more noob questions

[jorlowitz]

Thanks for your answers last time, they were very helpful.  Here are a few more:

1.  It seems the most likely targets for government regulation would be the exchanges.  What do you think the bitcoin universe would look like if mtgox and tradehill were required by governments to keep full financial records?  Would they just move to a new country? (Where?)

2.  Thousands of people download the bitcoin client from sourceforge.net.  Isn't that a huge security vulnerability if it was hacked and someone started releasing a modified version of the software.  What's to stop this from happening (or prove it hasn't happened already?)  Is there some way to verify that the copy of the bitcoin client one is running is the *real* one?

3.  Last is an idea.  I think there should be an implementation or a patch which allows you to send a short message when you send bitcoins.  Is this possible or desireable?

[Stephen Gornick]

1.  It seems the most likely targets for government regulation would be the exchanges.  What do you think the bitcoin universe would look like if mtgox and tradehill were required by governments to keep full financial records? 

The exchanges do already perform steps such as requiring verification for certain accounts, due to government regulations.

3.   I think there should be an implementation or a patch which allows you to send a short message when you send bitcoins.  Is this possible or desireable?

The message is not necessary for Bitcoin to be used as a currency.  Adding that would bloat the blockchain.

[jake262144]

I'll stick to the techie stuff and leave wild guessing to others.

Ad 2.
As to sourceforge, ALWAYS download the .asc file together with the version of the client you're downloading
(if you need bitcoin-0.5.1-win32.zip, make sure to grab bitcoin-0.5.1-win32.zip.asc as well).
The .asc file is a digital signature file.
You can use an open source tool named gpg to verify that not one bit was changed in the bitcoin client since Gavin signed it.

Verification is done like that:

Code:

gpg --verify s:\progs\bitcoin\bitcoin-0.5.1-win32.zip.asc s:\progs\bitcoin\bitcoin-0.5.1-win32.zip

Of course you need Gavin's public key to do that. Just grab it from bitcoin.org (http://bitcoin.org/gavinandresen.asc)
You'll need to import it into gpg:

Code:

gpg --import c:\...\gavinandresen.asc

If you're REALLY paranoid, downoading source code only and doing a complete diff against the previous version might be the way to go.
Once you've satisfied yourself, compile


Ad 3.
A short message? Tempting as it may sound to a non-technical user, that would be like applying growth hormones to the blockchain. Those messages would all have to live there, right?
The last thing anyone needs is a bloated blockchain artificially inflated with user's messages.
Also, messaging is kinda out of spec: bitcoin is a money transfer system, it serves the same purpose as Visa's infrastructure. Why bother?

[Bricks]

Short messages?  The protocol already allows that unto 10k via the script system.  Checkout the wiki under transactions.