Topic: Satoshi Nakamoto's stack - page 2. (Read 23460 times)

It is safe to assume that 90%> of the coins mined on the first month is from satoshi alone, knowing that him and Hal were the first ones who worked on the project. I've read something in this forum a year or so ago about some estimates of the total coins Satoshi has on all of his wallets: 1.4 million bitcoins are from him, spread amongst thousands of addresses from the first year of bitcoin's existence. I do believe that most of these coins are already lost in the void unless Satoshi really plans on doing some things for them in the future and kept the private keys safely. In today's pricing, that would be a whooping $2.14B or more, which is not too bad for his magnum opus.

Guy you probably didnt hear anything because no one can share such. You would have read what majority have equally read about Satoshi at one time or the other that we tried to find more about the genius behind the project in which the whole world is currently rallying behind. But my question is even if you happen to find it, what will you do about it and more so, if Satoshi could keep that for himself when it even worth nothing, then he deserves our commendation because if he had known this will be the outcome as at today, he would have kept more.

Yes, except no.   As many aspects of the bitcoin cryptographic design, there are inconsistencies in the explanations of cryptographic choices, even though the system works, overall, very well.  But the "reasons" one invokes often as a "genius move", are contradicted by other elements where the "genius move" is not applied.

Here, one seems to claim that the choice of secp256k1 was a stroke of genius, because the secp256r1 curve could have been tampered with.  Well, this logic doesn't hold water, for the following reason.

1) two kinds of curves are published, the "random" ones, and the "Koblitz" ones.  In general, the fear with elliptic curve crypto (apart from the development of quantum computers which *totally* kills it) is that one has chosen a *particular* curve that has *extra* mathematical properties so that the difficult discrete log problem it formulates, has mathematical tricks to it that make it simpler.  Many such "weak" families of curves have been discovered, and one doesn't know if there will not be more of these curves.  Now, Koblitz curves are a very special kind of elliptic curve, but one hasn't yet (publicly) found any way to use their properties to break them.  But as they are special, people think that chances are higher that one day, Koblitz curves can be cracked, than "randomly" chosen curves.

This is why the standard published two sets of curves: Koblitz curves, and potentially safer random curves.  In fact, for the highest degrees of security, no Koblitz curves were published.   So NORMALLY, random curves would have been a potentially safer choice in the long run --> but bitcoin uses a Koblitz curve and hence, didn't use the argument for the "safer" random curve.  

2) however, in order for random curves to be truly random, the randomness of the curve should be checkable.  And the nasty thing with the SEC curves is that the "random number" comes from the hash of another "random number".... of which never an explanation was given.  So people then invented the possibility that these "random" numbers were in fact not so random, and give us, after hashing, a very specific mathematical curve of which nobody knows that they are weak, except for a few secret mathematicians at the NSA or something: a back door !  

Now, that's a good reason, if you're paranoid, to avoid these curves.  But is one then obliged to use the Koblitz curve variant ?

Answer: no.  Because that worry (that dates from end of the 1990-ies) of the ill-explained random curves was known, and other standard bodies DID publish good random curves, which have *provable* random properties, and are hence superior to the Koblitz curves as a matter of "potentially flawed".  For instance, the Bernstein curves, or the Brainpool curves.  These curves were published in 2006 or so, hence, before bitcoin's protocol was set up.

So, in as much as Satoshi had doubts about a back door in the secp256r1 curve (a worry that was published since years), instead of using the secp256k1 curve from the same guys, he could have used the brainpool random curves, which do not have this potential back door, because provably random.

Most probably, Satoshi chose secp256k1, because they allow for a *very efficient implementation* in the calculations needed.

Wine is then a currency too.  I could exchange a certain number of famous wine bottles for, say, a sportscar.  Collector stamps too.  Silver.  Iridium.  Famous paintings.  Anything that has value and can be bartered for something else, can then be seen as a "currency".  True.   

But to be called a currency, it normally also has to be able to act as a "unit of account".  Now, people pretend that bitcoin is a unit of account, and express relative prices in BTC (like other crypto).  But in reality, BTC is not a unit of account.  From beginning of 2014 to 2015, it fell a factor of 6 in value.  The last year, it rose a factor of 5 or so.   You can't write a contract in such a "unit of account".  In another thread, I gave the example of a cleaning company, and an another company, the other company making a contract to clean their offices for the next 5 years with the cleaning company, for a price of $5000,- a month, say.   This contract cannot be signed when the price is said to be 3 BTC a month.  Because nobody knows what value BTC will have during these 5 years.  If it rises like crazy, the company will have its offices cleaned for the highest amount in town.  If BTC crashes, the cleaning company will clean the other office for near to nothing.

BTC is not a unit of account, because there is no mechanism that tries to keep the inflation/deflation of its price within reasonable boundaries (on the contrary: BTC is designed to be extremely deflationary).

However, it for sure is a mobile value that can be transacted relatively easily, subdivided in fractions, and is relatively fungible for the moment.  So it does display certain monetary aspects.  But it is not a genuine currency, because you cannot express prices in it without referring to a real unit of account (such as $).


Nope.  You shouldn't confound a greater-fool game with "hedging against fiat currencies".   And using crypto to replace physical cash is going to be much more difficult than you think, because you will still need to go through exchanges and the banking system ; and whenever "legal" companies accept crypto, they will have to report your crypto transaction, and you will potentially be asked to explain where your crypto came from.   In other words, to replace cash with crypto, you will have to have a closed economic cycle, entirely based upon dark commerce.   If you will go to a legal shop that accepts crypto, and you want, say, to buy an i-phone with bitcoin, you will be requested to give all your ID information, linked to that transaction.  Whenever you do your tax declaration, authorities will know that you spent such a bitcoin, and so you will have to have explained how you got it in a previous declaration.  If ever you pay with a bitcoin that you didn't declare as an income before, you will have to explain and pay a fine.

The only thing that you truly can do with crypto, is to buy stuff on dark markets, and sell stuff on dark markets.  For instance, maybe you want to buy drugs, and maybe you are willing to sell the service of homicide.  If for a killing, you can get, say, 100 BTC, then you can use those to buy drugs on dark markets.  Because then, the dark economy is entirely closed.  But once you will use it in the "white circuit", you're just as screwed with crypto than you are with a bank account.
And anon coins won't help, because it is not the chain that will be analysed: it is the act of buying that will automatically be linked to you (AML/KYC), and you will have to explain how you got it, which is necessarily a form of income.


This, to me, is the ONLY TRUE crypto currency application that makes sense.


A currency has to be a unit of account in the short term ; a store of value needs to be a unit of account in the long term.  BTC is neither.  It is a highly speculative asset where the hope of the participants is that it is going to be eternally deflationary.  This is known as a greater-fools game.  But that game can take a very long time, and in the mean time, it is a very beneficial speculative asset.

But the thing it has been doing well since many years, is exactly that: a highly speculative asset.

his tokens reminds me

Satoshi’s Genius: Unexpected Ways in which Bitcoin Dodged Some Cryptographic Bullets
https://bitcoinmagazine.com/articles/satoshis-genius-unexpected-ways-in-which-bitcoin-dodged-some-cryptographic-bullet-1382996984/

I can really, really assure you that quantum computers are not of much use against hashes (contrary to public key crypto), and that all current bitcoin addresses are of exactly the same cryptographic security as those of Satoshi.

It is true that Segwit intends to increase the security, at least for those people converting their stash in to segwit-bitcoin.  But for the moment, that's not active.



I guess the ethereum foundation possesses the name "ethereum" but I'm not sure.


I think bitcoin will get segwit indeed, once it is not the dominating crypto any more and its brand name is not so much worth any more, and/or if it becomes fully centralized, so that the few people commanding bitcoin can sit in a room and come to an agreement, like they did with litecoin (which, by doing so, proved it was centralized).  Until then, bitcoin should remain immutable.