/u/theymos: -249 points from last 1000 comments. Worst Comment (-752 points): "Right. If Coinbase promotes XT to customers on coinbase.com and/or switches all of its full nodes to BIP 101 software, then Coinbase is no longer using the Bitcoin currency, and it doesn't belong on /r/Bitcoin."
[uncensored-r/Bitcoin] Bitcoin.com article is trying to spread confusion about BIP-176, claiming that 1 BTC = 1000 bits ...
The following post by farsightxr20 is being replicated because some comments within the post(but not the post itself) have been silently removed. The original post can be found(in censored form) at this link: np.reddit.com/ Bitcoin/comments/7oh59n The original post's content was as follows:
/u/theymos: -249 points from last 1000 comments. Worst Comment (-752 points): "Right. If Coinbase promotes XT to customers on coinbase.com and/or switches all of its full nodes to BIP 101 software, then Coinbase is no longer using the Bitcoin currency, and it doesn't belong on /r/Bitcoin."
the year 2020 in Bitcoin Cash so far: a detailed history
the year 2020 in Bitcoin Cash so far: a detailed history What follows at the bottom is a four page long chronological overview of what happened in BCH in 2020 so far. To make it more digestable and fun to read I start with my narrating of the story. My attempt was to remain as objective as possible and "let the facts speak for themselve" with everything sourced. I also link to manyread.casharticles, the decision of which are the important ones to include is certainly not easy, I count on the rest of the community if I overlooked anything important. summary & my narrating of the story: The year started out relatively calm, with cashfusion in "the news" and an older ongoing controversy between Amaury and Roger Ver being worked out. Starting Jan 22nd all debate broke loose with the announcement of “Infrastructure Funding Plan for Bitcoin Cash” by Jiang Zhuoer of BTC.TOP. To illustrate this point 2 days later coinspice ran the title " Roger Ver Praises Vigorous Debate, [...]" and 6 days, less than a week, later Chris Pacia made a read.cash post titled "The 253rd "Thoughts on developer funding" Article" which might have been only a slight exaggeration or he might have been counting. Part of the reason of the tsunami was the lack of worked out details. By the time of Pacia's post a lot had changed: Both BU, Bitcoin Verde and a group of miners had made announcements not to go along with "the plan". On feb 1st, the second version of the IFP was announced by Jiang Zhuoer in a post “BCH miner donation plan update”. Two weeks later on Feb 15th, the third iteration was announced by Bitcoin ABC which was to be activated by hashrate voting and on the same day Flipstarter was introduced, a sign of the search for alternative solutions. After a few more days and a few more people coming out more against the IFP (including Jonald Fyookball, Mark Lundeberg & Josh Ellithorpe), BCHN was announced on feb 20th with a formal release a week later. Also feb 27th, the DAA was brought back into the conversation by Jonathan Toomim with his " The BCH difficulty adjustment algorithm is broken. Here's how to fix it." video. By early march the IFP was effectively dead with its author Jiang Zhuoer vowing to vote against it. This became clear to everyone when ABC, a day later sudddenly shifted gears towards non-protocol, donation based funding: the IFP was dead. End march ABCs 2020 Business Plan was announced as a way to raise $3.3 million. Mid april to mid may was the high time for voluntary funding with four node implementations and General Protocols, a BCH DeFi Startup successfully raising funds. By May 15th, the 6th HF network upgrade things had pretty much cooled down. The upgraded included nothing controversial and even saw an unexpected doubling in the unconfirmed transaction chain. June 15th a month later things started to heat up again with the BCHN announcement to remove the "poison pill" or "automatic replay protection". 8th Jul Jonathan Toomim posted "BCH protocol upgrade proposal: Use ASERT as the new DAA" which promised the solution to the long dragging DAA problem. Jul 23th however an unexpected twist occurred when Amaury Séchet posted "Announcing the Grasberg DAA" an incompatible, alternative solution. This, again, sparked a ton of debate and discussion. Grasberg lasted just two weeks from Jul 23th to Aug 6th when ABC announced its plans for the november 2020 upgrade but it had successfully united the opposition in the meanwhile. ABCs plan for november included dropping grasberg in favour of aserti3–2d and introducing IFPv4. Now we're here August 8th, the IFP which was declared dead after just over a month (Jan 22-Mar 5) is now back in full force. The rest of the history is still being written but if p2p electronic cash is to succeed in any big regard it's very thinkable that these events will get into history books. Important resources:coinspice IFP timeline&Compiled list of BCH Miner Dev Fund posts, articles, discussions History Jan 13th : “Do CoinJoins Really Require Equal Transaction Amounts for Privacy? Part One: CashFusion” article by BitcoinMagazine [source] Jan 13th : “Clearing the Way for Cooperation” Read.cash article by Amaury Séchet [source] on the controversy with Roger Ver about the amount of donations over the years Jan 22nd : “Infrastructure Funding Plan for Bitcoin Cash” IFPv1 announced by Jiang Zhuoer of BTC.TOP [source] IFPv1: 12.5% of BCH coinbase rewards which will last for 6 months through a Hong Kong-based corporation & to be activated on May 15th Jan 22nd : ”Bitcoin Cash Developers React to Infrastructure Fund Announcement: Cautiously Optimistic” coinspice article including Amaury Séchet, Antony Zegers, Jonald Fyookball & Josh Ellithorpe [source] Jan 23rd : Jiang Zhuoer reddit AMA [source] [coinspice article] Jan 23rd : Vitalik weighs in with his take on twitter [source] Jan 23rd :” On the infrastructure funding plan for Bitcoin Cash” article by Amaury Séchet [source] [coinspice article] in which he proposed to place control of the IFP key in his hands together with Jonald Fyookball and Antony Zegers. . A group of 7 to 12 miners, developers, and businessmen in total would get an advisory function. Jan 24th : “Bitcoin.com's Clarifications on the Miner Development Fund“ which emphasizes, among other things, the temporary and reversible nature of the proposal [source] [coinspice article] Jan 24th : “Little Known (But Important!) Facts About the Mining Plan” Read.cash article by Jonald Fyookball in which he defended the IFP and stressed its necessity and temporary nature. Jan 25th : massive amounts of public debate as documented by coinspice [coinspice article] with Justin Bons, Tobias Ruck and Antony Zegers explaining their take on it. Jan 26th : public debate continues: “Assessment and proposal re: the Bitcoin Cash infrastructure funding situation” Read.cash article by imaginary_username [source] which was noteworthy in part because the post earned over Earns $1,000+ in BCH [coinspice article] and “The Best Of Intentions: The Dev Tax Is Intended to Benefit Investors But Will Corrupt Us Instead” by Peter Rizun [source] Jan 27th : “We are a group of miners opposing the BTC.TOP proposal, here's why” article on Read.cash [source] [reddit announcement] Jan 27th : Bitcoin Unlimited's BUIP 143: Refuse the Coinbase Tax [source][reddit announcement] Jan 28th : “Bitcoin Verde's Response to the Miner Sponsored Development Fund” read.cash article by Josh Green in which he explains “Bitcoin Verde will not be implementing any node validation that enforces new coinbase rules.” [source] Jan 28th : “Update on Developer Funding” read.cash article from Bitcoin.com [source] in which they state “As it stands now, Bitcoin.com will not go through with supporting any plan unless there is more agreement in the ecosystem such that the risk of a chain split is negligible.” And that “any funding proposal must be temporary and reversible.” This announcement from bitcoin.com and their mining pool lead the anonymous opposition miners to stand down. [source] Jan 28th : The 253rd "Thoughts on developer funding" Article – by Chris Pacia, to tackle the “serious misconceptions in the community about how software development works”. He ends on a note of support for the IFP because of lack of realistic alternatives. [source] Feb 1st: “BCH miner donation plan update” IFPv2 announced by Jiang Zhuoer of BTC.TOP [source] Which changes the donation mechanism so miners directly send part of their coinbase to the projects they wants to donate to. It would be activated with hashrate voting over a 3-month period with a 2/3 in favour requirement. The proposal also introduces a pilot period and a no donation option, Jiang Zhuoer also says he regards 12.% as too much. Feb 7th: Group of BCH miners led by AsicSeer voice scepticism about the IFP during a reddit AMA [source] Feb 15th: “On the Miner Infrastructure Funding Plan” article by Bitcoin ABC [source] In which they announce they will implement IFPv3 in their upcoming 0.21.0 release. This version has amount reduced to 5% of block reward and will go in effect with BIP 9 hashratevoting and a whitelist with different projects. Feb 15th : “Introducing Flipstarter” [source] Feb 16th :” Bitcoin.com’s stance on the recent block reward diversion proposals” video by Roger Ver on the Bitcoin.com Official Channel. [source] > Ver called Zhuoer’s IFP “clever” but ultimately “problematic.” [coinspice article] Feb 16th :” BCH miner donation plan update again” read.cash article by Jiang Zhuoer of BTC.TOP [source] In which he briefly outlines the details of IFPv3 Feb 17th : “Latest Thoughts On Infrastructure Mining Plan” post by Jonald Fyookball [source] Feb 17th : “Regarding the Bitcoin Cash Infrastructure Funding Plan, I am certain now that it should be scrapped immediately.” tweet by Mark Lundeberg [source] Feb 19th : “Thoughts on the IFP - A Dev Perspective“ read.cash article by Josh Ellithorpe [source] Feb 20th : “Bitcoin Cash Node” post announcing the new node implementation [source] Feb 20th : First “Bitcoin Cash Developer Meeting” After IFP Proposal [source] Feb 24th : “Flipstarter 500k, 6 independent campaigns” post announcing the goal to “fund the BCH ecosystem with 6 independent campaigns and an overall 500,000 USD target” [source] Feb 27th : BCHN Formally Released [source] Feb 27th : “The BCH difficulty adjustment algorithm is broken. Here's how to fix it.” Video by Jonathan Toomim [source] Mar 3th :” Bitcoin Cash Node 2020: plans for May upgrade and beyond” post by BCHN [source] Mar 4th :”Author of the Bitcoin Cash IFP [Jiang Zhuoer] Vows to Vote Against It, Using Personal Hash in Opposition” [source] Mar 5th :Bitcoin ABC announces their 2020 Business Plan Fundraising for later in march [source] Mar 15th : “EatBCH campaign funded! Next: node campaigns.” campaign funded after 11 hours [source] Mar 30th : Bitcoin ABC 2020 Business Plan [source] $3.3 Million Fundraiser [source] Apr 17th : Five flipstarter node campaign launched. [source] Apr 26th : BCHN flipstarter campaign successfully funded. [source] Apr 27th : VERDE flipstarter campaign successfully funded. [source] May 4th : KNUTH flipstarter campaign successfully funded. [source] May 7th : “BCH DeFi Startup General Protocols Raises Over $1 mil“ [source] May 8th : BCHD flipstarter campaign successfully funded. [source] May 9th : Deadline for node campaigns, ABC flipstarter campaign not funded. [source] May 14th : “With IFP Defeated, Bitcoin ABC, ViaBTC & CoinEX CEO Publicly Consider a Bitcoin Cash Foundation” [source] May 15th : deadline for ABC fundraiser campaign, ends at 55% completed. [source] May 15th : 6th HF network upgrade -> new opcode op_Reversebytes, increased of the chained transaction limit from 25 to 50, and the improved counting of signature operations using the new “Sigchecks” implementation [source] with the “Controversial Funding Plan Rejected by Miners” [source] May 25th : “Announcing the SLP Foundation” [source] Jun 15st : “BCHN lead maintainer report 2020-06-15” announcement to remove the Automatic Replay Protection (a.k.a. the Poison Pill) from BCHN in november [source] Jun 16st : “So [BCHN] is going to fork off from BCH at the next upgrade. Same old story. […]” tweeted Vin Armani [source] Jun 21st : “Why Automatic Replay Protection Exists” post by Shammah Chancellor [source] Jul 7th : “The Popular Stablecoin Tether Is Now Circulating on the Bitcoin Cash Network” [source] Jul 8th : “BCH protocol upgrade proposal: Use ASERT as the new DAA” post by Jonathan Toomim [source] Jul 18th : “$6M Worth of Tether on the Bitcoin Cash Chain Highlights the Benefits of SLP Tokens” [source] Jul 23th : “Announcing the Grasberg DAA” post by Amaury Séchet[source] Jul 24th : “Thoughts on Grasberg DAA” post by Mark Lundeberg [source] Jul 29th : CashFusion security audit has been completed [source] Jul 31st : Electron Cash 4.1.0 release with CashFusion support [source] 4th year, august 2020 – 2021 Aug 1st : “Bitcoin Cash: Scaling the Globe“ Online conference for ForkDay Celebration [source] Aug 2nd : >“Is there going to be a fork between ABC and BCHN?” > “IMO it is very likely. If not in November, then next May.” – Amaury Séchet Aug 3rd : “Dark secrets of the Grasberg DAA” post by Jonathan Toomim [source] Aug 3rd : “Joint Statement On aserti3-2d Algorithm“ post by General Protocols, including Cryptophyl, Read.cash, Software Verde & SpinBCH [source] Aug 3rd : Knuth announces they will be implementing aserti3-2d as DAA for november. [source] Aug 3rd : Amaury rage quit from the developer call [source] Aug 4th : “But why do people care about compensating for historical drift? Seems like a tiny problem and if it's causing this much social discord it seems not even worth bothering to try to fix.” Tweet by Vitalik [source] Aug 5th : “Bitcoin Cash (BCH) November 2020 Upgrade statement” signed by BCHD, electron cash, VERDE, BU members, BCHN developers, Jonathan Toomim, Mark B. Lundeberg and many others [source] Aug 5th : “BCHN FAQ on November 2020 Bitcoin Cash network upgrade” [source] Aug 6th : “Bitcoin ABC’s plan for the November 2020 upgrade” [source] the announcement that they will drop Grasberg in favour of aserti3–2d (ASERT) and will also include FPv4 in which 8% of the blockreward goes to ABC as development funding. Aug 7th : “Joint Statement from BCH Miners regarding Bitcoin ABC and the November 2020 BCH Upgrade.” Read.cash article by asicseer [source] stating “Over recent months, most miners and pools have switched to BCHN, and presently operate a majority of BCH hashrate.” Aug 7th : “Simple Ledger Protocol's Joint Statement Regarding Bitcoin ABC on BCH's November 2020 Upgrade” read.cash post by the SLP-Foundation [source]
Доброго времени суток всем !!! 📷 Бизнес клубом QUANTUM - https://bcquantum.com/ выпущена монета QUANT (custom coin) на блокчейне Minter (https://t.me/MinterNetwork), токен блокчейна Minter — BIP. Блокчейн нового поколения, с мгновенными транзакциями, возможностью создавать криптовалюты с алгоритмической стоимостью и моментальным, неограниченным обменом на Bitcoin, Ethereum и даже USD. 📷 Запущен клубный телеграмм бот Q-bot позволяющий обеспечить рост вашего дохода и это: 📷- Q-bot зарабатывает на комиссии от делегирования монеты QUANT валидатору Minter (Банк внутри блокчейна); 📷- Q-bot не сетевой проект, можно никого не приглашать, но с приглашениями выгоднее; 📷- Q-bot не доверительное управление, все полностью под вашим контролем и на ваших приватных блокчейн-кошельках; 📷- В отличии от различных торговых роботов нет риска слива депозита; 📷- Возможность инвестировать в бот от 1000 QUANT (всего 350 руб.); 📷- Доход от 10% в месяц, только на делегировани; 📷- Применение сложного процента при реинвесте, позволяющего кратно приумножать ваш капитал; 📷- Щедрая партнерская программа; 📷- Рост стоимости монеты дополнительно к вышеперечисленному; 📷- Реальный доход 500 % в год только на росте курса + применение сложного процента + возможности партнерской программы. Итого: более 1000 % годовых .. 📷- Возможность уже сейчас оплачивать услуги и сервисы монетами сети Minter - http://minterpay.ru 📷📷📷Регистрируйтесь по ссылке, рекомендуйте друзьям: https://t.me/QuantumDelegatorBot?start=Mxb1b6ad2ce1a3.. 1. Как приобрести QUANT https://medium.com/@trusting_bluetiful_snail_184/как-.. 2. Инструкция по телеграм-боту https://medium.com/@trusting_bluetiful_snail_184/опис.. 3. Группа ВК https://vk.com/quantumdelegatorbot
A Deeper Dive Into Simplified Payment Verification's Fascinating History
I posted this as a comment in a thread yesterday, and received more than one message suggesting that I make it a stand-alone post. So here goes.... The fundamental idea behind simplified payment verification (SPV) was first explained in Section 8 of the bitcoin white paper: if Alice pays Bob with a bitcoin transaction, Bob requires very little additional information from the network to verify that the transaction was included in the blockchain. Bob needs only two things: (1) he needs to know the longest chain of block headers (which requires downloading 80 bytes every ten minutes), and (2) he needs to know the path through the Merkle tree that links the transaction he received to the root hash embedded in the block header (about 320 bytes of information for a block with 1000 transactions). See this video (starting at t = 18:18) for more information. Satoshi's SPV idea is simple and brilliant. But the details get messy when implemented in the real world. The first messy detail is how Bob actually knows that Alice sent him a bitcoin transaction in the first place. Alice could directly deliver the transaction to Bob, for example via NFC or by sending it to Bob's IP address. But today this isn't what usually happens. What happens instead is that Alice broadcasts the transaction to a few random nodes on the bitcoin network, these nodes in turn "gossip" the transaction to other nodes, et cetera, until all nodes on the network are aware of the new transaction. Alice trusts that Bob will eventually hear about the transaction though this gossip process. This brings up the first obstacle to SPV. The only way Bob can be sure to learn of the payment is to listen to every transaction broadcast on the bitcoin network. This obviously requires a lot of data (full-node level bandwidth!), which defeats the purpose of SPV in the first place. One way to solve this bandwidth obstacle is for Bob's wallet to register his address with a full node and ask it to forward him any transactions that pay him. Later, when his transaction is confirmed in a block, the same node can also forward Bob the Merkle branch proof he requires to verify for himself that the payment he received was confirmed in the blockchain. Easy right? Bob can trustlessly verify that he was indeed paid with only a few SMS-text-messages worth of data. So what's the problem? The problem is that Bob is leaking privacy information. The node that provides Bob information about his transaction knows that he (or rather the entity at his IP address) cares about these transactions. Information about which transactions Bob is interested in is valuable to certain companies/agencies and is potentially harmful to Bob if leaked. The Bitcoin developers (e.g., Mike Hearn) came up with a clever solution to improve privacy: BIP37 Bloom filters. The idea behind BIP37 is that rather than registering Bob's addresses with a full node, Bob registers a Bloom filter with the full node instead. The Bloom filter is crafted by Bob's wallet so that all of the transactions Bob cares about get picked up by the filter, but some transactions that Bob doesn't care about also get picked up by the filter, thereby confusing the node as to which transactions are really Bob's. BIP37 allows Bob to "tune" the filter to be very private (i.e, to send Bob his transactions and LOTS of other random transactions) or highly selective (i.e., to send Bob his transactions and just a few other random transactions). We see here that there appears to be a bandwidth-versus-privacy trade-off with SPV. I still think BIP37 is great, but history has shown that it doesn't provide as much privacy as originally intended. The privacy problem with BIP37 is subtle and is due to the fact the "addresses" are so prominent in the user experience today. Every time Bob uses bitcoin to get paid he typically specifies a new address to the payer. Hopefully, this address is only paid once, but maybe Alice decides to pay Bob a second time using the same address. And so Bob wants to constantly monitor every address his wallet has every created for new incoming transactions. This means the Bloom filters he registers with full nodes are constantly growing and changing. Due to the way BIP37 is used in practice, it is possible for a node to determine specifically which addresses are Bob's from a series of these Bloom filters. We can fix this problem somewhat, but until we fully abstract "addresses" away from the user experience and make them truly "single use," I think this will always be a bit of an issue. Tom Zander (u/ThomasZander) probably has more to say on this topic. BRD is an example of a SPV wallet that uses BIP37. BIP157/158 took a new approach to SPV, as part of the LN efforts, and which our own Chris Pacia (u/Chris_Pacia) has contributed to and built upon. BIP157/158 turns BIP37 on its head: rather than the SPV wallet registering a filter with a node, the node provides a filter to the SPV wallet of all the transactions it is aware of, e.g., in a given block. If the SPV wallet sees that the filter contains transactions that Bob cares about, then the SPV wallet can download the complete block from a different node. The wallet then builds the Merkle proof itself (from the downloaded block) to verify that the transaction was indeed included in the blockchain. With this technique, there is no privacy information leaked at all. But we see the bandwidth-versus-privacy trade-off once again: we've improved Bob's privacy but now his wallet is downloading complete blocks every once and a while. This obviously isn't efficient if we imagine a future with 10 GB blocks! Neutrino is an example of a wallet that uses BIP157/158. Lastly, I'll say something about Electrum servers, although I really haven't studied them enough to speak as an authority on this topic. Firstly, I don't think it is correct to say "'true' SPV doesn't need a server but Electrum wallets do." All SPV wallets need a server, it's just that with a wallet like BRD a run-of-the-mill Satoshi client can act as the "server." But, remember, this is only the case because BIP37 was added to the Satoshi client! We could imagine a future where BU adds Electrum-server functionality but ABC doesn't. Now is u/jonald_fyookball's Electron Cash a "real" SPV wallet or not? The answer doesn't really matter because it's a bad question to ask in the first place. In the future, we're going to see the services offered by full nodes diverge, with perhaps some providing BIP37, some providing full Electrum features, and some doing totally new things. So this idea that Electron Cash relies on a "server" while BRD doesn't is a bad way to look at things in my opinion (they both need a server). What is important instead is the trade-offs made by the particular SPV-wallet solution (e.g., in terms of bandwidth-vs-privacy, and other trade-offs). A second comment I'll add is that adding the features of an Electrum server to a mainstream Satoshi client would probably be controversial. Understand that there is a not-insignificant faction of people who'd love to revert even BIP37! I'd bet that Core would never in a million years add Electrum functionality, I'd be surprised if ABC would implement it, while I'd be surprised if BU wouldn't implement it, at least as an option. AFAIK, Electrum is a much greater privacy leak because SPV wallets directly ask for the Merkle branch proof they are interested in, and so it is much easier for an Electrum server to figure out which addresses belong to which users. I hope this post was informative to some readers. Relevant comment from Tom Zander: https://www.reddit.com/btc/comments/aubq4x/bitcoin_cash_spv_wallet_options/ehb7ghj/ Link to preview of Chris Pacia's Neutrino-based wallet: https://twitter.com/ChrisPacia/status/1100251375366217728?s=19
Hi Bitcoiners! I’m back with the 29th monthly Bitcoin news recap. (sorry a bit late this month) For those unfamiliar, each day I pick out the most popularelevant/interesting stories in Bitcoin and save them. At the end of the month I release them in one batch, to give you a quick (but not necessarily the best) overview of what happened in bitcoin over the past month. You can see recaps of the previous months on Bitcoinsnippets.com A recap of Bitcoin in May 2019 Adoption
Did you know: Classic actually needs just ~70% hash power to succeed!
That's right, these are the facts:
in order for Classic to be triggered into action it needs to have 750 of the last 1000 blocks mined.
given the probabilistic nature of hashing, this could happen purely by chance even with lower hashing power than 75%
So what is the actual chance of this happening? I've put some numbers into probability calculator and for 70% of hashing power this probability is 5%, given that 1000 blocks take about 1 week to mine, it has a chance to succeed 5% every week, this means: have 70% of hashing power coming from Classic for 20 weeks and it's almost certain this will happen! The longer Classic has a significant portion of hash rate, the lower the actual percentage it needs to achieve 750/1000 blocks. What do you guys say, good, bad? you can fact-check here: http://calculator.tutorvista.com/binomial-probability-calculator.html EDIT: I made a mistake in my calculation, the actual figure is 72.8% NOT 70% to get the results above (5%/week chance), thanks to everybody who fact-checked and corrected me.
Hi Bitcoiners! I’m back with the twelfth monthly Bitcoin news recap. (Yes I'll keep doing these in 2018) For those unfamiliar, each day I pick out the most popularelevant/interesting stories in bitcoin and save them. At the end of the month I release them in one batch, to give you a quick (but not necessarily the best), memeless overview of what happened in bitcoin over the past month. You can find recaps of the previous months on Bitcoinsnippets.com A recap of Bitcoin in December 2017
Hi Bitcoiners! I’m back with the nineteenth monthly Bitcoin news recap. For those unfamiliar, each day I pick out the most popularelevant/interesting stories in Bitcoin and save them. At the end of the month I release them in one batch, to give you a quick (but not necessarily the best) overview of what happened in bitcoin over the past month. You can see recaps of the previous months on Bitcoinsnippets.com A recap of Bitcoin in July 2018
We had a little dispute with ThomasZander about the theoretical possibility of passing double spend transactions through the double spend proofs system (a part of the BIP-134 proposal) in such a way that miners still can successfully add double spend transactions to their mined blocks. Here is a python proof of concept code, which uses the bitcoinlib library to generate an example of original and double spend transactions pair, then discard the double spend transaction and reconstruct it via combining the original transaction with the information from the double spend proofs data:
from bitcoinlib.transactions import * ki = Key(0x18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725, compressed=False) prev_tx = 'f2b3eb2deb76566e7324307cd47c35eeb88413f971d88519859b1834307ecfec' ############################################################################## # Generate the original transaction with two outputs. # ############################################################################## orig_t = Transaction() orig_t.add_input(prev_hash=prev_tx, output_n=1, keys=ki.public_hex, compressed=False) orig_t.add_output(1000, '1runeksijzfVxyrpiyCY2LCBvYsSiFsCm') orig_t.add_output(1000, '1MW74DeeNZvKcS8BqYuuJkHoUWdM5mG8Le') orig_t.sign(ki.private_byte) ############################################################################## # Generate a double spend transaction with one output removed and # # miner fee increased by 100 satoshi. # ############################################################################## ds_t = Transaction() ds_t.add_input(prev_hash=prev_tx, output_n=1, keys=ki.public_hex, compressed=False) ds_t.add_output(1900, '1MW74DeeNZvKcS8BqYuuJkHoUWdM5mG8Le') ds_t.sign(ki.private_byte) ############################################################################## # The miner only receives the raw original transaction and a double # # spend proof, which contains the input-script of the double spend # # transaction, for more details see # # https://gist.github.com/imaginaryusername/edcd611313abb5390872b7dc4911d170 # # # # And obviously the miner does not have the right private key, so we # # erase it at this stage. # ############################################################################## ki = None ds_script = ds_t.dict()["inputs"]["script"] orig_raw = orig_t.raw_hex() ############################################################################## # Recover the double spend transaction based on the info from the original # # transaction and 'ds_script'. This information is available to miners. # ############################################################################## imported_t = Transaction.import_raw(orig_raw) print("Brute force guessing the transaction fee increase.") detected_fee_increase = None for fee_increase in [1, 10, 100, 1000, 10000]: recovered_ds = Transaction() recovered_ds.add_input(prev_hash=imported_t.dict()["inputs"]["prev_hash"], output_n=imported_t.dict()["inputs"]["output_n"], unlocking_script=ds_script, compressed=False) recovered_ds.add_output(imported_t.dict()["outputs"]["value"] + imported_t.dict()["outputs"]["value"] - fee_increase, imported_t.dict()["outputs"]["address"]) if recovered_ds.verify(): detected_fee_increase = fee_increase break if detected_fee_increase: print("Signature validated, double spend fee increase was " + str(detected_fee_increase) + " satoshi.") else: print("Failure!") ############################################################################## recovered_ds_raw = recovered_ds.raw_hex() if recovered_ds_raw == ds_t.raw_hex(): print("The double spend transaction recovery was bit-exact.\n")
Brute force guessing the transaction fee increase. Signature validated, double spend fee increase was 100 satoshi. The double spend transaction recovery was bit-exact.
In order to succeed, it is necessary to have a patched wallet application to generate double spend transactions in a special way. The miners who are interested in mining double spend transactions also should patch their software to add support for double spend transactions recovery. PS. I'm not endorsing double spends or any kind of illegal activity. Just wanted to demonstrate that bypassing the double spend proofs mechanism is theoretically possible.
Let’s pause the “We are Sparta!” rhetoric for a moment. What can I do to secure my coins?
Kudos to the spartans, but just for this post, let’s try to forget sides and analyze the possible outcomes and strategies as coldly as we can. As a small actor I will aim for safety; I do not want to lose my savings. I am not an expert, so I wanted to expose my ideas here to have your input. Thank you for being constructive, don’t feed the trolls. These are my thoughts so far. Firstly, THE MOST IMPORTANT ADVICE: 1) If you want to hold your bitcoins through the turbulent times coming, you MUST put them in a safe wallet. A safe wallet is any software or hardware wallet that you control the keys to, and that officially supports BIP 148. Some things to consider here:
By support I mean technical support, not political support. Any serious business holding bitcoins for clients should be able to maintain both chains if a split happens. Otherwise they are exposing their business to serious liabilities and expensive lawsuits.
Controlling the keys leaves out exchanges and online wallets. Bring home all those coins that you have lying around. Don’t be cheap; pay the high fee and avoid yourself some headaches.
If you want to support UASF politically, start pressing your service providers to state their position or at least to provide a contingency plan. What will they do if there is a chain split?. They owe that information to their customers.
2) If you don’t understand the risks, avoid transacting bitcoin in the last days of July and later, until the dust settles. Possible futures:
No chain split. BIP 148 gets momentum and Segwit opposers surrender. This is my preferred scenario. UASF gains momentum until it tips over and miners surrender. It could be that several major exchanges announce they will list BIP148 as BTC and give the legacy chain another ticket. That would mean war its over because some miners would follow the money immediately. We get Segwit and the least turmoil. Most users won't even know that something happened. To the moon and beyond!
Chain split. Miners don’t give in and we end up with two chains. This will cause confusion, a drop in value and damage to the bitcoin brand. It will become worse as time passes with no solution. The only solution to this war at this time is "one of the sides wins” No room for compromises is left. Owners of bitcoin (who followed the advice above) will have coins in both chains.
Let's talk some more about number 2. For now we can call the two chains the legacy chain and the BIP148 chain (I hope that someone comes up with better names) The legacy chain will have a lot of hashing power and will be effectively controlled by big miners. Being more centralized (monopolized) high fees are probable in the long term. Its development will be slow while waiting for the “Siebert code”.
Hash power, big money, politically organized, the Bitcoin brand if the exchanges don’t take sides, (state backed?)
Worse product, worse technical resources, worse codebase, time plays against, it can’t win fast.
The BIP148 chain will have a much better technology from the start. Segregated Witness and Lightning Network are already tested and working. Unfortunately, until it wins, it will be little more than Litecoin is now. It also has most of the Core developers behind, at least at the beginning.
Better product (feature wise), better underlying tech, already in the market, time plays for, core team in its side, non trivial amount of grassroots support, it can win by a landslide.
Less organized politically, less economic resources, less hash power, lesser brand (again the exchanges have a say here)
The end of the war (checkmate): For the legacy chain to win, the BIP148 chain has to vanish, its value drop to almost zero and have very few users transacting. Or to deploy a hard fork that avoids being reorganized within the BIP148 chain. None of these is likely to happen quickly. They cannot rush it because then hackers will have fun exploiting vulnerabilities. This means a several months timeframe at the least. The BIP148 chain can win by economic actors aligning at its side at any time. This can happen slowly or incredibly fast (in a matter of hours) The best outcome is that it does it fast. As long as the BIP148 chain is not dead (very dead), the legacy chain is at risk. To be safe, you should never put all of your eggs in one basket (this works for both chains) Also the legacy chain has more risk to it being successfully attacked by hackers. I cannot predict the outcome of this war although I think that the odds favor the BIP148 side. At least 10% of the users are strongly opinionated and will support BIP148 to the end. So at the least there will be a minority chain listed as an alt coin. The transactions could be very slow for weeks or even months, but functioning nevertheless. Even if everyone wants to dump their BIP148 coins, they have to transact to do it, so there will be money to be made by mining those transactions. Someone will mine them and a virtuous circle could form at any time. Anyway, I prefer not to speculate. This purpose of this post is to find the best strategy to keep my money safe. Possibles consequences: 1) Split is avoided. Bitcoin gains $1000 in minutes, and another $2500 in the following days. 2) UASF wins fast. Turmoil and confusion but soon BIP148 coins gain value and legacy coins value drop to zero. 3) Long war. Bitcoin value drops a lot. Brand is damaged. Outcome uncertain. Everybody loses. What should I do? I see some possible paths to take before August the first. You could use a mix of them, depending on your circumstances and preferences.
To hold bitcoin (do it safely) Best strategy if 1 or 2 happen.
To buy altcoin. Very risky if you don’t know where the smart money will go. Most alt coins’ value is correlated to Bitcoin value. Act rationally and don’t gamble money you can’t afford to lose. That said, probably there will be opportunity for quick gains here.
To go fiat. The safest route is to step aside and see the war from the trenches. You could miss some upwards action but you will be hedged against severe drops in price. My advice is to reserve in fiat as much as you would want to save if a catastrophe happens.
To set some resources (fiat probably) aside to buy cheap coins if opportunity arises.
After discussing this with you I will make up my mind and prepare myself for the bumpy ride. When I feel prepared, I will relax and make popcorn.
What has Dash ever copied from others besides the original BTC codebase?
In the spirit of not biting the hand that feeds us, I'm starting this thread to raise awareness of how much Dash copies from Bitcoin Core. It's disappointing to see even some Dash Mods don't understand how much Dash benefits from all the hard work of BTC Core, so let's look at precisely what Dash 12.3 has copied from Bitcoin.
What has Dash ever copied from others besides the original BTC codebase?
Dash copies ("backports") 1000s of BTC Core commits on every major release. Do you know how to use github? If you do, the scale of what Dash has copied from BTC is perfectly clear from looking at https://github.com/dashpay/dash/graphs/contributors You can see most so-called Dash commits were written by Bitcoin devs, and only one Dash dev (UdjinM6) with a significant number of original (IE non-backported) commits. Here are the specifics on all the latest things in Dash 12.3 copied from BTC as well as a statement of Dash's intention to continue copying from BTC for the foreseeable future:
bc45a2f87 Backport compact blocks functionality from bitcoin (#1966) 8b4c419ed Revert "Merge #7542: Implement "feefilter" P2P message" (#2025) a4b313fd3 Fix std in DBG macro 6a6e4cdc1 Remove remaining using namespace std 08b5c69ef Merge #9643: [refactor] Remove using namespace from wallet/ & util* ccca7af09 Merge #9476: [refactor] Remove using namespace from rpc/ & script/ sources 4ac4e96e8 Merge #9765: Harden against mistakes handling invalid blocks 662ec024a Make peer id logging consistent ("peer=%d" instead of "peer %d") 592d8f073 Use a temp pindex to avoid a const_cast in ProcessNewBlockHeaders 15a8fcf99 Add a CValidationInterface::NewPoWValidBlock callback d28172f57 Call AcceptBlock with the block's shared_ptr instead of CBlock& c99dd9733 [qa] Avoid race in preciousblock test. 807ae74c2 Make CBlockIndex*es in net_processing const 1d1c31052 Fix cmd args handling for -bip9params 64817fe1d [qa] Fix race condition in sendheaders.py b2bc78099 Fix argument to wait_until 026f2e2a8 Merge #8446: [Trivial] BIP9 parameters on regtest cleanup e326bda69 Tests: refactor compact size serialization in mininode 2c810d2c3 Allow changing BIP9 parameters on regtest 45151bd13 Move context-required checks from CheckBlockHeader to Contextual... cef919f18 Merge #9486: Make peer=%d log prints consistent 55ef4d0a9 [wallet] Add include_unsafe argument to listunspent RPC e1e03f42c [wallet] Add IsAllFromMe: true if all inputs are from wallet 611b31ece Merge #9650: Better handle invalid parameters to signrawtransaction ff335e47f [qa] test_framework: Add wrapper for stop_node 64e1bfacd Add BIP32 to bips.md 4bb2af8d1 Merge #9114: [depends] Set OSX_MIN_VERSION to 10.8 61af31531 Merge #8976: libconsensus: Add input validation of flags (#1891) 00a0bc710 Remove "TODO: fix off-by-one" 625252fb4 Allow to pass redirect_stderr=True to initialize_chain and use in wallet-dump.py d56ac5a74 Fix import-rescan.py and add workaround for pruning mode
How to create a valid 12 word mnemonic sentence manually?
So I got (by coin fips) some 128 bit binary string (my Entropy): 00101010001110011011000111011100111101100010010010010111101000101010011101101100100011110110111010001111111011100011000101101100 I know from the description (https://github.com/bitcoin/bips/blob/mastebip-0039.mediawiki) how to create a valid 12-word mnemonic sentence manually. But I cannot get a valid checksum. What do I do. I get 256-hash of my 128 bit binary string. It is CBFCDA3D176468C312257F3EB0AA1586D4F9EE3F5A3C9F7AC8FB321E2567BCD9 I take the first 4 bits of the hash which is "C", right? Then I convert "C" into binary format, which is "1100". But the valid checksum (from https://iancoleman.io/bip39/) is "1000". What do I do wrong?
The /r/btc China Dispatch: Episode 6 - The Chinese Bitcoin Community Responds to Gavin’s New BIP
In this edition of the /btc China Dispatch we look at how the regulars of 8btc.com, one of the largest Chinese bitcoin communities, responded to a recent BIP submitted by Gavin Andresen which is designed to increase the blocksize limit to 2MB via a 75% threshold hard fork. The original Chinese thread can be found here; an English translation of selected excerpts is given below. Some of you have asked me to translate Gavin’s most recent blog post (“Minority Branches”) into Chinese. nextblast beat me to the punch and has already authored an excellent translation into Chinese which has been posted to the front page of 8btc.com. I plan to have readers' comments translated back into English tomorrow for the next edition of the /btc China Dispatch. Special thanks to nextblast for the superb translation and turnaround time! From 8btc.com/thread-28594-1-1.html: [OP] Submitted by bluestar Subject: Gavin released a BIP increaseing the blocksize to 2MB today; requires 75% of hashpower There are two things here that most of you will be interested in: (1) The blocksize is increased to 2MB (2) The change requires the support of 75% of all hashpower, which is to say that the new block size limit will be triggered once 750 of the last 1000 blocks generated support the change. However, there will be a 28-day grace period. Additionally, the BIP will be valid until January 1, 2018. [Response 1] Posted by xzkdds I have no idea what this means. Can someone ELI5? [Response 2] Posted by bluestar @xzkdds It means that there is finally a formal proposal for the blocksize increase issue that everyone has been talking about on the forums recently (Classic) [Response 6] Posted by laflaflaf Then why is the price still going down? [Response 7] Posted by yuxuan @laflaflaf Because it’s the weekend, why else? [Response 10] Posted by Ma_Ya @laflaflaf Because the hashpower threshold wasn’t set to 90%. That is to say that the BIP doesn’t support the 90% 2MB consensus. In the unlikely event of a fork, there is a greater possibility of forking to create two coins, resulting in failure. There’s nothing we can do except urge everyone to resist this 75% version’s attempt to split the bitcoin community. [Response 11] Posted by bluestar @Ma_Ya Gavin’s explanation for the 75% hashrate threshold is that a lower threshold will prevent one large pool from holding the entire community hostage, which makes sense. The only thing is it’s not really clear whether or not China’s mining pools will support it. [Response 12] Posted by Ma_Ya @bluestar What do you think is going to motivate 26% of the miners to continue supporting the old chain? After the fork takes effect the price paid by miners who continue to run the old client will be tremendous. As you know their profits will be reduced by 75% (cut to 1/4). It’s already very difficult to make your money back on mining equipment, so its difficult to imagine that 26% of the miners would be so stupid as to continue unprofitably mining on a chain with a 1/4 rate of return just because there was a hard fork. Furthermore, once a split occurs, the hashrate of the old coin that splits off will only by 1/4 [of the original hashrate], so there will be a significant drop is the security of the chain and the price is bound to collapse. Why would you as a miner support such a coin? The whole point of buying mining equipment is to mine coins and make money, so there’s no way that people are going to ignore the monetary incentives. Therefore 26% of the miners have no incentive to do the above. The only possibility is that such a subset of miners was somehow bought out. However, buying out 26% of miners is significantly more expensive than buying out 11% of miners, which is what factored into Gavin’s thinking. (This is the genius of Satoshi. He understood very clearly the extent to which money motivates people, which makes it possible to have people from all over the world work together to maintain a single network.) [Response 13] Posted by greatnumbers Gavin is a dumbass with no understanding of politics. He always acts indelicately. It’s a tragedy that this guy leads bitcoin’s code. [Response 14] Posted by bluestar @Ma_Ya What you’re saying doesn’t entirely make sense. The vast majority of bitcoin’s hashing power is in China and the several pools with the largest hashrates account for a large proportion of the overall hashrate. If you set a threshold of 90%, then one large pool failing to upgrade will permanently prevent the BIP from taking effect. All they have to do is drag it out out until 2018 and the proposal fails. Such a strategy would not be difficult for Core to pull off. [Response 15] Posted by bluestar @Ma_Ya Also, I should mention that in the event of a split into two coins the probability that both coins will have value is basically near zero. Pools are extremely profit-sensitive so it’s impossible that any mining power will remain with the version that is least supported. [Response 16] Posted by bluestar @greatnumbers He has done a lot of work on bitcoin and deserves our respect. Though I agree sometimes he does things a little bit inappropriately. [Response 17] Posted by jb9802 @greatnumbers Gavin's only mistake was giving up his absolute authority too early, otherwise the bitcoin blocksize cap would have been lifted a long time ago. Now that Core is controlled by Blockstream it’s impossible that the main chain will ever be upgraded. Gavin may be a dumbass who doesn’t understand politics, but he is sincere in wanting bitcoin to succeed, so I support Gavin. [Response 19] Posted by vatten It’s worth noting Item 3: Mitigate potential CPU exhaustion attacks, which improves standards governing the structure of transactions contained in blocks in order to prevent nodes from accepting transactions which are intentionally structured in a way that uses up CPU cycles. With this fix another potential risk for 2MB blocks has been eliminated and it looks like everything is secure enough. As far as a post-fork coin with only 25% of the hashrate is concerned, who is going to buy it? I will definitely be selling mine and if there are any buyers I’ll be able to make a little bit of money. [Response 20] Posted by jb9802 @Ma_Ya After Satoshi left development, control over the code was given to Gavin. Had Gavin not given up his exclusive authority over the code then no one else would have been able to control Core. There have always been disagreements among the bitcoin developers, but they have always been resolvable. Back then even a fork could be reverted just by downgrading your client. The ultimate source of all of these issues is Blockstream, Inc. After they were founded, Core became a dictator that listened to no one, and now they even have the gall to openly engage in censorship, deletion of posts, and the removal of a download link for the largest bitcoin wallet. They are worse that the Chinese Communist Party. It goes without saying that an increase in the blocksize cap will be adventageous for miners. If the cap is not lifted, then fees are going to skyrocket and the main chain on which fees have skyrocketed will become nothing more than a ledger for big comnpanies. A bitcoin only used by large companies is not the bitcoin that Satoshi wanted and it’s not the bitcoin that we want either. It doesn’t follow that a fork will necessarily result in a schisim. Of course 90% support is ideal, but if 75% of miners support the fork then the remaining 25% will not screw around with their profits if they have any sense. It’s likely that all miners would convert to the new main chain within a day.
Updating the Scaling Roadmap | Paul Sztorc | Jul 10 2017
Paul Sztorc on Jul 10 2017: Summary In my opinion, Greg Maxwell's scaling roadmap  succeeded in a few crucial ways. One success was that it synchronized the entire Bitcoin community, helping to bring finality to the (endless) conversations of that time, and get everyone back to work. However, I feel that the Dec 7, 2015 roadmap is simply too old to serve this function any longer. We should revise it: remove what has been accomplished, introduce new innovations and approaches, and update deadlines and projections. Why We Should Update the Roadmap In a P2P system like Bitcoin, we lack authoritative info-sources (for example, a "textbook" or academic journal), and as a result conversations tend to have a problematic lack of progress. They do not "accumulate", as everyone must start over. Ironically, the scaling conversation itself has a fatal O(n2) scaling problem. The roadmap helped solve these problems by being constant in size, and subjecting itself to publication, endorsement, criticism, and so forth. Despite the (unavoidable) nuance and complexity of each individual opinion, it was at least globally known that X participants endorsed Y set of claims. Unfortunately, the Dec 2015 roadmap is now 19 months old -- it is quite obsolete and replacing it is long overdue. For example, it highlights older items (CSV, compact blocks, versionbits) as being future improvements, and makes no mention of new high-likelihood improvements (Schnorr) or mis-emphasizes them (LN). It even contains mistakes (SegWit fraud proofs). To read the old roadmap properly, one must already be a technical expert. For me, this defeats the entire point of having one in the first place. A new roadmap would be worth your attention, even if you didn't sign it, because a refusal to sign would still be informative (and, therefore, helpful)! So, with that in mind, let me present a first draft. Obviously, I am strongly open to edits and feedback, because I have no way of knowing everyone's opinions. I admit that I am partially campaigning for my Drivechain project, and also for this "scalability"/"capacity" distinction...that's because I believe in both and think they are helpful. But please feel free to suggest edits. I emphasized concrete numbers, and concrete dates. And I did NOT necessarily write it from my own point of view, I tried earnestly to capture a (useful) community view. So, let me know how I did. ==== Beginning of New ("July 2017") Roadmap Draft ==== This document updates the previous roadmap  of Dec 2015. The older statement endorsed a belief that "the community is ready to deliver on its shared vision that addresses the needs of the system while upholding its values". That belief has not changed, but the shared vision has certainly grown sharper over the last 18 months. Below is a list of technologies which either increase Bitcoin's maximum tps rate ("capacity"), or which make it easier to process a higher volume of transactions ("scalability"). First, over the past 18 months, the technical community has completed a number of items  on the Dec 2015 roadmap. VersonBits (BIP 9) enables Bitcoin to handle multiple soft fork upgrades at once. Compact Blocks (BIP 152) allows for much faster block propagation, as does the FIBRE Network . Check Sequence Verify (BIP 112) allows trading partners to mutually update an active transaction without writing it to the blockchain (this helps to enable the Lightning Network). Second, Segregated Witness (BIP 141), which reorganizes data in blocks to handle signatures separately, has been completed and awaits activation (multiple BIPS). It is estimated to increase capacity by a factor of 2.2. It also improves scalability in many ways. First, SW includes a fee-policy which encourages users to minimize their impact on the UTXO set. Second, SW achieves linear scaling of sighash operations, which prevents the network from crashing when large transactions are broadcast. Third, SW provides an efficiency gain for everyone who is not verifying signatures, as these no longer need to be downloaded or stored. SegWit is an enabling technology for the Lightning Network, script versioning (specifically Schnorr signatures), and has a number of benefits which are unrelated to capacity . Third, the Lightning Network, which allows users to transact without broadcasting to the network, is complete [5, 6] and awaits the activation of SegWit. For those users who are able to make a single on-chain transaction, it is estimated to increase both capacity and scalability by a factor of ~1000 (although these capacity increases will vary with usage patterns). LN also greatly improves transaction speed and transaction privacy. Fourth, Transaction Compression , observes that Bitcoin transaction serialization is not optimized for storage or network communication. If transactions were optimally compressed (as is possible today), this would improve scalability, but not capacity, by roughly 20%, and in some cases over 30%. Fifth, Schnorr Signature Aggregation, which shrinks transactions by allowing many transactions to have a single shared signature, has been implemented  in draft form in libsecp256k1, and will likely be ready by Q4 of 2016. One analysis  suggests that signature aggregation would result in storage and bandwidth savings of at least 25%, which would therefore increase scalability and capacity by a factor of 1.33. The relative savings are even greater for multisignature transactions. Sixth, drivechain , which allows bitcoins to be temporarily offloaded to 'alternative' blockchain networks ("sidechains"), is currently under peer review and may be usable by end of 2017. Although it has no impact on scalability, it does allow users to opt-in to greater capacity, by moving their BTC to a new network (although, they will achieve less decentralization as a result). Individual drivechains may have different security tradeoffs (for example, a greater reliance on UTXO commitments, or MimbleWimble's shrinking block history) which may give them individually greater scalability than mainchain Bitcoin. Finally, the capacity improvements outlined above may not be sufficient. If so, it may be necessary to use a hard fork to increase the blocksize (and blockweight, sigops, etc) by a moderate amount. Such an increase should take advantage of the existing research on hard forks, which is substantial . Specifically, there is some consensus that Spoonnet  is the most attractive option for such a hardfork. There is currently no consensus on a hard fork date, but there is a rough consensus that one would require at least 6 months to coordinate effectively, which would place it in the year 2018 at earliest. The above are only a small sample of current scaling technologies. And even an exhaustive list of scaling technologies, would itself only be a small sample of total Bitcoin innovation (which is proceeding at breakneck speed). Signed,  https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-Decembe011865.html  https://bitcoincore.org/en/2017/03/13/performance-optimizations-1/  http://bluematt.bitcoin.ninja/2016/07/07/relay-networks/  https://bitcoincore.org/en/2016/01/26/segwit-benefits/  http://lightning.community/release/software/lnd/lightning/2017/05/03/litening/  https://github.com/ACINQ/eclair  https://people.xiph.org/~greg/compacted_txn.txt  https://github.com/ElementsProject/secp256k1-zkp/blob/d78f12b04ec3d9f5744cd4c51f20951106b9c41a/src/secp256k1.c#L592-L594  https://bitcoincore.org/en/2017/03/23/schnorr-signature-aggregation/  http://www.drivechain.info/  https://bitcoinhardforkresearch.github.io/  https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-February/013542.html ==== End of Roadmap Draft ==== In short, please let me know:
If you agree that it would be helpful if the roadmap were updated.
To what extent, if any, you like this draft.
Edits you would make (specifically, I wonder about Drivechain
"Eppur, se muove." | It's not even about the specifics of the specs. It's about the fact that (for the first time since Blockstream hijacked the "One True Repo"), *we* can now actually once again *specify* those specs. It's about Bitcoin Classic.
Right now, there's been a lot of buzz about Bitcoin Classic. For the first time since Blockstream hijacked the "one true repo" (which they basically inherited from Satoshi), we now also appear to have another real, serious repo - based almost 100% on Core, but already starting to deviate every-so-slightly from it - and with a long-term roadmap that also promises to be both responsive and robust. The Bitcoin Classic project already has some major advantages, including:
"When in the course of Bitcoin development ... it becomes necessary (and possible) to set up a new (real, serious) repo with a dev and a miner and a payment processor who are able to really understand the code at the mathematical and economical level, and really interact with the users at the social and political level... (unlike the triad of tone-deaf pinheads at Blockstream, fueled by fiat, coddled by censorship, and pathologically attached to their pet projects: Adam Back and Gregory Maxwell and Peter Todd - brilliant though these devs may be as C/C++ programmers) ...then this will be a major turning point in the history of Bitcoin." Bitcoin Classic What is it? Right now, it's probably more like just an "MVP" (Minimal Viable Product) for:
And this last item is probably what Bitcoin Classic is really about. It's about finally being able to add one more (real, serious) repo... ...knowing that to a certain degree, some of the specific specs are still-to-be-specified ...but that's ok, because we can see that the proper social-political-ecomomic requirements for responsibly doing so finally appear to be in place: ie, we are starting to see the coalescence of a team... ...who experiment and observe - and communicate and listen - and respond and react accordingly ...so that they can faithfully (but conservatively) translate users' needs & requirements into code that can achieve consensus on the network. As it's turned out, it has been surprisingly challenging to create this kind of bridge between users and devs (centered around a new, real, serious codebase with a good chance of adoption)... ...because (sorry for the stereotype) most users can't code, and many devs can't communicate (well enough) ...so, many devs can't (optimally) figure out what to code. We've seen how out-of-touch the devs can be (particularly when shielded by censors and funded by venture capitalists), not only in the "blocksize wars", but also with decisions such as the insistence of Blockstream's devs to prioritize things like RBF and LN over the protests of many users. But now it looks like, for the first time since Blockstream hijacked the one real, serious repo, we now have a new real, serious repo where... (due to being a kind of "Schelling point of development" - ie a focal point many people can, well, "focus" on) (due to having a responsive expert scientific miner like JToomim on-board - and a responsive expert scientific dev like Gavin on-board - with stated preference for a simple, robust, miner-empowering approach to block size - eg: BitPay's Adaptive Block Size) ... this repo actually has a very good chance of achieving:
rough consensus among the community (the "social" community of discussing and debating and developing), and
actual consensus on the network (eg 750 / 1000 of previous blocks, or whatever ends up being defined).
In the above, the words "responsive" and "scientific" have very concrete meanings:
responsive: they elicit-verify-implement actual users' needs & requirements
scientific: they use the scientific method of proposing-testing-and-accepting-or-rejecting a hypothesis
So we could have the following definition of "centralization of development" (à la Paul Sztorc): The "cost" of anyone adding a new (real, serious) repo must be kept as minimal as possible. (But of course with the caveat or condition that: the repo still must be "real and serious" - which implies that it will have to overcome a high hurdle in order to be seriously entertained.) And it bears repeating: As we've seen from the past year of raging debates, the costs and challenges of adding a new (real, serious) repo are largely social and political - and can be very high and exceedingly complex. But that's probably the way it should be. Because adding a new repo is the first step on the road towards doing a hard fork. So it is a journey which must not be embarked upon with levity, but with gravity - with all due deliberation and seriousness. Which is one quite legitimate reason why the people against such a change have dug their heels in so determinedly. And we should actually be totally understanding and even thankful that they have done so. As long it's a fair fight, done in good faith. Which I think many of us can feel generous enough to say it indeed has been - for the most part. Note: I always add the parenthetical "(real, serious)" to the phrase "a new (real, serious) repo" here the same way we add the parenthetical "(valid)" to the phrase: "the longest (valid) chain".
In order to add a "valid" block to this chain, there are algorithmic rules - purely mathematical.
In order to add a "real, serious" repo to the ecosystem - or to the website bitcoin.org for example, as we recently saw in the strange spectacle of CoinBase diplomatically bowing down to theymos - the rules (and costs) for determining whether a repo is "real and serious" are not purely mathematical but are social-political and economical - and ultimately human, all-too human.
But eventually, a new real serious repo does get added. Which is what we appear to be seeing now, with this rallying of major talent around Bitcoin Classic. It is of course probably natural and inevitable that the upholders / usurpers of the First and Only Real Serious Repo might be displeased to see any other new real serious repo(s) arising - and might tend to "unfairly" leverage any advantages they enjoy as "incumbents", in order to maintain their power. This is only human. But all's fair in love in consensus, so we probably shouldn't hold any of these tendencies against them. =) "Eppur, si muove." => "But eventually, inexorably, a new 'real, serious' repo does get added." [Sorry I spelled a word wrong in the OP title: should be "si" not "se"!] (For some strange delicious reason, I hope luke-jr in particular reads the above lines. =) So a new real serious repo does finally get set up on Github, and eventually downloaded and compiled to a new real serious binary. And this binary gets tested on testnet and rolled out on mainnet and - if enough users adopt it (as proven by some easy-to-observe "trigger" - eg 750 of the past 1000 blocks being mined with it) - then this real serious new Bitcoin client gains enough "consensus" to "activate" - and a (hard) chainfork then ensues (which we expect and indeed endeavor to guarantee should only take a few hours at most to resolve itself, as all hashpower should quickly move to the longest valid chain). Yes this process must involve intensive debate and caution and testing, because it is so very, very dangerous - because it is a "hard fork": initially a hard codefork which takes months of social-political debating to resolve, hopefully guided by the invisible hand of the market, and then a (hard) chainfork which takes only a few hours to resolve (we dearly hope & expect - actually we try to virtually guarantee this by establishing a high enough activation trigger eg "such-and-such percentage of the previous number of blocks must have been mined using the new program). For analogies to a hard codefork in football and chess, you may find the the same Paul Sztorc article in the section on the dangers of hard forks interesting. So a "hard fork" is what we must do sometimes. Rarely, and with great deliberation and seriousness. And the first step involves setting up a new (real, serious) repo. This is why the actual details on the max-blocksize-increments themselves can be (and are being) left sort of vague for the moment. There's a certain amount of hand-waving in the air. Which is ok in this case. Because this repo isn't about the specifics of any particular "max blocksize algorithm" - yet. Although we do already have an encouraging statement from Gavin that his new favorite max blocksize proposal is BitPay's Adaptive Block Size Limit - which is very promising, since this proposal is simple, it gives miners autonomy over devs, and it is based on the median (not the average) of previous blocks, and the median is known to be a "more robust" (hence less game-able) statistic. So, in this sense, Bitcoin Classic is mainly about even being allowed to seriously propose some different "max blocksize" (and probably eventually a few other) algorithms(s) at all in the first place. So far, in amongst all the hand-waving, here's what we do apparently know:
And yeah he's even kinda saying he was "wrong" about XT / BIP 101 a few months ago, in the sense that he now likes the BitPay Adaptive Blocksize Limit better than XT now - and this kind of willingness to [I wouldn't necessarily call it to "admit a mistake" but rather to simply] change course based on incorporating newly available data is probably one of the most reassuring things (to many of us) about Gavin (not least of all because many of us have made the same journey from XT / BIP 101 as well before finding out that he also underwent the same evolution in his views)
Whatever. At this point, it's not even the specificity of those specs that matter. It's just that, for the first time, we have a repo whose devs will let us specify those specs.
evidently using some can-kick blocksize-bumps initially...
probably using some more "algorithmic" approach long-term - still probably very much TBD (to-be-determined - but that should be fine, because it will clearly be in consultation with the users and the empirical data of the network and the market!)...
and probably eventually also embracing many of the other "scaling" approaches which are not based on simply bumping up a parameter - eg: SegWit, IBLTs, weakblocks & subchains, thinblocks
So... This is what Bitcoin Classic mainly seems to be about at this point. It's one of the first real serious moves towards decentralized development. It's a tiny step - but the fact that we can now even finally take a step - after so many months of paralysis - is probably what's really important here.
Bitcoin dev IRC meeting in layman's terms (2016-01-14)
Once again my attempt to summarize and explain the weekly bitcoin developer meeting in layman's terms. Link to last summarisation Disclaimer Please bear in mind I'm not a developer so some things might be incorrect or plain wrong. There are no decisions being made in these meetings, but since a fair amount of devs are present it's a good representation. Copyright: Public domain
BIP 9 Currently softforks have been done by the isSuperMajority mechanism, meaning when 95% of the last 1000 blocks have a version number higher than X the fork is deployed. A new way of doing this is currently being worked on and that uses all bits of the version number, appropriately being called versionbits. So instead of a fork happening when the version is larger than (for example) 00000000011 (3), a fork happens when (for example) the 3rd bit is up (so 00100000011). This way softforks can be deployed simultaneous and independent of each other.
Morcos is volunteering to take over championing this proposal as CodeShark and Rusty are busy on other things. He'll review both implementations and then decide on which implementation he'll base his work upon. He notes that if non-core implementations are trying to do something else (and are using nVersion for their signaling) while segregated witness is being deployed, not conflicting will be important so users of other versions can also support segregated witness. If there's an agreement with this approach it's necessary that versionbits is ready before the segregated witness deployment. jtimon has some suggestions to make the implementation less complicated and more flexible.
Segregated witness changes the structure of transactions so that the signatures can be separated from the rest of the transactions. This allows for bandwidth savings for relay, pruning of old signatures, softforking all future script changes by introducing script versions and solves all unintentional forms of malleability. During the last scaling bitcoin conference Pieter Wuille presented a way of doing this via a softfork, and proposed increasing the maximum amount of transactions in a block by discounting signature data towards the total blocksize. Segregated witness is part of the capacity increase roadmap for bitcoin-core. More detailed explanations: - By Pieter Wuille at the San Francisco bitcoin developer meetup (more technical) - By Andreas Antonopoulos in the let's talk bitcoin podcast (less technical)
Segnet, the testnet for segregated transactions, will be going to it's 3rd version soon. Luke-Jr has assigned all the segregated witness BIPs to a 14x range. Currently there are 4 BIPs: 141, 142, 143 and 144.
Luke-Jr feels PR's #7149, #7339 and #7340 should have been in 0.12, but are now really late and possibly impractical to get in. For gitian builders: 0.12rc1's osx sig attach descriptor fails due to a missing package (that's not actually needed). Rather than using the in-tree descriptor, use the one from #7342. This is fixed for rc2. "fundrawtransaction" and "setban" should be added to the release notes. At some point it makes more sense to document these commands elsewhere and link to it in the release notes, as they've become very lengthy. Wumpus thinks the release notes have too much details, they're not meant to be a substitute for documentation.
Close PR #7142 as it's now part of #7148 Everyone is free to improve on the release notes, just submit a PR.
consensus code encapsulation (libconsensus)
Satoshi wasn't the best programmer out there, which leaves a pretty messy code. Ideally you'd have the part of the code that influences the network consensus separate, but in bitcoin it's all intertwined. Libconsensus is what eventually should become this part. This way people can more easily make changes in the non-consensus part without fear of causing a network fork. This however is a slow and dangerous project of moving lots of code around.
jtimon has 4 libconsensus related PRs open, namely #7091#7287#7311 and #7310 He thinks any "big picture branch" will be highly unreadable without merging something like #7310 first. The longest "big picture branch" he currently has is https://github.com/jtimon/bitcoin/commits/libconsensus-f2 He'll document the plan and "big picture" in stages: 1. have something to call libconsensus: expose verifyScript. (Done) 2. put the rest of the consensus critical code, excluding storage in the same building package (see #7091) 3. discuss a complete C API for libconsensus 4. separate it into a sub-repository Wumpus notes he'd like to start with 3 as soon as possible as an API would be good to guide this.
BIP 68 Consensus-enforced transaction replacement signaled via sequence numbers. BIP 112 CHECKSEQUENCEVERIFY. BIP 113 Median time-past as endpoint for lock-time calculations. In short: BIP 68 changes the meaning of the sequence number field to a relative locktime. BIP 112 makes that field accessible to the bitcoin scripting system. BIP 113 enables the usage of GetMedianTimePast (the median of the previous 11 blocks) from the prior block in lock-time transactions.
We need to make a choice between 2 implementations, namely #6312 and #7184. PR #7184 is a result of the CreateNewBlock optimisations not being compatible with #6312. jtimon thinks it could be merged relatively soon as #7184 is based on #6312 which has plenty of testing and review.
Close #6312 in favor of #7184. Morcos will fix the open nits on #7184 btcdrak will update the BIP-text
wumpus Wladimir J. van der Laan btcdrak btcdrak morcos Alex Morcos jtimon Jorge Timón Luke-Jr Luke Dashjr MarcoFalke Marco Falke jonasshnelli Jonas Schnelli cfields Cory Fields sipa Pieter Wuille kanzure Bryan Bishop droark Douglas Roark sdaftuar Suhas Daftuar Diablo-D3 Patrick McFarland
19:54 wumpus #meetingstop 19:54 wumpus #stopmeeting 19:54 btcdrak haha 19:54 MarcoFalke #closemeeting 19:54 wumpus #endmeeting 19:54 lightningbot` Meeting ended Thu Jan 14 19:54:26 2016 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)
Digital money that’s instant, private, and free from bank fees. Download our official wallet app and start using Bitcoin today. Read news, start mining, and buy BTC or BCH. Filed bitcoin/bips#1000 to update the bip for the genesis block. FWIW, #12314 has related discussion about reusing testnet addresses in regtest. This comment has been minimized. Sign in to view. kallewoof Sep 21, 2020. Author Member ... How much Ethereum is 1000 BIP? Check the latest Ethereum (ETH) price in BipCoin (BIP)! Exchange Rate by Walletinvestor.com This page describes a BIP (Bitcoin Improvement Proposal). Please see BIP 2 for more information about BIPs and creating them. Please do not just create a wiki page. Please do not modify this page. This is a mirror of the BIP from the source Git repository here. BIP: 34 Layer: Consensus (soft fork) Title: Block v2, Height in Coinbase Author: Gavin Andresen <[email protected]> Comments ... Die Seite bietet dem Wechselkurs 1000 Euro (EUR) um Bitcoin (BTC), der verkauf und der conversion-rate. Außerdem fügten wir die liste der beliebtesten umbauten für die visualisierung und die history-tabelle, die wechselkurs-Diagramm für 1000 Euro (EUR) zu Bitcoin (BTC) von Sonntag, 18/10/2020 bis Sonntag, 11/10/2020.