Bitcoin: Cryptographic hash functions (video) | Khan Academy

ELI5: Bitcoin's cryptographic hash function used in mining and why it is secure

submitted by Richpixel to explainlikeimfive [link] [comments]

Learn Together how Cryptographic Currencies work!

There is quite a lot of information to take in when learning about crypto-currencies. I have found it supremely enlightening to have a base understanding of how the technology behind these currencies work.
The more knowledgeable we are about the technology the easier it is for us to come up with ideas and solutions!
There are a lot of resources out there but these sources provided me with enough knowledge to get me started learning more in-depth on my own.
The more of us that understand the cryptographic principles at work, the more potential developers, projects, and development in general!
submitted by 45sbvad to dogecoin [link] [comments]

SHA256 - A cryptographic hash function is used in Bitcoin address creation - https://coinscapture.com/explore#didyouknow

SHA256 - A cryptographic hash function is used in Bitcoin address creation - https://coinscapture.com/explore#didyouknow submitted by coinscapturecom to u/coinscapturecom [link] [comments]

Hash rate, Cryptographic hash functions and mining in the Bitcoin network ⋆ Crypto New Media

Hash rate, Cryptographic hash functions and mining in the Bitcoin network ⋆ Crypto New Media submitted by MellzorLovely to CryptoStock [link] [comments]

Lifetimes of cryptographic hash functions. What will happen to bitcoin when SHA becomes weakened/broken?

submitted by ti83nightedition to Bitcoin [link] [comments]

In cryptographic hash functions, what exactly are the hiding and puzzle-friendliness properties? /r/Bitcoin

In cryptographic hash functions, what exactly are the hiding and puzzle-friendliness properties? /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Bitcoin - Cryptographic hash function By Khan Academy

Bitcoin - Cryptographic hash function By Khan Academy submitted by allex2501 to BrasilBitcoin [link] [comments]

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

Why i’m bullish on Zilliqa (long read)

Edit: TL;DR added in the comments
 
Hey all, I've been researching coins since 2017 and have gone through 100s of them in the last 3 years. I got introduced to blockchain via Bitcoin of course, analyzed Ethereum thereafter and from that moment I have a keen interest in smart contact platforms. I’m passionate about Ethereum but I find Zilliqa to have a better risk-reward ratio. Especially because Zilliqa has found an elegant balance between being secure, decentralized and scalable in my opinion.
 
Below I post my analysis of why from all the coins I went through I’m most bullish on Zilliqa (yes I went through Tezos, EOS, NEO, VeChain, Harmony, Algorand, Cardano etc.). Note that this is not investment advice and although it's a thorough analysis there is obviously some bias involved. Looking forward to what you all think!
 
Fun fact: the name Zilliqa is a play on ‘silica’ silicon dioxide which means “Silicon for the high-throughput consensus computer.”
 
This post is divided into (i) Technology, (ii) Business & Partnerships, and (iii) Marketing & Community. I’ve tried to make the technology part readable for a broad audience. If you’ve ever tried understanding the inner workings of Bitcoin and Ethereum you should be able to grasp most parts. Otherwise, just skim through and once you are zoning out head to the next part.
 
Technology and some more:
 
Introduction
 
The technology is one of the main reasons why I’m so bullish on Zilliqa. First thing you see on their website is: “Zilliqa is a high-performance, high-security blockchain platform for enterprises and next-generation applications.” These are some bold statements.
 
Before we deep dive into the technology let’s take a step back in time first as they have quite the history. The initial research paper from which Zilliqa originated dates back to August 2016: Elastico: A Secure Sharding Protocol For Open Blockchains where Loi Luu (Kyber Network) is one of the co-authors. Other ideas that led to the development of what Zilliqa has become today are: Bitcoin-NG, collective signing CoSi, ByzCoin and Omniledger.
 
The technical white paper was made public in August 2017 and since then they have achieved everything stated in the white paper and also created their own open source intermediate level smart contract language called Scilla (functional programming language similar to OCaml) too.
 
Mainnet is live since the end of January 2019 with daily transaction rates growing continuously. About a week ago mainnet reached 5 million transactions, 500.000+ addresses in total along with 2400 nodes keeping the network decentralized and secure. Circulating supply is nearing 11 billion and currently only mining rewards are left. The maximum supply is 21 billion with annual inflation being 7.13% currently and will only decrease with time.
 
Zilliqa realized early on that the usage of public cryptocurrencies and smart contracts were increasing but decentralized, secure, and scalable alternatives were lacking in the crypto space. They proposed to apply sharding onto a public smart contract blockchain where the transaction rate increases almost linear with the increase in the amount of nodes. More nodes = higher transaction throughput and increased decentralization. Sharding comes in many forms and Zilliqa uses network-, transaction- and computational sharding. Network sharding opens up the possibility of using transaction- and computational sharding on top. Zilliqa does not use state sharding for now. We’ll come back to this later.
 
Before we continue dissecting how Zilliqa achieves such from a technological standpoint it’s good to keep in mind that a blockchain being decentralised and secure and scalable is still one of the main hurdles in allowing widespread usage of decentralised networks. In my opinion this needs to be solved first before blockchains can get to the point where they can create and add large scale value. So I invite you to read the next section to grasp the underlying fundamentals. Because after all these premises need to be true otherwise there isn’t a fundamental case to be bullish on Zilliqa, right?
 
Down the rabbit hole
 
How have they achieved this? Let’s define the basics first: key players on Zilliqa are the users and the miners. A user is anybody who uses the blockchain to transfer funds or run smart contracts. Miners are the (shard) nodes in the network who run the consensus protocol and get rewarded for their service in Zillings (ZIL). The mining network is divided into several smaller networks called shards, which is also referred to as ‘network sharding’. Miners subsequently are randomly assigned to a shard by another set of miners called DS (Directory Service) nodes. The regular shards process transactions and the outputs of these shards are eventually combined by the DS shard as they reach consensus on the final state. More on how these DS shards reach consensus (via pBFT) will be explained later on.
 
The Zilliqa network produces two types of blocks: DS blocks and Tx blocks. One DS Block consists of 100 Tx Blocks. And as previously mentioned there are two types of nodes concerned with reaching consensus: shard nodes and DS nodes. Becoming a shard node or DS node is being defined by the result of a PoW cycle (Ethash) at the beginning of the DS Block. All candidate mining nodes compete with each other and run the PoW (Proof-of-Work) cycle for 60 seconds and the submissions achieving the highest difficulty will be allowed on the network. And to put it in perspective: the average difficulty for one DS node is ~ 2 Th/s equaling 2.000.000 Mh/s or 55 thousand+ GeForce GTX 1070 / 8 GB GPUs at 35.4 Mh/s. Each DS Block 10 new DS nodes are allowed. And a shard node needs to provide around 8.53 GH/s currently (around 240 GTX 1070s). Dual mining ETH/ETC and ZIL is possible and can be done via mining software such as Phoenix and Claymore. There are pools and if you have large amounts of hashing power (Ethash) available you could mine solo.
 
The PoW cycle of 60 seconds is a peak performance and acts as an entry ticket to the network. The entry ticket is called a sybil resistance mechanism and makes it incredibly hard for adversaries to spawn lots of identities and manipulate the network with these identities. And after every 100 Tx Blocks which corresponds to roughly 1,5 hour this PoW process repeats. In between these 1,5 hour, no PoW needs to be done meaning Zilliqa’s energy consumption to keep the network secure is low. For more detailed information on how mining works click here.
Okay, hats off to you. You have made it this far. Before we go any deeper down the rabbit hole we first must understand why Zilliqa goes through all of the above technicalities and understand a bit more what a blockchain on a more fundamental level is. Because the core of Zilliqa’s consensus protocol relies on the usage of pBFT (practical Byzantine Fault Tolerance) we need to know more about state machines and their function. Navigate to Viewblock, a Zilliqa block explorer, and just come back to this article. We will use this site to navigate through a few concepts.
 
We have established that Zilliqa is a public and distributed blockchain. Meaning that everyone with an internet connection can send ZILs, trigger smart contracts, etc. and there is no central authority who fully controls the network. Zilliqa and other public and distributed blockchains (like Bitcoin and Ethereum) can also be defined as state machines.
 
Taking the liberty of paraphrasing examples and definitions given by Samuel Brooks’ medium article, he describes the definition of a blockchain (like Zilliqa) as: “A peer-to-peer, append-only datastore that uses consensus to synchronize cryptographically-secure data”.
 
Next, he states that: "blockchains are fundamentally systems for managing valid state transitions”. For some more context, I recommend reading the whole medium article to get a better grasp of the definitions and understanding of state machines. Nevertheless, let’s try to simplify and compile it into a single paragraph. Take traffic lights as an example: all its states (red, amber, and green) are predefined, all possible outcomes are known and it doesn’t matter if you encounter the traffic light today or tomorrow. It will still behave the same. Managing the states of a traffic light can be done by triggering a sensor on the road or pushing a button resulting in one traffic lights’ state going from green to red (via amber) and another light from red to green.
 
With public blockchains like Zilliqa, this isn’t so straightforward and simple. It started with block #1 almost 1,5 years ago and every 45 seconds or so a new block linked to the previous block is being added. Resulting in a chain of blocks with transactions in it that everyone can verify from block #1 to the current #647.000+ block. The state is ever changing and the states it can find itself in are infinite. And while the traffic light might work together in tandem with various other traffic lights, it’s rather insignificant comparing it to a public blockchain. Because Zilliqa consists of 2400 nodes who need to work together to achieve consensus on what the latest valid state is while some of these nodes may have latency or broadcast issues, drop offline or are deliberately trying to attack the network, etc.
 
Now go back to the Viewblock page take a look at the amount of transaction, addresses, block and DS height and then hit refresh. Obviously as expected you see new incremented values on one or all parameters. And how did the Zilliqa blockchain manage to transition from a previous valid state to the latest valid state? By using pBFT to reach consensus on the latest valid state.
 
After having obtained the entry ticket, miners execute pBFT to reach consensus on the ever-changing state of the blockchain. pBFT requires a series of network communication between nodes, and as such there is no GPU involved (but CPU). Resulting in the total energy consumed to keep the blockchain secure, decentralized and scalable being low.
 
pBFT stands for practical Byzantine Fault Tolerance and is an optimization on the Byzantine Fault Tolerant algorithm. To quote Blockonomi: “In the context of distributed systems, Byzantine Fault Tolerance is the ability of a distributed computer network to function as desired and correctly reach a sufficient consensus despite malicious components (nodes) of the system failing or propagating incorrect information to other peers.” Zilliqa is such a distributed computer network and depends on the honesty of the nodes (shard and DS) to reach consensus and to continuously update the state with the latest block. If pBFT is a new term for you I can highly recommend the Blockonomi article.
 
The idea of pBFT was introduced in 1999 - one of the authors even won a Turing award for it - and it is well researched and applied in various blockchains and distributed systems nowadays. If you want more advanced information than the Blockonomi link provides click here. And if you’re in between Blockonomi and the University of Singapore read the Zilliqa Design Story Part 2 dating from October 2017.
Quoting from the Zilliqa tech whitepaper: “pBFT relies upon a correct leader (which is randomly selected) to begin each phase and proceed when the sufficient majority exists. In case the leader is byzantine it can stall the entire consensus protocol. To address this challenge, pBFT offers a view change protocol to replace the byzantine leader with another one.”
 
pBFT can tolerate ⅓ of the nodes being dishonest (offline counts as Byzantine = dishonest) and the consensus protocol will function without stalling or hiccups. Once there are more than ⅓ of dishonest nodes but no more than ⅔ the network will be stalled and a view change will be triggered to elect a new DS leader. Only when more than ⅔ of the nodes are dishonest (66%) double-spend attacks become possible.
 
If the network stalls no transactions can be processed and one has to wait until a new honest leader has been elected. When the mainnet was just launched and in its early phases, view changes happened regularly. As of today the last stalling of the network - and view change being triggered - was at the end of October 2019.
 
Another benefit of using pBFT for consensus besides low energy is the immediate finality it provides. Once your transaction is included in a block and the block is added to the chain it’s done. Lastly, take a look at this article where three types of finality are being defined: probabilistic, absolute and economic finality. Zilliqa falls under the absolute finality (just like Tendermint for example). Although lengthy already we skipped through some of the inner workings from Zilliqa’s consensus: read the Zilliqa Design Story Part 3 and you will be close to having a complete picture on it. Enough about PoW, sybil resistance mechanism, pBFT, etc. Another thing we haven’t looked at yet is the amount of decentralization.
 
Decentralisation
 
Currently, there are four shards, each one of them consisting of 600 nodes. 1 shard with 600 so-called DS nodes (Directory Service - they need to achieve a higher difficulty than shard nodes) and 1800 shard nodes of which 250 are shard guards (centralized nodes controlled by the team). The amount of shard guards has been steadily declining from 1200 in January 2019 to 250 as of May 2020. On the Viewblock statistics, you can see that many of the nodes are being located in the US but those are only the (CPU parts of the) shard nodes who perform pBFT. There is no data from where the PoW sources are coming. And when the Zilliqa blockchain starts reaching its transaction capacity limit, a network upgrade needs to be executed to lift the current cap of maximum 2400 nodes to allow more nodes and formation of more shards which will allow to network to keep on scaling according to demand.
Besides shard nodes there are also seed nodes. The main role of seed nodes is to serve as direct access points (for end-users and clients) to the core Zilliqa network that validates transactions. Seed nodes consolidate transaction requests and forward these to the lookup nodes (another type of nodes) for distribution to the shards in the network. Seed nodes also maintain the entire transaction history and the global state of the blockchain which is needed to provide services such as block explorers. Seed nodes in the Zilliqa network are comparable to Infura on Ethereum.
 
The seed nodes were first only operated by Zilliqa themselves, exchanges and Viewblock. Operators of seed nodes like exchanges had no incentive to open them for the greater public. They were centralised at first. Decentralisation at the seed nodes level has been steadily rolled out since March 2020 ( Zilliqa Improvement Proposal 3 ). Currently the amount of seed nodes is being increased, they are public-facing and at the same time PoS is applied to incentivize seed node operators and make it possible for ZIL holders to stake and earn passive yields. Important distinction: seed nodes are not involved with consensus! That is still PoW as entry ticket and pBFT for the actual consensus.
 
5% of the block rewards are being assigned to seed nodes (from the beginning in 2019) and those are being used to pay out ZIL stakers. The 5% block rewards with an annual yield of 10.03% translate to roughly 610 MM ZILs in total that can be staked. Exchanges use the custodial variant of staking and wallets like Moonlet will use the non-custodial version (starting in Q3 2020). Staking is being done by sending ZILs to a smart contract created by Zilliqa and audited by Quantstamp.
 
With a high amount of DS; shard nodes and seed nodes becoming more decentralized too, Zilliqa qualifies for the label of decentralized in my opinion.
 
Smart contracts
 
Let me start by saying I’m not a developer and my programming skills are quite limited. So I‘m taking the ELI5 route (maybe 12) but if you are familiar with Javascript, Solidity or specifically OCaml please head straight to Scilla - read the docs to get a good initial grasp of how Zilliqa’s smart contract language Scilla works and if you ask yourself “why another programming language?” check this article. And if you want to play around with some sample contracts in an IDE click here. The faucet can be found here. And more information on architecture, dapp development and API can be found on the Developer Portal.
If you are more into listening and watching: check this recent webinar explaining Zilliqa and Scilla. Link is time-stamped so you’ll start right away with a platform introduction, roadmap 2020 and afterwards a proper Scilla introduction.
 
Generalized: programming languages can be divided into being ‘object-oriented’ or ‘functional’. Here is an ELI5 given by software development academy: * “all programs have two basic components, data – what the program knows – and behavior – what the program can do with that data. So object-oriented programming states that combining data and related behaviors in one place, is called “object”, which makes it easier to understand how a particular program works. On the other hand, functional programming argues that data and behavior are different things and should be separated to ensure their clarity.” *
 
Scilla is on the functional side and shares similarities with OCaml: OCaml is a general-purpose programming language with an emphasis on expressiveness and safety. It has an advanced type system that helps catch your mistakes without getting in your way. It's used in environments where a single mistake can cost millions and speed matters, is supported by an active community, and has a rich set of libraries and development tools. For all its power, OCaml is also pretty simple, which is one reason it's often used as a teaching language.
 
Scilla is blockchain agnostic, can be implemented onto other blockchains as well, is recognized by academics and won a so-called Distinguished Artifact Award award at the end of last year.
 
One of the reasons why the Zilliqa team decided to create their own programming language focused on preventing smart contract vulnerabilities is that adding logic on a blockchain, programming, means that you cannot afford to make mistakes. Otherwise, it could cost you. It’s all great and fun blockchains being immutable but updating your code because you found a bug isn’t the same as with a regular web application for example. And with smart contracts, it inherently involves cryptocurrencies in some form thus value.
 
Another difference with programming languages on a blockchain is gas. Every transaction you do on a smart contract platform like Zilliqa or Ethereum costs gas. With gas you basically pay for computational costs. Sending a ZIL from address A to address B costs 0.001 ZIL currently. Smart contracts are more complex, often involve various functions and require more gas (if gas is a new concept click here ).
 
So with Scilla, similar to Solidity, you need to make sure that “every function in your smart contract will run as expected without hitting gas limits. An improper resource analysis may lead to situations where funds may get stuck simply because a part of the smart contract code cannot be executed due to gas limits. Such constraints are not present in traditional software systems”. Scilla design story part 1
 
Some examples of smart contract issues you’d want to avoid are: leaking funds, ‘unexpected changes to critical state variables’ (example: someone other than you setting his or her address as the owner of the smart contract after creation) or simply killing a contract.
 
Scilla also allows for formal verification. Wikipedia to the rescue: In the context of hardware and software systems, formal verification is the act of proving or disproving the correctness of intended algorithms underlying a system with respect to a certain formal specification or property, using formal methods of mathematics.
 
Formal verification can be helpful in proving the correctness of systems such as: cryptographic protocols, combinational circuits, digital circuits with internal memory, and software expressed as source code.
 
Scilla is being developed hand-in-hand with formalization of its semantics and its embedding into the Coq proof assistant — a state-of-the art tool for mechanized proofs about properties of programs.”
 
Simply put, with Scilla and accompanying tooling developers can be mathematically sure and proof that the smart contract they’ve written does what he or she intends it to do.
 
Smart contract on a sharded environment and state sharding
 
There is one more topic I’d like to touch on: smart contract execution in a sharded environment (and what is the effect of state sharding). This is a complex topic. I’m not able to explain it any easier than what is posted here. But I will try to compress the post into something easy to digest.
 
Earlier on we have established that Zilliqa can process transactions in parallel due to network sharding. This is where the linear scalability comes from. We can define simple transactions: a transaction from address A to B (Category 1), a transaction where a user interacts with one smart contract (Category 2) and the most complex ones where triggering a transaction results in multiple smart contracts being involved (Category 3). The shards are able to process transactions on their own without interference of the other shards. With Category 1 transactions that is doable, with Category 2 transactions sometimes if that address is in the same shard as the smart contract but with Category 3 you definitely need communication between the shards. Solving that requires to make a set of communication rules the protocol needs to follow in order to process all transactions in a generalised fashion.
 
And this is where the downsides of state sharding comes in currently. All shards in Zilliqa have access to the complete state. Yes the state size (0.1 GB at the moment) grows and all of the nodes need to store it but it also means that they don’t need to shop around for information available on other shards. Requiring more communication and adding more complexity. Computer science knowledge and/or developer knowledge required links if you want to dig further: Scilla - language grammar Scilla - Foundations for Verifiable Decentralised Computations on a Blockchain Gas Accounting NUS x Zilliqa: Smart contract language workshop
 
Easier to follow links on programming Scilla https://learnscilla.com/home Ivan on Tech
 
Roadmap / Zilliqa 2.0
 
There is no strict defined roadmap but here are topics being worked on. And via the Zilliqa website there is also more information on the projects they are working on.
 
Business & Partnerships
 
It’s not only technology in which Zilliqa seems to be excelling as their ecosystem has been expanding and starting to grow rapidly. The project is on a mission to provide OpenFinance (OpFi) to the world and Singapore is the right place to be due to its progressive regulations and futuristic thinking. Singapore has taken a proactive approach towards cryptocurrencies by introducing the Payment Services Act 2019 (PS Act). Among other things, the PS Act will regulate intermediaries dealing with certain cryptocurrencies, with a particular focus on consumer protection and anti-money laundering. It will also provide a stable regulatory licensing and operating framework for cryptocurrency entities, effectively covering all crypto businesses and exchanges based in Singapore. According to PWC 82% of the surveyed executives in Singapore reported blockchain initiatives underway and 13% of them have already brought the initiatives live to the market. There is also an increasing list of organizations that are starting to provide digital payment services. Moreover, Singaporean blockchain developers Building Cities Beyond has recently created an innovation $15 million grant to encourage development on its ecosystem. This all suggests that Singapore tries to position itself as (one of) the leading blockchain hubs in the world.
 
Zilliqa seems to already take advantage of this and recently helped launch Hg Exchange on their platform, together with financial institutions PhillipCapital, PrimePartners and Fundnel. Hg Exchange, which is now approved by the Monetary Authority of Singapore (MAS), uses smart contracts to represent digital assets. Through Hg Exchange financial institutions worldwide can use Zilliqa's safe-by-design smart contracts to enable the trading of private equities. For example, think of companies such as Grab, Airbnb, SpaceX that are not available for public trading right now. Hg Exchange will allow investors to buy shares of private companies & unicorns and capture their value before an IPO. Anquan, the main company behind Zilliqa, has also recently announced that they became a partner and shareholder in TEN31 Bank, which is a fully regulated bank allowing for tokenization of assets and is aiming to bridge the gap between conventional banking and the blockchain world. If STOs, the tokenization of assets, and equity trading will continue to increase, then Zilliqa’s public blockchain would be the ideal candidate due to its strategic positioning, partnerships, regulatory compliance and the technology that is being built on top of it.
 
What is also very encouraging is their focus on banking the un(der)banked. They are launching a stablecoin basket starting with XSGD. As many of you know, stablecoins are currently mostly used for trading. However, Zilliqa is actively trying to broaden the use case of stablecoins. I recommend everybody to read this text that Amrit Kumar wrote (one of the co-founders). These stablecoins will be integrated in the traditional markets and bridge the gap between the crypto world and the traditional world. This could potentially revolutionize and legitimise the crypto space if retailers and companies will for example start to use stablecoins for payments or remittances, instead of it solely being used for trading.
 
Zilliqa also released their DeFi strategic roadmap (dating November 2019) which seems to be aligning well with their OpFi strategy. A non-custodial DEX is coming to Zilliqa made by Switcheo which allows cross-chain trading (atomic swaps) between ETH, EOS and ZIL based tokens. They also signed a Memorandum of Understanding for a (soon to be announced) USD stablecoin. And as Zilliqa is all about regulations and being compliant, I’m speculating on it to be a regulated USD stablecoin. Furthermore, XSGD is already created and visible on block explorer and XIDR (Indonesian Stablecoin) is also coming soon via StraitsX. Here also an overview of the Tech Stack for Financial Applications from September 2019. Further quoting Amrit Kumar on this:
 
There are two basic building blocks in DeFi/OpFi though: 1) stablecoins as you need a non-volatile currency to get access to this market and 2) a dex to be able to trade all these financial assets. The rest are built on top of these blocks.
 
So far, together with our partners and community, we have worked on developing these building blocks with XSGD as a stablecoin. We are working on bringing a USD-backed stablecoin as well. We will soon have a decentralised exchange developed by Switcheo. And with HGX going live, we are also venturing into the tokenization space. More to come in the future.”
 
Additionally, they also have this ZILHive initiative that injects capital into projects. There have been already 6 waves of various teams working on infrastructure, innovation and research, and they are not from ASEAN or Singapore only but global: see Grantees breakdown by country. Over 60 project teams from over 20 countries have contributed to Zilliqa's ecosystem. This includes individuals and teams developing wallets, explorers, developer toolkits, smart contract testing frameworks, dapps, etc. As some of you may know, Unstoppable Domains (UD) blew up when they launched on Zilliqa. UD aims to replace cryptocurrency addresses with a human-readable name and allows for uncensorable websites. Zilliqa will probably be the only one able to handle all these transactions onchain due to ability to scale and its resulting low fees which is why the UD team launched this on Zilliqa in the first place. Furthermore, Zilliqa also has a strong emphasis on security, compliance, and privacy, which is why they partnered with companies like Elliptic, ChainSecurity (part of PwC Switzerland), and Incognito. Their sister company Aqilliz (Zilliqa spelled backwards) focuses on revolutionizing the digital advertising space and is doing interesting things like using Zilliqa to track outdoor digital ads with companies like Foodpanda.
 
Zilliqa is listed on nearly all major exchanges, having several different fiat-gateways and recently have been added to Binance’s margin trading and futures trading with really good volume. They also have a very impressive team with good credentials and experience. They don't just have “tech people”. They have a mix of tech people, business people, marketeers, scientists, and more. Naturally, it's good to have a mix of people with different skill sets if you work in the crypto space.
 
Marketing & Community
 
Zilliqa has a very strong community. If you just follow their Twitter their engagement is much higher for a coin that has approximately 80k followers. They also have been ‘coin of the day’ by LunarCrush many times. LunarCrush tracks real-time cryptocurrency value and social data. According to their data, it seems Zilliqa has a more fundamental and deeper understanding of marketing and community engagement than almost all other coins. While almost all coins have been a bit frozen in the last months, Zilliqa seems to be on its own bull run. It was somewhere in the 100s a few months ago and is currently ranked #46 on CoinGecko. Their official Telegram also has over 20k people and is very active, and their community channel which is over 7k now is more active and larger than many other official channels. Their local communities also seem to be growing.
 
Moreover, their community started ‘Zillacracy’ together with the Zilliqa core team ( see www.zillacracy.com ). It’s a community-run initiative where people from all over the world are now helping with marketing and development on Zilliqa. Since its launch in February 2020 they have been doing a lot and will also run their own non-custodial seed node for staking. This seed node will also allow them to start generating revenue for them to become a self sustaining entity that could potentially scale up to become a decentralized company working in parallel with the Zilliqa core team. Comparing it to all the other smart contract platforms (e.g. Cardano, EOS, Tezos etc.) they don't seem to have started a similar initiative (correct me if I’m wrong though). This suggests in my opinion that these other smart contract platforms do not fully understand how to utilize the ‘power of the community’. This is something you cannot ‘buy with money’ and gives many projects in the space a disadvantage.
 
Zilliqa also released two social products called SocialPay and Zeeves. SocialPay allows users to earn ZILs while tweeting with a specific hashtag. They have recently used it in partnership with the Singapore Red Cross for a marketing campaign after their initial pilot program. It seems like a very valuable social product with a good use case. I can see a lot of traditional companies entering the space through this product, which they seem to suggest will happen. Tokenizing hashtags with smart contracts to get network effect is a very smart and innovative idea.
 
Regarding Zeeves, this is a tipping bot for Telegram. They already have 1000s of signups and they plan to keep upgrading it for more and more people to use it (e.g. they recently have added a quiz features). They also use it during AMAs to reward people in real-time. It’s a very smart approach to grow their communities and get familiar with ZIL. I can see this becoming very big on Telegram. This tool suggests, again, that the Zilliqa team has a deeper understanding of what the crypto space and community needs and is good at finding the right innovative tools to grow and scale.
 
To be honest, I haven’t covered everything (i’m also reaching the character limited haha). So many updates happening lately that it's hard to keep up, such as the International Monetary Fund mentioning Zilliqa in their report, custodial and non-custodial Staking, Binance Margin, Futures, Widget, entering the Indian market, and more. The Head of Marketing Colin Miles has also released this as an overview of what is coming next. And last but not least, Vitalik Buterin has been mentioning Zilliqa lately acknowledging Zilliqa and mentioning that both projects have a lot of room to grow. There is much more info of course and a good part of it has been served to you on a silver platter. I invite you to continue researching by yourself :-) And if you have any comments or questions please post here!
submitted by haveyouheardaboutit to CryptoCurrency [link] [comments]

Why Pompliano's criticism of Ether's issuance and financial system is absurd.

I have just watched an interview with Anthony Pompliano where he argues that Ethereum's issuance policy is strictly bad and that it will be abused. He also advocates for centralized automated financial systems as opposed to Ethereum's, but he does not really explain why... so I decided to share a little reflection on both subjects.
The claim that Ether is not a good store of value because of its dynamic inflationary rate is completely disregarding the trend and roadmap of Ethereum. First of all, lets establish the fact that a dynamic inflationary rate is NOT necessarily bad since it allows for a faster reduction than what was originally planned. This has been demonstrated since the current total Ether issued is LESS than what was initially estimated at this point. Ethereum roadmap is preparing for an even greater reduction in issuance that is targeting an inflationary rate LOWER than Bitcoin's - this should happen in the next couple of years as PoW phases out. A sustainable ZERO inflationary rate will be achieved through the elimination of PoS, EIP 1559 and layer zero scalability via sharding. This is something (long term sustainability) that Bitcoin does not have since it is expected that the price of Bitcoin must double in between every halvening event in order to maintain hash rates. The operational cost of securing Bitcoin is unsustainable... for now there is only wishful thinking that somehow layer scaling will be able to sustain the network exclusively via fees, but there is no tangible plan to achieve it. This dynamic is a ticking time bomb and Bitcoin has a serious long term risk of self imploding due to the periodic reduction of incentive for miners to secure the network. Not to mention that the understanding of what Bitcoin should be and how should function is adopting the OLD paradigm of money and financial systems.
Is it really necessary to make the argument that a financial system that is decentralized, censorship resistant and permission-less is more desirable and valuable than centralized/externalized systems? The new paradigm of money calls for built-in integration with a financial system that provides the same awesome properties that made Bitcoin so powerful: censorship resistant, decentralized, permission-less, trust-less. The ability to transparently issue and transact digital assets is integral to the new global economic paradigm. Externalizing a monetary token such as Bitcoin exponentially increases risk as it introduces an additional network and potential third parties - this dramatically reduces the golden qualities of a self-contained cryptographic network.
submitted by TheWierdGuy to CryptoCurrency [link] [comments]

The Truth about Bitcoin?

Part 1/4 - NSA Connection:
First off, the SHA-256 algorithm, which stands for Secure Hash Algorithm 256, is a member of the SHA-2 cryptographic hash functions designed by the NSA and first published in 2001.
SHA-256, like other hash functions, takes any input and produces an output (often called a hash) of fixed length. The output of a hashing algorithm such as SHA-256 will always be the same length - regardless of the input size. Specifically, the output is, as the name suggests, 256 bits.
Moreover, all outputs appear completely random and offer no information about the input that created it.
The Bitcoin Network utilises the SHA-256 algorithm for mining and the creation of new addresses.
Who is Satoshi Nakamoto? What does Satoshi Nakamoto mean?
Out of respect for their anonymity, it would be rude to speculate in a video about who Satoshi Nakamoto is likely to be. The reality is, it's not important. Let me explain: Any human being can be attacked. Jesus could come back from the dead, and there would be haters. Therefore, the Satoshi Nakamoto approach neutralises the natural human herd behaviour, exacerbated by the media, to attack and discredit. This is a very important part of Bitcoin's success thus far. Also, from a security perspective, those who wish to dox Satoshi Nakamoto in a video are essentially putting his, or her, or their, life at risk...for the sake of views.
As a genius who has produced an innovation not just from a technical perspective but also a monetary perspective, they should be treated with more respect than that.
As for the name Satoshi Nakamoto, I would speculate that it is a homage to Tatsuaki Okamoto and Satoshi Obana - two cryptographers from Japan. There is another reason for the name, but that...is confidential.
In 1996, the NSA's Cryptology Division of their Office of Information Security Research and Technology published a paper titled: "How to make a mint: The cryptography of anonymous electronic cash", first publishing it in an MIT mailing list and later, in 1997, in the American University Law Review. One of the researchers they referenced was Tatsuaki Okamoto.

Part 2/4 - 'Crypto Market':
Most of the crypto market is a scam.
By the way, this was predicted very early on in the Bitcoin Talk forums - check out this interaction from November 8th, 2010:
"if bitcoin really takes off I can see lots of get-rich-quick imitators coming on the scene: gitcoin, nitcoin, witcoin, titcoin, shitcoin...
Of course the cheap imitators will disappear as quickly as those 1990s "internet currencies", but lots of people will get burned along the way."
To which Bitcoin OG Gavin Andresen replies:
"I agree - we're in the Wild West days of open-source currency. I expect people will get burned by scams, imitators, ponzi schemes and price bubbles."
"I don't think there's a whole lot that can be done about scammers, imitators and ponzi schemes besides warning people to be careful with their money (whether dollars, euros or bitcoins)."
Now, on the one hand, lack of regulation is more meritocratic (as you don't have to be an accredited investor just to get access).
On the other hand, it means that crypto is, as Gavin said, a Wild West environment, with many cowboys in the Desert. Be careful.
This is the same with most online courses - particularly 'How to get rich quick' courses - however with crypto you have an exponential increase in the supply of victims during the bull cycles so it is particularly prevalent during those times.
In addition to this, leverage trading exchanges, which are no different to casinos, prey on naive retail traders who:
A) Think they can outsmart professional traders with actual risk management skills; and
B) Think they can outsmart the exchanges themselves who have an informational advantage as well as an incentive to chase stop losses and liquidate positions.

Part 3/4 - CBDCs:
The Fed and Central Banks around the world have printed themselves into a corner.
Quantitative easing was the band-aid for the Great Financial Crisis in 2008, and more recent events have propelled the rate of money printing to absurd levels.
This means that all currencies are in a race to zero - and it becomes a game of who can print more fiat faster.
The powers that be know that this fiat frenzy is unsustainable, and that more and more people are becoming aware that it is a debt based system, based on nothing.
The monetary system devised by bankers, for bankers, in 1913 on Jekyll Island and supercharged in 1971 is fairly archaic and also does not allow for meritocratic value transfer - fiat printing itself increases inequality.
They, obviously, know this (as it is by design).
The issue (for them) is that more and more people are starting to become aware of this.
Moving to a modernised monetary system will allow those who have rigged the rules of the game for the last Century to get away scot-free.
It will also pave the way for a new wealthy, and more tech literate, elite to emerge - again predicted in the Bitcoin Talk forums.
Now...back to the powers that be.
Bitcoin provides a natural transition to Central Bank Digital Currencies (CBDCs) and what I would describe as Finance 2.0, but what are the benefits of CBDCs for the state?
More control, easier tax collection, more flexibility in monetary policy (i.e. negative interest rates) and generally a more efficient monetary system.
This leads us to the kicker: which is the war on cash. The cashless society was a fantasy just a few years ago, however now it doesn't seem so far fetched. No comment.

Part 4/4 - Bitcoin:
What about Bitcoin?
Well, Bitcoin has incredibly strong network effects; it is the most powerful computer network in the World.
But what about Bitcoin's reputation?
Bankers hate it.
Warren Buffett hates it.
Precisely, and the public hates bankers.
Sure, the investing public respects Buffett, but the general public perception of anyone worth $73 billion is not exactly at all time highs right now amid record wealth inequality.
In the grand scheme of things, the market cap of Bitcoin is currently around $179 billion.
For example, the market cap of Gold is around $9 trillion, which is 50x the Market Cap of Bitcoin.
Money has certain characteristics.
In my opinion, what makes Bitcoin unique is the fact that it has a finite total supply (21 million) and a predictable supply schedule via the halving events every 4 years, which cut in half the rate at which new Bitcoin is released into circulation.
Clearly, with these properties, it seems likely that Bitcoin could act as a meaningful hedge against inflation.
One of the key strengths of Bitcoin is the fact that the Network is decentralised...
Many people don't know that PayPal originally wanted to create a global currency similar to crypto.
Overall, a speculative thesis would be the following:
Satoshi Nakamoto is one of the most important entities of the 21st Century, and will accelerate the next transition of the human race.
Trusted third parties are security holes.
Bitcoin is the catalyst for Finance 2.0, whereby value transfer is conducted in a more meritocratic and decentralised fashion.
In 1964, Russian astrophysicist Nikolai Kardashev designed the Kardashev Scale.
At the time, he was looking for signs of extraterrestrial life within cosmic signals.
The Scale has three categories, which are based on the amount of usable energy a civilisation has at its disposal, and the degree of space colonisation.
Generally, a Type 1 Civilisation has achieved mastery of its home planet (10^16W);
A Type 2 Civilisation has mastery over its solar system (10^26W);
and a Type 3 Civilisation has mastery over its Galaxy (10^36W).
We humans are a Type 0 Civilisation on this Scale.
Nonetheless, our exponential technological growth in the few decades indicates that we are somewhere between Type 0 and Type 1.
In fact, according to Carl Sagan's interpolated Kardashev Scale and recent global energy consumption, we are about 0.73.
Physicist Freeman Dyson estimated that within 200 years or so, we should attain Type 1 status.
As a technology that, through its decentralisation, links entities globally and makes value transfer between humans more efficient, Bitcoin could prove a key piece of our progression as a civilisation.
What are your thoughts?
Is it true...or false?
https://www.youtube.com/watch?v=1oQLOqpP1ZM
submitted by financeoptimum to conspiracy [link] [comments]

The Truth about Bitcoin?

Part 1/4 - NSA Connection:
First off, the SHA-256 algorithm, which stands for Secure Hash Algorithm 256, is a member of the SHA-2 cryptographic hash functions designed by the NSA and first published in 2001.
SHA-256, like other hash functions, takes any input and produces an output (often called a hash) of fixed length. The output of a hashing algorithm such as SHA-256 will always be the same length - regardless of the input size. Specifically, the output is, as the name suggests, 256 bits.
Moreover, all outputs appear completely random and offer no information about the input that created it.
The Bitcoin Network utilises the SHA-256 algorithm for mining and the creation of new addresses.
Who is Satoshi Nakamoto? What does Satoshi Nakamoto mean?
Out of respect for their anonymity, it would be rude to speculate in a video about who Satoshi Nakamoto is likely to be. The reality is, it's not important. Let me explain: Any human being can be attacked. Jesus could come back from the dead, and there would be haters. Therefore, the Satoshi Nakamoto approach neutralises the natural human herd behaviour, exacerbated by the media, to attack and discredit. This is a very important part of Bitcoin's success thus far. Also, from a security perspective, those who wish to dox Satoshi Nakamoto in a video are essentially putting his, or her, or their, life at risk...for the sake of views.
As a genius who has produced an innovation not just from a technical perspective but also a monetary perspective, they should be treated with more respect than that.
As for the name Satoshi Nakamoto, I would speculate that it is a homage to Tatsuaki Okamoto and Satoshi Obana - two cryptographers from Japan. There is another reason for the name, but that...is confidential.
In 1996, the NSA's Cryptology Division of their Office of Information Security Research and Technology published a paper titled: "How to make a mint: The cryptography of anonymous electronic cash", first publishing it in an MIT mailing list and later, in 1997, in the American University Law Review. One of the researchers they referenced was Tatsuaki Okamoto.

Part 2/4 - 'Crypto Market':
Most of the crypto market is a scam.
By the way, this was predicted very early on in the Bitcoin Talk forums - check out this interaction from November 8th, 2010:
"if bitcoin really takes off I can see lots of get-rich-quick imitators coming on the scene: gitcoin, nitcoin, witcoin, titcoin, shitcoin...
Of course the cheap imitators will disappear as quickly as those 1990s "internet currencies", but lots of people will get burned along the way."
To which Bitcoin OG Gavin Andresen replies:
"I agree - we're in the Wild West days of open-source currency. I expect people will get burned by scams, imitators, ponzi schemes and price bubbles."
"I don't think there's a whole lot that can be done about scammers, imitators and ponzi schemes besides warning people to be careful with their money (whether dollars, euros or bitcoins)."
Now, on the one hand, lack of regulation is more meritocratic (as you don't have to be an accredited investor just to get access).
On the other hand, it means that crypto is, as Gavin said, a Wild West environment, with many cowboys in the Desert. Be careful.
This is the same with most online courses - particularly 'How to get rich quick' courses - however with crypto you have an exponential increase in the supply of victims during the bull cycles so it is particularly prevalent during those times.
In addition to this, leverage trading exchanges, which are no different to casinos, prey on naive retail traders who:
A) Think they can outsmart professional traders with actual risk management skills; and
B) Think they can outsmart the exchanges themselves who have an informational advantage as well as an incentive to chase stop losses and liquidate positions.

Part 3/4 - CBDCs:
The Fed and Central Banks around the world have printed themselves into a corner.
Quantitative easing was the band-aid for the Great Financial Crisis in 2008, and more recent events have propelled the rate of money printing to absurd levels.
This means that all currencies are in a race to zero - and it becomes a game of who can print more fiat faster.
The powers that be know that this fiat frenzy is unsustainable, and that more and more people are becoming aware that it is a debt based system, based on nothing.
The monetary system devised by bankers, for bankers, in 1913 on Jekyll Island and supercharged in 1971 is fairly archaic and also does not allow for meritocratic value transfer - fiat printing itself increases inequality.
They, obviously, know this (as it is by design).
The issue (for them) is that more and more people are starting to become aware of this.
Moving to a modernised monetary system will allow those who have rigged the rules of the game for the last Century to get away scot-free.
It will also pave the way for a new wealthy, and more tech literate, elite to emerge - again predicted in the Bitcoin Talk forums.
Now...back to the powers that be.
Bitcoin provides a natural transition to Central Bank Digital Currencies (CBDCs) and what I would describe as Finance 2.0, but what are the benefits of CBDCs for the state?
More control, easier tax collection, more flexibility in monetary policy (i.e. negative interest rates) and generally a more efficient monetary system.
This leads us to the kicker: which is the war on cash. The cashless society was a fantasy just a few years ago, however now it doesn't seem so far fetched. No comment.

Part 4/4 - Bitcoin:
What about Bitcoin?
Well, Bitcoin has incredibly strong network effects; it is the most powerful computer network in the World.
But what about Bitcoin's reputation?
Bankers hate it.
Warren Buffett hates it.
Precisely, and the public hates bankers.
Sure, the investing public respects Buffett, but the general public perception of anyone worth $73 billion is not exactly at all time highs right now amid record wealth inequality.
In the grand scheme of things, the market cap of Bitcoin is currently around $179 billion.
For example, the market cap of Gold is around $9 trillion, which is 50x the Market Cap of Bitcoin.
Money has certain characteristics.
In my opinion, what makes Bitcoin unique is the fact that it has a finite total supply (21 million) and a predictable supply schedule via the halving events every 4 years, which cut in half the rate at which new Bitcoin is released into circulation.
Clearly, with these properties, it seems likely that Bitcoin could act as a meaningful hedge against inflation.
One of the key strengths of Bitcoin is the fact that the Network is decentralised...
Many people don't know that PayPal originally wanted to create a global currency similar to crypto.
Overall, a speculative thesis would be the following:
Satoshi Nakamoto is one of the most important entities of the 21st Century, and will accelerate the next transition of the human race.
Trusted third parties are security holes.
Bitcoin is the catalyst for Finance 2.0, whereby value transfer is conducted in a more meritocratic and decentralised fashion.
In 1964, Russian astrophysicist Nikolai Kardashev designed the Kardashev Scale.
At the time, he was looking for signs of extraterrestrial life within cosmic signals.
The Scale has three categories, which are based on the amount of usable energy a civilisation has at its disposal, and the degree of space colonisation.
Generally, a Type 1 Civilisation has achieved mastery of its home planet (10^16W);
A Type 2 Civilisation has mastery over its solar system (10^26W);
and a Type 3 Civilisation has mastery over its Galaxy (10^36W).
We humans are a Type 0 Civilisation on this Scale.
Nonetheless, our exponential technological growth in the few decades indicates that we are somewhere between Type 0 and Type 1.
In fact, according to Carl Sagan's interpolated Kardashev Scale and recent global energy consumption, we are about 0.73.
Physicist Freeman Dyson estimated that within 200 years or so, we should attain Type 1 status.
As a technology that, through its decentralisation, links entities globally and makes value transfer between humans more efficient, Bitcoin could prove a key piece of our progression as a civilisation.
What are your thoughts?
Is it true...or false?
https://www.youtube.com/watch?v=1oQLOqpP1ZM
submitted by financeoptimum to CryptoCurrency [link] [comments]

Pompliano has recently criticized Ethereum's issuance policy and financial system. Here is why he is wrong and why Ethereum has a brighter future than Bitcoin.

I have just watched an interview with Anthony Pompliano where he argues that Ethereum's issuance policy is strictly bad and that it will be abused. He also advocates for centralized automated financial systems as opposed to Ethereum's, but he does not really explain why... so I decided to share a little reflection on both subjects.
  1. The claim that Ether is not a good store of value because of its dynamic inflationary rate is completely disregarding the trend and roadmap of Ethereum. First of all, lets establish the fact that a dynamic inflationary rate is NOT necessarily bad since it allows for a faster reduction than what was originally planned AND it still abides by consensus. This has been demonstrated since the current total Ether issued is LESS than what was initially estimated at this point. Ethereum roadmap is preparing for an even greater reduction in issuance that is targeting an inflationary rate LOWER than Bitcoin's - this should happen in the next couple of years as PoW phases out. A sustainable ZERO inflationary rate will be achieved through the transition to the "Proof of Stake" (PoS) consensus mechanism, EIP 1559 and layer zero scalability via sharding. This is something (long term sustainability) that Bitcoin does not have since it is expected that the price of Bitcoin must double in between every halvening event in order to maintain hash rates. The operational cost of operating the Bitcoin network is unsustainable... for now there is only wishful thinking that somehow layer 1 scaling will be able to sustain the network exclusively via fees, but there is no tangible plan to achieve it. This dynamic is a ticking time bomb and Bitcoin has a serious long term risk of self imploding due to the periodic reduction of incentive for miners to secure the network. Not to mention that the understanding of what Bitcoin should be and how should function is adopting the OLD paradigm of money and financial systems.
  2. Is it really necessary to make the argument that a financial system that is decentralized, censorship resistant and permission-less is more desirable and valuable than centralized/externalized systems? The new paradigm of money calls for built-in integration with a financial system that provides the same awesome properties that made Bitcoin so powerful: censorship resistant, decentralized, permission-less, trust-less. The ability to transparently issue and transact digital assets is integral to the new global economic paradigm. Externalizing a monetary token such as Bitcoin exponentially increases risk as it introduces an additional network and potential third parties - this dramatically reduces the golden qualities of a self-contained cryptographic network. The internet was successful because it was an effective protocol to exchange any kind of digital information. The protocol never imposed were restrictions that limited use cases or scale. The next digital revolution will be led by a protocol that allows for exchange, issuance and automation of digital assets - whatever they may be. It is a financial revolution, and the monetary aspect of it is just a slice of the whole. We have to adapt our way of thinking to fit into an entirely new paradigm. This makes understanding Bitcoin difficult, and the likes of Ethereum even more so.
submitted by TheWierdGuy to ethtrader [link] [comments]

The Truth about Bitcoin?

Part 1/4 - NSA Connection:
First off, the SHA-256 algorithm, which stands for Secure Hash Algorithm 256, is a member of the SHA-2 cryptographic hash functions designed by the NSA and first published in 2001.
SHA-256, like other hash functions, takes any input and produces an output (often called a hash) of fixed length. The output of a hashing algorithm such as SHA-256 will always be the same length - regardless of the input size. Specifically, the output is, as the name suggests, 256 bits.
Moreover, all outputs appear completely random and offer no information about the input that created it.
The Bitcoin Network utilises the SHA-256 algorithm for mining and the creation of new addresses.
Who is Satoshi Nakamoto? What does Satoshi Nakamoto mean?
Out of respect for their anonymity, it would be rude to speculate in a video about who Satoshi Nakamoto is likely to be. The reality is, it's not important. Let me explain: Any human being can be attacked. Jesus could come back from the dead, and there would be haters. Therefore, the Satoshi Nakamoto approach neutralises the natural human herd behaviour, exacerbated by the media, to attack and discredit. This is a very important part of Bitcoin's success thus far. Also, from a security perspective, those who wish to dox Satoshi Nakamoto in a video are essentially putting his, or her, or their, life at risk...for the sake of views.
As a genius who has produced an innovation not just from a technical perspective but also a monetary perspective, they should be treated with more respect than that.
As for the name Satoshi Nakamoto, I would speculate that it is a homage to Tatsuaki Okamoto and Satoshi Obana - two cryptographers from Japan. There is another reason for the name, but that...is confidential.
In 1996, the NSA's Cryptology Division of their Office of Information Security Research and Technology published a paper titled: "How to make a mint: The cryptography of anonymous electronic cash", first publishing it in an MIT mailing list and later, in 1997, in the American University Law Review. One of the researchers they referenced was Tatsuaki Okamoto.

Part 2/4 - 'Crypto Market':
Most of the crypto market is a scam.
By the way, this was predicted very early on in the Bitcoin Talk forums - check out this interaction from November 8th, 2010:
"if bitcoin really takes off I can see lots of get-rich-quick imitators coming on the scene: gitcoin, nitcoin, witcoin, titcoin, shitcoin...
Of course the cheap imitators will disappear as quickly as those 1990s "internet currencies", but lots of people will get burned along the way."
To which Bitcoin OG Gavin Andresen replies:
"I agree - we're in the Wild West days of open-source currency. I expect people will get burned by scams, imitators, ponzi schemes and price bubbles."
"I don't think there's a whole lot that can be done about scammers, imitators and ponzi schemes besides warning people to be careful with their money (whether dollars, euros or bitcoins)."
Now, on the one hand, lack of regulation is more meritocratic (as you don't have to be an accredited investor just to get access).
On the other hand, it means that crypto is, as Gavin said, a Wild West environment, with many cowboys in the Desert. Be careful.
This is the same with most online courses - particularly 'How to get rich quick' courses - however with crypto you have an exponential increase in the supply of victims during the bull cycles so it is particularly prevalent during those times.
In addition to this, leverage trading exchanges, which are no different to casinos, prey on naive retail traders who:
A) Think they can outsmart professional traders with actual risk management skills; and
B) Think they can outsmart the exchanges themselves who have an informational advantage as well as an incentive to chase stop losses and liquidate positions.

Part 3/4 - CBDCs:
The Fed and Central Banks around the world have printed themselves into a corner.
Quantitative easing was the band-aid for the Great Financial Crisis in 2008, and more recent events have propelled the rate of money printing to absurd levels.
This means that all currencies are in a race to zero - and it becomes a game of who can print more fiat faster.
The powers that be know that this fiat frenzy is unsustainable, and that more and more people are becoming aware that it is a debt based system, based on nothing.
The monetary system devised by bankers, for bankers, in 1913 on Jekyll Island and supercharged in 1971 is fairly archaic and also does not allow for meritocratic value transfer - fiat printing itself increases inequality.
They, obviously, know this (as it is by design).
The issue (for them) is that more and more people are starting to become aware of this.
Moving to a modernised monetary system will allow those who have rigged the rules of the game for the last Century to get away scot-free.
It will also pave the way for a new wealthy, and more tech literate, elite to emerge - again predicted in the Bitcoin Talk forums.
Now...back to the powers that be.
Bitcoin provides a natural transition to Central Bank Digital Currencies (CBDCs) and what I would describe as Finance 2.0, but what are the benefits of CBDCs for the state?
More control, easier tax collection, more flexibility in monetary policy (i.e. negative interest rates) and generally a more efficient monetary system.
This leads us to the kicker: which is the war on cash. The cashless society was a fantasy just a few years ago, however now it doesn't seem so far fetched. No comment.

Part 4/4 - Bitcoin:
What about Bitcoin?
Well, Bitcoin has incredibly strong network effects; it is the most powerful computer network in the World.
But what about Bitcoin's reputation?
Bankers hate it.
Warren Buffett hates it.
Precisely, and the public hates bankers.
Sure, the investing public respects Buffett, but the general public perception of anyone worth $73 billion is not exactly at all time highs right now amid record wealth inequality.
In the grand scheme of things, the market cap of Bitcoin is currently around $179 billion.
For example, the market cap of Gold is around $9 trillion, which is 50x the Market Cap of Bitcoin.
Money has certain characteristics.
In my opinion, what makes Bitcoin unique is the fact that it has a finite total supply (21 million) and a predictable supply schedule via the halving events every 4 years, which cut in half the rate at which new Bitcoin is released into circulation.
Clearly, with these properties, it seems likely that Bitcoin could act as a meaningful hedge against inflation.
One of the key strengths of Bitcoin is the fact that the Network is decentralised...
Many people don't know that PayPal originally wanted to create a global currency similar to crypto.
Overall, a speculative thesis would be the following:
Satoshi Nakamoto is one of the most important entities of the 21st Century, and will accelerate the next transition of the human race.
Trusted third parties are security holes.
Bitcoin is the catalyst for Finance 2.0, whereby value transfer is conducted in a more meritocratic and decentralised fashion.
In 1964, Russian astrophysicist Nikolai Kardashev designed the Kardashev Scale.
At the time, he was looking for signs of extraterrestrial life within cosmic signals.
The Scale has three categories, which are based on the amount of usable energy a civilisation has at its disposal, and the degree of space colonisation.
Generally, a Type 1 Civilisation has achieved mastery of its home planet (10^16W);
A Type 2 Civilisation has mastery over its solar system (10^26W);
and a Type 3 Civilisation has mastery over its Galaxy (10^36W).
We humans are a Type 0 Civilisation on this Scale.
Nonetheless, our exponential technological growth in the few decades indicates that we are somewhere between Type 0 and Type 1.
In fact, according to Carl Sagan's interpolated Kardashev Scale and recent global energy consumption, we are about 0.73.
Physicist Freeman Dyson estimated that within 200 years or so, we should attain Type 1 status.
As a technology that, through its decentralisation, links entities globally and makes value transfer between humans more efficient, Bitcoin could prove a key piece of our progression as a civilisation.
What are your thoughts?
Is it true...or false?
https://www.youtube.com/watch?v=1oQLOqpP1ZM
submitted by financeoptimum to Money [link] [comments]

RiB Newsletter #13 – Stuck inside, hacking away

It was another month in 2020, like previous months in 2020. Stuck inside, hacking away.
We don’t see a consistent blockchain Rust theme to highlight this month, but interesting new Rust crypto and blockchain projects continue to be launched. They are noted in the “Interesting Things” section.
Oasis launched what will probably become their mainnet. Congrats to them!
Ethereum 2 keeps creeping closer, and it looks like Lighthouse, in Rust, might be the fastest implementation.
The Holochain team asked that we highlight the Holochain DevCamp, running until August 27th. Now is your opportunity to learn more about the project. There are a number of other online blockchain hackathons going on this summer, noted in our “Events” section. Could be a good way to spend time this summer instead of going to the beach.
Well, anyway, keep on hacking.

Thanks

This edition of RiB was produced with contributions from Darosior, James Waugh, Ken Shamir, Paulii Good, Taylor Lee, Brian Anderson, and Aimee Zhu. Thank you for your help!
RiB needs help to keep up with Rust blockchain projects. If you follow a particular project, or otherwise find information that is beneficial to the Rust & blockchain community, please contribute to the next issue. Either submit a PR to the #14 draft, or Tweet @rust_blockchain.

Project Spotlight

Each month we like to shine a light on a notable Rust blockchain project. This month that project is…
electrs.
electrs is a server for the Electrum Bitcoin wallet, written in Rust. Electrum is a light wallet that needs to connect to a server to transact with the Bitcoin network. Although there are public Electrum servers, and they are safe to transact with, they can deanonymize users, so it might be prudent to run one’s own Electrum server, like electrs , or bwt (also written in Rust).
As mentioned recently in a blog post, Blockstream, one of the primary Bitcoin developers, uses electrs in its block explorer, esplora, which is live at blockstream.info.

Interesting Things

News

Blog Posts

Papers

Projects

Videos


Read more: https://rustinblockchain.org/newsletters/2020-07-01-stuck-inside-hacking-away/
submitted by Aimeedeer to rust [link] [comments]

Why Pompliano's criticism of Ethereum's issuance policy and financial system is absurd.

I have just watched an interview with Anthony Pompliano where he argues that Ethereum's issuance policy is strictly bad and that it will be abused. He also advocates for centralized automated financial systems as opposed to Ethereum's, but he does not really explain why... so I decided to share a little reflection on both subjects.
  1. The claim that Ether is not a good store of value because of its dynamic inflationary rate is completely disregarding the trend and roadmap of Ethereum. First of all, lets establish the fact that a dynamic inflationary rate is NOT necessarily bad since it allows for a faster reduction than what was originally planned. This has been demonstrated since the current total Ether issued is LESS than what was initially estimated at this point. Ethereum roadmap is preparing for an even greater reduction in issuance that is targeting an inflationary rate LOWER than Bitcoin's - this should happen in the next couple of years as PoW phases out. A sustainable ZERO inflationary rate will be achieved through the elimination of PoS, EIP 1559 and layer zero scalability via sharding. This is something (long term sustainability) that Bitcoin does not have since it is expected that the price of Bitcoin must double in between every halvening event in order to maintain hash rates. The operational cost of securing Bitcoin is unsustainable... for now there is only wishful thinking that somehow layer scaling will be able to sustain the network exclusively via fees, but there is no tangible plan to achieve it. This dynamic is a ticking time bomb and Bitcoin has a serious long term risk of self imploding due to the periodic reduction of incentive for miners to secure the network. Not to mention that the understanding of what and how Bitcoin should function is adopting the OLD paradigm of money and financial systems.
  2. Is it really necessary to make the argument that a financial system that is decentralized, censorship resistant and permission-less is more desirable and valuable than centralized/externalized systems? The new paradigm of money calls for built-in integration with a financial system that provides the same awesome properties that made Bitcoin so powerful: censorship resistant, decentralized, permission-less, trust-less. The ability to transparently issue and transact digital assets is integral to the new global economic paradigm. Externalizing a monetary token such as Bitcoin exponentially increases risk as it introduces an additional network and potential third parties - this dramatically reduces the golden qualities of a self-contained cryptographic network.
submitted by TheWierdGuy to ethereum [link] [comments]

The Truth about Bitcoin?

Part 1/4 - NSA Connection:
First off, the SHA-256 algorithm, which stands for Secure Hash Algorithm 256, is a member of the SHA-2 cryptographic hash functions designed by the NSA and first published in 2001.
SHA-256, like other hash functions, takes any input and produces an output (often called a hash) of fixed length. The output of a hashing algorithm such as SHA-256 will always be the same length - regardless of the input size. Specifically, the output is, as the name suggests, 256 bits.
Moreover, all outputs appear completely random and offer no information about the input that created it.
The Bitcoin Network utilises the SHA-256 algorithm for mining and the creation of new addresses.
Who is Satoshi Nakamoto? What does Satoshi Nakamoto mean?
Out of respect for their anonymity, it would be rude to speculate in a video about who Satoshi Nakamoto is likely to be. The reality is, it's not important. Let me explain: Any human being can be attacked. Jesus could come back from the dead, and there would be haters. Therefore, the Satoshi Nakamoto approach neutralises the natural human herd behaviour, exacerbated by the media, to attack and discredit. This is a very important part of Bitcoin's success thus far. Also, from a security perspective, those who wish to dox Satoshi Nakamoto in a video are essentially putting his, or her, or their, life at risk...for the sake of views.
As a genius who has produced an innovation not just from a technical perspective but also a monetary perspective, they should be treated with more respect than that.
As for the name Satoshi Nakamoto, I would speculate that it is a homage to Tatsuaki Okamoto and Satoshi Obana - two cryptographers from Japan. There is another reason for the name, but that...is confidential.
In 1996, the NSA's Cryptology Division of their Office of Information Security Research and Technology published a paper titled: "How to make a mint: The cryptography of anonymous electronic cash", first publishing it in an MIT mailing list and later, in 1997, in the American University Law Review. One of the researchers they referenced was Tatsuaki Okamoto.

Part 2/4 - 'Crypto Market':
Most of the crypto market is a scam.
By the way, this was predicted very early on in the Bitcoin Talk forums - check out this interaction from November 8th, 2010:
"if bitcoin really takes off I can see lots of get-rich-quick imitators coming on the scene: gitcoin, nitcoin, witcoin, titcoin, shitcoin...
Of course the cheap imitators will disappear as quickly as those 1990s "internet currencies", but lots of people will get burned along the way."
To which Bitcoin OG Gavin Andresen replies:
"I agree - we're in the Wild West days of open-source currency. I expect people will get burned by scams, imitators, ponzi schemes and price bubbles."
"I don't think there's a whole lot that can be done about scammers, imitators and ponzi schemes besides warning people to be careful with their money (whether dollars, euros or bitcoins)."
Now, on the one hand, lack of regulation is more meritocratic (as you don't have to be an accredited investor just to get access).
On the other hand, it means that crypto is, as Gavin said, a Wild West environment, with many cowboys in the Desert. Be careful.
This is the same with most online courses - particularly 'How to get rich quick' courses - however with crypto you have an exponential increase in the supply of victims during the bull cycles so it is particularly prevalent during those times.
In addition to this, leverage trading exchanges, which are no different to casinos, prey on naive retail traders who:
A) Think they can outsmart professional traders with actual risk management skills; and
B) Think they can outsmart the exchanges themselves who have an informational advantage as well as an incentive to chase stop losses and liquidate positions.

Part 3/4 - CBDCs:
The Fed and Central Banks around the world have printed themselves into a corner.
Quantitative easing was the band-aid for the Great Financial Crisis in 2008, and more recent events have propelled the rate of money printing to absurd levels.
This means that all currencies are in a race to zero - and it becomes a game of who can print more fiat faster.
The powers that be know that this fiat frenzy is unsustainable, and that more and more people are becoming aware that it is a debt based system, based on nothing.
The monetary system devised by bankers, for bankers, in 1913 on Jekyll Island and supercharged in 1971 is fairly archaic and also does not allow for meritocratic value transfer - fiat printing itself increases inequality.
They, obviously, know this (as it is by design).
The issue (for them) is that more and more people are starting to become aware of this.
Moving to a modernised monetary system will allow those who have rigged the rules of the game for the last Century to get away scot-free.
It will also pave the way for a new wealthy, and more tech literate, elite to emerge - again predicted in the Bitcoin Talk forums.
Now...back to the powers that be.
Bitcoin provides a natural transition to Central Bank Digital Currencies (CBDCs) and what I would describe as Finance 2.0, but what are the benefits of CBDCs for the state?
More control, easier tax collection, more flexibility in monetary policy (i.e. negative interest rates) and generally a more efficient monetary system.
This leads us to the kicker: which is the war on cash. The cashless society was a fantasy just a few years ago, however now it doesn't seem so far fetched. No comment.

Part 4/4 - Bitcoin:
What about Bitcoin?
Well, Bitcoin has incredibly strong network effects; it is the most powerful computer network in the World.
But what about Bitcoin's reputation?
Bankers hate it.
Warren Buffett hates it.
Precisely, and the public hates bankers.
Sure, the investing public respects Buffett, but the general public perception of anyone worth $73 billion is not exactly at all time highs right now amid record wealth inequality.
In the grand scheme of things, the market cap of Bitcoin is currently around $179 billion.
For example, the market cap of Gold is around $9 trillion, which is 50x the Market Cap of Bitcoin.
Money has certain characteristics.
In my opinion, what makes Bitcoin unique is the fact that it has a finite total supply (21 million) and a predictable supply schedule via the halving events every 4 years, which cut in half the rate at which new Bitcoin is released into circulation.
Clearly, with these properties, it seems likely that Bitcoin could act as a meaningful hedge against inflation.
One of the key strengths of Bitcoin is the fact that the Network is decentralised...
Many people don't know that PayPal originally wanted to create a global currency similar to crypto.
Overall, a speculative thesis would be the following:
Satoshi Nakamoto is one of the most important entities of the 21st Century, and will accelerate the next transition of the human race.
Trusted third parties are security holes.
Bitcoin is the catalyst for Finance 2.0, whereby value transfer is conducted in a more meritocratic and decentralised fashion.
In 1964, Russian astrophysicist Nikolai Kardashev designed the Kardashev Scale.
At the time, he was looking for signs of extraterrestrial life within cosmic signals.
The Scale has three categories, which are based on the amount of usable energy a civilisation has at its disposal, and the degree of space colonisation.
Generally, a Type 1 Civilisation has achieved mastery of its home planet (10^16W);
A Type 2 Civilisation has mastery over its solar system (10^26W);
and a Type 3 Civilisation has mastery over its Galaxy (10^36W).
We humans are a Type 0 Civilisation on this Scale.
Nonetheless, our exponential technological growth in the few decades indicates that we are somewhere between Type 0 and Type 1.
In fact, according to Carl Sagan's interpolated Kardashev Scale and recent global energy consumption, we are about 0.73.
Physicist Freeman Dyson estimated that within 200 years or so, we should attain Type 1 status.
As a technology that, through its decentralisation, links entities globally and makes value transfer between humans more efficient, Bitcoin could prove a key piece of our progression as a civilisation.
What are your thoughts?
Is it true...or false?
https://www.youtube.com/watch?v=1oQLOqpP1ZM
submitted by financeoptimum to economy [link] [comments]

I’m Making An Infographic Explaining Blockchain Tech...Any Input Is Appreciated!

I’m Making An Infographic Explaining Blockchain Tech...Any Input Is Appreciated! submitted by InMyDayTVwasBooks to btc [link] [comments]

Let's talk about IOTA (serious)

I will be honest with you. IOTA is the project I put all of my hopes in since mid 2017 and also the one I’m invested in the most. But I definitely lost a lot of faith in IOTA over the last years. My intention for this post is not to spread FUD. I’d really like to discuss some topics that seem very odd and I’d appreciate your input. If I got things wrong please feel free to correct me. I will try to add some sources but most of these things are well known within the community. If you need information more you can join the official discord and read back past announcements or use the search function to find certain discussions.
We all know that IOTA promised a lot over the past years but there are very few things that actually happened. A lot of things that made IOTA special and a lot of things that were promoted along the way simply will not happen or will be removed in the future. Many of these things have already or will impact the price. Here are my comments towards...

1. The coordinator just directs the flow of the tangle
I guess everyone knows by now. IOTA is centralized. Value transactions have been disabled for almost a month now. Nobody can move their funds because the coordinator is down. Next topic.

2. IOTA can scale
In the past, IOTA was always promoted as a cryptocurrency that could scale. One transaction has to confirm two others. Spam helps the network. Spam the network to help make it faster. The coordinator will be shut down as soon as the network reaches a certain number of transactions per second.
Today we know that all of this is not true. IOTA 1.0 (the current IOTA) cannot scale. Spamming only forces the nodes to make snapshots more often because they run out of space. Too much spam kills the network. IOTA 1.0 doesn’t work. We need a totally new approach. Even the “one transaction has to confirm two others” rule might not stay. [1]

3. JINN
In the past the Founders always said that IOTA was developed for JINN. A Trinary Processor developed by a company owned by Sergey Ivancheglo (CFB) and David Sonstebo. That’s why IOTA is Trinary. [2] Now after years of research and development we get huge news: JINN is dead. [3]
Also, CFB leaves IOTA and threatens to sue David Sonstebo. David and CFB engage in an open twitter and discord war. CFB wants to work on his own Trinary version of IOTA [4]

4. Trinary
IOTA will switch to Binary after wasting years with programming everything with Trinary hardware in mind. [5] [6]

5. The Trinary hash function Troika [7]
IOTA and CYBERCRYPT developed a new Trinary hash function for IOTA. With the switch to Binary this hash function is now useless and all the time and resources spent on it were wasted.

6. Signature Scheme
IOTA uses Winternitz One Time Signatures (WOTS) to make it quantum secure. This is the reason why it’s not safe to send from an address twice. Ok, just don’t reuse addresses, what’s the problem? The problem is that everything that is build for IOTA from wallets to exchange integrations is way more complicated to program and maintain than any other crypto. If I was an exchange I’d never ever list IOTA. Additionally, people that are only familiar with other cryptos might reuse an address and put their funds at risk. And this happens a lot. And for what? There are no quantum computers. Now after years it seems the IOTA Foundation finally realized that WOTS suck for adoption and want to add another signature scheme which allows address reuse and is not quantum secure. So much time wasted. [6]

7. Switch from a balance model to UTXO model [6] [7]
UTXO will be so much better and easier than our current model. Much innovation. But Bitcoin and other cryptos have been using the UTXO model from the beginning.

8. People leaving the IOTA Foundation
A lot of great people left the IOTA Foundation and for most we don’t know why. To my knowledge there is no public list of people who still work for the IF. Here are some people who left (most silently):
Samuel Reid, Rolf Werner, Ralf Rottmann, David Cohen, Jesse Babbra, Andreas Osowksi, John D. Licciardello, Gur Huberman, Alisa Maas, Janine Hartel, Lukas Tassanyi (MicroHash)
And these are just a few I found after a quick search in Discord.

9. Qubic (Q)
There was a huge hype around Q even before it was announced. There was a new website including a countdown. Until today we actually didn’t see anything significant related to Q except some posts by Eric Hop indicating that qubic is still very far away.

10. IOTA 2.0 (Coordicide)
The developers spent (wasted) years fixing IOTA 1.0 until they finally realized that it doesn’t work (it’s centralized and not scalable) although they told us it was simulated and well researched before. The IOTA Foundation repeatedly publicly attacked researchers who found flaws in the protocol.
IOTA 2.0 is basically a totally different protocol than the current one. The prototype is not finished yet. It’s not tested at all and it gets rid of most things that were used in the current version. How high is the chance that IOTA 2.0 will work? It seems like over the past years a lot of time was simply wasted on developing things that got tossed into the bin and now they are starting all over.

11. Partnerships and Adoption
If IOTA has one thing it’s partnerships. But after an announced partnership nothing ever really followed. So, is any company like Bosch, VW, Nokia, Audi, Vodafone or Jaguar actually still working on building something with IOTA or did they drop it?

12. Wallet hack
The recent wallet hack could have been avoided easily but the Moonpay integrating was rushed and nobody checked the code again.
An unknown amount of seeds has been stolen and the attacker will be able to transfer the funds of everyone who didn’t use the migration tool in time to exchanges and dump everything on March 10 along with anyone who wanted to sell within the last month.

All these points made me lose a lot of faith in my investment long term but especially short term. I talked to some friends and especially the ones following the project very closely share my doubts.
But my sample number is rather small so I‘d appreciate your input. Please feel free to comment on anything I wrote and feel free to disagree or correct me.
submitted by NotMyTime731 to IOTAmarkets [link] [comments]

Bitcoin tutorial Episode 5: Cryptography, hash function, digital signature Hash Cracking & Bitcoin Mining with the Monster GPUs @ 2600 Thailand Meeting #3 (1/3) Probability in Bitcoin Mining: The Hashing Function Applied Cryptography: Hash Functions - Part 1 Bitcoin Cryptography – Hashing Algorithms

A cryptographic hash function has to be computationally efficient but it is its deterministic nature, pre-image resistance and collision-resistance that constitute the three most important properties of hash functions in the Bitcoin mining process - learn more about these features here. If you’ve spent even a little bit of time learning about Bitcoin and other cryptocurrencies, you’ve no doubt heard the term “cryptographic hash function.” You may have heard of various “cryptographic hash algorithms” like DSA, SHA-1, SHA 256, MD5, BLAKE, and RIPEMD. A hash algorithm takes data of any arbitrary size (numbers, alphabets, media files) and transforms it into a fixed alphanumeric string. The fixed bit size can vary (like 64-bit or 128-bit or 256-bit) depending on what hash function is being used.. And this fixed size output is what is called a hash.In other words, a hash is the cryptographic byproduct of a hash algorithm. Cryptographic hash function is a special class of hash function that has certain properties which make it suitable for use in cryptography. It is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash) and is designed to be a one-way function, that is, a function which is infeasible to invert. Anyone with an interest in bitcoin will have heard the phrase ‘cryptographic hash function’ at some time or other. But what exactly does it mean, and how is it connected to cryptocurrency?

[index] [25213] [14604] [3632] [2607] [2943] [3201] [13029] [18399] [27106] [9035]

Bitcoin tutorial Episode 5: Cryptography, hash function, digital signature

8.02x - Lect 16 - Electromagnetic Induction, Faraday's Law, Lenz Law, SUPER DEMO - Duration: 51:24. Lectures by Walter Lewin. They will make you ♥ Physics. Recommended for you Cryptography Hashes - Beth Singer - 9/10/2013 Bitcoin - Cryptographic hash function - Duration: 10:14. Khan Academy Recommended for you. 10:14. Litecoin 4 x 7950 AMD Radeon Mining Rig - Duration: 5:02. Max Skybin 64,725 views. It also describes a use of hash functions for a digital signature protocol. Skip navigation Sign in ... Bitcoin - Cryptographic hash function - Duration: 10:14. Khan Academy 232,116 views. 10:14. ... How does the hash function work in the world of Bitcoin mining? Peter Van Valkenburgh of the Coin Center explains how the hash function in Bitcoin uses entropy to select Bitcoin miners. As always ...

Flag Counter