Bitcoin Forum
September 27, 2023, 01:25:14 AM *
News: Latest Bitcoin Core release: 25.0 [Torrent]
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 128 »
1  Bitcoin / Press / Re: Whithersoever my coin desires may lead... on: August 10, 2022, 03:37:05 AM
How is bitcoin maximalism presently taken by everyone in bitcointalk?

New policy:  I present myself as a fearsome “Bitcoin maxi” to altcoiners, and I chat about my favourite altcoins to Bitcoiners.  Thus, I can discover who my true friends are.  This optimizes for the human element.  So does intransigent opposition to scams.

I have been intending to write an essay with my own take on Bitcoin maximalism, but I am not sure if this forum is the right place to publish it.

You should write and publish it in the forum, I reckon. I would also like to know your opinion on some bitcoin maximalists who appear to want everyone to believe that there is only bitcoin and bitcoin's failure will be the whole cryptospace's failure without any other cryptocoin having to find and achieve success.

Thanks.  Unfortunately, I will need to cut short what I was writing here—if I ever want to post this.  :-)

To answer that, we first must define “success”.  Is economic success the sole criterion?  Although that is important, I think that economic success is necessary but insufficient.

Bitcoin is freedom-money.  It is authentic cypherpunk-money.  It grew organically as a social phenomenon, in historical circumstances that cannot be artifically duplicated.

If Bitcoin were to fail, I think that “the whole cryptospace” would almost inevitably fail in the way that really matters.

I say this when I own altcoins, and I much like some altcoins:  If Bitcoin were to fail, then any independent altcoin would almost inevitably fail economically.  Bitcoin makes the cryptocurrency market.

If Bitcoin were to fail, I predict that the only “altcoins” that could still succeed would be those backed by massive capital from big banks and VCs.  But those are not legitimate “crypto” in the sense of cypherpunk-money.  Those are merely de facto centralized Fintech payment systems that use some cryptography, and that sell themselves under a veneer of fake “decentralization”.  Some are better in this aspect, some are worse—all of them devolve over time in the direction of giving big banks and insider whales the power that Bitcoin takes away from them.  Worst in this aspect is anything POS, a definitional plutocracy.

Thus, although I disagree with the “maximalist” purity-testing that treats people as sinners for (gasp!) touching a forbidden altcoin, I agree with the proposition that “Bitcoin’s failure will be the whole cryptospace’s failure without any other cryptocoin having to find and achieve success.”  Like it or not.  That is the reality.

I love Bitcoin.  I love it as if it were a living creature.  And I recognize on pragmatic grounds that attempting to replace it would be a fool’s errand, likely resulting in a Pyrrhic victory at best.  Accordingly, I am proud when altcoiners call me a “Bitcoin maxi”; and I tend to agree with them about that.  I say that when I own altcoins, I think that defi has great potential (excluding such garbage as Yield Farming, a classic HYIP scam), and I have some history on this forum of defending the good uses of NFTs.  (Not Bored Ape trash.  The basic idea now called “NFTs” is much older, and it has much undiscovered potential for future applications.)  There are multiple reasons why my signature or personal text has said since 2017:  “There is only one Bitcoin.”

Am I a Bitcoin maximalist?

I also want to hear your opinion on the comments of people similar to Max Keisler who said in an interview that all fiat will be going to zero against bitcoin. Is this right?

I don’t follow the opinions of these types of pundits, so I can’t comment other than to say that [0] I think that it is very, very unlikely that all fiat currencies will go to zero against Bitcoin in the type of total “hyperbitcoinization” scenario that some Bitcoiners predict; and, [1] whenever fiat currencies crash, as not infrequently occurs, people need an escape hatch—a currency that is not controlled by corrupt governments and corrupt central banks.

Bitcoin was created to be such a thing.  See the headline in the Genesis Block.

3. Bitcoin arose in an historical context that must not be forgotten.  Most people have short memories; and some people are young.  Those who remember the 2008 global financial crisis will better understand Bitcoin and its economic design.
Hardcopy: “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”

It has happened before.  It has happened many times.  It will happen again.

The Great Collapse

I also want to hear your opinion on the comments of people similar to Max Keisler who said in an interview that all fiat will be going to zero against bitcoin. Is this right?

Completely unrealistic in the developed Western world. I know it's fashionable to peddle an impending collapse of economy, but the govts. simply don't allow that to happen.

Governments are not gods.  They cannot magically stop economies from collapsing.  The smaller big question is when the petrodollar scam will collapse.  The bigger big question is whether or not that will be a part of a catastrophic global collapse.

I know it’s fashionable to peddle the “this is fine!” belief that governments can prevent a catastrophic global collapse of civilization; but history shows that civilizations do collapse, inevitably so when they are infected by even the tiniest bit of today’s all-consuming rot.  I have remarked before on this forum that around A.D. 350–400, Romans must have believed that their civilization was invincible.

Only a knowledge of the mere past century, the blink of an historical eye, is needed to know that major economic collapses do happen.  Whereas only myopia, short time horizons, and a lack of historical education could lead anyone to believe that a civilizational collapse can’t happen here and now.

Today’s global economic system is altogether the biggest scam in the history of the world.  Its eventual collapse has been assured since the 1970s, at the latest.  And a technological, industrial civilization cannot reasonably expect to survive a catastrophic economic implosion.  The question is not “if”, but when?  Many commentators discredit themselve by mispredicting the “when?”—a question that no one can reasonably answer.

This does not necessarily mean that when some fiat currencies collapse, Bitcoin will just replace them.  To presume as much is a simplistic leap of logic in attempting to predict the outcomes of a complex scenario.  I think it’s more likely that as long as technical civilization exists, there will be a competition of currencies—and when this rotten civilization finally collapses in total, Bitcoin will not exist, because computers and the Internet will not exist.

N.b. that I have always consistently said this:

I do think that the collapse is nigh inevitable, barring a drastic, radical global change that has negligible chance of actually happening.


This—n.b. the date before Covid, when exuberant faith in ever-increasing prosperity was more fashionable:


By comparison, Roman society was a zombified rotting corpse for four or five centuries before the civil machine built by long-gone forebears ran out of momentum.  I can see how greater technology could have accelerated the ultimate downfall in various ways.

What’s left is to secure yourself, take care of your own, live by honour alone whereas law is meaningless, keep busy with something productive, and try to have some fun.

I believe nullius has a more optimistic view of the future than I do.  Smiley

“Optimism is cowardice.” — Spengler (writing most of a hundred years ago)
2  Bitcoin / Bitcoin Discussion / Re: War is peace. Freedom is slavery. Wasabi solves fungibility. on: August 10, 2022, 12:19:20 AM
I strongly disagree with that use of terminology.
Just to address this point: So do I. You are well aware that I have argued long and hard against nonsensical statements such as that anyone who has the slightest interest in maintaining some financial privacy must be a criminal, terrorist, money launderer, or what have you.

Indeed, you have long been one of the most consistent and well-spoken advocates on this forum for the principle of privacy.

My argument was directed not at you personally, but at some widespread and pernicious wrong thinking that I know you have so oft opposed.  It is too bad that many people just don’t or won’t get it.  In the big picture, since last week, I have been discovering and rediscovering just how broken everything is—the subject of a new project which forced me temporarily to set aside something I’ve been working on for zero-knowledge proof privacy.

However, given that nopara73 has consistently and repeatedly failed to answer basic questions as to how he thinks blacklisting and censorship is somehow beneficial to fungibility, has consistently and repeatedly demonstrated that he believes in taint and taint analysis, and is building a product specifically designed to cater only to those good little citizens with "nothing to hide", an answer to a basic question using his own preferred terminology might be more forthcoming.

That is an interesting point.  I didn’t think of it that way.

I am fairly certain that most of the people behind Wasabi don't believe many of the things they are saying:
It certainly seems like this is the narrative they are trying to push; that they are the sole arbitrators of what is and is not fungible. As I said previously, as far as I am concerned this viewpoint is actively malicious.

The evidence indicates as much.  Indeed, if privacy and fungibility are considered valuable, it looks to me like nopara73 and Wasabi are doing something tantamount to an exit scam:  They build up a good reputation, and they are now using it to slip in support for Mike Hearn’s old agenda.

This is one of the oldest debates in Bitcoin.  Most newer users do not realize it.  I will soon place it in its proper context.
3  Other / Meta / Name-dropping is gauche, and it impedes normal interactions with famous people. on: August 08, 2022, 08:09:42 PM
Are you important enough to have Theymos and forum members close to him comment on your threads (or quote your posts) to have positive conversations with you? Well, that happened to me in the past and it gives me great joy considering how humble they were to then nobody.  [...]  I believe you can find potential World Leaders from forum superiors here.  [...]  (I think that was part of my conversation with Mprep or Achow... Theymos was probably about

This is a thread for the purpose of name-dropping, salted with arse-kissing.  FYI, it is one of the reasons why people in VIP positions are sometimes reluctant to interact with people.  Take it as advice; more is below.

Sometimes, I wonder if theymos ever uses an alt account to engage with the forum as an ordinary user.  The problem is, of course, that he could not risk engaging in discussions very deeply, lest style and substance may reveal his identity.

An even bigger problem is nonpublic contacts.  If anyone in a high-profile position engages in casual PM or e-mail correspondence with someone relatively unknown, it runs the risk that some loser will go around gratuitously bragging, “Oh, I was just chatting with X,” as if suddenly they are pals.  Unless you really are close to someone, it is inappropriate—and you will never be close to someone famous (let alone famous yourself), unless you have sound judgment about such matters of social appropriateness, and moreover, privacy.  It is why I try to avoid even mentioning such things unless there is a reason to do so—even in one instance when the other party took the initiative of reaching out to me, then quoted my reply on Twitter (with my permission).  Well, that is obviously not private; but I will not pretend that I’m best buddies with X just because X took an interest in something I wrote, and we had some interesting chit-chat about a topic of mutual interest.

For referring to public discussions, context is important.  To illustrate by way of example:  If, in Lauda’s final thread, there were occasion to recount the origin of Lauda’s final avatar, it would be relevant to retrace the history of how I made a satirical thread in Lauda’s defence, and theymos was so amused that that inspired a little piece of his April Fools’ joke that year, and my satire became a kind of a meme for Lauda in some of her later posts, and she used a clip of a William Blake painting that I had made for that thread as her final avatar.  But it would be gauche to make a merit-seeking Meta thread about the times that OH MY GAWD, SO-AND-SO REPLIED TO ME (and that makes me so “important”) with a list of my past interactions with theymos, forum staff, Bitcoin Core developers, etc., etc.  As if that validated my existence.

Ucy, try flipping the question around:  How important are you to yourself?  People who are worth talking to, usually know it—so it feels natural and normal to talk to someone famous.

So you'd better believe that when a lot of members have personal interactions with Theymos--who was around during the days of Satoshi--they figuratively piss in their pants as if they got a phone call from Chris Pratt [or pick your celebrity].

Who is Chris Pratt?  (Seriously, I have never heard of him/her/it.)

If I just disappeared tomorrow, I doubt there'd be much notice at all.

So, why are you here?  If you are not connecting with anyone, and if you think your posts are of such ephemeral, negligible significance to everybody else, is there any purpose?

In some of my past disappearances, when it seemed I may not return, people have sometimes created threads asking what happened to me.  Without any intention to deprecate the VIPs, it frankly touched me much more on a personal level to find that relatively unknown people had been wondering about my fate than to have perfectly normal interactions with famous folks.

The Bitcoin Forum is not Bitcoin.  The forum is obviously centralized; and the central authority on this forum does matter.  Nonetheless, in a different way, this evokes an important point:

Roll Eyes Isn't it like Bitcoin, where no one person even 'matters' (as long as there is 1+ person.. I suppose)?

One of my favourite quotes:  “Bitcoin’s greatest vulnerability was and always is that it can’t be any stronger than the people who use it.  It’s possible for the public to be just too dumb for Bitcoin.”nullc on Redit (2021-12-30).  The context:  A proposition that if, hypothetically, CSW were really Satoshi, then it wouldn’t matter, because no one person matters to Bitcoin.

Quote from: nullc (2021-12-30 01:57:28)
Quote from: AmbitiousPhilosopher (2021-12-30 01:17:57)
I think most people wouldn't give a hoot

I'm confident you're wrong. Too many people are hidebound authoritarians and simply can't wrap their head around a system that doesn't have a central authority.

The history of the public's interaction with Bitcoin has been a comedy of errors with people (press, organizations, etc) incorrectly fixating on one person or element of the system as being in charge of it... only to end up mired in confusion, oscillating between options, because they can't wrap their head around a named 'system' that has no central authority... even though there are plenty of other things in our lives that don't (e.g. the English language, to give an example we're all familiar with).

Bitcoin's greatest vulnerability was and always is that it can't be any stronger than the people who use it. It's possible for the public to be just too dumb for Bitcoin. I'm generally pretty positive about the world's ability on that front, but in a hypothetical dystopia where it turned out that somehow an incompetent narcissist conman created Bitcoin, one fixated on destroying its properties, confiscating coins for personal gain, and destroying its decentralization? ... in that world Bitcoin would be well outside of my personal risk tolerance. Wright would be way too much of a headwind.

This is even more true today because BSV exists so we don't have to speculate what a Bitcoin of the Craig believers looks like. It isn't pretty.

Although I disagree with him about some details, I agree with Cøbra’s proposition that Bitcoin is hyperpolitical money.  And in politics, these things matter:  Charismatic leaders, founders, VIPs—authority figures.  Bitcoin’s distributed database consensus is decentralized; its development consensus is largely decentralized, because the Bitcoin Core developers think in terms of decentralization; but its broader wetware-layer social consensus never can be.  And an ideal that contradicts human nature is worth no more than an idea that contradicts the laws of physics or of mathematics.
4  Bitcoin / Press / Whithersoever my coin desires may lead... on: August 08, 2022, 11:12:16 AM
How is bitcoin maximalism presently taken by everyone in bitcointalk?

New policy:  I present myself as a fearsome “Bitcoin maxi” to altcoiners, and I chat about my favourite altcoins to Bitcoiners.  Thus, I can discover who my true friends are.  This optimizes for the human element.  So does intransigent opposition to scams.

I have been intending to write an essay with my own take on Bitcoin maximalism, but I am not sure if this forum is the right place to publish it.

These represent people who insist the Bitcoin network be left exactly how Satoshi made it - with no soft forks that add rules & functionality of any kind [as a side note, this is how coins like Bitcoin XT/Gold/Unlimited/Cash/SV were made].

That’s backwards.  All of the scams that you list made hardfork changes, while most of them accept post-Satoshi softfork changes such as P2SH (activated 2012-04-01).  Only Bitcoin has retained the status quo, with only backwards compatible changes since (IIRC) BIP 50/Bitcoin v0.8.1 (?) in 2013.  AFAIK, the only forkscam that even claims to be “exactly how Satoshi made it” is BSV—the perpetrator of which demands that Bitcoin make hardfork changes to seize coins.  I think that shows the nature of Faketoshi’s nonsense about Bitcoin being allegedly “carved in stone”:  He is upset that Bitcoin’s blockchain is actually carved in stone, never mind the consensus rules.

(I need not reach the rest of this discussion.)
5  Bitcoin / Press / [2022-08-05] DJB sues USG again, seeking info re NSA’s impact on NIST PQ Crypto on: August 08, 2022, 10:10:11 AM
Hot on the heels of one of the shocking sudden demolition of one of the most promising post-quantum key agreement algorithms...

...we find this:

2022.08.05: NSA, NIST, and post-quantum cryptography: Announcing my second lawsuit against the U.S. government. #nsa #nist #des #dsa #dualec #sigintenablingproject #nistpqc #foia


DJB’s blog summarizes the history of NSA sabotage of cryptographic standards.  He describes the atrocious state of the NIST post-quantum cryptography standardization process.  He concludes:

Quote from: Daniel J. Bernstein
I've filed seven FOIA requests with NIST since mid-2020. NIST has released a few dribbles of information, but in general NIST's responses have been very slow and obviously not complete.

For example, I filed a FOIA request in June 2021 asking for "copies of all NIST records of communication between NSA and NIST regarding the NIST Post-Quantum Cryptography Standardization Project". This request has, so far, produced zero records. NIST has stonewalled, ignoring the FOIA deadlines.

My seventh FOIA request, in March 2022, said the following:

Analyzing NSA's impact on this project will require not just seeing NSA's communication with NIST, but also tracing how NIST's decisions were made and analyzing the influence of the information that NIST received from NSA. If each step of this analysis requires dealing with another round of stonewalling from NIST then the analysis will obviously not be done in time to help the public make safe decisions regarding post-quantum cryptography.

NSA's documented history of sabotage, along with its evident sway over NIST, makes NSA's influence on NIST a high priority to review, but it also seems likely that other entities have also been trying to sabotage NIST's process. As far as I can tell, NIST has no procedures in place to prevent attackers from influencing the project through pseudonyms, proxies, etc. Anything short of a full review of project records could easily miss evidence of attacks.

Even without sabotage, getting cryptography right is challenging. Public review has identified security flaws in dozens of submissions and has identified many errors in the limited additional information released by NIST. Having NIST keep most of its analysis secret is a recipe for disaster. Given that NIST promised to be "open and transparent", and recently claimed to have "shown all our work", it's hard to understand why the full project records aren't already available to the public.

I asked for the full NISTPQC records, and for "all records of NIST/NSA meetings mentioning the word 'quantum', whether or not NIST views those meetings as part of this project".

NIST has produced zero records in response to this FOIA request. Civil-rights firm Loevy & Loevy has now filed suit on my behalf in federal court, the United States District Court for the District of Columbia, to force NIST to comply with the law.

Good luck to Professor Bernstein here.
6  Other / Off-topic / Re: Bitcoin and Antiviruses on: August 08, 2022, 09:49:29 AM
When I saw the topic title, I expected something like this:

It's been my experience that McAfee doesn't like to be uninstalled. They leave little bits of McAfee all over your system to antagonize you so that you reinstall it.

Definitional malware.


Definitional malware.

But check that it isn't a virus itself.

7  Bitcoin / Bitcoin Discussion / War is peace. Freedom is slavery. Wasabi solves fungibility. on: August 08, 2022, 03:29:18 AM
Orwellian “Fungibility”

Of course I am more than happy to hear thoughts on this topic, but I hope I demonstrated that my fungibility claims aren't pulled out of my ass, in fact they are the result of years of research on the topic, so I'd appreciate not calling me a liar, because of them.

It will profit you not to make breathtakingly audacious claims in public, and then get huffy and play the victim about people calling you a liar.

This is an exercise in classic Orwellian doublethink:

  • Divide the set of all bitcoins into two distinguishable subsets, “bitcoins accepted by Wasabi CJ” and “bitcoins rejected by Wasabi CJ”, based on vague, arbitrary, centrally decreed secret criteria derived from blockchain spying (“analysis”).  This is a new problem on the input side of a Wasabi mix.  By citing your own 2021 essay, you divert people’s attention with (anyway unsound) arguments on the output side.
  • Declare that Wasabi solves Bitcoin’s fungibility problem, because on the output side of a Wasabi mix, coins within the minuscule anonymity set of one Wasabi mix are indistinguishable from each other (see below!).  Perhaps you should better say that it is more or less weakly difficult overall to discriminate between coins in the “bitcoins accepted by Wasabi CJ” subset.  (Your argument, quoted below, is poorly stated; I am sorry to fix it for you.)

Accordingly, I propose a new marketing slogan for Wasabi:


Happy to help.  For the marketing consultant fee, my tip address is in my unpaid signature.  Wasabi is a profitable company, currently running a massive paid signature advertising campaign; thus, as I assist them with doubleplusgood truth in advertising, I hope that everyone won’t begrudge me a bit of ruthless mercenary capitalism there.

Misquoting Zooko

Pre-posting edit/insertion:  This is one of the dangers of sloppy research.  Before making my hereby post, I decided properly to source the anonymous quote in the pity epigraph at the top of nopara73’s 24 May 2021 Medium essay:

Even though Bitcoin is the worst privacy system ever, everyone in the community strongly values privacy [src]

In its current revision, the diyhpluswiki does not identify the speaker or the context.  That quote is from Zooko Wilcox, later the founder of Zcash, at Scaling Bitcoin Montreal in 2015.  Zooko thereby discussed three privacy technologies:  Lightning Network with onion routing, Confidential Transactions, and Zerocash with zk-SNARKs—the antecedent to Zcash.

The so-called “transcript” (apparently copypasted from here) is of very poor quality; it is a paraphrase of what Zooko said, or even some condensed notes approximately recording someone’s interpretation thereof.

Here is are Zooko’s exact words:

Back up a bit over half a minute, and see the context:

Zooko worked on Digicash (1996–98), and he now leads Zcash.  At both Digicash and Zcash, Zooko’s standard for privacy was and is:  Statistical hiding.

(Cited version; current version.  Graphic copied from what I had already written below.)

I doubt that he would appreciate his words being used to pump a commercial mixer that it is known Chainalysis can break (use this link from Tor), which is in bed with blockchain spying (“analysis”), which is now promoting an Orwellian doublethink notion of “fungibility”.

Note:  I have been yearning for zero-knowledge proof privacy since 2013; I will accept nothing less!  I am proud that I am a Zcasher since Sprout.  I was pleased to see that Edward Snowden gets it (Tor-friendly link to read Tor-blocking Forbes article).  One of my forthcoming essays, off-topic here, will be about how a nonsensical FUD campaign has deprived Bitcoiners of the privacy that Bitcoin deserves.  Although Zooko may be unhappy with my opinion against POS, I am fully in agreement with him about blockchain privacy:

Quote from: Zooko Wilcox
1. You can’t add privacy.
Build strong security into the foundation.

2. Decoys don’t solve the problem.
Encryption and Zero-Knowledge Proofs do.

3. You can’t add privacy to money in flight.
Privacy comes from shielded money at rest.

I hope that you are not mining these discussions for ideas to twist to your audience on Medium, even as you tell people here who have proficiency in the subject to “learn more” from your marketing fluff article that you wrote before Wasabi hopped into bed with blockchain analysis. Roll Eyes

Anyway, let’s take a look.  The key quote, the only part that is really relevant here, is this:

All formatting is in the original:
Wasabi users k-anonymize their unique UTXOs such that the result of the coinjoin is ideally 100 distinct, yet k-anonymous, outputs, where k = 100. These k-anonymized UTXOs are indistinguishable from each other. This is how anonymization, a mathematical tool, realizes the indistinguishability — also known as homogeneity or fungibility — property of a currency.

That is an attempt to bedazzle your nontechnical audience with jargon.  An old marketing adage I heard somewhere:  If you can’t convince ’em, confuse ’em.

Those who think in technically precise terms, and who understand the terminology, will understand that you basically just said you give coins “indistinguishability — also known as homogeneity or fungibility” within a set with size k = 100.  It is unimpressive.

Loth though I am to fix your fungibility argument for you, I should point out that all coins within the “Wasabi CoinJoin” set have a much weaker sort of practical indistinguishability.  I will not hereby reach any attempt rigorously to characterize that.  The point here is that you break fungibility between coins accepted to a Wasabi CoinJoin, versus coins refused by a Wasabi CoinJoin.  As aforementioned:  You now break fungibility on the input side, not the output side, then link to your old 2021 essay to confuse the issues for people who have fuzzy thinking.

Furthermore, all of this appiles only if coins are not traced through a CoinJoin.

Overselling Coinjoin

Your marketing pretends that CoinJoin provides excellent state-of-the-art privacy.  This is not true; and your hyped-up overselling of CoinJoin makes me suspicious, when you are working with blockchain analysis.

CoinJoin is a clever workaround for what I have previously called Bitcoin’s “fatal flaw”.  I think it was ingenious, when Greg Maxwell invented it in 2013—an invention which, I must add, followed Maxwell’s attempt to confuse early “coin taint” analysis.  But I tell you, it is only a workaround.  It does not fix the problem.

And this is especially problematic when you assure your too-trusting users that they are safe when you collaborate with blockchain spying, because their privacy is assured by Wasabi’s technology.  I find it most worrisome that Wasabi announced it was working with blockchain analysis, just around the time that Chainalysis disclosed they have some secret method to unmix Wasabi CJ:

[2022-02-22] [Tor-friendly link]

Jumping off from the Coinfirm analysis, blockchain analytics company Chainalysis saw the presumed attacker had sent 50 BTC to a Wasabi Wallet, a private desktop Bitcoin wallet that aims to anonymize transactions by mixing several together in a so-called CoinJoin. Using a capability that is being disclosed here for the first time, Chainalysis de-mixed the Wasabi transactions and tracked their output to four exchanges.

(Note for the sake of correctness:  I am not one of the people who assumed that Wasabi was working with Chainalysis itself.  All of my posts have consistently described Wasabi as being in bed with unspecified blockchain spying (“analysis”).  I was quite careful about this.)

But the vulnerability of CoinJoin in practice is not news.  For one of many potential problems with CoinJoin, here is an except of one of my “Newbie” posts (a few days after I started active posting!), illustrated with a figure from [Goldfeder, et al. 2017]:

I guess they could identify you only once you cashed out. Other than that, your identity is safe (unless you have verified your identify in an online wallet, of course);

WRONG.  For but one of a hundred other ways your identities could be linked, even if you mix with CoinJoin, check out this pretty picture from a research paper I referenced in my earlier post on this thread:

Stop giving dangerously bad advice!

I doubt that blockchain analysis companies ever fully disclose their current capabilities to the public.  Never mind state-level threats, such as the NSA’s mass-surveillance program against Bitcoiners.  The academic literature has years-old attacks for unwinding CoinJoins in realistic scenarios.

Quote from: Goldfeder 2017, op cit., p. 2.
For example, if the victim employs 3 rounds of CoinJoin and the adversary observes two of the victim’s payments, he can link them back to her wallet (despite mixing) with 98% accuracy.  Multiple rounds of mixing increase privacy, but those gains are quickly stripped away if the adversary observes more than 2 payments.

is it fair to say that Wasabi is making bitcoins fungible?
Maybe you are making some bitcoins fungible, but you are not making Bitcoin fungible. If anything, you are actively working against Bitcoin fungibility by enforcing taint and directly funding blockchain analysis.

Well said.  It is merely Orwellian doublethink—or perhaps, a marketing sleight-of-hand to pull the wool over the eyes of nontechnical users who do not think in such precise terms.

On dirty language:

That's exactly what Wasabi Wallet coinjoins are doing.
For carefully selected outputs which are already treated as fungible by your blockchain analysis partners. To paraphrase someone from Twitter: What good is a washing machine which only washes clean clothes?

I strongly disagree with that use of terminology.  I intended to address that in some drafts that didn’t get done because my time was eaten up by some drama last week.  I hadn’t seen that at the time; I found it shortly after I had fixed something in the Bitcoin Wiki that really horrified me (another WIP):

Revision as of 04:55, 31 July 2022


(Axe ridiculously wrong, foolish, and repulsive description of Zerocoin as “laundering” coins—including an express description of Zerocoin as a “money laundering pool”.  WTF?  This whole thing needs to be rewritten.)

That wording was in place for eight years.  When I was done vomiting, I changed “money laundering pool” to “shielded value pool”, the terminology that Zcash uses.  I then began to write a very long forum post prospectively entitled, “This is why we can’t have good things!”  Not yet done due to distractions.  It touches on that Twitter question to Wasabi.  Here is a rough excerpt:

Quote from: nullius (DRAFT)
That question [“What's the point of a washing machine that only washes clean laundry?”] is logically isomorphic to the “nothing to hide” argument against privacy:  Why do you want privacy, if you have nothing to hide?  And it dovetails with the mindset that everyone is guilty till proved innocent:  Only those with dirty laundry need falsely to prove their innocence, while innocent people with clean laundry can just let themselves be watched, tapped, tracked, traced.

Innocent people need not fear being imprisoned in a global panopticon of perpetual mass-surveillance.  Only guilty people don’t want to be imprisoned under the watchful eye of unseen wardens.

Of course, that argument is ridiculous. [...]

What is adequate privacy?

Note:  I had intended to cut this down to a briefer summary before posting, because it seemed to diverge too far off-topic.  But since nopara73 was kind enough to misquote Zooko without attribution, I will take the liberty of slightly extending this section instead.

But the problem cannot be fixed, if people can say that one coin is not like another.
Thanks for your elaborate reply, nullius!

So you are convinced that it has to be solved on a technical level. I mean; I'm not against having better on-chain privacy, such as in Monero - effectively removing the very ability to distinguish UTXOs, however I'm not sure like you that it is needed.
In fiat world, people accept bank notes without checking their history through its serial number and they aren't checking them for the anecdotal traces of cocaine (could also check for blood, etc.) - every fiat bank note is not the same, but is universally treated as such, around the world. Whenever they aren't, people get very upset, too, however not so in Bitcoin. I don't really understand why.

I'm looking forward to your project / proposal and willing to help if I can!

Thanks.  Pending whatever other topics I create on these subjects, I should note in brief two things:

Fiat cash is no longer so private—not “untraceable”.  The automated scanning and logging of serial numbers has been sort of privacy-lore passed about in privacy circles for some time; and I have seen Snowden mention it as a major problem nowadays.  But I did not know of any specific, citable information about this.  Thus, I spent some hours researching systems that are available on the market today, and presumably in common use.  This will be the subject of a new thread.

You have mentioned Monero a few times.  Thus although I don’t want to diverge too much into a topic I intend to address in other threads, I want to make it clear for the record that I do not consider Monero adequate.

My own analogy:  Any sort of mixer scheme (including Monero mixins) is like stabbing yourself with a rusty fork, and then putting on a bandage.  Such schemes leak information onto the blockchain, and try to generate noise covering up the information that is leaked.  The true transaction graph is still there, hidden in the noise.  This information can sometimes be sussed out with probabilistic attacks, or used for confirmation attacks, or cross-correlated with other information—and it is a rule in security, attacks only improve.

Ultimately, I only deem adequate a technology that leaks no information at all.  Instead of stabbing yourself and bandaging the wound, don’t stab yourself.

Digicash (1996–98) had perfect unlinkability—statistical hiding.  However, it was unavoidably centralized.  The blind bearer note system that I almost built a few years ago would have similar properties (with quite different cryptography).  I have remarked before that Satoshi was caught on the horns of a dilemma between privacy and decentralization.

This is both perfectly unlinkable, decentralized—and now, fully trustless [paper now linked above]:

That is not k-anonymity.  Rather, statistical zero knowledge provides what Jameson Lopp (2014) properly called “infinite anonymity”.  To understand it requires an entirely different mindset.  Few people get it; even in the Zcash community, I am frustrated by a widespread lack of comprehension about what zero knowledge really means in practice.  There are no “anonymity sets” partioning zero-knowledge shielded coins within a shielded value pool.  The concept does not even apply.  And within the shielded pool, a public transaction graph does not exist.

(N.b., I am hereby discussing a privacy technology in itself.  What I have just said applies to transactions that occur fully within a zero-knowledge shielded value pool.  The well-known attacks on the transparent value pool, and on people who have careless opsec at the boundary between pools, are not relevant.  In particular, attempting to use a privacy coin as a Bitcoin pseudo-mixer is a well-known footgun; that has nothing to do with the technology.)

Some people get it.  I was pleased to learn that Snowden secretly participated in the creation of Zcash, under a pseudonym.  In 2021, Snowden declared that “Bitcoin is really failing comprehensively on the privacy angle,” and he called for Bitcoin to be made “private by design”; he made similar remarks in March and in June of 2022.  Although I don’t agree with him about everything, Snowden understands the privacy issue; thus, I am unsurprised that in 2016, he was secretly onboard with the same privacy technology as I have been wanting in Bitcoin since 2013.

Like Snowden, I myself have said that “Bitcoin has a fatal flaw...  an append-only global public ledger [is] an idea which frankly horrified me.”  I now modify what I said there in 2020 about “my proposed solution”.  The solution ultimately needs to be on L1, but I clearly understand the state of zero-knowledge proof technology.  In 2013, applying NIZK proofs to a blockchain was a research idea; and Turing-complete zk-SNARKs were first invented.  In 2016, the first fielded implementation was bleeding-edge new technology.  In 2017–early 2018, I myself suffered some severe problems as an early adopter.  By late 2018, it was basically usable, albeit with some significant remaining problems—worst of all, the trusted setup.  In early 2020, I knew that it was still not yet sufficiently mature for Bitcoin.  Only in 2022, after nine years of R&D and a fully-fielded implementation of refinements of the 2019 research breakthrough that got rid of the trusted setup, I am ready to declare that the technology is mature for widespread general adoption.
8  Bitcoin / Bitcoin Discussion / Religion, Money, and a Religion of Money. on: August 07, 2022, 09:53:09 PM
Basically the cryptocurrency don't have to do with religion.

As the self-appointed high priest of the god of Bitcoin, I must object:  Bitcult.Faith

We all know that Church can not invest in cryptocurrency for the sake of getting money.

Why not?  Are you aware of the wealth that churches have, and of the investments they make in other asset classes?

The pretense here that money has nothing to do with religion has encouraged me to update my cult’s tithing address.  For too long have I lived as if under genuine vows of poverty!  Hark, a vision:  The god of Bitcoin wants me to have some more of those bitcoins.  To fulfill this divine commandment, you must tithe only 10% of your income.

Money is, after all, one of the major purposes of religion.  Religion is the best business on Earth!  Perhaps I have sinned as a businessman, by never having sufficient greed.  But I do understand religion.  How should I best please divinity in a religion about money?  Should I preach about money, but not practice it?  Forsooth, an it be so, the god of Bitcoin may condemn me as a hypocrite!

I said it in 2017:

Most importantly, as a cult leader, I have the prerogative of taking advantage of my adoring followers financially (and the attractive female followers in other ways).

All hail the god of Bitcoin.

I would be open to agreeing with their intentions only if I don't know that these churches are also filled with corruption to their core. There is a local church here in the Philippines that is aggressively asking for tithes every month, like 10% of their salary. They made beautiful churches and did impressive projects, but to see that their leaders and figureheads are rolling with luxury cars and can afford houses worth millions, while their followers are living in poverty is something that offed me a lot. Also, religious teachings often always ask their followers to live frugally and just be a good person, but apparently the figureheads are exempted from this rule Cheesy

Good idea. Cheesy

For the record, I drafted the above about a 10% tithe on 2 August, when I updated my cult’s page—before you wrote this.  10% is a traditional tithe.
9  Economy / Reputation / Re: Goodbye, world! on: August 06, 2022, 11:48:39 PM
It’s a lot different these days without these mentioned users around, but said sting operation made waves between powerful cliques so strongly the ripples can still be seen to this day..

I think that is overly melodramatic.  “Powerful”?  “Waves”, as opposed to ripples in a frog-pond?  All this DT, rank, and merit stuff has the grandiose false importance of a schoolyard popularity contest between children.  Poor children:  Anyone who has significant BTC would be unlikely to care about these cliques.  Nothing against the poor, per se—I myself am poor; I guess that some poor people can somehow keep a proper perspective on how much supercilious forum-politicking is driven by remarkably petty levels of greed.  But imagine, Eddie:  Would anyone with 1000 BTC be deeply entangled in forum-DT factionalism?  More importantly:  In even so short a time as twenty years, will anyone care?

As I have mentioned before, Lauda repeatedly urged me to quit the forum altogether.  She regarded me as an underachiever, and she was deeply critical of me for this:  “Stop wasting time.”  After the time she spent striving with single-minded devotion to try to help foster a healthy community here, she herself was increasingly frustrated and pessimistic for the reasons inferred by Agbe’s analysis.  Any positive change was blocked by what she privately called “the enablers”:  Not the obvious scammers and trolls—not the unpopular people—but the game-players, the manipulative influence peddlers, their backroom politics, their public currying of favour.

Wherever she is now, I hope that she moved onto more productive endeavours.  And I hope that no ill fate befell her, as seems to be implied by OP here.  And I also hope that—well, let’s put it this way:  I have spent the past few years being haunted by the thought that she may have done a real “Goodbye, world!” over that plagiarism thing, which I myself considered worse than that admittedly ill-advised sting operation.  I have graphically hinted at this before.  I don’t think that’s likely—but I don’t think it’s terribly unlikely, either.  I forgave her over that because, among many other reasons, she immediately owned up to it; and instead of lashing out at the anonymous account that correctly accused her, she thanked it.  I hope that she forgave herself.  All I know is that she was very upset—not merely embarrassed at being caught, but sincerely angry at herself; her activity soon dropped off to its lowest-ever levels, and then she abruptly burnt her identity, cut her contacts, and disappeared.  There was always a lot going on with her; it was probably something else.  Probably a coincidence.

With due apologies for being so morose, Eddie—Black Sabbath, and all.  In a few days, I will return to only my normal level of pessimism.

I do dream of what could have been...

1 month Kitty admin and this place will be booming with innovation again.  Smiley

Anyway, I am surprised that The Pharmacist brought up that sting operation in response to jamyr.  At the time, jamyr commented on the thread where the sting operation blew up:

I have respect with Lauda and it will remain that way even if he's done something legally wrong, for me, what matters is youre doing something that is morally right.


Which is exactly why no one except Quickseller and a handful of angry trolls/scammers that Lauda negged care about these accusations against Lauda.  Staff doesn't care.  People on DT generally don't care.  That's because Lauda owned up to the screw up in judgement with the sting operation, [...]

(Corrected because Quickseller made peace with Lauda.  So now, only trolls/scammers care about it.)

You got what you wanted. Lauda is no longer a staff member. You can lock this thread now.

 Huh  Wow

This will hurt the forum.  Lauda was one of the most active staff members.

TMAN was together with Lauda in the same controversy.  I don’t think he would mind my pointing that out, since he was always one of her strongest defenders about that (and otherwise).

Posted while I was looking for an appropriate nonexistent-kitty pic I will edit into the above [edit: together with some self-correction of sloppy statements/AI memory bitflips “foibles of human memory” in the draft I wasn’t done with]; with quoting changed to avoid top-posting:

It’s a lot different these days without these mentioned users around, but said sting operation made waves between powerful cliques so strongly the ripples can still be seen to this day..

Not having several members around now is making this forum a different place altogether but after making a statement such as that you have to name names please... which operation were you referring to?

Why should he name names?  It is well-known.  The matter was sufficiently well-settled that the target of the sting blanked his own post about it, to avoid being a drama-magnet.

Lauda was fired from her forum staff position over this—a big blow to her, only two months after she came in second in an unofficial election for the community to suggest a new Global Moderator.  She suffered years of trolling over it.  Over five years later, almost two years after she disappeared, there is no need to rehash the matter.  I am surprised that The Pharmacist brought it up.

Although the circumstances and particulars were very different, in the abstract, that “sting operation” reminds me of something that I once read in a political memoir.  The author was offered a $5,000 bribe in a political type of context—a large sum of money, at the time; this was before the dollar’s implosion in the late twentieth century.  There was a hint that the offer was negotiable; and he had heard that others had received bribes of $50,000 to $75,000 for the same corrupt action.  As he related in his memoir, he was tempted simply to see how high the person offering the bribe would go—not from any temptation to take the money, but from a desire to quantify the corruption.  He thought to play along a bit, in the manner of a sting operation.  Then, he realized that this could backfire very badly; so, he gave it a flat no.

This nonexistent cat puts forum drama on ignore, and wonders
if you will solve the Lauda Memorial Puzzle.

Free images of Lauda!
10  Economy / Reputation / Re: Goodbye, world! on: August 05, 2022, 04:44:25 AM
PrimeNumber7’s earlier reply to me had some prior context; it would be known to those who have read the thread, and related discussions in 2020.  I have been actively protective of Lauda’s privacy since she disappeared in 2020, and I repeatedly spoke about that within the first 14 pages of this thread.  I infer from PN7’s prior post that he remembers all of these discussions.

I created the puzzle because I wanted to do something here that I think she would have appreciated, for the enjoyment of everyone who misses her.
I have sometimes thought about making a Lauda website—aye, a stereotypical Internet shrine.  I almost did, back in 2020.  I didn’t (yet?), for I have some doubts about whether or not Lauda would want such a thing.
[...] something fun and challenging in Lauda’s memory, like the sporting games that the Greeks played at the funerals for heroes in classical antiquity. 😺

Any for of contribution that keeps alive the memory of Lauda would generally be considered a good thing by most since she was popular but what would she have thought of it herself? She removed herself from the drama in the forum for reasons unknown. Do you think Lauda would be supportive of her name/memory being attached to the puzzle?

Why the sudden display of concern?  Despite your prior DT interactions with Lauda, you first showed up in this thread on 3 August 2022, on page 14; and you very evidently had not read any of the thread.  It is inappropriate for you to be second-guessing Lauda’s friend and throwing negativity onto something joyful, from a professed concern for Lauda’s name and memory.

Lauda generally liked what I did for her.  I think that’s patently obvious—as was her general desire to be remembered by things I did for her.  I usually didn’t ask her beforehand when I easily could have, and she was always delighted.  Your above-quoted question is also directly answered by a prior post on this thread, which has been linked from my unpaid signature for the past month; it is quoted above, with some other relevant prior posts.

Now, please feel free to take a shot at solving this jolly good puzzle.  I know that you had positive interactions with Lauda; and the puzzle is a fine way to scam you into reading her final thread.  Furthermore, although I know that it may take awhile to solve this one, or it may even remain unsolved indefinitely, I am waxing a bit impatient.  I have been contemplating another puzzle, with some enigmatic ideas that I didn’t use for this one; but I am reluctant to detract from the existing puzzle by adding new puzzles, while this one remains unsolved.  So, please solve it if you can! 😼

P.S., please stop top-posting.  Thanks.
11  Bitcoin / Development & Technical Discussion / Brainlesswallets, and sundry other matters. on: August 04, 2022, 02:00:02 PM
WTF, are people actually defending brainwallets in the development forum?  Did I wander into the newbie forum by mistake?

Fact:  Brainwallets were popularized by a wallet thief, who created the brainwallet-dot-org site to trick people into creating insecure wallets for him to crack.

Or, per my aphorism:  So-called “brainwallets” are wallets for the brainless.  I propose renaming to brainlesswallets.

NotATether, you basically just don’t know what you are talking about here.  The handwavy scheme that you vaguely describe is not what most people call a “brainwallet”, although it is insecure “squish” (to adapt and extend a term from John Denker).  It is in poor taste for you to suggest that you would charge money to create it, when you are wasting my time; I should send you a bill if I need to explain this to you.  Tip address is in my signature.

Does anyone want to pay me to build a program that takes all the words posted on this page of the thread, generate a brain wallet on each of them, concatenating duplicate words onto themselves as they are encountered, and proceed to demonstrate that even with this creative way of brute forcing address, you won't happen upon anything, zilch, nada? Tongue

Just to demonstrate how large all the avenues are (say, 18 million dictionary words squared)? Roll Eyes /sarcasm

Or perhaps I can just take all permutations of all words on this page from 1 word to the entire set, and fry all data centers' computing capacity for the next 1000 years?

Under nooblius doctrine, the fact that you even think of such a horrible crime makes you a thief. Desist at once and report to your local Ministry of Truth office for mandatory brainwashing.

And you?  You are not a developer.  Your technical skills are nil.  In my experience, you find it too troublesome to verify a PGP signature.  Your disreputable Reputation troll playpen is over this way: → suchmoon demonstrates exemplary professionalism.

I need to stress more and more, that bitcoin is not crypto it is against crypto! It is anti-crypto! It is live because crypto was not able to go live, it tried for decades but failed to go live.  Am I clear enough? NO?

I strongly disagree with that statement; but I want to assure you that this forum is day by day ever less representative of Bitcoin.

In particular, the “people” who are rationalizing wallet-thievery on grounds of if you find some keys, the money is “legitimately” yours! would be drop-kicked from any Bitcoin Core developer discussion.  Bitcoin Core developers are professionals.  They have a high standard of ethics.  They take seriously their mission to maintain the most secure financial network in the world.

I notice that other than a few exceptions (such as those who are forum staff, and a few others), many Core developers’ forum accounts have been inactive or rarely active for years—and some of the newer leading Core developers do not even seem to have accounts on this forum, insofar as I can ascertain.  That saddens me, for this is Satoshi’s forum; and some excellent-quality technical discussion still happens here.  But seeing these types of discussions amateur-hour dumpster fires, I am not surprised.

If you want to see what Bitcoin development is like, and the character of the people who are building Bitcoin, go lurk in the places where development happens nowadays.

I may reply another time to some of the other things you said; but it is diverging quite far from the topic here.  It converges with some of the things I would otherwise be writing about, if my time were not being wasted here.  Please feel free to watch for my posts elsewhere, if you are curious.

Meanwhile, I cannot help but be amused at the caliber of minds going bonkers here, and evidently projecting their own psychological problems onto me:

Merit summary for fillippone

Sent in the last 120 days


another symptom that you are sick
Giving merits to a banned account is not normal

you still have time to take the pills

Roll Eyes

[This space is intentionally left NULL.]

It is the only appropriate thing in your post—just not the way that you intended.
12  Economy / Reputation / Re: Goodbye, world! on: August 04, 2022, 09:19:29 AM
That settles it then, the mystery was not so much a mystery after all. I did not pay much attention to what was going on with the wallet or the memorial puzzle but after reading the last post it becomes clear why funds were added and who added them  Grin

To be clear:  I did not send the funds on 2022-04-30 and 2022-07-10.  I have no idea who did.  Lauda had many friends and admirers.  Despite my wish to keep the puzzle puzzling, I do not wish inadvertently to be credited for money that anonymous others contributed to the prize!

I created the puzzle, and I initially funded it with 0.001 BTC on 2021-03-14.

I think it’s remarkable that the first new addition of money came when I was “asleep”—just over a year after I had last posted on this forum.  Of course, others remember Kitty—but I was pleasantly surprised that someone remembered my Kitty-puzzle. 😺

PrimeNumber7, I think that Lauda probably cared about her privacy from the beginning.  
I have seen evidence that Lauda was not initially careful with their identity when they initially joined the forum. I prefer to not publicly state what evidence I have seen as it may weaken Lauda's privacy as it stands today.

Thank you for respecting Lauda’s privacy.

I think Lauda initially struggled with some of the technical aspects of Bitcoin, and later learned the necessary skills to understand bitcoin. I find the reasons that I previously stated to be most reasonable.

However she learned, she learned well.  A few days ago, I took a walk down memory lane with some of her posts from 2017.  I had seen many of her posts at the time, while lurking; at the time, I was impressed.  Now, with the benefit of hindsight, I am amazed at how accurately she predicted events in a complex system that involved both human decisions, and technology.

Bitcoin is apolitical money, as to external politics—but internally, it is also highly politicized money (and I must credit Cøbra for having pointed out this latter part, somewhere that I didn’t see at the time).  Unlike many other realms of politics, Bitcoin politics often hinge directly on technical factors.  Being technically correct means winning.

I think that one of the reasons why Lauda had such certitude about being on the winning side was that she understood Bitcoin’s consensus mechanism better than Jihan did.  Better than I did, too.  Until I saw the theories put to the test, I myself had some doubts about how the Bitcoin network would behave in various adversarial scenarios.  Lauda was highly confident about this—and she was right.

Besides that, she seemed rarely to engage in deeply technical discussions; but sometimes, she popped up with something like this:

Re: Bitcoin Block confirmations, Why do they lag at times?
While these answers have substances, they are all wrong i.e. do not explain what is going on. The time between blocks follows the Exponential distribution, the number of blocks in an interval follows the Poisson distribution (Poisson distribution can be derived from an Exponential or Binomial distribution) — with the expected time being 10 minutes, and the variance being 100 minutes.
Bitcoin mining is a Poisson process.  Lauda hit the nail on the head by identifying the mathematically precise distributions, for those who want to learn more about how this really works.


I know of only two or three other people who have actively tried to correct this fallacy in the Bitcoin community—and all of them have sometimes been accused of being my alts (including Lauda, lolz).

If she wanted her privacy maintained then that is something which should be respected even after she left the forum.

Yes, indeed.
13  Bitcoin / Bitcoin Discussion / Re: Why Bitcoin Dislikes You on: August 04, 2022, 02:58:30 AM
With the glorious context restored to the internal quotation:
Quote from: Topic title:
Why I Disliked Bitcoin

Because you’re stupid. /thread

Figure 0: Sinners suffer divine wrath in condign punishment for disliking Bitcoin.
My, you are suffering for your foolishness. Cheesy

The Four Horsemen Cometh

What a display of arrogance! I can see you lack home training because no responsible person will call anyone stupid and foolish unattacked you this spoilt brat. I guess the high merit you have

Alert:  Newbie obsessed with ranking up.  Paid signature campaigns, watch out!

has blinded you to moral standards. Mind you, coming newly to bitcointalk does give you the effrontery to attack me as if one is your slave, you are still in the womb when I started working on forums.

My age is none of your business; but your proposition seems unlikely temporally impossible.  I learned crypto from PGP, AC2, and Cypherpunksviz., within the decade when the Web was created.  You are just a n00b reaching for canned insults.  Do you even have a PGP key?

I've participated in many and they all hold me in high esteem.

You can allege whatever you want.  Here, you are just a shitcoiner who spent years “disliking” Bitcoin for the exact reason why it exists:  It is permissionless.

Greed eventually got the better of you, and some patent jealously of all the people who bought BTC at orders of magnitude lower prices; thus, you now strut as if you are some kind of an expert.  Someone needs to pop the bubble of your empty conceits.

(Next step:  Correcting, or at least ridiculing your habitual failures of grammar and diction.  Wherefore is there such a nexus between shitcoinery and illiteracy?)

Extremists like you should just be kicked out of the forum for morals' sake.

Go ahead and petition the CEO of Bitcoin to ban me. Roll Eyes
14  Alternate cryptocurrencies / Altcoin Discussion / Re: Ethereum Merge: The most anticipated catastrophe on Ethereum blockchain on: August 04, 2022, 02:58:12 AM
Ethereum as the most actively developed blockchain [...]

It’s not.  Bitcoin is; but you obviously are not a developer.  I follow Bitcoin Core development, and I am familiar with the codebases of some altcoins; I know first-hand whereof I speak.

I advise you to go for more learning and stop behaving as if you know it all, I know your type. I repeat, Ethereum is the most actively developed blockchain. I am not a coder like I had iterated, yet I research a lot and stand by everything I write on the Bitcointalk forum.

Well, besides the small fact that you evaded the major substance of my post to reply to the three sentences at the top, you have no idea what you are talking about.  You are obviously just regurgitating whatever swill you drank down on “crypto Twitter”, on Youtube, or on some shitcoin shill site.  That is “research”, to your type.

Given my familiarity with the development process, I feel like I am entering some bizarre alternate reality whenever I see altcoiners pretend that Bitcoin doesn’t have the most active development of any coin.  It is a meme on so-called “crypto Twitter” and amongst “Youtube influencers”.  No exaggeration:  I have seen proponents of an altcoin based on a codefork of Bitcoin Core v0.11.2 claim that Bitcoin is way behind.  (Bitcoin Core is on v23.0, soon v24; due to a renumbering, the v0.11.2 was equivalent to v11.2.)

How can this urban myth persist?  One reason is that Ethereum and its competitors have a “move fast and break things” kind of attitude, whereas Bitcoin Core deliberately has a cautious, conservative development process.  Their goal is not to chase fads, or to be first to ship glitzy features:  Bitcoin’s goal is to be absolutely the most secure, most reliable financial network.  Thus although Bitcoin Core development is so active that it’s difficult to keep up with it, most of the activity is beneath the surface where tweety-types and idiotic “influencers” never see it.

Since you are the type to learn best from videos, I suggest watching what Gloria Zhao says about security:

With that being said, I do need to give credit where due.  For all its many faults, Ethereum has been good at three things.  I may cover those in another post sometime.  It is not worthwhile here—especially not whereby the proper topic is that with its switch to POS, ETH is turning itself into an illegal unregistered security.

Now, lest my crypto-anarchist friends suppose that I have suddenly turned legalist, I should add what I recently remarked in another thread:

The funny thing is that decentralization matters.  And one of the only coins (arguably, the only coin) that is sufficiently decentralized to have some chance of resisting regulatory interference is—Bitcoin, the one coin that Mr. [Gensler] affirmatively said is not within his agency’s jurisdiction.  Amazing how that works.

I will illustrate with only one example of what I mean.  Beneath is marketing veneer of fake “decentralization”, the whole Ethereum ecosystem has a practical dependency on a single U.S.-based company:  ConsenSys, the owners of Infura and of the vertically integrated Metamask wallet.  If Infura were to go down, it would cause ecosystem-wide disruption in Ethereum that could not be caused in Bitcoin by eliminating any single party, or even any small group of parties.

You see, Mr. “EarnOnVictor”, you want to do something that is illegal in most jurisdictions:  Trade an unregistered security, i.e. a near-future POS version of ETH.  Whether or not it is wise or good, as a practical matter, Ethereum has no hope of getting away with it.

I do not have the foolish attitude of some Bitcoiners who believe that governments cannot shut Bitcoin down.  However, Bitcoin is incomparably more difficult to stop.  Regulators and politicians are not always so stupid as clueless Internet commentators presume; and I don’t doubt that some of the smarter ones take the cost of enforcement into consideration when they decide on their approach.  With Bitcoin, thus far, it seems they want to regulate with a relatively light touch.  I think that the cost of enforcement, combined with Bitcoin’s essential merit, constitute the major factors in the developing difference of regulators’ treatment of Bitcoin versus shitcoins.

I note that the Ethereum Foundation being in Swiss jurisdiction is meaningless, when the U.S. could throw the whole Ethereum ecosystem into turmoil simply by shutting down ConsenSys.  Whereas Bitcoin does not even have a centralized foundation, let alone any centralized critical infrastructure run by companies amenable to enforcement actions.  Bitcoin’s past experiment with a centralized foundation taught it lessons that Ethereum never learned; and it doesn’t really have any critical centralized infrastructure at all.
15  Bitcoin / Bitcoin Discussion / Re: Bitcoin *is* an inflation hedge in first place. Satoshi expressly made it so. on: August 03, 2022, 10:48:11 PM
A few more things that many people don’t get:

0. The Bitcoin supply is still inflating.  In its earliest years, especially before the first halving, Bitcoin had an extremely high rate of inflation.  The inflation rate is now low; and in a few years, it will be negligible.  Meanwhile, Bitcoin has already behaved as economically deflationary overall, due to the next item.

I posited in the "wrong" topic that there will come a time where Bitcoin effectively becomes deflationary.  People often accidentally lose access to private keys causing sums of BTC become unspendable.  If that rate of loss becomes greater than the rate new BTC enters circulation, then at that point Bitcoin is officially deflationary, but we'll never know for sure when that actually occurs.  Is that a fair premise?

Yes, indeed.  I have seen the same argument raised elsewhere.  Sometimes, unfortunately, it is raised by people who are unaware that there is no reliable way to measure the number of “lost coins”—or even to estimate that, beyond a very vague guess.  Thank you for noting that.  People who keep their coins in deep cold storage for years do not deserve to have their coins presumed lost.

I think that your line of reasoning is obviously correct.  However, it suffers a problem that most supply-side arguments ignore:  Market demand, which is volatile, is oftentimes more important than supply.

Usually, practical dominance of demand-side economics in Bitcoin overwhelm supply-side considerations.  Before the first halving, Bitcoin’s supply-inflation rate was absurdly high!  Between the first and second halvings, supply-side inflation was still extremely high.  But demand grew so fast that the BTC price went from zero to $12.25 by the first halving, and from there to $652.14 by the second halving.  (Source of price quotes.)  As such, Bitcoin has behaved as economically deflationary (price deflation, for things priced in BTC) even when its supply was wildly inflating.

The inverse also applies:  When demand falls, supply-side considerations cannot create value out of thin air.  Many altcoins suffer this problem:  They cargo cult Bitcoin’s supply limitations, or even burn large portions of their supplies* to try to pump the price; then, they wonder why they fail economically.  Simple:  Nobody wants the coins.

(* N.b. that the linked essay essentially admits in other words that many tokens have what are, indeed, the key attributes of a security—and that ETH will have those attributes after it switches to POS.  Uh...  Whoops!)

The question of Bitcoin’s practical utility as an inflation hedge is a question of demand growth being greater than or equal to supply growth.  It is very far from market saturation, so I think it is an excellent long-term hedge against inflation.  Betting against BTC now is essentially a prediction that its market is already at or near saturation.  It seems like a very poor bet to me!  And I think that by the time its market approaches anywhere near saturation, BTC supply inflation will be negligible—effectually negative, for the reason that you explain.

Its volatility can compromise its short- to medium-term qualities in this regard; I think that’s what people are complaining about.  People who bought in December 2017, or anytime from December 2020 – early June 2022, who needed to spend money in mid-June through late July, were definitely at a loss—even nominally, never mind inflation.  There is no such thing as a store of value with zero risk of any kind, so I think the solution there is better strategies for handling volatility and risks.  It is very rare for BTC long-term holders to take a loss on long-held coins!

All that being said, I must emphasize:  The titular reason for this thread was a question of whether Bitcoin was intended to be an inflation hedge.  It was.  That is implicit in its design; and Satoshi himself also said as much explicitly.

Unless my reading comprehension is failing me, no one chimed in to provide a counter argument to it in the other topic.

Probably because with some exceptions, many of the people posting there are just sigspamming.
16  Other / Off-topic / Re: Petition to Remove Gary Gentler from SEC Chair position. on: August 03, 2022, 07:50:29 PM
[...] when two people in the topic point out that the OP hasn't been able to even write the guy's name right and you come here and baptize him "Gentsler", [...]

So, can someone present (and with proof of it actually happening)  a thing that Gensler did and it was anti bitcoin? He is anti shitcoins for sure but I don't see him anywhere near as critical of bitcoin!

Poor Mr. Gantslir.  He shall suffer the slings and arrows of “crypto Twitter” tweeting furiously at him, when the SEC runs through shitcoinland like a bull in a china shop.  It shall hurt Mr. Gonslear terribly, because... um... I dunno.

The funny thing is that decentralization matters.  And one of the only coins (arguably, the only coin) that is sufficiently decentralized to have some chance of resisting regulatory interference is—Bitcoin, the one coin that Mr. Ginslar affirmatively said is not within his agency’s jurisdiction.  Amazing how that works.

I will illustrate with only one example of what I mean.  Beneath is marketing veneer of fake “decentralization”, the whole Ethereum ecosystem has a practical dependency on a single U.S.-based company:  ConsenSys, the owners of Infura and of the vertically integrated Metamask wallet.  If Infura were to go down, it would cause ecosystem-wide disruption in Ethereum that could not be caused in Bitcoin by eliminating any single party, or even any small group of parties.

Another funny thing:  After my prior post here, I posted in an Ethereum thread a substantive argument that POS ETH will be deemed an illegal unregistered security.  I quoted from a law professor, who reached the same conclusion that I have been saying about that for awhile.  The topic starter, who has an admitted history of having “disliked” Bitcoin, insulted me while dodging the substance of I said about the issue of POS tokens being illegal securities offerings. ¯\_(ツ)_/¯

Poor Mr. Genßler, needing to deal with that. Cry

[...] it makes a lot people think that they're doing something good for the world. They pretty much sign a petition, then they simply forget about it altogether after a few days lol. alone won't achieve anything. But it's good addition when it's used properly (only mention facts with source/proof, regular update, started by reputable group/organization, etc.) and someone actually do impactful action.

I think that the essential nature of democracy is to fool people into believing that they do something useful, while they uselessly dissipate their energies.  It is probably the most effective strategy that has ever been invented for a régime to prevent a revolution.

An online petition is only an extreme version of that; for unlike participation in the official democratic process, it does not even theoretically have any authority.  For organizing impactful action, I think that blogging and tweeting should have more practical effect—i.e., usually-negligible (rarely-high) instead of always-none; and that does not pacify people by fooling them with a mirage that they are directly making some sort of an actual change.
17  Bitcoin / Bitcoin Discussion / Re: How Whales Store Their BTC on: August 03, 2022, 07:34:13 PM
Obviously they keep very secure wallets. They could even keep a decentralized version of the seed phrase with different, trusted individuals. So that every trustee has one word exactly and nobody knows who the trustees are except for a select few.

Dividing up a seed phrase that way is not secure.  Each word of the seed that you leak exponentially decreases security.  An attacker who recovers a large enough proportion of shares, but not the whole thing, will be able to bruteforce the rest of the seed.  Furthermore, there is no way to provide redundancy, or to specify M/N access policies.

A popular approach to try to solve that is Shamir’s Secret Sharing.  In M/N Secret Sharing, an attacker who obtains M-1 shares has no information about the seed.  That has had some horribly buggy implementations, and it has been criticized generally by some experts (notably, Greg Maxwell).  I do NOT recommend using it, unless you know exactly what you are doing; but I disagree with the general criticism.  It needs better implementations, better standards (such as the Satoshi Labs protocol for this), and application to use cases where it makes sense—not ridiculous use cases, where it is too often misapplied.  Reconstruction of the key is potentially a major problem for the use case stated in OP; therefore, it may not make sense at all here, depending on the circumstance.  I note that there exists some enterprise software using SSS to secure the keys for corporate secrets; most Bitcoiners have no idea about that, and it is not a Bitcoin thing.

Multisignature, as I suggested in my prior post, accomplishes the same objective for the use case addressed in OP.  With Taproot, a M/N multisig (and many other access control conditions) can be made indistinguishable on-chain from ordinary spends; this obviates any blockchain privacy and distinguishability concerns, one of my own general objections to multisig.

Yeah obviously you should use multisignature for the encryption of each word in order to keep the naked text away third party eyes.

Cringe.  Conflating signatures (authentication) with encryption (confidentiality) is such a basic error that I am not sure if you may be trolling me Slashdot-style, making a ridiculous statement to attempt wasting my time with a long, detailed correction.

Unfortunately, clueless newbies who may somehow imagine that multisignature could “encrypt” (!) seed phrase words (!!) are the same clueless newbies who would attempt naïvely, linearly dividing up the words of a seed phrase—as you originally suggested, and you continue suggesting.  Suffice it to say:  You are unqualified to give security advice.  Stop giving bad security advice.

But would you then not have the same problem except that you went from storing the seed phrase words to storing the private keys to the seed phrase words? I guess you can divide up the keys and keep on adding multisig layers for extra security but it would never be 100% secure. Just more distributed. Also what I meant by "decentralized version" but was too lazy to explain.

Quoted for the lulz.

However now wouldn't the problem be that the more layers you add, the greater the chance becomes that you could lose access to the wallet by losing access to a signature? So thats a problem I think most corporations/whales would rather avoid. The scary thought would be someone withholding a key to blackmail or sabotage a business from within, with their own funds.

No matter how I think about it, there's a huge flaw in security.

I added highlighting to the internal quote above, for a reason.  The problem that you state is well-known and completely obvious.  The solution is that “M/N” thing:  Any M signatures out of a set of size N can authorize a spend.  Say, a 3-of-5 signature, or a 7-of-11 signature.  IIRC, some high-value escrow deals on this forum have used something like 2-of-3 or 3-of-4 multisignature with multiple high-trust escrow agents.

(2-of-3 multisignature also allows coöperative close of an escrow deal:  If Alice and Bob both acknowledge that the deal is properly completed, they send the money as agreed.  In case of a dispute, the escrow agent—effectually here, an arbiter—can sign together with Alice to send the money to Alice, or sign together with Bob to send the money to Bob.)

For dividing up secrets, a very different approach than multisignature, Secret Sharing also does M/N.  But it has many sharp edges, footguns, and bad implementations.  I disagree with gmaxwell’s categorical condemnation of Secret Sharing; but as things stand with implementations, I will not recommend it to anyone who is not a security expert with an appropriate use case.  Just use multisignature instead.
18  Economy / Reputation / Re: Goodbye, world! on: August 03, 2022, 10:45:39 AM

I miss Kitty. 😿

Fearless and fearsome.  Straight shooter.  Never bent, evaded, or dissimulated to play forum politics.  Ferocious defender of Bitcoin.

Continuing on my prior post in this thread, I celebrated Bitcoin Independence Day appropriately:

Re: Bitmain announces plan to create altcoin if BIP148 succeeds
I have already stated that the ASIC monopoly and mining cartel are much more dangerous than any kind of scaling issues. Just so that we are clear, all these idiots in altcoins parading "we are the best, we will win next" will get crushed. This is the time to be watching and learning from Bitcoin, i.e. how Bitcoin combats and resists malicious actors such as Bitmain.

[A post discussing the puzzle.]
If I'm not confusing anything, then the balance on Lauda's account has changed.  Shocked

Which balance are you referring to?
Yes it seems strange that a small deposit was made there but the reason behind it remains unknown. Even if the address was under control of Lauda there is nothing stopping her from moving her funds after she departed this forum.

Out of curiosity, if not Lauda then who could be controlling the wallet? Maybe the person controlling it made the deposit.

This nonexistent cat wants the puzzle to be for people who read the thread.

Free images of Lauda!

[...] Even if the address was under control of Lauda there is nothing stopping her from moving her funds after she departed this forum.
The address is not under Lauda's control (any savvy user can get these funds).

Indeed.  Let’s keep a puzzle about the puzzle.  I have been advertising the Lauda memorial puzzle in my signature for almost the past 17 months; and it has been discussed extensively in the past few pages of this thread.  Nonetheless, it seems to be the best-kept secret of this forum! Cheesy

Like the puzzle itself, all of the information needed to claim the money is hiding in plain sight.  Unlike finding information about the puzzle, recovering the private key requires thinking like nullius.

The nonexistent cat wonders if you will solve the puzzle.

Free images of Lauda!
19  Bitcoin / Bitcoin Discussion / Re: How Whales Store Their BTC on: August 03, 2022, 09:40:10 AM
Obviously they keep very secure wallets. They could even keep a decentralized version of the seed phrase with different, trusted individuals. So that every trustee has one word exactly and nobody knows who the trustees are except for a select few.

Dividing up a seed phrase that way is not secure.  Each word of the seed that you leak exponentially decreases security.  An attacker who recovers a large enough proportion of shares, but not the whole thing, will be able to bruteforce the rest of the seed.  Furthermore, there is no way to provide redundancy, or to specify M/N access policies.

A popular approach to try to solve that is Shamir’s Secret Sharing.  In M/N Secret Sharing, an attacker who obtains M-1 shares has no information about the seed.  That has had some horribly buggy implementations, and it has been criticized generally by some experts (notably, Greg Maxwell).  I do NOT recommend using it, unless you know exactly what you are doing; but I disagree with the general criticism.  It needs better implementations, better standards (such as the Satoshi Labs protocol for this), and application to use cases where it makes sense—not ridiculous use cases, where it is too often misapplied.  Reconstruction of the key is potentially a major problem for the use case stated in OP; therefore, it may not make sense at all here, depending on the circumstance.  I note that there exists some enterprise software using SSS to secure the keys for corporate secrets; most Bitcoiners have no idea about that, and it is not a Bitcoin thing.

Multisignature, as I suggested in my prior post, accomplishes the same objective for the use case addressed in OP.  With Taproot, a M/N multisig (and many other access control conditions) can be made indistinguishable on-chain from ordinary spends; this obviates any blockchain privacy and distinguishability concerns, one of my own general objections to multisig.
20  Bitcoin / Development & Technical Discussion / Re: The Emperor’s New Clothes: Fillippone is a wannabe wallet thief. on: August 03, 2022, 07:00:46 AM
@fillippone, in addition to being a wannabe wallet thief, you are a coward.  

@nullius, how about starting a thread in Scam Accusations instead of hijacking this thread?

0. I have no time for this drama.  Why would I want to create a new thread about it?

1. This is not “hijacking”.  Here in the Development & Technical Discussion forum, it is customary to call it out when someone is seeking to steal money while pretending to do otherwise:  Brainwallet promoters, LBC (which fillippone praised in OP here), etc.  The development forum moderators sometimes speak up about that themselves.  As fillippone may not know because he’s not a development-forum regular, there have been massive flamewars here over LBC—sometimes involving one of the moderators; I was tangentially involved with that years ago, via an argument with an LBC shill who also ridiculously claimed that he had found real money by clicking around on one of these “list all bitcoin keys” sites.  (Not keys-dot-lol; a different one.)

By the by, odolvlobo, you have been around for awhile:  What happened to the Bitcoin community whitehats who used to search for keys, for the purpose of securing and returning the money of people with vulnerable wallets?  That is the exact opposite of what fillippone announced in OP he wishes to do.  (That he is laughably incompetent about it is beside the point:  The question here is one of intent.)

But since you want a technical discussion, odolvlobo, I should point out (as I noted earlier) that OP here is inaccurate and misleading in its characterization of Bitcoin’s security.

How I wound up here:  In the Wall Observer, I posted the following.  As you are aware, odolvlobo, I am entirely correct:

[WO] Perennially popular misinformation about Bitcoin keys.

Nobody who has even the slightest knowledge of cryptography will ever attempt to guess a Bitcoin private key that way.

For an P2PKH or P2WPKH address where the public key has not been revealed, the search space is 2160; and there are approximately slightly fewer than 296 valid keys per address.

If the public key is known, it has a notional 2128 security level.

An attacker would not try to guess the key by bruteforce.  Rather than bruteforce, an attacker would use something like this free, open-source program:

And even if someone wanted to try bruteforce for some ridiculous unreason, there are about 2256 - 2128.3457 valid private keys, not exactly 2256 keys.  That is a negligible difference; but if one wishes to count keys, count the keys properly!

Technical information must be accurate.  The good cause of teaching the public about Bitcoin’s security is not helped by misleading explanations and misinformation.

fillippone replied to that (archive) in a manner that seemed to suggest he was arguing with my correct technical information about Bitcoin’s security level, and trying to teach me about the existence of sites that list all Bitcoin keys.  He directed me here.  At first, I just rolled my eyes—well, okay, I have helped to teach plenty of people how this Bitcoin thing actually works.  But then, my jaw hit the floor when I clicked through here and saw that he claimed it would be “legitimate” to take any money he could hypothetically find this way.

He is acting as if money is just floating around in cypherspace, there for the taking if only he can somehow find it—dreaming of anonymously snatching someone’s life savings, without giving a damn if that’s what it is—and nobody pointed this out.  WTF!? 😾


@babo, (page 2 and now page 3) beneath response save to note that your tactic of accusing the accuser shows your own dishonourable character.  Defending expressly stated, openly proclaimed wallet-thief intentions by wild insults and personal attacks on the one who properly pointed out the obvious:  Tagged accordingly.

dear child, you are sick
how much are the trusts of a person who randomly throws them around
without any motivation

do not worry, I will act accordingly and not only will I tag you, I will open a flag, because a toxic person like you damages the community

That is quite clearly a retaliatory abuse of the trust system.  And unlike tags, which are entirely discretionary and unmoderated, flags have objective criteria that must be met.  For a Type-1 flag, the criterion is that anyone dealing with a user must be “at a high risk of losing money”, according to a determination “based on concrete red flags which any knowledgeable & reasonable forum user should agree with, and it is not based on the user's opinions.”

For the record, to prevent any possible accusation of retaliatory escalation, I was already considering a Type-1 flag on fillippone.  I did not (yet?) raise one, mostly because seriously:  I have no time for this nonsense.  Claiming that it is “legitimate” to take money (hypothetically) found by searching for other people’s private keys is indubitably a “concrete red flag which any knowledgeable & reasonable forum user should agree with”, indicating “a high risk of losing money” in dealing with a person of such character.
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 128 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!