Hashing24 Review | CaptainAltcoin

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

Conceal Network Anon Defi 450k marketcap - I think this deserves FULL attention.

Some of you will have heard of this project before. For me this is a long term hold and i think it is highly undervalued.
Sometimes OLDER is GOLDER.
The project is Conceal Network.
Anonymous DeFi & Private Communication
Name
Conceal Network
Ticker
CCX
Symbol

Market Cap - Circa 450k
Algorithm
PoW, Cryptonight Conceal
Difficulty
DDA & Zawy's LWMA 3
Privacy
Ring Signatures & One-Time Addresses
Block Time
120s
Transaction Fees
0.0001 CCX
Max Supply
200M CCX to be released over 100 years.
Circulating supply is 8m.
Deposits
Up to 4.16% interest rate per year
Investments
Up to 7.32% interest rate per year
Messenger
Encrypted Messages and Self-Destructive Messages
Premine
6% of the max supply locked over a 5 years interval
Block reward
Starting on 5 CCX and going up to 15 CCX (+0.25CCX/month). Currently 10.75 CCX.
https://github.com/ConcealNetwork
Buy at:
https://tradeogre.com/exchange/BTC-CCX
WHAT IS CONCEAL?
Conceal is a decentralized blockchain bank, with deposits and investments paying interest rates, without involvement of financial institutions, powered by 100% open source code.
Conceal enables untraceable and anonymous messaging, and a secure way to transfer funds. Using a distributed public ledger, the sender and receiver are kept anonymous, a key concern in a post Snowden world. Hackers cannot trace money or messages when the messages are sent across public networks.
Conceal Cryptocurrency (₡CCX) is based on the Cryptonote protocol and runs on a secure peer-to-peer network technology to operate with no central authority. You control the private keys to your funds.
Conceal is accessible by anyone in the world regardless of their geographic location or status. Our blockchain is resistant to any kind of analysis. All your CCX transactions and messages are anonymous.
Conceal avoids many concerns, e.g. technological, environment impact, reputational and security, of Bitcoin, and provides a glimpse of the future.
Conceal is open-source, community driven and truly decentralized.
No one owns Conceal, everyone can take part.
FEATURES Private Conceal uses ring signatures and one-time addresses for truly anonymous payments
Untraceable Conceal's transactions can't be linked between the sender and the recipient
Decentralized Conceal follows Satoshi Nakamoto's original vision of decentralized, trustless cryptocurrency, i.e. a secure digital cash operated by a network of users. Transactions are confirmed by distributed consensus, and then recorded on the blockchain immutably. Third parties do not need to be trusted to keep your money safe.
Fungible Conceal is truly fungible, thanks to built-in privacy features. Just like cash, all coins are equal, changeable. It is extremely unlikely that a coin will ever be blacklisted by any party due to its association in previous transactions.
Scalable Future scalability initiatives will include a modular sidechain.
Protected Proof Of Work PoW hash function is designed for egalitarian CPU & GPU mining and ASIC Resistance
Adaptive Limits Conceal intelligently adjusts its parameters based on the historical data
Encrypted Messages Secure your confidentiality with an encrypted P2P network, secure communications and encrypted self-destructive messages
Decentralized Banking Deposits get up to 4.2% interest rate per year and Investments up to 7.2% p.a.
They have a wiki that acts like an evolving whitepaper.
All of your questions should be answered here as it is updated frequently.
https://conceal.network/wiki/doku.php?id=about#conceal_emission
Very soon they will publish an anniversary article and reveal some big news. Could it relate to the below....
https://twitter.com/ConcealNetwork/status/1261723775801982976?s=19
"Deposits on Cloud & Mobile is almost here. You will be able to deposit $CCX on Cloud and Mobile soon and earn interest up to 6%!
Q3 2020 - Stay tuned."
Also please read this exclusive recent interview with the daily chain.
https://thedailychain.com/hashr8-privacy-coin-reviews-conceal/
submitted by therealfacemelter to CryptoMoonShots [link] [comments]

Which are your Top 5 favourite coins out of the Top 100? An analysis.

I am putting together my investment portfolio for 2018 and made a complete summary of the current Top 100. Interestingly, I noticed that all coins can be categorized into 12 markets. Which markets do you think will play the biggest role in the coming year?
Here is a complete overview of all coins in an excel sheet including name, market, TPS, risk profile, time since launch (negative numbers mean that they are launching that many months in the future) and market cap. You can also sort by all of these fields of course. Coins written in bold are the strongest contenders within their market either due to having the best technology or having a small market cap and still excellent technology and potential. https://docs.google.com/spreadsheets/d/1s8PHcNvvjuy848q18py_CGcu8elRGQAUIf86EYh4QZo/edit#gid=0
The 12 markets are
  1. Currency 13 coins
  2. Platform 25 coins
  3. Ecosystem 9 coins
  4. Privacy 10 coins
  5. Currency Exchange Tool 8 coins
  6. Gaming & Gambling 5 coins
  7. Misc 15 coins
  8. Social Network 4 coins
  9. Fee Token 3 coins
  10. Decentralized Data Storage 4 coins
  11. Cloud Computing 3 coins
  12. Stable Coin 2 coins
Before we look at the individual markets, we need to take a look of the overall market and its biggest issue scalability first:
Cryptocurrencies aim to be a decentralized currency that can be used worldwide. Its goal is to replace dollar, Euro, Yen, all FIAT currencies worldwide. The coin that will achieve that will be worth several trillion dollars.
Bitcoin can only process 7 transactions per second (TPS). In order to replace all FIAT, it would need to perform at at least VISA levels, which usually processes around 3,000 TPS, up to 25,000 TPS during peak times and a maximum of 64,000 TPS. That means that this cryptocurrency would need to be able to perform at least several thousand TPS. However, a ground breaking technology should not look at current technology to set a goal for its use, i.e. estimating the number of emails sent in 1990 based on the number of faxes sent wasn’t a good estimate.
For that reason, 10,000 TPS is the absolute baseline for a cryptocurrency that wants to replace FIAT. This brings me to IOTA, which wants to connect all 80 billion IoT devices that are expected to exist by 2025, which constantly communicate with each other, creating 80 billion or more transactions per second. This is the benchmark that cryptocurrencies should be aiming for. Currently, 8 billion devices are connected to the Internet.
With its Lightning network recently launched, Bitcoin is realistically looking at 50,000 possible soon. Other notable cryptocurrencies besides IOTA and Bitcoin are Nano with 7,000 TPS already tested, Dash with several billion TPS possible with Masternodes, Neo, LISK and RHOC with 100,000 TPS by 2020, Ripple with 50,000 TPS, Ethereum with 10,000 with Sharding.
However, it needs to be said that scalability usually goes at the cost of decentralization and security. So, it needs to be seen, which of these technologies can prove itself resilient and performant.
Without further ado, here are the coins of the first market

Market 1 - Currency:

  1. Bitcoin: 1st generation blockchain with currently bad scalability currently, though the implementation of the Lightning Network looks promising and could alleviate most scalability concerns, scalability and high energy use.
  2. Ripple: Centralized currency that might become very successful due to tight involvement with banks and cross-border payments for financial institutions; banks and companies like Western Union and Moneygram (who they are currently working with) as customers customers. However, it seems they are aiming for more decentralization now.https://ripple.com/dev-blog/decentralization-strategy-update/. Has high TPS due to Proof of Correctness algorithm.
  3. Bitcoin Cash: Bitcoin fork with the difference of having an 8 times bigger block size, making it 8 times more scalable than Bitcoin currently. Further block size increases are planned. Only significant difference is bigger block size while big blocks lead to further problems that don't seem to do well beyond a few thousand TPS. Opponents to a block size argue that increasing the block size limit is unimaginative, offers only temporary relief, and damages decentralization by increasing costs of participation. In order to preserve decentralization, system requirements to participate should be kept low. To understand this, consider an extreme example: very big blocks (1GB+) would require data center level resources to validate the blockchain. This would preclude all but the wealthiest individuals from participating.Community seems more open than Bitcoin's though.
  4. Litecoin : Little brother of Bitcoin. Bitcoin fork with different mining algorithm but not much else.Copies everything that Bitcoin does pretty much. Lack of real innovation.
  5. Dash: Dash (Digital Cash) is a fork of Bitcoin and focuses on user ease. It has very fast transactions within seconds, low fees and uses Proof of Service from Masternodes for consensus. They are currently building a system called Evolution which will allow users to send money using usernames and merchants will find it easy to integrate Dash using the API. You could say Dash is trying to be a PayPal of cryptocurrencies. Currently, cryptocurrencies must choose between decentralization, speed, scalability and can pick only 2. With Masternodes, Dash picked speed and scalability at some cost of decentralization, since with Masternodes the voting power is shifted towards Masternodes, which are run by Dash users who own the most Dash.
  6. IOTA: 3rd generation blockchain called Tangle, which has a high scalability, no fees and instant transactions. IOTA aims to be the connective layer between all 80 billion IOT devices that are expected to be connected to the Internet in 2025, possibly creating 80 billion transactions per second or 800 billion TPS, who knows. However, it needs to be seen if the Tangle can keep up with this scalability and iron out its security issues that have not yet been completely resolved.
  7. Nano: 3rd generation blockchain called Block Lattice with high scalability, no fees and instant transactions. Unlike IOTA, Nano only wants to be a payment processor and nothing else, for now at least. With Nano, every user has their own blockchain and has to perform a small amount of computing for each transaction, which makes Nano perform at 300 TPS with no problems and 7,000 TPS have also been tested successfully. Very promising 3rd gen technology and strong focus on only being the fastest currency without trying to be everything.
  8. Decred: As mining operations have grown, Bitcoin’s decision-making process has become more centralized, with the largest mining companies holding large amounts of power over the Bitcoin improvement process. Decred focuses heavily on decentralization with their PoW Pos hybrid governance system to become what Bitcoin was set out to be. They will soon implement the Lightning Network to scale up. While there do not seem to be more differences to Bitcoin besides the novel hybrid consensus algorithm, which Ethereum, Aeternity and Bitcoin Atom are also implementing, the welcoming and positive Decred community and professoinal team add another level of potential to the coin.
  9. Aeternity: We’ve seen recently, that it’s difficult to scale the execution of smart contracts on the blockchain. Crypto Kitties is a great example. Something as simple as creating and trading unique assets on Ethereum bogged the network down when transaction volume soared. Ethereum and Zilliqa address this problem with Sharding. Aeternity focuses on increasing the scalability of smart contracts and dapps by moving smart contracts off-chain. Instead of running on the blockchain, smart contracts on Aeternity run in private state channels between the parties involved in the contracts. State channels are lines of communication between parties in a smart contract. They don’t touch the blockchain unless they need to for adjudication or transfer of value. Because they’re off-chain, state channel contracts can operate much more efficiently. They don’t need to pay the network for every time they compute and can also operate with greater privacy. An important aspect of smart contract and dapp development is access to outside data sources. This could mean checking the weather in London, score of a football game, or price of gold. Oracles provide access to data hosted outside the blockchain. In many blockchain projects, oracles represent a security risk and potential point of failure, since they tend to be singular, centralized data streams. Aeternity proposes decentralizing oracles with their oracle machine. Doing so would make outside data immutable and unchangeable once it reaches Aeternity’s blockchain. Of course, the data source could still be hacked, so Aeternity implements a prediction market where users can bet on the accuracy and honesty of incoming data from various oracles.It also uses prediction markets for various voting and verification purposes within the platform. Aeternity’s network runs on on a hybrid of proof of work and proof of stake. Founded by a long-time crypto-enthusiast and early colleague of Vitalik Buterin, Yanislav Malahov. Promising concept though not product yet
  10. Bitcoin Atom: Atomic Swaps and hybrid consenus. This looks like the only Bitcoin clone that actually is looking to innovate next to Bitcoin Cash.
  11. Dogecoin: Litecoin fork, fantastic community, though lagging behind a bit in technology.
  12. Bitcoin Gold: A bit better security than bitcoin through ASIC resistant algorithm, but that's it. Not that interesting.
  13. Digibyte: Digibyte's PoS blockchain is spread over a 100,000+ servers, phones, computers, and nodes across the globe, aiming for the ultimate level of decentralization. DigiByte rebalances the load between the five mining algorithms by adjusting the difficulty of each so one algorithm doesn’t become dominant. The algorithm's asymmetric difficulty has gained notoriety and been deployed in many other blockchains.DigiByte’s adoption over the past four years has been slow. It’s still a relatively obscure currency compared its competitors. The DigiByte website offers a lot of great marketing copy and buzzwords. However, there’s not much technical information about what they have planned for the future. You could say Digibyte is like Bitcoin, but with shorter blocktimes and a multi-algorithm. However, that's not really a difference big enough to truly set themselves apart from Bitcoin, since these technologies could be implemented by any blockchain without much difficulty. Their decentralization is probably their strongest asset, however, this also change quickly if the currency takes off and big miners decide to go into Digibyte.
  14. Bitcoin Diamond Asic resistant Bitcoin and Copycat

Market 2 - Platform

Most of the cryptos here have smart contracts and allow dapps (Decentralized apps) to be build on their platform and to use their token as an exchange of value between dapp services.
  1. Ethereum: 2nd generation blockchain that allows the use of smart contracts. Bad scalability currently, though this concern could be alleviated by the soon to be implemented Lightning Network aka Plasma and its Sharding concept.
  2. EOS: Promising technology that wants to be able do everything, from smart contracts like Ethereum, scalability similar to Nano with 1000 tx/second + near instant transactions and zero fees, to also wanting to be a platform for dapps. However, EOS doesn't have a product yet and everything is just promises still. Highly overvalued right now. However, there are lots of red flags, have dumped $500 million Ether over the last 2 months and possibly bought back EOS to increase the size of their ICO, which has been going on for over a year and has raised several billion dollars. All in all, their market cap is way too high for that and not even having a product.
  3. Cardano: Similar to Ethereum/EOS, however, only promises made with no delivery yet, highly overrated right now. Interesting concept though. Market cap way too high for not even having a product. Somewhat promising technology.
  4. VeChain: Singapore-based project that’s building a business enterprise platform and inventory tracking system. Examples are verifying genuine luxury goods and food supply chains. Has one of the strongest communities in the crypto world. Most hyped token of all, with merit though.
  5. Neo: Neo is a platform, similar to Eth, but more extensive, allowing dapps and smart contracts, but with a different smart contract gas system, consensus mechanism (PoS vs. dBfT), governance model, fixed vs unfixed supply, expensive contracts vs nearly free contracts, different ideologies for real world adoption. There are currently only 9 nodes, each of which are being run by a company/entity hand selected by the NEO council (most of which are located in china) and are under contract. This means that although the locations of the nodes may differ, ultimately the neo council can bring them down due to their legal contracts. In fact this has been done in the past when the neo council was moving 50 million neo that had been locked up. Also dbft (or neo's implmentation of it) has failed underload causing network outages during major icos. The first step in decentralization is that the NEO Counsel will select trusted nodes (Universities, business partners, etc.) and slowly become less centralized that way. The final step in decentralization will be allowing NEO holders to vote for new nodes, similar to a DPoS system (ARK/EOS/LISK). NEO has a regulation/government friendly ideology. Finally they are trying to work undewith the Chinese government in regards to regulations. If for some reason they wanted it shut down, they could just shut it down.
  6. Stellar: PoS system, similar goals as Ripple, but more of a platform than only a currency. 80% of Stellar are owned by Stellar.org still, making the currency centralized.
  7. Ethereum classic: Original Ethereum that decided not to fork after a hack. The Ethereum that we know is its fork. Uninteresing, because it has a lot of less resources than Ethereum now and a lot less community support.
  8. Ziliqa: Zilliqa is building a new way of sharding. 2400 tpx already tested, 10,000 tps soon possible by being linearly scalable with the number of nodes. That means, the more nodes, the faster the network gets. They are looking at implementing privacy as well.
  9. QTUM: Enables Smart contracts on the Bitcoin blockchain. Useful.
  10. Icon: Korean ethereum. Decentralized application platform that's building communities in partnership with banks, insurance providers, hospitals, and universities. Focused on ID verification and payments. No big differentiators to the other 20 Ethereums, except that is has a product. That is a plus. Maybe cheap alternative to Ethereum.
  11. LISK: Lisk's difference to other BaaS is that side chains are independent to the main chain and have to have their own nodes. Similar to neo whole allows dapps to deploy their blockchain to. However, Lisk is currently somewhat centralized with a small group of members owning more than 50% of the delegated positions. Lisk plans to change the consensus algorithm for that reason in the near future.
  12. Rchain: Similar to Ethereum with smart contract, though much more scalable at an expected 40,000 TPS and possible 100,000 TPS. Not launched yet. No product launched yet, though promising technology. Not overvalued, probably at the right price right now.
  13. ARDR: Similar to Lisk. Ardor is a public blockchain platform that will allow people to utilize the blockchain technology of Nxt through the use of child chains. A child chain, which is a ‘light’ blockchain that can be customized to a certain extent, is designed to allow easy self-deploy for your own blockchain. Nxt claims that users will "not need to worry" about security, as that part is now handled by the main chain (Ardor). This is the chief innovation of Ardor. Ardor was evolved from NXT by the same company. NEM started as a NXT clone.
  14. Ontology: Similar to Neo. Interesting coin
  15. Bytom: Bytom is an interactive protocol of multiple byte assets. Heterogeneous byte-assets (indigenous digital currency, digital assets) that operate in different forms on the Bytom Blockchain and atomic assets (warrants, securities, dividends, bonds, intelligence information, forecasting information and other information that exist in the physical world) can be registered, exchanged, gambled and engaged in other more complicated and contract-based interoperations via Bytom.
  16. Nxt: Similar to Lisk
  17. Stratis: Different to LISK, Stratis will allow businesses and organizations to create their own blockchain according to their own needs, but secured on the parent Stratis chain. Stratis’s simple interface will allow organizations to quickly and easily deploy and/or test blockchain functionality of the Ethereum, BitShares, BitCoin, Lisk and Stratis environements.
  18. Status: Status provides access to all of Ethereum’s decentralized applications (dapps) through an app on your smartphone. It opens the door to mass adoption of Ethereum dapps by targeting the fastest growing computer segment in the world – smartphone users.16. Ark: Fork of Lisk that focuses on a smaller feature set. Ark wallets can only vote for one delegate at a time which forces delegates to compete against each other and makes cartel formations incredibly hard, if not impossible.
  19. Neblio: Similar to Neo, but 30x smaller market cap.
  20. NEM: Is similar to Neo No marketing team, very high market cap for little clarilty what they do.
  21. Bancor: Bancor is a Decentralized Liquidity Network that allows you to hold any Ethereum token and convert it to any other token in the network, with no counter party, at an automatically calculated price, using a simple web wallet.
  22. Dragonchain: The Purpose of DragonChain is to help companies quickly and easily incorporate blockchain into their business applications. Many companies might be interested in making this transition because of the benefits associated with serving clients over a blockchain – increased efficiency and security for transactions, a reduction of costs from eliminating potential fraud and scams, etc.
  23. Skycoin: Transactions with zero fees that take apparently two seconds, unlimited transaction rate, no need for miners and block rewards, low power usage, all of the usual cryptocurrency technical vulnerabilities fixed, a consensus mechanism superior to anything that exists, resistant to all conceivable threats (government censorship, community infighting, cybenucleaconventional warfare, etc). Skycoin has their own consensus algorithm known as Obelisk written and published academically by an early developer of Ethereum. Obelisk is a non-energy intensive consensus algorithm based on a concept called ‘web of trust dynamics’ which is completely different to PoW, PoS, and their derivatives. Skywire, the flagship application of Skycoin, has the ambitious goal of decentralizing the internet at the hardware level and is about to begin the testnet in April. However, this is just one of the many facets of the Skycoin ecosystem. Skywire will not only provide decentralized bandwidth but also storage and computation, completing the holy trinity of commodities essential for the new internet. Skycion a smear campaign launched against it, though they seem legit and reliable. Thus, they are probably undervalued.

Market 3 - Ecosystem

The 3rd market with 11 coins is comprised of ecosystem coins, which aim to strengthen the ease of use within the crypto space through decentralized exchanges, open standards for apps and more
  1. Nebulas: Similar to how Google indexes webpages Nebulas will index blockchain projects, smart contracts & data using the Nebulas rank algorithm that sifts & sorts the data. Developers rewarded NAS to develop & deploy on NAS chain. Nebulas calls this developer incentive protocol – basically rewards are issued based on how often dapp/contract etc. is used, the more the better the rewards and Proof of devotion. Works like DPoS except the best, most economically incentivised developers (Bookkeeppers) get the forging spots. Ensuring brains stay with the project (Cross between PoI & PoS). 2,400 TPS+, DAG used to solve the inter-transaction dependencies in the PEE (Parallel Execution Environment) feature, first crypto Wallet that supports the Lightening Network.
  2. Waves: Decentralized exchange and crowdfunding platform. Let’s companies and projects to issue and manage their own digital coin tokens to raise money.
  3. Salt: Leveraging blockchain assets to secure cash loands. Plans to offer cash loans in traditional currencies, backed by your cryptocurrency assets. Allows lenders worldwide to skip credit checks for easier access to affordable loans.
  4. CHAINLINK: ChainLink is a decentralized oracle service, the first of its kind. Oracles are defined as an ‘agent’ that finds and verifies real-world occurrences and submits this information to a blockchain to be used in smart contracts.With ChainLink, smart contract users can use the network’s oracles to retrieve data from off-chain application program interfaces (APIs), data pools, and other resources and integrate them into the blockchain and smart contracts. Basically, ChainLink takes information that is external to blockchain applications and puts it on-chain. The difference to Aeternity is that Chainlink deploys the smart contracts on the Ethereum blockchain while Aeternity has its own chain.
  5. WTC: Combines blockchain with IoT to create a management system for supply chains Interesting
  6. Ethos unifyies all cryptos. Ethos is building a multi-cryptocurrency phone wallet. The team is also building an investment diversification tool and a social network
  7. Aion: Aion is the token that pays for services on the Aeternity platform.
  8. USDT: is no cryptocurrency really, but a replacement for dollar for trading After months of asking for proof of dollar backing, still no response from Tether.

Market 4 - Privacy

The 4th market are privacy coins. As you might know, Bitcoin is not anonymous. If the IRS or any other party asks an exchange who is the identity behind a specific Bitcoin address, they know who you are and can track back almost all of the Bitcoin transactions you have ever made and all your account balances. Privacy coins aim to prevent exactly that through address fungability, which changes addresses constantly, IP obfuscation and more. There are 2 types of privacy coins, one with completely privacy and one with optional privacy. Optional Privacy coins like Dash and Nav have the advantage of more user friendliness over completely privacy coins such as Monero and Enigma.
  1. Monero: Currently most popular privacy coin, though with a very high market cap. Since their privacy is all on chain, all prior transactions would be deanonymized if their protocol is ever cracked. This requires a quantum computing attack though. PIVX is better in that regard.
  2. Zcash: A decentralized and open-source cryptocurrency that hide the sender, recipient, and value of transactions. Offers users the option to make transactions public later for auditing. Decent privacy coin, though no default privacy
  3. Verge: Calls itself privacy coin without providing private transactions, multiple problems over the last weeks has a toxic community, and way too much hype for what they have.
  4. Bytecoin: First privacy-focused cryptocurrency with anonymous transactions. Bytecoin’s code was later adapted to create Monero, the more well-known anonymous cryptocurrency. Has several scam accusations, 80% pre-mine, bad devs, bad tech
  5. Bitcoin Private: A merge fork of Bitcoin and Zclassic with Zclassic being a fork of Zcash with the difference of a lack of a founders fee required to mine a valid block. This promotes a fair distribution, preventing centralized coin ownership and control. Bitcoin private offers the optional ability to keep the sender, receiver, and amount private in a given transaction. However, this is already offered by several good privacy coins (Monero, PIVX) and Bitcoin private doesn't offer much more beyond this.
  6. Komodo: The Komodo blockchain platform uses Komodo’s open-source cryptocurrency for doing transparent, anonymous, private, and fungible transactions. They are then made ultra-secure using Bitcoin’s blockchain via a Delayed Proof of Work (dPoW) protocol and decentralized crowdfunding (ICO) platform to remove middlemen from project funding. Offers services for startups to create and manage their own Blockchains.
  7. PIVX: As a fork of Dash, PIVX uses an advanced implementation of the Zerocoin protocol to provide it’s privacy. This is a form of zeroknowledge proofs, which allow users to spend ‘Zerocoins’ that have no link back to them. Unlike Zcash u have denominations in PIVX, so they can’t track users by their payment amount being equal to the amount of ‘minted’ coins, because everyone uses the same denominations. PIVX is also implementing Bulletproofs, just like Monero, and this will take care of arguably the biggest weakness of zeroknowledge protocols: the trusted setup.
  8. Zcoin: PoW cryptocurrency. Private financial transactions, enabled by the Zerocoin Protocol. Zcoin is the first full implementation of the Zerocoin Protocol, which allows users to have complete privacy via Zero-Knowledge cryptographic proofs.
  9. Enigma: Monero is to Bitcoin what enigma is to Ethereum. Enigma is for making the data used in smart contracts private. More of a platform for dapps than a currency like Monero. Very promising.
  10. Navcoin: Like bitcoin but with added privacy and pos and 1,170 tps, but only because of very short 30 second block times. Though, privacy is optional, but aims to be more user friendly than Monero. However, doesn't really decide if it wants to be a privacy coin or not. Same as Zcash.Strong technology, non-shady team.
  11. Tenx: Raised 80 million, offers cryptocurrency-linked credit cards that let you spend virtual money in real life. Developing a series of payment platforms to make spending cryptocurrency easier. However, the question is if full privacy coins will be hindered in growth through government regulations and optional privacy coins will become more successful through ease of use and no regulatory hindrance.

Market 5 - Currency Exchange Tool

Due to the sheer number of different cryptocurrencies, exchanging one currency for the other it still cumbersome. Further, merchants don’t want to deal with overcluttered options of accepting cryptocurrencies. This is where exchange tool like Req come in, which allow easy and simple exchange of currencies.
  1. Cryptonex: Fiat and currency exchange between various blockchain services, similar to REQ.
  2. QASH: Qash is used to fuel its liquid platform which will be an exchange that will distribute their liquidity pool. Its product, the Worldbook is a multi-exchange order book that matches crypto to crypto, and crypto to fiat and the reverse across all currencies. E.g., someone is selling Bitcoin is USD on exchange1 not owned by Quoine and someone is buying Bitcoin in EURO on exchange 2 not owned by Quoine. If the forex conversions and crypto conversions match then the trade will go through and the Worldbook will match it, it'll make the sale and the purchase on either exchange and each user will get what they wanted, which means exchanges with lower liquidity if they join the Worldbook will be able to fill orders and take trade fees they otherwise would miss out on.They turned it on to test it a few months ago for an hour or so and their exchange was the top exchange in the world by 4x volume for the day because all Worldbook trades ran through it. Binance wants BNB to be used on their one exchange. Qash wants their QASH token embedded in all of their partners. More info here https://www.reddit.com/CryptoCurrency/comments/8a8lnwhich_are_your_top_5_favourite_coins_out_of_the/dwyjcbb/?context=3
  3. Kyber: network Exchange between cryptocurrencies, similar to REQ. Features automatic coin conversions for payments. Also offers payment tools for developers and a cryptocurrency wallet.
  4. Achain: Building a boundless blockchain world like Req .
  5. Req: Exchange between cryptocurrencies.
  6. Bitshares: Exchange between cryptocurrencies. Noteworthy are the 1.5 second average block times and throughput potential of 100,000 transactions per second with currently 2,400 TPS having been proven. However, bitshares had several Scam accusations in the past.
  7. Loopring: A protocol that will enable higher liquidity between exchanges and personal wallets.
  8. ZRX: Open standard for dapps. Open, permissionless protocol allowing for ERC20 tokens to be traded on the Ethereum blockchain. In 0x protocol, orders are transported off-chain, massively reducing gas costs and eliminating blockchain bloat. Relayers help broadcast orders and collect a fee each time they facilitate a trade. Anyone can build a relayer.

Market 6 - Gaming

With an industry size of $108B worldwide, Gaming is one of the largest markets in the world. For sure, cryptocurrencies will want to have a share of that pie.
  1. Storm: Mobile game currency on a platform with 9 million players.
  2. Fun: A platform for casino operators to host trustless, provably-fair gambling through the use of smart contracts, as well as creating their own implementation of state channels for scalability.
  3. Electroneum: Mobile game currency They have lots of technical problems, such as several 51% attacks
  4. Wax: Marketplace to trade in-game items

Market 7 - Misc

There are various markets being tapped right now. They are all summed up under misc.
  1. OMG: Omise is designed to enable financial services for people without bank accounts. It works worldwide and with both traditional money and cryptocurrencies.
  2. Power ledger: Australian blockchain-based cryptocurrency and energy trading platform that allows for decentralized selling and buying of renewable energy. Unique market and rather untapped market in the crypto space.
  3. Populous: A platform that connects business owners and invoice buyers without middlemen. Invoice sellers get cash flow to fund their business and invoice buyers earn interest. Similar to OMG, small market.
  4. Monacoin: The first Japanese cryptocurrency. Focused on micro-transactions and based on a popular internet meme of a type-written cat. This makes it similar to Dogecoin. Very niche, tiny market.
  5. Revain: Legitimizing reviews via the blockchain. Interesting concept, though market not as big.
  6. Augur: Platform to forecast and make wagers on the outcome of real-world events (AKA decentralized predictions). Uses predictions for a “wisdom of the crowd” search engine. Not launched yet.
  7. Substratum: Revolutionzing hosting industry via per request billing as a decentralized internet hosting system. Uses a global network of private computers to create the free and open internet of the future. Participants earn cryptocurrency. Interesting concept.
  8. Veritaseum: Is supposed to be a peer to peer gateway, though it looks like very much like a scam.
  9. TRON: Tronix is looking to capitalize on ownership of internet data to content creators. However, they plagiarized their white paper, which is a no go. They apologized, so it needs to be seen how they will conduct themselves in the future. Extremely high market cap for not having a product, nor proof of concept.
  10. Syscoin: A cryptocurrency with a decentralized marketplace that lets people buy and sell products directly without third parties. Trying to remove middlemen like eBay and Amazon.
  11. Hshare: Most likely scam because of no code changes, most likely pump and dump scheme, dead community.
  12. BAT: An Ethereum-based token that can be exchanged between content creators, users, and advertisers. Decentralized ad-network that pays based on engagement and attention.
  13. Dent: Decentralizeed exchange of mobile data, enabling mobile data to be marketed, purchased or distributed, so that users can quickly buy or sell data from any user to another one.
  14. Ncash: End to end encrypted Identification system for retailers to better serve their customers .
  15. Factom Secure record-keeping system that allows companies to store their data directly on the Blockchain. The goal is to make records more transparent and trustworthy .

Market 8 - Social network

Web 2.0 is still going strong and Web 3.0 is not going to ignore it. There are several gaming tokens already out there and a few with decent traction already, such as Steem, which is Reddit with voting through money is a very interesting one.
  1. Mithril: As users create content via social media, they will be rewarded for their contribution, the better the contribution, the more they will earn
  2. Steem: Like Reddit, but voting with money. Already launched product and Alexa rank 1,000 Thumbs up.
  3. Rdd: Reddcoin makes the process of sending and receiving money fun and rewarding for everyone. Reddcoin is dedicated to one thing – tipping on social networks as a way to bring cryptocurrency awareness and experience to the general public.
  4. Kin: Token for the platform Kik. Kik has a massive user base of 400 million people. Replacing paying with FIAT with paying with KIN might get this token to mass adoption very quickly.

Market 9 - Fee token

Popular exchanges realized that they can make a few billion dollars more by launching their own token. Owning these tokens gives you a reduction of trading fees. Very handy and BNB (Binance Coin) has been one of the most resilient tokens, which have withstood most market drops over the last weeks and was among the very few coins that could show growth.
  1. BNB: Fee token for Binance
  2. Gas: Not a Fee token for an exchange, but it is a dividend paid out on Neo and a currency that can be used to purchase services for dapps.
  3. Kucoin: Fee token for Kucoin

Market 10 - Decentralized Data Storage

Currently, data storage happens with large companies or data centers that are prone to failure or losing data. Decentralized data storage makes loss of data almost impossible by distributing your files to numerous clients that hold tiny pieces of your data. Remember Torrents? Torrents use a peer-to-peer network. It is similar to that. Many users maintain copies of the same file, when someone wants a copy of that file, they send a request to the peer-to-peer network., users who have the file, known as seeds, send fragments of the file to the requester., he requester receives many fragments from many different seeds, and the torrent software recompiles these fragments to form the original file.
  1. Gbyte: Byteball data is stored and ordered using directed acyclic graph (DAG) rather than blockchain. This allows all users to secure each other's data by referencing earlier data units created by other users, and also removes scalability limits common for blockchains, such as blocksize issue.
  2. Siacoin: Siacoin is decentralized storage platform. Distributes encrypted files to thousands of private users who get paid for renting out their disk space. Anybody with siacoins can rent storage from hosts on Sia. This is accomplish via "smart" storage contracts stored on the Sia blockchain. The smart contract provides a payment to the host only after the host has kept the file for a given amount of time. If the host loses the file, the host does not get paid.
  3. Maidsafecoin: MaidSafe stands for Massive Array of Internet Disks, Secure Access for Everyone.Instead of working with data centers and servers that are common today and are vulnerable to data theft and monitoring, SAFE’s network uses advanced P2P technology to bring together the spare computing capacity of all SAFE users and create a global network. You can think of SAFE as a crowd-sourced internet. All data and applications reside in this network. It’s an autonomous network that automatically sets prices and distributes data and rents out hard drive disk space with a Blockchain-based storage solutions.When you upload a file to the network, such as a photo, it will be broken into pieces, hashed, and encrypted. The data is then randomly distributed across the network. Redundant copies of the data are created as well so that if someone storing your file turns off their computer, you will still have access to your data. And don’t worry, even with pieces of your data on other people’s computers, they won’t be able to read them. You can earn MadeSafeCoins by participating in storing data pieces from the network on your computer and thus earning a Proof of Resource.
  4. Storj: Storj aims to become a cloud storage platform that can’t be censored or monitored, or have downtime. Your files are encrypted, shredded into little pieces called 'shards', and stored in a decentralized network of computers around the globe. No one but you has a complete copy of your file, not even in an encrypted form.

Market 11 - Cloud computing

Obviously, renting computing power, one of the biggest emerging markets as of recent years, e.g. AWS and Digital Ocean, is also a service, which can be bought and managed via the blockchain.
  1. Golem: Allows easy use of Supercomputer in exchange for tokens. People worldwide can rent out their computers to the network and get paid for that service with Golem tokens.
  2. Elf: Allows easy use of Cloud computing in exchange for tokens.

Market 12 - Stablecoin

Last but not least, there are 2 stablecoins that have established themselves within the market. A stable coin is a coin that wants to be independent of the volatility of the crypto markets. This has worked out pretty well for Maker and DGD, accomplished through a carefully diversified currency fund and backing each token by 1g or real gold respectively. DO NOT CONFUSE DGD AND MAKER with their STABLE COINS DGX and DAI. DGD and MAKER are volatile, because they are the companies of DGX and DAI. DGX and DAI are the stable coins.
  1. DGD: Platform of the Stablecoin DGX. Every DGX coin is backed by 1g of gold and make use proof of asset consensus.
  2. Maker: Platform of the Stablecoin DAI that doesn't vary much in price through widespread and smart diversification of assets.
EDIT: Added a risk factor from 0 to 10. The baseline is 2 for any crypto. Significant scandals, mishaps, shady practices, questionable technology, increase the risk factor. Not having a product yet automatically means a risk factor of 6. Strong adoption and thus strong scrutiny or positive community lower the risk factor.
EDIT2: Added a subjective potential factor from 0 to 10, where its overall potential and a small or big market cap is factored in. Bitcoin with lots of potential only gets a 9, because of its massive market cap, because if Bitcoin goes 10x, smaller coins go 100x, PIVX gets a 10 for being as good as Monero while carrying a 10x smaller market cap, which would make PIVX go 100x if Monero goes 10x.
submitted by galan77 to CryptoCurrency [link] [comments]

Can we talk about GAW?

After the GOX disaster took so many people by surprise, I feel that it’s worth bringing forward the madness that’s happening over at GAW for those that may be considering throwing some money their way. This especially with the launch of their “hash coin” later today.
First off, I’m not some whistle blower or insider with secret information, just an enthusiast who cannot believe the amount of money people appear to be giving them despite red flags from here to forever. I know this post likely won’t do anything, but given the number of people casually trying to get into cryptocurrencies and seeing GAW as a good/accessible option it’s worth trying to bring up the discussion.
You should always be aware of anyone promising anything too good to be true. Here we have a company that has promised guaranteed returns and "profitability" more times than I can count. There is no such thing as a sure thing, especially in markets as unpredictable as crypto, and especially on the scale they talk about. Also those returns have yet to materialize for anyone but the very first buyers (interesting...).
They’ve created their own forum and aggressively policed any thread they have access to across the web to stamp out negative feedback. Their customer service by all accounts is a disaster and the only way to get a timely response is to post publically. There are many accounts that they ended up sending out whatever hardware they had lying around to people trying to buy their custom machines (war machines, etc) and then denying it.
On their forum you get money for upvotes, lose money from your account for downvotes, get bonus money from the CEO if he likes your post, and with enough downvotes you get autobanned. You can imagine what kind of a community this creates. Negative posts of any kind get you banned and the threads removed by admins immediately.
Next we have their pool system. They have their own pool (Zenpool) that always seemed to have the best payout, yet no explanation of how it is remotely possible. It doesn’t take a think tank to imagine how easy it would be to sell your propriety mining pool as a higher buy in, subsidize the difference in rates out of pocket to secure purchases and then do whatever you want with the money.
Zenpool and cloud hashing contracts are the most incredibly perfect setup for a Ponzi scheme you could ever create, and people continue to buy despite the utter lack of transparency, explanation, or established reputation that would make this seem credible. Imagine this, give me 20 dollars today and I’ll give you 1.2 cents a day (minus maintenance) instead of the 1.1 cent you would get elsewhere. Sure sounds like a cost effective way to raise a bunch of money fast.
If GAW disappeared tomorrow with everyone’s money it would in hindsight seem like the most obvious thing in the world. I am not saying that it is a Ponzi scheme, just that JESUS CHRIST does it look like one with no effort to prove itself otherwise. Even if it’s not a Ponzi scheme this sure does seem like it could be one of those Butterfly labs situations where a lot of personal stuff (e.g. private jets) gets charged to company cards until they go bankrupt.
Finally we have “Hash Coin” – there are so many things wrong with this it’s hard to summarize. You can read their QA here. But in short they’re launching an ICO that, in their words: “will go “public” for just over $20 a coin.” According to “analysts and banks”. And that “there will be a “bank” that will manage, to some degree, the valuation of Hashcoin” However of course you cannot know who these bankers or analysts are as: “The identities of both the analysts and banks will be released once the ICO has completed and the merchant marketplace established in the near future.”
And this magic coin will have a market cap of 5Billion (!!). For quick reference Bitcoin sits at roughly 4.4.
I am sure there is a debate all on its own for the ICO, but it betrays such a huge misunderstanding of some of the fundamentals of this space all it does is create more red flags for me.
Somewhere there is a whitepaper that is “done” but instead of releasing it for community review and feedback they’ve plowed ahead with some crazy bankeanalyst backed offering in which everyone – especially you – can make boatloads of money. This ICO deserves a post on it’s own, but given that it’s launching tonight there should be plenty on entertainment there for later. Again, their quote "A white paper will not answer ICO questions. That is what is more important."
In short: They’re running a system with constantly promised returns that has done anything but that. They’re running what could easily be a textbook Ponzi scheme on a huge scale with zero transparency. They’re issuing their own currency that “analysts” and “banks” have assured them will be worth giant multiples of what you will be able to buy it for, and have a market cap of 5,000,000,000 USD.
I'm all for people trying wild and crazy (and big) ideas in the space, but another GOX (Butterfly Labs, etc.) is not what we need. If GAW is a legitimate well run organization then the community should ask for more transparency and information before giving them any more money.
And finally, there’s this post. (*update, they took down the image but someone sent me a screenshot they took.)
They literally have post praising themselves for taking money from a man who has a sick family and mounting medical bills for a product that will likely never (ever) return to him what he paid for it. And the image they have chosen for this post - well, it's of the CEO and community manager in a private jet. (** update 2, I was contacted by someone who claims to own the site and says it's not affiliated with GAW. So, fair enough for a disclaimer. They are however still doing these things even if it's a repost of theirs, so point still stands.)
TL;DR Everyone gives GAW money despite the fact that they are too busy flying on private jets to answer your support emails or explain how their definitely-not-a-ponzi-scheme operation works exactly. But hey, let's all go buy some Hash Coin* which is totally better than Bitcoin! (*whitepaper pending)
(edit: formatting)
Update: "Whitepaper" draft is out for hashcoin, and it's hilarious. We're 20 days out from their ICO and they haven't released anything for the community to review or comment on, and if this is the direction they're going it's going to be quite the ride.
Update 2: It's been mentioned a number of times here, but worth noting for anyone even remotely looking at the hashlets and their "guaranteed profitability" that maintenance fees are 80% of earnings at this point. The break even point for all products is never given any kind of difficulty increase and multiple years assuming none. I cannot say I understand how GAW calculates profitability, but doesn't seem to be the way I do.
Update 3: And a couple more to underscore the point. From their own terms of service: "Hashlets are virtual service units related to mining services, but are not mining hardware." Hashlets are not real, might not have anything to do with hardware! "11. Termination and Modifications. a. Services may be terminated by us, without cause, at any time." And, GAW can simply cancel the service at any time and keep your money!
Update 4: Link to the SEC site to report suspicious activity: https://denebleo.sec.gov/TCRExternal/questionaire.xhtml
Update 5: CoinFire publishes story on possible dishonesty on the part of GAW with regards to partners, gets hacked. Thread with more information here: http://www.reddit.com/Bitcoin/comments/2n7c9coinfire_publishes_article_with_details_about_gaw/
submitted by redflagsforever to Bitcoin [link] [comments]

The Strange Birth & History of Monero, Part IV: Monero "as it is now"

You can read here part III.
You can read this whole story translated into Spanish here
This is part IV, the last but not least.
Monero - A secure, private, untreceable cryptocurrency
https://bitcointalk.org/index.php?topic=583449.0
Notable comments in this thread:
-201: “I would like to offer 1000 MRO to the first person who creates a pool”
(https://bitcointalk.org/index.php?topic=583449.msg6422665#msg6422665)
[tacotime offers bounty to potential pool developer. Bytecoin devs haven’t released any code for pools, and the only existent pool, minergate (in the future related to BCN interests) was closed source]
-256: “Adam back seems to like CryptoNote the better than Zerocash https://twitter.com/adam3us/status/453493394472697856”
(https://bitcointalk.org/index.php?topic=583449.msg6440769#msg6440769)
-264: “update on pools: The NOMP guy (zone117x) is looking to fork his open source software and get a pool going, so one should hopefully be up soon.”
(https://bitcointalk.org/index.php?topic=583449.msg6441302#msg6441302)
-273: “Update on GUI: othe from VertCoin has notified me that he is working on it.”
(https://bitcointalk.org/index.php?topic=583449.msg6442606#msg6442606)
-356: “Everyone wanting a pool, please help raise a bounty with me here:
https://bitcointalk.org/index.php?topic=589533.0
And for the GUI:
https://bitcointalk.org/index.php?topic=589561.0”
(https://bitcointalk.org/index.php?topic=583449.msg6461533#msg6461533)
[5439 MRO + 0.685 BTC + 5728555.555 BCN raised for pool and 1652 XMR, 121345.46695471 BCN for the GUI wallet. Though this wallet was "rejected" as official GUI because wallet still has to be polished before building a GUI]
-437: “Yes, most Windows users should see a higher hashrate with the new build. You can thank NoodleDoodle. ”
(https://bitcointalk.org/index.php?topic=583449.msg6481202#msg6481202)
-446: “Even faster Windows binaries have just been uploaded. Install for more hash power! Once again, it was NoodleDoodle.”
(https://bitcointalk.org/index.php?topic=583449.msg6483680#msg6483680)
-448: “that almost doubled my hashrate again! GREAT STUFF !!!”
(https://bitcointalk.org/index.php?topic=583449.msg6484109#msg6484109)
-461: “Noodle only started optimization today so there may be gains for your CPU in the future.”
(https://bitcointalk.org/index.php?topic=583449.msg6485247#msg6485247)
[First day of miner optimization by NoodleDoodle, it is only May 1st]
-706: “The unstoppable NoodleDoodle has optimized the Windows build again. Hashrate should more than double. Windows is now faster than Linux. :O”
(https://bitcointalk.org/index.php?topic=583449.msg6549444#msg6549444)
-753: “i here tft is no longer part of the project. so is he forking or relaunching bytecoin under new name and new parameters (merged mining with flatter emission curve.) also. what is the end consensus for the emission curve for monero. will it be adjusted."
(https://bitcointalk.org/index.php?topic=583449.msg6561345#msg6561345)
[May, 5th 2014. TFT is launching FANTOMCOIN, a clone coin which its "only" feature was merged mining]
-761: (https://bitcointalk.org/index.php?topic=583449.msg6561941#msg6561941) [May, 5th 2014 – eizh on emission curve and tail emission]
-791: “As promised, I did Russian translation of main topic.”
(https://bitcointalk.org/index.php?topic=583449.msg6565521#msg6565521)
[one among dozens of decentralized and “altruist” collaborators of Monero in minor tasks]
-827: image
(https://bitcointalk.org/index.php?topic=583449.msg6571652#msg6571652)
-853: (https://bitcointalk.org/index.php?topic=583449.msg6575033#msg6575033)
[some are not happy that NoodleDoodle had only released the built binaries, but not the source code]
-950: (https://bitcointalk.org/index.php?topic=583449.msg6593768#msg6593768)
[Rias, an account suspected to be related to the Bytecoin scam, dares to tag Monero as “instamine”]
-957: “It's rather bizarre that you're calling this an "instamine" scam when you're so fervently supporting BCN, which was mined 80% before entering the clearnet. Difficulty adjustments are per block, so there is no possibility of an instamine unless you don't publish your blockchain (emission is regular at the preset interval, and scales adequately with the network hash rate). What you're accusing monero of is exactly what ByteCoin did.”
https://bitcointalk.org/index.php?topic=583449.msg6594025#msg6594025
[Discussion with rias drags on for SEVERAL posts]
-1016: “There is no "dev team". There is a community of people working on various aspects of the coin.
I've been keeping the repo up to date. NoodleDoodle likes to optimise his miner. TFT started the fork and also assists when things break. othe's been working on a GUI. zone117x has been working on a pool.
It's a decentralized effort to maintain the fork, not a strawman team of leet hackers who dwell in the underbellies of the internet and conspire for instamines.”
(https://bitcointalk.org/index.php?topic=583449.msg6596828#msg6596828)
-1023: “Like I stated in IRC, I am not part of the "dev team", I never was. Just so happens I took a look at the code and changed some extremely easy to spot "errors". I then decided to release the binary because I thought MRO would benefit from it. I made this decision individually and nobody else should be culpable”
(https://bitcointalk.org/index.php?topic=583449.msg6597057#msg6597057)
[Noodledoodle gets rid of the instaminer accusations]
-1029: “I decided to relaunch Monero so it will suit all your wishes that you had: flatter emission curve, open source optimized miner for everybody from the start, no MM with BCN/BMR and the name. New Monero will be ready tomorrow”
(https://bitcointalk.org/index.php?topic=583449.msg6597252#msg6597252)
[people trying to capitalize mistakes is always there.]
-1030: "Pull request has been submitted and merged to update miner speed
It appears from the simplicity of the fix that there may have been deliberate crippling of the hashing algorithm from introduction with ByteCoin."
https://bitcointalk.org/index.php?topic=583449.msg6597460#msg6597460
[tacotime “officially” raises suspects of possible voluntarily crippled miner]
-1053: "I don't mind the 'relaunch' or the merge-mining fork or any other new coin at all. It's inevitable that the CryptoNote progresses like scrypt into a giant mess of coins. It's not undesirable or 'wrong'. Clones fighting out among themselves is actually beneficial for Monero. Although one of them is clearly unserious and trolling by choosing the same name.
Anyway, this sudden solidarity with BCN or TFT sure is strange when none of these accounts were around for the discussions that took place 3 weeks ago. Such vested interests with no prior indications. Hmm...? "
https://bitcointalk.org/index.php?topic=583449.msg6599013#msg6599013
[eizh points out the apparent organized fudding]
-1061: "There was no takeover. The original developer (who himself did a fork of bytecoin and around a dozen lines of code changes) was non-responsive and had disappeared. The original name had been cybersquatted all over the place (since the original developer did not even register any domain name much less create a web site), making it impossible to even create a suitably named web site. A bunch of us who didn't want to see the coin die who represented a huge share of the hash power and ownership of the coin decided to adopt it. We reached out to the original developer to participate in this community effort and he still didn't respond over 24 hours, so we decided to act to save the coin from neglect and actively work toward building the coin."
(https://bitcointalk.org/index.php?topic=583449.msg6599798#msg6599798)
[smooth defends legitimacy of current “dev team” and decisions taken]
-1074: “Zerocash will be announced soon (May 18 in Oakland? but open source may not be ready then?).
Here is a synopsis of the tradeoffs compared to CyptoNote: […]"
(https://bitcointalk.org/index.php?topic=583449.msg6602891#msg6602891)
[comparison among Zerocash y Cryptonote]
-1083: "Altcoin history shows that except in the case of premine (Tenebrix), the first implementation stays the largest by a wide margin. We're repeating that here by outpacing Bytecoin (thanks to its 80% mine prior to surfacing). No other CN coin has anywhere near the hashrate or trading volume. Go check diff in Fantom for example or the lack of activity in BCN trading.
The only CN coin out there doing something valuable is HoneyPenny, and they're open source too. If HP develops something useful, MRO can incorporate it as well. Open source gives confidence. No need for any further edge."
(https://bitcointalk.org/index.php?topic=583449.msg6603452#msg6603452)
[eizh reminds everyone the “first mover” advantage is a real advantage]
-1132: "I decided to tidy up bitmonero GitHub rep tonight, so now there is all valuable things from latest BCN commits & Win32. Faster hash from quazarcoin is also there. So BMR rep is the freshest one.
I'm working on another good feature now, so stay tuned."
(https://bitcointalk.org/index.php?topic=583449.msg6619738#msg6619738)
[first TFT apparition in weeks, he somehow pretends to still be the "lead dev"]
-1139: "This is not the github or website used by Monero. This github is outdated even with these updates. Only trust binaries from the first post."
(https://bitcointalk.org/index.php?topic=583449.msg6619971#msg6619971)
[eizh tries to clarify the community, after tft interference, which are the official downloads]
-1140: “The faster hash is from NoodleDoodle and is already submitted to the moner-project github (https://github.com/monero-project/bitmonero) and included in the binaries here.
[trying to bring TFT back on board] It would be all easier if you just work together with the other guys, whats the problem? Come to irc and talk like everyone else?
[on future monero exchangers] I got confirmation from one."
(https://bitcointalk.org/index.php?topic=583449.msg6619997#msg6619997)
[8th may 2014, othe announces NoodleDoodle optimized miner is now open source, asks TFT to collaborate and communicates an exchanger is coming]
-1146: "I'll be impressed if they [BCN/TFT shills] manage to come up with an account registered before January, but then again they could buy those.”
(https://bitcointalk.org/index.php?topic=583449.msg6620257#msg6620257)
[smooth]
-1150: “Ring signatures mean that when you sign a transaction to spend an output (coins), no one looking at the block chain can tell whether you signed it or one of the other outputs you choose to mix in with yours. With a mixing factor of 5 or 10 after several transactions there are millions of possible coins all mixed together. You get "anonymity" and mixing without having to use a third party mixer.”
(https://bitcointalk.org/index.php?topic=583449.msg6620433#msg6620433)
[smooth answering to “what are ring signatures” in layman terms]
-1170: "Someone (C++ skilled) did private optimized miner a few days ago, he got 74H/s for i5 haswell. He pointed that mining code was very un-optimized and he did essential improvements for yourself. So, high H/S is possible yet. Can the dev's core review code for that?"
(https://bitcointalk.org/index.php?topic=583449.msg6623136#msg6623136)
[forums are talking about an individual or group of individuals with optimized miners - may 9th 2014]
-1230: "Good progress on the pool reported by NOMP dev zone117x. Stay tuned, everyone.
And remember to email your favorite exchanges about adding MRO."
(https://bitcointalk.org/index.php?topic=583449.msg6640190#msg6640190)
-1258: "This is actually as confusing to us as you. At one point, thankful_for_today said he was okay with name change: https://bitcointalk.org/index.php?topic=563821.msg6368600#msg6368600
Then he disappeared for more than a week after the merge mining vote failed.”
(https://bitcointalk.org/index.php?topic=583449.msg6645981#msg6645981)
[eizh on the TFT-issue]
-1358: “Jadehorse: registered on 2014-03-06 and two pages of one line posts:
https://bitcointalk.org/index.php?action=profile;u=263597
https://bitcointalk.org/index.php?action=profile;u=263597;sa=showPosts
Trustnobody: registered on 2014-03-06 and two pages of one line posts:
https://bitcointalk.org/index.php?action=profile;u=264292
https://bitcointalk.org/index.php?action=profile;u=264292;sa=showPosts
You guys should really just stop trying. It is quite transparent what you are doing. Or if you want to do it, do it somewhere else. Everyone else: ignore them please."
(https://bitcointalk.org/index.php?topic=583449.msg6666844#msg6666844)
[FUD campaign still ongoing, smooth battles it]
-1387: "The world’s first exchange for Monero just opened! cryptonote.exchange.to"
(https://bitcointalk.org/index.php?topic=583449.msg6675902#msg6675902)
[David Latapie announces an important milestone: exchanger is here]
-1467: "image"
(https://bitcointalk.org/index.php?topic=583449.msg6686125#msg6686125)
[it is weird, but tft appears again, apparently as if he were in a parallel reality]
-1495: “http://monero.cc/blog/monero-price-0-002-passed/”
(https://bitcointalk.org/index.php?topic=583449.msg6691706#msg6691706)
[“trading” milestone reached: monero surpassed for first time 0.002 btc price]
-1513: "There is one and only one coin, formerly called Bitmonero, now called Monero. There was a community vote in favor (despite likely ballot stuffing against). All of the major stakeholders at the time agreed with the rename, including TFT.
The code base is still called bitmonero. There is no reason to rename it, though we certainly could have if we really wanted to.
TFT said he he is sentimental about the Bitmonero name, which I can understand, so I don't think there is any malice or harm in him continuing to use it. He just posted the nice hash rate chart on here using the old name. Obviously he understands that they are one and the same coin."
(https://bitcointalk.org/index.php?topic=583449.msg6693615#msg6693615)
[Smooth clears up again the relation with TFT and BMR. Every time he appears it seems to generate confusion on newbies]
-1543: "Pool software is in testing now. You can follow the progress on the pool bounty thread (see original post on this thread for link)."
(https://bitcointalk.org/index.php?topic=583449.msg6698097#msg6698097)
-1545: "[on the tail emission debate] I've been trying to raise awareness of this issue. The typical response seems to be, "when Bitcoin addresses the problem, so will we." To me this means it will never be addressed. The obvious solution is to perpetually increase the money supply, always rewarding miners with new coins.
Tacotime mentioned a hard fork proposal to never let the block reward drop below 1 coin:
Code: if (blockReward < 1){ blockReward = 1; }
I assume this is merely delaying the problem, however. I proposed a fixed annual debasement (say 2%) with a tx fee cap of like 0.001% of the current block reward (or whatever sounds reasonable). That way we still get the spam protection without worrying about fee escalation down the road."
(https://bitcointalk.org/index.php?topic=583449.msg6698879#msg6698879)
[Johnny Mnemonic wants to debate tail emission. Debate is moved to the “Monero Economy” thread]
-1603: “My GOD,the wallet is very very wierd and too complicated to operate, Why dont release a wallet-qt as Bitcoin?”
(https://bitcointalk.org/index.php?topic=583449.msg6707857#msg6707857)
[Newbies have hard times with monero]
-1605: "because this coin is not a bitcoin clone and so there isnt a wallet-qt to just copy and release. There is a bounty for a GUI wallet and there is already an experimental windows wallet..."
(https://bitcointalk.org/index.php?topic=583449.msg6708250#msg6708250)
-1611: "I like this about Monero, but it seems it was written by cryptographers, not programmers. The damned thing doesn't even compile on Arch, and there are several bugs, like command history not working on Linux. The crypto ideas are top-notch, but the implementation is not."
(https://bitcointalk.org/index.php?topic=583449.msg6709002#msg6709002)
[Wolf0, a miner developer, little by little joining the community]
-1888: "http://198.199.79.100 (aka moneropool.org) successfully submitted a block. Miners will be paid for their work once payments start working.
P.S. This is actually our second block today. The first was orphaned. :/"
(https://bitcointalk.org/index.php?topic=583449.msg6753836#msg6753836)
[May 16th: first pool block]
-1927: "Botnets aren't problem now. The main problem is a private hi-performance miner"
(https://bitcointalk.org/index.php?topic=583449.msg6759622#msg6759622)
-1927: "Evidence?"
(https://bitcointalk.org/index.php?topic=583449.msg6759661#msg6759661)
[smooth about the private optimized miner]
-1937: “[reference needed: smooth battling the weak evidence of optimized miner] Yes, I remember that. Some person on the Internet saying that some other unnamed person said he did something hardly constitutes evidence.
I'm not even doubting that optimized asm code could make a big difference. Just not sure how to know whether this is real or not. Rumors and FUD are rampant, so it is just hard to tell."
(https://bitcointalk.org/index.php?topic=583449.msg6760040#msg6760040)
[smooth does not take the "proof" seriously]
-1949: "image
One i5 and One e5 connected to local pool:
image"
(https://bitcointalk.org/index.php?topic=583449.msg6760624#msg6760624)
[proof of optimized miner]
-1953: "lazybear are you interested in a bounty to release the source code (maybe cleaned up a bit?) your optimized miner? If not, I'll probably play around with the code myself tomorrow and see if I can come up with something, or maybe Noodle Doodle will take an interest."
(https://bitcointalk.org/index.php?topic=583449.msg6760699#msg6760699)
[smooth tries to bring lazybear and his optimized miner on board]
-1957: "smooth, NoodleDoodle just said on IRC his latest optimizations are 4x faster on Windows. Untested on Linux so far but he'll push the source to the git repo soon. We'll be at 1 million network hashrate pretty soon."
(https://bitcointalk.org/index.php?topic=583449.msg6760814#msg6760814)
[eizh makes publics NoodleDoodle also has more miner optimizations