Bitcoin Transactions No Longer Anonymous - Liberty Nation
Bitcoin Transactions No Longer Anonymous - Liberty Nation
Blockchain Front Page: Anonymous transactions in Bitcoin ...
Bitcoin Isn’t Anonymous. Is That a Dealbreaker? – Reason.com
Buying and Using Bitcoin Anonymously Without ID (2020 Updated)
How to Anonymously Buy Bitcoin Online and in Person ...
Buy Bitcoin Paypal
Bit coin is a peer to peer transaction system created last year that uses trades to be, conducted by a digital money, the bit coin. Unlike monies given by states, Bit Coin is completely electronic and is separate of any state or market, without ties to some monetary authority, corporation, or business.
Ultimate glossary of crypto currency terms, acronyms and abbreviations
Is this the last decade of cash? The corona pandemic is not helping. Belgian media is picking up the Australian news about the coronavirus found active 28 days on banknotes, without understanding that the 28 days is on the Australian polymer and paper banknotes, while Euro banknotes are made of cotton fibers on which the coronavirus gets inactive rather quick. https://medicalxpress.com/news/2020-04-euro-banknotes-safe-coronavirus-ecb.html You are touching so much in shops, including the pay terminals everyone is touching, that cash won't add much risk. Until this year, I used to not care, and pay everything electronically. But in March I became the victim of an identity theft. My bank account was frozen, my bank cards and payment app blocked. Opening new bank accounts or credit cards was impossible due to being on a blacklist. My employer could not pay my salary in cash. For most professions this is forbidden by law since 2016. Friends lent me cash. But I discovered cash was refused at supermarkets, shops, public transport, parkings, fuel stations, hospital, physiotherapist, online webshops, Uber, Deliveroo, etc. Sometimes because of corona anxiety, but often already from before 2020. Prepaid cards could be a nice solution. But even while they are debit cards, in Belgium they seem to be refused where credit cards are refused, since they are Visa or Mastercards cards. These are refused in many Belgium places, since merchants don't like the higher costs. Not many prepaid cards allow charging with cash. And their availability is in recent decline: this year at least the following prepaid cards stopped or are announced to stop: Carrefour prepaid Flex card, BNP and Hello. The decline might be due to new very strict EU anti-money laundering laws. The anonymous prepaid cards (and generic gift cards) are now restricted to 100 euro maximum recharge in their lifetime and 50 euro payments. Cryptocurrencies are also in theory a nice solution. But their acceptance in Belgium is extremely limited. Thanks to Takeaway accepting bitcoin, I could order delivery from many local snack restaurants. But I discovered that bitcoin and most other cryptocurrencies, while having an "anonymous" reputation, are actually only pseudonymous and extremely open and transparent: for every transaction the origin address, destination address, amount and timestamp are recorded for eternity in a public ledger for everyone open to consult. When I buy something, the merchant can see how many coins I have in my wallet address. Buying, spending or selling coins are activities that can get your name connected to your addresses. Developers try to solve this privacy issue, but I'm afraid the war on anonymity (related to the war on cash) will crush that before cryptocurrency payments become popular. So, my identity theft experience has awakened me: sharing your personal details in so many places caries a lot of danger. Think about it: while the law became more strict, there are still many (online) shops and restaurants taking knowledge of your credit card number, expiry date, CCV and your name. That's still enough information to do fraudulent payments in many places. The cashless society is a surveillance society, with every payment traced. And it creates a lot of dependencies: electricity, internet, and permission by the banking and payment system. Once you are on a blacklist, even if you did nothing wrong, but somebody pretended to be you and did fraudulent payments, you are screwed for at least months. So, now that I'm finally off the blacklist, I opened several bank accounts. That will not help for all issues, but still: having only 1 bank is really dangerous. And from now on I pay everything possible with cash. Not just to keep my personal details safe, but also to keep the cash usage statistics high. Did you notice that the financial sector is regulary reporting the cash withdrawals decline? They report both the total amount withdrawn and the number of withdrawals. I learned that the bank and payment processors are fighting a war on cash and they are actively lobbying the government for a reduction of the cash payment limit to 50 euro. Yes, an insane fifty euro! The banks are lazy about cash and want to impose negative rent without risking a bankrun. No cash is no bankrun. The payment processors just love the percentage they get from every payment. Currently the acceptance of euro banknotes and coins for debts is compulsory by European law. But many merchants violated the law and we had at least one Belgian minister ignoring the enforcement. See e.g. this article from 2019: https://www.bruzz.be/samenleving/no-cash-doet-intrede-brusselse-horeca-2019-05-10. The law has exceptions, e.g. for security reasons such as a pandemic. After the pandemic I will try to report all cash refusing merchants. Merchants that refuse to accept cash payments can be reported at https://meldpunt.belgie.be or https://pointdecontact.belgique.be/. But I guess it is better to wait until after the pandemic. We need to defend the right to use cash. And a crucial action to avoid the end of cash is to keep using it as much as possible. Every time you pay with a bank card or app, you contribute to a cashless future where:
banks, payment processors and government have total control over your finances (see protestors in Hong Kong preferring cash payments).
every financial transaction is monitored and logged forever.
your financial data will be used to calculate your social credit (already happening in China, that is eager to export that concept and technology).
every payment can be blocked (already happening with webcam sex workers).
personae non gratae can be totally financially blocked.
tourists have a hard time paying. E.g. in China, most payments, including toilets, need to be done with the WeChat app, but without Chinese bankaccount it's hard to enable WeChat payments.
you are in trouble when electricity, networks or payment systems go down.
banks can easily charge negative rent because you can't withdraw your money.
when banks or governments are in need of money, they easily take a percentage of your money (like they did in Cyprus with the bank deposits above 100000 euro, and as they initially wanted to do under 100000 euro too).
people spend more, up to the level financial mismanagement, because cashless payments disconnect the pleasure of buying from the pain of paying. Studies show that psychological effect already. See e.g. "consumers are more likely to buy unhealthy food products when they pay by credit card than when they pay in cash." in https://academic.oup.com/jcarticle-abstract/38/1/126/1798815
homeless people and charities are less able to get donations. Experiments and data are showing the effect already now people are carrying less cash.
A common sentiment is brewing online; a shared desire for the internet that might have been. After decades of corporate encroachment, you don't need to be a power user to realize that something has gone very wrong. In the early days of the internet, the future was bright. In that future, when you sent an instant message, it traveled directly to the recipient. When you needed to pay a friend, you announced a transfer of value to their public key. When an app was missing a feature you wanted, you opened up the source code and implemented it. When you took a picture on your phone, it was immediately encrypted and backed up to storage that you controlled. In that future, people would laugh at the idea of having to authenticate themselves to some corporation before doing these things. What did we get instead? Rather than a network of human-sized communities, we have a handful of enormous commons, each controlled by a faceless corporate entity. Hey user, want to send a message? You can, but we'll store a copy of it indefinitely, unencrypted, for our preference-learning algorithms to pore over; how else could we slap targeted ads on every piece of content you see? Want to pay a friend? You can—in our Monopoly money. Want a new feature? Submit a request to our Support Center and we'll totally maybe think about it. Want to backup a photo? You can—inside our walled garden, which only we (and the NSA, of course) can access. Just be careful what you share, because merely locking you out of your account and deleting all your data is far from the worst thing we could do. You rationalize this: "MEGACORP would never do such a thing; it would be bad for business." But we all know, at some level, that this state of affairs, this inversion of power, is not merely "unfortunate" or "suboptimal" – No. It is degrading. Even if MEGACORP were purely benevolent, it is degrading that we must ask its permission to talk to our friends; that we must rely on it to safeguard our treasured memories; that our digital lives are completely beholden to those who seek only to extract value from us. At the root of this issue is the centralization of data. MEGACORP can surveil you—because your emails and video chats flow through their servers. And MEGACORP can control you—because they hold your data hostage. But centralization is a solution to a technical problem: How can we make the user's data accessible from anywhere in the world, on any device? For a long time, no alternative solution to this problem was forthcoming. Today, thanks to a confluence of established techniques and recent innovations, we have solved the accessibility problem without resorting to centralization. Hashing, encryption, and erasure encoding got us most of the way, but one barrier remained: incentives. How do you incentivize an anonymous stranger to store your data? Earlier protocols like BitTorrent worked around this limitation by relying on altruism, tit-for-tat requirements, or "points" – in other words, nothing you could pay your electric bill with. Finally, in 2009, a solution appeared: Bitcoin. Not long after, Sia was born. Cryptography has unleashed the latent power of the internet by enabling interactions between mutually-distrustful parties. Sia harnesses this power to turn the cloud storage market into a proper marketplace, where buyers and sellers can transact directly, with no intermediaries, anywhere in the world. No more silos or walled gardens: your data is encrypted, so it can't be spied on, and it's stored on many servers, so no single entity can hold it hostage. Thanks to projects like Sia, the internet is being re-decentralized. Sia began its life as a startup, which means it has always been subjected to two competing forces: the ideals of its founders, and the profit motive inherent to all businesses. Its founders have taken great pains to never compromise on the former, but this often threatened the company's financial viability. With the establishment of the Sia Foundation, this tension is resolved. The Foundation, freed of the obligation to generate profit, is a pure embodiment of the ideals from which Sia originally sprung. The goals and responsibilities of the Foundation are numerous: to maintain core Sia protocols and consensus code; to support developers building on top of Sia and its protocols; to promote Sia and facilitate partnerships in other spheres and communities; to ensure that users can easily acquire and safely store siacoins; to develop network scalability solutions; to implement hardforks and lead the community through them; and much more. In a broader sense, its mission is to commoditize data storage, making it cheap, ubiquitous, and accessible to all, without compromising privacy or performance. Sia is a perfect example of how we can achieve better living through cryptography. We now begin a new chapter in Sia's history. May our stewardship lead it into a bright future.
Today, we are proposing the creation of the Sia Foundation: a new non-profit entity that builds and supports distributed cloud storage infrastructure, with a specific focus on the Sia storage platform. What follows is an informal overview of the Sia Foundation, covering two major topics: how the Foundation will be funded, and what its funds will be used for.
The Sia Foundation will be structured as a non-profit entity incorporated in the United States, likely a 501(c)(3) organization or similar. The actions of the Foundation will be constrained by its charter, which formalizes the specific obligations and overall mission outlined in this document. The charter will be updated on an annual basis to reflect the current goals of the Sia community. The organization will be operated by a board of directors, initially comprising Luke Champine as President and Eddie Wang as Chairman. Luke Champine will be leaving his position at Nebulous to work at the Foundation full-time, and will seek to divest his shares of Nebulous stock along with other potential conflicts of interest. Neither Luke nor Eddie personally own any siafunds or significant quantities of siacoin.
The primary source of funding for the Foundation will come from a new block subsidy. Following a hardfork, 30 KS per block will be allocated to the "Foundation Fund," continuing in perpetuity. The existing 30 KS per block miner reward is not affected. Additionally, one year's worth of block subsidies (approximately 1.57 GS) will be allocated to the Fund immediately upon activation of the hardfork. As detailed below, the Foundation will provably burn any coins that it cannot meaningfully spend. As such, the 30 KS subsidy should be viewed as a maximum. This allows the Foundation to grow alongside Sia without requiring additional hardforks. The Foundation will not be funded to any degree by the possession or sale of siafunds. Siafunds were originally introduced as a means of incentivizing growth, and we still believe in their effectiveness: a siafund holder wants to increase the amount of storage on Sia as much as possible. While the Foundation obviously wants Sia to succeed, its driving force should be its charter. Deriving significant revenue from siafunds would jeopardize the Foundation's impartiality and focus. Ultimately, we want the Foundation to act in the best interests of Sia, not in growing its own budget.
The Foundation inherits a great number of responsibilities from Nebulous. Each quarter, the Foundation will publish the progress it has made over the past quarter, and list the responsibilities it intends to prioritize over the coming quarter. This will be accompanied by a financial report, detailing each area of expenditure over the past quarter, and forecasting expenditures for the coming quarter. Below, we summarize some of the myriad responsibilities towards which the Foundation is expected to allocate its resources.
Maintain and enhance core Sia software
Arguably, this is the most important responsibility of the Foundation. At the heart of Sia is its consensus algorithm: regardless of other differences, all Sia software must agree upon the content and rules of the blockchain. It is therefore crucial that the algorithm be stewarded by an entity that is accountable to the community, transparent in its decision-making, and has no profit motive or other conflicts of interest. Accordingly, Sia’s consensus functionality will no longer be directly maintained by Nebulous. Instead, the Foundation will release and maintain an implementation of a "minimal Sia full node," comprising the Sia consensus algorithm and P2P networking code. The source code will be available in a public repository, and signed binaries will be published for each release. Other parties may use this code to provide alternative full node software. For example, Nebulous may extend the minimal full node with wallet, renter, and host functionality. The source code of any such implementation may be submitted to the Foundation for review. If the code passes review, the Foundation will provide "endorsement signatures" for the commit hash used and for binaries compiled internally by the Foundation. Specifically, these signatures assert that the Foundation believes the software contains no consensus-breaking changes or other modifications to imported Foundation code. Endorsement signatures and Foundation-compiled binaries may be displayed and distributed by the receiving party, along with an appropriate disclaimer. A minimal full node is not terribly useful on its own; the wallet, renter, host, and other extensions are what make Sia a proper developer platform. Currently, the only implementations of these extensions are maintained by Nebulous. The Foundation will contract Nebulous to ensure that these extensions continue to receive updates and enhancements. Later on, the Foundation intends to develop its own implementations of these extensions and others. As with the minimal node software, these extensions will be open source and available in public repositories for use by any Sia node software. With the consensus code now managed by the Foundation, the task of implementing and orchestrating hardforks becomes its responsibility as well. When the Foundation determines that a hardfork is necessary (whether through internal discussion or via community petition), a formal proposal will be drafted and submitted for public review, during which arguments for and against the proposal may be submitted to a public repository. During this time, the hardfork code will be implemented, either by Foundation employees or by external contributors working closely with the Foundation. Once the implementation is finished, final arguments will be heard. The Foundation board will then vote whether to accept or reject the proposal, and announce their decision along with appropriate justification. Assuming the proposal was accepted, the Foundation will announce the block height at which the hardfork will activate, and will subsequently release source code and signed binaries that incorporate the hardfork code. Regardless of the Foundation's decision, it is the community that ultimately determines whether a fork is accepted or rejected – nothing can change that. Foundation node software will never automatically update, so all forks must be explicitly adopted by users. Furthermore, the Foundation will provide replay and wipeout protection for its hard forks, protecting other chains from unintended or malicious reorgs. Similarly, the Foundation will ensure that any file contracts formed prior to a fork activation will continue to be honored on both chains until they expire. Finally, the Foundation also intends to pursue scalability solutions for the Sia blockchain. In particular, work has already begun on an implementation of Utreexo, which will greatly reduce the space requirements of fully-validating nodes (allowing a full node to be run on a smartphone) while increasing throughput and decreasing initial sync time. A hardfork implementing Utreexo will be submitted to the community as per the process detailed above. As this is the most important responsibility of the Foundation, it will receive a significant portion of the Foundation’s budget, primarily in the form of developer salaries and contracting agreements.
Support community services
We intend to allocate 25% of the Foundation Fund towards the community. This allocation will be held and disbursed in the form of siacoins, and will pay for grants, bounties, hackathons, and other community-driven endeavours. Any community-run service, such as a Skynet portal, explorer or web wallet, may apply to have its costs covered by the Foundation. Upon approval, the Foundation will reimburse expenses incurred by the service, subject to the exact terms agreed to. The intent of these grants is not to provide a source of income, but rather to make such services "break even" for their operators, so that members of the community can enrich the Sia ecosystem without worrying about the impact on their own finances.
Ensure easy acquisition and storage of siacoins
Most users will acquire their siacoins via an exchange. The Foundation will provide support to Sia-compatible exchanges, and pursue relevant integrations at its discretion, such as Coinbase's new Rosetta standard. The Foundation may also release DEX software that enables trading cryptocurrencies without the need for a third party. (The Foundation itself will never operate as a money transmitter.) Increasingly, users are storing their cryptocurrency on hardware wallets. The Foundation will maintain the existing Ledger Nano S integration, and pursue further integrations at its discretion. Of course, all hardware wallets must be paired with software running on a computer or smartphone, so the Foundation will also develop and/or maintain client-side wallet software, including both full-node wallets and "lite" wallets. Community-operated wallet services, i.e. web wallets, may be funded via grants. Like core software maintenance, this responsibility will be funded in the form of developer salaries and contracting agreements.
Protect the ecosystem
When it comes to cryptocurrency security, patching software vulnerabilities is table stakes; there are significant legal and social threats that we must be mindful of as well. As such, the Foundation will earmark a portion of its fund to defend the community from legal action. The Foundation will also safeguard the network from 51% attacks and other threats to network security by implementing softforks and/or hardforks where necessary. The Foundation also intends to assist in the development of a new FOSS software license, and to solicit legal memos on various Sia-related matters, such as hosting in the United States and the EU. In a broader sense, the establishment of the Foundation makes the ecosystem more robust by transferring core development to a more neutral entity. Thanks to its funding structure, the Foundation will be immune to various forms of pressure that for-profit companies are susceptible to.
Drive adoption of Sia
Although the overriding goal of the Foundation is to make Sia the best platform it can be, all that work will be in vain if no one uses the platform. There are a number of ways the Foundation can promote Sia and get it into the hands of potential users and developers. In-person conferences are understandably far less popular now, but the Foundation can sponsor and/or participate in virtual conferences. (In-person conferences may be held in the future, permitting circumstances.) Similarly, the Foundation will provide prizes for hackathons, which may be organized by community members, Nebulous, or the Foundation itself. Lastly, partnerships with other companies in the cryptocurrency space—or the cloud storage space—are a great way to increase awareness of Sia. To handle these responsibilities, one of the early priorities of the Foundation will be to hire a marketing director.
The Foundation Fund will be controlled by a multisig address. Each member of the Foundation's board will control one of the signing keys, with the signature threshold to be determined once the final composition of the board is known. (This threshold may also be increased or decreased if the number of board members changes.) Additionally, one timelocked signing key will be controlled by David Vorick. This key will act as a “dead man’s switch,” to be used in the event of an emergency that prevents Foundation board members from reaching the signature threshold. The timelock ensures that this key cannot be used unless the Foundation fails to sign a transaction for several months. On the 1st of each month, the Foundation will use its keys to transfer all siacoins in the Fund to two new addresses. The first address will be controlled by a high-security hot wallet, and will receive approximately one month's worth of Foundation expenditures. The second address, receiving the remaining siacoins, will be a modified version of the source address: specifically, it will increase the timelock on David Vorick's signing key by one month. Any other changes to the set of signing keys, such as the arrival or departure of board members, will be incorporated into this address as well. The Foundation Fund is allocated in SC, but many of the Foundation's expenditures must be paid in USD or other fiat currency. Accordingly, the Foundation will convert, at its discretion, a portion of its monthly withdrawals to fiat currency. We expect this conversion to be primarily facilitated by private "OTC" sales to accredited investors. The Foundation currently has no plans to speculate in cryptocurrency or other assets. Finally, it is important that the Foundation adds value to the Sia platform well in excess of the inflation introduced by the block subsidy. For this reason, the Foundation intends to provably burn, on a quarterly basis, any coins that it cannot allocate towards any justifiable expense. In other words, coins will be burned whenever doing so provides greater value to the platform than any other use. Furthermore, the Foundation will cap its SC treasury at 5% of the total supply, and will cap its USD treasury at 4 years’ worth of predicted expenses. Addendum: Hardfork Timeline We would like to see this proposal finalized and accepted by the community no later than September 30th. A new version of siad, implementing the hardfork, will be released no later than October 15th. The hardfork will activate at block 293220, which is expected to occur around 12pm EST on January 1st, 2021.
Addendum: Inflation specifics The total supply of siacoins as of January 1st, 2021 will be approximately 45.243 GS. The initial subsidy of 1.57 GS thus increases the supply by 3.47%, and the total annual inflation in 2021 will be at most 10.4% (if zero coins are burned). In 2022, total annual inflation will be at most 6.28%, and will steadily decrease in subsequent years.
We see the establishment of the Foundation as an important step in the maturation of the Sia project. It provides the ecosystem with a sustainable source of funding that can be exclusively directed towards achieving Sia's ambitious goals. Compared to other projects with far deeper pockets, Sia has always punched above its weight; once we're on equal footing, there's no telling what we'll be able to achieve. Nevertheless, we do not propose this change lightly, and have taken pains to ensure that the Foundation will act in accordance with the ideals that this community shares. It will operate transparently, keep inflation to a minimum, and respect the user's fundamental role in decentralized systems. We hope that everyone in the community will consider this proposal carefully, and look forward to a productive discussion.
CashFusion makes Bitcoin Cash a privacy coin. It's already been used to fuse hundreds of thousands of BCH! Make sure to spin up Electron Cash 4.2.0 today and get that liquidity flowing! (The more people using CashFusion at once, the more Fusions happen, and the larger your "anonymity set".) New to CashFusion? No problem, getting set up is EASY =) Just download the Electron Cash desktop wallet. It's got CashFusion built in! Set up your wallet (and be sure to write down your recovery phrase on a physical piece of paper, especially if you are going to hold significant amounts of coin in the wallet), then activate CashFusion by clicking the icon in the lower right: https://i.imgur.com/DXEPLtf.png Once it's activated, your wallet will start "fusing" the Bitcoin Cash it contains. Fusions happen over time as their own, separate transactions, and only cost you the network transactions fees (less than a penny). Each fusion transaction will include some of your coins*, so it will take multiple fusion transactions before all the coins in your wallet will be fused. (In the View menu, toggle the coins tab to see all of the coins in your wallet. In the "Label" field, fused coins will show CashFusion info.) Currently, Electron Cash keeps fusing your coins indefinitely. While it is on the roadmap to give you the option to stop fusing after some number of fusions per coin, there's no downside to leaving it to fuse continuously besides paying the transaction fees. (And every fusion gives you that much more privacy, while you are helping to provide "liquidity" for other fusers.) Also, EC does not yet prevent you from spending unfused coins, nor does it prefer fused coins when spending, so it's probably best to leave it fusing and keep your whole wallet fused, and/or pick your coins manually from the Coins tab. If you want that coin-management taken care of for your (and/or you're not comfortable picking coins to spend from the Coins tab), you can always switch back to CashShuffle for now in the Optional Features window, accessible from the Tools menu. Here's the CashFusion Telegram group where you are welcome to ask questions. (Just remember to be courteous!) Happy Fusing!! <3 *"Coins" are kind of a confusing concept when it comes to Bitcoin, but you can think of them just like discrete "bills" (or... "coins") in your wallet, but instead of coming in only certain sizes like $1, $5, $10, $20, etc, they can be any amount sent to you in a previous transaction, like 0.618 BCH, 0.000001 BCH, or 123.45679 BCH. (They can also be combined and split up. That happens in most transactions!)
Ledger Live adds Coin control: Here's why that matters.
Ledger Live version 2.11.1 (download link) adds Coin control for power users. The coin control feature gives advanced users more granular control over their wallets. It enables them to change how and which coins are selected when making transactions. This increases their ability to manage their privacy and the network fees they will have to pay to spend their account balance. More control over your coins
How does it work?
The account balance for Bitcoin and its derivatives consists of all the unspent transaction outputs (UTXOs) in the account. You can think of UTXOs as the coins in a regular wallet. When you receive money, you collect coins in your wallet. Then, when you want to make a payment, you get to choose which coins you pick from your wallet. Do you pick the largest coins first? Or do you want to spend all the smaller value coins to lighten up your wallet? Similar considerations can be made when creating a Bitcoin or Bitcoin derivative (altcoin) transaction. Before the Coin Control feature was released, all transactions involving Bitcoin (and altcoins) automatically selected their coins using the First-In-First-Out (FIFO) algorithm. This strategy includes the oldest coin in the account, and when the amount is not sufficient the second-oldest coin is added, and so forth. As of Ledger Live version 2.11.1, users are able to make use of a dedicated Coin Control tool to choose the coin selection strategy and the coins that may be spent.
Click on Send, choose an account to debit, and enter a recipient address. Click on Continue.
Enter an amount and click on Advanced options. You will then see: - The currently selected, default coin selection strategy: Oldest coins first (FIFO). - A toggle to enable Replace-By-Fee (RBF). - A toggle to include coins from unconfirmed, replaceable transactions.
Click on Coin control. The coin control modal opens.
Select a Coin selection strategy from the dropdown menu: - Oldest coins first (FIFO). This is the default strategy that spends the oldest coins first. - Minimize fees (optimize size). This strategy tries to minimize the byte size of the transaction by spending the lowest number of UTXOs. This results in a low network fee. - Minimize future fees (merge coins), This strategy includes the maximum number of inputs so that a potential future price rise does not make smaller UTXOs economically unspendable. If the price of a crypto asset increases too much, small UTXOs may become worth less than the cost of the network fees to spend them.
Select which coins may not be included in the selection by unticking their checkbox. The SELECTED indicator shows which coins will be included in the transaction. By changing the selection strategy and/or coins to include, the user has precise control over which coins end up being spent. The Coins to spend and Change to return indicators show how much is spent from and returned to the account.
Click on Done to return to the Send flow to verify and send the transaction.
The following statuses can be displayed for a coin:
Coins received in a transaction with 0 confirmations without RBF enabled: PENDING
Coins received in a transaction with 0 confirmations with RBF enabled: REPLACEABLE
Coins received in a transaction with 1337 confirmations: 1337 CONFIRMATIONS
By enabling the toggle Include coins from unconfirmed, replaceable transactions, replaceable transactions can be selected in the Coin control screen.
The Privacy use case
One of the main use cases for Coin control is to protect one’s privacy. UTXOs are, unfortunately, not perfectly fungible due to their unique history on the blockchain. Therefore, users may want to spend coins from different sources without mixing them together, because this would indicate to an outside observer of the blockchain that these addresses belong to the same account. For instance, if one were to spend coins bought on a KYC exchange, which are associated with the user’s identity, together with coins bought anonymously using cash, the anonymous coins could be linked to the user’s identity. Another example would be that you would like to prevent spending a high-value coin for smaller purchases because this would unnecessarily show the person you’re paying how much you have. This is similar to not showing the boulanger how much is on your bank account when buying a baguette.
Let us know what you think!
We are excited to release this new feature because we think it will fulfill real needs of an important part of our users. This version of Ledger Live marks an important milestone, but we will continue working on more features that our community wants. So, we invite you to try out Coin control in Ledger Live and let us know what you think! All feedback is welcome on this thread, on ledgerwallet, and you can send suggestions or get help through our official contact form. We'd like to close out by underlining our commitment to the Bitcoin community, and our willingness to build the best wallet ecosystem for newbies as well as for power users.
TL;DR: Wakey wakey, give a crap about freedom, or accept the consequences. Another Sunday afternoon, another news item about Monero being delisted from a centralized exchange, this time in Australia. Last year it was OKEx and others. Just a few days ago it was Coinspot. It is sort of an open secret that Coinbase is not listing Monero due to external pressures. Today we're hit with news that Kraken will be ceasing Monero trading for AU residents. And you will also recall that Japan and South Korea have made similar moves. It's a near impossibility with me, especially when powered by caffeine, which is most definitely the case today, but I will try to make this brief, sweet and to the point. These are not isolated incidents. There is an International Organization™ in particular orchestrating, behind the scenes, the policies and requirements that financial institutions (crypto exchanges have since joined that category for this purpose) must follow, or else. Here is what bothers me about this. Have you been consulted about this? Anyone you know? Heard of it in the news? Yeah, me neither. You have to know where to look to find some information on what they would like to see happening (we'll get to that in a moment), and often you have to read PDFs with dozens of pages to find the good stuff too. I will leave that as an exercise to the reader. Suffice to say, I have been digging a bit deeper myself, and what I found shocked me. FATF wants nothing less than the complete elimination of anonymity and privacy in financial affairs, even going so far as to consider BANNING peer to peer transactions so that people are forced to interact with each other through exchanges, where data collection is more reliable and certain, effectively obliterating one of the major selling points of cryptocurrency (p2p-ness) with complete disregard for the millions of people who are already onboard with the vision. No privacy and no anonymity, imagine that. Many of you probably already use plastic cards for everything, day in day out, and don't think too much about this stuff. But the fact that an international organization that you have little to zero democratic control over is planning to get rid of class of financial tools that 99.99999% of people don't even realize exists yet should give you pause for concern. The tools I speak of are, of course, digital cash-like cryptocurrencies like Monero. I would like you to PAUSE, daydream a bit, visualize and imagine, what a world without zero financial privacy/anonymity would look like. Consider, this has certainly not been the case in human history, ever -- yes, even today. Today most of you still have cash as a choice. But what happens when that goes out of the window, and the only options are CBDCs, CorporateCoins, and transparent cryptocurrency ? Needless to say, both in the case of CorporateCoins and CBDCs, there will be little to none privacy/anonymity, and even if there was (in the case of CorporateCoin), the state would obviously bully its way into it and force them to do otherwise (without being asked to do so, of course). So, imagine that world. Every donation you make. Every $50 transfer to a friend or family member. Every item you buy. Every service you purchase. Every money you send to help a friend you. All of it stored, forever, to be accessed later at will for whatever reasons. Would you make the same choices, knowing that your entire financial life is entirely exposed to powerful organizations of which you likely know very little about and almost certainly can hardly ever influence at all? Does that seem like a good recipe for a free society?
The people at the top either don't care about the consequences of what they're imposing worldwide, or they don't understand. Sounds highly concerning to me either way - It comes down to either bullying or ignorance. Would you ever have truly heart-to-heart conversations if you knew your worst enemy was potentially watching and recording everything? Could you make passionate love knowing hundreds of strangers are analyzing your every move? Can you be spontaneous knowing you are being recorded? What if you did not have a choice in those matters ?! What if someone has already decided for you, your friends, your family, your neighbors, your country, that you are all potential criminals and the thing to do is to keep records on everyone, just in case ? Newsflash: It already happened. It's been happening for awhile, and it seems to be picking up pace; the technology that was going to liberate us, slowly enslaving us instead -- because the general public largely does not understand the issues at hand, while the elite certainly does, and boy oh boy, are they thrilled with the technological advancements that help them cement their power. What do I mean by cement? Imagine trying to kick-start civil rights in a place where every social map is known, everything a person is interested in is known, every transaction they make is known, every website they have visited is known, every time they step on the street, an AI-powered camera automatically identifies them and tracks their movement. You would be unable to organize. To exchange value. To discuss behind curtains, so to speak. You would not have any privacy, and you would not have any anonymity. Could you be free under these circumstances?
It's been a long road towards more freedom, but nowdays it is disappearing fast. Stopping to consider the implications is a most pressing issue. They want Monero(-like tools) GONE because Monero ACTUALLY would change the paradigm. By the time they are done with their "recommendations" (which really mean: comply, or else...), mark my words, there will be a name behind every Bitcoin address in some centralized database, query-able by partners in deciding who can and cannot use the system. Merchants will be forced to perform chain analysis and by law they will be compelled to reject/refund/report transactions coming from "anonymous clusters" (addresses that are not known to have an identity tied to them). This is what the normalization of the lack of privacy has brought us. The possibility was there, and they took it. Of course they did. I repeat, it is no accident that it's not Dogecoin and Nano, Bitcoin or Litecoin being delisted. The star of the show (for better or for worse) is Monero, and that is because it works. It lets you transact anonymously and privately, like cash - why the hell should FATF know that you sent $500 to your mother last week? in fact, why the hell should they know your entire financial history?! When cash goes (and we can be fairly certain that it will be gone; would already be gone if this sort of authoritarian mindset had its way), Monero or tools like Monero, will become the only way to make any transaction outside the eyes of the state. It's not because you have anything (nefarious) to hide. It's not because you're a criminal. Rather, it's because to accept anything else is to bow to tyranny. It's your choice to make - are you meekly going to accept that in perhaps less than a decade there will be zero privacy and anonymity in financial matters, or are you going to fight back? Will you organize, campaign, email, discuss, spread awareness? Will you spend precious summer Sunday afternoons writing for strangers on the Internet trying to help a few more see the major shit-show we're headed into? Or will you be a good boy and do what you're told? Tomorrow, by the way - if left unchallenged - it won't just be financial privacy that disappears. One of the most prominent examples in the introductory part of this post (Australia) has already made quite clear that they don't like the fact that people can hide things from them (encryption). In other words, either they know about it (and archive it forever), or you better let them know. After all, a threat - any threat! - could be lurking somewhere in that encrypted data. And you have nothing to hide anyway, yes? This is a cryptocurrency sub though so let's not steer too far from that. It is important to remember that ultimately the issue is the same though - totalitarian control over everyone's life; mass-surveillance, and the ability to rewind and see someone's entire life exposed for the benefit of the state. Their actions are letting you know what really works and what really threatens the status quo. That is useful information. If you care at all about the freedom and privacy of your future self, your friends and family, children present or future, I think you would do well to think long and hard about these issues. Because the direction assumed by the most prominent regulators seems to be headed in a uniform direction - that is no surprise, seeing as how they meet with each other. You have to ask yourself though, is this for your benefit, your safety? Or is it to keep the statuo quo? How would the world be different if human beings - regardless of color, nationality, age, sexual orientation, political beliefs- with an Internet connection could freely exchange value privately and anonymously (the way we can still communicate private and anonymously in most places today - though not so in authoritarian places like China, AND THAT IS NOT A COINCIDENCE)? It would be instant, like an instant message. It would cost very little. Well, I have news for you: It's already possible, and a growing number of people are realizing this. This tool is called Monero. It exists today, and the cat is out of the bag. The technology will only get better, and more interesting tools may even come along later. In fact, barring mass persecution of open-source developers, that is very likely what is going to happen, as ultrasmart people everywhere congregate in virtual spaces to discuss better ways to do stuff. If we keep losing our right to be left alone until suspected of a crime, life will increasingly come to resemble what the regulator types are - consciously or unconsciously - creating: a Panopticon society. If you don't speak up, then the decision has already been made - and you're probably going to live to regret being complicit in it. Freedom or Tyranny. It's your choice to make. p.s: Yes, totally failed at making this short. I guess it's just not my thing.
CashFusion makes Bitcoin Cash a privacy coin. It's already been used to fuse hundreds of thousands of BCH! Make sure to spin up Electron Cash 4.1.1 today and get that liquidity flowing =) (The more people using CashFusion at once, the more Fusions happen, and the larger your "anonymity set".) New to CashFusion? No problem, getting set up is EASY. Just download the Electron Cash desktop wallet. It's got CashFusion built in! Set up your wallet (and be sure to write down your recovery phrase on a physical piece of paper, especially if you are going to hold significant amounts of coin in the wallet), then activate CashFusion by clicking the icon in the lower right: https://i.imgur.com/DXEPLtf.png Once it's activated, your wallet will start "fusing" the Bitcoin Cash it contains. Fusions happen over time as their own, separate transactions, and only cost you the network transactions fees (less than a penny). Each fusion transaction will include some of your coins*, so it will take multiple fusion transactions before all the coins in your wallet will be fused. (In the View menu, toggle the coins tab to see all of the coins in your wallet. In the "Label" field, fused coins will show CashFusion info.) Currently, Electron Cash keeps fusing your coins indefinitely. While it is on the roadmap to give you the option to stop fusing after some number of fusions per coin, there's no downside to leaving it to fuse continuously besides paying the transaction fees. (And every fusion gives you that much more privacy, while you are helping to provide "liquidity" for other fusers.) Also, EC does not yet yet prevent you from spending unfused coins, nor does it prefer fused coins when spending, so it's probably best to leave it fusing and keep your whole wallet fused, and/or pick your coins manually from the Coins tab. (If you want that functionality and/or you're not comfortable picking coins to spend from the Coins tab, you can always switch back to CashShuffle for now in the Optional Features window, accessible from the Tools menu.) Here's the CashFusion Telegram group where you are welcome to ask questions. (Just remember to be courteous!) Happy Fusing!! <3 *"Coins" are kind of a confusing concept when it comes to Bitcoin, but you can think of them just like discrete "bills" (or... "coins") in your wallet, but instead of coming in only certain sizes like $1, $5, $10, $20, etc, they can be any amount sent to you in a previous transaction, like 0.618 BCH, 0.000001 BCH, or 123.45679 BCH. (They can also be combined and split up. That happens in most transactions!)
CashFusion makes Bitcoin Cash a privacy coin. It's already been used to fuse hundreds of thousands of BCH! Make sure to spin up Electron Cash 4.1.1 today and get that liquidity flowing =) (The more people using CashFusion at once, the more Fusions happen, and the larger your "anonymity set".) New to CashFusion? No problem, getting set up is EASY. Just download the Electron Cash desktop wallet. It's got CashFusion built in! Set up your wallet (and be sure to write down your recovery phrase on a physical piece of paper, especially if you are going to hold significant amounts of coin in the wallet), then activate CashFusion by clicking the icon in the lower right: https://i.imgur.com/DXEPLtf.png Once it's activated, your wallet will start "fusing" the Bitcoin Cash it contains. Fusions happen over time as their own, separate transactions, and only cost you the network transactions fees (less than a penny). Each fusion transaction will include some of your coins*, so it will take multiple fusion transactions before all the coins in your wallet will be fused. (In the View menu, toggle the coins tab to see all of the coins in your wallet. In the "Label" field, fused coins will show CashFusion info.) Currently, Electron Cash keeps fusing your coins indefinitely. While it is on the roadmap to give you the option to stop fusing after some number of fusions per coin, there's no downside to leaving it to fuse continuously besides paying the transaction fees. (And every fusion gives you that much more privacy, while you are helping to provide "liquidity" for other fusers.) Also, EC does not yet prevent you from spending unfused coins, nor does it prefer fused coins when spending, so it's probably best to leave it fusing and keep your whole wallet fused, and/or pick your coins manually from the Coins tab. (If you want that functionality and/or you're not comfortable picking coins to spend from the Coins tab, you can always switch back to CashShuffle for now in the Optional Features window, accessible from the Tools menu.) Here's the CashFusion Telegram group where you are welcome to ask questions. (Just remember to be courteous!) Happy Fusing!! <3 *"Coins" are kind of a confusing concept when it comes to Bitcoin, but you can think of them just like discrete "bills" (or... "coins") in your wallet, but instead of coming in only certain sizes like $1, $5, $10, $20, etc, they can be any amount sent to you in a previous transaction, like 0.618 BCH, 0.000001 BCH, or 123.45679 BCH. (They can also be combined and split up. That happens in most transactions!)
https://preview.redd.it/al1gy9t9v9q51.png?width=424&format=png&auto=webp&s=b29a60402d30576a4fd95f592b392fae202026ca Hopefully any questions you have will be answered by the resources below, but if you have additional questions feel free to ask them in the comments. If you're quite technically-minded, the Zano whitepaper gives a thorough overview of Zano's design and its main features. So, what is Zano? In brief, Zano is a project started by the original developers of CryptoNote. Coins with market caps totalling well over a billion dollars (Monero, Haven, Loki and countless others) run upon the codebase they created. Zano is a continuation of their efforts to create the "perfect money", and brings a wealth of enhancements to their original CryptoNote code. Development happens at a lightning pace, as the Github activity shows, but Zano is still very much a work-in-progress. Let's cut right to it: Here's why you should pay attention to Zano over the next 12-18 months. Quoting from a recent update:
Anton Sokolov has recently joined the Zano team. ... For the last months Anton has been working on theoretical work dedicated to log-size ring signatures. These signatures theoretically allows for a logarithmic relationship between the number of decoys and the size/performance of transactions. This means that we can set mixins at a level from up to 1000, keeping the reasonable size and processing speed of transactions. This will take Zano’s privacy to a whole new level, and we believe this technology will turn out to be groundbreaking!
If successful, this scheme will make Zano the most private, powerful and performant CryptoNote implementation on the planet. Bar none. A quantum leap in privacy with a minimal increase in resource usage. And if there's one team capable of pulling it off, it's this one.
What else makes Zano special?
You mean aside from having "the Godfather of CryptoNote" as the project lead? ;) Actually, the calibre of the developers/researchers at Zano probably is the project's single greatest strength. Drawing on years of experience, they've made careful design choices, optimizing performance with an asynchronous core architecture, and flexibility and extensibility with a modular code structure. This means that the developers are able to build and iterate fast, refining features and adding new ones at a rate that makes bigger and better-funded teams look sluggish at best. Zano also has some unique features that set it apart from similar projects: Privacy Firstly, if you're familiar with CryptoNote you won't be surprised that Zano transactions are private. The perfect money is fungible, and therefore must be untraceable. Bitcoin, for the most part, does little to hide your transaction data from unscrupulous observers. With Zano, privacy is the default. The untraceability and unlinkability of Zano transactions come from its use of ring signatures and stealth addresses. What this means is that no outside observer is able to tell if two transactions were sent to the same address, and for each transaction there is a set of possible senders that make it impossible to determine who the real sender is. Hybrid PoW-PoS consensus mechanism Zano achieves an optimal level of security by utilizing both Proof of Work and Proof of Stake for consensus. By combining the two systems, it mitigates their individual vulnerabilities (see 51% attack and "nothing at stake" problem). For an attack on Zano to have even a remote chance of success the attacker would have to obtain not only a majority of hashing power, but also a majority of the coins involved in staking. The system and its design considerations are discussed at length in the whitepaper. Aliases Here's a stealth address: ZxDdULdxC7NRFYhCGdxkcTZoEGQoqvbZqcDHj5a7Gad8Y8wZKAGZZmVCUf9AvSPNMK68L8r8JfAfxP4z1GcFQVCS2Jb9wVzoe. I have a hard enough time remembering my phone number. Fortunately, Zano has an alias system that lets you register an address to a human-readable name. (@orsonj if you want to anonymously buy me a coffee) Multisig Multisignature (multisig) refers to requiring multiple keys to authorize a Zano transaction. It has a number of applications, such as dividing up responsibility for a single Zano wallet among multiple parties, or creating backups where loss of a single seed doesn't lead to loss of the wallet. Multisig and escrow are key components of the planned Decentralized Marketplace (see below), so consideration was given to each of them from the design stages. Thus Zano's multisig, rather than being tagged on at the wallet-level as an afterthought, is part of its its core architecture being incorporated at the protocol level. This base-layer integration means months won't be spent in the future on complicated refactoring efforts in order to integrate multisig into a codebase that wasn't designed for it. Plus, it makes it far easier for third-party developers to include multisig (implemented correctly) in any Zano wallets and applications they create in the future. (Double Deposit MAD) Escrow With Zano's escrow service you can create fully customizable p2p contracts that are designed to, once signed by participants, enforce adherence to their conditions in such a way that no trusted third-party escrow agent is required. https://preview.redd.it/jp4oghyhv9q51.png?width=1762&format=png&auto=webp&s=12a1e76f76f902ed328886283050e416db3838a5 The Particl project, aside from a couple of minor differences, uses an escrow scheme that works the same way, so I've borrowed the term they coined ("Double Deposit MAD Escrow") as I think it describes the scheme perfectly. The system requires participants to make additional deposits, which they will forfeit if there is any attempt to act in a way that breaches the terms of the contract. Full details can be found in the Escrow section of the whitepaper. The usefulness of multisig and the escrow system may not seem obvious at first, but as mentioned before they'll form the backbone of Zano's Decentralized Marketplace service (described in the next section).
What does the future hold for Zano?
The planned upgrade to Zano's privacy, mentioned at the start, is obviously one of the most exciting things the team is working on, but it's not the only thing. Zano Roadmap Decentralized Marketplace From the beginning, the Zano team's goal has been to create the perfect money. And money can't just be some vehicle for speculative investment, money must be used. To that end, the team have created a set of tools to make it as simple as possible for Zano to be integrated into eCommerce platforms. Zano's API’s and plugins are easy to use, allowing even those with very little coding experience to use them in their E-commerce-related ventures. The culmination of this effort will be a full Decentralized Anonymous Marketplace built on top of the Zano blockchain. Rather than being accessed via the wallet, it will act more as a service - Marketplace as a Service (MAAS) - for anyone who wishes to use it. The inclusion of a simple "snippet" of code into a website is all that's needed to become part a global decentralized, trustless and private E-commerce network. Atomic Swaps Just as Zano's marketplace will allow you to transact without needing to trust your counterparty, atomic swaps will let you to easily convert between Zano and other cyryptocurrencies without having to trust a third-party service such as a centralized exchange. On top of that, it will also lead to the way to Zano's inclusion in the many decentralized exchange (DEX) services that have emerged in recent years.
Where can I buy Zano?
Zano's currently listed on the following exchanges: https://coinmarketcap.com/currencies/zano/markets/ It goes without saying, neither I nor the Zano team work for any of the exchanges or can vouch for their reliability. Use at your own risk and never leave coins on a centralized exchange for longer than necessary. Your keys, your coins! If you have any old graphics cards lying around(both AMD & NVIDIA), then Zano is also mineable through its unique ProgPowZ algorithm. Here's a guide on how to get started. Once you have some Zano, you can safely store it in one of the desktop or mobile wallets (available for all major platforms).
How can I support Zano?
Zano has no marketing department, which is why this post has been written by some guy and not the "Chief Growth Engineer @ Zano Enterprises". The hard part is already done: there's a team of world class developers and researchers gathered here. But, at least at the current prices, the team's funds are enough to cover the cost of development and little more. So the job of publicizing the project falls to the community. If you have any experience in community building/growth hacking at another cryptocurrency or open source project, or if you're a Zano holder who would like to ensure the project's long-term success by helping to spread the word, then send me a pm. We need to get organized. Researchers and developers are also very welcome. Working at the cutting edge of mathematics and cryptography means Zano provides challenging and rewarding work for anyone in those fields. Please contact the project's Community Manager u/Jed_T if you're interested in joining the team. Social Links: Twitter Discord Server Telegram Group Medium blog I'll do my best to keep this post accurate and up to date. Message me please with any suggested improvements and leave any questions you have below. Welcome to the Zano community and the new decentralizedprivateeconomy!
CashFusion makes Bitcoin Cash a privacy coin. It's already been used to fuse 791,310 BCH, and has reduced the size of the UTXO set by 53,133 outputs. Make sure to spin up Electron Cash 4.1.1 today and get that liquidity flowing! (The more people using CashFusion at once, the more Fusions happen, and the larger your "anonymity set".) New to CashFusion? No problem, getting set up is EASY. Just download the Electron Cash desktop wallet. It's got CashFusion built in! Set up your wallet (and be sure to write down your recovery phrase on a physical piece of paper, especially if you are going to hold significant amounts of coin in the wallet), then activate CashFusion by clicking the icon in the lower right: https://i.imgur.com/DXEPLtf.png Once it's activated, your wallet will start "fusing" the Bitcoin Cash it contains. Fusions happen over time as their own, separate transactions, and only cost you the network transactions fees (less than a penny). Each fusion transaction will include some of your coins*, so it will take multiple fusion transactions before all the coins in your wallet to be fused. (In the View menu, toggle the coins tab to see all of the coins in your wallet. In the "Label" field, fused coins will show CashFusion info.) Currently, Electron Cash keeps fusing your coins indefinitely. While it is on the roadmap to give you the option to stop fusing after some number of fusions per coin, there's no downside to leaving it to fuse continuously besides paying the transaction fees. (And every fusion gives you that much more privacy, while you are helping to provide "liquidity" for other fusers.) Also, EC does not yet yet prevent you from spending unfused coins, nor does it prefer fused coins when spending, so it's probably best to leave it fusing and keep your whole wallet fused, and/or pick your coins manually from the Coins tab. (If you want that functionality and/or you're not comfortable picking coins to spend from the Coins tab, you can always switch back to CashShuffle for now in the Optional Features window, accessible from the Tools menu.) Here's the CashFusion Telegram group where you are welcome to ask questions. (Just remember to be courteous!) Happy Fusing!! <3 *"Coins" are kind of a confusing concept when it comes to Bitcoin, but you can think of them just like discrete "bills" (or... "coins") in your wallet, but instead of coming in only certain sizes like $1, $5, $10, $20, etc, they can be any amount sent to you in a previous transaction, like 0.618 BCH, 0.000001 BCH, or 123.45679 BCH. (They can also be combined and split up. That happens in most transactions!)
[OWL WATCH] Waiting for "IOTA TIME" 20; Hans's re-defined directions for DLT
Disclaimer: This is my editing, so there could be some misunderstandings... -------------------------------------------- wellwho오늘 오후 4:50 u/BenRoyce****how far is society2 from having something clickable powered by IOTA? Ben Royce오늘 오후 4:51 demo of basic tech late sep/ early oct. MVP early 2021 --------------------------------------------------- HusQy Colored coins are the most misunderstood upcoming feature of the IOTA protocol. A lot of people see them just as a competitor to ERC-20 tokens on ETH and therefore a way of tokenizing things on IOTA, but they are much more important because they enable "consensus on data". Bob All this stuff already works on neblio but decentralized and scaling to 3500 tps HusQy Neblio has 8 mb blocks with 30 seconds blocktime.This is a throughput of 8 mb / 30 seconds = 267 kb per second.Transactions are 401+ bytes which means that throughput is 267 kb / 401 bytes = 665 TPS. IOTA is faster, feeless and will get even faster with the next update ... ----------------------------------------------------------------------------- HusQy Which DLT would be more secure? One that is collaboratively validated by the economic actors of the world (coporations, companies, foundations, states, people) or one that is validated by an anonymous group of wealthy crypto holders? HusQy The problem with current DLTs is that we use protection mechanisms like Proof of Work and Proof of Stake that are inherently hard to shard. The more shards you have, the more you have to distribute your hashing power and your stake and the less secure the system becomes. HusQy Real world identities (i.e. all the big economic actors) however could shard into as many shards as necessary without making the system less secure. Todays DLTs waste trust in the same way as PoW wastes energy. HusQy Is a secure money worth anything if you can't trust the economic actors that you would buy stuff from? If you buy a car from Volkswagen and they just beat you up and throw you out of the shop after you payed then a secure money won't be useful either :P HusQy **I believe that if you want to make DLT work and be successful then we need to ultimately incorporate things like trust in entities into the technology.**Examples likes wirecard show that trusting a single company is problematic buttrusting the economy as a whole should be at ... **... least as secure as todays DLTs.**And as soon as you add sharding it will be orders of magnitude more secure.DLT has failed to deliver because people have tried to build a system in vacuum that completely ignores things that already exist and that you can leverage on. ---------------------------------------------------------------------------------- HusQy Blockchain is a bit like people sitting in a room, trying to communicate through BINGO sheets. While they talk, they write down some of the things that have been said and as soon as one screams BINGO! he hands around his sheet to inform everybody about what has been said. HusQy If you think that this is the most efficient form of communication for people sitting in the same room and the answer to scalability is to make bigger BINGO sheets or to allow people to solve the puzzle faster then you will most probably never understand what IOTA is working on. -------------------------------------------------------------------------------- HusQy **Blockchain does not work with too many equally weighted validators.****If 400 validators produce a validating statement (block) at the same time then only one can survive as part of a longest chain.**IOTA is all about collaborative validation. **Another problem of blockchain is that every transaction gets sent twice through the network. Once from the nodes to the miners and a 2nd time from the miners as part of a block.**Blockchain will therefore always only be able to use 50% of the network throughput. And****the last problem is that you can not arbitrarily decrease the time between blocks as it breaks down if the time between blocks gets smaller than the average network delay. The idle time between blocks is precious time that could be used for processing transactions. ----------------------------------------------------------------------------- HusQy I am not talking about a system with a fixed number of validators but one that is completely open and permissionless where any new company can just spin up a node and take part in the network. ------------------------------------------------------------------------ HusQy Proof of Work and Proof of Stake are both centralizing sybil-protection mechanism. I don't think that Satoshi wanted 14 mining pools to run the network. And "economic clustering" was always the "end game" of IOTA. ----------------------------------------------------------------------------- HusQy **Using Proof of Stake is not trustless. Proof of Stake means you trust the richest people and hope that they approve your transactions. The rich are getting richer (through your fees) and you are getting more and more dependant on them.**Is that your vision of the future? ---------------------------------------------------------------------------- HusQy Please read again exactly what I wrote. I have not spoken of introducing governance by large companies, nor have I said that IOTA should be permissioned. We aim for a network with millions or even billions of nodes. HusQy That can't work at all with a permissioned ledger - who should then drop off all these devices or authorize them to participate in the network? My key message was the following: Proof of Work and Proof of Stake will always be if you split them up via sharding ... HusQy ... less secure because you simply need fewer coins or less hash power to have the majority of the votes in a shard. This is not the case with trust in society and the economy. When all companies in the world jointly secure a DLT ... HusQy ... then these companies could install any number of servers in any number of shards without compromising security, because "trust" does not become less just because they operate several servers. First of all, that is a fact and nothing else. HusQy Proof of Work and Proof of Stake are contrary to the assumption of many not "trustless" but follow the maxim: "In the greed of miners we trust!" The basic assumption that the miners do not destroy the system that generates income for them is fundamental here for the ... HusQy ... security of every DLT. I think a similar assumption would still be correct for the economy as a whole: The companies of the world (and not just the big ones) would not destroy the system with which their customers pay them. In this respect, a system would be ... HusQy ... which is validated by society and the economy as a whole probably just as "safely" as a system which is validated by a few anonymous miners. Why a small elite of miners should be better validators than any human and ... HusQy ... To be honest, companies in this world do not open up to me. As already written in my other thread, safe money does not bring you anything if you have to assume that Volkswagen will beat you up and throw you out of the store after you ... HusQy ... paid for a car. The thoughts I discussed say nothing about the immediate future of IOTA (we use for Coordicide mana) but rather speak of a world where DLT has already become an integral part of our lives and we ... HusQy ... a corresponding number of companies, non-profit organizations and people have used DLT and where such a system could be implemented. The point here is not to create a governance solution that in any way influences the development of technology ... HusQy ... or have to give nodes their OK first, but about developing a system that enables people to freely choose the validators they trust. For example, you can also declare your grandma to be a validator when you install your node or your ... HusQy ... local supermarket. Economic relationships in the real world usually form a close-knit network and it doesn't really matter who you follow as long as the majority is honest. I also don't understand your criticism of censorship, because something like that in IOTA ... HusQy ... is almost impossible. Each transaction confirms two other transactions which is growing exponentially. If someone wanted to ignore a transaction, he would have to ignore an exponential number of other transactions after a very short time. In contrast to blockchain ... HusQy ... validators in IOTA do not decide what is included in the ledger, but only decide which of several double spends should be confirmed. Honest transactions are confirmed simply by having other transactions reference them ... HusQy ... and the "validators" are not even asked. As for the "dust problem", this is indeed something that is a bigger problem for IOTA than for other DLTs because we have no fees, but it is also not an unsolvable problem. Bitcoin initially has a ... HusQy Solved similar problem by declaring outputs with a minimum amount of 5430 satoshis as invalid (github.com/Bitcoin/Bitcoi…). A similar solution where an address must contain a minimum amount is also conceivable for IOTA and we are discussing ... HusQy ... several possibilities (including compressing dust using cryptographic methods). Contrary to your assumption, checking such a minimum amount is not slow but just as fast as checking a normal transaction. And mine ... HusQy ... In my opinion this is no problem at all for IOTA's use case. The important thing is that you can send small amounts, but after IOTA is feeless it is also okay to expect the recipients to regularly send their payments on a ... HusQy ... merge address. The wallets already do this automatically (sweeping) and for machines it is no problem to automate this process. So far this was not a problem because the TPS were limited but with the increased TPS throughput of ... HusQy ... Chrysalis it becomes relevant and appropriate solutions are discussed and then implemented accordingly. I think that was the most important thing first and if you have further questions just write :) HusQy And to be very clear! I really appreciate you and your questions and don't see this as an attack at all! People who see such questions as inappropriate criticism should really ask whether they are still objective. I have little time at the moment because ... HusQy ... my girlfriend is on tour and has to take care of our daughter, but as soon as she is back we can discuss these things in a video. I think that the concept of including the "real world" in the concepts of DLT is really exciting and ... HusQy ... that would certainly be exciting to discuss in a joint video. But again, that's more of a vision than a specific plan for the immediate future. This would not work with blockchain anyway but IOTA would be compatible so why not think about such things. ----------------------------------------------------------------------- HusQy All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time. ---------------------------------------------------------------------------------- HusQy Exactly. It would mean that addresses "cost" something but I would rather pay a few cents than fees for each transaction. And you can "take" this minimum amount with you every time you change to a new address. HusQy All good my big one :P But actually not that much has changed. There has always been the concept of "economic clustering" which is basically based on similar ideas. We are just now able to implement things like this for the first time. ----------------------------------------------------------------------------------- Relax오늘 오전 1:17 Btw. Hans (sorry for interrupting this convo) but what make people say that IOTA is going the permissioned way because of your latest tweets? I don't get why some people are now forecasting that... Is it because of missing specs or do they just don't get the whole idea? Hans Moog [IF]오늘 오전 1:20 its bullshitu/Relaxanidentity based system would still be open and permissionless where everybody can choose the actors that they deem trustworthy themselves but thats anyway just sth that would be applicable with more adoption [오전 1:20] for now we use mana as a predecessor to an actual reputation system Sissors오늘 오전 1:31 If everybody has to choose actors they deem trustworthy, is it still permissionless? Probably will become a bit a semantic discussion, but still Hans Moog [IF]오늘 오전 1:34 Of course its permissionless you can follow your grandma if you want to :p Sissors오늘 오전 1:36 Well sure you can, but you will need to follow something which has a majority of the voting power in the network. Nice that you follow your grandma, but if others dont, her opinion (or well her nodes opinion) is completely irrelevant Hans Moog [IF]오늘 오전 1:37 You would ideally follow the people that are trustworthy rather than your local drug dealers yeah Sissors오늘 오전 1:38 And tbh, sure if you do it like that is easy. If you just make the users responsible for only connection to trustworthy nodes Hans Moog [IF]오늘 오전 1:38 And if your grandma follows her supermarket and some other people she deems trustworthy then thats fine as well [오전 1:38] + you dont have just 1 actor that you follow Sissors오늘 오전 1:38 No, you got a large list, since yo uwant to follow those which actually matter. So you jsut download a standard list from the internet Hans Moog [IF]오늘 오전 1:39 You can do that [오전 1:39] Is bitcoin permissionless? Should we both try to become miners? [오전 1:41] I mean miners that actually matter and not find a block every 10 trillion years 📷 [오전 1:42] If you would want to become a validator then you would need to build up trust among other people - but anybody can still run a node and issue transactions unlike in hashgraph where you are not able to run your own nodes(수정됨) [오전 1:48] Proof of Stake is also not trustless - it just has a builtin mechanism that downloads the trusted people from the blockchain itself (the richest dudes) Sissors오늘 오전 1:52 I think most agree it would be perfect if every person had one vote. Which is pr oblematic to implement of course. But I really wonder if the solution is to just let users decide who to trust. At the very least I expect a quite centralized network Hans Moog [IF]오늘 오전 1:53 of course even a trust based system would to a certain degree be centralized as not every person is equally trustworthy as for example a big cooperation [오전 1:53] but I think its gonna be less centralized than PoS or PoW [오전 1:53] but anyway its sth for "after coordicide" [오전 1:54] there are not enough trusted entities that are using DLT, yet to make such a system work reasonably well [오전 1:54] I think the reason why blockchain has not really started to look into these kind of concepts is because blockchain doesnt work with too many equally weighted validators [오전 1:56] I believe that DLT is only going to take over the world if it is actually "better" than existing systems and with better I mean cheaper, more secure and faster and PoS and PoW will have a very hard time to deliver that [오전 1:56] especially if you consider that its not only going to settle value transfers Relax오늘 오전 1:57 I like this clear statements, it makes it really clear that DLT is still in its infancy Hans Moog [IF]오늘 오전 1:57 currently bank transfers are order of magnitude cheaper than BTC or ETH transactions Hans Moog [IF]오늘 오전 1:57 and we you think that people will adopt it just because its crypto then I think we are mistaken [오전 1:57] The tech needs to actually solve a problem [오전 1:57] and tbh. currently people use PayPal and other companies to settle their payments [오전 1:58] having a group of the top 500 companies run such a service together is already much better(수정됨) [오전 1:58] especially if its fast and feeless [오전 2:02] and the more people use it, the more decentralized it actually becomes [오전 2:02] because you have more trustworthy entities to choose of Evaldas [IF]오늘 오전 2:08 "in the greed of miners we trust"
EDITED TO CLARIFY: I'M TALKING ABOUT PAYMENT FOR IPTV, NOT VPN. If going through the hassle of a VPN etc, it would seem crazy to then pay by CC or paypal. I thought I had found the answer in prepaid credit cards, but most providers go through paypal and I just can't get paypal to take prepaids (I do register them beforehand). They still don't seem to allow it. I thought another option would be bitcoinATM but, along with the high transaction costs, it seems they also require KYC upfront - selfie, driving licence scan etc. I have a bitcoin account that I haven't used yet. I had to do KYC to set it up. Although not anonymous, would this offer any more protection over, say, paypal? Assuming that I can't truly find an anonymous way of paying? I'm in Canada btw.
Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses. Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes. First, some background. Here is a summary of how custodians make us more secure: Previously, we might give Alice our crypto assets to hold. There were risks:
Alice might take the assets and disappear.
Alice might spend the assets and pretend that she still has them (fractional model).
Alice might store the assets insecurely and they'll get stolen.
Alice might give the assets to someone else by mistake or by force.
Alice might lose access to the assets.
But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
Alice can't take the assets and disappear (unless she asks Bob or never gives them to Bob).
Alice can't spend the assets and pretend that she still has them. (Unless she didn't give them to Bob or asks him for them.)
Alice can't store the assets insecurely so they get stolen. (After all - she doesn't have any control over the withdrawal process from any of Bob's systems, right?)
Alice can't give the assets to someone else by mistake or by force. (Bob will stop her, right Bob?)
Alice can't lose access to the funds. (She'll always be present, sane, and remember all secrets, right?)
See - all problems are solved! All we have to worry about now is:
Bob might take the assets and disappear.
Bob might spend the assets and pretend that he still has them (fractional model).
Bob might store the assets insecurely and they'll get stolen.
Bob might give the assets to someone else by mistake or by force.
Bob might lose access to the assets.
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are! "On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid". "Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since." "As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!" "Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?" "Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party." "Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!" "What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven." "Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!" "We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies. And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often". How many holes have to exist for your funds to get stolen? Just one. Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so? If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security. The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle. And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet? Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds. So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
ANY CERTAINTY BALANCES WEREN'T EXCLUDED. Quadriga's largest account was $70m. 80% of funds are in 20% of accounts (Pareto principle). All it takes is excluding a few really large accounts - and nobody's the wiser. A fractional platform can easily pass any audit this way.
ANY VISIBILITY WHATSOEVER INTO THE CUSTODIANS. BitBuy put out their report before moving all the funds to their custodian and ShakePay apparently can't even tell us who the custodian is. That's pretty important considering that basically all of the funds are now stored there.
ANY IDEA ABOUT THE OTHER EXCHANGES. In order for this to be effective, it has to be the norm. It needs to be "unusual" not to know. If obscurity is the norm, then it's super easy for people like Gerald Cotten and Dave Smilie to blend right in.
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
First report within 1 month of launching, another within 3 months, and further reports at minimum every 6 months thereafter.
No auditor can be repeated within a 12 month period.
All reports must be public, identifying the auditor and the full methodology used.
All auditors must be independent of the firm being audited with no conflict of interest.
Reports must include the percentage of each asset backed, and how it's backed.
The auditor publishes a hash list, which lists a hash of each customer's information and balances that were included. Hash is one-way encryption so privacy is fully preserved. Every customer can use this to have 100% confidence they were included.
If we want more extensive requirements on audits, these should scale upward based on the total assets at risk on the platform, and whether the platform has loaned their assets out.
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever. Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see. It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation. A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7. History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance. Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.) Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive. Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today. Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well. Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do. Facts/background/sources (skip if you like):
The inspiration for the paragraph about splitting wallets was an actual quote from a Canadian company providing custodial services in response to the OSC consultation paper: "We believe that it will be in the in best interests of investors to prohibit pooled crypto assets or ‘floats’. Most Platforms pool assets, citing reasons of practicality and expense. The recent hack of the world’s largest Platform – Binance – demonstrates the vulnerability of participants’ assets when such concessions are made. In this instance, the Platform’s entire hot wallet of Bitcoins, worth over $40 million, was stolen, facilitated in part by the pooling of client crypto assets." "the maintenance of participants (and Platform) crypto assets across multiple wallets distributes the related risk and responsibility of security - reducing the amount of insurance coverage required and making insurance coverage more readily obtainable". For the record, their reply also said nothing whatsoever about multi-sig or offline storage.
In addition to the fact that the $40m hack represented only one "hot wallet" of Binance, and they actually had the vast majority of assets in other wallets (including mostly cold wallets), multiple real cases have clearly demonstrated that risk is still present with multiple wallets. Bitfinex, VinDAX, Bithumb, Altsbit, BitPoint, Cryptopia, and just recently KuCoin all had multiple wallets breached all at the same time, and may represent a significantly larger impact on customers than the Binance breach which was fully covered by Binance. To represent that simply having multiple separate wallets under the same security scheme is a comprehensive way to reduce risk is just not true.
Private insurance has historically never covered a single loss in the cryptocurrency space (at least, not one that I was able to find), and there are notable cases where massive losses were not covered by insurance. Bitpay in 2015 and Yapizon in 2017 both had insurance policies that didn't pay out during the breach, even after a lengthly court process. The same insurance that ShakePay is presently using (and announced to much fanfare) was describe by their CEO himself as covering “physical theft of the media where the private keys are held,” which is something that has never historically happened. As was said with regard to the same policy in 2018 - “I don’t find it surprising that Lloyd’s is in this space,” said Johnson, adding that to his mind the challenge for everybody is figuring out how to structure these policies so that they are actually protective. “You can create an insurance policy that protects no one – you know there are so many caveats to the policy that it’s not super protective.”
The most profitable policy for a private insurance company is one with the most expensive premiums that they never have to pay a claim on. They have no inherent incentive to take care of people who lost funds. It's "cheaper" to take the reputational hit and fight the claim in court. The more money at stake, the more the insurance provider is incentivized to avoid payout. They're not going to insure the assets unless they have reasonable certainty to make a profit by doing so, and they're not going to pay out a massive sum unless it's legally forced. Private insurance is always structured to be maximally profitable to the insurance provider.
The circumvention of multi-sig was a key factor in the massive Bitfinex hack of over $60m of bitcoin, which today still sits being slowly used and is worth over $3b. While Bitfinex used a qualified custodian Bitgo, which was and still is active and one of the industry leaders of custodians, and they set up 2 of 3 multi-sig wallets, the entire system was routed through Bitfinex, such that Bitfinex customers could initiate the withdrawals in a "hot" fashion. This feature was also a hit with the hacker. The multi-sig was fully circumvented.
Bitpay in 2015 was another example of a breach that stole 5,000 bitcoins. This happened not through the exploit of any system in Bitpay, but because the CEO of a company they worked with got their computer hacked and the hackers were able to request multiple bitcoin purchases, which Bitpay honoured because they came from the customer's computer legitimately. Impersonation is a very common tactic used by fraudsters, and methods get more extreme all the time.
A notable case in Canada was the Canadian Bitcoins exploit. Funds were stored on a server in a Rogers Data Center, and the attendee was successfully convinced to reboot the server "in safe mode" with a simple phone call, thus bypassing the extensive security and enabling the theft.
The very nature of custodians circumvents multi-sig. This is because custodians are not just having to secure the assets against some sort of physical breach but against any form of social engineering, modification of orders, fraudulent withdrawal attempts, etc... If the security practices of signatories in a multi-sig arrangement are such that the breach risk of one signatory is 1 in 100, the requirement of 3 independent signatures makes the risk of theft 1 in 1,000,000. Since hackers tend to exploit the weakest link, a comparable custodian has to make the entry and exit points of their platform 10,000 times more secure than one of those signatories to provide equivalent protection. And if the signatories beef up their security by only 10x, the risk is now 1 in 1,000,000,000. The custodian has to be 1,000,000 times more secure. The larger and more complex a system is, the more potential vulnerabilities exist in it, and the fewer people can understand how the system works when performing upgrades. Even if a system is completely secure today, one has to also consider how that system might evolve over time or work with different members.
By contrast, offline multi-signature solutions have an extremely solid record, and in the entire history of cryptocurrency exchange incidents which I've studied (listed here), there has only been one incident (796 exchange in 2015) involving an offline multi-signature wallet. It happened because the customer's bitcoin address was modified by hackers, and the amount that was stolen ($230k) was immediately covered by the exchange operators. Basically, the platform operators were tricked into sending a legitimate withdrawal request to the wrong address because hackers exploited their platform to change that address. Such an issue would not be prevented in any way by the use of a custodian, as that custodian has no oversight whatsoever to the exchange platform. It's practical for all exchange operators to test large withdrawal transactions as a general policy, regardless of what model is used, and general best practice is to diagnose and fix such an exploit as soon as it occurs.
False promises on the backing of funds played a huge role in the downfall of Quadriga, and it's been exposed over and over again (MyCoin, PlusToken, Bitsane, Bitmarket, EZBTC, IDAX). Even today, customers have extremely limited certainty on whether their funds in exchanges are actually being backed or how they're being backed. While this issue is not unique to cryptocurrency exchanges, the complexity of the technology and the lack of any regulation or standards makes problems more widespread, and there is no "central bank" to come to the rescue as in the 2008 financial crisis or during the great depression when "9,000 banks failed".
In addition to fraudulent operations, the industry is full of cases where operators have suffered breaches and not reported them. Most recently, Einstein was the largest case in Canada, where ongoing breaches and fraud were perpetrated against the platform for multiple years and nobody found out until the platform collapsed completely. While fraud and breaches suck to deal with, they suck even more when not dealt with. Lack of visibility played a role in the largest downfalls of Mt. Gox, Cryptsy, and Bitgrail. In some cases, platforms are alleged to have suffered a hack and keep operating without admitting it at all, such as CoinBene.
It surprises some to learn that a cryptographic solution has already existed since 2013, and gained widespread support in 2014 after Mt. Gox. Proof of Reserves is a full cryptographic proof that allows any customer using an exchange to have complete certainty that their crypto-assets are fully backed by the platform in real-time. This is accomplished by proving that assets exist on the blockchain, are spendable, and fully cover customer deposits. It does not prove safety of assets or backing of fiat assets.
If we didn't care about privacy at all, a platform could publish their wallet addresses, sign a partial transaction, and put the full list of customer information and balances out publicly. Customers can each check that they are on the list, that the balances are accurate, that the total adds up, and that it's backed and spendable on the blockchain. Platforms who exclude any customer take a risk because that customer can easily check and see they were excluded. So together with all customers checking, this forms a full proof of backing of all crypto assets.
However, obviously customers care about their private information being published. Therefore, a hash of the information can be provided instead. Hash is one-way encryption. The hash allows the customer to validate inclusion (by hashing their own known information), while anyone looking at the list of hashes cannot determine the private information of any other user. All other parts of the scheme remain fully intact. A model like this is in use on the exchange CoinFloor in the UK.
A Merkle tree can provide even greater privacy. Instead of a list of balances, the balances are arranged into a binary tree. A customer starts from their node, and works their way to the top of the tree. For example, they know they have 5 BTC, they plus 1 other customer hold 7 BTC, they plus 2-3 other customers hold 17 BTC, etc... until they reach the root where all the BTC are represented. Thus, there is no way to find the balances of other individual customers aside from one unidentified customer in this case.
Proposals such as this had the backing of leaders in the community including Nic Carter, Greg Maxwell, and Zak Wilcox. Substantial and significant effort started back in 2013, with massive popularity in 2014. But what became of that effort? Very little. Exchange operators continue to refuse to give visibility. Despite the fact this information can often be obtained through trivial blockchain analysis, no Canadian platform has ever provided any wallet addresses publicly. As described by the CEO of Newton "For us to implement some kind of realtime Proof of Reserves solution, which I'm not opposed to, it would have to ... Preserve our users' privacy, as well as our own. Some kind of zero-knowledge proof". Kraken describes here in more detail why they haven't implemented such a scheme. According to professor Eli Ben-Sasson, when he spoke with exchanges, none were interested in implementing Proof of Reserves.
And yet, Kraken's places their reasoning on a page called "Proof of Reserves". More recently, both BitBuy and ShakePay have released reports titled "Proof of Reserves and Security Audit". Both reports contain disclaimers against being audits. Both reports trust the customer list provided by the platform, leaving the open possibility that multiple large accounts could have been excluded from the process. Proof of Reserves is a blockchain validation where customers see the wallets on the blockchain. The report from Kraken is 5 years old, but they leave it described as though it was just done a few weeks ago. And look at what they expect customers to do for validation. When firms represent something being "Proof of Reserve" when it's not, this is like a farmer growing fruit with pesticides and selling it in a farmers market as organic produce - except that these are people's hard-earned life savings at risk here. Platforms are misrepresenting the level of visibility in place and deceiving the public by their misuse of this term. They haven't proven anything.
Fraud isn't a problem that is unique to cryptocurrency. Fraud happens all the time. Enron, WorldCom, Nortel, Bear Stearns, Wells Fargo, Moser Baer, Wirecard, Bre-X, and Nicola are just some of the cases where frauds became large enough to become a big deal (and there are so many countless others). These all happened on 100% reversible assets despite regulations being in place. In many of these cases, the problems happened due to the over-complexity of the financial instruments. For example, Enron had "complex financial statements [which] were confusing to shareholders and analysts", creating "off-balance-sheet vehicles, complex financing structures, and deals so bewildering that few people could understand them". In cryptocurrency, we are often combining complex financial products with complex technologies and verification processes. We are naïve if we think problems like this won't happen. It is awkward and uncomfortable for many people to admit that they don't know how something works. If we want "money of the people" to work, the solutions have to be simple enough that "the people" can understand them, not so confusing that financial professionals and technology experts struggle to use or understand them.
For those who question the extent to which an organization can fool their way into a security consultancy role, HB Gary should be a great example to look at. Prior to trying to out anonymous, HB Gary was being actively hired by multiple US government agencies and others in the private sector (with glowing testimonials). The published articles and hosted professional security conferences. One should also look at this list of data breaches from the past 2 years. Many of them are large corporations, government entities, and technology companies. These are the ones we know about. Undoubtedly, there are many more that we do not know about. If HB Gary hadn't been "outted" by anonymous, would we have known they were insecure? If the same breach had happened outside of the public spotlight, would it even have been reported? Or would HB Gary have just deleted the Twitter posts, brought their site back up, done a couple patches, and kept on operating as though nothing had happened?
In the case of Quadriga, the facts are clear. Despite past experience with platforms such as MapleChange in Canada and others around the world, no guidance or even the most basic of a framework was put in place by regulators. By not clarifying any sort of legal framework, regulators enabled a situation where a platform could be run by former criminal Mike Dhanini/Omar Patryn, and where funds could be held fully unchecked by one person. At the same time, the lack of regulation deterred legitimate entities from running competing platforms and Quadriga was granted a money services business license for multiple years of operation, which gave the firm the appearance of legitimacy. Regulators did little to protect Canadians despite Quadriga failing to file taxes from 2016 onward. The entire administrative team had resigned and this was public knowledge. Many people had suspicions of what was going on, including Ryan Mueller, who forwarded complaints to the authorities. These were ignored, giving Gerald Cotten the opportunity to escape without justice.
There are multiple issues with the SOC II model including the prohibitive cost (you have to find a third party accounting firm and the prices are not even listed publicly on any sites), the requirement of operating for a year (impossible for new platforms), and lack of any public visibility (SOC II are private reports that aren't shared outside the people in suits).
Securities frameworks are expensive. Sarbanes-Oxley is estimated to cost $5.1 million USD/yr for the average Fortune 500 company in the United States. Since "Fortune 500" represents the top 500 companies, that means well over $2.55 billion USD (~$3.4 billion CAD) is going to people in suits. Isn't the problem of trust and verification the exact problem that the blockchain is supposed to solve?
To use Quadriga as justification for why custodians or SOC II or other advanced schemes are needed for platforms is rather silly, when any framework or visibility at all, or even the most basic of storage policies, would have prevented the whole thing. It's just an embarrassment.
We are now seeing regulators take strong action. CoinSquare in Canada with multi-million dollar fines. BitMex from the US, criminal charges and arrests. OkEx, with full disregard of withdrawals and no communication. Who's next?
We have a unique window today where we can solve these problems, and not permanently destroy innovation with unreasonable expectations, but we need to act quickly. This is a unique historic time that will never come again.
BTW – that friction cost of bitcoin (14 household-days worth of electricity for every single transaction) is effectively a de facto form of inflation – a destruction of the value it held ... When Bitcoin first started, it was heralded as a way for people to make anonymous purchases. In today’s surveillance society, every single bit of privacy that someone wants to keep requires a fight. As the noose tightens, necessity creates invention, and those who don’t want their every purchase to be known find new ways to get around the ever-watching Big Brother. Bitcoin transactions are recorded on a public ledger. Anyone who traces a public address can know the origin and/or destination. There is no protocol-level procedure to anonymize these bitcoins, which is why a Bitcoin mixer is required to hide identity.. Bitcoin mixing is a process that tries to break the linkability or traceability. For any transaction, we can see address of the sender, receiver and value of the transaction. Now, since every Bitcoin transaction is recorded on Bitcoin’s public ledger, anyone can view any Bitcoin wallet and transaction. Bitcoin is neither confidential or anonymous. Bitcoin is pseudonymous, because each user has a public address that can be traced back to an IP address or exchange account ... You will be charged one percent of the total transaction cost. On the downside, Rahakott supports significantly fewer coins than Unstoppable. You can only make six wallets. They are Bitcoin, Litecoin, Dash, Bitcoin Cash, ZCash, and Ethereum. Rahakott is only available on the web. Use: Rahakott Wallet for web (Free) 5. PINT Wallet. PINT Wallet & P2P Exchange – Store & Trade BTC ETH BCH LTC ...
Zerocoin: Anonymous Distributed E-Cash from Bitcoin
What is a Bitcoin transaction fee? Who does it go to? How is it calculated? Why have fees been going up lately? This week I answer all these questions and mo... Keywords/phrases: Anonymity and confidential transactions. Blockchain.info disabling anonymous transactions. Cryptocurrency mixing as a CoinJoin-like anonymisation method. Serverless peer-to-peer ... There are so many reasons to keep your Bitcoin Cash transactions anonymous. You might want to avoid becoming the target of hackers, you may be considering a private charitable donation or paying ... In this talk we discuss Zerocoin, a cryptographic extension to Bitcoin that augments the protocol to allow for fully anonymous currency transactions. Our system uses standard cryptographic ... Introducing the digital wallet for bitcoin economics. Darkwallet is an open source bitcoin wallet that provides a solid foundation of well designed asynchron...