Since it's obvious, you won't mind citing concrete evidence in the form of links to posts or interview clips with any developers of Bitcoin core that provide any support for that statement?

Because as far as I can tell all the commiters and frequent contributors (*) _hate_ shitcoins and nfts and such-- and what you're saying is a flagrant lie.


(*) I specify commiters and frequent contributors because it's an open project that accepts contributions from pretty much everyone, even at times people that most of the contributors hate. If the standard is just any rando that submitted a patch here or there then you say that literally all of them are also speak for knots.

I mean any kind of scheme you can just cube x  and get a value which is the same for P, P*lamba, P*lambda^2,  essentially giving you 3x the effective table size but the speedup is only useful when the point in question is equally likely to be found in one of those groups.   When people DLP solve on secp256k1 it's always in a restricted range because the whole group is far far far too large.   So the only way someone is going to be able to successfully solve P=xG is when x is in some small range, generally... there are real cases (and lots of silly challenges) where that happens,  for the automorphism to be useful the restriction needs to be x is in [range]*{1,lambda,lambda^2} which is a lot more contrived than x being in a range to begin with.

And the inconsistent gaps between blocks aren't a flaw or negative, they're absolutely fundamental to the consensus process converging at all.

To illustrate, here is a toy example: lets imagine that instead bitcoin worked such that a miner always finds a block exactly 20 minutes after the last one they found.   Imagine there are two miners and their finds are well spaced so the network is finding blocks every 10 minutes and it all seems fine.   But then there is a disruption and one miner goes offline for a bit,  and after that they're both finding blocks just 10 milliseconds apart. But the network delay between the two parties is 80ms, so they always see their own block first.  This system will never converge again! both miners split into their own chains.

The fact that mining is a possion process is what makes mining eventually converge.  Miners might happen to find blocks very close togeather in time, faster than their propagation and processing time, such that they're tied.  It might even happen that they're 'tied' for multiple blocks.  But eventually someone gets very lucky relative to someone else, the tie is broken, and one chain wins out.

Another issue with the kind of issue with the idea in this thread, -- far less substantial than the fact that the whole thing doesn't work and would just allow a total network takeover-- is that the miner's who _can't_ mine next can't honestly participate and so their economically best move may be to just go try to mine another fork of the chain back from a prior point where they could participate. Imagine that their power is very cheap or free and their costs are mostly centered in their now-idle mining hardware.  They're going to want to put it to use somehow, and if they can't use it honestly some may attack.  Not a good incentive!

If you meet Satoshi on the road, kill him

Nope.

Exactly. I am existing miner only add my own addresses and lock out all others.  No one else can tell these other addresses are also me.

I mine. I ignore announcements of anyone elses address. I just generate more of my own addresses to keep adding.  After a little time only I can mine.  All your blocks are belong to me.

If "announce stuff" was sufficient for this there wouldn't need to be a blockchain at all.

huh this thread is all confused. there is no opcode that takes the message to be verified from the stack. CHECKSIG checks a signature of the (masked) transaction.

Can you explain where this question came from and why you thought there existed a operation that took the message hash from the stack?

20% more Bitcoin was achievable from the largest dozen or so.  In theory if you managed to nail the high trading point of each of them more would be possible, but there were people who actually achieved a 20% gain.

Most didn't break pruning, so more like 10GB.   You could also in some cases use the same block files for the shared chain with some hacking around the version number handling.

I hated dealing with it, but then I computed the effective $/hr dealing with it was earning and I didn't hate it anymore.

I'm doubtful.  I think they pulled away a good number of idiots and fraudsters that otherwise would have been a greater nuisance in Bitcoin and depleted the funds of some fairly bad actors.  It's true that bitcoin sometimes gets blamed for stupidity in other blockchains but at least you can so "no, that was poocoin, not Bitcoin"-- which is a better situation than the same bullshit having happened in Bitcoin.

Question is did the benefits exceed the harms, I'm not sure.  But I do know that people having the freedom to actualize their beliefs (however stupid they are) is a fundamental good.  The same freedom that lets dumbass altcoins exist is what makes it possible for Bitcoin to exist.  I think we should give them some benefit of doubt.

It could be that the purpose of your blockchain was only to serve as a warning to others.

You might have also missed the redaction screwups that exposed that he and bitinstant were laundering money for the MTGox hacker, according to the US Government:  https://www.coindesk.com/consensus-magazine/2023/06/09/where-the-mt-gox-money-went-new-details-in-the-btc-e-exchange-case

But an extra subtext on a number of past events!

Easier to miss considering how much he's spending to bury that information and promote the impossible fairy-tale that it was retaliation for his idiotic book, which is prosecution long predates.

"Market cap" is a pretty dodgy figure to begin with, especially to compare things with very different liquidity.  But in the presence of substantial premines ETH or ultramassive premines like XRP, it's just an outright joke.

I could create some worthless joke coin with 100 septillion premined coins, sell one to you for a dollar and claim to have more market cap than not just all cryptocurrencies combined but all assets in the solar system.

Cryptocurrency marketcap trackers originally hard excluded substantially premined coins-- for just this reason--, but eventually the bribery won out.

As it is, it's all about suckering people into turning the issuers into billionaires.

K, I thought your message was easily misunderstood as an incorrect correction about how replacement. -- the response to you by Ian sure appears to have misunderstood it that way.

But in fact the behavior you were intending to describe existed when there was no replacement in Bitcoin at all.

Any time there transactions that will relay but won't get mined there is some potential for free relay though it's still a finite amount of bandwidth (as the inputs are tied up until they're knocked out by double spending or expiration).   I fail to see the relevance in this case, however, since widespread mining of the lower fee transactions preceded relay.   Due to the graph being incomplete probably some low fee transactions aren't relaying well, but even then there is a significant risk that they do get mined.

It's quaint to worry about trolls.   At least trolls generate activity and are potentially funny.   Trolls are tired.  All open public communities are being destroyed now in varying degrees by AI slop posts, most of which are the polar opposite of troll posts:  excessively boring and agreeable.

spoil sport.

The replacement logic requires the replacement pay at least the replacement feerate for everything they evict too.  The plural in BIP125 is not a typographical error.

Yeah, it's intractable-- you're supposed to run who knows what code ... even if you had a very good framework for isolating different coins code (and exchanges mostly don't) there is just an incredible risk of malicious or vulnerable forkcoin code.  If exchanges did regularly accept them there would very quickly be forks with malicious code intended to penetrate exchanges, steal private keys, etc.   Plus very good isolation is expensive.

It's quite easy to make custom signing code that causes the signatures to leak the private keys,  they can even do it in a way that is 'secure' so only the proper attacker can recover them (A 'no one but us' vulnerability, as NSA might call it).

During all the bitcoin fork mania I *rewrote* the signing code for each of the forks, in order to perform signatures with my own code to avoid the difficult problem of reviewing third party code.  It was a pain in the ass.

Amphenomenon, I think you've managed to confuse the thread.

In Bitcoin sometimes a block is created that doesn't make it into the longest chain.  This is unavoidable and has always occurred and cannot be avoided unless mining becomes completely centralized.  At the very least it happens when two miners find a block at close enough to the same time that they couldn't have heard each other's announcement.

Early in Bitcoin users called these things "orphan blocks" because when they were the miner of the blocks the coinbase payment to them would show as "orphan" in the wallet.  But it wasn't the block that was orphan, it was the transaction-- the transactions parent block no longer existed in the wallet's view of the chain.  Some people complained about the use of the term "orphan block" because that term was already in use in side the software for blocks whose parent wasn't yet fetched, because when bitcoin saw a new block it fetched backwards along the chain until it got to the genesis block.  Instead, they suggested people should use the term "stale block".  But the 'missing parent' usage of the term "orphan block" isn't something anything but developers were aware of because the parents always (eventually) got fetched and so users were never aware of these temporary "orphans".   Stale blocks however are common and are of some interest to users (particularly miners).   The term orphan block continued to be used to refer to stale blocks by users.  And whenever you hear someone say "orphan block" they are just referring to stale blocks.

This is especially true because the Bitcoin software was changed long ago so that 'orphan blocks' (ones where the parent isn't known) are just completely impossible:  Nodes now only fetch blocks when they're part of a header chain, and so the parents are *always* known.

Sites like BC.i were always plotting stale blocks, as "orphan blocks" would never have made sense to plot (as they were a purely local, transitory thing that mostly happened during initial download when a new block was found while you were still catching up).  Finding stales is hard because they have never propagated well, since the deployment of compact blocks in 2016 they propagated even worse.   Bc.i used to connect to thousands of nodes which would let them see many stale (which they called orphan) blocks but not all of them... but in more recent years bc.i seems to be largely abandoned and this statistic is not maintained anymore, unsurprising since it was always difficult to collect.

Probably at this point people should stop correcting on the difference between orphan and stale.  Now that orphan blocks (the not stale blocks) aren't even a thing anymore and haven't been for a long time,  the correction is probably adding much more confusion than it solves.

Indeed they are.

That site is just broken. It was always an indicator of stale blocks and there continue to be stale blocks today.

If I had to guess,  my guess would be that yet another stimulant abuser or AI addict convinced themselves that they could make themselves impossibly rich with this One Weird Trick.

It could also be, as people have suggested, a phishing attack intended to collect PII for targets of kidnapping and extortion--- but I think a clear minded kidnapper is likely to realize that their targets won't ever see the messages (except via media coverage) and is very unlikely to respond in any way and particularly unlikely to respond in any way except verifying that their keys are secure, likely undetectably.  And so, for the moment, drug or AI powered idiocy seems more likely to me -- crypto kidnappers aren't this dumb.

And, of course, as we saw with the nonsense of Wright and Ayre that they had no real difficulty finding serious professionals to help whitewash and otherwise enable their crimes... so the fact that they can manage to author spam transactions or make a webpage shouldn't influence our estimations of their credibility much (I'd say, "or spell" but as people have noticed, they seem to have hired some Nigerian princes for copyediting...).   I expect if we find a 'client' at all, we'll find some shady people with a recent death in the family who have been trying to quickly backdate a fake history of involvement in Bitcoin and general wealth. People with an atypical interest in AI, quantum computing, and various woo who think they are gonna strike it rich.

I've looked into the claimed BSV connection from the discussion here, and I can't verify it:   What I can see is that the origin of the funds used in this spam flood was a *recipient* of the pro BSV spam, but that isn't interesting because ~everyone was a recipient of that BSV spam. (of course, few know they were simply because wallets intentionally don't display any of these messages!).  Perhaps I just missed the transactions showing that they were a sender but I don't think so.  Without showing they were fairly directly a sender, without it hopping via some exchange wallets, then there isn't really a link.   Not that I don't believe that Ayre and Wright wouldn't try to reboot their prior heist attempt under a new guise, I absolutely do believe they will... but I just don't see the connection here yet.

Perhaps the most interesting thing about all of this is that their broadcast message essentially has them admitting to a crime:  They're farcically claiming to have "taken possession"  of thousands or tens of thousands of people's coins, each chunk worth at least 5 million dollars.  If anyone took any of this really seriously the first thing you might see is a federal lawsuit for conversion, naming Salomon Bros, their 'advisors', and some unnamed does asking the court to freeze their assets and accounts to secure 'return' of the supposedly possessed coins.  But of course, we don't see that, they haven't taken possession of anything.  The few targets who are aware have correctly identified this as crazy, criminal, or in any case irrelevant.

In spite of it being an unambiguous joke, that doesn't mean they can't do harm.  Like LoyceV suggests upthread, they may intend to appear unopposed in front of some ignorant judge and get some joke of an order to grab coins as they hit exchanges and other such absurd nuisance behavior.  Their targets can afford to take care of the threat should it arise, no doubt, but they shouldn't have to.

It probably would be better to shut down this fraud earlier rather than later-- simply because these things get more expensive to stop the longer they go on (see also Craig Wright!) but the Bitcoin community has often failed at being proactive about outside threats in the past, so I'm not holding my breath.

Stop using AI.  It is making you make errors, act stupidly, and is potentially making you mentally ill.  If you continue to post AI generated/influenced messages here I will nuke your account.

BCH has always had a different and incompatible signature format with bitcoin from the first day it existed.  Because of that is not possible for a signature created on Bitcoin to have ended up on BCH "due to a chain reorg, mempool desync, or hash collision" nor could it via any "or misinterpretation by miners".  If your AI tells you otherwise it is simply wrong, as they are frequently wrong about details.

What could happen is that a sender could have sent you BCH instead of Bitcoin due to confusion or intentional fraud and you could have failed to notice this due to confusion or being actively deceived.  This is possible because BCH did incompetently and recklessly clone Bitcoin's addresses (at least initially) so you could give someone a Bitcoin address but they could mistakenly plug it into a BCH wallet and send BCH instead of Bitcoin to a wallet that doesn't even use BCH, both depriving of recipient of the payment they expected as well as getting the BCH stranded.

But in this case there is nothing anyone here can do about it.  There is nothing any miner can do about it, not even if you offer them a thousand Bitcoin.  If they were to mine a block including it the resulting block would not be a bitcoin block, it would be invalid, and it would simply be ignored by all bitcoin nodes as if it never existed.

Your only recourse is to go back to the sender and ask them to make it right. If you were the sender then you still either have the Bitcoin, in which case there is nothing to do because you can just spend it, or you spent it elsewhere and there is nothing to do because you don't get to spend it again.