Bitcoin SV price today, BSV marketcap, chart, and info ...

Why is Bitcoin Gold's value too high ($200)? It's simple: They don't have a good SPV/light wallet and people don't even want to set up a full node to dump it. Steps to dump below (using light wallet)

Install Coinomi. (use Genymotion to use Coinomi on your computer)
Sell it.
Done.
submitted by uMCCCS to btc [link] [comments]

Why is Bitcoin Gold's value too high ($200)? It's simple: They don't have a good SPV/light wallet and people don't even want to set up a full node to dump it. Steps to dump below (using light wallet) /r/btc

Why is Bitcoin Gold's value too high ($200)? It's simple: They don't have a good SPV/light wallet and people don't even want to set up a full node to dump it. Steps to dump below (using light wallet) /btc submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

Technical: The Path to Taproot Activation

Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it!
(If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?)
(Pedants: I mostly elide over lockin times)
Briefly, Taproot is that neat new thing that gets us:
So yes, let's activate taproot!

The SegWit Wars

The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions.
So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!

BIP9 Miner-Activated Soft Fork

Basically, BIP9 has a bunch of parameters:
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two.
A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this.
So, first some simple questions and their answers:

The Great Battles of the SegWit Wars

SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain).
So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%.
Thus were the Great SegWit Wars started.

BIP9 Feature Hostage

If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage.
You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever.
With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you.
This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.

Covert ASICBoost

ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere
Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected.
Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway.
Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost!
But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage).
Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit.
Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!

UASF: BIP148 and BIP8

When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit.
Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit.
This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core.
Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout).
BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled.
This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9.
Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.

BIP91, SegWit2X, and The Aftermath

BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community.
One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym.
The text of the NYA was basically:
  1. Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
    • When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
  2. If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91.
Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit.
Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X).
This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists.
Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.

Taproot Activation Proposals

There are two primary proposals I can see for Taproot activation:
  1. BIP8.
  2. Modern Softfork Activation.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout)
So let's take a look at Modern Softfork Activation!

Modern Softfork Activation

This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
  1. First have a 12-month BIP9 (fail at timeout).
  2. If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
  3. Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation.
The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.

PSA: Being Resilient to Upgrades

Software is very birttle.
Anyone who has been using software for a long time has experienced something like this:
  1. You hear a new version of your favorite software has a nice new feature.
  2. Excited, you install the new version.
  3. You find that the new version has subtle incompatibilities with your current workflow.
  4. You are sad and downgrade to the older version.
  5. You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
  6. You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system.
And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk.
Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations.
So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
  1. One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
  2. The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist.
Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems.
When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well).
This recommendation is from gmaxwell on IRC, by the way.
submitted by almkglor to Bitcoin [link] [comments]

Don't blindly follow a narrative, its bad for you and its bad for crypto in general

I mostly lurk around here but I see a pattern repeating over and over again here and in multiple communities so I have to post. I'm just posting this here because I appreciate the fact that this sub is a place of free speech and maybe something productive can come out from this post, while bitcoin is just fucking censorship, memes and moon/lambo posts. If you don't agree, write in the comments why, instead of downvoting. You don't have to upvote either, but when you downvote you are killing the opportunity to have discussion. If you downvote or comment that I'm wrong without providing any counterpoints you are no better than the BTC maxis you despise.
In various communities I see a narrative being used to bring people in and making them follow something without thinking for themselves. In crypto I see this mostly in BTC vs BCH tribalistic arguments:
- BTC community: "Everything that is not BTC is shitcoin." or more recently as stated by adam on twitter, "Everything that is not BTC is a ponzi scheme, even ETH.", "what is ETH supply?", and even that they are doing this for "altruistic" reasons, to "protect" the newcomers. Very convenient for them that they are protecting the newcomers by having them buy their bags
- BCH community: "BTC maxis are dumb", "just increase block size and you will have truly p2p electronic cash", "It is just that simple, there are no trade offs", "if you don't agree with me you are a BTC maxi", "BCH is satoshi's vision for p2p electronic cash"
It is not exclusive to crypto but also politics, and you see this over and over again on twitter and on reddit.
My point is, that narratives are created so people don't have to think, they just choose a narrative that is easy to follow and makes sense for them, and stick with it. And people keep repeating these narratives to bring other people in, maybe by ignorance, because they truly believe it without questioning, or maybe by self interest, because they want to shill you their bags.
Because this is BCH community, and because bitcoin is censored, so I can't post there about the problems in the BTC narrative (some of which are IMO correctly identified by BCH community), I will stick with the narrative I see in the BCH community.
The culprit of this post was firstly this post by user u/scotty321 "The BTC Paradox: “A 1 MB blocksize enables poor people to run their own node!” “Okay, then what?” “Poor people won’t be able to use the network!”". You will see many posts of this kind being made by u/Egon_1 also. Then you have also this comment in that thread by u/fuck_____________1 saying that people that want to run their own nodes are retarded and that there is no reason to want to do that. "Just trust block explorer websites". And the post and comment were highly upvoted. Really? You really think that there is no problem in having just a few nodes on the network? And that the only thing that secures the network are miners?
As stated by user u/co1nsurf3r in that thread:
While I don't think that everybody needs to run a node, a full node does publish blocks it considers valid to other nodes. This does not amount to much if you only consider a single node in the network, but many "honest" full nodes in the network will reduce the probability of a valid block being withheld from the network by a collusion of "hostile" node operators.
But surely this will not get attention here, and will be downvoted by those people that promote the narrative that there is no trade off in increasing the blocksize and the people that don't see it are retarded or are btc maxis.
The only narrative I stick to and have been for many years now is that cryptocurrency takes power from the government and gives power to the individual, so you are not restricted to your economy as you can participate in the global economy. There is also the narrative of banking the bankless, which I hope will come true, but it is not a use case we are seeing right now.
Some people would argue that removing power from gov's is a bad thing, but you can't deny the fact that gov's can't control crypto (at least we would want them not to).
But, if you really want the individuals to remain in control of their money and transact with anyone in the world, the network needs to be very resistant to any kind of attacks. How can you have p2p electronic cash if your network just has a handful couple of nodes and the chinese gov can locate them and just block communication to them? I'm not saying that this is BCH case, I'm just refuting the fact that there is no value in running your own node. If you are relying on block explorers, the gov can just block the communication to the block explorer websites. Then what? Who will you trust to get chain information? The nodes needs to be decentralized so if you take one node down, many more can appear so it is hard to censor and you don't have few points of failure.
Right now BTC is focusing on that use case of being difficult to censor. But with that comes the problem that is very expensive to transact on the network, which breaks the purpose of anyone being able to participate. Obviously I do think that is also a major problem, and lightning network is awful right now and probably still years away of being usable, if it ever will. The best solution is up for debate, but thinking that you just have to increase the blocksize and there is no trade off is just naive or misleading. BCH is doing a good thing in trying to come with a solution that is inclusive and promotes cheap and fast transactions, but also don't forget centralization is a major concern and nothing to just shrug off.
Saying that "a 1 MB blocksize enables poor people to run their own" and that because of that "Poor people won’t be able to use the network" is a misrepresentation designed to promote a narrative. Because 1MB is not to allow "poor" people to run their node, it is to facilitate as many people to run a node to promote decentralization and avoid censorship.
Also an elephant in the room that you will not see being discussed in either BTC or BCH communities is that mining pools are heavily centralized. And I'm not talking about miners being mostly in china, but also that big pools control a lot of hashing power both in BTC and BCH, and that is terrible for the purpose of crypto.
Other projects are trying to solve that. Will they be successful? I don't know, I hope so, because I don't buy into any narrative. There are many challenges and I want to see crypto succeed as a whole. As always guys, DYOR and always question if you are not blindly following a narrative. I'm sure I will be called BTC maxi but maybe some people will find value in this. Don't trust guys that are always posting silly "gocha's" against the other "tribe".
EDIT: User u/ShadowOfHarbringer has pointed me to some threads that this has been discussed in the past and I will just put my take on them here for visibility, as I will be using this thread as a reference in future discussions I engage:
When there was only 2 nodes in the network, adding a third node increased redundancy and resiliency of the network as a whole in a significant way. When there is thousands of nodes in the network, adding yet another node only marginally increase the redundancy and resiliency of the network. So the question then becomes a matter of personal judgement of how much that added redundancy and resiliency is worth. For the absolutist, it is absolutely worth it and everyone on this planet should do their part.
What is the magical number of nodes that makes it counterproductive to add new nodes? Did he do any math? Does BCH achieve this holy grail safe number of nodes? Guess what, nobody knows at what number of nodes is starts to be marginally irrelevant to add new nodes. Even BTC today could still not have enough nodes to be safe. If you can't know for sure that you are safe, it is better to try to be safer than sorry. Thousands of nodes is still not enough, as I said, it is much cheaper to run a full node as it is to mine. If it costs millions in hash power to do a 51% attack on the block generation it means nothing if it costs less than $10k to run more nodes than there are in total in the network and cause havoc and slowing people from using the network. Or using bot farms to DDoS the 1000s of nodes in the network. Not all attacks are monetarily motivated. When you have governments with billions of dollars at their disposal and something that could threat their power they could do anything they could to stop people from using it, and the cheapest it is to do so the better
You should run a full node if you're a big business with e.g. >$100k/month in volume, or if you run a service that requires high fraud resistance and validation certainty for payments sent your way (e.g. an exchange). For most other users of Bitcoin, there's no good reason to run a full node unless you reel like it.
Shouldn't individuals benefit from fraud resistance too? Why just businesses?
Personally, I think it's a good idea to make sure that people can easily run a full node because they feel like it, and that it's desirable to keep full node resource requirements reasonable for an enthusiast/hobbyist whenever possible. This might seem to be at odds with the concept of making a worldwide digital cash system in which all transactions are validated by everybody, but after having done the math and some of the code myself, I believe that we should be able to have our cake and eat it too.
This is recurrent argument, but also no math provided, "just trust me I did the math"
The biggest reason individuals may want to run their own node is to increase their privacy. SPV wallets rely on others (nodes or ElectronX servers) who may learn their addresses.
It is a reason and valid one but not the biggest reason
If you do it for fun and experimental it good. If you do it for extra privacy it's ok. If you do it to help the network don't. You are just slowing down miners and exchanges.
Yes it will slow down the network, but that shows how people just don't get the the trade off they are doing
I will just copy/paste what Satoshi Nakamoto said in his own words. "The current system where every user is a network node is not the intended configuration for large scale. That would be like every Usenet user runs their own NNTP server."
Another "it is all or nothing argument" and quoting satoshi to try and prove their point. Just because every user doesn't need to be also a full node doesn't mean that there aren't serious risks for having few nodes
For this to have any importance in practice, all of the miners, all of the exchanges, all of the explorers and all of the economic nodes should go rogue all at once. Collude to change consensus. If you have a node you can detect this. It doesn't do much, because such a scenario is impossible in practice.
Not true because as I said, you can DDoS the current nodes or run more malicious nodes than that there currently are, because is cheap to do so
Non-mining nodes don't contribute to adding data to the blockchain ledger, but they do play a part in propagating transactions that aren't yet in blocks (the mempool). Bitcoin client implementations can have different validations for transactions they see outside of blocks and transactions they see inside of blocks; this allows for "soft forks" to add new types of transactions without completely breaking older clients (while a transaction is in the mempool, a node receiving a transaction that's a new/unknown type could drop it as not a valid transaction (not propagate it to its peers), but if that same transaction ends up in a block and that node receives the block, they accept the block (and the transaction in it) as valid (and therefore don't get left behind on the blockchain and become a fork). The participation in the mempool is a sort of "herd immunity" protection for the network, and it was a key talking point for the "User Activated Soft Fork" (UASF) around the time the Segregated Witness feature was trying to be added in. If a certain percentage of nodes updated their software to not propagate certain types of transactions (or not communicate with certain types of nodes), then they can control what gets into a block (someone wanting to get that sort of transaction into a block would need to communicate directly to a mining node, or communicate only through nodes that weren't blocking that sort of transaction) if a certain threshold of nodes adheres to those same validation rules. It's less specific than the influence on the blockchain data that mining nodes have, but it's definitely not nothing.
The first reasonable comment in that thread but is deep down there with only 1 upvote
The addition of non-mining nodes does not add to the efficiency of the network, but actually takes away from it because of the latency issue.
That is true and is actually a trade off you are making, sacrificing security to have scalability
The addition of non-mining nodes has little to no effect on security, since you only need to destroy mining ones to take down the network
It is true that if you destroy mining nodes you take down the network from producing new blocks (temporarily), even if you have a lot of non mining nodes. But, it still better than if you take down the mining nodes who are also the only full nodes. If the miners are not the only full nodes, at least you still have full nodes with the blockchain data so new miners can download it and join. If all the miners are also the full nodes and you take them down, where will you get all the past blockchain data to start mining again? Just pray that the miners that were taken down come back online at some point in the future?
The real limiting factor is ISP's: Imagine a situation where one service provider defrauds 4000 different nodes. Did the excessive amount of nodes help at all, when they have all been defrauded by the same service provider? If there are only 30 ISP's in the world, how many nodes do we REALLY need?
You cant defraud if the connection is encrypted. Use TOR for example, it is hard for ISP's to know what you are doing.
Satoshi specifically said in the white paper that after a certain point, number of nodes needed plateaus, meaning after a certain point, adding more nodes is actually counterintuitive, which we also demonstrated. (the latency issue). So, we have adequately demonstrated why running non-mining nodes does not add additional value or security to the network.
Again, what is the number of nodes that makes it counterproductive? Did he do any math?
There's also the matter of economically significant nodes and the role they play in consensus. Sure, nobody cares about your average joe's "full node" where he is "keeping his own ledger to keep the miners honest", as it has no significance to the economy and the miners couldn't give a damn about it. However, if say some major exchanges got together to protest a miner activated fork, they would have some protest power against that fork because many people use their service. Of course, there still needs to be miners running on said "protest fork" to keep the chain running, but miners do follow the money and if they got caught mining a fork that none of the major exchanges were trading, they could be coaxed over to said "protest fork".
In consensus, what matters about nodes is only the number, economical power of the node doesn't mean nothing, the protocol doesn't see the net worth of the individual or organization running that node.
Running a full node that is not mining and not involved is spending or receiving payments is of very little use. It helps to make sure network traffic is broadcast, and is another copy of the blockchain, but that is all (and is probably not needed in a healthy coin with many other nodes)
He gets it right (broadcasting transaction and keeping a copy of the blockchain) but he dismisses the importance of it
submitted by r0bo7 to btc [link] [comments]

Digital Dollar, FedNow, CBDC, the central banks spending and global push for more control through digital currency.

At the beginning of the Covid-19 outbreak a few interesting things happened. China introduced the "Digital Yuan / RMB" And in April the "Digital dollar" was proposed in the first stimulus bill here in the USA. And they haven't stopped talking about it since. High tables from the White house Financial committee, Federal Reserve, US congress. Aiming to have a digital currency working as early as 2021 to provide UBI / Universal basic income to the masses, all while being able to track, freeze, limit, manipulate spending throughout the economy. Starting to sound rather like a "Black mirror film" isn't it? Well...China has taken it a step farther with their "Social Credit system" watching and controlling nearly every aspect of life. . . but we're here to talk about currency. How could this even happen in America? Well, to start
All of the above is a partial list of factors devaluing the Dollar and trust in it from several ways and views. At the end of the day it has a huge amount of enemies, that are all looking for ways to get out of it.
Some of what I'm seeing personally.
It is a death spiral for the working person, where it used to be "No more than 30% of your wage going to housing" It is now well over 50%....Just look at this recent post in Frugal https://www.reddit.com/Frugal/comments/ifqah1/is_it_normal_for_a_third_to_a_half_of_you?utm_source=share&utm_medium=web2x&context=3
This death spiral I foresee getting worse. And historically any "tax" / regulation cost will just be passed down to the consumer in form of increased prices until people / businesses move elsewhere as we've seen in several cities around the US.

So what can we do? Buy Gold! Silver! Bitcoin! Stocks! I hear people roar, They aren't exactly wrong as history shows... but have you considered the 30-40% tax on the "gain"? Even when that asset buys the same value before tax? What if the government makes it illegal like the 1933 order: 6102 Where you couldn't own gold for nearly 50 years? You're frozen out, or even out on taxes (which will likely be more strict and controlled later in time).
I'd say Invest in things that will
Metals are the next step when a person has plenty of the above. You get to a point where you have hundreds of thousands, if not millions that you need to condense into something real.
It is all about the savings or productivity gain of the investment. For instance I would wager that many preppers have gotten more use / value out of a $800 clothes washer than a $800 rifle. (have you ever had to do manual laundry???) Sure the rifle will hold value...but it often doesn't pay you back with time / what it saved and / or what it has produced during its life unless you are using it. Same can be said of security cameras, a generator, a tractor, trailer, garden, tools, ect.
Look at history even, in countries that have experienced hyperinflation people that already had tangibles they regularly use were way ahead. It could even be honey, a tool, extra maintenance parts, can of food, that bottle of medicine, a computer to keep your intel on point, (cough # PrepperIntel plug) use of your equipment to do or make something for someone. Real Estate is good too, it rides inflation well and has many ways of being productive.
Your metals could be sitting there like the rifle, and could be subject to hot debate and laws. Meanwhile that garden is paying back, chainsaw is helping saw up wood, or your tractor is helping a job, your tools just helped you fix something / saved you much loss, Your security stopped a loss not by a person, but an random animal stealing things. Or that $25,000 solar array is paying you back by the day in spades...while making you independent...running all your tools you're using to make things to sell, and even heating / cooling some of the house with the extra juice while places around you experience rolling blackouts. You were even smart and took the current 24% tax benefit the government has saving you $5000 on it for batteries. Don't get me started if you have an electric vehicle with solar... I'm rambling at this point...and all those stealthy / direct and passive background savings...even if the crap doesn't hit the fan.
So anyways, With out of control central banks and big governments, digital currencies, How do you think it will play out? Are we heading to dystopia?
submitted by AntiSonOfBitchamajig to PrepperIntel [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

6 Reasons Why Serum Won't Succeed

6 Reasons Why Serum Won't Succeed

The world of DeFi is exploding but is it all it’s made out to be?

DeFi (decentralised finance) is most certainly the buzz in the crypto world this minute. It’s bringing similar feelings which was the 2017/18 ICO phase, where a mammoth of new projects begun to explode onto the scene, each with their own promise of new innovation and use case.
Hindsight has shown us that most of those projects have ultimately failed, or worse, were outright scams that took advantage of not so wise investors looking to make a buck. Obviously, not all projects fit that description, with many teams still around today working on and delivering their individual visions. Crypto is, after all, still a big experiment of new technology.

Enter DeFi: Serum

DeFi has exploded into the limelight over the last few months, with some tokens appreciating hundreds of percent in price. It appears to be the catalyst that has driven a huge market shift in the crypto world, and for those who’ve been around a number of years, this is a welcome change.
In this piece, I’m going to examine a particular project called Serum.
Serum is the world’s first completely decentralized derivatives exchange with trustless cross-chain trading brought to you by Project Serum.
The Serum Project is aiming to create both a decentralised exchange and a cross-chain swapping mechanism. In this article, I’m going to focus solely on the cross-chain swapping aspect of Serum.
Although the Serum whitepaper is quite short and lacking in detail, it is useful to derive some understanding of how the cross-chain swapping protocol should work. Throughout this review, I will use it to describe how the imagined protocol works.

Overview

Let's assume Alice wants to trade some BTC for ETH and Bob wants to trade some ETH for BTC using Serum. These two users are matched and agree on a price using an on-chain order book on the Solana blockchain (whitepaper provides no practical details on how to do this).
Once these users are matched, Bob must send the ETH he wants to trade to an Ethereum smart contract, plus some amount of ETH ~200 USD worth (see section 4 below) to the smart contract as collateral. Alice will also need to send some collateral to the smart contract. Once this initial setup process is complete Alice then has to send her BTC to Bob’s BTC address and if Bob receives the BTC from Alice he can then release his ETH from the smart contract sending it to Alice’s ETH address. Upon completion of this both Alice and Bob are refunded their ETH collateral.
So what happens if something goes wrong? For example, say Alice never sends BTC to Bob, after some period of time Bob can initiate a dispute. When the dispute begins both Alice and Bob present a portion of the Bitcoin blockchain information to the smart contract (see section 3). The smart contract then decides whether or not Alice did send BTC to Bob. If she hasn’t then the smart contract returns Bob's ETH and collateral to Bob and also takes Alice’s ETH collateral and gives that to Bob. The same occurs in reverse if Alice sends BTC but Bob never approves the transfer of ETH from the smart contract.
This scheme seems pretty simple, there’s no oracles and no centralised parties, however, it has a number of disadvantages.

1. User-Provided Collateral Is Bad for User Experience

Each time a user conducts a swap they must reserve some percentage or fixed amount to cover the collateral for the swap. This collateral amount needs to be present to prevent griefing attacks where users initiate swaps with no intention of ever following through and sending funds to the alternate participant.
However, this creates a poor user experience as both Alice and Bob need to have at least the value of the dispute fee committed to the contract in collateral before they conduct a swap. This is totally foreign from the normal exchange experience in which you only require a single coin and a single transaction to begin trading. For example, if using Serum to trade Bitcoin you would need to hold Bitcoin and ~200$ of Ethereum and also interact with the Ethereum chain before any swap occurs. This adds unnecessary complexity and confusion, especially for newcomers to the crypto space.

2. ETH Must Always Be on One Side of the Swap

Although the Serum method of cross-chain swapping could occur on any blockchain with smart contracts, the Serum whitepaper makes it clear the Serum arbitration contract is going to be deployed on the Ethereum blockchain. This means one party must always be locking the full value of the trade in ETH using an Ethereum smart contract.
This makes it impossible, for example, to do a single step trade between Bitcoin and Monero since the swap would need to be from Bitcoin to ETH first and then from ETH to Monero. This is comparable to other proposed cross-chain swap systems like Thorchain and Blockswap, however since those networks use AMM’s (automated market makers)and decentralized vaults to take custody of funds, the user needs not to interact with the intermediary chain at all.
Instead in Serum, the user wanting to swap Bitcoin to Monero will need to do the following steps:
  1. Send Ethereum collateral to the Serum arbitration contract
  2. Send Bitcoin to the user they are swapping with.
  3. Receive Ethereum
  4. Send Ethereum back to Serum arbitration contract
  5. Receive Monero
  6. Send Ethereum out of Serum arbitration contract
  7. Receive back Ethereum collateral
It might be possible to remove or simplify step 4, depending on how the smart contract is built, however, this means a swap from BTC to Monero would require 2 Ethereum and 1 Bitcoin transaction in the best-case scenario. Compared with the experience of other cross-chain swapping mechanisms, which only require the user to send a single transaction to swap between two assets, this is very poor user experience.

3. Proving Transactions on Arbitrary Chains to a Smart Contract Is Not Trivial

Perhaps the most central part of the Serum cross-chain swapping mechanism is left completely unexplored in the Serum whitepaper with only a brief explanation given.
“[The] Smart Contract is programmed to parse whether a proposed BTC blockchain is valid; it can then check which of Alice and Bob send the longer valid blockchain, and settle in their favor”
This is not a trivial problem, and it is unclear how this actually works from the explanation given in the Serum whitepaper. What actually needs to be presented to the smart contract to prove a Bitcoin transaction? Typically when talking about SPV the smart contract would need the block headers of all previous blocks and a merkle inclusion proof. This is far too heavy to submit in a dispute. Instead, Serum could use NIPoPoW, however, these proofs only work on chains with fixed difficulty and are still probably prohibitively too large (~100KB) to be submitted as a proof to a contract. Other solutions like Flyclient are more versatile, but proof sizes are much larger and have failed to see much real-world adoption.
Without explaining how they actually plan to do this validation of Bitcoin transactions, users are left in the dark about how secure their solution actually is.

4. High Dispute Fees Force Large Collateral on Small Trades

Although disputes should almost never happen because of the incentives and punishments designed into the Serum protocol, the way they are designed has negative impacts on the use of the network.
Although the Serum whitepaper does not say how the dispute mechanism works, they do say that it will cost about ~100 USD in GAS to dispute a swap.
Note: keep in mind that the Serum paper was published in July 2020 when the gas price was about 50 Gwei, as Ethereum use has picked up over the past month we have seen average GAS prices as high as 250 Gwei, with the average price right now about 120 Gwei.
This means that at the height of GAS prices it could have cost a user ~500 USD to dispute a swap.
This means for the network to ensure losing cross-chain swaps aren’t made each user must deploy at least $200 in collateral on each side. It may be possible to lower this to collateral if we assume the attacker is not financially motivated, however, there is a lower bound in which ransom attacks become possible on low-value trades.
Further and perhaps more damagingly, this means in a trade of any size the user needs to have at least 300 USD in ETH laying around. 100 USD in ETH for the required collateral and 200 USD if they need to challenge the transaction.
This further adds to the poor user experience when using Serum for cross-chain swapping.

5. Swaps Are Not Set and Forget

Instead of being able to send a transaction and receive funds on the blockchain you are swapping to, the process is highly interactive. In the case where I am swapping ETH for Bitcoin, the following occurs:
If the Bitcoin transaction is never received then I need to wait for a timeout to occur before I can participate in the dispute process.
And on the Bitcoin side (assuming the seller is ready), the following must take place:
If the Seller never accepts the Bitcoin I sent to him then I need to wait on line for the dispute process.
This presents a strange user experience where the seller or seller’s wallet must be left online during this whole process and be ready to sign a new transaction if they need to dispute transactions or unlock funds from a smart contract.
This is different from the typical exchange or swapping scenario in which, once your funds are sent you can be assured you will receive the amount you expected in your swap back to you, without any of your wallets needing to remain online.

6. The Serum Token Seems to Lack a Use Case

The cross-chain swapping protocol Serum describes in its whitepaper could easily be forked and launched on the Ethereum blockchain without having any need for the Serum token. It seems that the Serum token will be used in some capacity when placing orders on the Solana based blockchain, however, the order book could just as easily be placed off with traditional rate-limiting schemes.
There is some brief mention of future governance abilities for token holders, however, as a common theme in their whitepaper, details are scarce:
Serum is anticipated to include a limited governance model based on the SRM token. While most of the Serum ecosystem will be immutable, some parameters without large security risks (e.g. future fees) may be modified via a governance vote of SRM tokens.

Conclusion

Until satisfactory answers are given to these questions I would be looking at other projects who are attempting to build platforms for cross-chain swaps. As previously mentioned, Thorchain & Blockswap show some promise in design, whilst there are some others competing in this space too, such as Incognito and RenVM. However, this area is still extremely immature so plenty of testing and time is required before we can call any of these projects a success.
If you’ve got any feedback or thoughts about Serum, cross-chain swapping or DeFi in general, please don’t be shy in leaving a comment.
submitted by Loooong_Loooong_Man to CryptoCurrency [link] [comments]

Difference between smart-contracts and nodes

Difference between smart-contracts and nodes
Greetings. 🤗 In this post we will tell you about the difference between a node and a smart contract.

❓ What is a node?

A node is any computer that is connected to a blockchain network. Simply put, this is the point at which messages can be created, received, or transmitted. For a bitcoin network, for example, there are full nodes, supernodes, miner nodes, and an SPV client.

❓ What is a smart contract?

Smart contracts are computer data transfer protocols that use mathematical algorithms to automatically complete a transaction after meeting established conditions and complete process control. The protocol is used to enter all the terms of the contract concluded between the parties to the transaction in the blockchain. Obligations of participants are provided in the smart contract in the form of "if-then" (for example: "if Party A transfers money, then Party B transfers the rights to the apartment"). Once these conditions are met, the smart contract independently performs the transaction and ensures that the agreement is respected.

❗️ Thus, the smart contract is the action that takes place, and the node is the place where this action takes place.

💡 The Relictum Pro innovative approach

✔️ The distinctive mechanism is as follows: only the hash of one event (transaction) is recorded in the block, and it cannot be changed. Thus, all kinds of collisions are swept aside. In addition to recording the event hash into the block, when forming a new one, the entire hash of the previous block and + integer value is taken (we put the sequential block number in front of the block). There is a main chain of blocks - Master_Chain, which contains only the hash of a block of lower and side smart contracts.

✔️ In parallel with the main Master_Chain, various independent chains are formed - these are smart contracts that organize the three-dimensional distribution, for example:
- first smart contract - generation of tokens;
- second smart contract - sale of goods through the store;
- third - a crypto exchange;
- fourth - delivery of goods, etc.

✔️ Thus, the organization of chains of smart contracts and the main Master_Chain leads to a four-dimensional model of the organization of distribution of blocks.

Read more about Relictum Pro innovative solutions here: https://relictum.pro
https://preview.redd.it/1w6uqq7t0b851.png?width=1200&format=png&auto=webp&s=8589ed31ec1644b9e345e6154fc58bcb641abf1e
submitted by RelictumPro_official to relictumpro [link] [comments]

tBTC an erc20 wrapped version of BTC, like erc20 wBTC; but is trustless and does not require a centralised party to mint wrapped btc like wBTC

I found this article on /Ethereum though it didnt go into the specs of how this works:
https://np.reddit.com/ethereum/comments/ftqdna/bitcoin_to_ethereum_bridge_raises_77_million_in/
https://decrypt.co/24336/bitcoin-to-ethereum-bridge-raises-7-7-million-in-token-sale?utm_source=reddit&utm_medium=social&utm_campaign=sm
as the article says wrapped bitcoin has been done before e.g. wBTC but wBTC requires a centralised party to mint wBTC from BTC held by this party; making it out of the question as its centralised.
did some digging there is a whitepaper , but i wanted more details on the tBTC implementation.
I went on their github and looked at the readme on some projects; found a few interesting things, though not an entire explanation.
https://github.com/keep-network/tbtc
tBTC is a trustlessly Bitcoin-backed ERC-20 token.
The goal of the project is to provide a stronger 2-way peg than federated sidechains like Liquid, expanding use cases possible via today’s Bitcoin network, while bringing superior money to other chains.
This repo contains the Solidity smart contracts and specification.
https://github.com/keep-network/tbtc
tbtc.js provides JS bindings to the tBTC system. The tBTC system is a bonded, multi-federated peg made up of many deposits backed by single-use BTC wallets to enable their value’s corresponding usage on the Ethereum chain, primarily through the minting of a TBTC ERC20 token whose supply is guaranteed to be backed by at least 1 BTC per TBTC in circulation.
finally this is the best:
https://tbtc.network/developers/tbtc-technical-system-overview
here is the first few pargarphs
2020-04-01 tBTC incorporates novel design features that carry important implications for users. This piece explains four of these: TDT receipts, multiple lot sizes, Keep's random beacon, and threshold signatures.
TBTC Deposit Token (TDT) The TBTC Deposit Token (TDT) is a non-fungible token that is minted when a user requests a deposit. A TDT is a non-fungible ERC-721 token that serves as a counterpart to TBTC. It represents a claim to a deposit's underlying UTXO on the Bitcoin blockchain.
TBTC deposits can be locked or unlocked. A locked deposit can only be redeemed by the deposit owner with the corresponding TDT. Each TDT is unique to the deposit that mints it and carries the exclusive right for up to a 6 month term to redeem the deposit.
also this paragraph addresses creating wallets with the created tokens
Random Beacon for Signer Selection
The Keep network requires a trusted source of randomness to select tBTC signers. This takes the form of a BLS Threshold Relay.
When a request comes in to create a signing group, the tBTC system uses a random seed from a secure decentralized random beacon to randomly select signing group members from the eligible pool of signers. These signers coordinate a distributed key generation protocol that results in a public ECDSA key for the group, which is used to produce a wallet address that is then published to the host chain. This completes the signer selection phase.
my take away from this is that by using side chains that a trustless, not fedeared like liquid bitcoin sidechains sold by blockstream. it uses NFT erc-721 tokens as representation of the bitccoin UTXO from the bitcoin blockchain, store it in a wallet and mint it into tBTC. given this is all smart contracts generating wallets and minting the tBTC, it does away with the need of a centralised party to provide the funds of BTC to create a wrapped erc20 version on ethereum and so should be trustles.
perhaps erc20 token trading is the way to go forward. just requires wrapping of exisitng tokens. this looks promising for DeXs and DeFi if it happens.
also opens the possibiliy of multicollateral Dai (MCD) using tBTC in addition to eth and BAT. though personally i think btc should not be used in MCD.
any thoughts on this? or if my understanding is off.
thanks
edit: got some more info from px403
I talked to James a bit about tBTC in Osaka, so I have a vague idea of how it works, so I might be able to explain it in a somewhat coherent way.
Basically, the magic here is they reimplemented Bitcoin's SPV as an Ethereum smart contract, effectively letting them query the current state of the Bitcoin network, including validity of payments, directly in contract. Using this, they built an auction system where people can at any time claim ETH by paying BTC, or claim BTC by paying ETH. By design the spread is wide, so this isn't actually intended to be a high volume exchange, but what you do get is a pretty good price oracle.
From the price oracle, I think there were doing some Maker style CDPs or something, where people could lock up their BTC on the Bitcoin network to redeem tBTC, and any of the locked BTC could be reclaimed by burning tBTC or something.
Sorry it's not a complete picture of what's going on, but I think that's the general gist of what they're doing.
submitted by Neophyte- to CryptoTechnology [link] [comments]

Decred - Our Network #3 (27-Feb-2020)

Decred - Our Network #3 (27-Feb-2020)
The Our Network newsletter is an industry wide publication driven by community members with a focus for on-chain data and behaviour of crypto-networks. Decred is featured once a month alongside other L1 networks Bitcoin, Ethereum, ZCash and Tezos.
https://ournetwork.substack.com/about?utm_source=subscribe_email&utm_content=learn_more

Insight 1 - Tickets and PoW Issuance

Decred has three issuance paths for new coins, 60% are mined via PoW, 30% are staked by PoS and 10% allocated to the Decred Treasury. The chart below shows these issuance curves alongside the total DCR bound in tickets (Y-axis is proportion of circulating supply).
It shows a very distinct relationship between DCR in tickets (blue) and PoW issuance (red). This suggests that a majority of coins distributed by miners have been purchased by market participants and make their way off exchanges and into staking. This trend has persisted both before and after ASIC miners launched on the network and is one indicator that DCR has a reasonable and fair vote decentralisation.
Decred PoW (red), PoS (purple) and Treasury (yellow) issuance compared to DCR in ticket

Insight 2 - Privacy Update

The Decred privacy implementation has been live since late August 2019 and has been met with strong reception and usage. The system facilitates coin-join mixing using the CoinShuffle++ protocol, combined with the constant flow of DCR in the PoS ticket pool.
The supply of mixed DCR has resumed its uptrend after rolling out further stability upgrades for the mixing server allowing wider participation. The anonymity set is now over 19% of all circulating Decred UTXOs (2,113,530 DCR). Note, this counts all mixed UTXOs (incl. tickets) which have not been spent since the mix.
Total supply of DCR and current anonymity set

Insight 3 - Privacy Mixer Volume

Current volumes passing through Decred coin-joins are consistently between 50,000 and 100,000 DCR per day. At recent prices of $20, the protocol is mixing between $1 to $2 Million in value per day. On the 22-Feb, a new all time high was hit with 154,223 DCR in mixed volume, equivalent to over $3 Million.
The fee for mixing is just a standard blockchain transaction fee for users, meaning each mix can completed for a few cents.
Decred daily privacy mix volumes.

Insight 4 - The MVRV Ratio

The Decred MVRV Ratio shows the relationship between the Market Cap and the Realised Cap. Since DCR is always moving on-chain in tickets, the Realised Cap tends to act as support in Bullish markets and resistance in Bear markets.
The DCR Market Cap has recently broken above the Realised Cap and the MVRV Ratio is retesting support on the trend-line which has contained it since mid 2017. The author expects the MVRV to act as an oscillator in response to Bull/Bear cycles.
The Decred MVRV Ratio

Insight 5 - Throughput Thermometer

The Throughput Thermometer compares on-chain throughput between two assets and adjusts for outstanding supply in order to ensure an apples-to-apples comparison is made. This tool is best used to gauge macro bullishness or bearishness.
When the thermometer is trending upwards, Decred on-chain flows are increasing versus Bitcoin flows pound-for-pound, which generally is paired with an uptrend DCBTC price (and vice-versa).
The chart below shows that over the past 142 days, Decred has settled 20% more native units on-chain relative to Bitcoin when adjusted for supply - an all time high for the Decred network. Note this is influenced by both increased DCR flows and reduced BTC flows.
The Throughput Thermometer, showing relative on-chain flow between BTC and DCR over 142 days

Insight 6 - v7 Consensus Vote

Decred has just completed the v7 consensus change vote which has passed with 99.94% approval. This consensus change upgrades the Decred block headers to enhance SPV wallet security, and optimise the process for PoW miners to include PoS votes. This will lead to fewer missed tickets due to network latency and provide both stakers and miners with more reliable block reward income.
An interesting trend has developed around all consensus change votes so far whereby stake participation rate increases during the vote, and cools-off following it. After the v7 consensus vote completed, the stake participation rate dipped from 52% to 48% of circulating DCR, before bouncing back to XX%. EDIT ON THURS
DCR stake participation rate around consensus votes(note, vertical lines are time when code was added for upgrade, not start of vote itself.)
submitted by __checkmatey__ to decred [link] [comments]

The Cult of Elon Musk: Tesla Bulls and Bears

More than a year after Elon Musk's notorious 'funding secured' tweet, Tesla stock has recently reached the price of $420.
Generally, the news surrounding Tesla has been very positive as of late:
With Tesla stock reaching an all time high in December 2019 and currently still sitting above that $420 figure.
As well as this, Tesla recently announced they are delivering the first China-made cars from their Shanghai factory.
There have also been many incidents that have lit up social media and a truckload of memes!
Let's take a look at the bullish and bearish takes on Tesla just to get a sense of what the overall picture looks like for Tesla.

Let's start with the BULLS:
Some say Tesla is still undervalued relative to the white space they have in terms of the broader trend that is the electrification of cars.
Some emphasize the developments in China as bullish due to the ability to produce more cars at a lower cost.
Some emphasize the recent profitability achieved by Tesla and the fact that they have the best mainstream electric cars with the best 'moat' provided by the strength of their brand.

Let's see what the BEARS have to say:
Well some are bearish due to the possibility of a recession in the next 12-24 months, and the impact that would have on the stock price. This follows the yield curve inversion and the historical implications of such an event.
Some say Tesla is a cult stock and is too heavily reliant on Elon's ability as a 'meme master'. Although this is kind of a joke it is actually a good point, and this is the main reason that the Tesla board approved Elon's very ambitious new incentive structure, which could end up being worth $184BN if he delivers.
Some also say the stock price is just overvalued, particularly compared to other car manufacturers. For example, Tesla has double the market cap of Ford, with Ford shipping 6 million cars in 2018 and Tesla shipping only around 250,000 cars in the same year. Tesla sales picked up in 2019 though.

Tesla is relatively unique as a stock pick in that people either seem to worship it religiously or hate it with a passion, and it is important to understand people's incentives when giving their take in the media. People who have shorted Tesla are hardly going to paint a bullish picture during interviews.

I would like to also highlight another angle:
Is the true smart money buying SpaceX shares?
Like many private companies that have yet to go public, investment here requires Accredited Investor status - which in my opinion is certainly not meritocratic.
With SpaceX being valued at $33.3BN in March of this year
And more recently, Morgan Stanley Research claims SpaceX could be a $120BN company if its Starlink global internet service takes off.
With their current valuation estimated to be $52BN.
So SpaceX is certainly a very interesting business.

The last thing I want to bring up is the cult like factor that Tesla and particularly Elon Musk are developing.
Much like Apple have such strong brand power, Tesla seems to be developing a similar aura.
It is very important to understand why people pay $1000 for a new iPhone when they could buy a cheaper model and invest the difference, and the social signalling aspect that companies such as Apple have developed.
People (particularly those in the upper middle classes and above) could potentially look at driving a Tesla as a 'flex' and we can see Tesla appearing in popular culture. This could prove a powerful factor in the years to come.
{Disclaimer, this is not investment advice}
In my opinion, it is difficult to bet against Tesla and I personally wouldn't recommending shorting Tesla. At the same time, I wouldn't necessarily say it is the best risk/reward in terms of going long, particularly at this valuation and at this late in the cycle. I think Bitcoin is a better asymmetric hedge in the next 5-10 years that potentially has higher upside - particularly with the central banking money printing spree.
Also, some say SpaceX has a better potential upside over the long term, particularly if one is an accredited investor and able to get shares at private valuations via for example a Special Purpose Vehicle (or SPV) but that requires access to certain legal infrastructure, whereas stacking Bitcoin does not!
Some even have a $4000 target for Tesla - which is around a 10x from here. Personally, I think in a decade Bitcoin will be a lot higher than 10x from its current levels.
Conduct your due diligence and understand what level of risk you are comfortable with.
What are your thoughts on Tesla?
Are you a bull or a bear?
https://www.youtube.com/watch?v=14h8Mka0Di4

BRAVE BROWSER: https://brave.com/fin894
submitted by financeoptimum to EnoughMuskSpam [link] [comments]

The CBDC Road to Practice-The Framework of LDF 2020

The CBDC Road to Practice-The Framework of LDF 2020
The CBDC Road To Practice——The Framework of LDF 2020
March 8, 2020 By JH( Lend0X Project Architect)
The Market Structure Analysis of CBDC
I. CBDC helps GDP growth
CBDC can be used as cash for commercial banks or as a medium for (government) bonds. The way in which assets are issued will have a huge impact on GDP growth. For commercial banks, the CBDC issued by the central bank is the source of assets. For customers, the products under the CBDC are the use of funds. Blockchain-based CBDC and bank account-based digital cash and banknotes are generally considered to have a huge difference in the contribution of GDP to quality, cost, and efficiency.
https://preview.redd.it/fji1rqdxequ41.png?width=411&format=png&auto=webp&s=10647fa76b42056f80527cfd5342a2f8c1d1df1a
Qualitatively
The Bank of England states in the 2019 study that the macroeconomic effects of issuing central bank digital currency (CBDC), the following three advantages of digital currency can increase interest-bearing central bank liabilities, and distributed ledgers can compete with bank deposits as a medium of exchange.
In the digital currency economy model 1. The model in the report matches the adjusted US currency issuance before the crisis, and we find that if the issuance of CBDC accounts for 30% of GDP, compared with government bonds, it may permanently increase GDP by 3%.
  1. Reduce real interest rates, reverse taxes and currency transaction costs.
  2. As a second monetary policy tool, countercyclical CBDC price or quantity rules can greatly improve the ability of the central bank to stabilize the business cycle.
Cost
II. The issuing system and payment structure of CBDC
The BIS research report pointed out that CBDC has many open questions, such as whether they should be retail or wholesale? Directly or indirectly to consumers? Account-based or token-based? Based on distributed ledgers, a centralized model or a hybrid model? How does CBDC pay across borders?
https://preview.redd.it/6dczkw83fqu41.png?width=249&format=png&auto=webp&s=3c9f31f371ccbeab21d634b6a01ee0bd5a8b0f08
Of the three issuance systems (indirect, direct, and hybrid), CBDC can only be issued directly by the central bank. In The first type of indirect issuance structure,the CBDC is the indirect architecture ,and is done indirectly. ICBDC in the hands of consumers (such as the digital currency issued by the 4 largest state-owned commercial banks in DCEP) represents commercial banks (such as the 4 largest state-owned commercial banks) debt.
In the second type of direct and third type of mixed issuance structure, consumers are creditors of the central bank. In the direct CBDC model (type 2), the central bank processes all payments in real time and therefore maintains a record of all retail assets. The hybrid CBDC model is an intermediate solution where the consumer is a creditor of the central bank, but real-time payments are handled by the intermediary, and the central bank keeps copies of all retail
CBDCs in order to transfer them from one payment service provider to another in the event of a technical failure.
In terms of efficiency
Three payment architecture architectures allow account-based or token-based access. Although its DCEP digital currency is not a token in the blockchain, it is similar to the token in blockchain in key features such as non-double spending, anonymity, non-forgeability, security, transferability, separability, and programmability. Therefore, DCEP still belongs to the Token paradigm, not the account paradigm.
All four combinations are possible for any CBDC architecture (indirect, direct or hybrid) whatever the payment structure is based on the centralization or centralization mode, the account or token mode of blockchain smart contract account . But in different structures, central banks, commercial banks, and the private sector operate different parts of the infrastructure.
At present, the DCEP issuance structure adopts a two-tier structure, and its payment system——four major state-owned commercial
banks issuing four ICDBC tokens. Its technical architecture features are consistent with the first indirect distribution method. Because DCEP is positioned as digital cash (M0 cash) and the central bank's DCEP supports offline mobile payment, considering its huge payment transactions, a centralized account system for DCEP payment methods is essential. Offline Payment methods access to mobile wallets based on tokens are also essential for commercial banks.

https://preview.redd.it/0wvltv0ffqu41.png?width=411&format=png&auto=webp&s=4fd728ece4e869126b6ec8e90cd1962302a424bd
LDF Central Bank Digital Currency CBDC Project Development
At present, the technical framework of the CBDC and the selection of infrastructure are divided into the R & D and cooperation of domestic application planning DCEP application scenarios; its overseas expansion goal supports the development of the “Belt and Road” digital asset ecosystem. DCEP adopts a double-layer system of commercial banks and central banks to adapt to the existing currency
systems of sovereign countries in the world. China, as a currency issuing country, has strong economic strength and basic conditions necessary for world currencies. At the same time, DCEP can also save the issued funds, calculate the inflation rate and other macroeconomic indicators more accurately, better curb illegal activities such as money laundering and terrorist financing, and facilitate foreign exchange circulation worldwide.
1. LDF——the combination of CBDC program and token economy
Only after answering questions such as the openness of CBDC currency itself, can we solve how the application of multiple blockchain industries such as LDF digital asset issuance platform, digital asset support bond platform, and lending and other CBDC currency "product traceability", "digital identity authentication", "judicial depository", "secure communication"and other basic applications, these LDFs are an important direction for exploring blockchain applications.
2.Select the most widely used blockchain technology as the basic platform
LDF introduced CBDC to use blockchain technology because it is the most mature landing foundation platform. It has the advantages of decentralization, openness, autonomy, anonymity, and tamper resistance. It can make the entire system information highly transparent, its data stability and the reliability is extremely high, which solves the point-to-point trust problem and can reduce transaction and operating costs. At present, the underlying technologies of mainstream digital assets such as Bitcoin, Ethereum, and USDT are all blockchain technologies. At the same time, the application scenarios of the blockchain not only include digital currency, but also include many fields such as "product traceability", "digital identity authentication", "judicial depository", "secure communication" and so on.
3.Interpretation of DCEP and selection of LDF blockchain technology architecture
·DCEP does not use a real blockchain like Libra, but may use a centralized ledger based on the UTXO (Unspent Transaction Output) model, and it still belongs to the Token paradigm. This centralized ledger reflects the digital currency issuance and registration system maintained by the central bank. It does not need to run consensus algorithms and will not be subject to the performance bottleneck of the blockchain. The blockchain may be used for the definitive registration of digital currencies and occupy a subsidiary position.

https://preview.redd.it/655gvo1ofqu41.png?width=273&format=png&auto=webp&s=eaf1da72ef45db094067e5523b1a92cc9a0f71c1
·Users need to use DCEP wallet. The core of the wallet is a pair of public and private keys. The public key is also the address, where the digital certificate of RMB is stored. This digital certificate is not a token in the blockchain in the complete sense, but it is consistent with the Token in many key features, and it is based on 100% RMB reserve. Users can initiate transfer transactions between addresses through the wallet private key. The transfer transaction is recorded
directly in the centralized ledger by the central bank. In this way, DCEP implements account loose coupling and controlled anonymity.
·Although DCEP is a currency tool, the third-party payment is mainly a payment tool after "disconnecting directly", but there are many similarities between the two. If DCEP is good enough in terms of technical efficiency and business development, and from the perspective of users, third-party payments can bring the same experience after DCEP and "disconnect directly". Therefore, DCEP has a mutual substitution relationship with third-party payment in the application after “disconnecting directly”.
·DCEP will have a tightening effect on M2, and M2 tightening reflects the contraction of the banking system to a certain extent. Digital currency does not pay interest, and the People's Bank of China has no plan to completely replace cash with DCEP, so DCEP will not constitute a new monetary policy tool. DCEP has strong policy implications for central bank monitoring of capital flows, as well as anti-money laundering, anti-terrorist financing and anti-tax evasion. Therefore, the supervisory function of DCEP exceeds that of monetary policy.
·The impact of DCEP on RMB internationalization is mainly reflected in cross-border payments based on digital currencies. Although cross-border payments including DCEP, can promote RMB internationalization, cross-border payment is only a necessary condition for RMB internationalization, not a sufficient one. The internationalization of the RMB is inseparable from a series of institutional arrangements.
4.The effectiveness of digital currencies in the LDF framework
CBDC is positioned as digital cash or currency under the LDF framework, and the remaining various tokens, cryptocurrencies, and stablecoins are treated as digital assets. The application platforms involved in LDF (asset mortgage bond platform, digital asset issuance platform, and lending). The underlying assets of LDF are part of the digital asset equity. The reason why LDF uses CBDC and stable currency as currency is due to ·LDF framework links three financial ecosystems ·CBDC has the characteristics of currency transaction, accounting unit and value storage have been verified
·Stablecoins can be used as a payment tool for token economic platforms, not currencies
The stable currency selected by LDF should effectively play the payment function of the currency, and meet the requirements of the following LDF framework: ·Must be universally accepted ·Must be easy to standardize in order to determine its value
Due to the characteristics of DvP (payment is settlement) based on blockchain technology, LDF's smart contracts have the characteristics of decentralized intermediaries, such as the function of asset account contracts partially replacing account settlement; the asset pool contract replacing SPV, and the cash flow contract replacing assets Payment intermediary The digital currency selected as an LDF that meets the above standards is very important for the effectiveness of the LDF framework. Otherwise, the platform built by the LDF framework will not be able to achieve the capabilities of distributed ledgers and DAO organizations.
LDF regulatory compliance
LDF chooses CBDC (DCEP) as the construction of digital asset transaction payment platform, which has the characteristics of DvP (asset payment is settlement). It supervises compliance with the selection of digital currencies that support smart contract accounts and trading platforms (anti-money laundering and anti-terrorist financing) has a decisive role.
DCEP takes the form of loosely coupled accounts to achieve controlled anonymity. The current electronic payment methods, such as bank cards and third-party payment platforms, all use the method of tightly coupling accounts, that is, funds must be transferred through real-name bank accounts. But With the improvement of people's awareness of information security, electronic payment cannot meet people's demand for anonymous payment. The digital currency of the central bank adopts the form of loosely coupled accounts, enabling asset transfers without the need for bank accounts, so as to achieve controllable anonymity.
Unlike Bitcoin's complete anonymity, the central bank has the right to obtain the transaction data within the legal scope, and the source
of digital currency can be traced through big data analysis, while other commercial banks and merchants cannot obtain relevant information. This mechanism, while protecting data security and citizen privacy, also enables illegal activities such as money laundering to be effectively supervised.
Association of LDF's DAO Autonomous Economic Model with CBDC
The direct DCB (such as DCEP) or LIBRA of the LDF token can quantify the value of DAO / DAE through a certain transformation and analysis, and predict its future long-term growth rate and the problems to be solved by the economic model, the solution path adopted, and the overall structure design, technological innovation, team composition, development vision and roadmap.
https://preview.redd.it/txg4mq0sfqu41.png?width=269&format=png&auto=webp&s=a69b919cf43c9115f43525f8d851ee1e4fbf5a1f
·The LDF economic model transplants the estimation model of the asset value of the general economic system to DAO 2.0 organization and market management, so as to establish a unified evaluation system for the value generated by the distributed autonomous economy (DAE). The endogenous economic growth model considers important parameters such as savings rate, population growth rate, and technological progress as endogenous variables. The long-term growth rate of the economy can be determined by the interior of the model. Moreover, the LDF economic model takes the number of tokens, nodes, and technical inputs of the distributed organization as similar parameters. The CBDC (such as DCEP) or LIBRA directly targeted by the token can quantify the value of DAO / DAE through certain transformation and analysis and predict its long-term growth rate in the future.
·In response to the special needs of transactions and asset on-chain in the blockchain field, the LDF economic model has developed a DAE (Decentralized Autonomous Economic) protocol group specifically designed to eliminate various pain points of decentralization in the blockchain field, and has developed corresponding LDF DAO DAPP, these agreements include: ·Issuance and trading of tokens based on smart contracts ·Distributed order submission and matching ·Transaction interest rate and mortgage method based on automatic discovery mechanism
Therefore, whether it is a community member, an investor, or a blockchain project developer that develops applications on the LDF economic model, it can use the distributed rules, consensus mechanisms, infrastructure, and smart contracts provided by it to achieve the following purposes:
·Encrypted token asset transaction and circulation based on community autonomy ·Issue of new LDF tokens ·Construction, collaboration, management, voting, and decision- making of specific encryption token communities
·Develop a smart contract system for the dual factors of community node rights and workload ·Customized incentive standards for nodes with different interests
Welcome to discuss with the author of this article, please contact via email:[email protected]
submitted by Lend0x to u/Lend0x [link] [comments]

Davinci Edited Show: OMG!! Bitcoin's Next Target Price ... Bitcoin Protocol - Combining and Splitting Value Bitcoin SV's Craig Wright wins an auction, who wins the BTC BSV debate? Crypto drama in London. bitcoin sv price prediction 2019 DigiByte and Friends - 03 - Bitcoin, Big blocks, scaling and SPV wallets with Kurt Wuckert Jr

SPV node As we mentioned earlier, in the bitcoin world, there are no accounts or balances, only utxo (unspent transaction outputs) distributed in the blockchain. Then if you want to verify the transaction, you need to find all the transactions related to the transaction from the historical transaction, so as to conduct a complete and ... About Bitcoin SV. Bitcoin SV price today is $160.37 USD with a 24-hour trading volume of $538,241,790 USD. Bitcoin SV is down 1.31% in the last 24 hours. The current CoinMarketCap ranking is #11, with a market cap of $2,972,598,072 USD. Despite bitcoiners today having access to an array of user-friendly SPV wallets, the Bitcoin Core wallet is still going strong. ... Bitcoin Is Undervalued, Fair Value Price Should Be $15,000, Says ... SPV. SPV stands for Simplified Payment Verification. It can verify payments without needing to download the entire blockchain. It is often used for Bitcoin wallet apps on smart phones by using special SPV nodes that act as an intermediary between the app and a mining node.There are many open source SPV nodes. SPV. SPV stands for Simplified Payment Verification. It can verify payments without needing to download the entire blockchain. It is often used for Bitcoin wallet apps on smart phones by using special SPV nodes that act as an intermediary between the app and a mining node.There are many open source SPV nodes.

[index] [29609] [11276] [4762] [30760] [6411] [5217] [9435] [17701] [29596] [16508]

Davinci Edited Show: OMG!! Bitcoin's Next Target Price ...

Orginal live stream: Show goes over Information about Bitcoin's recent resurgence. We also went over how it's possible to lose 16 million dollars of Bitcoin ... Bitcoin Protocol Paper Playlist: http://www.youtube.com/watch?v=UieiMU-ImvI&list=PLQVvvaa0QuDcq2QME4pfeh0cE71mkb_qz&feature=share All Bitcoin Videos Playlist... Bitcoin sv price soars along with the drama. The last week has seen some crazy moments happen in Bitcoin. We talk Vesa a Crypto artist and SirToshi. Vesa and SirToshi have been in the thick of the ... Bitcoin Protocol Paper Playlist: http://www.youtube.com/watch?v=UieiMU-ImvI&list=PLQVvvaa0QuDcq2QME4pfeh0cE71mkb_qz&feature=share All Bitcoin Videos Playlist... Building on Bitcoin: How Bitcoin RSK and RIF Can Pave the Way to Financial Inclusion ... From Bitcoin to the Internet of Value Diego Gutiérrez Zaldívar ... Bitcoin Sidechains & SPV Proofs ...

#