Congrats to the other winners! I'm touched that so many people went out of their way to vote for me.

I decline any prize. Please reassign it to someone else, donate the value to Evidence Action, or keep it.

Thanks for organizing this, icopress!

This month 131 users were eligible.

Old:
New:

Not really. I don't know of any better solution which wouldn't require a lot of manual work to keep it working.

Cloudflare actually isn't even very good at identifying bad traffic or delivering on several of its claimed features, but it offers two extremely valuable tools:
 1. It completely blocks even massive IP/UDP/TCP flooding without any thought on the end-user's part. My custom DDoS protection was also able to block these attacks, but it required a significant amount of sysadmin work.
 2. My custom protection failed against layer-7 attacks from 100k+ IPs. To handle these attacks, there needs to be some sort of proof-of-work/CAPTCHA challenge before the application starts making database queries and such. These challenges must exist on servers which will automatically scale to handle any number of requests, as needed. The challenge servers must have the HTTPS key in order to function. It would definitely be possible to do this without something like Cloudflare, and I've posted a general description of how it could be done, but both the coding and sysadmin work are more than I want to deal with.

Cost is a consideration, but not the primary one: I'd consider paying 10-30x more than Cloudflare's $250/mo, if this came with significant improvements. But as far as I know, you don't actually get much more by paying an "enterprise" DDoS protection company $5000/mo than you do by paying Cloudflare $250/mo, and in fact you often seem to get less.

This month 121 users were eligible.

Old:
New:

This month 120 users were eligible.

Old:

New:

After reading your post, I realized that the stats I gave were highly misleading because mini-bumps occur (and super-bumps are possible by playing with URLs) across the entire forum, but they only have practical effect on certain boards, and the stats I gave previously were global. Restricting it to only the boards where modified-bump-ordering is default, it's:
30 days: 12901 super bump-power out of 13492 total bump-power
365 days: 220802 super bump-power out of 232874 total bump-power

In the past 30 days, there have been 397 super-bumps from 57 distinct users contributing 11355 bump-power. Over the same period, the total bump-power from both mini-bumps and super-bumps was 88127.

In the past 365 days, there have been 8850 super-bumps from 308 distinct users contributing 222971 bump-power. Over the same period, the total bump-power from both mini-bumps and super-bumps was 1041245.

Good point, edited. Thanks.

Thanks for your comments: I incorporated several suggestions. I think that the usefulness of this announcement decays with every passing hour, so I went ahead and posted it. I'll also link to it in the news bar for a couple of weeks. The post can still be edited, of course.

Has anyone used the Unstoppable wallet? Is it a good alternative to Trust Wallet?


"Withdraw now" strikes me as a bit too alarmist, and I prefer the term "online account". "Exchange" is too narrow, while trying to be more exact with a phrase like "centralized exchanges, yield sites, and many tokens" is too confusing.

Note that even USD in exchanges is at risk, whether or not it's a stablecoin or a non-stablecoin account balance. If the exchange goes bankrupt, typically the USD will be an unsecured liability owed to you by the exchange, the same as any other asset associated with your account.


I agree that yield-farming stuff (whether DeFi or CeFi) is very risky in general, and especially right now when $2-10 billion in "money" was just removed from the crypto economy overnight. I adjusted the wording to emphasize that yield products are included. "Inherently unstable" goes a bit too far, though, IMO. For example, some decentralized exchanges and over-collateralized lending pools seem pretty robust at least in principle, and many of them will probably survive.


I don't consider it to be an issue. Those clearly are the two leading hardware wallet manufacturers, and merely mentioning them is not an endorsement.

When you log into an exchange, yield platform, or other site, and it says that you have a balance of "1 BTC" or "1 USD", this does not actually mean that you have 1 BTC or 1 USD. Rather, it means that the company showing you this balance owes you that money. In other words, you've given a loan to the company. Maybe the company will pay you back, but history is littered with defunct companies which accepted deposits and were widely trusted for years, but which ended up not paying back their depositors in the end.

To the greatest extent possible, you should always avoid keeping BTC (or anything else) in online accounts. This is especially important right now because a very large exchange went bankrupt recently; this has already caused a contagion effect which has taken down other companies which accept deposits, and this contagion may continue to spread and affect more companies.

Ideally, you should keep as large a percentage as possible of your crypto assets in a wallet where only you control the private keys. Electrum for Android or desktops is one good option. For iOS, there's BlueWallet. If you have a large variety of different crypto assets that you need to store, there's Unstoppable wallet. If you have never used your own trustless wallet before, using a mobile app is probably safer than using a desktop app. An even safer option, which you should definitely consider if you have a lot of crypto assets, is to use a hardware wallet such as Trezor.

Also, note that many altcoins, tokens, and DeFi projects are either fundamentally centralized and therefore about as risky as online wallets, or they are still potentially vulnerable to the recent wave of insolvencies due to the way that they're designed.

I don't like the idea of a permanent banner, but a post in Important Announcements isn't a bad idea, especially since the FTX contagion is likely to cause several more bankruptcies over the coming weeks/months. Because the FTX issue is likely to trigger bankruptcies soon, this is time-sensitive, and so it'd be best to post it in the next ~36 hours.

A quick draft:

Which are the best wallets for total newbies? Anyone who will actually need the advice in this post will need something very easy, so I don't want to list something too difficult. Probably I should just list one app for iPhone, one app available on Android via Google Play, and maybe one hardware wallet. (Linux/Windows/Mac wallets are too risky for newbies, I think.)

I'm not very familiar with DeFi systems. Should more be said about them?

I adjusted the results to remove votes that shouldn't count:

After adjustment, the results are:

I adjusted the results to remove votes that shouldn't count:

After adjustment, the results are:

Congrats to taufik123, and thanks to ChiBitCTy and all participants! This was a very fun contest!

So many great entries! My favorites are:
1. KrispyKrypto
2. polymerbit
3. BigBos
4. geophphreigh

This month 124 users were eligible.

Old:

New:

It's nice to see some people actually eating their pumpkins! Every year I see hundreds of pumpkins sitting outside of people's houses and then getting rotten: it makes me feel like it's a secret Halloween ritual where everyone sacrifices perfectly-good-to-eat pumpkins to Nurgle.

Added.

One minor point of criticism I have with the site is that in places the issue is framed in a similar way to pro-X/anti-X political action sites, where you're asked to lobby various people. But Bitcoin is meant to escape politics: if you run your own full node, you can't be subject to changes to Bitcoin which you don't consent to, regardless of what anyone else does.

This month 130 users were eligible.

Old:

New:

Note that I've decided to suspend ad sales. These auctions will probably be permanently ended, and I'm not sure whether or in what form advertising in general will be continued. Maybe some ads will go up again fairly soon, or maybe there will never be any more ads; I haven't decided yet. The main reasons for this decision are:

Firstly, I'm finding it too difficult to determine which services are legit/safe and which are not. It takes me 30+ minutes to research each new service to reach at least some level of confidence in it, but at the end of this I often still don't feel fully confident. Bitcointalk.org is meant to be operated "as a service to the community", so it's very important to me that bitcointalk.org not be seen to be putting profit above the interests of its users. (I've been kind of shocked at the crypto-related ads that are shown on TV, which are often way beyond anything I'd accept here. And I'd like to tighten our standards.)

Secondly, there is a high amount of friction in the current process of auctions and manual ad processing. I often feel that it's more trouble than it's worth on bitcointalk.org's end. I also think that the revenue is substantially less than it could be because the market of advertisers willing to deal with this difficult process is much smaller than the market of advertisers who would be willing to advertise here if only they could do so effortlessly. So I think that we're "leaving a lot of money on the table" due to friction, which makes the other issues feel even worse.

Finally, bitcointalk.org has a large reserve of BTC, so we're able to continue operating without ad revenue for many years. It's not even necessary to cut expenses or find replacement sources of revenue anytime soon, and I currently have no solid plans to do these things. I do regard it as less than ideal to be operating at a constant loss, especially because it constraints any desired future growth in expenses. Improving this situation will be on my mind in the coming years, but luckily it need not be a high priority.

---

If you'd like to advertise: I will consider offers to advertise, especially if you've advertised before. Send me:
 - What you want to advertise
 - How long you want to advertise for, and starting/ending when
 - How much you'll be willing to pay
 - If you would prefer some change in the format of ads (ie. something different than the banner below the first post), let me know and I'll consider it

However, my standards for the type of service I will accept will be stricter than previously, and I will also not accept advertising if I don't think that the proposed price is high enough to make it worth the trouble. Due to these changes, I will probably accept few or no offers to advertise, and the majority of the time there will be no ads.

A possible good long-term solution would be if we could use some ad network in the same vein as AdSense which has extremely high standards, does not track users, and is otherwise as visitor-friendly as possible. If you know of or operate something like this, please let me know.

The main thing that I'll miss about these auctions is being pushed to closely investigate a wide variety of different crypto-services, many of which have been very interesting and innovative, even ones which I've had to reject. Thank you to all advertisers, auction participants, and ad designers over the nearly 11 years since the first auction. I'd especially like to point out that many, maybe the majority, of ad banners over the last few years were designed by jayce.

I probably never would've spent the ~hour figuring out how to add it because it strikes me as unnecessary, but I also don't see the harm in it. Since you wrote the code, I added it. Thanks!