That isn't exactly true.  There are both civil and criminal penalties.  The SEC routinely does seek civil penalties and administrative rulings, not all matters are going to be treated as criminal prosecutions.  

http://www.sec.gov/News/Article/Detail/Article/1356125787012#.U6ruUvno7Zc

The SEC actually has no prosecution ability much like a Police Officer can't charge you with a crime.  The prosecutor for the government (local, state, or federal) is the one who seeks an indictment.  That being said the SEC is very good at gathering evidence and once complete they will hand that evidence over to a prosecutor who based on the alleged crime and evidence may seek an indictment.

Still your larger point is correct.  The SEC currently believes that securities denominated in BTC are still securities under US law (just as securities denominated in USD or EUR are).  A judge in at least the Shaver's case has agreed with them.  In the US offering unregistered securities to US residents (even if the issuer and company are not located in the US) is a violation of securities law.  There are exemptions to the registration requirement that apply but they have limited scope and no publicly traded crypto stock would apply.  Trust me I had the "fun" of putting together a private offering and even for a small straight forward seed round the memorandum and agreement including all exhibits was more than eighty pages.

Well at least it is impotent.  Miners will take financial losses by not building off the longest chain.   So despite the fact that you say every miner can do what they want the reality is it can't work unless a majority (preferably a super majority) of miners break the longest chain rule and build off a minority chain to FORCE the other miners to adopt the redlist by depriving them of revenue.


When that happens on the miners stupid enough to build off of the minority chain loose.  They lose all their block rewards on the orphaned chain.  Of course you aren't dumb enough to not already know that.  The only way redlisting works is through the threat of violence, aka "under penalty of law".


Lots of bad ideas do.

Agreed.  I PERSONALLY will not want to put my Bitcoins in a bank but I can also recognize that not all 7+ billion people on the planet think the same way.  I think sometimes people respond from a point of view that "X wouldn't be useful for me therefore X isn't useful for anyone on the planet".  

Cryptocurrencies won't end the banks.   If (and this remains to be seen) they are widely adopted they could change the banks but there will always be banks as long as there is money.  There have been banks longer than there has been fiat currencies.  Sometimes I get the feeling that people think fiat currency has always existed.  It is a relatively new invention with significant adoption only in the last three centuries.   Modern commodity money (i.e. standardized precious metal coins minted and certified by a national authority) has been used for almost three thousand years.  The first "banks" were essentially gold vaults with a ledger of account balances kept by the bank.   Merchants received gold, merchant was afraid gold would be stolen, at the end of the day merchant deposited his gold with the "bank".  Eventually banks starting issuing receipts and merchants began trading the receipts directly because it was cheaper and easier than removing the gold every day.

If Bitcoin becomes large enough it is only a matter of time before a bank offers the ability to exchange Bitcoins for fiat currency and offers depository services.  As for banks being prohibited from dealing in anything other than fiat well that is just nonsense.  Most banks already offers the ability to buy and sell shares of stocks and mutual funds.  Some banks in China sell Gold (yeah the actual physical metal).  The customer pays by bringing in cash or by drawing against their account and the bank delivers the purchased gold on the spot.  I don't know if any of them offer depositor services or rebuy the account holders gold but that wouldn't be much of a leap.

Another angle that is at least plausible, involves one or more exchanges becoming a bank to reduce compliance costs.  It may sound crazy but nationally chartered banks are exempt from state money transmitter laws.  It is much easier being regulated by a single entity than being regulated by fifty or more entities.  It may not be a bank which has a branch in every major city, it may not even have a single customer accessible branch but it would still be a bank.  Credit card issuers are a good example of this.  Technically one doesn't need to be a bank to issue credit cards however as money transmitter laws sprung up in various states, most issuers found it easier to reorganize as a nationally chartered banks and have one regulator than be classified as money transmitters by multiple regulators.  Today all major credit card issuers in the US are banks although many of them have no "branches", hold customer deposits, or offer any other banking services.  CapitalOne, American Express, and Discover are all nationally chartered banks in the US.

Franky please don't give unsound legal "advice" speaking as if your opinions carry any legal weight.   Of course the issuance of unregulated securities is subject to civil and criminal penalties.  You don't think in the last fifty years someone would have noticed that "loophole"?

Why not read what the judge in the Shavers case ruled.   He didn't rule on any property law.


http://www.forbes.com/sites/kashmirhill/2013/08/07/federal-judge-rules-bitcoin-is-real-money/

That will probably never happen.  Try to think of a cryptographically secure way to compensate full nodes for actual support.   If I create 20,000 nodes and connect them to each other using minimal resources would I get most of the "node reward".  Proof of work, "works" because its something that can't be faked.

Utter nonsense.

What?

You don't assume anything.   Every input refers to a specific exact output.

Note the bolded portion.   vout refers the to output index and it is a zero based index so "1" = 2nd output.  If it was "0" it would be the 1st output and if it was "128" it would be the 129th output of that tx.  There is no assumptions involved.

Damn limitations of the physical universe.  It does point out what makes a "good" scam good.  Take an idea that is loosely based in reality that is only invalid due to scale.  Everyone knows RF signals have "some" energy so the idea of a widget powered by RF signals is more plausible than one powered by a microscopic fusion core.

Still best response to the thread

Pretty weak conjecture.  Plenty of people have had ideas about digital currencies involving cryptographic systems over the years.   They weren't all Satoshi and there is nothing in that quote that links to Bitcoin.

Of course you have proof for this claim right?  You just saying something doesn't make it true.

That was my whole point.  If Bill Gates tomorrow thought his mission in life was to destroy Bitcoin by a sustained 51% attack he could and there is not much anyone could do about it.  It would cost him a small fortune and his attack would be a massive sunk cost that he could never hope to recover but he could do it.  Worrying about a pool trying to perform a 51% attack using the resources of miners by proxy in a very public and easily disrupted manner is just silly.  

Of course my opinion is that any such disruption attack against Bitcoin would be a fools errand.   Killing Bitcoin isn't going to stop cryptocurrency any more than killing Napster stopped file sharing.   The concept is out there, it is open source, and uses strong cryptography.   If someone spends tens or hundreds of millions of dollars to "kill" Bitcoin something else will take its place, and maybe they disrupt that too at even higher cost, and then a dozen "4th generation" crypto currencies will replace that and then a hundred or more replace that.  Billions and billions of wasted dollars later you will probably see the "bittorrent" of crypto currencies.   Necessity is the mother of all invention.   It can't be stopped.   Of course anyone smart enough to have those kinds of resources should be smart enough to see the futility of that type of direct attack (or be able to hire someone capable of that).  

What is the point of killing bitcoin at huge cost only to have something better replace it.   Napster was regulatable, but once it was killed it spawned not a clone but an evolution of competing ideas which became ever more resistant to oversight and regulation.  Sure some of the ideas failed, some were poorly thought out, but people built upon those ideas.   Future iterations of the same general concept hardened themselves against the weaknesses of the earlier versions.  Today unauthorized file sharing is more widespread than it ever was when Napster was around.

For a private entity this is true but pools can't hide their hashrate from the public. Say right now GHASH has 51% of the hashrate and they start mining an attack chain in private.  Now I am sure you understand this but most people seem to forget that their public hashrate (i.e. based on "legit" blocks added to the longest chain) would drop to 0 blocks per hour.   With 51% of the hashrate GHASH would be expected to out race the main chain by 2 blocks per day.   So to overturn a tx with 6 confirmations miners would have to see the reported blocks go from ~5 per hour to 0 per hour not for 1 hour, or 2 hours, or even 8 hours but for 72 hours in a row.  How many miners would keep mining on GHASH if they produced 0 blocks and thus 0 BTC in revenue for miners for 72 hours in a row.  My guess is next to none.  As soon as enough miners defect enough that GHASH hashrate fell they would quickly lose any chain of pulling off the attack. 

I don't trust miners to do the right thing, but I do trust them to notice that their pool hasn't found any block in 3 days.  Miners who leave simply looking out for their own bottom line will help to secure the network against that type of attack.

You just reinvented p2pool.  Sadly it has roughly 1000 shares per block (so 10x your proposal) and is still barely used (~2% now and maybe ~5% at the peak a year ago).  Could p2pool be tightly integrated into an altcoin (or even bitcoin)?  It certainly could however it is very likely you would simply see the same major pools running off the sharechain rather than the full blockchain.   There is a lower limit on the expected interval between events (call them shares, blocks, hashes it doesn't really matter).  The network needs time to adjust.  When the average time of propagation becomes close to the average time between events, a network will drift away from consensus.  The p2pool sharechain has an expected interval of ~30 seconds per share and that is probably close to what is achievable.  Maybe with a greenfield solution optimized to be as lightweight and low latency as possible you might get that down to 10 seconds but you aren't ever going to have a scenario where 100,000 miners will be able to directly share in a block in a decentralized manner.

It isn't a technology problem but rather a human "problem" (or maybe human nature is simply a better term).   A miner's major ongoing cost is electricity and payment of that cost isn't due on an hourly or daily basis but monthly.  Sub-month variance is not an economic issue.  If a miner has sufficient confidence (mathematical term) of the expected return over a month long period lower variance doesn't improve the economics or reduce the risk.   Simply put, in the long run with a mere 2% of the global hashrate a miner can have a 95% confidence of being within 5% (+/-) of expected returns after 30 days.  That is more than sufficient to hedge the operating cost risk.    There is no economic benefit to more hashrate but miners want those multi-hour updates.  They just want it and that probably isn't going to change.

If your programming skills are "not all that great" I would strongly recommend not trying to implement the nuts and bolts of low level crypto.  Even working with high level bitcoin specific libraries (like bitcoinj for java) can be a challenge and using libraries like that all the low level plumbing is abstracted away.   This isn't to say you shouldn't ever build a crypto library but to start there but it would be like someone deciding they want to make a video game and despite having limited programming skills accepting nothing less than writing it all in assembly language so it is optimized.

As for using OpenCL for acceleration I am pretty sure it would be a decelerator.  I would recommend a lot of reading (both wiki and the bitcoin core source code) about how Bitcoin works.  Verification of transactions and blocks is almost never CPU limited.   The disk (IO not capacity) and network bandwidth are more significant bottlenecks, after that is probably memory space (although luckily RAM is dirt cheap), far behind that would probably be disk capacity (especially for higher performance disks like SSD), and then way way way behind that would be processing power.

I took a look at your code and honestly I am not sure what you are doing.   As pointed out trying to reinvent ECDSA support is probably not a good idea.   There are a number of Bitcoin specific libraries but if you want to drop down a level both bouncy castle and openssl support all the ECDSA functions needed to implement a bitcoin node.

The advice you don't want to hear is don't use accounts in bitcoin core.  It is the advice I have been giving for more than a year now.  You are just painting yourself into a corner and then trying to come up with elaborate ways to workaround the problem.  It is very possible support for accounts will be completely removed from a future version of Bitcoin because it is bad and probably never should have been included.

However my guess is you will ignore that so, yes temporarily reducing the number of unspent outputs will marginally improve account performance but in time as you receive new outputs it will get worse again.  Also the other factor affecting performance is the number of accounts so unless you are planning on your service getting less popular over time you will always be swimming against the current.

For any new developer, Rule #0: D not use "accounts" in Bitcoin core to support a multiuser service.  Eventually it would hurt you and by then your entire codebase will be dependent on a very buggy, performance constrained feature which has an uncertain future.

No that is no correct.  You need all the PubKeys not all the private keys to create the multisig address.  

As a side note, it would have been nice if Bitcoin had supported ECDSA PubKey recovery but it doesn't.  That would have allowed creating multisig txs using the PubKeyHash instead and the PubKeyHash can be decoded from the address.  It doesn't and likely never will, which makes creation of the multisig address involving multiple parties less user friendly.  Most users don't know how to obtain a PubKey from their wallet (or even know there is such a thing as a PubKey or that it isn't the same thing as the PubKeyHash).

validateaddress only returns the PubKey if "isMine" is true so it is useful for a simplistic test but not very useful for a real world solution.   If the keys are in multiple wallets then it would need to be run on each address which has the private key (and that assumes all parties are using bitcoin-core).   For example if I was one of the signers in your multisig tx, you can't determine the PubKey for this address 1NbCxn5NnFF4y9EWzU3YZcJZGuYsoRN4HZ with the address alone because it has never been spent from and thus isn't publicly known.

CDF works the same way in both cases (all CDF always work the same way).  In theory if you have infinitely bad luck you could never not in a billion years find a solution for your vanitygen prefix.   That is very unlikely but it could happen.  For Bitcoin mining the fact that the previous block changes periodically makes no difference.  There is no "progress" towards a probabilistic solution.  You either solve it or you don't.

In both Vanitygen and bitcoin mining if your 50% CDF was 1 hour there is a 50% chance you will find a solution in less than or equal to 1 hour.  This doesn't mean you have a 100% chance in 2 hours. There is no 100% chance even in 1,000,000 hours (although it might be 99.999999999999999999999999999999999999999999999999%).

Also I assume it is just a typo but in vanitygen (just like in Bitcoin mining) you aren't looking for a specific unique solution but rather one of any number of the quadrillions of possible solution which match the prefix. 

They are reporting the deficit as txn fees (not including the block subsidy of 25 BTC) minus their guesstimate of what miners are paying using unknown method of computing that.  Since blockchain info provides no context or supporting details for their estimate of miner cost I would treat it as worthless.  

For about a year after the release of ASICS they used the average GPU efficiency and an electrical cost of $0.15 per kWh for similar charts.  This lead to an underestimating of effieincy by at least a factor of 100x and lead to a more than one false news stories about how bitcoin uses $50M a day in electricity (or some equally ridiculous number).  This is despite countless request from lots of people for them to fix the "stat" or just delete chart (no info is better than wrong info).  They didn't for more than a year so accuracy of stats is not high of their list of thing to do.

Not that it matters for the reasons above but deficit (or surplus) already implies revenue - cost.  So if the deficit is -$2.4M then blockchain.info is saying miners would be losing $2.4M not $11K a day by mining if the block subsidy was zero.

Which is less than the rate of storage growth and storage already has a huge heads start.  Everything is relative, if your $150 SSD hold 50% more capacity next year and the blockchain is 50% larger are you really falling behind?  On a larger scale when the blockchain is too large to fit on your 256GB SSD you probably will be able to buy a 16TB SSD for less than what your current drive costs. 

Still the reality is no matter what happens, or what changes are made to any crypto-currency, your average casual user is not going to run a full node.  They just aren't.   I mean if you cut it 75% they still aren't going to.  This isn't to say improvements and efficiency to the protocol shouldn't be considered but the reason shouldn't be so Joe Sixpack can download the blockchain because he isn't going to regardless of what you do.  If Bitcoin someday has 50 million users I would imagine 99% are using SPV clients, eWallets, or some other "lite" alternative.  Still 1% still mean 500K full nodes and that is more than sufficient to support the network.   For a business like overstock 10GB per year in storage is not even a factor to consider.  Their email archive requirements (as a publicly traded company) are probably on the order of tens of TBs per year (and that is probably being conservative).