Abstract Blockchain systems are designed to produce blocks at a constant average rate. The most popular systems currently employ a Proof of Work (PoW) algorithm as a means of creating these blocks. Bitcoin produces, on average, one block every 10 minutes. An unfortunate limitation of all deployed PoW blockchain systems is that the time between blocks has high variance. For example, 5% of the time, Bitcoin's inter-block time is at least 40 minutes. This variance impedes the consistent flow of validated transactions through the system. We propose an alternative process for PoW-based block discovery that results in an inter-block time with significantly lower variance. Our algorithm, called Bobtail, generalizes the current algorithm by comparing the mean of the k lowest order statistics to a target. We show that the variance of inter-block times decreases as k increases. If our approach were applied to Bitcoin, about 80% of blocks would be found within 7 to 12 minutes, and nearly every block would be found within 5 to 18 minutes; the average inter-block time would remain at 10 minutes. Further, we show that low-variance mining significantly thwarts doublespend and selfish mining attacks. For Bitcoin and Ethereum currently (k=1), an attacker with 40% of the mining power will succeed with 30% probability when the merchant sets up an embargo of 8 blocks; however, when k>=20, the probability of success falls to less than 1%. Similarly, for Bitcoin and Ethereum currently, a selfish miner with 40% of the mining power will claim about 66% of blocks; however, when k>=5, the same miner will find that selfish mining is less successful than honest mining. The cost of our approach is a larger block header. References  Bitcoin cash. https://www.bitcoincash.org/.  Litecoin. https://litecoin.org/.  Ethash. https://github.com/ethereum/wiki/wiki/Ethash, Aug 3 2017.  Martin Abadi, Mike Burrows, Mark Manasse, and Ted Wobber. Moderately hard, memory-bound functions. ACM Trans. Internet Technol., 5(2):299–327, May 2005.  Tuomas Aura, Pekka Nikander, and Jussipekka Leiwo. Dos-resistant authentication with client puzzles. In Revised Papers from the 8th International Workshop on Security Protocols, pages 170–177, 2001.  Adam Back. Hashcash - Amortizable Publicly Auditable CostFunctions, 2002.  Iddo Bentov, Ariel Gabizon, and Alex Mizrahi. Cryptocurrencies without proof of work. In International Conference on Financial Cryptography and Data Security, pages 142–157. Springer, 2016.  Iddo Bentov, Charles Lee, Alex Mizrahi, and Meni Rosenfeld. Proof of Activity: Extending Bitcoin’s Proof of Work via Proof of Stake [Extended Abstract] y. ACM SIGMETRICS Performance Evaluation Review, 42(3):34–37, 2014.  Bobtails. https://en.wikipedia.org/wiki/Natural_bobtail.  Xavier Boyen, Christopher Carr, and Thomas Haines. BlockchainFree Cryptocurrencies: A Framework for Truly Decentralised Fast Transactions. Cryptology ePrint Archive, Report 2016/871, Sept 2016. http://eprint.iacr.org/2016/871.  George Casella and Roger L. Berger. Statistical inference. Brooks Cole, Pacific Grove, CA, 2002.  Liqun Chen and Wenbo Mao. An auditable metering scheme for web advertisement applications. Information Security, pages 475–485, 2001.  F. Coelho. An (Almost) Constant-Effort Solution- Verification Proofof-Work Protocol Based on Merkle Trees. In Progress in Cryptology – AFRICACRYPT, pages 80–93, June 2008.  Drew Dean and Adam Stubblefield. Using client puzzles to protect tls. In Proceedings of the 10th Conference on USENIX Security Symposium - Volume 10, SSYM’01, Berkeley, CA, USA, 2001. USENIX Association.  J. Douceur. The Sybil Attack. In Proc. Intl Wkshp on Peer-to-Peer Systems (IPTPS), March 2002.  Cynthia Dwork and Moni Naor. Pricing via processing or combatting junk mail. In In 12th Annual International Cryptology Conference, pages 139–147, 1992.  Ethereum Homestead Documentation. http://ethdocs.org/en/latest/.  Ittay Eyal, Adem Efe Gencer, Emin Gun Sirer, and Robbert Van Renesse. Bitcoin-ng: A scalable blockchain protocol. In 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16), pages 45–59, Santa Clara, CA, 2016. USENIX Association.  Ittay Eyal and Emin Gün Sirer. Majority is not enough: Bitcoin mining is vulnerable. In International conference on financial cryptography and data security, pages 436–454. Springer, 2014.  M. Franklin and D. Malkhi. Auditable metering with ligthweigth security. In Proc. Financial Cryptography, pages 151–160, 1997.  Arthur Gervais, Ghassan O. Karame, Karl Wust, Vasileios Glykantzis, Hubert Ritzdorf, and Srdjan Capkun. On the Security and Performance of Proof of Work Blockchains. https://eprint.iacr.org/2016/555, 2016.  Bogdan Groza and Bogdan Warinschi. Cryptographic puzzles and dos resilience, revisited. Des. Codes Cryptography, 73(1):177–207, October 2014.  Markus Jakobsson and Ari Juels. Proofs of Work and Bread Pudding Protocols. In Proc. Conference on Secure Information Networks: Communications and Multimedia Security, pages 258–272, 1999.  A. Juels and J. Brainard. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proc. Networks and Distributed Security Systems, pages 151–165, 1999.  Ben Laurie and Richard Clayton. “Proof-of-work" proves not to work; version 0.2. In Proc. Workshop on Economics and Information Security, 2004.  Andrew Miller, Ari Juels, Elaine Shi, Bryan Parno, and Jonathan Katz. Permacoin: Repurposing bitcoin work for data preservation. In Proc. IEEE Security and Privacy, pages 475–490, 2014.  Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System, May 2009.  A. Pinar Ozisik and Brian Neil Levine. An Explanation of Nakamoto’s Analysis of Double-spend Attacks. Technical Report arXiv:1701.03977, University of Massachusetts, Amherst, MA, January 2017.  Ayelet Sapirshtein, Yonatan Sompolinsky, and Aviv Zohar. Optimal Selfish Mining Strategies in Bitcoin. https://arxiv.org/pdf/1507.06183.pdf, July 2015.  XiaoFeng Wang and Michael K. Reiter. Defending against denial-ofservice attacks with puzzle auctions. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, SP ’03, pages 78–, Washington, DC, USA, 2003. IEEE Computer Society
Leah Goodman's choice is so ridiculous it doesn't really merit speaking about any further. So I won't bother doing that. She seems to be the victim of her own ambition and mis-placed trust in someone grossly incapable of evaluating the background of someone like Satoshi. The forum where the work was chosen to be released is a fairly insular group. You can crawl the archive and look at the backgrounds of every one of them. Many will look convincing, for either technical or ideological reasons (often both.) After researching them further they seem to largely weed themselves out for one reason or another. Perhaps the most compelling candidate is Nick Szabo. Nick, by all accounts, seems to have the mental ability and ample and incredibly specific domain knowledge required to conceive Bitcoin. If you had to find a foremost expert on the economic and applied network theory required to invent Bitcoin you really need look no further. He has 100% covered the problem-space. On his home page he directly references linked timestamping. This is essentially a description of the blockchain well-before the blockchain came into existence. The only problem with him is I can't find any C++ code he's ever written. I can only find pseudo-code from some of his papers. I consider it likely that he is at least an unconscious collaborator. Michael Reiter and Dahlia Malkhi are both linked from Nick's site. They are the authors of this remarkably relevant work. The thing I don't like about them is they're extremely seasoned academics. They've authored almost 100 papers between them both. Satoshi noted he was more comfortable with code than writing papers. You may be tempted to consider Adam Back. He's British as Satoshi's writing style seems to be. He also invented Hashcash which Bitcoin makes use of. The big problem I have with him is he seems to only code in C and its style is nothing close to Satoshi's work. You may also be tempted to choose perhaps Hal Finney. He was, after all, the recipient of the first Bitcoin transaction. I also don't like Hal due to his code. That comes out wrong but the issue is Hal's code is both C and it is very tightly regimented. A drill sergeant would openly commend him in front of the other rank and file. Also Hal seemed to be genuinely confused over details (or lack thereof) in the paper. Then you might start thinking about guys like Ben Laurie, or Richard Clayton, or even Zooko Wilcox-O'Hearn. But I really think you'd be barking up the wrong tree so I won't even bother to link. Then there is the guy I personally like. For one, AFAICT, he seems to be the only one in that crew to even write much C++ -- any that's public anyway. And if you look at it two immediate things stand out. One, is this library contains all the precise cryptographic constructs necessary to build Bitcoin and a deep familiarity with nearly all of them would be required to do so. The SHA256 implementation in the original source code is directly lifted from this library. The second is how stylistically similar they are. There are subtle differences like whitespace between symbols in for loops, case of comments, etc. but if you take a step back it looks much more similar than not. Even down to the file naming convention and project layout. Oh and they both primarily target Windows environments. He also basically described Bitcoin in a concise text file authored over 10 years previous to Bitcoin. He may not have figured out all of the details at that point in time but he's obviously exactly describing what we now know as Bitcoin. I may be wrong but based on all of the evidence available to me this seems like the most likely situation. TL;DR I think it's kind of obvious who he is. The code is the best clue (and an amazing gift.)
Open_transactions / Monetas. The solution to problem of trusted systems that bitcoin runs into.
Even though I've gone to the dark side (there will be a fun post of that in le future) I still have great love and obsession with freeing the common man from the evils of modern banking. So for any of you who don't know I am a big advocate of the bitcoin, but I'm also an even bigger advocate for Open_transactions. It's an open source suite of market tools based upon Ricardian smart contacts which offers true anonymity and a fix to bitcoins troubles with trusting entities (ie mt.gox debacle) It's already done, but a commercial version will be out around Q3 and Q4. It's being marketed to businesses for speedy transaction time and to Africans since they seem to have a flair for alt.currencies (like cellular minutes). Also any country that doesn't like the petrodollar (everyone else) will probably use it. So here's the lowdown ILLUSTRATED EXPLANATION http://opentransact.nevermeta.com/OT-Pseudonym-Instruments.jpg Read the illustrated explanation and watch this video http://www.youtube.com/watch?v=teNzIFu5L70&feature Basically an anonymous, encrypted, secure set of tools for an entire digital marketplace with reciepts based on smart contracts. Open-Transactions: P
A financial crypto and digital cash software library. The software's author likens it to "PGP for money". Open Transactions (a centralized transaction system) is complementary to Bitcoin in that it provides some features that Bitcoin cannot, such as untraceable anonymous (versus pseudonymous) transactions, no latency (instant finality of settlement / no risk of double spending) and more. Featuring: *Untraceable Digital Cash (real blinded tokens) *Anyone An Issuer (Ricardian-style Contracts) *Bearer-only, Fully-Anonymous (when used cash-only) *Pseudonymous User Accounts (user account == PGP key) *No Account History (asset account == the last receipt) *Many Financial Instruments (cheques, cash, vouchers, invoices...) *Basket Currencies (10 "baskets" == 5 gold, 3 silver) *Markets with Trades (stop, fill-or-kill, limit orders...) *Payment Plans
https://github.com/FellowTraveleOpen-Transactions/wiki/FAQhttps://en.bitcoin.it/wiki/Open_Transactionshttp://www.youtube.com/watch?v=HSgpStCTw2ghttp://monetas.net/ -- Many financial instruments are supported: Users can write cheques, purchase cashier's cheques ('vouchers'), and withdraw in untraceable digital cash. The software uses Chaumian-style, blinded tokens courtesy of the Lucre library by Ben Laurie. -- It's like PGP FOR MONEY. The idea is to have many cash algorithms, not just Lucre. I'd like to add Chaum's version, Brands' version, etc. So that, just like PGP, the software should support as many of the top algorithms as possible, and make it easy to swap them out when necessary. -- User accounts are pseudonymous. A user account is a public key. (This is like PKTP.) You can open as many user accounts as you want. Full anonymity is possible only for 'cash-only' transactions (where users only perform token exchanges), whereas pseudonymity means that transactions can be linked to the key that signed them. (While the real life identity of the owner is hidden, continuity of reputation becomes possible when using pseudonyms.) -- ANY USER CAN ISSUE new digital currencies and digital asset types, by uploading the new currency contract to the server. (This functionality is comparable to Ricardo, the transaction server by IanG.) -- No Account History. Client and server are able to conduct transactions, and agree on current holdings, via signed receipts, without the need to store any transaction history (beyond the last receipt itself.) See Bill St. Clair's excellent Truledger (http://truledger.com/) for another example of this concept. -- The server cannot forge your signature, and thus cannot change your balance without your signed permission, (since it can't falsify any receipt.) The server is likewise on the hook with the issuer, for the same reason. This is because the receipt IS the account, and because the server cannot sign the receipt until you have signed it first--and the server cannot forge your signature. -- Open Transactions also features MARKETS. Any two asset types can be traded against each other. The markets are full-featured and include LIMIT ORDERS, STOP ORDERS, FILL-or-KILL orders, DAY orders (date ranges), and stop limits. -- Open Transactions also supports BASKET CURRENCIES. Users can define their own, and the server handles the process of exchanging in and out of basket accounts. Baskets are treated by the software like any other asset type, (you can open accounts, transfer funds, withdraw cash, write cheques, and even trade basket currencies on markets.) -- Open Transactions also supports PAYMENT PLANS. Users can sign contracts with each other, and the server will carry out the terms and implement the payment plan. (A future goal is to issue new asset types based on revenue from payment plans--so they can also be traded on markets.) -- CONTRACTS, in general, are very important to Open Transactions; they are the building block of the entire library. Open Transactions uses a Ricardian-style contract, and all the various instruments, data files, and messages resemble PGP-signed XML files. All objects serialize to a string. -- SMART CONTRACTS are now supported (scriptable clauses). These make it possible for users to write their own financial instruments, without having to change the OT code itself. To read more about this concept, see Nick Szabo: http://szabo.best.vwh.net/contractlanguage.html -- The philosophy of the software is based around the SEPARATION OF POWERS (issuers and transaction servers being separate entities -- See Loom for another example of this.) as well as the DISTRIBUTION OF RISK. For example, assets of a single type can be distributed across many many servers, AND a certain asset type can also be distributed across multiple issuers (via basket currencies.) -- Future (possible or planned) instruments include: Interest-bearing bonds, dividend-paying stocks, real bills, and collateralized debt obligations. These features aren't available yet, but they are easy to add given the existing OT infrastructure. -- All communications are secured with OpenSSL. All messages are also signed and encrypted. All transactions require signatures from relevant parties including the server. -- Open Transactions is free software (GNU), written in C++, object-oriented, and includes a high-level API in Java, Ruby, Python, C, D, C++, Obj-C, C#, Lisp, Perl, PHP, and Tcl. (Also supporting JRuby, Jython, Groovy, and any other language available on the JVM.) -- The software is fully cross-platform: Linux, Mac OS X, FreeBSD, Android, and Windows are supported with makefiles, project files, and instructions. -- The library is transfer-protocol neutral as well as storage neutral, and could be utilized across a variety of different transfer protocols and storage systems. The current test server and client use the ZeroMQ library for messages, and a storage abstraction is employed to make it easy for you to swap in any storage method you need. (Filesystem by default, but you can store anywhere.)
There is a list of articles about cryptocurrency cryptography. Difficulty, hashes, blocks and functions. Read more on BitcoinWiki and join our crypto community. Many celebrities have mentioned the benefits of bitcoin and leveraged the asset for certain projects. For instance, 50 Cent, Snoop Dogg and Talib Kweli all sold albums for BTC, but when ... Ben, your analysis reads as though you took your well-known and long-standing bias against proof-of-work and reverse engineered that ideology to fit into an ad hoc criticism of bitcoin cryptography. You must know that bitcoin represents an example of Byzantine fault tolerance in use and that the bitcoin proof-of-work chain is the key to solving ... Ben, would you currently accept bitcoin as a tax-free payment for your services? Comment by Jon Matonis — 21 May 2011 @ 8:18. Isn’t one of the problems with this debate that it is dealing with three essentially orthogonal issues. Issue 1 is how to send “coins” over the internet, issue 2 is anonymity and issue 3 is monetary. Peercoin (or PPC, PPCoin) is a peer-to-peer cryptocurrency utilizing both proof-of-stake and proof-of-work systems.. Peercoin is based on an August 2012 paper which listed the authors as Scott Nadal and Sunny King. Sunny King, who also created Primecoin, is a pseudonym.Nadal's involvement had diminished by November 2013, leaving King as Peercoin's sole core developer.
Episode 42 • WikiLeaks, Bitcoin Lawsuits & Open Source Intelligence
Bitcoin was on the rise Thursday morning after a sell-off overnight. It hit a price of nearly $14,000 on Wednesday. The cryptocurrency jumped nearly 200% sin... This episode, we dive into the wonderful and wacky world of open source intelligence (OSINT) and ask the question – “What can people find out about me online?”. OSINT is what private ... Bitcoin Price Analysis & Crypto News! 👍 THUMBS UP & SUBSCRIBE NOW + 🔔! ***** 🚨 VIP ELITE PRIVATE TRADE ALERTS- https://t.me/joinchat/AAAAAEts9GFT3RV_6wLjOQ... All Bitcoin needs is trust. That means all we need is time. Bitcoin is stronger TODAY than it ever has been before. Let’s talk about why! Follow us on Twitte... How does bitcoin reach $100,000 when it can't even get back above $10,000 well in this video, I explain how it gets above $100,000 and even talk about when. ...