, and we have 2 competitive forks of the same length, fork A and fork B. Let delta be the difference between the time of finding the next block in the 2 forks. If delta is smaller than 10s, the network may not be able to decide the order of the the 2 blocks and the fork would continue. However, since mining is a random process, there is a chance (P) that delta is much larger than 10s. When this happens, the network will converge to the longest fork immediately. P approaches 1 as we wait longer. That's why it's a bad idea to have a block interval of 1min or even shorter. When the block interval approaches the network delay, we will have more forks and more work is wasted. |
|
|
|
|
Show Posts
