Total number of bitcoins will DECREASE

[CEG5952]

When SHA 256 is broken, all those "lost coins" won't be lost anymore. So much for deflation!!! I kid, I kid. Well, sort of. Actually sort of a worry that's always in the back of my mind, though.

[DannyHamilton]

- snip -
In enough years, supply could become so limited as to cripple the usage of btc.
- snip -

Keeping in mind that bitcoins can currently be divided into 100,000,000 spendable units (commonly called "Satoshis"), how many bitcoins will we have to lose to cripple the usage?

If we increase the divisibility of bitcoins in the future so that each of those 100,000,000 units can be subdivided into 100,000,000 spendable units, then how many bitcoins will we have to lose to cripple the usage?

Also,  I suppose this problem is so far off that we needn't worry about it too much now, though.

Considering that newly minted units will continue to be created until approximately the year 2140, I'd agree.

I can also image a kind of solution where some percentage of bitcoins is assumed to be lost each year and mining starts creating new coins again.  The idea would not be to make the currency an inflationary one, just to stabilize it a bit if it ever overall lossage ever actually became a problem.

No.

This will almost certainly never happen, and since we can just keep sub-dividing the units that we have, there really isn't any reason to either.

You know, another thing that might happen is that computing power goes through the roof and in 10 years all new bitcoins and all old bitcoins that anyone actually cares about need to be regenerated with a larger keypair.  Then, you might have a bitcoin "salvage" business where all of those old coins with only 256 size keys can be 'dug up' by someone interested in finding them.

Unless some mathematician finds weaknesses in the algorithms, computers will never be fast enough (and there will never be eough power available in the solar system) to brute force a 256 bit key.

[DannyHamilton]

When SHA 256 is broken, all those "lost coins" won't be lost anymore. So much for deflation!!! I kid, I kid. Well, sort of. Actually sort of a worry that's always in the back of my mind, though.

You are mistaken.

Your bitcoins are not protected only by SHA-256.

There are three layers of cryptography between your private key and your bitcoin address.

• ECDSA (with the secp256k1 curve)
• SHA-256
• RIPEMD-160

You could break any 2 of them, and as long as you don't re-use addresses, it wouldn't be possible to recover your "lost coins".

I suspect it will be a VERY long time (if ever) before all three algorithms are broken enough to recover "lost coins".

[Ron~Popeil]

If it ever did become a problem there are solutions that could be proposed and voted on. Maybe a POS option in the future could ensure a stable supply. The currency can evolve with society.

[jonald_fyookball]

When SHA 256 is broken, all those "lost coins" won't be lost anymore. So much for deflation!!! I kid, I kid. Well, sort of. Actually sort of a worry that's always in the back of my mind, though.

You are mistaken.

Your bitcoins are not protected only by SHA-256.

There are three layers of cryptography between your private key and your bitcoin address.

• ECDSA (with the secp256k1 curve)
• SHA-256
• RIPEMD-160

You could break any 2 of them, and as long as you don't re-use addresses, it wouldn't be possible to recover your "lost coins".

I suspect it will be a VERY long time (if ever) before all three algorithms are broken enough to recover "lost coins".

Out of the three SHA-256 is the least likely to break

[Bitram]

It might happen but still it is hard to tell what would be the speed of this process. We might not even notice it.

[Light]

One thing that most people don't seem to understand is that after 21 million Bitcoins have been produced, the TOTAL number of Bitcoins in circulation will decrease in a LINEAR fashion each year. 

While I do agree that the total number of spendable Bitcoins would decrease, I disagree that it would be in a linear fashion. Those who made the mistake in the past are unlikely to do so again and the experienced veterans are unlikely to lose their keys so to me it seems more like an exponential decay curve as the rate of change of total spendable coins. Nonetheless, as long as other market factors are unaffected price should logically rise as supply decreases.

[jonald_fyookball]

One thing that most people don't seem to understand is that after 21 million Bitcoins have been produced, the TOTAL number of Bitcoins in circulation will decrease in a LINEAR fashion each year.

While I do agree that the total number of spendable Bitcoins would decrease, I disagree that it would be in a linear fashion. Those who made the mistake in the past are unlikely to do so again and the experienced veterans are unlikely to lose their keys so to me it seems more like an exponential decay curve as the rate of change of total spendable coins. Nonetheless, as long as other market factors are unaffected price should logically rise as supply decreases.

Right... Plus with the rise of multisig, and other schemes like Shamir, the incidents of "taking your bitcoins to the grave" should decrease as well.

[grtthegreat]

Few days ago, I lost access to my address cause I lost my private key with 0.02 BTC in it and maybe I would be one of those small fraction i.e. 0.05% according to you.

No matter what the technology does and no matter how much the technology advances, the old and traditional methods will always remain the best.

[Malin Keshar]

the number of bitcoin available will decrease, but the total of bitcoins will be 21M. You will can see the ""lost"" bitcoins on blockchain. And this will happen after 2100, so its a bit soon to think about that.

[DannyHamilton]

- snip -
the total of bitcoins will be 21M
- snip -

To be specific, there will never be 21M bitcoins.  The actual total number of bitcoins that will be created will be a bit less than 21M.  Furthermore, early on, there was a bug that caused a miner to accidentally permanently remove some bitcoins from the system.  Therefore, the sum of unspent outputs in the blockchain will always be less than the total bitcoin mined.

[DeathAndTaxes]

You will can see the ""lost"" bitcoins on blockchain.

Most "lost" Bitcoins can not be observed from the blockchain.  For most outputs we only know if the output is spent or unspent we don't know the reason why it is unspent.

Are these Bitcoins lost?
https://blockchain.info/tx/0e3e2357e806b6cdb1f70b54c3a3a17b6714ee1f0e68bebb44a74b1efd512098

There are some outputs which are definitively be lost and some that you can say with a very high confident that they are lost but for most coins we only know they haven't been spent for a long time.

[ijmolder93]

Of course it will happen where people will lose some coins, but damn if you care enough about them you should be smart enough to back it up.

[tspacepilot]

- snip -
In enough years, supply could become so limited as to cripple the usage of btc.
- snip -

Keeping in mind that bitcoins can currently be divided into 100,000,000 spendable units (commonly called "Satoshis"), how many bitcoins will we have to lose to cripple the usage?

Yes, I understand.  In principle there's not bottom to the number of times we can divide a unit into subunits.  I think you're right that this is better than adding more coins to the system.  However, my knowledge is limited.

If we increase the divisibility of bitcoins in the future so that each of those 100,000,000 units can be subdivided into 100,000,000 spendable units, then how many bitcoins will we have to lose to cripple the usage?

Also,  I suppose this problem is so far off that we needn't worry about it too much now, though.

Considering that newly minted units will continue to be created until approximately the year 2140, I'd agree.

I can also image a kind of solution where some percentage of bitcoins is assumed to be lost each year and mining starts creating new coins again.  The idea would not be to make the currency an inflationary one, just to stabilize it a bit if it ever overall lossage ever actually became a problem.

No.

This will almost certainly never happen, and since we can just keep sub-dividing the units that we have, there really isn't any reason to either.

You know, another thing that might happen is that computing power goes through the roof and in 10 years all new bitcoins and all old bitcoins that anyone actually cares about need to be regenerated with a larger keypair.  Then, you might have a bitcoin "salvage" business where all of those old coins with only 256 size keys can be 'dug up' by someone interested in finding them.

Unless some mathematician finds weaknesses in the algorithms, computers will never be fast enough (and there will never be eough power available in the solar system) to brute force a 256 bit key.

You haven't supported your last point as well as your earlier ones.  How can you show that "there will never be enough power in the solar system" to brute force a 256 bit key?  Again, I'm not an expert but I think that quantum computers may be relevant to the discussion.  However, I'm just waiting to hear your argument on this last point.  I think it's interesting, but even more so if you can prove it.

[jonald_fyookball]

Haven't seen this yet?

[Jcw188]

Yes it would decrease but I'm hopeful he morons who lose their bitcoins will never be able to get more to lose again. Or they won't be so dumb a second time to lose them like their first time. I suppose there are way to change the protocol as well if enough miners agree.

[moriartybitcoin]

The total number of BTC will decrease after all have been mined, and that's a certain fact.

I'm not saying it's a bad thing or that it will cause any problems within the Bitcoin ecosystem.  I'm just saying that based on simple classical economics (supply and demand), the price will be going UP, UP, UP.  As demand increases and supply contracts, price has nowhere to go but up.

If anything, I think the Winklevosses are too conservative in their estimates!

[moriartybitcoin]

Ok, regarding this nonsense about 256bit encryption being secure forever - that's absolute friggin lunacy!

I have a background in cryptography and a PhD in physics.  256bit encryption is secure in THIS UNIVERSE, but not in ALL UNIVERSES.  According to the most common interpretation of quantum mechanics (the multiverse interpretation), the number of parallel universes is (almost) infinite.

Quantum computing technology is advancing rapidly; a primitive quantum computer already factorized the number 15.

Google and the NSA are pouring money into quantum computer. These guys don't pump billions of dollars into a project unless they think it has some chance of success.

When quantum computing becomes a reality, then 256 encryption is going to bite the dust. Done. Gone. Fuhgettaboutit.

The NSA knows this and that is why they are storing all encrypted communications intercepted from high value targets.  They can't crack PGP now, but in 5 years? 10 years?  It's inevitable.

There are some encryption schemes that would defeat quantum computing, but AES256 ain't one of 'em!

[DeathAndTaxes]

AES isn't used by Bitcoin.  Hashing functions are effectively immune to the potential of quantum computing.  Shor's algorithm can not be used against hashing functions or symetric cryptography. 

To say quantum computing is "advancing rapidly" is an overstatement.  In 2001 the largest number to be factored by a general purpose quantum computer using Shor's algorithm was 15.  By 2011 the largest number to be factored was 143.   That is from 4 bits to 8 bits in the span of a decade.   We are a long way from factoring even 256 bit numbers and 256 bit ECDSA keys are even harder (~3,072 RSA key = integer factorization). 

Nobody said 256 bit encryption will be secure forever.  It is infeasible to brute force a 256 bit key using classical computing.   Quantum computing may someday break it but it may not, quantum decoherence is a bitch.  It is possible ECDSA has some flaw and cryptanalysis will someday weakened it to a point it is economical to attack it.  That could be next year or not in the next century. 

[Dabs]

Uh, 256 bit will be secure while you live.. Maybe. But we're all betting that it is secure for a very long time. Maybe not billions or millions of years, but if it actually survives a few hundred years, that's good enough for now.