No. The scriptpubkeys are under signature, otherwise you could just steal the output of people's transactions.

All of the mutants possible are functionally identical (ignoring the node-local rules that may refuse to relay some forms, and the txid).

The only safe way to reissue a transaction is to double-spend the original transaction in progress. This eliminates the entire class of user-got-paid-twice vulnerability. To do otherwise is insane: You're giving someone a check, and then a second check— and never canceling the first.

You overstate your case, unless you wish to argue that Satoshi was not competent.

In any case, the reissue fraud is more or less independent of mutation.  The way you protect yourself against double payment when reissuing is that you must spend at least some of the same coins so that only one transaction or the other can get mined.  If you do this, no amount of mutation will result in funds loss (though it might confuse people!),  if you don't do this then you can still have payments doubled up even with no mutation at all.   (E.g. first payment delay, second authored, second gets confirmed, first gets rebroadcast and makes it in too).

Allowing fraud?  Thats exclusively a problem with Gox's transaction handling practices and really has little to do with malleability (which is a long known, usually minor, issue in Bitcoin which is slowly being fixed).

The issue is that fraud is made possible by _failing_ to double-spend when you cancel or reissue a transaction. If you do correctly double-spend then the fraud cannot occur regardless of the malleability. If you don't, it can occur, again— with or without malleability.

See also: http://sourceforge.net/mailarchive/forum.php?thread_name=CAAS2fgTx8UzQiocyNMfMNkt2uUZRTmhagb2BY9TPuAupVjVa2g%40mail.gmail.com&forum_name=bitcoin-development


And you'll note that page is citing a forum thread from 2011.  Bitcoin v0.8 rolled out the first round of fixes to eventually remove malleability way back then too... and we've seen bouts of amounts of malleability use on the network, back in 2012 if not sooner— I haven't grepped my logs.

After the gox announcement? Have fun.

Withdrawn.

Withdrawn.

Because there are several trivial DOS attack against honest users of the network / nodes that arises if you prioritize non-zero-but-effectively-zero-fee transactions over high priority ones.  Miners are free to customize the threshold defined as effectively zero— it's a published and supported configuration setting.  Personally, I turn it up a bit— I think I am better rewarded in total for doing so.

I didn't get the people asking me multiple times to skype after I politely declined— not going to be running some binary-blob intelligence surveillance tool on anything in my home if I can avoid it.

I understand that people are concerned about safety— and you should research the people you trade with or ask to use bitrated.com. Skyping with them will be little actual protection.

Right now the demand for these trades is so great that I'm needing to raise my rates above what I'd prefer otherwise just to rate limit the flood. I am willing to split up the transfers to help people feel more comfortable but I'm not going to jump through a bunch of additional hoops.

(Though I am fine with IRC, feel free to /msg gmaxwell)

FWIW, I can vouch that at least some of these newbies have actual goxcoins to trade.

[Out for the evening again]

[offline for the evening]

Ugh. Cryptocurrency. or at least Bitcoin at a minimum—  is _NOT_ about "democratic consensus" cue the trope about democracy is wolves voting to have the sheep for supper. Democratic consensus is a terrible way to handle things, but sometimes its the best available of all possible terrible ways to handle things, but that doesn't make it good. Ideally people could operate on a purely consensual basis and never be coerced just because someone amassed superior numbers.  "Democracy" is particularly intolerable, however, when voting power isn't tied to people-with-shared-interests but is instead tied to spending (as it must be in a POW blockchain consensus).

In Bitcoin the rules of the system are fixed in the software and autonomously enforced by everyone, without reference to any consensus. No simple majority of users or miners can change them, they are as immune to a majority tyranny as anything we know how to make. Sadly the whole system can't work on this alone, since there is no known decenteralized way to autonomously decide transaction order, but it is only in narrow-as-we-can make it way that we compromise on that.

You do not make your proposals look good when you justify them with such vulgar misunderstandings of the structure and motivations that enable Bitcoin to be (possibly!) viable.

No, in fact, we are not. Please pay attention to what maaku is saying, he is drawing distinctions which you are missing and which— if you continue to miss— will be fatal to your project.

Addresses and version bytes don't exist inside the bitcoin protocol, they're user facing things only.

That doesn't doesn't sound like the kind of assumption permitted in a trustless decenteralized system. If you're willing to trust specific parties to do specific things— the design of paypal is far more efficient.

If you are hoping the value of BTC goes up— just buy BTC.  You will gain even more from that increase in value and eliminate the risks associated with mining. ... such as the current situation where cointerra not shipping.

Then go ahead and calculate it and stop wasting our time with half-formed speculation.  Plus, if you find one one can collect 0.35 BTC.

I'm still waiting, incidentally, for you to take me up on your past claims that you could crack 'random' ECC keys.

This is going a bit off-topic... but it really shouldn't be left unchallenged.

I think you're taking an exceptionally stupid position here.  You have a stack of USD, you could do at least three things:
(0) Sit on your USD and do nothing.
(1) Buy Bitcoin.
(2) But a Bitcoin miner.

If (2) yields less bitcoin than you would have gotten with (1) you are worse off in every way. The miner takes up space, consumes power, has shipping and delivery risks, and is just as worthless as the Bitcoin if Bitcoin loses value, but is far less liquid. You take all the risks of owning Bitcoin, multiplied by illiquidity, plus some hardware specific risks.

There is no scenario in which (2) is better than (1) if (2) yields less Bitcoin, not if bitcoin goes up in value, not if it goes down, not if bitcoin becomes worthless, not on a boat, not with a goat.

Unless you want to consider incompetent people with no self control who can't manage to buy and hold things on their own— in which case I'll gladly offer second signer service for multisig at far less of a loss than ripoff prices from asic hardware vendors and a lot fewer risks.

You're welcome.