Bitcoin Forum
August 20, 2017, 02:27:59 AM *
News: Latest stable version of Bitcoin Core: 0.14.2  [Torrent].
 
   Home   Help Search Donate Login Register  
Poll
Question: Will you support Gavin's new block size limit hard fork of 8MB by January 1, 2016 then doubling every 2 years?
1.  yes
2.  no

Pages: « 1 ... 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 [605] 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 ... 1558 »
  Print  
Author Topic: Gold collapsing. Bitcoin UP.  (Read 1954030 times)
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 02:34:37 AM
 #12081

No.  Those hashes prove nothing. A deterministic build process enables multiple independent parties to generate the exact same output, given a git commit id.
If you cannot prove what's in users hands is exactly what came out from the java->bytecode compiler, then you should not use that binary.

Funny logic. Do all million or so BTC users compile from the source before using it? I guess we should not even be using any online site, like coinbase, as we don't have source. All Windows users should never use BTC either as BTC is only for people who compile from the source.

What's your point anyway? Nxt is open source. Anyone can compile it. Given it's in Java, anyone can even decompile it. We have dozens of clones.

Point missed completely.

The vast majority of users simply download and run code.  They do not compile it.  A deterministic build process enables any random outsider, at any time, to prove that the given source code compiles to binary (or byte) code that matches exactly, byte-for-byte with what is produced by the official release team.

"Anyone can compile" is irrelevant.  What is relevant is that you can prove the release team binaries match the source code exactly.

An attacker may otherwise stuff a backdoor into the bytecode, but not the source code.  "Anyone can compile it" developers would never notice the backdoor... yet 99% of the users still have the backdoor.

Furthermore, you want a process like bitcoin's where multiple developers each produce a build, and PGP-sign the produced hashes.  In this way, you need not worry about a backdoor'd compiler producing evil bytecode without the developer's knowledge.


explain this to me so that i understand how the determinism is built.

is each accepted commit or addition to the source code hashed first followed by a hash of the entire new source code in essence creating a chain of hashes much like the blockchain?  then the final source code is pgp signed by the private key of each trusted builder?
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
jgarzik
Legendary
*
Offline Offline

Activity: 1470


View Profile
September 16, 2014, 03:20:27 AM
 #12082

explain this to me so that i understand how the determinism is built.

is each accepted commit or addition to the source code hashed first followed by a hash of the entire new source code in essence creating a chain of hashes much like the blockchain?  then the final source code is pgp signed by the private key of each trusted builder?

Simplified example:

Step 1: Similar to the blockchain, git records the hash of the latest commit... and a commit includes the hash(es) of previous commits.  That creates a chain of hashes for the source code.

Step 2: Given the git commit id (a hash), obtain a source code tree.

Step 3: Compile the source code, resulting in one or more binaries (bytecode output, in Java's case).

Step 4: Hash the binaries

Step 5: Post a PGP-signed message containing the hash from step #4.

Just like in biology or chemistry, it is critical that the above process is independently reproducible and yields the same result every time.

If multiple developers perform these steps, and all result in the same hashes in step #4, then you eliminate a Man-In-The-Middle attack where an evil developer or evil malware may insert a backdoor not present in the source code, but present in the binaries that users download and trust with real money.

Finally, at any time, any outside developer may independently reproduce this process, proving that the dev team is not inserting backdoors etc.

Deterministic builds are critical for any software you trust with money.

This is how Bitcoin Core handles every release.  Multiple developers must achieve the same compiled result, or no release happens.  We use https://gitian.org/ to assist with this.

Jeff Garzik, bitcoin core dev team and BitPay engineer; opinions are my own, not my employer.
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 03:49:44 AM
 #12083

explain this to me so that i understand how the determinism is built.

is each accepted commit or addition to the source code hashed first followed by a hash of the entire new source code in essence creating a chain of hashes much like the blockchain?  then the final source code is pgp signed by the private key of each trusted builder?

Simplified example:

Step 1: Well, just like blockchain, git records the hash of the latest commit... and a commit records the hash(es) of previous commits.  That creates a chain of hashes for the source code.

Step 2: Given the git commit id (a hash), obtain a source code tree.

Step 3: Compile the source code, resulting in one or more binaries (bytecode output, in Java's case).

Step 4: Hash the binaries

Step 5: Post a PGP-signed message containing the hash from step #4.

Just like in biology or chemistry, it is critical that the above process is independently reproducible and yields the same result every time.

If multiple developers perform these steps, and all result in the same hashes in step #4, then you eliminate a Man-In-The-Middle attack where an evil developer or evil malware may insert a backdoor not present in the source code, but present in the binaries that users download and trust with real money.

Finally, at any time, any outside developer may independently reproduce this process, proving that the dev team is not inserting backdoors etc.

Deterministic builds are critical for any software you trust with money.

This is how Bitcoin Core handles every release.  Multiple developers must achieve the same compiled result, or no release happens.  We use https://gitian.org/ to assist with this.


thanks for the explanation.

keep up the great work.  we're lucky to have you.
aljunking
Member
**
Offline Offline

Activity: 68


View Profile
September 16, 2014, 04:01:51 AM
 #12084

Are you sure that bitcoin "UP" bitcoin is still down right now. Smiley
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 04:06:01 AM
 #12085

Are you sure that bitcoin "UP" bitcoin is still down right now. Smiley

we're getting close to the end of this prolonged correction.  volatility is damping down and several of the large ask walls have been wiped out by buyers or short coverers (which is just as good).  my guess is that we'll break up hard somewhere along here.  we'll see.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 04:15:43 AM
 #12086

it's not uncommon to retest the broken support level from the underside that is now resistance:

sidhujag
Legendary
*
Offline Offline

Activity: 1554


View Profile
September 16, 2014, 04:38:23 AM
 #12087

There is no way id buy gold here.. need a bullish engulf to end a downtrend.

We probably go below 1181 since there was a fake uptrend that we see is broken now. No engulf no good.

Should test 1310ish before the slide

★☆★Syscoin - Decentralized Marketplace and Multisig Platform
Pay with Bitcoin, ZCash and many more
For more visit Syscoin.org  ★☆★
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 04:59:10 AM
 #12088

Paging Carlton Banks!

just saw you on Dance With The Stars!  lookin' gud!  best dance of the nite!

yeah baby!
devphp
Sr. Member
****
Offline Offline

Activity: 336


View Profile
September 16, 2014, 05:07:03 AM
 #12089

"Anyone can compile" is irrelevant.  What is relevant is that you can prove the release team binaries match the source code exactly.

At least now we all agree there is source code, that's a good start Smiley

Fiat is not the enemy.

Bad money is the enemy.

In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin.

In terms of 99.99999% of the population it's irrelevant, they have to buy it, doesn't matter if it's PoW or PoS.
And you're right, it's not fiat that is the enemy, it's uncontrolled money printing that is the enemy. Well, both PoW and PoS models have that under control. And because most of the population can't be miners and have to buy it, they don't care how exactly that crypto is produced.
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
September 16, 2014, 05:19:37 AM
 #12090

Well, both PoW and PoS models have that under control.
PoS is in no way comparable to PoW and it's misleading and deceptive to market as such.

https://download.wpsoftware.net/bitcoin/pos.pdf

PoS is the central bank/Federal Reserve system with a different set of masters. Fuck that.
devphp
Sr. Member
****
Offline Offline

Activity: 336


View Profile
September 16, 2014, 05:23:23 AM
 #12091

Well, both PoW and PoS models have that under control.
PoS is in no way comparable to PoW and it's misleading and deceptive to market as such.

https://download.wpsoftware.net/bitcoin/pos.pdf

PoS is the central bank/Federal Reserve system with a different set of masters. Fuck that.

We don't need to discuss that masters of Bitcoin are two-three biggest mining pools, do we? While in NXT over 300 individual accounts successfully generate blocks. Well, who is more centralized?

99.9999% of the population don't care which crypto they'd buy and which algo it runs on. Prime example of this is Dogecoin users. Exactly, they say 'fuck that' to expensive Bitcoin and use their own coin, and their community is large, check reddit.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 05:25:42 AM
 #12092

"Anyone can compile" is irrelevant.  What is relevant is that you can prove the release team binaries match the source code exactly.

At least now we all agree there is source code, that's a good start Smiley

Fiat is not the enemy.

Bad money is the enemy.

In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin.

In terms of 99.99999% of the population it's irrelevant, they have to buy it, doesn't matter if it's PoW or PoS.
And you're right, it's not fiat that is the enemy, it's uncontrolled money printing that is the enemy. Well, both PoW and PoS models have that under control. And because most of the population can't be miners and have to buy it, they don't care how exactly that crypto is produced.

You're attempting to equate POW & POS by saying they are both just code.

Wrong. POW involves a huge network of miners that have paid blood, sweat, tears, and money to build and maintain.  You can't replace that.
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
September 16, 2014, 05:27:26 AM
 #12093

We don't need to discuss that masters of Bitcoin are two-three biggest mining pools, do we? While in NXT over 300 individual accounts successfully generate blocks. Well, who is more centralized?
We don't, because it doesn't matter.

In a PoW system, if the three largest mining miners decide to misbehave it's at least possible in principle for somebody else to build out more hashing power and compete with them. The miners can not block competition via any other method than expending more real opportunity cost to do so.

In a PoS system, if the majority of the stakeholders decide to misbehave then the system is fucked. Stakeholders are insulated from competition because they only lose stake if they choose to sell their coins to their competitors.

In a PoW system, if a cartel forms it's an annoyance.

PoS systems are inherently designed to form and protect cartels.
devphp
Sr. Member
****
Offline Offline

Activity: 336


View Profile
September 16, 2014, 05:28:27 AM
 #12094

You're attempting to equate POW & POS by saying they are both just code.

Wrong. POW involves a huge network of miners that have paid blood, sweat, tears, and money to build and maintain.  You can't replace that.

Paying blood, sweat, tears and money doesn't guarantee anything, much less profits. That is still irrelevant to how it'd look different in the eyes of population who are charged more for less, while they could pay less to get more. By getting more I mean a larger share of a different crypto currency that does just the same, and some of those do much more too.
devphp
Sr. Member
****
Offline Offline

Activity: 336


View Profile
September 16, 2014, 05:30:54 AM
 #12095

We don't need to discuss that masters of Bitcoin are two-three biggest mining pools, do we? While in NXT over 300 individual accounts successfully generate blocks. Well, who is more centralized?
We don't, because it doesn't matter.

In a PoW system, if the three largest mining miners decide to misbehave it's at least possible in principle for somebody else to build out more hashing power and compete with them. The miners can not block competition via any other method than expending more real opportunity cost to do so.

In a PoS system, if the majority of the stakeholders decide to misbehave then the system is fucked. Stakeholders are insulated from competition because they only lose stake if they choose to sell their coins to their competitors.

In a PoW system, if a cartel forms it's an annoyance.

PoS systems are inherently designed to form and protect cartels.

It's hard to get 2 people to agree with each other. It's impossible to get a few hundred people to agree to collude especially when their financial future depends on proper functioning of the network. Try to get a few people to agree to shoot themselves in the foot, I'd like to see you do that Smiley
justusranvier
Legendary
*
Offline Offline

Activity: 1400



View Profile WWW
September 16, 2014, 05:31:36 AM
 #12096

Try to get a few people to agree to shoot themselves in the foot, I'd like to see you do that Smiley
Have you been in a coma since 2007?
devphp
Sr. Member
****
Offline Offline

Activity: 336


View Profile
September 16, 2014, 05:33:54 AM
 #12097

This conversation is meaningless. As always.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
September 16, 2014, 05:35:30 AM
 #12098

Billions of NXT with 70 addresses distributed to a handful of investors in an IPO for a  measly 25 BTC. That's not fair.
devphp
Sr. Member
****
Offline Offline

Activity: 336


View Profile
September 16, 2014, 05:37:38 AM
 #12099

Billions of NXT with 70 addresses distributed to a handful of investors in an IPO for a  measly 25 BTC. That's not fair.

Yeah, I feel your pain. I wasn't there either when they were doing the IPO. Well, the world moves on whether it's fair to us or not. It's not fair that I wasn't there mining Bitcoins in 2009-2013 either. Just like 99.999% other people.
LiQio
Legendary
*
Offline Offline

Activity: 1140



View Profile
September 16, 2014, 05:37:51 AM
 #12100

Billions of NXT with 70 addresses distributed to a handful of investors in an IPO for a  measly 25 BTC. That's not fair.

Hundred thousands of BTC distributed to a handful of early miners is?
Pages: « 1 ... 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 [605] 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 ... 1558 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!