Bitcoin Forum
April 20, 2024, 01:47:01 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 4 5 »
1  Bitcoin / Bitcoin Discussion / Re: Recommendations on Block chain and cryptocurrency courses on: October 29, 2023, 08:20:05 AM

I don't know about certifications, but of course there are many sources out there, given the cryptocurrencies deal with many many fundamental topics worth their own course (computer science, cryptography, games theory, economy just to mention the major ones). Laying on those, any cryptocurrency has its peculiarities, and this again open a big landscape. So I guess first you should understand what you want to improve (I suppose you already have a basic knowledge of the tech).

That said, my opinionated hint is Foundations of Blockchains by Tim Roughgarden:
no certification, and not all the lectures have been released yet (my educated guess is half of total have been; it's partially funded by IBM grants so I have no worries about its completion) but it's a very high bar course (university level) and free of charge. It deals with computer science side of blockchains, the only resource I have found going very deep on state machine replication flavours, BFT, longest consensus, PoW e PoS anti-sybil leader election strategies, and more. All of that with agnostic style. It's a long term effort, and you won't master a specific cryptocurrency after it, but you'll have powerful knowledge tools to analyze the many promises of this field, and why not, to choose which technology to devote to.


Hello everyone, I plan on improving my CV by adding some cryptocurrency courses . Since one can gain a certificate online, I want to use my free time to study a course; [...]
2  Bitcoin / Development & Technical Discussion / Re: ZK-proof on Bitcoin on: April 03, 2023, 04:19:14 PM
The statement is the bitcoin consensus rules, basically expressing "I know a chain of blocks that is valid and results in chain state X". The (private) witness is the chain of blocks.
The chain state contains data like the block height, the total work, etc, but also a UTXO set commitment. To get a feeling for it, see our demo

So, is it correct to say that when you'll have The Full Chain Proof, your proof will prove that you known a set of ordered blocks (the witness) which starts from the Genesis one and produce -following all BTC consensus rules- the current UTXO set you advertise (and the additional data you have mentioned - height, total work,...)?

If so  I think it's important -without of course forgetting the non-easy need for Full Chain Proof- to underline explicitly the result I have summarized above, because it would mean that, with publicly and widely audited scheme proved sound, the only way to cheat "for you" (aka for anyone advertising a current state by means of your tech) would be to be able to reconstruct a valid blockchain from the beginning, which should reassure many doubts.

Wish you to make fast progresses toward Full-Chain-Proof
3  Bitcoin / Development & Technical Discussion / Re: ZK-proof on Bitcoin on: March 30, 2023, 02:32:56 PM

Hi, I am the project lead at ZeroSync. Happy to see our work discussed on bitcointalk. Would like to clarify a few points mentioned here:  

thanks your notes

Just to have an high level idea in a quick/lazy way ;-) , any diagram/note/schema about who plays the role of public STATEMENT & private WITNESS (in the SNARK meaning of those keywords) in each of the 3 stages of your chainproof (header/assumedvalid/full)?
4  Bitcoin / Development & Technical Discussion / Re: ZK-proof on Bitcoin on: March 28, 2023, 04:40:39 PM
ll Knowledge" system would be more suitable for public blockchain verification, there is no sense in wrapping stuff in ZK for the hell of it.
These things are not going to be any better than SPV at network security, might they offer a trusted solution that is scalable? Hopefully. But other than that no one will replace a full node with zero knowledge unless they dont care about what code they are running and in that case why even run a node?

I'm not ZeroSync evangelist nor I have any interest with them.

That said, I think you are thinking to zkSNARKs, but SNARKs can be also non-ZK. Their use is justified by being "Succinct", short proof (and quickly verifiable). Also ZK-Rollups, despite the name, are not zero knowledge, they use SNARKs because of succinctness.

So, I don't know if ZeroSync idea is good for blockchain size reduction (because any serious evaluation of schemes of that complexity should require a careful study of the proposed solution) , or if it will be accepted (I don't think so to be honest), but the usage of SNARKs to have succinct and fast checkable proof is brand new but well established.. confusing it with ZK flavours is not a good service to the OP imho
5  Bitcoin / Development & Technical Discussion / Re: ZK-proof on Bitcoin on: March 28, 2023, 04:17:46 PM
I am not sure how the Bitcoin community and pro full-node proponents will accept the idea of not being the ones that perform the full verification process themselves. If the idea has always been to verify and not trust, I don't see that changing. I guess it's also going to depend on how ZeroSync exactly verifies those transactions. An increase in centralization will surely not be something hardcore-bitcoiners will approve of.  

I don't know ZeroSync actual tech, but from what I read my educated guess is they are going to use recursive or folded SNARKs, in the path of an "old" idea called UTREEXO... so not possible to judge just from that simple article, but tech to do something good exist... and StarkWare funding seems reassuring
6  Bitcoin / Development & Technical Discussion / Re: Why difference in 6 blocks is enough to think the transaction is secure? on: February 01, 2023, 02:48:54 PM
There is no 'proof' it's part of the basic concept of PoW.

I'm sure OP is thinking to Bitcoin, so it's ok for current level of talk to identify consensus with PoW, but for the sake of accuracy it depends on longest-chain consensus style, not on PoW leader election strategy.

The need to wait a number of blocks before considering finalized a previous one would apply in whichever uniform way we could choose the "miner", e.g. even in the "extreme" case of round-robin choice in a permissioned context. Or, as far as I know, Cardano using PoS on longest-chain as an analogous probabilistic finality concept.

I guess it's common to identify PoW with Longest-Chain cause it seems a bad idea to use it with BFT-style consensus, so everywhere you have PoW you also have LC

7  Bitcoin / Development & Technical Discussion / Re: Why difference in 6 blocks is enough to think the transaction is secure? on: February 01, 2023, 02:21:02 PM

If you are really "brave", well motivated and with quite enough time to devote to your interest about that, here there's what imho is nearest to a proof. It's in lecture 8 videos while lecture 9 specialize the analysis to PoW blockchains, but you definitely need to watch (and understand) the whole course till there to understand... the many concepts needed -just to deal with it in a rigorous way- are introduced in a step by step way:

just a quick note about what you have to expect: longest chain consensus attain PROBABILISTIC finality, even when formally described. The probabilistic nature comes from
the fact there isn't an a-priori knowledge of which node is an adversarial one, whichever leader election strategy (=way to choose who build the next block) it's chosen

Wish you a good learning work!

Yes, I know this, but I need mathematical proof
8  Bitcoin / Project Development / Re: Transfer bitcoins without internet on: December 30, 2022, 11:08:10 AM
But in practice, amount of stale/orphan block is very low. Based on BitMex monitoring tool[1], there are only 46 detected stale block since 20-08-2020[2].


well, forking and subsequent reorgs are local events, so we cannot be sure forkmonitor offers a statistical reliable view from global/overall perspective. But agreeing it does (I'm sure actual tuning cause few forks/reorgs because of the 10sec/10min ratio), my point is that long propagation times due to offline nodes, only sporadically peering with the BTC network, would increase the risk.
Disconnected nodes/client cannot be sure to share an updated status of the ledger, and if they are enough to have miners between them, well.. enjoy the mess Smiley  ...the matter is that BTC has a global consensus model, but the way it works depends on quite strictly bounded propagation times (which cannot be taken for granted with a significant number of offline nodes)
9  Bitcoin / Project Development / Re: Transfer bitcoins without internet on: December 30, 2022, 08:54:13 AM
Hi everybody

about this thread, I hope it's useful to remember that propagation time / mining interval ratio is of huge importance regarding forks/reorgs and so double spending issues, but also underline that it has a role in setting sufficient conditions about safe honest/byzantine nodes ratio... so an offline scenario is highly risky considering a Nakamoto Consensus network as a whole. I guess sharding could be a plan-b, but I'm currently not expert enough to speak about it, and more important it wouldn't be BTC anymore (at least not as we know it now)
10  Bitcoin / Development & Technical Discussion / Re: Question about the lock script on: December 08, 2022, 11:04:31 AM
How is it possible to spend this UTXO?
Thanks a lot!

Check if this infographic about simplest locking/unlocking script can help you:

11  Bitcoin / Development & Technical Discussion / Re: What do you actually sign in P2PKH? on: December 05, 2022, 07:11:40 AM
There is scriptSig and scriptPubKey. And when you provide scriptPubKey you provide your public key and some opcodes are added. But when you provide scriptSig what do you sign?

I wrote it in 2019 so it's not up-to-date with taproot & co, but maybe it can someway help you, as far as you are starting from the bases:

12  Local / Discussioni avanzate e sviluppo / Re: HELIUM (HNT) HOTSPOT on: November 02, 2022, 04:24:52 PM
Premesso che l'idea di helium di incentivare la diffusione di hotspot la trovo interessante, e anche l'algoritmo di consenso e' piuttosto particolare credo e quindi stuzzicante da un punto di vista teorico, pero' mi corre dovere di condividere questa news (per la quale non ho dettagli o fonti particolari), che non e' irrilevante in merito alla fiducia che si ripone in un sistema per il quale si fanno valutazioni circa i ritorni:

13  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [XMR] Monero - A secure, private, untraceable cryptocurrency on: October 06, 2022, 07:24:33 AM
Is it possible to make DEX on Monero?

if you mean something involving HTLC no imho, even if -using pairings- atomic swaps tries are being developed.
Anyway, depending how strong is your definition of DEX, you can follow these two projects:
14  Other / Beginners & Help / Re: Any resources to properly understand Bitcoin protocol? on: July 11, 2022, 01:31:35 PM
I guess that many of us first reference was Mastering Bitcoin by Andreas Antonopoulos: today outdated regarding many recent developments (let's hope in a 3rd edition Wink ), but still a solid foundation of the field for geek-level readers
15  Bitcoin / Development & Technical Discussion / Re: How much text can you put in a bitcoin message? on: May 30, 2022, 06:54:06 PM
I also thought about that. But then, there is a bigger problem, because you need some way to implement mining. So, I can see two options: hashing each message separately, or implementing a hidden chain. I prefer the second, because then all hashes could be hidden as commitments. Then, the only option to stop that, would require banning all ways of encrypting anything (or pushing any random, non-explained data), which is hard to enforce.

Could you elaborate a bit more about this idea? I'm not understanding neither of the two options...

16  Bitcoin / Development & Technical Discussion / Re: How much text can you put in a bitcoin message? on: May 30, 2022, 06:44:18 PM

i think the know the use-case would be relevant to choose the way to store the message: OP_RETURN is for sure the cleanest/most elegant way, however it's prunable ( so imho it should be evaluated if its presence guaranteed only in full nodes is ok or not
17  Bitcoin / Development & Technical Discussion / Re: How much text can you put in a bitcoin message? on: May 30, 2022, 02:00:39 PM
The topic is wider than what I also thought...

Many choices are possible, this is a quite complete survey as far as I know:

18  Bitcoin / Development & Technical Discussion / Re: Silent payments on: May 27, 2022, 06:54:55 AM
Your schema remember me what in Monero is called Stealth Addresses:

Maybe this can be useful to compare the ideas:

19  Alternate cryptocurrencies / Altcoin Discussion / Re: IP leak from MetaMask wallet on: February 09, 2022, 11:03:13 AM

It seems appropriate here to cite a MetaMask "audit" by Matthew Green:
20  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [XMR] Monero - A secure, private, untraceable cryptocurrency on: January 24, 2022, 08:19:11 AM

Found onlide nodes in

the guy behind it seems to have other cool projects as well, e.g.: and

BTW is it you @gelius or have you just found it surfing online?

Pages: [1] 2 3 4 5 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!