https://preview.redd.it/al1gy9t9v9q51.png?width=424&format=png&auto=webp&s=b29a60402d30576a4fd95f592b392fae202026ca Hopefully any questions you have will be answered by the resources below, but if you have additional questions feel free to ask them in the comments. If you're quite technically-minded, the Zano whitepaper gives a thorough overview of Zano's design and its main features. So, what is Zano? In brief, Zano is a project started by the original developers of CryptoNote. Coins with market caps totalling well over a billion dollars (Monero, Haven, Loki and countless others) run upon the codebase they created. Zano is a continuation of their efforts to create the "perfect money", and brings a wealth of enhancements to their original CryptoNote code. Development happens at a lightning pace, as the Github activity shows, but Zano is still very much a work-in-progress. Let's cut right to it: Here's why you should pay attention to Zano over the next 12-18 months. Quoting from a recent update:
Anton Sokolov has recently joined the Zano team. ... For the last months Anton has been working on theoretical work dedicated to log-size ring signatures. These signatures theoretically allows for a logarithmic relationship between the number of decoys and the size/performance of transactions. This means that we can set mixins at a level from up to 1000, keeping the reasonable size and processing speed of transactions. This will take Zano’s privacy to a whole new level, and we believe this technology will turn out to be groundbreaking!
If successful, this scheme will make Zano the most private, powerful and performant CryptoNote implementation on the planet. Bar none. A quantum leap in privacy with a minimal increase in resource usage. And if there's one team capable of pulling it off, it's this one.
What else makes Zano special?
You mean aside from having "the Godfather of CryptoNote" as the project lead? ;) Actually, the calibre of the developers/researchers at Zano probably is the project's single greatest strength. Drawing on years of experience, they've made careful design choices, optimizing performance with an asynchronous core architecture, and flexibility and extensibility with a modular code structure. This means that the developers are able to build and iterate fast, refining features and adding new ones at a rate that makes bigger and better-funded teams look sluggish at best. Zano also has some unique features that set it apart from similar projects: Privacy Firstly, if you're familiar with CryptoNote you won't be surprised that Zano transactions are private. The perfect money is fungible, and therefore must be untraceable. Bitcoin, for the most part, does little to hide your transaction data from unscrupulous observers. With Zano, privacy is the default. The untraceability and unlinkability of Zano transactions come from its use of ring signatures and stealth addresses. What this means is that no outside observer is able to tell if two transactions were sent to the same address, and for each transaction there is a set of possible senders that make it impossible to determine who the real sender is. Hybrid PoW-PoS consensus mechanism Zano achieves an optimal level of security by utilizing both Proof of Work and Proof of Stake for consensus. By combining the two systems, it mitigates their individual vulnerabilities (see 51% attack and "nothing at stake" problem). For an attack on Zano to have even a remote chance of success the attacker would have to obtain not only a majority of hashing power, but also a majority of the coins involved in staking. The system and its design considerations are discussed at length in the whitepaper. Aliases Here's a stealth address: ZxDdULdxC7NRFYhCGdxkcTZoEGQoqvbZqcDHj5a7Gad8Y8wZKAGZZmVCUf9AvSPNMK68L8r8JfAfxP4z1GcFQVCS2Jb9wVzoe. I have a hard enough time remembering my phone number. Fortunately, Zano has an alias system that lets you register an address to a human-readable name. (@orsonj if you want to anonymously buy me a coffee) Multisig Multisignature (multisig) refers to requiring multiple keys to authorize a Zano transaction. It has a number of applications, such as dividing up responsibility for a single Zano wallet among multiple parties, or creating backups where loss of a single seed doesn't lead to loss of the wallet. Multisig and escrow are key components of the planned Decentralized Marketplace (see below), so consideration was given to each of them from the design stages. Thus Zano's multisig, rather than being tagged on at the wallet-level as an afterthought, is part of its its core architecture being incorporated at the protocol level. This base-layer integration means months won't be spent in the future on complicated refactoring efforts in order to integrate multisig into a codebase that wasn't designed for it. Plus, it makes it far easier for third-party developers to include multisig (implemented correctly) in any Zano wallets and applications they create in the future. (Double Deposit MAD) Escrow With Zano's escrow service you can create fully customizable p2p contracts that are designed to, once signed by participants, enforce adherence to their conditions in such a way that no trusted third-party escrow agent is required. https://preview.redd.it/jp4oghyhv9q51.png?width=1762&format=png&auto=webp&s=12a1e76f76f902ed328886283050e416db3838a5 The Particl project, aside from a couple of minor differences, uses an escrow scheme that works the same way, so I've borrowed the term they coined ("Double Deposit MAD Escrow") as I think it describes the scheme perfectly. The system requires participants to make additional deposits, which they will forfeit if there is any attempt to act in a way that breaches the terms of the contract. Full details can be found in the Escrow section of the whitepaper. The usefulness of multisig and the escrow system may not seem obvious at first, but as mentioned before they'll form the backbone of Zano's Decentralized Marketplace service (described in the next section).
What does the future hold for Zano?
The planned upgrade to Zano's privacy, mentioned at the start, is obviously one of the most exciting things the team is working on, but it's not the only thing. Zano Roadmap Decentralized Marketplace From the beginning, the Zano team's goal has been to create the perfect money. And money can't just be some vehicle for speculative investment, money must be used. To that end, the team have created a set of tools to make it as simple as possible for Zano to be integrated into eCommerce platforms. Zano's API’s and plugins are easy to use, allowing even those with very little coding experience to use them in their E-commerce-related ventures. The culmination of this effort will be a full Decentralized Anonymous Marketplace built on top of the Zano blockchain. Rather than being accessed via the wallet, it will act more as a service - Marketplace as a Service (MAAS) - for anyone who wishes to use it. The inclusion of a simple "snippet" of code into a website is all that's needed to become part a global decentralized, trustless and private E-commerce network. Atomic Swaps Just as Zano's marketplace will allow you to transact without needing to trust your counterparty, atomic swaps will let you to easily convert between Zano and other cyryptocurrencies without having to trust a third-party service such as a centralized exchange. On top of that, it will also lead to the way to Zano's inclusion in the many decentralized exchange (DEX) services that have emerged in recent years.
Where can I buy Zano?
Zano's currently listed on the following exchanges: https://coinmarketcap.com/currencies/zano/markets/ It goes without saying, neither I nor the Zano team work for any of the exchanges or can vouch for their reliability. Use at your own risk and never leave coins on a centralized exchange for longer than necessary. Your keys, your coins! If you have any old graphics cards lying around(both AMD & NVIDIA), then Zano is also mineable through its unique ProgPowZ algorithm. Here's a guide on how to get started. Once you have some Zano, you can safely store it in one of the desktop or mobile wallets (available for all major platforms).
How can I support Zano?
Zano has no marketing department, which is why this post has been written by some guy and not the "Chief Growth Engineer @ Zano Enterprises". The hard part is already done: there's a team of world class developers and researchers gathered here. But, at least at the current prices, the team's funds are enough to cover the cost of development and little more. So the job of publicizing the project falls to the community. If you have any experience in community building/growth hacking at another cryptocurrency or open source project, or if you're a Zano holder who would like to ensure the project's long-term success by helping to spread the word, then send me a pm. We need to get organized. Researchers and developers are also very welcome. Working at the cutting edge of mathematics and cryptography means Zano provides challenging and rewarding work for anyone in those fields. Please contact the project's Community Manager u/Jed_T if you're interested in joining the team. Social Links: Twitter Discord Server Telegram Group Medium blog I'll do my best to keep this post accurate and up to date. Message me please with any suggested improvements and leave any questions you have below. Welcome to the Zano community and the new decentralizedprivateeconomy!
Syscoin Platform’s Great Reddit Scaling Bake-off Proposal
https://preview.redd.it/rqt2dldyg8e51.jpg?width=1044&format=pjpg&auto=webp&s=777ae9d4fbbb54c3540682b72700fc4ba3de0a44 We are excited to participate and present Syscoin Platform's ideal characteristics and capabilities towards a well-rounded Reddit Community Points solution! Our scaling solution for Reddit Community Points involves 2-way peg interoperability with Ethereum. This will provide a scalable token layer built specifically for speed and high volumes of simple value transfers at a very low cost, while providing sovereign ownership and onchain finality. Token transfers scale by taking advantage of a globally sorting mempool that provides for probabilistically secure assumptions of “as good as settled”. The opportunity here for token receivers is to have an app-layer interactivity on the speed/security tradeoff (99.9999% assurance within 10 seconds). We call this Z-DAG, and it achieves high-throughput across a mesh network topology presently composed of about 2,000 geographically dispersed full-nodes. Similar to Bitcoin, however, these nodes are incentivized to run full-nodes for the benefit of network security, through a bonded validator scheme. These nodes do not participate in the consensus of transactions or block validation any differently than other nodes and therefore do not degrade the security model of Bitcoin’s validate first then trust, across every node. Each token transfer settles on-chain. The protocol follows Bitcoin core policies so it has adequate code coverage and protocol hardening to be qualified as production quality software. It shares a significant portion of Bitcoin’s own hashpower through merged-mining. This platform as a whole can serve token microtransactions, larger settlements, and store-of-value in an ideal fashion, providing probabilistic scalability whilst remaining decentralized according to Bitcoin design. It is accessible to ERC-20 via a permissionless and trust-minimized bridge that works in both directions. The bridge and token platform are currently available on the Syscoin mainnet. This has been gaining recent attention for use by loyalty point programs and stablecoins such as Binance USD.
Syscoin Foundation identified a few paths for Reddit to leverage this infrastructure, each with trade-offs. The first provides the most cost-savings and scaling benefits at some sacrifice of token autonomy. The second offers more preservation of autonomy with a more narrow scope of cost savings than the first option, but savings even so. The third introduces more complexity than the previous two yet provides the most overall benefits. We consider the third as most viable as it enables Reddit to benefit even while retaining existing smart contract functionality. We will focus on the third option, and include the first two for good measure.
Distribution, burns and user-to-user transfers of Reddit Points are entirely carried out on the Syscoin network. This full-on approach to utilizing the Syscoin network provides the most scalability and transaction cost benefits of these scenarios. The tradeoff here is distribution and subscription handling likely migrating away from smart contracts into the application layer.
The Reddit Community Points ecosystem can continue to use existing smart contracts as they are used today on the Ethereum mainchain. Users migrate a portion of their tokens to Syscoin, the scaling network, to gain much lower fees, scalability, and a proven base layer, without sacrificing sovereign ownership. They would use Syscoin for user-to-user transfers. Tips redeemable in ten seconds or less, a high-throughput relay network, and onchain settlement at a block target of 60 seconds.
Integration between Matic Network and Syscoin Platform - similar to Syscoin’s current integration with Ethereum - will provide Reddit Community Points with EVM scalability (including the Memberships ERC777 operator) on the Matic side, and performant simple value transfers, robust decentralized security, and sovereign store-of-value on the Syscoin side. It’s “the best of both worlds”. The trade-off is more complex interoperability.
Syscoin + Matic Integration
Matic and Blockchain Foundry Inc, the public company formed by the founders of Syscoin, recently entered a partnership for joint research and business development initiatives. This is ideal for all parties as Matic Network and Syscoin Platform provide complementary utility. Syscoin offers characteristics for sovereign ownership and security based on Bitcoin’s time-tested model, and shares a significant portion of Bitcoin’s own hashpower. Syscoin’s focus is on secure and scalable simple value transfers, trust-minimized interoperability, and opt-in regulatory compliance for tokenized assets rather than scalability for smart contract execution. On the other hand, Matic Network can provide scalable EVM for smart contract execution. Reddit Community Points can benefit from both. Syscoin + Matic integration is actively being explored by both teams, as it is helpful to Reddit, Ethereum, and the industry as a whole.
Total cost for these 100k transactions: $0.63 USD See the live fee comparison for savings estimation between transactions on Ethereum and Syscoin. Below is a snapshot at time of writing: ETH price: $318.55 ETH gas price: 55.00 Gwei ($0.37) Syscoin price: $0.11 Snapshot of live fee comparison chart Z-DAG provides a more efficient fee-market. A typical Z-DAG transaction costs 0.0000582 SYS. Tokens can be safely redeemed/re-spent within seconds or allowed to settle on-chain beforehand. The costs should remain about this low for microtransactions. Syscoin will achieve further reduction of fees and even greater scalability with offchain payment channels for assets, with Z-DAG as a resilience fallback. New payment channel technology is one of the topics under research by the Syscoin development team with our academic partners at TU Delft. In line with the calculation in the Lightning Networks white paper, payment channels using assets with Syscoin Core will bring theoretical capacity for each person on Earth (7.8 billion) to have five on-chain transactions per year, per person, without requiring anyone to enter a fee market (aka “wait for a block”). This exceeds the minimum LN expectation of two transactions per person, per year; one to exist on-chain and one to settle aggregated value.
Tools to simplify using Syscoin Bridge as a service with dapps and wallets will be released some time after implementation of Syscoin Core 4.2. These will be based upon the same processes which are automated in the current live Sysethereum Dapp that is functioning with the Syscoin mainnet.
The Syscoin Ethereum Bridge is secured by Agent nodes participating in a decentralized and incentivized model that involves roles of Superblock challengers and submitters. This model is open to participation. The benefits here are trust-minimization, permissionless-ness, and potentially less legal/regulatory red-tape than interop mechanisms that involve liquidity providers and/or trading mechanisms. The trade-off is that due to the decentralized nature there are cross-chain settlement times of one hour to cross from Ethereum to Syscoin, and three hours to cross from Syscoin to Ethereum. We are exploring ways to reduce this time while maintaining decentralization via zkp. Even so, an “instant bridge” experience could be provided by means of a third-party liquidity mechanism. That option exists but is not required for bridge functionality today. Typically bridges are used with batch value, not with high frequencies of smaller values, and generally it is advantageous to keep some value on both chains for maximum availability of utility. Even so, the cross-chain settlement time is good to mention here.
Ethereum -> Syscoin: Matic or Ethereum transaction fee for bridge contract interaction, negligible Syscoin transaction fee for minting tokens Syscoin -> Ethereum: Negligible Syscoin transaction fee for burning tokens, 0.01% transaction fee paid to Bridge Agent in the form of the ERC-20, Matic or Ethereum transaction fee for contract interaction.
Zero-Confirmation Directed Acyclic Graph is an instant settlement protocol that is used as a complementary system to proof-of-work (PoW) in the confirmation of Syscoin service transactions. In essence, a Z-DAG is simply a directed acyclic graph (DAG) where validating nodes verify the sequential ordering of transactions that are received in their memory pools. Z-DAG is used by the validating nodes across the network to ensure that there is absolute consensus on the ordering of transactions and no balances are overflowed (no double-spends).
Unique fee-market that is more efficient for microtransaction redemption and settlement
Uses decentralized means to enable tokens with value transfer scalability that is comparable or exceeds that of credit card networks
Provides high throughput and secure fulfillment even if blocks are full
Probabilistic and interactive
99.9999% security assurance within 10 seconds
Can serve payment channels as a resilience fallback that is faster and lower-cost than falling-back directly to a blockchain
Each Z-DAG transaction also settles onchain through Syscoin Core at 60-second block target using SHA-256 Proof of Work consensus
Z-DAG enables the ideal speed/security tradeoff to be determined per use-case in the application layer. It minimizes the sacrifice required to accept and redeem fast transfers/payments while providing more-than-ample security for microtransactions. This is supported on the premise that a Reddit user receiving points does need security yet generally doesn’t want nor need to wait for the same level of security as a nation-state settling an international trade debt. In any case, each Z-DAG transaction settles onchain at a block target of 60 seconds.
Syscoin 3.0 White Paper (4.0 white paper is pending. For improved scalability and less blockchain bloat, some features of v3 no longer exist in current v4: Specifically Marketplace Offers, Aliases, Escrow, Certificates, Pruning, Encrypted Messaging)
16MB block bandwidth per minute assuming segwit witness carrying transactions, and transactions ~200 bytes on average
SHA256 merge mined with Bitcoin
UTXO asset layer, with base Syscoin layer sharing identical security policies as Bitcoin Core
Z-DAG on asset layer, bridge to Ethereum on asset layer
On-chain scaling with prospect of enabling enterprise grade reliable trustless payment processing with on/offchain hybrid solution
Focus only on Simple Value Transfers. MVP of blockchain consensus footprint is balances and ownership of them. Everything else can reduce data availability in exchange for scale (Ethereum 2.0 model). We leave that to other designs, we focus on transfers.
Future integrations of MAST/Taproot to get more complex value transfers without trading off trustlessness or decentralization.
Zero-knowledge Proofs are a cryptographic new frontier. We are dabbling here to generalize the concept of bridging and also verify the state of a chain efficiently. We also apply it in our Digital Identity projects at Blockchain Foundry (a publicly traded company which develops Syscoin softwares for clients). We are also looking to integrate privacy preserving payment channels for off-chain payments through zkSNARK hub & spoke design which does not suffer from the HTLC attack vectors evident on LN. Much of the issues plaguing Lightning Network can be resolved using a zkSNARK design whilst also providing the ability to do a multi-asset payment channel system. Currently we found a showstopper attack (American Call Option) on LN if we were to use multiple-assets. This would not exist in a system such as this.
Web3 and mobile wallets are under active development by Blockchain Foundry Inc as WebAssembly applications and expected for release not long after mainnet deployment of Syscoin Core 4.2. Both of these will be multi-coin wallets that support Syscoin, SPTs, Ethereum, and ERC-20 tokens. The Web3 wallet will provide functionality similar to Metamask. Syscoin Platform and tokens are already integrated with Blockbook. Custom hardware wallet support currently exists via ElectrumSys. First-class HW wallet integration through apps such as Ledger Live will exist after 4.2. Current supported wallets Syscoin Spark Desktop Syscoin-Qt
[ Bitcoin ] Selling My Bitcoin Escrow Service (clearnet)
[ 🔴 DELETED 🔴 ] Topic originally posted in Bitcoin by anonescrow [link]
Sorry if this post doesn't belong here but it is bitcoin related: I built a website: https://www.anonymousescrow.com It's based on this code I found on Github: https://github.com/vlad-pro/WebBitcoinEscrow Language: HTML and Go The VPS Server and Domain were both purchased anonymously with bitcoin. Programming Knowledge Required: Knowing HTML and Go but also it requires a bit of programming knowledge to utilize the blockchain wallet api. You should also be familiar with Linux servers and how to secure them. 100% SAFE: The website is anonymous because the admin can't see what is being bought and sold, only the amount of the escrow. The only way to view the terms of the escrow is if the buyer or seller chose to escalate, and even then, hopefully they were smart enough not to include any incriminating info. There is no login required and all secret links are generated anonymously by the users and can't be accessed by anyone whom they don't share it with. I had to work out a lot of bugs in the blockchain api but I've done several security scans and the site is safe. I also have cloudflare configured for DDOS attacks. Possible Upgrades: - I upgraded the admin panel so that a refund can be issued to both the buyer and the seller, originally it was only the seller. -You could offer an Onion address by simply installing EOTK: https://github.com/alecmuffett/eotk and then configuring NGINX to serve both the clearnet and onion address. I'm selling it because it was a bit of a passion project for me, I came across the code and found it interesting, but at the moment (like with most escrow services) I would have to manually resolve escalation disputes and I don't have the time to dedicate 10 hours a day staring at my computer screen, and I don't have the time to dedicate to finding a simpler way of doing it. For more info or if you're interested in purchasing contact me: Wickr: anonescrow Email: [email protected]
anonescrow your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
I built a website: https://www.anonymousescrow.com It's based on this code I found on Github: https://github.com/vlad-pro/WebBitcoinEscrow Language: HTML and Go The VPS Server and Domain were both purchased anonymously with bitcoin. Programming Knowledge Required: Knowing HTML and Go but also it requires a bit of programming knowledge to utilize the blockchain wallet api. You should also be familiar with Linux servers and how to secure them. 100% SAFE: The website is anonymous because the admin can't see what is being bought and sold, only the amount of the escrow. The only way to view the terms of the escrow is if the buyer or seller chose to escalate, and even then, hopefully they were smart enough not to include any incriminating info. There is no login required and all secret links are generated anonymously by the users and can't be accessed by anyone whom they don't share it with. I had to work out a lot of bugs in the blockchain api but I've done several security scans and the site is safe. I also have cloudflare configured for DDOS attacks. Possible Upgrades: - I upgraded the admin panel so that a refund can be issued to both the buyer and the seller, originally it was only the seller. -You could offer an Onion address by simply installing EOTK: https://github.com/alecmuffett/eotk and then configuring NGINX to serve both the clearnet and onion address. I'm selling it because it was a bit of a passion project for me, I came across the code and found it interesting, but at the moment (like with most escrow services) I would have to manually resolve escalation disputes and I don't have the time to dedicate 10 hours a day staring at my computer screen, and I don't have the time to dedicate to finding a simpler way of doing it. For more info or if you're interested in purchasing contact me: Wickr: anonescrow Email: [email protected]
XRP Isn’t A Security, Declares Former CFTC Chairman
https://preview.redd.it/8yehv8lzsce51.jpg?width=960&format=pjpg&auto=webp&s=69f0a6eb4973a5a9974e42d15709434719a26a81 When Chris Giancarlo was the chairman of the Commodity Futures Trading Commission he became a rock-star of sorts in certain corners of the cryptocurrency community, helping establish criteria that eventually led to bitcoin and ethereum being declared commodities, more like coffee or sugar than stock in a company. The U.S. Securities and Exchange Commission largely followed suit, eventually also declaring that bitcoin and ether, the cryptocurrency powering the ethereum blockchain weren’t securities. Now chairman emeritus Giancarlo, who was deemed “Crypto Dad” following an impassioned speech he gave to Congress where he credited bitcoin for finally getting his kids interested in finance, is at it again, having co-written a detailed argument published this morning in the International Financial Law Review for why XRP, the cryptocurrency formally known as “ripples,” was also not a security. The only problem is he’s no longer a regulator. In fact, his employer is on the payroll of Ripple, the largest single owner of XRP, whose co-founders actually created the cryptocurrency. The bombshell paper, titled, “Cryptocurrencies and U.S. Securities Laws: Beyond Bitcoin and Ether,” co-authored by commodities lawyer Conrad Bahlke of New York law firm Willkie Farr & Gallagher LLP, methodically reviews the criteria of the Howey Test, established by the SEC in 1946 to determine whether something is a security, and point-by-point argues that XRP does not qualify. Rather, the paper argues, like its name would indicate, cryptocurrency is a currency of perhaps more interest to the Federal Reserve and central banks than securities regulators. What’s at stake here to the cryptocurrency world cannot be overestimated. XRP is now the fourth largest cryptocurrency by market cap, with $5.9 billion worth of the asset in circulation according to cryptocurrency data site Messari. While Ripple was valued at $10 billion according to its most recent round of funding, the company continues to fund itself in part by selling its deep war chest of 55.6 billion XRP, coincidentally valued at the same amount as the company itself. Not only could an eventual decision by the SEC to classify—or not classify—XRP as a security impact the untold individual owners of the cryptocurrency, but other clients using Ripple services that don’t rely on the cryptocurrency, including American Express, Santander, and SBI Holdings could stand to be impacted positively or negatively depending on the decision. After all if XRP were to be rescinded it would be a huge cost to their software provider. If Giancarlo is right though, Ripple could end up being one of the most valuable startups in fintech. “Ultimately, under a fair application of the Howey test and the SEC’s presently expanding analysis, XRP should not be regulated as a security, but instead considered a currency or a medium of exchange,” Giancarlo and Bahlke argue in the paper. “The increased adoption of XRP as a medium of exchange and a form of payment in recent years, both by consumers and in the business-to-business setting, further underscores the utility of XRP as a bona fide fiat substitute.” Giancarlo was nominated to be a commissioner of the CFTC by then-President Barack Obama in 2013. In 2015, he helped lead the thinking behind the CFTC’s decision that bitcoin and other cryptocurrencies were commodities, paving the way for the SEC’s related comments that neither bitcoin nor ethereum are securities. Then, at the height of the 2017 cryptocurrency bubble President Trump nominated him to be Chairman of the CFTC, where he oversaw the creation of a number of bitcoin futures projects, including at CME Group and the short-lived effort at Cboe. While many blame the creation of bitcoin futures for popping the 2017 price bubble, which almost hit $20,000 before halving today, others have seen the works as a fundamental process of maturity, helping pave the way for more sophisticated crypto-enabled financial offerings. Giancarlo’s last day in office at the CFTC was in 2019, after which he promptly got involved helping envision the future of assets issued on a blockchain. In November he joined as an advisor to American Financial Exchange, using ethereum to create a Libor alternative. The following January he co-founded the Digital Dollar Project leading the push to use blockchain at the Federal Reserve and now it would seem he’s hoping to influence the classification of XRP as he did for bitcoin and ethereum, but from the other side of regulation. Importantly however, a footnote in the report discloses that not only is Giancarlo and Bahlke’s firm, Willkie Farr & Gallagher LLP counsel to Ripple Labs, but they “relied on certain factual information provided by Ripple in the preparation of this article.” While it’s impossible to parse what information came from the co-authors and what came from Ripple, the resulting legal argument is fascinating, even if it does leave room for doubt. The Howey test Giancarlo uses to bolster his arguments is a three-pronged definition used by the SEC, none of which he says apply to XRP. The first prong, is that an investment contract should be implied or explicitly stated between the issuer of the asset, in this case XRP and the owner, in which money exchanges hands. “The mere fact that an individual holds XRP does not create any relationship, rights or privileges with respect to Ripple any more than owning Ether would create a contract with the Ethereum Foundation, the organization that oversees the Ethereum architecture,” he writes. This does however overlook the fact that OpenCoin, credited on Ripple’s own site in 2013 for creating XRP (then tellingly described as “ripples”), was run by many of the same people that founded Ripple. The original creators of XRP then donated the vast majority of the assets to Ripple, which they also ran, creating a sense of distance, tacit though it may be. The actual data around the creation of XRP was also muddled by a glitch in the code that means unlike bitcoin and ethereum the crucial genesis data is no longer attached to the rest of the ledger. The rebranding of “ripples” as XRP further extended the sense of distance between XRP and Ripple, followed by an aggressive campaign to get media to stop describing the cryptocurrency as “Ripple’s XRP.” With so much distance between the company that actually created XRP and the company that now owns more than half of it, one would be forgiven for wondering, if there was an implied contract between OpenCoin and XRP owners, does the donation from one group of people at one company to a very similar group of people at another company sever that responsibility? In spite of the sense of distance created by Ripple between itself and the cryptocurrency its co-founders created, a number of active lawsuits alleging securities violations have been filed. In all fairness though, Giancarlo appears to recognize this prong may not be Ripple’s strongest defense and concludes the section, hedging: “Even if XRP were to satisfy one or two of the “prongs” of the Howey test, it does not satisfy all three factors such that XRP is an investment contract subject to regulation as a security.” The second prong of the Howey test stipulates that there can be no “common enterprise” between shareholders or a shareholder and the company. While refuting both relationships, Giancarlo curiously goes onto to write that “given the juxtaposition between XRP’s intended use as a liquidity tool, its more general use to transfer value and its potential as a speculative asset, XRP holders who utilize the coins for different purposes have divergent interests with respect to XRP.” Ironically, there has always been a widely held belief that owning a cryptocurrency would unify interests around a single goal: to co-create the infrastructure that lets the cryptocurrency exist and ensure it was vibrant and diverse. Meanwhile, XRP, in spite of its aggressive supporters on social media, is one of the least diverse ecosystems, with the vast majority of serious development being done within Ripple. If XRP owners aren’t expecting an increase in value from the work being done by Ripple, they certainly aren’t nearly as involved in helping build that future as are owners of bitcoin and ethereum. In a related issue, the third prong of the Howey test stipulates that “no reasonable expectation of profit should be derived from the efforts of Ripple,” according to the paper. Supporting this position, Giancarlo writes: “Though Ripple maintains a sizable stake of the XRP supply and certainly has a pecuniary interest in the value of its holdings, it is not enough to suggest that a mutual interest in the value of an asset gives rise to an expectation of profits as contemplated by Howey.” Again, this strains credulity. According to its own site, Ripple currently has access to 6.4% of all the XRP ever created. But that doesn’t count the 49.2% of the total XRP Ripple owns, but is locked in a series of escrow accounts that become periodically available to Ripple and Ripple alone. Adding those two percentages together leaves a float of only about 44% of XRP that has been distributed for public ownership. For some comparison, Facebook went public the same year XRP was created and has a 99% float, according to FactSet data, meaning almost all of its stock is in the hands of traders.While Ripple does also have more traditional stock, this distribution shows that Ripple might not be as distributed as it claims. While it’s perhaps no surprise that Giancarlo would come out on the side of his own client, there’s also plenty of other reasons to believe his argument may in fact hold water. In February 2018, the notoriously compliant exchange Coinbase added support for XRP, something it would unlikely do if it were concerned it might accidentally be selling an unlicensed security. Perhaps most tellingly though, Ripple has also been granted a difficult-to-obtain BitLicense from the New York Department of Financial Services, giving it the blessing of a respected regulator. However, while the license was granted after then-superintendent Benjamin Lawsky stepped down from the regulator, it's perhaps no coincidence that a year later he joined Ripple on its board of directors and is now active in the cryptocurrency space. Perhaps a similar fate is in store for Giancarlo. Editor’s note: This article has been updated to clarify that Ripple Labs is a client of Giancarlo’s law firm.
Market Analysis on April 2, 2020: Tether Newly Minted 60 Million USDT
[Today's Hot Tips] 1.[1 billion XRP transferred to wallet and locked] 1 billion XRP are divided into three successive times: 500 million, 400 million, and 100 million, respectively; from the escrow wallet to the Ripple wallet, 900 million XRP have been transferred back to the escrow wallet and locked. 2. [Vitalik Buterin proposes plansto improve Ethereum privacy] Vitalik Buterin proposed plans to improve the Ethereum privacy and use the Ethereum domain name system to implement address hiding: that is, to send tokens to an address with the name of the ENS (Ethereum Domain Name System), without revealing who actually received the coins. 3. [GitHub will store a large amount of open source code in a underground coal mine in Norwegian Iceberg] GitHub will store a large amount of open source code, including the underlying infrastructure code of Bitcoin, in an underground coal mine in the Norwegian Iceberg. These codes will be copied onto the film and stored for 1,000 years to ensure the preservation of history. 4.[Tether newly minted 60 million USDT] At 02:43 on April 02, Beijing time, Tether Corporation newly minted 60 million USDT. This is an authorized but unissued transaction, which means that the amount will be used as inventory for the next issue request. 5. [Jiang Zhuoer: "It is impractical to use the blockchain as a network disk"] Jiang Zhuoer: The proposition of unlimited blocks such as "use the blockchain as a network disk" by the BSV group based on CSW exceeds the maximum capacity of the blockchain, which is unrealistic. This will cause the most important decentralization feature of the blockchain to disappear. [Today's market analysis] https://preview.redd.it/19yxg56y4dq41.jpg?width=554&format=pjpg&auto=webp&s=55ca5e78e58a55964f3790ecaa4000f058655f09 Bitcoin (BTC)In the early hours of this morning, BTC continued to be sideways around $ 6200. It rose at about 3:30 and rose to $ 6549.95 at about 6.30. Now it is adjusted around $ 6530 as a whole. The mainstream currencies are mixed. BTC is currently reported at $ 6604.49 at LOEx Global, with an increase of 5.98% in the day. Yesterday, BTC rose sharply before the close, breaking through the first pressure level, closing around 6600 points, the price showed an increase, and the price trend remained neutral. If it continues to rise today, the price trend will reverse the trend. In short, it is the case that the novel coronavirus seriously affects normal business production. After the countries around the world have eased the liquidity crisis through "detect banknotes", we are about to face unavoidable inflation. The extra money will surely flow into certain investments thus promotes the appreciation of these investment targets—However, for ordinary investors, what needs to be done is to find the investment target with the highest cost performance and the greatest development potential according to their actual conditions, and get involved in advance. If BTC stabilizes in this range and fully reflects the best investment target, it will be favored. Operation recommendations: Support level: the first support level is 6300 points, and the second support level is an integer of 6380; Resistance level: the first resistance level is 6882 points, and the second resistance level is 6962 points.LOEx is registered in Seychelles. It is a global one-stop digital asset service platform with business distribution nodes in 20 regions around the world. It has been exempted from Seychelles and Singapore Monetary Authority (MAS) digital currency trading services. Provide services and secure encrypted digital currency trading environment for 1 million community members in 24 hours.
1) What are some challenges you think will come up in 2020? Some of the biggest challenges that we see for 2020 are: Adoption; it is the most difficult, but it has the highest impact for the project, and for the blockchain community at large. Perhaps the biggest challenge within adoption is education. It is critical that people understand how RenVM works, its capabilities, its limitations, where it is meant to be used, and where it is not meant to be used. At times, it has already proved difficult to cut through misinformation/misunderstanding that proliferates throughout the wider community or to explain complex cryptographic concepts. We will be addressing these challenges by producing more education material, releasing audits (when they’re completed), engaging more with other communities, and open-sourcing more of the project. Rolling out updates; to the Darknodes as fixes, improvements, and new features. This is a technical challenge, but also a social challenge. It requires comprehensive testing environments and a focus on backwards compatibility, but it also requires coordination and social agreement amongst hundreds (and potentially thousands) of Darknode owners. To face these challenges, we have already begun building more extensive testing frameworks, auto-update capabilities for the Darknodes, and looking at informal methods of governance (until we settle on a formal one). 2) As far as I understand, you already have a list of companies that will be the first to adopt RenVM and make integration. How do these companies feel about the fact that not all repositories are open and some of the code is still closed (private repo)? Doesn't that scare them off? Do you have plans to go full open source? TL:DR: Yes, absolutely we plan going full open-source and all projects we are in conversation with are aware of the below plan and understand the logic behind it. Our logic and subsequent plan (and the thresholds needed) to go full open-source can be found in this document, if curious: RenVM Open-Source Roadmap. Long Answer: The team at Ren are very strong proponents of the open-source ethos and believe all decentralized protocols need to be made open-source when secure. The Ren team also wants to (a) be competitive in this space, given the hard work and capital invested by the team and the community, and (b) give an appropriate amount of time for security issues to be discovered and fixed before making the codebase available to potentially malicious actors. With that said, all of Ren's codebase barring the RZL sMPC algorithm will be open-sourced at the advent of RenVM Mainnet Subzero which will be launched after our security audit is completed. The RZL sMPC algorithm, however, is what makes RenVM and its sMPC solution so special. This RZL sMPC Algorithm has been pioneered in-house by our development team and can be considered a trade secret. It will, therefore, not be released to the wider public until certain security and capital thresholds within RenVM have been met. We have worked very hard over the last two years; this approach ensures RenVM's security and that the Ren community, team, and investors are rewarded for their patience. Stage 1 | Q1 2020 RenVM Mainnet Security Audit The security audit will verify our RZL sMPC algorithm security, correctness, and functionality under a Non-Disclosure Agreement (NDA). This, the security audit of RenVM, and all other components of RenVM's code-base will be available for the public to review when completed. Stage 2 | Q2 2020 Onward Our RZL sMPC Algorithm will be fully open-sourced to the public when the milestones outlined in this document are met: https://github.com/renproject/ren/issues/2 This document has purposefully been designed for open comment as we encourage any stakeholder to voice their opinion or suggestions (supported by empirically-based evidence, of course). The team will take the feedback and incorporate them into the RenVM Open-Source Roadmap thresholds. The open comment period will end at the formal release of RenVM Mainnet Subzero, at which point the specific security and capital thresholds will be solidified, and presented to the public. If you have suggestions or questions, please do voice them on our Github! https://github.com/renproject/ren/issues/2 3) Any ideas on which DeFi dapps could or should in your opinion use RenVM? Any DeFi app can utilize RenVM. If their users have a desire to trade/lend cross-chain pairs then they could/should use RenVM to do so. With that said, a few potential use cases can be found below:
Cross-Chain Decentralized Exchanges,
Cross-Chain Lending & Leveraging,
Multi-Collateralized Synthetics and Stablecoins (e.g. DAI),
No-Counterparty Risk OTC Desk | An Interoperable Escrow,
We’ll also be releasing a blog that outlines all the potential use cases for RenVM in the coming months, so please do stay tuned! 4) Have you announced a partnership with AZTEC, what are your plans for cooperation with them, are these plans still in force or have your priorities changed? At this stage, our entire focus is on Mainnet SubZero. But, we will definitely be following up on integrating with AZTEC once everything is released, stable, and adopted. 5) Can you expand on Universal Interoperability and how important of a role it will play in the future, what are the qualifications of being that third party? TL:DR: The ultimate goal of Universal Interoperability is to ensure a great user experience (UX) regardless of what Blockchain they come from or its end destination. In the immediate terms, this means abstracting away confirmation wait times and the need for ETH gas, so someone could use a BTC on a DeFi app (built on Ethereum) and never know it. Long Answer: The number and speed of confirmations inherently depends on the original chain and must be set at the time the chain is admitted into the protocol. RenVM mainnet will wait for 6 confirmations for BTC (Chaosnet, is 2). This obviously takes a long time and, while it’s not so bad for some use cases (lending, collateralization, etc), it’s not the best for dApps/DEXs and general UX. So, we have the concept of Universal Interoperability which allows a third party to provide two things (in exchange for a fee nominated by users): 1) Expedited Confirmations | Confirmation as a Service (CaaS) CaaS= Expedited Confirmations | This removes confirmations wait time for users when minting digital assets on Ethereum. It provides speed by taking on the confirmation risk. The third-party sees you have (let’s say) 1 confirmation and is confident you’re not a miner about to attack Bitcoin. They come in and provide the shifted BTC immediately to complete whatever action you were taking, and when the real underlying shift finishes the 3rd party get their funds back. By implementing CaaS, developers can help users complete actions faster by using funds that have already been shifted. These funds can be accessed in a variety of trustful and trustless ways, however the goal is the same - facilitate a cross-chain transaction in a shorter time than it would take the user to first fully shift in an asset (i.e. for BTC, RenVM waits for six (6) confirmations). 2) GSN Integration | Gas as a Service (GaaS) GaaS = GSN Integration | This removes the need for users to interact with ETH gas when dealing with native blockchain interactions. It provides gas so you don’t need to manage lots of different tokens, just the ones you’re actually using for the dApp.By Implementing GaaS, this allows dApps to pay for their users' transactions in a secure way, so users don’t need to hold ETH to pay for their gas or even set up an account. This can be particularly valuable when it comes to cross-chain applications as you might be building for a non-ethereum user base. *We'll be releasing a demo if these working the real-world quite soon along with tutorials for 3rd parties to use these solutions if they so choose. 6) What’s the path forward for more liquidity on the REN token? Currently US users are limited in where they can purchase tokens and cannot easily acquire enough to get bonding for even one Darknode. We encourage those who are restricted based on their jurisdiction to utilize the decentralized exchange infrastructure currently available. We try to practice what we preach and by utilizing DeFi, it's a great way to further propel the space into the mainstream. We can’t legally recommend specific exchanges and we don't publicly discuss potentially listing until they are public, but do know we are always working on bringing more democratic access to REN. 7) How does your company plan to make money in the future (to finance the development, when the money received on the ICO will be over)? Our team’s incentives are directly aligned with that of our community (those who run Darknodes). The organization and its funding is centered around Darknode rewards. Darknodes earn fees for facilitating interoperability via RenVM and this is how the organization will fund itself. 8) How does the audit go, any major issue has been identified that could delay MN subzero? When is it estimated to complete an audit? The audit is going well. The smart contracts have been finished, and all issues were addressed quickly. The Hyperdrive audit is currently underway, and there have been no critical issues reported so far. The next steps are to scope the audit for the RZL sMPC paper and its accompanying implementation (the z0 engine). There are no timeline estimates that we are comfortable giving to the public at this stage, as audits times can vary a lot depending on what is found, and an audit of an sMPC implementation is not common (estimates quickly propagate through the community and become incorrectly interpreted as hard commitments). 9) How does your sMPC algorithm work? Can't find any description anywhere. Can the Darknodes perform any calculations over any data splitted using SSS? How fast are those calculations performed? How is the new private key generated for the next era, so old nodes that generated this key does not have access to it? Also, What kind of help from external developers do you need right now? - It takes many pages of very formal discussion to describe how our sMPC algorithm works, but we are working on a paper that formally defines the algorithm, and proves its properties. This paper is being audited, and both the paper and audit will be released to the public after the release of Mainnet.- Darknodes can, in theory, perform any computation over Shamir secret shared (SSS) data, but they are only configured to perform interoperability related computation at the moment (key generation, and key signing). - The performance of general computation over SSS data is very dependent on the kind of computation, however, sMPC is invariably orders of magnitude slower than the equivalent computations running on your local machine (because they involve network communication). - Every epoch a new key must be generated to store assets (and assets in the old key must be transferred to this new key). The old group of Darknodes can generate the new key in such a way that the public key is known, but the private key shares are encrypted for the new group of Darknodes (this process does not reveal any of the new shares to any of the old Darknodes). Under the hood, this uses very simple homomorphic properties. Once the new key is generated, the old Darknodes can simply do their usual sMPC to transfer all assets to the new key. -We would love it if the developer community started experimenting with our SDKs and contributed their thoughts/improvement to RenVM (and the dev infrastructure that supports it e.g. RenJS & GatewayJS) via: https://github.com/renproject/ren/issues 10) What are the plans for the initial network bootstrapping to onboard darknodes to achieve sufficient decentralization and deliver on the security benefits? I understand the early stages of the network will have the core nodes of the Ren Team and trusted partners responsible for maintaining the integrity of the network - do you intend to remain in this phase until sufficient transaction volume is on the network that attracts sufficient 3rd party operators? Are there plans to incentive that initial volume? We intend to remain in the Mainnet SubZero phase until there is sufficient volume (stable over a reasonable period of time) to attract members of the public to run Darknodes and earn rewards by doing so. During this period, Ren and other projects will operate Darknodes to keep the networking running (and to keep it semi-decentralized amongst Ren and these third-parties). It is important for the security of the network that volume grows naturally, otherwise, it risks dropping after the incentivization ends. However, to begin with, we will support volume by providing liquidity to DEXs, and keeping minting fees low. Thank everyone for contributing to our first AMA! We'll have more over the coming months but as always, if you have any questions just come and ask in our Telegram: https://t.me/renproject
If you didn't buy bitcoin, and didn't mine it, ... where did you get it? Examples...
If you earn in bitcoin, you will prefer to spend in bitcoin (versus going through the friction of "cashing out" into fiat). This occurring will "close the loop", lessening significantly the conversions to and from fiat. What would change that you would be earning inn bitcoin in the future? Well, ... you might:
Things are just getting started ...., just wait until gig marketplaces like Uber, DoorDash, and AirBNB offer to pay in bitcoin to attract more service providers. Or when payment in bitcoin is an option for those who make bulk payments -- such as Udemy which pays instructors their commissions and TryMYUI wich pays their testers. What other ways have you ended up with bitcoin, other than buying from an exchange?
I have 2 years of experience working as part time back-end developer. -NodeJS (Express...) - SQL, MongoDB - Linux I have worked on Bitcoin escrow service, Bitcoin exchange, Ethereum exchange... I am looking for smaller projects. -My rate is $10/hour (Bitcoins, crypto). Contact me for more details. (I can create simple front-end or use template + I can set up web server for you) My Github (most of my bigger projects are closed source): @fbslo No upfront payment!
"Do you need a Blockchain?" - this paper is fantastic, everyone should read this before evaluating a coin and if requires a block chain to solve a solution the coin is promising to solve. (136 points, 41 comments)
Do any of you foresee a crypto being widely adopted as a general purpose payment coin? nano, btc, btccash etc (take your pick). I think it won't happen for reasons in this post. What do you think? (59 points, 54 comments)
Noticed the huge rise of EOS lately what does it have over NEO and ethereum and to a lesser extent Cardano? I tried researching it, but wasn't sold. (54 points, 55 comments)
Hard Problems in Cryptocurrency: Five Years Later ~Vitalik (46 points, 1 comment)
I had a Q&A with Bruno head architect / CEO of oyster, thought you guys might like it. (45 points, 2 comments)
A good article that explains in simple terms how Eth2 works, how it will be rolled out and migrated from eth1 (42 points, 4 comments)
DAI the stablecoin can now be transferred GAS free (article explaining how it works via new MCD DAI contract). This holds alot of promise for the so called "Web3" (40 points, 8 comments)
Veriblock is consuming 27% of bitcoins block space - what does this mean for bitcoins future? (39 points, 16 comments)
Vitalik: Alternative proposal for early eth1 <-> eth2 merge (38 points, 3 comments)
Is launching a PoW permissionless blockchain still possible today? or would it be too susceptible to a 51% attack? (37 points, 37 comments)
Technical comparison of LIGHTNING vs TANGLE vs HASHGRAPH vs NANO (133 points, 37 comments)
Addressing Nano's weaknesses (bandwidth usage and disk IO). Nano voting traffic to be reduced by 99.9% by implementing vote by hash, lazy bootstrapping, and reduced vote rebroadcasting (x-post CryptoCurrency) (78 points, 8 comments)
Emergent centralization due to economies of scale (PoW vs DPoS) – Colin LeMahieu (52 points, 37 comments)
Nano community member developing a distributed "mining" service to pay people to do PoW for third-parties (e.g. exchanges, light wallet services, etc) (32 points, 20 comments)
What do you think about OpenCAP, the cryptocurrency alias protocol that mirrors traditional email addresses? (15 points, 12 comments)
Bitcoin would be a calamity, not an economy (11 points, 52 comments)
Part 5. I'm writing a series about blockchain tech and possible future security risks. This is the fifth part of the series talking about an advanced vulnerability of BTC. (43 points, 43 comments)
I'm writing a series about blockchain tech and possible future security risks. This is the third part of the series introducing Quantum resistant blockchains. (36 points, 4 comments)
Part 4B. I’m writing a series about blockchain tech and possible future security risks. This is the fourth part of the series explaining the special quality of going quantum resistant from genesis block. (25 points, 21 comments)
Part 6. (Last part) I'm writing a series about blockchain tech and possible future security risks. Failing shortcuts in an attempt to accomplish Quantum Resistance (24 points, 38 comments)
I'm writing a series about blockchain tech and possible future security risks. This is the first part of the series introducing the basic concept of blockchain and what makes it reliable. (23 points, 10 comments)
I'm writing a series about blockchain tech and possible future security risks. This is the fourth part of the series explaining the special quality of going quantum resistant from genesis block. (7 points, 1 comment)
Part 2. I'm writing a series about blockchain tech and possible future security risks. This is the second part of the series: An accessible description of hashing and signature schemes. (5 points, 0 comments)
Everytime I try to investigate the technology behind Cardano(Ada), I come across the words "scientific" and "peer-reviewed" over and over but almost no actual details. Can someone fill how this coin actually works and where they are in development? (126 points, 49 comments)
"Do you need a Blockchain?" - this paper is fantastic, everyone should read this before evaluating a coin and if requires a block chain to solve a solution the coin is promising to solve. by Neophyte- (136 points, 41 comments)
Technical comparison of LIGHTNING vs TANGLE vs HASHGRAPH vs NANO by Qwahzi (133 points, 37 comments)
Everytime I try to investigate the technology behind Cardano(Ada), I come across the words "scientific" and "peer-reviewed" over and over but almost no actual details. Can someone fill how this coin actually works and where they are in development? by RufusTheFirefly (126 points, 49 comments)
160 points: holomntn's comment in ELI5: Why did it take so long for blockchain technology to be created?
121 points: KnifeOfPi2's comment in How do we change the culture around cryptocurrency?
105 points: theglitteringone's comment in Outside of currency and voting, blockchain is awful and shouldnt be used. Can anyone explain where blockchain is worth the cost?
102 points: benthecarman's comment in If crypto now is like 'the Internet' of the past, where are we?
96 points: pegasuspect93's comment in If crypto now is like 'the Internet' of the past, where are we?
95 points: bannercoin's comment in Realistically, why would anybody expect the startup crypto platforms to beat out the corporate giants who are developing their own Blockchain as a Service (BaaS) solutions? Ex. IBM, SAP, JP Morgan...
83 points: AlexCoventry's comment in Ethereum private key with all zeroes leads to an account with 5000$ on it
82 points: deleted's comment in Is blockchain really useful ?
ChainLink - Rank 97 with no competitors. Undervalued Gem?
What Does ChainLink Do? In a nutshell, ChainLink aims to solve the connectivity problem, a key limiting factor for smart contract usability, and whilst it's an ERC-20 token it will not be limited to just the Ethereum blockchain. What makes $LINK so special? Well, it's the first decentralized oracle network; allowing anyone to securely provide smart contracts with access to key external data, off-chain payments and any other API capabilities. Anyone who has a data feed, useful off-chain service such as local payments, or any other API, can now provide them directly to smart contracts in exchange for LINK tokens. Partnerships I will keep this brief, as you can see a full list of current and potential partnerships on https://www.reddit.com/LINKTradecomments/7mob78/list_of_chainlinks_partnershipsprojects_using/ But the main ones to look at are
SWIFT (we know SmartContract, the company behind ChainLink, are working with SWIFT on improving the efficiency of their bond payments, but nothing official regarding LINK & SWIFT yet).
The Pros ChainLink has steadily been gaining traction ever since its downfall after the 4chan/reddit SIBOS hypetrain crash (post September). It's remained around the 90-100 rank mark and has yet to really "moon".
Team has been working on this for 3 years and initial testnet is due to be released in Q1
Zero competition and first mover advantage even if there was (other oracles are currently centralized)
Etherscan shows that soon 95% of all available circulating LINK will be consolidated into less than 15,000 wallets and that continues to shrink as more people try to chase pumps, they're being shaken into stronger hands. As soon as Sergey's saved up LINK is finally handed over to institutions we'll see the price jump by increments of dollars and it'll be way too for most people by then (https://etherscan.io/token/0x514910771af9ca656af840dff83e8264ecf986ca)
Team is actively hiring more developers and a head of marketing
Only on one major exchange, so price likely to increase when listed on further exchanges
Team is focused on development rather than shilling (take TRON for example) so lack of news/tweets to get normies on board (can be taken as a pro as you're still considered early)
The 4chan meme token
GitHub is private whilst the team work on moving from RoR to GO for Q1 Intitial Testnet release.
Not all team members listed on the website
So what makes ChainLink valuable? The LINK token is used by smart contract owners to pay chainlink nodes for getting data from them and the more LINKs an oracle node has, the more reputable it is. So oracle node providers are incentivized to hold as much LINKs in their chainlink nodes to appear more reputable to the chainlink network, gaining more usage and profit (Taken from a comment on https://www.reddit.com/CryptoCurrency/comments/7nwis4/why_i_believe_chainlink_link_is_the_most/) Most importantly, LINK can (and will be) used for data request penalty payments to ensure that node operators provide the requested data. Penalty payments are LINK tokens that are required to be held in escrow by the smart contract. They are paid to the smart contract creator in the event any of the node operators do not meet the required data requests as stated in the smart contract. This provides an incentive for smart contract creators to trust node operators, knowing that they have a form of financial insurance (the penalty payment) in the event a node (or nodes) submit bad data. For information that will trigger high value smart contracts, smart contract owners will want to require a proportionate amount of link to be held in escrow as penalty payments by the node operators. When link is tied up for penalty payments, it is released over the life of the contract. For example, let’s say party A wants an API snapshot sent every day for 30 days. If the penalty payment for the contract is 300 LINK (per node operator), then each node operator will have 10 LINK released to them at the end of each day – receiving the full 300 LINK at the end of the 30 days if they successfully performed the data request the smart contract asked for. Now imagine the smart contract creator wanted 10 node operators. That means 3000 LINK is taken off the market immediately, and 100 of that 3000 is released each day from the smart contract to the individual node operators (10 each per operator, assuming they provided the requested data). A cycle will be created where more and more smart contracts will make requests and node operators will be limited only by the availability of their LINK tokens to be used for penalty payments. Add it all together and you have a singular payment method for a desired network (the most secure external data oracle), lots of supply constantly locked up to have enough link for signaling purposes (the reputation boost for a node operator), financial insurance for smart contract creators (penalty payments) for increasingly valuable triggering data in a wide variety of smart contracts, and a network poised for growth as more adapters are built and more API’s become available so that dapps can thrive on any blockchain network. Yes LINk is an ERC20 token, but it is blockchain agnostic and the adapter network can continue to grow. LINK can also be staked! LINK staking is another big thing that will do wonders for Chainlink's valuation. Turns out Chainlink oracles can be made into pools, similar to mining pools on bitcoin and ethereum where multiple people come and put their LINKs together to run a more secure oracle node and distribute the profits fairly between each other. This will be huge as it will effectively allow you to stake your LINK tokens and earn more of them passively without doing anything. One such pool in development is LinkPool (http://www.linkpool.io/). Where do i buy and store LINK? You can currently buy LINK at the following exchanges;
Adoption funding development all in one but I need a PHP programmer help
FiatDex explained. A trustless and censorship resistant method to buy and sell ETH for fiat without a third party escrow.
Summary FiatDex is a trustless fiat to ETH exchange protocol that uses seller and buyer ETH collateral to motivate trading parties not to scam each other and complete the trade. No third party escrow is needed. No sign-up or KYC needed. No reputation system required. It can be especially useful for cash in-person trades by increasing the security of those trades by decreasing the chance of getting robbed. FiatDex has no match-making properties which must be done manually through other channels. Background Currently, there are limited trustless method to exchange fiat currencies such as USD, EUR and others for cryptocurrencies such as Bitcoin, Ethereum or Litecoin. Most users seeking to convert fiat into crypto must use and trust a centralized gateway that serves as gatekeeper for entering and exiting crypto from fiat. Such gatekeepers may require information that users may not want to disclose such as Social Security Numbers, Driver's Licenses or Passports for fear that the information may not be held securely or will be abused. In addition, these centralized gateways can become honey pots waiting to be hacked. As seen with LocalBitcoins, there is a demand for a service that avoids the gatekeepers; however, as we have also seen with LocalBitcoins, such centralized services may become victims to burdensome regulations, whether it is right or not. There are decentralized exchanges that have fiat as an option, such as Bisq or LocalEthereum; however these types of exchanges use shared custody multisignature addresses with a trusted third party that must be the final arbitrator of all trades if the trading parties cannot resolve disputes themselves. Also, if the arbitrators disappear from the platform, the exchange can no longer function when there is a dispute. What is FiatDex? FiatDex is Ethereum based fiat to Ethereum (ETH) swap smart contract. It can be ran as a backend protocol for any Dapp that is order matching users who want to swap fiat for crypto or vice-versa. It utilizes some features from various types of decentralized exchanges and puts it into a simple interactive smart contract. Ethereum was chosen versus Bitcoin as it has more flexible smart contracts and eventually users can swap their Ethereum for Bitcoin via other trustless methods if desired. FiatDex is a decentralized gateway for users with fiat to enter the cryptoworld without having to trust a third party. The core tenet of FiatDex is incentive. Participants are incentivized to continue to the next step, and failure to do so in a timely manner will result in a penalty. Much like Bitcoin and cryptocurrency in general, incentive drives miners to mine and stakers to stake. Incentive will also drive FiatDex. Traders are not asked to implicitly trust each other but rather act out of their own self-interest. How does it work? FiatDex is a contract with simple steps; however, there is a caveat regarding its use. Both traders must already have ETH to initiate the swap. Meet Alice and meet Bob. Alice has 1 ETH she wants to sell for $200 USD. Lucky for Alice, Bob has $200 USD that he wants to use to buy 1 ETH.
Prior to the trade, Alice and Bob communicated that they want to exchange and how to do the exchange, including sharing a common hash between each other that will be used as a trade ID. This communication can be Telegram, IRC, email or anything else.
Alice creates a swap position using the trade ID in the smart contract with a value of 1 ETH, this swap position requires a 150% collateral, so Alice must send 2.5 ETH in total.
Bob sees that Alice has opened the swap position with the correct amount and then sends his collateral to the same swap position which is the same at 150% of the sent amount, so Bob must send 1.5 ETH as well.
The swap position now contains 4 ETH.
After sending his collateral, Bob must now send $200 USD to Alice. The preferred method is some sort of irreversible cash transfer (not bank to bank as those tend to be reversible).
When Alice receives the money and verifies it is not fake, she will then close the swap position unilaterally. This automatically triggers payment from the smart contract to Bob for 1 ETH as well as returning the collaterals to each respective party. Alice will get her 1.5 ETH collateral back and Bob will get his 1.5 ETH back. Both parties are happy and Bob is 1 ETH richer (though $200 poorer) than when he started. Alice is $200 richer (though 1 ETH poorer) as well.
If it takes too long to close the swap position, the contract will deduct a fee per time unit that goes to the contract owner address. This is done to encourage the parties to do the swap as fast as possible.
These steps can be repeated if the buyer wants to acquire more ETH with fiat.
What if I only have $150 worth of ETH initially and want to buy $1000 worth of ETH? Since the collateral is returned after each swap, a person can repeat the swap to buy as much ETH as they want. If I want $1000 worth of ETH but only have $150 worth of ETH. I would use the $150 worth of ETH as collateral and buy $100 worth of ETH several separate times and eventually I will have a $1000 worth of ETH from only having the initial $150 worth of ETH. Links Github: https://github.com/happypsyduck/fiatdex-gateway Telegram: https://t.me/joinchat/LKOC7hNpttszh22G6lEfyg
Manna-Network.com; A Method Of Earning BitcoinSV With Web Traffic
Manna Network is a way for website operators to earn income from their web traffic. It has the potential to bring LONG and short-term revenue to bloggers, video producers, musicians, artists, etc. It also is a way for small businesses to learn, earn and experience crypto and a way for them to recoup some of their own advertising expenses and efforts by reselling (sic. recycling) their web traffic in exchange for BitcoinSV. Internet advertising involves websites at both ends (at both the buyer end and the seller end). That rare feature of the product enabled the creation of this advertising system as a hybrid of link exchanges (i.e. swaps and barter based), a peer-to-peer distributed Yellow Pages style web directory, an ad networks style bidding and pricing system, and a crypto currency payment systems into what can best be described as a Multi-Stakeholder Cooperative Ad Network Trust. Among its features,
it offers a way to monetize web traffic for BitcoinSV
provides a business related product (web traffic/advertising) for merchants to purchase with BitcoinSV they accepted for their products or services
it offers merchants a way to offer a new product line (sic. web advertising), learn and earn BitcoinSV at zero costs or risks
it offers a "Blue Ocean" startup and entrepreneurial opportunity to any/all website operators in a poorly served (but well established) ad network industry
is a "BitcoinSV" only payment system
has a unique bidding and accounting system that uses a fun and intriguing game theory approach to handle the wide price fluctuations of crypto
it has a member-to-member exchange to enable new customers to acquire BitcoinSV backed advertising tokens using a smart contract/escrow software
offers an innovative approach towards openness in smart contracts by incorporating a wiki into the smart contract concept. Rather than "the contract is in the code', we say "the contract is in the wiki". If the code doesn't live up to the wiki, the developers are called to account
Uses a 'Massachusetts Business Trust' as the business structure rather than a corporation. Trusts operate under Common Law (rather than statutory), are formed without permission of the state, are NOT fictional entities, and are formed for the benefit of beneficiaries (the website operators in our case). The beneficiaries have a type of title or ownership stake so, effectively, the system converts web traffic into an asset class.
In development for quite some time, the original system had been started with the typical payment mechanisms (i.e. Pay Pal and fiat currency). When Bitcoin was discovered it was converted to a Bitcoin-only system. That decision obviously limited the potential customer base but the company's culture, strategic philosophy and future direction lined up so well with Bitcoin's that committing the company to Bitcoin was chosen as the best long-term route. To address the small crypto-user-base issue a "member-only" crypto-backed purchase and exchange system was developed to make it easy for customers to acquire the "ad credits" to advertise on the crypto-only platform. Another problematic issue encountered (besides the limited crypto user base) was the Bitcoin scaling issue. The uncertainty required waiting for stabilization. That changed with the fork and $50 transaction fees, "hodling" and and other issues associated with Bitcoin Core and, so, it became obvious the solution was a change to first Bitcoin Cash and then to BitcoinSV. Another problematic issues included a poor installation rate of the proprietary Manna Network software. The ability of the Network's members to sell web traffic (sic. advertising) hinges on the Network's ability to acquire web traffic into its inventory. The business model incorporates a "sales funnel" starting with the offer of free advertising and progressing into a competitive "bidding" for better placement. It then attempts to capitalize on the unique characteristic that customers operate web sites and can, therefore, install the scripting and contribute (sic. invest) web traffic. Getting "customers" to install the software (and thus become "members") is crucial to the success of the Network. To address this problem we are building the "Enterprise Level". The project is currently at the "rebranding" stage to mostly correct that last problem by enabling an "Enterprise level" strategic partnership level aimed at web professional in direct contact with web site operators (i.e. professionals such as web developers, designers, SEO, hosting, web advertising etc). Not only can these assist potential members with installation, the arrangement can enable their customers to earn crypto with their websites and, thus, build customer loyalty and common goals between the site owner and professional. The enterprise level will be released on Github excepting and reserving a small central part of the system that maintains the pricing and bidding. Those pricing and bidding operations are what determine the placement of the ads across the entire network (and it is the placement of an ad across the whole network that incentivizes buyers to bid and pay more for better placement) thus that portion needs to be centralized at least for a season. I've been the sole developer of the project so far. There have been the issues mentioned that have kept me remaining cautious, but the legal structure formation (i.e. the Massachusetts Business Trust ) was also problematic. A recent consultation with an attorney specializing in crypto startups was encouraging enough on that front for me to start to seriously consider the formation of a team. I have welcomed the formation of an advisory team and am looking forward to contributions from attorneys, accountants (particularly tax), and junior web software developers. But since crypto (BitcoinSV) is only used as the payment system, there currently is not much need for crypto-currency specific development (but there may be the possibility of that in the future). Once the trust agreements are drafted and the current software is transferred to the trust, then it can be opened up to permanent registration and membership. The business model will likely include some understanding that the web traffic of members is contributed as the working capital of the trust. This can also be described as "crowd sourcing" using web traffic as "money". The earnings of the members are indirectly connected to the amount of their web traffic by reason that they get to offer the network's traffic (i'e' they function as agents for the Network) and earn commissions on their sales. Thus, sites with more traffic should, in general, achieve higher sales than sites with lower traffic. Conceptually, it might be likened to the mining operations in crypto and it could be said it is like mining BitcoinSV with web traffic (or, more specifically, like earning BitcoinSV with web traffic). The project can be seen at Manna-Network.com.
What's this? I don't make a Technical post for a month and now BitPay is censoring the Hong Kong Free Press? Shit I'm sorry, it's all my fault for not posting a Technical post regularly!! Now posting one so that we have a censorship-free Bitcoin universe! Pay-to-contract and sign-to-contract are actually cryptographic techniques to allow you to embed a commitment in a public key (pay-to-contract) or signature (sign-to-contract). This commitment can be revealed independently of the public key / signature without leaking your private key, and the existence of the commitment does not prevent you from using the public key / signature as a normal pubkey/signature for a normal digital signing algorithm. Both techniques utilize elliptic curve homomorphism. Let's digress into that a little first.
Elliptic Curve Homomorphism
Let's get an oversimplified view of the maths involved first. First, we have two "kinds" of things we can compute on.
One kind is "scalars". These are just very large single numbers. Traditionally represented by small letters.
The other kind is "points". These are just pairs of large numbers. Traditionally represented by large letters.
Now, an "Elliptic Curve" is just a special kind of curve with particular mathematical properties. I won't go into those properties, for the very reasonable reason that I don't actually understand them (I'm not a cryptographer, I only play one on reddit!). If you have an Elliptic Curve, and require that all points you work with are on some Elliptic Curve, then you can do these operations.
Add, subtract, multiply, and divide scalars. Remember, scalars are just very big numbers. So those basic mathematical operations still work on big numbers, they're just big numbers.
"Multiply" a scalar by a point, resulting in a point. This is written as a * B, where a is the scalar and B is a point. This is not just multiplying the scalar to the point coordinates, this is some special Elliptic Curve thing that I don't understand either.
"Add" two points together. This is written as A + B. Again, this is some special Elliptic Curve thing.
The important part is that if you have:
A = a * G B = b * G Q = A + B
q = a + b Q = q * G
That is, if you add together two points that were each derived from multiplying an arbitarry scalar with the same point (G in the above), you get the same result as adding the scalars together first, then multiplying their sum with the same point will yield the same number. Or:
a * G + b * G = (a + b) * G
And because multiplication is just repeated addition, the same concept applies when multiplying:
a * (b * G) = (a * b) * G = (b * a) * G = b * (a * G)
Something to note in particular is that there are few operations on points. One operation that's missing is "dividing" a point by a point to yield a scalar. That is, if you have:
A = a * G
Then, if you know A but don't know the scalar a, you can't do the below:
a = A / G
You can't get a even if you know both the points A and G. In Elliptic Curve Cryptography, scalars are used as private keys, while points are used as public keys. This is particularly useful since if you have a private key (scalar), you can derive a public key (point) from it (by multiplying the scalar with a certain standard point, which we call the "generator point", traditionally G). But there is no reverse operation to get the private key from the public key.
Let's have another mild digression. Sometimes, you want to "commit' to something that you want to keep hidden for now. This is actually important in some games and so on. For example, if you are paying a game of Twenty Questions, one player must first write the object they are thinking of, then fold or hide it in such a way that what they wrote is not visible. Then, after the guessing player has asked twenty questions to narrow down what the object is and has revealed what he or she thinks the object being guessed was, the guessee reveals the object by unfodling and showing the paper. The act of writing down commits you to the specific thing you wrote down. Folding the paper and/or hiding it, err, hides what you wrote down. Later, when you unfold the paper, you reveal your commitment. The above is the analogy to the development of cryptographic commitments.
First you select some thing --- it could be anything, a song, a random number, a promise to deliver products and services, the real identity of Satoshi Nakamoto.
You commit to it by giving it as input to a one-way function. A one-way function is a function which allows you to get an output from an input, but after you perform that there is no way to reverse it and determine the original input knowing only the final output. Hash functions like SHA are traditionally used as one-way functions. As a one-way function, this hides your original input.
You give the commitment (the output of the one-way function given your original input) to whoever wants you to commit.
Later, when somebody demands to show what you committed to (for example after playing Twenty Questions), you reveal the commitment by giving the original input to the one-way function (i.e. the thing you selected in the first step, which was the thing you wanted to commit to).
Whoever challenged you can verify your commitment by feeding your supposed original input to the same one-way function. If you honestly gave the correct input, then the challenger will get the output that you published above in step 3.
Now, sometimes there are only a few possible things you can select from. For example, instead of Twenty Questions you might be playing a Coin Toss Guess game. What we'd do would be that, for example, I am the guesser and you the guessee. You select either "heads" or "tails" and put it in a commitment which you hand over to me. Then, I say "heads" or "tails" and have you reveal your commitment. If I guessed correctly I win, if not you win. Unfortunately, if we were to just use a one-way function like an SHA hash function, it would be very trivial for me to win. All I would need to do would be to try passing "heads" and "tails" to the one-way function and see which one matches the commitment you gave me. Then I can very easily find out what your committed value was, winning the game consistently. In hacking, this can be made easier by making Rainbow Tables, and is precisely the technique used to derive passwords from password databases containing hashes of the passwords. The way to solve this is to add a salt. This is basically just a large random number that we prepend (or append, order doesn't matter) to the actual value you want to commit to. This means that not only do I have to feed "heads" or "tails", I also have to guess the large random number (the salt). If the possible space of large random numbers is large enough, this prevents me from being able to peek at your committed data. The salt is sometimes called a blinding factor.
Hiding commitments in pubkeys! Pay-to-contract allows you to publish a public key, whose private key you can derive, while also being a cryptographic commitment. In particular, your private key is also used to derive a salt. The key insight here is to realize that "one-way function" is not restricted to hash functions like SHA. The operation below is an example of a one-way function too:
h(a) = a * G
This results in a point, but once the point (the output) is known, it is not possible to derive the input (the scalar a above). This is of course restricted to having the input be a scalar only, instead of an arbitrary-length message, but you can add a hash function (which can accept an arbitrary-length input) and then make its output (a fixed-length scalar) as the scalar to use. First, pay-to-contract requires you to have a public and private keypair.
; p is private key P = p * G ; P is now public key
Then, you have to select a contract. This is just any arbitrary message containing any arbitrary thing (it could be an object for Twenty Questions, or "heads" or "tails" for Coin Toss Guessing). Traditionally, this is symbolized as the small letter s. In order to have a pay-to-contract public key, you need to compute the below from your public key P (called the internal public key; by analogy the private key p is the internal private key):
Q = P + h(P | s) * G
"h()" is any convenient hash function, which takes anything of arbitrary length, and outputs a scalar, which you can multiply by G. The syntax "P | s" simply means that you are prepending the point P to the contract s. The cute thing is that P serves as your salt. Any private key is just an arbitrary random scalar. Multiplying the private key by the generator results in an arbitrary-seeming point. That random point is now your salt, which makes this into a genuine bonafide hiding cryptographic commitment! Now Q is a point, i.e. a public key. You might be interested in knowing its private key, a scalar. Suppose you postulate the existence of a scalar q such that:
Q = q * G
Then you can do the below:
Q = P + h(P | s) * G Q = p * G + h(P | s) * G Q = (p + h(P | s)) * G
Then we can conclude that:
q = p + h(P | s)
Of note is that somebody else cannot learn the private key q unless they already know the private key p. Knowing the internal public key P is not enough to learn the private key q. Thus, as long as you are the only one who knows the internal private key p, and you keep it secret, then only you can learn the private key q that can be used to sign with the public key Q (that is also a pay-to-contract commitment). Now Q is supposed to be a commitment, and once somebody else knows Q, they can challenge you to reveal your committed value, the contract s. Revealing the pay-to-contract commitment is done by simply giving the internal public key P (which doubles as the salt) and the committed value contract s. The challenger then simply computes:
P + h(P | s) * G
And verifies that it matches the Q you gave before. Some very important properties are:
If you reveal first, then you still remain in sole control of the private key. This is because revelation only shows the internal public key and the contract, neither of which can be used to learn the internal private key. So you can reveal and sign in any order you want, without precluding the possibility of performing the other operation in the future.
If you sign with the public key Q first, then you do not need to reveal the internal public key P or the contract s. You can compute q simply from the internal private key p and the contract s. You don't even need to pass those in to your signing algorithm, it could just be given the computed q and the message you want to sign!
Anyone verifying your signature using the public key Q is unaware that it is also used as a cryptographic commitment.
Another property is going to blow your mind:
You don't have to know the internal private key p in order to create a commitment pay-to-contract public key Q that commits to a contract s you select.
Q = P + h(P | s) * G
The above equation for Q does not require that you know the internal private key p. All you need to know is the internal public key P. Since public keys are often revealed publicly, you can use somebody else's public key as the internal public key in a pay-to-contract construction. Of course, you can't sign for Q (you need to know p to compute the private key q) but this is sometimes an interesting use. The original proposal for pay-to-contract was that a merchant would publish their public key, then a customer would "order" by writing the contract s with what they wanted to buy. Then, the customer would generate the public key Q (committing to s) using the merchant's public key as the internal public key P, then use that in a P2PKH or P2WPKH. Then the customer would reveal the contract s to the merchant, placing their order, and the merchant would now be able to claim the money. Another general use for pay-to-contract include publishing a commitment on the blockchain without using an OP_RETURN output. Instead, you just move some of your funds to yourself, using your own public key as the internal public key, then selecting a contract s that commits or indicates what you want to anchor onchain. This should be the preferred technique rather than OP_RETURN. For example, colored coin implementations over Bitcoin usually used OP_RETURN, but the new RGB colored coin technique uses pay-to-contract instead, reducing onchain bloat.
Pay-to-contract is also used in the nice new Taproot concept. Briefly, taproot anchors a Merkle tree of scripts. The root of this tree is the contract s committed to. Then, you pay to a SegWit v1 public key, where the public key is the Q pay-to-contract commitment. When spending a coin paying to a SegWit v1 output with a Taprooted commitment to a set of scripts s, you can do one of two things:
Sign directly with the key. If you used Taproot, use the commitment private key q.
Reveal the commitment, then select the script you want to execute in the Merkle tree of scripts (prove the Markle tree path to the script). Then satisfy the conditions of the script.
Taproot utilizes the characteristics of pay-to-contract:
If you reveal first, then you still remain in sole control of the private key.
This is important if you take the Taproot path and reveal the commitment to the set of scripts s. If your transaction gets stalled on the mempool, others can know your commitment details. However, revealing the commitment will not reveal the internal private key p (which is needed to derive the commitment private key q), so nobody can RBF out your transaction by using the sign-directly path.
If you sign with the public key Q first, then you do not need to reveal the internal public key P or the contract s.
This is important for privacy. If you are able to sign with the commitment public key, then that automatically hides the fact that you could have used an alternate script s instead of the key Q.
Anyone verifying your signature using the public key Q is unaware that it is also used as a cryptographic commitment.
Again, privacy. Fullnodes will not know that you had the ability to use an alternate script path.
Taproot is intended to be deployed with the switch to Schnorr-based signatures in SegWit v1. In particular, Schnorr-based signatures have the following ability that ECDSA cannot do except with much more difficulty:
It is possible to generate a single public key that cannot be signed, except by the agreement of multiple signers who each contribute part of the public key. I.e. this is MuSig, which allows to create an n-of-n signing group that has a single public key.
As public keys can, with Schnorr-based signatures, easily represent an n-of-n signing set, the internal public key P can also actually be a MuSig n-of-n signing set. This allows for a number of interesting protocols, which have a "good path" that will be private if that is taken, but still have fallbacks to ensure proper execution of the protocol and prevent attempts at subverting the protocol.
Escrow Under Taproot
Traditionally, escrow is done with a 2-of-3 multisignature script. However, by use of Taproot and pay-to-contract, it's possible to get more privacy than traditional escrow services. Suppose we have a buyer, a seller, and an escrow service. They have keypairs B = b * G, S = s * G, and E = e * G. The buyer and seller then generate a Taproot output (which the buyer will pay to before the seller sends the product). The Taproot itself uses an internal public key that is the 2-of-2 MuSig of B and S, i.e. MuSig(B, S). Then it commits to a pair of possible scripts:
Release to a 2-of-2 MuSig of seller and escrow. This path is the "escrow sides with seller" path.
Release to a 2-of-2 MuSig of buyer and escrow. This path is the "escrow sides with buyer" path.
Now of course, the escrow also needs to learn what the transaction was supposed to be about. So what we do is that the escrow key is actually used as the internal public key of another pay-to-contract, this time with the script s containing the details of the transaction. For example, if the buyer wants to buy some USD, the contract could be "Purchase of 50 pieces of United States Federal Reserve Green Historical Commemoration papers for 0.357 satoshis". This takes advantage of the fact that the committer need not know the private key behind the public key being used in a pay-to-contract commitment. The actual transaction it is being used for is committed to onchain, because the public key published on the blockchain ultimately commits (via a taproot to a merkle tree to a script containing a MuSig of a public key modified with the committed contract) to the contract between the buyer and seller. Thus, the cases are:
Buyer and seller are satisfied, and cooperatively create a signature that spends the output to the seller.
The escrow service never learns it could have been an escrow. The details of their transaction remain hidden and private, so the buyer is never embarrassed over being so tacky as to waste their hard money buying USD.
The buyer and seller disagree (the buyer denies having received the goods in proper quality).
They contact the escrow, and reveal the existence of the onchain contract, and provide the data needed to validate just what, exactly, the transaction was supposed to be about. This includes revealing the "Purchase of 50 pieces of United States Federal Reserve Green Historical Commemoration papers for 0.357 satoshis", as well as all the data needed to validate up to that level. The escrow then investigates the situation and then decides in favor of one or the other. It signs whatever transaction it decides (either giving it to the seller or buyer), and possibly also extracts an escrow fee.
Smart Contracts Unchained
Developed by ZmnSCPxj here: https://zmnscpxj.github.io/bitcoin/unchained.html A logical extension of the above escrow case is to realize that the "contract" being given to the escrow service is simply some text that is interpreted by the escrow, and which is then executed by the escrow to determine where the funds should go. Now, the language given in the previous escrow example is English. But nothing prevents the contract from being written in another language, including a machine-interpretable one. Smart Contracts Unchained simply makes the escrow service an interpreter for some Smart Contract scripting language. The cute thing is that there still remains an "everything good" path where the participants in the smart contract all agree on what the result is. In that case, with Taproot, there is no need to publish the smart contract --- only the participants know, and nobody else has to. This is an improvement in not only privacy, but also blockchain size --- the smart contract itself never has to be published onchain, only the commitment to it is (and that is embedded in a public key, which is necessary for basic security on the blockchain anyway!).
Hiding commitments in signatures! Sign-to-contract is something like the dual or inverse of pay-to-contract. Instead of hiding a commitment in the public key, it is hidden in the signature. Sign-to-contract utilizes the fact that signatures need to have a random scalar r which is then published as the point R = r * G. Similarly to pay-to-contract, we can have an internal random scalar p and internal point P that is used to compute R:
R = P + h(P | s) * G
The corresponding random scalar r is:
r = p + h(P | s)
The signing algorithm then uses the modified scalar r. This is in fact just the same method of commitment as in pay-to-contract. The operations of committing and revealing are the same. The only difference is where the commitment is stored. Importantly, however, is that you cannot take somebody else's signature and then create an alternate signature that commits to some s you select. This is in contrast with pay-to-contract, where you can take somebody else's public key and then create an alternate public key that commits to some s you select. Sign-to-contract is somewhat newer as a concept than pay-to-contract. It seems there are not as many applications of pay-to-contract yet.
Sign-to-contract can be used, like pay-to-contract, to publish commitments onchain. The difference is below:
Signatures are attached to transaction inputs.
Public keys are attached to transaction outputs.
One possible use is in a competitor to Open Timestamps. Open Timestamps currently uses OP_RETURN to commit to a Merkle Tree root of commitments aggregated by an Open Timestamps server. Instead of using such an OP_RETURN, individual wallets can publish a timestamped commitment by making a self-paying transaction, embedding the commitment inside the signature for that transaction. Such a feature can be added to any individual wallet software. https://blog.eternitywall.com/2018/04/13/sign-to-contract/ This does not require any additional infrastructure (i.e. no aggregating servers like in Open Timestamps).
R Reuse Concerns
ECDSA and Schnorr-based signature schemes are vulnerable to something called "R reuse". Basically, if the same R is used for different messages (transactions) with the same public key, a third party with both signatures can compute the private key. This is concerning especially if the signing algorithm is executed in an environment with insufficient entropy. By complete accident, the environment might yield the same random scalar r in two different runs. Combined with address reuse (which implies public key reuse) this can leak the private key inadvertently. For example, most hardware wallets will not have any kind of entropy at all. The usual solution to this is, instead of selecting an arbitrary random r (which might be impossible in limited environments with no available entropy), is to hash the message and use the hash as the r. This ensures that if the same public key is used again for a different message, then the random r is also different, preventing reuse at all. Of course, if you are using sign-to-contract, then you can't use the above "best practice". It seems to me plausible that computing the internal random scalar p using the hash of the message (transaction) should work, then add the commitment on top of that. However, I'm not an actual cryptographer, I just play one on Reddit. Maybe apoelstra or pwuille can explain in more detail. Copyright 2019 Alan Manuel K. Gloria. Released under CC-BY.
GitHub is where people build software. More than 50 million people use GitHub to discover, fork, and contribute to over 100 million projects. Services. Home Stuff we do for you; Exchange. Buy and sell! We exchange any crypto that is in Coinmarketcap. Education . We educate the public, businesses and individuals about Bitcoin, decentralization and Blockchain. ATM Distribution. We distribute Cytprocoin ATMs and POS solutions and give support with their setup. Smart Contracts, Escrow and Insurances. The bitcoin escrow service acts as a ... I made a payment of bitcoin into escrow for services that were not delivered. I requested that the funds be returned and they have been removed from escrow, but never returned to me. Can I do anything ... fraud escrow. asked May 19 at 20:26. Alrob01. 1. 0. votes. 0answers 20 views Make bitcoin escrow payment (PHP) Hello ! i'm making a bitcoin shop, i'm on the step for payment them step are ok ... Trade Bitcoin for USD using bitcoind and dwolla.com to perform the transfer. Escrow services are useful because its easier (in theory) to trust an escrow service than a receiving party due to motivations. An escrow service is willing to be a public entity with a verifiable identity when two parties ... EscrowCoin will support Escrow services for multiple cryptocurrencies, aiming to create a ... “Bitcoin has produced a transaction processing infrastructure that looks a lot like Amazon Web Services (something I am sure Buffett would agree is extremely valuable),” Wilson wrote on his popular technology and investing blog AVC.com. Wilson does agree with Buffet, however, that it is very ...
28c3 LT Day 4: Easy bitcoin web apps with django-bitcoin
Why the blocksize limit keeps Bitcoin free and decentralized What is NAMECOIN BITCOIN'S First Fork http://youtu.be/oBkhPhu3_B4 Test Scanning Stainless Steel ... specialized services such as pre-paid custom legal document creation, app testing, high end branding and design, expert marketing advice and sales coaching. WorkCoins are held in escrow via smart ... Decentralized Escrow and P2P Crypto-exchange on the Ethereum blockchain. Project website: https://payfair.io/ Email: [email protected] Bitcointalk: https:/... Overview of the Blockmarket escrow system You can find the latest release for Win/Mac here: https://github.com/syscoin/blockmarket-desktop-public/releases (S... How to create your own bitcoin marketplace, webshop, escrow service or wallet app easily with django-bitcoin library. https://github.com/kangasbros/django-bi...