Last year, it wasn't funny at all when Mr. CZ came up with an idea of bitcoin's blockchain rollback (through the purchase of mining power) after Binance was messed up by a hacker, resulting in a loss of over 40 million USD. After social media fury, he took the decision back; however, it was still very frustrating (at least for me) to know that the (arguably) most powerful crypto personality can even think of such thing.
Yesterday, I literally kicked myself (twice) after finding out that the voting in one of my favorite crypto-projects, Steem, was manipulated by CZ through the use of Binance's Steem funds. This controversy highlights the biggest danger POS and DPOS blockchains. Proof-of-stake mechanisms give centralized exchanges and similarly large entities incredible power over consensus changes. Steem users could only turn to social media and shame exchanges into doing the right thing. That's not a very secure model, is it? Bitcoin, in contrast, puts contentious rollback decisions in the hands of miners, who have rational incentives to remain honest. I would love to see the conversations that lead up to Binance and Huobi backing Justin Sun's proxies with their customer deposits. Business owners need to be very careful when getting in bed with Justin Sun. He's a slippery guy.
|
|
|
I'm not sure it was a KYC issue, because when I tried to whitdraw my DOGEs I got a message saying Currency not found or is currently disabled or is currently withdraw disabled. It didn't say anything about KYC, so it's weird. Fortunately it was just few hundred DOGE, but I don't like that. Does anyone know if there is an active thread about Tradesatoshi somewhere in the forum? There are several open scam accusation threads, but Tradesatoshi doesn't respond to inquiries on the forum. They abandoned their forum account in 2019 and edited the OP of their ANN thread to this: I would just be happy that you only lost a few hundred DOGE. Their website has been taken offline and their social media accounts look abandoned. Anyone who wasn't able to withdraw by now can probably assume their money is gone.
|
|
|
IMO it's a bit confusing, usually Archival Full Nodes only means node which store whole blockchain. Can you share reference/discussion which mention "Archival Full Nodes" also means open connection? This section has been on the Bitcoin wiki since 2016: A subset of full nodes also accept incoming connections and upload old blocks to other peers on the network. This happens if the software is run with -listen=1 as is default. Contrary to some popular misconceptions, being an archival node is not necessary to being a full node. When you think about it, there is no need to store the entire blockchain unless you run a listening node. A non-listening node won't lose anything by pruning. There has been some discussion of the distinction: There are two different issues.
One is the availability and relay of block data on the network. We want enough full nodes to serve this data to other clients, but other nodes will still verify this data. The only reason for having many nodes is to avoid a central point of failure and having fast access. This requires fast nodes with port 8333 available, but I don't care who runs the nodes. This is what is measured by the available full node count, but it's not the most relevant decentralization metric.
To answer your question: no, a node that does not allow inbound connections hardly contributes to the network, but it may contribute a lot to the decentralization of trust.
|
|
|
It will be interesting to see whether and how the courts apply securities law in this case. Since there was no ICO-style fundraising involved, I'd like to see whether the Ripple case fits the "common enterprise" requirement of the Howey Test. The term "common enterprise" isn't precisely defined, and courts have used different interpretations. Most federal courts define a common enterprise as one that is horizontal, meaning that investors pool their money or assets together to invest in a project. However, other courts use different definitions. One of the issues the plaintiffs are focusing on is the extent of Ripple's control over the XRP supply. If they are successful in this line of argument, the case could have implications for other "utility tokens" like Binance's BNB.
|
|
|
Speaking of 2FA security, Android Google Authenticator users should take note: A new virus is attacking Google 2FA appNot sure why were talking about passwords and accounts here. Indeed, the focus on "accounts" screams third party custody. First and foremost, people should protect their cryptocurrency by storing it in their own [offline] wallets. Passwords have their place, though. You need a good password or passphrase to encrypt your wallet.
|
|
|
BUT, this is a very important point, SPVs ARE NOT part of the network. The don't verify transactions/blocks if valid/follow the rules, and the don't relay transactions/blocks after verified as valid/follows the rules.
Only a small subset of network nodes reliably relays transactions. SPV clients don't contribute to the network's security, but every node communicating with the Bitcoin protocol is technically part of the network. Full nodes are the only ones securing it in regards to consensus rules. An SPV client does some level of validation, like validating block headers for POW. The security model obviously depends on miner honesty.
|
|
|
If Mycelium servers are down, nothing you can do (I don't remember the user can select another server). The only responsible... well they're not forced to make their servers working again
That's worst than custodiol clients. It's not. If needed, you can always export your private keys from Mycelium, or import your backup seed into another wallet. Your bitcoins can be recovered. The BitPay and Copay wallets work the same way. Trying not to be off-topic to discuss carateristics of each wallet i used to use, but this leads me to ask about "Bither" wallet as well. This is how bitcoin.org describes the difference. For BitPay or Wasabi wallets: Centralized validation (Caution) This wallet relies on a centralized service by default. This means a third party must be trusted to not hide or simulate payments. For Electrum or Bither: Simplified validation (Acceptable) This wallet uses SPV and the Bitcoin network. This means very little trust in third parties is required when verifying payments. However, it is not as secure as a full node like Bitcoin Core.
|
|
|
Most will give a window of something like 15-30 minutes for the transaction to be made, and after that the transaction will be cancelled to protect from price changes. However, there was one I used in the past which wanted the transaction to be confirmed, not just broadcast, within the 15 minute window. Even with a high fee, sometimes that is impossible if there is a longer delay to the next block being found. It was then a total hassle to get them to credit my transaction against a future purchase. What a bizarre way to process invoices -- it boils down to chance. I've seen the network go 2 hours before without a single block being found. I've had trouble with processors who have really poor node or API uptime/connectivity, and don't detect payments in time. CoinPayments invoices tend to time out no matter when you send the payment. I've also had trouble with CoinGate, although the experience seemed to improved the last couple times I used them. Bitrefill's checkout process is very smooth. Other merchants and processors should take note.
|
|
|
It's not that hard. Most attack vectors are defeated by offline key storage. You can use a watching-only wallet on your online computer and sign your transactions offline. You could also use a hardware wallet -- the Ledger Nano S is under $60 now. But here, the malware steals your logins and passwords from all the exchanges you are using, so even if you safely use a cold wallet, you can lose your funds stored on those exchanges... We're talking about two different things. I was talking about the wallet stealing aspect of the malware. If you store cryptocurrency on an exchange, it's obviously not in cold storage. In contrast, private keys held offline are not vulnerable to this malware.
|
|
|
But on the other hand we have to admit porn sites can make the image worse in the eyes of some people. So in your opinion, if a porn site accepts payments with bitcoin can make bitcoin more popular or will it be dangerous for the future of bitcoin because it brings negative effects?
In Bitcoin's early days, it was often associated with the Silk Road marketplace and similar darknet activity. Law enforcement and the media associated Bitcoin with criminals and politicians were pushing for legal crackdowns because of that. Did that endanger Bitcoin's future? No, quite the opposite. Persistent acceptance among criminals has always lent Bitcoin legitimacy as a store of value, and it's long provided a basis for demand (adoption) too. Porn is actually a legitimate, legal industry so it's not even a threat in the same way.
|
|
|
Full Non-Mining Nodes fully record and relay all Transactions meeting code specifications from the Genesis Block.
Pruned Nodes record and relay transactions meeting code specifications from recent blocks only.
A full node is a fully-validating node. Pruned nodes qualify because they download and validate every block and transaction going back to the genesis block. The subset of full nodes that stores all past data and uploads old blocks to the network are called archival nodes. A subset of full nodes also accept incoming connections and upload old blocks to other peers on the network. This happens if the software is run with -listen=1 as is default. Contrary to some popular misconceptions, being an archival node is not necessary to being a full node. If a user's bandwidth is constrained then they can use -listen=0, if their disk space is constrained they can use pruning, all the while still being a fully-validating node that enforces bitcoin's consensus rules and contributing to bitcoin's overall security.
|
|
|
Having said all that, the vast majority of nodes will only accept the transaction which they see first (which will be your original transaction) To have any chance of success, the second transaction would need to be sent directly to mining nodes. I'm not sure how many mining pools still have policies that allow spends like this. It was once possible with Eligius. If it was as simple as broadcasting two different transactions from two different places as I stated above, then everyone would be doing it and bitcoin would be useless.
We should just consider unconfirmed transactions as unpaid. That's how most businesses deal with the issue.
|
|
|
Honestly, this virus isn't a new story in the industry. Cerberus Android Malware is already been here since the month of June 2019. Cerberus never contained OTP 2FA exploits before. This is a new development. The new exploit also hasn't been found yet in the current versions of Cerberus floating around on the black market. If you really want a good security, you might try Authy as the alternative. Authy has encrypted backups you can take advantage of. IMO
Cerberus is Android-specific. It's probably fair to assume that other Android authentication apps will be targeted in the future. I would remove Android devices from your security setup. I would also avoid logging in to accounts from the same device you receive OTP 2FA codes from.
|
|
|
Lets see the courts in any county force world wide miners to do something. Yeah, that will work.....NOT.
This is especially true given how much hash power originates from China, which is usually cast as a bad thing. In this case, it guarantees that a court order like this is unenforceable. He's also talking about rolling back losses from years ago, like the Mt. Gox hacks. A reorg that large is inconceivable. No miner would ever take the risk of mining that chain. Is he talking about a hard fork that reverses specific transactions or steals outputs? That would make more sense, but it would obviously render his fork not Bitcoin and very few would follow. BCH and BSV are examples of what happens. He would just be creating another civil war among BSV supporters, further dividing them against one another.
|
|
|
I can't recall what 'Bitcoiner' it was, but Liquid was advertised as a scaling solution for Bitcoin, which is retarded because that's not the case at all. The point basically was that Bitcoin itself is slow and expensive, but Liquid fixes that problem. Conflict of interest it reeks of.
The narrative keeps changing..... Bitcoin's goal was to end middlemen services, and what are we doing? Yeah, introduce more of them.
Bitcoin was intended to remove the need for intermediaries, but not every transaction people make requires Bitcoin's security guarantees. Liquid just gives people a cheaper and faster option if they don't need (or don't want to pay for) Bitcoin's on-chain security. In those cases, using a federated model like Liquid seems better than a single point of failure like a Bitcoin exchange.
|
|
|
Will miners come together and roll back the blockchain? Craig Wright seems to think so, or is he spreading fud and lying again like usual?? i doubt that this will occur.
Do you have a source? I would like to see it for myself. This is what he apparently said, though I'm not positive where it was taken from. It looks like a Slack chat room. “The first BTC seizure by courts will occur this year. Not with keys. By miners (nodes) acting to fulfill a court order. Without keys, BTC will be confiscated. Code is law, and courts can mandate patching code. Bitcoin is not encrypted. It is economic.” Not exactly in line with the whitepaper, is it?
|
|
|
Why do they allow such a low minimum bid?
If my math is correct, the minimum bid was $50 per bitcoin! During the first few days I was reading this I really never thought of anything unusual happening from a US agency selling Bitcoin that they have confiscated, but after re-reading this article about the successful auction I did became suspicious of the US Marshals having a big motive behind this. Since this was a public auction and the winners will have to wire transfer their payments in order to receive their Bitcoin doesn't it make the winners be identified through their bank accounts' KYC? The BTC literally will be coming from the authorities and there is a big possibility that all of those auctioned Bitcoins are now monitored and chances are the winners as well will be monitored after they obtain it. Is it possible that this is some kind of sneaky way to do surveillance for Bitcoin users around the US?
Probably not. I don't think bidders are worried about government surveillance. I believe bidders actually pay a premium above market for government auctioned bitcoins since they are whitelisted and there is no possibility of unwanted taint. They are buying from the government so they can hold and sell the bitcoins out in the open using traditional legal channels.
|
|
|
I don't think so. To qualify as a money transmitter in the second scenario, one would need to both develop the mixing platform and also profit from the associated money transmission. It's arguable that a market-maker does neither. They are profiting from the bid-offer spread, not the mixing activity: A market maker or liquidity provider is a company or an individual that quotes both a buy and a sell price in a financial instrument or commodity held in inventory, hoping to make a profit on the bid-offer spread, or turn. You would see the same distinction with an exchange. A market-maker on an exchange doesn't pocket trading commissions whenever trades are made -- the exchange operators do. That's who FinCEN is targeting, the ones who build the platform and are profiting from it. Then in a decentralized "market-place" for mixing such as JoinMarket? Who's the target? That's a purely 1's and 0's tumbling scenario. Nobody, not for unlicensed money transmission anyway. JoinMarket just links together liquidity providers with liquidity takers, who pay fees to each other. The developers of JoinMarket are not generating business income from release of the code, so they aren't considered money transmitters under this law.
|
|
|
a person operating as the administrator of a centralized CVC payment system will become a money transmitter the moment that person issues anonymity-enhanced CVC against the receipt of another type of value vs. a person that develops a decentralized CVC payment system will become a money transmitter if that person also engages as a business in the acceptance and transmission of value denominated in the CVC it developed Read bolded. JoinMarket "market-makers" are actually "liquidity-providers", that ask for a fee in exchange for providing liquidity. Is that considered a money-transmitter? I don't think so. To qualify as a money transmitter in the second scenario, one would need to both develop the mixing platform and also profit from the associated money transmission. It's arguable that a market-maker does neither. They are profiting from the bid-offer spread, not the mixing activity: A market maker or liquidity provider is a company or an individual that quotes both a buy and a sell price in a financial instrument or commodity held in inventory, hoping to make a profit on the bid-offer spread, or turn. You would see the same distinction with an exchange. A market-maker on an exchange doesn't pocket trading commissions whenever trades are made -- the exchange operators do. That's who FinCEN is targeting, the ones who build the platform and are profiting from it.
|
|
|
|