Blockchain Nonce – Cryptography – BitcoinWiki

Skepticism Sunday – September 13, 2020

Please stay on topic: this post is only for comments discussing the uncertainties, shortcomings, and concerns some may have about Monero.
NOT the positive aspects of it.
Discussion can relate to the technology itself or economics.
Talk about community and price is not wanted, but some discussion about it maybe allowed if it relates well.
Be as respectful and nice as possible. This discussion has potential to be more emotionally charged as it may bring up issues that are extremely upsetting: many people are not only financially but emotionally invested in the ideas and tools around Monero.
It's better to keep it calm then to stir the pot, so don't talk down to people, insult them for spelling/grammar, personal insults, etc. This should only be calm rational discussion about the technical and economic aspects of Monero.
"Do unto others 20% better than you'd expect them to do unto you to correct subjective error." - Linus Pauling
How it works:
Post your concerns about Monero in reply to this main post.
If you can address these concerns, or add further details to them - reply to that comment. This will make it easily sortable
Upvote the comments that are the most valid criticisms of it that have few or no real honest solutions/answers to them.
The comment that mentions the biggest problems of Monero should have the most karma.
As a community, as developers, we need to know about them. Even if they make us feel bad, we got to upvote them.
https://youtu.be/vKA4w2O61Xo
To learn more about the idea behind Monero Skepticism Sunday, check out the first post about it:
https://np.reddit.com/Monero/comments/75w7wt/can_we_make_skepticism_sunday_a_part_of_the/
submitted by AutoModerator to Monero [link] [comments]

The latest filing in Kleiman v. Wright is smoking hot and extremely damning for our favourite fraudster.

submitted by nullc to bsv [link] [comments]

Craig Wright provably defrauded the court when he claimed that a bonded courier had showed up with a list of public addresses asserting what Bitcoin he owned in the Tulip Trust. Andreas Antonopoulos' report explains the proof. Steve Shadders HAS to realise he's been fooled at this point.

Background: Craig has been ordered to submit a list of all the Bitcoin addresses he owned several times now. The first time he was given a hard deadline by Magistrate Judge Reinhart and simply ignored it. Then, in a last ditch effort to escape contempt of court and/or sanctions Craig Wright asked the CTO of his company nChain, Steve Shadders to spend 2 weeks putting together a list of Bitcoin he thinks belongs to Satoshi, based on statistical criteria that just happened to match the well-known Patoshi pattern analysis. While replicating existing Blockchain research over a space of two weeks as his top-priority, nChain CTO Steve Shadders managed to include a bug that resulted in 1749 addresses that don't match the Patoshi pattern. This is going to be important later, so keep it in mind.
The court wasn't happy with this last ditch, buggy, probabilistic attempt at producing the addresses he was commanded to produce, but they were especially unhappy with the litany of provable forgeries, perjurious statements, and evasive and dishonest testimonies from Wright that was impeding discovery and Judge Reinhart administered case-ending sanctions against Mr. Wright in response.
Judge Bloom overturned Reinhart's sanctions, though she explicitly agreed with Reinhart's credibility findings regarding Wright. She offered Craig a poisoned chalice:
In light of the Defendant's representations that the bonded courier is scheduled to arrive in January 2020, the Court will permit the Defendant through and including February 3, 2020, to file a notice with the court indicating whether or not this mysterious figure has appeared from the shadows and whether the Defendant now has access to the last key slice needed to unlock the encrypted file. In the event this occurs, and further if the Defendant produces his list of Bitcoin Holdings as ordered by the Magistrate Judge, then this Court will not impose any additional sanctions other than the ones discussed above.
With the not so subtle implication being that Bloom did not believe Craig's invocations of a "mysterious bonded courier" and that if he failed to satisfy this burden additional sanctions would be forthcoming.
Mr. Wright apparently took this as a forgery challenge, only one where he didn't have much respect for the intellect of his adversaries.
In his report Andreas Antonopoulos labels four separate files of Bitcoin lists, Shadders List, CW, DK, and CSW Filed.
Shadders List: The list of Wright's Bitcoin Shadders produced with a bug he disclosed that caused the least significant byte of some of the nonces for the Coinbases to fall outside of the range 0-58 (the Patoshi pattern that's been used to identify Satoshi's Bitcoin), referred to as the Shadders Bug (this bug is discussed more here).
CW List: A list of Wright's Bitcoin the Trust produced during settlement negotiations
DK List: A list of Dave Kleiman's Bitcoin the trust produced during settlement negotiations.
CSW Filed List: The list of Wright's Bitcoin Craig allegedly receive from the bonded courier and then filed with the court in time to attempt to escape sanctions.
Bullet points:
submitted by Zectro to btc [link] [comments]

How Bitcoin Mining Works

When you hear about bitcoin “mining,” you envisage coins being dug out of the ground. But bitcoin isn’t physical, so why do we call it mining?
Similar to gold mining, bitcoins exist in the protocol’s design just as the gold exists underground, but they haven’t been brought out into the light yet, just as the gold hasn’t yet been dug up.
The bitcoin protocol stipulates that a maximum of 21 million bitcoins will exist at some point. What miners do is bring them out into the light, a few at a time. Once miners finish mining all these coins, there won’t be more coins rolling out unless the bitcoin protocol changes to allow for a larger supply. Miners get paid in transaction fees for creating blocks of validated transactions and including them in the blockchain.
To understand how bitcoin mining works, let’s backtrack a little bit and talk about nodes. A node is a powerful computer that runs the bitcoin software and fully validates transactions and blocks. Since the bitcoin network is decentralized these nodes are collectively responsible for confirming pending transactions.
Anyone can run a node—you just download the free bitcoin software. The drawback is that it consumes energy and storage space – the network at time of writing takes hundreds of gigabytes of data. Nodes spread bitcoin transactions around the network. One node will send information to a few nodes that it knows, who will relay the information to nodes that they know, etc. That way, the pending transaction ends up getting around the whole network pretty quickly.
Some nodes are mining nodes,usually referred to as miners. These chunk outstanding transactions into blocks and add them to the blockchain. How do they do this? By solving a complex mathematical puzzle that is part of the bitcoin program, and including the answer in the block.
The puzzle that needs solving is to find a number that, when combined with the data in the block and passed through a hash function (which converts input data of any size into output data of a fixed length, produces a result that is within a certain range.
For trivia lovers, this number is called a “nonce”, which is an abbreviation of “number used once.” In the blockchain, the nonce is an integer between 0 and 4,294,967,296.
How do they find this number? By guessing at random. The hash function makes it impossible to predict what the output will be. So, miners guess the mystery number and apply the hash function to the combination of that guessed number and the data in the block. The resulting hash starts with a certain number of zeroes. There’s no way of knowing which number will work, because two consecutive integers will give wildly varying results. What’s more, there may be several nonces that produce the desired result, or there may be none. In that case, the miners keep trying but with a different block configuration.
The difficulty of the calculation (the required number of zeros at the beginning of the hash string) is adjusted frequently, so that it takes on average about 10 minutes to process a block.
Why 10 minutes? That is the amount of time that the bitcoin developers think is necessary for a steady and diminishing flow of new coins until the maximum number of 21 million is reached (expected some time in 2140).
The first miner to get a resulting hash within the desired range announces its victory to the rest of the network. All the other miners immediately stop work on that block and start trying to figure out the mystery number for the next one. As a reward for its work, the victorious miner gets some new bitcoin.
At the time of writing, the reward is 6.25 bitcoins per block, which is worth around $56,000 in June 2020.
However, it’s not nearly as cushy a deal as it sounds. There are a lot of mining nodes competing for that reward, and the more computing power you have and the more guessing calculations you can perform, the luckier you are.
Also, the costs of being a mining node are considerable, not only because of the powerful hardware needed, but also because of the large amounts of electricity consumed by these processors.
And, the number of bitcoins awarded as a reward for solving the puzzle will decrease. It’s 6.25 now, but it halves every four years or so (the next one is expected in 2024). The value of bitcoin relative to cost of electricity and hardware could go up over the next few years to partially compensate for this reduction, but it’s not certain.
If you’ve made it this far, then congratulations! There is still so much more to explain about the system, but at least now you have an idea of the broad outline of the genius of the programming and the concept. For the first time we have a system that allows for convenient digital transfers in a decentralized, trust-free and tamper-proof way.
submitted by hackatoshi to u/hackatoshi [link] [comments]

Latest doc updates: the list of addresses the bonded courier coughed up is an obvious forgery, Craig Wright is dumber than many of us thought possible, and Steve Shadders, if he looks at the data from Andreas' report HAS to realise at this point that he's been bamboozled

Background: Craig has been ordered to submit a list of all the Bitcoin addresses he owned several times now. The first time he was given a hard deadline by Magistrate Judge Reinhart and simply ignored it. Then, in a last ditch effort to escape contempt of court and/or sanctions Craig Wright asked the CTO of his company nChain, Steve Shadders to spend 2 weeks putting together a list of Bitcoin he thinks belongs to Satoshi, based on statistical criteria that just happened to match the well-known Patoshi pattern analysis. While replicating existing Blockchain research over a space of two weeks as his top-priority, nChain CTO Steve Shadders managed to include a bug that resulted in 1749 addresses that don't match the Patoshi pattern. This is going to be important later, so keep it in mind.
The court wasn't happy with this last ditch, buggy, probabilistic attempt at producing the addresses he was commanded to produce, but they were especially unhappy with the litany of provable forgeries, perjurious statements, and evasive and dishonest testimonies from Wright that was impeding discovery and Judge Reinhart administered case-ending sanctions against Mr. Wright in response.
Judge Bloom overturned Reinhart's sanctions, though she explicitly agreed with Reinhart's credibility findings regarding Wright. She offered Craig a poisoned chalice:
In light of the Defendant's representations that the bonded courier is scheduled to arrive in January 2020, the Court will permit the Defendant through and including February 3, 2020, to file a notice with the court indicating whether or not this mysterious figure has appeared from the shadows and whether the Defendant now has access to the last key slice needed to unlock the encrypted file. In the event this occurs, and further if the Defendant produces his list of Bitcoin Holdings as ordered by the Magistrate Judge, then this Court will not impose any additional sanctions other than the ones discussed above.
With the not so subtle implication being that Bloom did not believe Craig's invocations of a "mysterious bonded courier" and that if he failed to satisfy this burden additional sanctions would be forthcoming.
Mr. Wright apparently took this as a forgery challenge, only one where he didn't have much respect for the intellect of his adversaries.
In his report Andreas Antonopoulos labels four separate files of Bitcoin lists, Shadders List, CW, DK, and CSW Filed.
Shadders List: The list of Wright's Bitcoin Shadders produced with a bug he disclosed that caused the least significant byte of some of the nonces for the Coinbases to fall outside of the range 0-58 (the Patoshi pattern that's been used to identify Satoshi's Bitcoin), referred to as the Shadders Bug (this bug is discussed more here).
CW List: A list of Wright's Bitcoin the Trust produced during settlement negotiations
DK List: A list of Dave Kleiman's Bitcoin the trust produced during settlement negotiations.
CW Filed List: The list of Wright's Bitcoin Craig allegedly receive from the bonded courier and then filed with the court in time to attempt to escape sanctions.
Bullet points:
submitted by Zectro to bsv [link] [comments]

Nakamoto Dundee provably defrauded the court and a Federal Judge on the matter of the Tulip Trust and his Buttcoin holdings therein, immediately after she lifted his sanctions for repeatedly defrauding a Magistrate Judge on that same matter.

Background: Craig has been ordered to submit a list of all the Bitcoin addresses he owned several times now. The first time he was given a hard deadline by Magistrate Judge Reinhart and simply ignored it. Then, in a last ditch effort to escape contempt of court and/or sanctions Craig Wright asked the CTO of his company nChain, Steve Shadders to spend 2 weeks putting together a list of Bitcoin he thinks belongs to Satoshi, based on statistical criteria Craig gave him that just happened to match the well-known Patoshi pattern analysis. While replicating existing Blockchain research over a space of two weeks as his top-priority, nChain CTO Steve Shadders managed to include a bug that resulted in 1749 addresses that don't match the Patoshi pattern. This is going to be important later, so keep it in mind.
The court wasn't happy with this last ditch, buggy, probabilistic attempt at producing the addresses he was commanded to produce, but they were especially unhappy with the litany of provable forgeries, perjurious statements, and evasive and dishonest testimonies from Wright that was impeding discovery and Judge Reinhart administered case-ending sanctions against Mr. Wright in response.
Judge Bloom overturned Reinhart's sanctions, though she explicitly agreed with Reinhart's credibility findings regarding Wright. She offered Craig a poisoned chalice:
In light of the Defendant's representations that the bonded courier is scheduled to arrive in January 2020, the Court will permit the Defendant through and including February 3, 2020, to file a notice with the court indicating whether or not this mysterious figure has appeared from the shadows and whether the Defendant now has access to the last key slice needed to unlock the encrypted file. In the event this occurs, and further if the Defendant produces his list of Bitcoin Holdings as ordered by the Magistrate Judge, then this Court will not impose any additional sanctions other than the ones discussed above.
With the not so subtle implication being that Bloom did not believe Craig's invocations of a "mysterious bonded courier" and that if he failed to satisfy this burden additional sanctions would be forthcoming.
Mr. Wright apparently took this as a forgery challenge, only one where he didn't have much respect for the intellect of his adversaries.
In his report Andreas Antonopoulos labels four separate files of Bitcoin lists, Shadders List, CW, DK, and CSW Filed.
Shadders List: The list of Wright's Bitcoin Shadders produced with a bug he disclosed that caused the least significant byte of some of the nonces for the Coinbases to fall outside of the range 0-58 (the Patoshi pattern that's been used to identify Satoshi's Bitcoin), referred to as the Shadders Bug (this bug is discussed more here).
CW List: A list of Wright's Bitcoin the Trust produced during settlement negotiations
DK List: A list of Dave Kleiman's Bitcoin the trust produced during settlement negotiations.
CW Filed List: The list of Wright's Bitcoin Craig allegedly receive from the bonded courier and then filed with the court in time to attempt to escape sanctions.
Bullet points:
submitted by Zectro to Buttcoin [link] [comments]

Latest CSW court doc updates: Andreas Antonopoulos shows the list of addresses the bonded courier coughed up is an obvious forgery, Craig Wright is dumber than many of us thought possible, and Steve Shadders, if he looks at the report HAS to realise at this point that he's been bamboozled

Background: Craig has been ordered to submit a list of all the Bitcoin addresses he owned several times now. The first time he was given a hard deadline by Magistrate Judge Reinhart and simply ignored it. Then, in a last ditch effort to escape contempt of court and/or sanctions Craig Wright asked the CTO of his company nChain, Steve Shadders to spend 2 weeks putting together a list of Bitcoin he thinks belongs to Satoshi, based on statistical criteria that just happened to match the well-known Patoshi pattern analysis. While replicating existing Blockchain research over a space of two weeks as his top-priority, nChain CTO Steve Shadders managed to include a bug that resulted in 1749 addresses that don't match the Patoshi pattern. This is going to be important later, so keep it in mind.
The court wasn't happy with this last ditch, buggy, probabilistic attempt at producing the addresses he was commanded to produce, but they were especially unhappy with the litany of provable forgeries, perjurious statements, and evasive and dishonest testimonies from Wright that was impeding discovery and Judge Reinhart administered case-ending sanctions against Mr. Wright in response.
Judge Bloom overturned Reinhart's sanctions, though she explicitly agreed with Reinhart's credibility findings regarding Wright. She offered Craig a poisoned chalice:
In light of the Defendant's representations that the bonded courier is scheduled to arrive in January 2020, the Court will permit the Defendant through and including February 3, 2020, to file a notice with the court indicating whether or not this mysterious figure has appeared from the shadows and whether the Defendant now has access to the last key slice needed to unlock the encrypted file. In the event this occurs, and further if the Defendant produces his list of Bitcoin Holdings as ordered by the Magistrate Judge, then this Court will not impose any additional sanctions other than the ones discussed above.
With the not so subtle implication being that Bloom did not believe Craig's invocations of a "mysterious bonded courier" and that if he failed to satisfy this burden additional sanctions would be forthcoming.
Mr. Wright apparently took this as a forgery challenge, only one where he didn't have much respect for the intellect of his adversaries.
In his report Andreas Antonopoulos labels four separate files of Bitcoin lists, Shadders List, CW, DK, and CSW Filed.
Shadders List: The list of Wright's Bitcoin Shadders produced with a bug he disclosed that caused the least significant byte of some of the nonces for the Coinbases to fall outside of the range 0-58 (the Patoshi pattern that's been used to identify Satoshi's Bitcoin), referred to as the Shadders Bug (this bug is discussed more here).
CW List: A list of Wright's Bitcoin the Trust produced during settlement negotiations
DK List: A list of Dave Kleiman's Bitcoin the trust produced during settlement negotiations.
CW Filed List: The list of Wright's Bitcoin Craig allegedly receive from the bonded courier and then filed with the court in time to attempt to escape sanctions.
Bullet points:
submitted by Zectro to CryptoCurrency [link] [comments]

Where is Bitcoin Going and When?

Where is Bitcoin Going and When?

The Federal Reserve and the United States government are pumping extreme amounts of money into the economy, already totaling over $484 billion. They are doing so because it already had a goal to inflate the United States Dollar (USD) so that the market can continue to all-time highs. It has always had this goal. They do not care how much inflation goes up by now as we are going into a depression with the potential to totally crash the US economy forever. They believe the only way to save the market from going to zero or negative values is to inflate it so much that it cannot possibly crash that low. Even if the market does not dip that low, inflation serves the interest of powerful people.
The impending crash of the stock market has ramifications for Bitcoin, as, though there is no direct ongoing-correlation between the two, major movements in traditional markets will necessarily affect Bitcoin. According to the Blockchain Center’s Cryptocurrency Correlation Tool, Bitcoin is not correlated with the stock market. However, when major market movements occur, they send ripples throughout the financial ecosystem which necessary affect even ordinarily uncorrelated assets.
Therefore, Bitcoin will reach X price on X date after crashing to a price of X by X date.

Stock Market Crash

The Federal Reserve has caused some serious consternation with their release of ridiculous amounts of money in an attempt to buoy the economy. At face value, it does not seem to have any rationale or logic behind it other than keeping the economy afloat long enough for individuals to profit financially and politically. However, there is an underlying basis to what is going on which is important to understand in order to profit financially.
All markets are functionally price probing systems. They constantly undergo a price-discovery process. In a fiat system, money is an illusory and a fundamentally synthetic instrument with no intrinsic value – similar to Bitcoin. The primary difference between Bitcoin is the underlying technology which provides a slew of benefits that fiat does not. Fiat, however, has an advantage in being able to have the support of powerful nation-states which can use their might to insure the currency’s prosperity.
Traditional stock markets are composed of indices (pl. of index). Indices are non-trading market instruments which are essentially summaries of business values which comprise them. They are continuously recalculated throughout a trading day, and sometimes reflected through tradable instruments such as Exchange Traded Funds or Futures. Indices are weighted by market capitalizations of various businesses.
Price theory essentially states that when a market fails to take out a new low in a given range, it will have an objective to take out the high. When a market fails to take out a new high, it has an objective to make a new low. This is why price-time charts go up and down, as it does this on a second-by-second, minute-by-minute, day-by-day, and even century-by-century basis. Therefore, market indices will always return to some type of bull market as, once a true low is formed, the market will have a price objective to take out a new high outside of its’ given range – which is an all-time high. Instruments can only functionally fall to zero, whereas they can grow infinitely.
So, why inflate the economy so much?
Deflation is disastrous for central banks and markets as it raises the possibility of producing an overall price objective of zero or negative values. Therefore, under a fractional reserve system with a fiat currency managed by a central bank – the goal of the central bank is to depreciate the currency. The dollar is manipulated constantly with the intention of depreciating its’ value.
Central banks have a goal of continued inflated fiat values. They tend to ordinarily contain it at less than ten percent (10%) per annum in order for the psyche of the general populace to slowly adjust price increases. As such, the markets are divorced from any other logic. Economic policy is the maintenance of human egos, not catering to fundamental analysis. Gross Domestic Product (GDP) growth is well-known not to be a measure of actual growth or output. It is a measure of increase in dollars processed. Banks seek to produce raising numbers which make society feel like it is growing economically, making people optimistic. To do so, the currency is inflated, though inflation itself does not actually increase growth. When society is optimistic, it spends and engages in business – resulting in actual growth. It also encourages people to take on credit and debts, creating more fictional fiat.
Inflation is necessary for markets to continue to reach new heights, generating positive emotional responses from the populace, encouraging spending, encouraging debt intake, further inflating the currency, and increasing the sale of government bonds. The fiat system only survives by generating more imaginary money on a regular basis.
Bitcoin investors may profit from this by realizing that stock investors as a whole always stand to profit from the market so long as it is managed by a central bank and does not collapse entirely. If those elements are filled, it has an unending price objective to raise to new heights. It also allows us to realize that this response indicates that the higher-ups believe that the economy could crash in entirety, and it may be wise for investors to have multiple well-thought-out exit strategies.

Economic Analysis of Bitcoin

The reason why the Fed is so aggressively inflating the economy is due to fears that it will collapse forever or never rebound. As such, coupled with a global depression, a huge demand will appear for a reserve currency which is fundamentally different than the previous system. Bitcoin, though a currency or asset, is also a market. It also undergoes a constant price-probing process. Unlike traditional markets, Bitcoin has the exact opposite goal. Bitcoin seeks to appreciate in value and not depreciate. This has a quite different affect in that Bitcoin could potentially become worthless and have a price objective of zero.
Bitcoin was created in 2008 by a now famous mysterious figure known as Satoshi Nakamoto and its’ open source code was released in 2009. It was the first decentralized cryptocurrency to utilize a novel protocol known as the blockchain. Up to one megabyte of data may be sent with each transaction. It is decentralized, anonymous, transparent, easy to set-up, and provides myriad other benefits. Bitcoin is not backed up by anything other than its’ own technology.
Bitcoin is can never be expected to collapse as a framework, even were it to become worthless. The stock market has the potential to collapse in entirety, whereas, as long as the internet exists, Bitcoin will be a functional system with a self-authenticating framework. That capacity to persist regardless of the actual price of Bitcoin and the deflationary nature of Bitcoin means that it has something which fiat does not – inherent value.
Bitcoin is based on a distributed database known as the “blockchain.” Blockchains are essentially decentralized virtual ledger books, replete with pages known as “blocks.” Each page in a ledger is composed of paragraph entries, which are the actual transactions in the block.
Blockchains store information in the form of numerical transactions, which are just numbers. We can consider these numbers digital assets, such as Bitcoin. The data in a blockchain is immutable and recorded only by consensus-based algorithms. Bitcoin is cryptographic and all transactions are direct, without intermediary, peer-to-peer.
Bitcoin does not require trust in a central bank. It requires trust on the technology behind it, which is open-source and may be evaluated by anyone at any time. Furthermore, it is impossible to manipulate as doing so would require all of the nodes in the network to be hacked at once – unlike the stock market which is manipulated by the government and “Market Makers”. Bitcoin is also private in that, though the ledge is openly distributed, it is encrypted. Bitcoin’s blockchain has one of the greatest redundancy and information disaster recovery systems ever developed.
Bitcoin has a distributed governance model in that it is controlled by its’ users. There is no need to trust a payment processor or bank, or even to pay fees to such entities. There are also no third-party fees for transaction processing. As the ledge is immutable and transparent it is never possible to change it – the data on the blockchain is permanent. The system is not easily susceptible to attacks as it is widely distributed. Furthermore, as users of Bitcoin have their private keys assigned to their transactions, they are virtually impossible to fake. No lengthy verification, reconciliation, nor clearing process exists with Bitcoin.
Bitcoin is based on a proof-of-work algorithm. Every transaction on the network has an associated mathetical “puzzle”. Computers known as miners compete to solve the complex cryptographic hash algorithm that comprises that puzzle. The solution is proof that the miner engaged in sufficient work. The puzzle is known as a nonce, a number used only once. There is only one major nonce at a time and it issues 12.5 Bitcoin. Once it is solved, the fact that the nonce has been solved is made public.
A block is mined on average of once every ten minutes. However, the blockchain checks every 2,016,000 minutes (approximately four years) if 201,600 blocks were mined. If it was faster, it increases difficulty by half, thereby deflating Bitcoin. If it was slower, it decreases, thereby inflating Bitcoin. It will continue to do this until zero Bitcoin are issued, projected at the year 2140. On the twelfth of May, 2020, the blockchain will halve the amount of Bitcoin issued when each nonce is guessed. When Bitcoin was first created, fifty were issued per block as a reward to miners. 6.25 BTC will be issued from that point on once each nonce is solved.
Unlike fiat, Bitcoin is a deflationary currency. As BTC becomes scarcer, demand for it will increase, also raising the price. In this, BTC is similar to gold. It is predictable in its’ output, unlike the USD, as it is based on a programmed supply. We can predict BTC’s deflation and inflation almost exactly, if not exactly. Only 21 million BTC will ever be produced, unless the entire network concedes to change the protocol – which is highly unlikely.
Some of the drawbacks to BTC include congestion. At peak congestion, it may take an entire day to process a Bitcoin transaction as only three to five transactions may be processed per second. Receiving priority on a payment may cost up to the equivalent of twenty dollars ($20). Bitcoin mining consumes enough energy in one day to power a single-family home for an entire week.

Trading or Investing?

The fundamental divide in trading revolves around the question of market structure. Many feel that the market operates totally randomly and its’ behavior cannot be predicted. For the purposes of this article, we will assume that the market has a structure, but that that structure is not perfect. That market structure naturally generates chart patterns as the market records prices in time. In order to determine when the stock market will crash, causing a major decline in BTC price, we will analyze an instrument, an exchange traded fund, which represents an index, as opposed to a particular stock. The price patterns of the various stocks in an index are effectively smoothed out. In doing so, a more technical picture arises. Perhaps the most popular of these is the SPDR S&P Standard and Poor 500 Exchange Traded Fund ($SPY).
In trading, little to no concern is given about value of underlying asset. We are concerned primarily about liquidity and trading ranges, which are the amount of value fluctuating on a short-term basis, as measured by volatility-implied trading ranges. Fundamental analysis plays a role, however markets often do not react to real-world factors in a logical fashion. Therefore, fundamental analysis is more appropriate for long-term investing.
The fundamental derivatives of a chart are time (x-axis) and price (y-axis). The primary technical indicator is price, as everything else is lagging in the past. Price represents current asking price and incorrectly implementing positions based on price is one of the biggest trading errors.
Markets and currencies ordinarily have noise, their tendency to back-and-fill, which must be filtered out for true pattern recognition. That noise does have a utility, however, in allowing traders second chances to enter favorable positions at slightly less favorable entry points. When you have any market with enough liquidity for historical data to record a pattern, then a structure can be divined. The market probes prices as part of an ongoing price-discovery process. Market technicians must sometimes look outside of the technical realm and use visual inspection to ascertain the relevance of certain patterns, using a qualitative eye that recognizes the underlying quantitative nature
Markets and instruments rise slower than they correct, however they rise much more than they fall. In the same vein, instruments can only fall to having no worth, whereas they could theoretically grow infinitely and have continued to grow over time. Money in a fiat system is illusory. It is a fundamentally synthetic instrument which has no intrinsic value. Hence, the recent seemingly illogical fluctuations in the market.
According to trade theory, the unending purpose of a market or instrument is to create and break price ranges according to the laws of supply and demand. We must determine when to trade based on each market inflection point as defined in price and in time as opposed to abandoning the trend (as the contrarian trading in this sub often does). Time and Price symmetry must be used to be in accordance with the trend. When coupled with a favorable risk to reward ratio, the ability to stay in the market for most of the defined time period, and adherence to risk management rules; the trader has a solid methodology for achieving considerable gains.
We will engage in a longer term market-oriented analysis to avoid any time-focused pressure. The Bitcoin market is open twenty-four-hours a day, so trading may be done when the individual is ready, without any pressing need to be constantly alert. Let alone, we can safely project months in advance with relatively high accuracy. Bitcoin is an asset which an individual can both trade and invest, however this article will be focused on trading due to the wide volatility in BTC prices over the short-term.

Technical Indicator Analysis of Bitcoin

Technical indicators are often considered self-fulfilling prophecies due to mass-market psychology gravitating towards certain common numbers yielded from them. They are also often discounted when it comes to BTC. That means a trader must be especially aware of these numbers as they can prognosticate market movements. Often, they are meaningless in the larger picture of things.
  • Volume – derived from the market itself, it is mostly irrelevant. The major problem with volume for stocks is that the US market open causes tremendous volume surges eradicating any intrinsic volume analysis. This does not occur with BTC, as it is open twenty-four-seven. At major highs and lows, the market is typically anemic. Most traders are not active at terminal discretes (peaks and troughs) because of levels of fear. Volume allows us confidence in time and price symmetry market inflection points, if we observe low volume at a foretold range of values. We can rationalize that an absolute discrete is usually only discovered and anticipated by very few traders. As the general market realizes it, a herd mentality will push the market in the direction favorable to defending it. Volume is also useful for swing trading, as chances for swing’s validity increases if an increase in volume is seen on and after the swing’s activation. Volume is steadily decreasing. Lows and highs are reached when volume is lower.
Therefore, due to the relatively high volume on the 12th of March, we can safely determine that a low for BTC was not reached.
  • VIX – Volatility Index, this technical indicator indicates level of fear by the amount of options-based “insurance” in portfolios. A low VIX environment, less than 20 for the S&P index, indicates a stable market with a possible uptrend. A high VIX, over 20, indicates a possible downtrend. VIX is essentially useless for BTC as BTC-based options do not exist. It allows us to predict the market low for $SPY, which will have an indirect impact on BTC in the short term, likely leading to the yearly low. However, it is equally important to see how VIX is changing over time, if it is decreasing or increasing, as that indicates increasing or decreasing fear. Low volatility allows high leverage without risk or rest. Occasionally, markets do rise with high VIX.
As VIX is unusually high, in the forties, we can be confident that a downtrend for the S&P 500 is imminent.
  • RSI (Relative Strength Index): The most important technical indicator, useful for determining highs and lows when time symmetry is not availing itself. Sometimes analysis of RSI can conflict in different time frames, easiest way to use it is when it is at extremes – either under 30 or over 70. Extremes can be used for filtering highs or lows based on time-and-price window calculations. Highly instructive as to major corrective clues and indicative of continued directional movement. Must determine if longer-term RSI values find support at same values as before. It is currently at 73.56.
  • Secondly, RSI may be used as a high or low filter, to observe the level that short-term RSI reaches in counter-trend corrections. Repetitions based on market movements based on RSI determine how long a trade should be held onto. Once a short term RSI reaches an extreme and stay there, the other RSI’s should gradually reach the same extremes. Once all RSI’s are at extreme highs, a trend confirmation should occur and RSI’s should drop to their midpoint.

Trend Definition Analysis of Bitcoin

Trend definition is highly powerful, cannot be understated. Knowledge of trend logic is enough to be a profitable trader, yet defining a trend is an arduous process. Multiple trends coexist across multiple time frames and across multiple market sectors. Like time structure, it makes the underlying price of the instrument irrelevant. Trend definitions cannot determine the validity of newly formed discretes. Trend becomes apparent when trades based in counter-trend inflection points continue to fail.
Downtrends are defined as an instrument making lower lows and lower highs that are recurrent, additive, qualified swing setups. Downtrends for all instruments are similar, except forex. They are fast and complete much quicker than uptrends. An average downtrend is 18 months, something which we will return to. An uptrend inception occurs when an instrument reaches a point where it fails to make a new low, then that low will be tested. After that, the instrument will either have a deep range retracement or it may take out the low slightly, resulting in a double-bottom. A swing must eventually form.
A simple way to roughly determine trend is to attempt to draw a line from three tops going upwards (uptrend) or a line from three bottoms going downwards (downtrend). It is not possible to correctly draw a downtrend line on the BTC chart, but it is possible to correctly draw an uptrend – indicating that the overall trend is downwards. The only mitigating factor is the impending stock market crash.

Time Symmetry Analysis of Bitcoin

Time is the movement from the past through the present into the future. It is a measurement in quantified intervals. In many ways, our perception of it is a human construct. It is more powerful than price as time may be utilized for a trade regardless of the market inflection point’s price. Were it possible to perfectly understand time, price would be totally irrelevant due to the predictive certainty time affords. Time structure is easier to learn than price, but much more difficult to apply with any accuracy. It is the hardest aspect of trading to learn, but also the most rewarding.
Humans do not have the ability to recognize every time window, however the ability to define market inflection points in terms of time is the single most powerful trading edge. Regardless, price should not be abandoned for time alone. Time structure analysis It is inherently flawed, as such the markets have a fail-safe, which is Price Structure. Even though Time is much more powerful, Price Structure should never be completely ignored. Time is the qualifier for Price and vice versa. Time can fail by tricking traders into counter-trend trading.
Time is a predestined trade quantifier, a filter to slow trades down, as it allows a trader to specifically focus on specific time windows and rest at others. It allows for quantitative measurements to reach deterministic values and is the primary qualifier for trends. Time structure should be utilized before price structure, and it is the primary trade criterion which requires support from price. We can see price structure on a chart, as areas of mathematical support or resistance, but we cannot see time structure.
Time may be used to tell us an exact point in the future where the market will inflect, after Price Theory has been fulfilled. In the present, price objectives based on price theory added to possible future times for market inflection points give us the exact time of market inflection points and price.
Time Structure is repetitions of time or inherent cycles of time, occurring in a methodical way to provide time windows which may be utilized for inflection points. They are not easily recognized and not easily defined by a price chart as measuring and observing time is very exact. Time structure is not a science, yet it does require precise measurements. Nothing is certain or definite. The critical question must be if a particular approach to time structure is currently lucrative or not.
We will measure it in intervals of 180 bars. Our goal is to determine time windows, when the market will react and when we should pay the most attention. By using time repetitions, the fact that market inflection points occurred at some point in the past and should, therefore, reoccur at some point in the future, we should obtain confidence as to when SPY will reach a market inflection point. Time repetitions are essentially the market’s memory. However, simply measuring the time between two points then trying to extrapolate into the future does not work. Measuring time is not the same as defining time repetitions. We will evaluate past sessions for market inflection points, whether discretes, qualified swings, or intra-range. Then records the times that the market has made highs or lows in a comparable time period to the future one seeks to trade in.
What follows is a time Histogram – A grouping of times which appear close together, then segregated based on that closeness. Time is aligned into combined histogram of repetitions and cycles, however cycles are irrelevant on a daily basis. If trading on an hourly basis, do not use hours.
  • Yearly Lows (last seven years): 1/1/13, 4/10/14, 1/15/15, 1/17/16, 1/1/17, 12/15/18, 2/6/19
  • Monthly Mode: 1, 1, 1, 1, 2, 4, 12
  • Daily Mode: 1, 1, 6, 10, 15, 15, 17
  • Monthly Lows (for the last year): 3/12/20 (10:00pm), 2/28/20 (7:09am), 1/2/20 (8:09pm), 12/18/19 (8:00am), 11/25/19 (1:00am), 10/24/19 (2:59am), 9/30/19 (2:59am), 8/29,19 (4:00am), 7/17/19 (7:59am), 6/4/19 (5:59pm), 5/1/19 (12:00am), 4/1/19 (12:00am)
  • Daily Lows Mode for those Months: 1, 1, 2, 4, 12, 17, 18, 24, 25, 28, 29, 30
  • Hourly Lows Mode for those Months (Military time): 0100, 0200, 0200, 0400, 0700, 0700, 0800, 1200, 1200, 1700, 2000, 2200
  • Minute Lows Mode for those Months: 00, 00, 00, 00, 00, 00, 09, 09, 59, 59, 59, 59
  • Day of the Week Lows (last twenty-six weeks):
Weighted Times are repetitions which appears multiple times within the same list, observed and accentuated once divided into relevant sections of the histogram. They are important in the presently defined trading time period and are similar to a mathematical mode with respect to a series. Phased times are essentially periodical patterns in histograms, though they do not guarantee inflection points
Evaluating the yearly lows, we see that BTC tends to have its lows primarily at the beginning of every year, with a possibility of it being at the end of the year. Following the same methodology, we get the middle of the month as the likeliest day. However, evaluating the monthly lows for the past year, the beginning and end of the month are more likely for lows.
Therefore, we have two primary dates from our histogram.
1/1/21, 1/15/21, and 1/29/21
2:00am, 8:00am, 12:00pm, or 10:00pm
In fact, the high for this year was February the 14th, only thirty days off from our histogram calculations.
The 8.6-Year Armstrong-Princeton Global Economic Confidence model states that 2.15 year intervals occur between corrections, relevant highs and lows. 2.15 years from the all-time peak discrete is February 9, 2020 – a reasonably accurate depiction of the low for this year (which was on 3/12/20). (Taking only the Armstrong model into account, the next high should be Saturday, April 23, 2022). Therefore, the Armstrong model indicates that we have actually bottomed out for the year!
Bear markets cannot exist in perpetuity whereas bull markets can. Bear markets will eventually have price objectives of zero, whereas bull markets can increase to infinity. It can occur for individual market instruments, but not markets as a whole. Since bull markets are defined by low volatility, they also last longer. Once a bull market is indicated, the trader can remain in a long position until a new high is reached, then switch to shorts. The average bear market is eighteen months long, giving us a date of August 19th, 2021 for the end of this bear market – roughly speaking. They cannot be shorter than fifteen months for a central-bank controlled market, which does not apply to Bitcoin. (Otherwise, it would continue until Sunday, September 12, 2021.) However, we should expect Bitcoin to experience its’ exponential growth after the stock market re-enters a bull market.
Terry Laundy’s T-Theory implemented by measuring the time of an indicator from peak to trough, then using that to define a future time window. It is similar to an head-and-shoulders pattern in that it is the process of forming the right side from a synthetic technical indicator. If the indicator is making continued lows, then time is recalculated for defining the right side of the T. The date of the market inflection point may be a price or indicator inflection date, so it is not always exactly useful. It is better to make us aware of possible market inflection points, clustered with other data. It gives us an RSI low of May, 9th 2020.
The Bradley Cycle is coupled with volatility allows start dates for campaigns or put options as insurance in portfolios for stocks. However, it is also useful for predicting market moves instead of terminal dates for discretes. Using dates which correspond to discretes, we can see how those dates correspond with changes in VIX.
Therefore, our timeline looks like:
  • 2/14/20 – yearly high ($10372 USD)
  • 3/12/20 – yearly low thus far ($3858 USD)
  • 5/9/20 – T-Theory true yearly low (BTC between 4863 and 3569)
  • 5/26/20 – hashrate difficulty halvening
  • 11/14/20 – stock market low
  • 1/15/21 – yearly low for BTC, around $8528
  • 8/19/21 – end of stock bear market
  • 11/26/21 – eighteen months from halvening, average peak from halvenings (BTC begins rising from $3000 area to above $23,312)
  • 4/23/22 – all-time high
Taken from my blog: http://aliamin.info/2020/
submitted by aibnsamin1 to Bitcoin [link] [comments]

365 day Bitcoin faucet challenge

Hello and thanks for stopping by. I'm undertaking a 365 day Bitcoin faucet challenge. I’ll be using a popular bitcoin faucet which I can’t name.
The parameters of the challenge are as follows:
And that's pretty much it. In 365 days I will report back my earnings.
I'm also going to use basic probability to calculate my estimated payout. Freebitcoin say they're games are provably fair. Well, let's prove it in the process of making me some bitcoin.
The faucet works as follows. You get to draw a number between 0 and 10,000 every hour and the payout table is as follows (but changes depending on the BTC value):
Due to the way the number is generated there is a 1/20,000 chance of rolling a 0 and 10,000. For an explanation of why this is the case see my EDIT at the bottom. The full probability distribution is as follows.
To get the average expected earnings per game, we simply need to multiply the probabilities by the payout.
For example: (9885 / 10000) * 0.00000025 + (100 / 10000) * 0.00000251 + .... + (1 / 20000) * 0.02513292 = 0.00000215 BTC
Again, this is the average payout per roll.
Now I'm going to complete 15 draws per day and 365 days. 15 * 365 * 0.00000215 BTC= 0.01177125 BTC
Since the probability of rolling a 10,000 in a year given my rolling frequency is pretty low I can exclude that from the probability table to get a more likely average payout figure of: 0.00000090 BTC per toll. This would result in a yearly estimated balance of 0.0049275.
Also the RP (rewards points) can be converted to BTC (minimum 100,000). Using the rewards point boost you should be able to get an additional 300 RP per day (assuming 15 rolls per day) using the 100 RP/roll boost. Converting this back to BTC would boost my average roll return by 0.00000020 BTC.
EDIT: Updated probability table. The probability of rolling a 10,000 is actually 1/20,000. The reason is a server seed and client seed are hashed together with a nonce and the first 8 hexadecimal characters are converted to decimal and then divided by a magic number to yield a decimal result between 0 and 10,000. The decimal is then rounded to the nearest integer. if you consider the number 5000, any decimal between 4999.5 and 5000.4999. will be rounded to 5000, however 10,000 and 0 are special cases because they can only ever be rounded from one side and this halves the probability in those two cases.
submitted by mrpringle5k to CryptoCurrency [link] [comments]

Jehuti vs Dicebot Part II

I don't know if you all were here for my last post but if you were, you would know that it didn't receive alot of attention. That is okay because I brought pictures today.
Now I know that alot of bitcoin strategies aren't really all the rage and even really work. Martingale is only good for medium-high chance rolls anyway. One particular strategy never works until it does. You feel me? This particular startegy is one that I came up with myself from just a humble excel sheet. From there, I remade the sequence from the excel sheet to fit Visual Basic NET so that the values I generate will not be bound to only 500 consecutive losses or your old satoshi total. I am not gonna hype this post up or give you an excel sheet and tell you read it. All I'm gonna tell you is that it works for the simple fact that I want you all to know what it does and how to run the program at home yourself.
INTRO For those that don't know me yet, my dev name is either Darth Jehuti or Demon Jehuti. But Jehuti is cool for time sake. Nice to meet you all. I've been into bitcoin for about a few years and I can say that I love the craze of currency that you can spend virtually anywhere. But I'm not gonna get into this introduction too much. Just know I develop whatever software anyone needs and I can code it in any syntax.
JEHUTI VS. DICEBOT. This program is one that I conceived out of countless hours of researching how the bitcoin casinos actually work. I'm not gonna get into all of the juicy shit but I will go thru with the basics for those that already gamble on these sites. The program is dynamic and will always spit out the many values for the custom strategy. More on that later. Jehuti VS Dicebot gambles two ways.
The first way is based off taking losses consecutively. I know how that sounds but it isn't as crazy as you might think. See, if you have a percentage chance that yields a 6x multiplier, you can only bet 1 satoshi 5 times. Then 2 satoshi twice and so on. My formula is if |accumulative loss| < bet × multiplier, do bet. (That is the absolute value of accumulative loss is less than bet times the multiplier.) Otherwise, increment bet by 1 and try formula again. If you were here for my last post, you would know that I suggested that one should start with 20000-50000 satoshis. But I, myself, started with 50000 and I'm currently at 73576 after about a day and a half. The longest time this program has run at once has been 21 hours straight. It never dropped to zero. I only turned it off because I like watching my Ray Donovan on Showtime, dammit. I've only run this on the Bitsler site but should run on other bitcoin dice sites without a problem. Once the total hits 120000 satoshis or more, it will start to bet 2 to increase the winnings faster. 60000 satoshis with 1 as a wager equals the same consecutive loss as 120000 satoshis with 2 as a wager. That makes sense, right?
The second way that JvD makes every roll count is rolling at a medium-high change like 60-75% and multiplying the bet on loss by what can replace the last bet plus a tiny decimal point amount to gain a little more as well. This was just a basic strategy that didn't take much thought as the last and timeouts according to the random range and how much satoshi you've accrued.
These two methods are both decided by a random number between 1-100.
SEUNTJIE'S DICEBOT. If you've heard of this particular program, that's good. Seuntjie has a custom sequence function that my program suite translates to. I.E. 0.00000001&7.77 This program is also useful for changing the dice rolling server seed. My program suite has a bunch of random timeouts purposely there to make sure the nonce of the current server seed isn't rolling too high or too many times. All you do is login to your designated site on this program, then open my JvD main robot. First, the main robot will decide which strategy to use and then at what percentage, wager, stop on win timeout, etc. Second, the main robot will grab the current satoshi total of your chosen bitcoin casino account and then call the secondary JvD robot to generate the new value lines asked for by the main. Then, once the main stores these lines in the clipboard, it will paste these lines into the custom sequence of this Seuntjie Dicebot program. That's it. Let it run all day if you desire. I am currently working to support this suite in low-RAM virtual machines to have them run in the absolute background so you can work on the main OS attentively and uninterrupted.
I will report back with another post once this hits 120000 satoshis to give you more insight about my program suite and to answer any questions that you might have regarding what it is that I'm doing and how I am doing it.
I'm not asking you to take this seriously. I am not gonna give you my donation link. I am not gonna scam you. I only like beating machines and I am simply sharing my success thus far into this venture of "casino mining". Stay tuned for my next post about how far I've gotten. And lastly, to all of you I say, please stay awesome! :)
submitted by DarthJehuti to u/DarthJehuti [link] [comments]

BIP proposal: Inhibiting a covert attack on the Bitcoin POW function | Gregory Maxwell | Apr 05 2017

Gregory Maxwell on Apr 05 2017:
A month ago I was explaining the attack on Bitcoin's SHA2 hashcash which
is exploited by ASICBOOST and the various steps which could be used to
block it in the network if it became a problem.
While most discussion of ASICBOOST has focused on the overt method
of implementing it, there also exists a covert method for using it.
As I explained one of the approaches to inhibit covert ASICBOOST I
realized that my words were pretty much also describing the SegWit
commitment structure.
The authors of the SegWit proposal made a specific effort to not be
incompatible with any mining system and, in particular, changed the
design at one point to accommodate mining chips with forced payout
addresses.
Had there been awareness of exploitation of this attack an effort
would have been made to avoid incompatibility-- simply to separate
concerns. But the best methods of implementing the covert attack
are significantly incompatible with virtually any method of
extending Bitcoin's transaction capabilities; with the notable
exception of extension blocks (which have their own problems).
An incompatibility would go a long way to explain some of the
more inexplicable behavior from some parties in the mining
ecosystem so I began looking for supporting evidence.
Reverse engineering of a particular mining chip has demonstrated
conclusively that ASICBOOST has been implemented
in hardware.
On that basis, I offer the following BIP draft for discussion.
This proposal does not prevent the attack in general, but only
inhibits covert forms of it which are incompatible with
improvements to the Bitcoin protocol.
I hope that even those of us who would strongly prefer that
ASICBOOST be blocked completely can come together to support
a protective measure that separates concerns by inhibiting
the covert use of it that potentially blocks protocol improvements.
The specific activation height is something I currently don't have
a strong opinion, so I've left it unspecified for the moment.
BIP: TBD
Layer: Consensus
Title: Inhibiting a covert attack on the Bitcoin POW function
Author: Greg Maxwell
Status: Draft
Type: Standards Track
Created: 2016-04-05
License: PD
==Abstract==
This proposal inhibits the covert exploitation of a known
vulnerability in Bitcoin Proof of Work function.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.
==Motivation==
Due to a design oversight the Bitcoin proof of work function has a potential
attack which can allow an attacking miner to save up-to 30% of their energy
costs (though closer to 20% is more likely due to implementation overheads).
Timo Hanke and Sergio Demian Lerner claim to hold a patent on this attack,
which they have so far not licensed for free and open use by the public.
They have been marketing their patent licenses under the trade-name
ASICBOOST. The document takes no position on the validity or enforceability
of the patent.
There are two major ways of exploiting the underlying vulnerability: One
obvious way which is highly detectable and is not in use on the network
today and a covert way which has significant interaction and potential
interference with the Bitcoin protocol. The covert mechanism is not
easily detected except through its interference with the protocol.
In particular, the protocol interactions of the covert method can block the
implementation of virtuous improvements such as segregated witness.
Exploitation of this vulnerability could result in payoff of as much as
$100 million USD per year at the time this was written (Assuming at
50% hash-power miner was gaining a 30% power advantage and that mining
was otherwise at profit equilibrium). This could have a phenomenal
centralizing effect by pushing mining out of profitability for all
other participants, and the income from secretly using this
optimization could be abused to significantly distort the Bitcoin
ecosystem in order to preserve the advantage.
Reverse engineering of a mining ASIC from a major manufacture has
revealed that it contains an undocumented, undisclosed ability
to make use of this attack. (The parties claiming to hold a
patent on this technique were completely unaware of this use.)
On the above basis the potential for covert exploitation of this
vulnerability and the resulting inequality in the mining process
and interference with useful improvements presents a clear and
present danger to the Bitcoin system which requires a response.
==Background==
The general idea of this attack is that SHA2-256 is a merkle damgard hash
function which consumes 64 bytes of data at a time.
The Bitcoin mining process repeatedly hashes an 80-byte 'block header' while
incriminating a 32-bit nonce which is at the end of this header data. This
means that the processing of the header involves two runs of the compression
function run-- one that consumes the first 64 bytes of the header and a
second which processes the remaining 16 bytes and padding.
The initial 'message expansion' operations in each step of the SHA2-256
function operate exclusively on that step's 64-bytes of input with no
influence from prior data that entered the hash.
Because of this if a miner is able to prepare a block header with
multiple distinct first 64-byte chunks but identical 16-byte
second chunks they can reuse the computation of the initial
expansion for multiple trials. This reduces power consumption.
There are two broad ways of making use of this attack. The obvious
way is to try candidates with different version numbers. Beyond
upsetting the soft-fork detection logic in Bitcoin nodes this has
little negative effect but it is highly conspicuous and easily
blocked.
The other method is based on the fact that the merkle root
committing to the transactions is contained in the first 64-bytes
except for the last 4 bytes of it. If the miner finds multiple
candidate root values which have the same final 32-bit then they
can use the attack.
To find multiple roots with the same trailing 32-bits the miner can
use efficient collision finding mechanism which will find a match
with as little as 216 candidate roots expected, 224 operations to
find a 4-way hit, though low memory approaches require more
computation.
An obvious way to generate different candidates is to grind the
coinbase extra-nonce but for non-empty blocks each attempt will
require 13 or so additional sha2 runs which is very inefficient.
This inefficiency can be avoided by computing a sqrt number of
candidates of the left side of the hash tree (e.g. using extra
nonce grinding) then an additional sqrt number of candidates of
the right side of the tree using transaction permutation or
substitution of a small number of transactions. All combinations
of the left and right side are then combined with only a single
hashing operation virtually eliminating all tree related
overhead.
With this final optimization finding a 4-way collision with a
moderate amount of memory requires ~224 hashing operations
instead of the >228 operations that would be require for
extra-nonce grinding which would substantially erode the
benefit of the attack.
It is this final optimization which this proposal blocks.
==New consensus rule==
Beginning block X and until block Y the coinbase transaction of
each block MUST either contain a BIP-141 segwit commitment or a
correct WTXID commitment with ID 0xaa21a9ef.
(See BIP-141 "Commitment structure" for details)
Existing segwit using miners are automatically compatible with
this proposal. Non-segwit miners can become compatible by simply
including an additional output matching a default commitment
value returned as part of getblocktemplate.
Miners SHOULD NOT automatically discontinue the commitment
at the expiration height.
==Discussion==
The commitment in the left side of the tree to all transactions
in the right side completely prevents the final sqrt speedup.
A stronger inhibition of the covert attack in the form of
requiring the least significant bits of the block timestamp
to be equal to a hash of the first 64-bytes of the header. This
would increase the collision space from 32 to 40 or more bits.
The root value could be required to meet a specific hash prefix
requirement in order to increase the computational work required
to try candidate roots. These change would be more disruptive and
there is no reason to believe that it is currently necessary.
The proposed rule automatically sunsets. If it is no longer needed
due to the introduction of stronger rules or the acceptance of the
version-grinding form then there would be no reason to continue
with this requirement. If it is still useful at the expiration
time the rule can simply be extended with a new softfork that
sets longer date ranges.
This sun-setting avoids the accumulation of technical debt due
to retaining enforcement of this rule when it is no longer needed
without requiring a hard fork to remove it.
== Overt attack ==
The non-covert form can be trivially blocked by requiring that
the header version match the coinbase transaction version.
This proposal does not include this block because this method
may become generally available without restriction in the future,
does not generally interfere with improvements in the protocol,
and because it is so easily detected that it could be blocked if
it becomes an issue in the future.
==Ba...[message truncated here by reddit bot]...
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/013996.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Great interview questions for bitcoin engineers

From here...
https://bitcointalk.org/index.php?topic=5006583.0
Questions. Chapter 1: Introduction 1. What are the main Bitcoin terms? 2. What is a Bitcoin address? 3. What is a Bitcoin transaction? 4. What is a Bitcoin block? 5. What is a Bitcoin blockchain? 6. What is a Bitcoin transaction ledger? 7. What is a Bitcoin system? What is a bitcoin (cryptocurrency)? How are they different? 8. What is a full Bitcoin stack? 9. What are two types of issues that digital money have to address? 10. What is a “double-spend” problem? 11. What is a distributed computing problem? What is the other name of this problem? 12. What is an election? 13. What is a consensus? 14. What is the name of the main algorithm that brings the bitcoin network to the consensus? 15. What are the different types of bitcoin clients? What is the difference between these clients? Which client offers the most flexibility? Which client offers the least flexibility? Which client is the most and least secure? 16. What is a bitcoin wallet? 17. What is a confirmed transaction and what is an unconfirmed transaction? Chapter 2: How Bitcoin works. 1. What is the best way to understand transactions in the Bitcoin network? 2. What is a transaction? What does it contain? What is the similarity of a transaction to a double entry ledger? What does input correspond to? What does output correspond to? 3. What are the typical transactions in the bitcoin network? Could you please name three of such transactions and give examples of each type of the transaction? 4. What is a QR and how it is used in the Bitcoin network? Are there different types of QRs? If so, what are the different types? Which type is more informational? What kind of information does it provide? 5. What is SPV? What does this procedure check and what type of clients of the Bitcoin network usually use this procedure? Chapter 3: The Bitcoin client. 1. How to download and install the Core Bitcoin client? 2. What is the best way to test the API available for the Core Bitcoin client without actually programming? What is the interface called? 3. What are the major areas of operations in the Bitcoin client? What can we do with the client? 4. What are the available operations for the Bitcoin addresses? 5. What are the available read operations for the Bitcoin transactions? How is a transaction encoded in the Bitcoin network? What is a raw transaction and what is a decoded transaction? 6. If I want to get information about a transaction that is not related to any address in my own wallet, do I need to change anything in the Bitcoin client configuration? If yes, which option do I need to modify? 7. What are the available read operation for the Bitcoin blocks? 8. What are the available operations for the creation of the transactions in the Bitcoin network? 9. How do you normally need to address the unspent output from the previous transaction in order to use it as an input for a new transaction? 10. What is the mandatory operation after creating a new transaction and before sending this new transaction to the network? What state does the wallet have to be in order to perform this operation? 11. Is the transaction ID immutable (TXID)? If not why, if yes, why and when? 12. What does signing a transaction mean? 13. What are the other options for Bitcoin clients? Are there any libraries that are written for some specific languages? What types of clients do these libraries implement? Chapter 4: Keys, Addresses and Wallets. 1. What is a PKC? When it was developed? What are the main mathematical foundations or functions that PKC is using? 2. What is ECC? Could you please provide the formula of the EC? What is the p and what is the Fp? What are the defined operations in ECC? What is a “point to infinity”? 3. What is a Bitcoin wallet? Does this wallet contain coins? If not, what does it contain then? 4. What is a BIP? What it is used for? 5. What is an encrypted private key? Why would we want to encrypt private keys? 6. What is a paper wallet? What kind of storage it is an example of? 7. What is a nondeterministic wallet? Is it a good wallet or a bad wallet? Could you justify? 8. What is a deterministic wallet? 9. What is an HD wallet? 10. How many keys are needed for one in and out transaction? What is a key pair? Which keys are in the key pair? 11. How many keys are stored in a wallet? 12. How does a public key gets created in Bitcoin? What is a “generator point”? 13. Could you please show on a picture how ECC multiplication is done? 14. How does a private key gets created in Bitcoin? What we should be aware of when creating a new private key? What is CSPRNG? What kind of input should this function be getting? 15. What is a WIF? What is WIF-Compressed? 16. What is Base58 encoding and what is Base58Check encoding? How it is different from Base64 encoding? Which characters are used in Base58? Why Base58Check was invented? What kind of problems does it solve? How is Base58Check encoding is created from Base58 encoding? 17. How can Bitcoin addresses be encoded? Which different encodings are used? Which key is used for the address creation? How is the address created? How this key is used and what is the used formula? 18. Can we visually distinguish between different keys in Base58Check format? If yes, how are they different from each other? What kind of prefixes are used? Could you please provide information about used prefixes for each type of the key? 19. What is an index in HD wallets? How many siblings can exist for a parent in an HD wallet? 20. What is the depth limitation for an HD wallet key hierarchy? 21. What are the main two advantages of an HD wallet comparing to the nondeterministic wallets? 22. What are the risks of non-hardened keys creation in an HD wallet? Could you please describe each of them? 23. What is a chain code in HD wallets? How many different chain code types there are? 24. What is the mnemonic code words? What are they used for? 25. What is a seed in an HD wallet? Is there any other name for it? 26. What is an extended key? How long is it and which parts does it consist of? 27. What is P2SH address? What function are P2SH addresses normally used for? Is that correct to call P2SH address a multi-sig address? Which BIP suggested using P2SH addresses? 28. What is a WIF-compressed private key? Is there such a thing as a compressed private key? Is there such a thing as a compressed public key? 29. What is a vanity address? 30. What is a vanity pool? 31. What is a P2PKH address? What is the prefix for the P2PKH address? 32. How does the owner prove that he is the real owner of some address? What does he have to represent to the network to prove the ownership? Why a perpetrator cannot copy this information and reuse it in the next transactions? 33. What is the rule for using funds that are secured by a cold storage wallet? How many times you can send to the address that is protected by the private key stored in a cold storage? How many times can you send funds from the address that is protected by the private key stored in a cold storage? Chapter 5: Transactions. 1. What is a transaction in Bitcoin? Why is it the most important operation in the Bitcoin ecosystem? 2. What is UTXO? What is one of the important rules of the UTXO? 3. Which language is used to write scripts in Bitcoin ecosystem? What are the features of this language? Which language does it look like? What are the limitations of this language? 4. What is the structure of a transaction? What does transaction consists of? 5. What are the standard transactions in Bitcoin? How many standard transactions there are (as of 2014)? 6. What is a “locking script” and what is an “unlocking script”? What is inside these scripts for a usual operation of P2PKH? What is a signature? Could you please describe in details how locking and unlocking scripts work and draw the necessary diagrams? 7. What is a transaction fee? What does the transaction fee depend on? 8. If you are manually creating transactions, what should you be very careful about? 9. Could you please provide a real life scenario when you might need a P2SH payment and operation? 10. What is the Script operation that is used to store in the blockchain some important data? Is it a good practice? Explain your answer. Chapter 6: The Bitcoin Network. 1. What is the network used in Bitcoin? What is it called? What is the abbreviation? What is the difference between this network architecture and the other network architectures? Could you please describe another network architecture and compare the Bitcoin network and the other network architectures? 2. What is a Bitcoin network? What is an extended Bitcoin network? What is the difference between those two networks? What are the other protocols used in the extended Bitcoin network? Why are these new protocols used? Can you give an example of one such protocol? What is it called? 3. What are the main functions of a bitcoin node? How many of them there are? Could you please name and describe each of them? Which functions are mandatory? 4. What is a full node in the Bitcoin network? What does it do and how does it differ from the other nodes? 5. What is a lightweight node in the Bitcoin network? What is another name of the lightweight node? How lightweight node checks transactions? 6. What are the main problems in the SPV process? What does SPV stand for? How does SPV work and what does it rely on? 7. What is a Sybil attack? 8. What is a transaction pool? Where are transaction pools stored in a Bitcoin network client? What are the two different transaction pools usually available in implementations? 9. What is the main Bitcoin client used in the network? What is the official name of the client and what is an unofficial name of this client? 10. What is UTXO pool? Do all clients keep this pool? Where is it stored? How does it differ from the transaction pools? 11. What is a Bloom filter? Why are Bloom filters used in the Bitcoin network? Were they originally used in the initial SW or were they introduced with a specific BIP? Chapter 7: The Blockchain. 1. What is a blockchain? 2. What is a block hash? Is it really a block hash or is it a hash of something else? 3. What is included in the block? What kind of information? 4. How many parents can one block have? 5. How many children can one block have? Is it a temporary or permanent state of the blockchain? What is the name of this state of the blockchain? 6. What is a Merkle tree? Why does Bitcoin network use Merkle trees? What is the advantage of using Merkle trees? What is the other name of the Merkle tree? What kind of form must this tree have? 7. How are blocks identified in the blockchain? What are the two commonly used identities? Are these identities stored in the blockchain? 8. What is the average size of one transaction? How many transactions are normally in one block? What is the size of a block header? 9. What kind of information do SPV nodes download? How much space do they save by that comparing to what they would need if they had to download the whole blockchain? 10. What is a usual representation of a blockchain? 11. What is a genesis block? Do clients download this block and if yes – where from? What is the number of the genesis block? 12. What is a Merkle root? What is a Merkle path? Chapter 8: Mining and Consensus. 1. What is the main purpose of mining? Is it to get the new coins for the miners? Alternatively, it is something else? Is mining the right or good term to describe the process? 2. What is PoW algorithm? 3. What are the two main incentives for miners to participate in the Bitcoin network? What is the current main incentive and will it be changed in the future? 4. Is the money supply in the Bitcoin network diminishing? If so, what is the diminishing rate? What was the original Bitcoin supply rate and how is it changed over time? Is the diminishing rate time related or rather block related? 5. What is the maximum number of Bitcoins available in the network after all the Bitcoins have been mined? When will all the Bitcoins be mined? 6. What is a decentralized consensus? What is a usual setup to clear transactions? What does a clearinghouse do? 7. What is deflationary money? Are they good or bad usually? What is the bad example of deflationary spiral? 8. What is an emergent consensus? What is the feature of emergent consensus? How does it differ from a usual consensus? What are the main processes out of which this emergent decentralized consensus becomes true? 9. Could you please describe the process of Independent Transaction Verification? What is the list of criteria that are checked against a newly received transaction? Where can these rules be checked? Can they be changed over time? If yes, why would they be changed? 10. Does mining node have to be a full node? If not, what are the other options for a node that is not full to be a mining node? 11. What is a candidate block? What types of nodes in the Bitcoin network create candidate blocks? What is a memory pool? Is there any other name of the memory pool? What are the transactions kept in this memory pool? 12. How are transactions added to the candidate block? How does a candidate block become a valid block? 13. What is the minimum value in the Bitcoin network? What is it called and what is the value? Are there any alternative names? 14. What is the age of the UTXO? 15. How is the priority of a transaction is calculated? What is the exact formula? What are the units of each contributing member? When is a transaction considered to be old? Can low priority transactions carry a zero fee? Will they be processed in this case? 16. How much size in each block is reserved for high priority transactions? How are transactions prioritized for the remaining space? 17. Do transactions expire in Bitcoin? Can transactions disappear in the Bitcoin network? If yes, could you please describe such scenario? 18. What is a generation transaction? Does it have another name? If it does, what is the other name of the transaction? What is the position of the generation transaction in the block? Does it have an input? Is the input usual UTXO? If not – what is the input called? How many outputs there are for the generation transaction? 19. What is the Coinbase data? What is it currently used for? 20. What is little-endian and big-endian formats? Could you please give an example of both? 21. How is the block header constructed? Which fields are calculated and added to the block header? Could you please describe the steps for calculation of the block header fields? 22. What is a mantissa-exponent encoding? How is this encoding used in the Bitcoin network? What is the difficulty target? What is the actual process of mining? What kind of mathematical calculation is executed to conduct mining? 23. Which hash function is used in the Bitcoin mining process? 24. Could you describe the PoW algorithm? What features of the hash function does it depend on? What is the other name of the hash function? What is a nonce? How can we increase the difficulty of the PoW calculation? What do we need to change and how do we need to change this parameter? 25. What is difficulty bits notation? Could you please describe in details how it works? What is the formula for the difficulty notation? 26. Why is difficulty adjustable? Who adjusts it and how exactly? Where is the adjustment made? On which node? How many blocks are taken into consideration to predict the next block issuance rate? What is the change limitation? Does the target difficulty depend on the number of transactions? 27. How is a new block propagated in the network? What kind of verification does each node do? What is the list of criteria for the new block? What kind of process ensures that the miners do not cheat? 28. How does a process of block assembly work? What are the sets of blocks each full node have? Could you please describe these sets of blocks? 29. What is a secondary chain? What does each node do to check this chain and perhaps to promote it to the primary chain? Could you please describe an example when a fork occurs and what happens? 30. How quickly forks are resolved most of the time? Within how many new block periods? 31. Why the next block is generated within 10 minutes from the previous? What is this compromise about? What do designers of the Bitcoin network thought about when implementing this rule? 32. What is a hashing race? How did Bitcoin hashing capacity has changed within years from inception? What kind of hardware devices were initially used and how did the HW utilization evolved? What kind of hardware is used now to do mining? How has the network difficulty improved? 33. What is the size of the field that stores nonce in the block header? What is the limitation and problem of the nonce? Why was an extra nonce created? Was there any intermediate solution? If yes, what was the solution? What are the limitations of the solution? 34. What is the exact solution for the extra nonce? Where does the new space come from? How much space is currently used and what is the range of the extra nonce now? 35. What is a mining pool? Why was it created? How are normally such pools operated? Do they pay regularly to the pool participants? Where are newly created Bitcoins distributed? To which address? How do mining pools make money? How do the mining pools calculate the participation? How are shares earned calculated? 36. What is a managed pool? How is the owner of the pool called? Do pool members need to run full nodes? Explain why or why not? 37. What are the most famous protocols used to coordinate pool activities? What is a block template? How is it used? 38. What is the limitation of a centralized pool? Is there any alternative? If yes, what is it? How is it called? How does it work? 39. What is a consensus attack? What is the main assumption of the Bitcoin network? What can be the targets of the consensus attacks? What can these attacks do and what they cannot do? How much overall capacity of the network do you have to control to exercise a consensus attack? Chapter 9: Alternative Chains, Currencies and Applications. 1. What is the name of alternative coins? Are they built on top of the Bitcoin network? What are examples of them? Is there any alternative approach? Could you please describe some alternatives? 2. Are there any alternatives to the PoW algorithm? If yes – what are the alternatives? Could you please name two or three? 3. What is the operation of the Script language that is used to store a metadata in Bitcoin blockchain? 4. What is a coloured coin? Could you please explain how it is created and how it works? Do you need any special SW to manage coloured coins? 5. What is the difference between alt coins and alt chains? What is a Litecoin? What are the major differences between the Bitcoin and Litecoin? Why so many alt coins have been created? What are they usually based on? 6. What is Scrypt? Where is it used and how is it different from the original algorithm from which it has been created? 7. What is a demurrage currency? Could you please give an example of one blockchain and crypto currency that is demurrage? 8. What is a good example of an alternative algorithm to PoW? What is it called and how is it different from the PoW? Why the alternatives to Bitcoin PoW have been created? What is the main reason for this? What is dual-purpose PoW algorithms? Why have they been created? 9. Is Bitcoin “anonymous” currency? Is it difficult to trace transactions and understand someone’s spending habits? 10. What is Ethereum? What kind of currency does it use? What is the difference from Bitcoin? Chapter 10: Bitcoin security. 1. What is the main approach of Bitcoin security? 2. What are two common mistakes made by newcomers to the world of Bitcoin? 3. What is a root of trust in traditional security settings? What is a root of trust in Bitcoin network? How should you assess security of your system? 4. What is a cold storage and paper wallet? 5. What is a hardware wallet? How is it better than storing private keys on your computer or your smart phone?
submitted by 5tu to BitcoinTechnology [link] [comments]

Thoughts and Ideas Regarding Mining

Link to @Daniel_Plante Thread

I'm going to retweet a twitter convo I had on 2019-03-17, reformatted to make it clearer. It's about mining, and #Bitcoin's survivability.
The thread included @petertoddbtc, @VinnyLingham, @BitcoinORama, @misterdna and @desantis IIRC. FYI: () means comment by me after the fact, and [] means a later edit to make things a little more clear. Here it is, comments welcome:
Thanks Mr Mendez (@misterdna), yes I already read it. Too much talking, not enough listening. This question might interest you Alex (@BitcoinORama):
if a hash+memory based cryptocoin proof took [off], would you expect Corsair (Micron?) would include one tiny hash core per DRAM die?
The DRAM industry is at the top of its product adoption S-curve. Razor thin margins, supply contracts years into the future, and R&D cycles give 2% improvement/year. It's not possible to dominate that industry [the way Bitcoin ASIC designers did] with less than $50B and 10 years. DRAM is what's known as a "commodity [mature] product" - not "commodity" as in corn or oil. [But] like toasters or flashlights. The economic inertia is immense. Basically, the only ASIC attack you could do on the DRAM industry is to make your ASIC into a better DRAM. Which of course is a silly notion.
If you want a 2nd opinion, @BitcoinORama might help. Alex, GPUs simply accelerate an algorithm. You already gamed that. Can't game memory. An algo might be gamed. You can't game a solid proof of control of a physical resource. "Memory intensive algos" are a hope and a prayer. Do you want a hybrid Pow+DRAM example?
(@desantis): yes.
Ok... you have a PC. You mine as usual, pick your tx's & assemble your block. Set your nonce, but also set a DRAM size commitment (2, 4, 8 Gb etc). Hash that block, put that hash in memory. Then hash that result and put that in the next mem location, etc. If you use up the DRAM commitment, advance the nonce & start over. If you find the solution, keep hashing/storing to the end of your DRAM commitment, & publish. A lot more detail, but that's basically it. Prove you have a physical [common] resource.
(@desantis) what if I have multiple TB of RAM?
Sure, buy multiple TB of RAM, that's fine. But it can only be served by one hash source. (Most don't grok that critical point.)
(@desantis) the ability to acquire large quantities of RAM becomes the new ASIC, no?
The new ASIC... to a certain extent, but it's bound to a single hash node, and the current global installed base of DRAM, in conjunction with manufacturer contracts precludes that in any practical sense.
(@desantis) where can I read more?
No place in particular. Mentioned it a few times over the years. In detail only now.
(@pa49): I guess the point is that there's no monopoly on DRAM.
(@desantis) there will be once the manufacturers realize their hw prints money, no?
Not really about monopoly, but just a mature industry that a BTC ASIC startup would not have a hope in hell of prying open.
(@BitcoinORama) you can allocate memory to the same package as the chip if justified re: scrypt asics Right Alex, and here's an interesting question: if PoW+DRAM takes [off], will Micron add a tiny hashing core to its DRAM dies?
(@desantis) I think they would.
I think you're right. Under those circumstances, that's what I would advise them to do.
(@BitcoinORama) ahh now i think I get where you are going with this.
Thanks for your help Alex. Our talk the other night gelled my thoughts. yeah I started reading that http://Bitcointalk.org thread today. [It Prodded] me. But 2 more things:
miner has to complete the DRAM commitment but then use the very last hash as input to an algorithm that points back to multiple random results in the DRAM range & publish it.
Keeps him honest.
2nd, if he commits to 26G but finds the answer in the 1st 10M, he might want to quickly start over with a 1G commit if he lies about how much memory per hasher. So, counterintuitively, you make the difficulty setting for 2G twice as high as 4G. (And that was the convo from March 19th 2017. But, something I forgot to add:
DRAM hybrid mining difficulty.
For a PoW+DRAM hybrid, you don't actually have to synchronise them. They work independently. You just design your consensus algorithm to accept the "first past the post" from either of them. Bitcoin's timing is currently designed around 10 minute blocks, & just hashing.
This hybrid design will require a 3-variable DRAM difficulty approach to seamlessly integrate into the hashing paradigm economics. It is wise to accomodate the ASIC designer and miner, so give them 2 years to turn their profits and get out. So you want to make the DRAM part of it very difficcult at first.
Here's the 3 layers:
Layer 1 is the introductory layer: a reverse S-curve, because you want the DRAM success to start slow, then accelerate, then go asymptotic to its final value which will then eclipse pure PoW. It should be 100 times harder to get a block reward using DRAM at first.
Layer 2 is the core value: long term DRAM difficulty calculation - it is recalculated the same as the current Bitcoin one, every 2 weeks or so.
Layer 3 is dependent on your memory size commitment before you start to hash and store results. Reconciling these 3 variables gives you your difficulty level before you start a hash/store run.
Again, all you have to do to restore mining to the masses is tie it to a real world physical resource everybody has, and/or can easily get. I've said many times that the "proof" needs more than "decentralized" - it absolutely requires "massively diffuse" or it won't work:
ie,"a miner in every home".
And that's the software side of things. The hardware side (internet physical infrastructure that you don't control) is yet another sticky point. I have a couple of ideas about that, but I sense that very few will embrace the unavoidable tradeoffs. Thanks for your time.)
Update: I found a critical flaw
A miner with ASICs could just hash at full speed "off line" without storing results, find the solution, then pass the data + nonce to a PC with DRAM to reproduce that winning pass but store the results.
Solution: Instead of using the very last hash to compute a memory location to publish, you instead do it periodically during the hashing run, eg every 1024 hashes or 65536 or whatever. Use the value at that location to XOR with your last hash. Repeat through your run.
submitted by thimblewimble to Mimblewimble [link] [comments]

"POS stands for the future? Qtum brings deep analysis"

Each cryptocurrency will adopt some kind of consensus mechanism so that the entire distributed network can maintain synchronization. Bitcoin adopted the Proof of Work (PoW) consensus mechanism from the very beginning of its birth to achieve proof of workload through continuous digital cryptographic hash operations. Since the hashing algorithm is unidirectional, even a small change in the input data will make the output hash value completely different. If the calculated hash value satisfies certain conditions (referred to as "mining difficulty"), participants in the bitcoin network identify the workload proof. Mining difficulty is an ever-changing hash target. When the speed of network-generated blocks becomes faster, the difficulty is automatically increased to maintain the average of the entire network every 10 minutes.
 
Definition
For those who are not very familiar with the blockchain, here are some basic definitions to help understand the post:
 
PoW and Blockchain Consensus System
Through 8 years of development of Bitcoin, the security of the PoW mechanism has been confirmed. However, PoW has the following problems:
 
  1. PoW has wasted a lot of power resources and is not friendly to the environment;
  2. PoW is only economically advantageous for big people who have a lot of power (normal users can hardly mine into mines);
  3. PoW lacks incentives for users to hold or use coins;
  4. PoW has a certain risk of centralization, because miners tend to join large pools, which makes large pools have a greater influence on the network;
 
The right to benefit prove mechanism (Proof of Stake, hereinafter referred to as PoS) can solve a lot of problems among this, because it enables any user with tokens in your wallet can have the opportunity to dig mine (of course, will get mining reward). The PoS was originally proposed by Sunny King in Peercoin. It was later refined and adopted in a variety of cryptocurrencies. Among these are PoS Vasin's PoS 2.0, Larry Ren's PoS Velocity, and the recent CASPER proposed by Vlad Zamfir, as well as various other relatively unknown projects.
 
The consensus mechanism adopted by Qtum is based on PoS3.0. PoS3.0 is an upgraded version of PoS2.0, also proposed and implemented by Pavel Vasin. This article will focus on this version of the PoS implementation. Qtum made some changes based on PoS3.0, but the core consensus mechanism is basically the same.
 
For general community members and even some developers, PoS is not particularly easy to understand because there are currently fewer documents detailing how to ensure network security in networks that use only token ownership to achieve consensus. This article will elaborate on how to generate, verify, and secure the PoS blockchain in PoS3.0. The article may involve some technical knowledge, but I will try to describe it with some of the basic definitions provided in this article. But at least the reader needs to have a basic idea of ​​a UTXO-based blockchain.
 
Before introducing PoS, let me briefly introduce PoW's working mechanism, which can help the following understanding of PoS. The PoW mining process can be represented by the following pseudocode:  
While(blockhash > difficulty) { Block.nonce = block.nonce + 1 Blockhash = sha256(sha256(block)) } 
 
The hash operation used here I explained earlier, that is, to use arbitrary length data as input, after a series of operations, get a fixed-length information digest as an output, but only know the information digest but it is impossible to reverse the corresponding input data . The whole process is a lot like the lottery winning mechanism. You can create a “voucher” by hashing the data and compare it with the target hash range to determine if you “win”. If you don't win, you can create a new "voucher" again by slightly changing some of the data. The random number nonce in Bitcoin is used to adjust the input data. Once the required hash is found, the block is legitimate and can be broadcast to a distributed network. Once the other miners in the network receive this new block message and pass the verification, they will add the block to the chain and continue to build the block after the new block.
 
PoS protocol structure and rules
 
Now we begin to introduce PoS. PoS has the following goals :
  1. Cannot fake blocks;
  2. "Large households" will not receive much disproportionately large rewards;
  3. Having strong computing power does not help create blocks;
  4. No one or several members of the network can control the entire blockchain;
The basic concept of PoS is very similar to PoW, and it is like a lottery. The only difference is that PoS can't get new "lotteries" just by fine-tuning the input data, PoW uses "block hash" as lottery ticket, and PoS introduces the concept of "kernel hash".
The Kernel hash takes as input multiple unmodifiable data in the current block. So, because the miners can't find a simple way to modify the kernal hash, they can't get legal through a lot of traversal of the possible hash.New block.
 
In order to achieve this goal, PoS added many additional consensus rules.
First, unlike PoW, the PoS's coinbase transaction (that is, the first transaction in the block) has zero output. At the same time, in order to reward Staker, a staking transaction was introduced as the second transaction of the block. The staking transaction has the following features:
  1. There are at least 1 legal vin
  2. The first vout must be empty script
  3. The second vout must not be empty
 
In addition, staking transactions must also obey the following rules :
  1. The second vout must be a pubkey script (note that it is not pubkeyhash) or an OP_RETURN script that cannot be used to save data on the chain;
  2. The timestamp in the transaction must be consistent with the block timestamp;
  3. The total output value of the staking transaction must be less than or equal to the sum of all input values, PoS block awards, and transaction fees (ie output <= (input + block_reward + tx_fees));
  4. The output corresponding to the first vin must pass the confirmation of at least 500 blocks (that is, the currency spent needs at least 500 blocks to confirm);
  5. Although the staking transaction can have multiple input vins, only the first vin is used for the consensus mechanism;
 
These rules make it easy to identify the staking transaction, thus ensuring that it can provide enough information to verify the block. It should be noted here that the first vout is not the only way to identify the staking transaction, but since the PoS3.0 designer Sunny King started using this method, and proved its reliability in long-term practice, so we have also adopted this method to identify staking transactions.
 
Now that we know the definition of the staking transaction and we understand the rules that it must follow, let's introduce the rules of the PoS block :
 
The most important of these rules for PoS is the "kernal hash". The role of the kernel hash is similar to that of the block hash in PoW. That is, if the hash value matches the condition, the block is considered valid. However, kernal hash cannot be obtained by directly modifying part of the current block. Next, I will first introduce the structure and operating mechanism of kernal hash, and then further explain the purpose of this design, and if you change the unforeseen consequences of this design will bring.
 
Kernel Hash in PoS
The kernal hash consists of the following data in order as input:
 
The "skate modifier" of a block refers to the hash value of the following data:
There are only two ways to change the current kernel hash (for mining), either change "prevout" or change the current block time.
 
In general, a wallet will contain multiple UTXOs. The balance of the wallet is actually the sum of all available UTXOs in the current wallet. This is also applicable in PoS wallets and is even more important because arbitrary output may be used for staking. One of these outputs will be the prevout in the staking transaction, which will be used to generate a valid block.
 
In addition, there is one more important change in the PoS block mining process (compared to PoW), which is that the difficulty of mining is inversely proportional to the number of coins owned (rather than the number of UTXOs). For example, a wallet with 2 coins is only half the difficulty of mining. If it is not designed this way, users will be encouraged to generate many UTXOs with small micro-regulations, which will cause the block size to become larger and may cause some security problems.
 
The calculation of kernal hash can be expressed in pseudo-code as:
While(true){ Foreach(utxo in wallet){ blockTime = currentTime - currentTime % 16 posDifficulty = difficulty * utxo.value Hash = hash(previousStakeModifier << utxo.time << utxo.hash << utxo.n << blockTime) If(hash < posDifficulty){ Done } } Wait 16s -- wait 16 seconds, until the block time can be changed } 
 
Through the above process, we find that one of the UTXOs can be used to generate a staking transaction. This staking transaction has 1 vin, the UTXO we found. At the same time this staking transaction has at least two vouts, the first one is empty, which is used to identify the blockchain, the second vout is an OP_RETURN transaction containing only one public key, or contains the pay-to-pub-key script. The role of the latter is relatively pure (payment), and data transactions can have more uses (such as an independent block signature machine) without destroying the original UTXO model.
 
Finally, all transactions in the mempool will be added to the block. What we need to do next is generate the signature. This signature must use the public key corresponding to the second vout of the staking transaction. The actual transaction data is calculated by block hash. After signing, we can broadcast this block to the network. Other nodes in the network will verify the block. If the block is valid, the node will accept the block and connect it to its own blockchain while broadcasting the new block to other nodes it connects to.
 
Through the above steps, we can get a complete and secure PoS3.0 blockchain. PoS3.0 is considered to be the best consensus mechanism against malicious attacks in a fully decentralized consensus system. Why is this conclusion? We can understand the history of PoS development.
 
The development of PoS
PoS has a long history. Here is a brief description:
 
PoS1.0 — Applied in Peercoin , heavily dependent on coin age (ie, the time elapsed since UTXO was spent), the higher the coin age, the lower the difficulty of mining. This has the side effect that the user will choose to open a wallet for a long period of time (for example, one month or longer), so that the UTXO of the wallet will have a relatively large currency and the user can quickly find a new block. This will lead to double-spend attacks more easily. Peercoin itself is not affected by this, because it uses PoW and PoS mixing mechanisms, and PoW can reduce this negative effect.
 
PoS2.0 — The coin age was removed from the consensus mechanism and a different stake modifier was used than PoS1.0. The contents of the amendments are relatively numerous, but basically they are all about how to remove the coin age and realize the security consensus mechanism without using the PoW/PoS hybrid mode.
 
PoS3.0 — PoS3.0 can actually be said to be an upgraded version of PoS2.0. In PoS2.0, the snapshot modifier also contains the block time of the previous block, which was removed in 3.0, mainly to prevent the so-called "short-range" attack, that is, it is possible to change the previous area by traversing. Block time to traverse mining. PoS2.0 uses block time and transaction time to determine the age of UTXO, which is slightly different from the previous coinage age. It indicates that a UTXO can be used for the minimum number of confirmations required by staking. The UTXO age in PoS 3.0 becomes simpler, it is determined by the height of the block. This avoids the introduction of a less accurate timestamp in the blockchain and can effectively immunize the "timewarp" attack. PoS3.0 also adds OP_RETURN support for staking transactions, making voutYou can include only the public key, not necessarily the full pay-to-pubkey script.
 
Original:https://mp.weixin.qq.com/s/BRPuRn7iOoqeWbMiqXI11g
submitted by thisthingismud to Qtum [link] [comments]

The missing explanation of Proof of Stake Version 3 - Article by earlz.net

The missing explanation of Proof of Stake Version 3

In every cryptocurrency there must be some consensus mechanism which keeps the entire distributed network in sync. When Bitcoin first came out, it introduced the Proof of Work (PoW) system. PoW is done by cryptographically hashing a piece of data (the block header) over and over. Because of how one-way hashing works. One tiny change in the data can cause an extremely different hash to come of it. Participants in the network determine if the PoW is valid complete by judging if the final hash meets a certain condition, called difficulty. The difficulty is an ever changing "target" which the hash must meet or exceed. Whenever the network is creating more blocks than scheduled, this target is changed automatically by the network so that the target becomes more and more difficult to meet. And thus, requires more and more computing power to find a hash that matches the target within the target time of 10 minutes.

Definitions

Some basic definitions might be unfamiliar to some people not familiar with the blockchain code, these are:

Proof of Work and Blockchain Consensus Systems

Proof of Work is a proven consensus mechanism that has made Bitcoin secure and trustworthy for 8 years now. However, it is not without it's fair share of problems. PoW's major drawbacks are:
  1. PoW wastes a lot of electricity, harming the environment.
  2. PoW benefits greatly from economies of scale, so it tends to benefit big players the most, rather than small participants in the network.
  3. PoW provides no incentive to use or keep the tokens.
  4. PoW has some centralization risks, because it tends to encourage miners to participate in the biggest mining pool (a group of miners who share the block reward), thus the biggest mining pool operator holds a lot of control over the network.
Proof of Stake was invented to solve many of these problems by allowing participants to create and mine new blocks (and thus also get a block reward), simply by holding onto coins in their wallet and allowing their wallet to do automatic "staking". Proof Of Stake was originally invented by Sunny King and implemented in Peercoin. It has since been improved and adapted by many other people. This includes "Proof of Stake Version 2" by Pavel Vasin, "Proof of Stake Velocity" by Larry Ren, and most recently CASPER by Vlad Zamfir, as well as countless other experiments and lesser known projects.
For Qtum we have decided to build upon "Proof of Stake Version 3", an improvement over version 2 that was also made by Pavel Vasin and implemented in the Blackcoin project. This version of PoS as implemented in Blackcoin is what we will be describing here. Some minor details of it has been modified in Qtum, but the core consensus model is identical.
For many community members and developers alike, proof of stake is a difficult topic, because there has been very little written on how it manages to accomplish keeping the network safe using only proof of ownership of tokens on the network. This blog post will go into fine detail about Proof of Stake Version 3 and how it's blocks are created, validated, and ultimately how a pure Proof of Stake blockchain is possible to secure. This will assume some technical knowledge, but I will try to explain things so that most of the knowledge can be gathered from context. You should at least be familiar with the concept of the UTXO-based blockchain.
Before we talk about PoS, it helps to understand how the much simpler PoW consensus mechanism works. It's mining process can be described in just a few lines of pseudo-code:
while(blockhash > difficulty) { block.nonce = block.nonce + 1 blockhash = sha256(sha256(block)) } 
A hash is a cryptographic algorithm which takes an arbritrary amount of input data, does a lot of processing of it, and outputs a fixed-size "digest" of that data. It is impossible to figure out the input data with just the digest. So, PoW tends to function like a lottery, where you find out if you won by creating the hash and checking it against the target, and you create another ticket by changing some piece of data in the block. In Bitcoin's case, nonce is used for this, as well as some other fields (usually called "extraNonce"). Once a blockhash is found which is less than the difficulty target, the block is valid, and can be broadcast to the rest of the distributed network. Miners will then see it and start building the next block on top of this block.

Proof of Stake's Protocol Structures and Rules

Now enter Proof of Stake. We have these goals for PoS:
  1. Impossible to counterfeit a block
  2. Big players do not get disproportionally bigger rewards
  3. More computing power is not useful for creating blocks
  4. No one member of the network can control the entire blockchain
The core concept of PoS is very similar to PoW, a lottery. However, the big difference is that it is not possible to "get more tickets" to the lottery by simply changing some data in the block. Instead of the "block hash" being the lottery ticket to judge against a target, PoS invents the notion of a "kernel hash".
The kernel hash is composed of several pieces of data that are not readily modifiable in the current block. And so, because the miners do not have an easy way to modify the kernel hash, they can not simply iterate through a large amount of hashes like in PoW.
Proof of Stake blocks add many additional consensus rules in order to realize it's goals. First, unlike in PoW, the coinbase transaction (the first transaction in the block) must be empty and reward 0 tokens. Instead, to reward stakers, there is a special "stake transaction" which must be the 2nd transaction in the block. A stake transaction is defined as any transaction that:
  1. Has at least 1 valid vin
  2. It's first vout must be an empty script
  3. It's second vout must not be empty
Furthermore, staking transactions must abide by these rules to be valid in a block:
  1. The second vout must be either a pubkey (not pubkeyhash!) script, or an OP_RETURN script that is unspendable (data-only) but stores data for a public key
  2. The timestamp in the transaction must be equal to the block timestamp
  3. the total output value of a stake transaction must be less than or equal to the total inputs plus the PoS block reward plus the block's total transaction fees. output <= (input + block_reward + tx_fees)
  4. The first spent vin's output must be confirmed by at least 500 blocks (in otherwords, the coins being spent must be at least 500 blocks old)
  5. Though more vins can used and spent in a staking transaction, the first vin is the only one used for consensus parameters.
These rules ensure that the stake transaction is easy to identify, and ensures that it gives enough info to the blockchain to validate the block. The empty vout method is not the only way staking transactions could have been identified, but this was the original design from Sunny King and has worked well enough.
Now that we understand what a staking transaction is, and what rules they must abide by, the next piece is to cover the rules for PoS blocks:
There are a lot of details here that we'll cover in a bit. The most important part that really makes PoS effective lies in the "kernel hash". The kernel hash is used similar to PoW (if hash meets difficulty, then block is valid). However, the kernel hash is not directly modifiable in the context of the current block. We will first cover exactly what goes into these structures and mechanisms, and later explain why this design is exactly this way, and what unexpected consequences can come from minor changes to it.

The Proof of Stake Kernel Hash

The kernel hash specifically consists of the following exact pieces of data (in order):
The stake modifier of a block is a hash of exactly:
The only way to change the current kernel hash (in order to mine a block), is thus to either change your "prevout", or to change the current block time.
A single wallet typically contains many UTXOs. The balance of the wallet is basically the total amount of all the UTXOs that can be spent by the wallet. This is of course the same in a PoS wallet. This is important though, because any output can be used for staking. One of these outputs are what can become the "prevout" in a staking transaction to form a valid PoS block.
Finally, there is one more aspect that is changed in the mining process of a PoS block. The difficulty is weighted against the number of coins in the staking transaction. The PoS difficulty ends up being twice as easy to achieve when staking 2 coins, compared to staking just 1 coin. If this were not the case, then it would encourage creating many tiny UTXOs for staking, which would bloat the size of the blockchain and ultimately cause the entire network to require more resources to maintain, as well as potentially compromise the blockchain's overall security.
So, if we were to show some pseudo-code for finding a valid kernel hash now, it would look like:
while(true){ foreach(utxo in wallet){ blockTime = currentTime - currentTime % 16 posDifficulty = difficulty * utxo.value hash = hash(previousStakeModifier << utxo.time << utxo.hash << utxo.n << blockTime) if(hash < posDifficulty){ done } } wait 16s -- wait 16 seconds, until the block time can be changed } 
This code isn't so easy to understand as our PoW example, so I'll attempt to explain it in plain english:
Do the following over and over for infinity: Calculate the blockTime to be the current time minus itself modulus 16 (modulus is like dividing by 16, but then only instead of taking the result, taking the remainder) Calculate the posDifficulty as the network difficulty, multiplied by the number of coins held by the UTXO. Cycle through each UTXO in the wallet. With each UTXO, calculate a SHA256 hash using the previous block's stake modifier, as well as some data from the the UTXO, and finally the blockTime. Compare this hash to the posDifficulty. If the hash is less than the posDifficulty, then the kernel hash is valid and you can create a new block. After going through all UTXOs, if no hash produced is less than the posDifficulty, then wait 16 seconds and do it all over again. 
Now that we have found a valid kernel hash using one of the UTXOs we can spend, we can create a staking transaction. This staking transaction will have 1 vin, which spends the UTXO we found that has a valid kernel hash. It will have (at least) 2 vouts. The first vout will be empty, identifying to the blockchain that it is a staking transaction. The second vout will either contain an OP_RETURN data transaction that contains a single public key, or it will contain a pay-to-pubkey script. The latter is usually used for simplicity, but using a data transaction for this allows for some advanced use cases (such as a separate block signing machine) without needlessly cluttering the UTXO set.
Finally, any transactions from the mempool are added to the block. The only thing left to do now is to create a signature, proving that we have approved the otherwise valid PoS block. The signature must use the public key that is encoded (either as pay-pubkey script, or as a data OP_RETURN script) in the second vout of the staking transaction. The actual data signed in the block hash. After the signature is applied, the block can be broadcast to the network. Nodes in the network will then validate the block and if it finds it valid and there is no better blockchain then it will accept it into it's own blockchain and broadcast the block to all the nodes it has connection to.
Now we have a fully functional and secure PoSv3 blockchain. PoSv3 is what we determined to be most resistant to attack while maintaining a pure decentralized consensus system (ie, without master nodes or currators). To understand why we approached this conclusion however, we must understand it's history.

PoSv3's History

Proof of Stake has a fairly long history. I won't cover every detail, but cover broadly what was changed between each version to arrive at PoSv3 for historical purposes:
PoSv1 - This version is implemented in Peercoin. It relied heavily on the notion of "coin age", or how long a UTXO has not been spent on the blockchain. It's implementation would basically make it so that the higher the coin age, the more the difficulty is reduced. This had the bad side-effect however of encouraging people to only open their wallet every month or longer for staking. Assuming the coins were all relatively old, they would almost instantaneously produce new staking blocks. This however makes double-spend attacks extremely easy to execute. Peercoin itself is not affected by this because it is a hybrid PoW and PoS blockchain, so the PoW blocks mitigated this effect.
PoSv2 - This version removes coin age completely from consensus, as well as using a completely different stake modifier mechanism from v1. The number of changes are too numerous to list here. All of this was done to remove coin age from consensus and make it a safe consensus mechanism without requiring a PoW/PoS hybrid blockchain to mitigate various attacks.
PoSv3 - PoSv3 is really more of an incremental improvement over PoSv2. In PoSv2 the stake modifier also included the previous block time. This was removed to prevent a "short-range" attack where it was possible to iteratively mine an alternative blockchain by iterating through previous block times. PoSv2 used block and transaction times to determine the age of a UTXO; this is not the same as coin age, but rather is the "minimum confirmations required" before a UTXO can be used for staking. This was changed to a much simpler mechanism where the age of a UTXO is determined by it's depth in the blockchain. This thus doesn't incentivize inaccurate timestamps to be used on the blockchain, and is also more immune to "timewarp" attacks. PoSv3 also added support for OP_RETURN coinstake transactions which allows for a vout to contain the public key for signing the block without requiring a full pay-to-pubkey script.

References:

  1. https://peercoin.net/assets/papepeercoin-paper.pdf
  2. https://blackcoin.co/blackcoin-pos-protocol-v2-whitepaper.pdf
  3. https://www.reddcoin.com/papers/PoSV.pdf
  4. https://blog.ethereum.org/2015/08/01/introducing-casper-friendly-ghost/
  5. https://github.com/JohnDolittle/blackcoin-old/blob/mastesrc/kernel.h#L11
  6. https://github.com/JohnDolittle/blackcoin-old/blob/mastesrc/main.cpp#L2032
  7. https://github.com/JohnDolittle/blackcoin-old/blob/mastesrc/main.h#L279
  8. http://earlz.net/view/2017/07/27/1820/what-is-a-utxo-and-how-does-it
  9. https://en.bitcoin.it/wiki/Script#Obsolete_pay-to-pubkey_transaction
  10. https://en.bitcoin.it/wiki/Script#Standard_Transaction_to_Bitcoin_address_.28pay-to-pubkey-hash.29
  11. https://en.bitcoin.it/wiki/Script#Provably_Unspendable.2FPrunable_Outputs
Article by earlz.net
http://earlz.net/view/2017/07/27/1904/the-missing-explanation-of-proof-of-stake-version
submitted by B3TeC to Moin [link] [comments]

Novice, Intermediate or Expert? A Quiz to Test Your Bitcoin Knowledge

Think you know the ins-and-outs of bitcoin? Test yourself with 30 questions that grill you on Bitcoin’s history, technology and politics. The 30 questions are split up into three segments ranging from novice to intermediate to expert, and cover a wide range of topics across the Bitcoin landscape.
If you get stuck or want to check your answers along the way, an answer sheet has been added below the quiz. Of course, these questions cover only a few points about Bitcoin so far — with so many new developments taking place, there is always more to learn. Good luck!
Novice Questions 1. Who created bitcoin?
a. Vitalik Buterin b. Gavin Andresen c. Satoshi Nakamoto d. Charlie Lee e. Jackson Palmer 2. What is the original document that proposed Bitcoin, considered by many in the space to be a “must read”?
a. The Bitcoin White Paper b. The Golden Proposal c. E-Money: Bitcoin and the Blockchain d. The Bitcoin Manifesto e. The Bitcoin Constitution 3. What is the name of the bitcoin exchange from Japan that famously collapsed in 2014 due to a devastating hack?
a. Tradehill b. Bitstamp c. Mt. Gox d. Blockchain.info e. Bit Trade 4. How many bitcoin will ever be created?
a. Unlimited b. 77,340,109 c. 3,500,000 d. 21,000,000 e. 18,650,000 5. What is the name of the off-chain scaling solution that is being developed to mitigate bitcoin’s fees and long transaction times?
a. Instasend b. Second Layer Network c. Lightning Network d. Quick Net e. The Bitcoin Payment Network 6. Which of the following statements is NOT true about bitcoin wallets?
a. Wallets can come in many forms, as long as they hold your private keys. b. Wallets have addresses that anyone can use to see the current number of unspent bitcoins in them. c. The only thing someone needs to access a wallet is the private key. d. It is possible to send bitcoin by signing the transaction offline and then broadcasting the transaction later. e. To open a wallet you must submit a request to the wallet provider. 7. What is the name of the technology underlying Bitcoin?
a. Bitchain b. Blocklink c. Blockchain d. CoinLedger e. Satoshisquare 8. True or false? Bitcoin can be sent to an Ethereum address.
a. True b. False 9. The first underground marketplace on the dark web which used bitcoin as its native currency and was created by Ross Ulbricht was called:
a. Black Onion b. BTC Market c. East India Trading Company d. Silk Road e. Worldwide Drug Emporium 10. Bitcoins can be divisible down to the eighth decimal point. What is that unit called?
a. Bit b. Satoshi c. Naki d. Shill e. Bitsat Intermediate Questions 11. Which traditional stock exchange was the first to list bitcoin futures contracts?
a. The New York Stock Exchange (NYSE) b. The Intercontinental Exchange (ICE) c. The Chicago Mercantile Exchange (CME) d. The Chicago Board Options Exchange (CBOE) e. None of the above. Futures contracts are only available on cryptocurrency exchanges like BitMex and Bitfinex. 12. The computers that find new blocks are called:
a. Accountants b. Miners c. Mitigators d. Associates e. Verifiers 13. Which of the following is NOT true about Bitcoin Cash, a fork from Bitcoin?
a. Bitcoin Cash was created over an ongoing debate within the Bitcoin community over scaling and transaction speed. b. Roger Ver uses bitcoin.com to convince new investors that Bitcoin Cash is the original bitcoin. c. Bitcoin Cash is commonly referred to as “Bcash” because (some) bitcoin proponents don’t want to give the forked currency the brand recognition that Bitcoin has accumulated since 2009. d. Bitcoin Cash uses the SHA-256 hash function (the same as Bitcoin). e. Bitcoin Cash removed its block size limit completely. 14. Where is the Bitcoin processing server located?
a. Washington, D.C., USA b. London, England c. Undisclosed location d. The United Nations votes on a new location every two years e. None of the above — Bitcoin has no processing server 15. What date was the Bitcoin network launched?
a. November 5, 2008 b. May 1, 2010 c. January 3, 2009 d. December 31, 2008 e. April 23, 2010 16. When was Bitcoin’s all-time high exchange rate achieved (as of 9/11/18)?
a. January 12, 2016 b. July 15, 2017 c. December 17, 2017 d. August 3, 2018 e. January 10, 2014 17. Which of the following statements is true?
a. Bitcoin is owned by the NSA. b. By 2030, all bitcoins will have been mined. c. Bitcoin has smart contract capabilities. d. Before Satoshi created Bitcoin, he and a group of developers premined roughly 1 million coins. e. Only select people can mine bitcoins. 18. How often, on average, can we expect a new block be found by miners?
a. > 1 second b. 2 minutes c. 10 minutes d. 60 minutes e. 6 hours 19. What is Bitcoin Pizza Day, May 22nd?
a. A day every year where people who hold bitcoin pay forward a random pizza to a stranger b. The day when a computer programmer, Laszlo Hanyecz, paid 10,000 bitcoins for two pizzas in 2010 c. The day Satoshi announced his favorite food is pizza d. The day Vitalik compared bitcoin’s security to that of a soggy pizza e. A day sponsored by Pizza Hut where you can pay for pizza with bitcoin 20. How many new bitcoins should be created each day with the current block reward, on average?
a. 2,200 except for February 29 on leap years b. 1,800 c. 5,000 d. 7,200 e. 150 Expert Questions 21. What is the difference between a soft fork and a hard fork?
a. A soft fork happens when the code of a project is copied with permission of the original developers. A hard fork happens when the code of a project is copied without the permission of the original developers. b. A hard fork is a backwards-incompatible protocol change because it makes previously invalid blocks or transactions valid. A soft fork is a backwards-compatible protocol change because it makes previously valid blocks or transactions invalid. c. A hard fork occurs when miners in a mining pool cannot agree on how the block reward should be divided. A soft fork occurs when miners in a mining pool collectively decide to change how block rewards should be distributed. d. None of the above. 22. What does ASIC stand for?
a. Applied Socioeconomic Investment Compository b. Application Specific Integrated Circuit c. Anonymous Spending Instrument for Cryptocurrencies d. Alternative Synthetic Interoperability Circuit e. Antiquated System for Implied Cryptography 23. What does an ASIC do for Bitcoin?
a. Allows consumer access to high-level investment information, similar to a Bloomberg terminal b. Allows users to trade cryptocurrencies between different blockchains c. Anonymously allows users to send cryptocurrencies that aren’t entirely private d. Performs one specific task of solving a mathematical problem in order to find a new block e. Allows developers to cross reference current technology stacks with older languages 24. Is Bitcoin truly anonymous?
a. Yes, people who use bitcoin cannot have their transactions traced by anyone. b. No, bitcoin addresses are derived from IP addresses. c. No, all transactions are recorded on a global transparent ledger that can be traced using analytical technologies. d. No, addresses openly show the name of the user. e. No, bitcoins can be linked to a user’s social security number. 25. What is SHA 256?
a. A secure hashing algorithm used by Bitcoin, originally designed by the NSA b. A set of rules that miners and nodes must follow c. A scheme devised by Craig Wright to convince people he is Satoshi d. An annual conference in New York for blockchain enthusiasts e. The language Satoshi and early developers used to communicate behind closed doors 26. What is a nonce?
a. An empty value in each block that is filled by the miner of that block b. Another name for a node c. A mining device faster than an ASIC d. A part inside a processing chip used in mining e. A name for a troll in Reddit forums 27. What is “difficulty” in relation to Bitcoin?
a. A measure of how hard it is to explain what Bitcoin is b. A measure of how difficult it is to find a hash below the target c. A measure of long it takes to send bitcoin between addresses d. A measure of how difficult it is for bitcoin to move a certain number of basis points e. A measure of how hard it is for Bitcoin to recover to its all-time high 28. What is multi-sig verification?
a. An older method of confirming bitcoin transactions now replaced by single-sig verification b. Verification that a user is allowed to hold bitcoins in a certain address by requiring multiple signatures from friends and family c. A form of verifying if someone is telling the truth by having multiple signatures from people monitoring the event taking place d. A process by which miners select which transaction to verify by having three other miners create a signature giving permission for the transaction to be verified e. A technology to verify wallets by requiring multiple signatures to process a single transaction with enhanced security 29. Bitcoin consumes roughly 1 percent of the world’s energy consumption. What does this mean about its security?
a. A malicious actor doesn’t need to consider the total energy consumption in order to successfully execute a 51% attack. b. Bitcoin is secure to the point that it would require approximately 0 .0001% of the entire world’s energy consumption to attack the network. c. Bitcoin is secure to the point that it would require approximately 1% of the entire world’s energy consumption to attack the network. d. A malicious actor would need 10 times the amount of Bitcoin’s energy consumption in order to successfully attack the network. 30. What is a Merkle Root in Bitcoin?
a. A hash of all transactions in a block that allows any specific transaction to be verified without downloading the entire blockchain b. A series of complex data that uniquely identifies the owner of an address c. A program designed by David Merkle that uncovers the largest inactive bitcoin wallets d. A cryptocurrency developed by the chancellor of Germany e. A part of a complex system of underground “roots” that power the Bitcoin blockchain How did you do? Answers:
  1. c. Satoshi Nakamoto
  2. a. The Bitcoin Whitepaper
  3. c. Mt. Gox
  4. d. 21,000,000
  5. c. Lightning Network
  6. e. To open a wallet, you must submit a request to the wallet provider.
  7. c. Blockchain
  8. b. false
  9. d. Silk Road
  10. b. Satoshi
  11. d. The Chicago Board Options Exchange (CBOE)
  12. b. Miners
  13. e. Bitcoin Cash removed its block size limit completely. (The limit is actually 32MB.)
  14. e. None of the above — Bitcoin has no central server
  15. c. January 3, 2009
  16. c. December 17, 2017
  17. c. Bitcoin has smart contract capabilities
  18. c. 10 minutes
  19. b. The day when a computer programmer, Lazlo Hanyecz, paid 10,000 bitcoins for two pizzas in 2010
  20. b. 1,800
  21. b. A hard fork is a backwards incompatible protocol change because it makes previously invalid blocks or transactions valid. A soft fork is a backwards compatible protocol change because it makes previously valid blocks or transactions invalid.
  22. b. Application Specific Integrated Circuit
  23. d. Performs one specific task of solving a mathematical problem in order to find a new block
  24. c. No, all transactions are recorded on a global transparent ledger that can be traced using analytical technologies
  25. a. A secure hashing algorithm used by Bitcoin, originally designed by the NSA
  26. a. An empty value in each block that is filled by the miner of that block
  27. b. A measure of how difficult it is to find a hash below the target
  28. e. A technology to verify wallets by requiring multiple signatures to process a single transaction with enhanced security
  29. c. Bitcoin is secure to the point that it would require 1% of the entire world’s energy consumption to attack the network. (side note: bitcoin mining, while energy intensive, can be done in an eco-friendly, even carbon-neutral, manner. And it’s getting better all the time.)
  30. a. A hash of all transactions in a block that allows any specific transaction to be verified without downloading the entire blockchain.
The article is from Bitcoin Magazine.
UEX official international group: https://t.me/uex_en
Twitter: https://twitter.com/UexComOfficial
Medium:https://medium.com/@UexOfficial
Facebook: https://www.facebook.com/uexofficial1/
Reddit:https://www.reddit.com/UexOfficial/
UEX customer service:https://uex.udesk.cn/im_client/?web_plugin_id=52234
submitted by uexbruce to UexOfficial [link] [comments]

The Bitcoin Blockchain Explained - YouTube Bitcoin Mining Explained in Detail: Nonce, Merkle Root, SPV,...  Part 15 Cryptography Crashcourse What is a Bitcoin nonce? - YouTube Nonce – Definition, Meaning, Review, Description, Example, Proof-Of-Work Bitcoin Bitcoin - Block Hash Nonce - YouTube

The puzzle used by Bitcoin is to find a value called a “nonce.” This nonce is created by combining the content in the proposed block to produce a new hash output that falls within a target range, such as a target hash prefixed with a number of 0’s. Due to the nature of hashing algorithms, the desirable output of a nonce can be computed only by brute force, i.e., guessing each nonce one ... Nonce is a 32 bit arbitrary random number that is typically used once. In Bitcoin's mining process, the goal is to find a hash below a target number which is calculated based on the difficulty. Proof of work in Bitcoin's mining takes an input consists of Merkle Root, timestamp, previous block hash and few other things plus a nonce which is completely random number. Even with a difficulty of 1 there is a 36.7% chance of not finding any valid hash in the entire nonce range (2^32). At 1 million difficulty there is a 99.999905% that you will not find a solution in the entire nonce range. Luckily any other change to block header allows you another 4 billion tries. – DeathAndTaxes Oct 28 '11 at 14:28. add a comment 2 Answers Active Oldest Votes. 28. The ... The definite lines however might also be they've split the nonce range amongst the nodes, i.e. running 4 nodes whereby nonces were spread from those 4. The way we see nonces at lower rates in early 100k blocks emerge is probably due to a single miner (or mining algorithm with a starting nonce of 0 and working up very quickly) finding statistically more blocks than other randomly started nonces. In Bitcoin's mining process, the goal is to find a hash below a target number which is calculated based on the difficulty. Proof-of-work in Bitcoin's mining takes an input consists of Merkle Root, timestamp, previous block hash and few other things plus a nonce which is completely random number. If the output results in hash is smaller than the target hash you win the block and the consensus ...

[index] [42362] [32794] [22563] [20013] [18580] [32664] [33799] [3017] [26646] [43780]

The Bitcoin Blockchain Explained - YouTube

Deshalb bekommt er derzeit 12,5 Bitcoin für jeden gefundenen Schlüssel/Signierte Seite/passende Nonce Das ganze Netzwerk versucht einen gültigen Block zu finden bzw. eine Seite in dem ... Forget the currency; it’s the protocol behind it that matters. Blockchains will mutate and take over everything we do on the Web. Trusting strangers with you... Try watching this video on www.youtube.com, or enable JavaScript if it is disabled in your browser. Bitcoin Mining Explained in Detail: Nonce, Merkle Root, SPV,... Part 15 Cryptography Crashcourse Part 15 Cryptography Crashcourse Dr. Julian Hosp - Bitcoin, Aktien, Gold und Co. Bitcoin nonce example: The "nonce" in a bitcoin block is a 32-bit (4-byte) field whose value is set so that the hash of the block will contain a run of leading zeros. The rest of the fields may ...

#