justusranvier
Legendary
Offline
Activity: 1400
Merit: 1013
|
|
September 15, 2014, 10:52:06 PM |
|
Why does it have to be us vs them? Why must the crypto space be so divided? I am not a "pos guy". I simply see some value and utility in a well designed system and want to share that with others, just as I do with bitcoin.
Fiat is the enemy here. Fiat is not the enemy. Bad money is the enemy. In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin.
|
|
|
|
adamstgBit
Legendary
Offline
Activity: 1904
Merit: 1037
Trusted Bitcoiner
|
|
September 15, 2014, 11:16:35 PM |
|
Why does it have to be us vs them? Why must the crypto space be so divided? I am not a "pos guy". I simply see some value and utility in a well designed system and want to share that with others, just as I do with bitcoin.
Fiat is the enemy here. Fiat is not the enemy. Bad money is the enemy.In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin. +1 i try not to worry about the mountains of lil shitcoins around, causing some drag on bitcoins value. as i see it the coins are really there for some poor mans speculative fun ( most of which were/are outright pump and dumps get rich quick schemes ), and for the most part poeple have been using them as such, I myself made/lost a fair amount of time and money playing with alts which is fine. bitcoin is by far "better money" than these other altcoins for so many reasons... In the end good money drives out bad. All of the shitcoins you see today will fade and by this time next year there will be a slue of newer alts offering even more speculative fun! which is fine.
|
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 15, 2014, 11:22:10 PM |
|
disruption continues:
|
|
|
|
|
User705
Legendary
Offline
Activity: 896
Merit: 1006
First 100% Liquid Stablecoin Backed by Gold
|
|
September 16, 2014, 12:04:30 AM |
|
Why does it have to be us vs them? Why must the crypto space be so divided? I am not a "pos guy". I simply see some value and utility in a well designed system and want to share that with others, just as I do with bitcoin.
Fiat is the enemy here. Fiat is not the enemy. Bad money is the enemy.In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin. +1 i try not to worry about the mountains of lil shitcoins around, causing some drag on bitcoins value. as i see it the coins are really there for some poor mans speculative fun ( most of which were/are outright pump and dumps get rich quick schemes ), and for the most part poeple have been using them as such, I myself made/lost a fair amount of time and money playing with alts which is fine. bitcoin is by far "better money" than these other altcoins for so many reasons...In the end good money drives out bad. All of the shitcoins you see today will fade and by this time next year there will be a slue of newer alts offering even more speculative fun! which is fine. Which MANY reasons? Most altcoins are simply blatant copies of bitcoin. The only thing separating bitcoin is the network effect. But bitcoin currently is still tiny compared to real world. MySpace was around before Facebook but how did it work out in the end? Western Union could adopt a PoS similar to Nxt and overnight have more users then bitcoin, more points of exchange, greater liquidity and greater foreign exchange convertability. Heck they can do their own PoW implementation and have every location mining if Nxt type PoS is proven insecure. Is crypto better then gold? Sure. But barely a few years after its invention to claim it will forever be better then what might be invented/implemented next is silly.
|
|
|
|
notme
Legendary
Offline
Activity: 1904
Merit: 1002
|
|
September 16, 2014, 12:17:13 AM |
|
No. Those hashes prove nothing. A deterministic build process enables multiple independent parties to generate the exact same output, given a git commit id. If you cannot prove what's in users hands is exactly what came out from the java->bytecode compiler, then you should not use that binary.
Funny logic. Do all million or so BTC users compile from the source before using it? I guess we should not even be using any online site, like coinbase, as we don't have source. All Windows users should never use BTC either as BTC is only for people who compile from the source. What's your point anyway? Nxt is open source. Anyone can compile it. Given it's in Java, anyone can even decompile it. We have dozens of clones. You have not made your point clear. Are you trying to claim Nxt security relies on obscurity? If that is the claim, that is provable false as you can decompile Java and steal Nxt. Given that isn't hapening, what are you trying to claim? He is simply stating that without source code and deterministic builds you can not be sure someone hasn't decompiled it, modified it to steal your coins, and then recompiled it. But if you trust the person distributing it has verified it, by all means run it.
|
|
|
|
jgarzik
Legendary
Offline
Activity: 1596
Merit: 1100
|
|
September 16, 2014, 02:00:22 AM Last edit: September 16, 2014, 02:22:04 AM by jgarzik |
|
No. Those hashes prove nothing. A deterministic build process enables multiple independent parties to generate the exact same output, given a git commit id. If you cannot prove what's in users hands is exactly what came out from the java->bytecode compiler, then you should not use that binary.
Funny logic. Do all million or so BTC users compile from the source before using it? I guess we should not even be using any online site, like coinbase, as we don't have source. All Windows users should never use BTC either as BTC is only for people who compile from the source. What's your point anyway? Nxt is open source. Anyone can compile it. Given it's in Java, anyone can even decompile it. We have dozens of clones. Point missed completely. The vast majority of users simply download and run code. They do not compile it. A deterministic build process enables any random outsider, at any time, to prove that the given source code compiles to binary (or byte) code that matches exactly, byte-for-byte with what is produced by the official release team. "Anyone can compile" is irrelevant. What is relevant is that you can prove the release team binaries match the source code exactly. An attacker may otherwise stuff a backdoor into the bytecode, but not the source code. "Anyone can compile it" developers would never notice the backdoor... yet 99% of the users still have the backdoor. Furthermore, you want a process like bitcoin's where multiple developers each produce a build, and PGP-sign the produced hashes. In this way, you need not worry about a backdoor'd compiler producing evil bytecode without the developer's knowledge.
|
Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own. Visit bloq.com / metronome.io Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 16, 2014, 02:34:37 AM |
|
No. Those hashes prove nothing. A deterministic build process enables multiple independent parties to generate the exact same output, given a git commit id. If you cannot prove what's in users hands is exactly what came out from the java->bytecode compiler, then you should not use that binary.
Funny logic. Do all million or so BTC users compile from the source before using it? I guess we should not even be using any online site, like coinbase, as we don't have source. All Windows users should never use BTC either as BTC is only for people who compile from the source. What's your point anyway? Nxt is open source. Anyone can compile it. Given it's in Java, anyone can even decompile it. We have dozens of clones. Point missed completely. The vast majority of users simply download and run code. They do not compile it. A deterministic build process enables any random outsider, at any time, to prove that the given source code compiles to binary (or byte) code that matches exactly, byte-for-byte with what is produced by the official release team. "Anyone can compile" is irrelevant. What is relevant is that you can prove the release team binaries match the source code exactly. An attacker may otherwise stuff a backdoor into the bytecode, but not the source code. "Anyone can compile it" developers would never notice the backdoor... yet 99% of the users still have the backdoor. Furthermore, you want a process like bitcoin's where multiple developers each produce a build, and PGP-sign the produced hashes. In this way, you need not worry about a backdoor'd compiler producing evil bytecode without the developer's knowledge. explain this to me so that i understand how the determinism is built. is each accepted commit or addition to the source code hashed first followed by a hash of the entire new source code in essence creating a chain of hashes much like the blockchain? then the final source code is pgp signed by the private key of each trusted builder?
|
|
|
|
jgarzik
Legendary
Offline
Activity: 1596
Merit: 1100
|
|
September 16, 2014, 03:20:27 AM Last edit: September 16, 2014, 04:14:34 AM by jgarzik |
|
explain this to me so that i understand how the determinism is built.
is each accepted commit or addition to the source code hashed first followed by a hash of the entire new source code in essence creating a chain of hashes much like the blockchain? then the final source code is pgp signed by the private key of each trusted builder?
Simplified example: Step 1: Similar to the blockchain, git records the hash of the latest commit... and a commit includes the hash(es) of previous commits. That creates a chain of hashes for the source code. Step 2: Given the git commit id (a hash), obtain a source code tree. Step 3: Compile the source code, resulting in one or more binaries (bytecode output, in Java's case). Step 4: Hash the binaries Step 5: Post a PGP-signed message containing the hash from step #4. Just like in biology or chemistry, it is critical that the above process is independently reproducible and yields the same result every time.If multiple developers perform these steps, and all result in the same hashes in step #4, then you eliminate a Man-In-The-Middle attack where an evil developer or evil malware may insert a backdoor not present in the source code, but present in the binaries that users download and trust with real money. Finally, at any time, any outside developer may independently reproduce this process, proving that the dev team is not inserting backdoors etc. Deterministic builds are critical for any software you trust with money. This is how Bitcoin Core handles every release. Multiple developers must achieve the same compiled result, or no release happens. We use https://gitian.org/ to assist with this.
|
Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own. Visit bloq.com / metronome.io Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 16, 2014, 03:49:44 AM |
|
explain this to me so that i understand how the determinism is built.
is each accepted commit or addition to the source code hashed first followed by a hash of the entire new source code in essence creating a chain of hashes much like the blockchain? then the final source code is pgp signed by the private key of each trusted builder?
Simplified example: Step 1: Well, just like blockchain, git records the hash of the latest commit... and a commit records the hash(es) of previous commits. That creates a chain of hashes for the source code. Step 2: Given the git commit id (a hash), obtain a source code tree. Step 3: Compile the source code, resulting in one or more binaries (bytecode output, in Java's case). Step 4: Hash the binaries Step 5: Post a PGP-signed message containing the hash from step #4. Just like in biology or chemistry, it is critical that the above process is independently reproducible and yields the same result every time.If multiple developers perform these steps, and all result in the same hashes in step #4, then you eliminate a Man-In-The-Middle attack where an evil developer or evil malware may insert a backdoor not present in the source code, but present in the binaries that users download and trust with real money. Finally, at any time, any outside developer may independently reproduce this process, proving that the dev team is not inserting backdoors etc. Deterministic builds are critical for any software you trust with money. This is how Bitcoin Core handles every release. Multiple developers must achieve the same compiled result, or no release happens. We use https://gitian.org/ to assist with this. thanks for the explanation. keep up the great work. we're lucky to have you.
|
|
|
|
aljunking
Member
Offline
Activity: 67
Merit: 10
|
|
September 16, 2014, 04:01:51 AM |
|
Are you sure that bitcoin "UP" bitcoin is still down right now.
|
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 16, 2014, 04:06:01 AM |
|
Are you sure that bitcoin "UP" bitcoin is still down right now. we're getting close to the end of this prolonged correction. volatility is damping down and several of the large ask walls have been wiped out by buyers or short coverers (which is just as good). my guess is that we'll break up hard somewhere along here. we'll see.
|
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 16, 2014, 04:15:43 AM |
|
it's not uncommon to retest the broken support level from the underside that is now resistance:
|
|
|
|
sidhujag
Legendary
Offline
Activity: 2044
Merit: 1005
|
|
September 16, 2014, 04:38:23 AM Last edit: September 16, 2014, 04:52:44 AM by sidhujag |
|
There is no way id buy gold here.. need a bullish engulf to end a downtrend.
We probably go below 1181 since there was a fake uptrend that we see is broken now. No engulf no good.
Should test 1310ish before the slide
|
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 16, 2014, 04:59:10 AM |
|
Paging Carlton Banks!
just saw you on Dance With The Stars! lookin' gud! best dance of the nite!
yeah baby!
|
|
|
|
devphp
|
|
September 16, 2014, 05:07:03 AM |
|
"Anyone can compile" is irrelevant. What is relevant is that you can prove the release team binaries match the source code exactly.
At least now we all agree there is source code, that's a good start Fiat is not the enemy.
Bad money is the enemy.
In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin.
In terms of 99.99999% of the population it's irrelevant, they have to buy it, doesn't matter if it's PoW or PoS. And you're right, it's not fiat that is the enemy, it's uncontrolled money printing that is the enemy. Well, both PoW and PoS models have that under control. And because most of the population can't be miners and have to buy it, they don't care how exactly that crypto is produced.
|
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1013
|
|
September 16, 2014, 05:19:37 AM |
|
Well, both PoW and PoS models have that under control. PoS is in no way comparable to PoW and it's misleading and deceptive to market as such. https://download.wpsoftware.net/bitcoin/pos.pdfPoS is the central bank/Federal Reserve system with a different set of masters. Fuck that.
|
|
|
|
devphp
|
|
September 16, 2014, 05:23:23 AM |
|
Well, both PoW and PoS models have that under control. PoS is in no way comparable to PoW and it's misleading and deceptive to market as such. https://download.wpsoftware.net/bitcoin/pos.pdfPoS is the central bank/Federal Reserve system with a different set of masters. Fuck that. We don't need to discuss that masters of Bitcoin are two-three biggest mining pools, do we? While in NXT over 300 individual accounts successfully generate blocks. Well, who is more centralized? 99.9999% of the population don't care which crypto they'd buy and which algo it runs on. Prime example of this is Dogecoin users. Exactly, they say 'fuck that' to expensive Bitcoin and use their own coin, and their community is large, check reddit.
|
|
|
|
cypherdoc (OP)
Legendary
Offline
Activity: 1764
Merit: 1002
|
|
September 16, 2014, 05:25:42 AM |
|
"Anyone can compile" is irrelevant. What is relevant is that you can prove the release team binaries match the source code exactly.
At least now we all agree there is source code, that's a good start Fiat is not the enemy.
Bad money is the enemy.
In terms of its trust model PoS is more similar to fiat money than it is similar to Bitcoin.
In terms of 99.99999% of the population it's irrelevant, they have to buy it, doesn't matter if it's PoW or PoS. And you're right, it's not fiat that is the enemy, it's uncontrolled money printing that is the enemy. Well, both PoW and PoS models have that under control. And because most of the population can't be miners and have to buy it, they don't care how exactly that crypto is produced. You're attempting to equate POW & POS by saying they are both just code. Wrong. POW involves a huge network of miners that have paid blood, sweat, tears, and money to build and maintain. You can't replace that.
|
|
|
|
justusranvier
Legendary
Offline
Activity: 1400
Merit: 1013
|
|
September 16, 2014, 05:27:26 AM |
|
We don't need to discuss that masters of Bitcoin are two-three biggest mining pools, do we? While in NXT over 300 individual accounts successfully generate blocks. Well, who is more centralized? We don't, because it doesn't matter. In a PoW system, if the three largest mining miners decide to misbehave it's at least possible in principle for somebody else to build out more hashing power and compete with them. The miners can not block competition via any other method than expending more real opportunity cost to do so. In a PoS system, if the majority of the stakeholders decide to misbehave then the system is fucked. Stakeholders are insulated from competition because they only lose stake if they choose to sell their coins to their competitors. In a PoW system, if a cartel forms it's an annoyance. PoS systems are inherently designed to form and protect cartels.
|
|
|
|
|