Protocol documentation - Bitcoin Wiki

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

Digital Dollar, FedNow, CBDC, the central banks spending and global push for more control through digital currency.

At the beginning of the Covid-19 outbreak a few interesting things happened. China introduced the "Digital Yuan / RMB" And in April the "Digital dollar" was proposed in the first stimulus bill here in the USA. And they haven't stopped talking about it since. High tables from the White house Financial committee, Federal Reserve, US congress. Aiming to have a digital currency working as early as 2021 to provide UBI / Universal basic income to the masses, all while being able to track, freeze, limit, manipulate spending throughout the economy. Starting to sound rather like a "Black mirror film" isn't it? Well...China has taken it a step farther with their "Social Credit system" watching and controlling nearly every aspect of life. . . but we're here to talk about currency. How could this even happen in America? Well, to start
All of the above is a partial list of factors devaluing the Dollar and trust in it from several ways and views. At the end of the day it has a huge amount of enemies, that are all looking for ways to get out of it.
Some of what I'm seeing personally.
It is a death spiral for the working person, where it used to be "No more than 30% of your wage going to housing" It is now well over 50%....Just look at this recent post in Frugal https://www.reddit.com/Frugal/comments/ifqah1/is_it_normal_for_a_third_to_a_half_of_you?utm_source=share&utm_medium=web2x&context=3
This death spiral I foresee getting worse. And historically any "tax" / regulation cost will just be passed down to the consumer in form of increased prices until people / businesses move elsewhere as we've seen in several cities around the US.

So what can we do? Buy Gold! Silver! Bitcoin! Stocks! I hear people roar, They aren't exactly wrong as history shows... but have you considered the 30-40% tax on the "gain"? Even when that asset buys the same value before tax? What if the government makes it illegal like the 1933 order: 6102 Where you couldn't own gold for nearly 50 years? You're frozen out, or even out on taxes (which will likely be more strict and controlled later in time).
I'd say Invest in things that will
Metals are the next step when a person has plenty of the above. You get to a point where you have hundreds of thousands, if not millions that you need to condense into something real.
It is all about the savings or productivity gain of the investment. For instance I would wager that many preppers have gotten more use / value out of a $800 clothes washer than a $800 rifle. (have you ever had to do manual laundry???) Sure the rifle will hold value...but it often doesn't pay you back with time / what it saved and / or what it has produced during its life unless you are using it. Same can be said of security cameras, a generator, a tractor, trailer, garden, tools, ect.
Look at history even, in countries that have experienced hyperinflation people that already had tangibles they regularly use were way ahead. It could even be honey, a tool, extra maintenance parts, can of food, that bottle of medicine, a computer to keep your intel on point, (cough # PrepperIntel plug) use of your equipment to do or make something for someone. Real Estate is good too, it rides inflation well and has many ways of being productive.
Your metals could be sitting there like the rifle, and could be subject to hot debate and laws. Meanwhile that garden is paying back, chainsaw is helping saw up wood, or your tractor is helping a job, your tools just helped you fix something / saved you much loss, Your security stopped a loss not by a person, but an random animal stealing things. Or that $25,000 solar array is paying you back by the day in spades...while making you independent...running all your tools you're using to make things to sell, and even heating / cooling some of the house with the extra juice while places around you experience rolling blackouts. You were even smart and took the current 24% tax benefit the government has saving you $5000 on it for batteries. Don't get me started if you have an electric vehicle with solar... I'm rambling at this point...and all those stealthy / direct and passive background savings...even if the crap doesn't hit the fan.
So anyways, With out of control central banks and big governments, digital currencies, How do you think it will play out? Are we heading to dystopia?
submitted by AntiSonOfBitchamajig to PrepperIntel [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

12$ pour interagir avec le protocole : les frais sur Ethereum explosent et sont inarrêtables

Ethereum est la blockchain la plus utilisée à ce jour, mais les frais sur celle-ci viennent d'exploser un triste record avec des frais à 12$ en moyenne pour interagir avec le protocole, du à une utilisation supérieure à 90% de la capacité depuis mai 2020 et un manque de capacité à passer à l'échelle alors que la demande continue à croître.
Cela rappelle la situation de BTC en 2017. A cette époque les frais de BTC avaient atteint les 54$ de moyenne par transaction. L'ironie est que quelques mois avant cette hausse, le créateur d'Ethereum s'était moqué de BTC parce que les frais atteignait les 0.05$, il avait alors annoncé: "La monnaie d’internet ne devrait pas coûter 0,05$ par transaction!". Comparez ça aux frais d'Ethereum à $12 aujourd'hui.
La vérité est qu'Ethereum ne passe pas à l'échelle, que ce soit ETH 1.0 ou la promesse d'un ETH 2.0 qui ne sera au mieux qu'une fuite en avant pour acheter un peu plus de temps avant de retrouver les mêmes problèmes.
Mais pourquoi Ethereum ne peut pas passer à l'échelle ?
La réponse est simple : à cause du proof-of-stake (preuve d'enjeux) et de l'account-based-model (modèle basé sur les comptes) qui sont la base de sa philosophie.
Le proof of stake ne motive pas les stakers, qui bloquent leur ethereums pour pouvoir miner des blocs, à investir dans du meilleur matériel & dans une meilleure connexion qui serait nécessaire pour permettre au réseau de passer à l'échelle.
Ensuite, l'accounting-based model d'ethereum, qui gère chaque adresse comme un compte en banque, empêche la technologie de portefeuilles de validation simplifiée (SPV) qui est possible sur Bitcoin et le seul moyen de passer à l'échelle massive une monnaie digitale décentralisée.
Le créateur de Bitcoin avait déjà prévu cette évolution et à conçu Bitcoin pour passer à l'échelle à l'infini grâce à un modèle novateur appelé UTXO-based-model, qui est un modèle basé sur les "sortie de transaction non dépensées", ou plus simplement similaire aux pièces et billets que vous avez dans votre portefeuille, mais en version digitale.
BTC, maintenant Ethereum, des frais qui explosent sont-ils le futur de toutes les cryptos ?
En quelque sortes, oui. Voilà ce qui arrive quand on est sur une blockchain qui ne passe pas a l'échelle comme BitcoinSV (BSV).
Et encore ça pourrait être bien pire, explication: L'explosion des frais ETH est surtout due à ce qu'on appelle la DeFI (regroupement de cryptomonnaies sans valeurs, appelées "shitcoin", sous l'écosystème Ethereum) qui génère plus de transactions qu'à la normal auprès de la blockchain ethereum. Presque tous les projets DeFi ont été créés par des individus qui forcent continuellement du code pour créer des pièces de monnaie dont la valeur monte en flèche et redescend parfois à vitesse lumière car ce sont évidement des stratagèmes de Ponzi en masse. Quoi qu'il en soit, ces schémas de Ponzi sont populaires car ils rapportent à leurs créateurs des gains presque garantis à court terme au détriment des actionnaires qui se font complètement arnaquer en masse et souvent sans recourt possible.
Cependant, ces tokens sur Ethereum n'ont pour la plupart absolument aucune utilité, utilisation ou avenir réel. En d'autres termes, Ethereum et DeFi n'ont pas de chemin à long terme vers la rentabilité car la façon dont Ethereum est géré et commercialisé n'encourage pas un état d'esprit productif ou progressiste. C'est aussi pour cela que les frais augmente, imaginez si 7 milliards d'utilisateurs devaient se servir d'ETH en même temps comme moyen de transfert. Et bien il faudrait 37ans pour obtenir une confirmation réseau et les frais ETH pour un transfert immédiat serait alors multiplié par X100000!!!
La cryptomonnaie est-elle prête à accueillir le monde entier ?
Comparez à BitcoinSV qui avec ses blocs sans limite, son écosystème, ses frais infimes ($0.0002 par transaction en moyenne alors qu'il gère déjà 50% du volume d'ETH), et sa technologie SPV peut largement accueillir 7 milliards d'utilisateurs et bien plus encore (transferts IOT, push d'apps d'intelligence artificielle, etc).
Mais ça peu de gens savent ou ne l'accepte dans la cryptosphère qui est parfois rongé par la cupidité, la jalousie et une psychologie très tribale. Si vous gravitez dans l'atmosphère de BSV vous constaterez qu'elle est libéré et vacciné contre ce cancer des manipulations multiples et est surtout taillé pour chaque habitant de notre si belle planète, même ceux débancarisé.
Des exemples d'applications Bitcoin que vous pouvez essayer dès aujourd'hui gratuitement ?
Découvrez Twetch ou Baemail ou découvrez toutes les applications Bitcoin sur le MetaStore
_____
image : https://i.imgur.com/63jNM1d.jpg
submitted by zhell_ to BitcoinSVFrance [link] [comments]

«Les blockchains ne passent pas à l'échelle» - vraiment?

Il y a une rhétorique dominante parmi les passionnés de monnaie numérique et les «personnalités» qui disent que «les blockchains ne passent pas à l'échelle» ou qu'elles ne le font pas bien. C'est cette rhétorique qui a convaincu un grand nombre de partisans de BTC à se rallier derrière le mantra "offchain" c'est-à-dire «en dehors de la blockchain». Année après année, nous voyons des conférences sur la blockchain discuter des merveilles de la technologie, et dans le même élan, elles déclarent que sortir les données de la chaîne est en quelque sorte une bonne chose.

Pour beaucoup de ces personnalités qui ont passé d'innombrables heures à lutter contre l'écriture des données sur la chaine, Bitcoin SV représente un adversaire qui remet en question toute leur philosophie. C'est pour cette raison que vous entendez des gens comme Adam Back déplorer les réussites atteintes par BSV; ce qui prouve leur hypocrisie un peu plus chaque jour.

Alors que les partisans de BTC estiment que seules les transactions monétaires devraient être écrites sur la blockchain (et que seules ces transactions sont précieuses), Bitcoin SV accueille toutes les données du monde, et les considèrent toutes comme précieuses. Vous ne pourriez pas avoir une opinion plus opposée sur un sujet.

Quelque part entre ces deux façons de penser opposées se trouve la multitude des altcoins, chacune se considérant digne d'enregistrer un certain type de données bien spécifique. Mais aucun autre projet n'englobe l'ensemble de toutes les données en leur accordant de la valeur.

La philosophie d'une blockchain n'est qu'une petite partie du puzzle. L'essentiel est que la philosophie soit entièrement soutenue par des prouesses techniques. De toute évidence, comme nous l'avons vu maintes et maintes fois, BSV continue d'exploser des records historiques en nombre de transactions.

Rien qu'en jetant un oeil aux métriques, BSV apparaît comme le roi de la technologie blockchain. Laissons de côté les promesses de capacités futures (surtout étant donné que l'écosystème blockchain est criblé de fausses promesses) - et concentrons-nous sur le classement actuel.

https://imgur.com/mcFSYat

Le graphique ci-dessus n'est pas basé sur des résultats théoriques de laboratoire. Il s'agit d'une métrique de ce qui a été démontré jusqu'à présent dans le monde réel, sur une blockchain publique, et en direct.

Techniquement, si vous ne regardez que les statistiques de la blockchain, BSV a enregistré plus de 3500 transactions par seconde (TPS). Cela s'est produit avec le record du monde de l'entreprise TAAL établissant un block de 309 Mo. Cependant, ce nombre a été intentionnellement omis du graphique car le traitement par TAAL n'a pas été effectué dans des circonstances habituelles.

Ensuite, il y a le réseau Bitcoin SV STN, qui est un réseau de test spécialement configuré pour tester l'évolutivité de Bitcoin. Celui-ci a récemment culminé à plus de 2400 TPS.

https://imgur.com/3bhqO5l

Mais comme le dit Daniel Connolly, développeur principal du logiciel Bitcoin SV Node, ce ne sont pas les performances de pointe, mais plutôt les performances soutenues qui sont importantes. Examiner les performances de pointe est une fausse mesure de la sécurité, que de nombreux projets utilisent frauduleusement. Mais même ainsi, sur le STN, BSV a atteint une performance soutenue de 1426 TPS pendant 8 heures. Un record.

Sans aucun doute, les opposants qui voient cela ne tarderont pas à sauter dans le train des «promesses». Oui, c’est vrai qu’Ethereum à une future version "Casper" qui prévoit d'augmenter son débit, et Cardano a des améliorations prévues aussi… mais et alors? Pensez-vous que les ingénieurs de nœuds BSV sont assis à se tourner les pouces en attendant? BSV a le projet Teranode en développement qui éclipsera les chiffres actuels avec des blocs de plusieurs TeraOctets. Mais ne nous laissons pas trop emporter par les promesses - je les méprise comme personne.

La philosophie de BSV de passer à l'échelle rapidement signifie que les nœuds ne sont pas des machines pour amateurs. Le refrain de BTC selon lequel «tout le monde a besoin de gérer son propre nœud» est un moyen sûr de s'assurer que votre blockchain ne passera jamais à l'échelle.

BSV est résolu à se retrouver dans des datacenters - et fidèle au livre blanc de Satoshi Nakamoto, il permet aux utilisateurs d'être de simples utilisateurs. BSV n'essaye pas de forcer les utilisateurs quotidiens à devoir tenir un registre de l'historique complet des transactions de la blockchain, comme ça semble être l'obsession de BTC. BSV souhaite que sa blockchain héberge le futur d'Internet, que nous avons baptisé le «Metanet». Personne aujourd'hui ne s'attend à ce que vous ayez l'intégralité d'Internet sur votre ordinateur à la maison, et Bitcoin ne s'attend pas non plus à ce que vous ayez l'intégralité du Metanet chez vous.

Les utilisateurs peuvent alors être de simples utilisateurs - et ils peuvent toujours fonctionner en toute sécurité à l'aide de preuves appelées "SPV". SPV signifie "Vérification de Paiement Simplifiée", c'est une méthode que Satoshi Nakamoto a décrite pour la première fois dans le livre blanc de Bitcoin. À l'échelle mondiale, les portefeuilles SPV sont une nécessité absolue. Le concept est simple, mais les détails de la méthode ont été omis par Satoshi, et l'entreprise nChain détient maintenant le brevet decette méthode. Cela garantit la protection de la technologie SPV au protocole Bitcoin original qui survit sous le nom BSV, et assure son avenir pour le passage à l'échelle.

Selon le directeur scientifique de nChain, le Dr Wright: «Les utilisateurs du système sont uniquement tenus de conserver une copie de l'en-tête des blocs auxquels ils peuvent comparer leurs transactions. À l'heure actuelle, l'en-tête d'un bloc a une taille inférieure à 50 Mo. De nombreux fichiers d'image dépassent cette taille. La croissance de ces données est linéaire, alors que le système Bitcoin évolue par la loi de Moore et donc de manière exponentielle.»

En d'autres termes, les portefeuilles Bitcoin de tous les jours, comme celui sur votre smartphone, resteront toujours utilisables quelle que soit la taille de la blockchain, et ce tout en restants sécurisés.

Et comme nChain détient le brevet de cette technologie, si une autre blockchain souhaite évoluer à l'échelle mondiale et éviter d'une manière ou d'une autre que chaque utilisateur doive faire tourner son propre serveur de noeud, elle devra trouver une nouvelle façon de le faire. On leur souhaite bonne chance.

BSV a avancé à pas de géant face à la concurrence, et il ne fait aucun doute que beaucoup d'entreprises dans le monde qui s'intéressent à la blockchain commencent à en prendre conscience. Il n'y a qu'un seul projet blockchain qui a non seulement prouvé sa volonté d'évoluer, mais qui l'a démontré par des records historiques, et a également protégé son avenir avec une série d'inventions et de brevets.

inspiré et traduit de l'article en anglais: https://coingeek.com/blockchains-dont-scale-except-bitcoin-sv/
submitted by zhell_ to BitcoinSVFrance [link] [comments]

Difference between smart-contracts and nodes

Difference between smart-contracts and nodes
Greetings. 🤗 In this post we will tell you about the difference between a node and a smart contract.

❓ What is a node?

A node is any computer that is connected to a blockchain network. Simply put, this is the point at which messages can be created, received, or transmitted. For a bitcoin network, for example, there are full nodes, supernodes, miner nodes, and an SPV client.

❓ What is a smart contract?

Smart contracts are computer data transfer protocols that use mathematical algorithms to automatically complete a transaction after meeting established conditions and complete process control. The protocol is used to enter all the terms of the contract concluded between the parties to the transaction in the blockchain. Obligations of participants are provided in the smart contract in the form of "if-then" (for example: "if Party A transfers money, then Party B transfers the rights to the apartment"). Once these conditions are met, the smart contract independently performs the transaction and ensures that the agreement is respected.

❗️ Thus, the smart contract is the action that takes place, and the node is the place where this action takes place.

💡 The Relictum Pro innovative approach

✔️ The distinctive mechanism is as follows: only the hash of one event (transaction) is recorded in the block, and it cannot be changed. Thus, all kinds of collisions are swept aside. In addition to recording the event hash into the block, when forming a new one, the entire hash of the previous block and + integer value is taken (we put the sequential block number in front of the block). There is a main chain of blocks - Master_Chain, which contains only the hash of a block of lower and side smart contracts.

✔️ In parallel with the main Master_Chain, various independent chains are formed - these are smart contracts that organize the three-dimensional distribution, for example:
- first smart contract - generation of tokens;
- second smart contract - sale of goods through the store;
- third - a crypto exchange;
- fourth - delivery of goods, etc.

✔️ Thus, the organization of chains of smart contracts and the main Master_Chain leads to a four-dimensional model of the organization of distribution of blocks.

Read more about Relictum Pro innovative solutions here: https://relictum.pro
https://preview.redd.it/1w6uqq7t0b851.png?width=1200&format=png&auto=webp&s=8589ed31ec1644b9e345e6154fc58bcb641abf1e
submitted by RelictumPro_official to relictumpro [link] [comments]

The CBDC Road to Practice-The Framework of LDF 2020

The CBDC Road to Practice-The Framework of LDF 2020
The CBDC Road To Practice——The Framework of LDF 2020
March 8, 2020 By JH( Lend0X Project Architect)
The Market Structure Analysis of CBDC
I. CBDC helps GDP growth
CBDC can be used as cash for commercial banks or as a medium for (government) bonds. The way in which assets are issued will have a huge impact on GDP growth. For commercial banks, the CBDC issued by the central bank is the source of assets. For customers, the products under the CBDC are the use of funds. Blockchain-based CBDC and bank account-based digital cash and banknotes are generally considered to have a huge difference in the contribution of GDP to quality, cost, and efficiency.
https://preview.redd.it/fji1rqdxequ41.png?width=411&format=png&auto=webp&s=10647fa76b42056f80527cfd5342a2f8c1d1df1a
Qualitatively
The Bank of England states in the 2019 study that the macroeconomic effects of issuing central bank digital currency (CBDC), the following three advantages of digital currency can increase interest-bearing central bank liabilities, and distributed ledgers can compete with bank deposits as a medium of exchange.
In the digital currency economy model 1. The model in the report matches the adjusted US currency issuance before the crisis, and we find that if the issuance of CBDC accounts for 30% of GDP, compared with government bonds, it may permanently increase GDP by 3%.
  1. Reduce real interest rates, reverse taxes and currency transaction costs.
  2. As a second monetary policy tool, countercyclical CBDC price or quantity rules can greatly improve the ability of the central bank to stabilize the business cycle.
Cost
II. The issuing system and payment structure of CBDC
The BIS research report pointed out that CBDC has many open questions, such as whether they should be retail or wholesale? Directly or indirectly to consumers? Account-based or token-based? Based on distributed ledgers, a centralized model or a hybrid model? How does CBDC pay across borders?
https://preview.redd.it/6dczkw83fqu41.png?width=249&format=png&auto=webp&s=3c9f31f371ccbeab21d634b6a01ee0bd5a8b0f08
Of the three issuance systems (indirect, direct, and hybrid), CBDC can only be issued directly by the central bank. In The first type of indirect issuance structure,the CBDC is the indirect architecture ,and is done indirectly. ICBDC in the hands of consumers (such as the digital currency issued by the 4 largest state-owned commercial banks in DCEP) represents commercial banks (such as the 4 largest state-owned commercial banks) debt.
In the second type of direct and third type of mixed issuance structure, consumers are creditors of the central bank. In the direct CBDC model (type 2), the central bank processes all payments in real time and therefore maintains a record of all retail assets. The hybrid CBDC model is an intermediate solution where the consumer is a creditor of the central bank, but real-time payments are handled by the intermediary, and the central bank keeps copies of all retail
CBDCs in order to transfer them from one payment service provider to another in the event of a technical failure.
In terms of efficiency
Three payment architecture architectures allow account-based or token-based access. Although its DCEP digital currency is not a token in the blockchain, it is similar to the token in blockchain in key features such as non-double spending, anonymity, non-forgeability, security, transferability, separability, and programmability. Therefore, DCEP still belongs to the Token paradigm, not the account paradigm.
All four combinations are possible for any CBDC architecture (indirect, direct or hybrid) whatever the payment structure is based on the centralization or centralization mode, the account or token mode of blockchain smart contract account . But in different structures, central banks, commercial banks, and the private sector operate different parts of the infrastructure.
At present, the DCEP issuance structure adopts a two-tier structure, and its payment system——four major state-owned commercial
banks issuing four ICDBC tokens. Its technical architecture features are consistent with the first indirect distribution method. Because DCEP is positioned as digital cash (M0 cash) and the central bank's DCEP supports offline mobile payment, considering its huge payment transactions, a centralized account system for DCEP payment methods is essential. Offline Payment methods access to mobile wallets based on tokens are also essential for commercial banks.

https://preview.redd.it/0wvltv0ffqu41.png?width=411&format=png&auto=webp&s=4fd728ece4e869126b6ec8e90cd1962302a424bd
LDF Central Bank Digital Currency CBDC Project Development
At present, the technical framework of the CBDC and the selection of infrastructure are divided into the R & D and cooperation of domestic application planning DCEP application scenarios; its overseas expansion goal supports the development of the “Belt and Road” digital asset ecosystem. DCEP adopts a double-layer system of commercial banks and central banks to adapt to the existing currency
systems of sovereign countries in the world. China, as a currency issuing country, has strong economic strength and basic conditions necessary for world currencies. At the same time, DCEP can also save the issued funds, calculate the inflation rate and other macroeconomic indicators more accurately, better curb illegal activities such as money laundering and terrorist financing, and facilitate foreign exchange circulation worldwide.
1. LDF——the combination of CBDC program and token economy
Only after answering questions such as the openness of CBDC currency itself, can we solve how the application of multiple blockchain industries such as LDF digital asset issuance platform, digital asset support bond platform, and lending and other CBDC currency "product traceability", "digital identity authentication", "judicial depository", "secure communication"and other basic applications, these LDFs are an important direction for exploring blockchain applications.
2.Select the most widely used blockchain technology as the basic platform
LDF introduced CBDC to use blockchain technology because it is the most mature landing foundation platform. It has the advantages of decentralization, openness, autonomy, anonymity, and tamper resistance. It can make the entire system information highly transparent, its data stability and the reliability is extremely high, which solves the point-to-point trust problem and can reduce transaction and operating costs. At present, the underlying technologies of mainstream digital assets such as Bitcoin, Ethereum, and USDT are all blockchain technologies. At the same time, the application scenarios of the blockchain not only include digital currency, but also include many fields such as "product traceability", "digital identity authentication", "judicial depository", "secure communication" and so on.
3.Interpretation of DCEP and selection of LDF blockchain technology architecture
·DCEP does not use a real blockchain like Libra, but may use a centralized ledger based on the UTXO (Unspent Transaction Output) model, and it still belongs to the Token paradigm. This centralized ledger reflects the digital currency issuance and registration system maintained by the central bank. It does not need to run consensus algorithms and will not be subject to the performance bottleneck of the blockchain. The blockchain may be used for the definitive registration of digital currencies and occupy a subsidiary position.

https://preview.redd.it/655gvo1ofqu41.png?width=273&format=png&auto=webp&s=eaf1da72ef45db094067e5523b1a92cc9a0f71c1
·Users need to use DCEP wallet. The core of the wallet is a pair of public and private keys. The public key is also the address, where the digital certificate of RMB is stored. This digital certificate is not a token in the blockchain in the complete sense, but it is consistent with the Token in many key features, and it is based on 100% RMB reserve. Users can initiate transfer transactions between addresses through the wallet private key. The transfer transaction is recorded
directly in the centralized ledger by the central bank. In this way, DCEP implements account loose coupling and controlled anonymity.
·Although DCEP is a currency tool, the third-party payment is mainly a payment tool after "disconnecting directly", but there are many similarities between the two. If DCEP is good enough in terms of technical efficiency and business development, and from the perspective of users, third-party payments can bring the same experience after DCEP and "disconnect directly". Therefore, DCEP has a mutual substitution relationship with third-party payment in the application after “disconnecting directly”.
·DCEP will have a tightening effect on M2, and M2 tightening reflects the contraction of the banking system to a certain extent. Digital currency does not pay interest, and the People's Bank of China has no plan to completely replace cash with DCEP, so DCEP will not constitute a new monetary policy tool. DCEP has strong policy implications for central bank monitoring of capital flows, as well as anti-money laundering, anti-terrorist financing and anti-tax evasion. Therefore, the supervisory function of DCEP exceeds that of monetary policy.
·The impact of DCEP on RMB internationalization is mainly reflected in cross-border payments based on digital currencies. Although cross-border payments including DCEP, can promote RMB internationalization, cross-border payment is only a necessary condition for RMB internationalization, not a sufficient one. The internationalization of the RMB is inseparable from a series of institutional arrangements.
4.The effectiveness of digital currencies in the LDF framework
CBDC is positioned as digital cash or currency under the LDF framework, and the remaining various tokens, cryptocurrencies, and stablecoins are treated as digital assets. The application platforms involved in LDF (asset mortgage bond platform, digital asset issuance platform, and lending). The underlying assets of LDF are part of the digital asset equity. The reason why LDF uses CBDC and stable currency as currency is due to ·LDF framework links three financial ecosystems ·CBDC has the characteristics of currency transaction, accounting unit and value storage have been verified
·Stablecoins can be used as a payment tool for token economic platforms, not currencies
The stable currency selected by LDF should effectively play the payment function of the currency, and meet the requirements of the following LDF framework: ·Must be universally accepted ·Must be easy to standardize in order to determine its value
Due to the characteristics of DvP (payment is settlement) based on blockchain technology, LDF's smart contracts have the characteristics of decentralized intermediaries, such as the function of asset account contracts partially replacing account settlement; the asset pool contract replacing SPV, and the cash flow contract replacing assets Payment intermediary The digital currency selected as an LDF that meets the above standards is very important for the effectiveness of the LDF framework. Otherwise, the platform built by the LDF framework will not be able to achieve the capabilities of distributed ledgers and DAO organizations.
LDF regulatory compliance
LDF chooses CBDC (DCEP) as the construction of digital asset transaction payment platform, which has the characteristics of DvP (asset payment is settlement). It supervises compliance with the selection of digital currencies that support smart contract accounts and trading platforms (anti-money laundering and anti-terrorist financing) has a decisive role.
DCEP takes the form of loosely coupled accounts to achieve controlled anonymity. The current electronic payment methods, such as bank cards and third-party payment platforms, all use the method of tightly coupling accounts, that is, funds must be transferred through real-name bank accounts. But With the improvement of people's awareness of information security, electronic payment cannot meet people's demand for anonymous payment. The digital currency of the central bank adopts the form of loosely coupled accounts, enabling asset transfers without the need for bank accounts, so as to achieve controllable anonymity.
Unlike Bitcoin's complete anonymity, the central bank has the right to obtain the transaction data within the legal scope, and the source
of digital currency can be traced through big data analysis, while other commercial banks and merchants cannot obtain relevant information. This mechanism, while protecting data security and citizen privacy, also enables illegal activities such as money laundering to be effectively supervised.
Association of LDF's DAO Autonomous Economic Model with CBDC
The direct DCB (such as DCEP) or LIBRA of the LDF token can quantify the value of DAO / DAE through a certain transformation and analysis, and predict its future long-term growth rate and the problems to be solved by the economic model, the solution path adopted, and the overall structure design, technological innovation, team composition, development vision and roadmap.
https://preview.redd.it/txg4mq0sfqu41.png?width=269&format=png&auto=webp&s=a69b919cf43c9115f43525f8d851ee1e4fbf5a1f
·The LDF economic model transplants the estimation model of the asset value of the general economic system to DAO 2.0 organization and market management, so as to establish a unified evaluation system for the value generated by the distributed autonomous economy (DAE). The endogenous economic growth model considers important parameters such as savings rate, population growth rate, and technological progress as endogenous variables. The long-term growth rate of the economy can be determined by the interior of the model. Moreover, the LDF economic model takes the number of tokens, nodes, and technical inputs of the distributed organization as similar parameters. The CBDC (such as DCEP) or LIBRA directly targeted by the token can quantify the value of DAO / DAE through certain transformation and analysis and predict its long-term growth rate in the future.
·In response to the special needs of transactions and asset on-chain in the blockchain field, the LDF economic model has developed a DAE (Decentralized Autonomous Economic) protocol group specifically designed to eliminate various pain points of decentralization in the blockchain field, and has developed corresponding LDF DAO DAPP, these agreements include: ·Issuance and trading of tokens based on smart contracts ·Distributed order submission and matching ·Transaction interest rate and mortgage method based on automatic discovery mechanism
Therefore, whether it is a community member, an investor, or a blockchain project developer that develops applications on the LDF economic model, it can use the distributed rules, consensus mechanisms, infrastructure, and smart contracts provided by it to achieve the following purposes:
·Encrypted token asset transaction and circulation based on community autonomy ·Issue of new LDF tokens ·Construction, collaboration, management, voting, and decision- making of specific encryption token communities
·Develop a smart contract system for the dual factors of community node rights and workload ·Customized incentive standards for nodes with different interests
Welcome to discuss with the author of this article, please contact via email:[email protected]
submitted by Lend0x to u/Lend0x [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Best General RenVM Questions of January 2020

Best General RenVM Questions of January 2020

‌*These questions are sourced directly from Telegram
Q: When you say RenVM is Trustless, Permissionless, and Decentralized, what does that actually mean?
A: Trustless = RenVM is a virtual machine (a network of nodes, that do computations), this means if you ask RenVM to trade an asset via smart contract logic, it will. No trusted intermediary that holds assets or that you need to rely on. Because RenVM is a decentralized network and computes verified information in a secure environment, no single party can prevent users from sending funds in, withdrawing deposited funds, or computing information needed for updating outside ledgers. RenVM is an agnostic and autonomous virtual broker that holds your digital assets as they move between blockchains.
Permissionless = RenVM is an open protocol; meaning anyone can use RenVM and any project can build with RenVM. You don't need anyone's permission, just plug RenVM into your dApp and you have interoperability.
Decentralized = The nodes that power RenVM ( Darknodes) are scattered throughout the world. RenVM has a peak capacity of up to 10,000 Darknodes (due to REN’s token economics). Realistically, there will probably be 100 - 500 Darknodes run in the initial Mainnet phases, ample decentralized nonetheless.

Q: Okay, so how can you prove this?
A: The publication of our audit results will help prove the trustlessness piece; permissionless and decentralized can be proven today.
Permissionless = https://github.com/renproject/ren-js
Decentralized = https://chaosnet.renproject.io/

Q: How does Ren sMPC work? Sharmir's secret sharing? TSS?
A: There is some confusion here that keeps arising so I will do my best to clarify.TL;DR: *SSS is just data. It’s what you do with the data that matters. RenVM uses sMPC on SSS to create TSS for ECDSA keys.*SSS and TSS aren’t fundamental different things. It’s kind of like asking: do you use numbers, or equations? Equations often (but not always) use numbers or at some point involve numbers.
SSS by itself is just a way of representing secret data (like numbers). sMPC is how to generate and work with that data (like equations). One of the things you can do with that work is produce a form of TSS (this is what RenVM does).
However, TSS is slightly different because it can also be done *without* SSS and sMPC. For example, BLS signatures don’t use SSS or sMPC but they are still a form of TSS.
So, we say that RenVM uses SSS+sMPC because this is more specific than just saying TSS (and you can also do more with SSS+sMPC than just TSS). Specifically, all viable forms of turning ECDSA (a scheme that isn’t naturally threshold based) into a TSS needs SSS+sMPC.
People often get confused about RenVM and claim “SSS can’t be used to sign transactions without making the private key whole again”. That’s a strange statement and shows a fundamental misunderstanding about what SSS is.
To come back to our analogy, it’s like saying “numbers can’t be used to write a book”. That’s kind of true in a direct sense, but there are plenty of ways to encode a book as numbers and then it’s up to how you interpret (how you *use*) those numbers. This is exactly how this text I’m writing is appearing on your screen right now.
SSS is just secret data. It doesn’t make sense to say that SSS *functions*. RenVM is what does the functioning. RenVM *uses* the SSSs to represent private keys. But these are generated and used and destroyed as part of sMPC. The keys are never whole at any point.

Q: Thanks for the explanation. Based on my understanding of SSS, a trusted dealer does need to briefly put the key together. Is this not the case?
A: Remember, SSS is just the representation of a secret. How you get from the secret to its representation is something else. There are many ways to do it. The simplest way is to have a “dealer” that knows the secret and gives out the shares. But, there are other ways. For example: we all act as dealers, and all give each other shares of our individual secret. If there are N of us, we now each have N shares (one from every person). Then we all individually add up the shares that we have. We now each have a share of a “global” secret that no one actually knows. We know this global secret is the sum of everyone’s individual secrets, but unless you know every individual’s secret you cannot know the global secret (even though you have all just collectively generates shares for it). This is an example of an sMPC generation of a random number with collusion resistance against all-but-one adversaries.

Q: If you borrow Ren, you can profit from the opposite Ren gain. That means you could profit from breaking the network and from falling Ren price (because breaking the network, would cause Ren price to drop) (lower amount to be repaid, when the bond gets slashed)
A: Yes, this is why it’s important there has a large number of Darknodes before moving to full decentralisation (large borrowing becomes harder). We’re exploring a few other options too, that should help prevent these kinds of issues.

Q: What are RenVM’s Security and Liveliness parameters?
A: These are discussed in detail in our Wiki, please check it out here: https://github.com/renproject/ren/wiki/Safety-and-Liveliness#analysis

Q: What are the next blockchain under consideration for RenVM?
A: These can be found here: https://github.com/renproject/ren/wiki/Supported-Blockchains

Q: I've just read that Aztec is going to be live this month and currently tests txs with third parties. Are you going to participate in early access or you just more focused on bringing Ren to Subzero stage?
A: At this stage, our entire focus is on Mainnet SubZero. But, we will definitely be following up on integrating with AZTEC once everything is out and stable.

Q: So how does RenVM compare to tBTC, Thorchain, WBTC, etc..?
A: An easy way to think about it is..RenVM’s functionality is a combination of tBTC (+ WBTC by extension), and Thorchain’s (proposed) capabilities... All wrapped into one. Just depends on what the end-user application wants to do with it.

Q1: What are the core technical/security differences between RenVM and tBTC?A1: The algorithm used by tBTC faults if even one node goes offline at the wrong moment (and the whole “keep” of nodes can be penalised for this). RenVM can survive 1/3rd going offline at any point at any time. Advantage for tBTC is that collusion is harder, disadvantage is obviously availability and permissionlessness is lower.
tBTC an only mint/burn lots of 1 BTC and requires an on-Ethereum SPV relay for Bitcoin headers (and for any other chain it adds). No real advantage trade-off IMO.
tBTC has a liquidation mechanism that means nodes can have their bond liquidated because of ETH/BTC price ratio. Advantage means users can get 1 BTC worth of ETH. Disadvantage is it means tBTC is kind of a synthetic: needs a price feed, needs liquid markets for liquidation, users must accept exposure to ETH even if they only hold tBTC, nodes must stay collateralized or lose lots of ETH. RenVM doesn’t have this, and instead uses fees to prevent becoming under-collateralized. This requires a mature market, and assumed Darknodes will value their REN bonds fairly (based on revenue, not necessarily what they can sell it for at current —potentially manipulated—market value). That can be an advantage or disadvantage depending on how you feel.
tBTC focuses more on the idea of a tokenized version of BTC that feels like an ERC20 to the user (and is). RenVM focuses more on letting the user interact with DeFi and use real BTC and real Bitcoin transactions to do so (still an ERC20 under the hood, but the UX is more fluid and integrated). Advantage of tBTC is that it’s probably easier to understand and that might mean better overall experience, disadvantage really comes back to that 1 BTC limit and the need for a more clunky minting/burning experience that might mean worse overall experience. Too early to tell, different projects taking different bets.
tBTC supports BTC (I think they have ZEC these days too). RenVM supports BTC, BCH, and ZEC (docs discuss Matic, XRP, and LTC).
Q2: This are my assumed differences between tBTC and RenVM, are they correct? Some key comparisons:
-Both are vulnerable to oracle attacks
-REN federation failure results in loss or theft of all funds
-tBTC failures tend to result in frothy markets, but holders of tBTC are made whole
-REN quorum rotation is new crypto, and relies on honest deletion of old key shares
-tBTC rotates micro-quorums regularly without relying on honest deletion
-tBTC relies on an SPV relay
-REN relies on federation honesty to fill the relay's purpose
-Both are brittle to deep reorgs, so expanding to weaker chains like ZEC is not clearly a good idea
-REN may see total system failure as the result of a deep reorg, as it changes federation incentives significantly
-tBTC may accidentally punish some honest micro-federations as the result of a deep reorg
-REN generally has much more interaction between incentive models, as everything is mixed into the same pot.
-tBTC is a large collection of small incentive models, while REN is a single complex incentive model
A2: To correct some points:
The oracle situation is different with RenVM, because the fee model is what determines the value of REN with respect to the cross-chain asset. This is the asset is what is used to pay the fee, so no external pricing is needed for it (because you only care about the ratio between REN and the cross-chain asset).
RenVM does rotate quorums regularly, in fact more regularly than in tBTC (although there are micro-quorums, each deposit doesn’t get rotated as far as I know and sticks around for up to 6 months). This rotation involves rotations of the keys too, so it does not rely on honest deletion of key shares.
Federated views of blockchains are easier to expand to support deep re-orgs (just get the nodes to wait for more blocks for that chain). SPV requires longer proofs which begins to scale more poorly.
Not sure what you mean by “one big pot”, but there are multiple quorums so the failure of one is isolated from the failures of others. For example, if there are 10 shards supporting BTC and one of them fails, then this is equivalent to a sudden 10% fee being applied. Harsh, yes, but not total failure of the whole system (and doesn’t affect other assets).
Would be interesting what RenVM would look like with lots more shards that are smaller. Failure becomes much more isolated and affects the overall network less.
Further, the amount of tBTC you can mint is dependent on people who are long ETH and prefer locking it up in Keep for earning a smallish fee instead of putting it in Compound or leveraging with dydx. tBTC is competing for liquidity while RenVM isn't.

Q: I understand correctly RenVM (sMPC) can get up to a 50% security threshold, can you tell me more?
A: The best you can theoretically do with sMPC is 50-67% of the total value of REN used to bond Darknodes (RenVM will eventually work up to 50% and won’t go for 67% because we care about liveliness just as much as safety). As an example, if there’s $1M of REN currently locked up in bonded Darknodes you could have up to $500K of tokens shifted through RenVM at any one specific moment. You could do more than that in daily volume, but at any one moment this is the limit.Beyond this limit, you can still remain secure but you cannot assume that players are going to be acting to maximize their profit. Under this limit, a colluding group of adversaries has no incentive to subvert safety/liveliness properties because the cost to attack roughly outweighs the gain. Beyond this limit, you need to assume that players are behaving out of commitment to the network (not necessarily a bad assumption, but definitely weaker than the maximizing profits assumption).

Q: Why is using ETH as collateral for RenVM a bad idea?
A: Using ETH as collateral in this kind of system (like having to deposit say 20 ETH for a bond) would not make any sense because the collateral value would then fluctuate independently of what kind of value RenVM is providing. The REN token on the other hand directly correlates with the usage of RenVM which makes bonding with REN much more appropriate. DAI as a bond would not work as well because then you can't limit attackers with enough funds to launch as many darknodes as they want until they can attack the network. REN is limited in supply and therefore makes it harder to get enough of it without the price shooting up (making it much more expensive to attack as they would lose their bonds as well).
A major advantage of Ren's specific usage of sMPC is that security can be regulated economically. All value (that's being interopped at least) passing through RenVM has explicit value. The network can self-regulate to ensure an attack is never worth it.

Q: Given the fee model proposal/ceiling, might be a liquidity issue with renBTC. More demand than possible supply?A: I don’t think so. As renBTC is minted, the fees being earned by Darknodes go up, and therefore the value of REN goes up. Imagine that the demand is so great that the amount of renBTC is pushing close to 100% of the limit. This is a very loud and clear message to the Darknodes that they’re going to be earning good fees and that demand is high. Almost by definition, this means REN is worth more.
Profits of the Darknodes, and therefore security of the network, is based solely on the use of the network (this is what you want because your network does not make or break on things outside the systems control). In a system like tBTC there are liquidity issues because you need to convince ETH holders to bond ETH and this is an external problem. Maybe ETH is pumping irrespective of tBTC use and people begin leaving tBTC to sell their ETH. Or, that ETH is dumping, and so tBTC nodes are either liquidated or all their profits are eaten by the fact that they have to be long on ETH (and tBTC holders cannot get their BTC back in this case). Feels real bad man.

Q: I’m still wondering which asset people will choose: tbtc or renBTC? I’m assuming the fact that all tbtc is backed by eth + btc might make some people more comfortable with it.
A: Maybe :) personally I’d rather know that my renBTC can always be turned back into BTC, and that my transactions will always go through. I also think there are many BTC holders that would rather not have to “believe in ETH” as an externality just to maximize use of their BTC.

Q: How does the liquidation mechanism work? Can any party, including non-nodes act as liquidators? There needs to be a price feed for liquidation and to determine the minting fee - where does this price feed come from?
A: RenVM does not have a liquidation mechanism.
Q: I don’t understand how the price feeds for minting fees make sense. You are saying that the inputs for the fee curve depend on the amount of fees derived by the system. This is circular in a sense?
A: By evaluating the REN based on the income you can get from bonding it and working. The only thing that drives REN value is the fact that REN can be bonded to allow work to be done to earn revenue. So any price feed (however you define it) is eventually rooted in the fees earned.

Q: Who’s doing RenVM’s Security Audit?
A: ChainSecurity | https://chainsecurity.com/

Q: Can you explain RenVM’s proposed fee model?
A: The proposed fee model can be found here: https://github.com/renproject/ren/wiki/Safety-and-Liveliness#fees

Q: Can you explain in more detail the difference between "execution" and "powering P2P Network". I think that these functions are somehow overlapping? Can you define in more detail what is "execution" and "powering P2P Network"? You also said that at later stages semi-core might still exist "as a secondary signature on everything (this can mathematically only increase security, because the fully decentralised signature is still needed)". What power will this secondary signature have?
A: By execution we specifically mean signing things with the secret ECDSA keys. The P2P network is how every node communicates with every other node. The semi-core doesn’t have any “special powers”. If it stays, it would literally just be a second signature required (as opposed to the one signature required right now).
This cannot affect safety, because the first signature is still required. Any attack you wanted to do would still have to succeed against the “normal” part of the network. This can affect liveliness, because the semi-core could decide not to sign. However, the semi-core follows the same rules as normal shards. The signature is tolerant to 1/3rd for both safety/liveliness. So, 1/3rd+ would have to decide to not sign.
Members of the semi-core would be there under governance from the rest of our ecosystem. The idea is that members would be chosen for their external value. We’ve discussed in-depth the idea of L<3. But, if RenVM is used in MakerDAO, Compound, dYdX, Kyber, etc. it would be desirable to capture the value of these ecosystems too, not just the value of REN bonded. The semi-core as a second signature is a way to do this.
Imagine if the members for those projects, because those projects want to help secure renBTC, because it’s used in their ecosystems. There is a very strong incentive for them to behave honestly. To attack RenVM you first have to attack the Darknodes “as per usual” (the current design), and then somehow convince 1/3rd of these projects to act dishonestly and collapse their own ecosystems and their own reputations. This is a very difficult thing to do.
Worth reminding: the draft for this proposal isn’t finished. It would be great for everyone to give us their thoughts on GitHub when it is proposed, so we can keep a persistent record.

Q: Which method or equation is used to calculate REN value based on fees? I'm interested in how REN value is calculated as well, to maintain the L < 3 ratio?
A: We haven’t finalized this yet. But, at this stage, the plan is to have a smart contract that is controlled by the Darknodes. We want to wait to see how SubZero and Zero go before committing to a specific formulation, as this will give us a chance to bootstrap the network and field inputs from the Darknodes owners after the earnings they can make have become more apparent.
submitted by RENProtocol to RenProject [link] [comments]

HOW TO MAKE DIETING EASIER LUXSTACK for Bitcoin on Android Wear Hundimiento en Sitges - YouTube جديدة الخدع أفضل ماجيك 2016 - أفضل خدعة سحرية من أي وقت مضى Testing Official Electron Cash SPV Wallet 4.0.12 (Spanish) and BCH light Tx!

Many SPV clients also use the Bitcoin network protocol to connect to full nodes. Consensus rules do not cover networking, so Bitcoin programs may use alternative networks and protocols, such as the high-speed block relay network used by some miners and the dedicated transaction information servers used by some wallets that provide SPV-level security. To provide practical examples of the ... Tausende bzw genügend, um die Menge an Anfragen von SPV-clients berbeiten zu können. Die gegenteilige Frage – wie viele Bitcoins sind zu viele – ist einfach zu beantworten: Wir können nicht zu viele Nodes haben. Wie reagieren wir aber auf das Faktum, daß weniger als 1% der Bitcoin-Nutzer eine full Node betreiben? Full Nodes vs Skalierung. Auf die Frage, weshalb full Nodes wichtig sind ... Introduction¶. Each full node in the Bitcoin network independently stores a block chain containing only blocks validated by that node. When several nodes all have the same blocks in their block chain, they are considered to be in consensus.The validation rules these nodes follow to maintain consensus are called consensus rules.This section describes many of the consensus rules used by Bitcoin ... In this edition, Shadders unveiled a trifecta of product releases which together finally realise Satoshi’s vision for peer-to-peer transactions: Bitcoin SV Node software v1.0.6; SPV Channels v1.0.0; and mAPI v1.2. Together, the three updates enable peer to peer transactions and Simplified Payment Verification as described in Satoshi’s white paper– essential elements for the Bitcoin ... Online investment platform BnkToTheFuture is to take part in a Bitcoin Group’s IPO, currently raising investments via an SPV. The SPV was launched a week after Australian Prime Minister made a US$2,000 bid for Bitcoin Group's shares. It has already been backed by 21 persons, raising $2,969,628 (which is 81% of the minimum investment goal) during the first two days.

[index] [28225] [5808] [50697] [28686] [47274] [23165] [4353] [23238] [37511] [29958]

HOW TO MAKE DIETING EASIER

Testing Official release from ElectronCash.org (Official Site) and Showing How fast is Bitcoin Cash. BitcoinCashRyver Venezuela @VainilaMarket Learn More About Bitcoin: http://whatisbitcoins.com/what-is-bitcoin-mining/ Bitcoin mining is the process of adding transaction records to Bitcoin's public l... spv bitcoin spv bank spv business spv buy to let spv buy to let mortgages spv bhubaneswar spv bergen spv bankruptcy remote spv bvi spv benefits سحر c spv company spv calculator spv captain sc A very awesome moment when a new & small cryptocurrency reached 20,000 sts/coin. Be rich with it! (SPV), nova agenda ativa, Novo atualização Android & iOS, Politeia Brasil & EUA, Decred Journal, Eventos remarcados. ----- Block H...

#