Ultimate glossary of crypto currency terms, acronyms and abbreviations
FYI: yesterday I got trolled by someone using a password from a hacked account, and fishing for a payout. The password was a simple one I used on a few old accounts. It was really a blessing, because it finally motivated me to set up 1Password, and start migrating my 400+ accts/logins to it.
In case any user has a related question, you'll know why... The subject of the email was my old password. Here's the body:
I know [xxxx] is one of your password on day of hack. Lets get directly to the point. Not one person has paid me to check about you. You do not know me and you're probably thinking why you are getting this email? in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean). When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam. immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account. after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you. Best solution would be to pay me $1007. We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video. My -BTC -address: [wishful thinking] [case SeNSiTiVe, copy & paste it] You could go on your life like this never happened and you will not ever hear back again from me. You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google). if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too. I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid. if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on. Nevertheless, if i do get paid, i will destroy the recording immediately. If you need proof, reply with Yeah then i will send out your video recording to your 8 friends. it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message.
You've probably been hearing a lot about Bitcoin recently and are wondering what's the big deal? Most of your questions should be answered by the resources below but if you have additional questions feel free to ask them in the comments. It all started with the release of the release of Satoshi Nakamoto's whitepaper however that will probably go over the head of most readers so we recommend the following videos for a good starting point for understanding how bitcoin works and a little about its long term potential:
Limited Supply - There will only ever be 21,000,000 bitcoins created and they are issued in a predictable fashion, you can view the inflation schedule here. Once they are all issued Bitcoin will be truly deflationary. The halving countdown can be found here.
Open source - Bitcoin code is fully auditable. You can read the source code yourself here.
Accountable - The public ledger is transparent, all transactions are seen by everyone.
Decentralized - Bitcoin is globally distributed across thousands of nodes with no single point of failure and as such can't be shut down similar to how Bittorrent works. You can even run a node on a Raspberry Pi.
Censorship resistant - No one can prevent you from interacting with the bitcoin network and no one can censor, alter or block transactions that they disagree with, see Operation Chokepoint.
Push system - There are no chargebacks in bitcoin because only the person who owns the address where the bitcoins reside has the authority to move them.
Low fee scaling - On chain transaction fees depend on network demand and how much priority you wish to assign to the transaction. Most wallets calculate on chain fees automatically but you can view current fees here and mempool activity here. On chain fees may rise occasionally due to network demand, however instant micropayments that do not require confirmations are happening via the Lightning Network, a second layer scaling solution currently rolling out on the Bitcoin mainnet.
Borderless - No country can stop it from going in/out, even in areas currently unserved by traditional banking as the ledger is globally distributed.
Portable - Bitcoins are digital so they are easier to move than cash or gold. They can even be transported by simply memorizing a string of words for wallet recovery (while cool this method is generally not recommended due to potential for insecure key generation by inexperienced users. Hardware wallets are the preferred method for new users due to ease of use and additional security).
Bitcoin.org and BuyBitcoinWorldwide.com are helpful sites for beginners. You can buy or sell any amount of bitcoin (even just a few dollars worth) and there are several easy methods to purchase bitcoin with cash, credit card or bank transfer. Some of the more popular resources are below, also check out the bitcoinity exchange resources for a larger list of options for purchases.
Here is a listing of local ATMs. If you would like your paycheck automatically converted to bitcoin use Bitwage. Note: Bitcoins are valued at whatever market price people are willing to pay for them in balancing act of supply vs demand. Unlike traditional markets, bitcoin markets operate 24 hours per day, 365 days per year. Preev is a useful site that that shows how much various denominations of bitcoin are worth in different currencies. Alternatively you can just Google "1 bitcoin in (your local currency)".
Securing your bitcoins
With bitcoin you can "Be your own bank" and personally secure your bitcoins OR you can use third party companies aka "Bitcoin banks" which will hold the bitcoins for you.
If you prefer to "Be your own bank" and have direct control over your coins without having to use a trusted third party, then you will need to create your own wallet and keep it secure. If you want easy and secure storage without having to learn computer security best practices, then a hardware wallet such as the Trezor, Ledger or ColdCard is recommended. Alternatively there are many software wallet options to choose from here depending on your use case.
If you prefer to let third party "Bitcoin banks" manage your coins, try Gemini but be aware you may not be in control of your private keys in which case you would have to ask permission to access your funds and be exposed to third party risk.
Note: For increased security, use Two Factor Authentication (2FA) everywhere it is offered, including email! 2FA requires a second confirmation code to access your account making it much harder for thieves to gain access. Google Authenticator and Authy are the two most popular 2FA services, download links are below. Make sure you create backups of your 2FA codes.
As mentioned above, Bitcoin is decentralized, which by definition means there is no official website or Twitter handle or spokesperson or CEO. However, all money attracts thieves. This combination unfortunately results in scammers running official sounding names or pretending to be an authority on YouTube or social media. Many scammers throughout the years have claimed to be the inventor of Bitcoin. Websites like bitcoin(dot)com and the btc subreddit are active scams. Almost all altcoins (shitcoins) are marketed heavily with big promises but are really just designed to separate you from your bitcoin. So be careful: any resource, including all linked in this document, may in the future turn evil. Don't trust, verify. Also as they say in our community "Not your keys, not your coins".
Where can I spend bitcoins?
Check out spendabit or bitcoin directory for millions of merchant options. Also you can spend bitcoin anywhere visa is accepted with bitcoin debit cards such as the CashApp card. Some other useful site are listed below.
Mining bitcoins can be a fun learning experience, but be aware that you will most likely operate at a loss. Newcomers are often advised to stay away from mining unless they are only interested in it as a hobby similar to folding at home. If you want to learn more about mining you can read more here. Still have mining questions? The crew at /BitcoinMining would be happy to help you out. If you want to contribute to the bitcoin network by hosting the blockchain and propagating transactions you can run a full node using this setup guide. If you would prefer to keep it simple there are several good options. You can view the global node distribution here.
Just like any other form of money, you can also earn bitcoins by being paid to do a job.
You can also earn bitcoins by participating as a market maker on JoinMarket by allowing users to perform CoinJoin transactions with your bitcoins for a small fee (requires you to already have some bitcoins.
The following is a short list of ongoing projects that might be worth taking a look at if you are interested in current development in the bitcoin space.
One Bitcoin is quite large (hundreds of £/$/€) so people often deal in smaller units. The most common subunits are listed below:
one bitcoin is equal to 100 million satoshis
1,000 per bitcoin
used as default unit in recent Electrum wallet releases
1,000,000 per bitcoin
colloquial "slang" term for microbitcoin (μBTC)
100,000,000 per bitcoin
smallest unit in bitcoin, named after the inventor
For example, assuming an arbitrary exchange rate of $10000 for one Bitcoin, a $10 meal would equal:
For more information check out the Bitcoin units wiki. Still have questions? Feel free to ask in the comments below or stick around for our weekly Mentor Monday thread. If you decide to post a question in /Bitcoin, please use the search bar to see if it has been answered before, and remember to follow the community rules outlined on the sidebar to receive a better response. The mods are busy helping manage our community so please do not message them unless you notice problems with the functionality of the subreddit. Note: This is a community created FAQ. If you notice anything missing from the FAQ or that requires clarification you can edit it here and it will be included in the next revision pending approval. Welcome to the Bitcoin community and the new decentralized economy!
Transcript of how Philip the tyrant admin of the Bitcoin Cash Telegram group called Spoice stupid, an idiot, a parrot among other insults then banned her instead of discussing Bitcoin Cash. That Telegram group is hostile, ABC/IFP shills run and follows the rBitcoin toxic censorship modus operandi.
David B., [18.10.20 01:46] https://www.reddit.com/btc/comments/jdagi3/whats_up_with_the_bchn_hypocrisy/ David B., [18.10.20 01:47] Wut x2 J Stodd, [18.10.20 01:49] [In reply to David B.] Their words are meaningless. They have no principles. Wish i could comment but bitcoinxio banned me from rbtc and never told me why David B., [18.10.20 01:59] These comments are so toxic Spoice, [18.10.20 01:59] In reality, the real continuation of Bitcoin as we all know it is what is carried on by BCHN, BU, BCHD and others Spoice, [18.10.20 02:00] ABC is changing the rules to something that is not Bitcoin Spoice, [18.10.20 02:00] anyone denying those facts is selling you snake oil Spoice, [18.10.20 02:00] If Blockstream tried to take some % to their own benefit, we would have never needed BCH in the first place Spoice, [18.10.20 02:00] everyone would have rejected them in a second J Stodd, [18.10.20 02:01] [In reply to Spoice] Bitcoin Cash is not Bitcoin to start with, so who cares? David B., [18.10.20 02:01] [ Album ] Spoice, [18.10.20 02:01] yet we have ABC trying to pull this theft and all those puppets think it's ok Spoice, [18.10.20 02:01] JSTodd that's bullshit David B., [18.10.20 02:01] Like trying to talk to a core maxi about altcoins Spoice, [18.10.20 02:01] Bitcoin Cash is the most Bitcoin out of all Bitcoins Spoice, [18.10.20 02:01] it is the continuation of what Satoshi started David B., [18.10.20 02:02] Tbh they aren't even toxic Michael Nunzio, [18.10.20 02:02] [In reply to Spoice] If the hash follows then it is Bitcoin Cash. Only if it doesn't is your claim true J Stodd, [18.10.20 02:03] [In reply to Spoice] Bitcoin is Bitcoin. Bitcoin failed to be Peer to Peer Cash, so Bitcoin Cash attempted to fix this by forking Bitcoin and attacking the root of the problem. This does not mean Bitcoin Cash is literally Bitcoin. Adopt a different argument. Sorry if you bought into that bc of Rogers rantings J Stodd, [18.10.20 02:05] Bitcoin Cash can replace Bitcoin, and if Bitcoin dies and BCH wins then sure maybe it can take its name from its grave, but they are different products, trying to say Bitcoin stopped being "Bitcoin" and became BCH is a self contradiction. Jingles, [18.10.20 02:08] Jstodd's got some good points. Jingles, [18.10.20 02:08] He's learnt so much in the last year ☺️ Spoice, [18.10.20 02:08] "Bitcoin is Bitcoin" is a false statement. BTC is just an instance of Bitcoin. Bitcoin is the set of rules defined in the whitepaper first and foremost, it is peer to peer electronic cash. BTC no longer fits that criteria. Bitcoin Cash meets them. The fork proposed by ABC also fails to meet that criteria. Therefore the continuation of Bitcoin is in whatever BU, BCHN, Flowee and others will continue. Jingles, [18.10.20 02:09] What rules were defined in the WP? Spoice, [18.10.20 02:10] Let's see which rules aren't: 1) No coinbase tax going to any centralized entity such as ABC 2) No throttling of TX throughput such as BTC Spoice, [18.10.20 02:10] therefore they both fail the simple "Is this Bitcoin?" test Spoice, [18.10.20 02:11] Finally, Michael, if you think Hash rate defines what Bitcoin is, you should stick to BTC Jingles, [18.10.20 02:11] 21 million coins isn't in the WP Jingles, [18.10.20 02:11] I asked what rules did the WP define. Spoice, [18.10.20 02:12] Because BCH failed that criteria since it forked, therefore your point is wrong Spoice, [18.10.20 02:12] https://www.metzdowd.com/pipermail/cryptography/2009-January/014994.html Spoice, [18.10.20 02:12] The announcement of the white paper included the 21 million limit, close enough Jingles, [18.10.20 02:12] HIs announcement isn't the WP Spoice, [18.10.20 02:12] show me where Satoshi said that Amaury shoudl tax the chain? Spoice, [18.10.20 02:12] Doesn't matter- close enough Jingles, [18.10.20 02:12] Bitcoin is the set of rules defined in the whitepaper first and foremost - You Jingles, [18.10.20 02:13] My ears pricked up on that comment, so I'm asking you what you meant. Spoice, [18.10.20 02:13] Correct. Changing the 21 million hard limit is still more Bitcoin than taxing the Coinbase, yet both will never ever happen. Not to Bitcoin anyway Jingles, [18.10.20 02:13] If you meant Satoj's writings pre and post WP then you should be clear about it Spoice, [18.10.20 02:13] some bastardized chain might, just not Bitcoin Jingles, [18.10.20 02:14] The closest we have to anything to indicate what is "Bitcoiness" is general things like "the longest chain" Spoice, [18.10.20 02:14] No, it is never a single thing David B., [18.10.20 02:15] REEEE Jingles, [18.10.20 02:15] trustless, no single trusted third parties, and rules can change due to incentives via consensus Spoice, [18.10.20 02:15] it is a set of common sense and experiment driven and historical relevance and initial parameters and "peer to peer electronic cash" definition indicators Spoice, [18.10.20 02:15] never a single thing Jingles, [18.10.20 02:16] [In reply to Spoice] This is like the exact opposite of what you said earlier Jingles, [18.10.20 02:16] Bitcoin is defined by the rules in the WP, I mean common sense. Jingles, [18.10.20 02:16] 🤷♂️ Spoice, [18.10.20 02:16] Nope, the rule set is defined in the white paper should never change, but I never said all rules are defined in the white paper Jingles, [18.10.20 02:16] What rules? Spoice, [18.10.20 02:16] It is a union Jingles, [18.10.20 02:17] What rules are there? Spoice, [18.10.20 02:17] Rules in the white paper + what continued to define Bitcoin thereafter J Stodd, [18.10.20 02:17] [In reply to Spoice] > "Bitcoin is Bitcoin is a false statement." Alas, if we cannot agree on the law of identity, aka A=A, then i dont understand how to hold a conversation with you using logic. > BTC is an instance of Bitcoin No, BTC is a ticker used optionally by exchanges. Other common tickers for bitcoin include XBC, XBT, BC (correct me if im wrong on any of these) > "Bitcoin is a set of rules in the whitepaper" Super hard to defend this. Theres no mention of a 21M supply cap, no blocksize limit *at all*, and it also says additional rules and incentives can be enforced (implying maybe they should). Jingles, [18.10.20 02:17] I go through this with BSVers all the time. We have no spec sheet of rules defining what Bitcoin is from Satoshi. Spoice, [18.10.20 02:18] Rules such as what defines a correct block, miners receiving the full incentive of mining it, etc Jingles, [18.10.20 02:18] The WP is a highlevel document Spoice, [18.10.20 02:18] The WP is a description of a scientific experiment Spoice, [18.10.20 02:18] if you want to start your own experiment, be my guest Jingles, [18.10.20 02:18] [In reply to Spoice] Valid tx rules aren't defined in the WP Spoice, [18.10.20 02:18] just don't try to call it Bitcoin Jingles, [18.10.20 02:19] The word majority is in the WP an awful lot wouldn't you say? Spoice, [18.10.20 02:19] Not valid TX rules, but what a proof of work block is and how it diverts the reward to the miner, etc Jingles, [18.10.20 02:20] [In reply to Spoice] and? what about BTC doesn't apply? Jingles, [18.10.20 02:20] I'm not arguing for any fork of BCH here. Spoice, [18.10.20 02:20] It no longer meets the very title of the white paper experiment, "Peer to peer electronic cash" Spoice, [18.10.20 02:20] The BTC instance of the experiment is destined to move away from the very title of the white paper Jingles, [18.10.20 02:20] It's electronic, and I use it like cash. Spoice, [18.10.20 02:20] that the maintainers even wanted to edit the white paper (Cobra and co) because of this fact J Stodd, [18.10.20 02:20] u/Spoice When did BTC stop being Bitcoin in your view? The day Amaury decided to launch the fork, before Segwit happened? If someone else launched a fork first, they would have been "the real bitcoin"? This is a game of whoever forks first becomes the real Bitcoin? What if two people launched a fork at the exact same time, maybe even with identical specs? Jingles, [18.10.20 02:21] Where did I go wrong? Jingles, [18.10.20 02:21] [In reply to Spoice] Did they? Spoice, [18.10.20 02:21] Doesn't matter if you use it today, its very technical fabric will have to move your transactions to 2nd layers and it will no longer be peer to peer electronic cash on chain Jingles, [18.10.20 02:21] peer to peer electronic cash on chain - Not in the wp Jingles, [18.10.20 02:22] We have satoj talking about HFT with sidechannels. Jingles, [18.10.20 02:22] So what? Jingles, [18.10.20 02:23] I think this is a good discussion Phil, nothing disrespectful is being said. I hope this is ok? Spoice, [18.10.20 02:23] Doesn't matter, the rule of common sense, which is closer to that title? Increasing a simple variable (Blocksize) to stay on track of the title and experiment, or introduce IOUs and Watchtowers and channels and locked BTC and that whole LN Bastardization? Which is close to the title? Jingles, [18.10.20 02:23] No one said that can't happen Michael Nunzio, [18.10.20 02:24] [In reply to Spoice] Congratulations you've made an argument which isn't an argument. Jingles, [18.10.20 02:25] The whole thing that was said was the system is based on majority rules, and incentives can be changed. Majority breaks any deadlock. David B., [18.10.20 02:25] How to kill a coin 101 Spoice, [18.10.20 02:25] Logic fails anyone who tries to claim BTC, ABC, BSV or any similar standalone experiments as Bitcoin, because of simple sanity checks and logic checks, often stemming out of common sense - If what you have moves you a single step away from what is otherwise the same old experiment which Satoshi wrote about and unleashed, you're not Bitcoin. If what you have moves you a step closer, it is Bitcoin. and so on and so forth. Phlip - Not giving away coins, [18.10.20 02:25] Wow, really fanatical almost religious statements. I guess its Sunday morning. Jingles, [18.10.20 02:27] [In reply to Spoice] There's nothing common about common sense. You point to the WP to make a point, and your point isn't in there. Spoice, [18.10.20 02:27] Throttled and you need off-chain IOUs and always-on services to function (BTC) ? Not Bitcoin. Requires permission to be used and could be centrally confiscated on the whim of the organization behind it (BSV)? Not Bitcoin. Premined (Bitcoin Gold, Diamond)? Not Bitcoin. Taxing the miners through Coinbase and changing the incentives which were at play since day 0 (ABC)? Not Bitcoin Spoice, [18.10.20 02:27] simple checks really, yet those who are set to benefit will of course be oblivious to these Phlip - Not giving away coins, [18.10.20 02:28] This whole “Bitcoin Cash is the true Bitcoin - see whitepaper” is really stupid. It also ignores the history of how Bitcoin Cash came into existence Jingles, [18.10.20 02:28] Phillip, remove anyone here that has said Bitcoin Gold was the original Bitcoin immediately Jingles, [18.10.20 02:28] ^^^^ Jingles, [18.10.20 02:29] [In reply to Phlip - Not giving away coins] It falls to pieces the moment it's questioned. Spoice, [18.10.20 02:29] It is not about "True" Bitcoin Spoice, [18.10.20 02:30] It is about the Bitcoin closest to the experiment which always was Spoice, [18.10.20 02:30] I don't care about "True" or not, they all are true Phlip - Not giving away coins, [18.10.20 02:30] [In reply to Jingles] Sorry, I hve stopped reading all the sillyness above. Will reread later Jingles, [18.10.20 02:30] [In reply to Phlip - Not giving away coins] I'm joking around 😂 Spoice, [18.10.20 02:30] but the rule of entropy says I shouldn't place my money nor effort in experiments which are set to fade eventually, because they have skewed incentives Phlip - Not giving away coins, [18.10.20 02:31] [In reply to Spoice] You get to chose that for yourself but you do not get to dictate it for others David B., [18.10.20 02:31] [In reply to Phlip - Not giving away coins] Don't read it. You will have no braincells left Spoice, [18.10.20 02:31] Bitcoin as we know it has a long track record of incentives which work Spoice, [18.10.20 02:31] I won't ever dictate it for others Spoice, [18.10.20 02:31] I only would dictate it for myself, just like how I never use BTC or BSV today, I won't use ABC tomorrow Spoice, [18.10.20 02:32] only because they're new experiments Spoice, [18.10.20 02:32] interesting, and I wish them luck Jingles, [18.10.20 02:32] "Bitcoin is Bitcoin" is a false statement - Spoice 2020 Spoice, [18.10.20 02:32] but I would rather stick to the Bitcoin I know Spoice, [18.10.20 02:32] that's all Jingles, [18.10.20 02:32] I won't ever dictate it for others - Also Spoice Phlip - Not giving away coins, [18.10.20 02:32] Bitcoin Cash came with a plan snd goals. They were clearly presented in two presentations that happened before viabtc announced they would mine with ABC software and create a coin and chain named Bitcoin Cash Spoice, [18.10.20 02:32] Yes, because he means BTC is Bitcoin, and that's a false statement Jingles, [18.10.20 02:32] How is it false? Spoice, [18.10.20 02:32] It is an instance of Bitcoin Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:33] [In reply to Michael Nunzio] you're looking intimidatingly handsome in your new profile picture Phlip - Not giving away coins, [18.10.20 02:33] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] Lol Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:33] [In reply to J Stodd] actually a good question Spoice, [18.10.20 02:34] Anyway, those are my two cents Spoice, [18.10.20 02:34] Everyone is free to choose which experiments to pour their effort on and their money in Phlip - Not giving away coins, [18.10.20 02:34] [In reply to Spoice] You are entitled to your opinion. Spoice, [18.10.20 02:34] Andreas is publishing Lightning Network books, I mean Spoice, [18.10.20 02:34] So to each his own Phlip - Not giving away coins, [18.10.20 02:35] [In reply to Spoice] Lets leave it at that Spoice, [18.10.20 02:35] but Bitcoin as I know it continues with no Tax, and that in my opinion is BCH with no tax Phlip - Not giving away coins, [18.10.20 02:35] Ah you had to continue Phlip - Not giving away coins, [18.10.20 02:36] Good thing no tax is proposed by anyone Spoice, [18.10.20 02:35] Isn't this the Bitcoin Cash telegram? Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:35] 😅 Spoice, [18.10.20 02:36] If I don't discuss Bitcoin Cash here, where should I? Spoice, [18.10.20 02:36] Tax, IFP, call it what you will Spoice, [18.10.20 02:36] from my perspective as a user, it's one the same J Stodd, [18.10.20 02:36] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] I bet nobody will answer it, either Phlip - Not giving away coins, [18.10.20 02:37] [In reply to Spoice] Apparently btc /s David B., [18.10.20 02:37] [In reply to Spoice] As a user what do you care? Jingles, [18.10.20 02:37] Ooh, can I shill the Bitcoin room in here? Spoice, [18.10.20 02:37] Nah, I prefer quick responses and chats Spoice, [18.10.20 02:37] Reddit is broken Phlip - Not giving away coins, [18.10.20 02:37] [In reply to Jingles] Lol J Stodd, [18.10.20 02:37] [In reply to Spoice] Nobody even pays it, it just comes out of the block reward. The block reward is not sentient, it cannot be stolen from or wronged Phlip - Not giving away coins, [18.10.20 02:37] Dont push your luck 😉 Jingles, [18.10.20 02:37] [ 😀 Sticker ] Michael Nunzio, [18.10.20 02:38] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] You too brother. 🙏 Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:38] [In reply to Michael Nunzio] but mine is the same....i need new ones everyone always calls me fat because of this one Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:38] literally if i say 1 thing to any troll anywhere first thing they say is "ok fatass" Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:38] i blame this dumb photographer Michael Nunzio, [18.10.20 02:38] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] Don't listen. Phlip - Not giving away coins, [18.10.20 02:39] u/spoice maybe write a read.cash article if you really feel you need to educate people Spoice, [18.10.20 02:39] David, as a user I believe that each new experiment carries risk with it, why should I take part in a new fork of Bitcoin which has a new set of game-theory rules which doesn't even benefit me, rather it benefits some other entity which will take 5% of any effort or economic activity I produce on this chain? They're also off-loading the risk to me as a usebuildebusiness who choose to join their experiment. Spoice, [18.10.20 02:40] Why should I take that risk while the Bitcoin I know and have known for over 10 years worked perfectly for me thus far? (BCH, that is) Jingles, [18.10.20 02:40] small fees and empty blocks? Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:41] It will insure that a centralized group has control over development and they are by decree in the code, it's a literal take over. Phlip - Not giving away coins, [18.10.20 02:41] [In reply to Spoice] “BSV-freeze the protocol - true Bitcoin” sounds like more your thing David B., [18.10.20 02:41] [In reply to Spoice] Better run bitcoin core 0.1 Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:41] Imagine if satoshi keyd his address in the code to be paid out of every block, but instead of paying himself started a company "Bitcoin Dev Co" Spoice, [18.10.20 02:42] Not really, BSV kills the incentives I am discussing too Phlip - Not giving away coins, [18.10.20 02:42] [In reply to Jingles] Please stay nice now Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:42] No one would ever be able to say Bitcoin was Decentralized, Bitcoin Dev Co would get paid directly from the reward. Jingles, [18.10.20 02:42] [In reply to Phlip - Not giving away coins] "BSV: We have all the Bad Idea. On chain" Spoice, [18.10.20 02:42] The Nash equilibrium we have tested for the past 10 years will be changed with ABC, it changed with BTC and BSV too Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:42] "Bad Solutions Verified" Spoice, [18.10.20 02:42] that game-theory set of incentives Spoice, [18.10.20 02:43] why would I want to take a risk with any of those experiments when I gain 0? David B., [18.10.20 02:43] Better run bitcoin core 0.1 Spoice, [18.10.20 02:43] Nope, you're talking technical freezing of development, that's not what I am addressing Jingles, [18.10.20 02:43] [In reply to David B.] Thats the BTC chain though Phlip - Not giving away coins, [18.10.20 02:43] [In reply to Spoice] O please share with us your background in the subject. Or are you now just parroting others Spoice, [18.10.20 02:44] BSV wants to freeze the technical development and they want a stable protocol from an API/development perspective Spoice, [18.10.20 02:44] but from an incentive ruleset perspective, they already butchered the equilibrium Bitcoin had Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ], [18.10.20 02:44] [In reply to Phlip - Not giving away coins] That's one of those phrases, when you hear it you know they are just a parrot of someones propaganda. "MUH NASH EQUILIBRIUM!" David B., [18.10.20 02:44] Stable = bad? Jingles, [18.10.20 02:45] [In reply to Jc Crown [ I DON'T DM PEOPLE - DON'T GIVE ME MONEY! ]] I love you Spoice, [18.10.20 02:45] Philip, for an admin you are ought to be nicer, if you think I am parroting others you're free to think that, but to state it so bluntly in your position is just... wrong Spoice, [18.10.20 02:46] If you think the point I made is wrong, discuss it Phlip - Not giving away coins, [18.10.20 02:46] [In reply to Jingles] Maybe talk to him in DM about that?😉 Spoice, [18.10.20 02:46] not me Jingles, [18.10.20 02:46] [In reply to Phlip - Not giving away coins] working on it. Phlip - Not giving away coins, [18.10.20 02:46] [In reply to Spoice] I ought to be nicer...😂😂😂 Spoice, [18.10.20 02:47] Also, anyone who studied Bitcoin at length and its set of incentives and game-theory ruleset should know what a Nash Equilibrium is and who the players are in the Bitcoin game Phlip - Not giving away coins, [18.10.20 02:47] [In reply to Spoice] You state as fact. You get to dhow why your statements or opinions are even relevant. Spoice, [18.10.20 02:48] If it's not a fact, highlight how Spoice, [18.10.20 02:48] don't attack me Spoice, [18.10.20 02:48] prove me wrong Spoice, [18.10.20 02:48] if you fail that simple debate test David B., [18.10.20 02:48] How's that breakfast helping? Spoice, [18.10.20 02:48] you should rename from Janitor to Tyrant Jingles, [18.10.20 02:48] I'm still waiting to see the defined rules as per the wp Michael Nunzio, [18.10.20 02:49] [In reply to Spoice] Didn't know this was stand up comedy night in here. Michael Nunzio, [18.10.20 02:49] I missed the memo Phlip - Not giving away coins, [18.10.20 02:49] If I have to prove all idiots on the internet wrong I would have a hard time. You are starting to really waste everybody’s time. You state, you prove. Or you are just generating noise Phlip - Not giving away coins, [18.10.20 02:50] [In reply to Spoice] Be careful now. Michael Nunzio, [18.10.20 02:50] Noisy bugger. Phlip - Not giving away coins, [18.10.20 02:52] Getting close to just do some cleaning up. Spoice, [18.10.20 02:52] If you can't debate technical points I am making about Bitcoin Cash on a Bitcoin Cash Telegram, and within the span of 10 minutes you called me stupid, idiot, noisy and a parrot, you absolutely are a tyrant and I stand by my point: You should not be an admin here, nor anywhere actually. If you think I should be careful for the fear of you banning me, go ahead. You still fail to debate the simplest technical point and yet claim you can "but can't be bothered to". You remind me of that Thermos guy. Spoice, [18.10.20 02:53] How do people with 0 technical know how end up in these admin positions is beyond me Jingles, [18.10.20 02:53] I challenged your comments and you just changed the goal posts. Phlip - Not giving away coins, [18.10.20 02:53] [In reply to Spoice] Ok. You are not paying me and you are free to create noise elsewhere
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/ Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners? And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess. First, let's consider some principles of Bitcoin.
You the HODLer should be the one who controls where your money goes. Your keys, your coins.
You the HODLer should be able to coordinate and make contracts with other people regarding your funds.
You the HODLer should be able to do the above without anyone watching over your shoulder and judging you.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so). So, how does Taproot affect those principles?
Taproot and Your /Coins
Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash). (technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input). However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits! Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh? With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save! And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well! (P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1) Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service! So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win! (even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot) And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!
Taproot and Your Contracts
No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade. So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust. Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade. However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade. In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address. Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants). But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer). Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos). (technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).
Taproot and Your Contracts, Part 2: Cryptographic Boogaloo
Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code. This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded. And you can do that, with HTLCs, today. Of course, HTLCs do have problems:
Privacy. Everyone scraping the Bitcoin blockchain can see any HTLCs, and preimages used to claim them.
This can be mitigated by using offchain techniques so HTLCs are never published onchain in the happy case. Lightning would probably in practice be the easiest way to do this offchain. Of course, there are practical limits to what you can pay on Lightning. If you are buying something expensive, then Lightning might not be practical. For example, the "software" you are activating is really the firmware of a car, and what you are buying is not the software really but the car itself (with the activation of the car firmware being equivalent to getting the car keys).
Even offchain techniques need an onchain escape hatch in case of unresponsiveness! This means that, if something bad happens during payment, the HTLC might end up being published onchain anyway, revealing the fact that some special contract occurred.
And an HTLC that is claimed with a preimage onchain will also publicly reveal the preimage onchain. If that preimage is really the activation key of a software than it can now be pirated. If that preimage is really the activation key for your newly-bought cryptographic car --- well, not your keys, not your car!
Trust requirement. You are trusting the developer that it gives you the hash of an actual valid activation key, without any way to validate that the activation key hidden by the hash is actually valid.
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar". Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you. Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige). (Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key). So:
Privacy: PTLCs are private even if done onchain. Nobody else can learn what the private key behind the public key is, except you who knows the adaptor signature that when combined with the complete onchain signature lets you know what the private key of the activation key is. Somebody scraping the blockchain will not learn the same information even if all PTLCs are done onchain!
Lightning is still useful for reducing onchain use, and will also get PTLCs soon after Taproot is activated, but even if something bad happens and a PTLC has to go onchain, it doesn't reveal anything!
Trust issues can be proven more easily with a public-private keypair than with a hash-preimage pair.
For example, the developer of the software you are buying could provide a signature signing a message saying "unlock access to the full version for 1 day". You can check if feeding this message and signature to the program will indeed unlock full-version access for 1 day. Then you can check if the signature is valid for the purported pubkey whose private key you will pay for. If so, you can now believe that getting the private key (by paying for it in a PTLC) would let you generate any number of "unlock access to the full version for 1 day" message+signatures, which is equivalent to getting full access to the software indefinitely.
For the car, the manufacturer can show that signing a message "start the engine" and feeding the signature to the car's fimrware will indeed start the engine, and maybe even let you have a small test drive. You can then check if the signature is valid for the purported pubkey whose privkey you will pay for. If so, you can now believe that gaining knowledge of the privkey will let you start the car engine at any time you want.
(pedantry: the signatures need to be unique else they could be replayed, this can be done with a challenge-response sequence for the car, where the car gathers entropy somehow (it's a car, it probably has a bunch of sensors nowadays so it can get entropy for free) and uses the gathered entropy to challenge you to sign a random number and only start if you are able to sign the random number; for the software, it could record previous signatures somewhere in the developer's cloud server and refuse to run if you try to replay a previously-seen signature.)
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script. (technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)
Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable?? Well, in theory yes. In practice, they probably are not. It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash. When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key. So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key. (public keys should be public, that's why they're called public keys, LOL) And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions. So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort. Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers. For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
Current quantum computers can barely crack prime factorization problem for primes of 5 bits.
The 256-bit elliptic curve use by Bitcoin is, by my (possibly wrong) understanding, equivalent to 4096-bit primes, so you can see a pretty big gap between now (5 bit primes) and what is needed (4096 bit primes).
A lot of financial non-Bitcoin systems use the equivalent of 3072-bit primes or less, and are probably easier targets to crack than the equivalent-to-4096-bit-primes Bitcoin.
Quantum computers capable of cracking Bitcoin are still far off.
Pay-to-public-key-hash is not as protective as you might think.
We will probably see banks get cracked before Bitcoin, so the banking system is a useful canary-in-a-coal-mine to see whether we should panic about being quantum vulnerable.
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).
If you are a singlesig HODL-only Bitcoin user, Taproot will not affect you positively or negatively. Importantly: Taproot does no harm!
If you use or intend to use multisig, Taproot will be a positive for you.
If you transact onchain regularly using typical P2PKH/P2WPKH addresses, you get a minor reduction in feerates since multisig users will likely switch to Taproot to get smaller tx sizes, freeing up blockspace for yours.
If you are using multiparticipant setups for special systems of trade, Taproot will be a positive for you.
Remember: Lightning channels are multipartiicpiant setups for special systems of lightning-fast offchain trades!
I Wanna Be The Taprooter!
So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!
If you have developer experience especially in C, C++, or related languages
Review the Taproot code! There is one pull request in Bitcoin Core, and one in libsecp256k1. I deliberately am not putting links here, to avoid brigades of nontechnical but enthusiastic people leaving pointless reviews, but if you are qualified you know how to find them!
But I am not a cryptographeBitcoin Core contributomathematician/someone as awesome as Pieter Wuille
That's perfectly fine! The cryptographers have been over the code already and agree the math is right and the implementation is right. What is wanted is the dreary dreary dreary software engineering: are the comments comprehensive and understandable? no misspellings in the comments? variable names understandable? reasonable function naming convention? misleading coding style? off-by-one errors in loops? conditions not covered by tests? accidental mixups of variables with the same types? missing frees? read-before-init? better test coverage of suspicious-looking code? missing or mismatching header guards? portability issues? consistent coding style? you know, stuff any coder with a few years of experience in coding anything might be able to catch. With enough eyes all bugs are shallow!
If you are running a mining pool/mining operation/exchange/custodial service/SPV server
Be prepared to upgrade!
One of the typical issues with upgrading software is that subtle incompatibilities with your current custom programs tend to arise, disrupting operations and potentially losing income due to downtime. If so, consider moving to the two-node setup suggested by gmax, which is in the last section of my previous post. With this, you have an up-to-date "public" node and a fixed-version "private" node, with the public node protecting the private node from any invalid chainsplits or invalid transactions. Moving to this setup from a typical one-node setup should be smooth and should not disrupt operations (too much).
If you are running your own fullnode for fun or for your own wallet
Be prepared to upgrade! The more nodes validating the new rules (even if you are a non-mining node!), the safer every softfork will be!
If you are using an SPV wallet or custodial wallet/service (including hardware wallets using the software of the wallet provider)
Contact your wallet provider / SPV server and ask for a statement on whether they support Taproot, and whether they are prepared to upgrade for Taproot! Make it known to them that Taproot is something you want!
But I Hate Taproot!!
Raise your objections to Taproot now, or forever hold your peace! Maybe you can raise them here and some of the devs (probably nullc, he goes everywhere, even in rbtc!) might be able to see your objections! Or if your objections are very technical, head over to the appropriate pull request and object away!
Maybe you simply misunderstand something, and we can clarify it here!
Or maybe you do have a good objection, and we can make Taproot better by finding a solution for it!
Hey guys! We’re happy to have finally released the first production version of PayButton today! There’s still a lot more work to do but we wanted to get something out there that people can try so we can start getting some proper feedback. We’re also running a Flipstarter in an effort to speed up development as we think projects like PayButton are crucial for the success of Bitcoin Cash on the web. If you like what we've done so far and want to see more of it, you can check that out here: https://flipstarter.paybutton.org/. Under the hood, the project has been switched over to React/Preact with TypeScript. The goal here was to make it as lightweight and self-contained as possible while still being accessible to other developers who want to contribute to the project. Some of the new features include:
Option to create as an embedded widget, rather than having to click a button and it taking up the entire screen.
Customizable theme (default is now green).
Customizable hover animations.
Option to include as a React component.
The roadmap also has a lot to look forward to including the option to setup a goal / target for raising funds, optional open source server, transition from REST to SSE, auto-incrementing addresses with xpub keys, and more. For more information on the current roadmap, you can check both our Flipstarter and our GitHub issues to see what's coming. We’re still in the middle of rebuilding the website with new documentation but we’re hoping to have that live soon. The existing docs have been updated though so it'll work fine as a reference in the meantime. Until then, here’s some links that will be useful if you’re looking to set PayButton up on your own website, get involved, or just learn more:
Raoul Pal and Michael Saylor's Bitcoin vs Ethereum analysis is deeply flawed, and here is why.
Regarding the Bitcoin vs Ethereum narrative Allocating capital in Bitcoin but not in Ethereum is a bet that the planned road-map for Ethereum will not be successfully implemented and/or its economic properties will not function as designed once the final phase of ETH 2.0 goes live. The combination of PoS, sharding and EIP-1559 will allow for a monetary policy that can sustain the system with zero, possibly negative, issuance. Detailed explanations of how this is possible has been documented through numerous interviews and blogs with developers and pundits. We also must take into consideration that even if the issuance is above zero, the returns from staking Ether must be accounted to compare the long-term holding value proposition against something like Bitcoin. If the staking rewards provide ~3% annual returns and issuance is ~2% then the equivalent issuance for a PoW protocol would be ~-1% (this will never happen in the Bitcoin protocol). Addressing the claim that Ether is not money The narrative that Ether is not money because the Ethereum protocol is not designed to exclusively function as money is akin to saying that the Internet is not a good emailing system because it is not exclusively designed to transmit emails. This type of narrative is trying to restrict the definition of money by suggesting that its underlying protocol should not have functionality that extends beyond the conventional way we think of it. The reality is that Ethereum is much better suited for a digital economy - Ether is its native monetary asset. The ability to issue other forms of digital assets and execute computer logic in a trustless unified system with a natively defined monetary asset encompasses all the fundamental building blocks of a future digital economy. This is a future where monetary, financial and information systems can take advantage of the inclusiveness, permissionless and trustless aspects that are central to the Bitcoin value proposition. The Ethereum protocol is designed to do a lot of wonderful things, but it costs money to operate the network and that cost must be covered by something of value that can be easily liquidated or exchanged into other things of value.... otherwise known as money. The idea that Ether is more akin to oil than gold/money just because the price metric for computations is called "gas" falls apart under scrutiny. Ether is strictly used as a monetary incentive. It is not magically burned to propel a fictitious machine that runs the network... the computers that run the Ethereum network run under the same physical principles from the ones of Bitcoin - they consume energy and someone has to pay for it. It just so happens that the monetary rewards and cost of transactions operating the Ethereum network are done exclusively in Ether, and therefore it serves as a monetary base. In addition, Ether has been used as the monetary base for the acquisition of other digital assets during their ICO phase. Lastly, Paypal has revealed they will be including Ether as a means of payment for online merchants. Saying that Ether is not money is like saying the sky isn't blue. Additional thoughts
The combination of staking, EIP-1559 and sharding will allow ETH to reduce issuance ahead of Bitcoin's schedule. It is very likely going to allow for sustainable zero issuance which is something that is still up in the air for Bitcoin.
The switch from PoW to PoS will dramatically reduce the operational cost of the network while incentivizing ownership of Ether. The reduction in operational cost is a huge factor contributing to a sustainable monetary policy.
The true soundness of Ether as a store of wealth needs to account for the returns from staking. That means that even if the nominal issuance remained higher than Bitcoin, it could still a better investment when you account for the staking returns.
Ethereum can operate as an entire financial system. It allows for issuance of new tokens and it can operate autonomously as a digital assets exchange... so that means that it can be an exchange for tokenized FIAT currencies, cryptocurrencies, tokenized securities and commodities. Think of a global market for stocks, commodities, future contracts and derivatives.
The integration with digital assets is done natively in one network. Ethereum serves as a native monetary asset with sound properties. Tokenized bitcoins would not only significantly reduce security (value would be lost if EITHER network is compromised) it also makes little sense if Ethereum's soundness (staking - issuance) is superior to Bitcoin.
There are a gazillion more use cases for Ethereum that would benefit from having a natively defined monetary asset.
Ultimately Bitcoin might serve as digital gold as a hedge against Ethereum. So they can coexist, but they are still competing with each other in terms of building value. Every investor who is getting into cryptocurrencies should be asking what assets to buy and why. Money allocated to Bitcoin cannot be allocated to Ethereum and vice-versa.
Taproot, CoinJoins, and Cross-Input Signature Aggregation
It is a very common misconception that the upcoming Taproot upgrade helps CoinJoin. TLDR: The upcoming Taproot upgrade does not help equal-valued CoinJoin at all, though it potentially increases the privacy of other protocols, such as the Lightning Network, and escrow contract schemes. If you want to learn more, read on!
Let's start with equal-valued CoinJoins, the type JoinMarket and Wasabi use. What happens is that some number of participants agree on some common value all of them use. With JoinMarket the taker defines this value and pays the makers to agree to it, with Wasabi the server defines a value approximately 0.1 BTC. Then, each participant provides inputs that they unilaterally control, totaling equal or greater than the common value. Typically since each input is unilaterally controlled, each input just requires a singlesig. Each participant also provides up to two addresses they control: one of these will be paid with the common value, while the other will be used for any extra value in the inputs they provided (i.e. the change output). The participants then make a single transaction that spends all the provided inputs and pays out to the appropriate outputs. The inputs and outputs are shuffled in some secure manner. Then the unsigned transaction is distributed back to all participants. Finally, each participant checks that the transaction spends the inputs it provided (and more importantly does not spend any other coins it might own that it did not provide for this CoinJoin!) and that the transaction pays out to the appropriate address(es) it controls. Once they have validated the transaction, they ratify it by signing for each of the inputs it provided. Once every participant has provided signatures for all inputs it registered, the transaction is now completely signed and the CoinJoin transaction is now validly confirmable. CoinJoin is a very simple and direct privacy boost, it requires no SCRIPTs, needs only singlesig, etc.
Let's say we have two participants who have agreed on a common amount of 0.1 BTC. One provides a 0.105 coin as input, the other provides a 0.114 coin as input. This results in a CoinJoin with a 0.105 coin and a 0.114 coin as input, and outputs with 0.1, 0.005, 0.014, and 0.1 BTC. Now obviously the 0.005 output came from the 0.105 input, and the 0.014 output came from the 0.114 input. But the two 0.1 BTC outputs cannot be correlated with either input! There is no correlating information, since either output could have come from either input. That is how common CoinJoin implementations like Wasabi and JoinMarket gain privacy.
Unfortunately, large-scale CoinJoins like that made by Wasabi and JoinMarket are very obvious. All you have to do is look for a transactions where, say, more than 3 outputs are the same equal value, and the number of inputs is equal or larger than the number of equal-valued outputs. Thus, it is trivial to identify equal-valued CoinJoins made by Wasabi and JoinMarket. You can even trivially differentiate them: Wasabi equal-valued CoinJoins are going to have a hundred or more inputs, with outputs that are in units of approximately 0.1 BTC, while JoinMarket CoinJoins have equal-valued outputs of less than a dozen (between 4 to 6 usually) and with the common value varying wildly from as low as 0.001 BTC to as high as a dozen BTC or more. This has led to a number of anti-privacy exchanges to refuse to credit custodially-held accounts if the incoming deposit is within a few hops of an equal-valued CoinJoin, usually citing concerns about regulations. Crucially, the exchange continues to hold private keys for those "banned" deposits, and can still spend them, thus this is effectively a theft. If your exchange does this to you, you should report that exchange as stealing money from its customers. Not your keys not your coins. Thus, CoinJoins represent a privacy tradeoff:
It's very hard for everyone else to determine which output belongs to which input.
It's obvious to everyone else that the output was involved in a mixing operation.
Let's now briefly discuss that nice new shiny thing called Taproot. Taproot includes two components:
The use of Schnorr-based signature scheme, with multisignature support. Spending from a Schnorr pubkey is called a "keypath spend".
The ability to secretly commit to a set of scripts, one of which can be revealed later and its inputs provided correctly in order to spend the coin. Spending via a hidden script is called a "scriptpath spend".
This has some nice properties:
Direct multisignature support means all multisignature uses look the same. In current Bitcoin, a 2-of-2 "multisignature" is really a script which demands that two signatures be provided, from 2 different pre-specified public keys. To a cryptographer, the strict definition of multisignature is that this is a single signature that is cooperatively created by multiple parties.
A typical minimal "multisig" setup would be a 2-of-3, because that lets you lose one signing device while still being able to keep access to your money, and still providing an increase in security relative to a singlesig, since a 2-of-3 requires that potential thieves abscond with at least two signing devices. In current Bitcoin, a 2-of-3 is a SCRIPT containing 3 public keys, requiring that two signatures from those three public keys be provided.
But a Lightning Network channel has exactly two participants. Thus, it uses a 2-of-2, and is a SCRIPT containing 2 public keys, requiring that two signatures from those public keys be provided. If you look for 2-of-2 spends on the blockchain after Lightning became cool, the chances are very good that a random 2-of-2 spend is a Lightning Network channel being closed, because there are hardly ever any other uses of 2-of-2.
Just from there, you can easily differentiate the most common HODLer multisig of 2-of-3 (SCRIPT contains 3 pubkeys) from the Lightning channel 2-of-2 (SCRIPT contains 2 pubkeys).
Fortunately, with Taproot, 2-of-3 and 2-of-2 (and any arbitrary k-of-n) can look exactly the same, because Schnorr allows for the cryptographer's strict definition of "multisignature": a single signature cooperatively created by multiple parties.
Complex SCRIPTs, like HTLCs, can be hidden in a Taproot output.
For example, the output can have a keyspend branch that is a n-of-n of all participants, with hidden SCRIPTs that encode the conditions under which the output can be spent
The hidden SCRIPTs ensure that the protocol is followed. If one of the participants drops from the protocol, the rest can reveal the hidden SCRIPTs and follow their conditions.
If everyone follows the protocol correctly, and agrees to the result, they can all cooperatively sign with the keyspend n-of-n. They can just all agree on what the result of the SCRIPTs would be, and sign a transaction that performs that, without revealing any SCRIPTs. Since all of them agreed on the result, nobody should complain (if one of them believes the result is not correct, they can just refuse to sign and force everyone else to publish the SCRIPTs onchain).
If everyone agrees, they get privacy: none of the SCRIPTs they were following ever get published onchain, and it looks like every other multisignature spend.
Taproot DOES NOT HELP CoinJoin
So let's review! CoinJoin:
CoinJoin inputs are singlesig
There are no SCRIPTs involved in CoinJoin.
Improves multisig privacy.
Improves SCRIPT privacy.
There is absolutely no overlap. Taproot helps things that CoinJoin does not use. CoinJoin uses things that Taproot does not improve.
B-but They Said!!
A lot of early reporting on Taproot claimed that Taproot benefits CoinJoin. What they are confusing is that earlier drafts of Taproot included a feature called cross-input signature aggregation. In current Bitcoin, every input, to be spent, has to be signed individually. With cross-input signature aggregation, all inputs that support this feature are signed with a single signature that covers all those inputs. So for example if you would spend two inputs, current Bitcoin requires a signature for each input, but with cross-input signature aggregation you can sign both of them with a single signature. This works even if the inputs have different public keys: two inputs with cross-input signature aggregation effectively define a 2-of-2 public key, and you can only sign for that input if you know the private keys for both inputs, or if you are cooperatively signing with somebody who knows the private key of the other input. This helps CoinJoin costs. Since CoinJoins will have lots of inputs (each participant will provide at least one, and probably will provide more, and larger participant sets are better for more privacy in CoinJoin), if all of them enabled cross-input signature aggregation, such large CoinJoins can have only a single signature. This complicates the signing process for CoinJoins (the signers now have to sign cooperatively) but it can be well worth it for the reduced signature size and onchain cost. But note that the while cross-input signature aggregation improves the cost of CoinJoins, it does not improve the privacy! Equal-valued CoinJoins are still obvious and still readily bannable by privacy-hating exchanges. It does not improve the privacy of CoinJoin. Instead, see https://old.reddit.com/Bitcoin/comments/gqb3udesign_for_a_coinswap_implementation_fo
Why isn't cross-input signature aggregation in?
There's some fairly complex technical reasons why cross-input signature aggregation isn't in right now in the current Taproot proposal. The primary reason was to reduce the technical complexity of Taproot, in the hope that it would be easier to convince users to activate (while support for Taproot is quite high, developers have become wary of being hopeful that new proposals will ever activate, given the previous difficulties with SegWit). The main technical complexity here is that it interacts with future ways to extend Bitcoin. The rest of this writeup assumes you already know about how Bitcoin SCRIPT works. If you don't understand how Bitcoin SCRIPT works at the low-level, then the TLDR is that cross-input signature aggregation complicates how to extend Bitcoin in the future, so it was deferred to let the develoeprs think more about it. (this is how I understand it; perhaps pwuille or ajtowns can give a better summary.) In detail, Taproot also introduces OP_SUCCESS opcodes. If you know about the OP_NOP opcodes already defined in current Bitcoin, well, OP_SUCCESS is basically "OP_NOP done right". Now, OP_NOP is a do-nothing operation. It can be replaced in future versions of Bitcoin by having that operation check some condition, and then fail if the condition is not satisfied. For example, both OP_CHECKLOCKTIMEVERIFY and OP_CHECKSEQUENCEVERIFY were previously OP_NOP opcodes. Older nodes will see an OP_CHECKLOCKTIMEVERIFY and think it does nothing, but newer nodes will check if the nLockTime field has a correct specified value, and fail if the condition is not satisfied. Since most of the nodes on the network are using much newer versions of the node software, older nodes are protected from miners who try to misspend any OP_CHECKLOCKTIMEVERIFY/OP_CHECKSEQUENCEVERIFY, and those older nodes will still remain capable of synching with the rest of the network: a dedication to strict backward-compatibility necessary for a consensus system. Softforks basically mean that a script that passes in the latest version must also be passing in all older versions. A script cannot be passing in newer versions but failing in older versions, because that would kick older nodes off the network (i.e. it would be a hardfork). But OP_NOP is a very restricted way of adding opcodes. Opcodes that replace OP_NOP can only do one thing: check if some condition is true. They can't push new data on the stack, they can't pop items off the stack. For example, suppose instead of OP_CHECKLOCKTIMEVERIFY, we had added a OP_GETBLOCKHEIGHT opcode. This opcode would push the height of the blockchain on the stack. If this command replaced an older OP_NOP opcode, then a script like OP_GETBLOCKHEIGHT 650000 OP_EQUAL might pass in some future Bitcoin version, but older versions would see OP_NOP 650000 OP_EQUAL, which would fail because OP_EQUAL expects two items on the stack. So older versions will fail a SCRIPT that newer versions will pass, which is a hardfork and thus a backwards incompatibility. OP_SUCCESS is different. Instead, old nodes, when parsing the SCRIPT, will see OP_SUCCESS, and, without executing the body, will consider the SCRIPT as passing. So, the OP_GETBLOCKHEIGHT 650000 OP_EQUAL example will now work: a future version of Bitcoin might pass it, and existing nodes that don't understand OP_GETBLOCKHEIGHT will se OP_SUCCESS 650000 OP_EQUAL, and will not execute the SCRIPT at all, instead passing it immediately. So a SCRIPT that might pass in newer versions will pass for older versions, which keeps the back-compatibility consensus that a softfork needs. So how does OP_SUCCESS make things difficult for cross-input signatur aggregation? Well, one of the ways to ask for a signature to be verified is via the opcodes OP_CHECKSIGVERIFY. With cross-input signature aggregation, if a public key indicates it can be used for cross-input signature aggregation, instead of OP_CHECKSIGVERIFY actually requiring the signature on the stack, the stack will contain a dummy 0 value for the signature, and the public key is instead added to a "sum" public key (i.e. an n-of-n that is dynamically extended by one more pubkey for each OP_CHECKSIGVERIFY operation that executes) for the single signature that is verified later by the cross-input signature aggregation validation algorithm00. The important part here is that the OP_CHECKSIGVERIFY has to execute, in order to add its public key to the set of public keys to be checked in the single signature. But remember that an OP_SUCCESS prevents execution! As soon as the SCRIPT is parsed, if any opcode is OP_SUCCESS, that is considered as passing, without actually executing the SCRIPT, because the OP_SUCCESS could mean something completely different in newer versions and current versions should assume nothing about what it means. If the SCRIPT contains some OP_CHECKSIGVERIFY command in addition to an OP_SUCCESS, that command is not executed by current versions, and thus they cannot add any public keys given by OP_CHECKSIGVERIFY. Future versions also have to accept that: if they parsed an OP_SUCCESS command that has a new meaning in the future, and then execute an OP_CHECKSIGVERIFY in that SCRIPT, they cannot add the public key into the same "sum" public key that older nodes use, because older nodes cannot see them. This means that you might need more than one signature in the future, in the presence of an opcode that replaces some OP_SUCCESS. Thus, because of the complexity of making cross-input signature aggregation work compatibly with future extensions to the protocol, cross-input signature aggregation was deferred.
Cosmos is a heterogeneous network of many independent parallel blockchains, each powered by classical BFT consensus algorithms like Tendermint. Developers can easily build custom application specific blockchains, called Zones, through the Cosmos SDK framework. These Zones connect to Hubs, which are specifically designed to connect zones together. The vision of Cosmos is to have thousands of Zones and Hubs that are Interoperable through the Inter-Blockchain Communication Protocol (IBC). Cosmos can also connect to other systems through peg zones, which are specifically designed zones that each are custom made to interact with another ecosystem such as Ethereum and Bitcoin. Cosmos does not use Sharding with each Zone and Hub being sovereign with their own validator set. For a more in-depth look at Cosmos and provide more reference to points made in this article, please see my three part series — Part One, Part Two, Part Three (There's a youtube video with a quick video overview of Cosmos on the medium article - https://medium.com/ava-hub/comparison-between-avalanche-cosmos-and-polkadot-a2a98f46c03b)
Polkadot is a heterogeneous blockchain protocol that connects multiple specialised blockchains into one unified network. It achieves scalability through a sharding infrastructure with multiple blockchains running in parallel, called parachains, that connect to a central chain called the Relay Chain. Developers can easily build custom application specific parachains through the Substrate development framework. The relay chain validates the state transition of connected parachains, providing shared state across the entire ecosystem. If the Relay Chain must revert for any reason, then all of the parachains would also revert. This is to ensure that the validity of the entire system can persist, and no individual part is corruptible. The shared state makes it so that the trust assumptions when using parachains are only those of the Relay Chain validator set, and no other. Interoperability is enabled between parachains through Cross-Chain Message Passing (XCMP) protocol and is also possible to connect to other systems through bridges, which are specifically designed parachains or parathreads that each are custom made to interact with another ecosystem such as Ethereum and Bitcoin. The hope is to have 100 parachains connect to the relay chain. For a more in-depth look at Polkadot and provide more reference to points made in this article, please see my three part series — Part One, Part Two, Part Three (There's a youtube video with a quick video overview of Polkadot on the medium article - https://medium.com/ava-hub/comparison-between-avalanche-cosmos-and-polkadot-a2a98f46c03b)
Avalanche is a platform of platforms, ultimately consisting of thousands of subnets to form a heterogeneous interoperable network of many blockchains, that takes advantage of the revolutionary Avalanche Consensus protocols to provide a secure, globally distributed, interoperable and trustless framework offering unprecedented decentralisation whilst being able to comply with regulatory requirements. Avalanche allows anyone to create their own tailor-made application specific blockchains, supporting multiple custom virtual machines such as EVM and WASM and written in popular languages like Go (with others coming in the future) rather than lightly used, poorly-understood languages like Solidity. This virtual machine can then be deployed on a custom blockchain network, called a subnet, which consist of a dynamic set of validators working together to achieve consensus on the state of a set of many blockchains where complex rulesets can be configured to meet regulatory compliance. Avalanche was built with serving financial markets in mind. It has native support for easily creating and trading digital smart assets with complex custom rule sets that define how the asset is handled and traded to ensure regulatory compliance can be met. Interoperability is enabled between blockchains within a subnet as well as between subnets. Like Cosmos and Polkadot, Avalanche is also able to connect to other systems through bridges, through custom virtual machines made to interact with another ecosystem such as Ethereum and Bitcoin. For a more in-depth look at Avalanche and provide more reference to points made in this article, please see here and here (There's a youtube video with a quick video overview of Avalanche on the medium article - https://medium.com/ava-hub/comparison-between-avalanche-cosmos-and-polkadot-a2a98f46c03b)
Comparison between Cosmos, Polkadot and Avalanche
A frequent question I see being asked is how Cosmos, Polkadot and Avalanche compare? Whilst there are similarities there are also a lot of differences. This article is not intended to be an extensive in-depth list, but rather an overview based on some of the criteria that I feel are most important. For a more in-depth view I recommend reading the articles for each of the projects linked above and coming to your own conclusions. I want to stress that it’s not a case of one platform being the killer of all other platforms, far from it. There won’t be one platform to rule them all, and too often the tribalism has plagued this space. Blockchains are going to completely revolutionise most industries and have a profound effect on the world we know today. It’s still very early in this space with most adoption limited to speculation and trading mainly due to the limitations of Blockchain and current iteration of Ethereum, which all three of these platforms hope to address. For those who just want a quick summary see the image at the bottom of the article. With that said let’s have a look
Each Zone and Hub in Cosmos is capable of up to around 1000 transactions per second with bandwidth being the bottleneck in consensus. Cosmos aims to have thousands of Zones and Hubs all connected through IBC. There is no limit on the number of Zones / Hubs that can be created
Parachains in Polkadot are also capable of up to around 1500 transactions per second. A portion of the parachain slots on the Relay Chain will be designated as part of the parathread pool, the performance of a parachain is split between many parathreads offering lower performance and compete amongst themselves in a per-block auction to have their transactions included in the next relay chain block. The number of parachains is limited by the number of validators on the relay chain, they hope to be able to achieve 100 parachains.
Avalanche is capable of around 4500 transactions per second per subnet, this is based on modest hardware requirements to ensure maximum decentralisation of just 2 CPU cores and 4 GB of Memory and with a validator size of over 2,000 nodes. Performance is CPU-bound and if higher performance is required then more specialised subnets can be created with higher minimum requirements to be able to achieve 10,000 tps+ in a subnet. Avalanche aims to have thousands of subnets (each with multiple virtual machines / blockchains) all interoperable with each other. There is no limit on the number of Subnets that can be created.
All three platforms offer vastly superior performance to the likes of Bitcoin and Ethereum 1.0. Avalanche with its higher transactions per second, no limit on the number of subnets / blockchains that can be created and the consensus can scale to potentially millions of validators all participating in consensus scores ✅✅✅. Polkadot claims to offer more tps than cosmos, but is limited to the number of parachains (around 100) whereas with Cosmos there is no limit on the number of hubs / zones that can be created. Cosmos is limited to a fairly small validator size of around 200 before performance degrades whereas Polkadot hopes to be able to reach 1000 validators in the relay chain (albeit only a small number of validators are assigned to each parachain). Thus Cosmos and Polkadot scores ✅✅ https://preview.redd.it/2o0brllyvpq51.png?width=1000&format=png&auto=webp&s=8f62bb696ecaafcf6184da005d5fe0129d504518
Tendermint consensus is limited to around 200 validators before performance starts to degrade. Whilst there is the Cosmos Hub it is one of many hubs in the network and there is no central hub or limit on the number of zones / hubs that can be created.
Polkadot has 1000 validators in the relay chain and these are split up into a small number that validate each parachain (minimum of 14). The relay chain is a central point of failure as all parachains connect to it and the number of parachains is limited depending on the number of validators (they hope to achieve 100 parachains). Due to the limited number of parachain slots available, significant sums of DOT will need to be purchased to win an auction to lease the slot for up to 24 months at a time. Thus likely to lead to only those with enough funds to secure a parachain slot. Parathreads are however an alternative for those that require less and more varied performance for those that can’t secure a parachain slot.
Avalanche consensus scan scale to tens of thousands of validators, even potentially millions of validators all participating in consensus through repeated sub-sampling. The more validators, the faster the network becomes as the load is split between them. There are modest hardware requirements so anyone can run a node and there is no limit on the number of subnets / virtual machines that can be created.
Avalanche offers unparalleled decentralisation using its revolutionary consensus protocols that can scale to millions of validators all participating in consensus at the same time. There is no limit to the number of subnets and virtual machines that can be created, and they can be created by anyone for a small fee, it scores ✅✅✅. Cosmos is limited to 200 validators but no limit on the number of zones / hubs that can be created, which anyone can create and scores ✅✅. Polkadot hopes to accommodate 1000 validators in the relay chain (albeit these are split amongst each of the parachains). The number of parachains is limited and maybe cost prohibitive for many and the relay chain is a ultimately a single point of failure. Whilst definitely not saying it’s centralised and it is more decentralised than many others, just in comparison between the three, it scores ✅ https://preview.redd.it/ckfamee0wpq51.png?width=1000&format=png&auto=webp&s=c4355f145d821fabf7785e238dbc96a5f5ce2846
Tendermint consensus used in Cosmos reaches finality within 6 seconds. Cosmos consists of many Zones and Hubs that connect to each other. Communication between 2 zones could pass through many hubs along the way, thus also can contribute to latency times depending on the path taken as explained in part two of the articles on Cosmos. It doesn’t need to wait for an extended period of time with risk of rollbacks.
Polkadot provides a Hybrid consensus protocol consisting of Block producing protocol, BABE, and then a finality gadget called GRANDPA that works to agree on a chain, out of many possible forks, by following some simpler fork choice rule. Rather than voting on every block, instead it reaches agreements on chains. As soon as more than 2/3 of validators attest to a chain containing a certain block, all blocks leading up to that one are finalized at once. If an invalid block is detected after it has been finalised then the relay chain would need to be reverted along with every parachain. This is particularly important when connecting to external blockchains as those don’t share the state of the relay chain and thus can’t be rolled back. The longer the time period, the more secure the network is, as there is more time for additional checks to be performed and reported but at the expense of finality. Finality is reached within 60 seconds between parachains but for external ecosystems like Ethereum their state obviously can’t be rolled back like a parachain and so finality will need to be much longer (60 minutes was suggested in the whitepaper) and discussed in more detail in part three
Avalanche consensus achieves finality within 3 seconds, with most happening sub 1 second, immutable and completely irreversible. Any subnet can connect directly to another without having to go through multiple hops and any VM can talk to another VM within the same subnet as well as external subnets. It doesn’t need to wait for an extended period of time with risk of rollbacks.
With regards to performance far too much emphasis is just put on tps as a metric, the other equally important metric, if not more important with regards to finance is latency. Throughput measures the amount of data at any given time that it can handle whereas latency is the amount of time it takes to perform an action. It’s pointless saying you can process more transactions per second than VISA when it takes 60 seconds for a transaction to complete. Low latency also greatly increases general usability and customer satisfaction, nowadays everyone expects card payments, online payments to happen instantly. Avalanche achieves the best results scoring ✅✅✅, Cosmos with comes in second with 6 second finality ✅✅ and Polkadot with 60 second finality (which may be 60 minutes for external blockchains) scores ✅ https://preview.redd.it/kzup5x42wpq51.png?width=1000&format=png&auto=webp&s=320eb4c25dc4fc0f443a7a2f7ff09567871648cd
Every Zone and Hub in Cosmos has their own validator set and different trust assumptions. Cosmos are researching a shared security model where a Hub can validate the state of connected zones for a fee but not released yet. Once available this will make shared security optional rather than mandatory.
Shared Security is mandatory with Polkadot which uses a Shared State infrastructure between the Relay Chain and all of the connected parachains. If the Relay Chain must revert for any reason, then all of the parachains would also revert. Every parachain makes the same trust assumptions, and as such the relay chain validates state transition and enables seamless interoperability between them. In return for this benefit, they have to purchase DOT and win an auction for one of the available parachain slots. However, parachains can’t just rely on the relay chain for their security, they will also need to implement censorship resistance measures and utilise proof of work / proof of stake for each parachain as well as discussed in part three, thus parachains can’t just rely on the security of the relay chain, they need to ensure sybil resistance mechanisms using POW and POS are implemented on the parachain as well.
A subnet in Avalanche consists of a dynamic set of validators working together to achieve consensus on the state of a set of many blockchains where complex rulesets can be configured to meet regulatory compliance. So unlike in Cosmos where each zone / hub has their own validators, A subnet can validate a single or many virtual machines / blockchains with a single validator set. Shared security is optional
Shared security is mandatory in polkadot and a key design decision in its infrastructure. The relay chain validates the state transition of all connected parachains and thus scores ✅✅✅. Subnets in Avalanche can validate state of either a single or many virtual machines. Each subnet can have their own token and shares a validator set, where complex rulesets can be configured to meet regulatory compliance. It scores ✅ ✅. Every Zone and Hub in cosmos has their own validator set / token but research is underway to have the hub validate the state transition of connected zones, but as this is still early in the research phase scores ✅ for now. https://preview.redd.it/pbgyk3o3wpq51.png?width=1000&format=png&auto=webp&s=61c18e12932a250f5633c40633810d0f64520575
The Cosmos project started in 2016 with an ICO held in April 2017. There are currently around 50 projects building on the Cosmos SDK with a full list can be seen here and filtering for Cosmos SDK . Not all of the projects will necessarily connect using native cosmos sdk and IBC and some have forked parts of the Cosmos SDK and utilise the tendermint consensus such as Binance Chain but have said they will connect in the future.
The Polkadot project started in 2016 with an ICO held in October 2017. There are currently around 70 projects building on Substrate and a full list can be seen here and filtering for Substrate Based. Like with Cosmos not all projects built using substrate will necessarily connect to Polkadot and parachains or parathreads aren’t currently implemented in either the Live or Test network (Kusama) as of the time of this writing.
Avalanche in comparison started much later with Ava Labs being founded in 2018. Avalanche held it’s ICO in July 2020. Due to lot shorter time it has been in development, the number of projects confirmed are smaller with around 14 projects currently building on Avalanche. Due to the customisability of the platform though, many virtual machines can be used within a subnet making the process incredibly easy to port projects over. As an example, it will launch with the Ethereum Virtual Machine which enables byte for byte compatibility and all the tooling like Metamask, Truffle etc. will work, so projects can easily move over to benefit from the performance, decentralisation and low gas fees offered. In the future Cosmos and Substrate virtual machines could be implemented on Avalanche.
Whilst it’s still early for all 3 projects (and the entire blockchain space as a whole), there is currently more projects confirmed to be building on Cosmos and Polkadot, mostly due to their longer time in development. Whilst Cosmos has fewer projects, zones are implemented compared to Polkadot which doesn’t currently have parachains. IBC to connect zones and hubs together is due to launch Q2 2021, thus both score ✅✅✅. Avalanche has been in development for a lot shorter time period, but is launching with an impressive feature set right from the start with ability to create subnets, VMs, assets, NFTs, permissioned and permissionless blockchains, cross chain atomic swaps within a subnet, smart contracts, bridge to Ethereum etc. Applications can easily port over from other platforms and use all the existing tooling such as Metamask / Truffle etc but benefit from the performance, decentralisation and low gas fees offered. Currently though just based on the number of projects in comparison it scores ✅. https://preview.redd.it/4zpi6s85wpq51.png?width=1000&format=png&auto=webp&s=e91ade1a86a5d50f4976f3b23a46e9287b08e373
Cosmos enables permissioned and permissionless zones which can connect to each other with the ability to have full control over who validates the blockchain. For permissionless zones each zone / hub can have their own token and they are in control who validates.
With polkadot the state transition is performed by a small randomly selected assigned group of validators from the relay chain plus with the possibility that state is rolled back if an invalid transaction of any of the other parachains is found. This may pose a problem for enterprises that need complete control over who performs validation for regulatory reasons. In addition due to the limited number of parachain slots available Enterprises would have to acquire and lock up large amounts of a highly volatile asset (DOT) and have the possibility that they are outbid in future auctions and find they no longer can have their parachain validated and parathreads don’t provide the guaranteed performance requirements for the application to function.
Avalanche enables permissioned and permissionless subnets and complex rulesets can be configured to meet regulatory compliance. For example a subnet can be created where its mandatory that all validators are from a certain legal jurisdiction, or they hold a specific license and regulated by the SEC etc. Subnets are also able to scale to tens of thousands of validators, and even potentially millions of nodes, all participating in consensus so every enterprise can run their own node rather than only a small amount. Enterprises don’t have to hold large amounts of a highly volatile asset, but instead pay a fee in AVAX for the creation of the subnets and blockchains which is burnt.
Avalanche provides the customisability to run private permissioned blockchains as well as permissionless where the enterprise is in control over who validates the blockchain, with the ability to use complex rulesets to meet regulatory compliance, thus scores ✅✅✅. Cosmos is also able to run permissioned and permissionless zones / hubs so enterprises have full control over who validates a blockchain and scores ✅✅. Polkadot requires locking up large amounts of a highly volatile asset with the possibility of being outbid by competitors and being unable to run the application if the guaranteed performance is required and having to migrate away. The relay chain validates the state transition and can roll back the parachain should an invalid block be detected on another parachain, thus scores ✅. https://preview.redd.it/li5jy6u6wpq51.png?width=1000&format=png&auto=webp&s=e2a95f1f88e5efbcf9e23c789ae0f002c8eb73fc
Cosmos will connect Hubs and Zones together through its IBC protocol (due to release in Q1 2020). Connecting to blockchains outside of the Cosmos ecosystem would either require the connected blockchain to fork their code to implement IBC or more likely a custom “Peg Zone” will be created specific to work with a particular blockchain it’s trying to bridge to such as Ethereum etc. Each Zone and Hub has different trust levels and connectivity between 2 zones can have different trust depending on which path it takes (this is discussed more in this article). Finality time is low at 6 seconds, but depending on the number of hops, this can increase significantly.
Polkadot’s shared state means each parachain that connects shares the same trust assumptions, of the relay chain validators and that if one blockchain needs to be reverted, all of them will need to be reverted. Interoperability is enabled between parachains through Cross-Chain Message Passing (XCMP) protocol and is also possible to connect to other systems through bridges, which are specifically designed parachains or parathreads that each are custom made to interact with another ecosystem such as Ethereum and Bitcoin. Finality time between parachains is around 60 seconds, but longer will be needed (initial figures of 60 minutes in the whitepaper) for connecting to external blockchains. Thus limiting the appeal of connecting two external ecosystems together through Polkadot. Polkadot is also limited in the number of Parachain slots available, thus limiting the amount of blockchains that can be bridged. Parathreads could be used for lower performance bridges, but the speed of future blockchains is only going to increase.
A subnet can validate multiple virtual machines / blockchains and all blockchains within a subnet share the same trust assumptions / validator set, enabling cross chain interoperability. Interoperability is also possible between any other subnet, with the hope Avalanche will consist of thousands of subnets. Each subnet may have a different trust level, but as the primary network consists of all validators then this can be used as a source of trust if required. As Avalanche supports many virtual machines, bridges to other ecosystems are created by running the connected virtual machine. There will be an Ethereum bridge using the EVM shortly after mainnet. Finality time is much faster at sub 3 seconds (with most happening under 1 second) with no chance of rolling back so more appealing when connecting to external blockchains.
All 3 systems are able to perform interoperability within their ecosystem and transfer assets as well as data, as well as use bridges to connect to external blockchains. Cosmos has different trust levels between its zones and hubs and can create issues depending on which path it takes and additional latency added. Polkadot provides the same trust assumptions for all connected parachains but has long finality and limited number of parachain slots available. Avalanche provides the same trust assumptions for all blockchains within a subnet, and different trust levels between subnets. However due to the primary network consisting of all validators it can be used for trust. Avalanche also has a much faster finality time with no limitation on the number of blockchains / subnets / bridges that can be created. Overall all three blockchains excel with interoperability within their ecosystem and each score ✅✅. https://preview.redd.it/ai0bkbq8wpq51.png?width=1000&format=png&auto=webp&s=3e85ee6a3c4670f388ccea00b0c906c3fb51e415
The ATOM token is the native token for the Cosmos Hub. It is commonly mistaken by people that think it’s the token used throughout the cosmos ecosystem, whereas it’s just used for one of many hubs in Cosmos, each with their own token. Currently ATOM has little utility as IBC isn’t released and has no connections to other zones / hubs. Once IBC is released zones may prefer to connect to a different hub instead and so ATOM is not used. ATOM isn’t a fixed capped supply token and supply will continuously increase with a yearly inflation of around 10% depending on the % staked. The current market cap for ATOM as of the time of this writing is $1 Billion with 203 million circulating supply. Rewards can be earnt through staking to offset the dilution caused by inflation. Delegators can also get slashed and lose a portion of their ATOM should the validator misbehave.
Polkadot’s native token is DOT and it’s used to secure the Relay Chain. Each parachain needs to acquire sufficient DOT to win an auction on an available parachain lease period of up to 24 months at a time. Parathreads have a fixed fee for registration that would realistically be much lower than the cost of acquiring a parachain slot and compete with other parathreads in a per-block auction to have their transactions included in the next relay chain block. DOT isn’t a fixed capped supply token and supply will continuously increase with a yearly inflation of around 10% depending on the % staked. The current market cap for DOT as of the time of this writing is $4.4 Billion with 852 million circulating supply. Delegators can also get slashed and lose their DOT (potentially 100% of their DOT for serious attacks) should the validator misbehave.
AVAX is the native token for the primary network in Avalanche. Every validator of any subnet also has to validate the primary network and stake a minimum of 2000 AVAX. There is no limit to the number of validators like other consensus methods then this can cater for tens of thousands even potentially millions of validators. As every validator validates the primary network, this can be a source of trust for interoperability between subnets as well as connecting to other ecosystems, thus increasing amount of transaction fees of AVAX. There is no slashing in Avalanche, so there is no risk to lose your AVAX when selecting a validator, instead rewards earnt for staking can be slashed should the validator misbehave. Because Avalanche doesn’t have direct slashing, it is technically possible for someone to both stake AND deliver tokens for something like a flash loan, under the invariant that all tokens that are staked are returned, thus being able to make profit with staked tokens outside of staking itself. There will also be a separate subnet for Athereum which is a ‘spoon,’ or friendly fork, of Ethereum, which benefits from the Avalanche consensus protocol and applications in the Ethereum ecosystem. It’s native token ATH will be airdropped to ETH holders as well as potentially AVAX holders as well. This can be done for other blockchains as well. Transaction fees on the primary network for all 3 of the blockchains as well as subscription fees for creating a subnet and blockchain are paid in AVAX and are burnt, creating deflationary pressure. AVAX is a fixed capped supply of 720 million tokens, creating scarcity rather than an unlimited supply which continuously increase of tokens at a compounded rate each year like others. Initially there will be 360 tokens minted at Mainnet with vesting periods between 1 and 10 years, with tokens gradually unlocking each quarter. The Circulating supply is 24.5 million AVAX with tokens gradually released each quater. The current market cap of AVAX is around $100 million.
A Bitcoin address is a unique identifier that serves as a virtual location where the cryptocurrency can be sent. People can send the cryptocurrency to Bitcoin addresses similarly to the way fiat currencies can often be sent to email addresses. However, the Bitcoin address is not intended to be permanent, but just a token for use in a single transaction. Check Bitcoin Address for mentions on the internet, block explorer tags, forum profile, abuses, links, OTC trader account, social network profiles. A Bitcoin address is a cornerstone to understand how the cryptocurrency is exchanged between two individuals as they essentially dictate the source and destination for a particular amount of bitcoin. For those new to the world of cryptocurrencies, a bitcoin address may seem a little confusing at first. What Is A Bitcoin Address And How You Can Get One. In the current scenario, there are two formats of the Bitcoin address that are being used. These are: Common P2PKH: This format of the Bitcoin address start with the number 1; Latest P2Sh: This format of the Bitcoin address which starts with the number 3. Salient Features of the Bitcoin Address. While using Bitcoin, you need the Bitcoin ... A Bitcoin invoice address, or simply invoice, is an identifier of 26-35 alphanumeric characters, beginning with the number 1, 3 or bc1 that represents a possible destination for a bitcoin payment. Invoices can be generated at no cost by any user of Bitcoin. It is also possible to get a Bitcoin invoice address using an account at an exchange or online wallet service.
How Bitcoin Works in 5 Minutes (Technical) - YouTube
Start trading Bitcoin and cryptocurrency here: http://bit.ly/2Vptr2X Bitcoin trading is the act of buying low and selling high. Unlike investing, which means... An Kryptowährungen führt momentan kein Weg vorbei. Besonders gehyped: Bitcoins. Aber: Was steckt eigentlich genau dahinter? Harald Lesch im Gespräch mit dem ... Bitcoin für Anfänger einfach erklärt! [auf Deutsch] Bitcoin-Börse (erhalte 10€ in BTC) https://finanzfluss.de/go/bitcoin-boerse *📱 Sicheres Bitcoin-Wallet... Learn about Bitcoin with the most watched Bitcoin video. More information: Start Guide - https://www.weusecoins.com Mining Guide - https://www.bitcoinmining.... A short introduction to how Bitcoin Works. Want more? Check out my new in-depth course on the latest in Bitcoin, Blockchain, and a survey of the most excitin...