SLP219 Nadav Kohen - What You Should Know About Bitcoin ...
GRC Security Now! Episode Archive
A word of caution about exchanges, privacy and your permanent history on the blockchain
I had an account restricted on a major exchange this year and it's not a pleasant experience. Just wanted to share my experience, since I see so many have been through something similar in several exchange-related subreddits. My case happened at Bittrex but I think it's important to note that this may happen on any exchange, not just Bittrex. People are depositing way too much trust in these exchanges and it may come back to bite them. Here's my experience as honestly as I'm able to put it. Bittrex is technically great, contrary to what many say the system just works. Works great in fact, fast and very few glitches in many many years. I think I must've been a very early customer back when things were very informal and until 2020 I had absolutely zero problems with Bittrex. I always thought they were above the pack when it came to system security design and reliability. Despite joining when it was very early, I did full KYC and had the top tier withdrawal limit even though KYC wasn't obligatory back when I joined. I did it all formally because I wanted to have a sort of bank account I could trust, I didn't want to be jumping from exchange to exchange like some crypto traders did. I never used as much as 0.01% of this withdrawal limit, I'm small fish but it was nice to know I could move tons of BTC like the whales if I ever needed to. So I sent them all my real data, work address and so forth. Then Bittrex got moved out of USA and into some country, don't know where. Which was fine by me, I thought it was the same people behind it, doing some formality. Then one day a person with a drawing for a profile pic and some strange username decides to contact me out of nowhere using the Bittrex tech support interface. They know everything about me, but I don't know anything about them. No contact info visible, nothing. This support person sends you a statement you must sign and then based on that they begin to ask for specific documents. I wanted to keep my relationship with Bittrex, so I filled signed and returned it. Then they dived into each item in the thing requesting more documents based on each. So if you said you previously worked for ACME, they'll ask to see ACME related stuff. I said I bought Bitcoin using Bank X, so they wanted to see Bank X statements. And so on. They begin to dig into each specific item you inform. Then it downed on me that maybe I was under some formal audit, in which case I'd have the right to know so I could hire an accountant or lawyer. So I politely asked. They don't tell you anything. You don't even know who the person is on the other side, there is no identification at all of who's contacting you. You're sending all your personal informations to someone who, as far as you know, could be a cat or a dog typing on a random keyboard. So I then asked them why so much detail was needed, since I'd provided lots already. They ignore and just say thank you for your cooperation and proceded to ask for more stuff. I said fine let's do this and went along. Then they asked for specific crypto addresses for the tokens I'd used in the past. Like the address of whoever sent me some XXXX token years ago. I then thought hey man this is too much, do you need me to fax or mail you my ID or something, I'd do it but whatever I enter in there could spell trouble for me. For example, if some guy whose ETH address did something nasty, but coincidentally paid me years ago using that same address, if I gave them my address from the past, in those several years it could mean this person is now a wanted criminal and it'd spell trouble for me, who knows what the person did afterwards, then my account would be forever linked to that rogue address. I began to reflect on this and thought wait, this is not good, I could put myself into a 'bad address' database for no reason. Then I told them I would not send the crypto addresses. They said thanks let's continue the process. It felt weird overall, it just keeps going and demanding more information. I then asked for someone to speak to or somewhere physical I could go to, to talk and show that I'm a real person, they never reply anything, they just ask for more. So I finally gave up and stopped replying and they apparently restricted my account or something. I'll have to go back and reopen the ticket and request account reactivation but then they'll probably restart the same process again. I'm not really that much of a fan of crypto these days, so I'm thinking maybe it's time to call it quits. The reason I'm writing this is to let everyone know that whatever you do in crypto gets forever linked to you. You begin thinking it's some informal thing and that there's some freedom but there really isn't. You may fool around with crypto but then someone is recording everything and will demand you make everything formal in the future. When I joined Bittrex everything was more informal in crypto, even shapeshift and others allowed you to trade crypto with no ID at all, 100% anonymous. Heck even faucets gave out free Bitcoin back in the day. Then all of a sudden everything you do in these exchanges will be audited and you'll need to provide formal documents for everything you did in the past 10 years. Some anonymous operator (this isn't specific to Bittrex, all of them do it that way) with no office has all your info but you know nothing about them in return. You don't even know where these exchanges are located at all. I saw a Facebook post about Binance not even having a formal country, they're "all over t he place". Sure that sounds cool but...who do you turn to when they demand legal stuff from you? Someone out there has all your financial information but you have nothing, you have no security, no legal protection, nothing and they have everything. So, be careful. This isn't all specific to Bittrex, any exchange can and probably will do the same. Point is crypto is a formal thing and will spell trouble for you in the future. Especially since blockchain analysis is way too primitive still, your addresses could somehow end up in a bad neightborhood. The pandemic kinda reminded me of blockchain transactions, you may end up infected because you have no way to know what others have been doing while you were doing everything right.
PRICES UPDATED SILVER SPOT: $24.60/oz (for my reference) PM PLEASE, PM PLEASE Through this weekend, I will use this post to list many different premium silver rounds (kooks, goats, swans, 2010 brits, phils, privateer, other) and some unique items. So check back for updates. To start, offered is: 2016 China 30 gram Silver Pandas BU (In Capsules) — $30/ea (APMEX PRICE $36.82/ea) https://imgur.com/a/07X9l3o (Panda Proof) Rolls of premium rounds (20 per roll) in capsules and wrap (only selling by the roll for now) 2014 x 2 Australia 1 oz Silver Kookaburra BU -- $620/roll (APMEX PRICE $38.70/ea) 2015 x 2 Australia 1 oz Silver Kookaburra BU -- $620/roll (APMEX PRICE $38.70/ea) 2017 x 4 Australia 1 oz Silver Kookaburra BU -- $620/roll (APMEX PRICE $38.70/ea) 2019 x 2 Australia 1 oz Silver Swan BU — $840/roll (APMEX PRICE $54.70/ea) 2015 x 5 Australia 1 oz Silver Lunar Goat BU (Series II) — $640/roll (APMEX PRICE $39.70/ea) https://imgur.com/a/kBHTcR6 (kooks, swans, goat proof) Keep calm and slave on rounds, 2010 Brittanias 2013 SBSS Slave Queen 1oz Rounds x 9 — $28/ea 2010 1oz Brittanias x 19. When is the last time you saw these? — $31/ea https://imgur.com/a/QsGF6P7 (Slave Queen, Brits Proof) 2013 Northwest Territorial Mint 45 caliber 1 oz cartridges Boxes of 10. All original packaging and COA. Sold only as boxes of 10. 2 available. — $370/ea (1 left) https://imgur.com/a/EMcv4DA (45 caliber proof) 2 oz Silver Rounds Privateer Ultra High Relief Pirate Rounds .999 Fine Bullion Privateer: No Prey, No Pay 2oz premium rounds x 10 — $70/ea 2 oz Silver UHR Round - Privateer Series: The Siren x 4 — $70/ea https://imgur.com/a/LR2yEQh (Privateer Proof) 2013 1 oz Pegasus Silver Rounds Pegasus 1oz x 10. Some are starting to show toning or have toning of edges — $29/ea https://imgur.com/a/eCJLLBR (Pegasus Proof) 2019 Silver 1oz Austrian Philharmonics Tubes of (20) 1oz Austrian Philharmonics. Selling by the tube for now. x 2 — $560/ea (findbullionprices.com best price $36.70/ea) https://imgur.com/a/P1XPzCg (Phils Proof) 2015 Australian Funnel Web Spiders (1) tube of 20 Funnel Spiders, 1oz ea — $580 (APMEX price $33.70/ea) https://imgur.com/a/sSzZwRl (Funnel Spider Proof) Classic Silver Lot (Engelhard 1oz bars, Swiss of America Rounds, A-mark 1oz bars) Classic 1oz Engelhards x 16 -- $29/ea (APMEX price $34.70/ea) (2 remaining) 1 1974 Classic Swiss of America 1oz thick round -- $40 (APMEX price $49.71) (SOLD) Classic 1981 A-mark 1oz bars x 5 — $29/ea (ALL SOLD) https://imgur.com/a/7ojjoxA (Classic Lot Proof) Other Silver Bar Lot (Scotties, others) 20 oz Scotty kitkat bar -- $560 (SOLD) 10oz Scotty stackers x 2 — $280/ea Prospector’s Gold & Gems poured bars -- $27/oz (10 oz left) 5oz Bullion Stackers hexagonal pour — $145 (SOLD) Classic 5oz toned Sunshine mining company bar (old bar predating Sunshine Mint) — $145 https://imgur.com/a/p8K4TtR (Other Silver Bar Proof) 5g Engelhard .9999 GOLD Bar — $340 (SOLD) These are pretty hard to come by. https://imgur.com/a/ajfwQAr(Engelhard Gold Proof) 1/10 oz 1994 Platinum Koala — $150 (SOLD) https://imgur.com/a/xtVWEfE(Koala Proof) 5oz Great Panther Silver Limited Bar — $150 This one is scarce!! https://imgur.com/a/cOm23xg (Panther proof) Cross posted on other forums. TERMS: All eligible items are verified with a sigma precious metal verifier. Prices are generally based on the underlying spot price. Large fluctuations in spot prices could affect the price of items listed. USPS first class starts @ $4 for up to 4oz, SFRB @ $8 for up to 60 oz, MFRB @ $16 for 60+ oz, signature @ $2.50. Will insure for 1.1% of purchase price. Shipping is at buyer’s risk. All items will be tracked unless otherwise stated. Would recommend delivery to a secure box for precious metals. Accept: Zelle, Venmo, Cash app, Bitcoin. NO PAYPAL. Other forms of payment will be considered. I am not a coin grader. The condition of any coin listed is how it was listed when I acquired it. I will be more than happy to provide any detailed, unedited photos for any coin. Unless specifically mentioned, assume coins are in generally good condition. Noticeable defects potentially affecting the value will attempt to be noted. I try to price my items substantially below the lowest price I can find online from a national dealer. If you see a legitimate cheaper price, let me know and I may very well adjust my price. FYI, I am in Eastern time zone if I do not respond, may be sleeping.
Dragonchain Great Reddit Scaling Bake-Off Public Proposal
Dragonchain Public Proposal TL;DR:
Dragonchain has demonstrated twice Reddit’s entire total daily volume (votes, comments, and postsper Reddit 2019 Year in Review) in a 24-hour demo on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. At the time, in January 2020, the entire cost of the demo was approximately $25K on a single system (transaction fees locked at $0.0001/txn). With current fees (lowest fee $0.0000025/txn), this would cost as little as $625. Watch Joe walk through the entire proposal and answer questions onYouTube. This proposal is also available on the Dragonchain blog.
Hello Reddit and Ethereum community!
I’m Joe Roets, Founder & CEO of Dragonchain. When the team and I first heard about The Great Reddit Scaling Bake-Off we were intrigued. We believe we have the solutions Reddit seeks for its community points system and we have them at scale. For your consideration, we have submitted our proposal below. The team at Dragonchain and I welcome and look forward to your technical questions, philosophical feedback, and fair criticism, to build a scaling solution for Reddit that will empower its users. Because our architecture is unlike other blockchain platforms out there today, we expect to receive many questions while people try to grasp our project. I will answer all questions here in this thread on Reddit, and I've answered some questions in the stream on YouTube. We have seen good discussions so far in the competition. We hope that Reddit’s scaling solution will emerge from The Great Reddit Scaling Bake-Off and that Reddit will have great success with the implementation.
Dragonchain is a robust open source hybrid blockchain platform that has proven to withstand the passing of time since our inception in 2014. We have continued to evolve to harness the scalability of private nodes, yet take full advantage of the security of public decentralized networks, like Ethereum. We have a live, operational, and fully functional Interchain network integrating Bitcoin, Ethereum, Ethereum Classic, and ~700 independent Dragonchain nodes. Every transaction is secured to Ethereum, Bitcoin, and Ethereum Classic. Transactions are immediately usable on chain, and the first decentralization is seen within 20 seconds on Dragon Net. Security increases further to public networks ETH, BTC, and ETC within 10 minutes to 2 hours. Smart contracts can be written in any executable language, offering full freedom to existing developers. We invite any developer to watch the demo, play with our SDK’s, review open source code, and to help us move forward. Dragonchain specializes in scalable loyalty & rewards solutions and has built a decentralized social network on chain, with very affordable transaction costs. This experience can be combined with the insights Reddit and the Ethereum community have gained in the past couple of months to roll out the solution at a rapid pace.
Response and PoC
In The Great Reddit Scaling Bake-Off post, Reddit has asked for a series of demonstrations, requirements, and other considerations. In this section, we will attempt to answer all of these requests.
A live proof of concept showing hundreds of thousands of transactions
On Jan 7, 2020, Dragonchain hosted a 24-hour live demonstration during which a quarter of a billion (250 million+) transactions executed fully on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. This means that every single transaction is secured by, and traceable to these networks. An attack on this system would require a simultaneous attack on all of the Interchained networks. 24 hours in 4 minutes (YouTube): 24 hours in 4 minutes The demonstration was of a single business system, and any user is able to scale this further, by running multiple systems simultaneously. Our goals for the event were to demonstrate a consistent capacity greater than that of Visa over an extended time period. Tooling to reproduce our demo is available here: https://github.com/dragonchain/spirit-bomb
Source code (for on & off-chain components as well tooling used for the PoC). The source code does not have to be shared publicly, but if Reddit decides to use a particular solution it will need to be shared with Reddit at some point.
Dragonchain’s architecture attacks the scalability issue from multiple angles. Dragonchain is a hybrid blockchain platform, wherein every transaction is protected on a business node to the requirements of that business or purpose. A business node may be held completely private or may be exposed or replicated to any level of exposure desired. Every node has its own blockchain and is independently scalable. Dragonchain established Context Based Verification as its consensus model. Every transaction is immediately usable on a trust basis, and in time is provable to an increasing level of decentralized consensus. A transaction will have a level of decentralization to independently owned and deployed Dragonchain nodes (~700 nodes) within seconds, and full decentralization to BTC and ETH within minutes or hours. Level 5 nodes (Interchain nodes) function to secure all transactions to public or otherwise external chains such as Bitcoin and Ethereum. These nodes scale the system by aggregating multiple blocks into a single Interchain transaction on a cadence. This timing is configurable based upon average fees for each respective chain. For detailed information about Dragonchain’s architecture, and Context Based Verification, please refer to the Dragonchain Architecture Document.
An interesting feature of Dragonchain’s network consensus is its economics and scarcity model. Since Dragon Net nodes (L2-L4) are independent staking nodes, deployment to cloud platforms would allow any of these nodes to scale to take on a large percentage of the verification work. This is great for scalability, but not good for the economy, because there is no scarcity, and pricing would develop a downward spiral and result in fewer verification nodes. For this reason, Dragonchain uses TIME as scarcity. TIME is calculated as the number of Dragons held, multiplied by the number of days held. TIME influences the user’s access to features within the Dragonchain ecosystem. It takes into account both the Dragon balance and length of time each Dragon is held. TIME is staked by users against every verification node and dictates how much of the transaction fees are awarded to each participating node for every block. TIME also dictates the transaction fee itself for the business node. TIME is staked against a business node to set a deterministic transaction fee level (see transaction fee table below in Cost section). This is very interesting in a discussion about scaling because it guarantees independence for business implementation. No matter how much traffic appears on the entire network, a business is guaranteed to not see an increased transaction fee rate.
Dragonchain uses Docker and Kubernetes to allow the use of best practices traditional system scaling. Dragonchain offers managed nodes with an easy to use web based console interface. The user may also deploy a Dragonchain node within their own datacenter or favorite cloud platform. Users have deployed Dragonchain nodes on-prem on Amazon AWS, Google Cloud, MS Azure, and other hosting platforms around the world. Any executable code, anything you can write, can be written into a smart contract. This flexibility is what allows us to say that developers with no blockchain experience can use any code language to access the benefits of blockchain. Customers have used NodeJS, Python, Java, and even BASH shell script to write smart contracts on Dragonchain. With Docker containers, we achieve better separation of concerns, faster deployment, higher reliability, and lower response times. We chose Kubernetes for its self-healing features, ability to run multiple services on one server, and its large and thriving development community. It is resilient, scalable, and automated. OpenFaaS allows us to package smart contracts as Docker images for easy deployment. Contract deployment time is now bounded only by the size of the Docker image being deployed but remains fast even for reasonably large images. We also take advantage of Docker’s flexibility and its ability to support any language that can run on x86 architecture. Any image, public or private, can be run as a smart contract using Dragonchain.
Flexibility in Scaling
Dragonchain’s architecture considers interoperability and integration as key features. From inception, we had a goal to increase adoption via integration with real business use cases and traditional systems. We envision the ability for Reddit, in the future, to be able to integrate alternate content storage platforms or other financial services along with the token.
LBRY - To allow users to deploy content natively to LBRY
MakerDAO to allow users to lend small amounts backed by their Reddit community points.
STORJ/SIA to allow decentralized on chain storage of portions of content. These integrations or any other are relatively easy to integrate on Dragonchain with an Interchain implementation.
Cost estimates (on-chain and off-chain) For the purpose of this proposal, we assume that all transactions are on chain (posts, replies, and votes).
On the Dragonchain network, transaction costs are deterministic/predictable. By staking TIME on the business node (as described above) Reddit can reduce transaction costs to as low as $0.0000025 per transaction. Dragonchain Fees Table
How to run it
Building on Dragonchain is simple and requires no blockchain experience. Spin up a business node (L1) in our managed environment (AWS), run it in your own cloud environment, or on-prem in your own datacenter. Clear documentation will walk you through the steps of spinning up your first Dragonchain Level 1 Business node. Getting started is easy...
Download Dragonchain’s dctl
Input three commands into a terminal
Build an image
More information can be found in our Get started documents.
Dragonchain is an open source hybrid platform. Through Dragon Net, each chain combines the power of a public blockchain (like Ethereum) with the privacy of a private blockchain. Dragonchain organizes its network into five separate levels. A Level 1, or business node, is a totally private blockchain only accessible through the use of public/private keypairs. All business logic, including smart contracts, can be executed on this node directly and added to the chain. After creating a block, the Level 1 business node broadcasts a version stripped of sensitive private data to Dragon Net. Three Level 2 Validating nodes validate the transaction based on guidelines determined from the business. A Level 3 Diversity node checks that the level 2 nodes are from a diverse array of locations. A Level 4 Notary node, hosted by a KYC partner, then signs the validation record received from the Level 3 node. The transaction hash is ledgered to the Level 5 public chain to take advantage of the hash power of massive public networks. Dragon Net can be thought of as a “blockchain of blockchains”, where every level is a complete private blockchain. Because an L1 can send to multiple nodes on a single level, proof of existence is distributed among many places in the network. Eventually, proof of existence reaches level 5 and is published on a public network.
Dragonchain is open source and even though the platform is easy enough for developers to code in any language they are comfortable with, we do not have so large a developer community as Ethereum. We would like to see the Ethereum developer community (and any other communities) become familiar with our SDK’s, our solutions, and our platform, to unlock the full potential of our Ethereum Interchain. Long ago we decided to prioritize both Bitcoin and Ethereum Interchains. We envision an ecosystem that encompasses different projects to give developers the ability to take full advantage of all the opportunities blockchain offers to create decentralized solutions not only for Reddit but for all of our current platforms and systems. We believe that together we will take the adoption of blockchain further. We currently have additional Interchain with Ethereum Classic. We look forward to Interchain with other blockchains in the future. We invite all blockchains projects who believe in decentralization and security to Interchain with Dragonchain.
While we only have 700 nodes compared to 8,000 Ethereum and 10,000 Bitcoin nodes. We harness those 18,000 nodes to scale to extremely high levels of security. See Dragonchain metrics.
Some may consider the centralization of Dragonchain’s business nodes as an issue at first glance, however, the model is by design to protect business data. We do not consider this a drawback as these nodes can make any, none, or all data public. Depending upon the implementation, every subreddit could have control of its own business node, for potential business and enterprise offerings, bringing new alternative revenue streams to Reddit.
Costs and resources
Summary of cost & resource information for both on-chain & off-chain components used in the PoC, as well as cost & resource estimates for further scaling. If your PoC is not on mainnet, make note of any mainnet caveats (such as congestion issues).
Every transaction on the PoC system had a transaction fee of $0.0001 (one-hundredth of a cent USD). At 256MM transactions, the demo cost $25,600. With current operational fees, the same demonstration would cost $640 USD. For the demonstration, to achieve throughput to mimic a worldwide payments network, we modeled several clients in AWS and 4-5 business nodes to handle the traffic. The business nodes were tuned to handle higher throughput by adjusting memory and machine footprint on AWS. This flexibility is valuable to implementing a system such as envisioned by Reddit. Given that Reddit’s daily traffic (posts, replies, and votes) is less than half that of our demo, we would expect that the entire Reddit system could be handled on 2-5 business nodes using right-sized containers on AWS or similar environments. Verification was accomplished on the operational Dragon Net network with over 700 independently owned verification nodes running around the world at no cost to the business other than paid transaction fees.
This PoC should scale to the numbers below with minimal costs (both on & off-chain). There should also be a clear path to supporting hundreds of millions of users. Over a 5 day period, your scaling PoC should be able to handle: *100,000 point claims (minting & distributing points) *25,000 subscriptions *75,000 one-off points burning *100,000 transfers
During Dragonchain’s 24 hour demo, the above required numbers were reached within the first few minutes. Reddit’s total activity is 9000% more than Ethereum’s total transaction level. Even if you do not include votes, it is still 700% more than Ethereum’s current volume. Dragonchain has demonstrated that it can handle 250 million transactions a day, and it’s architecture allows for multiple systems to work at that level simultaneously. In our PoC, we demonstrate double the full capacity of Reddit, and every transaction was proven all the way to Bitcoin and Ethereum. Reddit Scaling on Ethereum
Solutions should not depend on any single third-party provider. We prefer solutions that do not depend on specific entities such as Reddit or another provider, and solutions with no single point of control or failure in off-chain components but recognize there are numerous trade-offs to consider
Dragonchain’s architecture calls for a hybrid approach. Private business nodes hold the sensitive data while the validation and verification of transactions for the business are decentralized within seconds and secured to public blockchains within 10 minutes to 2 hours. Nodes could potentially be controlled by owners of individual subreddits for more organic decentralization.
Billing is currently centralized - there is a path to federation and decentralization of a scaled billing solution.
Operational on-premises capabilities
Operational deployment to any datacenter
Over 700 independent Community Verification Nodes with proof of ownership
Operational Interchain (Interoperable to Bitcoin, Ethereum, and Ethereum Classic, open to more)
Usability Scaling solutions should have a simple end user experience.
Users shouldn't have to maintain any extra state/proofs, regularly monitor activity, keep track of extra keys, or sign anything other than their normal transactions
Dragonchain and its customers have demonstrated extraordinary usability as a feature in many applications, where users do not need to know that the system is backed by a live blockchain. Lyceum is one of these examples, where the progress of academy courses is being tracked, and successful completion of courses is rewarded with certificates on chain. Our @Save_The_Tweet bot is popular on Twitter. When used with one of the following hashtags - #please, #blockchain, #ThankYou, or #eternalize the tweet is saved through Eternal to multiple blockchains. A proof report is available for future reference. Other examples in use are DEN, our decentralized social media platform, and our console, where users can track their node rewards, view their TIME, and operate a business node. Examples:
Transactions complete in a reasonable amount of time (seconds or minutes, not hours or days)
All transactions are immediately usable on chain by the system. A transaction begins the path to decentralization at the conclusion of a 5-second block when it gets distributed across 5 separate community run nodes. Full decentralization occurs within 10 minutes to 2 hours depending on which interchain (Bitcoin, Ethereum, or Ethereum Classic) the transaction hits first. Within approximately 2 hours, the combined hash power of all interchained blockchains secures the transaction.
Free to use for end users (no gas fees, or fixed/minimal fees that Reddit can pay on their behalf)
With transaction pricing as low as $0.0000025 per transaction, it may be considered reasonable for Reddit to cover transaction fees for users. All of Reddit's Transactions on Blockchain (month) Community points can be earned by users and distributed directly to their Reddit account in batch (as per Reddit minting plan), and allow users to withdraw rewards to their Ethereum wallet whenever they wish. Withdrawal fees can be paid by either user or Reddit. This model has been operating inside the Dragonchain system since 2018, and many security and financial compliance features can be optionally added. We feel that this capability greatly enhances user experience because it is seamless to a regular user without cryptocurrency experience, yet flexible to a tech savvy user. With regard to currency or token transactions, these would occur on the Reddit network, verified to BTC and ETH. These transactions would incur the $0.0000025 transaction fee. To estimate this fee we use the monthly active Reddit users statista with a 60% adoption rate and an estimated 10 transactions per month average resulting in an approximate $720 cost across the system. Reddit could feasibly incur all associated internal network charges (mining/minting, transfer, burn) as these are very low and controllable fees. Reddit Internal Token Transaction Fees Reddit Ethereum Token Transaction Fees When we consider further the Ethereum fees that might be incurred, we have a few choices for a solution.
Offload all Ethereum transaction fees (user withdrawals) to interested users as they wish to withdraw tokens for external use or sale.
Cover Ethereum transaction fees by aggregating them on a timed schedule. Users would request withdrawal (from Reddit or individual subreddits), and they would be transacted on the Ethereum network every hour (or some other schedule).
In a combination of the above, customers could cover aggregated fees.
Integrate with alternate Ethereum roll up solutions or other proposals to aggregate minting and distribution transactions onto Ethereum.
Users should be able to view their balances & transactions via a blockchain explorer-style interface
From interfaces for users who have no knowledge of blockchain technology to users who are well versed in blockchain terms such as those present in a typical block explorer, a system powered by Dragonchain has flexibility on how to provide balances and transaction data to users. Transactions can be made viewable in an Eternal Proof Report, which displays raw data along with TIME staking information and traceability all the way to Bitcoin, Ethereum, and every other Interchained network. The report shows fields such as transaction ID, timestamp, block ID, multiple verifications, and Interchain proof. See example here. Node payouts within the Dragonchain console are listed in chronological order and can be further seen in either Dragons or USD. See example here. In our social media platform, Dragon Den, users can see, in real-time, their NRG and MTR balances. See example here. A new influencer app powered by Dragonchain, Raiinmaker, breaks down data into a user friendly interface that shows coin portfolio, redeemed rewards, and social scores per campaign. See example here.
Exiting is fast & simple
Withdrawing funds on Dragonchain’s console requires three clicks, however, withdrawal scenarios with more enhanced security features per Reddit’s discretion are obtainable.
Interoperability Compatibility with third party apps (wallets/contracts/etc) is necessary.
Proven interoperability at scale that surpasses the required specifications. Our entire platform consists of interoperable blockchains connected to each other and traditional systems. APIs are well documented. Third party permissions are possible with a simple smart contract without the end user being aware. No need to learn any specialized proprietary language. Any code base (not subsets) is usable within a Docker container. Interoperable with any blockchain or traditional APIs. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js. Please see our source code and API documentation.
Scaling solutions should be extensible and allow third parties to build on top of it Open source and extensible APIs should be well documented and stable
Third-party permissionless integrations should be possible & straightforward Smart contracts are Docker based, can be written in any language, use full language (not subsets), and can therefore be integrated with any system including traditional system APIs. Simple is better. Learning an uncommon or proprietary language should not be necessary.
Advanced knowledge of mathematics, cryptography, or L2 scaling should not be required. Compatibility with common utilities & toolchains is expected. Dragonchain business nodes and smart contracts leverage Docker to allow the use of literally any language or executable code. No proprietary language is necessary. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js.
Bonus Points: Show us how it works. Do you have an idea for a cool new use case for Community Points? Build it!
Community points could be awarded to Reddit users based upon TIME too, whereas the longer someone is part of a subreddit, the more community points someone naturally gained, even if not actively commenting or sharing new posts. A daily login could be required for these community points to be credited. This grants awards to readers too and incentivizes readers to create an account on Reddit if they browse the website often. This concept could also be leveraged to provide some level of reputation based upon duration and consistency of contribution to a community subreddit.
Dragonchain has already built a social media platform that harnesses community involvement. Dragon Den is a decentralized community built on the Dragonchain blockchain platform. Dragon Den is Dragonchain’s answer to fake news, trolling, and censorship. It incentivizes the creation and evaluation of quality content within communities. It could be described as being a shareholder of a subreddit or Reddit in its entirety. The more your subreddit is thriving, the more rewarding it will be. Den is currently in a public beta and in active development, though the real token economy is not live yet. There are different tokens for various purposes. Two tokens are Lair Ownership Rights (LOR) and Lair Ownership Tokens (LOT). LOT is a non-fungible token for ownership of a specific Lair. LOT will only be created and converted from LOR. Energy (NRG) and Matter (MTR) work jointly. Your MTR determines how much NRG you receive in a 24-hour period. Providing quality content, or evaluating content will earn MTR.
Security. Users have full ownership & control of their points.
All community points awarded based upon any type of activity or gift, are secured and provable to all Interchain networks (currently BTC, ETH, ETC). Users are free to spend and withdraw their points as they please, depending on the features Reddit wants to bring into production.
Balances and transactions cannot be forged, manipulated, or blocked by Reddit or anyone else
Users can withdraw their balance to their ERC20 wallet, directly through Reddit. Reddit can cover the fees on their behalf, or the user covers this with a portion of their balance.
Users should own their points and be able to get on-chain ERC20 tokens without permission from anyone else
Through our console users can withdraw their ERC20 rewards. This can be achieved on Reddit too. Here is a walkthrough of our console, though this does not show the quick withdrawal functionality, a user can withdraw at any time. https://www.youtube.com/watch?v=aNlTMxnfVHw
Points should be recoverable to on-chain ERC20 tokens even if all third-parties involved go offline
If necessary, signed transactions from the Reddit system (e.g. Reddit + Subreddit) can be sent to the Ethereum smart contract for minting.
A public, third-party review attesting to the soundness of the design should be available
To our knowledge, at least two large corporations, including a top 3 accounting firm, have conducted positive reviews. These reviews have never been made public, as Dragonchain did not pay or contract for these studies to be released.
Bonus points Public, third-party implementation review available or in progress
Compatibility with HSMs & hardware wallets
For the purpose of this proposal, all tokenization would be on the Ethereum network using standard token contracts and as such, would be able to leverage all hardware wallet and Ethereum ecosystem services.
Minting/distributing tokens is not performed by Reddit directly
This operation can be automated by smart contract on Ethereum. Subreddits can if desired have a role to play.
One off point burning, as well as recurring, non-interactive point burning (for subreddit memberships) should be possible and scalable
This is possible and scalable with interaction between Dragonchain Reddit system and Ethereum token contract(s).
Fully open-source solutions are strongly preferred
Dragonchain is fully open source (see section on Disney release after conclusion).
Whether it is today, or in the future, we would like to work together to bring secure flexibility to the highest standards. It is our hope to be considered by Ethereum, Reddit, and other integrative solutions so we may further discuss the possibilities of implementation. In our public demonstration, 256 million transactions were handled in our operational network on chain in 24 hours, for the low cost of $25K, which if run today would cost $625. Dragonchain’s interoperable foundation provides the atmosphere necessary to implement a frictionless community points system. Thank you for your consideration of our proposal. We look forward to working with the community to make something great!
Disney Releases Blockchain Platform as Open Source
The team at Disney created the Disney Private Blockchain Platform. The system was a hybrid interoperable blockchain platform for ledgering and smart contract development geared toward solving problems with blockchain adoption and usability. All objective evaluation would consider the team’s output a success. We released a list of use cases that we explored in some capacity at Disney, and our input on blockchain standardization as part of our participation in the W3C Blockchain Community Group. https://lists.w3.org/Archives/Public/public-blockchain/2016May/0052.html
In 2016, Roets proposed to release the platform as open source to spread the technology outside of Disney, as others within the W3C group were interested in the solutions that had been created inside of Disney. Following a long process, step by step, the team met requirements for release. Among the requirements, the team had to:
Obtain VP support and approval for the release
Verify ownership of the software to be released
Verify that no proprietary content would be released
Convince the organization that there was a value to the open source community
Convince the organization that there was a value to Disney
Offer the plan for ongoing maintenance of the project outside of Disney
Itemize competing projects
Verify no conflict of interest
Change the project name to not use the name Disney, any Disney character, or any other associated IP - proposed Dragonchain - approved
Obtain legal approval
Approval from corporate, parks, and other business units
Approval from multiple Disney patent groups Copyright holder defined by Disney (Disney Connected and Advanced Technologies)
Trademark searches conducted for the selected name Dragonchain
Obtain IT security approval
Manual review of OSS components conducted
OWASP Dependency and Vulnerability Check Conducted
Obtain technical (software) approval
Offer management, process, and financial plans for the maintenance of the project.
Meet list of items to be addressed before release
Remove all Disney project references and scripts
Create a public distribution list for email communications
Remove Roets’ direct and internal contact information
Create public Slack channel and move from Disney slack channels
Create proper labels for issue tracking
Rename internal private Github repository
Add informative description to Github page
Expand README.md with more specific information
Add information beyond current “Blockchains are Magic”
Add getting started sections and info on cloning/forking the project
Add installation details
Add uninstall process
Add unit, functional, and integration test information
Detail how to contribute and get involved
Describe the git workflow that the project will use
Move to public, non-Disney git repository (Github or Bitbucket)
Obtain Disney Open Source Committee approval for release
On top of meeting the above criteria, as part of the process, the maintainer of the project had to receive the codebase on their own personal email and create accounts for maintenance (e.g. Github) with non-Disney accounts. Given the fact that the project spanned multiple business units, Roets was individually responsible for its ongoing maintenance. Because of this, he proposed in the open source application to create a non-profit organization to hold the IP and maintain the project. This was approved by Disney. The Disney Open Source Committee approved the application known as OSSRELEASE-10, and the code was released on October 2, 2016. Disney decided to not issue a press release. Original OSSRELASE-10 document
Help recovering from old wallet.dat for an old friend.
Hey all, I've been in the Bitcoin space since early 2012. I have a situation that I would love to get some assistance with, I will explain the situation momentarily. Please do not message me and ask me for the wallet.dat file it's not going to happen. TL;DR I have an old wallet.dat file from late 2012 or early 2013 from a coin I sold to a friend. Tried to recover the coins in 2018 and failed, later found out that someone had access to the computer and could have easily stole them. Would the current Bitcoin Core be able to read an old wallet.dat file, and is there any way to easily view the balance of a 2012 wallet.dat file without having to load the entire blockchain? In the early days of Bitcoin as many of you OG's know, the only option to securely store your coins was to use the default Bitcoin wallet in a wallet.dat file. A friend of mine was really wanted to invest in Bitcoin but didn't know how, so I sold one to him because I didn't want him to get screwed. I installed Bitcoin QT on their home laptop, had him write down the password on a piece of paper and had him put a backup of the wallet.dat file onto a USB. Fast forward to when the price went to $20k plus, he calls me up super excited and said he wanted to sell his coin because he could use the money and I encouraged it because from my prior experience I knew the momentum was unsustainable and I had sold a few coins of my own. Anyway, I go over to his house and we huddle around his computer. He tells me that he upgraded the hard drive in his computer and gave me his old one and I went back to my house to get an external hard drive reader. I came back, booted up his old drive and remembered that we would have to let it sync up in order to get the coins out, and on his internet that wasn't going to happen anytime soon. He gave me the hard drive and I went home and left on Bitcoin QT overnight and in the morning I was shocked to see that there were no transactions on the wallet. Quick note, he had the wallet password in a file on his documents titled "Bitcoin Wallet Password.txt". smh. I started to panic, and I realized how bad this looked on me. I called him and told him that there were no coins on there and asked if he had his USB stick and he told me he had lost it years ago. I frantically looked through all of my old wallet files to find any transaction that could link to his address, to show that his coins were still in there. After a while I realized I had sent the coins from the now defunct btc-e.com, and had no way to check up on the coins. I did everything in my ability to try to recover lost data from the hard drive to no avail. I asked him if anyone else has had access to his computer, and then asked him how he replaced his hard drive because I know him well enough to know he wouldn't pull apart a laptop to replace the hard drive. He told me he took it to a shop to have it replaced a few months earlier. I suspect that I'm either trying to view the wallet incorrectly or whoever replaced his hard drive snooped on his hard drive, stole the coins and replaced the wallet.dat file and generated a new one. I have to admit, I was relieved a little bit to have an explanation to coins not being there but I could imagine he thinks I may have had something to do with it. I made a few more attempts over the years whenever I was reminded of the situation to no avail. We kind of fell out after that and haven't spoken in a while. Recently, I saw a post on his Facebook that his wife is pregnant they are having a baby, and that's why I'm here. I would love nothing more than to be able to message him and let him know that I have 11 grand waiting for him, because I'm certain the money would mean the world to him during such a stressful time. Any help or insights would be incredibly helpful and appreciated.
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/ Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners? And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess. First, let's consider some principles of Bitcoin.
You the HODLer should be the one who controls where your money goes. Your keys, your coins.
You the HODLer should be able to coordinate and make contracts with other people regarding your funds.
You the HODLer should be able to do the above without anyone watching over your shoulder and judging you.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so). So, how does Taproot affect those principles?
Taproot and Your /Coins
Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash). (technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input). However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits! Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh? With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save! And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well! (P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1) Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service! So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win! (even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot) And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!
Taproot and Your Contracts
No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade. So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust. Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade. However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade. In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address. Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants). But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer). Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos). (technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).
Taproot and Your Contracts, Part 2: Cryptographic Boogaloo
Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code. This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded. And you can do that, with HTLCs, today. Of course, HTLCs do have problems:
Privacy. Everyone scraping the Bitcoin blockchain can see any HTLCs, and preimages used to claim them.
This can be mitigated by using offchain techniques so HTLCs are never published onchain in the happy case. Lightning would probably in practice be the easiest way to do this offchain. Of course, there are practical limits to what you can pay on Lightning. If you are buying something expensive, then Lightning might not be practical. For example, the "software" you are activating is really the firmware of a car, and what you are buying is not the software really but the car itself (with the activation of the car firmware being equivalent to getting the car keys).
Even offchain techniques need an onchain escape hatch in case of unresponsiveness! This means that, if something bad happens during payment, the HTLC might end up being published onchain anyway, revealing the fact that some special contract occurred.
And an HTLC that is claimed with a preimage onchain will also publicly reveal the preimage onchain. If that preimage is really the activation key of a software than it can now be pirated. If that preimage is really the activation key for your newly-bought cryptographic car --- well, not your keys, not your car!
Trust requirement. You are trusting the developer that it gives you the hash of an actual valid activation key, without any way to validate that the activation key hidden by the hash is actually valid.
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar". Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you. Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige). (Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key). So:
Privacy: PTLCs are private even if done onchain. Nobody else can learn what the private key behind the public key is, except you who knows the adaptor signature that when combined with the complete onchain signature lets you know what the private key of the activation key is. Somebody scraping the blockchain will not learn the same information even if all PTLCs are done onchain!
Lightning is still useful for reducing onchain use, and will also get PTLCs soon after Taproot is activated, but even if something bad happens and a PTLC has to go onchain, it doesn't reveal anything!
Trust issues can be proven more easily with a public-private keypair than with a hash-preimage pair.
For example, the developer of the software you are buying could provide a signature signing a message saying "unlock access to the full version for 1 day". You can check if feeding this message and signature to the program will indeed unlock full-version access for 1 day. Then you can check if the signature is valid for the purported pubkey whose private key you will pay for. If so, you can now believe that getting the private key (by paying for it in a PTLC) would let you generate any number of "unlock access to the full version for 1 day" message+signatures, which is equivalent to getting full access to the software indefinitely.
For the car, the manufacturer can show that signing a message "start the engine" and feeding the signature to the car's fimrware will indeed start the engine, and maybe even let you have a small test drive. You can then check if the signature is valid for the purported pubkey whose privkey you will pay for. If so, you can now believe that gaining knowledge of the privkey will let you start the car engine at any time you want.
(pedantry: the signatures need to be unique else they could be replayed, this can be done with a challenge-response sequence for the car, where the car gathers entropy somehow (it's a car, it probably has a bunch of sensors nowadays so it can get entropy for free) and uses the gathered entropy to challenge you to sign a random number and only start if you are able to sign the random number; for the software, it could record previous signatures somewhere in the developer's cloud server and refuse to run if you try to replay a previously-seen signature.)
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script. (technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)
Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable?? Well, in theory yes. In practice, they probably are not. It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash. When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key. So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key. (public keys should be public, that's why they're called public keys, LOL) And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions. So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort. Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers. For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
Current quantum computers can barely crack prime factorization problem for primes of 5 bits.
The 256-bit elliptic curve use by Bitcoin is, by my (possibly wrong) understanding, equivalent to 4096-bit primes, so you can see a pretty big gap between now (5 bit primes) and what is needed (4096 bit primes).
A lot of financial non-Bitcoin systems use the equivalent of 3072-bit primes or less, and are probably easier targets to crack than the equivalent-to-4096-bit-primes Bitcoin.
Quantum computers capable of cracking Bitcoin are still far off.
Pay-to-public-key-hash is not as protective as you might think.
We will probably see banks get cracked before Bitcoin, so the banking system is a useful canary-in-a-coal-mine to see whether we should panic about being quantum vulnerable.
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).
If you are a singlesig HODL-only Bitcoin user, Taproot will not affect you positively or negatively. Importantly: Taproot does no harm!
If you use or intend to use multisig, Taproot will be a positive for you.
If you transact onchain regularly using typical P2PKH/P2WPKH addresses, you get a minor reduction in feerates since multisig users will likely switch to Taproot to get smaller tx sizes, freeing up blockspace for yours.
If you are using multiparticipant setups for special systems of trade, Taproot will be a positive for you.
Remember: Lightning channels are multipartiicpiant setups for special systems of lightning-fast offchain trades!
I Wanna Be The Taprooter!
So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!
If you have developer experience especially in C, C++, or related languages
Review the Taproot code! There is one pull request in Bitcoin Core, and one in libsecp256k1. I deliberately am not putting links here, to avoid brigades of nontechnical but enthusiastic people leaving pointless reviews, but if you are qualified you know how to find them!
But I am not a cryptographeBitcoin Core contributomathematician/someone as awesome as Pieter Wuille
That's perfectly fine! The cryptographers have been over the code already and agree the math is right and the implementation is right. What is wanted is the dreary dreary dreary software engineering: are the comments comprehensive and understandable? no misspellings in the comments? variable names understandable? reasonable function naming convention? misleading coding style? off-by-one errors in loops? conditions not covered by tests? accidental mixups of variables with the same types? missing frees? read-before-init? better test coverage of suspicious-looking code? missing or mismatching header guards? portability issues? consistent coding style? you know, stuff any coder with a few years of experience in coding anything might be able to catch. With enough eyes all bugs are shallow!
If you are running a mining pool/mining operation/exchange/custodial service/SPV server
Be prepared to upgrade!
One of the typical issues with upgrading software is that subtle incompatibilities with your current custom programs tend to arise, disrupting operations and potentially losing income due to downtime. If so, consider moving to the two-node setup suggested by gmax, which is in the last section of my previous post. With this, you have an up-to-date "public" node and a fixed-version "private" node, with the public node protecting the private node from any invalid chainsplits or invalid transactions. Moving to this setup from a typical one-node setup should be smooth and should not disrupt operations (too much).
If you are running your own fullnode for fun or for your own wallet
Be prepared to upgrade! The more nodes validating the new rules (even if you are a non-mining node!), the safer every softfork will be!
If you are using an SPV wallet or custodial wallet/service (including hardware wallets using the software of the wallet provider)
Contact your wallet provider / SPV server and ask for a statement on whether they support Taproot, and whether they are prepared to upgrade for Taproot! Make it known to them that Taproot is something you want!
But I Hate Taproot!!
Raise your objections to Taproot now, or forever hold your peace! Maybe you can raise them here and some of the devs (probably nullc, he goes everywhere, even in rbtc!) might be able to see your objections! Or if your objections are very technical, head over to the appropriate pull request and object away!
Maybe you simply misunderstand something, and we can clarify it here!
Or maybe you do have a good objection, and we can make Taproot better by finding a solution for it!
The Dow fell 525.05, or 1.92%, to 26,763.13, the Nasdaq lost 330.65, or 3.02%, to 10,632.98, and the S&P 500 declined 78.65, or 2.37%, to 3,236.92. The S&P 500 dropped 2.4% on Wednesday in a broad-based retreat that reflected cash-raising efforts. The Nasdaq Composite fell 3.0%, the Russell 2000 fell 3.0%, and the Dow Jones Industrial Average fell 1.9%. U.S. equity futures were firmer in early trading following an agreement on a continuing resolution to avoid a government shutdown and J&J announcing that it has begun a large phase 3 trial of its COVID-19 vaccine. However, the early gains did not hold and the major averages were all in the red by midday. All 11 S&P 500 sectors closed sharply lower between 1.1% (health care) and 4.6% (energy), and traditional safe-haven assets did not see the usual appreciation in times of equity weakness. An initial weakness in the mega-cap stocks, however, gradually spilled over to the broader market, and the negative price action appeared to reinforce the idea that the market's recent pullback may not yet have run its course. The CBOE Volatility Index increased 6.4% to 28.58, which was a relatively modest gain. Losses steepened in the afternoon without much interest to buy the dip. Shares of AAPL fell 4% while TSLA fell 10% post-Battery Day. On a related note, UBS resumed coverage on Apple with a Neutral rating, versus a prior Buy rating. Data from the Johns Hopkins Whiting School of Engineering shows there are now 31.7M confirmed cases of COVID-19 worldwide, including 6.9M in the U.S., and 972,372 deaths due to the disease, including 201,000 in the U.S. Separately, the House passed a government funding bill through Dec. 11 that the Senate is expected to pass later this week. Notwithstanding this piece of good news, general uncertainty surrounding the election, the coronavirus, and the economy likely increased the cash appeal. In other auto news, California Governor Gavin Newsom announced that he will "aggressively move the state further away from its reliance on climate change-causing fossil fuels while retaining and creating jobs and spurring economic growth," issuing an executive order requiring sales of all new passenger vehicles to be zero-emission by 2035 and additional measures to "eliminate harmful emissions from the transportation sector." Among the notable gainers was WDC, which rose 6.7% after the company announced that it is reorganizing and creating separate business units for its Flash and Hard Drive product businesses. Among the notable losers was JPM, which was lower by 1.6% after Bloomberg reported that the bank is set to pay close to $1B to resolve market manipulation investigations by U.S. authorities into its trading of metals futures and Treasury securities. Additionally, shares of DAL fell 2.2% as Bloomberg said that the airline is in talks with EADSY to delay at least 40 aircraft deliveries planned for this year due to the airline's struggles with a travel market hit by the coronavirus pandemic. Elsewhere, European stocks closed higher Wednesday as investors reacted to key data releases from the euro zone and weighed up the possibility of further stimulus measures for the region. Stocks in Asia-Pacific were mixed on Wednesday.
The U.S. Dollar Index rose 0.4% to 94.32, reaching its best level in nearly four months.
EUUSD: -0.4% to 1.1657
GBP/USD: -0.2% to 1.2712
USD/CNH: +0.7% to 6.8255
USD/JPY: +0.5% to 105.41
U.S. Treasuries ended Wednesday on a modestly lower note, but once again, intraday action was confined to a narrow range. The trading day started with modest losses after overnight action saw a rally in European markets, which reflected a rebound in risk tolerance. However, that rebound was short-lived, resulting in a slide into the European close and more weakness on Wall Street.
2-yr: UNCH at 0.13%
3-yr: +1 bp to 0.15%
5-yr: +1 bp to 0.27%
10-yr: +1 bp to 0.68%
30-yr: +1 bp to 1.43%
Oil rose more than 1% on Wednesday, supported by U.S. government data that showed crude and fuel inventories dropped last week, although concerns about the ongoing coronavirus pandemic capped gains. Spot gold dipped 1.5% to $1,870.11 per ounce, having hit its lowest since Aug. 12 at $1,865.03.
WTI crude: +1.0% to $39.94/bbl
Gold: -2.0% to $1868.90/ozt
Copper: -2.2% to $2.993/lb
Bitcoin fell as investors sold equities, gold and other fiat currencies on renewed coronavirus concerns.
Bitcoin: $10,331.92 (24hr: -1.71%)
Ethereum: $369.66 (24hr: -4.38%)
Ripple: $0.22 (24hr: -2.02%)
FAAMG + some penny stocks +18.5% YTD
Spoos +0.2% YTD
Old man -6.2% YTD
Russy -13% YTD
What Patrick, the Cat says?
The S&P 500 is down 5.3% in September while the Nasdaq Composite is down 6.9%. The market could go either way today (to state the obvious). Summaryscrapedfromtheinterweb.Took0.36seconds.
I have ADHD. I was diagnosed at age 12. What happened is I got to middle school, and my life fell apart. It came on like a typhoon. Things seemed alright as I started, but I still remember that October when my family went to sixth-grade check-in. My twin sister went first. The meeting lasted about four minutes. She and my parents left with smiles all around and talk of getting In N Out on the way home. Then it was my turn. Every teacher I had stood in a circle. They seemed...different. One by one, they went around and told me that I was shit. Some were nicer than others, but everyone had the same message to convey: Doesn't complete his homework all the way Distracts others trying to learn Unable to follow along in class Not sure if he can keep up I then heard my grades: C-, D+, C+, A in PE, C, and an F in Social Studies. I don't remember being ashamed or embarrassed or anything. I remember being confused. I had gone to school every day and tried hard and thought I was doing what the teacher asked. Nope. Guess I wasn't. Nobody had much advice for me. They just wanted me to know that I sucked. And that my parents should understand so. I don't know if my parents freaked out or punished me or what. But they weren't happy. The last to go was my social studies teacher, Sven. He asked me if I knew how to read. I politely nodded my head. But he wasn't sure. He talked about all the symptoms he had seen from me. To counter, I pulled a grad-level book on the Cold War off a shelf and read a page aloud while trying not to cry. People were even more confused. Some estimate that a child with ADHD will receive 20,000 more negative comments before the age of 12 than a non-ADHD child will. I can't speak to that exactly, but I can say that this was not the only time I've had a room full of people upset with me for reasons I never saw coming. It doesn't get much easier. Sven caught up to us as we walked to the car. He was cagey with his reasoning, but he told us that there might be something up with my brain. He recommended I get tested by a psychiatrist and see what she had to say. I've since come to my conclusions where he got such an idea. The testing was fun. I've always liked tests. Didn't mention it, but they also thought I couldn't read in 2nd grade. Lol. That one went away after I took a standardized exam and scored in the 99th percentile of the nation in reading. I thought standardized tests were fun, you see. I moved a bunch of colored balls into colored holes and tried to remember what color things were after 10 minutes and everything else you might expect. I didn't know what I was even doing, but I felt I could hang. Three weeks later, I got my results. The only part I remember is that my psychiatrist noted that in her entire career, she had never met someone who scored higher on specific tasks and yet lower on others. My chart looked like OJ Simpson’s polygraph. I could keep going, and in another article, I will. But this is how I got diagnosed. And the key to all of it was Sven. Everything makes perfect sense after the fact, but only when you realize that a single teacher served as the link that completes the narrative. I do not know where I am today without him. I got lucky that this story takes place in 2003, and at a private school with teachers who genuinely cared about me. For reasons a lawyer in the comments needs to help me understand better, public school teachers seem loath to alert students of disabilities of any kind. This includes ADHD but also things like autism, dyslexia, and mood disorders. Things that seem apparent to me in a way that makes it seem impossible that no other teacher in the past 13 years hasn’t also picked up on them. That means many students go through primary schooling while having no idea they have a problem at all. When I mention to a student they might have ADHD, they are first confused, but then some memories come back. The first is that someone, usually a sports or music coach, had once told them the same thing. The other is that they remember a lot of teachers saying weird stuff they didn't understand at the time. Stuff like, "You’re so talented. I just wish you could be better focused. Have you talked to anyone about why you could be having trouble?" To me, those sound like hints from a teacher who has been told by her bosses not to put the school at risk. I am not a teacher. I'm a private consultant and can pretty much say whatever I want. I am also not a doctor - people would die - but I am a concerned adult who has taken courses in spotting learning disabilities. I'm also someone who will do absolutely anything to make sure his students have the best chance for success now and in the future. I'm also someone who asked both my ADHD-psychiatrist (hi!) and ADHD-therapist (hi!!!!!) if I had the right to tell students if I suspected something; they both went, Ya, dude. Totally. So I try to be Sven. I try to pay attention to what my students do and say and provide feedback that can help them. I'd like to note what that feedback is here to make sure people don't miss it because my pieces go on for way too long. If you are a high school student who suspects he or she has ADHD, your best course of action is to talk with your parents and look into being tested by a professional psychiatrist who specializes in the topic. These tests are expensive, and mental health insurance in America sucks balls. But this is the fastest, most straightforward route to getting the help you need. Option two is to try and work with/through your public high school to get them to pay for it.This site has some good info. My guess is that this method will suck. Public schools don't have a lot of funding and will not want to spend it on you. That's not your problem. You will almost certainly need your parents to back you up on this one and sit through a lot of boring meetings. I assume a lot of people will tell you a lot of reasons why they can't help you. Your response every time should be some version of, "Sure. But I need help with this. And I'm not going to stop until I get the support I need. So what do I do from here?" Then you blankly stare at them and refuse to leave until they get you at least to the next step. I'm not sure how well this will work. If you do attempt or have attempted this method, please DM me or contact my Email with your experience. I want to know if this is even worth my student's time. If you can not afford traditional testing or do not feel your parents would support such testing, your best option is to wait until the day you turn 18 and then register for a telehealth company specializing in ADHD. The one I use and recommend isHelloAhead.com. They're neat. They do not take traditional insurance, but their rates are much lower than most doctors. They are cheap enough that I feel an average 18-year old who wants help could find a way to afford it on his or her own. The downside with these sites is the waiting times can be long. Took me like five months. Other such sites are popping up, and while I can't vouch for them, they all seem to offer a similar service. Those paragraphs are what I want every student here to know. I'm much more comfortable having a trained doctor tell you what the deal is than I am trying to do it myself. But I have to see something if I want to be Sven. The question then is, how do I see it? For spotting ADHD, it's shockingly simple. And I'll get to the real reason at the end. But for now, here is what I see when I see a student with ADHD. The best way I can describe their lives is "endless chaos" The chaos isn't always bad! Rarely it's fun chaos, but often it's just chaos chaos. This chaos exists in both physical and mental forms. Physical: Their shit is such a mess. Everything. Most of the work we do is digital, so I see the Google Doc version of their mind. Folders make no sense. Things are labeled inaccurately or not at all. Schools get combined, or separated, or forgotten altogether. It is not a single type of error, but instead a collection of small mistakes and poor decisions that make the work impossible to corral. I have some kids that are messy or lazy, but this is different. It's like if the original folder system I built for them was an amoeba in a petri dish. Leave that dish out for a weekend and come back. The patterns will be remarkably similar to the organizational gore that they then try to utilize. Mental: There's always a story. "I was late because my car has a flat tire, and the guy was late, so I had to take an Uber." "I didn't know my music essays were due a month early because the form only mentioned there being a recital." "My friend is mad at me, but it's only because she didn't tell me we were the first group presenting, so I spent more time preparing our project". These stories make sense at first. But after a few weeks, they start to pile up. Then I become the one hearing a story about why they didn't do what I wanted, and I stop being so forgiving. ADHD is a neurological disorder. Not a mental illness. It's closer to diabetes than it is bi-polar. "ADHD" is a fairly garbage name for the condition because A) it has a stigma, and B) it isn't even accurate. Both attention deficit and hyperactivity are symptoms of ADHD, but they are not the problem itself. It would be like calling clinical depression "low energy and excessive guilt disorder". ADHD is actually an issue involving improper dopamine regulation in the brain combined with under-activity of the brain's executive function component. The executive function center is the part of your brain that is in charge of making sure all the other parts of your brain play nice and communicate. When the executive function center breaks down...those other parts don't. The result is a failure to plan or coordinate + a need for impulsive stimulation, thus resulting in endless chaos. This is what I’ll ask you if you DM me, btw. Is your life endless chaos? Sometimes do you like the chaos? Sometimes do you get bored and create the chaos yourself just to see what might happen? But when that chaos stops being so fun, can you make it stop? They're very, very intelligent You've probably heard about the "gifted ADHD genius" thing before. I don't think it exists. My theory has always been that the "gifted ADHD child" is a victim of survivorship bias. The research states that ADHD has either no or a negative correlation with intelligence. There is also a startling overlap with ADHD and incarceration. This means that students who still manage to succeed despite their disorder tend to have advantages that keep them in the game. Namely that they're smart as hell. The other saving grace is that they come from secure support networks that prevent them from unraveling completely. I've heard from such students that their mom or dad works tirelessly to keep their life in order and to make sure they're getting things done. I do not think it is a coincidence that when ADHD students leave for college, things often fall apart. The fact that there are ADHD kids that others know and still like makes some think ADHD isn't so bad or comes with natural cognitive advantages. Those same people do not become friends with the ADHD dumb kids who would disprove those perceptions. Do you remember that kid in elementary school who was his own worst enemy? He never had friends, and everyone was kind of afraid to even talk with him? He was kind of a bully but mostly just awful? He invited you to his house one time, but your mom wouldn’t let you go? That is my best guess of what a dumb kid with ADHD is like. It sounds cold writing it, but you know which kid I'm talking about right now. Where do you think that kid is today? I end up with the smart ones—the ones with parents who care. And God damn are these kids smart. They're brilliant, and funny, and likable, and charming. They have something different about them that makes them undeniable. And it's not just me. I worry I play them up too much in my mind, but then I chat with a teacher or coach of theirs. It's always the same thing: Oh, she's brilliant. She can be so frustrating sometimes, tho. They can be so frustrating sometimes, tho The word is frustrating. Now bad. Not nasty. Not unlikeable. Frustrating. I have some students I just don't like that much (no, not you). What tends to be the common theme with them is that they don't have much interest in my help and display a work ethic to match. On the other spectrum are the world beaters (totally you). These kids kick ass and not only follow my advice but often take that advice to the next level in ways that awe and inspire me. And then there are the kids I think have ADHD. They don't do stuff all the time. They don't finish an essay, or they forget to spell check like I asked, or they write about something that has nothing to do with the outline we built the week before. That's not necessarily the frustrating part. You kids are 17; you make mistakes. Early on, I try to spot these mistakes and point them out. Even the students who don't like me seem to get my point after enough prodding and the problem goes away. With these kids, the problem does not go away. Or if it does, another problem pops right back up to replace it. It makes me feel like there's nothing I can do. It would be easier if the student was just a brat. Then I could either become a brat myself or mentally check out because "hey man, your future”. I need a name for kids I suspect have ADHD…"MaybeHD"? Ya. That’s super funny. Say it out loud and try not to laugh. But these MaybeHD kids do like me. And they do want to get into school. And they do feel bad when I get upset with them. I end up in long, drawn-out conversations with them about why this is important and why they need to make specific work a priority to get into the schools they want to go to. Then they nod meekly and head home. Then they come back next week, and it's the same story. Frustrating. They are randomly awesome at the weirdest things I love weird talents. Things that no one offers up immediately, but then you're chatting, and it comes up naturally. "Oh ya, I love animals! I raise baby pigs in my backyard!" "You do?" "Ya!" At some point, the MaybeHD kid read something or watched a Youtube video that he or she liked. Then they wanted to try it. Six months later, they're making 4k a month selling custom bathrobes on Etsy. There's rarely any logic. "Do you like baths? Or making clothing? "Not really. I just thought it looked fun, so I bought a sewing kit and started making things." There is a noted link between ADHD and entrepreneurship. I see it with my MaybeHD students. They have an insatiable drive and passion for following up on curiosities that other students don't possess. Passion is the wrong word. They have obsessions with mastering concepts in a way that feels beyond their control. The obsession itself drives them to be great. The literature on the subject is cloudy. But there exists a term in ADHD circles called "Hyperfocus". If you know what "flow" is, it's kind of like that. Only more intense and less controllable. I often see the remnants of past hyperfocuses in their stories. They used to run that pig farm. They used to sell bathrobes. They used to be really into getting good grades at school. But then one day, just as quickly as they picked the skill up, they dropped it. They can seldom tell me why. Their priorities are completely out of whack The downside of hyperfocus is that it can be so all-encompassing that other priorities fall by the wayside. One of my favorite students ever is named Elleway. We chatted in our first meeting, and I was instantly intrigued by her background. She said she had designed and prototyped a unit that would automatically roll under parked electric cars for hands-free charging. I hear a lot of impressive stuff in my job, and a lot of it ends up being not that impressive. But then Elleway showed me the prototype video she made back when she was a high school freshman and it blew my mind. https://youtu.be/Y5Ap2uMbWL4 Can you do that? I sure as hell can't. She wasn't even an engineer. She calmly explained that she had partnered with several older male engineers who had helped turn her idea into reality. Then she had done all the promotional and marketing work herself. Then she got second out of 300 students at a young entrepreneur contest held at Columbia University. Shortly after, a tech CEO came up to her and asked if she would like to work with him to file a patent for the invention. She agreed and is now a trademark holder. That was all in our first 10 minutes. She then went on to share the half dozen corporations she had worked for. And the three businesses she started. And the graphic design work she made for her website. She told me how she was a Nationally ranked fencer until she lost interest. She was now merely a Nationally ranked golfer. Then I saw she had a 2.9 GPA and thus zero shot at getting into NYU like she hoped. I did not initially think Elleway had ADHD. I thought she was a pathological liar. It seemed impossible to me that this same girl who had already taken a grip on the world was then unable to keep up her grades in math. That just isn’t how any -any- of my other ultra high-achieving students behave. Then Elleway showed me pictures of her casually hanging out with Andrew Yang. And then her LinkedIn With a lot of people who do not accept your request unless they want to. I had to figure out what the hell led to all this. Elleway’s patent and ambition to work on it had taken up all her time. She was so singularly focused on doing what she cared about that the world behind her didn't seem to exist. She was hyperfocused on a goal, but once she reached it, she woke up to a reality that punished her for ignoring everything else. That's the longing writer's version of the story. The more popular one is that she didn't give a shit about school, was warned repeatedly about the consequences, and ignored them. She got what she deserved. That’s the version the rest of the world had for her. It goes back to frustrating. I've gotten kids into NYU that don't show a fifth the potential that Elleway did. Those kids went to all the camps their parents paid for and entered competitions with a tech doorbell or something lame, and they're just fine. But MaybeHD students are often world-beaters in ways that make them seem so special. They talk endlessly not just about what they're into but how they figured it all out and why it is all so important to them. I believe them, and I want to fight for them. So I give them as much assistance as I possibly can. But then they don't do the increasingly easy tasks I ask for them to complete. Then they suffer the consequences. Elleway didn't get into NYU. She didn't get in much of anywhere. It eats me up inside, and I feel like I failed her. I don't know how many other people in my position would feel the same way. That's why I have to be Sven. This is getting long, and I'm getting depressed. Here's the TL: DR of what I see when I see a student with ADHD ... Me. I see me. And it can hurt really bad knowing what a condition like ADHD does to a young person's life. My life is endless chaos. I've been out of food for nine days. My house looks like Badger from Breaking Bad bought a loft in Palo Alto. I am still writing this at 3:25 AM when I have to be up for work at nine. My cat has started doing this thing where she sleeps in her food bowl when it gets empty. It's equal parts adorable and humiliating. I'm smart as shit. I know it. I made up half-ideas. That article is absolute fire. I got published on Cracked.com five times in 2011 when that meant something. I went to Tulane on a half-ride merit scholarship, used to win creative writing contests, and have done a bunch of other writery stuff that made people stand up and go, "Woah". But I only made it to college because my mom carried me there, kicking and screaming. She packaged my life together, and I held on for the ride. Then I got to school and made it two months before she got an Email alerting her that Tulane was planning to revoke the remaining $70,000 of my $80,000 scholarship due to my grades. I barely scraped by and survived. But the shame and frustration in her voice when she read me that letter over the phone haunts me to this day. I analyze handwriting. And I turned a Reddit account into a successful business in four months. And I collect college T-shirts from schools my students go to. And I own Bitcoin I bought in 2011 for $4.50 each. And I'm teaching myself piano with a video game. And I'm exercising with a video game. And I'm ranked 42nd in Northern California at Super Smash Bros Ultimate. And I’ve tried the nachos at over 100 Taquerias in the Bay Area. And I own a really cute cat. But I've spent 15* hours this week writing this instead of a sequel to that Costco piece. I have one coming where I edit my Common App essay from 2009. It's a great idea and a great article. One that will drive significantly more business to my site than this piece will. Hell, I predict this piece is likely to lose me business because I come off like a mess in it. But it's what I want to write, so I feel like I have no choice. *The 15 hours is a guess. I have no idea how long it takes me to write and edit these things. I start typing and X hours later look up and realize how hungry I am and how much I need to pee. The writing controls me. I see myself in my MaybeHD students. I see their unfettered curiosity and flair for taking as much good from the world as possible. I see their infectious enthusiasm and ability to quickly forgive others because they know too well how it feels to want forgiveness themselves. Yet I also see their inattention to detail, their weak excuses, and their general confusion that makes me realize they couldn't fix some problems if their lives depended on it. I see their sadness and shame when those mistakes pile up. I see when the chaos stops being fun, and they want out, but they don't know how. I don't know what I, as their consultant, can do. But as Sven, I can recommend they go talk to someone else... Hey, so, I was considering hiring you and all...but you seem kind of bad. Why should I trust you? Because a couple of years ago, I got back on my medication and turned my life around. You aren't reading this if I don't reach out for help and trust a trained psychiatrist to guide me. There are no groups of friends in Delaware or Connecticut comparing their half-ideas lists. There sure as shit isn't a CollegeWithMattie.com. I still have ADHD. But one of the greatest things about ADHD is that it is -without rival- the most treatable form of mental illness or dysfunction known to man. It is not curable, but there are endless medical and non-medical options available for those willing to reach out and get the help they need. My story is that it was only by getting re-medicated that I then could learn and use coping mechanisms that allow me to achieve the type of life I've always wanted. Christ, 4,400 words. You know, I'm also submitting this for a class I'm in. That's why all the backlinks are to actual sources instead of links herding you into my website. Hi Amy! That's one more thing. ADHD people are hyper-efficient...Kind of. Alright. If you're still here reading this, you might be suspecting some things about yourself. My DMs are open if you want to chat, but again, I am not a doctor. I will say that right now, as you prepare to head to college, is a really good time to get this all figured out. College is a giant reset button on your life. Figure these problems out now so that by the time you head off for your next chapter, you will have given yourself the best possible chance to succeed. Endless chaos. Here is the bold part again: If you are a student in high school who suspects he or she has ADHD, your best course of action is to talk with your parents and look into being tested by a professional psychiatrist who specializes in the topic. These tests are expensive, and mental health insurance in America (still) sucks balls. But this is the fastest, most straightforward route to getting the help you need. Option two is to try and work with/through your public high school to get them to pay for it.This site has some good info. My guess is that this method will kind of suck. Public schools don't have a lot of funding and will not want to spend it on you. That's not your problem. You will almost certainly need your parents to back you up on this one and sit through a lot of boring meetings. I assume a lot of people will tell you a lot of reasons why they can't help you. Your response every time should be some version of, "Sure. But I need help with this. And I'm not going to stop until I get the support I need. So what do I do from here?" Then you blankly stare at them and refuse to leave until they get you at least to the next step. This will suck and I'm not sure how well it will work. If you do attempt or have attempted this method, please DM me or contact my Email with your experience. I want to know if this is even worth my student's time. If you can not afford traditional testing, or if you do not feel your parents would support such testing, your best option is to wait until the day you turn 18 and then register for a telehealth company that specializes in ADHD. The one I use and recommend isHelloAhead.com. They're neat. They do not take traditional insurance, but their rates are much lower than most doctors. They are cheap enough that I feel an average 18-year old who wants help could find a way to afford it on his or her own. The downside with these sites is the waiting times can be really long. Took me like five months. Other such sites are popping up, and while I can't vouch for them, they all seem to offer a similar service. Update: The lines aren't that long anymore! Monday was Elleway's 18th birthday. She sent me a screengrab of her upcoming Ahead appointment in early September. She told me she spent the entire day crying because all her friends were going off to great schools and that she was stuck at home. I've told Elleway that I plan to help her reapply to NYU this year. I doubt I will ever want to see another student succeed as much as I will with her.
Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it! (If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?) (Pedants: I mostly elide over lockin times) Briefly, Taproot is that neat new thing that gets us:
Multisignatures (n-of-n, k-of-n) that are just 1 signature (1-of-1) in length!! (MuSig/Schnorr)
Better privacy!! If all contract participants can agree, just use a multisignature. If there is a dispute, show the contract publicly and have the Bitcoin network resolve it (Taproot/MAST).
Activation lets devs work get back to work on the even newer stuff like!!!
Cross-input signature aggregation!! (transaction with multiple inputs can have a single signature for all inputs) --- needs Schnorr, but some more work needed to ensure that the interactions with SCRIPT are okay.
Block validation - Schnorr signatures for all taproot spends in a block can be validated in a single operation instead of for each transaction!! Speed up validation and maybe we can actually afford to increase block sizes (maybe)!!
SIGHASH_ANYPREVOUT - you know, for Decker-Russell-Osuntokun ("eltoo") magic!!!
OP_CHECKTEMPLATEVERIFY - vaulty vaults without requiring storing signatures, just transaction details!!
So yes, let's activate taproot!
The SegWit Wars
The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions. So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!
bit - A field in the block header, the nVersion, has a number of bits. By setting a particular bit, the miner making the block indicates that it has upgraded its software to support a particular soft fork. The bit parameter for a BIP9 activation is which bit in this nVersion is used to indicate that the miner has upgraded software for a particular soft fork.
timeout - a time limit, expressed as an end date. If this timeout is reached without sufficient number of miners signaling that they upgraded, then the activation fails and Bitcoin Core goes back to the drawing board.
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two. A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this. So, first some simple questions and their answers:
Why not just set a day when everyone starts imposing the new rules of the softfork?
This was done classically (in the days when Satoshi was still among us). But this might argued to put too much power to developers, since there would be no way to reject an upgrade without possible bad consequences. For example, developers might package an upgrade that the users do not want, together with vital security bugfixes. Either you live without vital security bugfixes and hire some other developers to fix it for you (which can be difficult, presumably the best developers are already the ones working on the codebase) or you get the vital security bugfixes and implicitly support the upgrade you might not want.
Sure, you could fork the code yourself (the ultimate threat in the FOSS world) and hire another set of developers who aren't assholes to do the dreary maintenance work of fixing security bugs, but Bitcoin needs strong bug-for-bug compatibility so everyone should really congregate around a single codebase.
Basically: even the devs do not want this power, because they fear being coerced into putting "upgrades" that are detrimental to users. Satoshi got a pass because nobody knew who he was and how to coerce him.
Suppose the threshold were lower, like 51%. If so, after activation, somebody can disrupt the Bitcoin network by creating a transaction that is valid under the pre-softfork rules, but are invalid under the post-softfork rules. Upgraded nodes would reject it, but 49% of miners would accept it and include it in a block (which makes the block invalid) And then the same 49% would accept the invalid block and build on top of that, possibly creating a short chain of doomed invalid blocks that confirm an invalid spend. This can confuse SPV wallets, who might see multiple confirmations of a transaction and accept the funds, but later find that in fact it is invalid under the now-activated softfork rules.
Thus, a very high threshold was imposed. 95% is considered safe. 50% is definitely not safe. Due to variance in the mining process, 80% could also be potentially unsafe (i.e. 80% of blocks signaling might have a good chance of coming from only 60% of miners), so a threshold of 95% was considered "safe enough for Bitcoin work".
Why have a timeout that disables the upgrade?
Before BIP9, what was used was either flag day or BIP34. BIP34 had no flag day of activation or a bit, instead, it was just a 95% threshold to signal an nVersion value greater than a specific value. Actually, it was two thresholds: at 75%, blocks with the new nVersion would have the new softfork rules imposed, but at 95% blocks with the old nVersion would be rejected (and only the new blocks, with the new softfork rules, were accepted). For one, between 75% and 95%, there was a situation where the softfork was only "partially imposed", only blocks signaling the new rules would actually have those rules, but blocks with the old rules were still valid. This was fine for BIP34, which only added rules for miners with negligible use for non-miners.
The reasons miners signalled support was because they felt they were being pressured to signal support. So they signalled support, with plans to actually upgrade later, but because of the widespread signalling, the new BIP66 version locked in before upgrade plans were finished. Thus, the timeout that disables the upgrade was added in BIP9 to allow miners an escape hatch.
The Great Battles of the SegWit Wars
SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain). So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%. Thus were the Great SegWit Wars started.
BIP9 Feature Hostage
If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage. You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever. With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you. This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.
ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Overt ASICBoost - Manipulates the unused bits in nVersion to reduce power consumption in mining.
Covert ASICBoost - Manipulates the order of transactions in the block to reduce power consumption in mining.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected. Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway. Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost! But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage). Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit. Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!
UASF: BIP148 and BIP8
When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit. Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit. This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core. Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout). BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled. This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9. Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.
BIP91, SegWit2X, and The Aftermath
BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community. One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym. The text of the NYA was basically:
Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91. Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit. Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X). This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists. Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout) So let's take a look at Modern Softfork Activation!
Modern Softfork Activation
This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
First have a 12-month BIP9 (fail at timeout).
If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation. The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.
PSA: Being Resilient to Upgrades
Software is very birttle. Anyone who has been using software for a long time has experienced something like this:
You hear a new version of your favorite software has a nice new feature.
Excited, you install the new version.
You find that the new version has subtle incompatibilities with your current workflow.
You are sad and downgrade to the older version.
You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system. And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk. Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations. So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist. Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems. When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well). This recommendation is from gmaxwell on IRC, by the way.
Meet Brock Pierce, the Presidential Candidate With Ties to Pedophiles Who Wants to End Human Trafficking
thedailybeast.com | Sep. 20, 2020. The “Mighty Ducks” actor is running for president. He clears the air (sort of) to Tarpley Hitt about his ties to Jeffrey Epstein and more. In the trailer for First Kid, the forgettable 1996 comedy about a Secret Service agent assigned to protect the president’s son, the title character, played by a teenage Brock Pierce, describes himself as “definitely the most powerful kid in the universe.” Now, the former child star is running to be the most powerful man in the world, as an Independent candidate for President of the United States. Before First Kid, the Minnesota-born actor secured roles in a series of PG-rated comedies, playing a young Emilio Estevez in The Mighty Ducks, before graduating to smaller parts in movies like Problem Child 3: Junior in Love. When his screen time shrunk, Pierce retired from acting for a real executive role: co-founding the video production start-up Digital Entertainment Network (DEN) alongside businessman Marc Collins-Rector. At age 17, Pierce served as its vice president, taking in a base salary of $250,000. DEN became “the poster child for dot-com excesses,” raising more than $60 million in seed investments and plotting a $75 million IPO. But it turned into a shorthand for something else when, in October of 1999, the three co-founders suddenly resigned. That month, a New Jersey man filed a lawsuit alleging Collins-Rector had molested him for three years beginning when he was 13 years old. The following summer, three teens filed a sexual-abuse lawsuit against Pierce, Collins-Rector, and their third co-founder, Chad Shackley. The plaintiffs later dropped their case against Pierce (he made a payment of $21,600 to one of their lawyers) and Shackley. But after a federal grand jury indicted Collins-Rector on criminal charges in 2000, the DEN founders left the country. When Interpol arrested them in 2002, they said they had confiscated “guns, machetes, and child pornography” from the trio’s beach villa in Spain. While abroad, Pierce had pivoted to a new venture: Internet Gaming Entertainment, which sold virtual accessories in multiplayer online role-playing games to those desperate to pay, as one Wired reporter put it, “as much as $1,800 for an eight-piece suit of Skyshatter chain mail” rather than earn it in the games themselves. In 2005, a 25-year-old Pierce hired then-Goldman Sachs banker Steve Bannon—just before he would co-found Breitbart News. Two years later, after a World of Warcraft player sued the company for “diminishing” the fun of the game, Steve Bannon replaced Pierce as CEO. Collins-Rector eventually pleaded guilty to eight charges of child enticement and registered as a sex offender. In the years that followed, Pierce waded into the gonzo economy of cryptocurrencies, where he overlapped more than once with Jeffrey Epstein, and counseled him on crypto. In that world, he founded Tether, a cryptocurrency that bills itself as a “stablecoin,” because its value is allegedly tied to the U.S. dollar, and the blockchain software company Block.one. Like his earlier businesses, Pierce’s crypto projects see-sawed between massive investments and curious deals. When Block.one announced a smart contract software called EOS.IO, the company raised $4 billion almost overnight, setting an all-time record before the product even launched. The Securities and Exchange Commission later fined the company $24 million for violating federal securities law. After John Oliver mocked the ordeal, calling Pierce a “sleepy, creepy cowboy,” Block.one fired him. Tether, meanwhile, is currently under investigation by the New York Attorney General for possible fraud. On July 4, Pierce announced his candidacy for president. His campaign surrogates include a former Cambridge Analytica director and the singer Akon, who recently doubled down on developing an anonymously funded, $6 billion “Wakanda-like” metropolis in Senegal called Akon City. Pierce claims to be bipartisan, and from the 11 paragraphs on the “Policy” section of his website it can be hard to determine where he falls on the political spectrum. He supports legalizing marijuana and abolishing private prisons, but avoids the phrase “climate change.” He wants to end “human trafficking.” His proposal to end police brutality: body cams. His political contributions tell a more one-sided story. Pierce’s sole Democratic contribution went to the short-lived congressional run of crypto candidate Brian Forde. The rest went to Republican campaigns like Marco Rubio, Rick Perry, John McCain, and the National Right to Life Political Action Committee. Last year alone, Pierce gave over $44,000 to the Republican National Committee and more than $55,000 to Trump’s re-election fund. Pierce spoke to The Daily Beast from his tour bus and again over email. Those conversations have been combined and edited for clarity. You’re announcing your presidential candidacy somewhat late, and historically, third-party candidates haven’t had the best luck with the executive office. If you don’t have a strong path to the White House, what do you want out of the race? I announced on July 4, which I think is quite an auspicious date for an Independent candidate, hoping to bring independence to this country. There’s a lot of things that I can do. One is: I’m 39 years old. I turn 40 in November. So I’ve got time on my side. Whatever happens in this election cycle, I’m laying the groundwork for the future. The overall mission is to create a third major party—not another third party—a third major party in this country. I think that is what America needs most. George Washington in his closing address warned us about the threat of political parties. John Adams and the other founding fathers—their fear for our future was two political parties becoming dominant. And look at where we are. We were warned. I believe, having studied systems, any time you have a system of two, what happens is those two things come together, like magnets. They come into collision, or they become polarized and become completely divided. I think we need to rise above partisan politics and find a path forward together. As Albert Einstein is quoted—I’m not sure the line came from him, but he’s quoted in many places—he said that the definition of insanity is making the same mistake or doing the same thing over and over and over again, expecting a different result. [Ed. note: Einstein never said this.] It feels like that’s what our election cycle is like. Half the country feels like they won, half the country feels like they lost, at least if they voted or participated. Obviously, there’s another late-comer to the presidential race, and that’s Kanye West. He’s received a lot of flak for his candidacy, as he’s openly admitted to trying to siphon votes away from Joe Biden to ensure a Trump victory. Is that something you’re hoping to avoid or is that what you’re going for as well? Oh no. This is a very serious campaign. Our campaign is very serious. You’ll notice I don’t say anything negative about either of the two major political candidates, because I think that’s one of the problems with our political system, instead of people getting on stage, talking about their visionary ideas, inspiring people, informing and educating, talking about problems, mentioning problems, talking about solutions, constructive criticism. That’s why I refuse to run a negative campaign. I am definitely not a spoiler. I’m into data, right? I’m a technologist. I’ve got digital DNA. So does most of our campaign team. We’ve got our finger on the pulse. Most of my major Democratic contacts are really happy to see that we’re running in a red state like Wyoming. Kanye West’s home state is Wyoming. He’s not on the ballot in Wyoming I could say, in part, because he didn’t have Akon on his team. But I could also say that he probably didn’t want to be on the ballot in Wyoming because it’s a red state. He doesn’t want to take additional points in a state where he’s only running against Trump. But we’re on the ballot in Wyoming, and since we’re on the ballot in Wyoming I think it’s safe—more than safe, I think it’s evident—that we are not here to run as a spoiler for the benefit of Donald Trump. In running for president, you’ve opened yourself up to be scrutinized from every angle going back to the beginning of your career. I wanted to ask you about your time at the Digital Entertainment Network. Can you tell me a little bit about how you started there? You became a vice president as a teenager. What were your qualifications and what was your job exactly? Well, I was the co-founder. A lot of it was my idea. I had an idea that people would use the internet to watch videos, and we create content for the internet. The idea was basically YouTube and Hulu and Netflix. Anyone that was around in the ‘90s and has been around digital media since then, they all credit us as the creators of basically those ideas. I was just getting a message from the creator of The Vandals, the punk rock band, right before you called. He’s like, “Brock, looks like we’re going to get the Guinness Book of World Records for having created the first streaming television show.” We did a lot of that stuff. We had 30 television shows. We had the top most prestigious institutions in the world as investors. The biggest names. High-net-worth investors like Terry Semel, who’s chairman and CEO of Warner Brothers, and became the CEO of Yahoo. I did all sorts of things. I helped sell $150,000 worth of advertising contracts to the CEOs of Pepsi and everything else. I was the face of the company, meeting all the major banks and everything else, selling the vision of what the future was. You moved in with Marc Collins-Rector and Chad Shackley at a mansion in Encino. Was that the headquarters of the business? All start-ups, they normally start out in your home. Because it’s just you. The company was first started out of Marc’s house, and it was probably there for the first two or three months, before the company got an office. That’s, like, how it is for all start-ups. were later a co-defendant in the L.A. County case filed against Marc Collins-Rector for plying minors with alcohol and drugs, in order to facilitate sexual abuse. You were dropped from the case, but you settled with one of the men for $21,600. Can you explain that? Okay, well, first of all, that’s not accurate. Two of the plaintiffs in that case asked me if I would be a plaintiff. Because I refused to be a part of the lawsuit, they chose to include me to discredit me, to make their case stronger. They also went and offered 50 percent of what they got to the house management—they went around and offered money to anyone to participate in this. They needed people to corroborate their story. Eventually, because I refused to participate in the lawsuit, they named me. Subsequently, all three of the plaintiffs apologized to me, in front of audiences, in front of many people, saying Brock never did anything. They dismissed their cases. Remember, this is a civil thing. I’ve never been charged with a crime in my life. And the last plaintiff to have his case dismissed, he contacted his lawyer and said, “Dismiss this case against Brock. Brock never did anything. I just apologized. Dismiss his case.” And the lawyer said, “No. I won’t dismiss this case, I have all these out-of-pocket expenses, I refuse to file the paperwork unless you give me my out-of-pocket expenses.” And so the lawyer, I guess, had $21,000 in bills. So I paid his lawyer $21,000—not him, it was not a settlement. That was a payment to his lawyer for his out-of-pocket expenses. Out-of-pocket expenses so that he would file the paperwork to dismiss the case. You’ve said the cases were unfounded, and the plaintiffs eventually apologized. But your boss, Marc Collins-Rector later pleaded guilty to eight charges of child enticement and registered as a sex offender. Were you aware of his behavior? How do you square the fact that later allegations proved to be true, but these ones were not? Well, remember: I was 16 and 17 years old at the time? So, no. I don’t think Marc is the man they made him out to be. But Marc is not a person I would associate with today, and someone I haven’t associated with in a very long time. I was 16 and 17. I chose the wrong business partner. You live and you learn. You’ve pointed out that you were underage when most of these allegations were said to take place. Did you ever feel like you were coerced or in over your head while working at DEN? I mean, I was working 18 hours a day, doing things I’d never done before. It was business school. But I definitely learned a lot in building that company. We raised $88 million. We filed our [form] S-1 to go public. We were the hottest start-up in Los Angeles. In 2000, you left the country with Marc Collins-Rector. Why did you leave? How did you spend those two years abroad? I moved to Spain in 1999 for personal reasons. I spent those two years in Europe working on developing my businesses. Interpol found you in 2002. The house where you were staying reportedly contained guns, machetes, and child pornography. Whose guns and child porn were those? Were you aware they were in the house, and how did those get there? My lawyers have addressed this in 32 pages of documentation showing a complete absence of wrongdoing. Please refer to my webpage for more information. [Ed. Note: The webpage does not mention guns, machetes, or child pornography. It does state:“It is true that when the local police arrested Collins-Rector in Spain in 2002 on an international warrant, Mr. Pierce was also taken into custody, but so was everyone at Collins-Rector’s house in Spain; and it is equally clear that Brock was promptly released, and no charges of any kind were ever filed against Brock concerning this matter.”] What do you make of the allegations against Bryan Singer?[Ed. Note: Bryan Singer, a close friend of Collins-Rector, invested at least $50,000 in DEN. In an Atlantic article outlining Singer’s history of alleged sexual assault and statutory rape, one source claimed that at age 15, Collins-Rector abused him and introduced him to Singer, who then assaulted him in the DEN headquarters.] I am aware of them and I support of all victims of sexual assault. I will let America’s justice system decide on Singer’s outcome.
In 2011, you spoke at the Mindshift conference supported by Jeffrey Epstein. At that point, he had already been convicted of soliciting prostitution from a minor. Why did you agree to speak? I had never heard of Jeffrey Epstein. His name was not on the website. I was asked to speak at a conference alongside Nobel Prize winners. It was not a cryptocurrency conference, it was filled with Nobel Prize winners. I was asked to speak alongside Nobel Prize winners on the future of money. I speak at conferences historically, two to three times a week. I was like, “Nobel Prize winners? Sounds great. I’ll happily talk about the future of money with them.” I had no idea who Jeffrey Epstein was. His name was not listed anywhere on the website. Had I known what I know now? I clearly would have never spoken there. But I spoke at a conference that he cosponsored. What’s your connection to the Clinton Global Initiative? Did you hear about it through Jeffrey Epstein? I joined the Clinton Global Initiative as a philanthropist in 2006 and was a member for one year. My involvement with the Initiative had no connection to Jeffrey Epstein whatsoever.
You’ve launched your campaign in Minnesota, where George Floyd was killed by a police officer. How do you feel about the civil uprising against police brutality? I’m from Minnesota. Born and raised. We just had a press conference there, announcing that we’re on the ballot. Former U.S. Senator Dean Barkley was there. So that tells you, when former U.S. Senators are endorsing the candidate, right? [Ed. note: Barkley was never elected to the United States Senate. In November of 2002, he was appointed by then Minnesota Governor Jesse Venture to fill the seat after Sen. Paul Wellstone died in a plane crash. Barkley’s term ended on Jan. 3, 2003—two months later.] Yes, George Floyd was murdered in Minneapolis. My vice-presidential running mate Karla Ballard and I, on our last trip to Minnesota together, went to visit the George Floyd Memorial. I believe in law and order. I believe that law and order is foundational to any functioning society. But there is no doubt in my mind that we need reform. These types of events—this is not an isolated incident. This has happened many times before. It’s time for change. We have a lot of detail around policy on this issue that we will be publishing next week. Not just high-level what we think, not just a summary, but detailed policy. You said that you support “law and order.” What does that mean? “Law and order” means creating a fair and just legal system where our number one priority is protecting the inalienable rights of “Life, Liberty and the pursuit of Happiness” for all people. This means reforming how our police intervene in emergency situations, abolishing private prisons that incentivize mass incarceration, and creating new educational and economic opportunities for our most vulnerable communities. I am dedicated to preventing crime by eliminating the socioeconomic conditions that encourage it. I support accountability and transparency in government and law enforcement. Some of the key policies I support are requiring body-cams on all law enforcement officers who engage with the public, curtailing the 1033 program that provides local law enforcement agencies with access to military equipment, and abolishing private prisons. Rather than simply defund the police, my administration will take a holistic approach to heal and unite America by ending mass incarceration, police brutality, and racial injustice. Did you attend any Black Lives Matter protests? I support all movements aimed at ending racial injustice and inequality. I have not attended any Black Lives Matter protests. My running-mate, Karla Ballard, attended the March on Washington in support of racial justice and equality. Your platform doesn’t mention the words “climate change.” Is there a reason for that? I’m not sure what you mean. Our policy platform specifically references human-caused climate change and we have a plan to restabilize the climate, address environmental degradation, and ensure environmental sustainability. [Ed. Note: As of writing the Pierce campaign’s policy platform does not specifically reference human-caused climate change.] You’ve recently brought on Akon as a campaign surrogate. How did that happen? Tell me about that. Akon and I have been friends for quite some time. I was one of the guys that taught him about Bitcoin. I helped make some videogames for him, I think in 2012. We were talking about Bitcoin, teaching him the ropes, back in 2013. And in 2014, we were both speaking at the Milken Global Conference, and I encouraged him to talk about how Bitcoin, Africa, changed the world. He became the biggest celebrity in the world, talking about Bitcoin at the time. I’m an adviser to his Akoin project, very interested in the work that he’s doing to build a city in Africa. I think we need a government that’s of, for, and by the people. Akon has huge political aspirations. He obviously was a hugely successful artist. But he also discovered artists like Lady Gaga. So not only is he, himself, a great artist, but he’s also a great identifier and builder of other artists. And he’s been a great businessman, philanthropist. He’s pushing the limits of what can be done. We’re like-minded individuals in that regard. I think he’ll be running for political office one day, because he sees what I see: that we need real change, and we need a government that is of, for, and by the people. You mentioned that you’re an adviser on Akoin. Do you have any financial investments in Akoin or Akon City? I don’t believe so. I’d have to check. I have so much stuff. But I don’t believe that I have any economic interests in his stuff. I’d have to verify that. We’ll get back to you. I don’t believe that I have any economic interests. My interest is in helping him. He’s a visionary with big ideas that wants to help things in the world. If I can be of assistance in helping him make the world a better place, I’m all for it. I’m not motivated by money. I’m not running for office because I’m motivated by power. I’m running for office because I’m deeply, deeply concerned about our collective future. You’ve said you’re running on a pro-technology platform. One week into your campaign last month, a New York appeals court approved the state Attorney General’s attempt to investigate the stablecoin Tether for potentially fraudulent activity. Do you think this will impact your ability to sell people on your tech entrepreneurship? No, I think my role in Tether is as awesome as it gets. It was my idea. I put it together. But I’ve had no involvement in the company since 2015. I gave all of my equity to the other shareholders. I’ve had zero involvement in the company for almost six years. It was just my idea. I put the initial team together. But I think Tether is one of the most important innovations in the world, certainly. The idea is, I digitized the U.S. dollar. I used technology to digitize currency—existing currency. The U.S. dollar in particular. It’s doing $10 trillion a year. Ten trillion dollars a year of transactional volume. It’s probably the most important innovation in currency since the advent of fiat money. The people that took on the business and ran the business in years to come, they’ve done things I’m not proud of. I’m not sure they’ve done anything criminal. But they certainly did things differently than I would do. But it’s like, you have kids, they turn 18, they go out into the world, and sometimes you’re proud of the things they do, and sometimes you shake your head and go, “Ugh, why did you do that?” I have zero concerns as it relates to me personally. I wish they made better decisions. What do you think the investigation will find? I have no idea. The problem that was raised is that there was a $5 million loan between two entities and whether or not they had the right to do that, did they disclose it correctly. There’s been no accusations of, like, embezzlement or anything that bad. [Ed. Note: The Attorney General’s press release on the investigation reads: “Our investigation has determined that the operators of the ‘Bitfinex’ trading platform, who also control the ‘tether’ virtual currency, have engaged in a cover-up to hide the apparent loss of $850 million dollars of co-mingled client and corporate funds.”] But there’s been some disclosure things, that is the issue. No one is making any outrageous claims that these are people that have done a bunch of bad—well, on the internet, the media has said that the people behind the business may have been manipulating the price of Bitcoin, but I don’t think that has anything to do with the New York investigation. Again, I’m so not involved, and so not at risk, that I’m not even up to speed on the details. [Ed note: A representative of the New York State Attorney General told Forbes that he “cannot confirm or deny that the investigation” includes Pierce.] We’ve recently witnessed the rise of QAnon, the conspiracy theory that Hollywood is an evil cabal of Satanic pedophiles and Trump is the person waging war on them. You mentioned human trafficking, which has become a cause for them. What are your thoughts on that? I’ve watched some of the content. I think it’s an interesting phenomenon. I’m an internet person, so Anonymous is obviously an organization that has been doing interesting stuff. It’s interesting. I don’t have a big—conspiracy theory stuff is—I guess I have a question for you: What do you think of all of it, since you’re the expert? You know, I think it’s not true, but I’m not running for president. I do wonder what this politician [Georgia congressional candidate Marjorie Taylor Greene], who’s just won her primary, is going to do on day one, once she finds out there’s no satanic cabal room. Wait, someone was running for office and won on a QAnon platform, saying that Hollywood did—say what? You’re the expert here. She won a primary. But I want to push on if we only have a few minutes. In 2006, your gaming company IGE brought on Steve Bannon as an investor. Goldman later bought out most of your stock. Bannon eventually replaced you as CEO of Affinity. You’ve described him as your “right-hand man for, like, seven years.” How well did you know Bannon during that time? Yes, so this is in my mid-twenties. He wasn’t an investor. He worked for me. He was my banker. He worked for me for three years as my yield guide. And then he was my CEO running the company for another four years. So I haven’t worked with Steve for a decade or so. We worked in videogame stuff and banking. He was at Goldman Sachs. He was not in the political area at the time. But he was a pretty successful banker. He set up Goldman Sachs Los Angeles. So for me, I’d say he did a pretty good job. During your business relationship, Steve Bannon founded Breitbart News, which has pretty consistently published racist material. How do you feel about Breitbart? I had no involvement with Breitbart News. As for how I feel about such material, I’m not pleased by any form of hate-mongering. I strongly support the equality of all Americans. Did you have qualms about Bannon’s role in the 2016 election? Bannon’s role in the Trump campaign got me to pay closer attention to what he was doing but that’s about it. Whenever you find out that one of your former employees has taken on a role like that, you pay attention. Bannon served on the board of Cambridge Analytica. A staffer on your campaign, Brittany Kaiser, also served as a business director for them. What are your thoughts on their use of illicitly-obtained Facebook data for campaign promotional material? Yes, so this will be the last question I can answer because I’ve got to be off for this 5:00 pm. But Brittany Kaiser is a friend of mine. She was the whistleblower of Cambridge Analytica. She came to me and said, “What do I do?” And I said, “Tell the truth. The truth will set you free.” [Ed. Note: Investigations in Cambridge Analytica took place as early as Nov. 2017, when a U.K. reporter at Channel 4 News recorded their CEO boasting about using “beautiful Ukranian girls” and offers of bribes to discredit political officials. The first whistleblower was Christopher Wylie, who disclosed a cache of documents to The Guardian, published on Mar. 17, 2018. Kaiser’s confession ran five days later, after the scandal made national news. Her association with Cambridge Analytica is not mentioned anywhere on Pierce’s campaign website.] So I’m glad that people—I’m a supporter of whistleblowers, people that see injustice in the world and something not right happening, and who put themselves in harm’s way to stand up for what they believe in. So I stand up for Brittany Kaiser. Who do you think [anonymous inventor of Bitcoin] Satoshi Nakamoto is? We all are Satoshi Nakamoto. You got married at Burning Man. Have you been attending virtual Burning Man? I’m running a presidential campaign. So, while I was there in spirit, unfortunately my schedule did not permit me to attend. OP note: please refer to the original article for reference links within text (as I've not added them here!)
Evil ransomware gang deposited $1 million of bitcoin in a hacker recruitment drive; Over this past weekend, Universal Health Services was hit by a huge Ryuk ransomware ; One week ago, there were three ZeroLogon exploits on GitHub. Today there are more than fit on the first page of search results; Security Fixes in Chrome's v85.0.4183.121 Release; The VPN you choose DOES make a difference. A ... Winner of the "Best Security Podcast 2018" and "Best Security Podcast 2019", Smashing Security has had over four million downloads. Past guests include Garry Kasparov, Mikko Hyppönen, and Rory Cellan-Jones. Follow the podcast on Twitter at @SmashinSecurity , and subscribe for free in your favourite podcast app. New episodes released at 7pm EST every Wednesday (midnight UK). Evil ransomware gang deposited $1 million of bitcoin in a hacker recruitment drive Over this past weekend, Universal Health Services was hit by a huge Ryuk ransomware One week ago, there were three ZeroLogon exploits on GitHub. Today there are more than fit on the first page of search results Security Fixes in Chrome's v85.0.4183.121 Release The VPN you choose DOES make a difference. A ... TOM MERRITT: This is Security Now!, with Steve Gibson, Episode 287, recorded February 9, 2011: BitCoin CryptoCurrency. It's time for Security Now!, the show you need to listen to if you want to be safe on the Internet. And joining us to help us figure out all of the confusing things that could happen to you to threaten your security is the man ... This week's Security Now! podcast is titled "Windows 7 - R.I.P.," not because there's much that we haven't already said about the fact, but that it happens TODAY; and that, given the still massive install base of Windows 7, it's significant that all of those machines will now be going without any clearly needed security updates. So the big news for this week WAS to be the event of the first ...
#20 Are trading platforms secure? Bitcoin Basics (53)
This video is unavailable. Watch Queue Queue. Watch Queue Queue Security Now shownotes For 16kpbs versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written ... Hosts:Steve Gibson with Leo Laporte Mac Defender malware, Sony's continuing security woes, Android vulnerability patched by Google, your questions, and more. Download or subscribe to this show at ... This video is unavailable. Watch Queue Queue. Watch Queue Queue We invite you to read our show notes. ... Security Now 630: The Great DOM Fuzz-Off - Duration: 2:09:19. Security Now 4,507 views. 2:09:19. How to Choose a Password - Computerphile - Duration: 11 ...