What is Bitcoin? What is Blockchain? What is ECDSA? – SinavBOX
ECDSA bitFlyer USA
List of Crypto Mining Algorithms – BitcoinWiki
Anyswap - A completely decentralized swap exchange the supports all your coins
Hello crypto enthusiasts, After the recent run up of DEFI products and massive price movements, I’ve come across an innovative product with tremendous upside potential. If you have used Uniswap in the past, and are bound to only swapping Ethereum with Ethereum based tokens, a pressing problem arises... ‘How come I can’t use my Bitcoin, XRP, Litecoin, etc. to make the swap? Why do I have to trade into Ether, to gain access to these tokens?’ Enter Anyswap... Anyswap Anyswap is the first completely decentralized swap exchange that will allow you to use any coin or tokens (ECDSA and EDDSA as signature algorithms - 98% of all blockchains) with one another. No third party risk. The ANY token issued is a governance token, which will allow voting rights for holders to choose which coins will be listed next. No ICO, no fund raising, no airdrop, no premine. Get em while there hot. Mark your calendar... July 20th 2020, ANY token will be available for purchase. Join their telegram group for more info Anyswap TG Thanks for listening. And to the mooooon 🚀🚀🚀
ABCMint is a quantum resistant cryptocurrency with the Rainbow Multivariable Polynomial Signature Scheme.
Good day, the price is going up to 0.3USDT. ABCMint Second Foundation ABCMint has been a first third-party organization that focuses on post-quantum cryptography research and technology and aims to help improve the ecology of ABCMint technology since 2018. https://abcmintsf.com https://abcmintsf.com/exchange What is ABCMint? ABCMint is a quantum resistant cryptocurrency with the Rainbow Multivariable Polynomial Signature Scheme. Cryptocurrencies and blockchain technology have attracted a significant amount of attention since 2009. While some cryptocurrencies, including Bitcoin, are used extensively in the world, these cryptocurrencies will eventually become obsolete and be replaced when the quantum computers avail. For instance, Bitcoin uses the elliptic curved signature (ECDSA). If a bitcoin user?s public key is exposed to the public chain, the quantum computers will be able to quickly reverse-engineer the private key in a short period of time. It means that should an attacker decide to use a quantum computer to decrypt ECDSA, he/she will be able to use the bitcoin in the wallet. The ABCMint Foundation has improved the structure of the special coin core to resist quantum computers, using the Rainbow Multivariable Polynomial Signature Scheme, which is quantum resisitant, as the core. This is a fundamental solution to the major threat to digital money posed by future quantum computers. In addition, the ABCMint Foundation has implemented a new form of proof of arithmetic (mining) "ABCardO" which is different from Bitcoin?s arbitrary mining. This algorithm is believed to be beneficial to the development of the mathematical field of multivariate. Rainbow Signature - the quantum resistant signature based on Multivariable Polynomial Signature Scheme Unbalanced Oil and Vinegar (UOV) is a multi-disciplinary team of experts in the field of oil and vinegar. One of the oldest and most well researched signature schemes in the field of variable cryptography. It was designed by J. Patarin in 1997 and has withstood more than two decades of cryptanalysis. The UOV scheme is a very simple, smalls and fast signature. However, the main drawback of UOV is the large public key, which will not be conducive to the development of block practice technology.
The rainbow signature is an improvement on the oil and vinegar signature which increased the efficiency of unbalanced oil and vinegar. The basic concept is a multi-layered structure and generalization of oil and vinegar. PQC - Post Quantum Cryptography The public key cryptosystem was a breakthrough in modern cryptography in the late 1970s. It has become an increasingly important part of our cryptography communications network over The Internet and other communication systems rely heavily on the Diffie-Hellman key exchange, RSA encryption, and the use of the DSA, ECDSA or related algorithms for numerical signatures. The security of these cryptosystems depends on the difficulty level of number theory problems such as integer decomposition and discrete logarithm problems. In 1994, Peter Shor demonstrated that quantum computers can solve all these problems in polynomial time, which made this security issue related to the cryptosystems theory irrelevant. This development is known as the "post-quantum cryptography" (PQC) In August 2015, the U.S. National Security Agency (NSA) released an announcement regarding its plans to transition to quantum-resistant algorithms. In December 2016, the National Institute of Standards and Technology (NIST) announced a call for proposals for quantum-resistant algorithms. The deadline was November 30, 2017, which also included the rainbow signatures used for ABCMint.
[Tenant - NY] Qualifying for rent based on Bitcoin assets
I was an early adopter of Bitcoin and my small initial investment has luckily appreciated to the point where I no longer need to work. I'm trying to move to a high-end rental property owned by a mom & pop landlord with a few properties around town. Of course because of the price tag, especially during the current environment, they're very strict about making sure potential tenants are able to afford the rent. No problem there. My crypto holdings could easily cover the lease for several decades. Normally I suppose it's quite rare for rental tenants to have large asset holdings. So, already this is kind of an unusual situation, as they're more geared for verifying income. But the good news is they do have a procedure for qualifying tenants based on assets. I'm not sure if they've used it before... But anyway it requires that tenants have 40 times the monthly rent in liquid assets. No problem, I've got *way* more than that. They say all they require is seeing three months of financial statements. Uhh... The whole point of Bitcoin is that it isn't centralized inside a financial institution. I tried to explain, over the phone to the nice older lady landlord, how the blockchain works, and the basics of public-private encryption. I explained how it's actually very easy to prove ownership of my Bitcoin holdings. All I have to do is give her the address of my holdings, and prove ownership by signing a message with the corresponding ECDSA private keys. At that point all she has to do is check the latest mined block to verify that it contains enough BTC to satisfy her requirements. I don't see what the problem is here. Unlike sending copies of bank statements, which could easily be forged, this method is *far* more reliable and is literally cryptographically secure. She's acting like I'm some sort of lunatic, when she implicitly trusts the same crypto algorithms 100 times a day in her online banking, shopping and messages. Anyway, has anyone else been in this position? Either from the tenant or landlord side? I understand cryptocurrency is new technology, but by now surely people must realize Bitcoin isn't some made up fairy dust. I could just move on to a different property, but feel like I'd end up hitting the same wall. Any suggestions for proving to landlords that I'm quite far from a financial risk?
Technical: Upcoming Improvements to Lightning Network
Price? Who gives a shit about price when Lightning Network development is a lot more interesting????? One thing about LN is that because there's no need for consensus before implementing things, figuring out the status of things is quite a bit more difficult than on Bitcoin. In one hand it lets larger groups of people work on improving LN faster without having to coordinate so much. On the other hand it leads to some fragmentation of the LN space, with compatibility problems occasionally coming up. The below is just a smattering sample of LN stuff I personally find interesting. There's a bunch of other stuff, like splice and dual-funding, that I won't cover --- post is long enough as-is, and besides, some of the below aren't as well-known. Anyway.....
Yeah the exciting new Lightning Network channel update protocol!
Solves "toxic waste" problem. In the current Poon-Dryja update protocol, old state ("waste") is dangerous ("toxic") because if your old state is acquired by your most hated enemy, they can use that old state to publish a stale unilateral close transaction, which your counterparty must treat as a theft attempt and punish you, causing you to lose funds. With Decker-Russell-Osuntokun old state is not revoked, but is instead gainsaid by later state: instead of actively punishing old state, it simply replaces the old state with a later state.
Allows multiple participants in the update protocol. This can be used as the update protocol for a channel factory with 3 or more participants, for example (channels are not practical for multiple participants since the loss of any one participants makes the channel completely unuseable; it's more sensible to have a multiple-participant factory that splits up into 2-participant channels). Poon-Dryja only supports two participants. Another update protocol, Decker-Wattenhofer, also supports multiple participants, but requires much larger locktimes in case of a unilateral close (measurable in weeks, whereas Poon-Dryja and Decker-Russell-Osuntokun can be measured in hours or days).
It uses nLockTime in a very clever way.
No, it does not solve the "watchtower needed" problem. Decker-Russell-Osuntokun still requires watchtowers if you're planning to be offline for a long time.
What might be confused is that it was initially thought that watchtowers under Decker-Russell-Osuntokun could be made more efficient by having the channel participant update a single "slot" in the watchtower, rather than having to consume one "slot" per update in Poon-Dryja. However, the existence of the "poisoned blob" attack by ZmnSCPxj means that having a replaceable "slot" is risky if the other participant of the channel can spoof you. And the safest way to prevent spoofing somebody is to identify that somebody --- but now that means the watchtower can surveill the activities of somebody it has identified, losing privacy.
Requires base layer change --- SIGHASH_NOINPUT / SIGHASH_ANYPREVOUT. This is still being worked out and may potentially not reach Bitcoin anytime soon.
Determining costs of routes is somewhat harder, and may complicate routefinding algorithms. In particular: every channel today has a "CLTV Delta", a number of blocks by which the total maximum delay of the payment is increased. This maximum delay is the maximum amount of time by which an outgoing payment can be locked, and needs to be reduced for UX purposes. Decker-Russell-Osuntokun will also add a "CSV minimum", a number of blocks, which must be smaller than the delay of an HTLC going through the channel. Current routefinding algos are good at minimizing a summed-up cost (like the "CLTV Delta") so the "CSV minimum" may require discovering / developing new routefinding algos.
Due to the "CSV minimum" above, existing nodes that don't understand Decker-Russell-Osuntokun cannot reliably route over Decker-Russell-Osuntokun channels, as they might not impose this minimum properly.
Multipart payments / AMP
Splitting up large payments into smaller parts!
There are at least three variants of multipart payments: Original, Base, and High.
Original is the original AMP proposed by Lightning Labs. It sacrifices proof-of-payment in order to allow each path to have a different payment hash. This is done by having the payer use a derivation scheme to generate each part's payment preimage from a seed, then having the split the seed (using secret sharing) to each part. The receiver can only reconstruct the seed if all parts reach it.
Base simply uses the same payment hash for all routes. This retains proof-of-payment (i.e. an invoice is undeniably signed by the receiver, including a payment hash in the invoice; public knowledge of the payment preimage is proof that the receiver has in fact received money, and any third party can be convinced of this by being shown the signed invoice and the preimage). The receiver could just take one part of the payment and then claim to be underpaid by the payer and then deny service, but claiming any one part is enough to publish the payment preimage, creating a proof-of-payment: so the receiver can provably be made liable, even if it took just one part, thus the incentive of the receiver is to only take in the payment once all parts have arrived to it.
High requires elliptic curve points / scalars. It combines both Original and Base, retaining proof-of-payment (sacrificed by Original) and ensuring cryptographically-secure waiting for all parts (rather than the mere economically-incentivized of Base). This is done by using elliptic curve homomorphism to addition of scalars to add together the payer-provided preimage (really scalar) of Original with the payee-provided preimage (really scalar) of Base.
Better expected reliability. Channels are limited by capacity. By splitting up into many smaller payments, you can fit into more channels and be more likely to successfully reach the payee.
Capacity on mutiple of your channels can be used to pay. Currently if you have 0.05BTC on one channel and 0.05BTC on another channel, you can't pay 0.06BTC without first rebalancing your channels (and paying fees for the rebalance first, whether the payment succeeds or not). With multipart you can now combine the capacities of multiple of your channels, and only pay fees for combining them if the payment pushes through.
Wumbo payments (oversized payments) come "for free" without having to be explicitly supported by the nodes of the network: you just split up wumbo payments into parts smaller than the wumbo limit.
Multipart will have higher fees. Part of the feerate of each channel is a flat-rate fee. Going through multiple paths means paying more of this flat-rate fee.
It's not clear how to split up payments. Heuristics for payment splitting have to be derived and developed and tested.
Payment points / scalars
Using the magic of elliptic curve homomorphism for fun and Lightning Network profits! Basically, currently on Lightning an invoice has a payment hash, and the receiver reveals a payment preimage which, when inputted to SHA256, returns the given payment hash. Instead of using payment hashes and preimages, just replace them with payment points and scalars. An invoice will now contain a payment point, and the receiver reveals a payment scalar (private key) which, when multiplied with the standard generator point G on secp256k1, returns the given payment point. This is basically Scriptless Script usage on Lightning, instead of HTLCs we have Scriptless Script Pointlocked Timelocked Contracts (PTLCs).
Enables a shit-ton of improvements: payment decorrelation, stuckless payments, noncustodial escrow over Lightning (the Hodl Hodl Lightning escrow is custodial, read the fine print), High multipart.
It's the same coolness that makes Schnorr Signatures cool. ECDSA, despite being based on elliptic curves, is not cool because the hash-the-nonce operation needed to prevent it from infringing Schnorr's fatherfucking patent also prevents ECDSA from using the cool elliptic curve homomorphism of addition over scalars.
Requires Schnorr on Bitcoin layer.
Actually, we can work with 2p-ECDSA without waiting for Schnorr. We get back the nice elliptic curve homomorphism by passing the ECDSA nonce through another cryptosystem, Paillier. This gets us the ability to do Scriptless Script. I think it has only 80-bits security because of going through Paillier though.
Basically the conundrum is: we could implement 2p-ECDSA now, hope we never have to test the 80-bit security anytime soon, then switch to Schnorr with 128-bit security later (which means reimplementing a bunch of things, because the calculations are different and the data that needs to be exchanged between channel participants is very different between the 2p-ECDSA and Schnorr). Reimplementing is painful and is more dev work. If we don't implement with 2p-ECDSA now, though, we will be delaying all the nice elliptic curve goodness (stuckless, noncustodial escrow, payment decorrelation) until Bitcoin gets Schnorr.
Elliptic curve discrete log problem is theoretically quantum-vulnerable. If we can't find a qunatum-resistant homomorphic construction, we'll have to give up the advantages (payment decorrelation, stuckless payments, noncustodial escrow over Lightning) we got from using elliptic curve points and go back to boring old hashes.
Ensuring that payers cannot access data or other digital goods without proof of having paid the provider. In a nutshell: the payment preimage used as a proof-of-payment is the decryption key of the data. The provider gives the encrypted data, and issues an invoice. The buyer of the data then has to pay over Lightning in order to learn the decryption key, with the decryption key being the payment preimage.
Enables data providers to sell data. This could be sensors, livestreams, blogs, articles, whatever.
There's no scheme to determine if the data provider is providing actually-useful data. The data-provider could just stream https://random.org for example. This is a potentially-impossible problem. Even if the data-provider provides a "sample" of the data, and is able to derive some proof that the sample is indeed a true snippet of the encrypted data, the rest of the data outside of the sample might just be random junk.
No more payments getting stuck somewhere in the Lightning network without knowing whether the payee will ever get paid! (that's actually a bit overmuch claim, payments still can get stuck, but what "stuckless" really enables is that we can now safely run another parallel payment attempt until any one of the payment attempts get through). Basically, by using the ability to add points together, the payer can enforce that the payee can only claim the funds if it knows two pieces of information:
The payment scalar corresponding to the payment point in the invoice signed by the payee.
An "acknowledgment" scalar provided by the payer to the payee via another communication path.
This allows the payer to make multiple payment attempts in parallel, unlike the current situation where we must wait for an attempt to fail before trying another route. The payer only needs to ensure it generates different acknowledgment scalars for each payment attempt. Then, if at least one of the payment attempts reaches the payee, the payee can then acquire the acknowledgment scalar from the payer. Then the payee can acquire the payment. If the payee attempts to acquire multiple acknowledgment scalars for the same payment, the payer just gives out one and then tells the payee "LOL don't try to scam me", so the payee can only acquire a single acknowledgment scalar, meaning it can only claim a payment once; it can't claim multiple parallel payments.
Can safely run multiple parallel payment attempts as long as you have the funds to do so.
Needs payment point + scalar
Non-custodial escrow over Lightning
The "acknowledgment" scalar used in stuckless can be reused here. The acknowledgment scalar is derived as an ECDH shared secret between the payer and the escrow service. On arrival of payment to the payee, the payee queries the escrow to determine if the acknowledgment point is from a scalar that the escrow can derive using ECDH with the payer, plus a hash of the contract terms of the trade (for example, to transfer some goods in exchange for Lightning payment). Once the payee gets confirmation from the escrow that the acknowledgment scalar is known by the escrow, the payee performs the trade, then asks the payer to provide the acknowledgment scalar once the trade completes. If the payer refuses to give the acknowledgment scalar even though the payee has given over the goods to be traded, then the payee contacts the escrow again, reveals the contract terms text, and requests to be paid. If the escrow finds in favor of the payee (i.e. it determines the goods have arrived at the payer as per the contract text) then it gives the acknowledgment scalar to the payee.
True non-custodial escrow: the escrow service never holds any funds.
Needs payment point + scalar.
Because elliptic curve points can be added (unlike hashes), for every forwarding node, we an add a "blinding" point / scalar. This prevents multiple forwarding nodes from discovering that they have been on the same payment route. This is unlike the current payment hash + preimage, where the same hash is used along the route. In fact, the acknowledgment scalar we use in stuckless and escrow can simply be the sum of each blinding scalar used at each forwarding node.
Privacy! Multiple forwarding nodes cannot coordinate to try to uncover the payer and payee of each payment.
\These questions are sourced directly from Telegram* Q: Are all the projects listed in the Ren Alliance, the final set of members? A: No, please do keep in mind this just our first round of partners, some larger orgs require a bit more DD (i.e our audit). We’ll release the final set of members when Mainnet goes live. Q: How do projects join the Ren Alliance? A: It’s simple, just fill out this application. It takes about five minutes, and all you need is your company’s logo files and your preferred area(s) of involvement. Joining the Alliance requires no binding commitments, only a desire to help bring cross-chain assets to DeFi. Q: For example let's say there is a crypto index which contains 1 BTC and 1 ZEC. I have 1 BTC and 1 ZEC and I would like to “mint” this index token with RenVM. Will something like this possible in the future? A: This is already possible today. RenVM allows you to mint renBTC and renZEC (and renBCH) on Ethereum. This result is an ERC20 like any other with the addition that when you burn it, you get real BTC and ZEC back. Another nice feature is that you can directly call smart contracts when minting. This is not possible in any other system, and results in a very clean and simple user experience. People can make a BTC transaction followed by a ZEC transaction and with no other blockchain actions end up with their BTC and ZEC in your example system (your example system would have functions for accepting BTC and ZEC and when receiving both, it would output some kind of index token; exactly how it functions is up to how you want to implement your contract!) Q: What blockchains does RenVM support? A: RenVM can support any ECDSA based blockchain but we'll be starting with BTC, ZEC, and BCH. More info here: https://github.com/renproject/ren/wiki/Supported-Blockchains Q: Another concern is chain rollback. In the case of MakerDAO getting hacked (unlikely, but not impossible), the Ethereum network could rollback just like with the DAO. (Unlikely, but not impossible). But what if the attacker already has deposited the hacked funds into RenVM and gotten a private coin? A: A roll-back would still revert that state. Privacy on-chain != no state tracking something (just in a way that doesn’t reveal information). So reverts don’t really matter in that sense. They do matter in a broader sense: you have renBTC and you burn it for BTC, then Ethereum rolls back to when you had renBTC still. This is something the Ethereum community has to consider very carefully these days if they were to ever do such a revert. This is an ultimately unavoidable truth RE interoperability; you are compounding risks of the chains you are using. In general, this is why it’s always safer to keep your BTC on Bitcoin unless there is a specific reason you need it on Ethereum at any given point in time. Q: If BTC can be transferred with zero confirmation how many transactions RenVM can handle? A: RenVMs throughput isn’t affected by conf-less transactions. This is a service provided by L2 technology (like the 0Conf team, who are building exactly this!). This doesn’t affect RenVM directly, but it does have the pleasant impact that users won’t notice network congestion if it happens. Q: Can you explain the over-collateralization security dynamic between tBTC and RenVM? Does this play into Maker using RenVM vs. tBTC to collaetize their CDP’s A1: It’s not the over collateralization that’s the problem. It’s that to get $X BTC they need 1.5x $X ETH locked up in their protocol. What about other places that give better ETH returns? What about the fact that ETH doesn’t go up in price just because tBTC is used? With REN, we are actually over collateralized (so they’re wrong that they are more secure in this regard). The big difference: BTC flowing through REN increases the value of the REN collateral, increasing the security, increasing the capacity of BTC that can flow through the system. It’s a positive feedback loop for capacity and security that simply doesn’t exist if you don’t use an isolated token. A2: Maker wants to use BTC to collateralise Dai, because it diversifies risk and expands the possible Dai supply (by expanding possible collateral). If you use tBTC, then tBTC is collateralised by ETH so you actually become less efficient at minting Dai, and you don’t diversify risk because tBTC gets liquidated by ETH price movements. You don’t want your network secured by collateral that has speculative value that is not correlated with the usage of the network. That makes things unstable. If RenVM is being used, the value of REN increases, and the more RenVM can be used (and Darknodes get the positive upside of their bond increasing in value). This means by pumping lots of BTC into RenVM, you gain more capacity to pump more BTC into RenVM. This creates a positive feedback loop for the returns earned by Darknodes, the value of their bond, and overall/capacity security of the network. Compare to tBTC: you are waiting for ETH to go up in value. It’s value, which does not correlate with the amount of BTC in the system, limits the AUM that the system can hold. You’re hoping it will go up independently of the usage of your network and if it doesn’t you’re out of luck. Network growth does not drive the ability for the network to grow. Your are also competing with the returns on ETH that other ecosystems allow you to get (why bond ETH in tBTC if you can get better returns on that ETH in other places; lending it or staking it in Eth2.0). (Btw: we’re doing research to get our collateralisation of REN to 150%. It’s already possible, and could be done today, but we are just seeing if we can make it safelivelier than the current best-in-class algorithms.) Q: How do we define the value of L and R if we don't use oracle price feed? A: It will be decided by the Darknodes. The best mechanism of doing this is still being decided upon. However, it won’t simply be taken from the current market price / third-party oracles as those are vulnerable to manipulation. Ultimately, the only valuation that matters is the Darknodes (because they’re the ones being potentially bribed). Q: In my opinion, RenVM (and tBTC adoption bottleneck: 300% collateral ratio» this ratio is important for security and decentralization» to sustain this ratio we need significant fees to be imposed on Renbtc holders» example: if there was 100m$ Renbtc total supply then we need 300m$ ren locked in darknodes» if 3-5% fees paid for those 300m$ then we need to extract 9-15 million fees from the 100m renbtc» that equal 9-15% annual fees» of course it will be lower with the minting and burning fees but I don't think it will cover half of the total needed fees» the result with the current design there are still too much economic friction IMO. A: The key thing to keep in mind is velocity. Not just TVL. Let’s take Kyber as an example: they have $4.9M AUM. But, they did $3.7M in trades in the last 24 hours. Over the year, that’s 275x their AUM. So, if RenVM is holding $100M AUM, and achieves a volume multiplier of 200x then it gets $1M p/a in holding fees but $40M in minting/burning fees. This is all assuming the minimum fee as well (it rises as TVL approaches the limit). So RenVM would need a $300M market cap on $41M in revenue. That’s 13% p/a, assuming we don’t make the move to only 150% collateral. If we do move to that, then it’s almost 33% p/a. RenVM is by far and away the best UX for instantly swapping BTC on DEXs (with no gas, and no confirmations). All of the interfaces we’re building and the tools we’re providing give people that native experience. This is precisely because high TVL is not what yields good returns and increases cap for the protocol. Even systems like MakerDAO/Compound have people moving BTC in/out. Their AUM is by no means static. People are constantly opening/closing/liquidating positions and all of this is would create velocity through RenVM. Q: How was ETHDenver? A: ETHDenver was great, and very productive, confirmed a lot of our thoughts on what needs to be done but also gave us a good amount of exposure, so overall it was a positive for the team and RenVM.
\These questions are sourced directly from Telegram* Q: How do I shutdown my Chaosnet Darknode?A: Please follow these directions: https://docs.renproject.io/chaosnet/chaosnet-darknode/untitled-3 Q: Can I run a Chaosnet Darknode and Mainnet Darknode at the same time (on the same computer).A: No, if you want to do that you’ll have to run them on separate computers. Q: You mentioned DCEP in your latest piece and "12 App Ideas", but it's going to run on a centralized private network. The Bank of England also just released a report on how they're thinking about their CBDC and DLT/centralization, and stress that a DLT could add resilience, but there's also no reason a currency couldn't be more centralized. The Block reported that other central banks (like the EU and Singapore) are considering third-party chains like Corda. Can you comment on which CBDC designs may or may not be compatible with RZL? You previously said "RZL sMPC provides ECDSA signatures because that’s what it is used by Ethereum, Bitcoin, etc. Whatever solution they come up with, will be the solution that RZL has to be upgraded to use (the whole point of RenVM is not to tell other chains how to do things, and still provide interop; this means waiting on them to define their solution and then working with that)." So, what does centralization mean for RZL, and how can we think about compatibility between these designs on the technical side? A: The topic of centralisation in interoperability comes down to the compounding effect of using multiple networks. Put another way “you’re only as decentralised as your most centralised component”. While there are nuances to this, the core idea rings true. RenVM can be used to interoperate many different kinds of chains (anything using ECDSA, or naturally supporting lively threshold signatures) is a candidate to be included in RenVM. However, a centralised currency that has been bridged to a decentralised chain is not decentralised. The centralised entity that controls the currency might say “nothing transferred to/from this other chain will be honoured”. That’s a risk that you take with centralised currencies (take a look at the T&Cs for USDC for example). The benefit of RenVM in these instances is to become a standard. Short-term, RenVM brings interoperability to some core chains. Medium-term, it expands that to other more interesting chains based on community demands. Long-term, it becomes the standard for how to implement interop. For example: you create a new chain and don’t worry about interop explicitly because you know RenVM will have your back. For centralised currencies this is still advantageous, because the issuing entity only has to manage one chain (theirs) but can still get their currency onto other chains/ecosystems. From a technical perspective, the Darknodes just have to be willing to adopt the chain/currency. Q: dApps will have their own risk tolerances for centralized assets. Eg USDC was a bigger deal for MakerDAO than Uniswap. If CBDC liquidity were suddenly bridgeable, some dApps would be more eager to adopt it than others - even despite the risks - because they provide native liquidity and can be used to store/hedge in it without cashing it out. My question is more technical as it relates to RenVM as the "Universal Stablecoin Converter". You sound convinced that RenVM can bridge Libra, DCEP, maybe other CBDCs in the future, but I'm skeptical how RenVM works with account-based currencies. (1) Are we even sure of DCEP's underlying design and whether it or other CBDCs even plan to use digital signatures? And (2) wouldn't RenVM need a KYC-approved account to even get an address on these chains? It seems like DCEP would have to go through a Chinese Circle, who would just issue an ERC20. A: As far as underlying blockchain technology goes (eg the maths of it) I don’t see there being any issues. Until we know more about whether or not KYCd addresses are required (and if they are, how they work), then I can’t specifically comment on that. However, it is more than possible not to require RenVM to be KYCd (just like you can’t “KYC Ethereum”) and instead move that requirement to addresses on the host blockchain (eg KYC Ethereum addresses for receiving the cross-chain asset). Whether this happens or not would ultimately be up to whether the issuer wanted interoperability to be possible. Q: In that scenario, how would RenVM even receive the funds to be transferred to the KYC'd Ethereum address? For Alice to send DCEP to Bob's KYC'd Ethereum address, RenVM would need a DCEP address of its own, no? A: Again, this is impossible to say for certain without knowing the implementation of the origin chain. You could whitelist known RenVM scripts (by looking at their form, like RenVM itself does on Bitcoin). But mostly likely, these systems will have some level of smart contract capabilities and this allows very flexible control. You can just whitelist the smart contract address that RenVM watches for cross-chain events. In origin chains with smart contracts, the smart contract holds the funds (and the keys the smart contract uses to authorise spends are handled as business logic). So there isn’t really a “RenVM public address” in the same sense that there is in Bitcoin. Q: The disbonding period for Darknodes seem long, what happens if there is a bug? A: It’s actually good for the network to have a long disbonding period in the face of a bug. If people were able to panic sell, then not only would the bug cause potential security issues, but so too would a mass exodus of Darknodes from the network. Having time to fix the bug means that Darknodes may as well stick around and continue securing the network as best they can. Because their REN is at stake (as you put it) they’re incentivised to take any of the recommended actions and update their nodes as necessary. This is also why it’s critical for the Greycore to exist in the early days of the network and why we are rolling out SubZero the way that we are. If such a bug becomes apparent (more likely in the early days than the later days), then the Greycore has a chance to react to it (the specifics of which would of course depend on the specifics of the bug). This becomes harder and slower as the network becomes more decentralised over time. Not mcap, but the price of bonded Ren. Furthermore, the price will be determined by how much fees darknodes have collected. BTW, loongy could you unveil based on what profits ratio/apr the price will be calculated? This is up to the Darknodes to governance softly. This means there isn’t a need for an explicit oracle. Darknodes assess L vs R individually and vote to increase fees to drive L down and drive R up. L is driven down by continue fees, whereas R is driven up by minting/burning fees. Q: How do you think renvm would perform on a day like today when even cexs are stretched. Would the system be able to keep up? A: This will really depend on the number of shards that RenVM is operating. Shards operate in parallel so more shards = more processing power. Q: The main limiting factor is the speed of the underlying chain, rather than RenVM? A: That’s generally the case. Bitcoin peaks at about 7 TPS so as long as we are faster than this, any extra TPS is “wasted”. And you actually don’t want to be faster than you have to be. This lets you drop hardware requirements, and lowering the cost of running a Darknode. This has two nice effects: (a) being an operator generates more profit because costs are lower, and (b) it’s more accessible to more people because it’s a little cheaper to get started (albeit this is minor). Q: Just getting caught up on governance, but what about: unbonded REN = 1 vote, bonded REN = (1 vote + time_served). That'd be > decentralization of Darknodes alone, an added incentive to be registered, and counter exchanges wielding too much control. A: You could also have different decaying rates. For example, assuming that REN holders have to vote by “backing” the vote of Darknodes: Let X be the amount of REN used to voted, backed behind a Darknode and bonded for T time. Let Y be the amount of time a Darknode has been active for. Voting power of the Darknode could = Sqrt(Y) * Log(X + T) Log(1,000,000,000) = ~21 so if you had every REN bonded behind you, your voting power would only be 21x the voting power of other nodes. This would force whales to either run Darknodes for a while and contribute actively to the ecosystem (or lock up their REN for an extended period for addition voting power), and would force exchanges to spread their voting out over many different nodes (giving power back to those running nodes). Obviously the exchange could just run lots of Darknodes, but they would have to do this over a long period of time (not feasible, because people need to be able to withdraw their REN). Q: Like having superdelegates, i.e, nodes trusted by the community with higher voting power? Maybe like council nodes A: Well, this is essentially what the Greycore is. Darknodes that have been voted in by the community to act as a secondary signature on everything. (And, interestingly enough, you could vote out all members to remove the core entirely.) Q: Think the expensive ren is a security feature as well. So, doubt this would impact security potentially? I don’t know. I wouldn’t vote to cut my earnings by 40% for example lol A: It can lead to centralisation over time though. If 100K REN becomes prohibitively expensive, then you will only see people running Darknodes that can afford a large upfront capital investment. In the mid/long-term this can have adverse effects on the trust in the system. It’s important that people “external” to the system (non-Darknodes) can get themselves into the system. Allowing non-Darknodes to have some governance (even if it’s not overall things) would be critical to this. Q: That darknode option sounds very interesting although it could get more centralized as the price of 100k Ren rises.For instance dark nodes may not want to vote to lower the threshold from 100k to 50k once Ren gets too expensive. A: A great point. And one of the reasons it would be ideal to be able to alter those parameters without just the Darknodes voting. Otherwise, you definitely risk long-term centralisation. Q: BTC is deposited into a native BTC address, but who controls this address (where/how is this address’s private key stored)? A: This is precisely the magic behind RenVM. RenVM uses an MPC algorithm to generate the controlling private key. No one ever sees this private key, and no one can sign things with it without consensus from everyone else.
*These questions are sourced directly from Telegram Q: When you say RenVM is Trustless, Permissionless, and Decentralized, what does that actually mean? A: Trustless = RenVM is a virtual machine (a network of nodes, that do computations), this means if you ask RenVM to trade an asset via smart contract logic, it will. No trusted intermediary that holds assets or that you need to rely on. Because RenVM is a decentralized network and computes verified information in a secure environment, no single party can prevent users from sending funds in, withdrawing deposited funds, or computing information needed for updating outside ledgers. RenVM is an agnostic and autonomous virtual broker that holds your digital assets as they move between blockchains. Permissionless = RenVM is an open protocol; meaning anyone can use RenVM and any project can build with RenVM. You don't need anyone's permission, just plug RenVM into your dApp and you have interoperability. Decentralized = The nodes that power RenVM ( Darknodes) are scattered throughout the world. RenVM has a peak capacity of up to 10,000 Darknodes (due to REN’s token economics). Realistically, there will probably be 100 - 500 Darknodes run in the initial Mainnet phases, ample decentralized nonetheless. Q: Okay, so how can you prove this? A: The publication of our audit results will help prove the trustlessness piece; permissionless and decentralized can be proven today. Permissionless = https://github.com/renproject/ren-js Decentralized = https://chaosnet.renproject.io/ Q: How does Ren sMPC work? Sharmir's secret sharing? TSS? A: There is some confusion here that keeps arising so I will do my best to clarify.TL;DR: *SSS is just data. It’s what you do with the data that matters. RenVM uses sMPC on SSS to create TSS for ECDSA keys.*SSS and TSS aren’t fundamental different things. It’s kind of like asking: do you use numbers, or equations? Equations often (but not always) use numbers or at some point involve numbers. SSS by itself is just a way of representing secret data (like numbers). sMPC is how to generate and work with that data (like equations). One of the things you can do with that work is produce a form of TSS (this is what RenVM does). However, TSS is slightly different because it can also be done *without* SSS and sMPC. For example, BLS signatures don’t use SSS or sMPC but they are still a form of TSS. So, we say that RenVM uses SSS+sMPC because this is more specific than just saying TSS (and you can also do more with SSS+sMPC than just TSS). Specifically, all viable forms of turning ECDSA (a scheme that isn’t naturally threshold based) into a TSS needs SSS+sMPC. People often get confused about RenVM and claim “SSS can’t be used to sign transactions without making the private key whole again”. That’s a strange statement and shows a fundamental misunderstanding about what SSS is. To come back to our analogy, it’s like saying “numbers can’t be used to write a book”. That’s kind of true in a direct sense, but there are plenty of ways to encode a book as numbers and then it’s up to how you interpret (how you *use*) those numbers. This is exactly how this text I’m writing is appearing on your screen right now. SSS is just secret data. It doesn’t make sense to say that SSS *functions*. RenVM is what does the functioning. RenVM *uses* the SSSs to represent private keys. But these are generated and used and destroyed as part of sMPC. The keys are never whole at any point. Q: Thanks for the explanation. Based on my understanding of SSS, a trusted dealer does need to briefly put the key together. Is this not the case? A: Remember, SSS is just the representation of a secret. How you get from the secret to its representation is something else. There are many ways to do it. The simplest way is to have a “dealer” that knows the secret and gives out the shares. But, there are other ways. For example: we all act as dealers, and all give each other shares of our individual secret. If there are N of us, we now each have N shares (one from every person). Then we all individually add up the shares that we have. We now each have a share of a “global” secret that no one actually knows. We know this global secret is the sum of everyone’s individual secrets, but unless you know every individual’s secret you cannot know the global secret (even though you have all just collectively generates shares for it). This is an example of an sMPC generation of a random number with collusion resistance against all-but-one adversaries. Q: If you borrow Ren, you can profit from the opposite Ren gain. That means you could profit from breaking the network and from falling Ren price (because breaking the network, would cause Ren price to drop) (lower amount to be repaid, when the bond gets slashed) A: Yes, this is why it’s important there has a large number of Darknodes before moving to full decentralisation (large borrowing becomes harder). We’re exploring a few other options too, that should help prevent these kinds of issues. Q: What are RenVM’s Security and Liveliness parameters? A: These are discussed in detail in our Wiki, please check it out here: https://github.com/renproject/ren/wiki/Safety-and-Liveliness#analysis Q: What are the next blockchain under consideration for RenVM? A: These can be found here: https://github.com/renproject/ren/wiki/Supported-Blockchains Q: I've just read that Aztec is going to be live this month and currently tests txs with third parties. Are you going to participate in early access or you just more focused on bringing Ren to Subzero stage? A: At this stage, our entire focus is on Mainnet SubZero. But, we will definitely be following up on integrating with AZTEC once everything is out and stable. Q: So how does RenVM compare to tBTC, Thorchain, WBTC, etc..? A: An easy way to think about it is..RenVM’s functionality is a combination of tBTC (+ WBTC by extension), and Thorchain’s (proposed) capabilities... All wrapped into one. Just depends on what the end-user application wants to do with it. Q1: What are the core technical/security differences between RenVM and tBTC?A1: The algorithm used by tBTC faults if even one node goes offline at the wrong moment (and the whole “keep” of nodes can be penalised for this). RenVM can survive 1/3rd going offline at any point at any time. Advantage for tBTC is that collusion is harder, disadvantage is obviously availability and permissionlessness is lower. tBTC an only mint/burn lots of 1 BTC and requires an on-Ethereum SPV relay for Bitcoin headers (and for any other chain it adds). No real advantage trade-off IMO. tBTC has a liquidation mechanism that means nodes can have their bond liquidated because of ETH/BTC price ratio. Advantage means users can get 1 BTC worth of ETH. Disadvantage is it means tBTC is kind of a synthetic: needs a price feed, needs liquid markets for liquidation, users must accept exposure to ETH even if they only hold tBTC, nodes must stay collateralized or lose lots of ETH. RenVM doesn’t have this, and instead uses fees to prevent becoming under-collateralized. This requires a mature market, and assumed Darknodes will value their REN bonds fairly (based on revenue, not necessarily what they can sell it for at current —potentially manipulated—market value). That can be an advantage or disadvantage depending on how you feel. tBTC focuses more on the idea of a tokenized version of BTC that feels like an ERC20 to the user (and is). RenVM focuses more on letting the user interact with DeFi and use real BTC and real Bitcoin transactions to do so (still an ERC20 under the hood, but the UX is more fluid and integrated). Advantage of tBTC is that it’s probably easier to understand and that might mean better overall experience, disadvantage really comes back to that 1 BTC limit and the need for a more clunky minting/burning experience that might mean worse overall experience. Too early to tell, different projects taking different bets. tBTC supports BTC (I think they have ZEC these days too). RenVM supports BTC, BCH, and ZEC (docs discuss Matic, XRP, and LTC). Q2: This are my assumed differences between tBTC and RenVM, are they correct? Some key comparisons: -Both are vulnerable to oracle attacks -REN federation failure results in loss or theft of all funds -tBTC failures tend to result in frothy markets, but holders of tBTC are made whole -REN quorum rotation is new crypto, and relies on honest deletion of old key shares -tBTC rotates micro-quorums regularly without relying on honest deletion -tBTC relies on an SPV relay -REN relies on federation honesty to fill the relay's purpose -Both are brittle to deep reorgs, so expanding to weaker chains like ZEC is not clearly a good idea -REN may see total system failure as the result of a deep reorg, as it changes federation incentives significantly -tBTC may accidentally punish some honest micro-federations as the result of a deep reorg -REN generally has much more interaction between incentive models, as everything is mixed into the same pot. -tBTC is a large collection of small incentive models, while REN is a single complex incentive model A2: To correct some points: The oracle situation is different with RenVM, because the fee model is what determines the value of REN with respect to the cross-chain asset. This is the asset is what is used to pay the fee, so no external pricing is needed for it (because you only care about the ratio between REN and the cross-chain asset). RenVM does rotate quorums regularly, in fact more regularly than in tBTC (although there are micro-quorums, each deposit doesn’t get rotated as far as I know and sticks around for up to 6 months). This rotation involves rotations of the keys too, so it does not rely on honest deletion of key shares. Federated views of blockchains are easier to expand to support deep re-orgs (just get the nodes to wait for more blocks for that chain). SPV requires longer proofs which begins to scale more poorly. Not sure what you mean by “one big pot”, but there are multiple quorums so the failure of one is isolated from the failures of others. For example, if there are 10 shards supporting BTC and one of them fails, then this is equivalent to a sudden 10% fee being applied. Harsh, yes, but not total failure of the whole system (and doesn’t affect other assets). Would be interesting what RenVM would look like with lots more shards that are smaller. Failure becomes much more isolated and affects the overall network less. Further, the amount of tBTC you can mint is dependent on people who are long ETH and prefer locking it up in Keep for earning a smallish fee instead of putting it in Compound or leveraging with dydx. tBTC is competing for liquidity while RenVM isn't. Q: I understand correctly RenVM (sMPC) can get up to a 50% security threshold, can you tell me more? A: The best you can theoretically do with sMPC is 50-67% of the total value of REN used to bond Darknodes (RenVM will eventually work up to 50% and won’t go for 67% because we care about liveliness just as much as safety). As an example, if there’s $1M of REN currently locked up in bonded Darknodes you could have up to $500K of tokens shifted through RenVM at any one specific moment. You could do more than that in daily volume, but at any one moment this is the limit.Beyond this limit, you can still remain secure but you cannot assume that players are going to be acting to maximize their profit. Under this limit, a colluding group of adversaries has no incentive to subvert safety/liveliness properties because the cost to attack roughly outweighs the gain. Beyond this limit, you need to assume that players are behaving out of commitment to the network (not necessarily a bad assumption, but definitely weaker than the maximizing profits assumption). Q: Why is using ETH as collateral for RenVM a bad idea? A: Using ETH as collateral in this kind of system (like having to deposit say 20 ETH for a bond) would not make any sense because the collateral value would then fluctuate independently of what kind of value RenVM is providing. The REN token on the other hand directly correlates with the usage of RenVM which makes bonding with REN much more appropriate. DAI as a bond would not work as well because then you can't limit attackers with enough funds to launch as many darknodes as they want until they can attack the network. REN is limited in supply and therefore makes it harder to get enough of it without the price shooting up (making it much more expensive to attack as they would lose their bonds as well). A major advantage of Ren's specific usage of sMPC is that security can be regulated economically. All value (that's being interopped at least) passing through RenVM has explicit value. The network can self-regulate to ensure an attack is never worth it. Q: Given the fee model proposal/ceiling, might be a liquidity issue with renBTC. More demand than possible supply?A: I don’t think so. As renBTC is minted, the fees being earned by Darknodes go up, and therefore the value of REN goes up. Imagine that the demand is so great that the amount of renBTC is pushing close to 100% of the limit. This is a very loud and clear message to the Darknodes that they’re going to be earning good fees and that demand is high. Almost by definition, this means REN is worth more. Profits of the Darknodes, and therefore security of the network, is based solely on the use of the network (this is what you want because your network does not make or break on things outside the systems control). In a system like tBTC there are liquidity issues because you need to convince ETH holders to bond ETH and this is an external problem. Maybe ETH is pumping irrespective of tBTC use and people begin leaving tBTC to sell their ETH. Or, that ETH is dumping, and so tBTC nodes are either liquidated or all their profits are eaten by the fact that they have to be long on ETH (and tBTC holders cannot get their BTC back in this case). Feels real bad man. Q: I’m still wondering which asset people will choose: tbtc or renBTC? I’m assuming the fact that all tbtc is backed by eth + btc might make some people more comfortable with it. A: Maybe :) personally I’d rather know that my renBTC can always be turned back into BTC, and that my transactions will always go through. I also think there are many BTC holders that would rather not have to “believe in ETH” as an externality just to maximize use of their BTC. Q: How does the liquidation mechanism work? Can any party, including non-nodes act as liquidators? There needs to be a price feed for liquidation and to determine the minting fee - where does this price feed come from? A: RenVM does not have a liquidation mechanism. Q: I don’t understand how the price feeds for minting fees make sense. You are saying that the inputs for the fee curve depend on the amount of fees derived by the system. This is circular in a sense? A: By evaluating the REN based on the income you can get from bonding it and working. The only thing that drives REN value is the fact that REN can be bonded to allow work to be done to earn revenue. So any price feed (however you define it) is eventually rooted in the fees earned. Q: Who’s doing RenVM’s Security Audit? A: ChainSecurity | https://chainsecurity.com/ Q: Can you explain RenVM’s proposed fee model? A: The proposed fee model can be found here: https://github.com/renproject/ren/wiki/Safety-and-Liveliness#fees Q: Can you explain in more detail the difference between "execution" and "powering P2P Network". I think that these functions are somehow overlapping? Can you define in more detail what is "execution" and "powering P2P Network"? You also said that at later stages semi-core might still exist "as a secondary signature on everything (this can mathematically only increase security, because the fully decentralised signature is still needed)". What power will this secondary signature have? A: By execution we specifically mean signing things with the secret ECDSA keys. The P2P network is how every node communicates with every other node. The semi-core doesn’t have any “special powers”. If it stays, it would literally just be a second signature required (as opposed to the one signature required right now). This cannot affect safety, because the first signature is still required. Any attack you wanted to do would still have to succeed against the “normal” part of the network. This can affect liveliness, because the semi-core could decide not to sign. However, the semi-core follows the same rules as normal shards. The signature is tolerant to 1/3rd for both safety/liveliness. So, 1/3rd+ would have to decide to not sign. Members of the semi-core would be there under governance from the rest of our ecosystem. The idea is that members would be chosen for their external value. We’ve discussed in-depth the idea of L<3. But, if RenVM is used in MakerDAO, Compound, dYdX, Kyber, etc. it would be desirable to capture the value of these ecosystems too, not just the value of REN bonded. The semi-core as a second signature is a way to do this. Imagine if the members for those projects, because those projects want to help secure renBTC, because it’s used in their ecosystems. There is a very strong incentive for them to behave honestly. To attack RenVM you first have to attack the Darknodes “as per usual” (the current design), and then somehow convince 1/3rd of these projects to act dishonestly and collapse their own ecosystems and their own reputations. This is a very difficult thing to do. Worth reminding: the draft for this proposal isn’t finished. It would be great for everyone to give us their thoughts on GitHub when it is proposed, so we can keep a persistent record. Q: Which method or equation is used to calculate REN value based on fees? I'm interested in how REN value is calculated as well, to maintain the L < 3 ratio? A: We haven’t finalized this yet. But, at this stage, the plan is to have a smart contract that is controlled by the Darknodes. We want to wait to see how SubZero and Zero go before committing to a specific formulation, as this will give us a chance to bootstrap the network and field inputs from the Darknodes owners after the earnings they can make have become more apparent.
Bitcoin Cash Hard Fork 15 May 2019 | Know Everything About Upcoming BCH Fork
https://preview.redd.it/idsupgh4k7y21.png?width=1500&format=png&auto=webp&s=0a00b768fdbad52a99bfb7f041c79e109d2b1c44 The price of Bitcoin Cash (BCH) surged dramatically once the news of the upcoming Bitcoin Cash fork came out. BCH broke over 300 USD with an increase of 13% as the news of Schnorr upgrade broke the internet and the crypto space. Schnorr upgrade was initially being proposed by Peter Wuille, the Blockstream co-founder. The Bitcoin Cash community has voted for the Schnorr upgrade unlike their criticism on the past discussions on Lightning, Segregated Witnesses (SegWit) and other technologies. The Bitcoin Cash hard fork date scheduled is on May 15, 2019. Before that, a testnet has already been launched, which will help the developers test before the official launch. You can track the BCH hard fork time here, where you can find Bitcoin Cash hard fork countdown. Alysssa Hertig tweeted from CoinDesk that this change is going to be phenomenal, and is widely supported by the community members:
Let us understand what difference would it make to the BCH fork 2019 after the Schnorr Upgrade:
Cryptographically, to prove that you own Bitcoin and in order to send funds to others, you “sign” with a private key, which as of now, uses Elliptic Curve Digital Signature Algorithm (ECDSA) scheme which lacked scalability and privacy features. But Schnorr signatures will be able to verify several signatures at once, which is way faster than even verifying one signature eight times, which in turn will improve scalability and privacy, wherein there would be certain anonymity. Schnorr signatures will aggregate the signatures, public keys and messages of multiple transactions into one, enabling faster transactions. Read More - https://coinswitch.co/news/bitcoin-cash-hard-fork-15-may-2019-know-everything-about-upcoming-bch-fork
Why I have decided to invest in Quantum Resistant Ledger (QRL) now
The topic of quantum resistance is a complex topic, at least for me. When QRL came up a month or so ago, I recall moving on fast. Today it came up again, and as a result, decided to stop and spend time on the official website (theqrl.org), and figure out if this is a project I want and should invest in. What is The QRL : “The QRL is a cryptocurrency ledger which is designed from the outset to be resistant to both classical and quantum computing attack. It uses a different system of cryptography to bitcoin (and all other altcoins) known as hash-based digital signatures which are quantum-resistant. The ledger will be the first to experiment with quantum-resistant signatures whilst providing an ultra secure backup store of value in the event of a sudden advance in quantum computing. The initial aim of the chain is to offer a low volume of ultra secure transactions in the first iteration with guaranteed longevity. “ More about QRL here: http://cryptopotato.com/qrl-taking-quantum-computers/ These facts convinced me today to invest: 1 - One of the key points I look for when evaluating a potential investment is timing, and it seems in that regard, my reacquaintance with QRL today, is incredibly well timed. Next month, or early October, QRL’s mainnet goes live with its Genesis block. The actual blockchain goes live! Kaushal Kumar Singh, one of the core developer on the team, confirmed the following in their Slack channel: “The first hardcoded block created into the blockchain is the Genesis block. This block includes the list of stake validators for the first epoch. Mainnet is expected to be on SeptembeOctober. Currently, it will be released with ephemeral messaging feature. As ephemeral messaging is in the roadmap for the month of October. Rest of the features such as VPN, VoIP would be planned between the year 2018 to 2019. The exact month would be released once the mainnet is live with ephemeral messaging”. 2 - Dr Peter Waterland, the founder and core developer of the project, explained to me the differences between the Quantum resistance offered by QRL, NEO and Ethereum’s upcoming Metropolis. NEO : “There are different candidate post-quantum signature schemes in existence. Hash-based signatures have minimal security requirements and XMSS which is used in the QRL is PQ-crypto recommended. Lattice- based crypto is another type of signature which is thought to be Quantum resistant (indeed we will be using it for our Ephemeral messaging layer. Our resident post-quantum cryptographer doesn't feel lattice-based crypto is mature enough to secure accounts/addresses. The bottom line is that currently NEO doesn't contain lattice-based addresses and what they are saying is they may add such address types in the future.” ETH Metropolis: “ETH has quantum-safe address types on their roadmap. Whether they appear in metropolis is anyone’s guess. Quantum-safe signatures are massive and so high volume blockchains like ethereum would immediately choke if they moved towards them..” If it does appear, is there still an advantage to QRL over it? “Yes. Firstly, we are using hash-based signatures, which only rely upon the cryptographic hash algorithm. In contrast, lattice-based signatures may in the future be broken. Secondly, once a fully error corrected QC emerges it will not matter if you have some addresses protected in QC-safe addresses. Prices of all tokens not completely secure will move to zero. If 5% of ETH is in unprotected standard ECDSA addresses with exposed public keys, then when a QC computer emerges those coins can be trivially stolen. Now if the other 95% of ETH are safely stored away in QC addresses then everyone might be feeling very safe.. But actually 5% is more than enough to crash the price to cents. The only true protection is 100% security of all ledger addresses. . So the QRL is taking the view that we are making our ledger completely 100% secure and are choosing the most robust signature scheme and hashing algorithm possible. This isn’t something major chains will want to do because it basically increases block sizes massively. So we get roadmaps and possible QC-safe address options..We are being proactive and building something irrefutably secure from genesis block. 3 - Market cap is at a small $29 mil (!!) with the token trading at around 55-60 cents $. Truly undervalued, with massive potential of gains in the short to medium run. QRL is an ERC-20 token for now until the blockchain launches, when one will be able to swap the tokens to new ones. I expect very nice gains with the launch of the blockchain next month or early October. I believe if the media catch up, things could get very interesting! Trading on Bittrex : https://bittrex.com/Market/Index?MarketName=eth-QRL https://bittrex.com/Market/Index?MarketName=btc-QRL
Peer-to-peer smart derivatives for any asset over any network!
Taurus0x Overview Distributed off-chain / on-chain protocol powering smart derivatives from end to end, for any asset over any network. Background of Taurus0x Remember around September 2017 when the world lost its cool over Bitcoin prices? It was nearly an ideological war for many. It occurred to me to create an app for people to bid on Bitcoin prices, and I would connect that app to a smart contract to execute bids on the blockchain. It took me a long couple of weeks to figure out how many licenses I would need to acquire to run such a business in the United States. It became evident that market making is a huge undertaking and is better off decentralized in a an open-standard protocol to generate liquidity. The protocol needed to be fully decentralized as a primary requirement. Why? because I believe in the philosophy of decentralization and creating fair market makers, governed by a public community. It is the right thing to do in order to create equal opportunity for consumers without centralized control and special privileges. It comes at no surprise to anyone at this point that the vast majority of “ICOs” were empty promises. Real life utility was and is a necessity for any viable project. Transitioning from a centralized world to a tokenized and decentralized one cannot be abrupt. The protocol needed to support both worlds and allow for a free market outcome as far as adoption. Scalability-wise and as of today, Ethereum could not handle a real-time full DEX that could compete with advanced and well-known centralized exchanges. And quite frankly, maybe it’s not meant to. This is when the off-chain thinking started, especially after witnessing a couple of the most successful projects adopting this approach, like Lighting and 0xProject. The trade-off was the complexity of handling cryptographic communications without the help of the blockchain. I had met my co-founder Brett Hayes at the time. I would need another 3 or 4 articles to explain Brett for you. To the substance. What is Asymmetrical Cryptography? Asymmetrical cryptography is a form of cryptography that uses public and private key pairs. Each public key comes with its associated and unique private key. If you encrypt a piece of data with a private, only the associated public key may be used to decrypt the data. And vice versa. If I send you a “hello” encrypted with my private key, and you try to decrypt it with my public key (which is no secret). If it decrypts fine, then you are positive that this “hello” came from me. This is what we call digital signatures. The figure below is from Taurus0x whitepaper and describes the chosen digital signature algorithm (ECDSA). https://preview.redd.it/n8kavgofbm211.png?width=1000&format=png&auto=webp&s=289695a17cd413b68105b249d615b82bae1fe1dc What are Smart Derivatives? Well, what are derivatives in the first place? In the financial world, a derivative is a contract between two or more parties based upon an asset. Its price is determined by fluctuations in the underlying asset. The most common underlying assets include stocks, bonds, commodities, currencies, interest rates and market indexes. Futures contracts, forward contracts, options, swaps, cryptocurrency prices and warrants are common derivatives. Smart Derivatives are smart contracts that behave like financial derivatives. They possess enough information and funds to allow for execution with guaranteed and trusted outcomes. What is Taurus0x? Taurus0x is a distributed off-chain / on-chain protocol powering smart derivatives from end to end. Taurus0x is both asset and network-agnostic. The philosophy is to also become blockchain-agnostic as more blockchains come to life. Distributed = fully decentralized set of smart contracts and libraries. Off-chain = ad-hoc protocol not limited to a blockchain. On-chain= trusted outcome without intermediaries. Asset-agnostic = supports any asset, not limited to cryptocurrency. Network-agnostic = contracts can be transmitted over any network (email, text, twitter, facebook, pen and paper, etc.) Who can use Taurus0x? Taurus0x protocol is ultimately built to serve end consumers who trade derivative contracts. Participants may engage in a peer-to-peer derivative contracts among each other without the need for a house in the middle. The Taurus0x team and advisory realize that the migration from a centralized world to a decentralized one cannot be abrupt, specifically in FinTech. Taurus0x is built to support existing business models as well as C2C peer-to-peer. Exchanges who want to take on the derivative market may use an open-source protocol without worrying about building a full backend to handle contract engagement and settlement. Taurus0x Exchanges would simply connect participants to each other, using matching algorithms. Taurus0x intends to standardize derivative trading in an open way. Having more exchanges using the protocol allows for creating public and permission-ed pools to generate compounded liquidity of contracts. This helps smaller exchanges by lowering the entry-to-market barrier. How does Taurus0x work? The process is simple and straightforward. Implementation details are masked by the protocol making it very easy to build on top. The first 2 steps represent off-chain contract agreement, while 3 and 4 solidify and execute the contract on-chain. 1- Create A producer creates a contract from any client using Taurus0x protocol, whether from an app, a website or a browser extension. The producer specifies a condition that is expected to happen sometime in the future. For example, I (the producer) might create a binary contract with the following condition: Apple stock > $200 by July 1, 2018 with a premium of 10 TOKENs (any ERC20 token) The contract will be automatically signed with my private key, which confirms that I created it. I can then share it (a long hexadecimal text) with anyone over any network I choose. 2- Sign When the consumer receives the signed contract, they will be able to load it via any client using Taurus0x. If the consumer disagrees with the producer on the specified condition, they will go ahead and sign the contract with their private key. Back to our example above, the consumer would think that Apple stock will remain under $200 by July 1, 2018. Now that the we have collected both signatures, the contract is ready to get published on blockchain. 3- Publish Anyone who possesses the MultiSig contract and its 2 signatures can go ahead and publish it to the Ethereum blockchain. That would most likely be either the producer, the consumer or a party like an exchange in the middle hosting off-chain orders. As soon as the contract is published, Taurus0x proxy (an open-source smart contract) will pull necessary funds from participating wallets into the newly created Smart Derivative. The funds will live in the derivative contract until successful execution. 4- Execute If at any point before the contract expiration date the specified condition becomes true (i.e. Apple Stock > $200), the producer can go ahead and execute the derivative contract. The contract will calculate the outcome and transfer funds accordingly. In this binary derivative example, the producer will receive 20 TOKENs in their wallet upon executing the contract. If the expiration date comes and the producer had never successfully executed the contract, the consumer may execute it themselves and collect the 20 TOKENs. This figure is from the Taurus0x whitepaper depicts the process: https://preview.redd.it/vr2y9b8ibm211.png?width=1250&format=png&auto=webp&s=1b7a8144fe2a41116a4f64d7418d3dacb4f42fc5 Summary Taurus0x is a highly versatile and modular protocol built using Ethereum-based smart contracts and wrapper JS libraries to bootstrap developer adoption. While Smart Derivatives are the first application of Taurus0x, it is worth noting that the protocol is not limited to cryptocurrencies or even derivatives for that matter. It is an ad-hoc and scalable contract management solution meant to guarantee trusted outcomes in the future based on conditions specified today. The semi off-chain nature of the protocol helps remediate Ethereum’s scalability limitations and makes it a viable product. Finally, the plan for Taurus0x is to be governed by a Decentralized Autonomous Organization or DAO as outlined in the roadmap on https://taurus0x.com. This is an area of research and development as of today. Decentralization does not fulfill its purpose if governance remains centralized, therefore it is without compromise that Taurus0x follows a decentralized governance structure.
Let me clarify common misconceptions about Bitcoin. Myth # 1. It's just something similar to other virtual currencies, nothing new All other virtual currencies are controlled by their regulatory center. This means that: they can be printed on the subjective whims of the currency regulator; they could be destroyed by an attack on this regulatory center.; arbitrary rules can be imposed by the currency regulator. Bitcoins, being initially a decentralized currency, solve all these problems. Myth # 2. Bitcoins do not solve any problems that gold and/or Fiat money cannot solve Unlike gold bitcoins: easy to carry and store; easy to authenticate. Unlike Fiat money, bitcoins: have predictable and decreasing emissions; not controlled by any regulatory center. Unlike Fiat electronic money, bitcoins: can be anonymous (like cash); there's no way the accounts can be frozen. Myth # 3. Bitcoins are secured by CPU time It is incorrect to say that bitcoins are secured by CPU time. When it is said that a currency is "secured" by something, it is meant to be centrally tied to something at the exchange rate. You can not exchange bitcoins for the computing power spent on their generation (it is too high). In this sense, bitcoins are not secured by anything. This is a self-valuable product. Think, unless gold is provided with something? No, it's just gold. It's the same with bitcoins. Bitcoin currency is created with the use of processor power: the integrity of the block chain is protected from all sorts of attacks by the existence of a large computer network. That's it. Myth # 4. Bitcoins are worthless because they are not secured by anything Gold is not secured by anything, but is used and valued everywhere. See the previous myth. Myth # 5. The value of bitcoins is based on how much electricity and processing power is required to generate them This myth is an attempt to apply labor value theory to bitcoins, which is not applicable to them and is probably false. Just because something requires X resources to create doesn't mean that the final product will cost X. it can cost more or less X, depending on the usefulness to users. In fact, there is a broken causal relationship (this applies to the above theory as a whole). The value of bitcoins is based on how valuable they are. If bitcoins rise in price, more people will try to generate them (because bitcoin generation becomes more profitable), this will increase the difficulty of generating, which in turn only leads to the difficulty of mining them. If bitcoins fall in price, then the reverse process occurs. These processes maintain a balance between the cost of generation and the cost of bitcoins generated. Myth # 6. Bitcoins have no value of their own (unlike some other things) Many things have their own value, but it is usually well below the market value of the thing. Consider gold: if it were not used as an inflation-resistant value, and used only for industrial purposes, it would not have today's value, since the industrial need for gold is much lower than it is available. Historical value has helped establish some things as a means of exchange, but it is certainly not a necessary condition. Perhaps bitcoins will not be used as a raw material for industrial purposes, but they have many other useful qualities that are necessary for the means of exchange. The value of bitcoins is determined solely by people's desire to trade them - supply and demand. Myth # 7. Bitcoins are illegal because they are not a legal tender Short answer: chickens are not a legal tender, but bartering with chickens is not illegal. There are many currencies that are not legal tender. Currency, after all, is just a convenient unit of account. Although national laws may vary from country to country (you should definitely check the laws of your state), in General - trading with any commodity exchange, including digital goods (e.g.: bitcoins, virtual worlds second Life or WoW game currencies), is not illegal. Myth # 8. Bitcoins are a form of domestic terrorism because they only harm the economic stability of the state and the state currency Read the relevant Wikipedia article. Action will not be considered terrorism if it is not violent. Bitcoins are not imposed on anyone with violence, so they are not terrorism. Also, bitcoins are not "internal". It's a worldwide product. Look at the auto-generated node map. Myth # 9. Bitcoins will only facilitate tax evasion, which will lead to a possible fall of civilization It's up to you whether you follow the laws of the country or face the consequences of breaking the laws. Myth # 10. Bitcoins can print/mint everyone, therefore they're useless To generate coins requires significant computing power, in addition, over time, all the coins will be generated. Myth # 11. Bitcoins are useless because they are based on unverified / unproven cryptography The Sha-256 and ECDSA algorithms that are used in the #Bitcoin program are well-known industrial encryption standards. Myth # 12. First bitcoin users are unfairly rewarded The first users were rewarded for taking on a higher risk of losing their time and money. From a more pragmatic point of view, the term "equity" is a conditional concept, making it unlikely to be agreed upon by a large number of people. Establishing "fairness" is not the goal of the Bitcoin project, as it would be simply impossible. The vast majority of the 21 million bitcoins still haven't been distributed among people. If you start generating or purchasing bitcoins today, you can become one of the "first users"yourself. Myth # 13. 21 million coins is not enough, it is not commensurate with the needs of mankind In fact, the Bitcoin project will exist 2099999997690000 (just over two quadrillions) of the maximum possible indivisible units. One bitcoin is 100 million (one hundred million) of them. In other words, each bitcoin can be divided into 10^8 parts. If the value of bitcoins rises too much, then people for convenience can start working with smaller pieces such as Milli-bitcoins (mBTC) and micro-bitcoins (µbtc). However, it is possible and denomination with coefficients 1:10, 1: 100 and so on. Myth # 14. Bitcoins are stored in wallet files, just copy the wallet and get more coins! No, Your wallet file contains secret private keys that give you the right to dispose of your bitcoins. Imagine that you have a key issued by your Bank to manage your account. If you give it to someone else, it will not increase the funds in your Bank account. The funds will be spent either by You or by this third party. Myth # 15. Lost coins cannot be replaced, which is bad The minimum bitcoin unit is 0.00000001, so this is not a problem. If you lose coins, all other coins will rise in price a little. Consider this a donation to all other bitcoin users. There is a related question (and the answer to it). Why is there no mechanism to replace lost coins? It is impossible to distinguish between the lost coin and the one that is simply not used at the moment and waiting in someone's purse of his time to be useful. Myth # 16. It's a giant pyramid scheme. In financial pyramids (see Ponzi scheme and MMM), the founders convince investors that they will be in profit. Bitcoins do not give such guarantees. There is no regulatory center, there is just a group of people who are building a new economy. However, one should not confuse bitcoins by themselves with various projects on the Internet, which can accept bitcoins as a contribution and be financial pyramids. Myth # 17. Limited emissions and lost coins generate a deflationary spiral Both deflationary forces can manifest themselves, and economic factors such as hoarding counteract the human factor, which can reduce the chances of a deflationary spiral. Myth # 18. The idea of bitcoin may not work because there is no way to control inflation Inflation is simply an increase in prices over time, which is usually a consequence of currency depreciation. It is a function of supply and demand. Given the fact that the supply of bitcoins is fixed (due to the peculiarities of their issue), unlike Fiat money, the only way out of control of inflation is the disappearance of demand for bitcoins. It should also be taken into account that bitcoins are a currency with a predictable decentralized issue. If demand falls to almost zero, then bitcoins will be doomed in any case. However, it is unlikely that this can actually happen. The key point here is that bitcoins cannot be impaired by a sharp increase in inflation by any person, organization or government, since there is no way to increase the supply too much due to the peculiarities of the issue. In fact, a more likely scenario is an increase in demand for bitcoins due to the growing popularity, which should lead to a constant increase in the exchange rate and deflation. Myth # 19. Bitcoin community is anarchists, conspiracy theorists, supporters of the gold standard and geeks Confirm. However, it is necessary to consider that it is only a part of all color of community. https://preview.redd.it/qkk7hybryqg21.jpg?width=1980&format=pjpg&auto=webp&s=a373d5483cc87c1e2c651ff864fc324273fa3f08
Why I have decided to invest in Quantum Resistant Ledger (QRL) now
The topic of quantum resistance is a complex topic, at least for me. When QRL came up a month or so ago, I recall moving on fast. Today it came up again, and as a result, decided to stop and spend time on the official website (theqrl.org), and figure out if this is a project I want and should invest in. What is The QRL : “The QRL is a cryptocurrency ledger which is designed from the outset to be resistant to both classical and quantum computing attack. It uses a different system of cryptography to bitcoin (and all other altcoins) known as hash-based digital signatures which are quantum-resistant. The ledger will be the first to experiment with quantum-resistant signatures whilst providing an ultra secure backup store of value in the event of a sudden advance in quantum computing. The initial aim of the chain is to offer a low volume of ultra secure transactions in the first iteration with guaranteed longevity. “ More about QRL here: http://cryptopotato.com/qrl-taking-quantum-computers/ These facts convinced me today to invest: 1 - One of the key points I look for when evaluating a potential investment is timing, and it seems in that regard, my reacquaintance with QRL today, is incredibly well timed. This month, or early October, QRL’s mainnet goes live with its Genesis block. The actual blockchain goes live! Kaushal Kumar Singh, one of the core developer on the team, confirmed the following in their Slack channel: “The first hardcoded block created into the blockchain is the Genesis block. This block includes the list of stake validators for the first epoch. Mainnet is expected to be on SeptembeOctober. Currently, it will be released with ephemeral messaging feature. As ephemeral messaging is in the roadmap for the month of October. Rest of the features such as VPN, VoIP would be planned between the year 2018 to 2019. The exact month would be released once the mainnet is live with ephemeral messaging”. 2 - Dr Peter Waterland, the founder and core developer of the project, explained to me the differences between the Quantum resistance offered by QRL, NEO and Ethereum’s upcoming Metropolis. NEO : “There are different candidate post-quantum signature schemes in existence. Hash-based signatures have minimal security requirements and XMSS which is used in the QRL is PQ-crypto recommended. Lattice- based crypto is another type of signature which is thought to be Quantum resistant (indeed we will be using it for our Ephemeral messaging layer. Our resident post-quantum cryptographer doesn't feel lattice-based crypto is mature enough to secure accounts/addresses. The bottom line is that currently NEO doesn't contain lattice-based addresses and what they are saying is they may add such address types in the future.” ETH Metropolis: “ETH has quantum-safe address types on their roadmap. Whether they appear in metropolis is anyone’s guess. Quantum-safe signatures are massive and so high volume blockchains like ethereum would immediately choke if they moved towards them..” If it does appear, is there still an advantage to QRL over it? “Yes. Firstly, we are using hash-based signatures, which only rely upon the cryptographic hash algorithm. In contrast, lattice-based signatures may in the future be broken. Secondly, once a fully error corrected QC emerges it will not matter if you have some addresses protected in QC-safe addresses. Prices of all tokens not completely secure will move to zero. If 5% of ETH is in unprotected standard ECDSA addresses with exposed public keys, then when a QC computer emerges those coins can be trivially stolen. Now if the other 95% of ETH are safely stored away in QC addresses then everyone might be feeling very safe.. But actually 5% is more than enough to crash the price to cents. The only true protection is 100% security of all ledger addresses. . So the QRL is taking the view that we are making our ledger completely 100% secure and are choosing the most robust signature scheme and hashing algorithm possible. This isn’t something major chains will want to do because it basically increases block sizes massively. So we get roadmaps and possible QC-safe address options..We are being proactive and building something irrefutably secure from genesis block. 3 - Market cap is at a small $29 mil (!!) with the token trading at around 55-60 cents $. Truly undervalued, with massive potential of gains in the short to medium run. QRL is an ERC-20 token for now until the blockchain launches, when one will be able to swap the tokens to new ones. I expect very nice gains with the launch of the blockchain this month or early October. I believe if the media catch up, things could get very interesting! Trading on Bittrex : https://bittrex.com/Market/Index?MarketName=eth-QRL https://bittrex.com/Market/Index?MarketName=btc-QRL
Q: What is your relationship with Blockstream now? Are you in a Cold War? Your evaluation on BS was pretty high “If this amazing team offers you a job, you should take it,” tweeted Gavin Andresen, Chief Scientist, Bitcoin Foundation.” But now, what’s your opinion on BS? A: I think everybody at Blockstream wants Bitcoin to succeed, and I respect and appreciate great work being done for Bitcoin by people at Blockstream. We strongly disagree on priorities and timing; I think the risks of increasing the block size limit right away are very small. I see evidence of people and businesses getting frustrated by the limit and choosing to use something else (like Ethereum or a private blockchain); it is impossible to know for certain how dangerous that is for Bitcoin, but I believe it is more danger than the very small risk of simply increasing or eliminating the block size limit.
Q: 1) Why insist on hard fork at only 75%? You once explained that it is possible to be controlled by 5% if we set the threshold at 95%. I agree, but there should be some balance here. 75% means a high risk in splitting, isn’t it too aggressive? Is it better if we set it to 90%? A: 1)The experience of the last two consensus changes is that miners very quickly switch once consensus reaches 75% -- the last soft fork went from 75% support to well over 95% support in less than one week. So I’m very confident that miners will all upgrade once the 75% threshold is reached, and BIP109 gives them 28 days to do so. No miner wants to create blocks that will not be accepted by the network. Q: 2) How to solve the potentially very large blocks problem Classic roadmap may cause, and furthur causing the centralization of nodes in the future? A: 2)Andreas Antonopoulos gave a great talk recently about how people repeatedly predicted that the Internet would fail to scale. Smart engineers proved them wrong again and again, and are still busy proving them wrong today (which is why I enjoy streaming video over my internet connection just about every night). I began my career working on 3D graphics software, and saw how quickly we went from being able to draw very simple scenes to today’s technology that is able to render hundreds of millions of triangles per second. Processing financial transactions is much easier than simulating reality. Bitcoin can easily scale to handle thousands of transactions per second, even on existing computers and internet connections, and even without the software optimizations that are already planned. Q: 3) Why do you not support the proposal of RBF by Satoshi, and even plan to remove it in Classic completely? A: 3) Replace-by-fee should be supported by most of the wallets people are using before it is supported by the network. Implementing replace-by-fee is very hard for a wallet, especially multi-signature and hardware wallets that might not be connected to the network all of the time. When lots of wallet developers start saying that replace-by-fee is a great idea, then supporting it at the network level makes sense. Not before. Q: 4) . Your opinion on soft fork SegWit, sidechain, lighnting network. Are you for or against, please give brief reasons. Thanks. A: 4) The best way to be successful is to let people try lots of different things. Many of them won’t be successful, but that is not a problem as long as some of them are successful. I think segregated witness is a great idea. It would be a little bit simpler as a hard fork instead of a soft fork (it would be better to put the merkle root for the witness data into the merkle root in the block header instead of putting it inside a transaction), but overall the design is good. I think sidechains are a good idea, but the main problem is finding a good way to keep them secure. I think the best uses of sidechains will be to publish “write-only” public information involving bitcoin. For example, I would like to see a Bitcoin exchange experiment with putting all bids and asks and trades on a sidechain that they secure themselves, so their customers can verify that their orders are being carried out faithfully and nobody at the exchanges is “front-running” them. Q: 5) Can you share your latest opinion on Brainwallet? It is hard for new users to use long and complex secure passphrase, but is it a good tool if it solves this problem? A: 5) We are very, very bad at creating long and complex passphrases that are random enough to be secure. And we are very good at forgetting things. We are much better at keeping physical items secure, so I am much more excited about hardware wallets and paper wallets than I am about brain wallets. I don’t trust myself to keep any bitcoin in a brain wallet, and do not recommend them for anybody else, either.
Q: Gavin, do you have bitcoins now? What is your major job in MIT? Has FBI ever investigated on you? When do you think SHA256 might be outdated, it seems like it has been a bit unsafe? A: Yes, a majority of my own person wealth is still in bitcoins -- more than a financial advisor would say is wise. My job at MIT is to make Bitcoin better, in whatever way I think best. That is the same major job I had at the Bitcoin Foundation. Sometimes I think the best way to make Bitcoin better is to write some code, sometimes to write a blog post about what I see happening in the Bitcoin world, and sometimes to travel and speak to people. The FBI (or any other law enforcement agency) has never investigated me, as far as I know. The closest thing to an investigation was an afternoon I spent at the Securities and Exchange Commission in Washington, DC. They were interested in how I and the other Bitcoin developers created the software and how much control we have over whether or not people choose to run the software that we create. “Safe or unsafe” is not the way to think about cryptographic algorithms like SHA256. They do not suddenly go from being 100% secure for everything to completely insecure for everything. I think SHA256 will be safe enough to use in the all ways that Bitcoin is using it for at least ten years, and will be good enough to be used as the proof-of-work algorithm forever. It is much more likely that ECDSA, the signature algorithm Bitcoin is using today, will start to become less safe in the next ten or twenty years, but developer are already working on replacements (like Schnorr signatures).
Q: It’s a pleasure to meet you. I only have one question. Which company are you serving? or where do you get your salary? A: The Media Lab at MIT (Massachusetts Institute of Technology) pays my salary; I don’t receive regular payments from anybody else. I have received small amounts of stock options in exchange for being a techical advisor to several Bitcoin companies (Coinbase, BitPay, Bloq, Xapo, Digital Currency Group, CoinLab, TruCoin, Chain) which might be worth money some day if one or more of those companies do very well. I make it very clear to these companies that my priority is to make Bitcoin better, and my goal in being an advisor to them is to learn more about the problems they face as they try to bring Bitcoin to more of their customers. And I am sometimes (once or twice a year) paid to speak at events.
Q: Would you mind share your opinion on lightning network? Is it complicated to implement? Does it need hard fork? A: Lightning does not need a hard fork. It is not too hard to implement at the Bitcoin protocol level, but it is much more complicated to create a wallet capable of handling Lightning network payments properly. I think Lightning is very exciting for new kinds of payments (like machine-to-machine payments that might happen hundreds of times per minute), but I am skeptical that it will be used for the kinds of payments that are common on the Bitcoin network today, because they will be more complicated both for wallet software and for people to understand.
Q: 1) There has been a lot of conferences related to blocksize limit. The two took place in HongKong in Decemeber of 2015 and Feberary of 2016 are the most important ones. Despite much opposition, it is undeniable that these two meetings basically determines the current status of Bitcoin. However, as the one of the original founders of Bitcoin, why did you choose to not attend these meetings? If you have ever attended and opposed gmax’s Core roadmap (SegWit Priority) in one of the meetings, we may be in a better situation now, and the 2M hard fork might have already begun. Can you explain your absence in the two meetings? Do you think the results of both meetings are orchestrated by blockstream? A: 1) I attended the first scaling conference in Montreal in September of 2015, and had hoped that a compromise had been reached. A few weeks after that conference, it was clear to me that whatever compromise had been reached was not going to happen, so it seemed pointless to travel all the way to Hong Kong in December for more discussion when all of the issues had been discussed repeatedly since February of 2015. The February 2016 Hong Kong meeting I could not attend because I was invited only a short time before it happened and I had already planned a vacation with my family and grandparents. I think all of those conferences were orchestrated mainly by people who do not think raising the block size limit is a high priority, and who want to see what problems happen as we run into the limit. Q: 2) We have already known that gmax tries to limit the block size so as to get investment for his company. However, it is obvious that overthrowing Core is hard in the short term. What if Core continues to dominate the development of Bitcoin? Is it possible that blockstream core will never raise the blocksize limit because of their company interests? A: 2) I don’t think investment for his company is Greg’s motivation-- I think he honestly believes that a solution like lightning is better technically. He may be right, but I think it would be better if he considered that he might also be wrong, and allowed other solutions to be tried at the same time. Blockstream is a funny company, with very strong-willed people that have different opinions. It is possible they will never come to an agreement on how to raise the blocksize limit.
Q: I would like to ask your opinion on the current situation. It’s been two years, but a simple 2MB hard fork could not even be done. In Bitcoin land, two years are incredibly long. Isn’t this enough to believe this whole thing is a conspiracy? A: I don’t think it is a conspiracy, I think it is an honest difference of opinion on what is most important to do first, and a difference in opinion on risks and benefits of doing different things. Q: How can a multi-billion network with millions of users and investors be choked by a handful of people? How can this be called decentrilized and open-source software anymore? It is so hard to get a simple 2MB hard fork, but SegWig and Lighting Network with thousands of lines of code change can be pushed through so fast. Is this normal? It is what you do to define if you are a good man, not what you say. A: I still believe good engineers will work around whatever unnecessary barriers are put in their way-- but it might take longer, and the results will not be as elegant as I would prefer. The risk is that people will not be patient and will switch to something else; the recent rapid rise in developer interest and price of Ethereum should be a warning. Q: The problem now is that everybody knows Classic is better, however, Core team has controlled the mining pools using their powers and polical approaches. This made them controll the vast majority of the hashpower, no matter what others propose. In addition, Chinese miners have little communication with the community, and do not care about the developement of the system. Very few of them knows what is going on in the Bitcoin land. They almost handed over their own power to the mining pool, so as long as Core controls the pools, Core controls the whole Bitcoin, no matter how good your Classic is. Under this circumstance, what is your plan? A: Encourage alternatives to Core. If they work better (if they are faster or do more) then Core will either be replaced or will have to become better itself. I am happy to see innovations happening in projects like Bitcoin Unlimited, for example. And just this week I see that Matt Corallo will be working on bringing an optmized protocol for relaying blocks into Core; perhaps that was the plan all along, or perhaps the “extreme thin blocks” work in Bitcoin Unlimited is making that a higher priority. In any case, competition is healthy. Q: From this scaling debate, do you think there is a huge problem with Bitcoin development? Does there exsit development centrilization? Does this situation need improvment? For example, estabilish a fund from Bitcoin as a fundation. It can be used for hiring developers and maintainers, so that we can solve the development issue once and for all. A: I think the Core project spends too much time thinking about small probability technical risks (like “rogue miners” who create hard-to-validate blocks or try to send invalid blocks to SPV wallets) and not enough time thinking about much larger non-technical risks. And I think the Core project suffers from the common open source software problem of “developers developing for developers.” The projects that get worked on are the technically interesting projects-- exciting new features (like the lightning network), and not improving the basic old features (like improving network performance or doing more code review and testing). I think the situation is improving, with businesses investing more in development (but perhaps not in the Core project, because the culture of that project has become much less focused on short-term business needs and more on long-term exciting new features). I am skeptical that crowd-funding software development can work well; if I look at other successful open source software projects, they are usually funded by companies, not individuals.
You are one of the most-repected person in Bitcoin world, I won’t miss the chance to ask some questions. First of all, I am a Classic supporter. I strongly believe that on-chain transcations should not be restrained artificially. Even if there are transcations that are willing to go through Lighting Network in the future, it should be because of a free market, not because of artificial restrication. Here are some of my questions: Q: 1) For the past two years, you’ve been proposing to Core to scale Bitcoin. In the early days of the discussion, Core devs did agree that the blocksize should be raised. What do you think is the major reason for Core to stall scaling. Does there exist conflict of interest between Blockstream and scaling? A: 1) There might be unconscious bias, but I think there is just a difference of opinion on priorities and timing. Q: 2) One of the reason for the Chinese to refuse Classic is that Classic dev team is not technically capable enough for future Bitcoin development. I also noticed that Classic does have a less frequent code release compared to Core. In your opinion, is there any solution to these problems? Have you ever thought to invite capable Chinese programers to join Classic dev team? A: 2) The great thing about open source software is if you don’t think the development team is good enough (or if you think they are working on the wrong things) you can take the software and hire a better team to improve it. Classic is a simple 2MB patch on top of Core, so it is intentional that there are not a lot of releases of Classic. The priority for Classic right now is to do things that make working on Classic better for developers than working on Core, with the goal of attracting more developers. You can expect to see some results in the next month or two. I invite capable programmers from anywhere, including China, to help any of the teams working on open source Bitcoin software, whether that is Classic or Core or Unlimited or bitcore or btcd or ckpool or p2pool or bitcoinj. Q: 3) Another reason for some of the Chinese not supporting Classic is that bigger blocks are more vulnerable to spam attacks. (However, I do think that smaller blocks are more vlunerable to spam attack, because smaller amount of money is needed to choke the blockchain.) What’s our opinion on this? A: 3) The best response to a transaction spam attack is for the network to reject transactions that pay too little fees but to simply absorb any “spam” that is paying as much fees as regular transactions. The goal for a transaction spammer is to disrupt the network; if there is room for extra transactions in blocks, then the network can just accept the spam (“thank you for the extra fees!”) and continue as if nothing out of the ordinary happened. Nothing annoys a spammer more than a network that just absorbs the extra transactions with no harmful effects. Q: 4) According to your understanding on lighting network and sidechains,if most Bitcoin transactions goes throught lighting network or sidechains, it possible that the fees paid on the these network cannot reach the main-chain miners, which leaves miners starving. If yes, how much percent do you think will be given to miners. A: 4) I don’t know, it will depend on how often lightning network channels are opened and closed, and that depends on how people choose to use lightning. Moving transactions off the main chain and on to the lightning network should mean less fees for miners, more for lightning network hubs. Hopefully it will also mean lower fees for users, which will make Bitcoin more popular, drive up the price, and make up for the lower transaction fees paid to miners. Q: 5) The concept of lighting network and sidechains have been out of one or two years already, when do you think they will be fully deployed. A: 5) Sidechains are already “fully deployed” (unless you mean the version of sidechains that doesn’t rely on some trusted gateways to move bitcoin on and off the sidechain, which won’t be fully deployed for at least a couple of years). I haven’t seen any reports of how successful they have been. I think Lightning will take longer than people estimate. Seven months ago Adam Back said that the lightning network might be ready “as soon as six months from now” … but I would be surprised if there was a robust, ready-for-everybody-to-use lightning-capable wallet before 2018. Q: 6)Regarding the hard fork, Core team has assumed that it will cause a chain-split. (Chinese miners are very intimitated by this assumption, I think this is the major reason why most of the Chinese mining pools are not switching to Classic). Do you think Bitcoin will have a chain-split? A: 6) No, there will not be a chain split. I have not talked to a single mining pool operator, miner, exchange, or major bitcoin business who would be willing to mine a minority branch of the chain or accept bitcoins from a minority branch of the main chain. Q: 7) From your point of view, do you think there is more Classic supporters or Core supporters in the U.S.? A: 7) All of the online opinion pools that have been done show that a majority of people worldwide support raising the block size limit.
Q: Which is more in line with the Satoshi’s original roadmap, Bitcoin Classic or Bitcoin Core? How to make mining pools support and adopt Bitcoin Classic? A: Bitcoin Classic is more in line with Satoshi’s original roadmap. We can’t make the mining pools do anything they don’t want to do, but they are run by smart people who will do what they think is best for their businesses and Bitcoin.
Q: Do you have any solution for mining centralization? What do you think about the hard fork of changing mining algorithms? A: I have a lot of thoughts on mining centralization; it would probably take ten or twenty pages to write them all down. I am much less worried about mining centralization than most of the other developers, because Satoshi designed Bitcoin so miners make the most profit when they do what is best for Bitcoin. I have also seen how quickly mining pools come and go; people were worried that the DeepBit mining pool would become too big, then it was GHash.io… And if a centralized mining pool does become too big and does something bad, the simplest solution is for businesses or people to get together and create or fund a competitor. Some of the big Bitcoin exchanges have been seriously considering doing exactly that to support raising the block size limit, and that is exactly the way the system is supposed to work-- if you don’t like what the miners are doing, then compete with them! I think changing the mining algorithm is a complicated solution to a simple problem, and is not necessary.
Q: Last time you came to China, you said you want to "make a different". I know that in USA the opposition political party often hold this concept, in order to prevent the other party being totally dominant. Bitcoin is born with a deep "make a different" nature inside. But in Chinese culture, it is often interpreted as split “just for the sake of splitting”, can you speak your mind on what is your meaning of "make a different"? A: I started my career in Silicon Valley, where there is a lot of competition but also a lot of cooperation. The most successful companies find a way to be different than their competitors; it is not a coincidence that perhaps the most successful company in the world (Apple Computer) had the slogan “think different.” As Bitcoin gets bigger (and I think we all agree we want Bitcoin to get bigger!) it is natural for it to split and specialize; we have already seen that happening, with lots of choices for different wallets, different exchanges, different mining chips, different mining pool software.
Q: 1) The development of XT and Classic confirmed my thoughts that it is nearly impossible to use a new version of bitcoin to replace the current bitcoin Core controlled by Blockstream. I think we will have to live with the power of Blockstream for a sufficient long time. It means we will see the deployment of SegWit and Lighting network. If it really comes to that point, what will you do? Will you also leave like Mike Hearn? A: 1) With the development of Blockchain, bitcoin will grow bigger and bigger without any doubts, And also there will be more and more companies related to the bitcoin network. When it comes to money, there will be a lot of fights between these companies. Is it possible to form some kind of committee to avoid harmful fights between these companies and also the situation that a single company controlling the direction of the bitcoin development? Is there any one doing this kind of job right now? Q: 2) My final question would be, do you really think it is possible that we can have a decentralized currency? Learning from the history, it seems like every thing will become centralized as long as it involves human. Do you have any picture for a decentralized currency or even a society? Thanks. A: 2) I think you might be surprised at what most people are running a year or three from now. Perhaps it will be a future version of Bitcoin Core, but I think there is a very good chance another project will be more successful. I remember when “everybody” was running Internet Explorer or Firefox, and people thought Google was crazy to think that Chrome would ever be a popular web browser. It took four years for Chrome to become the most popular web browser. In any case, I plan on working on Bitcoin related projects for at least another few years. Eventually it will become boring or I will decide I need to take a couple of years of and think about what I want to do next. As for fights between companies: there are always fights between companies, in every technology. There are organizations like the IETF (Internet Engineering Task Force) that try to create committees so engineers at companies can spend more time cooperating and less time fighting; I’m told by people who participate in IETF meetings that they are usually helpful and create useful standards more often than not. Finally, yes, I do think we can have a “decentralized-enough” currency. A currency that might be controlled at particular times by a small set of people or companies, but that gives everybody else the ability to take control if those people or businesses misbehave.
Hi Gavin, I have some questions: Q: 1) I noticed there are some new names added to the classic team list. Most people here only know you and Jeff. Can you briefly introduce some others to the Chinese community? A: 1) Tom Zander has been acting as lead developer, and is an experienced C++ developer who worked previously on the Qt and Debian open source projects. Pedro Pinheiro is on loan from Blockchain.info, and has mostly worked on continuous integration and testing for Classic. Jon Rumion joined recently, and has been working on things that will make life for developers more pleasant (I don’t want to be more specific, I don’t want to announce things before they are finished in case they don’t work out). Jeff has been very busy starting up Bloq, so he hasn’t been very active with Classic recently. I’ve also been very busy traveling (Barbados, Idaho, London and a very quick trip to Beijing) so haven’t been writing much code recently. Q: 2) if bitcoin classic succeeded (>75% threshold), what role would you play in the team after the 2MB upgrade finished, as a leader, a code contributor, a consultant, or something else? A: 2)Contributor and consultant-- I am trying not to be leader of any software project right now, I want to leave that to other people who are better at managing and scheduling and recruiting and all of the other things that need to be done to lead a software project. Q: 3) if bitcoin classic end up failed to achieve mainstream adoption (<75% 2018), will you continue the endeavor of encouraging on-chain scaling and garden-style growth of bitcoin? A: 3) Yes. If BIP109 does not happen, I will still be pushing to get a good on-chain solution to happen as soon as possible. Q: 4) Have you encountered any threat in your life, because people would think you obviously have many bitcoins, like what happened to Hal Finney (RIP), or because some people have different ideas about what bitcoin's future should be? A: 4) No, I don’t think I have received any death threats. It upsets me that other people have. Somebody did threaten to release my and my wife’s social security numbers and other identity information if I did not pay them some bitcoins a couple of years ago. I didn’t pay, they did release our information, and that has been a little inconvenient at times. Q: 5) Roger Ver (Bitcoin Jesus) said bitcoin would worth thousands of dollars. Do you have similar thoughts? If not, what is your opinion on bitcoin price in future? A: 5) I learned long ago to give up trying to predict the price of stocks, currencies, or Bitcoin. I think the price of Bitcoin will be higher in ten years, but I might be wrong. Q: 6) You've been to China. What's your impression about the country, people, and the culture here? Thank you! A: 6) I had a very quick trip to Beijing a few weeks ago-- not nearly long enough to get a good impression of the country or the culture. I had just enough time to walk around a little bit one morning, past the Forbidden City and walk around Tianmen Square. There are a LOT of people in China, I think the line to go into the Chairman Mao Memorial Hall was the longest I have ever seen! Beijing reminded me a little bit of London, with an interesting mix of the very old with the very new. The next time I am in China I hope I can spend at least a few weeks and see much more of the country; I like to be in a place long enough so that I really can start to understand the people and cultures.
Q: Dear Gavin, How could I contact you, we have an excellent team and good plans. please confirm your linkedin. A: Best contact for me is [email protected] : but I get lots of email, please excuse me if your messages get lost in the flood. 15. satoshi Q: Gavin, you've been both core and classic code contributor. Are there any major differences between the two teams, concerning code testing (quality control) and the release process of new versions? A: Testing and release processes are the same; a release candidate is created and tested, and once sufficiently tested, a final release is created, cryptographically signed by several developers, and then made available for download. The development process for Classic will be a little bit different, with a ‘develop’ branch where code will be pulled more quickly and then either fixed or reverted based on how testing goes. The goal is to create a more developer-friendly process, with pull requests either accepted or rejected fairly quickly.
I am a bitcoin enthusiast and a coin holder. I thank you for your great contribution to bitcoin. Please allow me to state some of my views before asking:
I'm on board with classic
I support the vision to make bitcoin a powerful currency that could compete with Visa
I support segwit, so I'll endorse whichever version of bitcoin implementation that upgrades to segwit, regardless of block size.
I disagree with those who argue bitcoin main blockchain should be a settlement network with small blocks. My view is that on the main chain btc should function properly as a currency, as well as a network for settlement.
I'm against the deployment of LN on top of small block sized blockchain. Rather, it should be built on a chain with bigger blocks.
I also won’t agree with the deployment of many sidechains on top of small size block chain. Rather, those sidechains should be on chain with bigger blocks.
With that said, below are my questions: Q: 1) If bitcoin is developed following core's vision, and after the 2020 halving which cuts block reward down to 6.125BTC, do you think the block transaction fee at that time will exceed 3BTC? A: 1) If the block limit is not raised, then no, I don’t think transaction fees will be that high. Q: 2) If bitcoin is developed following classic's vision, and after the 2020 halving which cuts block reward down to 6.125BTC, do you think the block transaction fee at that time will exceed 3BTC? A: 2) Yes, the vision is lots of transactions, each paying a very small fee, adding up to a big total for the miners. Q: 3) If bitcoin is developed following core's vision, do you think POW would fail in future, because the mining industry might be accounted too low value compared with that of the bitcoin total market, so that big miners could threaten btc market and gain profit by shorting? *The questioner further explained his concern. Currently, its about ~1.1 billion CNY worth of mining facilities protecting ~42 billion CNY worth (6.5 Billion USD) of bitcoin market. The ratio is ~3%. If bitcoin market cap continues to grow and we adopt layered development plan, the mining portion may decrease, pushing the ratio go even down to <1%, meaning we are using very small money protecting an huge expensive system. For example, in 2020 if bitcoin market cap is ~100 billion CNY, someone may attempt to spend ~1 billion CNY bribe/manipulate miners to attack the network, thus making a great fortune by shorting bitcoin and destroying the ecosystem. A: 3) Very good question, I have asked that myself. I have asked people if they know if there have been other cases where people destroyed a company or a market to make money by shorting it -- as far as I know, that does not happen. Maybe because it is impossible to take a large short position and remain anonymous, so even if you were successful, you would be arrested for doing whatever you did to destroy the company or market (e.g. blow up a factory to destroy a company, or double-spend fraud to try to destroy Bitcoin). Q: 4) If bitcoin is developed following classic's vision, will the blocks become too big that kill decentralization? A: 4) No, if you look at how many transactions the typical Internet connection can support, and how many transactions even a smart phone can validate per second, we can support many more transactions today with the hardware and network connections we have now. And hardware and network connections are getting faster all the time. Q: 5) In theory, even if we scale bitcoin with just LN and sidechains, the main chain still needs blocks with size over 100M, in order to process the trading volume matching Visa's network. So does core have any on-chain scaling plan other than 2MB? Or Core does not plan to evolve bitcoin into something capable of challenging visa? A: 5) Some of the Core developer talk about a “flexcap” solution to the block size limit, but there is no specific proposal. I think it would be best to eliminate the limit all together. That sounds crazy, but the most successful Internet protocols have no hard upper limits (there is no hard limit to how large a web page may be, for example), and no protocol limit is true to Satoshi’s original design. Q: 6) If (the majority of) hash rate managed to switch to Classic in 2018, will the bitcoin community witness the deployment of LN in two years (~2018)? A: 6) The bottleneck with Lightning Network will be wallet support, not support down at the Bitcoin protocol level. So I don’t think the deployment schedule of LN will be affected much whether Classic is adopted or not. Q: 7) If (majority) hash rate upgraded to blocks with segwit features in 2017 as specified in core's roadmap, would classic propose plans to work on top of that (blocks with segwit)? Or insist developing simplified segwit blocks as described in classic's roadmap? A: 7) Classic will follow majority hash rate. It doesn’t make sense to do anything else. Q: 8) If most hash rate is still on core's side before 2018, will you be disappointed with bitcoin, and announce that bitcoin has failed like what Mike did, and sell all your stashed coins at some acceptable price? A: 8) No-- I have said that I think if the block size limit takes longer to resolve, that is bad for Bitcoin in the short term, but smart engineers will work around whatever road blocks you put in front of them. I see Bitcoin as a long-term project. Q: 9) If we have most hash rate switched to classic's side before 2018, what do you think will be the fate of Blockstream company? A: 9) I think Blockstream might lose some employees, but otherwise I don’t think it will matter much. They are still producing interesting technology that might become a successful business. Q: 10) If we have most hash rate still on core's side before 2018, what do you think will be the fate of Blockstream company? A: 10) I don’t think Blockstream’s fate depends on whether or not BIP109 is adopted. It depends much more on whether or not they find customers willing to pay for the technology that they are developing. Q: 11) If we have most hash rate still on core's side before 2018, what do you think will be the fate of companies that support classic, such as Coinbse, bitpay, and Blockchain.info? A: 11) We have already seen companies like Kraken support alternative currencies (Kraken supports Litecoin and Ether); if there is no on-chain scaling solution accepted by the network, I think we will see more companies “hedging their bets” by supporting other currencies that have a simpler road map for supporting more transactions. Q: 12) If we have most hash rate switched to classic's side before 2018, will that hinder the development of sidechain tech? What will happen to companies like Rockroot(Rootstock?) ? A: 12) No, I think the best use of sidechains is for things that might be too risky for the main network (like Rootstock) or are narrowly focused on a small number of Bitcoin users. I don’t think hash rate supporting Classic will have any effect on that. Q: 13) Between the two versions of bitcoin client, which one is more conducive to mining industry, classic or core? A: 13) I have been working to make Classic better for the mining industry, but right now they are almost identical so it would be dishonest to say one is significantly better than the other.
Q: Gavin, can you describe what was in your mind when you first learned bitcoin? A: I was skeptical that it could actually work! I had to read everything I could about it, and then read the source code before I started to think that maybe it could actually be successful and was not a scam.
Viacoin is an open source cryptocurrency project, based on the Bitcoin blockchain. Publicly introduced on the crypto market in mid 2014, Viacoin integrates decentralized asset transaction on the blockchain, reaching speeds that have never seen before on cryptocurrencies. This Scrypt based, Proof of Work coin was created to try contrast Bitcoin’s structural problems, mainly the congested blockchain delays that inhibit microtransaction as this currency transitions from digital money to a gold-like, mean of solid value storage. Bitcoin Core developers Peter Todd and Btc have been working on this currency and ameliorated it until they was able to reach a lightning fast speed of 24 second per block. These incredible speeds are just one of the features that come with the implementation of Lightning Network, and and make Bitcoin slow transactions a thing of the past. To achieve such a dramatic improvement in performance, the developers modified Viacoin so that its OP_RETURN has been extended to 80 bytes, reducing tx and bloat sizes, overcoming multi signature hacks; the integration of ECDSA optimized C library allowed this coin to reach significant speedup for raw signature validation, making it perform up to 5 times better. This will mean easy adoption by merchants and vendors, which won’t have to worry anymore with long times between the payment and its approval. Todd role as Chief Scientist and Advisor has been proven the right choice for this coin, thanks to his focus on Tree Chains, a ground breaking feature that will fix the main problems revolving around Bitcoin, such as scalability issues and the troubles for the Viacoin miners to keep a reputation on the blockchain in a decentralized mining environment. Thanks to Todd’s expertise in sidechains, the future of this crypto currency will see the implementation of an alternative blockchain that is not linear. According to the developer, the chains are too unregulated when it comes to trying to establish a strong connection between the operations happening on one chain and what happens elsewhere. Merged mining, scalability and safety are at risk and tackling these problems is mandatory in order to create a new, disruptive crypto technology. Tree Chains are going to be the basis for a broader use and a series of protocols that are going to allow users and developers to use Viacoin’s blockchain not just to mine and store coins, but just like other new crypto currencies to allow the creation of secure, decentralized consensus systems living on the blockchain The commander role on this BIP9 compatible coin’s development team has now been taken by a programmer from the Netherlands called Romano, which has a great fan base in the cryptocurrency community thanks to his progressive views on the future of the world of cryptos. He’s in strong favor of SegWit, and considers soft forks on the chain not to be a problem but an opportunity: according to him it will provide an easy method to enable scripting upgrades and the implementation of other features that the market has been looking for, such as peer to peer layers for compact block relay. Segregation Witness allows increased capacity, ends transactions malleability, makes scripting upgradeable, and reduces UTXO set. Because of these reasons, Viacoin Core 0.13 is already SegWit ready and is awaiting for signaling. Together with implementation of SegWit, Romano has recently been working on finalizing the implementation of merged mining, something that has never been done with altcoins. Merged mining allows users to mine more than one block chain at the same time, this means that every hash the miner does contributes to the total hash rate of all currencies, and as a result they are all more secure. This release pre-announcement resulted in a market spike, showing how interested the market is in the inclusion of these features in the coin core and blockchain. The developer has been introducing several of these features, ranging from a Hierarchical Deterministic key (HD key) generation that allows all Viacoin users to backup their wallets, to a compact block relay, which decreases block propagation times on the peer to peer network; this creates a healthier network and a better baseline relay security margin. Viacoin’s support for relative locktime allows users and miners to time-lock a transaction, this means that a new transaction will be prevented until a relative time change is achieved with a new OP code, OP_CHECKSEQUENCEVERITY, which allows the execution of a script based on the age of the amount that is being spent. Support for Child-Pays-For-Parent procedures in Viacoin has been successfully enabled, CPFP will alleviate the problem of transactions that stuck for a long period in the unconfirmed limbo, either because of network bottlenecks or lack of funds to pay the fee. Thanks to this method, an algorithm will selects transactions based on federate inclusive unconfirmed ancestor transaction; this means that a low fee transaction will be more likely to get picked up by miners if another transaction with an higher fee that speeds its output gets relayed. Several optimizations have been implemented in the blockchain to allow its scaling to proceed freely, ranging from pruning of the chain itsel to save disk space, to optimizing memory use thanks to mempool transaction filtering. UTXO cache has also been optimization, further allowing for significant faster transaction times. Anonymity of transaction has been ameliorated, thanks to increased TOR support by the development team. This feature will help keep this crypto currency secure and the identity of who works on it safe; this has been proven essential, especially considering how Viacoin’s future is right now focused on segwit and lightning network . Onion technology used in TOR has also been included in the routing of transactions, rapid payments and instant transaction on bi directional payment channels in total anonymity. Payments Viacoin’s anonymity is one of the main items of this year’s roadmap, and by the end of 2017 we’ll be able to see Viacoin’s latest secure payment technology, called Styx, implemented on its blockchain. This unlinkable anonymous atomic payment hub combines off-the-blockchain cryptographic computations, thanks to Viacoin’s scriptin functionalities, and makes use of security RSA assumptions, ROM and Elliptic Curve digital signature Algorithm; this will allow participants to make fast, anonymous transfer funds with zero knowledge contingent payment proof. Wallets already offer strong privacy, thanks to transactions being broadcasted once only; this increases anonymity, since it can’t be used to link IPs and TXs. In the future of this coin we’ll also see hardware wallets support reaching 100%, with Trezor and Nano ledger support. These small, key-chain devices connect to the user’s computer to store their private keys and sign transactions in a safe environment. Including Viacoin in these wallets is a smart move, because they are targeted towards people that are outside of hardcore cryptocurrency users circle and guarantees exposure to this currency. The more casual users hear of this coin, the faster they’re going to adopt it, being sure of it’s safety and reliability. In last October, Viacoin price has seen a strong decline, probably linked to one big online retailer building a decentralized crypto stock exchange based on the Counterparty protocol. As usual with crypto currencties, it’s easy to misunderstand the market fluctuations and assume that a temporary underperforming coin is a sign of lack of strength. The change in the development team certainly helped with Viacoin losing value, but by watching the coin graphs it’s easy to see how this momentary change in price is turning out to be just one of those gentle chart dips that precede a sky rocketing surge in price. Romano is working hard on features and focusing on their implementation, keeping his head low rather than pushing on strong marketing like other alt coins are doing. All this investment on ground breaking properties, most of which are unique to this coin, means that Viacoin is one of those well kept secret in the market. Minimal order books and lack of large investors offering liquidity also help keep this coin in a low-key position, something that is changing as support for larger books is growing. As soon as the market notices this coin and investments go up, we are going to see a rapid surge in the market price, around the 10000 mark by the beginning of January 2018 or late February. Instead of focusing on a public ICO like every altcoin, which means a sudden spike in price followed by inclusion on new exchanges that will dry up volume, this crypto coin is growing slowly under the radar while it’s being well tested and boxes on the roadmap get checked off, one after the other. Romano is constantly working on it and the community around this coin knows, such a strong pack of followers is a feature that no other alt currency has and it’s what will bring it back to the top of the coin market in the near future. His attitude towards miners that are opposed to SegWit is another strong feature to add to Viacoin, especially because of what he thinks of F2Pool and Bitmain’s politics towards soft forks. The Chinese mining groups seem scared that once alternative crypto coins switch to it they’re going to lose leveraging power for what concerns Bitcoin’s future and won’t be able to speculate on the mining and trading market as much as they have been doing in the past, especially for what concerns the marketing market. It’s refreshing to see such dedication and releases being pushed at a constant manner, the only way to have structural changes in how crypto currencies work can only happen when the accent is put on development and not on just trying to convince the market. This strategy is less flashy and makes sure the road is ready for the inevitable increase in the userbase. It’s always difficult to forecast the future, especially when it concerns alternative coins when Bitcoin is raising so fast. A long term strategy suggestion would be to get around 1BTC worth of this cryptocoin as soon as possible and just hold on it: thanks to the features that are being rolled in as within 6 months there is going to be an easy gain to be made in the order of 5 to 10 times the initial investment. Using the recent market dip will make sure that the returns are maximized. What makes Viacoin an excellent opportunity right now is that the price is low and designed to rise fast, as its Lightning Network features become more mainstream. Lightning Network is secure, instant payment that aren’t going to be held back by confirmation bottlenecks, a blockchain capable to scale to the billions of transactions mark, extremely low fees that do not inhibit micropayments and cross-chain atomic swap that allow transaction across blockchain without the need of a third party custodians. These features mean that the future of this coin is going to be bright, and the the dip in price that started just a while ago is going to end soon as the market prepares for the first of August, when when the SegWit drama will affect all crypto markets. The overall trend of viacoin is bullish with a constant uptrend more media attention is expected , when news about the soft fork will spread beyond the inner circle of crypto aficionados and leak in the mainstream finance news networks. Solid coins like Viacoin, with a clear policy towards SegWit, will offer the guarantees that the market will be looking for in times of doubt. INVESTMENT REVIEW Investment Rating :- A+ https://medium.com/@VerthagOG/viacoin-investment-review-ca0982e979bd
ECDSA. ECDSA stands for Elliptic Curve Digital Signature Algorithm. This is a Digital Signature Algorithm (DSA) that uses an elliptic curve cipher. The Bitcoin network utilizes this to ensure that only authorized parties can spend their bitcoins. Elliptic Curve Cryptography was suggested by mathematicians Neal Koblitz and Victor S Miller, independently, in 1985. While a breakthrough in cryptography, ECC was not widely used until the early 2000’s, during the emergence of the Internet, where governments and Internet providers began using it as an encryption method. Bitcoin currency code is BTC and currency symbol is (B with two vertical lines through it) created by Satoshi Nakamato. Bitcoin currency unit is bitcoin (with lowercase b) which is 100 million satoshi. Satoshi is the smallest unit of bitcoin currency. Bitcoin relies on blockchain idea. BItcoin addresses are created by first picking a random number (for the all important key) and creating an ECDSA (Elliptic Curve Digital Signature Algorithm) public/private key pair with them. This operation alone generates the private key - but Bitcoin addresses are not simply public keys, but rather modified versions of them. The generated public key is then put through several SHA-256 and ... ECDSA. ECDSA stands for Elliptic Curve Digital Signature Algorithm. This is a Digital Signature Algorithm (DSA) that uses an elliptic curve cipher. The Bitcoin network utilizes this to ensure that only authorized parties can spend their bitcoins.
My name is Dr. Julian Hosp or just Julian. My videos are about Bitcoin, Ethereum, Blockchain and crypto currencies in general, to avoid scam, rip-off and fra... Skip navigation Sign in. Search This video is for people who want to use (almost) raw python code to Constructing a Bitcoin transaction. In the previous videos I've explained how to connect to the bitcoin network, as well as how ... - Elliptic curve digital signature algorithm (ECDSA) - Signature algorithm - Shor's algorithm - Hashing algorithm - SHA-256 algorithm - Pre-image attack - Collision attack - Proof of Work mining ... This is the first part of a more technical talk where Andreas explores Bitcoin script, with examples from the 2nd edition of Mastering Bitcoin, focusing on t...