|
TPTB_need_war (OP)
|
 |
May 01, 2016, 12:38:09 AM
Last edit: May 01, 2016, 01:44:47 AM by TPTB_need_war |
|
Found this old "stream of consciousness" essay I wrote quickly "off the cuff" in March 2009. Interesting to read the entire essay because it was the first time I publicly mentioned Martin Armstrong in a very poignant way, and also I was clearly looking for Bitcoin. I'll quote the portion that claims I had 17,000oz of silver: P.S. If anyone wants to buy Buffalo 0.999 1oz silver rounds, I am selling them for $1 over spot in lots of 100oz. Contact me via email for how to order at this price ( antithesis@coolpage.com). There are photos at VaultOz.com. These are brand new in mint tubes of 20 from the Highland mint, stored at a reputable depository that ships within 24 - 48 hours of your payment. I manufactured about 17,000oz and have about 9,000oz remaining to sell. I am no longer planning to do this as a business and am liquidating at a loss, so I can move my silver assets outside the USA. P.S. beach party this Sunday afternoon and night: http://waterworlddavao.com/photo-gallery/ |
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
TPTB_need_war (OP)
|
|
May 01, 2016, 02:04:00 AM
Last edit: May 02, 2016, 12:29:08 AM by TPTB_need_war |
|
My logic on the coming one-world reserve currency and why it can't be Bitcoin nor any other crypto-currency (CC): Enslave? I think one wotld currency would be a good thing. Anything to bring humanity together instead of dividing us. We need to tear down political boundaries and remake the world. And hey, isn't that what bitcoin is for?
It would help a lot if you'd my prior posts in this thread (when I used to have the username 'iamback'): I chose to agree. This would be the single biggest issue that would cause an enslaving of nations.
thats why we need country fiat and bitcoin.
I thought we are already in this situation. *Ahem the US dollar? last time I checked everyone loves it, despite its covered bad value. So why would it recourse into another world reserve currency. The difference will be that the new one-world reserve coming approximately 2020, will not be controlled by any nation, but rather by a world government body. This will be viewed by the world as more fair. But in reality it will be much less fair, because the world government will act basically the way the Troika does in the EU now, lending to the nations and never letting them default. They will lend in the world currency, but the people will be paid in their nation's shit currency which is debased like hell by the national politics. So then when the national currency loses value, the people are stuck paying back loans in the relatively more expensive world currency. This is precisely what the Troika did to the PIIGS to destroy them. They will then do this on a global scale to enslave us all.
I hope everyone understands the implied point in the OP of comparing the Euro vs. Greece to the one-world reserve currency vs. nations.
Greece was forced to borrow denominated in Euros during the speculative inflow of investment at the turn of the 21st century, but as Germany was more productive they benefited more from the Euro and Greece had no way to devalue their debt. So they are repaying the debt with a lower productive economy with massive egress of speculative investment.
The same problem with happen when the reserve currency for debt is SDRs and then all nations will be repaying their debts in SDRs while they won't have the policy tools to inflate nor deflate their debt burdens to respond to volatility in relative productivity and speculative ingress and egress of capital. Effectively they become a slave to the international central bank who can issue fractional reserve debt denominated in SDRs, which the banksters will surely have in their back pocket again. Just like the Fed now is pumping debt into the developing world making them short the dollar, then it will pull the rug from under them by raising interest rates sending the dollar higher and causing them to repay debt in more expensive dollars.
The only solution to this problem is for the Knowledge Age to rise and say "I don't need stored monetary capital, I need knowledge". I will quote from myself about this as follows.
[...]
So Armstrong has been pitching this idea that governments could just print the money they need for taxes. So the model he is proposing is where national currencies float against an international reserve currency, so governments can then mess up their own currencies if they wish. He prefer the governments just print the money from their central banks, and the relative success of nations at managing their economic and fiscal policies will determine their relative value of the national currencies relative to the inevitable one-world reserve currency.
But by Armstrong's own admission, trade only accounts for 10% of the world's capital flows and thus the vast majority of the world's wealth will choose the one-world reserve currency as its unit-of-account and thus who ever has their hands on the levers for the debasement and fractional reserves rules of the one-world reserve currency (e.g. the elite who run the World Bank, BIS, IMF, etc..) can then speculate and manipulate the national economies at-will. This will be just Goldman Sachs take over of Europe and Greece but on a global economy-of-scale level.
For analogous reasons as to why the Euro failed, the one-world reserve currency with national government debts denominated in separate currencies will also cause the nations to fail just like Greece did. The bottom line is that who ever controls the reserve currency of the world, holds the power to destroy and enslave the other nations.
Also Armstrong is contradicting himself on claiming above that the impetus for a move to a one-world reserve currency will be only for economic reasons and "not political".
coinits, calm down you are preaching to the choir. You perhaps don't realize I wrote the syndicated essay Bitcoin : The Digital Kill Switch. I am the one who has been writing that Bitcoin is owned by TPTB. In spite of the arguable fact that Bitcoin is controlled by the global elite, my guarantee that it won't be the "winner take all" global currency remains certain. First of all, simpleton readers don't seem to understand the distinction between a reserve currency and a circulating currency. Crypto-currencies are the latter. Dollar and Euro cash are examples of the latter. US Treasury and Euro-denominated bonds are the former (Tier 1 reserve assets in the BIS Basel model). IMF SDRs are the former. The global elite are planning for a national (or regional) currencies floating against a global reserve currency. And they are planning for circulating currencies which are all digital. Bitcoin is one gambit in that mix.
Nope, but it would probably enslave Russia. Just look at what happened to the Ruble!
Incorrect! The one-world reserve currency will enslave all of the nations. Study my post #11 more carefully. You didn't comprehend it.
I suggest you relate that to "Confessions of an Economic Hitman" by John Perkins. And also relate that to the Asian crisis in 1998, which was caused by speculative international capital flows fleeing to Europe to take advantage of the ingress in investment that corresponded with the launch of the Euro. Nations are inherently prone to short-term capital ingress and egress. Without their own central bank to inflate out of an egress crisis, they are enslaved by the unit-of-account which is imposed on them by investors. The problem is fundamentally rooted in the ability of stored money to be a claim on future production. Instead when profitable production results from a diversity of knowledge innovations that are DIRECT (e.g. the customer uses your software, or they 3D print your design) and not just proxies diluted by mass production (e.g. factories make a million copies of your design), then stored money becomes incredibly difficult to invest. The more stored money you have, the faster it withers in relative value. This is the paradigm shift coming on now due to the Knowledge Age. In short, investing will become active instead of passive, and investing will be small and numerous (i.e. bottom-up) instead of large economy-of-scale fascism (i.e. top-down). Sorry Armstrong! Storing capital in money instead of fine-grained (maximum division-of-labor) knowledge thus causing international capital flows that are the problem! That paradigm must be eliminated! We need capital flows to be instead actual finely-grained, bottom-up knowledge exchange, where capital becomes knowledge and not stored claims on future production. Then there won't be any more nations, nor any one-world top-down slavery. You say "no one will save and be productive"? Wrong! They will save up their knowledge gained by being productive instead of lazy! This is the paradigm shift of epic proportions and nearly no one sees it is happening.
I am very surprised that Armstrong can not conceptualize what I wrote above. He responded by pretending to himself that I am some simpleton who is only learning from him. He failed to understand I am not talking about the existing debts. I am talking about the new debts that will form after the global monetary reset (restructure or default). My point is if we look at Greece, it sold its sovereign bonds denominated in the Euro(pean) reserve currency and thus it suffered pernicious (and self-reinforcing downward spiral of) austerity because it was not able to devalue the debt it owed by printing money to devalue its own currency and stimulate its economy by lowering the international cost of its exports and tourism industries. Even more importantly as we can see with the dollar reserve currency now, countries that sell debt in denominated in their national currencies pay an interest premium compared to when they sell debt denominated in the reserve currency. This is one example of many reasons[1] that those who have control over the reserve currency's central bank, have enslaved the other nations. This is why a USA Treasury official famously said to his Third World cohort, "its our dollar, but it is your problem". Armstrong is failing to understand that a reserve currency is inherently an enslavement paradigm. And the only possible way to eliminate this paradigm, is to make debt not profitable for investors. I explained how that will become the case with the shift from an Industrial Age to a Knowledge Age. But I think Armstrong is not smart enough to grasp the concept. Or he is too lazy to read the essays I wrote, which I had provided him links to. Additionally I am shocked that Armstrong is conflating unit-of-account with unit-of-exchange. That is the most basic error. The coming one world reserve currency will not be a circulating currency that is used for retail transactions. If that were the case, then the nations wouldn't even have their own currencies any more. The reserve currency will be used for settlement internationally for exchange between the national currencies which will float against the one world reserve currency. I don't think the nations will agree to give up their control over their national currencies, rather they will just agree to a reserve currency that isn't controlled by the USA exclusively. [1] http://www.mckinsey.com/insights/economic_studies/an_exorbitant_privilegehttp://www.imf.org/external/pubs/ft/fandd/2009/09/cohen.htmhttp://www.financialsense.com/contributors/john-butler/curse-reserve-currency-triffin-dilemma
you mean reserve is a backup?
Read the thread! Replies from others are emphasizing the use of BTC for gambling, but the keyword in my subject title is "reserve".
My point is that BTC is the unit-of-account by which everyone measures their gambling success, not fiat.
When someone gambles on an altcoin "investment" (speculation), they are hoping to get more BTC. They don't cash it out to fiat, they HODLit to gamble some more altcoin "investments". Even if you include gambling sites that accept Bitcoin, the gambler is likely HODLing their BTC gains (if any) and not cashing out to fiat.
Unit-of-account doesn't mean backup. You need to learn what reserve currency means. |
|
|
|
|
TPTB_need_war (OP)
|
|
May 01, 2016, 11:22:26 PM |
|
- Proof of work: Benefits owners of large mining farms.
- Proof of stake: Benefits participants with large amounts of the currency.
- Proof of importance (e.g. NEM): Benefits participants which hold and actively transfer large amounts, mostly services like online wallets and exchanges.
- Proof of burn (e.g. Slimcoin): Like Proof of Stake, it tends to benefit people with large amounts of currency, but involves more risk for the participants and the amount of time to recover investments is larger than in most PoS variants.
- Proof of disk capacity (e.g. Burst): Like Proof of work, it benefits owners of large amounts of hardware, but a different kind of hardware than PoW itself.
- "Proof of time connected" (e.g. Timekoin): Benefits people who maintain a stable node with few interruptions.
Maybe there are more, but these are the ones I know.
Now - couldn't it be a way to lower the centralization degree if you combine many of these algorithms in one single cryptocurrency? It would not stop centralization totally. But there would be not a single group, but various groups benefitting from the block rewards. So the game theory could be more complex and attacks could be more difficult.
There is only one solution and I already outlined the design in my decentralization thread and in the thread where I explained Satoshi didn't solve the Byzantine Generals Problem: UNPROFITABLE Proof of Work: Benefits the users of the currency who mine at a loss because they are forced to attach a PoW to every transaction. Note there are numerous details to making this design work, and I am not going to explain them all now. Some of the details were explained already in the linked thread. |
|
|
|
|
TPTB_need_war (OP)
|
|
May 02, 2016, 12:07:11 AM |
|
Note for comparison, the last time I posted in the Monero thread (a very rare event indeed), it was to offer them a helpful suggestion on how to be sure the anonymity can not be combinatorially unmasked and also I think it enables pruning of the block chain. That was a carry over from what we learned from the Moneroman88/BCX incident where I had gotten involved to try to analyze potential attack vectors that BCX was alleging/threatening.
I also provided about a week of my time for free recently contributing the highly detailed peer review to Monero Shen's new anonymity white paper.
I never post in their BTT forum threads to attack them (well at least not in recent memory). I was posting some negative or balancing opinions in rpietila's threads in 2014 when he used to tell everyone his opinion of the only two coins (Bitcoin and XMR) worth investing in and I felt he was acting like King Whale over crypto (both of which have declined in exchange price to the dollar for the HODLers that followed his proclamations).
Readers note he is quoting me above (former AnonyMint post). |
|
|
|
|
TPTB_need_war (OP)
|
|
May 02, 2016, 03:15:43 AM |
|
Someone asked me why not choose for JAMBOX, C# or Erik Meijer's influenced F# within the open source Xamarin (formerly Mono open source .Net clone)? 1. The .Net CLR virtual machine model does not support higher-kinded types (HKT), thus neither do C# and F#. So HKT for iterators are only necessary because of Rust's default resource lifetime tracking. I think @keean had also pointed that out.
A Contains trait doesn't bind the collection type to the Contains methodology. The choices of which traits a collection implements is open to extension in the Expression Problem. And this is why we need HKT in general (not just for my proposal), because we need to not throw away data types and subsume them to trait types as I explained in the thread for my proposal. HKT are fundamental. We must have them. 2. One of the most important goals I want to achieve for JAMBOX is that apps can be written in a language that can be loaded over the network and JIT compiled and run instantly on the mobile device or computer. The entire point is to replace the web browser with a better app engine and to abstract away the native APIs for iOS and Android, so that people can write apps once and have them run every where without any installation procedure. In short, the WWW on steriods. Thus the .Net CLR virtual machine (even though open sourced now in the Mono platform) is not the appropriate infrastructure because it is too heavyweight. We need a light and easy to JIT virtual machine and that is Javascript, which is supported every where a web browser is. With ASM.js we can reach about half the speed of native C code, although I'll also look to support some form of assembly language FFI support or portable assembly[1]. So JAMBOX needs a programming language that compiles to Javascript and meets my other goals for extensibility in a statically checked (by the compiler) type system and latency networks (e.g. internet) require asynchronous programming (async/await/yield). Also concurrency via asynchronous programming is more robust than multi-threaded concurrency. Unfortunately there is no language on the planet that can do this. Another goal is to have the language match the compiled Javascript version as closely as possible, so that debugging in a JS debugger is plausible. Not only does this reduce the need to create an IDE and tools immediately, it also means people can still develop with a text editor as we could do for HTML + JS. 3. I have explained at the Rust forum why subclassing sucks ("is an anti-pattern") and proposed some extension to the type classes (of Rust, Haskell, and Scala) in order to solve the extension and composability problem simultaneously in both directions of Wadler's famous Expression Problem. My proposal is very important for attaining the following attributes in software development: a) Compile-time checking of more invariants b) Modularity c) Code reuse, reduction of boilerplate redundant code, DRY (Don't Repeat Yourself) d) Composability of code e) Extensibility of code without forcing global refactoring of code bases f) Decentralized open source development by factoring out dependencies into #a, b, c, d, e. g) Less need to ever throw code away and/or rewrite code. F# doesn't have type classes and can fugly approximate some use cases of HKT, but not the general cases. C# can't do type classes. |
|
|
|
|
|
|
TPTB_need_war (OP)
|
|
May 03, 2016, 01:55:43 AM |
|
Apologies to bump my thread, but where else to put this and this has an important point that I don't wish to lose: A reply of yours, quoted below, was deleted by a Bitcoin Forum moderator. Posts are most frequently deleted because they are off-topic, though they can also be deleted for other reasons. In the future, please avoid posting things that need to be deleted. mod note: post merged with previousInterest rates may or may not matter to Venture Capitalists , but it does matter to individuals that can think and want a profit while keeping their principle intact.  Only an idiot would believe a checking/savings account is a safe place to keep money right now. Those so-called idiots outnumber your VCs and they are risk averse.
They will trust their cash in a mattress before BTC.
And they will determine if BTC ever reaches true Utility.
BTC has still got years of Public Relations efforts to go thru before the majority of the public trusts them.
 And the governments can clamp down on BTC at any time using capital controls on the exchanges, because if the most of the world doesn't accept BTC unless they can immediately convert it to fiat as has been explained upthread by smooth (e.g. Bitpay, etc), then BTC becomes an illiquid asset once the government issues capital controls. BTC is not immune to government action (especially G20 coordinated action) because BTC is not a widespread unit-of-account. However, BTC has apparently become the unit-of-account of crypto-gambling, but it is not yet certain if the demand for that will remain if people no longer believe they can cash out to fiat unfettered when they want to, and the risk of CC failure due to centralization is a big factor that would cause speculators to be hesitant about thinking they could HODL/gamble in BTC long-term until capital controls cease. This is my goal is to fix the centralization problem with my CC design and also I am going to make CC a very popular unit-of-account for social network payments. But first I am creating a new programming language, then I have to create the social network, and then finally the CC, so hell may freeze over before I am done.  Note I also contributed the key technical insight[1] into how to make decentralized exchange work so it can't be jammed. [1] Find my posts in this thread and note that TierNolan is one of the original inventors of the DE protocol, but it had a jamming flaw until I fixed it: https://bitcointalk.org/index.php?topic=1364951.0 |
|
|
|
|
TPTB_need_war (OP)
|
|
May 03, 2016, 05:50:38 AM
Last edit: May 03, 2016, 03:17:02 PM by TPTB_need_war |
|
2. One of the most important goals I want to achieve for JAMBOX is that apps can be written in a language that can be loaded over the network and JIT compiled and run instantly on the mobile device or computer. The entire point is to replace the web browser with a better app engine and to abstract away the native APIs for iOS and Android, so that people can write apps once and have them run every where without any installation procedure. In short, the WWW on steriods.
Right about now, your latest generation Octacore ARM-based device has roughly ⅓ the CPU performance of the Intel i7 3770 with much lower power consumption and price. As ChromeOS and Android fulfill more of the apps that people want to do, with less tsuris for the n00b user, there is less reason to buy a computer with Windows or Mac OS X. High-end users increasingly opt for OS X because it is Unix-based. But the more salient point is that even OS X is being eaten from below by entirely open source options such as Android and ChromeOS which are popular amongst the masses. Even Intel is being eaten below by ARM and China. But there is a problem which is a huge market opportunity which I am attempting to tackle. Users will increasingly want to have compatibility and seamless use of the same apps and/or data both on a small mobile screen (e.g. smartphone and tablets) and when plugging that device or a mini PC into a larger monitor with a Bluetooth keyboard and mouse. But Android apps don't work that well at such large screen sizes and with a mouse, installing Linux on an Android device breaks the security model of Android and/or is slow plus kludgy, and ChromeOS apps are not so numerous yet as well being disunified with Android apps. There are others attempting to do a better ChromeOS, but not unifying mobile and desktop. There are other problems I'd like to solve such as the tsuris of installing Android apps (installing shouldn't be necessary!), managing cloud backup differently for each app, etc.. Also no one has built a decentralize protocol for social networking interoption between these apps. Btw, the hardware advance of ARM is impressive. For example, arguably the best high-end mini PC available is the Intel NUC which at $500 with 16GB RAM and 250GB SSD, it has roughly ⅓ the CPU performance of the Intel i7 3770. But for < $100, an ARM Rockchip RK3368 has roughly ⅕ the CPU performance of the Intel i7 3770. And the RK3399 is coming Q2 2016 which will have roughly ⅓ the CPU performance of the Intel i7 3770. For $150, the Intel Atom with Windows 10 has roughly ⅙ the CPU performance of the Intel i7 3770. Even DIY kits with 8" screens are coming. |
|
|
|
|
somacoin
|
|
May 03, 2016, 03:10:37 PM |
|
TPTB_need_war I find it quite hard to order/structure what you're planning to achieve.
It's so much content, so many interesting thoughts and ideas, but not a clear roadmap.
Can you make one? It would help a lot
|
|
|
|
|
|
TPTB_need_war (OP)
|
|
May 03, 2016, 03:49:11 PM |
|
TPTB_need_war I find it quite hard to order/structure what you're planning to achieve.
That is intentional. lol this is Shelby's coin project
That's what I was wondering: if it's Shelby's project, then what's Moneroman88 doing posting the PRE-ANN?  This is not an official thread for JAMBOX. JAMBOX has no relationship in any form with Moneroman88. Not enough information and specifications. Can you post more details regarding this JAMBOX project?
No. There is no announcement. This thread does not represent the JAMBOX project. And I am not marketing JAMBOX to cryptocurrency investors. JAMBOX is not a crypto-currency and doesn't have a block chain. JAMBOX is vaporware. It does not exist. No code has been written. This is going to be a giant
Correct. So please close this thread. Nothing to get excited about here. |
|
|
|
|
|
|
|
|
TPTB_need_war (OP)
|
|
May 04, 2016, 11:27:11 AM |
|
AlexGR, remember upthread we were discussing why my use of 100+ tabs on the browser was causing memory exhaustion: How to write low garbage real-time Javascript <--- the horrid details A peer-reviewed paper came to the conclusion that GC needs five times the memory to compensate for this overhead and to perform as fast as explicit memory management. According to Williams, Android’s garbage collectors work best when Android apps have 4 to 8 times as much memory as is actually needed in order to perform the garbage collection process. Once you stop having that amount of free memory available, performance starts suffering.
This is why Android devices need to have twice as much RAM to run apps as your iPhone does.
Note the article of that last quote has some misinformation as follows: As it turns out, an iPhone 6 with 1GB of RAM runs much faster than a similarly specced Android smartphone with 2GB of RAM. And it all has to do with the fundamental difference in the way iOS and Android handle apps.
The fact is that automatic reference counting is slower (but less pauses): Here are the numbers I got on my dual proc PIII-600:
ref_gc: 531ms
ref_rm: 3563ms
ref_rs: 844ms
|
|
|
|
AlexGR
Legendary
 Offline
Activity: 1708
Merit: 1049
|
|
May 04, 2016, 12:20:29 PM |
|
Interesting...
|
|
|
|
|
|
|
|
TPTB_need_war (OP)
|
|
May 05, 2016, 05:59:35 AM
Last edit: May 05, 2016, 06:27:20 AM by TPTB_need_war |
|
Lol. I doubt that.
Your whole argument is based on something that hasn't even been performed publicly yet.
Your theory is based on a few pieces of code on CSW's blog and other people's word.
We still have to wait to see how CSW will actually sign the keys.
Your theory is based purely on speculation of what we think happened, instead of what we know.
If we know the signature (in theory) and the address (according to BBC), then what was the message?
Quoted as documentation of your ignorance of the technical details. Eventually you trolls will learn not to fuck with me. Yes, you were the first to discover that CSW discovered a "backdoor" in Bitcoin. Your understanding of the technical details here is greatest over all others.  And the first to: 1. Explain to Gmaxwell (in his CoinJoin thread from 2013) that he couldn't use a blacklist to fix jamming of CoinJoin 2. Solve the jamming problem of decentralized exchange. 3. Design a technical solution to the inherent centralization in Satoshi's proof-of-work. 4. Which included being the first to explain technically why Satoshi didn't solve the Byzantine Generals Problem. 5. The first to explain why Z.cash's Equihash is likely not ASIC resistant. 6. First to solve a decades old unsolved fundamental problem of computer science programming language theory. Get off my lawn you jealous troll. You are wasting my and the readers' time. |
|
|
|
|
TPTB_need_war (OP)
|
|
May 05, 2016, 08:55:55 AM |
|
Does anyone know what black hole Bitcoin core (Blockstream) developer Gmaxwell moved the quoted thread to? I can't find it any more and I have no deleted messages from that thread in my PM box. Wholly shit! I am contemplating the possibility that Craig has revealed that who ever created Bitcoin put a backdoor in it! As I already explained, the signature Craig has provided proves either he has cracked something about the way Bitcoin uses SHA256 or he has Satoshi's private key. Afaics, there are no other mathematical possibilities. But note this small detail: You'll note that Bitcoin, for reasons known only to Satoshi, takes the signature of hash of a hash to generate the scriptSig. Quoting Ryan:
Well that isn't so insignificant of a detail when you think more about it in this context. A cryptographic hash function has a property named collision resistance. Collision resistance is related to preimage resistance in that if we have a way to quickly find collisions, then if the preimage is collision then we also break the preimage resistance for that particular hash value. Collision resistance is normally stated as the number of hash attempts required to find a collision or the number of rounds to break collision resistance with reasonable hardware. Normally this is exponentially less than computing the SHA256 hash function 2 256 times. For SHA256, there are collision resistance attacks up to 46 of the 64 rounds of SHA256 (and 52 of 64 rounds for preimage attack). So what happens to collision (and preimage in this context) resistance when we hash the hash? Well all the collisions from the first application of hash become collisions in the second hash, plus the new collisions in the second application of the hash thus increasing the number of rounds that can be attacked. It seems likely that Craig has identified the back door that was placed in Bitcoin as explained above, and used his supercomputer access to find a preimage of SHA256. If am correct, this is major news and Bitcoin could crash.I urge immediately peer review of my statements by other experts. I have not really thought deeply about this. This is just written very quickly off the top of my head. I am busy working on other things and can't put much time into this. |
|
|
|
|
TPTB_need_war (OP)
|
|
May 06, 2016, 03:33:03 AM
Last edit: May 06, 2016, 04:58:24 AM by TPTB_need_war |
|
I will proceed to explain once you confirm that do not understand why Merkle–Damgård construction is relevant? Either explain or admit you don't know. So I can proceed to teach you something. You are wasting my scarce time with your stalling/deception tactics and trolling.
No, you're the one wasting my time. I don't have to explain anything. You do. And you're not. I can only assume by your lack of explanation that you can't produce one. Next time you will realize not to fuck with me, because I know a lot more than you assume.
I assume you know nothing, so knowing more than that isn't much of an accomplishment. But please go ahead and demonstrate your accomplishment. We're all waiting. I'll interpret your reply as an ostensibly intentional veiled admission that you could not answer the question. So I will proceed to explain the sort of theoretical analysis that I was interested in discussing in the thread that the "forum-Hitler" Gmaxwell nuked.
Tangentially note the disclaimer that I wrote in the OP of the thread which was nuked:Does anyone know what black hole Bitcoin core (Blockstream) developer Gmaxwell moved the quoted thread to? [...]
I urge immediately peer review of my statements by other experts. I have not really thought deeply about this. This is just written very quickly off the top of my head. I am busy working on other things and can't put much time into this.
Craig Wright’s chosen source material (an article in which Jean-Paul Sartre explains his refusal of the Nobel Prize), surprisingly, generates the exact same signature as can be found in a bitcoin transaction associated with Satoshi Nakamoto.
Being at is was by that time late in the evening for my timezone and I had been awake roughly 18 hours already, and I was skimming in an attempt to make some quick feedback on this potentially important event, so I could return to my work asap. In the nuked thread, I quickly realized that the Sartre text hadn't been verified to match the hash, so I actually stopped posting in the nuked thread for a few hours. Then when I came back to thread, it didn't exist so I could no longer follow up or read what had been elucidated. Thus note my original focus was on how the hell could Craig have achieved that match, so he must have broken the hash. I had recalled that I had theoretically doubts about the double hashing which I had never bothered to discuss with anyone. It had been 2+ years since I did that research on cryptographic hash functions, so I had to decide if I was going to go dig back into that research or not. I figured I'd sleep on it and then be able to think with a clearer, rested mind about the implications of the revelation (to me) that the hash had not been verified to match the text because the portion of the text had not been sufficiently specified (again the "undisclosed" term didn't make sense to me in quick skimming because I had read on the blog that the Sartre text was referred to).
But instead of being able to sleep on it and then decide whether to let it go or dig back into my past research, my thread was nuked and I was under attack. Remember I don't back down from anyone when I think I am justified. When I think I am wrong, I mea culpa.
So now back to the subject matter of whether double hashing could theoretically lead to any weakening of the second preimage and/or collision security of the SHA-256 cryptographic hash function. Afaik, there is no research on this question. If anyone is aware of any, please kindly inform me. First I will note the Merkle–Damgård construction (which SHA-256 employs) is subject to numerous generic attacks and even though afaik none of these are currently known to be a practical threat against a single hash of SHA-256, we can perhaps look to those generic attacks for potential clues as to what a double-hashing might enable which a single-hash application perhaps might not. Note in the pseudo-code for SHA-256 that what distinguishes a double-hashing from doubling rounds (i.e. " Compression function main loop:") or repeating the input text in double the block chunks (i.e. " Process the message in successive 512-bit chunks:"), is that the h0 - h8 compression function state which is normally orthogonal to the input block chunks instead gets transmitted as input to a block chunk in the second hash application (i.e. " Produce the final hash value (big-endian):") after being added to the output of the compression function (i.e. "Add the compressed chunk to the current hash value:"). And the h0 - h8 compression function state is reset to a constant (i.e. " Initialize hash values:"). The reason I think this might be theoretically significant is because we should note that the way cryptographic hash functions are typically broken is by applying differential cryptanalysis. Differential cryptanalysis is attempting to find some occurrence of (even higher order) differences between inputs that occurs with more frequent probability than a perfectly uniform distribution. In essence, differential cryptanalysis is leveraging some recurrent structure of the confusion and diffusion and avalanche effect of the algorithm. Not only does the double-hashing introduce a constant h0 - h8 midstream thus introducing a known recurrent structure into the middle of the unified algorithm of a double-hashing, but it shifts the normally orthogonal compression function state to the input that it is designed supposed to be orthogonal to. On top of that, the additions of the h0 - h8 state at the midpoint, can possibly mean the starting state of the midpoint is known to have a higher probability of zeros in the least significant bits (LSBs). This last sentence observation comes from some research I did when I created a much higher bandwidth design variant of Berstein's ChaCha by fully exploiting AVX2 SIMD, that was for a specific purpose of creating a faster memory hard proof-of-work function. In that research, I had noted the following quote of an excerpt in my unfinished, rough draft, unpublished white paper written in late 2013 or early 2014 (and kindly note that the following might have errors because it was not reviewed for publishing and was merely notes for myself on my research understanding at that time 2+ years ago): Security
Addition and multiplication modulo (2^n - 1) diffuse through high bits but set low bits to 0. Without shuffles or rotation permutation to diffuse changes from high to low bits, addition and multiplication modulo (2^n - 1) can be broken with low complexity working from the low to the high bits [5].
The overflow carry bit, i.e. addition modulo ∞ minus addition modulo (2^n - 1), obtains the value 0 or 1 with equal probability, thus addition modulo (2^n - 1) is discontinuous i.e. defeats linearity over the ring Z/(2^n) [6] because the carry is 1 in half of the instances [7] and defeats linearity over the ring Z/2 [8] because the low bit of both operands is 1 in one-fourth of the instances.
The number of overflow high bits in multiplication modulo ∞ minus multiplication modulo (2^n - 1) depends on the highest set bits of the operands, thus multiplication modulo (2^n - 1) defeats linearity over the range of rings Z/2 to Z/(2^n).
Logical exclusive-or defeats linearity over the ring Z/(2^n) always [8] because it is not a linear function operator.
Each multiplication modulo ∞ amplifies the amount diffusion and confusion provided by each addition. For example, multiplying any number by 23 is equivalent to the number multiplied by 16 added to the number multiplied by 4 added to the number multiplied by 2 added to the number. This is recursive since multiplying the number by 4 is equivalent to the number multiplied by 2 added to the number multiplied by 2. Addition of a number with itself is equivalent to a 1 bit left shift or multiplication by 2. Multiplying any variable number by another variable number creates additional confusion.
Multiplication defeats rotational cryptoanalysis [9] because unlike for addition, rotation of the multiplication of two operands never distributes over the operands i.e. is not equal to the multiplication of the rotated operands. A proof is that rotation is equivalent to the exclusive-or of left and right shifts. Left and right shifts are equivalent to multiplication and division by a factor of 2, which don't distribute over multiplication e.g. (8 × 8 ) × 2 ≠ (8 × 2) × (8 × 2) and (8 × 8 ) ÷ 2 ≠ (8 ÷ 2) × (8 ÷ 2). Addition modulo ∞ is always distributive over rotation [9] because addition distributes over multiplication and division e.g. (8 + 8 ) ÷ 2 = (8 ÷ 2) + (8 ÷ 2). Due to the aforementioned non-linearity over Z/(2^n) due to carry, addition modulo (2^n - 1) is only distributive over rotation with a probability 1/4 up to 3/8 depending on the relative number of bits of rotation [9][10].
However, multiplication modulo (2^n - 1) sets all low bits to 0 orders-of-magnitude more frequently than addition modulo (2^n - 1)—a degenerate result that squashes diffusion and confusion.
[5] Khovratovich, Nikolic. Rotational Cryptanalysis of ARX. 2 Related Work.
[6] Daum. Cryptanalysis of Hash Functions of the MD4-Family.
4.1 Links between Different Kinds of Operations.
[7] Khovratovich, Nikolic. Rotational Cryptanalysis of ARX.
6 Cryptanalysis of generic AR systems.
[8] Berstein. Salsa20 design. 2 Operations.
[9] Khovratovich, Nikolic. Rotational Cryptanalysis of ARX.
3 Review of Rotational Cryptanalysis.
[10] Daum. Cryptanalysis of Hash Functions of the MD4-Family.
4.1.3 Modular Additions and Bit Rotations. Corollary 4.12.
So now put those aforementioned insights about potential recurrent structure at the midpoint of the double-hashing, together with the reality that a Boomerang attack is a differential cryptoanalysis that employs a midpoint in a cipher to form new attacks that weren't plausible on the full cipher. Bingo! I'll refrain from providing my further insights on specifics beyond this initial sharing. Why? Because I've been treated like shit by Gmaxwell and you all here grant him too much Hitler-esque control over the Bitcoin Technical Discussion subforum where these sort of discussions are supposed to occur, so I will take my toys else where. Enjoy your echo chamber. Do I have an attack against Bitcoin's double-hashing? I leave that for you to ponder. |
|
|
|
|
TPTB_need_war (OP)
|
|
May 06, 2016, 03:48:13 AM |
|
TPTB_need_war, you cannot prove nor disprove that the Sartre text Craig Wright supposedly hashed is a collision for SHA256.
I asked you to not do what you just did above: Don't cherry pick my context to make inane non-rebuttals which side-step my holistic set of points.
You also pointed out that he supposedly has access to a supercomputer. Even with access to a supercomputer, he would not be able to find a collision as other researchers have already tried. Simply having a lot of computing power does not mean that he can find a collision.
Alternatively, Craig could have found a vulnerability in sha256, in which case a lot more things than just Bitcoin is screwed. If Craig did not responsibly disclose such a vulnerability and instead exploited it, this would be incredibly sketchy and dishonest behavior.
The point is that with a supercomputer together with a new cryptoanalysis break, the two together might be required to accomplish the attack. I want you to know that if China's pools see nearly all the mining shares, then they are viewing about 2 68 of SHA-256 hashing power per annum which may or may not be fulcrum. Don't presume you know all the theoretical attacks that are possible. The theory that the sha256 double hash is weaker than sha256 is false. It has been proven that performing multiple iterations of a hash is more secure than just one iteration. Specifically, many websites will store users passwords in the form of a multiple iteration hash.
You've made at least two mathematically illiterate errors in that quoted text: 1. Testing that double-hashing fulfills some criteria you have prechosen, says nothing about security against cryptoanalysis which your criteria has not considered. 2. Securing a password by iterated hashing (because it requires the dictionary attacker to perform the iteration cost on each dictionary trial) says nothing about the increased vulnerability of collision cryptanalysis. You are conflating two separate issues of security. I am done speaking to these amateurs. Waste of my time. |
|
|
|
|
TPTB_need_war (OP)
|
|
May 06, 2016, 04:39:30 AM |
|
FYI truce, I will cease & desist: I also don't believe CW is Satoshi. But that isn't my point. I explained the salient point more concisely here which is really about ridicule, censorship, and manipulation of public opinion instead of rational, well elucidated, and amicable/patient/unencumbered reasoned discussion (i.e. acadamics versus corporate fiefdoms): https://bitcointalk.org/index.php?topic=1459846.msg14766475#msg14766475Please also read the subsequent to the above linked post as I broad stroked some of my theoretical concerns about the double-hashing in Bitcoin. Theymos is allowing me to continue so I think it is possible that Theymos is helpless due to not being capable himself of leading technologically. So appears he may be trying to appease Greg while also allowing for the minute possibility that someone else could accomplish in code and in reality something as relevant. I think I respect Theymos if this is the case. But we don't really know what is going on behind the scenes. I am at the point now where I really want to ignore everything on BCT and Reddit. My discussions about programming language theory are going very well at the Rust forum. Did you see I solved the age old computer science problem known as the Expression Problem articulated by Philip Wadler in 1999: https://bitcointalk.org/index.php?topic=1438301.msg14757751#msg14757751(click the sublink in item #6) Did you see how I REKTed Greg's logic on the Ogg streaming index which was hilarious given he is co-inventor of the Ogg orbis codec: https://bitcointalk.org/index.php?topic=1378533.msg14035614#msg14035614(search for the phrase "Also I don't understand how you calculate 20% increase" within that post) I don't claim he isn't smart in his cryptography and math fields of expertise. And generally a very smart guy. But that is not the problem we are apparently agreeing on. |
|
|
|
|
Poll
