Bitcoin Forum
November 22, 2017, 01:17:19 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Poll
Question: Will you support Gavin's new block size limit hard fork of 8MB by January 1, 2016 then doubling every 2 years?
1.  yes
2.  no

Pages: « 1 ... 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 [1001] 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 ... 1558 »
  Print  
Author Topic: Gold collapsing. Bitcoin UP.  (Read 2011326 times)
oda.krell
Legendary
*
Offline Offline

Activity: 1386



View Profile
January 12, 2015, 05:37:14 PM
 #20001

Sorry, I was not blessed with the necessary Faith.   Undecided

[already quoted a few times] [and not a completely baseless argument either]


Necro. My apologies (sort of).

You argument, in three words: network insufficiently decentralized.

The counter argument, in just one more word: according to which alternative?


First, it would be pointless imo to argue against the facts: mining is concentrated more than most expected, say, 2 years ago, and more than many are fully comfortable with.

Fact as well, however: none of those conjectured 'mining cartel attacks' ever took place, and there's good reason for that: they might be technically possible, but economically not viable for anyone who holds a stake in Bitcoin (hint: sunk cost in single purpose hardware is a "stake" as well) because of the resulting market reaction upon discovery (or even suspicion such attacks are taking place). They would therefore only be mounted from someone who is willing to pay for an attack on the network itself, and I have yet to see any evidence that this is a realistic vector consistent with what we know about existing hashpower and who paid to employ it.

Finally: the level of decentralization doesn't look so bad anymore when one considers the existing alternatives. Well, there's only one really: traditional banking. It's like you're blaming jet plane air-travel for being hopelessly outdated and slow: until there's a superior alternative, it is the de facto optimum wrt speed.

Not sure which Bitcoin wallet to use? I suggest to take a look at Electrum.
Electrum is an open-source lightweight client: user friendly, fast, and one of the safest ways to store, send or receive bitcoins.
For executables (Windows, OSX, Linux, Android), source code and documentation, see the Electrum homepage.
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511356639
Hero Member
*
Offline Offline

Posts: 1511356639

View Profile Personal Message (Offline)

Ignore
1511356639
Reply with quote  #2

1511356639
Report to moderator
1511356639
Hero Member
*
Offline Offline

Posts: 1511356639

View Profile Personal Message (Offline)

Ignore
1511356639
Reply with quote  #2

1511356639
Report to moderator
1511356639
Hero Member
*
Offline Offline

Posts: 1511356639

View Profile Personal Message (Offline)

Ignore
1511356639
Reply with quote  #2

1511356639
Report to moderator
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 12, 2015, 07:25:36 PM
 #20002

oil?  who the hell needs oil?  let alone natgas.  major storm brewing:



Dow Theory non-confirmation still in force:

cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 12, 2015, 07:32:06 PM
 #20003

One coin to rule them all:

MarketNeutral
Sr. Member
****
Offline Offline

Activity: 364


View Profile
January 12, 2015, 07:41:12 PM
 #20004

Exciting trading ahead! Big profits, big losses. I can't wait to see how it all plays out.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 12, 2015, 07:47:16 PM
 #20005

the creeping fear is accelerating:

cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 12, 2015, 07:59:33 PM
 #20006

looks like i am gonna get my chance at reloading  Cheesy

tvbcof
Legendary
*
Offline Offline

Activity: 2324


View Profile
January 12, 2015, 08:19:36 PM
 #20007

...
First, it would be pointless imo to argue against the facts: mining is concentrated more than most expected, say, 2 years ago, and more than many are fully comfortable with.

Fact as well, however: none of those conjectured 'mining cartel attacks' ever took place, and there's good reason for that: they might be technically possible, but economically not viable for anyone who holds a stake in Bitcoin (hint: sunk cost in single purpose hardware is a "stake" as well) because of the resulting market reaction upon discovery (or even suspicion such attacks are taking place). They would therefore only be mounted from someone who is willing to pay for an attack on the network itself, and I have yet to see any evidence that this is a realistic vector consistent with what we know about existing hashpower and who paid to employ it.

Finally: the level of decentralization doesn't look so bad anymore when one considers the existing alternatives. Well, there's only one really: traditional banking. It's like you're blaming jet plane air-travel for being hopelessly outdated and slow: until there's a superior alternative, it is the de facto optimum wrt speed.

Bitcoin has clearly failed in an 'exchange' role as evidenced by still not needing to fiddle with the 7 tps transaction rate (1MB block size) and not being on a trajectory to need to do so any time soon.  The reason for this is abundantly clear and I've been saying so for years:  Bitcoin is simply not competitive in this role.

Bitcoin could be, however, extremely competitive in the role of a reserve currency.  But if we are relying on a foundation of 'subversion and failure could happen, but has not yet so maybe it never will', this detracts hugely from it's potential value as a reserve currency.

The pipe-dream of using Bitcoin as an exchange currency has unsurprisingly sucked in a school of intellectual herring, but more surprisingly also a bunch of VC predator food-chain class who I would have not expected to be such dullards.  This has been great for my pocketbook, but their utility is nearing the end-point.  Now is the time to appreciate the true value of Bitcoin and work toward preserving what remains of it and unrolling the damage done by centralization.  This is what sidechains mean to me.


Bagatell
Hero Member
*****
Offline Offline

Activity: 722



View Profile
January 12, 2015, 08:28:05 PM
 #20008

Now is the time to appreciate the true value of Bitcoin and work toward preserving what remains of it and unrolling the damage done by centralization.  This is what sidechains mean to me.

Say what?
tvbcof
Legendary
*
Offline Offline

Activity: 2324


View Profile
January 12, 2015, 08:34:29 PM
 #20009

Now is the time to appreciate the true value of Bitcoin and work toward preserving what remains of it and unrolling the damage done by centralization.  This is what sidechains mean to me.

Say what?

Did I stutter?  'cause I don't think I did.


smooth
Legendary
*
Offline Offline

Activity: 1596



View Profile
January 12, 2015, 08:38:27 PM
 #20010

This is what sidechains mean to me.

Side chains are not even the slightest bit needed to use BTC as a reserve currency. It's nearly prefect the way it is. 7 tps is plenty for that. Probably an order of magnitude or two overkill in fact.


solex
Legendary
*
Offline Offline

Activity: 1078


100 satoshis -> ISO code


View Profile
January 12, 2015, 08:43:14 PM
 #20011

This is what sidechains mean to me.

Side chains are not even the slightest bit needed to use BTC as a reserve currency. It's nearly prefect the way it is. 7 tps is plenty for that. Probably an order of magnitude or two overkill in fact.

Unfortunately, the 7 tps is an old estimate, and the reality of large blocks is that 2400 tx is maximum, or 4 tps. However, even this is too large because some miners still turn out near empty blocks, and would do so even if the network had a severe backlog. So 3 tps is a more accurate working number.

jmw74
Full Member
***
Offline Offline

Activity: 236


View Profile
January 12, 2015, 08:44:51 PM
 #20012

Bitcoin has clearly failed in an 'exchange' role as evidenced by still not needing to fiddle with the 7 tps transaction rate (1MB block size) and not being on a trajectory to need to do so any time soon.  The reason for this is abundantly clear and I've been saying so for years:  Bitcoin is simply not competitive in this role.

Bitcoin is not very competitive for buying coffee, but that isn't the only thing people do with money.

It's quite competitive for international remittance, black market activity, and micropayments. In some cases, bitcoin is the only method that works at all. Those markets alone are absolutely massive expansion territory for bitcoin.

The reason bitcoin hasn't hit the 1mb limit has little to do with the network itself, and much more to do with the shitty state of personal computing.  Keeping high-value secrets was not what any of it was designed to do. Everything bitcoin needs for that has to be built now. A lot of progress has already been made. There's no reason it won't become easy enough for anyone to do.

However many transactions per second fit in a commodity internet connection, that's how many it will have, certainly much more than 7tps.

If you think bitcoin can succeed as a bank settlement network, you might as well sell now, because it's never going to work. The whole point of bitcoin is censorship resistance, do you really think banks and governments and payment processors see that as a valuable feature? They're the censors! If individuals don't have access to bitcoin, it will die, they're the only ones who could possibly care about it.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 12, 2015, 08:45:34 PM
 #20013

This is what sidechains mean to me.

Side chains are not even the slightest bit needed to use BTC as a reserve currency. It's nearly prefect the way it is. 7 tps is plenty for that. Probably an order of magnitude or two overkill in fact.




the problem here is that when the price doesn't conform to ppl's expectations, low level thinkers like tvbcof & even high level thinkers like Adam, begin to believe that there is something wrong and start thinking they're smarter than Satoshi and start proposing all sorts of hair brained "solutions".  this is just another of many repeated sufferings we all have to endure.
rocks
Legendary
*
Offline Offline

Activity: 1149


View Profile
January 12, 2015, 08:53:42 PM
 #20014

oil?  who the hell needs oil?  let alone natgas.  major storm brewing:

Didn't you get the memo, we are all going to live off of perfectly stable wind/solar power and unicorn farts for now on.

The energy sector still has a way to go down, but it will be time to reload energy stocks in a bit (after a round of bankruptcies and defaults). The current supply/demand imbalance will not knock out US energy which has more than enough of a capital base to ride this out, but will severely damage supply from dystopian basket cases such as Venezuela (the country of my birth) and Iran.
cypherdoc
Legendary
*
Offline Offline

Activity: 1764



View Profile
January 12, 2015, 08:59:53 PM
 #20015

This is what sidechains mean to me.

Side chains are not even the slightest bit needed to use BTC as a reserve currency. It's nearly prefect the way it is. 7 tps is plenty for that. Probably an order of magnitude or two overkill in fact.

Unfortunately, the 7 tps is an old estimate, and the reality of large blocks is that 2400 tx is maximum, or 4 tps. However, even this is too large because some miners still turn out near empty blocks, and would do so even if the network had a severe backlog. So 3 tps is a more accurate working number.

i never heard of why the Mystery Miner of a coupla years ago failed mining 0 tx blocks.  any ideas?
tvbcof
Legendary
*
Offline Offline

Activity: 2324


View Profile
January 12, 2015, 09:11:52 PM
 #20016

This is what sidechains mean to me.

Side chains are not even the slightest bit needed to use BTC as a reserve currency.

They have absolute need for a reserve currency because it eliminates the need for such backing as POW or POS.

Now they still will need POW, but only to support Bitcoin.  Not (necessarily) to support their own core infrastructure needs though many probably will leverage this anyway.


It's nearly prefect the way it is. 7 tps is plenty for that. Probably an order of magnitude or two overkill in fact.

That is in no way clear to me.  With activity of the magnitude I'm visualizing individuals just exercising the peg to the backing store could be significant not to mention the various balancing that the multitude of sidechains will be wishing to perform on the actual backing store itself.  Also, of course, I see a role for individuals and organizations using native Bitcoin raw, but mostly just for critical or 'difficult' tasks.

One way or another, pushing up into where the transaction fees are a factor before trying to push a harmful and potentially devastating hard-fork makes a lot of sense to me.  If the 'new paradigm' that Bitcoin transactions are ever-subsidized for nearly free use by the masses is where people's heads are at, they should say so.  Piss or get off the pot.  It's disgusting and embarrassing to see these supposed 'principles' of Bitcoin be milked for marketing reasons long after they've exceeded their shelf-life and become absurd.


gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 2338



View Profile
January 12, 2015, 09:42:49 PM
 #20017

I think deterministic signatures are much more important than constant-time signatures (there's been a non-trivial amount of funds lost due to the repeat k-value problem but I doubt a single satoshi has ever been lost due to a genuine side-channel attack).  Someone like gmaxwell could comment better on the practical risks here…
There never has been a single 1e-8 btc lost due to reused/bad K ... in a competent implementation. The places we've seen lossage have been implementations which were horrific in other ways as well (like only having 32..48 bits of randomness total)... ultimately, if you can't generate strong random numbers you're going to be utterly screwed in any case, because your private keys themselves will be predictable. It's more important for embedded/hardware implementations which are more likely to suffer from randomness problems and are easier targets for attack. (e.g. tampering with the supply chain for all server hardware in order to backdoor Bitcoin Core is probably much less attractive than going after the supply chain for a hardware wallet). So while derandomized signing is a good practise because it aids auditability and _maybe_ reduces the space for incompetent implementations to screw up a bit, in someplace like Bitcoin Core I don't generally consider it very important (though, we did it in any case; in part to set a good example).  I had proposed the ecosystem switch to it, back around when BIP 32 was announced, but we hadn't switched to it in Bitcoin Core yet because derandomized signing basically requires replacing what OpenSSL does. (OpenSSL does have a non-standard quasi 6979 implementation in its source repository-- for a long time I'd hoped to pick that up-- but its never made it into production for some reason.)

With respect to the side-channel attacks. It seems to be impossible to convince people of the non-wisdom of running critical cryptographic software on commodity shared-hardware virtual machines; just like it's hard to convince them to stop reusing addresses. Especially when coupled with the fact that the parties doing this are usually handling third party funds, it seems like disaster waiting to happen in a number of respects. With flush+reload boosted side-channel attacks being successfully performed against OpenSSL for our curve with a surprisingly small number of queries, I did consider that fairly concerning.

The distinction is that getting the signing nonces right is a process that can be secured one time for all users by auditing the software; but making sure users don't deploy in a side-channel vulnerable way is something that must be done for each and every user and doesn't really scale. The possitiblity of side-channel attacks is very surprising to people so they don't tend to do much to secure against them. Better to just close the sidechannel.

(also, wtf is with this thread? it seems like five threads merged together. It's impossible to read; I never would have found this post except by pure chance.)

Bitcoin will not be compromised
tvbcof
Legendary
*
Offline Offline

Activity: 2324


View Profile
January 12, 2015, 10:08:22 PM
 #20018

...
(also, wtf is with this thread? it seems like five threads merged together. It's impossible to read; I never would have found this post except by pure chance.)

The thread was created for trolling (notice the title and location) and that's often what happens, but it can be hard not to slip up sometimes.


Odalv
Legendary
*
Offline Offline

Activity: 1260



View Profile
January 12, 2015, 10:32:45 PM
 #20019

I think deterministic signatures are much more important than constant-time signatures (there's been a non-trivial amount of funds lost due to the repeat k-value problem but I doubt a single satoshi has ever been lost due to a genuine side-channel attack).  Someone like gmaxwell could comment better on the practical risks here…
There never has been a single 1e-8 btc lost due to reused/bad K ... in a competent implementation. The places we've seen lossage have been implementations which were horrific in other ways as well (like only having 32..48 bits of randomness total)... ultimately, if you can't generate strong random numbers you're going to be utterly screwed in any case, because your private keys themselves will be predictable. It's more important for embedded/hardware implementations which are more likely to suffer from randomness problems and are easier targets for attack. (e.g. tampering with the supply chain for all server hardware in order to backdoor Bitcoin Core is probably much less attractive than going after the supply chain for a hardware wallet). So while derandomized signing is a good practise because it aids auditability and _maybe_ reduces the space for incompetent implementations to screw up a bit, in someplace like Bitcoin Core I don't generally consider it very important (though, we did it in any case; in part to set a good example).  I had proposed the ecosystem switch to it, back around when BIP 32 was announced, but we hadn't switched to it in Bitcoin Core yet because derandomized signing basically requires replacing what OpenSSL does. (OpenSSL does have a non-standard quasi 6979 implementation in its source repository-- for a long time I'd hoped to pick that up-- but its never made it into production for some reason.)

With respect to the side-channel attacks. It seems to be impossible to convince people of the non-wisdom of running critical cryptographic software on commodity shared-hardware virtual machines; just like it's hard to convince them to stop reusing addresses.
 Especially when coupled with the fact that the parties doing this are usually handling third party funds, it seems like disaster waiting to happen in a number of respects. With flush+reload boosted side-channel attacks being successfully performed against OpenSSL for our curve with a surprisingly small number of queries, I did consider that fairly concerning.

The distinction is that getting the signing nonces right is a process that can be secured one time for all users by auditing the software; but making sure users don't deploy in a side-channel vulnerable way is something that must be done for each and every user and doesn't really scale. The possitiblity of side-channel attacks is very surprising to people so they don't tend to do much to secure against them. Better to just close the sidechannel.

(also, wtf is with this thread? it seems like five threads merged together. It's impossible to read; I never would have found this post except by pure chance.)

Bitstamp COLD wallet !!!
https://blockchain.info/address/1JoktQJhCzuCQkt3GnQ8Xddcq4mUgNyXEa

address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!
rocks
Legendary
*
Offline Offline

Activity: 1149


View Profile
January 12, 2015, 10:33:12 PM
 #20020

I think deterministic signatures are much more important than constant-time signatures (there's been a non-trivial amount of funds lost due to the repeat k-value problem but I doubt a single satoshi has ever been lost due to a genuine side-channel attack).  Someone like gmaxwell could comment better on the practical risks here…
There never has been a single 1e-8 btc lost due to reused/bad K ... in a competent implementation.

I am completely shocked that you of all people are making this claim gmaxwell. Reusing a K value is against the DSA signing algorithm's specifications. Reusing a K value is an incompetent implementation by definition. There have been multiple instances where BTC were lost because bitcoin client software reused the same K value for different signatures on the same address. If you do so you're guaranteed to find that address emptied fairly quickly, based on past instances it seems there there network monitors actively watching for this exact situation.
Pages: « 1 ... 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 [1001] 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 ... 1558 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!