4. Keys, Addresses, Wallets - Mastering Bitcoin [Book]

Dragonchain Great Reddit Scaling Bake-Off Public Proposal

Dragonchain Great Reddit Scaling Bake-Off Public Proposal

Dragonchain Public Proposal TL;DR:

Dragonchain has demonstrated twice Reddit’s entire total daily volume (votes, comments, and posts per Reddit 2019 Year in Review) in a 24-hour demo on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. At the time, in January 2020, the entire cost of the demo was approximately $25K on a single system (transaction fees locked at $0.0001/txn). With current fees (lowest fee $0.0000025/txn), this would cost as little as $625.
Watch Joe walk through the entire proposal and answer questions on YouTube.
This proposal is also available on the Dragonchain blog.

Hello Reddit and Ethereum community!

I’m Joe Roets, Founder & CEO of Dragonchain. When the team and I first heard about The Great Reddit Scaling Bake-Off we were intrigued. We believe we have the solutions Reddit seeks for its community points system and we have them at scale.
For your consideration, we have submitted our proposal below. The team at Dragonchain and I welcome and look forward to your technical questions, philosophical feedback, and fair criticism, to build a scaling solution for Reddit that will empower its users. Because our architecture is unlike other blockchain platforms out there today, we expect to receive many questions while people try to grasp our project. I will answer all questions here in this thread on Reddit, and I've answered some questions in the stream on YouTube.
We have seen good discussions so far in the competition. We hope that Reddit’s scaling solution will emerge from The Great Reddit Scaling Bake-Off and that Reddit will have great success with the implementation.

Executive summary

Dragonchain is a robust open source hybrid blockchain platform that has proven to withstand the passing of time since our inception in 2014. We have continued to evolve to harness the scalability of private nodes, yet take full advantage of the security of public decentralized networks, like Ethereum. We have a live, operational, and fully functional Interchain network integrating Bitcoin, Ethereum, Ethereum Classic, and ~700 independent Dragonchain nodes. Every transaction is secured to Ethereum, Bitcoin, and Ethereum Classic. Transactions are immediately usable on chain, and the first decentralization is seen within 20 seconds on Dragon Net. Security increases further to public networks ETH, BTC, and ETC within 10 minutes to 2 hours. Smart contracts can be written in any executable language, offering full freedom to existing developers. We invite any developer to watch the demo, play with our SDK’s, review open source code, and to help us move forward. Dragonchain specializes in scalable loyalty & rewards solutions and has built a decentralized social network on chain, with very affordable transaction costs. This experience can be combined with the insights Reddit and the Ethereum community have gained in the past couple of months to roll out the solution at a rapid pace.

Response and PoC

In The Great Reddit Scaling Bake-Off post, Reddit has asked for a series of demonstrations, requirements, and other considerations. In this section, we will attempt to answer all of these requests.

Live Demo

A live proof of concept showing hundreds of thousands of transactions
On Jan 7, 2020, Dragonchain hosted a 24-hour live demonstration during which a quarter of a billion (250 million+) transactions executed fully on an operational network. Every single transaction on Dragonchain is decentralized immediately through 5 levels of Dragon Net, and then secured with combined proof on Bitcoin, Ethereum, Ethereum Classic, and Binance Chain, via Interchain. This means that every single transaction is secured by, and traceable to these networks. An attack on this system would require a simultaneous attack on all of the Interchained networks.
24 hours in 4 minutes (YouTube):
24 hours in 4 minutes
The demonstration was of a single business system, and any user is able to scale this further, by running multiple systems simultaneously. Our goals for the event were to demonstrate a consistent capacity greater than that of Visa over an extended time period.
Tooling to reproduce our demo is available here:
https://github.com/dragonchain/spirit-bomb

Source Code

Source code (for on & off-chain components as well tooling used for the PoC). The source code does not have to be shared publicly, but if Reddit decides to use a particular solution it will need to be shared with Reddit at some point.

Scaling

How it works & scales

Architectural Scaling

Dragonchain’s architecture attacks the scalability issue from multiple angles. Dragonchain is a hybrid blockchain platform, wherein every transaction is protected on a business node to the requirements of that business or purpose. A business node may be held completely private or may be exposed or replicated to any level of exposure desired.
Every node has its own blockchain and is independently scalable. Dragonchain established Context Based Verification as its consensus model. Every transaction is immediately usable on a trust basis, and in time is provable to an increasing level of decentralized consensus. A transaction will have a level of decentralization to independently owned and deployed Dragonchain nodes (~700 nodes) within seconds, and full decentralization to BTC and ETH within minutes or hours. Level 5 nodes (Interchain nodes) function to secure all transactions to public or otherwise external chains such as Bitcoin and Ethereum. These nodes scale the system by aggregating multiple blocks into a single Interchain transaction on a cadence. This timing is configurable based upon average fees for each respective chain. For detailed information about Dragonchain’s architecture, and Context Based Verification, please refer to the Dragonchain Architecture Document.

Economic Scaling

An interesting feature of Dragonchain’s network consensus is its economics and scarcity model. Since Dragon Net nodes (L2-L4) are independent staking nodes, deployment to cloud platforms would allow any of these nodes to scale to take on a large percentage of the verification work. This is great for scalability, but not good for the economy, because there is no scarcity, and pricing would develop a downward spiral and result in fewer verification nodes. For this reason, Dragonchain uses TIME as scarcity.
TIME is calculated as the number of Dragons held, multiplied by the number of days held. TIME influences the user’s access to features within the Dragonchain ecosystem. It takes into account both the Dragon balance and length of time each Dragon is held. TIME is staked by users against every verification node and dictates how much of the transaction fees are awarded to each participating node for every block.
TIME also dictates the transaction fee itself for the business node. TIME is staked against a business node to set a deterministic transaction fee level (see transaction fee table below in Cost section). This is very interesting in a discussion about scaling because it guarantees independence for business implementation. No matter how much traffic appears on the entire network, a business is guaranteed to not see an increased transaction fee rate.

Scaled Deployment

Dragonchain uses Docker and Kubernetes to allow the use of best practices traditional system scaling. Dragonchain offers managed nodes with an easy to use web based console interface. The user may also deploy a Dragonchain node within their own datacenter or favorite cloud platform. Users have deployed Dragonchain nodes on-prem on Amazon AWS, Google Cloud, MS Azure, and other hosting platforms around the world. Any executable code, anything you can write, can be written into a smart contract. This flexibility is what allows us to say that developers with no blockchain experience can use any code language to access the benefits of blockchain. Customers have used NodeJS, Python, Java, and even BASH shell script to write smart contracts on Dragonchain.
With Docker containers, we achieve better separation of concerns, faster deployment, higher reliability, and lower response times.
We chose Kubernetes for its self-healing features, ability to run multiple services on one server, and its large and thriving development community. It is resilient, scalable, and automated. OpenFaaS allows us to package smart contracts as Docker images for easy deployment.
Contract deployment time is now bounded only by the size of the Docker image being deployed but remains fast even for reasonably large images. We also take advantage of Docker’s flexibility and its ability to support any language that can run on x86 architecture. Any image, public or private, can be run as a smart contract using Dragonchain.

Flexibility in Scaling

Dragonchain’s architecture considers interoperability and integration as key features. From inception, we had a goal to increase adoption via integration with real business use cases and traditional systems.
We envision the ability for Reddit, in the future, to be able to integrate alternate content storage platforms or other financial services along with the token.
  • LBRY - To allow users to deploy content natively to LBRY
  • MakerDAO to allow users to lend small amounts backed by their Reddit community points.
  • STORJ/SIA to allow decentralized on chain storage of portions of content. These integrations or any other are relatively easy to integrate on Dragonchain with an Interchain implementation.

Cost

Cost estimates (on-chain and off-chain) For the purpose of this proposal, we assume that all transactions are on chain (posts, replies, and votes).
On the Dragonchain network, transaction costs are deterministic/predictable. By staking TIME on the business node (as described above) Reddit can reduce transaction costs to as low as $0.0000025 per transaction.
Dragonchain Fees Table

Getting Started

How to run it
Building on Dragonchain is simple and requires no blockchain experience. Spin up a business node (L1) in our managed environment (AWS), run it in your own cloud environment, or on-prem in your own datacenter. Clear documentation will walk you through the steps of spinning up your first Dragonchain Level 1 Business node.
Getting started is easy...
  1. Download Dragonchain’s dctl
  2. Input three commands into a terminal
  3. Build an image
  4. Run it
More information can be found in our Get started documents.

Architecture
Dragonchain is an open source hybrid platform. Through Dragon Net, each chain combines the power of a public blockchain (like Ethereum) with the privacy of a private blockchain.
Dragonchain organizes its network into five separate levels. A Level 1, or business node, is a totally private blockchain only accessible through the use of public/private keypairs. All business logic, including smart contracts, can be executed on this node directly and added to the chain.
After creating a block, the Level 1 business node broadcasts a version stripped of sensitive private data to Dragon Net. Three Level 2 Validating nodes validate the transaction based on guidelines determined from the business. A Level 3 Diversity node checks that the level 2 nodes are from a diverse array of locations. A Level 4 Notary node, hosted by a KYC partner, then signs the validation record received from the Level 3 node. The transaction hash is ledgered to the Level 5 public chain to take advantage of the hash power of massive public networks.
Dragon Net can be thought of as a “blockchain of blockchains”, where every level is a complete private blockchain. Because an L1 can send to multiple nodes on a single level, proof of existence is distributed among many places in the network. Eventually, proof of existence reaches level 5 and is published on a public network.

API Documentation

APIs (on chain & off)

SDK Source

Nobody’s Perfect

Known issues or tradeoffs
  • Dragonchain is open source and even though the platform is easy enough for developers to code in any language they are comfortable with, we do not have so large a developer community as Ethereum. We would like to see the Ethereum developer community (and any other communities) become familiar with our SDK’s, our solutions, and our platform, to unlock the full potential of our Ethereum Interchain. Long ago we decided to prioritize both Bitcoin and Ethereum Interchains. We envision an ecosystem that encompasses different projects to give developers the ability to take full advantage of all the opportunities blockchain offers to create decentralized solutions not only for Reddit but for all of our current platforms and systems. We believe that together we will take the adoption of blockchain further. We currently have additional Interchain with Ethereum Classic. We look forward to Interchain with other blockchains in the future. We invite all blockchains projects who believe in decentralization and security to Interchain with Dragonchain.
  • While we only have 700 nodes compared to 8,000 Ethereum and 10,000 Bitcoin nodes. We harness those 18,000 nodes to scale to extremely high levels of security. See Dragonchain metrics.
  • Some may consider the centralization of Dragonchain’s business nodes as an issue at first glance, however, the model is by design to protect business data. We do not consider this a drawback as these nodes can make any, none, or all data public. Depending upon the implementation, every subreddit could have control of its own business node, for potential business and enterprise offerings, bringing new alternative revenue streams to Reddit.

Costs and resources

Summary of cost & resource information for both on-chain & off-chain components used in the PoC, as well as cost & resource estimates for further scaling. If your PoC is not on mainnet, make note of any mainnet caveats (such as congestion issues).
Every transaction on the PoC system had a transaction fee of $0.0001 (one-hundredth of a cent USD). At 256MM transactions, the demo cost $25,600. With current operational fees, the same demonstration would cost $640 USD.
For the demonstration, to achieve throughput to mimic a worldwide payments network, we modeled several clients in AWS and 4-5 business nodes to handle the traffic. The business nodes were tuned to handle higher throughput by adjusting memory and machine footprint on AWS. This flexibility is valuable to implementing a system such as envisioned by Reddit. Given that Reddit’s daily traffic (posts, replies, and votes) is less than half that of our demo, we would expect that the entire Reddit system could be handled on 2-5 business nodes using right-sized containers on AWS or similar environments.
Verification was accomplished on the operational Dragon Net network with over 700 independently owned verification nodes running around the world at no cost to the business other than paid transaction fees.

Requirements

Scaling

This PoC should scale to the numbers below with minimal costs (both on & off-chain). There should also be a clear path to supporting hundreds of millions of users.
Over a 5 day period, your scaling PoC should be able to handle:
*100,000 point claims (minting & distributing points) *25,000 subscriptions *75,000 one-off points burning *100,000 transfers
During Dragonchain’s 24 hour demo, the above required numbers were reached within the first few minutes.
Reddit’s total activity is 9000% more than Ethereum’s total transaction level. Even if you do not include votes, it is still 700% more than Ethereum’s current volume. Dragonchain has demonstrated that it can handle 250 million transactions a day, and it’s architecture allows for multiple systems to work at that level simultaneously. In our PoC, we demonstrate double the full capacity of Reddit, and every transaction was proven all the way to Bitcoin and Ethereum.
Reddit Scaling on Ethereum

Decentralization

Solutions should not depend on any single third-party provider. We prefer solutions that do not depend on specific entities such as Reddit or another provider, and solutions with no single point of control or failure in off-chain components but recognize there are numerous trade-offs to consider
Dragonchain’s architecture calls for a hybrid approach. Private business nodes hold the sensitive data while the validation and verification of transactions for the business are decentralized within seconds and secured to public blockchains within 10 minutes to 2 hours. Nodes could potentially be controlled by owners of individual subreddits for more organic decentralization.
  • Billing is currently centralized - there is a path to federation and decentralization of a scaled billing solution.
  • Operational multi-cloud
  • Operational on-premises capabilities
  • Operational deployment to any datacenter
  • Over 700 independent Community Verification Nodes with proof of ownership
  • Operational Interchain (Interoperable to Bitcoin, Ethereum, and Ethereum Classic, open to more)

Usability Scaling solutions should have a simple end user experience.

Users shouldn't have to maintain any extra state/proofs, regularly monitor activity, keep track of extra keys, or sign anything other than their normal transactions
Dragonchain and its customers have demonstrated extraordinary usability as a feature in many applications, where users do not need to know that the system is backed by a live blockchain. Lyceum is one of these examples, where the progress of academy courses is being tracked, and successful completion of courses is rewarded with certificates on chain. Our @Save_The_Tweet bot is popular on Twitter. When used with one of the following hashtags - #please, #blockchain, #ThankYou, or #eternalize the tweet is saved through Eternal to multiple blockchains. A proof report is available for future reference. Other examples in use are DEN, our decentralized social media platform, and our console, where users can track their node rewards, view their TIME, and operate a business node.
Examples:

Transactions complete in a reasonable amount of time (seconds or minutes, not hours or days)
All transactions are immediately usable on chain by the system. A transaction begins the path to decentralization at the conclusion of a 5-second block when it gets distributed across 5 separate community run nodes. Full decentralization occurs within 10 minutes to 2 hours depending on which interchain (Bitcoin, Ethereum, or Ethereum Classic) the transaction hits first. Within approximately 2 hours, the combined hash power of all interchained blockchains secures the transaction.

Free to use for end users (no gas fees, or fixed/minimal fees that Reddit can pay on their behalf)
With transaction pricing as low as $0.0000025 per transaction, it may be considered reasonable for Reddit to cover transaction fees for users.
All of Reddit's Transactions on Blockchain (month)
Community points can be earned by users and distributed directly to their Reddit account in batch (as per Reddit minting plan), and allow users to withdraw rewards to their Ethereum wallet whenever they wish. Withdrawal fees can be paid by either user or Reddit. This model has been operating inside the Dragonchain system since 2018, and many security and financial compliance features can be optionally added. We feel that this capability greatly enhances user experience because it is seamless to a regular user without cryptocurrency experience, yet flexible to a tech savvy user. With regard to currency or token transactions, these would occur on the Reddit network, verified to BTC and ETH. These transactions would incur the $0.0000025 transaction fee. To estimate this fee we use the monthly active Reddit users statista with a 60% adoption rate and an estimated 10 transactions per month average resulting in an approximate $720 cost across the system. Reddit could feasibly incur all associated internal network charges (mining/minting, transfer, burn) as these are very low and controllable fees.
Reddit Internal Token Transaction Fees

Reddit Ethereum Token Transaction Fees
When we consider further the Ethereum fees that might be incurred, we have a few choices for a solution.
  1. Offload all Ethereum transaction fees (user withdrawals) to interested users as they wish to withdraw tokens for external use or sale.
  2. Cover Ethereum transaction fees by aggregating them on a timed schedule. Users would request withdrawal (from Reddit or individual subreddits), and they would be transacted on the Ethereum network every hour (or some other schedule).
  3. In a combination of the above, customers could cover aggregated fees.
  4. Integrate with alternate Ethereum roll up solutions or other proposals to aggregate minting and distribution transactions onto Ethereum.

Bonus Points

Users should be able to view their balances & transactions via a blockchain explorer-style interface
From interfaces for users who have no knowledge of blockchain technology to users who are well versed in blockchain terms such as those present in a typical block explorer, a system powered by Dragonchain has flexibility on how to provide balances and transaction data to users. Transactions can be made viewable in an Eternal Proof Report, which displays raw data along with TIME staking information and traceability all the way to Bitcoin, Ethereum, and every other Interchained network. The report shows fields such as transaction ID, timestamp, block ID, multiple verifications, and Interchain proof. See example here.
Node payouts within the Dragonchain console are listed in chronological order and can be further seen in either Dragons or USD. See example here.
In our social media platform, Dragon Den, users can see, in real-time, their NRG and MTR balances. See example here.
A new influencer app powered by Dragonchain, Raiinmaker, breaks down data into a user friendly interface that shows coin portfolio, redeemed rewards, and social scores per campaign. See example here.

Exiting is fast & simple
Withdrawing funds on Dragonchain’s console requires three clicks, however, withdrawal scenarios with more enhanced security features per Reddit’s discretion are obtainable.

Interoperability Compatibility with third party apps (wallets/contracts/etc) is necessary.
Proven interoperability at scale that surpasses the required specifications. Our entire platform consists of interoperable blockchains connected to each other and traditional systems. APIs are well documented. Third party permissions are possible with a simple smart contract without the end user being aware. No need to learn any specialized proprietary language. Any code base (not subsets) is usable within a Docker container. Interoperable with any blockchain or traditional APIs. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js. Please see our source code and API documentation.

Scaling solutions should be extensible and allow third parties to build on top of it Open source and extensible
APIs should be well documented and stable

Documentation should be clear and complete
For full documentation, explore our docs, SDK’s, Github repo’s, architecture documents, original Disney documentation, and other links or resources provided in this proposal.

Third-party permissionless integrations should be possible & straightforward Smart contracts are Docker based, can be written in any language, use full language (not subsets), and can therefore be integrated with any system including traditional system APIs. Simple is better. Learning an uncommon or proprietary language should not be necessary.
Advanced knowledge of mathematics, cryptography, or L2 scaling should not be required. Compatibility with common utilities & toolchains is expected.
Dragonchain business nodes and smart contracts leverage Docker to allow the use of literally any language or executable code. No proprietary language is necessary. We’ve witnessed relatively complex systems built by engineers with no blockchain or cryptocurrency experience. We’ve also demonstrated the creation of smart contracts within minutes built with BASH shell and Node.js.

Bonus

Bonus Points: Show us how it works. Do you have an idea for a cool new use case for Community Points? Build it!

TIME

Community points could be awarded to Reddit users based upon TIME too, whereas the longer someone is part of a subreddit, the more community points someone naturally gained, even if not actively commenting or sharing new posts. A daily login could be required for these community points to be credited. This grants awards to readers too and incentivizes readers to create an account on Reddit if they browse the website often. This concept could also be leveraged to provide some level of reputation based upon duration and consistency of contribution to a community subreddit.

Dragon Den

Dragonchain has already built a social media platform that harnesses community involvement. Dragon Den is a decentralized community built on the Dragonchain blockchain platform. Dragon Den is Dragonchain’s answer to fake news, trolling, and censorship. It incentivizes the creation and evaluation of quality content within communities. It could be described as being a shareholder of a subreddit or Reddit in its entirety. The more your subreddit is thriving, the more rewarding it will be. Den is currently in a public beta and in active development, though the real token economy is not live yet. There are different tokens for various purposes. Two tokens are Lair Ownership Rights (LOR) and Lair Ownership Tokens (LOT). LOT is a non-fungible token for ownership of a specific Lair. LOT will only be created and converted from LOR.
Energy (NRG) and Matter (MTR) work jointly. Your MTR determines how much NRG you receive in a 24-hour period. Providing quality content, or evaluating content will earn MTR.

Security. Users have full ownership & control of their points.
All community points awarded based upon any type of activity or gift, are secured and provable to all Interchain networks (currently BTC, ETH, ETC). Users are free to spend and withdraw their points as they please, depending on the features Reddit wants to bring into production.

Balances and transactions cannot be forged, manipulated, or blocked by Reddit or anyone else
Users can withdraw their balance to their ERC20 wallet, directly through Reddit. Reddit can cover the fees on their behalf, or the user covers this with a portion of their balance.

Users should own their points and be able to get on-chain ERC20 tokens without permission from anyone else
Through our console users can withdraw their ERC20 rewards. This can be achieved on Reddit too. Here is a walkthrough of our console, though this does not show the quick withdrawal functionality, a user can withdraw at any time. https://www.youtube.com/watch?v=aNlTMxnfVHw

Points should be recoverable to on-chain ERC20 tokens even if all third-parties involved go offline
If necessary, signed transactions from the Reddit system (e.g. Reddit + Subreddit) can be sent to the Ethereum smart contract for minting.

A public, third-party review attesting to the soundness of the design should be available
To our knowledge, at least two large corporations, including a top 3 accounting firm, have conducted positive reviews. These reviews have never been made public, as Dragonchain did not pay or contract for these studies to be released.

Bonus points
Public, third-party implementation review available or in progress
See above

Compatibility with HSMs & hardware wallets
For the purpose of this proposal, all tokenization would be on the Ethereum network using standard token contracts and as such, would be able to leverage all hardware wallet and Ethereum ecosystem services.

Other Considerations

Minting/distributing tokens is not performed by Reddit directly
This operation can be automated by smart contract on Ethereum. Subreddits can if desired have a role to play.

One off point burning, as well as recurring, non-interactive point burning (for subreddit memberships) should be possible and scalable
This is possible and scalable with interaction between Dragonchain Reddit system and Ethereum token contract(s).

Fully open-source solutions are strongly preferred
Dragonchain is fully open source (see section on Disney release after conclusion).

Conclusion

Whether it is today, or in the future, we would like to work together to bring secure flexibility to the highest standards. It is our hope to be considered by Ethereum, Reddit, and other integrative solutions so we may further discuss the possibilities of implementation. In our public demonstration, 256 million transactions were handled in our operational network on chain in 24 hours, for the low cost of $25K, which if run today would cost $625. Dragonchain’s interoperable foundation provides the atmosphere necessary to implement a frictionless community points system. Thank you for your consideration of our proposal. We look forward to working with the community to make something great!

Disney Releases Blockchain Platform as Open Source

The team at Disney created the Disney Private Blockchain Platform. The system was a hybrid interoperable blockchain platform for ledgering and smart contract development geared toward solving problems with blockchain adoption and usability. All objective evaluation would consider the team’s output a success. We released a list of use cases that we explored in some capacity at Disney, and our input on blockchain standardization as part of our participation in the W3C Blockchain Community Group.
https://lists.w3.org/Archives/Public/public-blockchain/2016May/0052.html

Open Source

In 2016, Roets proposed to release the platform as open source to spread the technology outside of Disney, as others within the W3C group were interested in the solutions that had been created inside of Disney.
Following a long process, step by step, the team met requirements for release. Among the requirements, the team had to:
  • Obtain VP support and approval for the release
  • Verify ownership of the software to be released
  • Verify that no proprietary content would be released
  • Convince the organization that there was a value to the open source community
  • Convince the organization that there was a value to Disney
  • Offer the plan for ongoing maintenance of the project outside of Disney
  • Itemize competing projects
  • Verify no conflict of interest
  • Preferred license
  • Change the project name to not use the name Disney, any Disney character, or any other associated IP - proposed Dragonchain - approved
  • Obtain legal approval
  • Approval from corporate, parks, and other business units
  • Approval from multiple Disney patent groups Copyright holder defined by Disney (Disney Connected and Advanced Technologies)
  • Trademark searches conducted for the selected name Dragonchain
  • Obtain IT security approval
  • Manual review of OSS components conducted
  • OWASP Dependency and Vulnerability Check Conducted
  • Obtain technical (software) approval
  • Offer management, process, and financial plans for the maintenance of the project.
  • Meet list of items to be addressed before release
  • Remove all Disney project references and scripts
  • Create a public distribution list for email communications
  • Remove Roets’ direct and internal contact information
  • Create public Slack channel and move from Disney slack channels
  • Create proper labels for issue tracking
  • Rename internal private Github repository
  • Add informative description to Github page
  • Expand README.md with more specific information
  • Add information beyond current “Blockchains are Magic”
  • Add getting started sections and info on cloning/forking the project
  • Add installation details
  • Add uninstall process
  • Add unit, functional, and integration test information
  • Detail how to contribute and get involved
  • Describe the git workflow that the project will use
  • Move to public, non-Disney git repository (Github or Bitbucket)
  • Obtain Disney Open Source Committee approval for release
On top of meeting the above criteria, as part of the process, the maintainer of the project had to receive the codebase on their own personal email and create accounts for maintenance (e.g. Github) with non-Disney accounts. Given the fact that the project spanned multiple business units, Roets was individually responsible for its ongoing maintenance. Because of this, he proposed in the open source application to create a non-profit organization to hold the IP and maintain the project. This was approved by Disney.
The Disney Open Source Committee approved the application known as OSSRELEASE-10, and the code was released on October 2, 2016. Disney decided to not issue a press release.
Original OSSRELASE-10 document

Dragonchain Foundation

The Dragonchain Foundation was created on January 17, 2017. https://den.social/l/Dragonchain/24130078352e485d96d2125082151cf0/dragonchain-and-disney/
submitted by j0j0r0 to ethereum [link] [comments]

Technical: Confidential Transactions and Their Implementation Tradeoffs

As requested by estradata here: https://old.reddit.com/Bitcoin/comments/iylou9/what_are_some_of_the_latest_innovations_in_the/g6heez1/
It is a general issue that crops up at the extremes of cryptography, with quantum breaks being just one of the extremes of (classical) cryptography.

Computational vs Information-Theoretic

The dichotomy is between computationally infeasible vs informationally-theoretic infeasible. Basically:
Quantum breaks represent a possible reduction in computational infeasibility of certain things, but not information-theoretic infeasibility.
For example, suppose you want to know what 256-bit preimages map to 256-bit hashes. In theory, you just need to build a table with 2256 entries and start from 0x0000000000000000000000000000000000000000000000000000000000000000 and so on. This is computationally infeasible, but not information-theoretic infeasible.
However, suppose you want to know what preimages, of any size, map to 256-bit hashes. Since the preimages can be of any size, after finishing with 256-bit preimages, you have to proceed to 257-bit preimages. And so on. And there is no size limit, so you will literally never finish. Even if you lived forever, you would not complete it. This is information-theoretic infeasible.

Commitments

How does this relate to confidential transactions? Basically, every confidential transaction simply hides the value behind a homomorphic commitment. What is a homomorphic commitment? Okay, let's start with commitments. A commitment is something which lets you hide something, and later reveal what you hid. Until you reveal it, even if somebody has access to the commitment, they cannot reverse it to find out what you hid. This is called the "hiding property" of commitments. However, when you do reveal it (or "open the commitment"), then you cannot replace what you hid with some other thing. This is called the "binding property" of commitments.
For example, a hash of a preimage is a commitment. Suppose I want to commit to something. For example, I want to show that I can predict the future using the energy of a spare galaxy I have in my pocket. I can hide that something by hashing a description of the future. Then I can give the hash to you. You still cannot learn the future, because it's just a hash, and you can't reverse the hash ("hiding"). But suppose the future event occurs. I can reveal that I did, in fact, know the future. So I give you the description, and you hash it and compare it to the hash I gave earlier. Because of preimage resistance, I cannot retroactively change what I hid in the hash, so what I gave must have been known to me at the time that I gave you the commitment i..e. hash ("binding").

Homomorphic Commitments

A homomorphic commitment simply means that if I can do certain operations on preimages of the commitment scheme, there are certain operations on the commitments that would create similar ("homo") changes ("morphic") to the commitments. For example, suppose I have a magical function h() which is a homomorphic commitment scheme. It can hide very large (near 256-bit) numbers. Then if h() is homomorphic, there may be certain operations on numbers behind the h() that have homomorphisms after the h(). For example, I might have an operation <+> that is homomorphic in h() on +, or in other words, if I have two large numbers a and b, then h(a + b) = h(a) <+> h(b). + and <+> are different operations, but they are homomorphic to each other.
For example, elliptic curve scalars and points have homomorphic operations. Scalars (private keys) are "just" very large near-256-bit numbers, while points are a scalar times a standard generator point G. Elliptic curve operations exist where there is a <+> between points that is homomorphic on standard + on scalars, and a <*> between a scalar and a point that is homomorphic on standard * multiplication on scalars.
For example, suppose I have two large scalars a and b. I can use elliptic curve points as a commitment scheme: I can take a <*> G to generate a point A. It is hiding since nobody can learn what a is unless I reveal it (a and A can be used in standard ECDSA private-public key cryptography, with the scalar a as the private key and the point A as the public key, and the a cannot be derived even if somebody else knows A). Thus, it is hiding. At the same time, for a particular point A and standard generator point G, there is only one possible scalar a which when "multiplied" with G yields A. So scalars and elliptic curve points are a commitment scheme, with both hiding and binding properties.
Now, as mentioned there is a <+> operation on points that is homomorphic to the + operation on corresponding scalars. For example, suppose there are two scalars a and b. I can compute (a + b) <*> G to generate a particular point. But even if I don't know scalars a and b, but I do know points A = a <*> G and B = b <*> G, then I can use A <+> B to derive (a + b) <*> G (or equivalently, (a <*> G) <+> (b <*> G) == (a + b) <*> G). This makes points a homomorphic commitment scheme on scalars.

Confidential Transactions: A Sketch

This is useful since we can easily use the near-256-bit scalars in SECP256K1 elliptic curves to easily represent values in a monetary system, and hide those values by using a homomorphic commitment scheme. We can use the hiding property to prevent people from learning the values of the money we are sending and receiving.
Now, in a proper cryptocurrency, a normal, non-coinbase transaction does not create or destroy coins: the values of the input coins are equal to the value of the output coins. We can use a homomorphic commitment scheme. Suppose I have a transaction that consumes an input value a and creates two output values b and c. That is, a = b + c, i.e. the sum of all inputs a equals the sum of all outputs b and c. But remember, with a homomorphic commitment scheme like elliptic curve points, there exists a <+> operation on points that is homomorphic to the ordinary school-arithmetic + addition on large numbers. So, confidential transactions can use points a <*> G as input, and points b <*> G and c <*> G as output, and we can easily prove that a <*> G = (b <*> G) <+> (c <*> G) if a = b + c, without revealing a, b, or c to anyone.

Pedersen Commitments

Actually, we cannot just use a <*> G as a commitment scheme in practice. Remember, Bitcoin has a cap on the number of satoshis ever to be created, and it's less than 253 satoshis, which is fairly trivial. I can easily compute all values of a <*> G for all values of a from 0 to 253 and know which a <*> G corresponds to which actual amount a. So in confidential transactions, we cannot naively use a <*> G commitments, we need Pedersen commitments.
If you know what a "salt" is, then Pedersen commitments are fairly obvious. A "salt" is something you add to e.g. a password so that the hash of the password is much harder to attack. Humans are idiots and when asked to generate passwords, will output a password that takes less than 230 possibilities, which is fairly easy to grind. So what you do is that you "salt" a password by prepending a random string to it. You then hash the random string + password, and store the random string --- the salt --- together with the hash in your database. Then when somebody logs in, you take the password, prepend the salt, hash, and check if the hash matches with the in-database hash, and you let them log in. Now, with a hash, even if somebody copies your password database, the can't get the password. They're hashed. But with a salt, even techniques like rainbow tables make a hacker's life even harder. They can't hash a possible password and check every hash in your db for something that matches. Instead, if they get a possible password, they have to prepend each salt, hash, then compare. That greatly increases the computational needs of a hacker, which is why salts are good.
What a Pedersen commitment is, is a point a <*> H, where a is the actual value you commit to, plus <+> another point r <*> G. H here is a second standard generator point, different from G. The r is the salt in the Pedersen commitment. It makes it so that even if you show (a <*> H) <+> (r <*> G) to somebody, they can't grind all possible values of a and try to match it with your point --- they also have to grind r (just as with the password-salt example above). And r is much larger, it can be a true near-256-bit number that is the range of scalars in SECP256K1, whereas a is constrained to "reasonable" numbers of satoshi, which cannot exceed 21 million Bitcoins.
Now, in order to validate a transaction with input a and outputs b and c, you only have to prove a = b + c. Suppose we are hiding those amounts using Pedersen commitments. You have an input of amount a, and you know a and r. The blockchain has an amount (a <*> H) <+> (r <*> G). In order to create the two outputs b and c, you just have to create two new r scalars such that r = r[0] + r[1]. This is trivial, you just select a new random r[0] and then compute r[1] = r - r[0], it's just basic algebra.
Then you create a transaction consuming the input (a <*> H) <+> (r <*> G) and outputs (b <*> H) <+> (r[0] <*> G) and (c <*> H) <+> (r[1] <*> G). You know that a = b + c, and r = r[0] + r[1], while fullnodes around the world, who don't know any of the amounts or scalars involved, can just take the points (a <*> H) <+> (r <*> G) and see if it equals (b <*> H) <+> (r[0] <*> G) <+> (c <*> H) <+> (r[1] <*> G). That is all that fullnodes have to validate, they just need to perform <+> operations on points and comparison on points, and from there they validate transactions, all without knowing the actual values involved.

Computational Binding, Information-Theoretic Hiding

Like all commitments, Pedersen Commitments are binding and hiding.
However, there are really two kinds of commitments:
What does this mean? It's just a measure of how "impossible" binding vs hiding is. Pedersen commitments are computationally binding, meaning that in theory, a user of this commitment with arbitrary time and space and energy can, in theory, replace the amount with something else. However, it is information-theoretic hiding, meaning an attacker with arbitrary time and space and energy cannot figure out exactly what got hidden behind the commitment.
But why?
Now, we have been using a and a <*> G as private keys and public keys in ECDSA and Schnorr. There is an operation <*> on a scalar and a point that generates another point, but we cannot "revrese" this operation. For example, even if I know A, and know that A = a <*> G, but do not know a, I cannot derive a --- there is no operation between A G that lets me know a.
Actually there is: I "just" need to have so much time, space, and energy that I just start counting a from 0 to 2256 and find which a results in A = a <*> G. This is a computational limit: I don't have a spare universe in my back pocket I can use to do all those computations.
Now, replace a with h and A with H. Remember that Pedersen commitments use a "second" standard generator point. The generator points G and H are "not really special" --- they are just random points on the curve that we selected and standardized. There is no operation H G such that I can learn h where H = h <*> G, though if I happen to have a spare universe in my back pocket I can "just" brute force it.
Suppose I do have a spare universe in my back pocket, and learn h = H G such that H = h <*> G. What can I do in Pedersen commitments?
Well, I have an amount a that is committed to by (a <*> H) <+> (r <*> G). But I happen to know h! Suppose I want to double my money a without involving Elon Musk. Then:
That is what we mean by computationally binding: if I can compute h such that H = h <*> G, then I can find another number which opens the same commitment. And of course I'd make sure that number is much larger than what I originally had in that address!
Now, the reason why it is "only" computationally binding is that it is information-theoretically hiding. Suppose somebody knows h, but has no money in the cryptocurrency. All they see are points. They can try to find what the original amounts are, but because any amount can be mapped to "the same" point with knowledge of h (e.g. in the above, a and 2 * a got mapped to the same point by "just" replacing the salt r with r - a * h; this can be done for 3 * a, 4 * a etc.), they cannot learn historical amounts --- the a in historical amounts could be anything.
The drawback, though, is that --- as seen above --- arbitrary inflation is now introduced once somebody knows h. They can multiply their money by any arbitrary factor with knowledge of h.
It is impossible to have both perfect hiding (i.e. historical amounts remain hidden even after a computational break) and perfect binding (i.e. you can't later open the commitment to a different, much larger, amount).
Pedersen commitments just happen to have perfect hiding, but only computationally-infeasible binding. This means they allow hiding historical values, but in case of anything that allows better computational power --- including but not limited to quantum breaks --- they allow arbitrary inflation.

Changing The Tradeoffs with ElGamal Commitments

An ElGamal commitment is just a Pedersen commitment, but with the point r <*> G also stored in a separate section of the transaction.
This commits the r, and fixes it to a specific value. This prevents me from opening my (a <*> H) <+> (r <*> G) as ((2 * a) <*> H) <+> ((r - a * h) <*> G), because the (r - a * h) would not match the r <*> G sitting in a separate section of the transaction. This forces me to be bound to that specific value, and no amount of computation power will let me escape --- it is information-theoretically binding i.e. perfectly binding.
But that is now computationally hiding. An evil surveillor with arbitrary time and space can focus on the r <*> G sitting in a separate section of the transaction, and grind r from 0 to 2256 to determine what r matches that point. Then from there, they can negate r to get (-r) <*> G and add it to the (a <*> H) <+> (r <*> G) to get a <*> H, and then grind that to determine the value a. With massive increases in computational ability --- including but not limited to quantum breaks --- an evil surveillor can see all the historical amounts of confidential transactions.

Conclusion

This is the source of the tradeoff: either you design confidential transactions so in case of a quantum break, historical transactions continue to hide their amounts, but inflation of the money is now unavoidable, OR you make the money supply sacrosanct, but you potentially sacrifice amount hiding in case of some break, including but not limited to quantum breaks.
submitted by almkglor to Bitcoin [link] [comments]

Decred, Hyper-secure and Unforgeably Scarce

Decred, Hyper-secure and Unforgeably Scarce
I'm pleased to present my paper quantifying Decred's Scarcity, Security and Transaction Finality.
TL:DR - Decred is justifiably one of the top 3 most secure and censorship-resistant distributed ledgers, competing directly with Bitcoin and Ethereum, even though it is 750x and 80x smaller in Market Cap Size. https://medium.com/@_Checkmatey_/decred-hypersecure-unforgeably-scarce-e076b91a2be
Overview
In this study I critically review the essential components of a fairly-launched, unforgeably scarce and reliably secure sound money protocol. For Decred, the hybrid PoW/PoS security mechanism has several unique characteristics that affect the relative cost to create a competing minority chain and forge DCR coins. Production of a competing Decred block requires a trade-off between a share of the PoS ticket pool and a corresponding share of the PoW hash-rate market.
The share of PoW/PoS required and cost to attack has been documented by Zubair Zia (2018), Fiach_Dubh (2019), Haon and Collins (2018) and an invaluable paper by Stafford (2019) which forms part-basis for this analysis.
Decred’s Hybrid security mechanism maintains the core value proposition of the pure PoW system employed by Bitcoin and overlays PoS validation akin to two-factor authentication. This enhances the actual security by orders of magnitude in the most probable scenarios whilst simultaneously mitigating the risk of the inevitable centralisation of miners.
The Decred Security Curve
Unforgeable Costliness
Under marginal cost = marginal reward framework of incentives, I analyse the cumulative Cost of Security over both protocol's lifetime. It is notable that Decred currently carries relative a monetary premium 3.3x greater than Bitcoin did at 50% coins mined and 10x Bitcoin today when considering the extreme case of a 50% ticket attack vector as an analogue for pure PoW.
https://preview.redd.it/avdadlaw1a241.png?width=1480&format=png&auto=webp&s=ccf4f18b9d9382b8180b984a04254526d6747ef4
Cumulative Security Cost to attack Decred and Bitcoin vs Coin-age (circ supply/21M)
Settlement Finality
Finality represents how resistant a blockchain is to being re-organised during an attack that is intended to censor or roll-back transactions. A blockchain with a significant security budget implies each transaction is settled by significant honest costliness which acts as a deterrent that an attacker must overcome (Carter, 2019, Permabull Nino,2018).
The table and chart below present the 24hr security costliness for the Bitcoin and Decred ledgers, which an attacker must overcome to initiate a re-organisation. Note that this assumes the MC = MR framework and does not account for the actions of miners and stakeholders who would likely operate at a short term loss in defensive action under a genuine attack scenario.
Daily cost to attack Decred and Bitcoin ledgers vs coin-age
In the upper bound condition of 5% of tickets owned, Decred boasts a superior daily security cost and finality relative to Bitcoin, making the Decred protocol the most secure blockchain known to the author. In the extreme lower bound case of 75% tickets (level of PoS consensus), Decred matches Bitcoin in security cost on a per unit of market cap basis.
The Decred Finality Ratio is thus defined as the real-time ratio between the 24hr security cost of Decred compared to Bitcoin. This ratio compares the actual, present-day settlement finality of the Decred protocol using Bitcoin as a benchmark.
Decred finality ratio compared to PoW Ledger ranks on howmanyconfs.com
Decred is a cryptocurrency that is 750x smaller than Bitcoin. If we theorise a similarly sized, pure PoW protocol that issues an equivalent number of coins to Bitcoin per unit of time (a mini-Bitcoin), we would expect settlement equivalent to 1 Bitcoin block to take around 5.34 days.
In every ticket share scenario considered, Decred’s security cost outperforms this theoretical Proof of work security system by at least 2x.
  • For attacks with <10% ticket share, Decred matches to outperforms Bitcoin for transaction finality, making it the most secure ledger the author is aware of.
  • For attacks with <30% ticket share, Decred outpaces Ethereum and Bcash for spots in the top 3 most secure ledgers.
  • In the most adverse scenarios with 50% to 75% offensive tickets, Decred finality still places it firmly in the top 10 most secure ledgers.
Conclusions
This study concludes that Decred boasts a settlement finality under the most adverse conditions that rank it, at a minimum, in the top 10 most secure blockchains.
Given the conservatism built into this analysis, under realistic attack conditions, Decred performs as one of the top 3 most secure blockchains, competing directly with Ethereum and Bitcoin for settlement finality.

Appreciate any comments, feedback.
Honest questions will get honest answers.
submitted by __checkmatey__ to decred [link] [comments]

Why Bitcoin was created

NOTE: Not sure if this is useful at all. I welcome corrections. This was off the top of my head, probably a lot of stuff can be made clearer.

I see many people here are not really understanding why bitcoin was created.
As a result, many are unable to answer these questions:
  1. Why bitcoin over another crypo-currency?
  2. If bitcoin is slower than CC why use it?
  3. [your-question-here]?
If you can answer "Why was Bitcoin created?" you will automatically form your own opinion on the questions above!

Wrong Question
The original question we asked is kind of the wrong question to ask. It has a simple (unsatisfying) answer:
Question: Why was Bitcoin created?
Answer: To prevent spending the same digital dollar twice.

Wait.. what? Before we understand above, let's first understand the problem with digital money...

Money: physical vs. digital
Physical money is easy. Let's say we decide to use apples as currency. If I have one apple and you have one apple, and I give you one apple, than you now have two apples and I have none.
Digital money is hard. Let's say we decide to use cat pictures as currency. If I have a picture of a cat named "sparkles.jpeg" and you have a picture of a cat named "rocket.jpeg", and I send you "sparkles.jpeg" - then you now have two pictures of a cat, but I still have one!
Similarly, if we were to represent digital dollars as information (file, record in a database or photo of a dollar), then anytime we send a dollar, we effectively create a copy of it.
Why is this a problem?

Double Spending
Suppose I have only $1 digital dollar on my hard-drive (doesn't matter how it is stored - it can be a file called "Wallet.txt" with a single entry "Me = 1").
Let's say there are two online stores: Tables.com and Chairs.com. Tables.com sells tables online. Chairs.com sells chairs online.
The prices are as follows:
  1. Tables are $1 digital dollars each
  2. Chairs are $0.5 digital dollars each
I am now going to buy 1 table and 2 chairs (total cost $2) for only $1 dollar.
Here is how I can do this:
  1. First, I will create a copy of my wallet (where my digital dollars are stored). Let's called it "Wallet.txt.backup"
  2. Then, I will send $1 digital dollars to Tables.com store and ask them to ship me 1 Table.
  3. After my order is accepted, I will immediately immediately restore my "Wallet.txt.backup" file (which still has $1 dollars in it) and...
  4. Send $1 digital dollars to Chairs.com and order 2 chairs.

Since Chairs.com doesn't know about Tables.com (they don't have direct communication channel), they will both ship me the goods.
I have now spent the same dollar twice. I have double spent my dollar.

Banks solve Double Spending
There is a very simple (and elegant) solution to this problem. Instead of letting everyone keep track of their own Wallet.txt file, let one person do it and send all transactions through them.
Let's say that now we have to send every transaction through Mr. Knab. So if I want to pay Chairs.com I don't send the digital dollar to the store directly, but instead I send my digital dollar to Mr. Knab and ask him to forward my digital dollar to Chairs.com
Let's see how this prevents spending the same dollar twice:
  1. Mr. Knab knows that I have $1 digital dollar to my name. He stores it in a file called "Wallet.txt".
  2. I ask Mr. Knab to send $1 digital dollar to Tables.com store to order 1 Table.
  3. Mr. Knab subtracts $1 from me in "Wallet.txt" and adds it to the line that corresponds to Tables.com (how he does this is irrelevant - the important thing is that he remembers how many digital dollars I have)
  4. Mr. Knab sends an email to Tables.com saying "You got $1 digital dollar, please ship a Table to this guy".
  5. (Now comes me trying to cheat) After my order is accepted, I immediately ask Mr. Knab to send $1 digital dollar to Chairs.com to order 2 chairs.
  6. Mr. Knab checks "Wallet.txt" and sees that I have $0 digital dollars remaining and rejects my order.
I could not spend the same digital dollar twice.
In the real world "Mr. Knab" is the bank. It is an institution that stores your digital wallet to make sure you can't cheat.
Bank is a tool to prevent double spending.

The Right Question
Now that we understand the challenge with digital money (making sure you don't spend a digital dollar twice) and how the bank solves this (by storing your digital wallet for you) we can ask the proper question:
Question: Why was Bitcoin created to prevent spending the same digital dollar twice if the bank already does it?
Answer: Bitcoin prevents spending the same digital dollar twice without a bank.

Let us reiterate this point:
Bitcoin was created to prevent spending the same digital dollar twice without a bank.

Useful or Not?
Whether this property (preventing double spending without intermediaries) is a useful thing is not what we are concerned with here. Think of bitcoin as solving a challenge: hey, we can prevent double spending with a bank in between, can we do this without a bank? We leave the question whether Bitcoin is "useful" to others.


How Bitcoin solves this problem (Short version)
Bitcoin network chooses a random computer to briefly act as a bank. That computer then makes sure no dollar is spent twice. Randomly choosing computer is hard and Bitcoin solves this problem by requiring proof of work, the first to provide it will get chosen as the bank. Being chosen as a bank pays (block reward) and everyone wants to provide proof of work first. The more people compete the harder it becomes to be the bank. The harder it is to become the bank, the more secure the Bitcoin is.

How Bitcoin solves this problem (long version)


I lied. Bitcoin still has a bank. Only this bank is one of the people who participates in Bitcoin network: let's call them a person-bank. This person-bank is chosen randomly for EVERY transaction (*gross simplification*). The person-bank is responsible for verifying that the transaction is correct. Since Bitcoin network sends a copy of the Wallet.txt file to EVERY person, anyone can verify any transaction. If the person-bank verifies transaction correctly - it gets paid. Otherwise it gets nothing.

Picking random person is hard
The problem then becomes how to pick a person-bank randomly, so that you can't always have Joe being the person-bank and spending his own dollars twice.
Turns out the problem if picking a random person from a group of people is really hard to do in practice. Bitcoin solves this problem by posing a puzzle to each person - and the first person to come up with an answer gets to act as a person-bank for the next transaction.
This puzzle must be so hard, that nobody should be able to do any better on it than anybody else. It's hard to think of this in human terms, because with practice we get better at everything. However, imagine that everyone in the world got REALLY REALLY drunk and was forced to throw darts. So that no matter how much practice anyone had with darts, everyone was equally horrible. Every time anyone threw a dart it would always land randomly. Now, picking a random person is easy - pick the person who threw the dart into the middle of the board.
In Bitcoin this puzzle involves hashing and the answer to it is called proof of work. But this is all really irrelevant. What is important is that no computer can practice to get better at solving this puzzle. They are all equally drunk when it comes to the solution.
All the bitcoin computers who are trying to solve the puzzle are called miners. The winning participant gets a lot of money as a reward: currently 12.5BTC.

Security depends on puzzle complexity
If the puzzle is too easy, then someone can always solve it first (by buying a bigger computer) and approve their own invalid transaction. Bitcoin increases the difficulty of the puzzle if it takes the network less than 10 minutes to solve it. It decreases the difficulty if it takes more than 10 minutes to solve it.
If there are 1 person trying to solve a puzzle and another joins, then the difficulty will increase by two. This is because 1 person solved the puzzle every 10 minutes, so if another joins, they will solve it twice as fast (think two drunken people throwing darts instead of one - it will take half the time to hit the center).
If we have 100,000 people trying to solve a puzzle and another person joins, this will barely affect the difficulty. Alternatively, if we wanted to beat 100,000 and solve the puzzle first, we would need as much computation power as all those people combined (and a little bit more). We would need about 51% of the power of the whole bitcoin mining network.
That is why for Bitcoin to be secure, the puzzle must be hard for anyone on the planet EARTH to solve.

If bitcoin was only mined by one country, then another country could easily purchase enough computers (say 10x as many) to make sure they act as the bank every time. They could then spend the same dollar twice (for example, they could buy some tanks from another country, but then revert the money back to their wallet).
submitted by e5pK44sqszwxjEFL to Bitcoin [link] [comments]

My review of "A model for Bitcoin’s security and the declining block subsidy" -- a new research paper by Hasu, Prestwich & Curtis

In their new paper, authors Hasu, James Prestwich and Brandon Curtis present a simple yet realistic model for bitcoin's security as the block subsidy declines:
https://uncommoncore.co/research-paper-a-model-for-bitcoins-security-and-the-declining-block-subsidy/
With a block subsidy halving scheduled for next spring, the topic is timely. As the authors' note
"the most important source of miner revenue, the block subsidy, will have to be replaced by an entirely new source of revenue"
Indeed, and it is miner revenue that plays the critical role in bitcoin's security.
Work on this topic tends to come in two flavors. Flavor 1 is full of mathematical splendor built upon assumptions that are too simplistic to make realistic predictions (e.g., assuming an arbitrary amount of hash power can be easily rented and thus predicting that double-spends should be occurring all the time [yet they rarely do]). Flavor 2 is better grounded in empirical fact but often limited to qualitative reasoning alone. This paper has the best features of both: it succeeds in incorporating the most-important real-world factors but in a way that still results in a rigorous model that permits quantitative reasoning about the system's security properties.
Key to the model is the concept of miner-extractable value (MEV). This is the total value that a miner can extract by "not mining honestly" as it were (e.g., reorging the chain or other shenanigans permitted by the protocol). If the MEV is big enough, then a miner can earn more profit by attacking than by mining honestly.
The paper is unique by incorporating the term p(postAttackPrice) in the model. If p(postAttackPrice) = 95%, it means the price of a bitcoin fell to 95% of its pre-attack price as a direct result of the attack. Interestingly, in the authors' model, only MEV and the miners' revenue are discounted by this term. The miners' cost remains fixed, as these costs are tied to consuming real-world resources like electricity and transistors. This means the expected value of the attack becomes negative very quickly with even small changes in postAttackPrice.
(Aside: Does this highlight an important difference between proof-of-work (PoW) and proof-of-stake (PoS)? In a proof-of-stake system, the costs are denominated in the same "units" as the rewards, since there is no tether to the physical world via mining. And so the terms in the equations related to the miners' costs might scale with p(postAttackPrice) too, thereby weakening the security model compared to PoW.)
The authors' then describe how, based on their research, ~50% of the cost of mining is due to fixed infrastructure costs (a term in their model called "commitment") rather marginal costs. Since a decrease in postAttackPrice applies over the entire lifetime of this infrastructure, even a slight decrease can impose a big cost on the miner, making dishonest mining unprofitable if detected.
(Aside: although the authors consider the security of confirmed transactions in their model, the arguments related to the infrastructure commitment and postAttackPrice apply similarly to miner-assisted fraud for unconfirmed transactions. Proposals such as subchains, STORM and double-spend proofs that bring visibility to miner shenanigans thus increase unconfirmed transaction security by providing the market with the information it needs to react (e.g., to drive down postAttackPrice)).
Finally, the authors include a term in their model that reflects the fact that the users could temporarily suspend Nakamoto consensus and fork to a different chain where the miners' infrastructure commitment has no value. This isn't new (it's often called the "nuclear option") but it's also incorporated into their quantitative model.
In terms of solutions moving forward, the authors talk about constraining the amount of block space produced to derive maximal transaction fee revenue from the users. This is a topic explored in depth by Nicola Dimitri in a recent peer-reviewed paper from the spring of 2019 that the authors may not be aware of:
https://ledgerjournal.org/ojs/index.php/ledgearticle/view/145/153
The authors also discuss the controversial option of ceasing the reward halvings in the future in order to maintain sufficient miner revenue for security. I agree this is a discussion we need to have. The point driven home by the authors is that, whether through transaction fees or inflation, security must be paid for somehow. And it's not yet clear what methods provide the best value for the network as a whole.
I do find it odd -- and a testament to how religious the cryptocurrency space is -- that the authors were brave enough to discuss increasing bitcoin's inflation head on, yet only skirted around the taboo topic of increasing the block size limit. It is very easy to see that by scaling bitcoin on-chain, for example to 50,000 tx/sec each paying $0.02 in transaction fees, would result in $1000 per second of miner revenue even without any subsidy -- 5 times more than the ~$200 per second the miners earn today. If bitcoin (BTC) discourse is actually at the point where an increase in the inflation schedule is on the table while an increase in the block size limit remains off the table, then BTC is doomed. Ironically, the authors discuss that one way to erode confidence in the system is by limiting transaction throughput:
"one way to achieve this [erode user trust in the system] would be to establish a mining monopoly and stop processing any transaction at all"
which, depending on the lens through which one is looking, is nearly the situation BTC finds itself in today.
Overall I think this was a really well written paper that both bitcoin newbies and veterans will enjoy.
submitted by Peter__R to btc [link] [comments]

Subreddit Stats: CryptoTechnology top posts from 2017-12-23 to 2020-01-20 15:51 PDT

Period: 758.36 days
Submissions Comments
Total 956 13660
Rate (per day) 1.26 18.01
Unique Redditors 584 3144
Combined Score 21553 44566

Top Submitters' Top Submissions

  1. 1166 points, 43 submissions: Neophyte-
    1. "Do you need a Blockchain?" - this paper is fantastic, everyone should read this before evaluating a coin and if requires a block chain to solve a solution the coin is promising to solve. (136 points, 41 comments)
    2. Do any of you foresee a crypto being widely adopted as a general purpose payment coin? nano, btc, btccash etc (take your pick). I think it won't happen for reasons in this post. What do you think? (59 points, 54 comments)
    3. Noticed the huge rise of EOS lately what does it have over NEO and ethereum and to a lesser extent Cardano? I tried researching it, but wasn't sold. (54 points, 55 comments)
    4. Hard Problems in Cryptocurrency: Five Years Later ~Vitalik (46 points, 1 comment)
    5. I had a Q&A with Bruno head architect / CEO of oyster, thought you guys might like it. (45 points, 2 comments)
    6. A good article that explains in simple terms how Eth2 works, how it will be rolled out and migrated from eth1 (42 points, 4 comments)
    7. DAI the stablecoin can now be transferred GAS free (article explaining how it works via new MCD DAI contract). This holds alot of promise for the so called "Web3" (40 points, 8 comments)
    8. Veriblock is consuming 27% of bitcoins block space - what does this mean for bitcoins future? (39 points, 16 comments)
    9. Vitalik: Alternative proposal for early eth1 <-> eth2 merge (38 points, 3 comments)
    10. Is launching a PoW permissionless blockchain still possible today? or would it be too susceptible to a 51% attack? (37 points, 37 comments)
  2. 578 points, 16 submissions: crypto_ha
    1. Why is Ripple considered a cryptocurrency (by many)? (109 points, 63 comments)
    2. So reportedly there are serious vulnerabilities found in EOS’ code. And it seems like those are more than just random software bugs. (97 points, 29 comments)
    3. Guide: How to get started with Blockchain development? (60 points, 6 comments)
    4. A newly found vulnerability in Nano's Android wallet (44 points, 12 comments)
    5. The history and state of Ethereum's Casper research - Vitalik Buterin (39 points, 4 comments)
    6. What is the difference between Sidechain vs Child Chain vs Off Chain? (39 points, 12 comments)
    7. EOS mainnet is official live (finally), but... (36 points, 24 comments)
    8. Bitcoin's "doomsday" economics - Bank of International Settlements (34 points, 23 comments)
    9. How Wall Street’s embrace could undermine Bitcoin (30 points, 9 comments)
    10. Ethereum ERC 1497: DApp Dispute Evidence Standard (24 points, 0 comments)
  3. 513 points, 20 submissions: ndha1995
    1. Ethereum Classic is currently being 51% attacked (103 points, 31 comments)
    2. Why are there so many garbage posts the past 24 hours? (58 points, 10 comments)
    3. Google Unveils 72-Qubit Quantum Processor With Low Error Rates (48 points, 24 comments)
    4. IOTA's Network-Bound PoW consensus, is it feasible? (42 points, 13 comments)
    5. The Challenges of Investigating Cryptocurrencies and Blockchain Related Crime (29 points, 7 comments)
    6. Deep dive into zk-STARKs with Vitalik Buterin's blog posts (26 points, 3 comments)
    7. Tether discussion thread (26 points, 21 comments)
    8. Vitalik Buterin Proposes a Consensus Algorithm That Requires Only 1% to Be Honest (24 points, 8 comments)
    9. Can somebody compare Qtum vs. NEO, technology-wise? (E.g. PoS vs. PoW; smart contract protocols...) (21 points, 15 comments)
    10. Introduction to Non Fungible Tokens (NFTs) (21 points, 9 comments)
  4. 377 points, 16 submissions: turtleflax
    1. Around 13% of DASH's privateSends are traceable to their origin (69 points, 3 comments)
    2. "Big Bang" attack could leverage Monero's dynamic blocksize to bloat the blockchain to 30TB in only 36 hours (52 points, 3 comments)
    3. The case for the obsolescence of Proof of Work and why 2018 will be the year of Proof of Stake (41 points, 29 comments)
    4. Monero vs PIVX: The First Scheduled Privacy Coin Debate Thread on /CryptoCurrency (38 points, 12 comments)
    5. Introducing the Privacy Coin Matrix, a cross-team collaboration comparing 20 privacy coins in 100 categories (26 points, 25 comments)
    6. Do permissioned blockchains have any merits? (25 points, 23 comments)
    7. The State of Hashing Algorithms — The Why, The How, and The Future (21 points, 4 comments)
    8. How Zerocoin Works in 5 Minutes (19 points, 5 comments)
    9. Errors made by Satoshi (17 points, 8 comments)
    10. How Much Privacy is Enough? Threats, Scaling, and Trade-offs in Blockchain Privacy Protocols - Ian Miers (Cornell Tech, Zerocoin, Zerocash) (17 points, 4 comments)
  5. 321 points, 6 submissions: Qwahzi
    1. Technical comparison of LIGHTNING vs TANGLE vs HASHGRAPH vs NANO (133 points, 37 comments)
    2. Addressing Nano's weaknesses (bandwidth usage and disk IO). Nano voting traffic to be reduced by 99.9% by implementing vote by hash, lazy bootstrapping, and reduced vote rebroadcasting (x-post CryptoCurrency) (78 points, 8 comments)
    3. Emergent centralization due to economies of scale (PoW vs DPoS) – Colin LeMahieu (52 points, 37 comments)
    4. Nano community member developing a distributed "mining" service to pay people to do PoW for third-parties (e.g. exchanges, light wallet services, etc) (32 points, 20 comments)
    5. What do you think about OpenCAP, the cryptocurrency alias protocol that mirrors traditional email addresses? (15 points, 12 comments)
    6. Bitcoin would be a calamity, not an economy (11 points, 52 comments)
  6. 256 points, 4 submissions: rockyrainy
    1. Bitcoin Gold hit by Double Spend Attack (51% attack). The Attacker reversed 22 blocks. (179 points, 102 comments)
    2. ZK-starks white paper published (44 points, 16 comments)
    3. [Q] How does a network reach consensus on what time it is? (21 points, 17 comments)
    4. Stateless (no history) Cryptocurrency via snapshots? (12 points, 7 comments)
  7. 244 points, 3 submissions: HSPremier
    1. From a technical standpoint: Why does every blockchain projects need their own coins? (181 points, 50 comments)
    2. What is Reddit's obsession with REQ? (61 points, 43 comments)
    3. What is the technological difference between a privacy coin and a privacy coin platform? Won't a privacy coin platform be more superior than a privacy coin? (2 points, 3 comments)
  8. 234 points, 2 submissions: Realness100
    1. A Guided Reading of Bitcoin’s Original White Paper (202 points, 10 comments)
    2. A Guided Reading of Ethereum's Original White Paper! (32 points, 5 comments)
  9. 185 points, 4 submissions: tracyspacygo
    1. My brief observation of most common Consensus Algorithms (159 points, 49 comments)
    2. What are the main Trends/Challenges for Bitcoin and whole crytpocurrencies industry? (12 points, 33 comments)
    3. Guideline for Newbies: Trying out Bitcoin transactions with TESTNET (7 points, 1 comment)
    4. Most advanced Cryptocurrencies Comparison Table (7 points, 8 comments)
  10. 177 points, 9 submissions: benmdi
    1. What's the best argument against cryptotechnology? I.e. Steelman the cryptocurrency skeptic (43 points, 42 comments)
    2. Would there be interest from this community in crypto resources aimed at developers? If so, what topics? (29 points, 14 comments)
    3. Has the window for bootstrapping a new PoW coin closed? (24 points, 57 comments)
    4. What can we, as a community, learn from the rise & acquisition of GitHub (23 points, 8 comments)
    5. 🍱 Rollup Roundup: Understanding Ethereum's Emerging Layer 2 (19 points, 1 comment)
    6. Video Tutorial: Introducing An Experience Dev To Smart Contract Coding (17 points, 3 comments)
    7. Do we need a blockchain to be decentralized? What questions would you ask a self described fan of decentralization, but blockchain skeptic? (11 points, 19 comments)
    8. ETH Block Rewards And Second Order Effects On Hardware Availability (7 points, 8 comments)
    9. Which Of The Big Tech Companies Is Most Likely To Bring Crypto Mainstream? Here's Why I Think It's Apple (4 points, 7 comments)
  11. 175 points, 9 submissions: galan77
    1. Is the Lightning Network a massive threat to the blockchain? (49 points, 66 comments)
    2. TPS of Lightning Network vs. Sharding, which one does better? (28 points, 7 comments)
    3. Are there any major downsides to sharding? (21 points, 33 comments)
    4. What's the difference between trustlessness and permissionlessness (19 points, 7 comments)
    5. Which consensus algorithm is the best, PoW, PoS, PoAuthority, PoAsset? (18 points, 57 comments)
    6. How can XRP reach 50,000 TPS when they have no sharding and every node has to validate every single transaction. (15 points, 14 comments)
    7. A few questions about the Lightning Network (14 points, 6 comments)
    8. Pascalcoin can do 72,000 tps apparently. Is this legit? The new Nano? (8 points, 39 comments)
    9. How does Ripple's (XRB's) consensus algorithm Proof of Correctness work, are there any downsides? (3 points, 23 comments)
  12. 175 points, 1 submission: ilielezi
    1. Why white papers in crypto world are so unprofessional? (175 points, 88 comments)
  13. 165 points, 6 submissions: CryptoMaximalist
    1. Facebook's Libra (48 points, 55 comments)
    2. “Fake Stake” attacks on some Proof-of-Stake cryptocurrencies responsibly disclosed by researchers from the Decentralized Systems Lab at UIUC (31 points, 9 comments)
    3. Quantum Computing and the Cryptography in Crypto (27 points, 14 comments)
    4. PING and REJECT attacks on ZCash (Patch available) | Stanford Applied Crypto Group (22 points, 1 comment)
    5. Introduction to Cryptography: Part 1 - Jinglan Wang (19 points, 1 comment)
    6. New site howmanyconfs.com shows the amount of time and confirmations of Proof of Work coins to match 6 confirmations on Bitcoin (18 points, 11 comments)
  14. 163 points, 10 submissions: GainsLean
    1. Videos For Developers Who Want To Learn Blockchain In A Practical Way (36 points, 17 comments)
    2. What Do You Want To Learn? (32 points, 20 comments)
    3. Get Involved With The Smart Contract Coding Challenge (25 points, 4 comments)
    4. Solution To $10K Art Prize (25 points, 3 comments)
    5. Blockchain Course Outline Has Been Released - Feedback warranted (22 points, 12 comments)
    6. Introduction To Distributed Systems And Consensus Protocols (9 points, 2 comments)
    7. Are there any closed source crypto wallets? (4 points, 19 comments)
    8. Are there any successful proof of identity projects? (4 points, 8 comments)
    9. SPV Wallets Vs API Wallets (4 points, 1 comment)
    10. 12 Popular Consensus Algorithms - Explained (2 points, 0 comments)
  15. 163 points, 7 submissions: QRCollector
    1. Part 5. I'm writing a series about blockchain tech and possible future security risks. This is the fifth part of the series talking about an advanced vulnerability of BTC. (43 points, 43 comments)
    2. I'm writing a series about blockchain tech and possible future security risks. This is the third part of the series introducing Quantum resistant blockchains. (36 points, 4 comments)
    3. Part 4B. I’m writing a series about blockchain tech and possible future security risks. This is the fourth part of the series explaining the special quality of going quantum resistant from genesis block. (25 points, 21 comments)
    4. Part 6. (Last part) I'm writing a series about blockchain tech and possible future security risks. Failing shortcuts in an attempt to accomplish Quantum Resistance (24 points, 38 comments)
    5. I'm writing a series about blockchain tech and possible future security risks. This is the first part of the series introducing the basic concept of blockchain and what makes it reliable. (23 points, 10 comments)
    6. I'm writing a series about blockchain tech and possible future security risks. This is the fourth part of the series explaining the special quality of going quantum resistant from genesis block. (7 points, 1 comment)
    7. Part 2. I'm writing a series about blockchain tech and possible future security risks. This is the second part of the series: An accessible description of hashing and signature schemes. (5 points, 0 comments)
  16. 162 points, 3 submissions: FashionistaGuru
    1. How do we change the culture around cryptocurrency? (118 points, 54 comments)
    2. Which cryptos have the best new user experience? (30 points, 34 comments)
    3. Why does Apple prevent many crypto apps from entering the App Store? (14 points, 8 comments)
  17. 157 points, 7 submissions: SamsungGalaxyPlayer
    1. Breaking Monero Episodes 1-3: Introduction, Ring Signatures, 0-Decoy and Chain Reactions (45 points, 1 comment)
    2. "No, dPoW Isn't a Perfect Solution" (35 points, 48 comments)
    3. Breaking Mimblewimble’s Privacy Model - Dragonfly Research (27 points, 10 comments)
    4. Breaking Monero (and Zcash) Episodes 7-9: Remote Nodes, Timing Attacks, Poisoned Outputs (EAE Attack) (21 points, 2 comments)
    5. "Attacker Collection of IP Metadata" (18 points, 10 comments)
    6. "Tracing Transactions Across Cryptocurrency Ledgers" Using Shapeshift and Changelly (6 points, 4 comments)
    7. Breaking Monero Episodes 4-6: Chain Splits (Key Image Attack), Input Selection Algorithm, Unusual Ringsize (5 points, 2 comments)
  18. 147 points, 1 submission: shunsaitakahashi
    1. Proof-of-Approval: Stake Based, 1 Block Finality & History Attack Defense (147 points, 4 comments)
  19. 146 points, 6 submissions: themoderndayhercules
    1. "The selfish mining fallacy" explained and debunked (60 points, 8 comments)
    2. A Discussion of Stable coins and Decentralized Oracles (35 points, 8 comments)
    3. A Selfish Mining Double Spending attack Simulator (25 points, 2 comments)
    4. Why reputation systems don't work (15 points, 12 comments)
    5. A better incentivization for Swarm (6 points, 0 comments)
    6. When Mises met Szabo - A Discussion of the value of Bitcoin (5 points, 16 comments)
  20. 143 points, 7 submissions: KomodoWorld
    1. Komodo Platform's core developer and founder jl777 has started his own blog on Medium. The blog is aimed for senior developers who want to learn about blockchain. (46 points, 15 comments)
    2. Delayed Proof of Work (dPoW) security explained (36 points, 46 comments)
    3. Proof-of-Gameplay (19 points, 3 comments)
    4. Good guide for getting started with the Custom Consensus tech for Komodo-based blockchains (17 points, 0 comments)
    5. Cross-chain migration of coins with Crypto Conditions - by smk762 (12 points, 0 comments)
    6. A step-by-step example of working with a Crypto Conditions based Oracle - by smk762 (10 points, 0 comments)
    7. Changing consensus rules on the fly with Crypto Conditions (3 points, 0 comments)
  21. 141 points, 8 submissions: Stormy1997
    1. What technical/business advantages does a private blockchain have over a SQL server? (49 points, 79 comments)
    2. Is sharding to scale bad? (24 points, 28 comments)
    3. How would one create a fiat gateway theoretically? (19 points, 19 comments)
    4. Looking for Stellar smart contract/side chain code examples (16 points, 1 comment)
    5. Question - Securing personal information on a centralized server with user-owned keys (13 points, 3 comments)
    6. How do blockchains/smart contracts communicate with oracles? (10 points, 4 comments)
    7. Bandwidth scaling for TPS (8 points, 2 comments)
    8. Best method to transmit detailed data between two parties via existing platforms (2 points, 1 comment)
  22. 141 points, 3 submissions: seventyfiver
    1. Why does Ethereum use Solidity while other ecosystems like NEO stick with popular ones like Java and C#? (94 points, 26 comments)
    2. Chainlink's initial Go implementation went live this morning. Has anyone reviewed the code and can comment on it's quality? (40 points, 3 comments)
    3. What are some great books on cryptoeconomics or blockchain technology? (7 points, 4 comments)
  23. 134 points, 6 submissions: johnny_milkshakes
    1. Sub dedicated to DAG based coins (42 points, 8 comments)
    2. Thoughts on this? (28 points, 38 comments)
    3. This is very interesting (24 points, 19 comments)
    4. Educational presentation by Clara Shikhelman (18 points, 0 comments)
    5. Ethics question. (12 points, 40 comments)
    6. How to scale on chain? (10 points, 30 comments)
  24. 127 points, 4 submissions: sukitrebek
    1. What are you currently obsessed with, and why? (58 points, 150 comments)
    2. Crypto-based social network without a cryptocurrency. (42 points, 23 comments)
    3. How does underlying architecture affect what kinds of applications are possible? (17 points, 3 comments)
    4. Holochain vs. Radix DLT (10 points, 11 comments)
  25. 126 points, 1 submission: RufusTheFirefly
    1. Everytime I try to investigate the technology behind Cardano(Ada), I come across the words "scientific" and "peer-reviewed" over and over but almost no actual details. Can someone fill how this coin actually works and where they are in development? (126 points, 49 comments)
  26. 112 points, 1 submission: rocksolid77
    1. Can we have a real debate about the Bitcoin scaling issue? (112 points, 89 comments)
  27. 110 points, 4 submissions: kelluk
    1. What one can learn from browsing 30 million Ethereum addresses (72 points, 21 comments)
    2. I wanted to categorize all coins/tokens, and this is my proposal (23 points, 33 comments)
    3. Should whitepapers be understood by ordinary people? (10 points, 41 comments)
    4. Querying the Ethereum blockchain: how to & what to? (5 points, 5 comments)
  28. 107 points, 1 submission: NewDietTrend
    1. Outside of currency and voting, blockchain is awful and shouldnt be used. Can anyone explain where blockchain is worth the cost? (107 points, 166 comments)
  29. 105 points, 1 submission: insette
    1. /CryptoTech PSA: there are broadly TWO TYPES of Decentralized Exchanges. Which type are you investing in? (105 points, 55 comments)
  30. 103 points, 3 submissions: dtheme
    1. How to accept crypto payments for digital downloads if you are a small business? Solutions, e-commerce sites are lacking (46 points, 38 comments)
    2. How many 24 letter seeds and "Bitcoin" keys can there be? (34 points, 24 comments)
    3. Is there any reason why the big tech companies are not getting into crypto? (23 points, 36 comments)
  31. 103 points, 3 submissions: dvnielng
    1. Why do so many of these businesses need a token? (Unsure) (61 points, 86 comments)
    2. DAPPS - Only coins that have intrinsic value? Ethereum , Neo? (31 points, 10 comments)
    3. How could blockchain work for expensive purchases/escrow? (11 points, 2 comments)
  32. 101 points, 1 submission: kickso
    1. Is NANO everything it says it is? (101 points, 96 comments)
  33. 98 points, 3 submissions: heart_mind_body
    1. How can we breathe some life into this sub? (56 points, 22 comments)
    2. Can anyone give an example for a technology that provides a "public permissioned blockchain"? (28 points, 16 comments)
    3. Can we do a discussion on ICON and "clusters of private chains connected to a public chain" ? (14 points, 13 comments)
  34. 97 points, 8 submissions: kelraku
    1. Thoughts on Mimblewimble? (23 points, 13 comments)
    2. Has anyone looked at the lelantus protocol? (18 points, 6 comments)
    3. How much control do developers have over the coins (18 points, 6 comments)
    4. Lesser known protocols? (11 points, 17 comments)
    5. Zerocoin and Blockchain Analysis (9 points, 5 comments)
    6. Zerocoin vs Cryptonote (7 points, 14 comments)
    7. Lightning network privacy (6 points, 13 comments)
    8. Integrity of the DAG (5 points, 17 comments)
  35. 96 points, 6 submissions: blockstasy
    1. How to Get to One Million Devs (32 points, 12 comments)
    2. The Decade in Blockchain — 2010 to 2020 in Review (27 points, 4 comments)
    3. Ethereum by the Numbers – The Year of 2019 (26 points, 9 comments)
    4. Knowledge Drop: Mining and the role it plays with the Ethereum blockchain (5 points, 0 comments)
    5. A great article that explains Ethereum’s Muir Glacier Update (4 points, 0 comments)
    6. Youtube Silences Crypto Community (2 points, 6 comments)
  36. 93 points, 3 submissions: OneOverNever
    1. Which is the last WHITE PAPER you've read that's truly impacted you? (77 points, 81 comments)
    2. [CMV] Bitcoin's intrinsic technological value. (14 points, 29 comments)
    3. What are some weak points that still hold XVG back from becoming a top player in crypto? (Technically speaking, not marketing and etc.) (2 points, 19 comments)
  37. 93 points, 3 submissions: ryano-ark
    1. (ARK) ACES Completes Integration of ARK Channels for Two-way Transfers for Easy ICOs When Paired With ARK Deployer (Push-Button-Blockchains) (57 points, 5 comments)
    2. (ARK) ACES Releases Fast (Ansible) Deployments for all ACES Applications. (23 points, 4 comments)
    3. A Future of Cryptocurrencies and Blockchains (13 points, 3 comments)
  38. 92 points, 2 submissions: BobUltra
    1. Our blockchains are all centralized! (51 points, 34 comments)
    2. List of qualities needed to dethrone Bitcoin. (41 points, 43 comments)
  39. 90 points, 1 submission: refreshx2
    1. CMV: It doesn't make sense for (crypto)companies to create coins linked to their tech (90 points, 18 comments)
  40. 89 points, 1 submission: perceptron01
    1. What does Nano do better than Steem? (89 points, 55 comments)
  41. 87 points, 1 submission: Shuk
    1. How does one begin to develop an employable skill in blockchain development? (87 points, 25 comments)
  42. 87 points, 1 submission: conorohiggins
    1. I spent three weeks researching and writing a huge guide to stablecoins. Enjoy! (87 points, 36 comments)
  43. 86 points, 1 submission: Bacon_Hero
    1. ELI5: Why did it take so long for blockchain technology to be created? (86 points, 66 comments)
  44. 85 points, 3 submissions: theFoot58
    1. If crypto now is like 'the Internet' of the past, where are we? (65 points, 53 comments)
    2. If the Internet had its Genesis Block, what would it be? (14 points, 9 comments)
    3. Coin grouping - ruby and CryptoCompare API (6 points, 1 comment)
  45. 85 points, 1 submission: youngm2
    1. Which decentralised exchange has the most promise for 2018? (85 points, 89 comments)
  46. 84 points, 4 submissions: bLbGoldeN
    1. On Mass Adoption of Cryptocurrencies (28 points, 68 comments)
    2. Join the Bloom team for our first tech AMA tomorrow (Tuesday, March 13th) at 7 PM GMT! (23 points, 2 comments)
    3. Join the Decred team for an AMA - Friday, June 1st from 19:00 to 22:00 UTC (17 points, 10 comments)
    4. Join the district0x team for an AMA Monday, April 2nd at 5:00 PM (GMT) (16 points, 0 comments)
  47. 82 points, 2 submissions: SubsequentDownfall
    1. Has a 51% attack ever been witnessed? (45 points, 46 comments)
    2. Is a DAG coin like RaiBlocks able to be private like Monero? (37 points, 40 comments)
  48. 82 points, 2 submissions: guidre
    1. Tron and other source Code (42 points, 24 comments)
    2. Why Will companies adopt blockchain, the user interface is complex and i'm not sure that many companies want all their internal dealings made public. (40 points, 19 comments)
  49. 81 points, 4 submissions: solar128
    1. New Atomic Swap Tools Released (35 points, 4 comments)
    2. Using Blockchain to make a censorship-resistant Reddit (28 points, 14 comments)
    3. Best security practices for addressing Spectre & Meltdown (13 points, 0 comments)
    4. Influence of on-chain governance weighted by wealth - good or bad? (5 points, 2 comments)
  50. 81 points, 2 submissions: Blockchainsapiens
    1. Blockchain study finds 0.00% success rate and vendors don't call back when asked for evidence (47 points, 30 comments)
    2. The elephant in the room: would the public ever use a volatile currency over a stable currency? (34 points, 45 comments)
  51. 81 points, 1 submission: Mycryptopedia
    1. Understanding the Tech Behind RaiBlocks (81 points, 7 comments)
  52. 81 points, 1 submission: davidvanbeveren
    1. Article thoroughly analysing / comparing IOTA and RaiBlocks (x-post /CryptoCurrency) (81 points, 10 comments)
  53. 77 points, 4 submissions: DeleteMyOldAccount
    1. HD Wallets Explained: What they are, and how to make them coin agnostic (28 points, 11 comments)
    2. Bitcoin Cash May 15th fork (23 points, 22 comments)
    3. So you want to build a Bitcoin HD wallet? Part 1 (23 points, 3 comments)
    4. Applications of Blockchain in Supply Chain (3 points, 9 comments)
  54. 76 points, 3 submissions: kryptofinger
    1. Why would anyone bother using any DPOS coins for dapps like Eos over normal systems like AWS? (44 points, 104 comments)
    2. Could a state backed privacy coin work? (22 points, 32 comments)
    3. Thoughts on Elastos? (10 points, 8 comments)
  55. 76 points, 1 submission: francohab
    1. 55% of the Nano representative nodes are "official representatives", presumably held by developers. How big of an issue is that? (76 points, 46 comments)
  56. 75 points, 2 submissions: MerkleChainsaw
    1. The biggest challenge for cryptocurrencies and how to mitigate it (73 points, 37 comments)
    2. Short and long term design tradeoffs in crypto (2 points, 2 comments)
  57. 75 points, 1 submission: jatsignwork
    1. Raiblocks & Spam (75 points, 60 comments)
  58. 74 points, 1 submission: behindtext
    1. Hello, this is Jake Yocom-Piatt. Ask me anything about Decred! (74 points, 49 comments)
  59. 73 points, 2 submissions: TexasRadical83
    1. Why use a new "currency" at all? (40 points, 48 comments)
    2. Why are big price increases for crypto a good thing? (33 points, 41 comments)

Top Commenters

  1. Neophyte- (1649 points, 746 comments)
  2. ndha1995 (583 points, 98 comments)
  3. turtleflax (406 points, 116 comments)
  4. senzheng (326 points, 193 comments)
  5. holomntn (294 points, 40 comments)
  6. manly_ (286 points, 43 comments)
  7. signos_de_admiracion (250 points, 18 comments)
  8. fgiveme (231 points, 77 comments)
  9. crypto_kang (222 points, 45 comments)
  10. jatsignwork (220 points, 37 comments)
  11. GainsLean (218 points, 76 comments)
  12. benthecarman (211 points, 48 comments)
  13. rockyrainy (200 points, 39 comments)
  14. hungryforitalianfood (197 points, 58 comments)
  15. rocksolid77 (190 points, 20 comments)
  16. bannercoin (189 points, 11 comments)
  17. insette (181 points, 47 comments)
  18. DiogenicOrder (175 points, 41 comments)
  19. islanavarino (173 points, 51 comments)
  20. behindtext (172 points, 14 comments)
  21. takitus (171 points, 25 comments)
  22. sukitrebek (170 points, 42 comments)
  23. UnknownEssence (170 points, 31 comments)
  24. crypto_ha (170 points, 26 comments)
  25. AlexCoventry (167 points, 17 comments)
  26. DragonWhsiperer (165 points, 38 comments)
  27. stop-making-accounts (164 points, 57 comments)
  28. KnifeOfPi2 (157 points, 13 comments)
  29. Edgegasm (156 points, 42 comments)
  30. ippond (152 points, 15 comments)
  31. dontlikecomputers (151 points, 61 comments)
  32. QRCollector (150 points, 46 comments)
  33. alexrecuenco (145 points, 18 comments)
  34. BobUltra (144 points, 88 comments)
  35. SpamCamel (135 points, 22 comments)
  36. InterdisciplinaryHum (133 points, 107 comments)
  37. theglitteringone (132 points, 10 comments)
  38. ChocolateSunrise (128 points, 23 comments)
  39. PM_ME_UR_QUINES (125 points, 4 comments)
  40. narwhale111 (122 points, 15 comments)
  41. pepe_le_shoe (121 points, 47 comments)
  42. Darius510 (119 points, 39 comments)
  43. glen-hodl (118 points, 21 comments)
  44. HOG_ZADDY (117 points, 23 comments)
  45. coranos2 (116 points, 44 comments)
  46. etherenvoy (116 points, 15 comments)
  47. johnny_milkshakes (115 points, 55 comments)
  48. galan77 (115 points, 52 comments)
  49. hybridsole (113 points, 40 comments)
  50. funciton (113 points, 8 comments)
  51. Mr0ldy (110 points, 24 comments)
  52. Corm (109 points, 42 comments)
  53. cryptoscopia (109 points, 7 comments)
  54. ReportFromHell (106 points, 39 comments)
  55. broscientologist (105 points, 26 comments)
  56. straytjacquet (104 points, 28 comments)
  57. Quadling (101 points, 24 comments)
  58. BlockEnthusiast (101 points, 17 comments)
  59. thats_not_montana (99 points, 37 comments)
  60. TheRealMotherOfOP (98 points, 27 comments)
  61. yarauuta (96 points, 11 comments)
  62. pegasuspect93 (96 points, 1 comment)
  63. andrew_bao (93 points, 40 comments)
  64. samdotla (93 points, 6 comments)
  65. melodious_punk (91 points, 34 comments)
  66. Mquantum (91 points, 31 comments)
  67. TJ_Hooker15 (91 points, 27 comments)
  68. NoFaptain99 (91 points, 3 comments)
  69. ilielezi (87 points, 10 comments)
  70. Raapop (87 points, 2 comments)
  71. Allways_Wrong (86 points, 36 comments)
  72. bLbGoldeN (86 points, 19 comments)
  73. ResIpsaLoquiturrr (86 points, 15 comments)
  74. kabelman93 (85 points, 29 comments)
  75. no_pants_gamer (84 points, 9 comments)
  76. AnkurTechracers (83 points, 16 comments)
  77. ric2b (83 points, 11 comments)
  78. Big_Goose (83 points, 10 comments)
  79. Lifeistooshor1 (82 points, 21 comments)
  80. vornth (82 points, 11 comments)
  81. Sargos (81 points, 25 comments)
  82. refreshx2 (81 points, 16 comments)
  83. Qwahzi (78 points, 27 comments)
  84. StupidRandomGuy (77 points, 35 comments)
  85. WikiTextBot (77 points, 24 comments)
  86. SnootyEuropean (77 points, 5 comments)
  87. cryptogainz (76 points, 14 comments)
  88. frequentlywrong (76 points, 4 comments)
  89. the_defiant (76 points, 4 comments)
  90. BrangdonJ (75 points, 28 comments)
  91. hendrik_v (75 points, 7 comments)
  92. solar128 (74 points, 18 comments)
  93. foobazzler (74 points, 8 comments)
  94. ginger_beer_m (73 points, 35 comments)
  95. kAhmij (73 points, 25 comments)
  96. DeleteMyOldAccount (73 points, 20 comments)
  97. sn0wr4in (73 points, 9 comments)
  98. Dyslectic_Sabreur (72 points, 5 comments)
  99. X7spyWqcRY (71 points, 8 comments)
  100. Krapser (70 points, 5 comments)

Top Submissions

  1. A Guided Reading of Bitcoin’s Original White Paper by Realness100 (202 points, 10 comments)
  2. From a technical standpoint: Why does every blockchain projects need their own coins? by HSPremier (181 points, 50 comments)
  3. Bitcoin Gold hit by Double Spend Attack (51% attack). The Attacker reversed 22 blocks. by rockyrainy (179 points, 102 comments)
  4. Why white papers in crypto world are so unprofessional? by ilielezi (175 points, 88 comments)
  5. My brief observation of most common Consensus Algorithms by tracyspacygo (159 points, 49 comments)
  6. Proof-of-Approval: Stake Based, 1 Block Finality & History Attack Defense by shunsaitakahashi (147 points, 4 comments)
  7. "Do you need a Blockchain?" - this paper is fantastic, everyone should read this before evaluating a coin and if requires a block chain to solve a solution the coin is promising to solve. by Neophyte- (136 points, 41 comments)
  8. Technical comparison of LIGHTNING vs TANGLE vs HASHGRAPH vs NANO by Qwahzi (133 points, 37 comments)
  9. Everytime I try to investigate the technology behind Cardano(Ada), I come across the words "scientific" and "peer-reviewed" over and over but almost no actual details. Can someone fill how this coin actually works and where they are in development? by RufusTheFirefly (126 points, 49 comments)
  10. How do we change the culture around cryptocurrency? by FashionistaGuru (118 points, 54 comments)

Top Comments

  1. 160 points: holomntn's comment in ELI5: Why did it take so long for blockchain technology to be created?
  2. 121 points: KnifeOfPi2's comment in How do we change the culture around cryptocurrency?
  3. 105 points: theglitteringone's comment in Outside of currency and voting, blockchain is awful and shouldnt be used. Can anyone explain where blockchain is worth the cost?
  4. 102 points: benthecarman's comment in If crypto now is like 'the Internet' of the past, where are we?
  5. 96 points: pegasuspect93's comment in If crypto now is like 'the Internet' of the past, where are we?
  6. 95 points: bannercoin's comment in Realistically, why would anybody expect the startup crypto platforms to beat out the corporate giants who are developing their own Blockchain as a Service (BaaS) solutions? Ex. IBM, SAP, JP Morgan...
  7. 83 points: AlexCoventry's comment in Ethereum private key with all zeroes leads to an account with 5000$ on it
  8. 82 points: deleted's comment in Is blockchain really useful ?
  9. 81 points: signos_de_admiracion's comment in Why white papers in crypto world are so unprofessional?
  10. 78 points: NoFaptain99's comment in Why do so many of these businesses need a token? (Unsure)
Generated with BBoe's Subreddit Stats
submitted by subreddit_stats to subreddit_stats [link] [comments]

Era Swap Network White Paper

Era Swap Network White Paper

Era Swap Network

White Paper



DISCLAIMER
This Whitepaper is for Era Swap Network. Its purpose is solely to provide prospective community members with information about the Era Swap Ecosystem & Era Swap Network project. This paper is for information purposes only and does not constitute and is not intended to be an offer of securities or any other financial or investment instrument in any jurisdiction.
The Developers disclaim any and all responsibility and liability to any person for any loss or damage whatsoever arising directly or indirectly from (1) reliance on any information contained in this paper, (2) any error, omission or inaccuracy in any such information, or (3) any action resulting therefrom
Digital Assets are extremely high-risk, speculative products. You should be aware of the risks involved and fully consider before participating in Digital assets whether it’s appropriate for you. You should only participate if you are an experienced investor with sophisticated knowledge of financial markets and you fully understand the risks associated with digital assets. We strongly advise you to take independent professional advice before making any investment or participating in any way. You should check what rules and protections apply to your respective jurisdictions before investing or participating in any way. The Creators & community will not compensate you for any losses from trading, investment or participating in any way. You should read whitepaper carefully before participating and consider whether these products are right for you.

TABLE OF CONTENT

· Abstract
· Introduction to Era Swap Network
· Development Overview
· Era Swap Utility Platform
· Alpha-release Development Plan
· Era Swap Network Version 1: Specification
· Bunch Structure: 10
· Converting ES-ERC20 to ES-Na:
· Conclusion:
· Era Swap Ecosystem
· Social Links

Abstract

The early smart contracts of Era Swap Ecosystem like TimeAlly, Newly Released Tokens, Assurance, BetDeEx of Era Swap Ecosystem, are deployed on Ethereum mainnet. These smart contracts are finance-oriented (DeFi), i.e. most of the transactions are about spending or earning of Era Swap tokens which made paying the gas fees in Ether somewhat intuitive to the user (withdrawal charges in bank, paying tax while purchasing burgers) but transactions that are not token oriented like adding a nominee or appointee voting also needs Ether to be charged. As more Era Swap Token Utility platform ideas kept appending to the Era Swap Main Whitepaper, more non-financial transaction situations arise like updating status, sending a message, resolving a dispute and so on. Paying extensively for such actions all day and waiting for the transaction to be included in a block and then waiting for enough block confirmations due to potential chain re-organizations is counter-intuitive to existing free solutions like Facebook, Gmail. This is the main barrier that is stopping Web 3.0 from coming to the mainstream.
As alternatives to Ethereum, there are few other smart contract development platforms that propose their own separate blockchain that features for higher transaction throughput, but they compromise on decentralization for improving transaction speeds. Moreover, the ecosystem tools are most advancing in Ethereum than any other platform due to the massive developer community.
With Era Swap Network, the team aims to achieve scalability, speed and low-cost transactions for Era Swap Ecosystem (which is currently not feasible on Ethereum mainnet), without compromising much on trustless asset security for Era Swap Community users.

Introduction to Era Swap Network

Era Swap Network (ESN) aims to solve the above-mentioned problems faced by Era Swap Ecosystem users by building a side-blockchain on top of Ethereum blockchain using the Plasma Framework.
Era Swap Network leverages the Decentralisation and Security of Ethereum and the Scalability achieved in the side-chain, this solves the distributed blockchain trilema. In most of the other blockchains, blocks are a collection of transactions and all the transactions in one block are mined by a miner in one step. Era Swap Network will consist of Bunches of Blocks of Era Swap Ecosystem Transactions.

Decentralization

Layer 2


Scalable and Secure

A miner mines all the blocks in a bunch consequently and will commit the bunch-root to the ESN Plasma Smart Contract on Ethereum mainnet.

Development Overview
Initially, we will start with a simple Proof-of-Authority (PoA) based consensus of EVM to start the development and testing of Era Swap Ecosystem Smart Contracts as quickly as possible on the test-net. We will call this as an alpha-release of ESN test-net and only internal developers will work with this for developing smart contracts for Era Swap Ecosystem. User’s funds in a Plasma implementation with a simple consensus like PoA are still secured as already committed bunch-roots cannot be reversed.
Eventually, we want to arrive on a more control-decentralized consensus algorithm like Proof-of-Stake (PoS) probably, so that even if the chain operator shuts down their services, a single Era Swap Ecosystem user somewhere in the world can keep the ecosystem alive by running software on their system and similarly more people can join to decentralize the control further. In this PoS version, we will modify the Parity Ethereum client in such a way, that at least 50% of transaction fees collected will go to the Luck Pool of NRT Smart Contract on Ethereum mainnet and rest can be kept by miner of the blocks/bunch of blocks if they wish. After achieving such an implementation, we will release this as a beta version to the community for testing the software on their computers with Kovan ERC20 Era Swaps (Ethereum test-net).

Era Swap Decentralised Ecosystem
Following platforms are to be integrated:
  1. Era Swap Token Contract (adapted ERC20 on Ethereum) The original asset will lie on Ethereum to avoid loss due to any kind of failure in ESN.
  2. Plasma Manager Contract (on Ethereum) To store ESN bunch headers on Ethereum.
  3. Reverse Plasma Manager Contract (on ESN) Bridge to convert ES to ES native and ES native to ES. User deposits ES on Mainnet Plasma, gives proof on ESN and gets ES native credited to their account in a decentralised way.
  4. NRT Manager Contract (on Ethereum or on ESN) If it is possible to send ES from an ESN contract to luck pool of NRT Manager Contract on Ethereum, then it’s ok otherwise, NRT Manager will need to be deployed on ESN for ability to add ES to luck pool.
  5. Era Swap Wallet (React Native App for managing ESs and ES natives) Secure wallet to store multiple private keys in it, mainly for managing ES and ES native, sending ES or ES native, also for quick and easy BuzCafe payments.
  6. TimeAlly (on Ethereum or on ESN) On whichever chain NRT Manager is deployed, TimeAlly would be deployed on the same chain.
  7. Assurance (on Ethereum or on ESN) On whichever chain NRT Manager is deployed, TimeAlly would be deployed on the same chain.
  8. DaySwappers (on ESN) KYC manager for platform. For easily distributing rewards to tree referees.
  9. TimeSwappers (on ESN) Freelance market place with decentralised dispute management.
  10. SwappersWall (on ESN) Decentralised social networking with power tokens.
  11. BuzCafe (on ESN) Listing of shops and finding shops easily and quick payment.
  12. BetDeEx (on ESN) Decentralised Prediction proposals, prediction and results.
  13. DateSwappers (on ESN) Meeting ensured using cryptography.
  14. ComputeEx (on Ethereum / centralised way) Exchange assets.
  15. Era Swap Academy (on ESN / centralised way) Learn. Loop. Leap. How to implement ES Academy is not clear. One idea is if content is constantly being modified, then subscription expired people will only have the hash of old content while new content hash is only available to people who have done Dayswapper KYC and paid for the course. Dayswapper KYC is required because this way people won’t share their private keys to someone else.
  16. Value of Farmers (tbd) The exchange of farming commodities produced by farmers in VoF can be deposited to warehouses where the depositors will get ERC721 equivalent tokens for their commodities (based on unique tagging).
  17. DeGameStation (on ESN) Decentralised Gaming Station. Games in which players take turns can be written in Smart Contract. Games like Chess, Poker, 3 Patti can be developed. Users can come to DeGameStation and join an open game or start a new game and wait for other players to join.

Alpha-release Development Plan
  1. Deploying Parity Node customized according to Era Swap Whitepaper with PoA consensus.
  2. Setting up Plasma Smart Contracts.
  3. Creating a bridge for ERC20 Swap from Ethereum test-net to ESN alpha test-net.

Alpha Version
Era Swap Network Version 1 : Specification
The Version 1 release of ESN plans to fulfill the requirements for political decentralisation and transparency in dApps of Era Swap Ecosystem using Blockchain Technology. After acquiring sufficient number of users, a version 2 construction of ESN will be feasible to enable administrative decentralization, such that the Era Swap Ecosystem will be run and managed by the Era Swap Community and will no longer require the operator to support for it's functioning.
Era Swap Network (ESN) Version 1 will be a separate EVM-compatible sidechain attached to Ethereum blockchain as it’s parent chain. ESN will achieve security through Plasma Framework along with Proof-of-Authority consensus for faster finality. The idea behind plasma framework is to avoid high transaction fees and high transaction confirmation times on Ethereum mainnet by instead doing all the ecosystem transactions off-chain and only post a small information to an Ethereum Smart Contract which would represent hash of plenty of ecosystem transactions. Also, to feature movement of Era Swap Tokens from Ethereum blockchain to ESN using cryptographic proof, reverse plasma of Ethereum on ESN will be implemented.
Also, submitting hash of each ESN blocks to ESN Plasma Smart Contract on Ethereum would force ESN to have a block time equal to or more than Ethereum’s 15 second time as well as it would be very much costly for operator to post lot of hashes to an Ethereum Smart Contract. This is why, merkle root of hashes of bunch of blocks would instead be submitted to ESN Plasma Smart Contact on Ethereum.
Actors involved in the ESN:
  1. Block Producer Nodes Lesser the number of nodes, quicker is the block propagation between block producers which can help quick ecosystem transactions. We find that 7 block producers hosted on different could hosting companies and locations reduces the risk of single point of failure of Era Swap Ecosystem and facilitates 100% uptime of dApps. Block Producer Nodes will also be responsible to post the small information to the Blockchain.
  2. Block Listener Nodes Rest of the nodes will be Block Listeners which will sync new blocks produced by the block producer nodes. Plenty of public block listener nodes would be setup in various regions around the world for shorter ping time to the users of Era Swap Ecosystem. Users would submit their Era Swap Ecosystem transactions to one of these public nodes, which would relay them to rest of the Era Swap Network eventually to the block producer nodes which would finalize a new block including the user transaction.
  3. Bunch Committers This will be an instance in the block producers which will watch for new blocks confirmed on ESN and will calculate bunch merkle roots and will submit it to ESN Plasma Smart Contract. This instance will also post hash of new Ethereum blocks to ESN (after about 10 confirmations) for moving assets between both the blockchain.
  4. Users These will be integrating with dApps which would be connected to some public ESN nodes or they can install a block listner node themselves. They can sign and send transactions to the node which they are connected to and then that node will relay their transactions to block producer nodes who would finalise a block including their transaction.

Bunch Structure

A Bunch Structure in Smart Contract will consist of the following:
• Start Block Number: It is the number of first ESN block in the bunch.
• Bunch Depth: It is Merkle Tree depth of blocks in the bunch. For e.g. If bunch depth is 3, there would be 8 blocks in the bunch and if bunch depth is 10, there would be 1024 blocks in the bunch. Bunch depth of Bunches on ESN Plasma Contract is designed to be variable. During the initial phases of ESN, it would be high, for e.g. 15, to avoid ether expenditure and would be decreased in due course of time.
• Transactions Mega Root: This value is the merkle root of all the transaction roots in the bunch. This is used by Smart Contract to verify that a transaction was sent on the chain.
• Receipts Mega Root: This value is the merkle root of all the receipt roots in the bunch. This is used to verify that the transaction execution was successful.
• Timestamp: This value is the time when the bunch proposal was submitted to the smart contract. After submission, there is a challenge period before it is finalised.

Converting ES-ERC20 to ERC-NA and BACK

On Ethereum Blockchain, the first class cryptocurrency is ETH and rest other tokens managed by smart contracts are second class. On ESN, there is an advancement to have Era Swaps as the first class cryptocurrency. This cryptocurrency will feature better user experience and to differentiate it from the classic ERC20 Era Swaps, it will be called as Era Swap Natives (ES-Na). According to the Era Swap Whitepaper, maximum 9.1 Million ES will exist which will be slowly released in circulation every month.
Era Swaps will exist as ES-ERC20 as well as in form of ES-Na. One of these can be exchanged for the other at 1:1 ratio.
Following is how user will convert ES-ERC20 to ES-Na:
  1. User will give allowance to a Deposit Smart Contract, and following that call deposit method to deposit tokens to the contract.
  2. On transaction confirmation, user will paste the transaction hash on a portal which will generate a Proof of Deposit string for the user. This string is generated by fetching all the transactions in the Ethereum Block and generating a Transaction Patricia Merkle Proof to prove that user’s transaction was indeed included in the block and the Receipts Patricia Merkle Proof to confirm that the user’s transaction was successful.
  3. Using the same portal, user will submit the generated proofs to a Smart Contract on ESN, which would release funds to user. Though, user will have to wait for the Etheruem block roots to be posted to ESN after waiting for confirmations which would take about 3 minutes. Once, it’s done user’s proofs will be accepted and will receive exact amount of ES- Na on ESN.
Following is how user will convert ES-Na to ES-ERC20:
  1. ES-Na being first class cryptocurrency, user will simply send ES-Na to a contract.
  2. User will paste the transaction hash on a portal which will generate a Proof of Deposit for the user. Again ES-Na being first class cryptocurrency, Transaction Patricia Merkle Proof is enough to prove that user’s transaction was indeed included in the block. Another thing which will be generated is the block inclusion proof in the bunch.
  3. User will have to wait for the bunch confirmation to the Plasma Smart Contract and once it’s done, user can send the proof to the Plasma Smart Contract to receive ES-ERC20.

HARD Exit

Since the blocks are produced and transactions are validated by few block producers, it exposes a possibility for fraud by controlling the block producer nodes. Because ESN is based on the Plasma Model, when failure of sidechain occurs or the chain halts, users can hard exit their funds directly from the Plasma Smart Contract on Ethereum by giving a Proof of Holdings.

HOld ES Tokens Swapping with New ES Tokens

The old ES Tokens will be valueless as those tokens will not be accepted in ESN because of NRT (New Released Tokens) and TimeAlly contracts on mainnet which is causing high gas to users, hence reducing interactions. Also, there was an event of theft of Era Swap Tokens and after consensus from majority of holders of Era Swap Tokens; it was decided to create a new contract to reverse the theft to secure the value of Era Swap Tokens of the community. Below is the strategy for swapping tokens:
TimeAlly and TSGAP: Majority of Era Swap Community have participated in TimeAlly Smart Contract in which their tokens are locked for certain period of time until which they cannot move them. Such holders will automatically receive TimeAlly staking of specific durations from the operator during initialization of ESN.
Liquid Tokens: Holders of Liquid Era Swap Tokens have to transfer the old tokens to a specified Ethereum wallet address managed by team. Following that, team will audit the token source of the holder (to eliminate exchange of stolen tokens) and send new tokens back to the wallet address.

Post-Genesis Tokens Return Program

Primary asset holding of Era Swap tokens will exist on Ethereum blockchain as an ERC20 compatible standard due to the highly decentralised nature of the blockchain. Similar to how users deposit tokens to an cryptocurrency exchange for trading and then withdraw the tokens back, users will deposit tokens to ESN Contract to enter Era Swap Ecosystem and they can withdraw it back from ESN Contract for exiting from ecosystem network. The design of the token system will be such that, it will be compatible with the future shift (modification or migration of ESN version 1) to ESN version 2, in which an entirely new blockchain setup might be required.
To manage liquidity, following genesis structure will be followed:

Holder ES-ERC20 ES-Na
Team Wallet 1.17 billion (Circulating Supply) 0
Locked in Smart Contract 7.93 billion (pending NRT releases) 9.1 billion
Though it looks like there are 9.1 * 2 = 18.2 Billion ES, but the cryptographic design secures that at any point in time at least a total of 9.1 billion ES (ES-ERC20 + ES-Na) will be locked. To unlock ES-Na on ESN, an equal amount of ES-ERC20 has to be locked on Ethereum and vice-versa.
9.1 billion ES-ERC20 will be issued by ERC20 smart contract on Ethereum Blockchain, out of which the entire circulating supply (including liquid and TimeAlly holdings) of old ES will be received to a team wallet.
TimeAlly holdings of all users will be converted to ES-Na and distributed on ESN TimeAlly Smart Contract by team to the TimeAlly holders on their same wallet address.
Liquid user holdings will be sent back to the users to the wallet address from which they send back old ES tokens (because some old ES are deposited on exchange wallet address).
ES-Na will be issued in the genesis block to an ESN Manager Smart Contract address. It will manage all the deposits and withdrawals as well as NRT releases.

Attack Vectors


Following are identified risks to be taken care of during the development of ESN:
Network Spamming: Attackers can purchase ES from the exchange and make a lot of transactions between two accounts. This is solved by involving gas fees. A setting of 200 nanoES minimum gas price will be set, which can be changed as per convenience.
DDoS: Attackers can query public nodes for computationally heavy output data. This will overload the public node with requests and genuine requests might get delayed. Block producers RPC is private, so they will continue to produce blocks. To manage user’s denial of service, the provider in dApps needs to be designed in such a way such that many public nodes will be queried simple information (let’s say latest block number) and the one which response quickly to user will be selected.
AWS is down: To minimize this issue due to cloud providers down, there will be enough nodes on multiple cloud providers to ensure at least one block producer is alive.
User deposit double spending: User deposits ES on Ethereum, gets ES-Na on ESN. Then the issue happens that there are re-org on ETH mainnet and the user’s transaction is reversed. Since ETH is not a fixed chain and as per PoW 51% attack can change the blocks. As Ethereum is now enough mature and by statistics forked blocks are at most of height 2. So it is safe to consider 15 confirmations.
Exit Game while smooth functioning: User starts a hard exit directly from Plasma Smart Contract on Ethereum, then spends his funds from the plasma chain too. To counter this, the exit game will be disabled, only when ESN halts, i.e. fails to submit block header within the time the exit game starts. This is because it is difficult to mark user’s funds as spent on ESN.
Vulnerability in Ecosystem Smart Contracts: Using traditional methods to deploy smart contracts results in a situation where if a bug is found later, it is not possible to change the code. Using a proxy construction for every ecosystem smart contract solves this problem, and changing a proxy can be given to a small committee in which 66% of votes are required, this is to prevent a malicious change of code due to compromising of a single account or similar scenario.
ChainID replay attacks: Using old and traditional ways to interact with dApps can cause loss to users, hence every dApp will be audited for the same.

Conclusion

Era Swap Network is an EVM-compatible sidechain attached to the Ethereum blockchain through Plasma Framework. This allows off-chain processing of Era Swap Ecosystem transactions and posting only the hash of the bunch to Ethereum. This greatly reduces the high network fee and confirmation time issues faced by the current Era Swap Ecosystem DApps deployed on Ethereum. Also, having a separate EVM-compatible blockchain tailored to Era Swap Ecosystem improves the user experience to a higher extent. Since by design, Plasma Framework makes the Era Swap Network as secure as the Ethereum Network, user's funds on the network would be secure as well.
We believe Era Swap Network will help scale dApps of Era Swap Ecosystem to onboard the increasing numbers of users.


Era Swap Ecosystem
Era Swap Ecosystem consist of multiple interlinked platforms which is powered by Era swap (ES) token, a decentralized utility token to be used on below utility platforms. Users can access the Platforms through Era Swap Life which is the Single Sign on (SSO) gateway to the one world of Era Swap Ecosystem.
Era Swap Life: https://eraswap.life/
TimeAlly DApp -> Decentralized Token Vesting: https://www.timeally.io/
BetDeEx -> Decentralized prediction platform: https://www.betdeex.com/
Swappers Wall -> Social Time Ledgerise: https://timeswappers.com/swapperswall
TimeSwappers -> Global P2P marketplace: https://timeswappers.com/
BuzCafe -> Connects local P2P outlets: https://buzcafe.com/
DaySwappers -> Unique Affiliate Program: https://dayswappers.com/
Era Swap Academy -> E-mart for skill development: https://eraswap.academy/
Value of Farmers (VOF) -> Farming ecosystem: http://valueoffarmers.org/ coming soon
ComputeEx -> P2P lending and borrowing: https://computeex.net/ coming soon
DateSwappers -> Next gen dating: coming soon
Smart Contract address

Era Swap Token (ES)
https://etherscan.io/address/0xef1344bdf80bef3ff4428d8becec3eea4a2cf574#code

Newly Released Token (NRT) https://etherscan.io/address/0x20ee679d73559e4c4b5e3b3042b61be723828d6c#code

TimeAlly DApp
https://etherscan.io/address/0x5630ee5f247bd6b61991fbb2f117bbeb45990876#code

BetDeEx DApp https://etherscan.io/address/0x42225682113E6Ed3616B36B4A72BbaE376041D7c#code
TSGAP DApp
https://etherscan.io/address/0xbad9af4db5401b7d5e8177a18c1d69c35fc03fd3#code

White Paper
Era Swap Whitepaper: https://eraswaptoken.io/pdf/eraswap_whitepaper.pdf
Era Swap Light Paper: https://eraswaptoken.io/pdf/eraswap_lightpaper.pdf

Howey Test
Howey Test: https://eraswaptoken.io/era-swap-howey-test-letter-august7-2018.php

Era Swap SOCIAL LINKS
Telegram: https://t.me/eraswap
Twitter: https://twitter.com/eraswaptec
Facebook: https://www.facebook.com/eraswap/
Instagram: https://www.instagram.com/eraswap/
BitcoinTalk: https://bitcointalk.org/index.php?topic=5025979.msg45502457
Youtube: https://www.youtube.com/channel/UCGCP4f5DF1W6sbCjS6y3T1g
LinkedIn: https://www.linkedin.com/company/eraswap/
Reddit: https://www.reddit.com/useEraSwap
Medium: https://medium.com/@eraswap
Tumblr: https://eraswap.tumblr.com/
Mix: https://mix.com/eraswap
Pinterest: https://www.pinterest.com/eraswapt/
GitHub: https://github.com/KMPARDS/EraSwapSmartContracts
submitted by EraSwap to u/EraSwap [link] [comments]

Bitcoin - Hash Pointers and Data Structures Double Hash - Applied Cryptography Bitcoin Mining on NiceHash trick that DOUBLED my earnings ... How to Double Spend Clueless Newbs in the Hash Battle on Bitcoin Cash How To Decrypt Hash

There is a long-standing puzzle within Bitcoin that has not yet been solved correctly: why did I use a double hash? First of all, the explanation of the double-hash problem as given in the CoreCoin… Introduction¶. Each full node in the Bitcoin network independently stores a block chain containing only blocks validated by that node. When several nodes all have the same blocks in their block chain, they are considered to be in consensus.The validation rules these nodes follow to maintain consensus are called consensus rules.This section describes many of the consensus rules used by Bitcoin ... More importantly, if we convert this compressed public key to a bitcoin address using the double-hash function (RIPEMD160(SHA256(K))) it will produce a different bitcoin address. This can be confusing, because it means that a single private key can produce a public key expressed in two different formats (compressed and uncompressed) that produce two different bitcoin addresses. However, the ... I have here a homework about double hashing and I stack on one point: I have the Array: 17, 6, 5, 8, 11, 28, 14, 15 h1(k) = k mod 11, h2(k) = 1 + (k mod 9), Size of hash table = 11 The double Hash Function from this: dh(k) = k mod 11 + (j + (k mod 9). Now I calculate the hashvalues: h(17) = k mod 11 = 6 - OK h( 6) = 6 = collision => 6 + (1 + (6 mod 9) = 12 = NOK => this is outside of the range ... Bitcoin uses the hashcash Proof_of_work function as the mining core. All bitcoin miners whether CPU, GPU, FPGA or ASICs are expending their effort creating hashcash proofs-of-work which act as a vote in the blockchain evolution and validate the blockchain transaction log. Like many cryptographic algorithms hashcash uses a hash function as a building block, in the same way that HMAC, or RSA ...

[index] [4145] [9144] [32589] [50632] [39092] [4331] [15170] [48619] [38705] [21557]

Bitcoin - Hash Pointers and Data Structures

Hash Pointers and Data Structures - Bitcoin and Cryptocurrency Technologies Part 1 - Introduction to Crypto and Cryptocurrencies Learn about cryptographic building blocks ("primitives") and reason ... Learn how to Brute-Force your Bitcoin core wallet using Hashcat. Get the Bitcoin2John.py script here: https://github.com/magnumripper/JohnTheRipper/blob/blee... What would happen to Bitcoin if SHA256 were broken? - Duration: 4:41. Off Chain with Jimmy Song Recommended for you. 4:41. JAVA - How To Design Login And Register Form In Java Netbeans - Duration ... This is part 3 of the Blockchain tutorial explaining what hashes are. In this video series different topics will be explained which will help you to understa... Hash table double hashing - Duration: 14:50. WilliamFiset 10,927 views. 14:50. Why Do Computers Use 1s and 0s? Binary and Transistors Explained. - Duration: 7:00. H3Vtux Recommended for you. 7:00 ...

#