The Cryptography of Bitcoin - Lydianz

Craig Wright explains the cryptography of Bitcoin

Craig Wright explains the cryptography of Bitcoin submitted by shinney to digitalmunition [link] [comments]

Hashed Time Locked Contracts and routing on the Lightning network explained for beginners without bitcoin / cryptography background

Hashed Time Locked Contracts and routing on the Lightning network explained for beginners without bitcoin / cryptography background submitted by renepickhardt to lightningnetwork [link] [comments]

Craig Wright explains the cryptography of Bitcoin (current BTC/USD price is $9,762.47)

Latest Bitcoin News:
Craig Wright explains the cryptography of Bitcoin
Other Related Bitcoin Topics:
Bitcoin Price | Bitcoin Mining | Blockchain
The latest Bitcoin news has been sourced from the CoinSalad.com Bitcoin Price and News Events page. CoinSalad is a web service that provides real-time Bitcoin market info, charts, data and tools. Follow us on Twitter @CoinSalad.
submitted by coinsaladcom to CoinSalad [link] [comments]

Craig Wright explains the cryptography of Bitcoin

Craig Wright explains the cryptography of Bitcoin submitted by n4bb to CoinPath [link] [comments]

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply)

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply) submitted by Piterst to Bitcoin [link] [comments]

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply)

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply) submitted by Piterst to btc [link] [comments]

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply)

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply) submitted by Piterst to CryptoCurrency [link] [comments]

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply)

Math Behind Bitcoin and Elliptic Curve Cryptography (Explained Simply) submitted by ABitcoinAllBot to BitcoinAll [link] [comments]

How do you explain smart-contracts to people with only a surface understanding of Bitcoin/cryptography?

Hey guys, have been trying to explain smart contract use cases to people and seem pretty bad at it. Just wondering how you smart dudes and dudettes would go about explaining this to someone who has the basic understanding that Bitcoin and Ether is digital money?
submitted by magpietongue to ethereum [link] [comments]

Can someone please explain the public and private key cryptography infrastructure of bitcoin vs regular online banking? and the impact they have on privacy/security?

I couldn't find a good explanation anywhere.. It would be cool if someone could even further elaborate on how the infrastructure was for silkroad and the order processing program that was being used to send/receive packages anonymously.
submitted by Emperor_YSSAC to Bitcoin [link] [comments]

YouTube channel 'Art of the Problem' explains public key cryptography and other bitcoin related technologies. The newest episode is on computability

YouTube channel 'Art of the Problem' explains public key cryptography and other bitcoin related technologies. The newest episode is on computability submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Staists claims bitcoin is taxable, not being able to explain exactly how, but a lot of handwaving about the IRS being able to. Then willful ignorance about the silkroad and cryptography in general.

Staists claims bitcoin is taxable, not being able to explain exactly how, but a lot of handwaving about the IRS being able to. Then willful ignorance about the silkroad and cryptography in general. submitted by ElizabefWarrenBuffet to Shitstatistssay [link] [comments]

YouTube channel 'Art of the Problem' explains public key cryptography and other bitcoin related technologies. The newest episode is on computability /r/Bitcoin

submitted by BitcoinAllBot to BitcoinAllTV [link] [comments]

YouTube channel 'Art of the Problem' explains public key cryptography and other bitcoin related technologies. The newest episode is on computability

submitted by BitcoinAllBot to BitcoinAllTV [link] [comments]

[CCS Results] Monero Atomic Swaps research

Hi Monero community!
Two months ago I posted a CCS for continuing my research on Monero Atomic Swaps. That research is now complete and I'm happy to present my results.
This post will be a summary of my research, but you can also find the whitepaper that describes the full protocol and all the details here.

Shiny BTC/XMR Atomic Swap Protocol!

We found it! With the help of the MRL, my colleagues, and the community, we created the first (to our knowledge) protocol to atomically swap bitcoin and monero. And this resulting protocol is implementable today - no more obscure crypto!

Why now? What changed?

When I started studying Monero for a Bitcoin/Monero atomic swap three and a half years ago, most of the swap protocols where based on 'Hash Time Locked Contract' (HTLC), something that we all know as non-existent on Monero. So the goal at the beginning of the project was to create an atomic swap where all the logic (timeouts, possible sequences of operation, secret disclosures, etc) is managed on the other chain: the Bitcoin chain.
The second difficulty with Monero and Bitcoin is their respective underlying cryptographic parameters: they don't share the same elliptic curve, they don't share the same signing algorithm; they have nothing in common! This makes the pair a bad candidate for other types of atomic swap that don't (solely) rely on HTLC.
In November 2018 we came up with a draft protocol that respects the above constraints. Thus, the protocol requires a specific type of zero-knowledge proof to be trustless: a hash pre-image zero-knowledge proof. This type of zkp is not wildly used in practice, if at all. Thus the protocol works in theory, but with some obscure crypto, making the protocol a bad candidate for an implementation.
In early 2020, after presenting the draft protocol at 36C3 in December 2019, I discovered, by reference from Sarang Noether (MRL), Andrew Poelstra's idea of doing a discrete logarithm equality across group zero-knowledge proof of knowledge (MRL-0010), meaning that we can prove some relations between elements in two different groups (two curves to simplify) and the paper by LLoyd Fournier on One-Time Verifiably Encrypted Signatures allowing secret disclosure with ECDSA.
With these two new (to me) cryptographic primitives, we were able to replace the previous zero-knowledge proof with a combination of the latter, making the protocol complete and practically feasible.

How it works

As a broad overview (and simplified) the protocol work as follow:
If the swap succeeds, A reveals to B, and if the swap is cancelled, B reveals to A. (We have a third scenario explained in the paper to force reaction and avoid deadlock.)

Next steps

The obvious next step would be to have a working implementation on mainnet, but a ready-to-use implementation that is also robust and safe-to-use requires a lot of engineering work. Furthermore, even though the cryptography is not too obscure, most of it still also lacks an implementation.
I'll post soon, if the community wants it, a CCS proposal to get my team and I to work on implementing this protocol, step by step, with the end goal of creating a working client/daemon for swapping Bitcoin and Monero. It would be very exciting to build that!

Conclusion

Thanks to the MRL and its researchers for their help, the CCS team, and the community for its support!
I hope I fulfilled the community's expectations for my my first CCS - all feedback is appreciated.
submitted by h4sh3d to Monero [link] [comments]

Zano Newcomers Introduction/FAQ - please read!

Welcome to the Zano Sticky Introduction/FAQ!

https://preview.redd.it/al1gy9t9v9q51.png?width=424&format=png&auto=webp&s=b29a60402d30576a4fd95f592b392fae202026ca
Hopefully any questions you have will be answered by the resources below, but if you have additional questions feel free to ask them in the comments. If you're quite technically-minded, the Zano whitepaper gives a thorough overview of Zano's design and its main features.
So, what is Zano? In brief, Zano is a project started by the original developers of CryptoNote. Coins with market caps totalling well over a billion dollars (Monero, Haven, Loki and countless others) run upon the codebase they created. Zano is a continuation of their efforts to create the "perfect money", and brings a wealth of enhancements to their original CryptoNote code.
Development happens at a lightning pace, as the Github activity shows, but Zano is still very much a work-in-progress. Let's cut right to it:
Here's why you should pay attention to Zano over the next 12-18 months. Quoting from a recent update:
Anton Sokolov has recently joined the Zano team. ... For the last months Anton has been working on theoretical work dedicated to log-size ring signatures. These signatures theoretically allows for a logarithmic relationship between the number of decoys and the size/performance of transactions. This means that we can set mixins at a level from up to 1000, keeping the reasonable size and processing speed of transactions. This will take Zano’s privacy to a whole new level, and we believe this technology will turn out to be groundbreaking!
If successful, this scheme will make Zano the most private, powerful and performant CryptoNote implementation on the planet. Bar none. A quantum leap in privacy with a minimal increase in resource usage. And if there's one team capable of pulling it off, it's this one.

What else makes Zano special?

You mean aside from having "the Godfather of CryptoNote" as the project lead? ;) Actually, the calibre of the developers/researchers at Zano probably is the project's single greatest strength. Drawing on years of experience, they've made careful design choices, optimizing performance with an asynchronous core architecture, and flexibility and extensibility with a modular code structure. This means that the developers are able to build and iterate fast, refining features and adding new ones at a rate that makes bigger and better-funded teams look sluggish at best.
Zano also has some unique features that set it apart from similar projects:
Privacy Firstly, if you're familiar with CryptoNote you won't be surprised that Zano transactions are private. The perfect money is fungible, and therefore must be untraceable. Bitcoin, for the most part, does little to hide your transaction data from unscrupulous observers. With Zano, privacy is the default.
The untraceability and unlinkability of Zano transactions come from its use of ring signatures and stealth addresses. What this means is that no outside observer is able to tell if two transactions were sent to the same address, and for each transaction there is a set of possible senders that make it impossible to determine who the real sender is.
Hybrid PoW-PoS consensus mechanism Zano achieves an optimal level of security by utilizing both Proof of Work and Proof of Stake for consensus. By combining the two systems, it mitigates their individual vulnerabilities (see 51% attack and "nothing at stake" problem). For an attack on Zano to have even a remote chance of success the attacker would have to obtain not only a majority of hashing power, but also a majority of the coins involved in staking. The system and its design considerations are discussed at length in the whitepaper.
Aliases Here's a stealth address: ZxDdULdxC7NRFYhCGdxkcTZoEGQoqvbZqcDHj5a7Gad8Y8wZKAGZZmVCUf9AvSPNMK68L8r8JfAfxP4z1GcFQVCS2Jb9wVzoe. I have a hard enough time remembering my phone number. Fortunately, Zano has an alias system that lets you register an address to a human-readable name. (@orsonj if you want to anonymously buy me a coffee)
Multisig
Multisignature (multisig) refers to requiring multiple keys to authorize a Zano transaction. It has a number of applications, such as dividing up responsibility for a single Zano wallet among multiple parties, or creating backups where loss of a single seed doesn't lead to loss of the wallet.
Multisig and escrow are key components of the planned Decentralized Marketplace (see below), so consideration was given to each of them from the design stages. Thus Zano's multisig, rather than being tagged on at the wallet-level as an afterthought, is part of its its core architecture being incorporated at the protocol level. This base-layer integration means months won't be spent in the future on complicated refactoring efforts in order to integrate multisig into a codebase that wasn't designed for it. Plus, it makes it far easier for third-party developers to include multisig (implemented correctly) in any Zano wallets and applications they create in the future.
(Double Deposit MAD) Escrow
With Zano's escrow service you can create fully customizable p2p contracts that are designed to, once signed by participants, enforce adherence to their conditions in such a way that no trusted third-party escrow agent is required.
https://preview.redd.it/jp4oghyhv9q51.png?width=1762&format=png&auto=webp&s=12a1e76f76f902ed328886283050e416db3838a5
The Particl project, aside from a couple of minor differences, uses an escrow scheme that works the same way, so I've borrowed the term they coined ("Double Deposit MAD Escrow") as I think it describes the scheme perfectly. The system requires participants to make additional deposits, which they will forfeit if there is any attempt to act in a way that breaches the terms of the contract. Full details can be found in the Escrow section of the whitepaper.
The usefulness of multisig and the escrow system may not seem obvious at first, but as mentioned before they'll form the backbone of Zano's Decentralized Marketplace service (described in the next section).

What does the future hold for Zano?

The planned upgrade to Zano's privacy, mentioned at the start, is obviously one of the most exciting things the team is working on, but it's not the only thing.
Zano Roadmap
Decentralized Marketplace
From the beginning, the Zano team's goal has been to create the perfect money. And money can't just be some vehicle for speculative investment, money must be used. To that end, the team have created a set of tools to make it as simple as possible for Zano to be integrated into eCommerce platforms. Zano's API’s and plugins are easy to use, allowing even those with very little coding experience to use them in their E-commerce-related ventures. The culmination of this effort will be a full Decentralized Anonymous Marketplace built on top of the Zano blockchain. Rather than being accessed via the wallet, it will act more as a service - Marketplace as a Service (MAAS) - for anyone who wishes to use it. The inclusion of a simple "snippet" of code into a website is all that's needed to become part a global decentralized, trustless and private E-commerce network.
Atomic Swaps
Just as Zano's marketplace will allow you to transact without needing to trust your counterparty, atomic swaps will let you to easily convert between Zano and other cyryptocurrencies without having to trust a third-party service such as a centralized exchange. On top of that, it will also lead to the way to Zano's inclusion in the many decentralized exchange (DEX) services that have emerged in recent years.

Where can I buy Zano?

Zano's currently listed on the following exchanges:
https://coinmarketcap.com/currencies/zano/markets/
It goes without saying, neither I nor the Zano team work for any of the exchanges or can vouch for their reliability. Use at your own risk and never leave coins on a centralized exchange for longer than necessary. Your keys, your coins!
If you have any old graphics cards lying around(both AMD & NVIDIA), then Zano is also mineable through its unique ProgPowZ algorithm. Here's a guide on how to get started.
Once you have some Zano, you can safely store it in one of the desktop or mobile wallets (available for all major platforms).

How can I support Zano?

Zano has no marketing department, which is why this post has been written by some guy and not the "Chief Growth Engineer @ Zano Enterprises". The hard part is already done: there's a team of world class developers and researchers gathered here. But, at least at the current prices, the team's funds are enough to cover the cost of development and little more. So the job of publicizing the project falls to the community. If you have any experience in community building/growth hacking at another cryptocurrency or open source project, or if you're a Zano holder who would like to ensure the project's long-term success by helping to spread the word, then send me a pm. We need to get organized.
Researchers and developers are also very welcome. Working at the cutting edge of mathematics and cryptography means Zano provides challenging and rewarding work for anyone in those fields. Please contact the project's Community Manager u/Jed_T if you're interested in joining the team.
Social Links:
Twitter
Discord Server
Telegram Group
Medium blog
I'll do my best to keep this post accurate and up to date. Message me please with any suggested improvements and leave any questions you have below.
Welcome to the Zano community and the new decentralized private economy!
submitted by OrsonJ to Zano [link] [comments]

d down, k up, everybody's a game theorist, titcoin, build wiki on Cardano, (e-)voting, competitive marketing analysis, Goguen product update, Alexa likes Charles, David hates all, Adam in and bros in arms with the scientific counterparts of the major cryptocurrency groups, the latest AMA for all!

Decreasing d parameter
Just signed the latest change management document, I was the last in the chain so I signed it today for changing the d parameter from 0.52 to 0.5. That means we are just about to cross the threshold here in a little bit for d to fall below 0.5 which means more than half of all the blocks will be made by the community and not the OBFT nodes. That's a major milestone and at this current rate of velocity it looks like d will decrement to zero around March so lots to do, lots to talk about. Product update, two days from now, we'll go ahead and talk about that but it crossed my desk today and I was really happy and excited about that and it seemed like yesterday that d was equal to one and people were complaining that we delayed it by an epoch and now we're almost at 50 percent. For those of you who want parameter-level changes, k-level changes, they are coming and there's an enormous internal conversation about it and we've written up a powerpoint presentation and a philosophy document about why things were designed the way that they're designed.
Increasing k parameter and upcoming security video and everybody's a game theorist
My chief scientist has put an enormous amount of time into this. Aggelos is very passionate about this particular topic and what I'm going to do is similar to the security video that I did where I did an hour and a half discussion about a best practice for security. I'm going to actually do a screencasted video where I talk about this philosophy document and I'm going to read the entire document with annotations with you guys and kind of talk through it. It might end up being quite a long video. It could be several hours long but I think it's really important to talk around the design philosophy of this. It's kind of funny, everybody, when they see a cryptographic paper or math paper, they tend to just say okay you guys figure that out. No one's an expert in cryptography or math and you don't really get strong opinions about it but game theory despite the fact that the topics as complex and in some cases more complex you tend to get a lot of opinions and everybody's a game theorist. So, there was enormous amount of thought that went into the design of the system, the parameters of system, everything from the reward functions to other things and it's very important that we explain that thought process in as detailed of a way as possible. At least the philosophy behind it then I feel that the community is in a really good position to start working on the change management. It is my position that I'd love to see k largely increased. I do think that the software needs some improvements to get there especially partial delegation delegation portfolios and some enhancements into the operation of staking especially.
E-voting
I'd love to see the existence of hybrid wallets where you have a cold part a hot part and we've had a lot of conversations about that and we will present some of the progress in that matter at the product updates. If not this October certainly in November. A lot of commercialization going along, a lot of things going on and flowing around and you know, commercial teams working hard. As I mentioned we have a lot of deals in the pipeline. The Wyoming event was half political, half sales. We were really looking into e-voting and we had very productive conversations along those lines. It is my goal that Cardano e-voting software is used in political primaries and my hope is for eventually to be used in municipal and state and eventually federal elections and then in national elections for countries like Ethiopia, Mongolia and other places. Now there is a long road, long, long road to get there and many little victories that have to begin but this event. Wyoming was kind of the opener into that conversation there were seven independent parties at the independent national convention and we had a chance to talk to the leadership of many of them. We will also engage in conversation with the libertarian party leadership as well and at the very least we could talk about e-voting and also blockchain-based voting for primaries that would be great start and we'll also look into the state of Wyoming for that as well. We'll you know, tell you guys about that in time. We've already gotten a lot of inquiries about e-voting software. We tend to get them along with the (Atala) Prism inquiries. It's actually quite easy to start conversations but there are a lot of security properties that are very important like end-to-end verifiability hybrid ballots where you have both a digital and a paper ballot delegation mechanics as well as privacy mechanics that are interesting on a case-by-case basis.
Goguen, voting, future fund3, competitive marketing analysis of Ouroboros vs. EOS, Tezos, Algorand, ETH2 and Polkadot, new creative director
We'll keep chipping away at that, a lot of Goguen stuff to talk about but I'm going to reserve all of that for two days from now for the product update. We're right in the middle, Goguen metadata was the very first part of it. We already have some commercialization platform as a result of metadata, more to come and then obviously lots of smart contract stuff to come. This update and the November update are going to be very Goguen focused and also a lot of alternatives as well. We're still on schedule for an HFC event in I think November or December. I can't remember but that's going to be carrying a lot of things related multisig token locking. There's some ledger rule changes so it has to be an HFC event and that opens up a lot of the windows for Goguen foundations as well as voting on chain so fund3 will benefit very heavily from that. We're right in the guts of Daedalus right now building the voting center, the identity center, QR-code work. All this stuff, it's a lot of stuff, you know, the cell phone app was released last week. Kind of an early beta, it'll go through a lot of rapid iterations every few weeks. We'll update it, google play is a great foundation to launch things on because it's so easy to push updates to people automatically so you can rapidly iterate and be very agile in that framework and you know we've already had 3500 people involved heavily in the innovation management platform ideascale and we've got numerous bids from everything. From John Buck and the sociocracy movement to others. A lot of people want to help us improve that and we're going to see steady and systematic growth there. We're still chipping away at product marketing. Liza (Horowitz) is doing a good job, meet with her two three-times a week and right now it's Ouroboros, Ouroboros, Ouroboros... We're doing competitive analysis of Ouroboros versus EOS, Tezos, Algorand, ETH2 and Polkadot. We think that's a good set. We think we have a really good way of explaining it. David (David Likes Crypto now at IOHK) has already made some great content. We're going to release that soon alongside some other content and we'll keep chipping away at that.
We also just hired a creative director for IO Global. His name's Adam, incredibly experienced creative director, he's worked for Mercedes-Benz and dozens of other companies. He does very good work and he's been doing this for well over 20 years and so the very first set of things he's going to do is work with commercial and marketing on product marketing. In addition to building great content where hope is make that content as pretty as possible and we have Rod heavily involved in that as well to talk about distribution channels and see if we can amplify the distribution message and really get a lot of stuff done. Last thing to mention, oh yeah, iOS for catalyst. We're working on that, we submitted it to the apple store, the iOS store, but it takes a little longer to get approval for that than it does with google play but that's been submitted and it's whenever apple approves it or not. Takes a little longer for cryptocurrency stuff.
Wiki shizzle and battle for crypto, make crypto articles on wiki great again, Alexa knows Charles, Everpedia meets Charles podcast, holy-grail land of Cardano, wiki on Cardano, titcoin
Wikipedia... kind of rattled the cage a little bit. Through an intermediary we got contact with Jimmy Wales. Larry Sanger, the other co-founder also reached out to me and the everpedia guys reached out to me. Here's where we stand, we have an article, it has solidified, it's currently labeled as unreliable and you should not believe the things that are said in it which is David Gerard's work if you look at the edits. We will work with the community and try to get that article to a fair and balanced representation of Cardano and especially after the product marketing comes through. We clearly explain the product I think the Cardano article can be massively strengthened. I've told Rod to work with some specialized people to try to get that done but we are going to work very hard at a systematic approval campaign for all of the scientific articles related to blockchain technology in the cryptocurrency space. They're just terrible, if you go to the proof of work article, the proof of stake or all these things, they're just terrible. They're not well written, they're out of date and they don't reflect an adequate sampling of the science. I did talk to my chief scientist Aggelos and what we're gonna do is reach out to the scientific counterparts that most of the major cryptocurrency groups that are doing research and see if they want to work with us at an industry-wide effort to systematically improve the scientific articles in our industry so that there are a fair and balanced representation of what the current state of the art are, the criticisms, the trade-offs as well as the reference space and of course obviously we'll do quite well in that respect because we've done the science. We're the inheritor of it but it's a shame because when people search proof of stake on google usually wikipedia results are highly biased. We care about wikipedia because google cares about wikipedia, amazon cares about wikipedia.
If you ask Alexa who is Charles Hoskinson, the reason why Alexa knows is because it's reading directly from the wikipedia page. If I didn't have a wikipedia page Alexa would know that so if somebody says Alexa what is Cardano it's going to read directly from the wikipedia page and you know and we can either just pretend that reality doesn't exist or we can accept it and we as a community working with partners in the broader cryptocurrency community can universally improve the quality of cryptocurrency pages. There's been a pattern of commercial censorship on wikipedia for cryptocurrencies in general since bitcoin itself. In fact I think the bitcoin article is actually taken down once back in, might have been, 2010 or 2009 but basically wikipedia has not been a friend of cryptocurrencies. That's why everpedia exists and actually their founders reached out to me and I talked to them over twitter through PMs and we agreed to actually do a podcast. I'm going to do a streamyard, stream with these guys and they'll come on talk all about everpedia and what they do and how they are and we'll kind of go through the challenges that they've encountered. How their platform works and so forth and obviously if they want to ever leave that terrible ecosystem EOS and come to the holy-grail land of Cardano we'd be there to help them out. At least they can tell the world how amazing their product is and also the challenges they're having to overcome. We've also been in great contact with Larry Sanger.
He's going to do an internal seminar at some point with with us and talk about some protocols he's been developing since he left wikipedia specifically to decentralize knowledge management and have a truly decentralized encyclopedia. I'm really looking forward to that and I hope that presentation gives us some inspiration as an ecosystem of things we can do. That's a great piece of infrastructure regardless and after we learn a lot more about it and we talk to a lot of people in ecosystem. If we can't get people to move on over, it would be really good to see through ideascale in the innovation management platform for people to utilize the dc fund to build their own variant of wikipedia on Cardano. In the coming months there will certainly be funding available. If you guys are so passionate about this particular problem that you want to go solve it then I'd be happy to play Elon Musk with the hyperloop and write a white paper on a protocol design and really give a good first start and then you guys can go and try to commercialize that technology as Cardano native assets and Plutus smart contracts in addition to other pieces of technology that have to be brought in to make it practical.
Right now we're just, let's talk to everybody phase, and we'll talk to the everpedia guys, we're going to talk to Larry and we're going to see whoever else is in this game and of course we have to accept the incumbency as it is. So, we're working with obviously the wikipedia side to improve the quality of not only our article but all of the articles and the scientific side of things so that there's a fair and accurate representation of information. One of the reasons why I'm so concerned about this is that I am very worried that Cardano projects will get commercially censored like we were commercially censored. So, yes we do have a page but it took five years to get there and we're a multi-billion dollar project with hundreds of thousands of people. If you guys are doing cutting-edge novel interesting stuff I don't want your experience to be the same as ours where you have to wait five years for your project to get a page even after government's adopted. That's absurd, no one should be censored ever. This is very well a fight for the entire ecosystem, the entire community, not just Cardano but all cryptocurrencies: bitcoin, ethereum and Cardano have all faced commercial censorship and article deletions during their tenure so I don't want you guys to go through that. I'm hoping we can prove that situation but you know you don't put all your eggs in one basket and frankly the time has come for wikipedia to be fully decentralized and liberated from a centralized organization and massively variable quality in the editor base. If legends of valor has a page but Cardano didn't have one until recently titcoin, a pornography coin from 2015, that's deprecated, no one uses it, has a page but Cardano couldn't get one there's something seriously wrong with the quality control mechanism and we need to improve that so it'll get done.
submitted by stake_pool to cardano [link] [comments]

Scaling Reddit Community Points with Arbitrum Rollup: a piece of cake

Scaling Reddit Community Points with Arbitrum Rollup: a piece of cake
https://preview.redd.it/b80c05tnb9e51.jpg?width=2550&format=pjpg&auto=webp&s=850282c1a3962466ed44f73886dae1c8872d0f31
Submitted for consideration to The Great Reddit Scaling Bake-Off
Baked by the pastry chefs at Offchain Labs
Please send questions or comments to [[email protected] ](mailto:[email protected])
1. Overview
We're excited to submit Arbitrum Rollup for consideration to The Great Reddit Scaling Bake-Off. Arbitrum Rollup is the only Ethereum scaling solution that supports arbitrary smart contracts without compromising on Ethereum's security or adding points of centralization. For Reddit, this means that Arbitrum can not only scale the minting and transfer of Community Points, but it can foster a creative ecosystem built around Reddit Community Points enabling points to be used in a wide variety of third party applications. That's right -- you can have your cake and eat it too!
Arbitrum Rollup isn't just Ethereum-style. Its Layer 2 transactions are byte-for-byte identical to Ethereum, which means Ethereum users can continue to use their existing addresses and wallets, and Ethereum developers can continue to use their favorite toolchains and development environments out-of-the-box with Arbitrum. Coupling Arbitrum’s tooling-compatibility with its trustless asset interoperability, Reddit not only can scale but can onboard the entire Ethereum community at no cost by giving them the same experience they already know and love (well, certainly know).
To benchmark how Arbitrum can scale Reddit Community Points, we launched the Reddit contracts on an Arbitrum Rollup chain. Since Arbitrum provides full Solidity support, we didn't have to rewrite the Reddit contracts or try to mimic their functionality using an unfamiliar paradigm. Nope, none of that. We launched the Reddit contracts unmodified on Arbitrum Rollup complete with support for minting and distributing points. Like every Arbitrum Rollup chain, the chain included a bridge interface in which users can transfer Community Points or any other asset between the L1 and L2 chains. Arbitrum Rollup chains also support dynamic contract loading, which would allow third-party developers to launch custom ecosystem apps that integrate with Community Points on the very same chain that runs the Reddit contracts.
1.1 Why Ethereum
Perhaps the most exciting benefit of distributing Community Points using a blockchain is the ability to seamlessly port points to other applications and use them in a wide variety of contexts. Applications may include simple transfers such as a restaurant that allows Redditors to spend points on drinks. Or it may include complex smart contracts -- such as placing Community Points as a wager for a multiparty game or as collateral in a financial contract.
The common denominator between all of the fun uses of Reddit points is that it needs a thriving ecosystem of both users and developers, and the Ethereum blockchain is perhaps the only smart contract platform with significant adoption today. While many Layer 1 blockchains boast lower cost or higher throughput than the Ethereum blockchain, more often than not, these attributes mask the reality of little usage, weaker security, or both.
Perhaps another platform with significant usage will rise in the future. But today, Ethereum captures the mindshare of the blockchain community, and for Community Points to provide the most utility, the Ethereum blockchain is the natural choice.
1.2 Why Arbitrum
While Ethereum's ecosystem is unmatched, the reality is that fees are high and capacity is too low to support the scale of Reddit Community Points. Enter Arbitrum. Arbitrum Rollup provides all of the ecosystem benefits of Ethereum, but with orders of magnitude more capacity and at a fraction of the cost of native Ethereum smart contracts. And most of all, we don't change the experience from users. They continue to use the same wallets, addresses, languages, and tools.
Arbitrum Rollup is not the only solution that can scale payments, but it is the only developed solution that can scale both payments and arbitrary smart contracts trustlessly, which means that third party users can build highly scalable add-on apps that can be used without withdrawing money from the Rollup chain. If you believe that Reddit users will want to use their Community Points in smart contracts--and we believe they will--then it makes the most sense to choose a single scaling solution that can support the entire ecosystem, eliminating friction for users.
We view being able to run smart contracts in the same scaling solution as fundamentally critical since if there's significant demand in running smart contracts from Reddit's ecosystem, this would be a load on Ethereum and would itself require a scaling solution. Moreover, having different scaling solutions for the minting/distribution/spending of points and for third party apps would be burdensome for users as they'd have to constantly shuffle their Points back and forth.
2. Arbitrum at a glance
Arbitrum Rollup has a unique value proposition as it offers a combination of features that no other scaling solution achieves. Here we highlight its core attributes.
Decentralized. Arbitrum Rollup is as decentralized as Ethereum. Unlike some other Layer 2 scaling projects, Arbitrum Rollup doesn't have any centralized components or centralized operators who can censor users or delay transactions. Even in non-custodial systems, centralized components provide a risk as the operators are generally incentivized to increase their profit by extracting rent from users often in ways that severely degrade user experience. Even if centralized operators are altruistic, centralized components are subject to hacking, coercion, and potential liability.
Massive Scaling. Arbitrum achieves order of magnitude scaling over Ethereum's L1 smart contracts. Our software currently supports 453 transactions-per-second for basic transactions (at 1616 Ethereum gas per tx). We have a lot of room left to optimize (e.g. aggregating signatures), and over the next several months capacity will increase significantly. As described in detail below, Arbitrum can easily support and surpass Reddit's anticipated initial load, and its capacity will continue to improve as Reddit's capacity needs grow.
Low cost. The cost of running Arbitrum Rollup is quite low compared to L1 Ethereum and other scaling solutions such as those based on zero-knowledge proofs. Layer 2 fees are low, fixed, and predictable and should not be overly burdensome for Reddit to cover. Nobody needs to use special equipment or high-end machines. Arbitrum requires validators, which is a permissionless role that can be run on any reasonable on-line machine. Although anybody can act as a validator, in order to protect against a “tragedy of the commons” and make sure reputable validators are participating, we support a notion of “invited validators” that are compensated for their costs. In general, users pay (low) fees to cover the invited validators’ costs, but we imagine that Reddit may cover this cost for its users. See more on the costs and validator options below.
Ethereum Developer Experience. Not only does Arbitrum support EVM smart contracts, but the developer experience is identical to that of L1 Ethereum contracts and fully compatible with Ethereum tooling. Developers can port existing Solidity apps or write new ones using their favorite and familiar toolchains (e.g. Truffle, Buidler). There are no new languages or coding paradigms to learn.
Ethereum wallet compatibility. Just as in Ethereum, Arbitrum users need only hold keys, but do not have to store any coin history or additional data to protect or access their funds. Since Arbitrum transactions are semantically identical to Ethereum L1 transactions, existing Ethereum users can use their existing Ethereum keys with their existing wallet software such as Metamask.
Token interoperability. Users can easily transfer their ETH, ERC-20 and ERC-721 tokens between Ethereum and the Arbitrum Rollup chain. As we explain in detail below, it is possible to mint tokens in L2 that can subsequently be withdrawn and recognized by the L1 token contract.
Fast finality. Transactions complete with the same finality time as Ethereum L1 (and it's possible to get faster finality guarantees by trading away trust assumptions; see the Arbitrum Rollup whitepaper for details).
Non-custodial. Arbitrum Rollup is a non-custodial scaling solution, so users control their funds/points and neither Reddit nor anyone else can ever access or revoke points held by users.
Censorship Resistant. Since it's completely decentralized, and the Arbitrum protocol guarantees progress trustlessly, Arbitrum Rollup is just as censorship-proof as Ethereum.
Block explorer. The Arbitrum Rollup block explorer allows users to view and analyze transactions on the Rollup chain.
Limitations
Although this is a bake-off, we're not going to sugar coat anything. Arbitrum Rollup, like any Optimistic Rollup protocol, does have one limitation, and that's the delay on withdrawals.
As for the concrete length of the delay, we've done a good deal of internal modeling and have blogged about this as well. Our current modeling suggests a 3-hour delay is sufficient (but as discussed in the linked post there is a tradeoff space between the length of the challenge period and the size of the validators’ deposit).
Note that this doesn't mean that the chain is delayed for three hours. Arbitrum Rollup supports pipelining of execution, which means that validators can keep building new states even while previous ones are “in the pipeline” for confirmation. As the challenge delays expire for each update, a new state will be confirmed (read more about this here).
So activity and progress on the chain are not delayed by the challenge period. The only thing that's delayed is the consummation of withdrawals. Recall though that any single honest validator knows immediately (at the speed of L1 finality) which state updates are correct and can guarantee that they will eventually be confirmed, so once a valid withdrawal has been requested on-chain, every honest party knows that the withdrawal will definitely happen. There's a natural place here for a liquidity market in which a validator (or someone who trusts a validator) can provide withdrawal loans for a small interest fee. This is a no-risk business for them as they know which withdrawals will be confirmed (and can force their confirmation trustlessly no matter what anyone else does) but are just waiting for on-chain finality.
3. The recipe: How Arbitrum Rollup works
For a description of the technical components of Arbitrum Rollup and how they interact to create a highly scalable protocol with a developer experience that is identical to Ethereum, please refer to the following documents:
Arbitrum Rollup Whitepaper
Arbitrum academic paper (describes a previous version of Arbitrum)
4. Developer docs and APIs
For full details about how to set up and interact with an Arbitrum Rollup chain or validator, please refer to our developer docs, which can be found at https://developer.offchainlabs.com/.
Note that the Arbitrum version described on that site is older and will soon be replaced by the version we are entering in Reddit Bake-Off, which is still undergoing internal testing before public release.
5. Who are the validators?
As with any Layer 2 protocol, advancing the protocol correctly requires at least one validator (sometimes called block producers) that is honest and available. A natural question is: who are the validators?
Recall that the validator set for an Arbitrum chain is open and permissionless; anyone can start or stop validating at will. (A useful analogy is to full nodes on an L1 chain.) But we understand that even though anyone can participate, Reddit may want to guarantee that highly reputable nodes are validating their chain. Reddit may choose to validate the chain themselves and/or hire third-party validators.To this end, we have begun building a marketplace for validator-for-hire services so that dapp developers can outsource validation services to reputable nodes with high up-time. We've announced a partnership in which Chainlink nodes will provide Arbitrum validation services, and we expect to announce more partnerships shortly with other blockchain infrastructure providers.
Although there is no requirement that validators are paid, Arbitrum’s economic model tracks validators’ costs (e.g. amount of computation and storage) and can charge small fees on user transactions, using a gas-type system, to cover those costs. Alternatively, a single party such as Reddit can agree to cover the costs of invited validators.
6. Reddit Contract Support
Since Arbitrum contracts and transactions are byte-for-byte compatible with Ethereum, supporting the Reddit contracts is as simple as launching them on an Arbitrum chain.
Minting. Arbitrum Rollup supports hybrid L1/L2 tokens which can be minted in L2 and then withdrawn onto the L1. An L1 contract at address A can make a special call to the EthBridge which deploys a "buddy contract" to the same address A on an Arbitrum chain. Since it's deployed at the same address, users can know that the L2 contract is the authorized "buddy" of the L1 contract on the Arbitrum chain.
For minting, the L1 contract is a standard ERC-20 contract which mints and burns tokens when requested by the L2 contract. It is paired with an ERC-20 contract in L2 which mints tokens based on whatever programmer provided minting facility is desired and burns tokens when they are withdrawn from the rollup chain. Given this base infrastructure, Arbitrum can support any smart contract based method for minting tokens in L2, and indeed we directly support Reddit's signature/claim based minting in L2.
Batch minting. What's better than a mint cookie? A whole batch! In addition to supporting Reddit’s current minting/claiming scheme, we built a second minting design, which we believe outperforms the signature/claim system in many scenarios.
In the current system, Reddit periodically issues signed statements to users, who then take those statements to the blockchain to claim their tokens. An alternative approach would have Reddit directly submit the list of users/amounts to the blockchain and distribute the tokens to the users without the signature/claim process.
To optimize the cost efficiency of this approach, we designed an application-specific compression scheme to minimize the size of the batch distribution list. We analyzed the data from Reddit's previous distributions and found that the data is highly compressible since token amounts are small and repeated, and addresses appear multiple times. Our function groups transactions by size, and replaces previously-seen addresses with a shorter index value. We wrote client code to compress the data, wrote a Solidity decompressing function, and integrated that function into Reddit’s contract running on Arbitrum.
When we ran the compression function on the previous Reddit distribution data, we found that we could compress batched minting data down to to 11.8 bytes per minting event (averaged over a 6-month trace of Reddit’s historical token grants)compared with roughly 174 bytes of on-chain data needed for the signature claim approach to minting (roughly 43 for an RLP-encoded null transaction + 65 for Reddit's signature + 65 for the user's signature + roughly 8 for the number of Points) .
The relative benefit of the two approaches with respect to on-chain call data cost depends on the percentage of users that will actually claim their tokens on chain. With the above figures, batch minting will be cheaper if roughly 5% of users redeem their claims. We stress that our compression scheme is not Arbitrum-specific and would be beneficial in any general-purpose smart contract platform.
8. Benchmarks and costs
In this section, we give the full costs of operating the Reddit contracts on an Arbitrum Rollup chain including the L1 gas costs for the Rollup chain, the costs of computation and storage for the L2 validators as well as the capital lockup requirements for staking.
Arbitrum Rollup is still on testnet, so we did not run mainnet benchmarks. Instead, we measured the L1 gas cost and L2 workload for Reddit operations on Arbitrum and calculated the total cost assuming current Ethereum gas prices. As noted below in detail, our measurements do not assume that Arbitrum is consuming the entire capacity of Ethereum. We will present the details of our model now, but for full transparency you can also play around with it yourself and adjust the parameters, by copying the spreadsheet found here.
Our cost model is based on measurements of Reddit’s contracts, running unmodified (except for the addition of a batch minting function) on Arbitrum Rollup on top of Ethereum.
On the distribution of transactions and frequency of assertions. Reddit's instructions specify the following minimum parameters that submissions should support:
Over a 5 day period, your scaling PoC should be able to handle:
  • 100,000 point claims (minting & distributing points)
  • 25,000 subscriptions
  • 75,000 one-off points burning
  • 100,000 transfers
We provide the full costs of operating an Arbitrum Rollup chain with this usage under the assumption that tokens are minted or granted to users in batches, but other transactions are uniformly distributed over the 5 day period. Unlike some other submissions, we do not make unrealistic assumptions that all operations can be submitted in enormous batches. We assume that batch minting is done in batches that use only a few percent on an L1 block’s gas, and that other operations come in evenly over time and are submitted in batches, with one batch every five minutes to keep latency reasonable. (Users are probably already waiting for L1 finality, which takes at least that long to achieve.)
We note that assuming that there are only 300,000 transactions that arrive uniformly over the 5 day period will make our benchmark numbers lower, but we believe that this will reflect the true cost of running the system. To see why, say that batches are submitted every five minutes (20 L1 blocks) and there's a fixed overhead of c bytes of calldata per batch, the cost of which will get amortized over all transactions executed in that batch. Assume that each individual transaction adds a marginal cost of t. Lastly assume the capacity of the scaling system is high enough that it can support all of Reddit's 300,000 transactions within a single 20-block batch (i.e. that there is more than c + 300,000*t byes of calldata available in 20 blocks).
Consider what happens if c, the per-batch overhead, is large (which it is in some systems, but not in Arbitrum). In the scenario that transactions actually arrive at the system's capacity and each batch is full, then c gets amortized over 300,000 transactions. But if we assume that the system is not running at capacity--and only receives 300,000 transactions arriving uniformly over 5 days-- then each 20-block assertion will contain about 200 transactions, and thus each transaction will pay a nontrivial cost due to c.
We are aware that other proposals presented scaling numbers assuming that 300,000 transactions arrived at maximum capacity and was executed in a single mega-transaction, but according to our estimates, for at least one such report, this led to a reported gas price that was 2-3 orders of magnitude lower than it would have been assuming uniform arrival. We make more realistic batching assumptions, and we believe Arbitrum compares well when batch sizes are realistic.
Our model. Our cost model includes several sources of cost:
  • L1 gas costs: This is the cost of posting transactions as calldata on the L1 chain, as well as the overhead associated with each batch of transactions, and the L1 cost of settling transactions in the Arbitrum protocol.
  • Validator’s staking costs: In normal operation, one validator will need to be staked. The stake is assumed to be 0.2% of the total value of the chain (which is assumed to be $1 per user who is eligible to claim points). The cost of staking is the interest that could be earned on the money if it were not staked.
  • Validator computation and storage: Every validator must do computation to track the chain’s processing of transactions, and must maintain storage to keep track of the contracts’ EVM storage. The cost of computation and storage are estimated based on measurements, with the dollar cost of resources based on Amazon Web Services pricing.
It’s clear from our modeling that the predominant cost is for L1 calldata. This will probably be true for any plausible rollup-based system.
Our model also shows that Arbitrum can scale to workloads much larger than Reddit’s nominal workload, without exhausting L1 or L2 resources. The scaling bottleneck will ultimately be calldata on the L1 chain. We believe that cost could be reduced substantially if necessary by clever encoding of data. (In our design any compression / decompression of L2 transaction calldata would be done by client software and L2 programs, never by an L1 contract.)
9. Status of Arbitrum Rollup
Arbitrum Rollup is live on Ethereum testnet. All of the code written to date including everything included in the Reddit demo is open source and permissively licensed under the Apache V2 license. The first testnet version of Arbitrum Rollup was released on testnet in February. Our current internal version, which we used to benchmark the Reddit contracts, will be released soon and will be a major upgrade.
Both the Arbitrum design as well as the implementation are heavily audited by independent third parties. The Arbitrum academic paper was published at USENIX Security, a top-tier peer-reviewed academic venue. For the Arbitrum software, we have engaged Trail of Bits for a security audit, which is currently ongoing, and we are committed to have a clean report before launching on Ethereum mainnet.
10. Reddit Universe Arbitrum Rollup Chain
The benchmarks described in this document were all measured using the latest internal build of our software. When we release the new software upgrade publicly we will launch a Reddit Universe Arbitrum Rollup chain as a public demo, which will contain the Reddit contracts as well as a Uniswap instance and a Connext Hub, demonstrating how Community Points can be integrated into third party apps. We will also allow members of the public to dynamically launch ecosystem contracts. We at Offchain Labs will cover the validating costs for the Reddit Universe public demo.
If the folks at Reddit would like to evaluate our software prior to our public demo, please email us at [email protected] and we'd be more than happy to provide early access.
11. Even more scaling: Arbitrum Sidechains
Rollups are an excellent approach to scaling, and we are excited about Arbitrum Rollup which far surpasses Reddit's scaling needs. But looking forward to Reddit's eventual goal of supporting hundreds of millions of users, there will likely come a time when Reddit needs more scaling than any Rollup protocol can provide.
While Rollups greatly reduce costs, they don't break the linear barrier. That is, all transactions have an on-chain footprint (because all calldata must be posted on-chain), albeit a far smaller one than on native Ethereum, and the L1 limitations end up being the bottleneck for capacity and cost. Since Ethereum has limited capacity, this linear use of on-chain resources means that costs will eventually increase superlinearly with traffic.
The good news is that we at Offchain Labs have a solution in our roadmap that can satisfy this extreme-scaling setting as well: Arbitrum AnyTrust Sidechains. Arbitrum Sidechains are similar to Arbitrum Rollup, but deviate in that they name a permissioned set of validators. When a chain’s validators agree off-chain, they can greatly reduce the on-chain footprint of the protocol and require almost no data to be put on-chain. When validators can't reach unanimous agreement off-chain, the protocol reverts to Arbitrum Rollup. Technically, Arbitrum Sidechains can be viewed as a hybrid between state channels and Rollup, switching back and forth as necessary, and combining the performance and cost that state channels can achieve in the optimistic case, with the robustness of Rollup in other cases. The core technical challenge is how to switch seamlessly between modes and how to guarantee that security is maintained throughout.
Arbitrum Sidechains break through this linear barrier, while still maintaining a high level of security and decentralization. Arbitrum Sidechains provide the AnyTrust guarantee, which says that as long as any one validator is honest and available (even if you don't know which one will be), the L2 chain is guaranteed to execute correctly according to its code and guaranteed to make progress. Unlike in a state channel, offchain progress does not require unanimous consent, and liveness is preserved as long as there is a single honest validator.
Note that the trust model for Arbitrum Sidechains is much stronger than for typical BFT-style chains which introduce a consensus "voting" protocols among a small permissioned group of validators. BFT-based protocols require a supermajority (more than 2/3) of validators to agree. In Arbitrum Sidechains, by contrast, all you need is a single honest validator to achieve guaranteed correctness and progress. Notice that in Arbitrum adding validators strictly increases security since the AnyTrust guarantee provides correctness as long as any one validator is honest and available. By contrast, in BFT-style protocols, adding nodes can be dangerous as a coalition of dishonest nodes can break the protocol.
Like Arbitrum Rollup, the developer and user experiences for Arbitrum Sidechains will be identical to that of Ethereum. Reddit would be able to choose a large and diverse set of validators, and all that they would need to guarantee to break through the scaling barrier is that a single one of them will remain honest.
We hope to have Arbitrum Sidechains in production in early 2021, and thus when Reddit reaches the scale that surpasses the capacity of Rollups, Arbitrum Sidechains will be waiting and ready to help.
While the idea to switch between channels and Rollup to get the best of both worlds is conceptually simple, getting the details right and making sure that the switch does not introduce any attack vectors is highly non-trivial and has been the subject of years of our research (indeed, we were working on this design for years before the term Rollup was even coined).
12. How Arbitrum compares
We include a comparison to several other categories as well as specific projects when appropriate. and explain why we believe that Arbitrum is best suited for Reddit's purposes. We focus our attention on other Ethereum projects.
Payment only Rollups. Compared to Arbitrum Rollup, ZK-Rollups and other Rollups that only support token transfers have several disadvantages:
  • As outlined throughout the proposal, we believe that the entire draw of Ethereum is in its rich smart contracts support which is simply not achievable with today's zero-knowledge proof technology. Indeed, scaling with a ZK-Rollup will add friction to the deployment of smart contracts that interact with Community Points as users will have to withdraw their coins from the ZK-Rollup and transfer them to a smart contract system (like Arbitrum). The community will be best served if Reddit builds on a platform that has built-in, frictionless smart-contract support.
  • All other Rollup protocols of which we are aware employ a centralized operator. While it's true that users retain custody of their coins, the centralized operator can often profit from censoring, reordering, or delaying transactions. A common misconception is that since they're non-custodial protocols, a centralized sequencer does not pose a risk but this is incorrect as the sequencer can wreak havoc or shake down users for side payments without directly stealing funds.
  • Sidechain type protocols can eliminate some of these issues, but they are not trustless. Instead, they require trust in some quorum of a committee, often requiring two-third of the committee to be honest, compared to rollup protocols like Arbitrum that require only a single honest party. In addition, not all sidechain type protocols have committees that are diverse, or even non-centralized, in practice.
  • Plasma-style protocols have a centralized operator and do not support general smart contracts.
13. Concluding Remarks
While it's ultimately up to the judges’ palate, we believe that Arbitrum Rollup is the bakeoff choice that Reddit kneads. We far surpass Reddit's specified workload requirement at present, have much room to optimize Arbitrum Rollup in the near term, and have a clear path to get Reddit to hundreds of millions of users. Furthermore, we are the only project that gives developers and users the identical interface as the Ethereum blockchain and is fully interoperable and tooling-compatible, and we do this all without any new trust assumptions or centralized components.
But no matter how the cookie crumbles, we're glad to have participated in this bake-off and we thank you for your consideration.
About Offchain Labs
Offchain Labs, Inc. is a venture-funded New York company that spun out of Princeton University research, and is building the Arbitrum platform to usher in the next generation of scalable, interoperable, and compatible smart contracts. Offchain Labs is backed by Pantera Capital, Compound VC, Coinbase Ventures, and others.
Leadership Team
Ed Felten
Ed Felten is Co-founder and Chief Scientist at Offchain Labs. He is on leave from Princeton University, where he is the Robert E. Kahn Professor of Computer Science and Public Affairs. From 2015 to 2017 he served at the White House as Deputy United States Chief Technology Officer and senior advisor to the President. He is an ACM Fellow and member of the National Academy of Engineering. Outside of work, he is an avid runner, cook, and L.A. Dodgers fan.
Steven Goldfeder
Steven Goldfeder is Co-founder and Chief Executive Officer at Offchain Labs. He holds a PhD from Princeton University, where he worked at the intersection of cryptography and cryptocurrencies including threshold cryptography, zero-knowledge proof systems, and post-quantum signatures. He is a co-author of Bitcoin and Cryptocurrency Technologies, the leading textbook on cryptocurrencies, and he has previously worked at Google and Microsoft Research, where he co-invented the Picnic signature algorithm. When not working, you can find Steven spending time with his family, taking a nature walk, or twisting balloons.
Harry Kalodner
Harry Kalodner is Co-founder and Chief Technology Officer at Offchain Labs where he leads the engineering team. Before the company he attended Princeton as a Ph.D candidate where his research explored economics, anonymity, and incentive compatibility of cryptocurrencies, and he also has worked at Apple. When not up at 3:00am writing code, Harry occasionally sleeps.
submitted by hkalodner to ethereum [link] [comments]

Cryptocurrencies, a strong asset in times of inflation

Unless you live in a dark cavern in some isolated place, it’s not a secret the financial crisis the world is living right now due to the Covid-19 pandemic. Even countries that once were economic models are out of the comfortable place of stability.
The pandemic made every government take strict measures in terms of social order to save lives and, thus, contain the social instability that this virus meant. But this obviously had an economic cost: without people, there’s no economy, says Mickael Mosse.
Only look at the global financial crisis of 2008, governments around the world were taking expansionary monetary measures to try to keep afloat given the circumstances. Right now, governments have the same task: keep their economies up and running. So they’re printing and injecting extra money to the economy, since they no longer can function like they did before Covid. Take for example the UK. The Bank of England has been pumping money into the economy and in June alone, it injected £100bn to help fight the coronavirus-induced downturn.
Unfortunately, according to Mickael Mosse, there are side effects and one of the most feared is inflation. Inflation is the one thing central banks have to keep in mind for everything, and the rest of government policies depend on this management of inflation.
But what about you and me? How this affects us? Well, inflation erodes our purchasing power with fiat money. Prices surge and fiat value decreases. Were you planning on buy that car you always dreamed of? Or traveling to your favorite destination once the Covid restrictions are over? In an inflationary scenario, which is in the forecast due to the economic policies implemented, your fiat money might fall short because the general prices of things will rise. It’s difficult to predict how it all will play out at the end but the volatility of fiat money is certain, Mickael Mosse explains.
Fortunately, there’s one place were money and state policies are totally independent. One place stripped of the more political debates of which policy or how much of it is good. A neutral but global system of value transfer that is open yet secure and verifiable thanks to blockchain and cryptography. That’s cryptocurrencies.
But what about other commodities that are the safe place from inflation, like gold. Yeah, gold is and will keep being a stable heaven to protect value from crisis. However, it has some pitfalls like the storage of it or not being able to use it as, well, a currency.
Cryptocurrencies do the same job than gold, says Mickael Mosse, and that’s why bitcoin is dubbed as “digital gold”, in protecting against unexpected crises, including loss of value or inflation. In fact, the most known cryptocurrency, bitcoin, has shown proof of being more stable than traditional markets during this pandemic, where stocks and oil has shown increased volatility. Since February, bitcoin has seen around 0.6% gains, proving that Bitcoin is a serious contender in the preservation of wealth.
Although you might have your own evaluating formulas to choose the right asset for you, it’s true that cryptocurrency is being taken more and more seriously as a hedge against inflation. And I think that if Covid can leave us with something worth remembering is the opportunity to put to the test the robustness of cryptocurrencies right now.
#bitcoin #inflation #crypto #cryptocurrencies #blockchain
submitted by williamsouza10 to u/williamsouza10 [link] [comments]

How does cryptocurrency works?

How does cryptocurrency works?
When we were a much smaller society, people could trade in the community pretty easily, but as the distance in our trade grew, we ended up inventing institutions such as banks, markets, stocks etc. that help us to conduct financial transactions. The currencies we are operating with nowadays are bills or coins, controlled by a centralized authority and tracked by previously mentioned financial institutions. The thing is, having a third party in our money transactions is not always what we wish for. But fortunately, today we have a tool that allows us to make fast and save financial transactions without any middlemen, it has no central authority and it is regulated by math. Sounds cool, right? Cryptocurrency is this tool. It is quite a peculiar system, so let’s take a closer look at it.
by StealthEX

Layers of a crypto-cake

Layer 1: Blockchain

First of all – any cryptocurrency is based on the blockchain. In simple words, blockchain is a kind of a database. It stores information in batches, called blocks that are linked together in a chronological way. As the blockchain is not located in one place but rather on thousands of computers around the globe, the blockchain and the transactions thus are decentralized, they have no head center. The newest blocks of transaction are continuously added on (or changed) to all the previous blocks. That’s how you get a cryptocurrency blockchain.
The technology’s name is a compound of the words “block” and “chain”, as the “blocks” of information are linked together in a “chain”. That’s how crypto security works – the information in the recently created block depends on the previous one. It means that no block can be changed without affecting the others, this system prevents a blockchain from being hacked.
There are 2 kinds of blockchain: private and public. Public, as goes by its name, is publicly available blockchain, whereas private blockchain is permissioned, which only a limited number of people have access to.

Layer 2: Transaction

In fact, everything begins with the intention of someone to complete a transaction. A transaction itself is a file that consists of the sender’s and recipient’s public keys (wallet addresses) and the amount of coins transferred. The sender begins by logging in into his cryptocurrency wallet with the private key – a unique combination of letters and numbers, something you would call a personal password in a bank. Now the transaction is signed and the first step which is called basic public key cryptography is completed.
Then the signed (encrypted) transaction is shared with everyone in the cryptocurrency network, meaning it gets to every other peer. We should mention that the transaction is firstly queued up to be added to the public ledger. Then, when it’s broadcasted to the public ledger, all the computers add a new transaction to a shared list of recent transactions, known as blocks.
Having a ledger forces everyone to “play fair” and reduce the risk of spending extra. The numbers of transactions are publicly available, but the information about senders and receivers is encrypted. Each transaction holds on to a unique set of keys. Whoever owns a set of keys, owns the amount of cryptocurrency associated with those keys (just like whoever owns a bank account owns the money in it). This is how peer-to-peer technology works.

Layer 3: Mining

Now let’s talk about mining. Once confirmed, the transaction is forever captured into the blockchain history**.** The verification of the block is done by Cryptocurrency Miners – they verify and then add blocks to the public ledger. To verify them, miners go down on the road of solving a very difficult math puzzle using powerful software, which is that the computer needs to produce the correct sequence number – “hash” – that is specific to the given block, there is not much chance of finding it. Whoever solves the puzzle first, gets the opportunity to officially add a block of transactions to the ledger and get fresh and new coins as reward. The reward is given in whatever cryptocurrency’s blockchain miners are operating into. For example, BTC originally used to reward miners in 50 BTC, but after the first halving it decreased to 25 BTC, and at present time it is 6.25 BTC. The process of miners competing against each other in order to complete the transactions on the network and get rewarded is known as the Proof-of-Work (PoW) algorithm, which is natural for BTC and many other cryptocurrencies. Also there are another consensus mechanisms: Proof-of-Stake (PoS), Delegated Proof-of-Stake (dPoS), Proof-of-Authority (PoA), Byzantine Fault Tolerance (BFT), Practical Byzantine Fault Tolerance (pBFT), Federated Byzantine Agreement (FBA) and Delegated Byzantine Fault Tolerance (dBFT). Still, all of them are used to facilitate an agreement between network participants.
The way that system works – when many computers try to verify a block – guarantees that no computer is going to monopolize a cryptocurrency market. To ensure the competition stays fair, the puzzle becomes harder as more computers join in. Summing it up, let’s say that mining is responsible for two aspects of the crypto mechanism: producing the proof and allowing more coins to enter circulation.

Types of cryptocurrency

In the virtual currency world there are a bunch of different cryptocurrency types with their own distinctive features.
The first cryptocurrency is, of course, Bitcoin. Bitcoin is the first crypto coin ever created and used. BTC is the most liquid cryptocurrency in the market and has the highest market cap among all the cryptocurrencies.

Altcoins

The term ‘altcoins’ means ‘alternatives’ of Bitcoin. The first altcoin Namecoin was created in 2011 and later on hundreds of them appeared in crypto-world, among them are Ravencoin, Dogecoin, Litecoin, Syscoin etc. Altcoins were initially launched with a purpose to overcome Bitcoin’s weak points and become upgraded substitutes of Bitcoin. Altcoins usually stand an independent blockchain and have their own miners and wallets. Some altcoins actually have boosted features yet none of them gained popularity akin to Bitcoin. More about altcoins in our article.

Tokens

Token is a unit of account that is used to represent the digital balance of an asset. Basically tokens represent an asset or utility that usually are made on another blockchain. Tokens are registered in a database based on blockchain technology, and they are accessed through special applications using electronic signature schemes.
Tokens and cryptocurrencies are not the same thing. Let’s explain it more detailed:
• First of all, unlike cryptocurrencies, tokens can be issued and managed both centralized and decentralized.
• The verification of the token transactions can be conducted both centralized and decentralized, when cryptocurrencies’ verification is only decentralized.
• Tokens do not necessarily run their own blockchain, but for cryptocurrencies having their own blockchain is compulsory.
• Tokens’ prices can be affected by a vast range of factors such as demand and supply, tokens’ additional emission, or binding to other assets. On the other hand, the price of cryptocurrencies is completely regulated by the market.
Tokens can be:
• Utility tokens – something that accesses a user to a product or service and support dApps built on the blockchain.
• Governance tokens – fuel for voting systems executed on the blockchain.
• Transactional tokens – serve as a unit of accounts and used for trading.
• Security tokens – represent legal ownership of an asset, can be used in addition to or in place of a password.
Tokens are usually created through smart contracts and are often adapted to an ICO – initial coin offering, which is a means of crowdfunding. It is much easier to create tokens, that is why they make a majority of coins in existence. Altcoin and token blockchains work on the concept of smart contracts or decentralized applications, where the programmable, self-executing code is ruling the transactions within a blockchain. By the way, the vast majority of tokens were distributed on the Ethereum platform.

Forks

Generally a fork occurs when a protocol code, on which the blockchain is operating, is being changed, modified and updated by developers or users. Due to the changes, the blockchain splits into 2 paths: an old way of doing things and a new way. These changes may happen because: a disagreement between users and creators; a major hack, as it was with Ethereum; developers’ decision to fix errors and add new functionality. The blockchain mainly splits into hard forks and soft forks. Shortly speaking, coin hard forks cannot work with older versions while soft forks still can work with older versions.
Hard fork – after a hard fork, a new version is completely separated from the previous one, there’s no connection between them anymore, although the new version keeps the data of all the previous transactions but now on, each version will have its own transaction history. In order to use the new versions, every node has to upgrade their software. A hard fork requires majority support (or consensus) from coin holders with a connection to the coin network. If enough users don’t update then you will be unable to get a clean upgrade which could lead to a break in the blockchain.
Soft fork – a protocol change, but with backward compatibility. The rules of the network have been changed, but nodes running the old software will still be able to validate transactions, but those updated nodes won’t be able to mine new blocks. So to be used and useful, soft forks require the majority of the network’s hash power. Otherwise, they risk becoming set out and anyway ending up as a hard fork.

Stablecoins

As it comes from the name, stablecoins are price-stabilized that are becoming big in the crypto world. Still enjoying most of the “typical-cryptocurrency” benefits, it is standing out as a fixed and stable coin, not volatile at all. Stablecoins’ values are stabilized by pegging them to other assets such as the US Dollar or gold.
Stablecoins include Tether (USDT), Standard (PAX), Gemini Dollar (GUSD) which are backed by the US Dollar and approved by the New York State Department of Financial Services.

Conclusion

Now that we hacked into cryptocurrency, you probably understand that it is much less mysterious than it first seemed. Nowadays, cryptocurrencies are making the revolution of the financial institution. For example, Bitcoin is currently used in 96 countries and growing, with more than 12,000 transactions per hour. More and more investors are involved, banks and governments realize that these cutting edge technologies are prone to draw their control away. Cryptocurrencies are slowly changing the world and you can choose – either stand beside and observe or become part of history in the making.
And remember if you need to exchange your coins StealthEX is here for you. We provide a selection of more than 300 coins and constantly updating the cryptocurrency list so that our customers will find a suitable option. Our service does not require registration and allows you to remain anonymous. Why don’t you check it out? Just go to StealthEX and follow these easy steps:
✔ Choose the pair and the amount for your exchange. For example BTC to ETH.
✔ Press the “Start exchange” button.
✔ Provide the recipient address to which the coins will be transferred.
✔ Move your cryptocurrency for the exchange.
✔ Receive your coins.
Follow us on Medium, Twitter, Facebook, and Reddit to get StealthEX.io updates and the latest news about the crypto world. For all requests message us via [[email protected]](mailto:[email protected]).
The views and opinions expressed here are solely those of the author. Every investment and trading move involves risk. You should conduct your own research when making a decision.
Original article was posted on https://stealthex.io/blog/2020/09/29/how-does-cryptocurrency-works/
submitted by Stealthex_io to StealthEX [link] [comments]

RiB Newsletter #15 – Turbofish in the Blocksea

Rust blockchain development continued at its typical blistering pace, and again it's impossible to follow everything going on.
This month we see continued advancement in zero-knowledge computing, an obvious focus from the entire blockchain industry on the DeFi phenomenon, and some new hackathons with opportunities for Rust developers.
Every month seems to bring advancements in zero-knowledge proofs, and new implementations in Rust. It is a research area that will probably impact the general computing industry eventually, and one where the blockchain industry is leading the way, and one where Rust has a huge foothold. Even projects that are not written in Rust we see implementing their zero-knowledge cryptography in Rust. But this stuff is extremely technical, and improving at a rapid pace. We fear we will never understand it.
There are several Rust blockchains now in development that are built around zero-knowledge VMs, whose smart contracts create zero-knowledge proofs:
These are networks that support nearly arbitrary computation over secret inputs. Like programable Zcash.
Speaking of Zcash, the zkSNARK pioneers announced their next-generation zero-knowledge proof system, called Halo 2, which uses a new zkSNARK construction, PLONK.
Two projects built on Rust blockchains launched this month: Serum, a decentralized exchange built on Solana; and Flux, a prediction market built on NEAR. Next month Secret Network launches their mainnet.
Finally, Mozilla laid off all but one of its full-time Rust employees. There are a few other people left at Mozilla who actively contribute to Rust as part of their role in Firefox, but this mostly ends Mozilla's commitment to Rust's development.
There's no need to worry though. Rust was designed to outlive Mozilla's withdrawal, and the project will continue nearly unaffected.

Project Spotlight

Each month we like to shine a light on a notable Rust blockchain project. This month that project is…
Fluence.
This is a blockchain with built-in software license management. We’re excited about this because license management is a rare non-currency use case for blockchains that makes a lot of sense. While we might expect to see more blockchain platforms devoted solely to digital licensing, fluence is actually a complete distributed computing platform, with a unique vision about using license management to generate profit from open source software.

Interesting Things

News

Blog Posts

Papers

Projects

Podcasts and Videos


Read more: https://rustinblockchain.org/newsletters/2020-09-02-turbofish-in-the-blocksea/
submitted by Aimeedeer to rust [link] [comments]

The Truth about Bitcoin?

Part 1/4 - NSA Connection:
First off, the SHA-256 algorithm, which stands for Secure Hash Algorithm 256, is a member of the SHA-2 cryptographic hash functions designed by the NSA and first published in 2001.
SHA-256, like other hash functions, takes any input and produces an output (often called a hash) of fixed length. The output of a hashing algorithm such as SHA-256 will always be the same length - regardless of the input size. Specifically, the output is, as the name suggests, 256 bits.
Moreover, all outputs appear completely random and offer no information about the input that created it.
The Bitcoin Network utilises the SHA-256 algorithm for mining and the creation of new addresses.
Who is Satoshi Nakamoto? What does Satoshi Nakamoto mean?
Out of respect for their anonymity, it would be rude to speculate in a video about who Satoshi Nakamoto is likely to be. The reality is, it's not important. Let me explain: Any human being can be attacked. Jesus could come back from the dead, and there would be haters. Therefore, the Satoshi Nakamoto approach neutralises the natural human herd behaviour, exacerbated by the media, to attack and discredit. This is a very important part of Bitcoin's success thus far. Also, from a security perspective, those who wish to dox Satoshi Nakamoto in a video are essentially putting his, or her, or their, life at risk...for the sake of views.
As a genius who has produced an innovation not just from a technical perspective but also a monetary perspective, they should be treated with more respect than that.
As for the name Satoshi Nakamoto, I would speculate that it is a homage to Tatsuaki Okamoto and Satoshi Obana - two cryptographers from Japan. There is another reason for the name, but that...is confidential.
In 1996, the NSA's Cryptology Division of their Office of Information Security Research and Technology published a paper titled: "How to make a mint: The cryptography of anonymous electronic cash", first publishing it in an MIT mailing list and later, in 1997, in the American University Law Review. One of the researchers they referenced was Tatsuaki Okamoto.

Part 2/4 - 'Crypto Market':
Most of the crypto market is a scam.
By the way, this was predicted very early on in the Bitcoin Talk forums - check out this interaction from November 8th, 2010:
"if bitcoin really takes off I can see lots of get-rich-quick imitators coming on the scene: gitcoin, nitcoin, witcoin, titcoin, shitcoin...
Of course the cheap imitators will disappear as quickly as those 1990s "internet currencies", but lots of people will get burned along the way."
To which Bitcoin OG Gavin Andresen replies:
"I agree - we're in the Wild West days of open-source currency. I expect people will get burned by scams, imitators, ponzi schemes and price bubbles."
"I don't think there's a whole lot that can be done about scammers, imitators and ponzi schemes besides warning people to be careful with their money (whether dollars, euros or bitcoins)."
Now, on the one hand, lack of regulation is more meritocratic (as you don't have to be an accredited investor just to get access).
On the other hand, it means that crypto is, as Gavin said, a Wild West environment, with many cowboys in the Desert. Be careful.
This is the same with most online courses - particularly 'How to get rich quick' courses - however with crypto you have an exponential increase in the supply of victims during the bull cycles so it is particularly prevalent during those times.
In addition to this, leverage trading exchanges, which are no different to casinos, prey on naive retail traders who:
A) Think they can outsmart professional traders with actual risk management skills; and
B) Think they can outsmart the exchanges themselves who have an informational advantage as well as an incentive to chase stop losses and liquidate positions.

Part 3/4 - CBDCs:
The Fed and Central Banks around the world have printed themselves into a corner.
Quantitative easing was the band-aid for the Great Financial Crisis in 2008, and more recent events have propelled the rate of money printing to absurd levels.
This means that all currencies are in a race to zero - and it becomes a game of who can print more fiat faster.
The powers that be know that this fiat frenzy is unsustainable, and that more and more people are becoming aware that it is a debt based system, based on nothing.
The monetary system devised by bankers, for bankers, in 1913 on Jekyll Island and supercharged in 1971 is fairly archaic and also does not allow for meritocratic value transfer - fiat printing itself increases inequality.
They, obviously, know this (as it is by design).
The issue (for them) is that more and more people are starting to become aware of this.
Moving to a modernised monetary system will allow those who have rigged the rules of the game for the last Century to get away scot-free.
It will also pave the way for a new wealthy, and more tech literate, elite to emerge - again predicted in the Bitcoin Talk forums.
Now...back to the powers that be.
Bitcoin provides a natural transition to Central Bank Digital Currencies (CBDCs) and what I would describe as Finance 2.0, but what are the benefits of CBDCs for the state?
More control, easier tax collection, more flexibility in monetary policy (i.e. negative interest rates) and generally a more efficient monetary system.
This leads us to the kicker: which is the war on cash. The cashless society was a fantasy just a few years ago, however now it doesn't seem so far fetched. No comment.

Part 4/4 - Bitcoin:
What about Bitcoin?
Well, Bitcoin has incredibly strong network effects; it is the most powerful computer network in the World.
But what about Bitcoin's reputation?
Bankers hate it.
Warren Buffett hates it.
Precisely, and the public hates bankers.
Sure, the investing public respects Buffett, but the general public perception of anyone worth $73 billion is not exactly at all time highs right now amid record wealth inequality.
In the grand scheme of things, the market cap of Bitcoin is currently around $179 billion.
For example, the market cap of Gold is around $9 trillion, which is 50x the Market Cap of Bitcoin.
Money has certain characteristics.
In my opinion, what makes Bitcoin unique is the fact that it has a finite total supply (21 million) and a predictable supply schedule via the halving events every 4 years, which cut in half the rate at which new Bitcoin is released into circulation.
Clearly, with these properties, it seems likely that Bitcoin could act as a meaningful hedge against inflation.
One of the key strengths of Bitcoin is the fact that the Network is decentralised...
Many people don't know that PayPal originally wanted to create a global currency similar to crypto.
Overall, a speculative thesis would be the following:
Satoshi Nakamoto is one of the most important entities of the 21st Century, and will accelerate the next transition of the human race.
Trusted third parties are security holes.
Bitcoin is the catalyst for Finance 2.0, whereby value transfer is conducted in a more meritocratic and decentralised fashion.
In 1964, Russian astrophysicist Nikolai Kardashev designed the Kardashev Scale.
At the time, he was looking for signs of extraterrestrial life within cosmic signals.
The Scale has three categories, which are based on the amount of usable energy a civilisation has at its disposal, and the degree of space colonisation.
Generally, a Type 1 Civilisation has achieved mastery of its home planet (10^16W);
A Type 2 Civilisation has mastery over its solar system (10^26W);
and a Type 3 Civilisation has mastery over its Galaxy (10^36W).
We humans are a Type 0 Civilisation on this Scale.
Nonetheless, our exponential technological growth in the few decades indicates that we are somewhere between Type 0 and Type 1.
In fact, according to Carl Sagan's interpolated Kardashev Scale and recent global energy consumption, we are about 0.73.
Physicist Freeman Dyson estimated that within 200 years or so, we should attain Type 1 status.
As a technology that, through its decentralisation, links entities globally and makes value transfer between humans more efficient, Bitcoin could prove a key piece of our progression as a civilisation.
What are your thoughts?
Is it true...or false?
https://www.youtube.com/watch?v=1oQLOqpP1ZM
submitted by financeoptimum to conspiracy [link] [comments]

Cryptography  Blockchain - YouTube What Is Bitcoin,Bitcoin Mining, Cryptography - Explained What is Bitcoin, Cryptography and blockchain ? (Explained in HINDI) The Cryptography Behind Bitcoin - YouTube How Bitcoin Works Under the Hood - YouTube

Explained by Craig Wright read his full article here One of the frequent topics that comes up around Bitcoin is its cryptographic nature, and what attributes people assume it gains from this quality. Debates often center around whether it is private or anonymous, and how much governments can step in. Clearing everything up once again […] What is Bitcoin: Explained. Introduction. Satoshi Nakamoto developed the software of Bitcoin. He offered an electronic payment system, which is based on the use of mathematical calculations. The idea was to create an electronic decentralized cash system in the form of a distributed and immutable ledger – blockchain. The legend of Satoshi Nakamoto is one of the greatest Internet mysteries in ... Bitcoin: The first blockchain. Now that you know the basics about the study of cryptography, it’s time to start looking at the underlying structure of bitcoin, the original blockchain. Bitcoin was initially proposed as a cryptography-based currency that could avoid the downsides of having a financial system controlled by central institutions. Cryptography. There are several cryptographic technologies that make up the essence of Bitcoin. First is public key cryptography.Each coin is associated with its current owner's public ECDSA key. When you send some bitcoins to someone, you create a message (transaction), attaching the new owner's public key to this amount of coins, and sign it with your private key. Signatures in Bitcoin. In many ways, this is the traditional cryptography in Bitcoin. We ask the question, “How do we know that Alice was authorized to transfer 100 Bitcoins to Bob,” and anyone who has used public-key cryptography knows the answer is, “Alice signs the transaction with her private key and publishes this signature for the Bitcoin network to verify with her public key.”

[index] [37152] [34737] [4502] [38044] [20864] [21528] [8325] [841] [33500] [47122]

Cryptography Blockchain - YouTube

A somewhat technical explanation of how Bitcoin works. Want more? Check out my new in-depth course on the latest in Bitcoin, Blockchain, and a survey of the ... Basic knowledge of Cryptography and block chain used in Cryptocurrencies. In this video we will discuss : Peer to peer network Confidentiality Integrity Non-repudiation Authentication Cryptography Encryption Decryption #blockchain ... We recorded a presentation we gave to our class on the Cryptography Behind Bitcoin and shared it with you all! (HINDI) What Is Bitcoin,Bitcoin Mining,Cryptography - Explained Subscribe Now On www.youtube.com/techniquegyan follow Us on:- facebook.com/techniquegyan twit...

#