The "amount of miners" are simply the number of decentralized participants in the consensus decision.  Today, that number is something like 3 or 4.  There are 3 or 4 deciders on the consensus decision: the 3 or 4 mining pools that have majority hash power under their decision.  About 10 deciders, even though they cannot go against the tacit agreement of the 3 or 4 majority deciders, make up the essence of bitcoin's consensus deciding power.

To illustrate what this means: suppose that you are the owner of coins in an address that the 3 or 4 mining deciders are angry about.  If these 3 or 4 deciders really don't want you to transact, they can refuse your transaction (no matter what fee you pay).  If these 3 or 4 deciders also decide that they won't mine on top of another block that contains your transaction, mined by a smaller pool, then they will orphan these blocks.  By the time that the other significant mining pools, not understanding why their earlier block is orphaned, get the message, they will also avoid putting your transaction in their block (even if they don't have anything against you), in order for them not to waste their blocks: they can't win against the majority hash rate that will always orphan their blocks faster than they can construct on it.

The actual miners selling their hash rate will never know.  The block chain that is built is perfectly OK.  Your transaction remains in the pool.  No miner decides to include it, because 3 or 4 entities decided that your coins were excluded from the system.  Their consensus decision is in agreement with bitcoin's protocol.  No "full node in Joe's basement" will alert Joe that something is fishy.

The power of consensus is in the hands of 3 or 4 entities.

Let us see what this means.  Suppose 3 or 4 entities collude and are pissed against a single exchange.  They know that exchange's hot and cold wallets.  They decide that no transaction from one of these wallets is going to make it in the block chain.  If they are serious about it, they will never include one of these transactions, and will orphan every block that does.   People will realize that they cannot withdraw from that exchange.  They will think there's something quite fishy with that exchange.  The transactions will never be confirmed.  They will see the transactions in the mem pool, and never in the chain. 

The move to PoS will of course not be done by miners, by definition.  It will also obviously be a hard fork.  There's no way to implement PoS by a soft fork.  So the obvious way for PoS bitcoin to emerge, is to do a hard fork.  Those wanting to remain on the PoW coin will do so (and the miners will of course be part of it), and sell their PoS coin version.  Those wanting to do PoS will sell their PoW version.

The only question that remains is simply: which prong of the fork will be entitled to the brand name "bitcoin".  This will be an exchange's decision.  If exchanges decide to call the newly implemented features "bitcoin", then bitcoin will "have switched to PoS" and the original one will now be labeled an "alt coin" (bitcoinhash or something).  If exchanges decide to keep the original bitcoin line called bitcoin, then the PoS version will be an "alt coin (bitcoinstake or something).  Most probably, the monopoly to the name "bitcoin" will be decided by the few people that have pushing rights on the bitcoin core centralized Github archive.  That's how the original bitcoin now became an alt coin, called, bitcoin cash, and the new version with other segwit technology, remained bitcoin.

As the market is quite technology-ignorant, and very brand-name sensitive, this will be an oligarchic decision between 10 or 20 deciding entities.

Because this is "decentralized" according to you ?

https://blockchain.info/pools

3 pools have majority.

5 pools have more than 75% hash rate.

10 pools have essentially all hash rate.

Duh. Decentralized, my a**.

I know that these are just the "pools".  But the "pool owner" is the one that decides what is done with the hash rate he buys from miners.  He's the one that decides on what block to mine, and what block to make.  Most miners don't even know what block their pool is mining on, or is constructing: they simply sell hash power to the pool.  Hell, most miners simply buy mining equipment and connect it, without knowing zilch of what's going on in their devices.

By the time miners realise what the pool is doing with their hash power, the attack may already be over.

This is why all these discussions about "absolute consensus security" are moot.  In reality, people forget that
1)there is a market
2) there are news feeds
3) that you can't do that unnoticed (some people will have "old copies of the block chain")

What these consensus algorithms do, is to prevent some moderate-sized hacker group to overthrow the system.  But if a major player really, really wants to (think, government(s), very rich entities, ....) none of this stands, unless we scale up to ridiculous sizes.  The only way to be absolutely sure that there cannot be a PoW attack, is to have a PoW that indicates that we use, say, 80% of earth's power production.  With the remaining 20%, to run the whole economy that remains (you know, making food, building houses, ....) there's no room to do an attack.  This is what PoW would converge us to (and destroy entirely human economy) if it would be all-encompassing.  If tomorrow, we all use bitcoin for all of our monetary affairs, that's the state we'll converge to, in an unavoidable way.
And anything less is fundamentally attackable.

There's one thing people forget: after such an attack, which will be noticed, the coin is dead.  There's no point doing an attack with the hope of being rich on the chain, because the market will kill it.  And THAT's what makes that all these imperfect algorithms actually work in practice.

PoW has been shown, in bitcoin, to centralize, and we know the economic reason for that: "economies of scale". 

The problems, as seen in bitcoin, with PoW, are the following:

- hugely wasteful if the market cap grows.  The amount of wasted hardware and power is gigantic, and is an economic necessity in PoW schemes.  I don't know how accurate it is, but it is said that bitcoin is using about the electricity of Denmark.  That's crazy.  Scale this up a factor of 100 (full adoption of PoW coins all over the world) and most of our power production on earth would simply serve to make a piece of data.  Crazy.

- the industrial proportions that mining takes, splits the eco-system in an industry of block chain providers on one hand, and a set of customers (users wanting to do transactions) on the other side.  As a coin owner, you are at the mercy of the miner industrial complex for them to make a block chain and put your transaction in

- obvious centralization, due to economies of scale.  Bitcoin's consensus mechanism is entirely centralized on a few pools.

- cryptographically not very secure.  Indeed, the cryptographic security resides solely in the need for an external attacker to do a *similar* amount of work than was needed to generate the security in the first place.  This is unseen: good cryptography normally requires an attacker to spend *immensely more* work to break a cryptographic seal than was needed to make it.  This is also why proof of work will end up needing the majority of electricity consumption on earth: to avoid that another majority can exist and overdo it.  But at the same time, industries on such a scale are always under a central control, and cannot go "underground".  You can calculate digital signatures in your basement, but if you need 60% of a country's energy for mining, that will obviously have governmental implications.


But that is what a crypto currency should be: entirely determined by its owners.  It is very strange to have a crypto currency that is depending on an external industry, and of which the users are not making up the consensus.  A PoW coin is very much exposed to an external attack, while a PoS coin is cryptographically secure against an external attack.  It can of course suffer *internal* attacks. 

However, we forget one thing if we discuss all these schemes of attack: that is: the market. It is assumed that "stake holders" are a priori motivated to keep the value of a coin more than external agents.  It is true that this is more complicated if in the financial markets, you can short against the coin, but that's even more true for external attacks.  If you have high stakes in a coin because you own it, it would be somewhat stupid to use that stake to destroy it in the market (any successful long range attack will of course entirely destroy it in the market).


That's just as well the case for a PoW coin.  PoW doesn't work as designed.  In bitcoin, it is now entirely centralized, it is hugely wasteful, and honestly, it could easily be attacked by a collusion of 5 or 6 mining pools.  The day that the mining pool owners massively short bitcoin, they might be inclined to do some stupid things, simply to kill it.  Maybe they even get some money from the Chinese government for doing so on top of their shorting.

There are no absolute and decentralized secure mechanisms of consensus building.  This is even a theorem.  But some do kind of work, because we are not in a totally decentralized world, there are market interests and all that.  Bitcoin most probably would even continue to work correctly, even if mining were in the hands of 2 or 3 people (in fact, we're not very far from that case).  Simply because they have stakes in it, it is their business.  With proof of stake too.  Because in the end, the "long range attack" would oblige all on-line nodes to accept reorganising the chain over a long line.  Most simply won't.  You can easily "lock in" the blocks of yesterday and decide not to accept a reorganisation that goes back to yesterday if you are online.  Contrary to PoW, where the full non-mining nodes have nothing to say, with PoS, that is not the case, as all users are staking ("mining").

The PoS algorithm simply needs to take into account certain cases.  And yes, it won't be entirely secure, as no consensus algorithm is entirely secure.

It is not hashcash mining.  It are many other mining hashes that are not implemented on asics.  There, GPU is king.

Actually, NVIDIA is not against crypto mining.  They have different markets, and sell similar products at different prices in those markets.  Essentially, they sell to gamers, to computer scientists (deep learning) and data centers.  Their problem is that the gamer products are in fact quality/price much better (Geforce) than their high-end Tesla products.  For less than $1000, you have a high-end Geforce, while you have to pay an order of magnitude more for a a Tesla component for professional use.  At a certain point, they had forbidden their Geforce to be bought by data centers, but they had made an exception for amateur cryptocurrencies.  Now, they have also to exclude this category.  They'd like you to buy Teslas.

Nope.  Read his e-mail of November 2008:

http://satoshi.nakamotoinstitute.org/emails/cryptography/2/

He understood perfectly how it would go.

The only thing he missed, was the collaboration of mining into pools.  He didn't realize that people could pool together, and sell part of their hashing effort into a fraction of a block reward, so in his opinion, there would have been more individual miner nodes.

That said, mining itself is automatically limited to a finite number of sensible participants.  It wouldn't make sense to be 1 million independent mining nodes (the only nodes Satoshi considered, were mining nodes: he never considered non-mining full nodes as meaningful - and he was right).   The reason that it doesn't make much sense to have 1 million mining nodes, is the fact that there are only 52 600 blocks mined per year.  

Even if there were 1 million mining nodes with all having exactly the same hash rate, that would mean that *on average* a mining node would win ONE SINGLE BLOCK every 20 years.  But given statistical fluctuations, you might as well mine for 50 years and never have a block.  Or you might mine for 3 years and be lucky and find a block.

Given that all capital has a power law distribution, and never a uniform distribution, even if you would only have 5000 mining nodes, where, with a uniform distribution, each node would, on average, mine 10 blocks per year, the power law distribution would give most blocks to the 1000 upper class miners, and almost never a block to each of the 4000 others.  

So it would, in any case, in Satoshi's mind, not have been meaningful, statistically, to have many thousands of nodes.

The strategy of pooling together has of course strongly amplified this effect, and he wasn't aware of that.  In a certain way, mining pools add a small sniff of decentralization to the, in any case, obvious centralization that the economies of scale would induce in the competition for mining.  If mining pools weren't possible, we would quite possibly simply have 5 or 10 mining nodes, period.  Who can, effectively, still compete in *solo mining* as Satoshi saw it ?  The industrial proportions of mining make solo mining only available to a big company.  You'd have Intel vs Motorola vs Nvidia vs AMD or something.  Now, with mining pools, even with a modest mining investment, you can still contribute.  However, the "voting power" of a mining-subcontractor is very small: he can just go to another mining pool.  But it is better than nothing.

You're perfectly right.  The "code" situation is far, far more centralized than the "mining" situation, and, as with the "mining" situation, that is NOT the fault of the central power in code.  The few people that have pushing rights on the Core repository are the oligarchy of bitcoin's code power structure, even though nothing stops others from forking the code, or from developing independent code that implements the protocol too.  You can say that bitcoin's code WAS forked a lot, within bitcoin's community, and in order to make alt chains.  In a certain way, this is probably where we have to look for real decentralisation: alt coins.  
Anyways, whatever the causes, the code situation is highly centralized, and that's what the community, or the game theory if you want, has brought us.  It is not the fault of the Core people, but it is the actual situation.  


I didn't miss this, but I think it is somewhat delusional.  Right at this moment, there ARE 10 "data centres" that are making the block chain: the 10 most important mining pools.  Now, if I talk about data centre, they can be geographically distributed: they can have many "nodes" all over the world, but they are under the single control of a single mining pool.  So, "hitting them with a strategic thermonuclear weapon" is going to be difficult.  However, bitcoin has now literally industrial proportions.  I don't know how accurate the estimations are, but bitcoin is said to consume about as much electricity as Denmark.  If there was a concerted effort to pull the plug, literally, of bitcoin's mining industry by all governments, in any case you wouldn't be able to do anything with your full copy of the blockchain.  You can easily spot bitcoin mining activity: look at a correlation of electricity consumption and infrared heat pictures !  You can't hide Denmark's electricity consumption !  

I would think that if "war with world governments" rises to the point that the *DATA* is not safe on a few 10 of data centers, then, first, the liberties of people in this world are very, very much eroded to the point of not even be allowed to have data on a data center ; second, how do you think the market would react if governments start bombing bitcoin infrastructure ?  Who is going to "store his wealth" in a thing governments bomb ?  Before governments bomb blockchains, they will have shut down all forms of *commercial activity* of course, and the market will crash to 2010 levels.  And before they bomb blockchains, they will of course first bomb the code repository with a cease-and-desist order to github, imprison all the core code writers, and will pull the plug of all mining equipment.  

So, again, even in this somewhat delusionary scenario of an all-out war against bitcoin on this planet by a concerted effort of governments, there are easier points of failure to attack before one will bomb the blockchain file repositories.  If putting the blockchain at disposal becomes illegal and opened to being bombed everywhere in the world, we have a bigger problem than bitcoin, and in any case, bitcoin's commercial value would be dead. "store of value" in something all governments bomb is not going to be very attractive.

Moreover, bitcoin is now 1/3 of crypto.  Governments could bomb blockchain centres, but then they would only promote another crypto.

This is why I think that the true decentralisation comes from the alt coin crypto market, which is in fact, breaking just as well the code monopoly, as the mining monopoly, as the block chain monopoly, but not as we expected.  "life finds its way".

So, again, if, for a defence against the IMO illusionary case of a massive world-wide government crackdown on *blockchain repositories*, we cripple the technical capacities of the system, that's madness.

The point is that you cannot lie.  You cannot present a FAKE block chain.  The only thing needed for that, is checking the chain of block headers.  There's no way you can invent a fake chain of block headers.  Of course, every participant (as Satoshi said) should download the full chain of block headers.  That chain is, well, a chain, and it contains the proof of work. It is very small.  You can also find the most up-to-date block header the mining pools are working on, so you can verify that this is the genuine chain they are working on.

That is not a lot of data, and independent of the block size.  

Once you have the header chain, and hence, the proof of work, you can verify the authenticity of every single transaction if one gives you:

1) the transaction
2) in what block it is
3) the path of the Merkle tree in that block to that transaction

That is what a light wallet does.  If you want to know whether someone paid you (which is the ONLY thing you want to know: do you possess a coin ? and did your transaction to someone else is part of the chain ?), you only need the proof that the transaction to your address is incorporated in the chain.  You don't care about all the rest.  You want the cryptographic proof that the few transactions that you are concerned with, are in the sole chain out there.  That's all.


That's another matter.  If you want to *find out* whether the mining pools are following the rules, you need indeed, to check everything.  But the only thing you can do is to find that out.  You can't do anything about it: they came to consensus, they decided what the block chain is.

I'm repeating what I wrote in an earlier post: https://bitcointalk.org/index.php?topic=2786690.msg28591086#msg28591086
somewhat higher up in this thread.

TL;DR: the miner pools are kept in check, not because thousands of Joe's verify independently in their basement their "signature", but rather by the market, and by one another.  The miners invested a lot in their mining equipment, and are rewarded in coins, from which they have to get economic value in the market to pay their bills with.   They want to play by the rules, because the market would crash if they didn't.  Even if there was only one single miner out there, making the block chain all by himself.  He would still apply the rules.  Or his coins wouldn't be worth zilch.

Of course, some people have to check.  There needs to be a whistleblower to find out that the entire miner consensus decided to fail on the rules.  But only one whistleblower is enough.  

Not every Joe is reading the Core code in his bed, to verify independently whether the Core code implements what is said about Bitcoin's rules.  In the same way, not every Joe needs to check the validity of the mining consensus (.... with the Core code he didn't read, and got from a single repository !).

The contrast is here in the high amount of centralization of the code, and the relatively high amount of centralization of the proof of work (mining pools), which are the TRUE power elements in bitcoin's system; but one insists on the "decentralization of holding a copy of the sole document" in such a way that it becomes a technical burden.   This is a contradiction.  There's no more reason to have thousands of copies of the block chain, but only a few repositories of the code ; there's no reason to require thousands of independent verifications of the block chain by that code, but not thousands of people verifying the code itself.  All this is hugely contradictory in its requirements.
If you can trust a single, centralized code depository (github) and the few signatures of the contributors ; if you know that the entire block chain is produced by just 10 mining pools with such an amount of proof of work that nobody can do anything else, but then you introduce technical limitations because of the "need" to keep thousands of copies in all basements, that doesn't make much sense to me.

This is absolutely not self evident.  It is a narrative that is repeated over and over, but it is entirely wrong, as I explained already many, many times.  

The number of different, identical copies of a cryptographically signed document that are stored world-wide, from the moment there are several (say, a few 10 or so) doesn't increase its cryptographic certainty.  

Suppose that 10 people are each in possession of a cryptographic secret key of which we all know the public key, and suppose that these 10 people sign documents.  We can all verify the signatures of these documents.  How many independent copies do there have to be in the world on public repositories, in order for you to feel secure that you are able to access some of them when you want and are able to verify their authenticity ?   Do we need thousands of repositories ?  Is it useful that Joe and Jack put up a server in their basement with those documents ?  Or can we live with a few tens of independent servers (for instance, of these people themselves) ?

It is clear that the cryptographic verification of these documents is independent of the number of independent servers there are in the world.  If my neighbour Joe cannot afford to set up a home server of these documents, that's not going to stop me from being able to verify their authenticity if I download them from one or other big data center, right ?

Now, we have essentially 10 big mining pools that are the sole authors of the bitcoin block chain.  How many copies of that chain do we need to serve, all over the world, in order for me to be able to verify the authenticity (that a piece of it I download, is of the real block chain out there made by these 10 mining pools) ?  I would think that a few tens of copies that are publicly available are good enough.  That my neighbour cannot have a server in his basement, is, just like before, no problem.

I can easily check, from the moment that I have access to any public repository of the entire block chain, that the small piece I need, is authentic, that is, belongs to the sole and unique chain that is out there, made by these 10 mining pools, like I could verify that the document I downloaded was cryptographically signed by one of the 10 authors of these documents.

And when there needs to be a few tens, or a few hundreds, of public repositories of blockchain in the world, then there is no "data burden".  Your average datacentre handles WAY WAY more data than the bitcoin block chain, even in your wildest dreams.  Compared to an IPTV data center with VOD, the bitcoin block chain, even with VISA-like transaction rates, is extremely small.  That's what Satoshi already told us in November 2008.  It was obviously right.

And nothing is gained by having thousands and thousands of identical copies ; if, in order to have those thousands and thousands of identical copies everywhere, we cripple the system, we're totally out of our minds.  That is similar to not wanting to broadcast TV shows over the internet at more than a 250x125 pixel resolution, because if every poor dude in the world has to keep all the TV shows on his basement server, we have to limit internet TV.  

I will ask something else if you want to put that in doubt: how many independent repositories are there, publicly available, of the bitcoin core software ?  There is essentially only one, as far as I know, that is on github.  I don't know of other servers of the git repository that are public.  At best there are the Torrent seeders, but that is not a genuine git repository.  How many are there ?  So if only a few software repositories are available, why should there be thousands of block chain repositories ?
The single github repository is enough, as long as it is working, because we have the cryptographic signatures of the few authors (think of my 10 people on the top of this post).  If github breaks down, I'm sure that each of these authors can set up another repository somewhere else, and by verifying their signatures, we know it is authentic.   Replace "github bitcoin repository" by "block chain repository", and replace "signing author of Core" by "mining pool", and "signature" by "proof of work", and you see the analogy.

As I pointed out earlier, there is no reason why "the consensus of mining nodes" would build upon a crazy large block, which implies an implicit block size limit every mining node, individually, decides for himself.  We are forgetting here the consensus role and the voting power that mining nodes have: they DECIDE on which block to mine.  They DECIDE what the consensus will be.  As such, if there is block 50 005 which is still normal, and someone propagates a 5 GB block on top of 50 005 as candidate 50 006 block, it is upon the rest of the mining nodes to decide whether or not they will orphan this block, and make their own 50 006 block, or whether they will mine on top of that 5 GB block.  If a consensus of miners decides to mine on top of that 5 GB block, then it means that bitcoin's consensus is that such a block is "good".  If they decide to orphan it, then it means that even if that 5 GB block is "legal", miners don't like it (essentially because it is spam).  Moreover, those mining on smaller blocks have a network burden advantage.  By the time you've downloaded that 5 GB block, you've lost a lot of precious hashing time - unless the network is so swift that 5 GB blocks are not an issue.  

So you can think that every mining node has his own "limit of block size on top of which he will not mine", for reasons of principle, for reasons of network efficiency, and for reasons of cost.  Of course, if he sets that limit too low, he will never mine.  If he sets it higher than his peers, no problem.  There will hence be a kind of unspoken "market size" of blocks that miners in general accept.  That automatic self-control mechanism would in any case have prevented that the blockchain would be entirely stupidly be filled with GB of nonsense per day.

There was strictly no reason to put in a hard limit.  Most probably, Satoshi thought that it would be a formalization of this "unspoken limit" on which miners would decide.  Maybe Satoshi only saw this as a "mining strategy" as he was also writing the sole mining software out there.

The real long term problem bitcoin was facing is that no block limit would lead to very low fees.  Very low fees would start to be a problem when bitcoin's issuance would start to dwindle, and wouldn't pay enough for the mining security. The finite amount of bitcoin issuance, which is its main publicity and selling point, is in fact a huge monetary design mistake which makes bitcoin unsuited as a currency ; but on top of that, it forces a delicate fee market that has the potential to kill the usability of the system as a whole.

But the finite block size never played a useful role, and its use as a "spam protection" is obviously wrong.  It has only negative effects.

No, this is not true.  There is fundamental value, which is economic utility.  Food has economic utility.  The joy in your life is higher if you have food than if you don't.  And economic utility is related to personal joy (or removal of personal suffering).  There ARE a lot of things that are perceived as bringing joy, and they are the basis of what is called economic utility: a house, food, entertainment,....  everything we want as end consumer.  Our desires.  Price results from economic utility confronted with scarcity.  Food is not very expensive (even though it is just as useful) if there's plenty ; food becomes very expensive if there's almost none and we fight over it.

Assets are indirect owners of provision of economic utility.  Production capital has indirect economic utility, because it can provide the market with consumption goods that increase joy of consumers.  You can package this more and more, and the complicated derivation of all these things down to "joy" is what is the fundamental of an asset.  Bitcoin has none.

Actually, this is bitcoin's strength: its fundamental value IS zero, as you correctly said.   As such, whether a bitcoin costs $1, or it costs $1M, is the same.  There is no difference, the ratio is in any case infinite.  This is why, given that there is strictly no reference value (a fundamental), bitcoin can have just any price, and any price is as good as any other.  Whether you overpay something an infinite times, or an infinite times, is equivalent.  That's entirely different if bitcoin were to have a small, but real, fundamental value.  if bitcoin had something like, say, $10 of economic utility, paying $20 for a bitcoin seems not such a terribly bad idea, but paying $1000 for a bitcoin would be entirely objectively stupid, and the bubble would crash.

However, given that paying $1 for a coin is already *entirely* irrational, and we're used to that for many years, it is not more irrational to pay $1M for it than it is to pay $1 for it.  This is why bitcoin keeps on bubbling, and the sky is the limit.  Tullips only bubbled once.  The South Seas only bubbled once.  But bitcoin bubbled already 3 times: in 2011, in 2013 and in 2017.  Because, exactly, its fundamental is zero.

This is also grossly how I see it.   Except that the arcs become wider and wider (longer and longer periods of down between the bubbles).  And look, we're heading for the next few years towards something like $3000, and the next bubble is maybe 5 or 6 years away.  The first one of size was in the summer of 2011.  The second one was at the end of 2013 (so 2-3 years).  The third one was at the end of 2017 (so 4 years).  This is why I think we're in for a bear period of a few years, down to a few $1000.  In 2014/2015, we went down a factor of 6.  In 2012, we went down a factor of about 10.  And then of course, there may be a last bubble.  Hard to say.  Once everyone has been burned once, where is the new army of greater fools ?

Well, I never used bitcoin core's wallet to hold actually bitcoin.  I ran a full node for years, but with an empty wallet, because when I started with bitcoin, and I learned that core's wallet didn't have hierarchical deterministic keys (HD), I didn't want to use it for exactly the danger that you underwent.  I prefer electrum as a wallet, because that is, like almost all other wallets, and like almost all other *crypto*, using a HD key system.  But I'm surprised because I read that bitcoin core DID integrate such an HD system since June 2016.
An HD wallet can derive all its private keys from a single pass phrase, which is something you have to put on a piece of paper and put in your safe.  With that pass phrase, you can reconstruct all keys.  So even if your wallet file gets corrupted, you can always find them back.  Of course, you have to protect that piece of paper against theft !  But you do not depend on electronics to keep your coins.

With simple random wallets, each key is a random number, saved ONLY in the wallet file.  If that gets lost, you're done.  But of course, you were already in very great danger by not having a *back up*!  That's crazy.  You don't have a backup of your computer ?  The reason why simple wallets are problematic, is that between backups, you might use new addresses (new keys), which could get lost if the disk gets damaged, or the file gets damaged, between backups.  This is why I don't like them.  You have a backed-up wallet, you do a payment, it generates a new return address, you disk breaks down, and you've lost all your coins, because the backup was too old (namely 10 minutes before the payment).  With a HD wallet, that's no problem, from the pass phrase (in the wallet and on your piece of paper), it can find all keys again.

So, you're the victim of 2 simultaneous problems: not using a HD wallet, and not having made a backup.  The first thing is a technology problem, the second is simply crazy.  You never ask yourself: if 2 minutes from now, my disk is dead, what will I do  ?

I thought that bitcoin core had HD wallet integration since June 2016...

But when you set up your wallet, didn't you have to copy a pass phrase on paper ?

Look at 2012 and 2014 if you want to know how it will go.

I used to think that too.  But I think otherwise now, and I'm quite pessimistic about this.

I'll tell you why.  I have two different vectors of why bitcoin and freedom from state will potentially fail.

The first one is that states will become extremely mean.  Although it is true that for the moment, we still enjoy some forms of freedom that allow us to communicate, write open source code and do computations on our on devices, that freedom is already under a menace.  Under the all-encompassing excuse of terrorism, we've already given up a lot of fundamental freedoms, and the "freedom to write code and do computations" is not guaranteed to stand a long time.  Indeed, it is sufficient that, as in the past, cryptographic calculations are simply forbidden without a license, and it is game over.  How could that be ?  Well, it is sufficient to say that terrorists use cryptography.  Yes, cryptography is useful, but I don't see how totalitarian states (all states are totalitarian apart from Switzerland) could be prevented from implementing this.  The UK already can imprison you if you don't give all your cryptographic keys upon demand.  They could simply ask you for all your cryptographic keys of your crypto currencies.  If you refuse or fail to comply, you will go to jail for 2 years.  In the UK.  After 2 years, they ask you again.  So the "freedom to write code and do calculations" was granted because nobody thought that one day, that freedom could be used against the state's authority.  With the advent of cryptography in general, and cryptocurrencies specially, they may change their minds.
States can also become mean in another way: they might consider that you can shift tokens as much as you can, but right at this moment, almost nobody has the slightest form of economic freedom.  In most western countries, economic exchange is forbidden, unless allowed, that is, you have to declare to do business, or you have to declare a working contract.  "doing something for someone else" is simply forbidden if you do not have a permission.  In France, it is even forbidden to help working in a house if it is not for a family member of less than 3 degrees.   You can help your parents, your children, your brother and sister.  But if you help your cousin, that's in principle illegal, because "black work".  You can do so, if you declare it, if you pay 50% or so taxes and social security on the *estimated market value* of it, even if not a penny changed hands.
The law prescribes that if you give me some math courses against bitcoin, I have to declare this, pay social security on this and so on, and you are not allowed to do so unless you've declared your activity.  For the moment, you can still do so, if you declare it.  But it is not difficult for the law to simply forbid activities if they are not paid in regular money, killing the very possibility of paying with crypto.  Without that possibility, crypto has absolutely no value, because you can't do anything with a crypto token.  I can imagine one having to declare, hour by hour, one's activities during the day and the night, so that it can be judged whether those activities do not generate economic value.  Of course you can consume, you can shop, you can enjoy leisure.  But you are strictly forbidden to do anything useful.  I wouldn't even be surprised that you are soon taxed, and have to ask for permission, to do something useful *for yourself*.  Maybe you are still allowed to read fiction ; but maybe learning, and reading non-fiction, will become taxable, because a potential investment in your own economic abilities, and hence, liable to economic production for yourself.  Maybe if you read a math book for an hour, you are taxed upon giving yourself a math course at the market price of an hour of math courses, because that's the value you've created. You would have the right to watch entertainment TV ; but if ever you looked at Wikipedia, you would have to pay for the time you try to educate yourself, as a "useful activity". You would have to declare, hour by hour, that you've done nothing of use during the day, except for those activities where you got a permission from, like being an employee.  Of course, in order to enforce such things, there would be the necessity of strict surveillance of what you are doing in your home, on your computer, and everything, and people would be randomly selected to be verified in their declarations, with all the in-house camera and other tracers of activity.  In such a world, it would not only be entirely forbidden to write open source code, which would be considered a forbidden useful activity, but of course, crypto cannot exist in any meaningful way.  In a horrible, resource-limited world which we are heading to, "useful economic activity" would be in general considered dangerous, unless strictly regulated, because potentially resource-consuming.  Actually, this would mostly be popular with the huge masses of extremely uneducated people that are entertained and are absolutely not capable of understanding anything else than the few "truths" they learned in "school".  Economic anarchists and terrorists that want to do useful things for themselves would be the culprit of everything that goes wrong.  You would get popular support for every measure that forbids people to do anything for themselves, and especially, instruct themselves.  Most probably, even learning to read would be a forbidden activity.

In other words, the very existence of the liberties we still have that allow us to write code and do calculations, are maybe under threat ; but even if they still leave us that, as we have no economic liberty at all without state permission, any economic exchange against crypto currencies can be killed off legally.  For the moment, that's not the case yet, but if pushed, states can be very mean - even western states like the UK and France.

But my second angle of pessimism is that I think that bitcoin has in it, an even much worse form of totalitarianism than human states.  I'm pretty convinced that, if not stopped by states earlier, crypto will take over most of finance.  I'm also convinced that machines will take over most of human intelligence.  If machines are now taking over crypto, they will dominate us in a way against which we don't have the slightest defence.  Crypto machine states are orders of magnitude worse than the meanest of human states.  I see smart contracts develop that are pyramid letter equivalents of hired murder: you get a fortune in crypto if you go and kill Mr or Ms X, and if you don't, you're the next on the list.  Oracle verifies whether you actually did so.  Smart contracts (that will be our intelligent machine states) will bribe politicians, company CEO etc... to do the things that fit in their plans, and eliminate those that resist wit a pyramid killer contract.  We will not know until it is too late.

I think crypto was the missing piece in the puzzle for the Singularity.  I always wondered how machines could take over command on earth with us humans letting us subjugate.  Now I know: through crypto.  Political decisions, taken by crypto-bribed puppets, following the strategies thought out by smart intelligent contracts deploying their own crypto currencies, acquiring the funds through smart trading and market manipulation by their own intelligence to fund their strategies, their procreation, their improvement, are unstoppable, decentralized, omnipresent and will end up being far more intelligent than any of us.  Not right now.  Several decades from now, for sure.  I don't know what such contracts will think of that funny notion of "human liberties".  Probably just as much as we think about "mosquito liberties".

So I'm not very optimistic for the future, but in fact, I prefer the demise of humanity through the singularity and with crypto.  At least, a new species will take over: smart machines.