I've heard that it's highly centralized, but I haven't looked into it in depth yet.

Most altcoins are pure pump-and-dump, but there are a small handful that actually have some technical merit. I will list them here, according to my opinion/understanding.

For each one, I will assign a technical merit/innovation score. On the day of its release, Bitcoin would have had a score of 100, whereas a score of 0 would be a pure pump-and-dump built on stupid gimmicks and other nonsense -- I don't list these at all.

Ethereum

The way Ethereum's Solidity works is very interesting. It feels good to use, like magic. When people first see it, it often blows their minds. And there are several useful things that these super-smart contracts enable. However, Ethereum is built on the same technology as Bitcoin, and this technology has serious real-world issues and constraints. So although Solidity feels unlimited and magical:

- You often need to resort to centralization in order to do things, which completely defeats the point.
- Not all, but most real-world uses of Solidity can be done on Bitcoin, though it's more of a headache (like writing in assembly vs JavaScript).
- The Solidity "magic" hides many real-world issues which can still occur, such as reorgs, network-wide scaling issues, various possible attacks, etc. -- this is the cause of most of the various ETH disasters over the years.

ETH makes the power of cryptocurrency and smart contracts very plain to people, and I appreciate that, but it's not actually very good at being a cryptocurrency or securely/efficiently/reliably executing smart contracts.

Additionally, Ethereum ignored years of prior discussion regarding the safety issues of high-power scripts, and as a result of this and other design decisions, it faces serious security and scaling issues which have really started to become apparent as people try to actually use ETH for real applications. I can't see it surviving without major breaking changes or (more likely) an ever-increasing number of centralization band-aids.

Score: 1

IOTA

The tangle design is interesting and potentially useful, though I have several serious concerns about how it will actually work long-term:

 - In order to achieve lasting, stable scalability, something will need to be done to limit bandwidth. Otherwise you still have the problem that everyone needs to download everyone else's transactions in order to be a trustless node, and this simply doesn't scale no matter what else you do. How can you split the network so that one node can trustlessly ignore a lot of the network's total transactions, but transactions are still possible cross-split? Doing something like splitting the graph into a cycle of semi-separate segments might be possible, but it seems very difficult to do this and maintain security+convergence.
 - With a chain, if miners become evil and rewrite the last 6 blocks or something, everyone is going to notice and be affected, and so a unified response (PoW change, etc.) will be fairly easy. But with a graph, maybe an attacker could just nibble at the edges in such a way that 99.99% of users are able to think "well, it's not really my problem". In fact, it may not even be easily provable that an attack happened at all.
 - I am not convinced that a tangle is stable/convergent/secure in all circumstances. Even if it seems to work under all tests so far, it may well fall apart under a clever but not-too-difficult attack, or perhaps even just on its own. The whole idea that transaction volume is what adds security to the tangle makes me uneasy, since an attacker can always produce unlimited fake transactions, while the network will only produce a "natural" number of transactions unless additional measures are taken to generate good fake transactions.

Possibly due to the IOTA devs sharing similar concerns, IOTA's software currently relies on centralized checkpointing.

Score: 0.1

Monero

Monero is the most widely-used highly-fungible cryptocurrency, and it has a good record for being secure/stable. Fungibility is very useful, and the way it is done in Monero is quite good, though it's not actually mathematically private; it is theoretically possible to get some identifying clues from Monero transactions without breaking any crypto, though it's very difficult, especially after RingCT. Its method of anonymization has very severe scaling downsides, however; Monero makes Bitcoin look Visa-scale.

Score: 4

Zcash

Zcash has the same general goals as Monero. Theoretically, it should have slightly better anonymity than Monero, but you have to trust that the key ceremony was completed honestly, and you also have to trust that there are no flaws in Zcash's more esoteric/experimental cryptography.

Creating/validating anonymous Zcash transactions requires several gigabytes of memory, which is very harmful to centralization and anonymity. If you're the only person who goes to the trouble of creating anonymous transactions, then you'll stick out like a sore thumb.

Zcash's underlying technology may have theoretical scaling advantages; probably better than Monero, and perhaps better than even Bitcoin. But I don't think that this is being exploited at all in the current code, and I haven't been able to find an exact quantification of how good it could be.

Score: 1

Unlisted

I have investigated these coins, and give them a score of zero. Note that when a family of coins have almost the same technical features/properties, I give the one which seems "most major" its proper score, and the rest in that family a score of zero. If you very much prefer a clone's economic properties, tiny changes in constants, etc., then it is maybe not unreasonable for you to prefer that clone instead, but in this post I am concerned with highlighting the most prominent examples of major innovation.

 - Bcash - clone of Bitcoin
 - Bytecoin - very similar to Monero, and Monero is bigger / more active, even though Bytecoin came first
 - CounterParty - an even more inefficient/unscalable way of trying to do what Ethereum does
 - Dogecoin - clone of Bitcoin
 - ETC - clone of ETH
 - Litecoin - clone of Bitcoin
 - NMC - mostly a clone of Bitcoin with some not-very-innovative extras tacked on
 - Ripple - 100% centralized
 - zcoin - clone of zcash

Not yet evaluated

I haven't investigated these enough yet to give them scores.

 - BitBay
 - Blocknet
 - Byteball
 - CloakCoin
 - Dash
 - GameCredits
 - Neo
 - PIVX
 - Waves
 - XEM
 - XtraBYtes
 - Zencash

I am very far from a fan of Trump, and I don't align myself with the alt-right whatsoever, but I was impressed by Trump's statements today acknowledging antifa "protesters" as a major source of violence. The media will crucify him for that, so that takes a lot of guts.

I just changed something, maybe that'll help.

If people still get it, please post:

- Exactly the time you saw it.
- The footer of the error message (eg. "504 via master1")

I've seen that happen before (rarely) on Tor, but a small delay isn't very bothersome, and I've always been able to fix the really bad delays by refreshing the page or getting a new Tor identity.

Elsewhere, someone suggested Solvemedia, but I think that all captchas based on reading text are actually easier for high-quality OCR to solve than for humans. The photo-based ones give computers a major disadvantage over humans. I don't care very much if people use services like 9kw.eu to solve the captchas, since that at least has a cost, but if a captcha can be OCRed, then they have no cost at all, making them completely useless.

If someone has other suggestions for good captcha services/libraries, let me know. I don't really like using Google products, since Google's whole business model is spying on people. Though as I mentioned, I don't have much faith in captchas based on reading mangled text.


I thought about that, but it'd be a bit difficult to implement, and I'm not sure how much value it'd really provide. Even if a captcha isn't required in 99% of logins, the 1% of logins where it is required is going to screw up bots, etc.

No, "remember me" isn't affected. You will only have to answer the captcha on occasions when you would've previously had to enter a username/password.

Fixed, thanks!


Why? Recaptcha is a bit difficult, though effective. And they don't ban Tor or anything like that.

Exactly, locking an account due to incorrect password attempts is insecure unless you already have some sort of partial authentication (eg. half of 2-factor authentication).

Recently someone has taken to using 5000+ IPs to bypass rate-limits and try many passwords. Therefore, it is now required to solve a captcha when logging in. JavaScript is required for this. I know that several forum users like to use NoScript, but I am not aware of any high-quality (ie. not OCR-able) captcha services/libraries which don't require JavaScript. You can maybe enable JS just for the login page, and then disable it again afterward.

There are a few people who use automated bots which need to login. Contact me with a description of your bot, and if it seems reasonable, I will give you a key which will allow you to bypass the captcha.

Let me know if you see any bugs.

Some people seem to have misunderstood: I'm not trying to recruit people here for something that I would manage; I want you to set this up, on your own and independently. Then if you do a good job, I would require that advertisers receive your certification (or a similar one).


Usually these team pages say stuff like "XYZ team member has worked in the field for 100 years, and is recognized across the universe as the #1 expert." They should prove those qualifications to the certifier.

Most people leave traces that you can find. If there are one or two who can't be linked to anything, then that's probably fine. Also, it's fine if the people are pseudonymous but have a good pseudonymous history (eg. they've written a lot of code, etc.). But if the whole team is full of ghosts with no verifiable achievements, then that's awfully suspicious.


That'd probably be too restrictive.

I'm getting a bunch of ICOs wanting to advertise on the forum, but I don't have time to do more than a very cursory review of each. Somebody trustworthy needs to set up a certification service that will work like this:

An ICO will pay you to apply for a certification. You will then spend many hours thoroughly reviewing everything about them in order to determine that they're at least basically sane. Some things that you should maybe check:

 - If they're planning on creating software, require that they have the software already 5% done, preferably with a working proof-of-concept that you can play around with. Check that they haven't just filled a github repo with copy-pasted garbage code from elsewhere which doesn't actually do anything relevant.
 - If they're planning on operating a real-world business (solar, mining, etc.), check that they have a registered business somewhere. Do a background check on all involved individuals. Require that they have some of the necessary assets (property, etc.) already purchased, and verify this using public records, etc.
 - Check that there are no reasonable open scam accusations against anyone involved.
 - If smart contracts are used, verify that the English terms match the smart contract terms. If there's any way for the smart contract terms to be changed, make sure that this is specified in the English terms.
 - After reading all of their public info, ensure that there is no deception or any glaring holes.
 - Check their website for copy-pasted text, photoshopped images, and fake people.

If they fail your criteria, then you should not certify them. That's important. If you just give a certification to everyone who pays you, you're useless. You should keep the application fee even if they fail, though in some cases you could allow them to reapply for certification after failing with a reduced fee. Your goal should be to eventually be able to publish a statistic like, "99% of ICOs I certified did not turn out to be scams." You should not attempt to certify that ICOs will actually appreciate in value or anything -- that'd be far too difficult --, but just that the collected money will be used as advertised.

Once I notice that a good, trustworthy certification service like this exists, I will require that ICOs wanting to advertise on the forum receive such a certification. (If/when there are multiple good certification services, I will publish a list of ones I consider acceptable.) So you'll get a built-in market from this, and even if an ICO has no interest in advertising on the forum, acquiring a widely-trusted certification has significant value in itself.

The forum sells ad space in the area beneath the first post of every topic page. This income is used primarily to cover hosting costs and to pay moderators for their work (there are many moderators, so each moderator gets only a small amount -- moderators should be seen as volunteers, not employees). Any leftover amount is typically either saved for future expenses or otherwise reinvested into the forum or the ecosystem.

Ads are allowed to contain any non-annoying HTML/CSS style. No images, JavaScript, or animation. Ads must appear 3 or fewer lines tall in my browser (Firefox, 900px wide). Ad text may not contain lies, misrepresentation, or inappropriate language. Ads may not link directly to any NSFW page. Ads may be rejected for other reasons, and I may remove ads even after they are accepted.

There are 10 total ad slots which are randomly rotated. So one ad slot has a one in ten chance of appearing. Nine of the slots are for sale here. Ads appear only on topic pages with more than one post, and only for people using the default theme.

Duration

- Your ads are guaranteed to be up for at least 7 days.
- I usually try to keep ads up for no more than 8 or 9 days.
- Sometimes ads might be up for longer, but hopefully no longer than 12 days. Even if past rounds sometimes lasted for long periods of time, you should not rely on this for your ads.

Stats

Exact historical impression counts per slot:
https://bitcointalk.org/adrotate.php?adstats

Info about the current ad slots:
https://bitcointalk.org/adrotate.php?adinfo

Ad blocking

Hero/Legendary members, Donators, VIPs, and moderators have the ability to disable ads. I don't expect many people to use this option. These people don't increase the impression stats for your ads.

I try to bypass Adblock Plus filters as much as possible, though this is not guaranteed. It is difficult or impossible for ABP filters to block the ad space itself without blocking posts. However, filters can match against the URLs in your links, your CSS classes and style attributes, and the HTML structure of your ads.

To prevent matches against URLs: I have some JavaScript which fixes links blocked by ABP. You must tell me if you want this for your ads. When someone with ABP and JavaScript enabled views your ads, your links are changed to a special randomized bitcointalk.org URL which redirects to your site when visited. People without ABP are unaffected, even if they don't have JavaScript enabled. The downsides are:
- ABP users will see the redirection link when they hover over the link, even if they disable ABP for the forum.
- Getting referral stats might become even more difficult.
- Some users might get a warning when redirecting from https to http.

To prevent matching on CSS classes/styles: Don't use inline CSS. I can give your ad a CSS class that is randomized on each pageload, but you must request this.

To prevent matching against your HTML structure: Use only one <a> and no other tags if possible. If your ads get blocked because of matching done on something inside of your ad, you are responsible for noticing this and giving me new ad HTML.

Designing ads

Make sure that your ads look good when you download and edit this test page:
https://bitcointalk.org/ad_test.html
Also read the comments in that file.

Images are not allowed no matter how they are created (CSS, SVG, or data URI). Occasionally I will make an exception for small logos and such, but you must get pre-approval from me first.

The maximum size of any one ad is 51200 bytes.

I will send you more detailed styling rules if you win slots in this auction (or upon request).

Auction rules

You must be at least a Jr Member to bid. If you are not a Jr Member and you really want to bid, you should PM me first. Tell me in the PM what you're going to advertise. You might be required to pay some amount in advance. Everyone else: Please quickly PM newbies who try to bid here to warn them against impersonation scammers.

If you have never purchased forum ad space before, and it is not blatantly obvious what you're going to advertise, say what you're going to advertise in your first bid, or tell me in a PM.

Post your bids in this thread. Prices must be stated in BTC per slot. You must state the maximum number of slots you want. When the auction ends, the highest bidders will have their slots filled until all nine slots are filled.

So if someone bids for 9 slots @ 5 BTC and this is the highest bid, then he'll get all 9 slots. If the two highest bids are 9 slots @ 4 BTC and 1 slot @ 5 BTC, then the first person will get 8 slots and the second person will get 1 slot.

The notation "2 @ 5" means 2 slots for 5 BTC each. Not 2 slots for 5 BTC total.

- When you post a bid, the bids in your previous posts are considered to be automatically canceled. You can put multiple bids in one post, however.
- All bid prices must be evenly divisible by 0.05.
- The bidding starts at 0.1.
- I will end the auction at an arbitrary time. Unless I say otherwise, I typically try to end auctions within a few days of 10 days from the time of this post, but unexpected circumstances may sometimes force me to end the auction anytime between 4 and 22 days from the start.
- If two people bid at the same price, the person who bid first will have his slots filled first.
- Bids are considered invalid and will be ignored if they do not specify both a price and a max quantity, or if they could not possibly win any slots

If these rules are confusing, look at some of the past forum ad auctions to see how it's done.

I reserve the right to reject bids, even days after the bid is made.

You must pay for your slots within 24 hours of receiving the payment address. Otherwise your slots may be sold to someone else, and I might even give you a negative trust rating. I will send you the payment information via forum PM from this account ("theymos", user ID 35) after announcing the auction results in this thread. You might receive false payment information from scammers pretending to be me. They might even have somewhat similar usernames. Be careful.

Your ICO strikes me as too risky, so I won't accept your bid this time.


I am noticing now that your email and password changed just before bidding, which is suspicious, and you never PMed me to tell me what you were advertising as required by the rules. Therefore, I won't accept your bid this time. PM me more info about what you're advertising if you want to bid in the future. I apologize for not catching this in my status update earlier.

Auction ended, final result:
Slots BTC/Slot Person
3 0.90 Kickico Bounty Hunter
1 0.90 Gunthar
2 0.85 Bdstar
1 0.85 gritter
1 0.85 coinmixer.se
1 0.85 melissa_sapmaz

Google Translate is very poor at Japanese (and I'm not perfect). I said, "I love Japan, but I hardly ever see Japanese here, so a new section isn't necessary."

For now, a few of the topics are on-topic enough for Bitcoin sections. But mostly they belong in the altcoin sections, and this will increasingly become true as time goes on. There's nothing special about Bcash which warrants a new section.

日本が大好きだけど、ここで日本語があまり見られないから、新しい区分は必要じゃない。

It'll be moved to Archival after a few months.

If someone wants to post something, I can sticky it.

You have negative trust for me, so I won't accept your bids.

melissa_sapmaz is cleared for up to 1 slot -- bids for more slots should be considered tentative.

atbcoincom PMed me canceling his bid.

Current auction status:

Slots BTC/Slot Person
4 0.65 ChipMixer
1 0.65 gritter
2 0.65 jamieebotwin
1 0.65 ATB Coin
1 0.65 Gunthar

The auction continues.

That sounds plausible, but I don't know enough about how the nano S works to say for sure.

The point of that is to avoid giving private keys full of BTC to hosted wallets or largely-untested BCH software.