Bitcoin Forum
April 19, 2014, 09:00:44 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
  Home Help Search Donate Login Register  
  Show Posts
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 ... 190
901  Bitcoin / Bitcoin Discussion / Re: Can Bitcoin survive a real fork? on: April 30, 2013, 05:36:35 PM
Now and then, I start thinking that you might be confused by the polysemy of "fork".

The software can be "forked" by anyone at any time.  If their "fork" is compatible with bitcoin, then the world has two different clients for the same network.  The popularity of the two softwares will vary depending on how well they meet the needs of the users.  For now, call this #1.

If the "fork" is not compatible with bitcoin, then it is not bitcoin and the world now has two networks, each with their own client.  The popularity of these two networks will vary, depending on how well they meet the needs of their users.

The way these two networks differ depends on a choice made by the developers of the new software.  They can start fresh with a new genesis block and a new chain (#2A), or they can create a moment of divergence, where the blocks prior to that point are valid for both tines, while blocks after that are only valid for one or the other, this would be a chain "fork" (#2B).

#1 is encouraged, in a way, but difficult.
#2A is the standard scamcoin-de-jour model.  Note that no scamcoin has yet managed to develop any significant capital formation.
#2B has not yet been seen, and, as I've previously described, users of the not-bitcoin branch should expect the value of their holdings to evaporate quickly, making it unlikely to ever start.

Your last post seems to suggest that you are concerned about a #1 fork turning into a #2B fork.  It will not happen, because the gravity of bitcoin resides not in the whims of the developers, but in the economic power that has grown up around the network.  By last fall, bitcoin had grown big enough that the economic mass of the system was able to band together to hire a full time programmer, and several other people were making a decent living off of donations for their contributions.  Who knows where we will be by next fall...

Bitcoin the software project can live or die without consequence, but Bitcoin the network is probably self-sustaining and immortal at this point.
902  Bitcoin / Bitcoin Discussion / Re: Can Bitcoin survive a real fork? on: April 30, 2013, 04:55:28 PM
I'm more into question how would situation when there massive loss of connectivity between geographical areas, namely continents be handled?

In case of no-double spends the end result is just incorporating transfers to longer block chain. But if there were double spends or sufficiently long delay that some blocks were spendable it would be real mess...

As global currency bitcoin is rather fragile, depending a lot on cotinuing existence of Internet...

If aliens cut the planet in half, we'll have bigger problems.

Considering the relatively low amount of network traffic needed to move blocks around, that is about the most likely scenario.  No other network severing would be complete enough to cause those problems.
903  Bitcoin / Development & Technical Discussion / Re: How to parse blocks on: April 30, 2013, 04:32:06 PM
I haven't upgraded to 0.8 on my development box yet, so I haven't had a need to peer into the new block files.  Are they the same format as the old ones, just smaller, or did they get changed?
904  Economy / Service Discussion / Re: What happened to block 1551? on: April 30, 2013, 03:42:36 PM
It means that blockchain.info, which is totally not "the blockchain", used a parser that assigned index numbers that have no relation to the sequence in the chain.

Can we get a stick at the top that "blockchain.info != blockchain != bitcoin" ?  I'm getting tired of these threads in here.
905  Economy / Service Discussion / Re: Bitcoin Foundation says my computer is infected? on: April 30, 2013, 03:30:14 PM
Or maybe you should google cloudflare.
906  Bitcoin / Bitcoin Discussion / Re: Bitcoin: some more dark scenarios on: April 30, 2013, 03:28:50 PM
I wish we had a "time out" room where we could stuff people that try to advertise their crappy blogs on these forums.
907  Bitcoin / Hardware / Re: [Avalon Asic] trade-in Thread on: April 30, 2013, 01:47:38 PM
Ditto.  I paid full price for my batch #2 order, and I want my trade-ins to be more units at the discounted #2 dollar price.
908  Bitcoin / Bitcoin Discussion / Re: Canada Taxing Bitcoin Transactions on: April 30, 2013, 01:45:40 PM
Frankly, I don't think bitcoins are practical because you you cannot make change with them though I can see exchanges with one half of a bitcoin in the future. Perhaps bitcoin bytes of .01 are not far off.

Huh
909  Bitcoin / Bitcoin Discussion / Re: Can Bitcoin survive a real fork? on: April 30, 2013, 01:18:48 PM
Wouldn't it have been easier to just read one of the other hundred threads on this topic?

There is no voting.  If a change doesn't get overwhelming support from the community, it doesn't happen, partly for reasons that you mentioned.  Also, the minority chain would be worthless, because any merchants that switch to it will be flooded with people dumping their holdings.  Those purchases would be free, because the people making them don't care about holding coins in that chain, which will cause the value of coins on it to plummet.  This will be particularly severe with changes that go against the monetary policies established in the main chain, like inflation or theft (you call it recycling, but we call it theft).

"If a change doesn't get overwhelming support from the community, it doesn't happen" that sounds like voting to me.

And thanks for elaborating the seriousness of a project fork.

If it is a minor fork, where only 10% of the miners left, their chain will die naturally like how you reasoned.

However, if it is a not so minor fork, such as a 30-40% split, the chance of Bitcoin collapsing will be much higher.  Because you can't be sure who else from the majority camp will betray.  They are equally likely to dump all the coins on the majority camp, and "deflect" to the other one.

If it is a 50-50 split, both will die.

But, it won't be a 50-50 split, at least not in terms that matter.  It won't even be close.

I'm not sure why this is so hard to understand, but the capital that has formed around bitcoin likes the current rules.  The economic power of the system is not going to move from a good system to a shitty one, no matter how many people want to go looting.

The whiny crybabies simply lack the ability to screw with the main chain, but the people staying with bitcoin will be able to utterly destroy the fake one.
910  Bitcoin / Bitcoin Discussion / Re: Can Bitcoin survive a real fork? on: April 30, 2013, 12:23:17 PM
Wouldn't it have been easier to just read one of the other hundred threads on this topic?

There is no voting.  If a change doesn't get overwhelming support from the community, it doesn't happen, partly for reasons that you mentioned.  Also, the minority chain would be worthless, because any merchants that switch to it will be flooded with people dumping their holdings.  Those purchases would be free, because the people making them don't care about holding coins in that chain, which will cause the value of coins on it to plummet.  This will be particularly severe with changes that go against the monetary policies established in the main chain, like inflation or theft (you call it recycling, but we call it theft).
911  Bitcoin / Development & Technical Discussion / Re: Tx fee applied when not expected on: April 29, 2013, 11:31:39 AM
Just out of curiosity, did you use sendtoaddress?
912  Economy / Economics / Re: = Grand Unified Solution to Lost Coins, Hoarding, Deflation, Speculation = on: April 29, 2013, 11:17:43 AM
A business can not get a wash on selling its product at a lower costs for 'more valuable money' because businesses have lots of FIXED COSTS that are on CONTRACT (not least of which is labor, energy, building lease).  Those fixed costs remain in fixed nominal currency units meaning they explode in real costs and eat away all the profit margin that may have existed even if marginal costs to make each widget are at parity with new marginal sale prices of widgets.  So the business is destroyed by deflation and if you had 1 sentila of knowledge about real business you would know this.

What new bullshit is this?

By this logic, inflation (the reality we all live in now) would lead to the destruction of every supplier of the business, the businesses on the other sides of those contracts.  After all, contract prices are fixed and absolute until the end of time and can nether be renegotiated  as needed nor written to compensate for changes in the value of money.

And yet, here we all are.  Derp?
913  Bitcoin / Development & Technical Discussion / Re: Limits to accepting a new longest chain to prevent >50% on: April 29, 2013, 03:16:39 AM
Personally, I am not convinced it is needed.

There was so far... about 2 "emergencies" with the blockchain (that "generate a lot of bitcoins" bug, and the doublespend in the recent fork) none of which were exploited by a real malicious party.

As far as I can tell, many major banks have a less stelar record.

It doesn't seem to me that bitcoin's "the hashiest chain wins" approach is "broken", so maybe we should refrain from "fixing" it.

My issue was always that I didn't like the idea of a hidden chain attack.  If someone has a bunch of hashing power (very unlikely) and generates a chain offline, then publishes it, overturning a huge number of blocks, we pretty much just have to sit and watch.  Of course, we can then intervene after the fact to put it back.

But it seems like a better way would be to devise a scheme where the attacker would be unable to keep their longer chain secret.  That is why I like the exponential difficulty method.  Under ordinary circumstances, and even honest chain forks, the network would operate as usual.  But a high powered attacker is fighting against the clock, and people can look at the number of blocks protecting their transaction, calculate the exponential, and evaluate the risk with something more closely approaching certainty.

The cost is, however, that the notion of correctness gets a little fuzzy.  I still think that it is better to protect the network as a whole, in exchange for individual nodes needing manual intervention during some attacks.  Gmaxwell gives the opposing view, which is widely shared.  It is a really critical part of bitcoin, and won't be tweaked lightly, if ever.
914  Bitcoin / Development & Technical Discussion / Re: Deterministic Wallets and ECDSA on: April 28, 2013, 03:16:29 PM

My understanding is that if either k or dA are NOT truly random an attack could be performed.

Your understanding is wrong. This has nothing to do with the internals of ECDSA, if the keygen that's used to create the privkeys uses pseudorandom bits instead of truly random bits, and there exists an efficient attack in the pseudorandom case, then this implies that the pseudorandom generator (SHA2 in our case) isn't actually pseudorandom. You can see this phrased as a formal proof here: https://bitcointalk.org/index.php?topic=19137.msg771903#msg771903

Where my understanding came from is the Sony playstation hack. My understanding is that since the random number k was repeatedly used the hackers were able to determine dA. My thinking was that if a deterministic algo changes dA in a predictable way, it makes the attack harder, but not impossible (somewhat like a timing attack).

You've given me a great starting point for a better understanding. Thanks!

You are quite correct, if dA was predictable, it would be possible to break.  A lot of effort went into making sure that dA was not predictable.
915  Bitcoin / Development & Technical Discussion / Re: Deterministic Wallets and ECDSA on: April 28, 2013, 02:50:37 PM
Also, careful implementations design their generation functions so that even if a few private keys leak, the sequence as a whole is not compromised.

If one particular privkey leaks and its corresponding chaincode also leaks, then the entire subtree that's rooted at that particular privkey also leaks, meaning that all the privkeys in that subtree of the HD wallet leak. And even worse, if that particular privkey was derived via type-2, and the parent chaincode leaks, then its parent privkey also leaks.
This means that if the HD wallet uses only type-2 derivations (this won't be the case in the default HD wallet layout), and the chaincodes aren't kept secret, then leakage of a single privkey implies that the entire HD wallet leaks.

As usual, the biggest problem in PKI is key management.

I do remember when the debate got around to which information you needed to give to a webserver so that it could generate public keys to hand out as addresses, and the consequences of the loss of such information.  I wasn't really paying attention by that point.
916  Economy / Economics / Re: Does sales tax mitigate the benifical effects of the devision of labor? on: April 28, 2013, 02:44:22 PM
Either there is a sales tax levied just once in the chain (either at the wholesale or at the retail level), or else there is a value added tax levied at every level in the chain (but each player claims back the tax they paid to their supplier).

This. The retail sales tax is just that, only at the retail level. (If you look at the law, technically it's the business that's supposed to pay that, they just pass it along like good capitalists.)

Businesses pass all of their costs on to their customers.  That's how business works.  At least they are nice enough to show you how much of your bill is going to the state.
Yes, didn't you see what I wrote? "like good capitalists" Smiley If you got an anti-capitalist vibe from that, my apologies. It certainly wasn't meant that way.

Heh.  It did seem like sarcasm to me.  No worries though, my post just clarified.
917  Economy / Economics / Re: Does sales tax mitigate the benifical effects of the devision of labor? on: April 28, 2013, 02:34:19 PM
Either there is a sales tax levied just once in the chain (either at the wholesale or at the retail level), or else there is a value added tax levied at every level in the chain (but each player claims back the tax they paid to their supplier).

This. The retail sales tax is just that, only at the retail level. (If you look at the law, technically it's the business that's supposed to pay that, they just pass it along like good capitalists.)

Businesses pass all of their costs on to their customers.  That's how business works.  At least they are nice enough to show you how much of your bill is going to the state.

Also, most (all?) states have use taxes.  If you buy something online, and the online store doesn't collect taxes for your state, you owe that tax, and are obligated to report and pay it.  In most states, the two are combined into a "sales and use tax" statute that makes it clear that it is the purchaser that is obligated to pay the tax, even if the vendor is kind enough to collect, report and pay it for you.
918  Bitcoin / Development & Technical Discussion / Re: Deterministic Wallets and ECDSA on: April 28, 2013, 02:07:53 PM
k is chosen randomly for each signing.

As for the private key, those are secret to begin with.  Also, careful implementations design their generation functions so that even if a few private keys leak, the sequence as a whole is not compromised.  There was extensive debate on the subject a while back that you can probably find with some searching.

Armory's implementation is very solid.  etotheipi is a bright guy to begin with, and he solicited input from the community, and paid attention to what he heard.  The BIP for deterministic wallets was done the same way.

If I recall correctly, the function is something along the lines of pubkeyi+1=sha256(G*pubkeyi*rootkey).  Using bitcoin means that you already trust that both sha256 and EC multiplication are irreversible, so you should feel pretty safe using the sequence generated from this.
919  Bitcoin / Bitcoin Discussion / Re: Breaking News: Satoshi sighted as member of "the Foundation" on: April 28, 2013, 04:17:40 AM
As usual, this is a pure troll thread, caused not by an evil conspiracy to control bitcoin, but by a too-tight tinfoil hat.

Not so.  If they desire to be transparent they'll produce the legally executed articles of incorporation.  They could legally assign ownership to an individual that provides a key, but why wouldn't they produce the signed agreement?

They need to let us know how transparent they want to be!

You "do contracts all the time"?  That must be hard for a guy that apparently can't read.

There is no ownership.  That means that there was no "legally assign ownership" either.  Members are not owners.  You seem to have missed that in my previous post.  Is bold enough, or should I change the font size too?

At least you have stopped thinking that corporations are created by contract.  You may get your merit badge in internet lawyering yet.
920  Bitcoin / Bitcoin Discussion / Re: Breaking News: Satoshi sighted as member of "the Foundation" on: April 28, 2013, 03:52:43 AM
So, if i understand correctly, half of you are saying it's completely okay to incorporate in the US with pseudonymous and not undersigned entities listed as Founding Members? And handwave it "oh, they are just honorary"?

U.S.  law has absolutely no concept of "founding members", nor of "members".  Corporations have owners (shareholders) *, directors (the board, typically elected by the owners) and officers (president, CEO, CFO, etc, typically appointed by the board).

In the US, corporations are typically formed as shells with generic bylaws by people that specialize in such things,   I have no idea if the foundation was filed that way, or directly.  Doesn't matter even a tiny little bit either way.

The foundation board is divided into classes for various reasons, for example, to ensure that the entire board isn't corporate members.  This is pretty common for nonprofit entities.

Being listed as a founding member means two things.  First, if he steps forward to claim his membership, he won't need to pay any dues.  Second, if he wishes to be on the board, it will be very easy for him to do so.

As usual, this is a pure troll thread, caused not by an evil conspiracy to control bitcoin, but by a too-tight tinfoil hat.

*  Nonprofits are an odd exception to this.  They don't have owners or shareholders, they have stakeholders.  Read that again.  No owners.  Or, owned by everyone, if you prefer to see it that way.  Since there are no owners, the bylaws indicate how the board is elected.
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 ... 190
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!