Well, most speculative assets need some "bootstrapping" value.  Now, bitcoin is not entirely value-less, because it does have a (small) economic value, namely all the economic exchange it made possible or cheaper than could have been achieved with other means of payment (mainly fiat).  But apart from remittance where you might win somewhat, trying to hide from taxes, and mainly, dark markets, I don't see where the economic value of bitcoin resides.  Most of what you can do with bitcoin, you can just as well do it with fiat, and in those heralded cases where this would not be the case (say, in developing countries), bitcoin didn't really take off.  I'm truly sorry about that, because when I learned about bitcoin, I *was* part of the useful idiots being enthusiastic about that.  But as far as I can see, bitcoin has only a rather small niche application of true economic value, and its design errors/flaws make that this is exactly where it is now being hurt.  So I wonder whether this small "true, economic value" is strong enough to bootstrap the huge speculative value of bitcoin.  Moreover, I think that anonymous coins like monero are much, much better suited for this niche.

Now, there are two ways in which bitcoin is speculative: its volatility, and its greater-fool game.  Any volatile token is great game for speculators.  The problem with bitcoin is rather that it is not sufficiently volatile any more, and that alt coins are more lucrative in a cornered, volatile and manipulated market.  

The greater-fool game lasts until one runs out of greater fools.  When does that happen ?  When the general sentiment is that there starts to be more room on the downside than on the upside.  That's probably not the case yet for bitcoin, but it is closing in.  We're in the $1000,-.  Now what is a reasonable upside ?  A factor of 10 ?  Maybe.  A factor of 100 ?  Doubtful but not impossible.  A factor of 1000 ?  Hardly (market cap larger than USD market cap).  What's the downside ?  A factor of 10 ?  Most probably not.

However, after yet another factor of 10, when bitcoin will be around $10 000,-, this may look different.  A factor of 10 on the downside, back to today's value is not unreasonable, and a factor of 100 down (to $100,-), most probably not, but at that point, a factor 10 upwards is still doubtful, and a factor 100, hardly thinkable (market cap larger than USD market cap ?).

So bitcoin is nearing the point where there will be more potential downside than upside, at which point, greater fools will stop flowing in like crazy.

Why are they flowing in in the first place ?

Because a few people got immensely rich with almost no starting capital in bitcoin.  They became millionaires with just a few hundred bucks of starting capital.  There are at most 1000 people like that, and most probably less than that there are football stars, but it got people dreaming.  So they jumped in, making exactly those early adopters very rich, with the illusion that they too, would get rich.  But most of the upward room was already taken by then.  The factor of 10 000 or 100 000 that these few early adopters saw, is gone.  There's at most 10 or 100 left, and much more doubtful.  So, at a point, bitcoin's greater-fool incentive will crash.

What's left then ?  Bitcoin as a long-term store of value.  But for that, it still needs an incentive to find buyers believing in that long term value, when there is no hope for "gains" over other investments like real estate, stock and other investments with more of an economic reality behind it than just a belief system, as well in the monetary belief, as in the technological security of the thing.  

What bitcoin has over other stores of value, is that it is a crypto currency, where one can store the benefit made on other crypto market manipulations.   But essentially, this is a money pump from noobs to whales.  Noobs dream of becoming whales, but they mostly get burned.  In the end, after a while, people will get tired of being undone of their valuable assets through cupid getting-rich-fast games with crypto.  So, while bitcoin will still be the reserve currency for whales pumping alt coin value out of noobs, this will come to an end too at a certain point.


This is my idea.  I have no proof for that, apart from the fact that many, if not most things in life, happen that way.  Most systems with complex properties don't work out as they were initially planned, because, as I said, reality is complex, and people's designs are often based on simple (simplistic ?) assumptions.  People thinking too much, don't do.  And people who do, don't think too much.

Gobbledegook.  Asicboost is not an attack.  It is just a smarter organisation of the hash calculations.  In fact, it is so straightforward, that I'm amazed that it took 7 bloody years to discover it, since it is done ALL THE TIME when using, say, AES-256 encryption, and is often part of the design of a symmetric cypher.  That such a triviality took a long time and is considered patentable leaves me speechless.

Here's the simplicity of asicboost explained:

https://bitcointalk.org/index.php?topic=1874983.0

It is not more than the insight that, like all good usage of block cyphers, we do key schedule re-usage.  

This is true.  But it is also true that this is now public knowledge, for anyone a slight bit interested in finding out about it.  When a scam is public knowledge, people getting into it, are not "scammed" any more, simply because the knowledge is public (on top of that, in crypto, scam doesn't really exist, because crypto is trustless, and scam is "breaking of trust", something that cannot happen in a trustless environment).

So essentially, people buying DASH now are not scammed.  They simply hope, like 99% of crypto actors, to get on the train of a good, knowledgeable "scammer", in order to scam future greater fools somewhat more.  As that is the essence of crypto these days, the DASH instamine is indeed, not an issue.  DASH, just like most crypto, is just a vehicle to expose yourself as a fool, and to hunt for greater fools.  In that respect, Evans did a great job, and is hence one of the better masters of crypto.
(true, some small minority actually USES crypto, but that's a dying minority of no further importance...).

==>  There is a fundamental difference between stock and coins.  Stock are IOU of the company you owned.  coins are not an IOU.  

The fundamental problems with the DASH instamine are twofold.  I fully agree that your idea of a locked-in PREMINE to pay the devs, which is publicly known and announced, is a good idea.  It should be in the genesis block.

I'm not calling the instamine a scam.   But it is an *issue*.  It is not a scam because we know it now.  However, in any credible monetary system, nobody is supposed to own more than at most a few percent of the total stash.  When the ownership of stash goes to the 10-20%, that monetary system is entirely in the hands of this stash owner, and hence open to all kinds of cornering, market manipulation etc...  The instamine made that the devs (and their dog) owned essentially >95% of the stash at a certain point.

On top of that, DASH has a partial PoS scheme, allowing the initial RATIO of stash ownership to be partially preserved.  For instance, in a FULL PoS system, if you initially own 20% of the stash, you will (unless you spend them) always own 20% of the stash, even if the amount of emitted coins goes 100-fold.  Given that PoS of DASH is only partial (45% + 10% of the gouvernance tax) this will lead to the initial >95% stash ownership to diminish to about 50% or as of today.

And on top of that, DASH has an anonymity scheme that depends on having very many non-colluding masternode owners, which are also a PoS scheme.  If a single entity possesses 20% or 50% of all "non-colluding" mixers then that is a fundamental security issue.

This is why the sneaky instamine IS an issue, at least on paper.  In reality, as most of crypto is just a greater-fool game, not to be used much in reality, nobody really cares, and it was actually a good idea: at least, someone's going to get rich on the back of a lot of greater fools.

And if you read, Satoshi too.  Satoshi simply wanted bitcoin to be a kind of Paypal if you read him.  The period of libertarians was just a means to get useful idiots at work, for free and enthusiastic propaganda.
And then, Satoshi screwed up, or changed his mind, by putting in a "spam limit" of 1 MB (making spam extremely efficient LOL), frozen in for ever, maybe after that he considered that his mega farm would end up needing fees.

At least, Roger Ver and Satoshi understand that non-mining nodes have absolutely nothing to say.  They can at best download the block chain to verify for themselves and accept whatever chain the miner farms serve them, or stop working.

Point is, they are doing that already with fiat and internet surveillance.  Why give this tool to EVERYBODY ?
Because with bitcoin, everyone can track you, not just the "shadow elite" ; and their deeds will also be more visible.  Why would they want that ?  And hell, what would make all the individual ego trippers that make up the shadow elite, speak with one voice ?

But that can nevertheless mean a very high fee !  Imagine that the fee is 0.001 BTC, but that BTC is $1 000 000,- for the sake of argument.  That would mean that you can't buy a thing that is worth less than $1000 with a bitcoin transaction !  You couldn't buy the then-equivalent of an i-phone with BTC, because it would cost 0.00012 BTC, and you'd have to spend 0.00022 BTC to buy it with a BTC transaction.
The only kind of stuff you'd start to be able to buy with a BTC transaction, is something like a car or so.

It would even hurt most people if they received their salaries in BTC, and had to pay half of the fee (other half for the employer).  Would you like $500 less on your salary just for the payment ?

So because 4 people have the same opinion different from yours, they are one and the same person

You illustrate the clumsiness of the coding (I never looked at the code itself in much detail) ; I was pointing out the clumsiness in the cryptography and in certain other technical mathematical aspects.  I used this as an argument to point out that who-ever made that design, was not a *mathematical genius*.

Now, I see your point, in that the evil creator of bitcoin didn't CARE about that, because that was not what was important, even though he advertised it in a misleading way, to be important.   My point was simply that a mathematical genius wouldn't even make some of those "mistakes" by neglect, like I would guess that an experienced C++ programmer wouldn't make certain clumsy constructions I think you are referring to, even by neglect.   If you are proficient in a domain, you don't screw it up, even if you're being casual.  If you know that you can never have 2^100 transactions on the block chain, you don't refer to them with a 256 bit hash.  Not even "by neglect".

So my idea was that this kind of crypto, and that kind of math, was actually DIFFICULT for the creator of bitcoin.

As to bitcoin being essentially optimized ON PURPOSE for being speculative by PoW, I don't think so.  I think it was simply because it was the idea of hashcash https://en.wikipedia.org/wiki/Hashcash .

Again, I don't put on the back of a conspiring evil genius what can be explained by "ignorance".  Everything is relative.  Also, the speculative aspect of collectibles is well-known, it is one of the problems with non-inflationary payment systems, and why famous works of art are such speculative items.

Of course, I cannot exclude that Satoshi was an evil sloppy genius.  I tend to think that he was not a math genius, was not an experienced cryptographer, and if I read your (and many other) observations, he was not a high-level C++ programmer either ; I have a hard time thinking that this was "on purpose sloppy" or even worse, that this was in fact pure genius of which we, with our limited brains, could not even fathom the scope of it.

I'm simply using Occam's razor.  

So, bitcoin is what it is.  It has now a life of its own.  And, as most of the things that happen in life, the reason for this is just a coincidence of many aspects, and has not entirely been planned that way.  Nothing ever is.  Reality is much more complex than all men's plans.

You misunderstood me there.  It is not because it is a free market, it is because crypto takes as an assumption, trustlessness.   Now, scam is a violation of trust.  In a trustless environment, there cannot be scam.  But that was more to illustrate the inappropriateness of crypto, than to say that scam is great.  Scam is NORMAL in a system where the basic starting point is trustlessness.  Whether that's a good starting point, is simply the (rethorical) question.


This is not what I'm saying either.  I'm simply saying that there is no "diabolical plan", just clumsy design.  This is not the first time, and it will not be the last time, that people with overblown egos think they've solved a world problem with a "solution" that doesn't live up to the plan, and then goes awry.  There's no need for conspiracy if stupidity can explain the thing.  Of course, *after the fact*, when the ugliness of the solution, despite its earlier hype, is becoming obvious, one can always explain this as an evil plan by an evil genius that foresaw this, and designed it that way.  But most of the time, if not always, one simply has to do with mistakes and errors.  Yes, you can think that
Jean Nicot introduced smoking of tobacco in France and then in England, with an evil plan to bring big business and cancer to people, and enslave them.  Most probably that was NOT his plan.


If your "refutations" consist in repeating that you refuted me, to lead back to a non-rational handwaving argument in which you vent your opinions that you take as evidence against my technical arguments, then there's no need.  I refuse to consider anything else but a rationally and clearly explained argument (and no, your long post in which you just put together your handwaving opinions which I shattered to pieces, does not count as "rational argument").


Until you can bring in a rational argument, I consider them not refuted.  Saying that "I'm wrong" and that you already told me that I was wrong, and vague opinions, are not accepted as rational arguments.  I can't learn much from them so I don't consider them.


No, they aren't.  There is no vote to be taken, because there are algorithmic specifications of the "right" answer.  The vote only consists in wanting to cheat the system or not.  NOT in having to make an open choice.  If all nodes are "honest", that is, if they all follow the algorithmic specification of how to act, then a unique consensus does arise and no choice is to be made, if we can place upper bounds on propagation delays in the network (or if we have to work with unbounded potential delays, but with infinitesimal probability, a high probability of consensus arises).

The only "vote" is to try to game the system, and NOT act according to the algorithmic specifications, in other words, to be a dishonest node.  Being a dishonest node is perfectly normal if there are rewards to be won, because then the algorithmic specifications are not necessarily those that bring in most rewards: we now have a "double contradictory incentive": maximize profits, or follow the rules.

If there are no rewards, there's no primary incentive to be dishonest apart from the gain from dishonesty itself and the will to break the system.  If there are rewards, then strategies that not necessarily want to break the system, but could end up doing so, in order to maximize rewards, will potentially develop and then you have a "vote".

But if you blindly follow an algorithmic determination, there is no "vote".  There's simply the outcome of an algorithm.  And there's no reward incentive to deviate from that algorithm, unless trying to game the whole system and hence break it.

In other words, there's a distinction between:
- trying to develop strategies that maximize rewards without trying to explicitly break the system (like selfish mining for instance)
- trying to game the system by breaking it (everyone will SEE it even though one cannot avoid it, like double spending, rewinding a transaction, etc...).

If there are no rewards, the only reason to not follow the specified consensus algorithm, it by trying to break the system.  There's nothing wrong with that.  If it works out, the system is simply broken and will not do any harm any more (I don't consider losing your holdings in a crypto as "harm" - this was the game you played and you lost) OR people will accept this kind of inconsistency and system breaking, and continue to use it, in which case, this kind of breaking becomes a standard accepted procedure in the system (for instance, there are maybe tricks to systematically double spend).

Depends.  If you don't like your wife, you'd go for option B, no ?

I dunno.

I only remember this:


Probably your "refutations of my technical arguments" are of the same kind    "how many times have I written that I refuted your technical arguments"
Remember, I'm only here to learn stuff.  For myself.  That's all that matters.

Well, Satoshi said the same in 2008:

http://satoshi.nakamotoinstitute.org/emails/cryptography/2/

Someone's getting it 

As a "daily means of payment", bitcoin is a clunky solution looking for a problem that almost doesn't exist.  In most countries where people have sufficient computer means, network means, education, .... to even be able to use bitcoin, there are modern fiat means of payment in place with which bitcoin cannot compete in terms of ease of use, legal protection, rapidity, generality, reliability, security, and yes, cost.
The "cost of a daily transaction" is in most of these places, negligible as compared to the taxes one has to pay on the transaction (value added tax, income tax, ...), you can pay with your credit card in a store, it takes 10 seconds, and what's more important: if there's a dispute, you have legal recourse.  If there's a computer mistake, you're not accountable.  If you've been stolen, you will get refunded.

All these are things that bitcoin payments cannot provide, if even technically bitcoin were capable to handle this kind of payment, which it isn't:
- at the moment, bitcoin can handle only about 4 transactions per second world wide
- you have to use the software correctly
- if you send you bitcoins by mistake, there's no recourse
- if you want to be sure that your transaction is taken into account, you have to wait a multiple of 10 minutes
- you need network connectivity (not only the store needs it, you need it too)
- you need to secure your wallet, as you are entirely responsible for any form of theft.

On top of that, bitcoin's price is volatile with respect to the price of things you want to buy.

All this makes that bitcoin is not solving any issue for most people, who already have a better solution to that.

Bitcoin is useful, however, for all those things where you cannot do the thing with fiat, or where it is difficult, risky or expensive to do with fiat.  In other words, in unregulated or illegal environments, bitcoin is an interesting means of payment.  Bitcoin used to be used also if privacy was a concern, but people are slowly finding out that bitcoin is a worse night mare on that side than fiat.  Fiat, as long as it is used legally, is pretty private.  It is not anonymous against law enforcement, but it is perfectly private against your employer, your neighbour, Google, or a Chinese hacker.  Bitcoin isn't.

So no, as compared to fiat, bitcoin is a clunky solution to an essentially non-existent problem for far most people.  It does have a niche application for all those payments where fiat cannot go, and where all difficulties in using bitcoin over fiat are acceptable.

But the main application of bitcoin is "greater fool game".  Most people holding bitcoin are in the belief (correctly until at a certain point) that they will be able to sell their coins for more fiat than the amount of fiat they bought them for ; that is, in finding a greater fool than themselves when acquiring their coins.

There has been a lot of discussion about the "cheating" due to a "secret algorithm" that is ASIC BOOST.  I'm going to try to explain in rather simple but technical terms why "asic boost" is an almost trivial optimisation of hashcash proof of work.

First, we have to understand very well the structure of the SHA-256 hashing function, because it contains the key to understanding asic boost.  The sha-256 hashing protocol consists of two aspects:
- the overall protocol definition of how exactly a data set is cut up in pieces, and treated by a "compression function"
- the compression function itself, which is the heart of the system.  It is the subtle interplay between these two aspects, which renders the asic boost optimisation almost trivial.

The compression function of the SHA-2 family is defined in a long tradition of structures of block cyphers invented by the NSA since DES: Feistel networks.  In other words, the compression function of the SHA-2 family is not really invented to be a hash function, but is in fact a good symmetric block encryption algorithm, according to a typical structure used a lot by the NSA since 40 years.  For a hash function, there was no need to take this structure, but it can be used, although it is "overkill".  So, in order to understand this, we have to go still a step back, and understand block cyphers.

Block cyphers are algorithms that take a "block of clear data" and "a secret key", and produce a "cypher text block" of the same size as the data block.  DES, AES-256, blowfish, .... are all examples of block cyphers.   Now, the trick of these algorithms is to use the secret key to scramble the data, in such a way that we can unscramble the data again with that same key, but such that revealing the key is essentially impossible.  As such, these algorithms take two inputs: the secret key, and the clear data, and produce the cypher data.

This is done by processing the clear data in several "rounds of scrambling" in a pipeline ; and each round is fed with a "piece of key".  However, in order not to reveal the secret key, the original secret key goes through a "self-scrambling" procedure out of which come "round keys", one for each of the rounds in the data scrambling procedure.

Note that the "round keys" ONLY depend upon the secret key, but that the data scrambling will depend both on the data to be cyphered, and on the round keys, so on the secret key.  Usually, deriving the key rounds is "heavy" because you're supposed to do this only once, while you have to crunch a lot of different data with the same key (and hence the same round keys).

==> this will be the key insight of ASIC BOOST: the round keys only depend on the key, not on the data, while the data output depends on both.

cypher text (256 bits)  = f(key (512 bits), clear text (256 bits) )

Now, when using a block cypher type of algorithm in a hash function, the roles of "data" and "key" are inverted.  Indeed, in a cypher function,  clear data and the cypher data are of same length, and the key can be longer or shorter (usually longer: in AES-256, the key length is 256 bits, and the data blocks are 128 bits for instance).  When using this as a hash primitive compression function, one takes what used to be the "data" as the hash input and output, and what used to be the secret key is now the to be hashed data.

Now, this is funny: it means that the output hash with SAME DATA (same "secret key") and DIFFERENT INPUT HASHES can be calculated more efficiently (we only have to re-do the hash rounds, but we can keep the "key schedule" which is dependent on the data), than if we have the same hash input and different data.  

==> this is the "trivial" insight of asic boost.

Let us now look at how the overall protocol works in SHA-256.

1) we cut the data in blocks of 512 bits (64 bytes).

2) we pad the last block to make it full 64 bytes, including a word that tells us how many bytes we included in total.

Call these blocks D1, D2, .... Dn

Note that for a bitcoin block header, which is 80 bytes, this corresponds to two blocks: D1, and D2, where D2 is padded in always the same way (containing a tail that tells us that we used 80 bytes).  

3) make a construction so that:

H_i = f(key = D_i , "data" = H_i-1 )

with H_0 a fixed set of 256 bits: "5be0cd19 1f83d9ab 9b05688c 510e527f a54ff53a 3c6ef372 bb67ae85 6a09e667" called IV.

this initial hash value is part of the SHA-256 protocol.

The last H_i value is the final hash of the whole data set.

Now, in our case, we have only two steps:

H1 = f(D1 , IV)

H2 = f(D2, H1)

The "standard" way to calculate the hash, is to run over the nonce in D2.  But this means that each time, we have to REDO the key schedule of D2, and the fact that H1 is the same doesn't help us, because its treatment depends on the key schedule of D2.  The opposite, however, does, and that's the idea of asic boost.

The ASIC boost insight is that if we loop over D1, and we can keep D2 constant, the key schedule from D2 can be RE-USED with changing H1, just like in a block cypher application, the key schedule is re-used when one uses the block cypher over many blocks of a data file to be encrypted: the SAME key schedule is then introduced in the rounds that successively applied to H1, result in H2.

That's all there is to it: keeping the key schedule in the second invocation of the compression function, by keeping D2 constant.  There's no point in keeping D1 constant, because the constant H1 doesn't help us when D2 changes: the round keys are different and hence the whole computation of H1 into H2 has to be redone.

In fact, what ASIC boost simply does, is something akin to:

If you have to encrypt different data with the same key (here, the same D2), you can re-use the key schedule.  If you have to encrypt the same data with different secret keys (the standard way of doing things), then you cannot re-use anything.

In bitcoin's hashcash, this last H2 output still has to be re-hashed again once more, but this is an independent invocation of SHA-256, which in any case has to be done.

We get: D3 as H2 sufficiently padded to turn the 32 bytes of H2 into a 64 byte block, and then: H3 = f(D3,IV).

I'm surprised about 2 things:

1) that this rather obvious scheme wasn't thought off before
2) that the "re-use of the key schedule" as is normally always done in the application of block cyphers, is patentable.

The relationship between Nash and bitcoin is not so strange: Nash was a mathematician who got a Nobel prize for economics, was interested in constructing an "ideal money", has essentially founded the field of mathematical game theory, was seriously interested in cryptography, and was considered paranoid for the down-to-earth and obvious observation that the government is the enemy of the people.  What well-known scholar could be closer do several aspects of bitcoin than Nash ?

So it is a very sensible hypothesis that Nash had something to do with bitcoin.  

Where @iamnotback and I differ fundamentally in opinion is:

- to me, bitcoin's design is "too little, too late" in a sense, and I tried to indicate many technical details where bitcoin's design is somewhat silly.  As such, I do consider that who-ever was Satoshi, was a smart guy that knew about the previous attempts of electronic money, and did an invention that merits our attention, the block chain with proof-of-work consensus resolution.  But bitcoin's design didn't live up to the desires set out by its inventor.  It simply didn't work the way he intended it to work, and technically/mathematically/cryptographically Satoshi didn't always understand exactly what he was doing, and was clumsy.  It turns out that bitcoin's clunky design results in quite horrible game-theoretical aspects, leading in the best case to an imploding speculative bubble, but in the worst case, in a financial dictatorship by a few maffioso who will own most of the world, it will be an ecological disaster and will be the end of any form of financial freedom and independence.  In other words, a kind of Frankenstein monster of finance.  Personally, I don't give bitcoin much chance to go beyond a certain niche of sleazy business.

- @iamnotback is absolutely convinced that Satoshi is Nash, an ultimate evil genius at the service of an Evil Elite, and sees all the bad design of bitcoin as on purpose, and is absolutely convinced that bitcoin will be this (planned) Frankenstein monster by the "elite", the Rothschilds or by some other dark force, and every disfunctional aspect is seen by @iamnotback as a sign of the subtly evil design meant to be that way.

Nevertheless, I think that both of us agree fundamentally that bitcoin is not what most bitcoin maximalists think it is.  I think it is because of its clunky design and the limited capacity of Satoshi, @iamnotback thinks that all of this was planned in advance by a mightily brilliant genius that fucked all those believers hard in the ass.  

But in the end, the intention doesn't even matter: bitcoin is NOT what it was said it would be by Satoshi, so much must be clear now.

In other words, the main difference in opinion between @iamnotback and me is that I think that bitcoin was simply badly designed, and that all the bad things we see are simply due to "stupidity" (everything is relative).  @iamnotback thinks that instead of stupidity, it is evil genius.

This is also why @iamnotback thinks that bitcoin will become world-dominant (an evil genius will do something that will work out his evil plan) ; and why I am not convinced that bitcoin is up to a big future (because a stupidly design will not go very far).

I think that @iamnotback suffers from cognitive dissonance, because he is working on "killing bitcoin" and of course, the more bitcoin was the successful work of a brilliant evil genius, the more he is Batman beating the evil genius.  @iamnotback thinks that I'm suffering from cognitive dissonance, because I would be too frightened in my currently comfortable position to see the full evil impact of bitcoin on the world.

I think my position is superior over his on this last point, exactly because he's working on his bitcoin killer: if he's right, he will kill bitcoin and I don't have to be afraid, and if he's wrong, I don't have to be frightened, because I'm right, so in the end, there's no reason for me to be scared, and hence to be suffering from cognitive dissonance after all


Bitcoin is not doomed, bitcoin is simply not what you think it is.  It is NOT a payment instrument that brings freedom to people ; it is a niche application only for very rich people (at best - my view) or is going to be the ultimate enslavement of people by finance (@iamnotback view).  And it will not change.  You are stuck for ever with 1 MB blocks.


Well, all empirical evidence indicates that it can't change, because it is designed that way.  Where @iamnotback and I differ in opinion, is whether this was on purpose.  I consider this as yet another mistake by Satoshi in the creation of his Frankenstein monster, he considers this as perfectly designed that way on purpose.

Yes, he indicated that in an initial phase, there would be a P2P network with (useful idiots running) full nodes, but when the network would grow bigger, the block chain would grow with 100 GB a day, only sustainable by a few big data centers, the miners.  He even considered that these big miners wouldn't even distribute the block chain any more, keeping their privilege to themselves.


You are right.  Satoshi's vision was an oligarchy of a few miners, that run the only few full nodes in the world, and everybody connecting DIRECTLY to them with their light wallets.

In perfect contradiction with:

1) his introduction of 1 MB blocks (meaning, he wasn't serious, changed his mind, or didn't understand the implications of what he did)

2) all the bullshit about decentralisation and the importance of a large P2P network of full nodes that don't mine, as propagated by the Core people.

That's because of Satoshi's evil genius, that rendered me/us totally schizophrenic.  Just like Nash, BTW 

This is not about voting.  PoS is not about voting, it is about acknowledging your set of received transactions, according to an agreed-upon (protocol) deterministic rule.  The problem with PoS, namely "nothing at stake" only comes because of the reward.  If there is no reward in PoS, there's no incentive to stake on multiple chains: you don't care.  You stick to a rule, an arbitrary but deterministic rule, to stake on one chain, and not on another, because by not staking on the other chain, you don't lose a reward.  As such, there is a normal solution to the "nothing at stake" problem: you apply the rules, because if you're not part of the cheaters that gain something by re-organizing the chain, you can only WIN by wanting the system to come to a consensus, no matter which one ; there's total indifference to what consensus and to whether you stake or not, if there's no reward.  Your only stake is that there's a consensus that is reached, or the system in which you are a stake holder, crashes down.

In PoS, it is not difficult to define a rule that you only stake on one of the possible chains (deterministic rule).  If you follow that rule, no "nothing at stake" problem occurs ; the only thing is that there's no incentive for you to follow that rule if there's a block reward !  This is why Casper tries to punish those that do not follow the rule ; but then this can be gamed too and you get a hopelessly complicated game-theoretical bungle.  If there's nothing at stake (in both senses) with staking, your only stake is that the system works well.  If the random deterministic choice of who can stake, is random enough, then it is also essentially impossible to BRIBE you into staking, because in order to find out WHOM to bribe, you'd need to spend a lot of "proof of work" and chances are you'll find one necessary staker who doesn't accept the bribe.

Of course, with sufficiently corrupt players, you can game the system ; and that's OK.  The system shouldn't be too secure, and the real risk that the system will one day break down, protects it from too much hot air speculation.  Only its real usage as a currency would determine most of the market cap, as it should, and no-one would dream to use it for a very long term hodling idiocy.

I think that this is where you go off the deep end.  Asic boost is nothing particular, and doesn't mean much, it is just a slightly smarter scheme to calculate hashes.   The whole thing about asic boost is that one of the Core devs patented it ; this could not have been foreseen by Satoshi that in 2016, a core guy would take a patent on it, and not someone else would find it and make it public domain, or that an asic producer would have patented it.  

There's nothing particular about asic boost, and has nothing to do with "double hashing".  It has to do with the typical structure of block-cypher-like hash functions that have a "data" and a "hash" input like a block cypher has a "key schedule" and a "data" part, and the Merkle-Damgard extension attack.  The "double hash" (which IS part of the PoW scheme) doesn't alter this.  The "asic-boost" scheme is applicable to any such Merkle-Damgard scheme with a block-cypher-like structure, where one can save one "key schedule" in the loop if one needs to do PoW.


This is not right.  First of all, bitcoin uses double hashing in PoW.  In fact, Satoshi used double hashing everywhere, not really knowing, visibly, what it was meant for (to avoid an extension attack of the Merkle Damgard construction of the *final hash*).  He used it where it didn't have any meaning also.  Second, asicboost has nothing to do with double hashing.  In fact, its efficiency is seriously reduced by the double hashing: if it were single hashing, its improvement wouldn't have been 20% but near 50%.

==>  I propose that you now say that Satoshi was a genius BECAUSE he applied double hashing in PoW, so that Asicboost couldn't suddenly rise the hashing capacity to 50% and cause a 51% attack.

So:
a) Satoshi doesn't introduce double hashing in PoW: he's a genius (turns out not to be the case)
b) Satoshi does introduce double hashing in PoW: he's a genius (this is how bitcoin does it)

Mmm.  Satoshi is a genius, even if he writes 1 + 1 = 3, I suppose.


Mmm.  It is about time you wake up of your delusion here.  You're an extremely smart guy.  But I've seen other smart people go off the deep end because they locked themselves up in such kind of delusion.  In fact, Nash himself is such an example.  Goedel also.  Take a step back and think twice, whether what you are claiming has any rational sense and isn't a self-referential argument, and you may see why this is not an on-purpose design:

- asic boost's "poison pill" only comes about because it happened to be a Core guy that put a patent on it (if ever it is upheld in court).  If it would have been someone else, or if it were open domain, the "poison pill" wouldn't have its effect.  The double hash structure limits the ASIC boost efficiency boost !  And this was "discovered" in 2016, 7 years after Satoshi designed his thing.  No way he could have foreseen at what point, by whom, it would have been discovered, and whether or not a patent would have been put onto it.  


Mmm.  Satoshi knew in 2009 that a core guy was going to invent a thing that interested Chinese manufacturers in 2016.


I haven't seen any rational argument.  I have seen a lot of handwaving, a lot of empty arguments filled with rethoric but not much tangible arguments, and then, claims that previously such "rebuttals" were definitive on the question, where they didn't settle anything.

Like the argument that Shor's algorithm is already a known way to kill ECC, and then, when it turns out that this goes against your defence of Satoshi-genius, namely that the problem was not that Satoshi was brilliant enough to "protect" ECC while it was going to get attacked by quantum computers, rather that a quantum-computer broken ECC was of no use to be protected by a hash function, it would kill the possibility of using a transaction, suddenly you argued that quantum computers would only be useful to attack "long term" but not "short term", as if that made any sense: a totally broken crypto (as per Shor's algorithm) is totally broken, as well in the short term as in the long term.

After pointing out the futility of this rebuttal, you maintain nevertheless that you "refuted this" and that I refused to comprehend your argument.

You're a very smart guy, but you're totally locked up in your need that Satoshi was an evil genius, because you need to be the super hero / James Bond that needs to save the world from the Spectrum of Satoshi.  As such, you fall into the trap of many people suffering from such type of delusion, namely taking everything, and its opposite, as a proof of their necessary hypothesis, and lose all sense of critical thinking.  This is also what happens to people locked up in religious or other sectarian ideologies. This is a pity it happens to you.  Your critical thinking is totally blurred by your need of having a sufficiently evil and genial adversary.