The Path to Taproot Activation : Bitcoin – The Bitcoin
Roland Maxwell - Bitcoin Miner - Crypto Currency Trading
charlie maxwell - Bitcoin miner - BitPay | LinkedIn
User:Gmaxwell/features - Bitcoin Wiki
07-08 17:02 - 'Sure, everybody knows well that the miners promised to exclusively run core and activate SW, while Core promised nothing / s / Even gmaxwell said something other in his famous "dipshit" quote.' by /u/history_is_happening removed from /r/Bitcoin within 208-218min
Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it! (If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?) (Pedants: I mostly elide over lockin times) Briefly, Taproot is that neat new thing that gets us:
Multisignatures (n-of-n, k-of-n) that are just 1 signature (1-of-1) in length!! (MuSig/Schnorr)
Better privacy!! If all contract participants can agree, just use a multisignature. If there is a dispute, show the contract publicly and have the Bitcoin network resolve it (Taproot/MAST).
Activation lets devs work get back to work on the even newer stuff like!!!
Cross-input signature aggregation!! (transaction with multiple inputs can have a single signature for all inputs) --- needs Schnorr, but some more work needed to ensure that the interactions with SCRIPT are okay.
Block validation - Schnorr signatures for all taproot spends in a block can be validated in a single operation instead of for each transaction!! Speed up validation and maybe we can actually afford to increase block sizes (maybe)!!
SIGHASH_ANYPREVOUT - you know, for Decker-Russell-Osuntokun ("eltoo") magic!!!
OP_CHECKTEMPLATEVERIFY - vaulty vaults without requiring storing signatures, just transaction details!!
So yes, let's activate taproot!
The SegWit Wars
The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions. So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!
bit - A field in the block header, the nVersion, has a number of bits. By setting a particular bit, the miner making the block indicates that it has upgraded its software to support a particular soft fork. The bit parameter for a BIP9 activation is which bit in this nVersion is used to indicate that the miner has upgraded software for a particular soft fork.
timeout - a time limit, expressed as an end date. If this timeout is reached without sufficient number of miners signaling that they upgraded, then the activation fails and Bitcoin Core goes back to the drawing board.
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two. A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this. So, first some simple questions and their answers:
Why not just set a day when everyone starts imposing the new rules of the softfork?
This was done classically (in the days when Satoshi was still among us). But this might argued to put too much power to developers, since there would be no way to reject an upgrade without possible bad consequences. For example, developers might package an upgrade that the users do not want, together with vital security bugfixes. Either you live without vital security bugfixes and hire some other developers to fix it for you (which can be difficult, presumably the best developers are already the ones working on the codebase) or you get the vital security bugfixes and implicitly support the upgrade you might not want.
Sure, you could fork the code yourself (the ultimate threat in the FOSS world) and hire another set of developers who aren't assholes to do the dreary maintenance work of fixing security bugs, but Bitcoin needs strong bug-for-bug compatibility so everyone should really congregate around a single codebase.
Basically: even the devs do not want this power, because they fear being coerced into putting "upgrades" that are detrimental to users. Satoshi got a pass because nobody knew who he was and how to coerce him.
Suppose the threshold were lower, like 51%. If so, after activation, somebody can disrupt the Bitcoin network by creating a transaction that is valid under the pre-softfork rules, but are invalid under the post-softfork rules. Upgraded nodes would reject it, but 49% of miners would accept it and include it in a block (which makes the block invalid) And then the same 49% would accept the invalid block and build on top of that, possibly creating a short chain of doomed invalid blocks that confirm an invalid spend. This can confuse SPV wallets, who might see multiple confirmations of a transaction and accept the funds, but later find that in fact it is invalid under the now-activated softfork rules.
Thus, a very high threshold was imposed. 95% is considered safe. 50% is definitely not safe. Due to variance in the mining process, 80% could also be potentially unsafe (i.e. 80% of blocks signaling might have a good chance of coming from only 60% of miners), so a threshold of 95% was considered "safe enough for Bitcoin work".
Why have a timeout that disables the upgrade?
Before BIP9, what was used was either flag day or BIP34. BIP34 had no flag day of activation or a bit, instead, it was just a 95% threshold to signal an nVersion value greater than a specific value. Actually, it was two thresholds: at 75%, blocks with the new nVersion would have the new softfork rules imposed, but at 95% blocks with the old nVersion would be rejected (and only the new blocks, with the new softfork rules, were accepted). For one, between 75% and 95%, there was a situation where the softfork was only "partially imposed", only blocks signaling the new rules would actually have those rules, but blocks with the old rules were still valid. This was fine for BIP34, which only added rules for miners with negligible use for non-miners.
The reasons miners signalled support was because they felt they were being pressured to signal support. So they signalled support, with plans to actually upgrade later, but because of the widespread signalling, the new BIP66 version locked in before upgrade plans were finished. Thus, the timeout that disables the upgrade was added in BIP9 to allow miners an escape hatch.
The Great Battles of the SegWit Wars
SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain). So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%. Thus were the Great SegWit Wars started.
BIP9 Feature Hostage
If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage. You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever. With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you. This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.
ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Overt ASICBoost - Manipulates the unused bits in nVersion to reduce power consumption in mining.
Covert ASICBoost - Manipulates the order of transactions in the block to reduce power consumption in mining.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected. Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway. Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost! But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage). Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit. Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!
UASF: BIP148 and BIP8
When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit. Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit. This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core. Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout). BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled. This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9. Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.
BIP91, SegWit2X, and The Aftermath
BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community. One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym. The text of the NYA was basically:
Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91. Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit. Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X). This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists. Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout) So let's take a look at Modern Softfork Activation!
Modern Softfork Activation
This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
First have a 12-month BIP9 (fail at timeout).
If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation. The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.
PSA: Being Resilient to Upgrades
Software is very birttle. Anyone who has been using software for a long time has experienced something like this:
You hear a new version of your favorite software has a nice new feature.
Excited, you install the new version.
You find that the new version has subtle incompatibilities with your current workflow.
You are sad and downgrade to the older version.
You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system. And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk. Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations. So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist. Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems. When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well). This recommendation is from gmaxwell on IRC, by the way.
Newbs might not know this, but bitcoin recently came out of an intense internal drama. Between July 2015 and August 2017 bitcoin was attacked by external forces who were hoping to destroy the very properties that made bitcoin valuable in the first place. This culminated in the creation of segwit and the UASF (user activated soft fork) movement. The UASF was successful, segwit was added to bitcoin and with that the anti-decentralization side left bitcoin altogether and created their own altcoin called bcash. Bitcoin's price was $2500, soon after segwit was activated the price doubled to $5000 and continued rising until a top of $20000 before correcting to where we are today. During this drama, I took time away from writing open source code to help educate and argue on reddit, twitter and other social media. I came up with a reading list for quickly copypasting things. It may be interesting today for newbs or anyone who wants a history lesson on what exactly happened during those two years when bitcoin's very existence as a decentralized low-trust currency was questioned. Now the fight has essentially been won, I try not to comment on reddit that much anymore. There's nothing left to do except wait for Lightning and similar tech to become mature (or better yet, help code it and test it) In this thread you can learn about block sizes, latency, decentralization, segwit, ASICBOOST, lightning network and all the other issues that were debated endlessly for over two years. So when someone tries to get you to invest in bcash, remind them of the time they supported Bitcoin Unlimited. For more threads like this see UASF
So Peter Todd & Gavin Andresen have been "arguing". Who is correct on BTC scalability?
I honestly don't know much about these men. At first impression (if I can remember correctly) Peter sold 50% of his Bitcoins cause he was mad at GHash and the risk of 51% attack. I think the rest of the story goes like this: Gavin thinks Bitcoin can scale by implementing so and so, Peter says it won't work, said another method needs to be used instead. So who between the two is "right"?
Scaling is coming, ignore the FUD. The most important thing for Bitcoin now is for its main chain to keep its main attributes: Antifragility and Immutability, that's what gives it the status as a safe store of value. To use it to buy a cup of coffee it's not a priority (but we will get there later), just like the Internet, built on a solid base and adding all the needed and desired functionalities with second layer apps. Also, Note the massive amount of qualified devs working on Bitcoin and those second layer apps vs the few crappy devs on the roger-coin. Which project do you think has more value in the medium and long term? Edit: Formatting
Quote from: theymos on January 31, 2013, 08:59:57 AM
Quote from: gmaxwell on January 31, 2013, 08:01:14 AM It's often repeated that Satoshi intended to remove "the limit" but I always understood that to be the 500k maximum generation soft limit... quite possible I misunderstood, but I don't understand why it would be a hardforking protocol rule otherwise.
Satoshi definitely intended to increase the hard max block size. See: https://bitcointalk.org/index.php?topic=1347.0 I believe that Satoshi expected most people to use some sort of lightweight node, with only companies and true enthusiasts being full nodes. Mike Hearn's view is similar to Satoshi's view. I strongly disagree with the idea that changing the max block size is a violation of the "Bitcoin currency guarantees". Satoshi said that the max block size could be increased, and the max block size is never mentioned in any of the standard descriptions of the Bitcoin system. IMO Mike Hearn's plan would probably work. The market/community would find a way to pay for the network's security, and it would be easy enough to become a full node that the currency wouldn't be at risk. The max block size would not truly be unlimited, since miners would always need to produce blocks that the vast majority of full nodes and other miners would be able and willing to process in a reasonable amount of time. However, enforcing a max block size is safer. It's not totally clear that an unlimited max block size would work. So I tend to prefer a max block size for Bitcoin. Some other cryptocurrency can try the other method. I'd like the limit to be set in a more decentralized, free-market way than a fixed constant in the code, though.
theymos , what changed? The more civilized big blockers would genuinely like to know what changed your mind. Ignore the trolls. Even your voice is welcome in this sub.
elimination of the need for miners for network consensus through new algorithms, elimination of dependence on the human element in the network operation
duplicate coinbase outputs (Update: Duplicate coinbase outputs, is a problem that was removed by Skycoin. It does not have coin emission from mining, so there is no coinbase transactions.)
signature malleability (Update: Signature malleability is another negative trait of Bitcoin that is not a problem with Skycoin. The problem could cause you to have your transaction fail if it is in a child of an affected block.)
reduction in complexity in implementation
dozens of security/crypto related improvements
elimination of external dependencies that create security concerns in Bitcoin
51% attack proof and strengthening against various attacks
simplified, more power data, transaction and wallet APIs
brainwallet, deterministic wallets as default
network security improvements
intrinsic support for gmaxwell CoinJoin transaction privacy protocol
new networking protocols to enable the verification of the mathematical prerequisites for consensus network convergence
separation of coin creation from consensus network, to eliminate Bitcoin's tendencies towards mining centralization
directed bipartite TX/UTXO transaction graph structure which is more elegant and efficient than Bitcoin's multi-graph structure
provably upper bounded network, RAM and CPU resource usage for network operation
rolling unspent output state error correction coding in the block header for early detection of software/hardware non-determinism
blockchain/transaction/histrory storage database with constant time lookup, indexless operation for all major blockchain history queries
Skycoin is 51% attack proof and addresses many of the security issues in Bitcoin. Skycoin is designed to be a simpler, easier to use, more secure Bitcoin. Skycoin emphasizes simplicity, security and usability.
Scaling is coming, ignore the FUD. The most important thing for Bitcoin now is for its main chain to keep its main attributes: Antifragility and Immutability, that's what gives it the status as a safe store of value. To use it to buy a cup of coffee it's not a priority (but we will get there later), just like the Internet, built on a solid base and adding all the needed and desired functionalities with second layer apps. Also, Note the massive amount of qualified devs working on Bitcoin and those second layer apps vs the few crappy devs on the roger-coin. Which project do you think has more value in the medium and long term?
Let's discuss something tech-related for a change: Sidechains!
Okay rbitcoin, yeah yeah J Morgan yeah yeah blah blah boo hoo. Okay? Good. So here's what I know:
The original sidechains paper seems to have grown out of gmaxwell's ramblings about CoinWitness, which would entail adding a zk-SNARK verifier into Bitcoin Core. A zk-SNARK verifier would allow Bitcoin fullnodes to have a programmable verifier, with the data being verified (e.g. entire sidechain blocks) not needed to be provided to the verifier, just a tiny 288-byte transcript (the proof). Note that fullnodes don't even need to execute the programmed verifier themselves, just check the 288-byte proof that the program was honestly executed by someone else with a lot more processing power.
CoinWitness was planned to use the vnTinyRAM, a virtual machine for running a von Neumann program. You could write a C code verifier and compile it to run on vnTinyRAM. RAM here is Random Access Machine, not Random Access Memory, BTW. Note however that vnTinyRAM has limited number of "clock cycles" i.e. instructions it could execute; it won't allow true Turing completeness, as it requires termination, and if you reach the cycle limit the verifier is treated as if it failed.
CoinWitness could be used for a lot of different financial systems, not just sidechains! For example if you could program perfectly, you could set up a trustable Chaumian bank or a trustable mixer (well, trustable if every user was reviewing your code before they used it, LOL).
zk-SNARKs are cool, but this rather nicely shows the importance of not depending on novel crypto.
zk-SNARKs also require a trusted setup (i.e. someone generates some random data from a seed, and promises not to keep its seed, something like that), at least according to some treatments I've seen (don't know enough cryptography to know which ones are correct or if I'm missing something). Some newer papers seem to be using called "PCP" to skip the trusted setup, but increases the size of proofs and the load on verifiers. See also previous item for the importance of not depending on novel crypto.
So... zk-SNARKs are out. The Blockstream sidechains paper thus focuses on SPV proofs. Blockstream's Elements sidechain includes SPV proofs, and uses SPV proofs for main->side transfers. In case you're curious, Elements uses fedpeg for side->main, since they were working with an unpatched mainchain Bitcoin.
SPV proofs kinda suck. You need a mechanism to repeal them by showing a longer SPV proof that shows that the side->main transfer didn't actually occur. That mechanism should also be repealable by showing an even longer SPV proof that shows that by golly, yes the side->main transfer really did occur you dolt (to be specific: a withdrawproofverify UTXO is unlocked by an SPV proof, and must then be paid to a UTXO that is unlocked either by a timelock, or a reorgproof. The reorgproof is an even longer SPV proof that should pay back to a withdrawproofverify UTXO, and you would then retry with your even longer SPV proof of existence (withdrawproof) presumably the sidechain had extended by that time, which an attacker would have to counter with a yet longer SPV proof of non-existence (reorgproof), etc.). And so on.
So, drivechains instead of SPV proofs. Drivechains use miner voting to determine if a side->main transfer did occur.
Miner voting, yeah, that mechanism which prevented SegWit from activating until August this year. Miner voting is totes fine, guys.
There are actually two drivechain proposals, one by Sergio Demian LerneRootstock (OP_COUNT_ACKS) and another by Paul Sztorc/Truthcoin (upvotes/downvotes on coinbase tx).
Drivechains require merge mining, so every sidechain miner needs to be a mainchain miner.
Paul Sztorc is proposing something about "blind" merge mining, which is basically that the sidechain miner is theoretically separate fro mthe mainchain miner, and pays the latter to put some hashes (presumably sidechain block hashes) on the chain. This style of sidechain miners doesn't have a way to affect miner voting, though, just the hash committed to in the merge-mine, so I don't see why he bothered.
Heated discussion in #bitcoin-core-dev: " luke-jr: you are abusive towards me and the other contributors."
Small excerpt: luke-jr sipa: we don't know that yet, and our recommendations should always be what is sane even if they get ignored. sipa luke-jr: that's a reasonable position... but the code is written from a viewpoint that we will get weight-limited block construction luke-jr: and the release notes should describe the code luke-jr then the code is broken (sabotaged, it sounds like) and fixing it should be considered a blocker for any release. sipa if that is your viewpoint, then it is segwit that is sabotaged i disagree strongly with that Further: gmaxwell I am fed up with this. luke-jr same here. gmaxwell luke-jr: you are abusive towards me and the other contributors. you are obsessing over minutia on top of minutia. You are wasting countless hours exhausting all patience. Over matters which donotmatter. The few obscure miners which will set non-defaults even though they get abusive and threatening contact from users (which drives away their hashpower); can still do so. If it's slightly slower? so what--- the latest software is dozens of times faster to creates blocks than older software and they hardly cared to upgrade. it litterally makes no difference in the world, and yet you force people to spend hours and hours debating these things. and I get to spend my time asking others to not leave the project because they are exhausted by you; but it even exhausts me too. The last block from eligius was 64 hours ago. It contained NO transactions. I would say that createnew block being merely 29.5 times faster than the old code it was running until recently instead of 30x faster won't matter. ... except it won't even see that difference when it mines empty blocks with no transactions at all. When it does actually include transactions-- it appears to produce maximum size blocks just like everyone else: https://blockchain.info/block/00000000000000000... The entire discussion is interesting. The conversation roughly starts here. More context: https://github.com/bitcoin/bitcoin/pull/8459
People are starting to realize how toxic Gregory Maxwell is to Bitcoin, saying there are plenty of other coders who could do crypto and networking, and "he drives away more talent than he can attract." Plus, he has a 10-year record of damaging open-source projects, going back to Wikipedia in 2006.
I honestly don't think he is capable of being a worthy contributor. He is arrogant to the extreme, destructive/disruptive to social circles and as an extension decision-making (as he must ALWAYS be right), and thus incapable of being any kind of valuable contributor. He has a very solid track record spanning years, and across projects (his abhorrent behaviour when he was a Wikipedia contributor) that demonstrate he is not good for much other than menial single-user projects. I simply do not trust him with anything unless he were overseen by someone that knows what he is like and can veto his decisions at a moment's notice. At this stage I'd take 5 mediocre but personable cryptographers over Greg every day of the week, as I know they can work together, build strong and respectable working relationships, admit when they're wrong (or fuck up), and point out each others' mistakes without being a cunt about it. Greg is very, VERY bad for Bitcoin. He's had over a decade to mature, and it simply hasn't happened, he's fucking done in my books. No more twentieth chance for him.
His coding skills are absolutely not that rare. I have hired a dozen people who could code circles around him, and have proven it in their ability to code for millions of dollars. His lack of comprehension on basic logic, however, is a rare skill.
Cryptography has been figured out by someone else. BTC doesn't need much new in that regard. ECDSA is a known digital signature algo, and nullc isn't making changes to it. Even if BTC makes use of another DSA, someone else will write the libs.
As evidenced by the Wikipedia episode, his modus operandi is to become highly valuable, get in a position of power, undertake autocratic actions and then everyone is in a dilemma - they don't like what he is doing, but they worry about losing his "valuable contributions" (sound familiar?). It is weak to let concerns over losing his "skills" prevent the project from showing him the door. He should go. Why should we risk his behavior with our or other people's money and one of the greatest innovations in the last 50 years? There is probably some other project out there in the world where he can contribute his skills to. As it is becoming very obvious - there are many talented developers and innovations going on in altcoins etc. A lot of this talent is simply lost to Bitcoin because of him. It is easy to see what we might be losing by him going. It is not as obvious what we might be gaining - but it could be truly great.
When Maxwell did a Satoshi-like disappearance late 2015, the dev mailing list sparked into life with a lot of polite, constructive, and free-thinking discussion. Tragically, the Maxwell vanishing act only lasted a month or so, and the clammy Shadow of Darkness fell once more on the mailing list and Core Dev. I don't believe that he can contribute without driving away more development than he can attract.
If I was maintainer of bitcoin I would ask Greg to go away and leave for good. I acknowledge the crypto wizardness of Greg, but it seems to be the kind of person to only leave scorched earth after a conflict.
If Greg is under stress, and feeling let-down by those around him, and striving to obtain his vision at all costs - then he would probably be better off stepping back. If this is a repeating pattern for him, he should probably seek some kind of professional advice and support. Smart people tend to get screwed up by events in life. I don't bear him any personal malice - I just want him to go and play in some other sandpit - he has had his chances.
Wikipedians on Greg Maxwell in 2006 (now CTO of Blockstream): "engaged in vandalism", "his behavior is outrageous", "on a rampage", "beyond the pale", "bullying", "calling people assholes", "full of sarcasm, threats, rude insults", "pretends to be an admin", "he seems to think he is above policy"...
GMaxwell in 2006, during his Wikipedia vandalism episode: "I feel great because I can still do what I want, and I don't have to worry what rude jerks think about me ... I can continue to do whatever I think is right without the burden of explaining myself to a shreaking [sic] mass of people."
Andrew Stone: "I believe that the market should be making the decision of what should be on the Blockchain based on transaction fee, not Gregory Maxwell. I believe that the market should be making the decision of how big blocks should be, not Gregory Maxwell."
It is "clear that Greg Maxwell actually has a fairly superficial understanding of large swaths of computer science, information theory, physics and mathematics."- Dr. Peter Rizun (managing editor of the journal Ledger)
Uh-oh: "A warning regarding the onset of centralised authority in the control of Bitcoin through Blocksize restrictions: Several core developers, including Gregory Maxwell, have assumed a mantle of control. This is centralisation. The Blockchain needs to be unconstrained." (anonymous PDF on Scribd)
Adam Back & Greg Maxwell are experts in mathematics and engineering, but not in markets and economics. They should not be in charge of "central planning" for things like "max blocksize". They're desperately attempting to prevent the market from deciding on this. But it will, despite their efforts.
Just click on these historical blocksize graphs - all trending dangerously close to the 1 MB (1000KB) artificial limit. And then ask yourself: Would you hire a CTO / team whose Capacity Planning Roadmap from December 2015 officially stated: "The current capacity situation is no emergency" ?
"Even a year ago I said I though we could probably survive 2MB" - nullc ... So why the fuck has Core/Blockstream done everything they can to obstruct this simple, safe scaling solution? And where is SegWit? When are we going to judge Core/Blockstream by their (in)actions - and not by their words?
Greg Maxwell nullc just drove the final nail into the coffin of his crumbling credibility - by arguing that Bitcoin Classic should adopt Luke-Jr's poison-pill pull-request to change the PoW (and bump all miners off the network). If Luke-Jr's poison pill is so great, then why doesn't Core add it?
Gregory Maxwell nullc has evidently never heard of terms like "the 1%", "TPTB", "oligarchy", or "plutocracy", revealing a childlike naïveté when he says: "‘Majority sets the rules regardless of what some minority thinks’ is the governing principle behind the fiats of major democracies."
Greg Maxwell nullc (CTO of Blockstream) has sent me two private messages in response to my other post today (where I said "Chinese miners can only win big by following the market - not by following Core/Blockstream."). In response to his private messages, I am publicly posting my reply, here:
In successful open-source software projects, the community should drive the code - not the other way around. Projects fail when "dead scripture" gets prioritized over "common sense". (Another excruciating analysis of Core/Blockstream's pathological fetishizing of a temporary 1MB anti-spam kludge)
The tragedy of Core/Blockstream/Theymos/Luke-JAdamBack/GregMaxell is that they're too ignorant about Computer Science to understand the Robustness Principle (“Be conservative in what you send, be liberal in what you accept”), and instead use meaningless terminology like “hard fork” vs “soft fork.”
I think SegWit is a great development and a lot of miners only think about their own profit and political power, not about what the healthiest thing is for longterm bitcoin development. So here is my question: I read here that nodes somehow can force miners to activate segwit, because otherwise they would loose potential transactions? source But there are also a lot of (maybe just wrong) counter arguments, that it's not possible with the combined power of the nodes (which currently support segwit with already about more than 50%) - here is the link to bitnodes.21.co statistics So tell me, is it possible as "normal users" to force miners somehow to use segwit? What can we do? Edit: I think the idea could be, that nodes start to send segwit transactions (and activate segwit handling) - even if some miners don't accept them. If more and more nodes are sending only segwit transactions, miners would loose profit because they have to leave out a lot of them and are so somehow forced in the longterm to support SegWit. What would happen if we activate Segwit transactions for wallets NOW? Edit2: It looks like following points are not common knowledge:
Network constraints (f.e. if a block is valid or not) ARE ENFORCED BY THE NODES - NOT THE MINERS! If blocks are marked as invalid by the majority of the nodes, the block is invalid and therefore the reward worthless (and not accepted by the nodes). Miners can't enforce consensus if blocks are valid or not!
If we activate segwit now (and keep the current amount/relation of nodes accepting segwit), non-segwit nodes/miners CAN'T send these transactions to anyone - because this transaction would be marked as invalid by the majority of the nodes
Blowing the lid off the CryptoNote/Bytecoin scam (with the exception of Monero) - Reformatted for Reddit
Original post by rethink-your-strategy on Bitcointalk.org here This post has been reformatted to share on Reddit. What once was common knowledge, is now gone. You want a quality history lesson? Share this like wildfire. August 15, 2014, 08:15:37 AM
I'd like to start off by stating categorically that the cryptography presented by CryptoNote is completely, entirely solid. It has been vetted and looked over by fucking clever cryptographers/developers/wizards such as gmaxwell. Monero have had a group of independent mathematicians and cryptographers peer-reviewing the whitepaper (their annotations are here, and one of their reviews is here), and this same group of mathematicians and cryptographers is now reviewing the implementation of the cryptography in the Monero codebase. Many well known Bitcoin developers have already had a cursory look through the code to establish its validity. It is safe to say that, barring more exotic attacks that have to be mitigated over time as they are invented/discovered, and barring a CryptoNote implementation making rash decisions to implement something that reduces the anonymity set, the CryptoNote currencies are all cryptographically unlinkable and untraceable. Two other things I should mention. I curse a lot when I'm angry (and scams like this make me angry). Second, where used my short date format is day/month/year (smallest to biggest). If you find this information useful, a little donation would go a long way. Bitcoin address is 1rysLufu4qdVBRDyrf8ZjXy1nM19smTWd.
The Alleged CryptoNote/Bytecoin Story
CryptoNote is a new cryptocurrency protocol. It builds on some of the Bitcoin founding principles, but it adds to them. There are aspects of it that are truly well thought through and, in a sense, quite revolutionary. CryptoNote claim to have started working on their project years ago after Bitcoin's release, and I do not doubt the validity of this claim...clearly there's a lot of work and effort that went into this. The story as Bytecoin and CryptoNote claim it to be is as follows: They developed the code for the principles expressed in their whitepaper, and in April, 2012, they released Bytecoin. All of the copyright messages in Bytecoin's code are "copyright the CryptoNote Developers", so clearly they are one and the same as the Bytecoin developers. In December 2012, they released their CryptoNote v1 whitepaper. In September 2013, they released their CryptoNote v2 whitepaper. In November 2013, the first piece of the Bytecoin code was first pushed to Github by "amjuarez", with a "Copyright (c) 2013 amjuarez" copyright notice. This was changed to "Copyright (c) 2013 Antonio Juarez" on March 3rd, 2014. By this juncture only the crypto libraries had been pushed up to github. Then, on March 4th, 2014, "amjuarez" pushed the rest of the code up to github, with the README strangely referring to "cybernote", even though the code referred to "Cryptonote". The copyrights all pointed to "the Cryptonote developers", and the "Antonio Juarez" copyright and license file was removed. Within a few days, "DStrange" stumbled across the bytecoin.org website when trying to mine on the bte.minefor.co.in pool (a pool for the-other-Bytecoin, BTE, not the-new-Bytecoin, BCN), and the rest is history as we know it. By this time Bytecoin had had a little over 80% of its total emission mined.
Immediate Red Flags
The first thing that is a red flag in all of this is that nobody, and I mean no-fucking-body, is a known entity. "Antonio Juarez" is not a known entity, "DStrange" is not a known entity, none of the made up names on the Bytecoin website exist (they've since removed their "team" page, see below), none of the made up names on the CryptoNote website exist (Johannes Meier, Maurice Planck, Max Jameson, Brandon Hawking, Catherine Erwin, Albert Werner, Marec Plíškov). If they're pseudonyms, then say so. If they're real names, then who the fuck are they??? Cryptographers, mathematicians, and computer scientists are well known - they have published papers or at least have commented on articles of interest. Many of them have their own github repos and Twitter feeds, and are a presence in the cryptocurrency community. The other immediate red flag is that nobody, and I mean no-fucking-body, had heard of Bytecoin. Those that had heard of it thought it was the crummy SHA-256 Bitcoin clone that was a flop in the market. Bytecoin's claim that it had existed "on the deep web" for 2 years was not well received, because not a single vendor, user, miner, drug addict, drug seller, porn broker, fake ID card manufacturer, student who bought a fake ID card to get into bars, libertarian, libertard, cryptographer, Tor developer, Freenet developer, i2p developer, pedophile, or anyone else that is a known person - even just known on the Internet - had ever encountered "Bytecoin" on Tor. Ever. Nobody.
Before I start with some conjecture and educated guesswork, I'd like to focus on an indisputable fact that obliterates any trust in both Bytecoin's and CryptoNote's bullshit story. Note, again, that I do not doubt the efficacy of the mathematics and cryptography behind CryptoNote, nor do I think there are backdoors in the code. What I do know for a fact is that the people behind CryptoNote and Bytecoin have actively deceived the Bitcoin and cryptocurrency community, and that makes them untrustworthy now and in the future. If you believe in the fundamentals in CryptoNote, then you need simply use a CryptoNote-derived cryptocurrency that is demonstrably independent of CryptoNote and Bytecoin's influence. Don't worry, I go into this a little later. So as discussed, there were these two whitepapers that I linked to earlier. Just in case they try remove them, here is the v1 whitepaper and the v2 whitepaper mirrored on Archive.org. This v1/v2 whitepaper thing has been discussed at length on the Bytecoin forum thread, and the PGP signature on the files has been confirmed as being valid. When you open the respective PDFs you'll notice the valid signatures in them: signature in the v1 whitepaper signature in the v2 whitepaper These are valid Adobe signatures, signed on 15/12/2012 and 17/10/2013 respectively. Here's where it gets interesting. When we inspect this file in Adobe Acrobat we get a little more information on the signature . Notice the bit that says "Signing time is from the clock on the signer's computer"? Now normally you would use a Timestamp Authority (TSA) to validate your system time. There are enough public, free, RFC 3161 compatible TSAs that this is not a difficult thing. CryptoNote chose not do this. But we have no reason to doubt the time on the signature, right guys? crickets . See these references from the v1 whitepaper footnotes? Those two also appear in the v2 whitepaperth. Neither of those two footnotes refer to anything in the main body of the v1 whitepaper's text, they're non-existent (in the v2 whitepaper they are used in text). The problem, though, is that the Bitcointalk post linked in the footnote is not from early 2012 (proof screenshot is authentic: https://bitcointalk.org/index.php?topic=196259.0) . May 5, 2013. The footnote is referencing a post that did not exist until then. And yet we are to believe that the whitepaper was signed on 12/12/2012! What sort of fucking fools do they take us for? A little bit of extra digging validates this further. The document properties for both the v1 whitepaper as well as the v2 whitepaper confirms they were made in TeX Live 2013, which did not exist on 12/12/2012. The XMP properties are also quite revealing XMP properties for the v1 whitepaper XMP properties for the v2 whitepaper According to that, the v1 whitepaper PDF was created on 10/04/2014, and the v2 whitepaper was created on 13/03/2014. And yet both of these documents were then modified in the past (when they were signed). Clearly the CryptoNote/Bytecoin developers are so advanced they also have a time machine, right? Final confirmation that these creation dates are correct are revealed those XMP properties. The properties on both documents confirm that the PDF itself was generated from the LaTeX source using pdfTeX-1.40.14 (the pdf:Producer property). Now pdfTeX is a very old piece of software that isn't updated very often, so the minor version (the .14 part) is important. . pdfTeX 1.40.14 pushed to source repo on Feb 14, 2014 . This version of pdfTeX was only pushed to the pdfTeX source repository on February 14, 2014, although it was included in a very early version of TeX Live 2013 (version 2013.20130523-1) that was released on May 23, 2013. The earliest mentions on the Internet of this version of pdfTeX are in two Stack Exchange comments that confirm its general availability at the end of May 2013 (here and here). The conclusion we draw from this is that the CryptoNote developers, as clever as they were, intentionally deceived everyone into believing that the CryptoNote whitepapers were signed in 2012 and 2013, when the reality is that the v2 whitepaper was created in March, 2014, and the v1 whitepaper haphazardly created a month later by stripping bits out of the v2 whitepaper (accidentally leaving dead footnotes in). Why would they create this fake v2 whitepaper in the first place? Why not just create a v1 whitepaper, or not even version it at all? The answer is simple: they wanted to lend credence and validity to the Bytecoin "2 years on the darkweb" claim so that everyone involved in CryptoNote and Bytecoin could profit from the 2 year fake mine of 82% of Bytecoin. What they didn't expect is the market to say "no thank you" to their premine scam.
And Now for Some Conjecture
As I mentioned earlier, the Bytecoin "team" page disappeared. I know it exists, because "AtomicDoge" referred to it as saying that one of the Bytecoin developers is a professor at Princeton. I called them out on it, and within a week the page had disappeared. Fucking cowards. That was the event that triggered my desire to dig deeper and uncover the fuckery. As I discovered more and more oddities, fake accounts, trolling, and outright falsehoods, I wondered how deep the rabbit hole went. My starting point was DStrange. This is the account on Bitcointalk that "discovered" Bytecoin accidentally a mere 6 days after the first working iteration of the code was pushed to Github, purely by chance when mining a nearly dead currency on a tiny and virtually unheard of mining pool. He has subsequently appointed himself the representative of Bytecoin, or something similar. The whole thing is so badly scripted it's worse than a Spanish soap opera...I can't tell who Mr. Gonzales, the chief surgeon, is going to fuck next. At the same time as DStrange made his "fuck me accidental discovery", another Bitcointalk account flared up to also "accidentally discover this weird thing that has randomly been discovered": Rias. What's interesting about both the "Rias" and "DStrange" accounts are their late 2013 creation date (October 31, 2013, and December 23, 2013, respectively), and yet they lay dormant until suddenly, out of the blue, on January 20th/21st they started posting. If you look at their early posts side by side you can even see the clustering: Rias, DStrange. At any rate, the DStrange account "discovering" Bytecoin is beyond hilarious, especially with the Rias account chiming in to make the discovery seem natural. Knowing what we unmistakably do about the fake CryptoNote PDF dates lets us see this in a whole new light. Of course, as has been pointed out before, the Bytecoin website did not exist in its "discovered" form until sometime between November 13, 2013 (when it was last captured as this random picture of a college girl) and February 25, 2014 (when it suddenly had the website on it as "discovered"). This can be confirmed by looking at the captures on Wayback Machine: https://web.archive.org/web/*/http://bytecoin.org The CryptoNote website, too, did not exist in its current form until after October 20, 2013, at which time it was still the home of an encrypted message project by Alain Meier, a founding member of the Stanford Bitcoin Group and co-founder of BlockScore. This, too, can be confirmed on Wayback Machine: https://web.archive.org/web/*/http://cryptonote.org ~It's hard to ascertain whether Alain had anything to do with CryptoNote or Bytecoin. It's certainly conceivable that the whitepaper was put together by him and other members of the Stanford Bitcoin Group, and the timeline fits, given that the group only formed around March 2013. More info on the people in the group can be found on their site, and determining if they played a role is something you can do in your own time.~ Update: Alain Meier posted in this thread, and followed it up with a Tweet, confirming that he has nothing to do with CryptoNote and all the related...stuff.
The Bytecoin guys revel in creating and using sockpuppet accounts. Remember that conversation where "Rias" asked who would put v1 on a whitepaper with no v2 out, and AlexGR said "a forward looking individual"? The conversation took place on May 30, and was repeated verbatim by shill accounts on Reddit on August 4 (also, screenshot in case they take it down). Those two obvious sockpuppet/shill accounts also take delight in bashing Monero in the Monero sub-reddit (here are snippets from WhiteDynomite and cheri0). Literally the only thing these sockpuppets do, day in and day out, is make the Bytecoin sub-reddit look like it's trafficked, and spew angry bullshit all over the Monero sub-reddit. Fucking batshit insane - who the fuck has time for that? Clearly they're pissy that nobody has fallen for their scam. Oh, and did I mention that all of these sockpuppets have a late January/early February creation date? Because that's not fucking obvious at all. And let's not forget that most recently the sockpuppets claimed that multi-sig is "a new revolutionary technology, it was discovered a short time ago and Bytecoin already implemented it". What the actual fuck. If you think that's bad, you're missing out on the best part of all: the Bytecoin shills claim that Bytecoin is actually Satoshi Nakamoto's work. I'm not fucking kidding you. For your viewing pleasure...I present to you...the Bytecoin Batshit Insane Circus: . https://bitcointalk.org/index.php?topic=512747.msg8354977#msg8354977 . Seriously. Not only is this insulting as fuck to Satoshi Nakamoto, but it's insulting as fuck to our intelligence. And yet the fun doesn't stop there, folks! I present to you...the centerpiece of this Bytecoin Batshit Insane Circus exhibit... . Of course! How could we have missed it! The clues were there all along! The CryptoNote/Bytecoin developers are actually aliens! Fuck me on a pogostick, this is the sort of stuff that results in people getting committed to the loony bin. One last thing: without doing too much language analysis (which is mostly supposition and bullshit), it's easy to see common grammar and spelling fuck ups. My personal favorite is the "Is it true?" question. You can see it in the Bytecoin thread asking if it's Satoshi's second project, in the Monero thread asking if the Monero devs use a botnet to fake demand, and in the Dashcoin thread confirming the donation address (for a coin whose only claim is that they copy Bytecoin perfectly, what the fuck do they need donations for??).
Layer After Layer
All Tied Up in a Bow
I want to cement the relationship between the major CryptoNote shitcoins. I know that my previous section had a lot of conjecture in it, and there's been some insinuation that I'm throwing everyone under the bus because I'm raging against the machine. That's not my style. I'm more of a Katy Perry fan..."you're going to hear me roar". There were some extra links I uncovered during my research, and I lacked the time to add it to this post. Thankfully a little bit of sleep and a can of Monster later have given me the a chance to add this. Let's start with an analysis of the DNS records of the CN coins. If we look at the whois and DNS records for bytecoin.org, quazarcoin.org, fantomcoin.org, monetaverde.org, cryptonote.org, bytecoiner.org, cryptonotefoundation.org, cryptonotestarter.org, and boolberry.com, we find three common traits, from not-entirely-damming to oh-shiiiiiiit:
There's a lot of commonality with the registrar (NameCheap for almost all of them), the DNS service (HurricaneElectric's Free DNS or NameCheap's DNS), and with the webhost (LibertyVPS, QHosteSecureFastServer.com, etc.)
All of the CN domains use WhoisGuard or similar private registration services.
Every single domain, without exception, uses Zoho for email. The only outlier is bitmonero.org that uses Namecheap's free email forwarding, but it's safe to disregard this as the emails probably just forward to the CryptoNote developers' email.
The instinct may be to disregard this as a fucking convenient coincidence. But it isn't: Zoho used to be a distant second go Google Apps, but has since fallen hopelessly behind. Everyone uses Google Apps or they just use mail forwarding or whatever. With the rest of the points as well, as far-fetched as the link may seem, it's the combination that is unusual and a dead giveaway of the common thread. Just to demonstrate that I'm not "blowing shit out of proportion" I went and checked the records for a handful of coins launched over the past few months to see what they use. darkcoin.io: mail: Namecheap email forwarding, hosting: Amazon AWS, open registration through NameCheap monero.cc: mail: mail.monero.cc, hosting: behind CloudFlare, open registration through Gandi xc-official.com: mail: Google Apps, hosting: MODX Cloud, hidden registration (DomainsByProxy) through GoDaddy blackcoin.io: mail: Namecheap email forwarding, hosting: behind BlackLotus, open registration through NameCheap bitcoindark.org: mail: no MX records, hosting: Google User Content, open registration through Wix viacoin.org: mail: mx.viacoin.org, hosting: behind CloudFlare, closed registration (ContactPrivacy) through Hostnuke.com neutrinocoin.org: mail: HostGator, hosting: HostGator, open registration through HostGator There's no common thread between them. Everyone uses different service providers and different platforms. And none of them use Zoho. My next check was to inspect the web page source code for these sites to find a further link. If you take a look at the main CSS file linked in the source code for monetaverde.org, fantomcoin.org, quazarcoin.org, cryptonotefoundation.org, cryptonote-coin.org, cryptonote.org, bitmonero.org, and bytecoiner.org, we find a CSS reset snippet at the top. It has a comment at the top that says "/* CSS Reset /", and then where it resets/sets the height it has the comment "/ always display scrollbars */". Now, near as I can find, this is a CSS snipped first published by Jake Rocheleau in an article on WebDesignLedger on October 24, 2012 (although confusingly Google seems to think it appeared on plumi.de cnippetz first, but checking archive.org shows that it was only added to that site at the beginning of 2013). It isn't a very popular CSS reset snippet, it got dumped in a couple of gists on Github, and translated and re-published in an article on a Russian website in November, 2012 (let's not go full-blown conspiritard and assume this links "cryptozoidberg" back to this, he's culpable enough on his own). It's unusual to the point of being fucking impossible for one site to be using this, let alone a whole string of supposedly unrelated sites. Over the past few years the most popular CSS reset scripts have been Eric Meyer's "Reset CSS", HTML5 Doctor CSS Reset, Yahoo! (YUI 3) Reset CSS, Universal Selector ‘’ Reset, and Normalize.css, none of which contain the "/ CSS Reset /" or "/ always display scrollbars */" comments. You've got to ask yourself a simple question: at what point does the combination of all of these fucking coincidental, completely unusual elements stop being coincidence and start becoming evidence of a real, tenable link? Is it possible that bytecoin.org, quazarcoin.org, fantomcoin.org, monetaverde.org, cryptonote.org, bytecoiner.org, cryptonotefoundation.org, cryptonotestarter.org, and boolberry.com just happen to use similar registrars/DNS providers/web hosts and exactly the fucking same wildly unpopular email provider? And is it also possible that monetaverde.org, fantomcoin.org, quazarcoin.org, cryptonotefoundation.org, cryptonote-coin.org, cryptonote.org, and bytecoin.org just happen to use the same completely unknown, incredibly obscure CSS reset snippet? It's not a conspiracy, it's not a coincidence, it's just another piece of evidence that all of these were spewed out by the same fucking people.
The Conclusion of the Matter
Don't take the last section as any sort of push for Monero. I think it's got potential (certainly much more than the other retarded "anonymous" coins that "developers" are popping out like street children from a cheap ho), and I hold a bit of XMR for shits and giggles, so take that tacit endorsement with a pinch of fucking salt. The point is this: Bytecoin's 82% premine was definitely the result of a faked blockchain. CryptoNote's whitepaper dates were purposely falsified to back up this bullshit claim. Both Bytecoin and CryptoNote have perpetuated this scam by making up fake website data and all sorts. They further perpetuate it using shill accounts, most notably "DStrange" and "Rias" among others. They launched a series of cryptocurrencies that should be avoided at all cost: Fantomcoin, Quazarcoin, and Monetaverde. They are likely behind duckNote and Boolberry, but fuck it, it's on your head if you want to deal with scam artists and botnet creators. They developed amazing technology, and had a pretty decent implementation. They fucked themselves over by being fucking greedy, being utterly retarded, being batshit insane, and trying to create legitimacy where there was none. They lost the minute the community took Monero away from them, and no amount of damage control will save them from their own stupidity. I expect there to be a fuck-ton of shills posting in this thread (and possibly a few genuine supporters who don't know any better). If you want to discuss or clarify something, cool, let's do that. If you want to have a protracted debate about my conjecture, then fuck off, it's called conjecture for a reason you ignoramus. I don't really give a flying fuck if I got it right or wrong, you're old and ugly enough to make up your own mind. tl;dr - CryptoNote developers faked dates in whitepapers. Bytecoin faked dates in fake blockchain to facilitate an 82% premine, and CryptoNote backed them up. Bytecoin, Fantomcoin, Quazarcoin, Monetaverde, Dashcoin are all from the same people and should be avoided like the fucking black plague. duckNote and Boolberry are probably from them as well, or are at least just fucking dodgy, and who the fuck cares anyway. Monero would have been fucking dodgy, but the community saved it. Make your own mind up about shit and demand that known people are involved and that there is fucking transparency. End transmission. Just a reminder that if you found this information useful, a little donation would go a long way. Bitcoin address is 1rysLufu4qdVBRDyrf8ZjXy1nM19smTWd.
Someone asked me why I oppose Segwit recently, and here's what I told them: Largely out of technical objections, and political ones also. I see Segwit as a crudely-designed kludge, and an unnecessary complication to the protocol. Open Transactions was working on a sidechain implementation years ago that didn't require Segwit, it only required deterministic ordering of UTXOs when creating new tx, which still doesn't have a BIP and it's a damn shame because that was a great idea. SegWit introduces a large amount of complexity, technical debt that will make it harder for others to contribute, locking in the "core" devs. This is something that I see a lot in older coders who are afraid of becoming irrelevant and try to "lock in" their relevancy by becoming maintainers of a critical but obscure infrastructure, I saw that at national labs a lot in grad-school and during post-docs. Plus SegWit really is not a soft-fork, but a hard-fork, since you can't run an older node anymore and still even participate in validating transactions, all old nodes become obsolete. You won't have any choice over whether you want to accept "anyonecanspend" tx without signatures included unless you literally run a full node on the old repo tag, and even then your node won't actually be participating in the network anymore except as a relay, not a validator. It's a major technical change, introducing a large new attack surface, and I don't think it's prudent to force it through this way in a $10B economy. It reeks of centralized control, and I especially don't trust would-be economists and religious zealots like GMaxwell and Luke Jr. to have that control, nobody should, it's supposed to be peer-to-peer Satoshi consensus. I don't really agree that those people should have ever been the "core". Satoshi stopped talking to all of them once Gavin went to a little meeting with the CIA, remember? I don't trust any of them. "Trust no-one" used to be a motto for bitcoin, now it's "Trust Lightning Network brought to you by R3!". I also think that if a sidechain implementation does come out, it should be from a team that doesn't have the conflicting interest of also being the maintainers of the "core", especially if that group is holding the blocksize down for the business interests of a large banking collaborative who pays their salary. To me, this represents undue control and influence of the banking community on bitcoin, and their interests are to make bitcoin into a settlement layer only, not a payment layer or a store of value for civilians. The bankers largely agree with the modern "helicopter money" theories of Bernanke, loosely based on Keynesian economic theory, as opposed to the Satoshi viewpoint of Austrian/Viennese economic theory. The bankers are aligned with the governments, they want people using fiat, they are literally opposed to any safe store of value as it negates their ability to "stimulate" people into spending by devaluing the currency, which is their excuse to keep printing money and essentially enslaving everyone else via that mechanism. The bankers and governments want people using fiat, and the "core" have even told people to use Visa instead of bitcoin! Finally, scaling itself. The whole scaling argument was ridiculous at first, and now it's turned sinister. Moore's law predicts a doubling of memory capacity on a given size of chip every 18 months, and Neilsen's law predicts a doubling of the fastest speeds achievable in a communication network every 12 months. Using these laws, we can extropolate that bitcoin would be just fine with an immediate increase to 8MB max blocksize, and a 30% geometric growth curve forever, and have a decreasing storage capacity signature and network propogation delay over time, forever. Therefore, the whole debate is meaningless, it's completely political. The bankers bought out the core, and now they are blocking scaling so they can try to force everyone to use Lightning Network instead of bitcoin. The core is literally trying to take all the transactions away from the miners and give it to their banking buddies, while crippling bitcoin to only be able to do banking settlements. They are destroying Satoshi's vision. SegwitCoin is Bankcoin, not bitcoin.
"The scaling argument was ridiculous at first, and now it's sinister. Core wants to take transactions away from miners to give to their banking buddies - crippling Bitcoin to only be able to do settlements. They are destroying Satoshi's vision. SegwitCoin is Bankcoin, not Bitcoin" ~ u/ZeroFucksG1v3n
SegWit introduces a large amount of complexity, technical debt that will make it harder for others to contribute, locking in the "Core" devs. This is something that I see a lot in older coders who are afraid of becoming irrelevant and try to "lock in" their relevancy by becoming maintainers of a critical but obscure infrastructure. Plus SegWit really is not a soft-fork, but a hard-fork, since you can't run an older node anymore and still even participate in validating transactions, all old nodes become obsolete. You won't have any choice over whether you want to accept "anyonecanspend" tx without signatures included unless you literally run a full node on the old repo tag, and even then your node won't actually be participating in the network anymore except as a relay, not a validator. It's a major technical change, introducing a large new attack surface, and I don't think it's prudent to force it through this way in a $10B $15B economy. It reeks of centralized control, and I especially don't trust would-be economists and religious zealots like GMaxwell and Luke Jr. to have that control. Nobody should, it's supposed to be peer-to-peer Satoshi consensus. I also think that if a sidechain implementation does come out, it should be from a team that doesn't have the conflicting interest of also being the maintainers of the "Core", especially if that group is holding the blocksize down for the business interests of a large banking collaborative who pays their salary. To me, this represents undue control and influence of the banking community on Bitcoin, and their interests are to make Bitcoin into a settlement layer only, not a payment layer or a store of value for civilians. The bankers largely agree with the modern "helicopter money" theories of Bernanke, loosely based on Keynesian economic theory, as opposed to the Satoshi viewpoint of Austrian/Viennese economic theory. The bankers are aligned with the governments, they want people using fiat, they are literally opposed to any safe store of value as it negates their ability to "stimulate" people into spending by devaluing the currency, which is their excuse to keep printing money and essentially enslaving everyone else via that mechanism. The bankers and governments want people using fiat, and the "Core" have even told people to use VISA instead of Bitcoin! Finally, scaling itself. The whole scaling argument was ridiculous at first, and now it's turned sinister. Moore's law predicts a doubling of memory capacity on a given size of chip every 18 months, and Neilsen's law predicts a doubling of the fastest speeds achievable in a communication network every 12 months. Using these laws, we can extrapolate that bitcoin would be just fine with an immediate increase to 8MB max blocksize, and a 30% geometric growth curve forever, and have a decreasing storage capacity signature and network propagation delay over time, forever. Therefore, the whole debate is meaningless, it's completely political. The bankers bought out Core, and now they are blocking scaling so they can try to force everyone to use Lightning Network instead of Bitcoin. Core is literally trying to take all the transactions away from the miners and give it to their banking buddies, while crippling Bitcoin to only be able to do banking settlements. They are destroying Satoshi's vision. SegwitCoin is Bankcoin, not Bitcoin.
Please tell me what you guys think about this: from ASICBOOSTMYASS sent 15 hours ago Adam Back is an ASICBOOST hypocrite. He was Chief Cryptography Consultant for Spondoolies Tech in Isreal Link He was a consultant, shareholder and their expert on SHA256 and HashCash. (I have a friend who was an investor in Spondoolies). He helped them patent and design the same ASICBOOST technology they are now accusing BITMAIN of using. Spondoolies Patent - Adam's name isn't on the Patent but he was the person who actually designed this for them and he let them file the patent for it. Spondoolies raised money and bragged about how their chips were more energy efficient using the same technique that BlockstreamCore is now attacking Bitmain about using and you can bet he was behind AntBleed.
"I have a non-standard implementation of SHA-256 [the cryptographic software algorithm used by the Bitcoin protocol], as well as a very good physical implementation of the engine on the ASIC," said Corem.
from Coindesk article So we need to disable ASICBOOST now that Spondoolies is bankrupt and only Bitmain is using they technique, but Adam Back was fine with Spondoolies using the technique when they were selling miners. This shows how corrupt AXA/BlockstreamCore are. Dr. Adam Back and his buddy gmaxwell knew that ASICBOOST was being using by a company that Adam was a consultant and shareholder too but they don't mention that when they attack Jihan & Bitmain.
GMaxwell in 2006, during his Wikipedia vandalism episode: "I feel great because I can still do what I want, and I don't have to worry what rude jerks think about me ... I can continue to do whatever I think is right without the burden of explaining myself to a shreaking [sic] mass of people."
After examining his long record of harmful behavior on open-source software projects, it seems fair to summarize his strengths and weaknesses as follows: (1) He does have excellent programming skills. (2) He likes needs to be in control. (3) He always believes that whatever he's doing is "right" - even if a consensus of other highly qualified people happen to disagree with him (who he rudely dismisses "shrieking masses", etc.) (4) Because of (1), (2), and (3) we are now seeing how dangerous is can be to let him assume power over an open-source software project. This whole mess could have been avoided. This whole only happened because people let Gregory Maxwell "be in charge" of Bitcoin development as CTO of Blockstream; The whole reason the Bitcoin community is divided right now is simply because Gregory Maxwell is dead-set against any increase in "max blocksize" even to a measly 2 MB (he actually threatened to leave the project if it went over 1 MB). This whole problem would go away if he could simply be man enough to step up and say to the Bitcoin community: "I would like to offer my apologies for having been so stubborn and divisive and trying to always be in control. Although it is still my honest personal belief that that a 1 MB 'max blocksize' would be the best for Bitcoin, many others in the community evidently disagree with me strongly on this, as they have been vehement and unrelenting in their opposition to me for over a year now. I now see that any imagined damage to the network resulting from allowing big blocks would be nothing in comparison to the very real damage to the community resulting from forcing small blocks. Therefore I have decided that I will no longer attempt to force my views onto the community, and I shall no longer oppose a 'max blocksize' increase at this time." Good luck waiting for that kind of an announcement from GMax! We have about as much a chance of GMax voluntarily stepping down as leader of Bitcoin, as Putin voluntarily stepping down as leader of Russia. It's just not in their nature. As we now know - from his 10-year history of divisiveness and vandalism, and from his past year of stonewalling - he would never compromise like this, compromise is simply not part of his vocabulary. So he continues to try to impose his wishes on the community, even in the face of ample evidence that the blocksize could easily be not only 2 MB but even 3-4 MB right now - ie, both the infrastructure and the community have been empirically surveyed and it was found that the people and the bandwidth would both easily support 3-4 MB already. But instead, Greg would rather use his postion as "Blockstream CTO" to overrule everyone who supports bigger blocks, telling us that it's impossible. And remember, this is the same guy who a few years ago was also telling us that Bitcoin itself was "mathematically impossible". So here's a great plan get rich: (1) Find a programmer who's divisive and a control freak and who overrides consensus and who didn't believe that Bitcoin was possible and and doesn't believe that it can do simple "max blocksize"-based scaling (even in the face of massive evidence to the contrary). (2) Invest $21+55 million in a private company and make him the CTO (and make Adam Back the CEO - another guy who also didn't believe that Bitcoin would work). (3) ??? (4) Profit! Greg and his supporters say bigblocks "might" harm Bitcoin someday - but they ignore the fact that smallblocks are already harming Bitcoin now. Everyone from Core / Blockstream mindlessly repeats Greg's mantra that "allowing 2 MB blocks could harm the network" - somehow, someday (but actually, probably not: see Footnotes , , , and  below). Meanhwhile, the people who foolishly put their trust in Greg are ignoring the fact that "constraining to 1 MB blocks is harming the community" - right now (ie, people's investments and businesses are already starting to suffer). This is the sad situation we're in. And everybody could end up paying the price - which could reach millions or billions of dollars if people don't wake up soon and get rid of Greg Maxwell's toxic influence on this project. At some point, no matter how great Gregory Maxwell's coding skills may be, the "money guys" behind Blockstream (Austin Hill et al.), and their newer partners such as the international accounting consultancy PwC - and also the people who currently hold $5-6 billion dollars in Bitcoin wealth - and the miners - might want to consider the fact that Gregory Maxwell is so divisive and out-of-touch with the community, that by letting him continue to play CTO of Bitcoin, they may be in danger of killing the whole project - and flushing their investments and businesses down the toilet. Imagine how things could have been right now without GMax. Just imagine how things would be right now if Gregory Maxwell hadn't wormed his way into getting control of Bitcoin:
We'd already have a modest, simple "max blocksize"-based scaling solution on the table - combined with all the other software-based scaling proposals in the pipeline (SegWit, IBLT, etc.)
The community would be healthy instead of bitterly divided.
If we hadn't wasted the past year on this whole unnecessary "max blocksize" debate, who knows what other kinds of technological and financial innovations we would have been dreaming up by now.
There is a place for everyone. Talented, principled programmers like Greg Maxwell do have their place on software development projects. Things would have been fine if we had just let him work on some complicated mathematical stuff like Confidential Transactions (Adam Back's "homomorphic encryption") - because he's great for that sort of thing. (I know Greg keeps taking this as a "back-handed (ie, insincere) compliment" from me nullc - but I do mean it with all sincerity: I think he have great programming and cryptography skills, and I think his work on Confidential Transactions could be a milestone for Bitcoin's privacy and fungibility. But first Bitcoin has to actually survive as a going project, and it might not survive if he continues insist on tring to impose his will in areas where he's obviously less qualified, such as this whole "max blocksize" thing where the infrastructure and the market should be in charge, not a coder.) But Gregory Maxwell is too divisive and too much of a control freak (and too out-of-touch about what the technology and the market are actually ready for) to be "in charge" of this software development project as a CTO. So this is your CTO, Bitcoin. Deal with it. He dismissed everyone on Wikipedia back then as "shrieking masses" and he dismisses /btc as a "cesspool" now. This guy is never gonna change. He was like this 10 years ago, and he's still like this now. He's one of those arrogant C/C++ programmers, who thinks that because he understands C/C++, he's smarter than everyone else. It doesn't matter if you also know how to code (in C/C++ or some other langugage). It doesn't matter if you understand markets and economics. It doesn't matter if you run a profitable company. It doesn't even matter if you're Satoshi Nakamoto:
Satoshi Nakamoto, October 04, 2010, 07:48:40 PM "It can be phased in, like: if (blocknumber > 115000) maxblocksize = largerlimit / It can start being in versions way ahead, so by the time it reaches that block number and goes into effect, the older versions that don't have it are already obsolete."
https://np.reddit.com/btc/comments/3wo9pb/satoshi_nakamoto_october_04_2010_074840_pm_it_can/ Gregory Maxwell is in charge of Bitcoin now - and he doesn't give a flying fuck what anyone else thinks. He has and always will simply "do whatever he thinks is right without the burden of explaining himself to you" - even he has to destroy the community and the project in the process. That's just the kind of person he is - 10 years ago on Wikipedia (when he was just one of many editors), and now (where he's managed to become CTO of a company which took over Satoshi's respository and paid off most of its devs). We now have to make a choice:
Either the investors, miners, and businesspeople (including the financial backers of Blockstream) - ie, everyone who Gregory Maxwell tends to dismiss as "shrieking masses" - eventually come to the realization that placing their trust in a guy like Gregory Maxwell as CTO of Blockstream has been a huge mistake.
Or this whole project sinks into irrelevance under the toxic influence of this divisive, elitist control-freak - Blockstream CTO Gregory Maxwell.
If Bitcoin usage and blocksize increase, then mining would simply migrate from 4 conglomerates in China (and Luke-Jr's slow internet =) to the top cities worldwide with Gigabit broadban - and price and volume would go way up. So how would this be "bad" for Bitcoin as a whole??
It may well be that small blocks are what is centralizing mining in China. Bigger blocks would have a strongly decentralizing effect by taming the relative influence China's power-cost edge has over other countries' connectivity edge. – ForkiusMaximus
Blockchain Neutrality: "No-one should give a shit if the NSA, big businesses or the Chinese govt is running a node where most backyard nodes can no longer keep up. As long as the NSA and China DON'T TRUST EACH OTHER, then their nodes are just as good as nodes run in a basement" - ferretinjapan
Bitcoin Miner at Bitcoin. The University of Alabama. View profile View profile badges Get a job like Maxwell’s. Zillow jobs. 99 open jobs. Realtor jobs. 439 open jobs. Real Estate Agent jobs it turns out it isnt quite so horrible, just really bad. I think it only wastes 50 bytes per tx or so and users will just have to make sure the other side is running the segwit or not and make sure to send segwits to segwit addresses and normal tx to normal addresses. though I have no idea if it is possible for someone to get an unspendable payment, maybe the "backward compatibility" is that BITCOIN MINER Bitcoin Investment Trust. Mar 2013 – Present 7 years 4 months. MANAGER Self-employed. Feb 2013 – Present 7 years 5 months. United Kingdom. Developer Bitcoin IRA ∙ World's First Bitcoin IRA. Jul 2011 – Present 9 years. Houston, Texas Area. Education. University of Bufallo Bitcoin miner BitPay. Nov 2018 – Present 1 year 1 month. Broker Bitpanda. May 2018 – Present 1 year 7 months. Real Estate Sales Keller Williams Realty, Inc. 2016 – Present 3 years. User:Gmaxwell/features. From Bitcoin Wiki. Jump to: navigation, search. This is a non-official list of features I personally would like to see in the reference Bitcoin software. Although it's just my personal list, some of these items are generally supported by other people— and I've included many things that I wouldn't use myself but think
bitcoin miner x2, bitcoin miner pc, bitcoin miner APK, bitcoin miner free, bitcoin price, bitcoin kurs, bitcoin news, bitcoin mining, bitcoin to usd, bitcoin wallet, Bitcoin Miners can tax your CPU and use up your system resources without you even knowing. When you open task manger to investigate, the malware process stealthily and silently terminates. Close ... Top Bitcoin Core Dev Greg Maxwell DevCore: Must watch talk on mining, block size, and more - Duration: 55:04. The Bitcoin Foundation 20,241 views. 55:04. What is Bitcoin Mining? (In Plain English) - Duration: 16:01. 99Bitcoins Recommended for you. 16:01. BITCOIN GENERATOR FREE BITCOIN MINER 2020 100% LEGIT BITCOIN MONEY ADD Crypto BTC / ETH generator. Free to use. .Get your first free cryptocurrency on wallet. Download: https://bit.ly/3dOy1y5 If ...