[please]

I was thinking about HOW it is that we are in the situation we currently find ourselves in.

The miners seem to have taken ALL the power, and we let them.. Or have we..

When I try to digest the UASF and what it means, I picture someone standing in font of a row of tanks, holding a pea shooter.

I'm rooting for him (the Users), but I think trying to beat the miners (the Tanks) at this game, is almost impossible.

We need to remember that Bitcoin has a LOT of moving parts. And the BIGGEST piece.. is that we.. the Users.. PAY.

What I mean is, WE PAY the miners FEES, for mining our transactions, and that amount is now comparable to the amount that is mined for finding a block. ie.. It's a LOT.

Well..

We need to be able to construct a txn that can ONLY be mined by a miner that is signalling SegWit.. hehe.

Now currently - this is not possible, as there is no way of accessing the 'versionBits' in the Block Header (where SegWit Signalling happens) from a script. (Unless please please some one tell me I am wrong ?)

BUT - if we had a very simple 'OP_CHECKVERSIONBIT' function (Same as OP_CLTV basically - but for versionBits instead of nLocktime), then we could create TXN's that could only be mined by a miner that is signalling for something we want.. like SegWit.

THIS. IS. POWER..

I would like to see how many miners hold out, when all the juicy fat txn fees are being gobbled up by the segwit signalling miners.. And only the scraps are left for those not signalling..

As I said - I don't think this is possible right now - but in future - I think it is something we should set up, so that when (not if) this situation arises again.. we can make our wishes known, in the strongest possible way. With our money BTC..

..

Soo.. is this possible ? (Or are there nasty attacks that can be done with this..)

[please]

I was thinking about HOW it is that we are in the situation we currently find ourselves in.

The miners seem to have taken ALL the power, and we let them.. Or have we..

When I try to digest the UASF and what it means, I picture someone standing in font of a row of tanks, holding a pea shooter.

I'm rooting for him (the Users), but I think trying to beat the miners (the Tanks) at this game, is almost impossible.

We need to remember that Bitcoin has a LOT of moving parts. And the BIGGEST piece.. is that we.. the Users.. PAY.

What I mean is, WE PAY the miners FEES, for mining our transactions, and that amount is now comparable to the amount that is mined for finding a block. ie.. It's a LOT.

Well..

We need to be able to construct a txn that can ONLY be mined by a miner that is signalling SegWit.. hehe.

Now currently - this is not possible, as there is no way of accessing the 'versionBits' in the Block Header (where SegWit Signalling happens) from a script. (Unless please please some one tell me I am wrong ?)

BUT - if we had a very simple 'OP_CHECKVERSIONBIT' function (Same as OP_CLTV bascially - but for versionBits instead of nLocktime), then we could create TXN's that could only be mined by a miner that is signalling for something we want.. like SegWit.

THIS. IS. POWER..

I would like to see how many miners hold out, when all the juicy fat txn fees are being gobbled up by the segwit signalling miners.. And only the scraps are left for those not signalling..

As I said - I don't think this is possible right now - but in future - I think it is something we should set up, so that when (not if) this situation arises again.. we can make our wishes known, in the strongest possible way. With our money BTC..

I was discussing this the other day, and wanted clarification..

The answer that seems obvious, but I think is incorrect, is that the the chances of finding a block in less than 10 minutes are the SAME as the chances of finding it after 10 minutes. So 50%.

But I have seen stack exchanges about 'Poisson Distribution',  'probability density' and 'exponential functions' ..

And then e^-1 pops out at ~36%.. for the chance AFTER the mean. More than 10 minutes.
And  1-e^-1 at ~64%.. for the chance BEFORE the mean.  Less than 10 minutes.

Can't see how these figures were come by.. (the first e^-1)

Can someone explain it - thank you!

If / When / Once LN is active, will the miners make more / less / the same money out of the fees.. ?

The simple analysis says that larger blocks = more txns = more fees.

But that seems all wrong, as the fee market from FULL blocks is what is making the miners MUCH more money at the moment..

So - any ideas what will actually happen ?

Ok.

Jhonny's got 3 threads up about mean nasty Core and how they are destroying Bitcoin.

Here is my LAST attempt at explaining 'what is going on' rationally.

1) There is a 'buglet' in Bitcoin that means that you can construct a TXN that uses a lot of time to process / check. Let's not worry about what it is but agree that it exists. The larger the blocks the easier it is to construct this TXN, and IF we had 2MB blocks, right now, you could bring down the network. This issue is fixed with SeqWit. So Core thought, let's introduce SW first, THEN we can make the blocksize bigger. Safely.

2) Soft fork vs Hard-fork. The 'poison pill' Jhonny and Franky keep ranting about is actually because CORE thought that NOT forcing you to upgrade was a GOOD thing. This is a Soft Fork. It means if you don't upgrade - no problem. No Split. We all carry on as before, and all the clever SegWit shit will happen in a way that doesn't affect the old nodes. Safely.

3) Bigger Blocks would ALREADY be here IF we had just upgraded to segwit 6 fucking months ago. This ridiculous stalemate is what is causing this total cluster fuck of a situation.  Once we get SegWit.. oh mama.. ALL the clever things people have dreamed about can START to happen. AND Bigger Blocks!.. Safely.

..

If you are saying - NO! You Bast***ds! We want to jump ship to BU, which has a new consensus model, and software that crashes every 3 weeks, you are NOT acting SAFELY. Fact.

CORE are NOT your enemy.

.. Wake UP! (My New Chant..  ) .. before it's toooo late..

When will the first LTC SegWit TXN actually occur ?

Has it already ?

https://cointelegraph.com/news/bitcoin-unlimited-suffers-biggest-node-crash-on-record

Anyone ?

[market]

The market has decided. Whether or not you have.

Core, BU, Classic, XT.. blah blah blah.

You can't fight the market. Or you'll lose.

And right now.. we're ALL losing.

[finally]

Please no chat about who is right - BU or CORE. We've had that discussion 1 million times.. (Feels like more actually)

There are now 2 camps, with big red lines drawn up.

So.. GET ON WITH IT.

We're so 'scared' about what might happen - that we have forgotten that blockchains FIX THIS EXACT PROBLEM.

BU should fork - pick a block number and get on with it.

CORE should fork - pick a block number and get on with it.

THEN - finally - WE THE USERS will get to choose, by buying and selling on the exchanges and using the coins - who is the REAL bitcoin, and who is.. dead. Lol.. no, both coins may survive, ETC is still ticking, BUT - WE THE USERS will decide which one is the dominant coin.

Not the Miners. (Who cares if your hash rate is high if the users are using a different coin)

Not the Developers. (You can bring a horse to water..)

It will be US. The USERS.

This is good news..

So lets DO. IT.

ASAP (..before we all die of old age.. and boredom.. or worse .. LTC..)

 

All this panic and vitriol really isn't necessary..

BU vs CORE, big blocks vs SegWit blah blah blah.. .. ALL the people who live outside of the little bubble most of us live in, here, have NEVER heard of any of this.

lol.. they sort of look at me blankly and say : Whhhaattt ? .. er..  So there are 2 Bitcoins ?

I then say - no, not yet...

And then we start talking about something else.

They HAVE heard of Bitcoin though. (And they haven't heard of any other coins I might add.. too much information for them)

..

Honestly - I think we get a bit toooo wrapped up in it. Stroking our 'precious' Bitcoin..

We need to get out more. 'BitBoy' will still be here when we get back.

..

..I'm off to the park.

(ps. Just sent some mBTC.. they received it instantly on their phone (as always - just not confirmed).. an hour later I had 3 confirms.. Mempool down to 2MB.. meh.. all systems seem to be back to normal.. really not sure what all the fuss is about.. hehe)

[serious power]

We are 1 soft fork away from serious power..

WHEN we activate SegWit (Nov 15 at the latest. BIP148) - is when the real action starts.

A lot of people panicing and jumping ship to inferior other coins. Let them.

The GENERAL PUBLIC knows of only 1 coin. Bitcoin. If you think they'll switch to another coin, forget it. Far too confusing..

The MARKET has made it abundantly clear that SegWit + LN is the way to go.. (Price goes UP when CORE do well, price tanks when BU scramble)

..

Times are tough at the moment. Tensions are running high.. BUT..

Don't Panic.

Hang in there.

We are soooo close now..

https://cointelegraph.com/news/bitfury-mines-its-first-segwit-block-armory-says-no-to-bitcoin-unlimited

I was wondering where this latest little pump was coming from..

And - BIP148 goes LIVE whether you're with us or against us on November 15th 2017.

Game ON!

..

Shaolin Fry (author of BIP 148 ) explained:

“Segwit increases the blocksize, fixes transaction malleability, and makes scripting easier to upgrade as well as bringing many other benefits. It is hoped that miners will respond to this BIP by activating Segwit early, before this BIP takes effect. Otherwise this BIP will cause the mandatory activation of the existing segwit deployment before the end of midnight November 15th 2017.”

Goatpig (Bitcoin Armoury) wrote:

“I disagree with BU's primary principle that the block size should be decided by user and miner vote. I disagree with the block size hard cap on the grounds that it is a magic number. Voting on a magic number does not improve upon this limitation. The only acceptable solution in my eyes is an algorithmic one. To imagine a technical metric is best discovered by popular vote is wishful thinking at best.”

Just curious what people think..

Because if you think Bitcoin is worth more that UBER.. the 20Bill market cap seems a little low / irrelevant.

Articles of Federation of BU :
https://www.bitcoinunlimited.info/resources/BUarticles.pdf

I. All Bitcoin Unlimited (henceforth BU) activities shall be
recorded and be publicly accessible.

BU's current solution to the latest bug :
https://np.reddit.com/r/btc/comments/60rmir/updated_binaries_for_bitcoin_unlimited_for_linux/df8s90n/

..WTF!?

You want me to run closed source code which has access to MY Private Keys  !? Right.. err.. just sooo wrong on sooo many levels.. (And don't start with this ZERO day attack crap has to be closed source.. either you're ready for PRIME TIME.. or you're NOT.. Which is it?)

..

COme On gUys.. PLEASE WAKE the F**K UP!!

This BU as a Separate Code Base - IS NOT GOING TO WORK.

Either write the TINY patch file required to make BU work (for TINY it is), on the VERY latest version of CORE - OR PISS OFF.

It's getting embarrassing now..  

Any good will you had from me.. is slipping away fast.. (BUT not as fast as the price of BTC will tank if this madness continues)

[Quick recap]

if Bitcoin Unlimited want a shot at the title, then IMHO this is the way forward.

Quick recap :

BU does not change the protocol, it is really a GUI change, and a couple of other 'minor programmatic' changes, that lets miners play with MAX_BLOCKSIZE.

they get 3 options :

1) Miner fully accepts the block, and builds on top of it.
2) Miner relays the block - but doesn't build on top of it.  Sees what happens, and joins in if enough other miners build on it.
3) Miner rejects the block.

Pretty simple actually. Elegant even..

So,

BU should be JUST a patch file. That's it. That can be run on the latest version of CORE.

Then when CORE release a new build, BU updates it's patch files.

So that BU is always running off the latest version. (This is tricky delicate code here)

--------

Sorry lads - branching and trying to compete with CORE on a programmatic level, is NOT going to work. Admit it. Move on. grow stronger from it.

Compete with CORE on an ideological level - and you may have a chance.

( I'd be curious to know how small those patch files would be - anyone ? )

(please excuse the length of this post..)

Currently there is an issue with ACCT.

You can't lose your coins, but it is very easy for a user to pull out of a trade, before it is complete, and just have both users keep their original coins. The 'Jamming'..

Many of us have come to the conclusion that some kind of central server, that still cannot steal your coins, could be used to help in the transaction.

..

Alex has 1 BTC, and wants to trade with BOB who has 100 LTC. (or whatever)

The Current Method :

2) Alex create a TXN that pays out 1 BTC to BOB, if he can provide the pre-image of a hash, that currently only Alex knows. There is also a refund element that allows Alex to reclaim the coins at some point in the future, lets say 24hrs later.

3) Alex posts this TXN, and BOB now has to wait for it to be 'fully' confirmed. He cannot publish his txn until this has happened.

4) Once the previous txn has cleared, Bob knows that if he knows the pre-image of a certain hash, he -AND ONLY HE- can claim the BTC. (until 24 hrs is up)

5) Bob creates a txn that pays out 100 LTC to Alex, if he can provide the pre-image of the same hash as his txn. This way when Alex claims his LTC, Bob can claim his BTC. (with refund bits etc..)

6) Bob posts his txn, and Alex now has to wait until it is fully confirmed, before he claims his prize, the LTC. Thus revealing the pre-image, and allowing Bob to claim his BTC.

There is no guarantee that Bob will publish his txn, as the price may have gone down, and if that happens both parties just get their coins back.

There is no guarantee that Alex will infact claim the LTC, by revealing the pre-image, as the price may have shot up!, and if that happens both parties just get their coins back.

..

To force Alex to reveal his pre-image I propose another txn be published.

Alex creates a txn that pays Alex say 5% of the original trade value, if he reveals the pre-image. And if he does not, after X amount of time, Bob can claim these coins. Lets call this the 'Hash-Force' (HF) txn.

SO in this case Alex would create a txn that pays 0.05 BTC to Alex(himself) if he reveals the pre-image, and using CLTV, after a few hours Bob can also claim those funds, if they have not been claimed already.

This would force Alex to either publish the pre-image, by claiming the coins, or not publishing and letting Bob take the 5% fee. An adequate recompense for not going through with the whole trade.

..

Now the tricky bit.

Alex of course CANNOT publish the HF txn until he is sure that Bob's txn has cleared, as otherwise he would have his original txn and his HF txn out in the wild and Bob would be able to either claim the original 1 BTC, or the 5% HF txn, without paying any LTC. Also there is little point to having the HF txn if he does wait as he may aswell just claim the original LTC coins, thus revealing the preimge that way, or not publishing anything anyway.

..

Let's bring in a central server. SERV.

New Method :

1) SERV, Alex and Bob, all generate a random string, S, A, B, and then hash it. These are H(S), H(A), and H(B). The pre-images are kept secret.

2) SERV asks BOTH Alex and Bob to send it a very specific txn.

Alex sends a BTC txn:

<txn>
    <1 BTC output>
           <PAYOUT If signed by Bob and A in H(A) and B in H(B)>
                            OR
           <PAYOUT If CLTV is 24hrs in the future and signed by Alex>
    </output>
    <0.05 BTC output>
            <PAYOUT if signed by Alex and A in H(A)>
                     OR
            <PAYOUT If CLTV 2 hours in the future and signed by Bob and S in H(S)>
    </output>
</txn>

Bob sends an LTC txn:

<txn>
    <100 LTC output>
           <PAYOUT If signed by Alex and A in H(A) and B in H(B)>
                            OR
           <PAYOUT If CLTV is 24hrs in the future and signed by Bob>
    </output>
    <5 LTC output>
            <PAYOUT if signed by Bob and B in H(B)>
                     OR
            <PAYOUT If CLTV 2 hours in the future and signed by Alex and S in H(S)>
    </output>
</txn>

Notice that the HF txn cannot be claimed by the other party, unless they know S in H(S). Which only the server knows.

3) Once the server has received BOTH txns, it publishes them. Both.

4) Once BOTH txns have cleared and are confirmed, the server shares the preimage of H(S), S, with both parties. Now both users HAVE to claim their HF txn, or lose the coins, and thus enable the whole trade to go through.

If BOTH txns do not clear the server does not reveal the S in H(S). Deletes it. This way noone can claim the HF, except the original author, and both parties just get their coins back.

If both txns clear, then the first one to claim their HF txn, reveals the preimage they know and allows the other party to claim their prize, aswell as their HF txn, and thus allow them both to claim their coins.

The 'Jamming' issue has now been relegated to one point, only at the very beginning, where one party could try and double spend their coins before they clear. In this case, and not knowing S in H(S), both parties would just get their coins back.

If either party does not provide their txn at the beginning, then neither txn is published, and no coins are jammed. It would be almost instant for the users to provide these TXNs, so if someone fails to do it, the server can just kick them out and move to the next user.

..

The Issue :

Everything works, EXCEPT if the server gets hacked. Then it is possible for one party to claim the HF txn, as they will know the S in H(S), and make sure that their txn is not published.

It is still not possible to steal the actual trade funds.

..

I am not sure if this can ever be made 100% atomic/safe.. can anyone think of anything (S in H(S) done differently)?

Making the HF txn 1% may make it less annoying (the server would have to be hacked after all, so I don't see this as a common occurrence..), but it's still not right..

Anyone ?

 

Lot of chit-chat about ZCASH. It is certainly a very exciting project, but all projects have pros and cons.

Here are some technicals to digest.

1) ZCASH has a special txn, that allows you to send coins just like Bitcoin, but the sender, receiver and amount are all hidden using a Zero Knowledge Proof.  

2) ZCASH has a technology that has to be 'initialised' by first creating a public/private key pair. You keep the public key, but delete the private key .. You must TRUST that 'they' (the devs) have done this. (I think keeping them would be toooo dangerous, so I don't think they are lying about this.. ) To be fair they have done https://z.cash/blog/the-design-of-the-ceremony.html to mitigate as best they can. Basically many people are involved, in many geographical locations, and no-one knows the 'whole' truth.

'With the MPC protocol, as long as at least one of the participants successfully deletes their private key shard, then the toxic waste is impossible for anyone to reconstruct. The only way the toxic waste can be reconstructed is if every participant in the protocol were dishonest or compromised.'

If ANYONE ever has those 'special' numbers they can create money on the network, they can't steal yours, but it is IMPOSSIBLE to tell..

3) ZCASH's accumulator (the thing that allows the Zero Knowledge proofs) cannot currently be pruned. You must keep track of ALL the spent hidden outputs. They may find a solution, but none has arisen yet.

4) Currently the ZCASH devs take a 20% cut of all the coins that are mined. (I mention this, because, well, hmm..)

------------

Currently Bitcoin is 'only' pseudonymous, but..

1) Bitcoin has 'Confidential Txns' (CT) working on a side-chain, this hides the amounts that are sent, but not the sender and receiver. It may someday be integrated into the main net. No trusted setup is required.

2) CT + Coin Join (and maybe OWAS - a new technique that may allow a whole block to be coin-joined trustlessly), gives a smaller anonymity set. You would know that one of these addresses has sent 'some amount' to one of these other addresses. If you are using OWAS, the number of addresses used in the coinjoin could be the number of txns in a block. Otherwise normal Coin Join / Coin Shuffle rules apply.

3) Bitcoin is fully pruneable. And so are the CT txns.

..

So.. all in all.. pretty exciting really. If nothing else it lights a fire under Bitcoin's ass. ;p

Well - September is upon us..

I was under the impression that the 'cool' tech Blockstream has been plugging would be integrated by now.

Any news on how it's all progressing ? When we will have something to play with ?

(I know - it's ready when it's ready.. just curious since it's been a bit quiet of late)

[technical]

This post is to discuss the technical reasons why the DAO attack was possible, and if that 'flaw' is 'systemic' in ETH. Let's not just slag each other off please..

I held ETH, no more I'm afraid (The FORK  ), and I hold some Augur REP (which you can't dump yet).

The issue that allowed the DAO 'attack' is VERY low level.

Basically, the way the ETH EVM functions, when you send ETH to an address it executes some code. The 'contract' for that address. The problem lies with the fact that THAT contract can call back to the original contract, recursively, and screw with the internal states.

You may think - OK, now you know this, just write the smart contract so that it doesn't matter. Hmm.. if only it were that easy.

The DAO/ETH devs tried to fix this issue in the DAO 1.1, after the flaw was found in DAO 1.0.  They couldn't fix it. The problem is so 'pernicious' that EVEN VITALK HIMSELF could not find a solution to it (I can assure you he was involved in trying to fix it). And whatever you may think of him, no-one knows more about ETH.

So then you think, OK - Hard fork that 'ability' away. No more problem. Hmmm.. if only it were that simple.

This is really very VERY low level in the ETH EVM. The whole point is that you can call functions in other contracts. You cannot simply remove this, without fundamentally changing everything..

This does not bode well.

How can Augur ensure that it is not riddled with similar issues - from a programmatic level ? ( It can't is the honest answer )

How could this be fixed - 'technically' ? (If Hard Forks are the order of the day - at least make them count, and fix this issue)

..

For instance - What if you said that you cannot call functions in other contracts ? And that the contracts running on ETH have to be completely self-contained ?

Would that fix it, and would ETH still work if you did do it ?

ps - we may be talking about ETH's successor here.. What to do differently for version 2.0 (from a technical point of view)..

[thing]

With all this doom and gloom about the ETH/DAO thing I wanted to remind everyone of the incredible sequence of events that lead to this event.

It's pretty mind-blowing.

1) Super genius writes Bitcoin

2) Another Genius writes Ethereum.

3) Smart dudes write unbreakable mega-corporation AI Contract code that runs on Ethereum

4) $200 fraggin' million! dollars!! gets pumped into this virtual beast. By people.

5) uh oh. Problem. AI Mega-Corporation has Death Star style flaw, where tiny rogue fighter can destroy entire base.

6) Tiny rogue fighter runs off with 50mil.

7) Now 'dudes' have to break into unbreakable AI Mega corporation, fix the AI brain, 'teleport' the money back, and get out before the rogue fighter enters Hyperspace. in about 10 days.

8 ) First attempt was crash and burn on discovery of serious DOS attack vulnerability. Blood bath.

9) Second attempt. The dudes fingers start to bleed as they code. And code.. into the night.

10) ...

..

Phew. You could not make this shit up.

Come on, it's pretty awesome.

Part of me is starting to root for the humans.