BIP 0032 - Bitcoin Wiki

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

Technical: The Path to Taproot Activation

Taproot! Everybody wants to have it, somebody wants to make it, nobody knows how to get it!
(If you are asking why everybody wants it, see: Technical: Taproot: Why Activate?)
(Pedants: I mostly elide over lockin times)
Briefly, Taproot is that neat new thing that gets us:
So yes, let's activate taproot!

The SegWit Wars

The biggest problem with activating Taproot is PTSD from the previous softfork, SegWit. Pieter Wuille, one of the authors of the current Taproot proposal, has consistently held the position that he will not discuss activation, and will accept whatever activation process is imposed on Taproot. Other developers have expressed similar opinions.
So what happened with SegWit activation that was so traumatic? SegWit used the BIP9 activation method. Let's dive into BIP9!

BIP9 Miner-Activated Soft Fork

Basically, BIP9 has a bunch of parameters:
Now there are other parameters (name, starttime) but they are not anywhere near as important as the above two.
A number that is not a parameter, is 95%. Basically, activation of a BIP9 softfork is considered as actually succeeding if at least 95% of blocks in the last 2 weeks had the specified bit in the nVersion set. If less than 95% had this bit set before the timeout, then the upgrade fails and never goes into the network. This is not a parameter: it is a constant defined by BIP9, and developers using BIP9 activation cannot change this.
So, first some simple questions and their answers:

The Great Battles of the SegWit Wars

SegWit not only fixed transaction malleability, it also created a practical softforkable blocksize increase that also rebalanced weights so that the cost of spending a UTXO is about the same as the cost of creating UTXOs (and spending UTXOs is "better" since it limits the size of the UTXO set that every fullnode has to maintain).
So SegWit was written, the activation was decided to be BIP9, and then.... miner signalling stalled at below 75%.
Thus were the Great SegWit Wars started.

BIP9 Feature Hostage

If you are a miner with at least 5% global hashpower, you can hold a BIP9-activated softfork hostage.
You might even secretly want the softfork to actually push through. But you might want to extract concession from the users and the developers. Like removing the halvening. Or raising or even removing the block size caps (which helps larger miners more than smaller miners, making it easier to become a bigger fish that eats all the smaller fishes). Or whatever.
With BIP9, you can hold the softfork hostage. You just hold out and refuse to signal. You tell everyone you will signal, if and only if certain concessions are given to you.
This ability by miners to hold a feature hostage was enabled because of the miner-exit allowed by the timeout on BIP9. Prior to that, miners were considered little more than expendable security guards, paid for the risk they take to secure the network, but not special in the grand scheme of Bitcoin.

Covert ASICBoost

ASICBoost was a novel way of optimizing SHA256 mining, by taking advantage of the structure of the 80-byte header that is hashed in order to perform proof-of-work. The details of ASICBoost are out-of-scope here but you can read about it elsewhere
Here is a short summary of the two types of ASICBoost, relevant to the activation discussion.
Now, "overt" means "obvious", while "covert" means hidden. Overt ASICBoost is obvious because nVersion bits that are not currently in use for BIP9 activations are usually 0 by default, so setting those bits to 1 makes it obvious that you are doing something weird (namely, Overt ASICBoost). Covert ASICBoost is non-obvious because the order of transactions in a block are up to the miner anyway, so the miner rearranging the transactions in order to get lower power consumption is not going to be detected.
Unfortunately, while Overt ASICBoost was compatible with SegWit, Covert ASICBoost was not. This is because, pre-SegWit, only the block header Merkle tree committed to the transaction ordering. However, with SegWit, another Merkle tree exists, which commits to transaction ordering as well. Covert ASICBoost would require more computation to manipulate two Merkle trees, obviating the power benefits of Covert ASICBoost anyway.
Now, miners want to use ASICBoost (indeed, about 60->70% of current miners probably use the Overt ASICBoost nowadays; if you have a Bitcoin fullnode running you will see the logs with lots of "60 of last 100 blocks had unexpected versions" which is exactly what you would see with the nVersion manipulation that Overt ASICBoost does). But remember: ASICBoost was, at around the time, a novel improvement. Not all miners had ASICBoost hardware. Those who did, did not want it known that they had ASICBoost hardware, and wanted to do Covert ASICBoost!
But Covert ASICBoost is incompatible with SegWit, because SegWit actually has two Merkle trees of transaction data, and Covert ASICBoost works by fudging around with transaction ordering in a block, and recomputing two Merkle Trees is more expensive than recomputing just one (and loses the ASICBoost advantage).
Of course, those miners that wanted Covert ASICBoost did not want to openly admit that they had ASICBoost hardware, they wanted to keep their advantage secret because miners are strongly competitive in a very tight market. And doing ASICBoost Covertly was just the ticket, but they could not work post-SegWit.
Fortunately, due to the BIP9 activation process, they could hold SegWit hostage while covertly taking advantage of Covert ASICBoost!

UASF: BIP148 and BIP8

When the incompatibility between Covert ASICBoost and SegWit was realized, still, activation of SegWit stalled, and miners were still not openly claiming that ASICBoost was related to non-activation of SegWit.
Eventually, a new proposal was created: BIP148. With this rule, 3 months before the end of the SegWit timeout, nodes would reject blocks that did not signal SegWit. Thus, 3 months before SegWit timeout, BIP148 would force activation of SegWit.
This proposal was not accepted by Bitcoin Core, due to the shortening of the timeout (it effectively times out 3 months before the initial SegWit timeout). Instead, a fork of Bitcoin Core was created which added the patch to comply with BIP148. This was claimed as a User Activated Soft Fork, UASF, since users could freely download the alternate fork rather than sticking with the developers of Bitcoin Core.
Now, BIP148 effectively is just a BIP9 activation, except at its (earlier) timeout, the new rules would be activated anyway (instead of the BIP9-mandated behavior that the upgrade is cancelled at the end of the timeout).
BIP148 was actually inspired by the BIP8 proposal (the link here is a historical version; BIP8 has been updated recently, precisely in preparation for Taproot activation). BIP8 is basically BIP9, but at the end of timeout, the softfork is activated anyway rather than cancelled.
This removed the ability of miners to hold the softfork hostage. At best, they can delay the activation, but not stop it entirely by holding out as in BIP9.
Of course, this implies risk that not all miners have upgraded before activation, leading to possible losses for SPV users, as well as again re-pressuring miners to signal activation, possibly without the miners actually upgrading their software to properly impose the new softfork rules.

BIP91, SegWit2X, and The Aftermath

BIP148 inspired countermeasures, possibly from the Covert ASiCBoost miners, possibly from concerned users who wanted to offer concessions to miners. To this day, the common name for BIP148 - UASF - remains an emotionally-charged rallying cry for parts of the Bitcoin community.
One of these was SegWit2X. This was brokered in a deal between some Bitcoin personalities at a conference in New York, and thus part of the so-called "New York Agreement" or NYA, another emotionally-charged acronym.
The text of the NYA was basically:
  1. Set up a new activation threshold at 80% signalled at bit 4 (vs bit 1 for SegWit).
    • When this 80% signalling was reached, miners would require that bit 1 for SegWit be signalled to achive the 95% activation needed for SegWit.
  2. If the bit 4 signalling reached 80%, increase the block weight limit from the SegWit 4000000 to the SegWit2X 8000000, 6 months after bit 1 activation.
The first item above was coded in BIP91.
Unfortunately, if you read the BIP91, independently of NYA, you might come to the conclusion that BIP91 was only about lowering the threshold to 80%. In particular, BIP91 never mentions anything about the second point above, it never mentions that bit 4 80% threshold would also signal for a later hardfork increase in weight limit.
Because of this, even though there are claims that NYA (SegWit2X) reached 80% dominance, a close reading of BIP91 shows that the 80% dominance was only for SegWit activation, without necessarily a later 2x capacity hardfork (SegWit2X).
This ambiguity of bit 4 (NYA says it includes a 2x capacity hardfork, BIP91 says it does not) has continued to be a thorn in blocksize debates later. Economically speaking, Bitcoin futures between SegWit and SegWit2X showed strong economic dominance in favor of SegWit (SegWit2X futures were traded at a fraction in value of SegWit futures: I personally made a tidy but small amount of money betting against SegWit2X in the futures market), so suggesting that NYA achieved 80% dominance even in mining is laughable, but the NYA text that ties bit 4 to SegWit2X still exists.
Historically, BIP91 triggered which caused SegWit to activate before the BIP148 shorter timeout. BIP148 proponents continue to hold this day that it was the BIP148 shorter timeout and no-compromises-activate-on-August-1 that made miners flock to BIP91 as a face-saving tactic that actually removed the second clause of NYA. NYA supporters keep pointing to the bit 4 text in the NYA and the historical activation of BIP91 as a failed promise by Bitcoin developers.

Taproot Activation Proposals

There are two primary proposals I can see for Taproot activation:
  1. BIP8.
  2. Modern Softfork Activation.
We have discussed BIP8: roughly, it has bit and timeout, if 95% of miners signal bit it activates, at the end of timeout it activates. (EDIT: BIP8 has had recent updates: at the end of timeout it can now activate or fail. For the most part, in the below text "BIP8", means BIP8-and-activate-at-timeout, and "BIP9" means BIP8-and-fail-at-timeout)
So let's take a look at Modern Softfork Activation!

Modern Softfork Activation

This is a more complex activation method, composed of BIP9 and BIP8 as supcomponents.
  1. First have a 12-month BIP9 (fail at timeout).
  2. If the above fails to activate, have a 6-month discussion period during which users and developers and miners discuss whether to continue to step 3.
  3. Have a 24-month BIP8 (activate at timeout).
The total above is 42 months, if you are counting: 3.5 years worst-case activation.
The logic here is that if there are no problems, BIP9 will work just fine anyway. And if there are problems, the 6-month period should weed it out. Finally, miners cannot hold the feature hostage since the 24-month BIP8 period will exist anyway.

PSA: Being Resilient to Upgrades

Software is very birttle.
Anyone who has been using software for a long time has experienced something like this:
  1. You hear a new version of your favorite software has a nice new feature.
  2. Excited, you install the new version.
  3. You find that the new version has subtle incompatibilities with your current workflow.
  4. You are sad and downgrade to the older version.
  5. You find out that the new version has changed your files in incompatible ways that the old version cannot work with anymore.
  6. You tearfully reinstall the newer version and figure out how to get your lost productivity now that you have to adapt to a new workflow
If you are a technically-competent user, you might codify your workflow into a bunch of programs. And then you upgrade one of the external pieces of software you are using, and find that it has a subtle incompatibility with your current workflow which is based on a bunch of simple programs you wrote yourself. And if those simple programs are used as the basis of some important production system, you hve just screwed up because you upgraded software on an important production system.
And well, one of the issues with new softfork activation is that if not enough people (users and miners) upgrade to the newest Bitcoin software, the security of the new softfork rules are at risk.
Upgrading software of any kind is always a risk, and the more software you build on top of the software-being-upgraded, the greater you risk your tower of software collapsing while you change its foundations.
So if you have some complex Bitcoin-manipulating system with Bitcoin somewhere at the foundations, consider running two Bitcoin nodes:
  1. One is a "stable-version" Bitcoin node. Once it has synced, set it up to connect=x.x.x.x to the second node below (so that your ISP bandwidth is only spent on the second node). Use this node to run all your software: it's a stable version that you don't change for long periods of time. Enable txiindex, disable pruning, whatever your software needs.
  2. The other is an "always-up-to-date" Bitcoin Node. Keep its stoarge down with pruning (initially sync it off the "stable-version" node). You can't use blocksonly if your "stable-version" node needs to send transactions, but otherwise this "always-up-to-date" Bitcoin node can be kept as a low-resource node, so you can run both nodes in the same machine.
When a new Bitcoin version comes up, you just upgrade the "always-up-to-date" Bitcoin node. This protects you if a future softfork activates, you will only receive valid Bitcoin blocks and transactions. Since this node has nothing running on top of it, it is just a special peer of the "stable-version" node, any software incompatibilities with your system software do not exist.
Your "stable-version" Bitcoin node remains the same version until you are ready to actually upgrade this node and are prepared to rewrite most of the software you have running on top of it due to version compatibility problems.
When upgrading the "always-up-to-date", you can bring it down safely and then start it later. Your "stable-version" wil keep running, disconnected from the network, but otherwise still available for whatever queries. You do need some system to stop the "always-up-to-date" node if for any reason the "stable-version" goes down (otherwisee if the "always-up-to-date" advances its pruning window past what your "stable-version" has, the "stable-version" cannot sync afterwards), but if you are technically competent enough that you need to do this, you are technically competent enough to write such a trivial monitor program (EDIT: gmax notes you can adjust the pruning window by RPC commands to help with this as well).
This recommendation is from gmaxwell on IRC, by the way.
submitted by almkglor to Bitcoin [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

TKEYSPACE — blockchain in your mobile

TKEYSPACE — blockchain in your mobile

https://preview.redd.it/w8o3bcvjrtx41.png?width=1400&format=png&auto=webp&s=840ac3872156215b30e708920edbef4583190654
Someone says that the blockchain in the phone is marketing. This is possible for most applications, but not for Tkeycoin. Today we will talk about how the blockchain works in the TkeySpace app.
Who else is not in the topic, TkeySpace is a financial application for decentralized and efficient management of various cryptocurrencies, based on a distributed architecture without using a client-server.
In simple words, it is a blockchain in the user’s mobile device that excludes hacking and hacker attacks, and all data is encrypted using modern cryptographic methods.
https://preview.redd.it/8uku6thlrtx41.png?width=1280&format=png&auto=webp&s=e1a610244da53100a5bc6b821ee5c799c6493ac4

Blockchain

Let’s start with the most important thing — the blockchain works on the principles of P2P networks, when there is no central server and each device is both a server and a client, such an organization allows you to maintain the network performance with any number and any combination of available nodes.
For example, there are 12 machines in the network, and anyone can contact anyone. As a client (resource consumer), each of these machines can send requests for the provision of some resources to other machines within this network and receive them. As a server, each machine must process requests from other machines in the network, send what was requested, and perform some auxiliary and administrative functions.
With traditional client-server systems, we can get a completely disabled social network, messenger, or another service, given that we rely on a centralized infrastructure — we have a very specific number of points of failure. If the main data center is damaged due to an earthquake or any other event, access to information will be slowed down or completely disabled.
With a P2P solution, the failure of one network member does not affect the network operation in any way. P2P networks can easily switch to offline mode when the channel is broken — in which it will exist completely independently and without any interaction.
Instead of storing information in a single central point, as traditional recording methods do, multiple copies of the same data are stored in different locations and on different devices on the network, such as computers or mobile devices.

https://i.redd.it/2c4sv7rnrtx41.gif
This means that even if one storage point is damaged or lost, multiple copies remain secure in other locations. Similarly, if one part of the information is changed without the consent of the rightful owners, there are many other copies where the information is correct, which makes the false record invalid.
The information recorded in the blockchain can take any form, whether it is a transfer of money, ownership, transaction, someone’s identity, an agreement between two parties, or even how much electricity a light bulb used.
However, this requires confirmation from multiple devices, such as nodes in the network. Once an agreement, otherwise known as consensus, is reached between these devices to store something on the blockchain — it can’t be challenged, deleted, or changed.
The technology also allows you to perform a truly huge amount of computing in a relatively short time, which even on supercomputers would require, depending on the complexity of the task, many years or even centuries of work. This performance is achieved because a certain global task is divided into a large number of blocks, which are simultaneously performed by hundreds of thousands of devices participating in the project.

P2P messaging and syncing in TkeySpace

TkeySpace is a node of the TKEY network and other supported networks. when you launch the app, your mobile node connects to an extensive network of supported blockchains, syncs with full nodes to validate transactions and incoming information between nodes, so the nodes organize a graph of connections between them.
You can always check the node information in the TkeySpace app in the ⚙ Settings Contact and peer info App Status;

https://preview.redd.it/co1k25kqrtx41.png?width=619&format=png&auto=webp&s=e443a436b11d797b475b00a467cd9609cac66b83
TkeySpace creates initiating connections to servers registered in the blockchain Protocol as the main ones, from these servers it gets the addresses of nodes to which it can join, in turn, the nodes to which the connection occurred share information about other nodes.

https://i.redd.it/m21pw88srtx41.gif
TkeySpace sends network messages to nodes from supported blockchains in the app to get up-to-date data from the network.
The Protocol uses data structures for communication between nodes, such as block propagation over the network, so before network messages are read, nodes check the “magic number”, check the first bytes, and determine the type of data structure. In the blockchain, the “magic number” is the network ID used to filter messages and block traffic from other p2p networks.
Magic numbers are used in computer science, both for files and protocols. They identify the type of file/data structure. A program that receives such a file/data structure can check the magic number and immediately find out the intended type of this file/data structure.
The first message that your node sends is called a Version Message. In response, the node waits for a Verack message to establish a connection between other peers. The exchange of such messages is called a “handshake”.

https://preview.redd.it/b6gh0hitrtx41.png?width=785&format=png&auto=webp&s=0101eaec6469fb53818486fa13da110f6a4a851d
After the “handshake” is set, TkeySpace will start connecting to other nodes in the network to determine the last block at the end of the required blockchain. At this point — nodes request information about blocks they know using GetBlock messages — in response, your node receives an inv (Inventory Message) from another node with the information that it has the information that was requested by the TkeySpace node.
In response to the received message, inv — TkeySpace sends a GetData message containing a list of blocks starting immediately after the last known hash.

https://preview.redd.it/lare5lsurtx41.png?width=768&format=png&auto=webp&s=da8d27110f406f715292b439051ca221fab47f77

Loading and storing blocks

After exchanging messages, the block information is loaded and transactions are uploaded to your node. To avoid storing tons of information and optimize hard disk space and data processing speed, we use RDBMS — PostgreSQL in full nodes (local computer wallet).
In the TkeySpace mobile app, we use SQLite, and validation takes place by uploading block headers through the Merkle Tree, using the bloom filter — this allows you to optimize the storage of your mobile device as much as possible.
The block header includes its hash, the hash of the previous block, transaction hashes, and additional service information.
Block headers in the Tkeycoin network=84 bytes due to the extension of parameters to support nChains, which will soon be launched in “combat” mode. The titles of the Bitcoin block, Dash, Litecoin=80 bytes.

https://preview.redd.it/uvv3qz7wrtx41.png?width=1230&format=png&auto=webp&s=5cf0cd8b6d099268f3d941aac322af05e781193c
And so, let’s continue — application nodes receive information from the blockchain by uploading block headers, all data is synchronized using the Merkle Tree, or rather your node receives and validates information from the Merkle root.
The hash tree was developed in 1979 by Ralph Merkle and named in his honor. The structure of the system has received this name also because it resembles a tree.
The Merkle tree is a complete binary tree with leaf vertexes containing hashes from data blocks, and inner vertexes containing hashes from adding values in child vertexes. The root node of the tree contains a hash from the entire data set, meaning the hash tree is a unidirectional hash function. The Merkle tree is used for the efficient storage of transactions in the cryptocurrency blockchain. It allows you to get a “fingerprint” of all transactions in the block, as well as effectively verify transactions.

https://preview.redd.it/3hmbthpxrtx41.png?width=677&format=png&auto=webp&s=cca3d54c585747e0431c6c4de6eec7ff7e3b2f4d
Hash trees have an advantage over hash chains or hash functions. When using hash trees, it is much less expensive to prove that a certain block of data belongs to a set. Since different blocks are often independent data, such as transactions or parts of files, we are interested in being able to check only one block without recalculating the hashes for the other nodes in the tree.
https://i.redd.it/f7o3dh7zrtx41.gif
The Merkle Tree scheme allows you to check whether the hash value of a particular transaction is included in Merkle Root, without having all the other transactions in the block. So by having the transaction, block header, and Merkle Branch for that transaction requested from the full node, the digital wallet can make sure that the transaction was confirmed in a specific block.

https://i.redd.it/88sz13w0stx41.gif
The Merkle tree, which is used to prove that a transaction is included in a block, is also very well scaled. Because each new “layer” added to the tree doubles the total number of “leaves” it can represent. You don’t need a deep tree to compactly prove transaction inclusion, even among blocks with millions of transactions.

Statistical constants and nChains

To support the Tkeycoin cryptocurrency, the TkeySpace application uses additional statistical constants to prevent serialization of Merkle tree hashes, which provides an additional layer of security.
Also, for Tkeycoin, support for multi-chains (nChains) is already included in the TkeySpace app, which will allow you to use the app in the future with most of the features of the TKEY Protocol, including instant transactions.

The Bloom Filter

An additional level of privacy is provided by the bloom filter — which is a probabilistic data structure that allows you to check whether an element belongs to a set.

https://preview.redd.it/7ejkvi82stx41.png?width=374&format=png&auto=webp&s=ed75cd056949fc3a2bcf48b4d7ea78d3dc6d81f3
The bloom filter looks for whether a particular transaction is linked to Alice, not whether Alice has a specific cryptocurrency. In this way, transactions and received IDs are analyzed through a bloom filter. When “Alice wants to know about transaction X”, an ID is requested for transaction X, which is compared with the filled segments in her bloom filter. If “Yes” is received, the node can get the information and verify the transaction.

https://preview.redd.it/gjpsbss3stx41.png?width=1093&format=png&auto=webp&s=4cdcbc827849d13b7d6f0b7e7ba52e65ddc03a82

HD support

The multi-currency wallet TkeySpace is based on HD (or hierarchical determinism), a privacy-oriented method for generating and managing addresses. Each wallet address is generated from an xPub wallet (or extended public key). The app is completely anonymous — and individual address is generated for each transaction to accept a particular cryptocurrency. Even for low-level programming, using the same address is negative for the system, not to mention your privacy. We recommend that you always use a new address for transactions to ensure the necessary level of privacy and security.
The EXT_PUBLIC_KEY and EXT_SECRET_KEY values for DASH, Bitcoin, and Litecoin are completely identical. Tkeycoin uses its values, as well as other methods for storing transactions and blocks (RDBMS), and of course — nChains.

Secret key

Wallets in the blockchain have public and private keys.
https://preview.redd.it/br9kk8n5stx41.png?width=840&format=png&auto=webp&s=a36e4c619451735469a9cff57654d322467e4fba
Centralized applications usually store users’ private keys on their servers, which makes users’ funds vulnerable to hacker attacks or theft.
A private key is a special combination of characters that provides access to cryptocurrencies stored on the account. Only a person who knows the key can move and spend digital assets.
TkeySpace — stores the encrypted key only on the user’s device and in encrypted form. The encrypted key is displayed as a mnemonic phrase (backup phrase), which is very convenient for users. Unlike complex cryptographic ciphers, the phrase is easy to save or write. A backup keyword provides the maximum level of security.
A mnemonic phrase is 12 or 24 words that are generated using random number entropy. If a phrase consists of 12 words, then the number of possible combinations is 204⁸¹² or 21¹³² — the phrase will have 132 security bits. To restore the wallet, you must enter the mnemonic phrase in strict order, as it was presented after generation.

Result

Now we understand that your application TkeySpace is a node of the blockchain that communicates with other nodes using p2p messages, stores block headers and validate information using the Merkle Tree, verifies transactions, filters information using the bloom filter, and operates completely in a decentralized model. The application code contains all the necessary blockchain settings for communicating with the network, the so-called chain parameters.
TkeySpace is a new generation mobile app. A completely new level of security, easy user-friendly interfaces and all the necessary features that are required to work with cryptocurrency.
submitted by tkeycoin to Tkeycoin_Official [link] [comments]

By the power of CTOR! Xthinner is now working with BCH mainnet blocks

A few hours ago, I fixed the last showstopping bug in my Xthinner code and got it running between two of my ABC full nodes on mainnet. One node serves as a bridge to the rest of the world, receiving Compact Blocks and transmitting Xthinner. The other is connected to no other nodes except this bridge.
The first block transmitted by Xthinner was #577,310. My nodes had just started when that block was published, so it was transmitted with only 24 transactions in mempool out of 2865 total in the block. It worked nonetheless. Xthinner has worked on every block since then, with no failures, and with no block taking more than 1.5 networking round trips. Most non-tiny blocks have gotten about 99.0% compression after fetching missing transactions, or about 99.3% before fetching. In comparison, Compact Blocks usually gets about 96-97% edit: 98.5% compression. Eight blocks have been complete on arrival without any missing transaction fetching (0.5 round trips), and 24 blocks have required a round trip to fetch missing transactions. Edit: This missing transaction rate is quite high, and probably the result of the chained-nodes test setup. Each hop in a node chain adds up to 5 seconds of delay in transaction propagation, and this setup has 2 chain hops. I expect performance to improve in more normal configurations.
I will probably make an alpha code release soon so that people can play around with it. The code still has some known bugs and vulnerabilities, though, so don't run it on anything you want to stay running. There's still a lot of work to be done before the code is of high enough quality to be merged into Bitcoin ABC, so don't get too excited.
Here's the best-performing block so far:
2019-04-08 09:27:53.076818 received: xtrblk (1660 bytes) peer=0 2019-04-08 09:27:53.077210 Filling xtrblk with mempool size 841 2019-04-08 09:27:53.077644 xtrblk: 841 tx, 1 prefilled 2019-04-08 09:27:53.077707 Received complete xthinner block: 000000000000000002f914b0c6afb568bec86b9a5166a5023f466c5ee7100e90. 2019-04-08 09:27:53.136257 UpdateTip: new best=000000000000000002f914b0c6afb568bec86b9a5166a5023f466c5ee7100e90 height=577332 version=0x20800000 log2_work=87.837579 tx=269896356 date='2019-04-08 09:27:30' progress=1.000000 cache=10.6MiB(79763txo) warning='40 of last 100 blocks have unexpected version' 
This was a 841 tx, 363 kB block transmitted in 1660 bytes. That's 99.54% compression or 15.79 bits/tx. Uncoincidentally, this was also one of the largest blocks so far, with 23 minutes elapsed since the prior block.
Bigger blocks get better compression because the header, coinbase, and checksum specification overhead is a smaller proportion of the whole, and sometimes also because the Xthinner algorithm can more consistently omit the initial bytes of the TXID.
Sizes of the xtrblk messages:
2019-04-08 06:17:48.394401 received: xtrblk (4511 bytes) peer=0 2019-04-08 06:34:40.219904 received: xtrblk (1249 bytes) peer=0 2019-04-08 06:50:25.290082 received: xtrblk (1209 bytes) peer=0 2019-04-08 06:51:49.082137 received: xtrblk (282 bytes) peer=0 2019-04-08 07:04:02.028427 received: xtrblk (416 bytes) peer=0 2019-04-08 07:09:44.603728 received: xtrblk (1235 bytes) peer=0 2019-04-08 07:15:32.338061 received: xtrblk (351 bytes) peer=0 2019-04-08 07:17:25.983502 received: xtrblk (839 bytes) peer=0 2019-04-08 07:19:38.947229 received: xtrblk (498 bytes) peer=0 2019-04-08 07:21:22.099113 received: xtrblk (404 bytes) peer=0 2019-04-08 07:37:20.573195 received: xtrblk (569 bytes) peer=0 2019-04-08 07:38:41.106193 received: xtrblk (1259 bytes) peer=0 2019-04-08 07:46:40.656947 received: xtrblk (764 bytes) peer=0 2019-04-08 07:52:40.203599 received: xtrblk (591 bytes) peer=0 2019-04-08 08:01:30.239679 received: xtrblk (776 bytes) peer=0 2019-04-08 08:26:06.212842 received: xtrblk (287 bytes) peer=0 2019-04-08 08:37:10.882075 received: xtrblk (2177 bytes) peer=0 2019-04-08 08:39:05.003971 received: xtrblk (392 bytes) peer=0 2019-04-08 08:40:27.191932 received: xtrblk (274 bytes) peer=0 2019-04-08 08:53:57.338920 received: xtrblk (1294 bytes) peer=0 2019-04-08 08:54:44.033299 received: xtrblk (344 bytes) peer=0 2019-04-08 09:04:55.541082 received: xtrblk (947 bytes) peer=0 2019-04-08 09:27:53.076818 received: xtrblk (1660 bytes) peer=0 2019-04-08 09:39:21.527632 received: xtrblk (878 bytes) peer=0 2019-04-08 09:48:57.831915 received: xtrblk (836 bytes) peer=0 2019-04-08 09:49:18.074036 received: xtrblk (243 bytes) peer=0 2019-04-08 09:52:09.949254 received: xtrblk (474 bytes) peer=0 2019-04-08 10:05:35.192227 received: xtrblk (451 bytes) peer=0 2019-04-08 10:12:37.671585 received: xtrblk (1317 bytes) peer=0 2019-04-08 10:12:40.761272 received: xtrblk (294 bytes) peer=0 2019-04-08 10:13:10.548404 received: xtrblk (278 bytes) peer=0 2019-04-08 10:17:06.108110 received: xtrblk (512 bytes) peer=0 
Sizes of the fetched missing transactions:
2019-04-08 06:17:48.410703 received: xtrtxn (842930 bytes) peer=0 2019-04-08 06:34:40.221133 received: xtrtxn (5691 bytes) peer=0 2019-04-08 06:50:25.291309 received: xtrtxn (517 bytes) peer=0 2019-04-08 07:04:02.029652 received: xtrtxn (3461 bytes) peer=0 2019-04-08 07:09:44.604922 received: xtrtxn (744 bytes) peer=0 2019-04-08 07:15:32.339450 received: xtrtxn (1155 bytes) peer=0 2019-04-08 07:17:25.984684 received: xtrtxn (3337 bytes) peer=0 2019-04-08 07:19:38.948412 received: xtrtxn (654 bytes) peer=0 2019-04-08 07:21:22.100418 received: xtrtxn (3510 bytes) peer=0 2019-04-08 07:37:20.574477 received: xtrtxn (3990 bytes) peer=0 2019-04-08 07:38:41.107558 received: xtrtxn (519 bytes) peer=0 2019-04-08 07:52:40.204659 received: xtrtxn (2364 bytes) peer=0 2019-04-08 08:01:30.240842 received: xtrtxn (275 bytes) peer=0 2019-04-08 08:26:06.214200 received: xtrtxn (274 bytes) peer=0 2019-04-08 08:39:05.005097 received: xtrtxn (273 bytes) peer=0 2019-04-08 08:53:57.340233 received: xtrtxn (514 bytes) peer=0 2019-04-08 08:54:44.034397 received: xtrtxn (1243 bytes) peer=0 2019-04-08 09:04:55.542438 received: xtrtxn (420 bytes) peer=0 2019-04-08 09:39:21.528842 received: xtrtxn (811 bytes) peer=0 2019-04-08 09:49:18.075155 received: xtrtxn (274 bytes) peer=0 2019-04-08 09:52:09.950762 received: xtrtxn (10478 bytes) peer=0 2019-04-08 10:05:35.193791 received: xtrtxn (8248 bytes) peer=0 2019-04-08 10:12:40.762645 received: xtrtxn (1741 bytes) peer=0 
As a reminder: Xthinner does not affect storage, RAM, or CPU requirements for full nodes in any way, and has very little effect on total network traffic, which is dominated by tx announcements and historical block uploads. Xthinner's compression only affects block propagation speed. Block propagation is the code path that is most sensitive to performance and latency for keeping Bitcoin decentralized while scaling, and has long been a sore point, so this optimization is worthwhile. But its effects are limited to that code path.
Edit 4/18/2019: I tracked down the cause of the high missing/colliding transaction rate and associated extra round trips to an off-by-one bug in my encoder. The code was checking how many bytes were needed to disambiguate from the 2nd-closest mempool match instead of the closest mempool match. Since fixing this bug a few hours ago, only 1 out of 27 block transmission attempts have required an extra round trip for tx fetching.
submitted by jtoomim to btc [link] [comments]

Which are your top 5 coins out of the top100? An analysis.

I am putting together my investment portfolio for 2018 and made a complete summary of the current Top 100. Interestingly, I noticed that all coins can be categorized into 12 markets. Which markets do you think will play the biggest role in the coming year?
Here is a complete overview of all coins in an excel sheet including name, a full description, market, TPS, risk profile, time since launch (negative numbers mean that they are launching that many months in the future) and market cap. You can also sort by all of these fields of course. Coins written in bold are the strongest contenders within their market either due to having the best technology or having a small market cap and still excellent technology and potential. https://docs.google.com/spreadsheets/d/1s8PHcNvvjuy848q18py_CGcu8elRGQAUIf86EYh4QZo/edit#gid=0
The 12 markets are
  1. Currency 13 coins
  2. Platform 25 coins
  3. Ecosystem 9 coins
  4. Privacy 9 coins
  5. Currency Exchange Tool 8 coins
  6. Gaming & Gambling 4 coins
  7. Misc 15 coins
  8. Social Network 4 coins
  9. Fee Token 3 coins
  10. Decentralized Data Storage 4 coins
  11. Cloud Computing 2 coins
  12. Stable Coin 3 coins
Before we look at the individual markets, we need to take a look of the overall market and its biggest issue, scalability, first:
Cryptocurrencies aim to be a decentralized currency that can be used worldwide. Their goal is to replace dollar, Euro, Yen, all FIAT currencies globally. The coin that will achieve that will be worth several trillion dollars.
Bitcoin can only process 7 transactions per second (TPS) currently. In order to replace all FIAT, it would need to perform at least at VISA levels, which usually processes around 3,000 TPS, up to 25,000 TPS during peak times and a maximum of 64,000 TPS. That means that this cryptocurrency would need to be able to perform at least several thousand TPS. However, a ground breaking technology should not look at current technology to set a goal for its use, i.e. estimating the number of emails sent in 1990 based on the number of faxes sent wasn’t a good estimate.
For that reason, 10,000 TPS is the absolute baseline for a cryptocurrency that wants to replace FIAT. This brings me to IOTA, which wants to connect all 80 billion IoT devices that are expected to exist by 2025, which constantly communicate with each other, possibly creating 80 billion or more transactions per second. This is the benchmark that cryptocurrencies should be aiming for. Currently, 8 billion devices are connected to the Internet.
With its Lightning network recently launched, Bitcoin is realistically looking at 50,000 possible TPS soon. Other notable cryptocurrencies besides IOTA and Bitcoin are Nano with 7,000 TPS already tested, Dash with several billion TPS possible with Masternodes, Neo, LISK and RHOC with 100,000 TPS by 2020, Ripple with 50,000 TPS, Ethereum with 10,000 TPS with Sharding.
However, it needs to be said that scalability usually goes at the cost of decentralization and security. So, it needs to be seen, which of these technologies can prove themselves decentralized while maintaining high TPS.
Without further ado, here are the coins of the first market. Each market is sorted by market cap.

Market 1 - Currency:

  1. Bitcoin: 1st generation blockchain with currently bad scalability, though the implementation of the Lightning Network looks promising and could alleviate most scalability and high energy use concerns.
  2. Ripple: Centralized currency that might become very successful due to tight involvement with banks and cross-border payments for financial institutions; banks and companies like Western Union and Moneygram (who they are currently working with) as customers customers. However, it seems they are aiming for more decentralization now.https://ripple.com/dev-blog/decentralization-strategy-update/. Has high TPS due to Proof of Correctness algorithm.
  3. Bitcoin Cash: Bitcoin fork with the difference of having an 8 times bigger block size, making it 8 times more scalable than Bitcoin currently. Further block size increases are planned. Only significant difference is bigger block size while big blocks lead to further problems that don't seem to do well beyond a few thousand TPS. Opponents to a block size argue that increasing the block size limit is unimaginative, offers only temporary relief, and damages decentralization by increasing costs of participation. In order to preserve decentralization, system requirements to participate should be kept low. To understand this, consider an extreme example: very big blocks (1GB+) would require data center level resources to validate the blockchain. This would preclude all but the wealthiest individuals from participating.Community seems more open than Bitcoin's though.
  4. Litecoin : Little brother of Bitcoin. Bitcoin fork with different mining algorithm but not much else.Copies everything that Bitcoin does pretty much. Lack of real innovation.
  5. Dash: Dash (Digital Cash) is a fork of Bitcoin and focuses on user ease. It has very fast transactions within seconds, low fees and uses Proof of Service from Masternodes for consensus. They are currently building a system called Evolution which will allow users to send money using usernames and merchants will find it easy to integrate Dash using the API. You could say Dash is trying to be a PayPal of cryptocurrencies. Currently, cryptocurrencies must choose between decentralization, speed, scalability and can pick only 2. With Masternodes, Dash picked speed and scalability at some cost of decentralization, since with Masternodes the voting power is shifted towards Masternodes, which are run by Dash users who own the most Dash.
  6. IOTA: 3rd generation blockchain called Tangle, which has a high scalability, no fees and instant transactions. IOTA aims to be the connective layer between all 80 billion IOT devices that are expected to be connected to the Internet in 2025, possibly creating 80 billion transactions per second or 800 billion TPS, who knows. However, it needs to be seen if the Tangle can keep up with this scalability and iron out its security issues that have not yet been completely resolved.
  7. Nano: 3rd generation blockchain called Block Lattice with high scalability, no fees and instant transactions. Unlike IOTA, Nano only wants to be a payment processor and nothing else, for now at least. With Nano, every user has their own blockchain and has to perform a small amount of computing for each transaction, which makes Nano perform at 300 TPS with no problems and 7,000 TPS have also been tested successfully. Very promising 3rd gen technology and strong focus on only being the fastest currency without trying to be everything.
  8. Decred: As mining operations have grown, Bitcoin’s decision-making process has become more centralized, with the largest mining companies holding large amounts of power over the Bitcoin improvement process. Decred focuses heavily on decentralization with their PoW Pos hybrid governance system to become what Bitcoin was set out to be. They will soon implement the Lightning Network to scale up. While there do not seem to be more differences to Bitcoin besides the novel hybrid consensus algorithm, which Ethereum, Aeternity and Bitcoin Atom are also implementing, the welcoming and positive Decred community and professoinal team add another level of potential to the coin.
  9. Bitcoin Atom: Atomic Swaps and hybrid consenus. This looks like the only Bitcoin clone that actually is looking to innovate next to Bitcoin Cash.
  10. Dogecoin: Litecoin fork, fantastic community, though lagging behind a bit in technology.
  11. Bitcoin Gold: A bit better security than bitcoin through ASIC resistant algorithm, but that's it. Not that interesting.
  12. Digibyte: Digibyte's PoS blockchain is spread over a 100,000+ servers, phones, computers, and nodes across the globe, aiming for the ultimate level of decentralization. DigiByte’s adoption over the past four years has been slow. The DigiByte website offers a lot of great marketing copy and buzzwords. However, there’s not much technical information about what they have planned for the future. You could say Digibyte is like Bitcoin, but with shorter blocktimes and a multi-algorithm. However, that's not really a difference big enough to truly set themselves apart from Bitcoin, since these technologies could be implemented by any blockchain without much difficulty. Their decentralization is probably their strongest asset, however, this also change quickly if the currency takes off and big miners decide to go into Digibyte.
  13. Bitcoin Diamond Asic resistant Bitcoin and Copycat

Market 2 - Platform

Most of the cryptos here have smart contracts and allow dapps (Decentralized apps) to be build on their platform and to use their token as an exchange of value between dapp services.
  1. Ethereum: 2nd generation blockchain that allows the use of smart contracts. Bad scalability currently, though this concern could be alleviated by the soon to be implemented Lightning Network aka the Raiden Network, Plasma and its Sharding concept.
  2. EOS: Promising technology that wants to be able do everything, from smart contracts like Ethereum, scalability similar to Nano with 1000 tx/second + near instant transactions and zero fees, to also wanting to be a platform for dapps. However, EOS doesn't have a product yet and everything is just promises still. There are lots of red flags, e.g. having dumped $500 million Ether over the last 2 months and possibly bought back EOS to increase the size of their ICO, which has been going on for over a year and has raised several billion dollars. All in all, their market cap is way too high for that and not even having a product. However, Mainnet release is in 1 month, which could change everything.
  3. Cardano: Similar to Ethereum/EOS, however, only promises made with no delivery yet, highly overrated right now. Interesting concept though. Market cap way too high for not even having a product. Somewhat promising technology.
  4. VeChain: Singapore-based project that’s building a business enterprise platform and inventory tracking system. Examples are verifying genuine luxury goods and food supply chains. Has one of the strongest communities in the crypto world. Most hyped token of all, with merit though.
  5. Neo: Neo is a platform, similar to Eth, but more extensive, allowing dapps and smart contracts, but with a different smart contract gas system, consensus mechanism (PoS vs. dBfT), governance model, fixed vs unfixed supply, expensive contracts vs nearly free contracts, different ideologies for real world adoption. There are currently only 9 nodes, each of which are being run by a company/entity hand selected by the NEO council (most of which are located in china) and are under contract. This means that although the locations of the nodes may differ, ultimately the neo council can bring them down due to their legal contracts. In fact this has been done in the past when the neo council was moving 50 million neo that had been locked up. Also dbft (or neo's implmentation of it) has failed underload causing network outages during major icos. The first step in decentralization is that the NEO Counsel will select trusted nodes (Universities, business partners, etc.) and slowly become less centralized that way. The final step in decentralization will be allowing NEO holders to vote for new nodes, similar to a DPoS system (ARK/EOS/LISK). NEO has a regulation/government friendly ideology. Finally they are trying to work undewith the Chinese government in regards to regulations. If for some reason they wanted it shut down, they could just shut it down.
  6. Stellar:PoS system, similar goals as Ripple, but more of a platform than only a currency. 80% of Stellar are owned by Stellar.org still, making the currency centralized.
  7. Ethereum classic: Original Ethereum that decided not to fork after a hack. The Ethereum that we know is its fork. Uninteresing, because it has a lot of less resources than Ethereum now and a lot less community support.
  8. Ziliqa: Zilliqa is building a new way of sharding. 2400 tpx already tested, 10,000 tps soon possible by being linearly scalable with the number of nodes. That means, the more nodes, the faster the network gets. They are looking at implementing privacy as well.
  9. QTUM: Enables Smart contracts on the Bitcoin blockchain. Useful.
  10. Icon: Korean ethereum. Decentralized application platform that's building communities in partnership with banks, insurance providers, hospitals, and universities. Focused on ID verification and payments.
  11. LISK: Lisk's difference to other BaaS is that side chains are independent to the main chain and have to have their own nodes. Similar to neo whole allows dapps to deploy their blockchain to. Like most cryptocurrencies, Lisk is currently somewhat centralized with a small group of members owning more than 50% of the delegated positions. Lisk plans to change the consensus algorithm for that reason in the near future.
  12. Rchain: Similar to Ethereum with smart contract, though much more scalable at an expected 40,000 TPS and possible 100,000 TPS. Not launched yet. No product launched yet, though promising technology. Not overvalued, probably at the right price right now.
  13. ARDR: Similar to Lisk. Ardor is a public blockchain platform that will allow people to utilize the blockchain technology of Nxt through the use of child chains. A child chain, which is a ‘light’ blockchain that can be customized to a certain extent, is designed to allow easy self-deploy for your own blockchain. Nxt claims that users will "not need to worry" about security, as that part is now handled by the main chain (Ardor). This is the chief innovation of Ardor. Ardor was evolved from NXT by the same company. NEM started as a NXT clone.
  14. Ontology: Similar to Neo. Interesting coin
  15. Bytom: Bytom is an interactive protocol of multiple byte assets. Heterogeneous byte-assets (indigenous digital currency, digital assets) that operate in different forms on the Bytom Blockchain and atomic assets (warrants, securities, dividends, bonds, intelligence information, forecasting information and other information that exist in the physical world) can be registered, exchanged, gambled and engaged in other more complicated and contract-based interoperations via Bytom.
  16. Nxt: Similar to Lisk
  17. Aeternity: We’ve seen recently, that it’s difficult to scale the execution of smart contracts on the blockchain. Crypto Kitties is a great example. Something as simple as creating and trading unique assets on Ethereum bogged the network down when transaction volume soared. Ethereum and Zilliqa address this problem with Sharding. Aeternity focuses on increasing the scalability of smart contracts and dapps by moving smart contracts off-chain. Instead of running on the blockchain, smart contracts on Aeternity run in private state channels between the parties involved in the contracts. State channels are lines of communication between parties in a smart contract. They don’t touch the blockchain unless they need to for adjudication or transfer of value. Because they’re off-chain, state channel contracts can operate much more efficiently. An important aspect of smart contract and dapp development is access to outside data sources. This could mean checking the weather in London, score of a football game, or price of gold. Oracles provide access to data hosted outside the blockchain. In many blockchain projects, oracles represent a security risk and potential point of failure, since they tend to be singular, centralized data streams. Aeternity proposes decentralizing oracles with their oracle machine. Doing so would make outside data immutable and unchangeable once it reaches Aeternity’s blockchain. Aeternity’s network runs on on a hybrid of proof of work and proof of stake. Founded by a long-time crypto-enthusiast and early colleague of Vitalik Buterin, Yanislav Malahov. Promising concept though not product yet
  18. Stratis: Different to LISK, Stratis will allow businesses and organizations to create their own blockchain according to their own needs, but secured on the parent Stratis chain. Stratis’s simple interface will allow organizations to quickly and easily deploy and/or test blockchain functionality of the Ethereum, BitShares, BitCoin, Lisk and Stratis environements.
  19. Status: Status provides access to all of Ethereum’s decentralized applications (dapps) through an app on your smartphone. It opens the door to mass adoption of Ethereum dapps by targeting the fastest growing computer segment in the world – smartphone users.
  20. Ark: Fork of Lisk that focuses on a smaller feature set. Ark wallets can only vote for one delegate at a time which forces delegates to compete against each other and makes cartel formations incredibly hard, if not impossible.
  21. Neblio: Similar to Neo, but at a 30x smaller market cap.
  22. NEM: Is similar to Neo. However, it has no marketing team, very high market cap for little clarilty what they do.
  23. Bancor: Bancor is a Decentralized Liquidity Network that allows you to hold any Ethereum token and convert it to any other token in the network, with no counter party, at an automatically calculated price, using a simple web wallet.
  24. Dragonchain: The Purpose of DragonChain is to help companies quickly and easily incorporate blockchain into their business applications. Many companies might be interested in making this transition because of the benefits associated with serving clients over a blockchain – increased efficiency and security for transactions, a reduction of costs from eliminating potential fraud and scams, etc.
  25. Skycoin: Transactions with zero fees that take apparently two seconds, unlimited transaction rate, no need for miners and block rewards, low power usage, all of the usual cryptocurrency technical vulnerabilities fixed, a consensus mechanism superior to anything that exists, resistant to all conceivable threats (government censorship, community infighting, cybenucleaconventional warfare, etc). Skycoin has their own consensus algorithm known as Obelisk written and published academically by an early developer of Ethereum. Obelisk is a non-energy intensive consensus algorithm based on a concept called ‘web of trust dynamics’ which is completely different to PoW, PoS, and their derivatives. Skywire, the flagship application of Skycoin, has the ambitious goal of decentralizing the internet at the hardware level and is about to begin the testnet in April. However, this is just one of the many facets of the Skycoin ecosystem. Skywire will not only provide decentralized bandwidth but also storage and computation, completing the holy trinity of commodities essential for the new internet. Skycion a smear campaign launched against it, though they seem legit and reliable. Thus, they are probably undervalued.

Market 3 - Ecosystem

The 3rd market with 11 coins is comprised of ecosystem coins, which aim to strengthen the ease of use within the crypto space through decentralized exchanges, open standards for apps and more
  1. Nebulas: Similar to how Google indexes webpages Nebulas will index blockchain projects, smart contracts & data using the Nebulas rank algorithm that sifts & sorts the data. Developers rewarded NAS to develop & deploy on NAS chain. Nebulas calls this developer incentive protocol – basically rewards are issued based on how often dapp/contract etc. is used, the more the better the rewards and Proof of devotion. Works like DPoS except the best, most economically incentivised developers (Bookkeeppers) get the forging spots. Ensuring brains stay with the project (Cross between PoI & PoS). 2,400 TPS+, DAG used to solve the inter-transaction dependencies in the PEE (Parallel Execution Environment) feature, first crypto Wallet that supports the Lightening Network.
  2. Waves: Decentralized exchange and crowdfunding platform. Let’s companies and projects to issue and manage their own digital coin tokens to raise money.
  3. Salt: Leveraging blockchain assets to secure cash loands. Plans to offer cash loans in traditional currencies, backed by your cryptocurrency assets. Allows lenders worldwide to skip credit checks for easier access to affordable loans.
  4. CHAINLINK: ChainLink is a decentralized oracle service, the first of its kind. Oracles are defined as an ‘agent’ that finds and verifies real-world occurrences and submits this information to a blockchain to be used in smart contracts.With ChainLink, smart contract users can use the network’s oracles to retrieve data from off-chain application program interfaces (APIs), data pools, and other resources and integrate them into the blockchain and smart contracts. Basically, ChainLink takes information that is external to blockchain applications and puts it on-chain. The difference to Aeternity is that Chainlink deploys the smart contracts on the Ethereum blockchain while Aeternity has its own chain.
  5. WTC: Combines blockchain with IoT to create a management system for supply chains Interesting
  6. Ethos unifyies all cryptos. Ethos is building a multi-cryptocurrency phone wallet. The team is also building an investment diversification tool and a social network
  7. Komodo: The Komodo blockchain platform uses Komodo’s open-source cryptocurrency for doing transparent, anonymous, private, and fungible transactions. They are then made ultra-secure using Bitcoin’s blockchain via a Delayed Proof of Work (dPoW) protocol and decentralized crowdfunding (ICO) platform to remove middlemen from project funding. Offers services for startups to create and manage their own Blockchains.
  8. Aion: Today, there are hundreds of blockchains. In the coming years, with widespread adoption by mainstream business and government, these will be thousands or millions. Blockchains don’t talk to each other at all right now, they are like the PCs of the 1980s. The Aion network is able to support custom blockchain architectures while still allowing for cross-chain interoperability by enabling users to exchange data between any Aion-compliant blockchains by making use of an interchain framework that allows for messages to be relayed between blockchains in a completely trust-free manner.
  9. Tenx: Raised 80 million, offers cryptocurrency-linked credit cards that let you spend virtual money in real life. Developing a series of payment platforms to make spending cryptocurrency easier.

Market 4 - Privacy

The 4th market are privacy coins. As you might know, Bitcoin is not anonymous. If the IRS or any other party asks an exchange who is the identity behind a specific Bitcoin address, they know who you are and can track back almost all of the Bitcoin transactions you have ever made and all your account balances. Privacy coins aim to prevent exactly that through address fungability, which changes addresses constantly, IP obfuscation and more. There are 2 types of privacy coins, one with completely privacy and one with optional privacy. Optional Privacy coins like Dash and Nav have the advantage of more user friendliness over completely privacy coins such as Monero and Enigma.
  1. Monero: Currently most popular privacy coin, though with a very high market cap. Since their privacy is all on chain, all prior transactions would be deanonymized if their protocol is ever cracked. This requires a quantum computing attack though. PIVX is better in that regard.
  2. Zcash: A decentralized and open-source cryptocurrency that hide the sender, recipient, and value of transactions. Offers users the option to make transactions public later for auditing. Decent privacy coin, though no default privacy
  3. Verge: Calls itself privacy coin without providing private transactions, multiple problems over the last weeks has a toxic community, and way too much hype for what they have.
  4. Bytecoin: First privacy-focused cryptocurrency with anonymous transactions. Bytecoin’s code was later adapted to create Monero, the more well-known anonymous cryptocurrency. Has several scam accusations, 80% pre-mine, bad devs, bad tech
  5. Bitcoin Private: A merge fork of Bitcoin and Zclassic with Zclassic being a fork of Zcash with the difference of a lack of a founders fee required to mine a valid block. This promotes a fair distribution, preventing centralized coin ownership and control. Bitcoin private offers the optional ability to keep the sender, receiver, and amount private in a given transaction. However, this is already offered by several good privacy coins (Monero, PIVX) and Bitcoin private doesn't offer much more beyond this.
  6. PIVX: As a fork of Dash, PIVX uses an advanced implementation of the Zerocoin protocol to provide it’s privacy. This is a form of zeroknowledge proofs, which allow users to spend ‘Zerocoins’ that have no link back to them. Unlike Zcash u have denominations in PIVX, so they can’t track users by their payment amount being equal to the amount of ‘minted’ coins, because everyone uses the same denominations. PIVX is also implementing Bulletproofs, just like Monero, and this will take care of arguably the biggest weakness of zeroknowledge protocols: the trusted setup.
  7. Zcoin: PoW cryptocurrency. Private financial transactions, enabled by the Zerocoin Protocol. Zcoin is the first full implementation of the Zerocoin Protocol, which allows users to have complete privacy via Zero-Knowledge cryptographic proofs.
  8. Enigma: Monero is to Bitcoin what enigma is to Ethereum. Enigma is for making the data used in smart contracts private. More of a platform for dapps than a currency like Monero. Very promising.
  9. Navcoin: Like bitcoin but with added privacy and pos and 1,170 tps, but only because of very short 30 second block times. Though, privacy is optional, but aims to be more user friendly than Monero. However, doesn't really decide if it wants to be a privacy coin or not. Same as Zcash.Strong technology, non-shady team.

Market 5 - Currency Exchange Tool

Due to the sheer number of different cryptocurrencies, exchanging one currency for the other it still cumbersome. Further, merchants don’t want to deal with overcluttered options of accepting cryptocurrencies. This is where exchange tool like Req come in, which allow easy and simple exchange of currencies.
  1. Cryptonex: Fiat and currency exchange between various blockchain services, similar to REQ.
  2. QASH: Qash is used to fuel its liquid platform which will be an exchange that will distribute their liquidity pool. Its product, the Worldbook is a multi-exchange order book that matches crypto to crypto, and crypto to fiat and the reverse across all currencies. E.g., someone is selling Bitcoin is USD on exchange1 not owned by Quoine and someone is buying Bitcoin in EURO on exchange 2 not owned by Quoine. They turned it on to test it a few months ago for an hour or so and their exchange was the top exchange in the world by 4x volume for the day because all Worldbook trades ran through it. Binance wants BNB to be used on their one exchange. Qash wants their QASH token embedded in all of their partners.
  3. Kyber: network Exchange between cryptocurrencies, similar to REQ. Features automatic coin conversions for payments. Also offers payment tools for developers and a cryptocurrency wallet.
  4. Achain: Building a boundless blockchain world like Req .
  5. Centrality: Centrality is a decentralized market place for dapps that are all connected together on a blockchain-powered system. Centrality aims to allow businesses to work together using blockchain technology. With Centrality, startups can collaborate through shared acquisition of customers, data, merchants, and content. That shared acquisition occurs across the Centrality blockchain, which hosts a number of decentralized apps called Scenes. Companies can use CENTRA tokens to purchase Scenes for their app, then leverage the power of the Centrality ecosystem to quickly scale. Some of Centrality's top dapps are, Skoot, a travel experience marketplace that consists of a virtual companion designed for free independent travelers and inbound visitors, Belong, a marketplace and an employee engagement platform that seems at helping business provide rewards for employees, Merge, a smart travel app that acts as a time management system, Ushare, a transports application that works across rental cars, public transport, taxi services, electric bikes and more. All of these dapps are able to communicate with each other and exchange data through Centrality.
  6. Bitshares: Exchange between cryptocurrencies. Noteworthy are the 1.5 second average block times and throughput potential of 100,000 transactions per second with currently 2,400 TPS having been proven. However, Bitshares had several Scam accusations in the past.
  7. Loopring: A protocol that will enable higher liquidity between exchanges and personal wallets by pooling all orders sent to its network and fill these orders through the order books of multiple exchanges. When using Loopring, traders never have to deposit funds into an exchange to begin trading. Even with decentralized exchanges like Ether Delta, IDex, or Bitshares, you’d have to deposit your funds onto the platform, usually via an Ethereum smart contract. But with Loopring, funds always remain in user wallets and are never locked by orders. This gives you complete autonomy over your funds while trading, allowing you to cancel, trim, or increase an order before it is executed.
  8. ZRX: Open standard for dapps. Open, permissionless protocol allowing for ERC20 tokens to be traded on the Ethereum blockchain. In 0x protocol, orders are transported off-chain, massively reducing gas costs and eliminating blockchain bloat. Relayers help broadcast orders and collect a fee each time they facilitate a trade. Anyone can build a relayer.

Market 6 - Gaming

With an industry size of $108B worldwide, Gaming is one of the largest markets in the world. For sure, cryptocurrencies will want to have a share of that pie.
  1. Storm: Mobile game currency on a platform with 9 million players.
  2. Fun: A platform for casino operators to host trustless, provably-fair gambling through the use of smart contracts, as well as creating their own implementation of state channels for scalability.
  3. Electroneum: Mobile game currency They have lots of technical problems, such as several 51% attacks
  4. Wax: Marketplace to trade in-game items

Market 7 - Misc

There are various markets being tapped right now. They are all summed up under misc.
  1. OMG: Omise is designed to enable financial services for people without bank accounts. It works worldwide and with both traditional money and cryptocurrencies.
  2. Power ledger: Australian blockchain-based cryptocurrency and energy trading platform that allows for decentralized selling and buying of renewable energy. Unique market and rather untapped market in the crypto space.
  3. Populous: Populous is a platform that connects business owners and invoice buyers without middlemen. Furthermore, it is a peer-to-peer (P2P) platform that uses blockchain to provide small and medium-sized enterprises (SMEs) a more efficient way to participate in invoice financing. Businesses can sell their outstanding invoices at a discount to quickly free up some cash. Invoice sellers get cash flow to fund their business and invoice buyers earn interest.
  4. Monacoin: The first Japanese cryptocurrency. Focused on micro-transactions and based on a popular internet meme of a type-written cat. This makes it similar to Dogecoin. Very niche, tiny market.
  5. Revain: Legitimizing reviews via the blockchain. Interesting concept, though market not as big.
  6. Augur: Platform to forecast and make wagers on the outcome of real-world events (AKA decentralized predictions). Uses predictions for a “wisdom of the crowd” search engine. Not launched yet.
  7. Substratum: Revolutionzing hosting industry via per request billing as a decentralized internet hosting system. Uses a global network of private computers to create the free and open internet of the future. Participants earn cryptocurrency. Interesting concept.
  8. Veritaseum: Is supposed to be a peer to peer gateway, though it looks like very much like a scam.
  9. TRON: Tronix is looking to capitalize on ownership of internet data to content creators. However, they plagiarized their white paper, which is a no go. They apologized, so it needs to be seen how they will conduct themselves in the future. Extremely high market cap for not having a product, nor proof of concept.
  10. Syscoin: A cryptocurrency with a decentralized marketplace that lets people buy and sell products directly without third parties. Trying to remove middlemen like eBay and Amazon.
  11. Hshare: Most likely scam because of no code changes, most likely pump and dump scheme, dead community.
  12. BAT: An Ethereum-based token that can be exchanged between content creators, users, and advertisers. Decentralized ad-network that pays based on engagement and attention.
  13. Dent: Decentralizeed exchange of mobile data, enabling mobile data to be marketed, purchased or distributed, so that users can quickly buy or sell data from any user to another one.
  14. Ncash: End to end encrypted Identification system for retailers to better serve their customers .
  15. Factom Secure record-keeping system that allows companies to store their data directly on the Blockchain. The goal is to make records more transparent and trustworthy .

Market 8 - Social network

Web 2.0 is still going strong and Web 3.0 is not going to ignore it. There are several gaming tokens already out there and a few with decent traction already, such as Steem, which is Reddit with voting through money is a very interesting one.
  1. Mithril: As users create content via social media, they will be rewarded for their contribution, the better the contribution, the more they will earn
  2. Steem: Like Reddit, but voting with money. Already launched product and Alexa rank 1,000 Thumbs up.
  3. Rdd: Reddcoin makes the process of sending and receiving money fun and rewarding for everyone. Reddcoin is dedicated to one thing – tipping on social networks as a way to bring cryptocurrency awareness and experience to the general public.
  4. Kin: Token for the platform Kik. Kik has a massive user base of 400 million people. Replacing paying with FIAT with paying with KIN might get this token to mass adoption very quickly.

Market 9 - Fee token

Popular exchanges realized that they can make a few billion dollars more by launching their own token. Owning these tokens gives you a reduction of trading fees. Very handy and BNB (Binance Coin) has been one of the most resilient tokens, which have withstood most market drops over the last weeks and was among the very few coins that could show growth.
  1. BNB: Fee token for Binance
  2. Gas: Not a Fee token for an exchange, but it is a dividend paid out on Neo and a currency that can be used to purchase services for dapps.
  3. Kucoin: Fee token for Kucoin

Market 10 - Decentralized Data Storage

Currently, data storage happens with large companies or data centers that are prone to failure or losing data. Decentralized data storage makes loss of data almost impossible by distributing your files to numerous clients that hold tiny pieces of your data. Remember Torrents? Torrents use a peer-to-peer network. It is similar to that. Many users maintain copies of the same file, when someone wants a copy of that file, they send a request to the peer-to-peer network., users who have the file, known as seeds, send fragments of the file to the requester. The requester receives many fragments from many different seeds, and the torrent software recompiles these fragments to form the original file.
  1. Gbyte: Byteball data is stored and ordered using directed acyclic graph (DAG) rather than blockchain. This allows all users to secure each other's data by referencing earlier data units created by other users, and also removes scalability limits common for blockchains, such as blocksize issue.
  2. Siacoin: Siacoin is decentralized storage platform. Distributes encrypted files to thousands of private users who get paid for renting out their disk space. Anybody with siacoins can rent storage from hosts on Sia. This is accomplish via "smart" storage contracts stored on the Sia blockchain. The smart contract provides a payment to the host only after the host has kept the file for a given amount of time. If the host loses the file, the host does not get paid.
  3. Maidsafecoin: MaidSafe stands for Massive Array of Internet Disks, Secure Access for Everyone.Instead of working with data centers and servers that are common today and are vulnerable to data theft and monitoring, You can think of SAFE as a crowd-sourced internet. It’s an autonomous network that automatically sets prices and distributes data and rents out hard drive disk space with a Blockchain-based storage solutions.When you upload a file to the network, such as a photo, it will be broken into pieces, hashed, and encrypted. Then, redundant copies of the data are created as well so that if someone storing your file turns off their computer, you will still have access to your data. And don’t worry, even with pieces of your data on other people’s computers, they won’t be able to read them. You can earn MadeSafeCoins by participating in storing data pieces from the network on your computer and thus earning a Proof of Resource.
  4. Storj: Storj aims to become a cloud storage platform that can’t be censored or monitored, or have downtime. Your files are encrypted, shredded into little pieces called 'shards', and stored in a decentralized network of computers around the globe. No one but you has a complete copy of your file, not even in an encrypted form.

Market 11 - Cloud computing

Obviously, renting computing power, one of the biggest emerging markets as of recent years, e.g. AWS and Digital Ocean, is also a service, which can be bought and managed via the blockchain.
  1. Golem: Allows easy use of Supercomputer in exchange for tokens. People worldwide can rent out their computers to the network and get paid for that service with Golem tokens.
  2. Elf: Allows easy use of Cloud computing in exchange for tokens.

Market 12 - Stablecoin

Last but not least, there are 2 stablecoins that have established themselves within the market. A stable coin is a coin that wants to be independent of the volatility of the crypto markets. This has worked out pretty well for Maker and DGD, accomplished through a carefully diversified currency fund and backing each token by 1g or real gold respectively. DO NOT CONFUSE DGD AND MAKER with their STABLE COINS DGX and DAI. DGD and MAKER are volatile, because they are the companies of DGX and DAI. DGX and DAI are the stable coins.
  1. DGD: Platform of the Stablecoin DGX. Every DGX coin is backed by 1g of gold and make use proof of asset consensus.
  2. Maker: Platform of the Stablecoin DAI that doesn't vary much in price through widespread and smart diversification of assets.
  3. USDT: is no cryptocurrency really, but a replacement for dollar for trading After months of asking for proof of dollar backing, still no response from Tether.
EDIT: Added a risk factor from 0 to 10. Significant scandals, mishaps, shady practices, questionable technology, increase the risk factor. Not having a product yet automatically means a risk factor of 6. Strong adoption and thus strong scrutiny or positive community lower the risk factor.
EDIT2: Added a subjective potential factor from 0 to 10, where its overall potential and a small or big market cap is factored in. Bitcoin with lots of potential only gets a 9, because of its massive market cap, because if Bitcoin goes 10x, smaller coins go 100x.
submitted by galan77 to ethtrader [link] [comments]

Function X: A Concept Paper introducing the f(x) ecosystem, a universal decentralized internet powered by blockchain technology and smart devices

Function X: A Concept Paper introducing the f(x) ecosystem, a universal decentralized internet powered by blockchain technology and smart devices

https://preview.redd.it/yylq6k0yqrv21.png?width=633&format=png&auto=webp&s=089ffe83e18baeceb87d465ca6fad184939490e4

Prologue

This is a Concept Paper written to introduce the Function X Ecosystem, which includes the XPhone. It also addresses the relationship between the XPOS and Function X.
Pundi X has always been a community-driven project. We have lived by the mission of making sure the community comes first and we are constantly learning from discussions and interactions on social media and in real-life meetings.
As with all discussions, there is always background noise but we have found gems in these community discussions. One such example is a question which we found constantly lingering at the back of our mind, “Has blockchain changed the world as the Internet did in the ’90s, and the automobile in the ‘20s?”. Many might argue that it has, given the rise of so many blockchain projects with vast potential in different dimensions (like ours, if we may add). But the question remains, “can blockchain ever become what the Internet, as we know it today, has to the world?”
Function X, a universal decentralized internet which is powered by blockchain technology and smart devices.
Over the past few months, in the process of implementing and deploying the XPOS solution, we believe we found the answer to the question. A nimble development team was set up to bring the answer to life. We discovered that it is indeed possible to bring blockchain to the world of telephony, data transmission, storage and other industries; a world far beyond financial transactions and transfers.
This is supported by end-user smart devices functioning as blockchain nodes. These devices include the XPOS and XPhone developed by Pundi X and will also include many other hardware devices manufactured by other original equipment manufacturers.
The vision we want to achieve for f(x) is to create a fully autonomous and decentralized network that does not rely on any individual, organization or structure.
Due to the nature of the many new concepts introduced within this Concept Paper, we have included a Q&A after each segment to facilitate your understanding. We will continuously update this paper to reflect the progress we’re making.

Function X: The Internet was just the beginning

The advent of the Internet has revolutionized the world. It created a communications layer so robust that it has resulted in TCP/IP becoming the network standard.
The Internet also created a wealth of information so disruptive that a company like Amazon threatened to wipe out all the traditional brick-and-mortar bookstores. These bookstores were forced to either adapt or perish. The same applies to the news publishing sector: the offerings of Google and Facebook have caused the near extinction of traditional newspapers.
The digitalization of the world with the Internet has enabled tech behemoths like Apple, Amazon, Google and Facebook to dominate and rule over traditional companies. The grip of these tech giants is so extensive that it makes you wonder if the choices you make are truly your own or influenced by the data they have on you as a user.
We see the blockchain revolution happening in three phases. The first was how Bitcoin showed the world what digital currency is. The second refers to how Ethereum has provided a platform to build decentralized assets easily. The clearest use case of that has come in the form of the thousands of altcoins seen today that we all are familiar with. The third phase is what many blockchain companies are trying to do now: 1) to bring the performance of blockchain to a whole new level (transaction speed, throughput, sharding, etc.) and 2) to change the course of traditional industries and platforms—including the Internet and user dynamics.
Public blockchains allow trustless transactions. If everything can be transacted on the blockchain in a decentralized manner, the information will flow more efficiently than traditional offerings, without the interception of intermediators. It will level the playing field and prevent data monopolization thus allowing small innovators to develop and flourish by leveraging the resources and data shared on the blockchain.

The Blockchain revolution will be the biggest digital revolution

In order to displace an incumbent technology with something new, we believe the change and improvement which the new technology has to bring will have to be at least a tenfold improvement on all aspects including speed, transparency, scalability and governance (consensus). We are excited to say that the time for this 10-times change is here. It’s time to take it up 10x with Function X.
Function X or f(x) is an ecosystem built entirely on and for the blockchain. Everything in f(x) (including the application source code, transmission protocol and hardware) is completely decentralized and secure. Every bit and byte in f(x) is part of the blockchain.
What we have developed is not just a public chain. It is a total decentralized solution. It consists of five core components: Function X Operating System (OS); Function X distributed ledger (Blockchain); Function X IPFS; FXTP Protocol and Function X Decentralized Docker. All five components serve a single purpose which is to decentralize all services, apps, websites, communications and, most importantly, data.
The purpose of Function X OS is to allow smart hardware and IoTs to harness the upside and potential utility of the decentralization approach. We have built an in-house solution for how mobile phones can leverage Function X OS in the form of the XPhone. Other companies can also employ the Function X OS and further customize it for their own smart devices. Every smart device in the Function X ecosystem can be a node and each will have its own address and private key, uniquely linked to their node names. The OS is based on the Android OS 9.0, therefore benefiting from backward compatibility with Android apps. The Function X OS supports Android apps and Google services (referred to as the traditional mode), as well as the newly developed decentralized services (referred to as the blockchain mode). Other XPhone features powered by the Function X OS will be elaborated on in the following sections.
Using the Function X Ecosystem (namely Function X FXTP), the transmission of data runs on a complex exchange of public and private key data and encryption but never through a centralized intermediary. Hence it guarantees communication without interception and gives users direct access to the data shared by others. Any information that is sent or transacted over the Function X Blockchain will also be recorded on the chain and fully protected by encryption so the ownesender has control over data sharing. And that is how a decentralized system for communications works.
For developers and users transitioning to the Function X platform, it will be a relatively seamless process. We have intentionally designed the process of creating and publishing new decentralized applications (DApps) on Function X to be easy, such that the knowledge and experience from developing and using Android will be transferable. With that in mind, a single line of code in most traditional apps can be modified, and developers can have their transmission protocol moved from the traditional HTTP mode (centralized) to a decentralized mode, thus making the transmission “ownerless” because data can transmit through the network of nodes without being blocked by third parties. How services can be ported easily or built from scratch as DApps will also be explained in the following sections, employing technologies in the Function X ecosystem (namely Function X IPFS, FXTP Protocol and Decentralized Docker).

f(x) Chain

f(x) chain is a set of consensus algorithms in the form of a distributed ledger, as part of the Function X ecosystem. The blockchain is the building block of our distributed ledger that stores and verifies transactions including financials, payments, communications (phone calls, file transfers, storage), services (DApps) and more.
Will Function X launch a mainnet?
Yes. The f(x) chain is a blockchain hence there will be a mainnet.
When will the testnet be launched?
Q2 2019 (projected).
When will the mainnet be launched?
Q3 2019 (projected).
How is the Function X blockchain designed?
The f(x) chain is designed based on the philosophy that any blockchain should be able to address real-life market demand of a constantly growing peer-to-peer network. It is a blockchain with high throughput achieved with a combination of decentralized hardware support (XPOS, XPhone, etc.) and open-source software toolkit enhancements.
What are the physical devices that will be connected to the Function X blockchain?
In due course, the XPOS OS will be replaced by the f(x) OS. On the other hand, the XPhone was designed with full f(x) OS integration in mind, from the ground up. After the f(x) OS onboarding, and with adequate stability testings and improvements, XPOS and XPhone will then be connected to the f(x) Chain.
What are the different elements of a block?
Anything that is transmittable over the distributed network can be stored in the block, including but not limited to phone call records, websites, data packets, source code, etc. It is worth noting that throughout these processes, all data is encrypted and only the owner of the private key has the right to decide how the data should be shared, stored, decrypted or even destroyed.
Which consensus mechanism is used?
Practical Byzantine Fault Tolerance (PBFT).
What are the other implementations of Practical Byzantine Fault Tolerance (PBFT)?
Flight systems that require very low latency. For example, SpaceX’s flight system, Dragon, uses PBFT design philosophy. [Appendix]
How do you create a much faster public chain?
We believe in achieving higher speed, thus hardware and software configurations matter. If your hardware is limited in numbers or processing power, this will limit the transaction speed which may pose security risks. The Ethereum network consists of about 25,000 nodes spread across the globe now, just two years after it was launched. Meanwhile, the Bitcoin network currently has around 7,000 nodes verifying the network. As for Pundi X, with the deployment plan (by us and our partners) for XPOS, XPhone and potentially other smart devices, we anticipate that we will be able to surpass the number of Bitcoin and Ethereum nodes within 1 to 2 years. There are also plans for a very competitive software implementation of our public blockchain, the details for which we will be sharing in the near future.

f(x) OS

The f(x) OS is an Android-modified operating system that is also blockchain-compatible. You can switch seamlessly between the blockchain and the traditional mode. In the blockchain mode, every bit and byte is fully decentralized including your calls, messages, browsers and apps. When in traditional mode, the f(x) OS supports all Android features.
Android is the most open and advanced operating system for smart hardware with over 2 billion monthly active users. Using Android also fits into our philosophy of being an OS/software designer and letting third-party hardware makers produce the hardware for the Function X Ecosystem.
What kind of open source will it be?
This has not been finalized, but the options we are currently considering are Apache or GNU GPLv3.
What kind of hardware will it work on?
The f(x) OS works on ARM architecture, hence it works on most smartphones, tablet computers, smart TVs, Android Auto and smartwatches in the market.
Will you build a new browser?
We are currently using a modified version of the Google Chrome browser. The browser supports both HTTP and FXTP, which means that apart from distributed FXTP contents, users can view traditional contents, such ashttps://www.google.com.
What is the Node Name System (NNS)?
A NNS is a distributed version of the traditional Domain Name System. A NNS allows every piece of Function X hardware, including the XPhone, to have a unique identity. This identity will be the unique identifier and can be called anything with digits and numbers, such as ‘JohnDoe2018’ or ‘AliceBob’. More on NNS in the following sections.
Will a third-party device running the f(x) OS be automatically connected to the f(x) blockchain?
Yes, third-party devices will be connected to the f(x) blockchain automatically.

f(x) FXTP

A transmission protocol defines the rules to allow information to be sent via a network. On the Internet, HTTP is a transmission protocol that governs how information such as website contents can be sent, received and displayed. FXTP is a transmission protocol for the decentralized network.
FXTP is different from HTTP because it is an end-to-end transmission whereby your data can be sent, received and displayed based on a consensus mechanism rather than a client-server based decision-making mechanism. In HTTP, the server (which is controlled by an entity) decides how and if the data is sent (or even monitored), whereas in FXTP, the data is sent out and propagates to the destination based on consensus.
HTTP functions as a request–response protocol in the client-server computing model. A web browser, for example, may be the client and an application running on a computer hosting a website may be the server. FXTP functions as a propagation protocol via a consensus model. A node that propagates the protocol and its packet content is both a “client” and a “server”, hence whether a packet reaches a destination is not determined by any intermediate party and this makes it more secure.

f(x) IPFS

IPFS is a protocol and network designed to store data in a distributed system. A person who wants to retrieve a file will call an identifier (hash) of the file, IPFS then combs through the other nodes and supplies the person with the file.
The file is stored on the IPFS network. If you run your own node, your file would be stored only on your node and available for the world to download. If someone else downloads it and seeds it, then the file will be stored on both your node the node of the individual who downloaded it (similar to BitTorrent).
IPFS is decentralized and more secure, which allows faster file and data transfer.

f(x) DDocker

Docker is computer program designed to make it easier to create, deploy, and run applications. Containers allow a developer to package up an application including libraries, and ship it all out as a package.
As the name suggests, Decentralized Docker is an open platform for developers to build, ship and run distributed applications. Developers will be able to store, deploy and run their codes remote in different locations and the codes are secure in a decentralized way.

XPhone

Beyond crypto: First true blockchain phone that is secured and decentralized to the core
XPhone is the world’s first blockchain phone which is designed with innovative features that are not found on other smartphones.
Powered by Function X, an ecosystem built entirely on and for the blockchain, XPhone runs on a new transmission protocol for the blockchain age. The innovation significantly expands the use of blockchain technology beyond financial transfers.
Unlike traditional phones which require a centralized service provider, XPhone runs independently without the need for that. Users can route phone calls and messages via blockchain nodes without the need for phone numbers.
Once the XPhone is registered on the network, for e.g., by a user named Pitt, if someone wants to access Pitt’s publicly shared data or content, that user can just enter FXTP://xxx.Pitt. This is similar to what we do for the traditional https:// protocol.
Whether Pitt is sharing photos, data, files or a website, they can be accessed through this path. And if Pitt’s friends would like to contact him, they can call, text or email his XPhone simply by entering “call.pitt”, “message.pitt”, or “mail.pitt”.
The transmission of data runs on a complex exchange of public and private key data with encryption. It can guarantee communication without interception and gives users direct access to the data shared by others. Any information that is sent or transacted over the Function X Blockchain will also be recorded on the chain.
Toggle between now and the future
Blockchain-based calling and messaging can be toggled on and off on the phone operating system which is built on Android 9.0. XPhone users can enjoy all the blockchain has to offer, as well as the traditional functionalities of an Android smartphone.
We’ll be sharing more about the availability of the XPhone and further applications of Function X in the near future.

DApps

DApps for mass adoption
So far the use of decentralized applications has been disappointing. But what if there was a straightforward way to bring popular, existing apps into a decentralized environment, without rebuilding everything? Until now, much of what we call peer-to-peer or ‘decentralized’ services continue to be built on centralized networks. We set out to change that with Function X; to disperse content now stored in the hands of the few, and to evolve services currently controlled by central parties.
Use Cases: Sharing economy
As seen from our ride-hailing DApp example that was demonstrated in New York back in November 2018, moving towards true decentralization empowers the providers of services and not the intermediaries. In the same way, the XPhone returns power to users over how their data is being shared and with whom. Function X will empower content creators to determine how their work is being displayed and used.
Use Cases: Free naming
One of the earliest alternative cryptocurrencies, Namecoin, wanted to use a blockchain to provide a name registration system, where users can register their names to create a unique identity. It is similar to the DNS system mapping to IP addresses. With the Node Name System (NNS) it is now possible to do this on the blockchain.
NNS is a distributed version of the traditional Domain Name System. A NNS allows every piece of Function X hardware, including the XPhone, to have a unique identifier that can be named anything with digits and numbers, such as ‘JohnDoe2018’ or ‘AliceBob’.
Use Cases: Mobile data currency
According to a study, mobile operator data revenues are estimated at over $600 billion USD by 2020, equivalent to $50 billion USD per month [appendix]. Assuming users are able to use services such as blockchain calls provided by XPhone (or other phones using Function X) the savings will be immense and the gain from profit can be passed on to providers such as DApp developers in Function X. In other words, instead of paying hefty bills to a mobile carrier for voice calls, users can pay less by making blockchain calls, and the fees paid are in f(x) coins. More importantly users will have complete privacy over their calls.
Use Cases: Decentralized file storage
Ethereum contracts claim to allow for the development of a decentralized file storage ecosystem, “where individual users can earn small quantities of money by renting out their own hard drives and unused space can be used to further drive down the costs of file storage.” However, they do not necessarily have the hardware to back this up. With the deployment of XPOS, smart hardware nodes and more, Function X is a natural fit for Decentralized File Storage. In fact, it is basically what f(x) IPFS is built for.
These are just four examples of the many use cases purported, and there can, will and should be more practical applications beyond these; we are right in the middle of uncharted territories.

Tokenomics

Decentralized and autonomous
The f(x) ecosystem is fully decentralized. It’s designed and built to run autonomously in perpetuity without the reliance or supervision of any individual or organization. To support this autonomous structure, f(x) Coin which is the underlying ‘currency’ within the f(x) ecosystem has to be decentralized in terms of its distribution, allocation, control, circulation and the way it’s being generated.
To get the structure of f(x) properly set up, the founding team will initially act as ‘initiators’ and ‘guardians’ of the ecosystem. The role of the team will be similar to being a gatekeeper to prevent any bad actors or stakeholders playing foul. At the same time, the team will facilitate good players to grow within the ecosystem. Once the f(x) ecosystem is up and running, the role of the founding team will be irrelevant and phased out. The long term intention of the team is to step away, allowing the ecosystem to run and flourish by itself.

Utility

In this section, we will explore the utility of the f(x) Coin. f(x) Coin is the native ‘currency’ of the Function X blockchain and ecosystem. All services rendered in the ecosystem will be processed, transacted with, or “fueled” by the f(x) Coin. Some of the proposed use cases include:
  • For service providers: Getting paid by developers, companies and consumers for providing storage nodes, DDocker and improvement of network connections. The role of service providers will be described in greater detail in the rest of the paper.
  • For consumers: Paying for service fees for the DApps, nodes, network resources, storage solutions and other services consumed within the f(x) ecosystem.
  • For developers: Paying for services and resources rendered in the ecosystem such as smart contract creation, file storage (paid to IPFS service provider), code hosting (paid to DDocker service provider), advertisements (paid to other developers) and design works. Developers can also get paid by enterprises or organizations that engaged in the developer’s services.
  • For enterprises or organizations: Paying for services provided by developers and advertisers. Services provided to consumers will be charged and denominated in f(x) Coin.
  • For phone and hardware manufacturers: Paying for further Function X OS customizations. It is worth noting that Pundi X Labs plan to only build a few thousand devices of the XPhone flagship handsets, and leave the subsequent market supply to be filled by third-party manufacturers using our operating system.
  • For financial institutions: receiving payments for financial services rendered in the ecosystem.
  • Applications requiring high throughput.
Hence f(x) Coin can be used as ‘currency’ for the below services,
  • In-app purchases
  • Blockchain calls
  • Smart contract creations
  • Transaction fees
  • Advertisements
  • Hosting fees
  • Borderless/cross-border transactions
We believe f(x) Coin utilization will be invariably higher than other coins in traditional chains due to the breadth of the f(x) ecosystem. This includes storage services and network resources on f(x) that will utilize the f(x) Coin as “fuel” for execution and validation of transactions.
Example 1: A developer creates a ride-hailing DApp called DUber.
DUber developer first uploads the image and data to IPFS (storage) and code to DDocker, respectively. The developer then pays for a decentralized code hosting service provided by the DDocker, and a decentralized file hosting service provided by the IPFS. Please note the storage hosting and code hosting services can be provided by a company, or by a savvy home user with smart nodes connected to the Function X ecosystem. Subsequently, a DUber user pays the developer.
Example 2: User Alice sends an imaginary token called ABCToken to Bob.
ABCToken is created using Function X smart contract. Smart nodes hosted at the home of Charlie help confirms the transaction, Charlie is paid by Alice (or both Alice and Bob).

The flow of f(x) Coin

Four main participants in f(x): Consumer (blue), Developer (blue), Infrastructure (blue), and Financial Service Provider (green)
Broadly speaking, there can be four main participants in the f(x) ecosystem, exhibited by the diagram above:
  • Consumer: Users enjoy the decentralized services available in the f(x) ecosystem
  • Infrastructure Service Provider: Providing infrastructures that make up the f(x) ecosystem such as those provided by mobile carriers, decentralized clouds services.
  • Developer: Building DApp on the f(x) network such as decentralized IT, hospitality and financial services apps.
  • Financial Service Provider: Providing liquidity for the f(x) Coin acting as an exchange.
The f(x) ecosystem’s value proposition:
  • Infrastructure service providers can offer similar services that they already are providing in other markets such as FXTP, DDocker and IPFS, to earn f(x) Coin.
  • Developers can modify their existing Android apps to be compatible with the f(x) OS environment effortlessly, and potentially earn f(x) Coin.
  • Developers, at the same time, also pay for the infrastructure services used for app creation.
  • Consumers immerse in the decentralized app environments and pay for services used in f(x) Coin.
  • Developer and infrastructure service providers can earn rewards in f(x) Coin by providing their services. They can also monetize it through a wide network of financial service providers to earn some profit, should they decide to do so.
Together, the four participants in this ecosystem will create a positive value flow. As the number of service providers grow, the quality of service will be enhanced, subsequently leading to more adoption. Similarly, more consumers means more value is added to the ecosystem by attracting more service providers,and creating f(x) Coin liquidity. Deep liquidity of f(x) Coin will attract more financial service providers to enhance the stability and quality of liquidity. This will attract more service providers to the ecosystem.
Figure: four main participants of the ecosystem The rationale behind f(x) Coin generation is the Proof of Service concept (PoS)
Service providers are crucial in the whole f(x) Ecosystem, the problem of motivation/facilitation has become our priority. We have to align our interests with theirs. Hence, we have set up a Tipping Jar (similar to mining) to motivate and facilitate the existing miners shift to the f(x) Ecosystem and become part of the infrastructure service provider or attract new players into our ecosystem. Income for service provider = Service fee (from payer) + Tipping (from f(x) network generation)
The idea is that the f(x) blockchain will generate a certain amount of f(x) Coin (diminishing annually) per second to different segments of service provider, such as in the 1st year, the f(x) blockchain will generate 3.5 f(x) Coin per second and it will be distributed among the infrastructure service provider through the Proof of Service concept. Every service provider such as infrastructure service providers, developers and financial service providers will receive a ‘certificate’ of Proof of Service in the blockchain after providing the service and redeeming the f(x) Coin.
Example: There are 3 IPFS providers in the market, and the total Tipping Jar for that specific period is 1 million f(x) Coin. Party A contributes 1 TB; Party B contributes 3 TB and Party C contributes 6 TB. So, Party A will earn 1/10 * 1 million = 100k f(x) Coin; Party B will earn 3/10 * 1 million = 300k f(x) Coin. Party C will earn 6/10 * 1 million = 600k f(x) Coin.
Note: The computation method of the distribution of the Tipping Jar might vary due to the differences in the nature of the service, period and party.
Figure: Circulation flow of f(x) Coin
The theory behind the computation.
Blockchain has integrated almost everything, such as storage, scripts, nodes and communication. This requires a large amount of bandwidth and computation resources which affects the transaction speed and concurrency metric.
In order to do achieve the goal of being scalable with high transaction speed, the f(x) blockchain has shifted out all the ‘bulky’ and ‘heavy duty’ functions onto other service providers, such as IPFS, FXTP, etc. We leave alone what blockchain technology does best: Calibration. Thus, the role of the Tipping Jar is to distribute the appropriate tokens to all participants.
Projected f(x) Coin distribution per second in the first year
According to Moore’s Law, the number of transistors in a densely integrated circuit doubles about every 18 -24 months. Thus, the performance of hardware doubles every 18-24 months. Taking into consideration Moore’s Law, Eric Schmidt said if you maintain the same hardware specs, the earnings will be cut in half after 18-24 months. Therefore, the normal Tipping Jar (reward) for an infrastructure service provider will decrease 50% every 18 months. In order to encourage infrastructure service providers to upgrade their hardware, we have set up another iteration and innovation contribution pool (which is worth of 50% of the normal Tipping Jar on the corresponding phase) to encourage the infrastructure service provider to embrace new technology.
According to the Andy-Bill’s law, “What Andy gives, Bill takes away”; software will always nibble away the extra performance of the hardware. The more performance a piece of hardware delivers, the more the software consumes. Thus, the developer will always follow the trend to maintain and provide high-quality service. The Tipping Jar will increase by 50% (based upon the previous quota) every 18 months.
Financial service providers will have to support the liquidation of the whole ecosystem along the journey, the Tipping Jar (FaaS) will increase by 50% by recognizing the contribution and encouraging innovation.
From the 13th year (9th phase), the Tipping Jar will reduce by 50% every 18 months. We are well aware that the “cliff drop” after the 12th year is significant. Hence, we have created a 3year (two-phase) diminishing transition period. The duration of each phase is 18 months. There are 10 phases in total which will last for a total of 15 years.
According to Gartner’s report, the blockchain industry is forecast to reach a market cap of
3.1 trillion USD in 2030. Hence, we believe a Tipping Jar of 15 years will allow the growth of Function X into the “mature life cycle” of the blockchain industry.

f(x) Coin / Token Allocation

Token allocation We believe great blockchain projects attempt to equitably balance the interests of different segments of the community. We hope to motivate and incentivize token holders by allocating a total of 65% of tokens from the Token Generation Event (TGE). Another 20% is allocated to the Ecosystem Genesis Fund for developer partnerships, exchanges and other such related purposes. The remaining 15% will go to engineering, product development and marketing. There will be no public or private sales for f(x) tokens.
NPXS / NPXSXEM is used to make crypto payments as easy as buying bottled water, while f(x) is used for the operation of a decentralized ecosystem and blockchain, consisting of DApps and other services. NPXS / NPXSXEM will continue to have the same functionality and purpose after the migration to the Function X blockchain in the future. Therefore, each token will be expected to assume different fundamental roles and grant different rights to the holders.
https://preview.redd.it/xohy6c6pprv21.png?width=509&format=png&auto=webp&s=a2c0bd0034805c5f055c3fea4bd3ba48eb59ff07
65% of allocation for NPXS / NPXSXEM holders is broken down into the following: 15% is used for staking (see below) 45% is used for conversion to f(x) tokens. (see below) 5% is used for extra bonus tasks over 12 months (allocation TBD).

https://preview.redd.it/6jmpfhmxprv21.png?width=481&format=png&auto=webp&s=c9eb2c124e0181c0851b7495028a317b5c9cd6b7
https://preview.redd.it/1pjcycv0qrv21.png?width=478&format=png&auto=webp&s=c529d5d99d760281efd0c3229edac494d5ed7750
Remarks All NPXS / NPXSXEM tokens that are converted will be removed from the total supply of NPXS / NPXSXEM; Pundi X will not convert company's NPXS for f(x) Tokens. This allocation is designed for NPXS/NPXSXEM long term holders. NPXS / NPXSXEM tokens that are converted will also be entitled to the 15% f(x) Token distribution right after the conversion.

Usage

Management of the Ecosystem Genesis Fund (EGF)
The purpose of setting up the Ecosystem Initialization Fund, is to motivate, encourage and facilitate service providers to join and root into the f(x) Ecosystem and, at the same time, to attract seed consumers to enrich and enlarge the f(x) Ecosystem. EIF comes from funds raised and will be used as a bootstrap mechanism to encourage adoption before the Tipping Jar incentives fully kicks in.
The EGF is divided into 5 parts:
  1. Consumer (10%): To attract consumers and enlarge the customer base;
  2. Developer (20%): To encourage developers to create DApps on the f(x) blockchain;
  3. Infrastructure Service Provider (20%): To set up or shift to the f(x) infrastructure;
  4. Financial Service Provider (20%): To create a trading platform for f(x) Coin and increase liquidity; and
  5. Emergency bridge reserve (30%): To facilitate or help the stakeholders in f(x) during extreme market condition
To implement the spirit of decentralization and fairness, the EGF will be managed by a consensus-based committee, called the f(x) Open Market Committee (FOMC).

Summary

Time moves fast in the technology world and even faster in the blockchain space. Pundi X’s journey started in October 2017, slightly over a year ago, and we have been operating at a lightning pace ever since, making progress that can only be measured in leaps and bounds. We started as a blockchain payment solution provider and have evolved into a blockchain service provider to make blockchain technology more accessible to the general public, thereby improving your everyday life.
The creation of Function X was driven by the need to create a better suited platform for our blockchain point-of sale network and through that process, the capabilities of Function X have allowed us to extend blockchain usage beyond finance applications like payment solutions and cryptocurrency.
The complete decentralized ecosystem of Function X will change and benefit organizations, developers, governments and most importantly, society as a whole.
The XPhone prototype which we have created is just the start to give everyone a taste of the power of Function X on how you can benefit from a truly decentralized environment. We envision a future where the XPOS, XPhone and other Function X-enabled devices work hand-in-hand to make the decentralized autonomous ecosystem a reality.
You may wonder how are we able to create such an extensive ecosystem within a short span of time? We are fortunate that in today’s open source and sharing economy, we are able to tap onto the already established protocols (such as Consensus algorithm, FXTP, etc), software (like Android, IPFS, PBFT, Dockers, etc.) and hardware (design knowledge from existing experts) which were developed by selfless generous creators. Function X puts together, aggregates and streamlines all the benefits and good of these different elements and make them work better and seamlessly on the blockchain. And we will pay it forward by making Function X as open and as decentralized as possible so that others may also use Function X to create bigger and better projects.
To bring Function X to full fruition, we will continue to operate in a transparent and collaborative way. Our community will continue to be a key pillar for us and be even more vital as we get Function X up and running. As a community member, you will have an early access to the Function X ecosystem through the f(x) token conversion.
We hope you continue to show your support as we are working hard to disrupt the space and re-engineer this decentralized world.

Reference

Practical Byzantine Fault Tolerance
http://pmg.csail.mit.edu/papers/osdi99.pdf
Byzantine General Problem technical paper
https://web.archive.org/web/20170205142845/http://lamport.azurewebsites.net/pubs/byz.pdf
Global mobile data revenues to reach $630 billion by 2020
https://www.parksassociates.com/blog/article/pr-07112016
NPXSXEM token supply
https://medium.com/pundix/a-closer-look-at-npxsxem-token-supply-843598d0e7b6
NPXS circulating token supply and strategic purchaser
https://medium.com/pundix/total-token-supply-and-strategic-investors-b41717021583
[total supply might differ from time to time due to token taken out of total supply aka “burn”]
ELC: SpaceX lessons learned (PBFT mentioned) https://lwn.net/Articles/540368/

Full: https://functionx.io/assets/file/Function_X_Concept_Paper_v2.0.pdf
submitted by crypt0hodl1 to PundiX [link] [comments]

Nonce – Definition, Meaning, Review, Description, Example, Proof-Of-Work Bitcoin Buying Bitcoin from a General Bytes Bitcoin ATM bits, nibble, byte & words - YouTube GENERAL BYTES - YouTube How to Calculate Bitcoin Transaction Size

According to the linked formula, the transaction size will be about 160+2*34+10 = 258 bytes. It does not depend on how many bitcoins you are sending. However, if the money you are sending came from many different sources, you will have many inputs and the transaction will be bigger. Again, this does not depend on the amount of money, but on the ... How many Bits in a Byte. There are 8 bits in a byte. 1 byte = 8 bits. Bytes. Byte is the basic unit of digital information transmission and storage, used extensively in information technology, digital technology, and other related fields. It is one of the smallest units of memory in computer technology, as well as one of the most basic data measurement units in programming. The earliest ... A byte consists of eight bits, and a bit is simply a one or a zero. We use the metric system to understand prefixes like kilo, mega, and giga. Kilo refers to a thousand, mega to a million, and giga to a billion. So, when I say that the complete blockchain of every transaction ever made with bitcoin is tens of gigabytes of data, I mean that it is tens of billions of characters of information. Bits. Bit (b) is a measurement unit used in binary system to store or transmit data, like internet connection speed or the quality scale of an audio or a video recording. A bit is usually represented with a 0 or a 1. 8 bits make 1 byte. A bit can also be represented by other values like yes/no, true/false, plus/minus, and so on. bit (binary digit): A bit (short for binary digit ) is the smallest unit of data in a computer. A bit has a single binary value, either 0 or 1. Although computers usually provide instruction s that can test and manipulate bits, they generally are designed to store data and execute instructions in bit multiples called byte s. In most computer ...

[index] [40099] [22433] [36103] [38498] [3445] [41872] [16889] [186] [34513] [49267]

Nonce – Definition, Meaning, Review, Description, Example, Proof-Of-Work Bitcoin

This video shows how to buy Bitcoin from a General Bytes Bitcoin ATM Machine. In this video you can learn about bits, bytes , KB, MB, GB, TB and what is primary and secondary storage. How to check computer configuration information like Hard disk, Ram , Processor etc. Buying Bitcoin from a General Bytes Bitcoin ATM - Duration: 2:43. Chris Bitcoiniac 7,102 views. 2:43. Bitcoin Basics: How to Buy and Store Bitcoin - Duration: 9:26. ... Bitcoin nonce example: The "nonce" in a bitcoin block is a 32-bit (4-byte) field whose value is set so that the hash of the block will contain a run of leading zeros. The rest of the fields may ... How to buy bitcoin, like a boss, on a GENERAL BYTES #cryptocurrency ATM in 20 seconds! Show less Read more Created playlists. 4 videos Play all BATMThree Bitcoin ATM Series - Playlist. 12 videos ...

#