What is a Block Header in Bitcoin? | CryptoCompare.com

Technical: The Path to Taproot Activation

Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it!
(If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?)
(Pedants: I mostly elide over lockin times)
Briefly, Taproot is that neat new thing that gets us:
So yes, let's activate taproot!

The SegWit Wars

The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions.
So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!

BIP9 Miner-Activated Soft Fork

Basically, BIP9 has a bunch of parameters:
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two.
A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this.
So, first some simple questions and their answers:

The Great Battles of the SegWit Wars

SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain).
So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%.
Thus were the Great SegWit Wars started.

BIP9 Feature Hostage

If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage.
You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever.
With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you.
This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.

Covert ASICBoost

ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere
Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected.
Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway.
Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost!
But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage).
Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit.
Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!

UASF: BIP148 and BIP8

When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit.
Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit.
This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core.
Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout).
BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled.
This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9.
Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.

BIP91, SegWit2X, and The Aftermath

BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community.
One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym.
The text of the NYA was basically:
  1. Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
    • When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
  2. If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91.
Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit.
Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X).
This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists.
Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.

Taproot Activation Proposals

There are two primary proposals I can see for Taproot activation:
  1. BIP8.
  2. Modern Softfork Activation.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout)
So let's take a look at Modern Softfork Activation!

Modern Softfork Activation

This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
  1. First have a 12-month BIP9 (fail at timeout).
  2. If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
  3. Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation.
The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.

PSA: Being Resilient to Upgrades

Software is very birttle.
Anyone who has been using software for a long time has experienced something like this:
  1. You hear a new version of your favorite software has a nice new feature.
  2. Excited, you install the new version.
  3. You find that the new version has subtle incompatibilities with your current workflow.
  4. You are sad and downgrade to the older version.
  5. You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
  6. You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system.
And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk.
Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations.
So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
  1. One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
  2. The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist.
Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems.
When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well).
This recommendation is from gmaxwell on IRC, by the way.
submitted by almkglor to Bitcoin [link] [comments]

Bitcoin (BTC)A Peer-to-Peer Electronic Cash System.

Bitcoin (BTC)A Peer-to-Peer Electronic Cash System.
  • Bitcoin (BTC) is a peer-to-peer cryptocurrency that aims to function as a means of exchange that is independent of any central authority. BTC can be transferred electronically in a secure, verifiable, and immutable way.
  • Launched in 2009, BTC is the first virtual currency to solve the double-spending issue by timestamping transactions before broadcasting them to all of the nodes in the Bitcoin network. The Bitcoin Protocol offered a solution to the Byzantine Generals’ Problem with a blockchain network structure, a notion first created by Stuart Haber and W. Scott Stornetta in 1991.
  • Bitcoin’s whitepaper was published pseudonymously in 2008 by an individual, or a group, with the pseudonym “Satoshi Nakamoto”, whose underlying identity has still not been verified.
  • The Bitcoin protocol uses an SHA-256d-based Proof-of-Work (PoW) algorithm to reach network consensus. Its network has a target block time of 10 minutes and a maximum supply of 21 million tokens, with a decaying token emission rate. To prevent fluctuation of the block time, the network’s block difficulty is re-adjusted through an algorithm based on the past 2016 block times.
  • With a block size limit capped at 1 megabyte, the Bitcoin Protocol has supported both the Lightning Network, a second-layer infrastructure for payment channels, and Segregated Witness, a soft-fork to increase the number of transactions on a block, as solutions to network scalability.

https://preview.redd.it/s2gmpmeze3151.png?width=256&format=png&auto=webp&s=9759910dd3c4a15b83f55b827d1899fb2fdd3de1

1. What is Bitcoin (BTC)?

  • Bitcoin is a peer-to-peer cryptocurrency that aims to function as a means of exchange and is independent of any central authority. Bitcoins are transferred electronically in a secure, verifiable, and immutable way.
  • Network validators, whom are often referred to as miners, participate in the SHA-256d-based Proof-of-Work consensus mechanism to determine the next global state of the blockchain.
  • The Bitcoin protocol has a target block time of 10 minutes, and a maximum supply of 21 million tokens. The only way new bitcoins can be produced is when a block producer generates a new valid block.
  • The protocol has a token emission rate that halves every 210,000 blocks, or approximately every 4 years.
  • Unlike public blockchain infrastructures supporting the development of decentralized applications (Ethereum), the Bitcoin protocol is primarily used only for payments, and has only very limited support for smart contract-like functionalities (Bitcoin “Script” is mostly used to create certain conditions before bitcoins are used to be spent).

2. Bitcoin’s core features

For a more beginner’s introduction to Bitcoin, please visit Binance Academy’s guide to Bitcoin.

Unspent Transaction Output (UTXO) model

A UTXO transaction works like cash payment between two parties: Alice gives money to Bob and receives change (i.e., unspent amount). In comparison, blockchains like Ethereum rely on the account model.
https://preview.redd.it/t1j6anf8f3151.png?width=1601&format=png&auto=webp&s=33bd141d8f2136a6f32739c8cdc7aae2e04cbc47

Nakamoto consensus

In the Bitcoin network, anyone can join the network and become a bookkeeping service provider i.e., a validator. All validators are allowed in the race to become the block producer for the next block, yet only the first to complete a computationally heavy task will win. This feature is called Proof of Work (PoW).
The probability of any single validator to finish the task first is equal to the percentage of the total network computation power, or hash power, the validator has. For instance, a validator with 5% of the total network computation power will have a 5% chance of completing the task first, and therefore becoming the next block producer.
Since anyone can join the race, competition is prone to increase. In the early days, Bitcoin mining was mostly done by personal computer CPUs.
As of today, Bitcoin validators, or miners, have opted for dedicated and more powerful devices such as machines based on Application-Specific Integrated Circuit (“ASIC”).
Proof of Work secures the network as block producers must have spent resources external to the network (i.e., money to pay electricity), and can provide proof to other participants that they did so.
With various miners competing for block rewards, it becomes difficult for one single malicious party to gain network majority (defined as more than 51% of the network’s hash power in the Nakamoto consensus mechanism). The ability to rearrange transactions via 51% attacks indicates another feature of the Nakamoto consensus: the finality of transactions is only probabilistic.
Once a block is produced, it is then propagated by the block producer to all other validators to check on the validity of all transactions in that block. The block producer will receive rewards in the network’s native currency (i.e., bitcoin) as all validators approve the block and update their ledgers.

The blockchain

Block production

The Bitcoin protocol utilizes the Merkle tree data structure in order to organize hashes of numerous individual transactions into each block. This concept is named after Ralph Merkle, who patented it in 1979.
With the use of a Merkle tree, though each block might contain thousands of transactions, it will have the ability to combine all of their hashes and condense them into one, allowing efficient and secure verification of this group of transactions. This single hash called is a Merkle root, which is stored in the Block Header of a block. The Block Header also stores other meta information of a block, such as a hash of the previous Block Header, which enables blocks to be associated in a chain-like structure (hence the name “blockchain”).
An illustration of block production in the Bitcoin Protocol is demonstrated below.

https://preview.redd.it/m6texxicf3151.png?width=1591&format=png&auto=webp&s=f4253304912ed8370948b9c524e08fef28f1c78d

Block time and mining difficulty

Block time is the period required to create the next block in a network. As mentioned above, the node who solves the computationally intensive task will be allowed to produce the next block. Therefore, block time is directly correlated to the amount of time it takes for a node to find a solution to the task. The Bitcoin protocol sets a target block time of 10 minutes, and attempts to achieve this by introducing a variable named mining difficulty.
Mining difficulty refers to how difficult it is for the node to solve the computationally intensive task. If the network sets a high difficulty for the task, while miners have low computational power, which is often referred to as “hashrate”, it would statistically take longer for the nodes to get an answer for the task. If the difficulty is low, but miners have rather strong computational power, statistically, some nodes will be able to solve the task quickly.
Therefore, the 10 minute target block time is achieved by constantly and automatically adjusting the mining difficulty according to how much computational power there is amongst the nodes. The average block time of the network is evaluated after a certain number of blocks, and if it is greater than the expected block time, the difficulty level will decrease; if it is less than the expected block time, the difficulty level will increase.

What are orphan blocks?

In a PoW blockchain network, if the block time is too low, it would increase the likelihood of nodes producingorphan blocks, for which they would receive no reward. Orphan blocks are produced by nodes who solved the task but did not broadcast their results to the whole network the quickest due to network latency.
It takes time for a message to travel through a network, and it is entirely possible for 2 nodes to complete the task and start to broadcast their results to the network at roughly the same time, while one’s messages are received by all other nodes earlier as the node has low latency.
Imagine there is a network latency of 1 minute and a target block time of 2 minutes. A node could solve the task in around 1 minute but his message would take 1 minute to reach the rest of the nodes that are still working on the solution. While his message travels through the network, all the work done by all other nodes during that 1 minute, even if these nodes also complete the task, would go to waste. In this case, 50% of the computational power contributed to the network is wasted.
The percentage of wasted computational power would proportionally decrease if the mining difficulty were higher, as it would statistically take longer for miners to complete the task. In other words, if the mining difficulty, and therefore targeted block time is low, miners with powerful and often centralized mining facilities would get a higher chance of becoming the block producer, while the participation of weaker miners would become in vain. This introduces possible centralization and weakens the overall security of the network.
However, given a limited amount of transactions that can be stored in a block, making the block time too longwould decrease the number of transactions the network can process per second, negatively affecting network scalability.

3. Bitcoin’s additional features

Segregated Witness (SegWit)

Segregated Witness, often abbreviated as SegWit, is a protocol upgrade proposal that went live in August 2017.
SegWit separates witness signatures from transaction-related data. Witness signatures in legacy Bitcoin blocks often take more than 50% of the block size. By removing witness signatures from the transaction block, this protocol upgrade effectively increases the number of transactions that can be stored in a single block, enabling the network to handle more transactions per second. As a result, SegWit increases the scalability of Nakamoto consensus-based blockchain networks like Bitcoin and Litecoin.
SegWit also makes transactions cheaper. Since transaction fees are derived from how much data is being processed by the block producer, the more transactions that can be stored in a 1MB block, the cheaper individual transactions become.
https://preview.redd.it/depya70mf3151.png?width=1601&format=png&auto=webp&s=a6499aa2131fbf347f8ffd812930b2f7d66be48e
The legacy Bitcoin block has a block size limit of 1 megabyte, and any change on the block size would require a network hard-fork. On August 1st 2017, the first hard-fork occurred, leading to the creation of Bitcoin Cash (“BCH”), which introduced an 8 megabyte block size limit.
Conversely, Segregated Witness was a soft-fork: it never changed the transaction block size limit of the network. Instead, it added an extended block with an upper limit of 3 megabytes, which contains solely witness signatures, to the 1 megabyte block that contains only transaction data. This new block type can be processed even by nodes that have not completed the SegWit protocol upgrade.
Furthermore, the separation of witness signatures from transaction data solves the malleability issue with the original Bitcoin protocol. Without Segregated Witness, these signatures could be altered before the block is validated by miners. Indeed, alterations can be done in such a way that if the system does a mathematical check, the signature would still be valid. However, since the values in the signature are changed, the two signatures would create vastly different hash values.
For instance, if a witness signature states “6,” it has a mathematical value of 6, and would create a hash value of 12345. However, if the witness signature were changed to “06”, it would maintain a mathematical value of 6 while creating a (faulty) hash value of 67890.
Since the mathematical values are the same, the altered signature remains a valid signature. This would create a bookkeeping issue, as transactions in Nakamoto consensus-based blockchain networks are documented with these hash values, or transaction IDs. Effectively, one can alter a transaction ID to a new one, and the new ID can still be valid.
This can create many issues, as illustrated in the below example:
  1. Alice sends Bob 1 BTC, and Bob sends Merchant Carol this 1 BTC for some goods.
  2. Bob sends Carols this 1 BTC, while the transaction from Alice to Bob is not yet validated. Carol sees this incoming transaction of 1 BTC to him, and immediately ships goods to B.
  3. At the moment, the transaction from Alice to Bob is still not confirmed by the network, and Bob can change the witness signature, therefore changing this transaction ID from 12345 to 67890.
  4. Now Carol will not receive his 1 BTC, as the network looks for transaction 12345 to ensure that Bob’s wallet balance is valid.
  5. As this particular transaction ID changed from 12345 to 67890, the transaction from Bob to Carol will fail, and Bob will get his goods while still holding his BTC.
With the Segregated Witness upgrade, such instances can not happen again. This is because the witness signatures are moved outside of the transaction block into an extended block, and altering the witness signature won’t affect the transaction ID.
Since the transaction malleability issue is fixed, Segregated Witness also enables the proper functioning of second-layer scalability solutions on the Bitcoin protocol, such as the Lightning Network.

Lightning Network

Lightning Network is a second-layer micropayment solution for scalability.
Specifically, Lightning Network aims to enable near-instant and low-cost payments between merchants and customers that wish to use bitcoins.
Lightning Network was conceptualized in a whitepaper by Joseph Poon and Thaddeus Dryja in 2015. Since then, it has been implemented by multiple companies. The most prominent of them include Blockstream, Lightning Labs, and ACINQ.
A list of curated resources relevant to Lightning Network can be found here.
In the Lightning Network, if a customer wishes to transact with a merchant, both of them need to open a payment channel, which operates off the Bitcoin blockchain (i.e., off-chain vs. on-chain). None of the transaction details from this payment channel are recorded on the blockchain, and only when the channel is closed will the end result of both party’s wallet balances be updated to the blockchain. The blockchain only serves as a settlement layer for Lightning transactions.
Since all transactions done via the payment channel are conducted independently of the Nakamoto consensus, both parties involved in transactions do not need to wait for network confirmation on transactions. Instead, transacting parties would pay transaction fees to Bitcoin miners only when they decide to close the channel.
https://preview.redd.it/cy56icarf3151.png?width=1601&format=png&auto=webp&s=b239a63c6a87ec6cc1b18ce2cbd0355f8831c3a8
One limitation to the Lightning Network is that it requires a person to be online to receive transactions attributing towards him. Another limitation in user experience could be that one needs to lock up some funds every time he wishes to open a payment channel, and is only able to use that fund within the channel.
However, this does not mean he needs to create new channels every time he wishes to transact with a different person on the Lightning Network. If Alice wants to send money to Carol, but they do not have a payment channel open, they can ask Bob, who has payment channels open to both Alice and Carol, to help make that transaction. Alice will be able to send funds to Bob, and Bob to Carol. Hence, the number of “payment hubs” (i.e., Bob in the previous example) correlates with both the convenience and the usability of the Lightning Network for real-world applications.

Schnorr Signature upgrade proposal

Elliptic Curve Digital Signature Algorithm (“ECDSA”) signatures are used to sign transactions on the Bitcoin blockchain.
https://preview.redd.it/hjeqe4l7g3151.png?width=1601&format=png&auto=webp&s=8014fb08fe62ac4d91645499bc0c7e1c04c5d7c4
However, many developers now advocate for replacing ECDSA with Schnorr Signature. Once Schnorr Signatures are implemented, multiple parties can collaborate in producing a signature that is valid for the sum of their public keys.
This would primarily be beneficial for network scalability. When multiple addresses were to conduct transactions to a single address, each transaction would require their own signature. With Schnorr Signature, all these signatures would be combined into one. As a result, the network would be able to store more transactions in a single block.
https://preview.redd.it/axg3wayag3151.png?width=1601&format=png&auto=webp&s=93d958fa6b0e623caa82ca71fe457b4daa88c71e
The reduced size in signatures implies a reduced cost on transaction fees. The group of senders can split the transaction fees for that one group signature, instead of paying for one personal signature individually.
Schnorr Signature also improves network privacy and token fungibility. A third-party observer will not be able to detect if a user is sending a multi-signature transaction, since the signature will be in the same format as a single-signature transaction.

4. Economics and supply distribution

The Bitcoin protocol utilizes the Nakamoto consensus, and nodes validate blocks via Proof-of-Work mining. The bitcoin token was not pre-mined, and has a maximum supply of 21 million. The initial reward for a block was 50 BTC per block. Block mining rewards halve every 210,000 blocks. Since the average time for block production on the blockchain is 10 minutes, it implies that the block reward halving events will approximately take place every 4 years.
As of May 12th 2020, the block mining rewards are 6.25 BTC per block. Transaction fees also represent a minor revenue stream for miners.
submitted by D-platform to u/D-platform [link] [comments]

TKEYSPACE — blockchain in your mobile

TKEYSPACE — blockchain in your mobile

https://preview.redd.it/w8o3bcvjrtx41.png?width=1400&format=png&auto=webp&s=840ac3872156215b30e708920edbef4583190654
Someone says that the blockchain in the phone is marketing. This is possible for most applications, but not for Tkeycoin. Today we will talk about how the blockchain works in the TkeySpace app.
Who else is not in the topic, TkeySpace is a financial application for decentralized and efficient management of various cryptocurrencies, based on a distributed architecture without using a client-server.
In simple words, it is a blockchain in the user’s mobile device that excludes hacking and hacker attacks, and all data is encrypted using modern cryptographic methods.
https://preview.redd.it/8uku6thlrtx41.png?width=1280&format=png&auto=webp&s=e1a610244da53100a5bc6b821ee5c799c6493ac4

Blockchain

Let’s start with the most important thing — the blockchain works on the principles of P2P networks, when there is no central server and each device is both a server and a client, such an organization allows you to maintain the network performance with any number and any combination of available nodes.
For example, there are 12 machines in the network, and anyone can contact anyone. As a client (resource consumer), each of these machines can send requests for the provision of some resources to other machines within this network and receive them. As a server, each machine must process requests from other machines in the network, send what was requested, and perform some auxiliary and administrative functions.
With traditional client-server systems, we can get a completely disabled social network, messenger, or another service, given that we rely on a centralized infrastructure — we have a very specific number of points of failure. If the main data center is damaged due to an earthquake or any other event, access to information will be slowed down or completely disabled.
With a P2P solution, the failure of one network member does not affect the network operation in any way. P2P networks can easily switch to offline mode when the channel is broken — in which it will exist completely independently and without any interaction.
Instead of storing information in a single central point, as traditional recording methods do, multiple copies of the same data are stored in different locations and on different devices on the network, such as computers or mobile devices.

https://i.redd.it/2c4sv7rnrtx41.gif
This means that even if one storage point is damaged or lost, multiple copies remain secure in other locations. Similarly, if one part of the information is changed without the consent of the rightful owners, there are many other copies where the information is correct, which makes the false record invalid.
The information recorded in the blockchain can take any form, whether it is a transfer of money, ownership, transaction, someone’s identity, an agreement between two parties, or even how much electricity a light bulb used.
However, this requires confirmation from multiple devices, such as nodes in the network. Once an agreement, otherwise known as consensus, is reached between these devices to store something on the blockchain — it can’t be challenged, deleted, or changed.
The technology also allows you to perform a truly huge amount of computing in a relatively short time, which even on supercomputers would require, depending on the complexity of the task, many years or even centuries of work. This performance is achieved because a certain global task is divided into a large number of blocks, which are simultaneously performed by hundreds of thousands of devices participating in the project.

P2P messaging and syncing in TkeySpace

TkeySpace is a node of the TKEY network and other supported networks. when you launch the app, your mobile node connects to an extensive network of supported blockchains, syncs with full nodes to validate transactions and incoming information between nodes, so the nodes organize a graph of connections between them.
You can always check the node information in the TkeySpace app in the ⚙ Settings Contact and peer info App Status;

https://preview.redd.it/co1k25kqrtx41.png?width=619&format=png&auto=webp&s=e443a436b11d797b475b00a467cd9609cac66b83
TkeySpace creates initiating connections to servers registered in the blockchain Protocol as the main ones, from these servers it gets the addresses of nodes to which it can join, in turn, the nodes to which the connection occurred share information about other nodes.

https://i.redd.it/m21pw88srtx41.gif
TkeySpace sends network messages to nodes from supported blockchains in the app to get up-to-date data from the network.
The Protocol uses data structures for communication between nodes, such as block propagation over the network, so before network messages are read, nodes check the “magic number”, check the first bytes, and determine the type of data structure. In the blockchain, the “magic number” is the network ID used to filter messages and block traffic from other p2p networks.
Magic numbers are used in computer science, both for files and protocols. They identify the type of file/data structure. A program that receives such a file/data structure can check the magic number and immediately find out the intended type of this file/data structure.
The first message that your node sends is called a Version Message. In response, the node waits for a Verack message to establish a connection between other peers. The exchange of such messages is called a “handshake”.

https://preview.redd.it/b6gh0hitrtx41.png?width=785&format=png&auto=webp&s=0101eaec6469fb53818486fa13da110f6a4a851d
After the “handshake” is set, TkeySpace will start connecting to other nodes in the network to determine the last block at the end of the required blockchain. At this point — nodes request information about blocks they know using GetBlock messages — in response, your node receives an inv (Inventory Message) from another node with the information that it has the information that was requested by the TkeySpace node.
In response to the received message, inv — TkeySpace sends a GetData message containing a list of blocks starting immediately after the last known hash.

https://preview.redd.it/lare5lsurtx41.png?width=768&format=png&auto=webp&s=da8d27110f406f715292b439051ca221fab47f77

Loading and storing blocks

After exchanging messages, the block information is loaded and transactions are uploaded to your node. To avoid storing tons of information and optimize hard disk space and data processing speed, we use RDBMS — PostgreSQL in full nodes (local computer wallet).
In the TkeySpace mobile app, we use SQLite, and validation takes place by uploading block headers through the Merkle Tree, using the bloom filter — this allows you to optimize the storage of your mobile device as much as possible.
The block header includes its hash, the hash of the previous block, transaction hashes, and additional service information.
Block headers in the Tkeycoin network=84 bytes due to the extension of parameters to support nChains, which will soon be launched in “combat” mode. The titles of the Bitcoin block, Dash, Litecoin=80 bytes.

https://preview.redd.it/uvv3qz7wrtx41.png?width=1230&format=png&auto=webp&s=5cf0cd8b6d099268f3d941aac322af05e781193c
And so, let’s continue — application nodes receive information from the blockchain by uploading block headers, all data is synchronized using the Merkle Tree, or rather your node receives and validates information from the Merkle root.
The hash tree was developed in 1979 by Ralph Merkle and named in his honor. The structure of the system has received this name also because it resembles a tree.
The Merkle tree is a complete binary tree with leaf vertexes containing hashes from data blocks, and inner vertexes containing hashes from adding values in child vertexes. The root node of the tree contains a hash from the entire data set, meaning the hash tree is a unidirectional hash function. The Merkle tree is used for the efficient storage of transactions in the cryptocurrency blockchain. It allows you to get a “fingerprint” of all transactions in the block, as well as effectively verify transactions.

https://preview.redd.it/3hmbthpxrtx41.png?width=677&format=png&auto=webp&s=cca3d54c585747e0431c6c4de6eec7ff7e3b2f4d
Hash trees have an advantage over hash chains or hash functions. When using hash trees, it is much less expensive to prove that a certain block of data belongs to a set. Since different blocks are often independent data, such as transactions or parts of files, we are interested in being able to check only one block without recalculating the hashes for the other nodes in the tree.
https://i.redd.it/f7o3dh7zrtx41.gif
The Merkle Tree scheme allows you to check whether the hash value of a particular transaction is included in Merkle Root, without having all the other transactions in the block. So by having the transaction, block header, and Merkle Branch for that transaction requested from the full node, the digital wallet can make sure that the transaction was confirmed in a specific block.

https://i.redd.it/88sz13w0stx41.gif
The Merkle tree, which is used to prove that a transaction is included in a block, is also very well scaled. Because each new “layer” added to the tree doubles the total number of “leaves” it can represent. You don’t need a deep tree to compactly prove transaction inclusion, even among blocks with millions of transactions.

Statistical constants and nChains

To support the Tkeycoin cryptocurrency, the TkeySpace application uses additional statistical constants to prevent serialization of Merkle tree hashes, which provides an additional layer of security.
Also, for Tkeycoin, support for multi-chains (nChains) is already included in the TkeySpace app, which will allow you to use the app in the future with most of the features of the TKEY Protocol, including instant transactions.

The Bloom Filter

An additional level of privacy is provided by the bloom filter — which is a probabilistic data structure that allows you to check whether an element belongs to a set.

https://preview.redd.it/7ejkvi82stx41.png?width=374&format=png&auto=webp&s=ed75cd056949fc3a2bcf48b4d7ea78d3dc6d81f3
The bloom filter looks for whether a particular transaction is linked to Alice, not whether Alice has a specific cryptocurrency. In this way, transactions and received IDs are analyzed through a bloom filter. When “Alice wants to know about transaction X”, an ID is requested for transaction X, which is compared with the filled segments in her bloom filter. If “Yes” is received, the node can get the information and verify the transaction.

https://preview.redd.it/gjpsbss3stx41.png?width=1093&format=png&auto=webp&s=4cdcbc827849d13b7d6f0b7e7ba52e65ddc03a82

HD support

The multi-currency wallet TkeySpace is based on HD (or hierarchical determinism), a privacy-oriented method for generating and managing addresses. Each wallet address is generated from an xPub wallet (or extended public key). The app is completely anonymous — and individual address is generated for each transaction to accept a particular cryptocurrency. Even for low-level programming, using the same address is negative for the system, not to mention your privacy. We recommend that you always use a new address for transactions to ensure the necessary level of privacy and security.
The EXT_PUBLIC_KEY and EXT_SECRET_KEY values for DASH, Bitcoin, and Litecoin are completely identical. Tkeycoin uses its values, as well as other methods for storing transactions and blocks (RDBMS), and of course — nChains.

Secret key

Wallets in the blockchain have public and private keys.
https://preview.redd.it/br9kk8n5stx41.png?width=840&format=png&auto=webp&s=a36e4c619451735469a9cff57654d322467e4fba
Centralized applications usually store users’ private keys on their servers, which makes users’ funds vulnerable to hacker attacks or theft.
A private key is a special combination of characters that provides access to cryptocurrencies stored on the account. Only a person who knows the key can move and spend digital assets.
TkeySpace — stores the encrypted key only on the user’s device and in encrypted form. The encrypted key is displayed as a mnemonic phrase (backup phrase), which is very convenient for users. Unlike complex cryptographic ciphers, the phrase is easy to save or write. A backup keyword provides the maximum level of security.
A mnemonic phrase is 12 or 24 words that are generated using random number entropy. If a phrase consists of 12 words, then the number of possible combinations is 204⁸¹² or 21¹³² — the phrase will have 132 security bits. To restore the wallet, you must enter the mnemonic phrase in strict order, as it was presented after generation.

Result

Now we understand that your application TkeySpace is a node of the blockchain that communicates with other nodes using p2p messages, stores block headers and validate information using the Merkle Tree, verifies transactions, filters information using the bloom filter, and operates completely in a decentralized model. The application code contains all the necessary blockchain settings for communicating with the network, the so-called chain parameters.
TkeySpace is a new generation mobile app. A completely new level of security, easy user-friendly interfaces and all the necessary features that are required to work with cryptocurrency.
submitted by tkeycoin to Tkeycoin_Official [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Which type of curren(t) do you want to see(cy)? A analysis of the intention behind bitcoin(s). [Part 2]

Part 1
It's been a bit of time since the first post during which I believe things have crystallised further as to the intentions of the three primary bitcoin variants. I was going to go on a long winded journey to try to weave together the various bits and pieces to let the reader discern from themselves but there's simply too much material that needs to be covered and the effort that it would require is not something that I can invest right now.
Firstly we must define what bitcoin actually is. Many people think of bitcoin as a unit of a digital currency like a dollar in your bank but without a physical substrate. That's kind of correct as a way to explain its likeness to something many people are familiar with but instead it's a bit more nuanced than that. If we look at a wallet from 2011 that has never moved any coins, we can find that there are now multiple "bitcoins" on multiple different blockchains. This post will discuss the main three variants which are Bitcoin Core, Bitcoin Cash and Bitcoin SV. In this respect many people are still hotly debating which is the REAL bitcoin variant and which bitcoins you want to be "investing" in.
The genius of bitcoin was not in defining a class of non physical objects to send around. Why bitcoin was so revolutionary is that it combined cryptography, economics, law, computer science, networking, mathematics, etc. and created a protocol which was basically a rule set to be followed which creates a game of incentives that provides security to a p2p network to prevent double spends. The game theory is extremely important to understand. When a transaction is made on the bitcoin network your wallet essentially generates a string of characters which includes your public cryptographic key, a signature which is derived from the private key:pub key pair, the hash of the previous block and an address derived from a public key of the person you want to send the coins to. Because each transaction includes the hash of the previous block (a hash is something that will always generate the same 64 character string result from EXACTLY the same data inputs) the blocks are literally chained together. Bitcoin and the blockchain are thus defined in the technical white paper which accompanied the release client as a chain of digital signatures.
The miners validate transactions on the network and compete with one another to detect double spends on the network. If a miner finds the correct solution to the current block (and in doing so is the one who writes all the transactions that have elapsed since the last block was found, in to the next block) says that a transaction is confirmed but then the rest of the network disagree that the transactions occurred in the order that this miner says (for double spends), then the network will reject the version of the blockchain that that miner is working on. In that respect the miners are incentivised to check each other's work and ensure the majority are working on the correct version of the chain. The miners are thus bound by the game theoretical design of NAKAMOTO CONSENSUS and the ENFORCES of the rule set. It is important to note the term ENFORCER rather than RULE CREATOR as this is defined in the white paper which is a document copyrighted by Satoshi Nakamoto in 2009.

Now if we look at the three primary variants of bitcoin understanding these important defining characteristics of what the bitcoin protocol actually is we can make an argument that the variants that changed some of these defining attributes as no longer being bitcoin rather than trying to argue based off market appraisal which is essentially defining bitcoin as a social media consensus rather than a set in stone rule set.
BITCOIN CORE: On first examination Bitcoin Core appears to be the incumbent bitcoin that many are being lead to believe is the "true" bitcoin and the others are knock off scams. The outward stated rationale behind the bitcoin core variant is that computational resources, bandwidth, storage are scarce and that before increasing the size of each block to allow for more transactions we should be increasing the efficiency with which the data being fed in to a block is stored. In order to achieve this one of the first suggested implementations was a process known as SegWit (segregating the witness data). This means that when you construct a bitcoin transaction, in the header of the tx, instead of the inputs being public key and a signature + Hash + address(to), the signature data is moved outside of header as this can save space within the header and allow more transactions to fill the block. More of the history of the proposal can be read about here (bearing in mind that article is published by the bitcoinmagazine which is founded by ethereum devs Vitalik and Mihai and can't necessarily be trusted to give an unbiased record of events). The idea of a segwit like solution was proposed as early as 2012 by the likes of Greg Maxwell and Luke Dash Jnr and Peter Todd in an apparent effort to "FIX" transaction malleability and enable side chains. Those familiar with the motto "problem reaction solution" may understand here that the problem being presented may not always be an authentic problem and it may actually just be necessary preparation for implementing a desired solution.
The real technical arguments as to whether moving signature data outside of the transaction in the header actually invalidates the definition of bitcoin as being a chain of digital signatures is outside my realm of expertise but instead we can examine the character of the individuals and groups involved in endorsing such a solution. Greg Maxwell is a hard to know individual that has been involved with bitcoin since its very early days but in some articles he portrays himself as portrays himself as one of bitcoins harshest earliest critics. Before that he worked with Mozilla and Wikipedia and a few mentions of him can be found on some old linux sites or such. He has no entry on wikipedia other than a non hyperlinked listing as the CTO of Blockstream. Blockstream was a company founded by Greg Maxwell and Adam Back, but in business registration documents only Adam Back is listed as the business contact but registered by James Murdock as the agent. They received funding from a number of VC firms but also Joi Ito and Reid Hoffman and there are suggestions that MIT media labs and the Digital Currency Initiative. For those paying attention Joi Ito and Reid Hoffman have links to Jeffrey Epstein and his offsider Ghislaine Maxwell.

Ghislaine is the daughter of publishing tycoon and fraudster Robert Maxwell (Ján Ludvík Hyman Binyamin Hoch, a yiddish orthodox czech). It is emerging that the Maxwells are implicated with Mossad and involved in many different psyops throughout the last decades. Greg Maxwell is verified as nullc but a few months ago was outed using sock puppets as another reddit user contrarian__ who also admits to being Jewish in one of his comments as the former. Greg has had a colourful history with his roll as a bitcoin core developer successfully ousting two of the developers put there by Satoshi (Gavin Andreson and Mike Hearn) and being referred to by Andreson as a toxic troll with counterpart Samon Mow. At this point rather than crafting the narrative around Greg, I will provide a few links for the reader to assess on their own time:
  1. https://coinspice.io/news/btc-dev-gregory-maxwell-fake-social-media-account-accusations-nonsense/
  2. https://www.trustnodes.com/2017/06/06/making-gregory-maxwell-bitcoin-core-committer-huge-mistake-says-gavin-andresen
  3. https://www.ccn.com/gavin-andresen-samson-mow-and-greg-maxwell-toxic-trolls//
  4. https://www.nytimes.com/2016/01/17/business/dealbook/the-bitcoin-believer-who-gave-up.html
  5. https://www.coindesk.com/mozilla-accepting-bitcoin-donations
  6. https://spectrum.ieee.org/tech-talk/computing/networks/the-bitcoin-for-is-a-coup
  7. https://www.reddit.com/btc/comments/68pusp/gavin_andresen_on_twitter_im_looking_for_beta/dh1cmfl/
  8. https://www.reddit.com/btc/comments/d14qee/can_someone_post_the_details_of_the_relationships/?ref=tokendaily
  9. https://www.coindesk.com/court-docs-detail-sexual-misconduct-allegations-against-bitcoin-consultant-peter-todd
  10. https://coinspice.io/news/billionaire-jeffrey-epstein-btc-maximalist-bitcoin-is-a-store-of-value-not-a-currency/
  11. https://www.dailymail.co.uk/news/article-7579851/More-300-paedophiles-arrested-worldwide-massive-child-abuse-website-taken-down.html
  12. https://news.bitcoin.com/risks-segregated-witness-opening-door-mining-cartels-undermine-bitcoin-network/
  13. https://micky.com.au/craig-wrights-crackpot-bitcoin-theory-covered-by-uks-financial-times/
  14. https://www.reddit.com/btc/comments/74se80/wikipedia_admins_gregory_maxwell_of_blockstream/

Now I could just go on dumping more and more articles but that doesn't really weave it all together. Essentially it is very well possible that the 'FIX' of bitcoin proposed with SegWit was done by those who are moral reprobates who have been rubbing shoulders money launderers and human traffickers. Gregory Maxwell was removed from wikipedia, worked with Mozilla who donated a quarter of a million to MIT media labs and had relationship with Joi Ito, the company he founded received funding from people associated with Epstein who have demonstrated their poor character and dishonesty and attempted to wage toxic wars against those early bitcoin developers who wished to scale bitcoin as per the white paper and without changing consensus rules or signature structures.
The argument that BTC is bitcoin because the exchanges and the market have chosen is not necessarily a logical supposition when the vast majority of the money that has flown in to inflate the price of BTC comes from a cryptographic USD token that was created by Brock Pierce (Might Ducks child stahollywood pedo scandal Digital Entertainment Network) who attended Jeffrey Epstein's Island for conferences. The group Tether who issues the USDT has been getting nailed by the New York Attorney General office with claims of $1.4 trillion in damages from their dodgey practices. Brock Pierce has since distanced himself from Tether but Blockstream still works closely with them and they are now exploring issuing tether on the ethereum network. Tether lost it's US banking partner in early 2017 before the monstrous run up for bitcoin prices. Afterwards they alleged they had full reserves of USD however, they were never audited and were printing hundreds of millions of dollars of tether each week during peak mania which was used to buy bitcoin (which was then used as collateral to issue more tether against the bitcoin they bought at a value they inflated). Around $30m in USDT is crossing between China to Russia daily and when some of the groups also related to USDT/Tether were raided they found them in possession of hundreds of thousands of dollars worth of counterfeit physical US bills.
Because of all this it then becomes important to reassess the arguments that were made for the implementation of pegged sidechains, segregated witnesses and other second layer solutions. If preventing the bitcoin blockchain from bloating was the main argument for second layer solutions, what was the plan for scaling the data related to the records of transactions that occur on the second layer. You will then need to rely on less robust ways of securing the second layer than Proof Of Work but still have the same amount of data to contend with, unless there was plans all along for second layer solutions to enable records to be deleted /pruned to facilitate money laundering and violation of laws put in place to prevent banking secrecy etc.
There's much more to it as well and I encourage anyone interested to go digging on their own in to this murky cesspit. Although I know very well what sort of stuff Epstein has been up to I have been out of the loop and haven't familiarised myself with everyone involved in his network that is coming to light.
Stay tuned for part 3 which will be an analysis of the shit show that is the Bitcoin Cash variant...
submitted by whipnil to C_S_T [link] [comments]

Era Swap Network White Paper

Era Swap Network White Paper

Era Swap Network

White Paper



DISCLAIMER
This Whitepaper is for Era Swap Network. Its purpose is solely to provide prospective community members with information about the Era Swap Ecosystem & Era Swap Network project. This paper is for information purposes only and does not constitute and is not intended to be an offer of securities or any other financial or investment instrument in any jurisdiction.
The Developers disclaim any and all responsibility and liability to any person for any loss or damage whatsoever arising directly or indirectly from (1) reliance on any information contained in this paper, (2) any error, omission or inaccuracy in any such information, or (3) any action resulting therefrom
Digital Assets are extremely high-risk, speculative products. You should be aware of the risks involved and fully consider before participating in Digital assets whether it’s appropriate for you. You should only participate if you are an experienced investor with sophisticated knowledge of financial markets and you fully understand the risks associated with digital assets. We strongly advise you to take independent professional advice before making any investment or participating in any way. You should check what rules and protections apply to your respective jurisdictions before investing or participating in any way. The Creators & community will not compensate you for any losses from trading, investment or participating in any way. You should read whitepaper carefully before participating and consider whether these products are right for you.

TABLE OF CONTENT

· Abstract
· Introduction to Era Swap Network
· Development Overview
· Era Swap Utility Platform
· Alpha-release Development Plan
· Era Swap Network Version 1: Specification
· Bunch Structure: 10
· Converting ES-ERC20 to ES-Na:
· Conclusion:
· Era Swap Ecosystem
· Social Links

Abstract

The early smart contracts of Era Swap Ecosystem like TimeAlly, Newly Released Tokens, Assurance, BetDeEx of Era Swap Ecosystem, are deployed on Ethereum mainnet. These smart contracts are finance-oriented (DeFi), i.e. most of the transactions are about spending or earning of Era Swap tokens which made paying the gas fees in Ether somewhat intuitive to the user (withdrawal charges in bank, paying tax while purchasing burgers) but transactions that are not token oriented like adding a nominee or appointee voting also needs Ether to be charged. As more Era Swap Token Utility platform ideas kept appending to the Era Swap Main Whitepaper, more non-financial transaction situations arise like updating status, sending a message, resolving a dispute and so on. Paying extensively for such actions all day and waiting for the transaction to be included in a block and then waiting for enough block confirmations due to potential chain re-organizations is counter-intuitive to existing free solutions like Facebook, Gmail. This is the main barrier that is stopping Web 3.0 from coming to the mainstream.
As alternatives to Ethereum, there are few other smart contract development platforms that propose their own separate blockchain that features for higher transaction throughput, but they compromise on decentralization for improving transaction speeds. Moreover, the ecosystem tools are most advancing in Ethereum than any other platform due to the massive developer community.
With Era Swap Network, the team aims to achieve scalability, speed and low-cost transactions for Era Swap Ecosystem (which is currently not feasible on Ethereum mainnet), without compromising much on trustless asset security for Era Swap Community users.

Introduction to Era Swap Network

Era Swap Network (ESN) aims to solve the above-mentioned problems faced by Era Swap Ecosystem users by building a side-blockchain on top of Ethereum blockchain using the Plasma Framework.
Era Swap Network leverages the Decentralisation and Security of Ethereum and the Scalability achieved in the side-chain, this solves the distributed blockchain trilema. In most of the other blockchains, blocks are a collection of transactions and all the transactions in one block are mined by a miner in one step. Era Swap Network will consist of Bunches of Blocks of Era Swap Ecosystem Transactions.

Decentralization

Layer 2


Scalable and Secure

A miner mines all the blocks in a bunch consequently and will commit the bunch-root to the ESN Plasma Smart Contract on Ethereum mainnet.

Development Overview
Initially, we will start with a simple Proof-of-Authority (PoA) based consensus of EVM to start the development and testing of Era Swap Ecosystem Smart Contracts as quickly as possible on the test-net. We will call this as an alpha-release of ESN test-net and only internal developers will work with this for developing smart contracts for Era Swap Ecosystem. User’s funds in a Plasma implementation with a simple consensus like PoA are still secured as already committed bunch-roots cannot be reversed.
Eventually, we want to arrive on a more control-decentralized consensus algorithm like Proof-of-Stake (PoS) probably, so that even if the chain operator shuts down their services, a single Era Swap Ecosystem user somewhere in the world can keep the ecosystem alive by running software on their system and similarly more people can join to decentralize the control further. In this PoS version, we will modify the Parity Ethereum client in such a way, that at least 50% of transaction fees collected will go to the Luck Pool of NRT Smart Contract on Ethereum mainnet and rest can be kept by miner of the blocks/bunch of blocks if they wish. After achieving such an implementation, we will release this as a beta version to the community for testing the software on their computers with Kovan ERC20 Era Swaps (Ethereum test-net).

Era Swap Decentralised Ecosystem
Following platforms are to be integrated:
  1. Era Swap Token Contract (adapted ERC20 on Ethereum) The original asset will lie on Ethereum to avoid loss due to any kind of failure in ESN.
  2. Plasma Manager Contract (on Ethereum) To store ESN bunch headers on Ethereum.
  3. Reverse Plasma Manager Contract (on ESN) Bridge to convert ES to ES native and ES native to ES. User deposits ES on Mainnet Plasma, gives proof on ESN and gets ES native credited to their account in a decentralised way.
  4. NRT Manager Contract (on Ethereum or on ESN) If it is possible to send ES from an ESN contract to luck pool of NRT Manager Contract on Ethereum, then it’s ok otherwise, NRT Manager will need to be deployed on ESN for ability to add ES to luck pool.
  5. Era Swap Wallet (React Native App for managing ESs and ES natives) Secure wallet to store multiple private keys in it, mainly for managing ES and ES native, sending ES or ES native, also for quick and easy BuzCafe payments.
  6. TimeAlly (on Ethereum or on ESN) On whichever chain NRT Manager is deployed, TimeAlly would be deployed on the same chain.
  7. Assurance (on Ethereum or on ESN) On whichever chain NRT Manager is deployed, TimeAlly would be deployed on the same chain.
  8. DaySwappers (on ESN) KYC manager for platform. For easily distributing rewards to tree referees.
  9. TimeSwappers (on ESN) Freelance market place with decentralised dispute management.
  10. SwappersWall (on ESN) Decentralised social networking with power tokens.
  11. BuzCafe (on ESN) Listing of shops and finding shops easily and quick payment.
  12. BetDeEx (on ESN) Decentralised Prediction proposals, prediction and results.
  13. DateSwappers (on ESN) Meeting ensured using cryptography.
  14. ComputeEx (on Ethereum / centralised way) Exchange assets.
  15. Era Swap Academy (on ESN / centralised way) Learn. Loop. Leap. How to implement ES Academy is not clear. One idea is if content is constantly being modified, then subscription expired people will only have the hash of old content while new content hash is only available to people who have done Dayswapper KYC and paid for the course. Dayswapper KYC is required because this way people won’t share their private keys to someone else.
  16. Value of Farmers (tbd) The exchange of farming commodities produced by farmers in VoF can be deposited to warehouses where the depositors will get ERC721 equivalent tokens for their commodities (based on unique tagging).
  17. DeGameStation (on ESN) Decentralised Gaming Station. Games in which players take turns can be written in Smart Contract. Games like Chess, Poker, 3 Patti can be developed. Users can come to DeGameStation and join an open game or start a new game and wait for other players to join.

Alpha-release Development Plan
  1. Deploying Parity Node customized according to Era Swap Whitepaper with PoA consensus.
  2. Setting up Plasma Smart Contracts.
  3. Creating a bridge for ERC20 Swap from Ethereum test-net to ESN alpha test-net.

Alpha Version
Era Swap Network Version 1 : Specification
The Version 1 release of ESN plans to fulfill the requirements for political decentralisation and transparency in dApps of Era Swap Ecosystem using Blockchain Technology. After acquiring sufficient number of users, a version 2 construction of ESN will be feasible to enable administrative decentralization, such that the Era Swap Ecosystem will be run and managed by the Era Swap Community and will no longer require the operator to support for it's functioning.
Era Swap Network (ESN) Version 1 will be a separate EVM-compatible sidechain attached to Ethereum blockchain as it’s parent chain. ESN will achieve security through Plasma Framework along with Proof-of-Authority consensus for faster finality. The idea behind plasma framework is to avoid high transaction fees and high transaction confirmation times on Ethereum mainnet by instead doing all the ecosystem transactions off-chain and only post a small information to an Ethereum Smart Contract which would represent hash of plenty of ecosystem transactions. Also, to feature movement of Era Swap Tokens from Ethereum blockchain to ESN using cryptographic proof, reverse plasma of Ethereum on ESN will be implemented.
Also, submitting hash of each ESN blocks to ESN Plasma Smart Contract on Ethereum would force ESN to have a block time equal to or more than Ethereum’s 15 second time as well as it would be very much costly for operator to post lot of hashes to an Ethereum Smart Contract. This is why, merkle root of hashes of bunch of blocks would instead be submitted to ESN Plasma Smart Contact on Ethereum.
Actors involved in the ESN:
  1. Block Producer Nodes Lesser the number of nodes, quicker is the block propagation between block producers which can help quick ecosystem transactions. We find that 7 block producers hosted on different could hosting companies and locations reduces the risk of single point of failure of Era Swap Ecosystem and facilitates 100% uptime of dApps. Block Producer Nodes will also be responsible to post the small information to the Blockchain.
  2. Block Listener Nodes Rest of the nodes will be Block Listeners which will sync new blocks produced by the block producer nodes. Plenty of public block listener nodes would be setup in various regions around the world for shorter ping time to the users of Era Swap Ecosystem. Users would submit their Era Swap Ecosystem transactions to one of these public nodes, which would relay them to rest of the Era Swap Network eventually to the block producer nodes which would finalize a new block including the user transaction.
  3. Bunch Committers This will be an instance in the block producers which will watch for new blocks confirmed on ESN and will calculate bunch merkle roots and will submit it to ESN Plasma Smart Contract. This instance will also post hash of new Ethereum blocks to ESN (after about 10 confirmations) for moving assets between both the blockchain.
  4. Users These will be integrating with dApps which would be connected to some public ESN nodes or they can install a block listner node themselves. They can sign and send transactions to the node which they are connected to and then that node will relay their transactions to block producer nodes who would finalise a block including their transaction.

Bunch Structure

A Bunch Structure in Smart Contract will consist of the following:
• Start Block Number: It is the number of first ESN block in the bunch.
• Bunch Depth: It is Merkle Tree depth of blocks in the bunch. For e.g. If bunch depth is 3, there would be 8 blocks in the bunch and if bunch depth is 10, there would be 1024 blocks in the bunch. Bunch depth of Bunches on ESN Plasma Contract is designed to be variable. During the initial phases of ESN, it would be high, for e.g. 15, to avoid ether expenditure and would be decreased in due course of time.
• Transactions Mega Root: This value is the merkle root of all the transaction roots in the bunch. This is used by Smart Contract to verify that a transaction was sent on the chain.
• Receipts Mega Root: This value is the merkle root of all the receipt roots in the bunch. This is used to verify that the transaction execution was successful.
• Timestamp: This value is the time when the bunch proposal was submitted to the smart contract. After submission, there is a challenge period before it is finalised.

Converting ES-ERC20 to ERC-NA and BACK

On Ethereum Blockchain, the first class cryptocurrency is ETH and rest other tokens managed by smart contracts are second class. On ESN, there is an advancement to have Era Swaps as the first class cryptocurrency. This cryptocurrency will feature better user experience and to differentiate it from the classic ERC20 Era Swaps, it will be called as Era Swap Natives (ES-Na). According to the Era Swap Whitepaper, maximum 9.1 Million ES will exist which will be slowly released in circulation every month.
Era Swaps will exist as ES-ERC20 as well as in form of ES-Na. One of these can be exchanged for the other at 1:1 ratio.
Following is how user will convert ES-ERC20 to ES-Na:
  1. User will give allowance to a Deposit Smart Contract, and following that call deposit method to deposit tokens to the contract.
  2. On transaction confirmation, user will paste the transaction hash on a portal which will generate a Proof of Deposit string for the user. This string is generated by fetching all the transactions in the Ethereum Block and generating a Transaction Patricia Merkle Proof to prove that user’s transaction was indeed included in the block and the Receipts Patricia Merkle Proof to confirm that the user’s transaction was successful.
  3. Using the same portal, user will submit the generated proofs to a Smart Contract on ESN, which would release funds to user. Though, user will have to wait for the Etheruem block roots to be posted to ESN after waiting for confirmations which would take about 3 minutes. Once, it’s done user’s proofs will be accepted and will receive exact amount of ES- Na on ESN.
Following is how user will convert ES-Na to ES-ERC20:
  1. ES-Na being first class cryptocurrency, user will simply send ES-Na to a contract.
  2. User will paste the transaction hash on a portal which will generate a Proof of Deposit for the user. Again ES-Na being first class cryptocurrency, Transaction Patricia Merkle Proof is enough to prove that user’s transaction was indeed included in the block. Another thing which will be generated is the block inclusion proof in the bunch.
  3. User will have to wait for the bunch confirmation to the Plasma Smart Contract and once it’s done, user can send the proof to the Plasma Smart Contract to receive ES-ERC20.

HARD Exit

Since the blocks are produced and transactions are validated by few block producers, it exposes a possibility for fraud by controlling the block producer nodes. Because ESN is based on the Plasma Model, when failure of sidechain occurs or the chain halts, users can hard exit their funds directly from the Plasma Smart Contract on Ethereum by giving a Proof of Holdings.

HOld ES Tokens Swapping with New ES Tokens

The old ES Tokens will be valueless as those tokens will not be accepted in ESN because of NRT (New Released Tokens) and TimeAlly contracts on mainnet which is causing high gas to users, hence reducing interactions. Also, there was an event of theft of Era Swap Tokens and after consensus from majority of holders of Era Swap Tokens; it was decided to create a new contract to reverse the theft to secure the value of Era Swap Tokens of the community. Below is the strategy for swapping tokens:
TimeAlly and TSGAP: Majority of Era Swap Community have participated in TimeAlly Smart Contract in which their tokens are locked for certain period of time until which they cannot move them. Such holders will automatically receive TimeAlly staking of specific durations from the operator during initialization of ESN.
Liquid Tokens: Holders of Liquid Era Swap Tokens have to transfer the old tokens to a specified Ethereum wallet address managed by team. Following that, team will audit the token source of the holder (to eliminate exchange of stolen tokens) and send new tokens back to the wallet address.

Post-Genesis Tokens Return Program

Primary asset holding of Era Swap tokens will exist on Ethereum blockchain as an ERC20 compatible standard due to the highly decentralised nature of the blockchain. Similar to how users deposit tokens to an cryptocurrency exchange for trading and then withdraw the tokens back, users will deposit tokens to ESN Contract to enter Era Swap Ecosystem and they can withdraw it back from ESN Contract for exiting from ecosystem network. The design of the token system will be such that, it will be compatible with the future shift (modification or migration of ESN version 1) to ESN version 2, in which an entirely new blockchain setup might be required.
To manage liquidity, following genesis structure will be followed:

Holder ES-ERC20 ES-Na
Team Wallet 1.17 billion (Circulating Supply) 0
Locked in Smart Contract 7.93 billion (pending NRT releases) 9.1 billion
Though it looks like there are 9.1 * 2 = 18.2 Billion ES, but the cryptographic design secures that at any point in time at least a total of 9.1 billion ES (ES-ERC20 + ES-Na) will be locked. To unlock ES-Na on ESN, an equal amount of ES-ERC20 has to be locked on Ethereum and vice-versa.
9.1 billion ES-ERC20 will be issued by ERC20 smart contract on Ethereum Blockchain, out of which the entire circulating supply (including liquid and TimeAlly holdings) of old ES will be received to a team wallet.
TimeAlly holdings of all users will be converted to ES-Na and distributed on ESN TimeAlly Smart Contract by team to the TimeAlly holders on their same wallet address.
Liquid user holdings will be sent back to the users to the wallet address from which they send back old ES tokens (because some old ES are deposited on exchange wallet address).
ES-Na will be issued in the genesis block to an ESN Manager Smart Contract address. It will manage all the deposits and withdrawals as well as NRT releases.

Attack Vectors


Following are identified risks to be taken care of during the development of ESN:
Network Spamming: Attackers can purchase ES from the exchange and make a lot of transactions between two accounts. This is solved by involving gas fees. A setting of 200 nanoES minimum gas price will be set, which can be changed as per convenience.
DDoS: Attackers can query public nodes for computationally heavy output data. This will overload the public node with requests and genuine requests might get delayed. Block producers RPC is private, so they will continue to produce blocks. To manage user’s denial of service, the provider in dApps needs to be designed in such a way such that many public nodes will be queried simple information (let’s say latest block number) and the one which response quickly to user will be selected.
AWS is down: To minimize this issue due to cloud providers down, there will be enough nodes on multiple cloud providers to ensure at least one block producer is alive.
User deposit double spending: User deposits ES on Ethereum, gets ES-Na on ESN. Then the issue happens that there are re-org on ETH mainnet and the user’s transaction is reversed. Since ETH is not a fixed chain and as per PoW 51% attack can change the blocks. As Ethereum is now enough mature and by statistics forked blocks are at most of height 2. So it is safe to consider 15 confirmations.
Exit Game while smooth functioning: User starts a hard exit directly from Plasma Smart Contract on Ethereum, then spends his funds from the plasma chain too. To counter this, the exit game will be disabled, only when ESN halts, i.e. fails to submit block header within the time the exit game starts. This is because it is difficult to mark user’s funds as spent on ESN.
Vulnerability in Ecosystem Smart Contracts: Using traditional methods to deploy smart contracts results in a situation where if a bug is found later, it is not possible to change the code. Using a proxy construction for every ecosystem smart contract solves this problem, and changing a proxy can be given to a small committee in which 66% of votes are required, this is to prevent a malicious change of code due to compromising of a single account or similar scenario.
ChainID replay attacks: Using old and traditional ways to interact with dApps can cause loss to users, hence every dApp will be audited for the same.

Conclusion

Era Swap Network is an EVM-compatible sidechain attached to the Ethereum blockchain through Plasma Framework. This allows off-chain processing of Era Swap Ecosystem transactions and posting only the hash of the bunch to Ethereum. This greatly reduces the high network fee and confirmation time issues faced by the current Era Swap Ecosystem DApps deployed on Ethereum. Also, having a separate EVM-compatible blockchain tailored to Era Swap Ecosystem improves the user experience to a higher extent. Since by design, Plasma Framework makes the Era Swap Network as secure as the Ethereum Network, user's funds on the network would be secure as well.
We believe Era Swap Network will help scale dApps of Era Swap Ecosystem to onboard the increasing numbers of users.


Era Swap Ecosystem
Era Swap Ecosystem consist of multiple interlinked platforms which is powered by Era swap (ES) token, a decentralized utility token to be used on below utility platforms. Users can access the Platforms through Era Swap Life which is the Single Sign on (SSO) gateway to the one world of Era Swap Ecosystem.
Era Swap Life: https://eraswap.life/
TimeAlly DApp -> Decentralized Token Vesting: https://www.timeally.io/
BetDeEx -> Decentralized prediction platform: https://www.betdeex.com/
Swappers Wall -> Social Time Ledgerise: https://timeswappers.com/swapperswall
TimeSwappers -> Global P2P marketplace: https://timeswappers.com/
BuzCafe -> Connects local P2P outlets: https://buzcafe.com/
DaySwappers -> Unique Affiliate Program: https://dayswappers.com/
Era Swap Academy -> E-mart for skill development: https://eraswap.academy/
Value of Farmers (VOF) -> Farming ecosystem: http://valueoffarmers.org/ coming soon
ComputeEx -> P2P lending and borrowing: https://computeex.net/ coming soon
DateSwappers -> Next gen dating: coming soon
Smart Contract address

Era Swap Token (ES)
https://etherscan.io/address/0xef1344bdf80bef3ff4428d8becec3eea4a2cf574#code

Newly Released Token (NRT) https://etherscan.io/address/0x20ee679d73559e4c4b5e3b3042b61be723828d6c#code

TimeAlly DApp
https://etherscan.io/address/0x5630ee5f247bd6b61991fbb2f117bbeb45990876#code

BetDeEx DApp https://etherscan.io/address/0x42225682113E6Ed3616B36B4A72BbaE376041D7c#code
TSGAP DApp
https://etherscan.io/address/0xbad9af4db5401b7d5e8177a18c1d69c35fc03fd3#code

White Paper
Era Swap Whitepaper: https://eraswaptoken.io/pdf/eraswap_whitepaper.pdf
Era Swap Light Paper: https://eraswaptoken.io/pdf/eraswap_lightpaper.pdf

Howey Test
Howey Test: https://eraswaptoken.io/era-swap-howey-test-letter-august7-2018.php

Era Swap SOCIAL LINKS
Telegram: https://t.me/eraswap
Twitter: https://twitter.com/eraswaptec
Facebook: https://www.facebook.com/eraswap/
Instagram: https://www.instagram.com/eraswap/
BitcoinTalk: https://bitcointalk.org/index.php?topic=5025979.msg45502457
Youtube: https://www.youtube.com/channel/UCGCP4f5DF1W6sbCjS6y3T1g
LinkedIn: https://www.linkedin.com/company/eraswap/
Reddit: https://www.reddit.com/useEraSwap
Medium: https://medium.com/@eraswap
Tumblr: https://eraswap.tumblr.com/
Mix: https://mix.com/eraswap
Pinterest: https://www.pinterest.com/eraswapt/
GitHub: https://github.com/KMPARDS/EraSwapSmartContracts
submitted by EraSwap to u/EraSwap [link] [comments]

A better anti-reorg algorithm using first-seen times to punish secret/dishonest mining

Bitcoin currently allows a malicious miner with at least 51% of the network hashrate to arbitrarily rewrite blockchain history. This means that transactions are reversible if they belong to a miner with a hashrate majority, and such transactions are subject to double-spend attempts. Bitcoin SV's miners have repeatedly threatened to perform this attack against exchanges using BCH by mining a secret, hidden chain which they only publish after they have withdrawn funds in a different currency from the exchange. It would be nice if we could prevent these secret mining re-org attacks.
Yesterday, I came up with a new algorithm for making secret re-org attacks very expensive and difficult to pull off. This new algorithm is designed to avoid the permanent chainsplit vulnerabilities of ABC 0.18.5 while being more effective at punishing malicious behavior.
The key to the new algorithm is to punish exactly the behavior that indicates malice. First, publishing a block after another block at the same height has arrived on the network suggests malice or poor performance, and the likelihood of malice increases as the delay increases. A good algorithm would penalize blocks in proportion to how much later they were published after the competing block. Second, building upon a block that was intentionally delayed is also a sign of malice. Therefore, a good algorithm would discount the work done by blocks based not only on their own delays, but the delays that were seen earlier in that chain as well. Since the actions at the start of the fork are more culpable (as they generate the split), we want to weight those blocks more heavily than later blocks.
I wrote up an algorithm that implements these features. When comparing two chains, you look at the PoW done since the fork block, and divide that PoW by a penalty score. The penalty score for each chain is calculated as the sum of the penalty scores for each block. Each block's penalty score is equal to the apparent time delay of that block relative to its sibling or cousin[1], divided by 120 seconds[2], and further divided by the square[3] of that block's height[4] from the fork.[5]
This algorithm has some desirable properties:
  1. It provides smooth performance. There are no corners or sharp changes in its incentive structure or penalty curve.
  2. It converges over very long time scales. Eventually, if one chain has more hashrate than the other and that is sustained indefinitely, the chain with the most hashrate will win by causing the chain penalty score for the slower (less-PoW) chain to grow.
  3. The long-term convergence means that variation in observed times early in the fork will not cause permanent chainsplits.
  4. Long-term convergence means that nodes can follow the standard most-PoW rule during initial block download and get the same results unless an attack is underway, in which case the node will only temporarily disagree.
  5. Over intermediate time scales (e.g. hours to weeks), the penalty given to secret-mining deep-reorg chains is very large and difficult to overcome even with a significant hashrate advantage. The penalty increases the longer the attack chain is kept secret. This makes attack attempts ineffective unless they are published within about 20 minutes of the attack starting.
  6. Single-block orphan race behavior is identical to existing behavior unless one of the blocks has a delay of at least 120 seconds, in which case that chain would require a total of 3 blocks to win (or more) instead of just 2.
  7. As the algorithm strongly punishes hidden chains, finalization becomes much safer as long as you prevent finalization from happening while there are known competitive alternate chains. However, this algorithm is still effective without finalization.
I wrote up this algorithm into a Python sim yesterday and have been playing around with it since. It seems to perform quite well. For example, if the attacker has 1.5x as much hashrate as the defenders (who had 100% of the hashrate before the fork), mine in secret for 20 minutes before publishing, and if finalization is enabled after 10 blocks when there's at least a 2x score advantage, then the attacker gets an orphan rate of 49.3% on their blocks and is only able to cause a >= 10 block reorg in 5.2% of cases, and none of those happen blindly, as the opposing chain shows up when most transactions have about 2 confirmations. If the attacker waits 1 hour before publishing, the attack is even less effective: 94% of their blocks are orphaned, 95.6% of their attempts fail, 94.3% of the attacks end with defenders successfully finalizing, and only 0.6% of attack attempts result in a >= 10 block reorg.
The code for my algorithm and simulator can be found on my antiReorgSim Github repository. If you guys have time, I'd appreciate some review and feedback. To run it:
git clone https://github.com/jtoomim/antiReorgSim.git cd antiReorgSim python reorgsim.py # use pypy if you have it, as it's 30x faster 
Thanks! Special thanks to Jonald Fyookball and Mark Lundeberg for reviewing early versions of the code and the ideas. I believe Jonald is working on a Medium post based on some of these concepts. Keep an eye out for it.
Edit: I'm working on an interactive HTML visualization using Dash/Python! Here's a screenshot from a preliminary version in which convergence (or attacker victory, if you prefer) happens after 88.4 hours. In this scenario, the attacker wins because of the rule in Note 5.
Edit 2: An alpha website version of the simulator is up! The code is all server-side for the simulation, so it might get overloaded if too many people hit it at the same time, but it might be fine. Feel free to play around with it!
Note 1: This time delay is calculated by finding the best competing chain's last block with less work than this one and the first block with more work than this one and interpolating the time-first-seen between the two. The time at which the block was fully downloaded and verified is used as time-first-seen, not the time at which the header was received nor the block header's timestamp.
Note 2: An empirical constant, intended to be similar to worst-case block propagation times.
Note 3: A semi-empirical constant; this balances the effect of early blocks against late blocks. The motivation for squaring is that late blocks gain an advantage for two multiplicative reasons: First, there are more late blocks than early blocks. Second, the time deltas for late blocks are larger. Both of these factors are linear versus time, so canceling them out can be done by dividing by height squared. This way, the first block has about as much weight as the next 4 blocks; the first two blocks have as much weight as the next 9 blocks; and the first (n) blocks have about as much weight as the next (n+1)2 blocks. Any early advantage can be overcome eventually by a hashrate majority, so over very long time scales (e.g. hours to weeks), this rule is equivalent to the simple Satoshi most-PoW rule, as long as the hashrate on each chain is constant. However, over intermediate time scales, the advantage to the first seen blocks is large enough that the hashrate will likely not remain constant, and hashrate will likely switch over to whichever chain has the best score and looks the most honest.
Note 4: The calculation doesn't actually use height, as that would be vulnerable to DAA manipulation. Instead, the calculation uses pseudoheight, which uses the PoW done and the fork block's difficulty to calculate what the height would be if all blocks had the fork block's difficulty.
Note 5: If one chain has less PoW than the other, the shorter chain's penalty is calculated as if enough blocks had been mined at the last minute to make them equal in PoW, but these fictional blocks do not contribute to the actual PoW of that chain.
submitted by jtoomim to btc [link] [comments]

Xthinner/Blocktorrent development status update -- Jan 12, 2018

Edit: Jan 12, 2019, not 2018.
Xthinner is a new block propagation protocol which I have been working on. It takes advantage of LTOR to give about 99.6% compression for blocks, as long as all of the transactions in the block were previously transmitted. That's about 13 bits (1.6 bytes) per transaction. Xthinner is designed to be fault-tolerant, and to handle situations in which the sender and receiver's mempools are not well synchronized with gracefully degrading performance -- missing transactions or other decoding errors can be detected and corrected with one or (rarely) two additional round trips of communication. My expectation is that when it is finished, it will perform about 4x to 6x better than Compact Blocks and Xthin for block propagation. Relative to Graphene, I expect Xthinner to perform similarly under ideal circumstances (better than Graphene v1, slightly worse than Graphene v2), but much better under strenuous conditions (i.e. mempool desynchrony).
The current development status of Xthinner is as follows:
  1. Python proof-of-concept encodedecoder -- done 2018-09-15
  2. Detailed informal writeup of the encoding scheme -- done 2018-09-29
  3. Modify TxMemPool to allow iterating on a view sorted by TxId -- done 2018-11-26
  4. Basic C++ segment encoder -- done 2018-11-26
  5. Basic c++ segment decoder -- done 2018-11-26
  6. Checksums for error detection -- done 2018-12-09
  7. Serialization/deserialization -- done 2018-12-09
  8. Prefilled transactions, coinbase handling, and non-mempool transactions -- done 2018-12-25
  9. Missing/extra transactions, re-requests, and handling mempool desynchrony for segment decoding -- done 2019-01-12
  10. Block transmission coupling the block header with one or more Xthinner segments -- 50% done 2019-01-12
  11. Missing/extra transactions, re-requests, and handling mempool desynchrony for block decoding -- done 2019-01-12
  12. Integration with Bitcoin ABC networking code
  13. Networking testing on regtest/testnet/mainnet with real blocks
  14. Write BIP/BUIP and formal spec
  15. Bitcoin ABC pull request and begin of code review
  16. Unit tests, performance tests, benchmarks -- started
  17. Bitcoin Unlimited pull request and begin of code review
  18. Alpha release of binaries for testing or low-security block relay networks
  19. Merging code into ABC/BU, disabled-by-default
  20. Complete security review
  21. Enable by default in ABC and/or BU
  22. (Optional) parallelize encoding/decoding of blocks
Following is the debugging output from a test run done with coherent senderecipient mempools with a 1.25 million tx block, edited for readability:
Testing Xthinner on a block with 1250003 transactions with sender mempool size 2500000 and recipient mempool size 2500000 Tx/Block creation took 262 sec, 104853 ns/tx (mempool) CTOR block sorting took 2467 ms, 987 ns/tx (mempool) Encoding is 1444761 pushBytes, 2889520 1-bit commands, 103770 checksum bytes total 1910345 bytes, 12.23 bits/tx Single-threaded encoding took 2924 ms, 1169 ns/tx (mempool) Serialization/deserialization took 1089 ms, 435 ns/tx (mempool) Single-threaded decoding took 1912314 usec, 764 ns/tx (mempool) Filling missing slots and handling checksum errors took 0 rounds and 12 usec, 0 ns/tx (mempool) Blocks match! *** No errors detected 
If each transaction were 400 bytes on average, this block would be 500 MB, and it was encoded in 1.9 MB of data, a 99.618% reduction in size. Real-world performance is likely to be somewhat worse than this, as it's not likely that 100% of the block's transactions will always be in the recipient's mempool, but the performance reduction from mempool desychrony is smooth and predictable. If the recipient is missing 10% of the sender's transactions, and has another 10% that the sender does not have, the transaction list is still able to be successfully transmitted and decoded, although in that case it usually takes 2.5 round trips to do so, and the overall compression ratio ends up being around 71% instead of 99.6%.
Anybody who wishes can view the WIP Xthinner code here.
Once Xthinner is finished, I intend to start working on Blocktorrent. Blocktorrent is a method for breaking a block into small independently verifiable chunks for transmission, where each chunk is about one IP packet (a bit less than 1500 bytes) in size. In the same way that Bittorrent was faster than Napster, Blocktorrent should be faster than Xthinner. Currently, one of the big limitations on block propagation performance is that a node cannot forward the first byte of a block until the last byte of the block has been received and completely validated. Blocktorrent will change that, and allow nodes to forward each IP packet shortly after that packet was received, regardless of whether any other packets have also been received and regardless of the order in which the packets are received. This should dramatically improve the bandwidth utilization efficiency of nodes during block propagation, and should reduce the block propagation latency for reaching the full network quite a lot -- my current estimate is about 10x improvement over Xthinner. Blocktorrent achieves this partial validation of small chunks by taking advantage of Bitcoin blocks' Merkle tree structure. Chunks of transactions are transmitted in a packet along with enough data from the rest of the Merkle tree's internal nodes to allow for that chunk of transactions to be validated back to the Merkle root, the block header, and the mining PoW, thereby ensuring that packet being forwarded is not invalid spam data used solely for a DoS attack. (Forwarding DoS attacks to other nodes is bad.) Each chunk will contain an Xthinner segment to encode TXIDs My performance target with Blocktorrent is to be able to propagate a 1 GB block in about 5-10 seconds to all nodes in the network that have 100 Mbps connectivity and quad core CPUs. Blocktorrent will probably perform a bit worse than FIBRE at small block sizes, but better at very large blocksizes, all without the trust and centralized infrastructure that FIBRE uses.
submitted by jtoomim to btc [link] [comments]

Blockchain Tutorial - How does a Blockchain work? Bitcoin - Transaction block chains Blockchain Basics Explained - Hashes with Mining and Merkle trees BITCOIN MINING trailer Bitcoin 101 - Quindecillions & The Amazing Math Of Bitcoin's Private Keys

Block header structure. The block header component has a unique identifier called the block header hash. Each block header is comprised out of three main components: the previous block hash, the timestamp, difficulty and nonce (information about mining), and the Markle Tree Root. Each one has a block header and then a pointer to some transaction data as well as a pointer to the previous block and the sequence, and remember these are hash pointers. It's all available online cuz again the Bitcoin is a public data structure. So a lot of different people have put very pretty wrappers around this to explore it graphically. When a miner is trying to mine this block, the Unix time at which this block header is being hashed is noted within the block header itself. Bits: A shortened version of the Target. Nonce: The field that miners change in order to try and get a hash of the block header (a Block Hash) that is below the Target. In bitcoin the service string is encoded in the block header data structure, and includes a version field, the hash of the previous block, the root hash of the merkle tree of all transactions in the block, the current time, and the difficulty. Bitcoin stores the nonce in the extraNonce field which is part of the coinbase transaction, which is Block is a permanently recorded file at Bitcoin containing information on occurred transactions. Block is the record of the every recent transaction or its part that has not been recorded in the previous blocks. Practically in all cases blocks are added to the end of the chain, which contains all transactions and is called blockchain.When a block is added to the end of the chain, it cannot be

[index] [19011] [20265] [18323] [725] [4689] [17903] [21615] [8754] [17966] [16869]

Blockchain Tutorial - How does a Blockchain work?

The mechanics of a bitcoin transaction block chain, which is a construct that is generated by bitcoin miners and functions as a global ledger for recording and validating bitcoins. Bitcoin 101 - Merkle Roots and Merkle Trees - Bitcoin Coding and Software - The Block Header - Duration: 24:18. CRI 43,741 views. 24:18. ... What is a HashTable Data Structure ... Blockchain - The block structure Watch more videos at https://www.tutorialspoint.com/videotutorials/index.htm Lecture By: Mr. Parth Joshi, Tutorials Point In... Bitcoin 101 - Merkle Roots and Merkle Trees - Bitcoin Coding and Software - The Block Header - Duration: 24:18. CRI 41,642 views. 24:18. What is Blockchain - Duration: 13:59. Bitcoin's private keys are made of numbers (called quindecillions) that are so large, they literally choke the best computers. In fact even if all the world's computers were able to work together ...

Flag Counter