Bitcoin is a system designed to scale to really big mining companies. This is obvious because proof-of-work is an arm's race. Companies compete to create better and better chips, to make more and more profit. Mining operations take profits, so they're companies, they need to sell their bitcoin back to the market for dollars to cover their costs. Even pools are companies. At scale, the companies competing to secure the blockchain are MASSIVE. They pass petabyte blocks to each other over the network, and they build highly connected fast networking infrastructure to each other so that they can propagate blocks very very fast. Blocks don't need to be verified by non-miners. Transactions get handed directly to merchants who query the outputs with the largest miners, who then clear the transaction if the outputs are unspent. Then the transaction settles when a block is won by a miner.
Possibly scammed, need any technical advice please! :)
Hi bitcoin!Situation: I am a professional poker player and ventured deep into the abyss of shady/dodgy sites. Why I did so is still a mystery to me. Long story short, I finally made two withdrawals totaling approximately $3,500 to $4,000 via BTC. Next day, I load up my Ledger and see I have my balance. Awesome! Oh wait...it's not spendable.Surely it just hasn't confirmed yet, right? No big deal. Then I look at the transactions...https://blockstream.info/tx/35c1ff29f22c251b67829ce6046a7441aa81dd67d1b6b3fffb3c518fa7a19b2b andhttps://blockstream.info/tx/e65394e7a7c8fce0eeabef3709368ad032bee7a531fed6ac002823c4ad697970 Previous withdrawals were sent to me with a more normalized fee structure.These were sent with what looks like a near-zero fee. With my limited technical understanding of BTC, this means the transaction will either get stuck for a VERY long time, or it will never confirm and eventually be returned to him.This person has blocked me on socials and has said on the discord server for the site that "the site is better off without him" (Basically as a good professional player he didn't want me beating his small community of players) I'm ok with this as long as I don't get scammed. Is there anything I can do at this point? Edit #1: Thanks a ton tou/jcoinnerfor the extensive help with spending the unspent coins via CPFP (child pays for parent) The transaction appears to be confirmed! Using CPFP has successfully spent the unconfirmed coins back to a different wallet of mine. The txid is: 6d65c98ea01bad8d98045794729b7d1b93936a11faad0e3bd126e9223d2ee297 and appears to show a confirm and my coins are spendable. I believe this persons' intention was "Send a transaction that's very likely to fail and if it does I'll scam and if it doesn't...oh well." Thank you so much reddit!
Dear Famed Reddit Users, I apologise in advance if I waste anybody's time here however I need suggestions on whether I can establish if I received a payment from a mining contract I took out in 2013. Back in July 2013 I bough a Bitcoin mining contract from a website called bitcoinfrenzy.com. I paid $49 for "1 GH/s Bitcoin Mining Power – 1 Year Contract (#1GH001) " This website no longer exists and it may have been a scam as I was quite flush back then so I bought the contract and thought no more of it. After the initial purchase email in July 2013 I heard no more until November 2013. 13 November 2013 - Newsletter email stating: "After a long struggle Mining is started for July to till date customers . The order status for all paid orders will be updated within 48 Hours . And we will update" 16 November 2013 I have an email stating that the order had been processed 22 November 2013 Email stating that payouts have been made from wallet address 1LKpQYvMCyfa5AwD8KrDknhjGfP87xWsVN No further emails after this point. When I check the blockchain for this address I can see coins were sent to multiple addresses on 22 November 2013. I do not know what wallet address I provided to bitcoinfrenzy for receipt of any payout. I did create a wallet on blockchain in May 2013. I have accessed this wallet and there is no transaction history showing. I have an old version of bitcoin-qt on an old hard disk drive which has a wallet.dat file created April 2013. I have been unsuccessful when trying to load this wallet. I have all hard drives/laptops from 2013 and since. Views on: Am I wasting my time here? I s there anything else I can search my hard drives for? How can I access my old wallet.dat (and none of the results I've found while searching have worked). NB if one of the receiving addresses from the payout belongs to me the coins will be unspent, there will be no transactions after 22 November 2013 and there may not be any other transactions prior to this. Thanks for reading
Bitcoin (BTC) is a peer-to-peer cryptocurrency that aims to function as a means of exchange that is independent of any central authority. BTC can be transferred electronically in a secure, verifiable, and immutable way.
Launched in 2009, BTC is the first virtual currency to solve the double-spending issue by timestamping transactions before broadcasting them to all of the nodes in the Bitcoin network. The Bitcoin Protocol offered a solution to the Byzantine Generals’ Problem with ablockchainnetwork structure, a notion first created byStuart Haber and W. Scott Stornetta in 1991.
Bitcoin’s whitepaper was published pseudonymously in 2008 by an individual, or a group, with the pseudonym “Satoshi Nakamoto”, whose underlying identity has still not been verified.
The Bitcoin protocol uses an SHA-256d-based Proof-of-Work (PoW) algorithm to reach network consensus. Its network has a target block time of 10 minutes and a maximum supply of 21 million tokens, with a decaying token emission rate. To prevent fluctuation of the block time, the network’s block difficulty is re-adjusted through an algorithm based on the past 2016 block times.
With a block size limit capped at 1 megabyte, the Bitcoin Protocol has supported both the Lightning Network, a second-layer infrastructure for payment channels, and Segregated Witness, a soft-fork to increase the number of transactions on a block, as solutions to network scalability.
Bitcoin is a peer-to-peer cryptocurrency that aims to function as a means of exchange and is independent of any central authority. Bitcoins are transferred electronically in a secure, verifiable, and immutable way.
Network validators, whom are often referred to as miners, participate in the SHA-256d-based Proof-of-Work consensus mechanism to determine the next global state of the blockchain.
The Bitcoin protocol has a target block time of 10 minutes, and a maximum supply of 21 million tokens. The only way new bitcoins can be produced is when a block producer generates a new valid block.
The protocol has a token emission rate that halves every 210,000 blocks, or approximately every 4 years.
Unlike public blockchain infrastructures supporting the development of decentralized applications (Ethereum), the Bitcoin protocol is primarily used only for payments, and has only very limited support for smart contract-like functionalities (Bitcoin “Script” is mostly used to create certain conditions before bitcoins are used to be spent).
In the Bitcoin network, anyone can join the network and become a bookkeeping service provider i.e., a validator. All validators are allowed in the race to become the block producer for the next block, yet only the first to complete a computationally heavy task will win. This feature is called Proof of Work (PoW). The probability of any single validator to finish the task first is equal to the percentage of the total network computation power, or hash power, the validator has. For instance, a validator with 5% of the total network computation power will have a 5% chance of completing the task first, and therefore becoming the next block producer. Since anyone can join the race, competition is prone to increase. In the early days, Bitcoin mining was mostly done by personal computer CPUs. As of today, Bitcoin validators, or miners, have opted for dedicated and more powerful devices such as machines based on Application-Specific Integrated Circuit (“ASIC”). Proof of Work secures the network as block producers must have spent resources external to the network (i.e., money to pay electricity), and can provide proof to other participants that they did so. With various miners competing for block rewards, it becomes difficult for one single malicious party to gain network majority (defined as more than 51% of the network’s hash power in the Nakamoto consensus mechanism). The ability to rearrange transactions via 51% attacks indicates another feature of the Nakamoto consensus: the finality of transactions is only probabilistic. Once a block is produced, it is then propagated by the block producer to all other validators to check on the validity of all transactions in that block. The block producer will receive rewards in the network’s native currency (i.e., bitcoin) as all validators approve the block and update their ledgers.
The Bitcoin protocol utilizes the Merkle tree data structure in order to organize hashes of numerous individual transactions into each block. This concept is named after Ralph Merkle, who patented it in 1979. With the use of a Merkle tree, though each block might contain thousands of transactions, it will have the ability to combine all of their hashes and condense them into one, allowing efficient and secure verification of this group of transactions. This single hash called is a Merkle root, which is stored in the Block Header of a block. The Block Header also stores other meta information of a block, such as a hash of the previous Block Header, which enables blocks to be associated in a chain-like structure (hence the name “blockchain”). An illustration of block production in the Bitcoin Protocol is demonstrated below. https://preview.redd.it/m6texxicf3151.png?width=1591&format=png&auto=webp&s=f4253304912ed8370948b9c524e08fef28f1c78d
Block time and mining difficulty
Block time is the period required to create the next block in a network. As mentioned above, the node who solves the computationally intensive task will be allowed to produce the next block. Therefore, block time is directly correlated to the amount of time it takes for a node to find a solution to the task. The Bitcoin protocol sets a target block time of 10 minutes, and attempts to achieve this by introducing a variable named mining difficulty. Mining difficulty refers to how difficult it is for the node to solve the computationally intensive task. If the network sets a high difficulty for the task, while miners have low computational power, which is often referred to as “hashrate”, it would statistically take longer for the nodes to get an answer for the task. If the difficulty is low, but miners have rather strong computational power, statistically, some nodes will be able to solve the task quickly. Therefore, the 10 minute target block time is achieved by constantly and automatically adjusting the mining difficulty according to how much computational power there is amongst the nodes. The average block time of the network is evaluated after a certain number of blocks, and if it is greater than the expected block time, the difficulty level will decrease; if it is less than the expected block time, the difficulty level will increase.
What are orphan blocks?
In a PoW blockchain network, if the block time is too low, it would increase the likelihood of nodes producingorphan blocks, for which they would receive no reward. Orphan blocks are produced by nodes who solved the task but did not broadcast their results to the whole network the quickest due to network latency. It takes time for a message to travel through a network, and it is entirely possible for 2 nodes to complete the task and start to broadcast their results to the network at roughly the same time, while one’s messages are received by all other nodes earlier as the node has low latency. Imagine there is a network latency of 1 minute and a target block time of 2 minutes. A node could solve the task in around 1 minute but his message would take 1 minute to reach the rest of the nodes that are still working on the solution. While his message travels through the network, all the work done by all other nodes during that 1 minute, even if these nodes also complete the task, would go to waste. In this case, 50% of the computational power contributed to the network is wasted. The percentage of wasted computational power would proportionally decrease if the mining difficulty were higher, as it would statistically take longer for miners to complete the task. In other words, if the mining difficulty, and therefore targeted block time is low, miners with powerful and often centralized mining facilities would get a higher chance of becoming the block producer, while the participation of weaker miners would become in vain. This introduces possible centralization and weakens the overall security of the network. However, given a limited amount of transactions that can be stored in a block, making the block time too longwould decrease the number of transactions the network can process per second, negatively affecting network scalability.
3. Bitcoin’s additional features
Segregated Witness (SegWit)
Segregated Witness, often abbreviated as SegWit, is a protocol upgrade proposal that went live in August 2017. SegWit separates witness signatures from transaction-related data. Witness signatures in legacy Bitcoin blocks often take more than 50% of the block size. By removing witness signatures from the transaction block, this protocol upgrade effectively increases the number of transactions that can be stored in a single block, enabling the network to handle more transactions per second. As a result, SegWit increases the scalability of Nakamoto consensus-based blockchain networks like Bitcoin and Litecoin. SegWit also makes transactions cheaper. Since transaction fees are derived from how much data is being processed by the block producer, the more transactions that can be stored in a 1MB block, the cheaper individual transactions become. https://preview.redd.it/depya70mf3151.png?width=1601&format=png&auto=webp&s=a6499aa2131fbf347f8ffd812930b2f7d66be48e The legacy Bitcoin block has a block size limit of 1 megabyte, and any change on the block size would require a network hard-fork. On August 1st 2017, the first hard-fork occurred, leading to the creation of Bitcoin Cash (“BCH”), which introduced an 8 megabyte block size limit. Conversely, Segregated Witness was a soft-fork: it never changed the transaction block size limit of the network. Instead, it added an extended block with an upper limit of 3 megabytes, which contains solely witness signatures, to the 1 megabyte block that contains only transaction data. This new block type can be processed even by nodes that have not completed the SegWit protocol upgrade. Furthermore, the separation of witness signatures from transaction data solves the malleability issue with the original Bitcoin protocol. Without Segregated Witness, these signatures could be altered before the block is validated by miners. Indeed, alterations can be done in such a way that if the system does a mathematical check, the signature would still be valid. However, since the values in the signature are changed, the two signatures would create vastly different hash values. For instance, if a witness signature states “6,” it has a mathematical value of 6, and would create a hash value of 12345. However, if the witness signature were changed to “06”, it would maintain a mathematical value of 6 while creating a (faulty) hash value of 67890. Since the mathematical values are the same, the altered signature remains a valid signature. This would create a bookkeeping issue, as transactions in Nakamoto consensus-based blockchain networks are documented with these hash values, or transaction IDs. Effectively, one can alter a transaction ID to a new one, and the new ID can still be valid. This can create many issues, as illustrated in the below example:
Alice sends Bob 1 BTC, and Bob sends Merchant Carol this 1 BTC for some goods.
Bob sends Carols this 1 BTC, while the transaction from Alice to Bob is not yet validated. Carol sees this incoming transaction of 1 BTC to him, and immediately ships goods to B.
At the moment, the transaction from Alice to Bob is still not confirmed by the network, and Bob can change the witness signature, therefore changing this transaction ID from 12345 to 67890.
Now Carol will not receive his 1 BTC, as the network looks for transaction 12345 to ensure that Bob’s wallet balance is valid.
As this particular transaction ID changed from 12345 to 67890, the transaction from Bob to Carol will fail, and Bob will get his goods while still holding his BTC.
With the Segregated Witness upgrade, such instances can not happen again. This is because the witness signatures are moved outside of the transaction block into an extended block, and altering the witness signature won’t affect the transaction ID. Since the transaction malleability issue is fixed, Segregated Witness also enables the proper functioning of second-layer scalability solutions on the Bitcoin protocol, such as the Lightning Network.
Lightning Network is a second-layer micropayment solution for scalability. Specifically, Lightning Network aims to enable near-instant and low-cost payments between merchants and customers that wish to use bitcoins. Lightning Network was conceptualized in a whitepaper by Joseph Poon and Thaddeus Dryja in 2015. Since then, it has been implemented by multiple companies. The most prominent of them include Blockstream, Lightning Labs, and ACINQ. A list of curated resources relevant to Lightning Network can be found here. In the Lightning Network, if a customer wishes to transact with a merchant, both of them need to open a payment channel, which operates off the Bitcoin blockchain (i.e., off-chain vs. on-chain). None of the transaction details from this payment channel are recorded on the blockchain, and only when the channel is closed will the end result of both party’s wallet balances be updated to the blockchain. The blockchain only serves as a settlement layer for Lightning transactions. Since all transactions done via the payment channel are conducted independently of the Nakamoto consensus, both parties involved in transactions do not need to wait for network confirmation on transactions. Instead, transacting parties would pay transaction fees to Bitcoin miners only when they decide to close the channel. https://preview.redd.it/cy56icarf3151.png?width=1601&format=png&auto=webp&s=b239a63c6a87ec6cc1b18ce2cbd0355f8831c3a8 One limitation to the Lightning Network is that it requires a person to be online to receive transactions attributing towards him. Another limitation in user experience could be that one needs to lock up some funds every time he wishes to open a payment channel, and is only able to use that fund within the channel. However, this does not mean he needs to create new channels every time he wishes to transact with a different person on the Lightning Network. If Alice wants to send money to Carol, but they do not have a payment channel open, they can ask Bob, who has payment channels open to both Alice and Carol, to help make that transaction. Alice will be able to send funds to Bob, and Bob to Carol. Hence, the number of “payment hubs” (i.e., Bob in the previous example) correlates with both the convenience and the usability of the Lightning Network for real-world applications.
Schnorr Signature upgrade proposal
Elliptic Curve Digital Signature Algorithm (“ECDSA”) signatures are used to sign transactions on the Bitcoin blockchain. https://preview.redd.it/hjeqe4l7g3151.png?width=1601&format=png&auto=webp&s=8014fb08fe62ac4d91645499bc0c7e1c04c5d7c4 However, many developers now advocate for replacing ECDSA with Schnorr Signature. Once Schnorr Signatures are implemented, multiple parties can collaborate in producing a signature that is valid for the sum of their public keys. This would primarily be beneficial for network scalability. When multiple addresses were to conduct transactions to a single address, each transaction would require their own signature. With Schnorr Signature, all these signatures would be combined into one. As a result, the network would be able to store more transactions in a single block. https://preview.redd.it/axg3wayag3151.png?width=1601&format=png&auto=webp&s=93d958fa6b0e623caa82ca71fe457b4daa88c71e The reduced size in signatures implies a reduced cost on transaction fees. The group of senders can split the transaction fees for that one group signature, instead of paying for one personal signature individually. Schnorr Signature also improves network privacy and token fungibility. A third-party observer will not be able to detect if a user is sending a multi-signature transaction, since the signature will be in the same format as a single-signature transaction.
4. Economics and supply distribution
The Bitcoin protocol utilizes the Nakamoto consensus, and nodes validate blocks via Proof-of-Work mining. The bitcoin token was not pre-mined, and has a maximum supply of 21 million. The initial reward for a block was 50 BTC per block. Block mining rewards halve every 210,000 blocks. Since the average time for block production on the blockchain is 10 minutes, it implies that the block reward halving events will approximately take place every 4 years. As of May 12th 2020, the block mining rewards are 6.25 BTC per block. Transaction fees also represent a minor revenue stream for miners.
Great opportunity available here, first come, first served. I am looking for someone to that I can promise to give a million bitcoins. I'll trawl the 'chain and come up with a bunch of currently unspent coinbases (a soon-to-be-precedent case will establish that it just doesn't matter if any of them move in the future). I won't actually give them to you, though, so you are going to have to sue me. Yeah, that's like 400 bucks in filing fees alone, can't make money without spending money. This is like a guaranteed 1000000x though. Here's how it'll work, see, I promised to give you these coins, but here's the key: I won't! I'll even admit that I didn't straight up. Breach of promise. We'll even work in something like you sent me a hat or whatever, for consideration. And I'll swear in court I mined those coins. I'll swear, like, really hard, which means, in a court of law, that I must be telling the truth, and I'll even mention a lot of witnesses, who, for reasons of privilege such as priest-penitent, doctor-patient, lawyer-client, spousal, and dire complications of admiralty law (where the captain said I cannot make it happen), cannot be produced. I might even cry a little! Then I'll lose, because everyone here knows I made this promise and I won't deny it. Then, the court will simply order that miners award all these coins to you, because I lost, and you'll be rich! Foolproof, right? This strategy is endorsed by renown legal expert Mr. Wright, and I challenge anyone to demonstrate how my fact-pattern deviates from his theory as applied in his empirical demonstration that will be an assured success.
Bitcoin Billionaire Reviews : Complete Sign Up Guide 
We as a whole realize what Bitcoin Billionaire Billionaire are, at any rate from a fundamental perspective, and most wise tech darlings have at any rate thought about buying some type of digital money. In case you're among the individuals who are really charmed by all types of cryptographic forms of money, at that point you additionally realize that the arrangement of code which they all sudden spike in demand for is known as a blockchain. What Are Bitcoin Billionaire Block Explorers? For Bitcoin Billionaire (and alt-coins, as well), the blockchain is a continuous record of each exchange that has each happened utilizing that cash. The chain is persistently getting longer as new squares are finished and get connected as far as possible as another arrangement of recorded information. Each new connection in the chain is included as it happens, giving it an unmistakable straight recipe. The explanation the blockchain is so productive is on the grounds that it very well may be seen by anybody, yet it can't be duplicated. This permits genuinely open source coding and straightforwardness of information without giving up security. Envision an information sheet that is copied on each PC that is associated with the web, and afterward envision that updates can be made to this sheet progressively from anyplace on the planet. These updates will be appeared to everybody seeing it immediately. On the off chance that you can picture that, at that point you have a simple comprehension of how the blockchain functions. The entirety of the information in a blockchain exists as an unendingly shared and continually refreshed database. The blockchain utilizes organizing that gives everybody a precise perspective on all records progressively. It isn't recorded in any single stockpiling gadget or housed on a specific remote server. Rather, it's records are kept really open and exist all over the place. Since there is no focal stockpiling or ace duplicate of this information, it is highly unlikely for programmers to degenerate it. The blockchain is facilitated by a huge number of PCs at the same time and is lucid and evident by any individual who approaches the web. As a result of the way the blockchain works, it gives another degree of unparalleled straightforwardness and receptiveness to the budgetary world. Since the data is all visible progressively, it is just normal that numerous individuals are interested and wish to look at it. Tragically, not every person who is keen on review the blockchain for Bitcoin Billionaire Billionaire is really educated enough to peruse its code. Still more who really realize how to peruse and comprehend it would spare time if there were a simpler method to translate it. There are the individuals who have perceived this need and have decided to answer the call by giving blockchain pilgrims. These blockchain voyagers show the information found inside the blockchain in an outwardly engaging manner to make it simpler to peruse. Top Bitcoin Billionaire Block Explorers To Pay Attention To Here is a rundown of the best 6 blockchain voyagers that merit investigating.
Blockcypher is a Bitcoin Billionaire blockchain voyager that utilizations warm hues and is extremely simple on the eyes when seeing for significant stretches. Watchers can look into a Bitcoin Billionaire wallet's location and immediately observe the record for reserves sent and got through that wallet, just as its QR code. Blockcypher is additionally ready to show any unspent sums in the wallet, which numerous blockchain travelers can't do or think about a propelled include. You can likewise utilize Blcokcypher to see the square chains of different cryptographic forms of money, for example, Dogecoin and Litecoin.
Some may consider Bitcoin BillionaireChain excessively a lot to deal with outwardly, while others will appreciate the capacity to see a great deal of data without a moment's delay. This is on the grounds that Bitcoin BillionaireChain figures out how to fit a huge amount of information onto a solitary screen. This information incorporates Bitcoin Billionaire pools, arrange hubs, and markets. It ventures to show which individual square was mined by which mining pool on which organize. Bitcoin BillionaireChain offers a wallet administration too, which is a pleasant touch. With everything taken into account, this is a blockchain adventurer that has a ton to offer for the individuals who need to know the entirety of the subtleties when seeing a given blockchain.
Any individual who has their hands in cryptographic money in any genuine way will have just heard the name Blockr. This blockchain pilgrim is one of indisputably the most mind boggling and comprehensive of all the blockchain pioneer alternatives accessible. It shows a huge amount of data, however has an advantageous and simple to peruse position that clients love. Clients can choose a Bitcoin Billionaire trade and it will show a value file for Bitcoin Billionaire Billionaire on that trade. Blockr can aggregate the blockchain data utilizing a broad API which changes over the information into an assortment of diagrams containing the entirety of the data in a visual way that is anything but difficult to recognize and think about.
BTC.com is less broad than other blockchain adventurers, yet is ideal for following or watching out for explicit information. The first page of the site shows the hash pace of each mining pool progressively, and furthermore tracks other continuous system data. BTC.com likewise keeps tabs of system clog, which is acceptable to know for specific employments. In case you're attempting to stay aware of one explicit Bitcoin Billionaire address, this is the spot to go. BTC.com can follow the entirety of the notices of that specific address and make a path of that tends to movement.
Blockchain.info is one of the most well-known and intensely utilized blockchain wayfarers. This has brisk and simple go to alternatives for looking into a particular exchange or address without an excessive amount of complain. Blockchain.info offers a decent measure of information as general graphs and insights about the Bitcoin Billionaire organize by and large. The site additionally has a wallet administration for both versatile and work area clients.
TradeBlock is somewhat not quite the same as most blockchain pioneers. While it peruses the equivalent blockchain and pulls a similar data for review, it presents that information in an alternate way. The entirety of the data is gathered and designed into outer connections, every one of which prompts hashes for singular exchanges. It monitors the quantity of yields and information sources and shows them independently, which is a touch of a flighty insights that most fundamental clients aren't worried about, yet the more nerd clients will appreciate. It advantageously tracks the specific number of exchange affirmations progressively and continues refreshing as new exchanges are finished. TradeBlock is maybe the most inside and out and subtleties blockchain pioneer on the rundown, and it shows the data in a way that is ideal for the more bad-to-the-bone Bitcoin Billionaire lovers. Last Words On Bitcoin Billionaire Block Explorers Regardless of whether you're searching for a speedy and simple look at an irregular blockchain to straighten something up or you're a profoundly learned Bitcoin Billionaire dealer looking to min-max returns, there is a blockchain traveler on this rundown that has all that you need. https://www.cryptoerapro.com/bitcoin-billionaire/
Hello all, I'm (among other things) a graduate student getting a master's degree in cybersecurity. This last quarter for one of my classes, I was tasked to examine and recreate an exploit. For the actual exploit I was examining the "anyone can spend" segwit addresses on the BCH chain, and in my research I found a $600k theft that seems to have gone completely unnoticed. You all might recall this $600k theft of segwit addresses, but it happened again in mid-February 2018 and there has been zero news about it. BCH block 517171 contains solely segwit-stealing transactions. If you look at any given transaction, the inputs are all segwit program hashes spending a P2SH segwit output. I only caught it by accident, as I was originally going to talk about the publicized November attack. The interesting thing I discovered about this was that it's harder to have stolen that segwit money than most people think. Both Unlimited and ABC nodes do not relay segwit-spending transactions, and Bitcoin ABC hard-coded in fRequireStandard, so you couldn't even force-relay them with a conf option. On top of that, miners keep their node IPs private for obvious avoiding-ddos-and-sybil-attack reasons, which means it's impossible to directly send transactions to miners. This means that the only way to actually execute this attack was to setup one's own mining pool running on a custom-modified client to allow non-standard transactions. Then you'd have to get enough hash power to mine a block yourself. I estimated the cost of renting enough hash power to do this at the time as around $30k-$60k to have a greater than 90% chance of mining a block within a 3 month window. In order to simulate the attack, I spun up BTC, LTC, and BCH nodes in Docker, and wrote a Python script. The Python script started at segwit activation on BTC and LTC and it scanned every transaction in every block looking for P2SH segwit inputs as well as native segwit outputs, since these are the necessary hash pre-images to spend P2SH segwit money on the BCH chain. The script then also scanned the BCH chain for any native segwit outputs, as well as recording all P2SH outputs. (This was all saved in a MySQL database.) Then, at any point in time, I could simply query for BCH unspent native segwit outputs as well as P2SH outputs for which I had a known segwit hash pre-image. (If this was an attack I was doing real-time, I would probably also have a large mempool on each node and monitor unconfirmed tx's for useful info as well, but since this was after the fact, I just queried blocks sequentially.) For the mining node that runs the pool, it would need to be firewalled behind (i.e. only connected to) an unmodified node in blocks-only mode, so that the segwit hash pre-images aren't transmitted out to the network, and so that no other unconfirmed transactions are transmitted in to the mining node. (The mining node should only be filling its block with segwit tx's in order to maximize the gain from the attack.) Then a script should run continuously to grab segwit utxos from the MySQL database and construct high-fee transactions to send directly to the mining node. Unlike the November attack, each input should be spent in its own individual transaction, so that in the event it is individually spent, I don't negate a tx with other inputs. The overhead on having different transactions for each input is only about 8 extra bytes (the tx version and the locktime), so I think this is a good trade-off. Then, the attacker simply rents hashing power and points it at his secret pool. By the time February rolled around and the attack happened, my MySQL database had about 40 million BCH P2SH outputs and each query took about 3 minutes to execute. This of course would have been fine in the 10-minute block world of Bitcoin and BCH, but it means that I stopped my Python script after that time, so I don't know about any possible other attacks that happened before the clean stack rule was hard-forked into BCH. It was pretty interesting to work through how this attack must have happened, and it was significantly harder to execute than I thought it would be given that all the money was "anyone can spend". However, the most interesting thing about all this is that nobody has noticed. There is literally no news or mention of block 517171 or any of the transactions in it. My theory is that it is money that nobody misses -- i.e. misprogrammed custom wallet software for BTC nodes accidentally also sent out BCH transactions to the same address, given that BTC and BCH shared the same history until August 2017. And whatever person or entity is running those nodes is only thinking about BTC money and is completely oblivious to its misprogrammed problem of shipping BCH to segwit P2SH addresses. Obviously, that's just a theory, but I think it's pretty reasonable. Given the intense community divide, I think it's very possible that a number of BTC users simply ignored money on the BCH chain, even though it's "free money" for them, simply out of ideological hatred. Whatever the case, nobody has posted anywhere complaining of money stolen in that block. It seems to have gone completely unnoticed. (Which is why I'm posting this.) It was an interesting case study and I'd be curious to hear if anybody has any addition information or thoughts about it. I believe this was a different person than the November theft, because the way it was done was different -- the November theft had all the money in one transaction, but this February theft was done with separate individual transactions. Additionally worth noting is that the address which received the bulk of the money is still active, which means they're still out there. Anyway, I thought this was interesting and worth posting.
Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything. The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years. In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.
UPDATED - Groestlcoin Core 2.18.2
This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables. NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.
Builds are now done through Gitian
Calls to getblocktemplate will fail if the segwit rule is not specified. Calling getblocktemplate without segwit specified is almost certainly a misconfiguration since doing so results in lower rewards for the miner. Failed calls will produce an error message describing how to enable the segwit rule.
A warning is printed if an unrecognized section name is used in the configuration file. Recognized sections are [test], [main], and [regtest].
Four new options are available for configuring the maximum number of messages that ZMQ will queue in memory (the "high water mark") before dropping additional messages. The default value is 1,000, the same as was used for previous releases.
The rpcallowip option can no longer be used to automatically listen on all network interfaces. Instead, the rpcbind parameter must be used to specify the IP addresses to listen on. Listening for RPC commands over a public network connection is insecure and should be disabled, so a warning is now printed if a user selects such a configuration. If you need to expose RPC in order to use a tool like Docker, ensure you only bind RPC to your localhost, e.g. docker run [...] -p 127.0.0.1:1441:1441 (this is an extra :1441 over the normal Docker port specification).
The rpcpassword option now causes a startup error if the password set in the configuration file contains a hash character (#), as it's ambiguous whether the hash character is meant for the password or as a comment.
The whitelistforcerelay option is used to relay transactions from whitelisted peers even when not accepted to the mempool. This option now defaults to being off, so that changes in policy and disconnect/ban behavior will not cause a node that is whitelisting another to be dropped by peers.
A new short about the JSON-RPC interface describes cases where the results of anRPC might contain inconsistencies between data sourced from differentsubsystems, such as wallet state and mempool state.
A new document introduces Groestlcoin Core's BIP174 interface, which is used to allow multiple programs to collaboratively work to create, sign, and broadcast new transactions. This is useful for offline (cold storage) wallets, multisig wallets, coinjoin implementations, and many other cases where two or more programs need to interact to generate a complete transaction.
The output script descriptor (https://github.com/groestlcoin/groestlcoin/blob/mastedoc/descriptors.md) documentation has been updated with information about new features in this still-developing language for describing the output scripts that a wallet or other program wants to receive notifications for, such as which addresses it wants to know received payments. The language is currently used in multiple new and updated RPCs described in these release notes and is expected to be adapted to other RPCs and to the underlying wallet structure.
A new --disable-bip70 option may be passed to ./configure to prevent Groestlcoin-Qt from being built with support for the BIP70 payment protocol or from linking libssl. As the payment protocol has exposed Groestlcoin Core to libssl vulnerabilities in the past, builders who don't need BIP70 support are encouraged to use this option to reduce their exposure to future vulnerabilities.
The minimum required version of Qt (when building the GUI) has been increased from 5.2 to 5.5.1 (the depends system provides 5.9.7)
getnodeaddresses returns peer addresses known to this node. It may be used to find nodes to connect to without using a DNS seeder.
listwalletdir returns a list of wallets in the wallet directory (either the default wallet directory or the directory configured bythe -walletdir parameter).
getrpcinfo returns runtime details of the RPC server. Currently, it returns an array of the currently active commands and how long they've been running.
deriveaddresses returns one or more addresses corresponding to an output descriptor.
getdescriptorinfo accepts a descriptor and returns information aboutit, including its computed checksum.
joinpsbts merges multiple distinct PSBTs into a single PSBT. The multiple PSBTs must have different inputs. The resulting PSBT will contain every input and output from all the PSBTs. Any signatures provided in any of the PSBTs will be dropped.
analyzepsbt examines a PSBT and provides information about what the PSBT contains and the next steps that need to be taken in order to complete the transaction. For each input of a PSBT, analyze psbt provides information about what information is missing for that input, including whether a UTXO needs to be provided, what pubkeys still need to be provided, which scripts need to be provided, and what signatures are still needed. Every input will also list which role is needed to complete that input, and analyzepsbt will also list the next role in general needed to complete the PSBT. analyzepsbt will also provide the estimated fee rate and estimated virtual size of the completed transaction if it has enough information to do so.
utxoupdatepsbt searches the set of Unspent Transaction Outputs (UTXOs) to find the outputs being spent by the partial transaction. PSBTs need to have the UTXOs being spent to be provided because the signing algorithm requires information from the UTXO being spent. For segwit inputs, only the UTXO itself is necessary. For non-segwit outputs, the entire previous transaction is needed so that signers can be sure that they are signing the correct thing. Unfortunately, because the UTXO set only contains UTXOs and not full transactions, utxoupdatepsbt will only add the UTXO for segwit inputs.
getpeerinfo now returns an additional minfeefilter field set to the peer's BIP133 fee filter. You can use this to detect that you have peers that are willing to accept transactions below the default minimum relay fee.
The mempool RPCs, such as getrawmempool with verbose=true, now return an additional "bip125-replaceable" value indicating whether thetransaction (or its unconfirmed ancestors) opts-in to asking nodes and miners to replace it with a higher-feerate transaction spending any of the same inputs.
settxfee previously silently ignored attempts to set the fee below the allowed minimums. It now prints a warning. The special value of"0" may still be used to request the minimum value.
getaddressinfo now provides an ischange field indicating whether the wallet used the address in a change output.
importmulti has been updated to support P2WSH, P2WPKH, P2SH-P2WPKH, and P2SH-P2WSH. Requests for P2WSH and P2SH-P2WSH accept an additional witnessscript parameter.
importmulti now returns an additional warnings field for each request with an array of strings explaining when fields are being ignored or are inconsistent, if there are any.
getaddressinfo now returns an additional solvable Boolean field when Groestlcoin Core knows enough about the address's scriptPubKey, optional redeemScript, and optional witnessScript for the wallet to be able to generate an unsigned input spending funds sent to that address.
The getaddressinfo, listunspent, and scantxoutset RPCs now return an additional desc field that contains an output descriptor containing all key paths and signing information for the address (except for the private key). The desc field is only returned for getaddressinfo and listunspent when the address is solvable.
importprivkey will preserve previously-set labels for addresses or public keys corresponding to the private key being imported. For example, if you imported a watch-only address with the label "coldwallet" in earlier releases of Groestlcoin Core, subsequently importing the private key would default to resetting the address's label to the default empty-string label (""). In this release, the previous label of "cold wallet" will be retained. If you optionally specify any label besides the default when calling importprivkey, the new label will be applied to the address.
getmininginfo now omits currentblockweight and currentblocktx when a block was never assembled via RPC on this node.
The getrawtransaction RPC & REST endpoints no longer check the unspent UTXO set for a transaction. The remaining behaviors are as follows:
If a blockhash is provided, check the corresponding block.
If no blockhash is provided, check the mempool.
If no blockhash is provided but txindex is enabled, also check txindex.
unloadwallet is now synchronous, meaning it will not return until the wallet is fully unloaded.
importmulti now supports importing of addresses from descriptors. A desc parameter can be provided instead of the "scriptPubKey" in are quest, as well as an optional range for ranged descriptors to specify the start and end of the range to import. Descriptors with key origin information imported through importmulti will have their key origin information stored in the wallet for use with creating PSBTs.
listunspent has been modified so that it also returns witnessScript, the witness script in the case of a P2WSH orP2SH-P2WSH output.
createwallet now has an optional blank argument that can be used to create a blank wallet. Blank wallets do not have any keys or HDseed. They cannot be opened in software older than 2.18.2. Once a blank wallet has a HD seed set (by using sethdseed) or private keys, scripts, addresses, and other watch only things have been imported, the wallet is no longer blank and can be opened in 2.17.2. Encrypting a blank wallet will also set a HD seed for it.
signrawtransaction is removed after being deprecated and hidden behind a special configuration option in version 2.17.2.
The 'account' API is removed after being deprecated in v2.17.2 The 'label' API was introduced in v2.17.2 as a replacement for accounts. See the release notes from v2.17.2 for a full description of the changes from the 'account' API to the 'label' API.
addwitnessaddress is removed after being deprecated in version 2.16.0.
generate is deprecated and will be fully removed in a subsequent major version. This RPC is only used for testing, but its implementation reached across multiple subsystems (wallet and mining), so it is being deprecated to simplify the wallet-node interface. Projects that are using generate for testing purposes should transition to using the generatetoaddress RPC, which does not require or use the wallet component. Calling generatetoaddress with an address returned by the getnewaddress RPC gives the same functionality as the old generate RPC. To continue using generate in this version, restart groestlcoind with the -deprecatedrpc=generate configuration option.
Be reminded that parts of the validateaddress command have been deprecated and moved to getaddressinfo. The following deprecated fields have moved to getaddressinfo: ismine, iswatchonly,script, hex, pubkeys, sigsrequired, pubkey, embedded,iscompressed, label, timestamp, hdkeypath, hdmasterkeyid.
The addresses field has been removed from the validateaddressand getaddressinfo RPC methods. This field was confusing since it referred to public keys using their P2PKH address. Clients should use the embedded.address field for P2SH or P2WSH wrapped addresses, and pubkeys for inspecting multisig participants.
A new /rest/blockhashbyheight/ endpoint is added for fetching the hash of the block in the current best blockchain based on its height (how many blocks it is after the Genesis Block).
A new Window menu is added alongside the existing File, Settings, and Help menus. Several items from the other menus that opened new windows have been moved to this new Window menu.
In the Send tab, the checkbox for "pay only the required fee" has been removed. Instead, the user can simply decrease the value in the Custom Fee rate field all the way down to the node's configured minimumrelay fee.
In the Overview tab, the watch-only balance will be the only balance shown if the wallet was created using the createwallet RPC and thedisable_private_keys parameter was set to true.
The launch-on-startup option is no longer available on macOS if compiled with macosx min version greater than 10.11 (useCXXFLAGS="-mmacosx-version-min=10.11" CFLAGS="-mmacosx-version-min=10.11" for setting the deployment sdkversion)
A new groestlcoin-wallet tool is now distributed alongside Groestlcoin Core's other executables. Without needing to use any RPCs, this tool can currently create a new wallet file or display some basic information about an existing wallet, such as whether the wallet is encrypted, whether it uses an HD seed, how many transactions it contains, and how many address book entries it has.
Since version 2.16.0, Groestlcoin Core's built-in wallet has defaulted to generating P2SH-wrapped segwit addresses when users want to receive payments. These addresses are backwards compatible with all widely used software. Starting with Groestlcoin Core 2.20.1 (expected about a year after 2.18.2), Groestlcoin Core will default to native segwitaddresses (bech32) that provide additional fee savings and other benefits. Currently, many wallets and services already support sending to bech32 addresses, and if the Groestlcoin Core project sees enough additional adoption, it will instead default to bech32 receiving addresses in Groestlcoin Core 2.19.1. P2SH-wrapped segwit addresses will continue to be provided if the user requests them in the GUI or by RPC, and anyone who doesn't want the update will be able to configure their default address type. (Similarly, pioneering users who want to change their default now may set the addresstype=bech32 configuration option in any Groestlcoin Core release from 2.16.0 up.)
BIP 61 reject messages are now deprecated. Reject messages have no use case on the P2P network and are only logged for debugging by most network nodes. Furthermore, they increase bandwidth and can be harmful for privacy and security. It has been possible to disable BIP 61 messages since v2.17.2 with the -enablebip61=0 option. BIP 61 messages will be disabled by default in a future version, before being removed entirely.
The submitblock RPC previously returned the reason a rejected block was invalid the first time it processed that block but returned a generic "duplicate" rejection message on subsequent occasions it processed the same block. It now always returns the fundamental reason for rejecting an invalid block and only returns "duplicate" for valid blocks it has already accepted.
A new submitheader RPC allows submitting block headers independently from their block. This is likely only useful for testing.
The signrawtransactionwithkey and signrawtransactionwithwallet RPCs have been modified so that they also optionally accept a witnessScript, the witness script in the case of a P2WSH orP2SH-P2WSH output. This is compatible with the change to listunspent.
For the walletprocesspsbt and walletcreatefundedpsbt RPCs, if thebip32derivs parameter is set to true but the key metadata for a public key has not been updated yet, then that key will have a derivation path as if it were just an independent key (i.e. no derivation path and its master fingerprint is itself).
The -usehd configuration option was removed in version 2.16.0 From that version onwards, all new wallets created are hierarchical deterministic wallets. This release makes specifying -usehd an invalid configuration option.
This release allows peers that your node automatically disconnected for misbehaviour (e.g. sending invalid data) to reconnect to your node if you have unused incoming connection slots. If your slots fill up, a misbehaving node will be disconnected to make room for nodes without a history of problems (unless the misbehaving node helps your node in some other way, such as by connecting to a part of the Internet from which you don't have many other peers). Previously, Groestlcoin Core banned the IP addresses of misbehaving peers for a period (default of 1 day); this was easily circumvented by attackers with multiple IP addresses. If you manually ban a peer, such as by using the setban RPC, all connections from that peer will still be rejected.
The key metadata will need to be upgraded the first time that the HDseed is available. For unencrypted wallets this will occur on wallet loading. For encrypted wallets this will occur the first time the wallet is unlocked.
Newly encrypted wallets will no longer require restarting the software. Instead such wallets will be completely unloaded and reloaded to achieve the same effect.
A sub-project of Bitcoin Core now provides Hardware Wallet Interaction (HWI) scripts that allow command-line users to use several popular hardware key management devices with Groestlcoin Core. See their project page for details.
This release changes the Random Number Generator (RNG) used from OpenSSL to Groestlcoin Core's own implementation, although entropy gathered by Groestlcoin Core is fed out to OpenSSL and then read back in when the program needs strong randomness. This moves Groestlcoin Core a little closer to no longer needing to depend on OpenSSL, a dependency that has caused security issues in the past. The new implementation gathers entropy from multiple sources, including from hardware supporting the rdseed CPU instruction.
On macOS, Groestlcoin Core now opts out of application CPU throttling ("app nap") during initial blockchain download, when catching up from over 100 blocks behind the current chain tip, or when reindexing chain data. This helps prevent these operations from taking an excessively long time because the operating system is attempting to conserve power.
How to Upgrade?
Windows If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer. OSX If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications. Ubuntu http://groestlcoin.org/forum/index.php?topic=441.0
ALL NEW - Groestlcoin Moonshine iOS/Android Wallet
Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network. GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.
Groestlcoin Mainnet & Testnet supported
Multiple wallet support
Electrum - Support for both random and custom peers
Biometric + Pin authentication
Custom fee selection
Import mnemonic phrases via manual entry or scanning
BIP39 Passphrase functionality
Support for Segwit-compatible & legacy addresses in settings
Support individual private key sweeping
UTXO blacklisting - Accessible via the Transaction Detail view, this allows users to blacklist any utxo that they do not wish to include in their list of available utxo's when sending transactions. Blacklisting a utxo excludes its amount from the wallet's total balance.
Ability to Sign & Verify Messages
Support BitID for password-free authentication
Coin Control - This can be accessed from the Send Transaction view and basically allows users to select from a list of available UTXO's to include in their transaction.
HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled. HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user. Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.
Simplified payment verification for fast mobile performance
Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases. This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats. To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.
If a word is wrong, the tool will try to suggest the closest option.
If a word is missing or unknown, please type "?" instead and the tool will find all relevant options.
NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator. VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline. If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address. VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase. VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).
Fixed size arithmetic
Fast Modular Inversion (Delayed Right Shift 62 bits)
SecpK1 Fast modular multiplication (2 steps folding 512bits to 256bits using 64 bits digits)
Use some properties of elliptic curve to generate more keys
SSE Secure Hash Algorithm SHA256 and RIPEMD160 (CPU)
Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet. If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).
Ability to continue finding keys after first one is found
Includes warning on start-up if connected to the internet
Ability to output keys to a text file (And shows button to open that directory)
Show and hide the private key with a simple toggle switch
Show full output of commands
Ability to choose between Processor (CPU) and Graphics Card (GPU) ( NVidia ONLY! )
Features both a Light and Dark Material Design-Style Themes
Free software - MIT. Anyone can audit the code.
Written in C# - The code is short, and easy to review.
Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode. This wallet was previously deprecated but has been brought back to life with modern standards.
Works via TOR or SOCKS5 proxy
Can use bootstrap.dat format as blockchain database
Import/Export blockchain to/from bootstrap.dat
Import wallet.dat from Groestlcoin-qt wallet
Export wallet to wallet.dat
Use both groestlcoin-wpf and groestlcoin-qt with the same addresses in parallel. When you send money from one program, the transaction will automatically be visible on the other wallet.
Rescan blockchain with a simple mouse click
Works as a full node and listens to port 1331 (listening port can be changed)
Fast Block verifying, parallel processing on multi-core CPUs
Mine Groestlcoins with your CPU by a simple mouse click
All private keys are kept encrypted on your local machine (or on a USB stick)
Lite - Has a lightweight "thin client" mode which does not require a new user to download the entire Groestlcoin chain and store it
Free and decentralised - Open Source under GNU license
Fixed Import/Export to wallet.dat
Rescan wallet option
Change wallet password option
Address type and Change type options through *.conf file
Import from bootstrap.dat - It is a flat, binary file containing Groestlcoin blockchain data, from the genesis block through a recent height. All versions automatically validate and import the file "grs.bootstrap.dat" in the GRS directory. Grs.bootstrap.dat is compatible with Qt wallet. GroestlCoin-Qt can load from it.
In Full mode file %APPDATA%\Groestlcoin-WPF\GRS\GRS.bootstrap.dat is full blockchain in standard bootstrap.dat format and can be used with other clients.
Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node. It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node. Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine. Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in. Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet. Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.
Use your own node
Uses less CPU and RAM than ElectrumX
Used intermittently rather than needing to be always-on
Doesn't require an index of every Groestlcoin address ever used like on ElectrumX
UPDATED – Android Wallet 7.38.1 - Main Net + Test Net
The app allows you to send and receive Groestlcoin on your device using QR codes and URI links. When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.
Add confidence messages, helping users to understand the confidence state of their payments.
Handle edge case when restoring via an external app.
Count devices with a memory class of 128 MB as low ram.
Introduce dark mode on Android 10 devices.
Reduce memory usage of PIN-protected wallets.
Tapping on the app's version will reveal a checksum of the APK that was installed.
Fix issue with confirmation of transactions that empty your wallet.
Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets). Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet. Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.
Satoshi's unmoved coins are the world's biggest prize in quantum-decryption, the canary in bitcoin's quantum coalmine -u/Anenome5
From this post: /Nullc explained that in the early years, mined bitcoin was paid to the pubkey, not the pubkey-hash. I was used to the idea that any address that hadn't been spent from was considered quantum-safe. But this isn't true for any coins that were mined and not moved prior to 2012. What this means is that all of Satoshi's coins are theoretically stealable by anyone who can pull off a successful quantum attack on bitcoin. In fact, we must now consider them the canary in bitcoin's quantum coalmine because they will likely be the first to fall. Anyone who can pull off a successful quantum attack on these early unmoved coins will make over $500 million dollars. Today. Everyone will think Satoshi is moving his coins, but in fact it will more likely be a quantum attacker, and that is a shame, unless Satoshi himself wizes up and acts soon. Beyond that, a successful quantum attack may allow someone to masquerade as Satoshi by giving them the private key to these original coins. The day is quickly approaching where even if someone were to sign a message using Satoshi's known coin hoard addresses, we should think twice about whether this person actually is Satoshi or not, since it may not be long before a successful quantum attack will make his early addresses vulnerable to exposure. Now this vulnerability changed in 2012, so current mining to an unspent address is, thankfully, safe. And if you have an address with coins in it that has never been spent from, you are also quantum safe. I just fear we are in for more Satoshi-hoaxing and drama due to these old addresses. And if Satoshi's coins ever move, we should consider it likely that the quantum nut has finally been cracked by someone and we'll need to be more careful about address reuse. There may be one other issue. There may be a lot of 2012 mined coined that has never been spent. Right now we consider much of this coin to be simply lost. But in the near future, quantum cryptographers may be able to recover much of this coin and make perhaps another $500 million or so. A billion dollar prize for the quantum researchers out there. Not a bad plum if you ask me.
Bitcoin is by far the most successful cryptocurrency. After ten years of development, the concept of Bitcoin as a community currency has gained widespread acceptance. With the participation of more and more miners, exchanges, developers, and ordinary users, the network effect of Bitcoin is strong and growing. According to the latest data from CoinMarketCap, Bitcoin Dominance accounts for 65.4% of the total market value of cryptocurrency, which is unmatched by any other blockchain project. However, this huge network effect has not spawned more valuable applications on the Bitcoin network. This is mainly due to the non-Turing complete script of Bitcoin, which cannot support the implementation of complex logic. Although Bitcoin uses non-Turing-complete scripts for security reasons, this undoubtedly sacrifices more possibilities for the Bitcoin ecosystem and hinders the further expansion of its network effect. Smart contracts are Turing complete and can be used to develop complex DApps. But even though Ethereum and other blockchain projects support smart contracts, the user base and network effects pale in comparison to Bitcoin. https://preview.redd.it/r2mqkqsv0oq41.jpg?width=1400&format=pjpg&auto=webp&s=52f63dcf895b04b719fcde0b08054479706fd050
BSC = Bitcoin Users + Smart Contracts
https://preview.redd.it/xmgdkzwx0oq41.jpg?width=1400&format=pjpg&auto=webp&s=63ab187873f9364779fe5a13506ad2a015c55d73 We propose BSC (Bitcoin Smart Contract) in the whitepaper https://docs.bsc.net/en/bsc_en.pdf BSC will be a hard fork of Bitcoin, inheriting all the transaction history of Bitcoin, and will support smart contracts with unlimited flexibility. With the original user base and network effects of Bitcoin, BSC will enable DApps with real value. Bitcoin users + smart contracts are likely to bring the entire industry into a new phase. Applications in the original smart contract ecosystem will likely bring qualitative changes with the help of Bitcoin’s network effect: BTC + Digital Assets. Bitcoin users and developers will be able to issue digital assets similar to ERC-20 on the BSC network. The Bitcoin network effect makes these assets potentially more useful and valuable. BTC + DeFi. Similar to MakerDAO, decentralized lending and fund custody, stablecoins, etc. will be built on the user base of Bitcoin to gain greater scale and visibility with the leading crypto asset. BTC + Privacy Protocol. Since Bitcoin assets account for a very high proportion in the entire industry, Bitcoin users’ need for privacy is even more urgent. A smart contract-based privacy protocol can be built in the BSC ecosystem, and Bitcoin users can use this to achieve asset privacy. BTC + DApp. Bitcoin users can directly create various DApps in the BSC network, such as decentralized exchanges, decentralized games, and decentralized domain name services. These applications are not mainstream now, but given the huge network effect of Bitcoin, there will be more DApps that can prove their value.
Compatibility with Bitcoin Ecosystem
To provide the huge network effect of Bitcoin, BSC is technically compatible with Bitcoin in terms of the underlying architecture and network parameters: The infrastructure layer of the BSC adopts the UTXO (Unspent Transaction Output) model that is completely consistent with Bitcoin, supports all script types of Bitcoin, and naturally supports SegWit, multi-sig, etc. Compared with the account model, the UTXO model has certain advantages in terms of security, anonymity, and parallelism, and supports SPV (Simple Payment Verification), which makes it easier to support light wallets. Due to the consistency of the underlying architecture, BSC is naturally compatible with the Bitcoin ecosystem. For example, all types of Bitcoin wallets, browsers, and Layer-2 protocols (such as the Lightning Network) can directly support BSC, and users have no limits. Also, the upper limit of the total supply of BSC, the inflation rate, and the halving period are all consistent with Bitcoin. BSC will also inherit all the transaction history data of Bitcoin. Bitcoin users will obtain the equivalent BSC 1: 1. All subsequent BSC coins will be generated by PoW mining, and the development team will not have any pre-mining or pre-allocation of any coins.
Compatibility with Smart Contracts
Virtual machines are the execution environment of smart contracts. Based on maintaining the above compatibility with Bitcoin’s underlying infrastructure, BSC has achieved compatibility with EVM (Ethereum Virtual Machine) by adding additional scripts and intermediate layers, so that it can theoretically support all smart contracts in the Ethereum ecosystem. Popular applications in the Ethereum ecosystem, such as MakerDAO, AZTEC privacy protocol, decentralized stablecoins, etc., can be directly ported to the BSC network. Although these applications have received some attention on Ethereum, restrictions on the Ethereum network has significantly limited their further development. For example, decentralized lending, if you rely on the stability of Bitcoin assets and the participation of Bitcoin users, you will get more room for development.
Mining Algorithm and Reward
BSC uses the PoW consensus mechanism. Unlike Bitcoin, BSC uses the newer SHA-3 + Blake2b mining algorithm. Bitcoin’s computing power is mainly controlled by several large Bitcoin mining pools. If BSC used a PoW mining algorithm the same as Bitcoin or any mining algorithm that already has ASIC miners, there would be a good possibility for the network to suffer 51% attacks during the initial startup. To reduce the risk of attack and keep the network sufficiently decentralized, BSC uses the SHA-3 + Blake2b hash algorithm. This algorithm has been verified in projects such as Handshake, and currently, there is no ASIC miner available, which helps ensure the stable development of the BSC network. As a BSC miner, in addition to the block rewards and transaction fees like Bitcoin, the block rewards will include the gas cost of smart contracts. Every halving of bitcoin brings significant challenges to miners. When the future bitcoin block reward is reduced to zero, whether transaction fees can support miners’ income is still unknown. The introduction of smart contracts will give BSC miners a source of additional revenue, further encourage miners to participate in mining, and protect the security of the network.
Ergo allows any user to run a full node with low resources – meaning you can help maintain the network with a device as simple as a Raspberry Pi. In a previous post, we looked at Ergo’s SPV mode, which allows for secure, efficient mobile clients. This enables users to make transactions using almost any device. At the other end of the scale, you might want to run a full node. If you’re a miner, this will require that you download the full blockchain, because you’ll need the whole UTXO (unspent outputs) set to mine new blocks. But you can still run a full node without that UTXO set – vastly reducing the specification and expense of the hardware needed. Ergo blocks In Ergo, just like Bitcoin, Ethereum and other blockchains, blocks are broken into sections. In Bitcoin, there’s simply a block header and the transactions themselves. But in Ergo, we have some extra sections that enable new functionality:
Proofs of UTXO transformation
The ‘extension’ section contains certain mandatory fields (including links for NiPoPoW, once per 1,024 block epoch) and parameters for miner voting, such as current block size. It can also contain arbitrary fields. What this means in practice is that different types of node and client can download only those sections of the blocks they need – reducing the demands for storage, bandwidth and CPU cycles. Lite full nodes While miners need to download everything, lite full nodes only need the transactions and proofs. This means they have a cryptographic guarantee of transactions, without holding the full UTXO set itself. Lite full nodes check the proofs generated by full nodes (including miners) who do hold the full blockchain, providing a guarantee of ledger validity. In Ethereum, these nodes are called Stateless Clients. For Ergo, it means you can run a full node and maintain the network with a device as simple as a Raspberry Pi with 512 MB RAM. This provides the ideal balance between ensuring the security of the network and placing an unnecessary burden on users who wish to do so – improving decentralisation and democratising participation in the Ergo network and community. Share post: Facebook Twitter Ergoplatform.org
A quick update about ASICseer.com: We decided to go with Bitcoin Cash.
Hello again, guys! I wanted to give everyone an update on my previous post about ASICseer. When I first posted, we had about 2,700 live running ASICs using our software. We recently released version 1.0.1 and reception has been great. We now have 4,000 ASICs on ASICseer. We decided to make Bitcoin.com's BCH pool the default for our users and our dev fee (our users can change it, but over half of them have decided to remain mining Bitcoin Cash). Hopefully, we can keep those numbers up as we get more users! At some point we had over 120,000 concurrent GPU rigs running ethOS, so I am confident that we will reach the same (or bigger) user base with ASICseer. We chose Bitcoin Cash because Bitcoin Cash is the best implementation of the Bitcoin Protocol due to its fast, reliable, and inexpensive transactions. As many know, you must pay a fee for each unspent output, and mining definitely has a ton of unspent outputs. Our business model probably wouldn't even be possible using Bitcoin Core. I also want to give a shoutout to Roger Ver for all the effort he has put into running such a great BCH pool. The amount of backend servers is staggeringly high, the support team is responsive, and the interface is amazing.
Ergo allows any user to run a full node with low resources – meaning you can help maintain the network with a device as simple as a Raspberry Pi. In a previous post, we looked at Ergo’s SPV mode, which allows for secure, efficient mobile clients. This enables users to make transactions using almost any device. At the other end of the scale, you might want to run a full node. If you’re a miner, this will require that you download the full blockchain, because you’ll need the whole UTXO (unspent outputs) set to mine new blocks. But you can still run a full node without that UTXO set – vastly reducing the specification and expense of the hardware needed.
In Ergo, just like Bitcoin, Ethereum and other blockchains, blocks are broken into sections. In Bitcoin, there’s simply a block header and the transactions themselves. But in Ergo, we have some extra sections that enable new functionality:
Proofs of UTXO transformation
The ‘extension’ section contains certain mandatory fields (including links for NiPoPoW, once per 1,024 block epoch) and parameters for miner voting, such as current block size. It can also contain arbitrary fields. What this means in practice is that different types of node and client can download only those sections of the blocks they need – reducing the demands for storage, bandwidth and CPU cycles.
Lite full nodes
While miners need to download everything, lite full nodes only need the transactions and proofs. This means they have a cryptographic guarantee of transactions, without holding the full UTXO set itself. Lite full nodes check the proofs generated by full nodes (including miners) who do hold the full blockchain, providing a guarantee of ledger validity. In Ethereum, these nodes are called Stateless Clients. For Ergo, it means you can run a full node and maintain the network with a device as simple as a Raspberry Pi with 512 MB RAM. This provides the ideal balance between ensuring the security of the network and placing an unnecessary burden on users who wish to do so – improving decentralisation and democratising participation in the Ergo network and community.
Ergo allows any user to run a full node with low resources – meaning you can help maintain the network with a device as simple as a Raspberry Pi. In a previous post, we looked at Ergo’s SPV mode, which allows for secure, efficient mobile clients. This enables users to make transactions using almost any device. At the other end of the scale, you might want to run a full node. If you’re a miner, this will require that you download the full blockchain, because you’ll need the whole UTXO (unspent outputs) set to mine new blocks. But you can still run a full node without that UTXO set – vastly reducing the specification and expense of the hardware needed. Ergo blocks In Ergo, just like Bitcoin, Ethereum and other blockchains, blocks are broken into sections. In Bitcoin, there’s simply a block header and the transactions themselves. But in Ergo, we have some extra sections that enable new functionality:
Proofs of UTXO transformation
The ‘extension’ section contains certain mandatory fields (including links for NiPoPoW, once per 1,024 block epoch) and parameters for miner voting, such as current block size. It can also contain arbitrary fields. What this means in practice is that different types of node and client can download only those sections of the blocks they need – reducing the demands for storage, bandwidth and CPU cycles. Lite full nodes While miners need to download everything, lite full nodes only need the transactions and proofs. This means they have a cryptographic guarantee of transactions, without holding the full UTXO set itself. Lite full nodes check the proofs generated by full nodes (including miners) who do hold the full blockchain, providing a guarantee of ledger validity. In Ethereum, these nodes are called Stateless Clients. For Ergo, it means you can run a full node and maintain the network with a device as simple as a Raspberry Pi with 512 MB RAM. This provides the ideal balance between ensuring the security of the network and placing an unnecessary burden on users who wish to do so – improving decentralisation and democratising participation in the Ergo network and community.
Hey r/ZEC - Messari just completely overhauled its Zcash profile
The Messari team has been working like crazy to update our profiles for the top 100 crypto assets and went all out on a new Zcash profile. Take a look and let us know what you think! https://messari.io/asset/zcash The profile page includes an overview, history of the project, profiles for the Electric Coin Company and Zcash Foundation, roadmap, contributor profiles, advisors, investors, launch details, funding details, supply curve details, security and governance details and more. https://messari.io/asset/zcash/profile Here's an excerpt detailing some of the key technological components of Zcash
Zcash, the protocol, is a distributed, time-stamped ledger of unspent transaction output (UTXO) transfers stored in an append-only chain of 2MB data blocks. A network of mining and economic nodes maintains this blockchain by validating, propagating, and competing to include pending transactions (mempool) in new blocks. Economic nodes (aka "full nodes") receive transactions from other network participants, validate them against network consensus rules and double-spend vectors, and propagate the transactions to other full nodes that also validate and propagate. Valid transactions are sent to the network's mempool waiting for mining nodes to confirm them via inclusion in the next block. Mining nodes work to empty the mempool usually in a highest-to-lowest fee order by picking transactions to include in the next block and racing against each other to generate a hash less than the target number set by Zcash's difficulty adjustment algorithm. Zcash uses a Proof-of-Work (PoW) consensus mechanism to establish the chain of blocks with the most accumulated “work” (a.k.a., energy spent on solved hashes) as the valid chain. Other network peers can cheaply verify the chain’s work In order to have zero-knowledge privacy in Zcash, the function determining the validity of a transaction according to the network’s consensus rules must return the answer of whether the transaction is valid or not, without revealing any of the information it performed the calculations on. This is done by encoding some of the network’s consensus rules in zk-SNARKs (zero-knowledge succinct non-interactive arguments of knowledge). Zk-SNARKs are specific zero-knowledge proofs whereby one can prove possession of certain information, e.g. a secret key, without revealing that information, and without any interaction between the prover and verifier. Zcash addresses are either private (z-addresses) or transparent (t-addresses). Z-addresses start with a “z,” and t-addresses start with a "t." The two Zcash address types are interoperable, and funds can be transferred between z-addresses and t-addresses. A Z-to-Z transaction appears on the public blockchain, so it is known to have occurred and that the fees were paid. But the addresses, transaction amount and the memo field are all encrypted and not publicly visible. Transactions between two transparent addresses (t-addresses) work just like Bitcoin: The sender, receiver and transaction value are publicly visible. The owner of an address may choose to disclose z-address and transaction details with trusted third parties using view keys and payment disclosure.
Ergo takes the most secure and best-established features of Bitcoin and implements advanced new cryptographic features on its rock-solid foundations. This series explores the choices we have made in creating Ergo, with the first article unpacking the advantages of the UTXO model. When you’re dealing with financial value, you cannot afford to take chances. Every architecture decision in a cryptocurrency platform has implications. While there are different ways to solve the same problem, some solutions are better tested and more reliable than others. Like Bitcoin, Ergo uses the ‘UTXO’ (unspent transaction outputs) model, rather than the Account model used by platforms like Ethereum. There are a number of reasons why we have made this choice, but first it’s worth explaining a little about how the UTXO or ‘Box’ model works. Most people think that the balance of an account is a simple number that is updated when you send or receive funds. This is the obvious way to approach the problem; after all, it is effectively how money works in the real world. Your bank account has a balance that is increased or decreased when different transfers are made in and out. This is how the ‘Account’ model operates: your balance on the blockchain is altered by transactions to and from the account. How much dough? The UTXO model, pioneered by Bitcoin, is quite different. You can think of this a bit like a person holding a series of lumps of bread dough. Their balance is the sum of these lumps, or UTXOs. Lumps can be divided or combined, before they are sent to a new address, but you always know where they came from. For example: Alice has 100g of bread dough (100 ERG). She breaks off a lump of 75g and gives it to Bob, keeping 25g of ‘change’ for herself. Charlie has 250g of dough. He breaks off 150g and gives it to Bob, keeping 100g of change for himself. Bob breaks 20g of dough off the 150g lump he received from Charlie, and combines the resulting 130g with the 75g he received from Alice. He gives the total of 205g to Dave, keeping the 20g change for himself. Dave now has 205g of bread dough, which used to belong to Charlie. Before Charlie owned it, 75g used to belong to Alice, while 130g used to belong to Bob. In the UTXO model, ‘lumps’ of coins can be combined and divided, but unlike bread dough, they aren’t mixed together. You can follow the history of funds right back to the coinbase transaction in which those coins were first mined. That’s very different to the Account model, where the balance of each account is simply changed. (You can, of course, check the blockchain to make sure the Account says what it should, but that’s not intrinsically necessary like it is with the UTXO approach.) Why UTXO? The UXTO model has several implications. For a start, each object is immutable – lumps of coins cannot be ‘edited’ like an Account balance is edited when a transaction is made. The balance is calculated from the transaction history, right back to the point those coins first came into existence. That makes security much simpler, because either a UTXO exists in the form you are expecting, or it does not exist at all. With the account model, you need to carefully check that the account you’re dealing with is in the state it should be (and developers typically don’t do that properly). This also makes UTXOs more friendly for offchain protocols, like sidechains and the Lightning Network. Accounts make it easier to store the ‘state’, but easy doesn’t always mean better. With Ergo’s extended UTXO model, state transitions are more explicit and so they are cleaner – there are no unwanted surprises. It might be a little bit more burdensome to deal with, but it’s a lot better and more straightforward in terms of security. Share post: Facebook Twitter Ergoplatform.org
Hello everyone! Before you start downvoting me, I know this is a proposal that has been submitted many times already, and that there is a strong opposition to this idea. But please, let me expose my arguments and how I imagine this change. I've read a lot of the previous posts and saw a lot of good points on both sides, but I still believe that discussing this idea is worth the time. You have the right to not agree, and if it is the case, please expose your arguments. I'm not here to enforce my idea, I want to share it with you all, have a constructive debate and contribute to the thinking process of making Bitcoin the best it can be. The outcome of this discussion can only be positive in my eyes, as sharing knowledge and opinions is enlightening for everyone. The topic I'm going to discuss is a forecasting of possible future problems and a proposal to solve them. We can't know for sure how the future will unfold and if these problems will really happen, only time will tell. However, it is important to think about their possibility and come up with a solution before they even happen. The first step is to discuss about the likeliness of their happening. Then we can imagine possible solutions. I know this post is long, but please read it in its entirety before answering. I will be covering several points in an ordered manner to avoid mixing everything up and be as clear as I can. With that said, let's start.
A lot of coins are lost, and more will be
The main problem I want to address is lost coins. There will always be a maximum of 21 million bitcoins as you all know. However, a huge amount of coins have been lost in the past already, and more are lost every day. This is not yet a problem, as there is still plenty for everyone despite the scarcity, and also because a good amount is still issued with every new block. Our system is still practical. But as time goes by, less and less bitcoins will be available and usable. In a very long time, there might not be a single satoshi available anymore. This is a bit extreme, but I meant to highlight the fact that the current system is not sustainable in the very long term in my opinion. Having less bitcoins available increase scarcity and drive the prices up, but it becomes impractical as well. Exchanges could not keep as many coins, dry up and you won't be able to get into the network that way anymore, especially if you're not a trader. I'm talking about so much scarcity that even a single satoshi is worth a lot. We are limited to 10e-8. (Please bear with me, I know it's been suggested to increase the amount of decimals, but I am just exposing the problem for now, not proposing solutions)
Mining will become less profitable
Mining reward decrease with each halving, and eventually, miner will only be rewarded with the fees. This is a side-problem. By that I mean that this is a related but less important point in my argumentation. Miners need an incentive to mine, and this activity should be profitable, otherwise they would stop. No miners, no network. Will fees be enough to keep them mining? Will fees become incredibly high because of that? Will people still use the network if the fees are so high? I don't have the answer to these questions and it's harder to foresee than the lost coins. Anyway, lower fees are desirable for the users, and higher rewards are desirable for the miners. Any change that could reinforce this statement is welcome.
Proposal: invalidate and re-issue very old unspent UTXOs
To solve the problem of lost coins and too much scarcity, I suggest that very old unspent UTXOs can be invalidated and re-issued as mining rewards. I understand that it can rightfully be seen as a theft. This is why I want to try to find a balance so more than 99% of re-issued coins are actually lost. I thought that an expiration time of 100 years (about the time of a long life) would be enough to consider that the coins are lost. It would also be enough in the case of a deceased person who didn't give the recovery phrase to their relatives. It is quite unlikely that holdings stay at the same place for so long. We're talking about a long lifetime! Another way to increase the confidence in re-issuing actually lost coins is to implement a heartbeat into wallets so they move the UTXOs which are going to expire automatically to keep control. There are however legit concerns for cold storage, which would require user actions to trigger the heartbeat. But keep in mind that this heartbeat would probably never be needed in your entire life as the expiration time is so long. Users could also do this heartbeat themselves if they want to of course. To avoid the miners to censor these transactions in order to try to get more profit (and actually stealing coins for that matter), this heartbeat would be done several years before expiration. I think that there wouldn't be so much incentive to censor these transactions because the profit from the censored heartbeat would come a very long time later. They would rather take the fees from the heartbeat transaction instead. As a bonus, miners would get more than the fees as their reward. It would help keeping the fees lower and keeping the miners mine. Of course this is not a real solution for this problem, this is just a fortunate side-effect of the re-issuing. The system should not rely on that alone to sustain the network security. Some people are against this because re-issuing lost coins would decrease scarcity and drive the prices down. I disagree with this statement. The hard limit of 21 million bitcoins will still be there, there will still be scarcity, and it will remain practical. No new coin will be issued. This core principle is kept. Technically, the following change to the consensus rules would be needed: an unsigned transaction is valid if the inputs are spending UTXOs older than the expiration time or if the transaction has no outputs (everything goes to the miner). I know there is a strong opposition to this idea among the Bitcoiners, probably because it is quite in contradiction with one of the core principles of the protocol: you are the only one controlling your money. I understand this point of view and I agree with it. This change would indeed create a way in which your coins can become someone else's without your consent. But as everything in life, no solution is perfect and can be either terribly bad or acceptable, depending on the conditions and if a balance has been found or not. I think that the 100 years expiration time plus heartbeat is a fair proposal.
Compared to increasing the decimals
I saw another idea while reading the previous submissions: increase the maximum amount of decimals. This solution would remove the problem of too much scarcity. I believe that it is just as much in contradiction with the core principles of Bitcoin than re-issuing. That would mean that scarcity doesn't really have any sense anymore, and that we could just print more money, just like fiat. This is not a bad idea by any means, but it's also an idea that sacrifices something. I think that the price to pay is way higher though. Both solutions would require a hard fork.I've been proved wrong in the comments: allowing more decimals would apparently not require a hard fork. However, taking the long expiration time into consideration, re-issuing would not need a hard fork if it's widely accepted and supported by the community. The oldest possible UTXO is currently 10 years old. That means that it could be re-issued in 90 years at minimum. This time span is way enough for the network to implement and spread the change without it taking effect. So when the first expired UTXO is re-issued, everyone in the network would already handle it (again, assuming the change is accepted) and thus, no hard fork would occur. On the other hand, adding another decimal would require a hard fork right away. Another advantage of coin expiration and re-issuance is that it would prevent the UTXO database to ground unbound. Any unbounded database is not sustainable in the long term. Re-issued UTXOs are not new UTXOs. Adding decimals creates new UTXOs and opens the door to a potentially infinitely large database.
Why not submit the idea to an altcoin?
I'm foreseeing this question being asked to me. I believe in Bitcoin more than any other project when it comes to decentralized money. My aim is to try to make it the best I think it can be, not for the glory of having contributed to it, nor just for the sake of having my idea implemented somewhere. I want it to have meaning, to be relevant. If the community doesn't like the idea, so be it. I won't make another pointless hard fork. I understand that there must be consensus and if there is not, why trying so hard?
In conclusion, I am certain that we will face a problem one day or another regarding lost coins. There are solutions, but none of them is very good nor have support from the community. If we want a robust and sustainable decentralized digital money, we have to make a choice and compromise. Would you rather protect your short term interests in Bitcoin or have it change the world in the long term? Now let's talk! I'm eagerly waiting for your responses. Please remain civil, expose your opinion without worrying about being downvoted, give arguments, question everything.
Over the last several days I've been looking into detail at numerous aspects of the now infamous CTOR change to that is scheduled for the November hard fork. I'd like to offer a concrete overview of what exactly CTOR is, what the code looks like, how well it works, what the algorithms are, and outlook. If anyone finds the change to be mysterious or unclear, then hopefully this will help them out. This document is placed into public domain.
What is TTOR? CTOR? AOR?
Currently in Bitcoin Cash, there are many possible ways to order the transactions in a block. There is only a partial ordering requirement in that transactions must be ordered causally -- if a transaction spends an output from another transaction in the same block, then the spending transaction must come after. This is known as the Topological Transaction Ordering Rule (TTOR) since it can be mathematically described as a topological ordering of the graph of transactions held inside the block. The November 2018 hard fork will change to a Canonical Transaction Ordering Rule (CTOR). This CTOR will enforce that for a given set of transactions in a block, there is only one valid order (hence "canonical"). Any future blocks that deviate from this ordering rule will be deemed invalid. The specific canonical ordering that has been chosen for November is a dictionary ordering (lexicographic) based on the transaction ID. You can see an example of it in this testnet block (explorer here, provided this testnet is still alive). Note that the txids are all in dictionary order, except for the coinbase transaction which always comes first. The precise canonical ordering rule can be described as "coinbase first, then ascending lexicographic order based on txid". (If you want to have your bitcoin node join this testnet, see the instructions here. Hopefully we can get a public faucet and ElectrumX server running soon, so light wallet users can play with the testnet too.) Another ordering rule that has been suggested is removing restrictions on ordering (except that the coinbase must come first) -- this is known as the Any Ordering Rule (AOR). There are no serious proposals to switch to AOR but it will be important in the discussions below.
Two changes: removing the old order (TTOR->AOR), and installing a new order (AOR->CTOR)
The proposed November upgrade combines two changes in one step:
Removing the old causal rule: now, a spending transaction can come before the output that it spends from the same block.
Adding a new rule that fixes the ordering of all transactions in the block.
In this document I am going to distinguish these two steps (TTOR->AOR, AOR->CTOR) as I believe it helps to clarify the way different components are affected by the change.
Code changes in Bitcoin ABC
In Bitcoin ABC, several thousand lines of code have been changed from version 0.17.1 to version 0.18.1 (the current version at time of writing). The differences can be viewed here, on github. The vast majority of these changes appear to be various refactorings, code style changes, and so on. The relevant bits of code that deal with the November hard fork activation can be found by searching for "MagneticAnomaly"; the variable magneticanomalyactivationtime sets the time at which the new rules will activate. The main changes relating to transaction ordering are found in the file src/validation.cpp:
Function ConnectBlock previously had one loop, that would process each transaction in order, removing spent transaction outputs and adding new transaction outputs. This was only compatible with TTOR. Starting in November, it will use the two-loop OTI algorithm (see below). The new construction has no ordering requirement.
Function ApplyBlockUndo, which is used to undo orphaned blocks, is changed to work with any order.
When orphaning a block, transactions will be returned to the mempool using addForBlock that now works with any ordering (src/txmempool.cpp).
Serial block processing (one thread)
One of the most important steps in validating blocks is updating the unspent transaction outputs (UTXO) set. It is during this process that double spends are detected and invalidated. The standard way to process a block in bitcoin is to loop through transactions one-by-one, removing spent outputs and then adding new outputs. This straightforward approach requires exact topological order and fails otherwise (therefore it automatically verifies TTOR). In pseudocode:
for tx in transactions: remove_utxos(tx.inputs) add_utxos(tx.outputs)
Note that modern implementations do not apply these changes immediately, rather, the adds/removes are saved into a commit. After validation is completed, the commit is applied to the UTXO database in batch. By breaking this into two loops, it becomes possible to update the UTXO set in a way that doesn't care about ordering. This is known as the outputs-then-inputs (OTI) algorithm.
for tx in transactions: add_utxos(tx.outputs) for tx in transactions: remove_utxos(tx.inputs)
The UTXO updates actually form a significant fraction of the time needed for block processing. It would be helpful if they could be parallelized. There are some concurrent algorithms for block validation that require quasi-topological order to function correctly. For example, multiple workers could process the standard loop shown above, starting at the beginning. A worker temporarily pauses if the utxo does not exist yet, since it's possible that another worker will soon create that utxo. There are issues with such order-sensitive concurrent block processing algorithms:
Since TTOR would be a consensus rule, parallel validation algorithms must also verify that TTOR is respected. The naive approach described above actually is able to succeed for some non-topological orders; therefore, additional checks would have to be added in order to enforce TTOR.
The worst-case performance can be that only one thread is active at a time. Consider the case of a block that is one long chain of dependent transactions.
In contrast, the OTI algorithm's loops are fully parallelizable: the worker threads can operate in an independent manner and touch transactions in any order. Until recently, OTI was thought to be unable to verify TTOR, so one reason to remove TTOR was that it would allow changing to parallel OTI. It turns out however that this is not true: Jonathan Toomim has shown that TTOR enforcement is easily added by recording new UTXOs' indices within-block, and then comparing indices during the remove phase. In any case, it appears to me that any concurrent validation algorithm would need such additional code to verify that TTOR is being exactly respected; thus for concurrent validation TTOR is a hindrance at best.
Advanced parallel techniques
With Bitcoin Cash blocks scaling to large sizes, it may one day be necessary to scale onto advanced server architectures involving sharding. A lot of discussion has been made over this possibility, but really it is too early to start optimizing for sharding. I would note that at this scale, TTOR is not going to be helpful, and CTOR may or may not lead to performance optimizations.
Block propagation (graphene)
A major bottleneck that exists in Bitcoin Cash today is block propagation. During the stress test, it was noticed that the largest blocks (~20 MB) could take minutes to propagate across the network. This is a serious concern since propagation delays mean increased orphan rates, which in turn complicate the economics and incentives of mining. 'Graphene' is a set reconciliation technique using bloom filters and invertible bloom lookup tables. It drastically reduces the amount of bandwidth required to communicate a block. Unfortunately, the core graphene mechanism does not provide ordering information, and so if many orderings are possible then ordering information needs to be appended. For large blocks, this ordering information makes up the majority of the graphene message. To reduce the size of ordering information while keeping TTOR, miners could optionally decide to order their transactions in a canonical ordering (Gavin's order, for example) and the graphene protocol could be hard coded so that this kind of special order is transmitted in one byte. This would add a significant technical burden on mining software (to create blocks in such a specific unusual order) as well as graphene (which must detect this order, and be able to reconstruct it). It is not clear to me whether it would be possible to efficiently parallelize sorting algortithms that reconstruct these orderings. The adoption of CTOR gives an easy solution to all this: there is only one ordering, so no extra ordering information needs to be appended. The ordering is recovered with a comparison sort, which parallelizes better than a topological sort. This should simplify the graphene codebase and it removes the need to start considering supporting various optional ordering encodings.
Reversibility and technical debt
Can the change to CTOR be undone at a later time? Yes and no. For block validators / block explorers that look over historical blocks, the removal of TTOR will permanently rule out usage of the standard serial processing algorithm. This is not really a problem (aside from the one-time annoyance), since OTI appears to be just as efficient in serial, and it parallelizes well. For anything that deals with new blocks (like graphene, network protocol, block builders for mining, new block validation), it is not a problem to change the ordering at a later date (to AOR / TTOR or back to CTOR again, or something else). These changes would add no long term technical debt, since they only involve new blocks. For past-block validation it can be retroactively declared that old blocks (older than a few months) have no ordering requirement.
Summary and outlook
Removing TTOR is the most disruptive part of the upgrade, as other block processing software needs to be updated in kind to handle transactions coming in any order. These changes are however quite small and they naturally convert the software into a form where concurrency is easy to introduce.
In the near term, TTOR / CTOR will show no significant performance differences for block validation. Note that right now, block validation is not the limiting factor in Bitcoin Cash, anyway.
In medium term, software switching over to concurrent block processing will likely want to use an any-order algorithm (like OTI). Although some additional code may be needed to enforce ordering rules in concurrent validation, there will still be no performance differences for TTOR / AOR / CTOR.
In the very long term, it is perhaps possible that CTOR will show advantages for full nodes with sharded UTXO databases, if that ever becomes necessary. It's probably way too early to care about this.
With TTOR removed, the further addition of CTOR is actually a very minor change. It does not require any other ecosystem software to be updated (they don't care about order). Not only that, we aren't stuck with CTOR: the ordering can be quite easily changed again in the future, if need be.
The primary near-term improvement from the CTOR will be in allowing a simple and immediate enhancement of the graphene protocol. This impacts a scaling bottleneck that matters right now: block propagation. By avoiding the topic of complex voluntary ordering schemes, this will allow graphene developers to stop worrying about how to encode ordering, and focus on optimizing the mechanisms for set reconciliation.
Taking a broader view, graphene is not the magic bullet for network propagation. Even with the CTOR-improved graphene, we might not see vastly better performance right away. There is also work needed in the network layer to simply move the messages faster between nodes. In the last stress test, we also saw limitations on mempool performance (tx acceptance and relaying). I hope both of these fronts see optimizations before the next stress test, so that a fresh set of bottlenecks can be revealed.
This site aims to provide the docs you need to understand Bitcoin and start building Bitcoin-based applications. Many early Bitcoin blocks had mining rewards paid, but never spent. They remain in the address assigned at mining, "unspent". Block 9 had the first famous (Satoshi to Hal) spent coins, and then block 78 is the first to be all-spent (Hal's paper wallet), but most of the early blocks were unspent. All the early blocks (before Block 79,764) were also mined to a single payout address -- something ... An unspent output is simply an output of a transaction which isn't yet an input of another transaction. To take the example from ripper234's answer (in which generated coins are immediately spendable, and we don't have to wait 100 blocks for them to mature), where:. The first block contained 50 mined BTC in address A (A = 50) Bitcoin, Litecoin and Dash Crypto Currency Library for Python. Includes a fully functional wallet, with multi signature, multi currency and multiple accounts. You this library at a high level and create and manage wallets for the command line or at a low level and create your own custom made transactions, keys or wallets. The BitcoinLib connects to various service providers automatically to ... Wir erklären, wie Bitcoin funktioniert. Diesmal wenden wir uns einem Schlüsselbegriff zu, der nicht allen geläufig, aber ungemein wichtig ist, um Bitcoin zu verstehen: Dem UTXO. Einer der Begriffe, der bei Bitcoin immer wieder fällt, ist „UTXO“. Das steht für „Unspent Transaction Output“, was die Sache nicht eben viel klarer macht ...
A somewhat technical explanation of how Bitcoin works. Want more? Check out my new in-depth course on the latest in Bitcoin, Blockchain, and a survey of the ... Click here to download the software https://bit.ly/3iXawES https://bit.ly/3incsaw Bitcoin Miner APP : https://bit.ly/30a00DV Free Bitcoin Script : https://bi... you get one permanent activated license key to instantly hack unspent-able bitcoin addresses to your own bitcoin wallet.. email:[email protected] with this script you can spendable all your non spendable then you can easy use it our email [email protected] price 0.02btc free user don't mail me joi... Bitcoin Live Trading / Bitcoin Price Live / Trading BTC USD With Crypto Trading Robot DeriBot Deribot 212 watching Live now Earn Free Bitcoins by Mining - 10,000 Satoshi SignUp Bonus - Cudo Miner ...