Topic: Gold collapsing. Bitcoin UP. - page 557. (Read 2032291 times)

ofuckyeah!  My mail on an android tablet does this (which is why I don't even do real mail on Android or Windows.)

Lemme just follow up on that briefly for the benefit of those here who are not so mentally adroit (e.g., cypherdoc, justusranvier, etc.)

I wrote that after reading about the BitPay layoffs.  This is an indicator that it's starting to dawn on the VC types that they've been shucked by us geeks (and the last half year of charts indicates something similar.)  It's probably not monetary loss which stings as much as being ridiculed by their peers.

Anyway, I read this as a strong alignment of the tea leaves showing that we may be in for more hard times for a while.  The low hanging fruit has been plucked.  It was fun, but now it's time to knuckle down and let Bitcoin build on it's true strength as a solid reserve currency.  I just hope it's still possible.  If it is it will be a monster pay-day for us hodlers.  If it's not, oh well...it was a fun ride.

I understood "there has never been [a loss due to reused K value] in a proper implementation".

Mother of God!  Any address controlling more than 100 BTC keeps me up at night.  And I only got lazy and bumped things up to that value because BTC got into the single digit $/BTC.  It's not the crypto that bothers me as much as other more course failure modes and the desirability of distribution.

 edits - slight adjustments.

I am completely shocked that you of all people are making this claim gmaxwell. Reusing a K value is against the DSA signing algorithm's specifications. Reusing a K value is an incompetent implementation by definition. There have been multiple instances where BTC were lost because bitcoin client software reused the same K value for different signatures on the same address. If you do so you're guaranteed to find that address emptied fairly quickly, based on past instances it seems there there network monitors actively watching for this exact situation.

Bitstamp COLD wallet !!!
https://blockchain.info/address/1JoktQJhCzuCQkt3GnQ8Xddcq4mUgNyXEa

address reused endless 5 times ... and this address holds "Final Balance 125,056.91900661" BTC !!!

The thread was created for trolling (notice the title and location) and that's often what happens, but it can be hard not to slip up sometimes.

There never has been a single 1e-8 btc lost due to reused/bad K ... in a competent implementation. The places we've seen lossage have been implementations which were horrific in other ways as well (like only having 32..48 bits of randomness total)... ultimately, if you can't generate strong random numbers you're going to be utterly screwed in any case, because your private keys themselves will be predictable. It's more important for embedded/hardware implementations which are more likely to suffer from randomness problems and are easier targets for attack. (e.g. tampering with the supply chain for all server hardware in order to backdoor Bitcoin Core is probably much less attractive than going after the supply chain for a hardware wallet). So while derandomized signing is a good practise because it aids auditability and _maybe_ reduces the space for incompetent implementations to screw up a bit, in someplace like Bitcoin Core I don't generally consider it very important (though, we did it in any case; in part to set a good example).  I had proposed the ecosystem switch to it, back around when BIP 32 was announced, but we hadn't switched to it in Bitcoin Core yet because derandomized signing basically requires replacing what OpenSSL does. (OpenSSL does have a non-standard quasi 6979 implementation in its source repository-- for a long time I'd hoped to pick that up-- but its never made it into production for some reason.)

With respect to the side-channel attacks. It seems to be impossible to convince people of the non-wisdom of running critical cryptographic software on commodity shared-hardware virtual machines; just like it's hard to convince them to stop reusing addresses. Especially when coupled with the fact that the parties doing this are usually handling third party funds, it seems like disaster waiting to happen in a number of respects. With flush+reload boosted side-channel attacks being successfully performed against OpenSSL for our curve with a surprisingly small number of queries, I did consider that fairly concerning.

The distinction is that getting the signing nonces right is a process that can be secured one time for all users by auditing the software; but making sure users don't deploy in a side-channel vulnerable way is something that must be done for each and every user and doesn't really scale. The possitiblity of side-channel attacks is very surprising to people so they don't tend to do much to secure against them. Better to just close the sidechannel.

(also, wtf is with this thread? it seems like five threads merged together. It's impossible to read; I never would have found this post except by pure chance.)

They have absolute need for a reserve currency because it eliminates the need for such backing as POW or POS.

Now they still will need POW, but only to support Bitcoin.  Not (necessarily) to support their own core infrastructure needs though many probably will leverage this anyway.


That is in no way clear to me.  With activity of the magnitude I'm visualizing individuals just exercising the peg to the backing store could be significant not to mention the various balancing that the multitude of sidechains will be wishing to perform on the actual backing store itself.  Also, of course, I see a role for individuals and organizations using native Bitcoin raw, but mostly just for critical or 'difficult' tasks.

One way or another, pushing up into where the transaction fees are a factor before trying to push a harmful and potentially devastating hard-fork makes a lot of sense to me.  If the 'new paradigm' that Bitcoin transactions are ever-subsidized for nearly free use by the masses is where people's heads are at, they should say so.  Piss or get off the pot.  It's disgusting and embarrassing to see these supposed 'principles' of Bitcoin be milked for marketing reasons long after they've exceeded their shelf-life and become absurd.

i never heard of why the Mystery Miner of a coupla years ago failed mining 0 tx blocks.  any ideas?

Didn't you get the memo, we are all going to live off of perfectly stable wind/solar power and unicorn farts for now on.

The energy sector still has a way to go down, but it will be time to reload energy stocks in a bit (after a round of bankruptcies and defaults). The current supply/demand imbalance will not knock out US energy which has more than enough of a capital base to ride this out, but will severely damage supply from dystopian basket cases such as Venezuela (the country of my birth) and Iran.

the problem here is that when the price doesn't conform to ppl's expectations, low level thinkers like tvbcof & even high level thinkers like Adam, begin to believe that there is something wrong and start thinking they're smarter than Satoshi and start proposing all sorts of hair brained "solutions".  this is just another of many repeated sufferings we all have to endure.

Bitcoin is not very competitive for buying coffee, but that isn't the only thing people do with money.

It's quite competitive for international remittance, black market activity, and micropayments. In some cases, bitcoin is the only method that works at all. Those markets alone are absolutely massive expansion territory for bitcoin.

The reason bitcoin hasn't hit the 1mb limit has little to do with the network itself, and much more to do with the shitty state of personal computing.  Keeping high-value secrets was not what any of it was designed to do. Everything bitcoin needs for that has to be built now. A lot of progress has already been made. There's no reason it won't become easy enough for anyone to do.

However many transactions per second fit in a commodity internet connection, that's how many it will have, certainly much more than 7tps.

If you think bitcoin can succeed as a bank settlement network, you might as well sell now, because it's never going to work. The whole point of bitcoin is censorship resistance, do you really think banks and governments and payment processors see that as a valuable feature? They're the censors! If individuals don't have access to bitcoin, it will die, they're the only ones who could possibly care about it.

Unfortunately, the 7 tps is an old estimate, and the reality of large blocks is that 2400 tx is maximum, or 4 tps. However, even this is too large because some miners still turn out near empty blocks, and would do so even if the network had a severe backlog. So 3 tps is a more accurate working number.

Side chains are not even the slightest bit needed to use BTC as a reserve currency. It's nearly prefect the way it is. 7 tps is plenty for that. Probably an order of magnitude or two overkill in fact.

Did I stutter?  'cause I don't think I did.

Say what?

Bitcoin has clearly failed in an 'exchange' role as evidenced by still not needing to fiddle with the 7 tps transaction rate (1MB block size) and not being on a trajectory to need to do so any time soon.  The reason for this is abundantly clear and I've been saying so for years:  Bitcoin is simply not competitive in this role.

Bitcoin could be, however, extremely competitive in the role of a reserve currency.  But if we are relying on a foundation of 'subversion and failure could happen, but has not yet so maybe it never will', this detracts hugely from it's potential value as a reserve currency.

The pipe-dream of using Bitcoin as an exchange currency has unsurprisingly sucked in a school of intellectual herring, but more surprisingly also a bunch of VC predator food-chain class who I would have not expected to be such dullards.  This has been great for my pocketbook, but their utility is nearing the end-point.  Now is the time to appreciate the true value of Bitcoin and work toward preserving what remains of it and unrolling the damage done by centralization.  This is what sidechains mean to me.

looks like i am gonna get my chance at reloading