Topic: This message was too old and has been purged - page 6. (Read 12669 times)

This message was too old and has been purged

I like the idea of an alternative to blockchain. The only example I know of is the safenetwork. In that case it really will be advantageous. If I was directing this ship I would use this coming network along with others as a platform to develop all the characteristics we want for our coin. Temporal Instant Market Exchange built in to manage multiple computing resource backed coins. Effectively making elastic coin glue for different currencies focused on different aspects of computing. In this case most of the development is done already.   

Great, thanks!   

Seems like my question was overseen:

Btw there is an interesting discussion on alternatives to the bitcoin blockchain approach, which includes some discussion of DAGs, here: https://bitcointalksearch.org/topic/decentralized-crypto-currency-including-bitcoin-is-a-delusion-any-solutions-1319681

I don't really understand a lot of what you're saying, but I must have been right about it being a DAG that Iota uses because I've also seen it described as a 'tangle'.

I definitely don't think ELC should use their technology wholesale, not least because the have no real PoW, or PoS or anything. Instead, and I'm not really a reliable source so I hope I'm right on this, each node is equal and must only perform a very small amount of PoW in order to submit a transaction.

The reason I mention it is because it was said that a possible solution of FAA is for it not to matter who is fastest. In Iota I think instead of having 1 person win the right to build the next block, and to have them do so by building on the longest chain, the network is able to store multiple possible chains and have multiple participants (in their case any node on network) select what they think is the best chain.

Although the Iota guy definitely knows what he is talking about, I also think that not everyone who knows what they are talking about agrees that this is a safe way to build a cryptocurrency network. In our case, however, I was just wondering if this shows a general principle by which miners could win the right to participate in consensus and be rewarded for it without it making any difference how fast they perform the work, but instead just worry about finding a way to check how much work they have done. Perhaps a miner becomes a masternode of some kind, able to take any transaction and confirm it as long as they have performed over a threshold level of PoW since the last time they did so.

Cool It is back to showing my balance proper. I expect this project will get on better footing in time. We all know this was rolled out poorly but it can be salvaged.

It now shows my donations as zero btc spent and negative 5400 something coins had positive 14000 when it showed my contribution. I want to see this worked out but does anybody that knows what is up want to explain?
EK thanks for response I will stand by for update

Yes, the attack I described later in the post.  S is the buffer, which the attacker can keep constant.


You seem to be confusing SHA-256 the algorithm, with SHA-256 the function.  There are an infinite number of algorithms which compute SHA-256 the function, but we assume none are supra-linear because if such existed, collisions could be produced.

Consider the following generalisation of the "mid-state" optimisation.  Let T be a string of length(s+c).  Suppose s bits of T are fixed, while c of them vary randomly.  These c bits must be in well-defined (i.e., computable) positions within T.  You lose nothing if you assume they are all a fixed distance from either the beginning or the end of the string.  The idea is that we find a function f(T) which reads only the fixed bits of T and produces some fixed length output, and another function g(T,f(T)) which reads only the randomly varying bits of T, as well as the output of f.  Finally suppose g(T,f(T)) = SHA-256(T) for all T.

If such f and g exit, then g is particularly well-behaved.  the number of bits in its input that it actually reads does not depend upon s, so a machine with random access to memory will have an algorithm to compute it whose running time is O(1).  A look-up table would work.  The complexity of f will be at least O(s).

If we can find algorithms to compute f and g, then we compute f once, (It may take a long time), and g (which is quick) over and over, so to be provably secure, we need to prove one of the following statements:

1.  No such f and g exist.
2.  f is not computable.
3.  No feasible algorithm for f exists
4.  It is not feasible to find a feasible algorithm for f.

Can you prove any of these things?  I can't.

Having said all that, this is of purely theoretical interest.  An attacker does not need the additional speedup that this construction would give him.  "My scheme" is dead already from the attacks I have already described.

No I am no expert in quantum safe cryptography but I found in quick search several approaches to that. I have a more pressing concern though the crowd sale page is showing only 3.32 btc  spent?? glitch or major redemptions?

By strange coincidence, two subdiscussions have merged.

I've been reading this paper on DAGs, which contains a useful section on the threat posed by QC.  I was stunned to discover that Bitcoin miners are currently hashing at a rate of 2^68 nonces per block.  I had no idea of the power.  That turns the vulnerability I discussed in this post, which I thought was only theoretical, into a reality today.  That attack would have required only 2^64 hashes on average.  Don't worry, I think we are far away from Lionel's paper so this won't be an issue.

With QC, the effective width of a hash function is reduced from half the number of bits, to a third. So SHA-256, classically brute-forceable in about 2^128 hashes via the birthday attack, reduces in difficulty to about 2^85.  A back-on-an-envelope calculation shows that an attacker with the power that all the bitcoin miners put together have today, but quantum, could brute force a 256-bit hash collision in about forty years.

We're gonna need a bigger hash.

We already had a discussion about this in the old thread, which you started.  If there is something you think has been left unaddressed you will need to ask a more specific question.

By which I meant that I knew what a DAG was in the context of graph theory, not in the contest of cryptocurrency. See, I just accidentally gave the impression of more knowledge than I have.

I've have now read the DAGcoin white paper.  My conclusion is that it is brilliant, but it is not a technology we can use for our purposes here.  DAGcoin uses a distributed PoW work scheme.  Instead of a few miners doing a lot of work, each transactor becomes a mini-miner, doing a little work to confirm his transaction.  We cannot possibly run a user supplied program that way, and even if we could, FAA would probably rear its ugly head.

But even if we could use it, I would argue against it.  DAGcoin is cutting-edge.  The problem its developers face is how to make exciting new technology work.  Ours, in my opinion, is to make boring old technology useful.

We need research programs like DAGcoin, and I wish them well.  But it's not for us.

Not modest, just honest.  It's easy to create the illusion of knowledgeably if you have a little knowledge about a range of topics.  You just say "I don't know much about foo, but bar is yadda yadda yadda", and you go on for five pages, then people think "this is a smart fellow who knows all about bar" and they forget that you said that you don't know much about foo (In fact, you don't know anything about foo), and you didn't mention baz, you've never even heard of qux, and that even five pages on bar is barely scratching the surface.  This is me.  Ontologies?  I've heard of them.

My knowledgeability is fractal.  There are great big gaping holes.  And if you zoom in on the areas that look solid, you find lots of little holes, and so on down to every level of magnification.

Please do not build me up into a computer genius superhero.  I really am just a guy on the internet.

This message was too old and has been purged

Maybe stupid question: I sent BTC from my Electrum wallet. What do I need to claim the ELC later? Is the seed enough?
When I export private keys I get numerous BTC addresses with their corresponding private key. Will I need them?

Its not just that, BOINC projects are fragmented communities of volunteers, but if there would be a huge amount of computing power ready to be used, people can work on posing more questions in a way that computation can solve. Cryptocurrencies are enough to provide a basis for such a network, but the next step would be to figure out the economical viability of BOINC-like projects that seem impossible for markets as they don't generate immediate exchange value.

I bet that if you design this coin with a way to do multiple merged mining easily for everybody you would have your main attraction for it's adoption.
Edit: P.S. EK it is possible protect it from quantum computation and even design room for it into future mining functions.

Evil-Knievel please contact me, i sent a private msg about blockcahain.info's beta-wallet