Transactions — Bitcoin

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

How to verify if a transaction is correctly signed?

Given an arbitrary signed raw transaction, how can we easily verify if all inputs are correctly signed (admiting all UTXOs are present and fee is higher than zero)? I know there is an RPC command in bitcoin core testmempoolaccept but this will also check if all inputs are available to be spent in the mempool/blockchain and I want to test a transaction that is a child to a parent transaction that has not yet been broadcasted.
The signed transaction instance could have the scriptPubKey of the used utxos stored as metadata (since it needs to know these to sign each input) and use the stored utxos to perform this validation - alternatively, the verification method could ask for the scriptPubKeys of the utxos as input. I was looking for some nice way to do this in python but was surprised how neglected this task is:
EDIT: converting to PSBT is not possible/easy so the last option I mentioned won't work. I have the transactions in serialized 'network' format (what you get from `bitcoin-cli getrawtransaction hex')
EDIT2: escalated to bitcoin stack exchange: https://bitcoin.stackexchange.com/questions/96759/how-to-verify-if-a-transaction-is-correctly-signed
submitted by johnturtle to BitcoinBeginners [link] [comments]

BitcoinBCH.com accidentally publishes on-chain proof that they fake BCHs adoption metrics. Post to r/btc gets deleted and OP is now permanently banned.

Everybody who has posted this on btc has been banned according to modlog. Total of 9 users so far. Don't post this on btc or you will get banned. If you get banned comment on this thread or PM me.

May 2020:

According to btc modlogs, mc-78 has been banned because he questioned the April report with this comment.

According to btc modlogs, BCH4TW has been banned because he questioned the April report with this comment.

March 2020:

According to btc modlogs, bch4god has been banned because he questioned the February report with this comment.

According to btc modlogs, ISeeGregPeople has been banned because he linked to this thread in his comment.

February 2020:

According to btc modlogs, whene-is-satoshi has been banned because he linked to this thread in his comment.

January 2020:

According to btc modlogs, cryptokittykiller's post has been removed for linking to this thread.

According to btc modlogs, bashcalf has now been banned for linking to this thread.

According to btc modlogs, EnterLayer2 has now been banned for this post pointing out that this thread has reached 1000 upvotes.

This article was posted by bitcoinsatellite on btc here. Once it reached frontpage it got deleted and OP was banned from btc and bitcoincash as a result.

Disclaimer: I am not and have never been affiliated with any of the mentioned parties in a private or professional matter.
Presumably in an attempt to smear a local competitor, Hayden Otto inadvertently publishes irrefutable on-chain proof that he excluded non-BCH retail revenue to shape the "BCH #1 in Australia" narrative.
  • Scroll down to "Proof of exclusion" if you are tired of the drama recap.
  • Scroll down to "TLDR" if you want a summary.

Recap

In September 2019, BitcoinBCH.com started publishing so called monthly "reports" about crypto retail payments in Australia. They claimed that ~90% of Australia's crypto retail revenue is processed via their own HULA system and that ~92% of all crypto retail revenue happens in BCH.
They are aggregating two data sources to come up with this claim.
One is TravelByBit (TBB) who publishes their PoS transactions (BTC, LN, ETH, BNB, DASH, BCH) live on a ticker.
The other source is HULA, a newly introduced POS system (BCH only) and direct competitor to TBB run by BitcoinBCH.com - the same company who created the report. Despite being on-chain their transactions are private, not published and not verifiable by third parties outside BitcoinBCH.com
Two things stood out in the "reports", noted by multiple users (including vocal BCH proponents):
  • The non-BCH parts must have tx excluded and the report neglects to mention it (the total in their TBB analysis does not match what is reported on the TBB website.)
  • The BCH part has outliers included (e.g. BCH city conference in September with 35x the daily average)
The TBB website loads the historic tx data in the browser but hides transactions older than 7 days from being displayed, i.e. you can access more than 7 days worth of data if you understand JavaScript and can read the source code (source).

Hayden Otto's reaction

In direct response to me publishing these findings on btc, Hayden Otto - an employee at BitcoinBCH.com and the author of the report who also happens to be a moderator of /BitcoinCash - banned me immediately from said sub (source).
In subsequent discussion (which repeated for every monthly "report" which was flawed in the same ways as described above), Hayden responded using the same tactics:
"No data was removed"
"The guy is straight out lying. There is guaranteed no missing tx as the data was collected directly from the source." (source)
"Only data I considered non-retail was removed"
"I also had these data points and went through them to remove non-retail transactions, on both TravelbyBit and HULA." (source)
He admits to have removed non-BCH tx by "Game Ranger" because he considers them non-retail (source). He also implies they might be involved in money laundering and that TBB might fail their AML obligations in processing Game Ranger's transactions (source).
The report does not mention any data being excluded at all and he still fails to explain why several businesses that are clearly retail (e.g. restaurants, cafes, markets) had tx excluded (source).
"You are too late to prove I altered the data"
"[...] I recorded [the data] manually from https://travelbybit.com/stats/ over the month of September. The website only shows transactions from the last 7 days and then they disappear. No way for anyone to access stats beyond that." (source)
Fortunately you can, if you can read the website's source code. But you need to know a bit of JavaScript to verify it yourself, so not an ideal method to easily prove the claim of data exclusion to the public. But it laters turns out Hayden himself has found an easier way to achieve the same.
"The report can't be wrong because it has been audited."
In response to criticism about the flawed methodology in generating the September report, BitcoinBCH.com hired an accountant from a regional Bitcoin BCH startup to "audit" the October report. This is remarkable, because not only did their reported TBB totals still not match those from the TBB site - their result was mathematically impossible. How so? No subset of TBB transaction in that month sums up to the total they reported. So even if they excluded retail transactions at will, they still must have messed up the sum (source). Why didn't their auditor notice their mistake? She said she "conducted a review based on the TravelByBit data provided to her", i.e. the data acquisition and selection process was explicitly excluded from the audit (source).
"You are a 'pathetic liar', a 'desperate toll', an 'astroturf account' and 'a total dumb ass' and are 'pulling numbers out of your ass!'"
Since he has already banned me from the sub he moderates, he started to resort to ad hominems (source, source, source, source).

Proof of exclusion

I published raw data as extracted from the TBB site after each report for comparison. Hayden responded that I made those numbers up and that I was pulling numbers out of my ass.
Since he was under the impression that
"The website only shows transactions from the last 7 days and then they disappear. No way for anyone to access stats beyond that." (source)
he felt confident to claim that I would be
unable to provide a source for the [missing] data and/or prove that that data was not already included in the report. (source)
Luckily for us Hayden Otto seems to dislike his competitor TravelByBit so much that he attempted to reframe Bitcoin's RBF feature as a vulnerability specific to TBB PoS system (source).
While doublespending a merchant using the TBB PoS he wanted to prove that the merchant successfully registered the purchase as complete and thus exposed that the PoS sales history of TBB's merchants are available to the public (source), in his own words:
"You can literally access it from a public URL in the Web browser. There is no login or anything required, just type in the name of the merchant." (source)
As of yet it is unclear if this is intentional by TBB or if Hayden Ottos followed the rules of responsible disclosure before publishing this kind of data leak.
As it happens, those sale histories do not only include the merchant and time of purchases, they even include the address the funds were sent to (in case of on-chain payments).
This gives us an easy method to prove that the purchases from the TBB website missing in the reports belong to a specific retail business and actually happened - something that is impossible to prove for the alleged HULA txs.
In order to make it easier for you to verify it yourself, we'll focus on a single day in the dataset, September 17th, 2019 as an example:
  • Hayden Otto's report claims 20 tx and $713.00 in total for that day (source)
  • The TBB website listed 40 tx and a total of $1032.90 (daily summary)
  • Pick a merchant, e.g. "The Stand Desserts"
  • Use Hayden's "trick" to access that merchants public sale history at https://www.livingroomofsatoshi.com/merchanthistory/thestanddesserts, sort by date to find the 17th Sep 2019 and look for a transaction at 20:58 for $28. This proves that a purchase of said amount is associated with this specific retail business.
  • Paste the associated crypto on-chain address 17MrHiRcKzCyuKPtvtn7iZhAZxydX8raU9 in a blockchain explorer of your choice, e.g like this. This proves that a transfer of funds has actually happened.
I let software aggregate the TBB statistics with the public sale histories and you'll find at the bottom of this post a table with the on-chain addresses conveniently linked to blockchain explorers for our example date.
The total of all 40 tx is $1032.90 instead of the $713.00 reported by Hayden. 17 tx of those have a corresponding on-chain address and thus have undeniable proof of $758.10. Of the remaining 23, 22 are on Lightning and one had no merchant history available.
This is just for a single day, here is a comparison for the whole month.
Description Total
TBB Total $10,502
TBB wo. Game Ranger $5,407
TBB according to Hayden $3,737

What now?

The usual shills will respond in a predictive manner: The data must be fake even though its proof is on-chain, I would need to provide more data but HULA can be trusted without any proof, if you include outliers BCH comes out ahead, yada, yada.
But this is not important. I am not here to convince them and this post doesn't aim to.
The tx numbers we are talking about are less than 0.005% of Bitcoin's global volume. If you can increase adoption in your area by 100% by just buying 2 coffees more per day you get a rough idea about how irrelevant the numbers are in comparison.
What is relevant though and what this post aims to highlight is that BitcoinBCH.com and the media outlets around news.bitcoin.com flooding you with the BCH #1 narrative are playing dirty. They feel justified because they feel that Bitcoin/Core/Blockstream is playing dirty as well. I am not here to judge that but you as a reader of this sub should be aware that this is happening and that you are the target.
When BitcoinBCH.com excludes $1,000 Bitcoin tx because of high value but includes $15,000 BCH tx because they are made by "professionals", you should be sceptical.
When BitcoinBCH.com excludes game developers, travel businesses or craftsmen accepting Bitcoin because they don't have a physical store but include a lawyer practice accepting BCH, you should be sceptical.
When BitcoinBCH.com excludes restaurants, bars and supermarkets accepting Bitcoin and when pressed reiterate that they excluded non-retail businesses without ever explaning why a restaurant shouldn't be considered reatil, you should be sceptical.
When BitcoinBCH.com claims the reports have been audited but omit that the data acquisition was not part of the audit, you should be sceptical.
I expect that BitcoinBCH.com will stop removing transactions from TBB for their reports now that it has been shown that their exclusion can be provably uncovered. I also expect that HULA's BCH numbers will rise accordingly to maintain a similar difference.
Hayden Otto assumed that nobody could cross-check the TBB data. He was wrong. Nobody will be able to disprove his claims when HULA's BCH numbers rise as he continues to refuse their release. You should treat his claims accordingly.
As usual, do your own research and draw your own conclusion. Sorry for the long read.

TLDR

  • BitcoinBCH.com claimed no transactions were removed from the TBB dataset in their BCH #1 reports and that is impossible to prove the opposite.
  • Hayden Otto's reveals in a double spend attempt that a TBB merchant's sale history can be accessed publicly including the merchant's on-chain addresses.
  • This table shows 40 tx listed on the TBB site on sep 17th, including their on-chain addresses where applicable.
  • The BitcoinBCH.com report lists only 20 tx for the same day.
No. Date Merchant Asset Address Amount Total
1 17 Sep 19 09:28 LTD Espresso Lightning Unable to find merchant history. 4.50 4.50
2 17 Sep 19 09:40 LTD Espresso Binance Coin Unable to find merchant history. 4.50 9.00
3 17 Sep 19 13:22 Josh's IGA Murray Bridge West Ether 0x40fd53aa...b6de43c531 4.60 13.60
4 17 Sep 19 13:23 Nom Nom Korean Eatery Lightning lnbc107727...zkcqvvgklf 16.00 29.60
5 17 Sep 19 13:24 Nom Nom Korean Eatery Lightning lnbc100994...mkspwddgqw 15.00 44.60
6 17 Sep 19 14:02 Nom Nom Korean Eatery Binance Coin bnb1w5mwu9...552thl4ru5 30.00 74.60
7 17 Sep 19 15:19 Dollars and Sense (Fortitude Valley) Lightning lnbc134780...93cpanyxfg 2.00 76.60
8 17 Sep 19 15:34 Steph's Cafe Binance Coin bnb124hcjy...ss3pz9y3r8 57.50 134.10
9 17 Sep 19 19:37 The Stand Desserts Binance Coin bnb13f58s9...qqc7fxln7s 18.00 152.10
10 17 Sep 19 19:59 The Stand Desserts Lightning lnbc575880...48cpl0z06q 8.50 160.60
11 17 Sep 19 20:00 The Stand Desserts Lightning lnbc575770...t8spzjflym 8.50 169.10
12 17 Sep 19 20:13 The Stand Desserts Lightning lnbc202980...lgqp5ha8f4 3.00 172.10
13 17 Sep 19 20:21 The Stand Desserts Lightning lnbc577010...decq7r4p05 8.50 180.60
14 17 Sep 19 20:24 Fat Dumpling Lightning lnbc217145...9dsqpjjr6g 32.10 212.70
15 17 Sep 19 20:31 The Stand Desserts Lightning lnbc574530...wvcpp3pcen 8.50 221.20
16 17 Sep 19 20:33 The Stand Desserts Lightning lnbc540660...rpqpzgk8z0 8.00 229.20
17 17 Sep 19 20:37 The Stand Desserts Lightning lnbc128468...r8cqq50p5c 19.00 248.20
18 17 Sep 19 20:39 The Stand Desserts Lightning lnbc135220...cngp2zq6q4 2.00 250.20
19 17 Sep 19 20:45 The Stand Desserts Lightning lnbc574570...atcqg738p8 8.50 258.70
20 17 Sep 19 20:51 Fat Dumpling Lightning lnbc414190...8hcpg79h9a 61.20 319.90
21 17 Sep 19 20:53 The Stand Desserts Lightning lnbc135350...krqqp3cz8z 2.00 321.90
22 17 Sep 19 20:58 The Stand Desserts Bitcoin 17MrHiRcKz...ZxydX8raU9 28.00 349.90
23 17 Sep 19 21:02 The Stand Desserts Bitcoin 1Hwy8hCBff...iEh5fBsCWK 10.00 359.90
24 17 Sep 19 21:03 The Stand Desserts Lightning lnbc743810...dvqqnuunjq 11.00 370.90
25 17 Sep 19 21:04 The Stand Desserts Lightning lnbc114952...2vqpclm87p 17.00 387.90
26 17 Sep 19 21:10 The Stand Desserts Lightning lnbc169160...lpqqqt574c 2.50 390.40
27 17 Sep 19 21:11 The Stand Desserts Lightning lnbc575150...40qq9yuqmy 8.50 398.90
28 17 Sep 19 21:13 The Stand Desserts Lightning lnbc947370...qjcp3unr33 14.00 412.90
29 17 Sep 19 21:15 The Stand Desserts Binance Coin bnb1tc2vva...xppes5t7d0 16.00 428.90
30 17 Sep 19 21:16 Giardinetto Binance Coin bnb1auyep2...w64p6a6dlk 350.00 778.90
31 17 Sep 19 21:25 The Stand Desserts BCH 3H2iJaKNXH...5sxPk3t2tV 7.00 785.90
32 17 Sep 19 21:39 The Stand Desserts Binance Coin bnb17r7x3e...avaxwumc58 8.00 793.90
33 17 Sep 19 21:47 The Stand Desserts BCH 32kuPYT1tc...uFQwgsA5ku 18.00 811.90
34 17 Sep 19 21:52 The Stand Desserts BCH 3ELPvxtCSy...4QzvfVJsNZ 36.00 847.90
35 17 Sep 19 21:56 The Stand Desserts Lightning lnbc677740...acsp04sjeg 10.00 857.90
36 17 Sep 19 22:04 The Stand Desserts BCH 38b4wHg9cg...9L2WXC2BSK 54.00 911.90
37 17 Sep 19 22:16 The Stand Desserts Binance Coin bnb14lylhs...x6wz7kjzp5 18.00 929.90
38 17 Sep 19 22:21 The Stand Desserts BCH 3L8SK3Hr7u...F3htdSPxfL 90.00 1019.90
39 17 Sep 19 22:30 The Stand Desserts Binance Coin bnb19w6tle...774uknv57t 5.00 1024.90
40 17 Sep 19 22:48 The Stand Desserts BCH 3Qag8c4UYg...9EYuWzGjhs 8.00 1032.90
submitted by YeOldDoc to CryptoCurrency [link] [comments]

CLI scripts for using an account

Hello community - does anyone have any account scripts for the bitcoin CLI? I want to do various things like create a wallet, send and receive trx through my full node but am not that proficient at the bitcoin CLI. I need some help with actually pushing transactions and such. Anyone have a library of account related scripts i could snag? Thanks.

Edit: I now understand that its complicated to do anything other than basically look at general information. Gotta perform a bunch of coded math problems which I am not in a position to try to master right now. Here's one example:
https://medium.com/coinmonks/how-to-create-a-raw-bitcoin-transaction-step-by-step-239b888e87f2
Am going to configure my full node to be my electrum node so I can bypass all the technical on-ramping.
submitted by zipatauontheripatang to Bitcoin [link] [comments]

Goxplorer 0.6.0, a Bitcoin blockchain explorer with embedded HTTP REST/JSON server and UTXO parsing support

Back in December, I announced here that I was working on a Bitcoin blockchain explorer with fairly basic capabilities, written from scratch with the Go language, mainly as a toy project. Back then it was only capable of reading raw block files and render them in JSON using various filters.
Six month later, with development going on and off, I am pleased to announce version 0.6.0 which is approaching the goal I was considering all along, being a self contained, self hosted blockchain explorer, only using Bitcoin blockchain's databases.
Goxplorer is capable of leveraging blocks index and chainstate LevelDB databases to fetch correct block files, meaning that you could search for a transaction involving an UTXO (chainstate only keeps track of those) only using your very bitcoin wallet / node.
The HTTP REST/JSON functionality permits to build a web client over it, I might even get into this as VueJS had me kind of liking it.
Finally, goxplorer has an easy to use callback system for programming plugins to be triggered at every transaction or block. A couple of examples, including a very naive bruteforcer, are available for the curious.
Homepage: https://imil.net/goxplore Binary releases for various popular platforms: https://gitlab.com/iMil/goxplore-/releases Source code: https://gitlab.com/iMil/goxplorer
As always, feedback is very welcome.
Edit: formatting Edit 2: release 0.6.1
submitted by iMil to Bitcoin [link] [comments]

Adding Monero support to a P2P game, need some advice

Hello everyone,
I'm currently in the process of adding Monero support to a peer-to-peer game I've been working on and would like to ask this community for some advice.
The application has a few hard requirements that must be met:
  1. The Monero integration must be done using JavaScript (primarily for Node but browser's okay too).
  2. The application must be able to create addresses and accompanying private keys internally (no CLI or external API). Preferably, these should be derived addresses using a master or main one (like HD wallets in Bitcoin).
  3. The application must be able to generate raw transactions internally -- no CLI or or external API. For this part let's assume that the input UTXOs are going to be available somehow (from a database, for example).
  4. The application must be able to sign raw transactions internally -- no CLI or or external API.
When I say "no CLI", I mean no RPC wallet or daemon; no external API calls either.
Essentially, I should be able to do the above offline, using JavaScript only, and then just post the signed transactions later (this part can be done via CLI or API). These are core requirements for the project otherwise I'd just use RPC or a service and save myself a lot of work.
So my question is: is there a documented JavaScript library that supports all of the above functionality?
I found a project called mymonero-core-js which appears to do what I'd need, but there doesn't seem to be any accompanying documentation (the included unit tests don't offer much information). Does this documentation exist?
There's also an offline wallet generator but it's also undocumented and kinda unwieldy (one huge file).
The game (my project), already supports Bitcoin and Bitcoin Cash using these constraints, and I've done fairly extensive work with Ethereum, smart contracts, and crypto in general (not just cryptocurrencies, I mean), so I shouldn't need much hand-holding.
Thanks muchly in advance!
P.S. It's not my intention to advertise my project so I haven't posted a link but I'll be happy to share if anyone asks.
submitted by monican_agent to Monero [link] [comments]

A practical proposition to naturally make bitcoin better.

So I thought of an idea, if bitcoin has introduced the key concept of mining and exchanging gold into the internet, how about making also the concept of minting into coin with weight and purity also to it too? Like gold or silver, when we mine them we weight mined raw metal in grams or ounce and each little rocks have different purity. Those raw metal do have value but still is hard to transact with them (I believe we are like in this situation for bitcoin; we mine satoshis and the fees and price are constantly fluctuating.). To make economic exchange of those raw metal easy, we mint the raw metals into coins in a standard size, weight and purity.
Example the 1 oz 22 karats American Eagle gold coin. 22 Karat mean the coin has 91.67% pure gold and 8.33% is impurity. How about we present the equivalent concept for Bitcoin, we imagine a virtual coin with defined purity and weight? If we agree a virtual coin unit, let's call it vBTC, have always 0.2% average fee, and from that calculate the weight of 1 vBTC in satoshi?
The time writing this the price of bitcoin is 8,915.00 USD and the average fee is around 2.41 USD/TX or 27,500 satoshi/TX that 1 vBTC will have the weight of 27,500/0.002 = 13,750,000 satoshis value $1,223.09. And each day or bloc that weight go down or go up according to the network load. (here I chose the 0.2% fee because we can use sub unit, like 0.01 vBTC which have 20% fee if we desire it in the first bloc. or let it 0.2% if to be on any bloc) And when I send you a 1 vBTC, I don't worry about fees if is high or low, or if my coin will be in the block or not. 1 vBTC will always be in the next block. If a seller set a price in vBTC, like a software for 2.5 vBTC, if the network is loaded or not, if the price is up or down it doesn't matter. When I receive 2.5 vBTC, I know I own 99.8% of that and i will receive it at the next 10min.
We can do this without changing anything in the bitcoin protocol. It's just a virtual layer between us bitcoin users. This way we can separate the link between bitcoin and USD and all those prices speculators in those centralized exchange platforms. And use bitcoin as a way of exchange, not an asset that we just hold and wait the day it hit the moon.
Yet there is still another stunning thing we can do with that vBTC. It can solve the price fluctuation nightmare of bitcoin.
The time writing this 1 vBTC is 13,750,000 satoshis which is $1,223.09 and 1oz 22K American Eagle gold coin is around $1,766.50, which are approximately the similar level of value. How about if we say that 1 vBTC possess the same intrinsic value as a 1 oz of 22K gold coin? Like anywhere and anytime 1 vBTC can always be exchanged to 1oz of 22K gold coin? And we always transact 1 vBTC as was real 1oz 22K gold on internet?
It's a very hard to understand at first glance, but allow me to explain. Right now, the price of normal BTC is set by the law of supply and demand in those multiple centralized exchange platforms. If there is more buyers than sellers, the price go up, and if there is more sellers than buyers, the price go down. But that supply and demand system is already present on the vBTC. If there is more demand (load) on the network the average fees go up and the weight of 1 vBTC in satoshis go up too. If there is less, the fees go down and the weight of 1 vBTC go down too. So if we simply agree that 1 vBTC = 1 oz 22K Gold, the bitcoin network by itself will do all the work and converge to the perfect weight to accommodate that value equality at that exact time. And that without letting speculator decide the price of it in a fiat currency on those centralized exchange platforms.
This will be revolutionary. There will be no speculation what so ever, and no pricing in a Fiat currency and no anxious holding until hit the moon. We can see bitcoin as simple coins and we can price our goods and services as old time when gold minted coins was introduced. And this doesn't require any change in bitcoin protocol. All it needs is only we put the vBTC denomination into wallets and we all bitcoin users have the faith that 1 vBTC = 1 oz 22K Gold or arround that, and the bitcoin network will do the magic by itself.
Furthermore, this is a good way to make minting of real physical 1 vBTC in real 1oz 22K gold possible, and exchange as it was real bitcoins we touch with hands.
I will seek first to perform some excel spreadsheet calculation of the above. As the weight variation of vBTC (0.2% fees) since 2011 and price of each 1 vBTC in 1 oz Gold since 2011 then share it here.
submitted by babyass to Bitcoin [link] [comments]

Theoretical max transactions per second?

This is based on an old discussion from back in 2017 as Bitcoin and Ethereum ran into transaction throughput issues with their sudden popularity.
The question arose "how many Transactions Per Second (TPS) can blah blah coin handle?" because people wanted to compare against the credit card schemes (visa and MC), which currently do 5-10,000 per second to handle world payment traffic. The thought was that a viable coin would need to be competitive with cc schemes and scalable, which kicked the whole "sharding" concept to mainstream.
At the time, a few coins stood out with very high TPS, like Ripple or EOS, but as I remember they turned out to be more like centralized computing architectures masquerading as decentralized networks (any experts? Is that true of both? I'm fairly confident it's true of Ripple, but not sure of EOS)
Anyway, I follow Cardano enough to know that the Shelley network is definitely going to be decentralized and that the node/processing architecture is unique, scaling up to 1000+ nodes. What I don't know (but would love to) is the following:
1) What processing or computing attribute of the system determines the TPS metric in the Cardano architecture? The number of nodes? The raw power of the machines running the nodes? average node power? worst node power? best node power?
Counterintuitively, it seems like adding more computing nodes might decrease TPS since there will be more time spent reaching consensus across the network, but I'm not sure exactly what the life/path of a transaction looks like vs the final commit to ledger.
2) With current Node quality (network, processing) seen on Shelley network, how many TPS can it handle? Is there a theoretical max, or can it scale indefinitely with network speed and processing power?
There have been a ton of videos of how to run a node on a low power computer like an Arm SBC, which wouldn't exactly have the network connectivity or computing performance of an industry-level server directly on fiber at Visa, for example.
3) As the demand for transactions ramps, what is the node operators' incentive to adjust hardware for higher TPS? As I understand the rewards are a function of the amount of ADA delegated, not max TPS. Is it a hybrid scheme based on TPS capacity (or some underlying fundamentals)?
I recently read that node quality plays a factor, but it seems a relatively small factor in that it can cause a small % of missed blocks, leading to somewhat lower rewards for stakers of that node...I'm wondering if the incentives are both aligned and powerful enough to ensure "automatic" TPS capacity scaling, though. It seems being network responsive is more what we're selecting for, which seems less than what is needed.
Thanks...hope this gets enough attention to actually educate the community...and me :)
submitted by demonweasel to cardano [link] [comments]

Bitcoin options are breaking records, and exchanges are competing for this segment. We will tell you what these tools are and how they work

Bitcoin options are breaking records, and exchanges are competing for this segment. We will tell you what these tools are and how they work
Bitcoin options are breaking records, and exchanges are competing for this segment. We will tell you what these tools are and how they work
The cryptocurrency market is constantly evolving, integrating with the traditional and inheriting complex financial products such as futures and options.
Some types of fixed-term contracts are already firmly established in the bitcoin industry. This is noticeable by the activity of traders on the CME.
However, the situation with options is somewhat different. These derivatives are difficult to understand among ordinary market participants and are not yet so popular.
Nevertheless, there is a demand for such tools, as evidenced by the growth dynamics of this market segment and interest from platforms such as Binance and Bitfinex.
Bitcoin options have already been offered on CME, LedgerX and Bakkt, which are regulated and oriented primarily on whales. Among the unregulated sites, the leader is Deribit, followed by FTX and OKEx.
ForkLog magazine figured out what options are and what types of options are. We will talk about the features of these tools and the current state of affairs in the segment. In this article you will also find comments by leading market experts on the role of options in the industry.

What are options and how do they work?

An option is a financial contract concluded between two parties — the holder and the seller. The first receives the right, but not the obligation, to buy or sell a certain amount of the underlying asset at the strike price (strike price) on a specific date (expiration date).
The seller undertakes to buy or sell the asset at the request of the option holder. The latter pays the seller at the time of purchase of the contract a certain amount of money — the so-called premium.
The rights and obligations of the holder and seller differ significantly. The former has the right to choose whether to exercise the option or not. The seller is obliged to fulfill the terms of the contract at the request of the holder.
Parameters such as the type of underlying asset, expiration date, strike price are fixed at the time of issue of the contract, after which they cannot be changed.
Like futures, options are derivative financial instruments and derivatives. This means that they can be based on various underlying assets (BA) — stocks, indices or cryptocurrencies.
Like the options already existing in traditional finance for all major assets, there are contracts based on BTC and ETH on the cryptocurrency market. They are very interesting financial products“, said Su Zhu, head of Three Arrows Capital, in a conversation with ForkLog.
Options are used both for hedging risks and for speculative trading. For example, a speculator confident in the growth of the underlying asset buys a call option. If the BA price rises above the strike, the trader can use his contract to buy a discounted asset.
Derivatives such as options allow users to hedge risks and generate revenue. Derivatives play a key role in the traditional financial market. These tools are needed so that the cryptocurrency market continues to grow and develop, being filled with new participants“, said Aaron Gong, vice president of Binance Futures.

Practical use of options

Consider the simplest example of options hedging. Suppose there is a company manufacturing tomato paste, sauces and ketchups. There is a farmer supplying this company with tomatoes. He acts in conditions of fierce competition, close to perfect.
It is extremely important for a company to buy raw materials cheaper to minimize production costs and remain profitable. The farmer, in turn, hopes for a long-term cooperation with the company so as not to lose a major client.
The company offers the farmer an option, assuming the right to buy 10 tons of tomatoes of the next year’s crop at the current price — say, $1,000 per ton. To exercise this right, the company pays the farmer an option premium of 3% of the total transaction amount of $10,000, that is, $300.
The farmer will have to, at the request of the company, sell the appropriate quantity of goods at the above price and at a specified time.
A year later, the crop was high, which led to a decrease in the market value of tomatoes to $800 per ton. The company decides not to exercise its right to purchase raw materials for $10,000, as other farmers can buy the same 10 tons of tomatoes for only $8,000.
Thus, having lost only $300 as a premium on an option, the company is insured against price risk. Buying raw materials at a significantly lower market price is more than worth the price of the option contract.
Let’s imagine another scenario: the crop turned out to be unimportant and the price of scarce tomatoes jumped to $1200 per ton. Then the company will certainly take advantage of the right to purchase tomatoes for $1000. Thus, the result is any case.
It is easy to guess that the options can be used by miners to hedge the risks of adverse changes in the price of the extracted asset. For example, expecting a decrease in the price of BTC, miners can use options that give them the right to sell cryptocurrency in the future at a price higher than the breakeven point.
Miners are already very active in options markets. And, probably, they will remain active“, Su Zhu said.
Su Zhu is confident that in the long term, options will make the cryptocurrency spot market more liquid and attractive to a wide range of participants. He added that the growing popularity of such contracts among miners could significantly reduce sales pressure.
Options give miners the opportunity to fix the price of coins mined in the future. Miners can better manage their production costs and protect themselves from market volatility“, said Aaron Gong, expressing confidence that the popularity of options will continue to grow.
According to him, such tools open up new opportunities and may be of interest to speculators, funds and long-term cryptocurrency holders.
“Institutional investors are also showing growing interest in options and other derivatives. Last week it was reported that the famous Wall Street trader Paul Tudor Jones allocated a few percent from his Tudor BVI fund for bitcoin futures. This is a positive signal, which means that more and more institutions are interested in the cryptocurrency market“, Gong added.
However, option strategies are not suitable for every market participant — effective work with these tools requires certain experience, Co-founder of CoinIndex.agency Julia Sporysh is sure:
Of course, in order to use this effectively, the miner must have an experienced trader (option strategies are some of the most difficult on the market) — or they will have to unite and work through specialized trading companies. This market exists, although it is not for the general public.
Also, according to her, options may be of interest to funds and retail traders who have gained a hand in speculative trading.
Options are an independent and good speculative tool. And if you have positions in futures or in the spot market, it’s just the time to explore new opportunities“, added Yulia Sporysh.

Types of options

There are two main types of options — option call and option put. The first gives the right to the contract holder to purchase a certain amount of the underlying asset from the seller (they also say — the inscription) at the strike price on a certain date in the future. This type of option was used in the tomato example.
The put option, on the contrary, gives the buyer of the contract the right to sell the underlying asset at a fixed price. The latter may be higher than the market at the time of expiration, which is beneficial to the trader.
Market participants use the call, predicting an increase in the price of BA, and put — expecting it to decline.
More complex strategies use combinations of these two types of contracts.
There is also the term “covered option”. For example, an option call is covered if the seller has the amount of the underlying asset corresponding to the terms of the contract.
Options may also differ in the style of execution — American or European.
European-style options require the holder to execute the contract exclusively on the expiration date. Such options, in particular, are presented at CME and Bakkt.
American style implies the possibility of contract execution at any time prior to the date of expiration. Options of both styles are traded all over the world, their names have no relation to geographic location.
There are less standardized, exotic options. However, the popularity and importance of such instruments in the financial market is not so great.
Parameters and conditions for trading certain options are described in the specifications for them, which indicate the expiration date, strike price and other elements of the contract.

Premium, strike price and cash option

The option premium is the amount of money paid by the buyer to the seller. The premium is equal to the value of the contract and, in fact, represents a fee for the risk of adverse changes in the value of the underlying asset.
The option premium is formed by two components:
Intrinsic value — the amount that the buyer would receive if the contract were currently executed. It depends on the ratio of the price of the underlying asset and the strike.
Time value — depends on the time remaining until expiration. Usually, the less time it takes to execute a contract, the lower the premium.
As a rule, high price volatility contributes to premium growth, and vice versa. A deal with a close strike price in relation to the current one has much greater chances of closing in profit and, therefore, the premium for such an option will be relatively high.
The strike price is the price fixed in the option at which the buyer of the call option can buy (or sell, if this is a put option) the underlying asset. In turn, the seller of the contract is obliged to sell or buy BA.
Money is an indicator of the ability to receive funds from the exercise of the right to exercise a derivative. In the context of options, cash can be calculated by comparing the spot price of the BA and the strike price of the option. Thus, three options are possible:
• “in the money” option: in the case of a call — if the spot price is higher than the strike (then the intrinsic value of the contract is positive), in the case of a put, on the contrary, if the BA price is lower than the strike;
• option “on money” (or “with one’s own”) — equal strike to current stock quotes, intrinsic value equal to 0;
• the option “out of money” (“without money”) — the exercise of the option is not economically feasible; in such a situation, the current price of the underlying asset is lower than the strike price of the call option or, conversely, the spot price of the BA is higher than the strike price in the case of a put.

Option strategies

There are many option trading strategies. Four basic approaches can be distinguished.
Long call — buying a call option, the investor expects an increase in the price of the underlying asset above the strike on the expiration date of the contract. Then he will be able to buy an asset at a discount to the market price and thus earn on the difference. If the price drops below the strike, the buyer risks only the premium paid for the option.
Long put — is a kind of alternative to a short position in the spot market. The buyer of the put option hopes to make money, assuming that the price of the BA falls below the strike at the time of expiration. In this scenario, the investor may sell the asset at a higher price than the market price.
Also, through a put option, an investor can limit the risk of a fall in the price of an asset that has a long position open. According to Su Zhu, miners may use the “protective put” strategy, in whose activity a substantial and prolonged drop in the price of mined cryptocurrency is undesirable. Through such tools, miners can provide profitable or even break-even activity.
Short call — the investor acts as the seller of the contract, counting on a decrease in the price of BA below the strike on the date of expiration. However, the higher the price of the asset, the more losses the inscription bears. Thus, the risk of the seller of the contract is unlimited, and the profit potential is limited by the premium on the sale of the call.
Short put — the seller of such an option expects a premium on it, being firmly convinced that the price of the BA will be higher than the strike.
Combinations of these basic strategies may underlie more sophisticated options trading approaches, such as:
protective put — purchase of a put option for an available asset;
covered (secured) call — an investor sells a call option to an existing BA or which will be acquired simultaneously with the sale of the option; the strategy reduces the risk of owning an asset, since a fall in its price is partially offset by a premium;
straddle — a kind of bet on volatility, which implies the purchase of a call and put option on the same asset with the same expiration date and the same strike price;
strangle — almost the same as straddle, differs only in different strike prices.

Conclusions

Options are complex financial instruments, their mechanism of work is unlikely to be mastered immediately by most novice traders. Nevertheless, these derivatives may seem interesting to experienced market participants and, in particular, to miners.
The following advantages and disadvantages of options can be distinguished. Of the advantages of these contracts, we note:
- flexibility of use in speculative trading;
- the ability to use many combinations and trading strategies;
- a good tool for hedging risks;
- the ability to use in any trend — upward, downward, sideways.
Disadvantages:
- the difficulty of understanding the mechanism of work, especially for novice market participants;
- asymmetric conditions and, accordingly, risks for the buyer and seller;
- the complexity of trading strategies;
- the volatility of an option premium, which depends on the proximity of the expiration date and price dynamics in the spot market;
- low liquidity.
Different industry players have different cryptocurrency options. Some consider them promising tools useful for miners, funds, retail traders and the market as a whole. Others are convinced that such derivatives are archaism.
Nevertheless, options are gradually taking root in the cryptocurrency market. This is evident in the dynamics of trading volume and open interest. In addition, more and more exchanges are trying to add support for these contracts, which contributes to increased competition and further development of the industry.
Subscribe to our Telegram channel
submitted by Smart_Smell to Robopay [link] [comments]

Integrate Crypto Currency Wallet to Exchange Site

Only for Crypto Wallet Expert Freelancer
I'm developing the cryptocurrency exchange system. I Need to integrate the Crypto wallet such as Bitcoin, Eth, Ripple, litecoin etc, ... into my site. I need to create and manage separate wallet for each account or similar solution for easy wallet management and less cost for withdrawing.
The scope includes handover of source code and related documentation and Application Demo.
For Example :-
Managing Multiple Crypto Account using a contract including:
1.creating multiple accounts
2.Sending crypto from multiple accounts to some other account:Creating a Raw Txn, Signing it using master Private Key, Broadcasting to network
3.monitoring these accounts, check balances and Transaction History of an address.
Welcome to everyone!
Interested person direct mail me my email id :- [[email protected]](mailto:[email protected])
submitted by ted_1991 to Jobs4Bitcoins [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Are there any bitcoin-tx tutorials?

This:
https://bitcoin.org/en/developer-examples
Has nothing on bitcoin-tx and I can't find any tutorials on it.
I'd like to figure out how to create raw transactions and do them myself.
Why?
Because freedom and fuck fiat.
Does anyone know of a source that can teach me to use bitcoin-tx.
And yes - I'm fairly familiar with bitcoin-cli.
Thanks in advance for any help.
submitted by Pure_Evil_666 to Bitcoin [link] [comments]

Sharering (SHR) I believe this one is going to surprise so many. Already generating revenue and doing buybacks every week. Already over 10 000 registered users. Mainnet + app + masternodes and staking before EOY.

I got this stuff from Steve Aitchison, he wrote this review and posted it on Uptrennd. Figured I should put it on here as well since I truly believe this is an incredible moonshot. I'm personally holding SHR myself and am very convinced it will do extremely well.
Give a read through it and you will immediatly see why. Enjoy guys.
Introduction
Imagine for a second the following scenario. You are a 2 car family. One car is used every day going back and forth to work, for shopping, all the little jaunts you and your husband like to go on. Your grown children are at university and come home for the weekends so the other car sits in the driveway all week and doesn’t get used during the week. What a waste of a perfectly good car. You think to yourself we could put that car to good use and actually help to pay for university fees, by renting it out during the week. However, then you think “well it’s only a little Ford Fiesta who’s going to want to rent that.” Well, it turns out a lot of people want to rent it and for a good price: £34 ($40) per day, a possible $800 per month.
Peer to peer car sharing has grown massively over the last few years and people are making serious money by letting our vehicles on a daily basis, emulating the Airbnb model. In fact companies like Turo, Getaround and Drivy, which has just been acquired by Getaround for $300 Million, are bringing in serious investors like Toyota, Softbank Vision Fund, Menlo Ventures, and IAC to the tune of over $800 Million.
A key difference between rental companies and peer to peer is that they have vastly improved technology with app interfaces that make locating assets and resources, reserving and using them, and making payment convenient and seamless. This, combined with location-specific analytics, allows by-the-minute access to assets and resources (e.g. cars or bicycles) and enables customers to pick up and drop these assets where and when convenient.
Car sharing is just one example of an industry that is being disrupted. We have seen, experienced and read about the amazing growth of Airbnb which is now estimated to be valued at $38 Billion. Airbnb has been so successful that companies like booking.com are trying to get in on the act by adopting a similar model when it comes to booking accommodation.
There is also the phenomenal rise of bicycle rentals which we see in cities all over the world, not quite the same as peer to peer sharing, but it’s another rental model that is ripe for being disrupted by the new sharing model.
With this business model in mind what other areas could it be used in:
Transport: Used for the rental of cars, trucks, scooters, trailers, and even heavy vehicles. Delivery Drivers: Facilitate booking and payment for delivery drivers. Agriculture: Garden sharing, seed swap, bee-hive relocation, etc. Finance: Peer to peer lending Food bank, social dining Travel Tours, shared tour groups Real Estate Airbnb, co-housing, co-living, Couchsurfing, shared office space, house swapping. Time: Labour, co-working, freelancing Assets Book swapping, clothes swapping, fractional ownership, freecycling, toy libraries. Transportation Car sharing, ride-sharing, car-pooling, bicycle sharing, delivery company, couriers And so much more!
This newly emerging, but highly fragmented sharing industry, is currently worth over $100 billion. It is predicted to grow to at least $335 billion by 2025.
As you can see from a few examples above the sharing economy has a lot of room to grow but what it doesn’t have, yet, is a company who can facilitate ALL of the above use cases in one place.
That is until now!
ShareRing is disrupting the disruptors by bringing everything together in one place and making it easy for you and me to share anything and everything and making it as easy as opening an app on your phone.
Business Case
The sharing market has exploded over the last several years. This is due, in part, to the digital age we live in, as we now have over 2.82 Billion people with smart phones around the world. It also due to how easy the business model of sharing lends itself to the digital world, and how with the simple installation of an app we can access a plethora of markets to rent almost anything from.
Due to this rise of digital platforms and the proliferation of smartphones, revenues coming from sharing economy platforms are only expected to increase. It is estimated to grow to a $335 billion industry in 2025, compared to its $14 billion value in 2014. (PwC UK).
The beauty of the sharing economy is that it is a win/win/win situation for the person who wants to rent something for a few days or weeks, the person who is renting out, and the company who facilitates the ease of the transactions between the renter and the person renting out. Typically the renter will save a lot of money whilst renting out someone else’s apartment, car, bicycle, clothes, dog sitting services etc and they can almost be assured of quality due to the social side of the business model with reviews from real people. The person who is renting out can make additional income and will want good reviews and therefore keep the standard of service higher. The company that is facilitating all of this can make a lot of money on transaction fees, as well as from advertising, and partnership deals, and obviously have an exit strategy for possible buyouts.
When it comes to looking at the business model, ShareRing fits in to the Commission Based Platform as described in Ritter and Schanz study where they looked at the core difference in difference business models of the sharing economy: Singular Transaction Models, Subscription-Based Models, Commission-Based Platforms and Unlimited Platforms.)
Commission Based Platforms are dominated by (at least) triadic relationships amongst providers, intermediaries and consumers with a utility-bound revenue stream. These business models enable their customers to switch between provider and consumer roles by creating and delivering the value proposition. Only a few employees work for the intermediary and the value creation and delivery is externalized. From a consumer perspective, consumers are empowered to collaborate with each other and to design the collaboration terms by negotiating the terms and conditions of the content, creation, distribution and consumption of the value proposition. Depending on the orientation of the value proposition, consumers purchase commodities (Tauschticket, ebay), access commodities in a defined timespan (booking.com, Airbnb) or buy services (uber, turo) from occasional and professional providers found via an intermediary. The intermediary mainly focuses on nurturing a community feeling and reducing exchange insecurity by incorporating rating systems, micro-assurances and standardizations of payment and delivery into the platform. The platform mainly takes commissions for successful matching and executing trade. (Journal of Cleaner Production Volume 213, 10 March 2019, Pages 320-331)
The USP of the ShareRing Business Model
The USP that ShareRing has is that it brings all of the different forms of sharing together in one app through partnerships and onboarding of users.
No other company, to date, is bringing everything together in such a way. However there are other factors that make ShareRing unique, which we will look at.
Token Economics
SHR is a utility token and will be used to pay for transactions on the network, such as 'new booking', 'add asset', etc. SHR is used by providers to pay for their access to the ShareLedger blockchain, including the addition of assets, renting out of assets, adding attributes, adding smart contracts, and other features.
SharePay (SHRP) is used by customers to pay for the rental of assets.
Masternodes will also be a main feature of the SHR token. When a transaction fee is incurred, it will be distributed in a way that allows for masternode holders who provide a service to the platform to receive a reward from each transaction. Transaction fees are charged to sharing providers in SHR. The distribution of transaction fees will be as follows: 50% - will be distributed amongst the active masternode holders who host an active node on the blockchain at that point in time (these holders provide a service to the platform). The distribution will be based on a calculation of the Total Amount Staked and the total continuous uptime of the node. 50% - will be provided to ShareRing Ltd (view ShareRing owned masternodes) for various purposes that contribute to working capital and platform growth.
Leased Proof of Stake Consensus
ShareRing have chosen the Leased Proof-of-Stake protocol as the consensus algorithm for ShareLedger. This choice is based on the practicality and security benefits evident in the Waves platform. It is also much more cost effective than Proof-of-Work (POW), and will not suffer from the current issues Bitcoin and other POW cryptocurrencies are facing such as scalability and electricity consumption.
As explained above master nodes will be a main feature but there is the other feature of lightweight nodes. A user with a lightweight node will be able to stake their tokens to a full node of their choosing and participate in reaching consensus. They will also be free to cancel their leasing at any time as there are no contracts or freezing periods. The more tokens that have been staked in a full node, the higher the probability the node will have in producing the next block. Since the reward is given based on the total number of tokens staked in the full node, there will always be a trade-off between the size of the full node and the percentage of the reward. As an average user of the platform, you will not need to have technical knowledge on how to set up a node nor will you have to download the entire blockchain in order to stake your tokens. Only a user who sets up a full node will be required to do this, making it simpler than ever for users to earn a reward for supporting the platform.
The return expected for staking is expected to be around 6 - 8% although this has yet to be confirmed.
Buybacks
ShareRing are currently implementing a series of buybacks which started in the beginning of November:
The buyback operation is done at a random time during the week.
If there is enough liquidity, SHR tokens will be bought through a single market order at the time of buyback. In case there is not enough liquidity, a limit buy order at last sell order price will be placed on the market, and will remain open until it gets filled.
The buyback program was implemented to test the API purchase process for when live transactions occur on ShareLedger
The Buyback Program is expected to:
  1. Reduce the supply of ShareTokens available in both public and private markets
  2. Bring New capital and fund inflows into the Shareledger
  3. Substantially magnify value creation for the ShareToken holders
The Token Flow
ShareRing will bring in hundreds of merchants to list their rental products, either exclusively or as part of an aggregator system e.g. When you look at the likes of trivago.com they will list the best hotel prices from multiple merchants who are listed on their website. Essentially ShareRing will become part of the aggregator ecosystem and be listed on sites like trivago.com as well as have exclusive agreements with merchants who are listed directly on their app.
ShareRing’s USP is that they have everything on one place as well as their OneID module with means buyers can get a hotel, rent a car, rent their ski equipment, book events all through the one app and using the OneID.
With that in mind they are going to attract a lot of merchants.
This is where it gets exciting so pay attention to this part.
When a merchant is part of the ShareRing ecosystem and a buyer rents something from that merchant ShareRing will take a small % commission from that transaction. So say someone books a hotel for $100 for the night, ShareRing might take $0.50 as a commission. What ShareRing will then do is go to one of the exchanges that ShareRing (SHR) is listed on and buy SHR tokens directly using an API system using USDT.
Now, the actual commission has not been disclosed yet however if we assume even a 0.25% commission that means for every $100 Million worth of bookings made through the app will net ShareRing $250,000 which means buy backs of $250,000 for the SHR token, which increases the liquidity of SHR on the exchanges.
If you think $100 Million of bookings is a lot, booking.com customers book around 1.5 Million rooms per day, if we estimate an average of $50 per room that is $75 million of bookings PER DAY or $2 Billion worth of bookings per month.
This revenue coupled with revenue from OneID and eVOA makes ShareRing profitable almost from day one of the app going live.
OneID And eVOA
Another exciting development from the ShareRing team is the collaboration between ShareRings Self Sovereign Identity protocol and third party providers to bring OneID and eVOA which will utilise OneID
With the huge rise in E-commerce and with over 2.82 billion people who now own a smartphone we are entrusting our personal information to more and more centralised entities. These entities are frequently hacked and our information is leaked to outside parties.
ShareRing aims to tackle this with their service OneID module.
ShareRing’s OneID solution protects users' data by handling Know Your Customer (KYC) information through third parties and ShareRing’s Self Sovereign Identity Protocol. ShareRing does not hold any identifying information anywhere on its servers. It provides the ultimate security for the renter and also the provider, as the Protocol encrypts and stores your data in a secure manner within your device. Essentially, this means that it is n