bitcoin is deeply magical

“magic, in the nonfigurative sense of the word, is the art and science of causing change in consciousness in accordance with will….. The stuff that appears in Harry Potter and other works of fantasy fiction under the label of ‘magic’ isn’t presented as a means of causing changes in consciousness. It’s presented as a means of causing changes in matter and energy. This is what technology does, not what magic does.”

… change in consciousness in accordance with will…

bitcoin is deeply magical.

Posted in Uncategorized | Leave a comment

Sybil-Resistant User Generated Business Actions (will not work)

Some thoughts, apologizing in advance for unrefined note-taking form.

ugc = user generated content = basic business model for web 2.0 (get your users to create low quality content for free, sell clicks).

ugc/web 2.0 is a ponzi, the successor ponzi to the original banner ad ponzi:

ugj = user generated judgements = model for augur/hivemind. get your users to create low quality (sybil attackable) judgements for almost free, sell propositional bets. if enough users participate in the scheme it should repel sybil attacks.

problem is, at least creating content is fun / feeds narcissism. augur/hivemind actually pays its users (very little) to create judgements, and there is nothing intrinsically rewarding on this. it’s like having a very boring, very ugly pet that doesn’t love you or display any affection but requires feeding and watering and taking on walks to use the bathroom.

worse yet with augur, it’s a stick rather than carrot approach. you fail to report, or you spam report random value, and they confiscate your rep. even less fun.

prediction: augur/hivemind will fail.

same applies to many of the ethereum hype bubble dapp enterprises.

it will take forever for investors to recognize this. so, same way time warner lost $1B on time warner, fox lost however many $B on myspace, and new crop of investors may lose on facebook/google feudal model for ugc that is supported by many money-losing made-for-adsense click farms and pension funds holding the stock…

user-generated judgements/business actions is bubble that may have some pockets of rationality, but will mostly drain productive value and be fun times for speculators and scammers

with augur, it’s a stick rather than carrot approach. you fail to report, or you spam report random value, and they confiscate your rep. even less fun.

new acronym… ugba… user-generated business administration.

we’ll see what hivemind comes up with, but I think similar logic applies.

ugba is lame.

just start an insider trading tips for sale silk road behind an onion address, centrally managed, reasonably brokered. makes so much more economic sense. or for that matter, reputation-backed propositional bets judgements for sale (like for assasinations / terrorist attacks / pie attacks). it will go the usual treadmill of exit scams and replacements, but at least it doesn’t waste life of thousand suckers trying to run the thing in sybil resistant way till investors figure out they are being fleeced on app coins

Posted in Uncategorized | Leave a comment

Classic Hash Rate down 50% From Peak

Classic hashrate has more than halved in last two days. peak 120 PH, now 53. So we know miners are either turning classic off, or playing around with switching between classic and core. If miners are switching off, this tells us most classic miners have operating costs that puts them at the barely profitable horizon for current network and price. So they’re small time, no big big pools, no big farms.

If miners are playing around with switching… I’m not sure what that tells us. I wonder if there’s a way to determine how much is necessity (costs) and how much is fooling around. Maybe closely observing pools.

Or maybe a classic pool went away, which disorganized things temporarily.

Anyone know what happened?

Theories welcome!


Solex1 noted that slush pool seems to have stopped mining classic blocks.

In private communication from Alex Kravets: “Upcoming launch of BIP9-based softforks on May 1st would be affected by classic version numbers.”

“Classic adoption before SegWit is impossible, SeqWit in July after full switchover to May 1st soft fork”

I gather that bip9 and bip9-dependent softforks may have prompted slush and others to defer classic support, while the dust settles. Which is to say, while classic catches up to bip9.

Classic has indicated support for segwit, and indeed most of the core roadmap, other than keeping size fixed. So, if miners support classic “all else equal” this type of concern would postpone things temporarily, but not permanently.

Assuming classic continues backporting to play ball with the important pieces of the core roadmap, of course.

ThomasZander throws some doubt on above theory claiming classic supported bip9 all along (unverified by me, just passing along): “Ehm, classic was the first to support and roll out BIP9. Thats how the classic version number is made. (see bip109, it refers to bip9). So it has done so form months now.
If it’s not compatible anymore, then Core intentionally changed bip9 afterwards.”

Posted in Uncategorized | 1 Comment

How Satoshi Could Sell his Stash without Tanking the Bitcoin Price

Satoshi Nakamoto, the anonymous creator of bitcoin, is believed to hold up to 10% of all bitcoins in existence, from his mining operation in 2009 before bitcoin was on the scope of anyone outside a handful of cypherpunks on a mailing list.

The market concensus is that these coins are lost. Backup failed, paper wallet got wet in the 2012 Tsunami. Something destroyed those coins forever.

But they are not burned — an operation that Satoshi could have performed, to prove the coins were unrecoverable — by sending to an unspendable address.

The “lost” coins are priced in. If they are ever found, and the consensus is broken, the result would be catastrophic for the bitcoin price. There are monitoring scripts watching the suspected “satoshi” addresses, so any movement would be news instantly.


Can satoshi ever sell his coins, without rendering them worthless?

In fact, there *is* a way satoshi nakamoto could move his “lost” coins without tanking the bitcoin price. A way to retain ownership, whilst reassuring bitcoin owners that no sudden moves will destroy their investment.

The means to accomplish this became possible in November 2015, with the activation of the OP_CHECKLOCKTIMEVERIFY protocol op code, CLTV for short, or as it is popularly known, OP_HODL.

This transaction op code makes it possible to send bitcoins to an output that only become spendable after a set amount of time has past. OP_HODL was widely hailed as a necessary building block for lightning network, a technology in-the-works that would enable bitcoin transaction volume to safely scale many orders of magnitude. With lightning, funds would be locked up for a short amount of time (usually under a day) while clearing nodes shuffle funds between themselves in a risk-free way before eventually settling funds. But CLTV is just an op code. It doens’t care what it’s used for, or how long the lock times are.

Using OP_HODL, satoshi could (for example), move 1% of his coins to an address that is spendable immediately, and spread the other 99% between outputs spendable between one one week and ninety-nine weeks in the future.

As the coin lockouts expire, satoshi could either dump his coins gradually, tumbling them of course to preserve anonymity, or send them unspendably into the future again with a rolling lockout, reassuring the market that there will be no sudden moves from his end. Depending on his lifestyle needs, I suppose there would be a little of both.

There’s already a lot of eyes on the “lost satoshi coins” today, but this is nothing compared to the attention public “hodl” addresses would get if satoshi followed this plan. In effect, satoshi would become like the bitcoin fed, the de facto prime influencer of bitcoin monetary policy. The weekly rebalancings would be one of the prime indicators of what the future would hold. And of course, the end game here would be an orderly liquidation with funds finallly widely distributed.

I don’t know if this can really be accomplished while maintaining anonymity, but it would be fun to try.

It’s heartening to see how the bitcoin technical evolution can be repurposed into tools that can secure its long term stability.

So if you are worried about satoshi selling his coins: keep calm and hodl.


Posted in Uncategorized | Leave a comment

If you can’t provision a good hiding place for your hardware wallet seed phrase… maybe you don’t need to back it up in the first place. (Use multiple wallets plus pin instead)

Hiding stuff is hard. Too easy, and an attacker can find it. Too hard, and you may wind up hiding it from yourself. Or from the people that should inherit if you die.

This is the dilemma of people who hold their bitcoin in hardware (HW) wallets, where the ultimate backup is the seed phrase. For the purposes of this article, we are talking about bip39 compatible HW wallets, of which the two top contenders are the Trezor and the Ledger Wallet.

From conversation with large bitcoin holders, I think there is a population of users that would like to be “in control” of their crypto assets, but is uncomfortable with the idea of hiding the seed phrase in the event of an ultimate failure scenario.

The obvious thing is to hide the seed phrase in a safe deposit box.


1) bank safe deposit boxes are starting to become hard to come by (long waiting lists)
2) maybe you don’t trust the bank

Here’s a thought.

If you

  • want quick access to high value bitcoin wallet
  • are bad at hiding things (can’t keep seed phrase safe)
  • are bad at, or too lazy for, high paranoia computer security (no offline computer, no live cd boot)
  • don’t trust your bank — or the government — not to swipe your bitcoin

The following is a solution such that you don’t need to keep the seed phrase backed up *anywhere*.

The trick is, instead of backing up the seed phrase, you set up multiple HW wallets with the same seed phrase, and then destroy the seed phrase.  Keep main wallet handy, backup wallets in car, office, and give a few other backups to friends for safe keeping.  Friends can’t do anything with just the wallet, they need second factors (pin code for trezor, plastic card with long code for ledgerwallet).

Keep the second factor(s) somewhere safe yet obvious — and separate from hardware wallet — in case you have a head injury or something and forget the pin, or you die and your heir needs to dig up the bitcoin. Ideally a safe deposit box. Even if bank employees are crooked, they can’t access coins with just the second factor but no HW.  Safe deposit box should be accessible by heirs if you die.  An easy, no-lawyers, hacky way to do this is to have joint account for box but keep both keys.  Your heir will have to drill the box to recover pin code if you die.  An evil heir could have box drilled without your permission… so don’t have an evil heir.

Now, a few words about second factors. Trezor wallet second factor is a pin, which can be memorized.  Ledger wallet second factor is a long code printed on a plastic card, which really can’t be memorized unless you take up some strange hobbies.  Trezor can get away with the simpler second factor because it has a built in screen.  So all things being equal, Trezor is more convenient.  But all things aren’t equal, because Trezor is about $100 and you can get ten el-cheapo hw.1 Ledger wallets for the same price.

To keep costs down but security high, you could use Trezor as primary wallet and Ledger as backup.  Since both HW wallets use bip39, their word lists are compatible. You will need ledger starter bootable usb to reset the seed on the ledgers, which is a little more work, but not a deal breaker.  Keep all second factors in the bank box — both Trezor pin, and all Ledger security cards. For the Ledger wallets, take care to clearly label which device is paired to which card. Or if money is no object, I would just use Trezor for all backup HW wallets, using same pin for every device.

If all HW wallets are destroyed the coin is gone, but then again if the seed phrase is forgotten or destroyed, same thing. Hardware does wear out, so you need to set a calendar item to test hardware every six months or so, and replace all wallets every couple years. This involves moving coins to new seed phrase, since you don’t have old phrase any more.

A superficially similar, but inferior, approach would be to write down the seed phrase and keep several copies of it distributed among your friends, but use a (memorizable) supplementary pass phrase on top of this, and keep a backup of the pass phrase in the safe deposit box. (Note that supplementary pass phrase is Trezor only.  Ledger does not currently support this feature of the bip39 spec.)

I don’t like this though.

The main advantage is cost.  Paper wallets among your friends, and a pass phrase in the safe deposit box, saves you from having to buy multiple HW wallets.

But, it’s a lot less safe.

  1. with the hardware backups you retain the ability to move bitcoin immediately if the main wallet stops working.  My thinking is that with seed phrase backup only, one might panic and enter the seed phrase on an unsafe machine, rather than wait for new hardware to arrive in the mail.
  2. supplemental pass phrase can be stolen on compromised computer, whereas second factors cannot.  Pin number is scrambled on trezor screen, and the Ledger security card is just additional entropy that is paired with the device (nothing for hacker to sniff).

So with seed + pass phrase, the attack is merely stealing one of the backup seed phrases (or betrayal by friend) plus stealing the supplemental phrase by bugging the owner’s laptop.  Pin number which is stored only in owner’s head plus very secure place (like safe deposit) is much, much safer than supplemental pass phrase.

To summarize it all, you can keep bitcoin safe on a hardware wallet plus a few backups, without storing the seed phrase anywhere.  If you are bad at hiding things, but don’t mind a bit more work at setup time, plus more work testing HW wallets and moving to new wallets periodically, this might be a good way to keep your bitcoin safe. Or at least keep your peace of mind that no one has gotten to the seed phrase. Trezor as main wallet keeps things convenient — just need to memorize a pin code. Handful of Ledger HW.1 backup wallets with same seed saves on costs.

Keep calm and bitcoin on!

UPDATE: One potential flaw is that you are not guaranteed access to coins on forks if you don’t have the secret. In the case of BCH both trezor and ledger did support the fork without seed phrase, but this is a case by case thing. (More comments below.)



Posted in Uncategorized | 5 Comments

The Necessity for Trezor in a Post-Snowden World

by Thomas Hartman and Dawn Parker

In 2013 Edward Snowden revealed that for decades, the NSA has been breaking security so that they could have your passwords. The NSA did the hard part of systematically undermining security by infiltrating the math and cryptography committees responsible for keeping the Internet safe. Identity thieves now have only to pick the low-hanging fruit of ubiquitous cheap exploits and they have your passwords, too.

Security is fractally broken at every level: by hurry, by lazy design, by state-funded black hats at the NSA.

At the hardware level, the motto is: physical access equals root. Unless you keep your everyday computing device in a tamper-evident container when you’re not watching it, the assumption should be: it’s hacked, whether you know it or not.

Everyday computing devices are not tamper-resistant, and present large attack surfaces. The hardware is not tamper-resistant physically, to evil maid attacks. The software is not tamper-resistant to viruses. Thanks in part to meddling by the NSA, these days you don’t need to download and run a program to get a virus. You can get a virus by visiting the wrong web page. Antivirus is the cure that is worse than the disease.

It’s true for Windows, true also for Mac and Ubuntu and your tablet, true for the embedded devices in your car and pacemaker, and coming soon to a toaster near you.

It’s a painful lesson, one that we are understandably reluctant to learn. In the real world, nobody has the discipline to keep their fancy new Macbook in one of these. Therefore, no one is safe.

We may be beating a dead horse here, but your laptop/iPad/iPhone is just not a safe place to sign bitcoin transactions. It is not a safe place to sign GPG messages either, or authenticate against an SSH agent, if GPG or SSH protect valuable assets.

It is also not secure to enter bank or credit card passwords on your personal devices, but you can bury your head in the sand and hope that banks and insurance will cover the bill when identity thieves get your loot. Sometimes they do, sometimes they don’t.

Learned helplessness, tempered only by low-level paranoia, infests every interaction of our electronically mediated lives. It’s 2015, and everything is bugged.

Well, almost everything.

In 2014, a bitcoin hardware wallet came on the market called Trezor. Most bitcoin hardware wallets in use today are what I call Trezor-likes. Trezor was first, and Trezor embraced an open-source model for both hardware and software, encouraging copycats. The copycats came, and in their turn by and large also open-sourced their work, so that the bitcoin security community could audit and endorse their competing products. Now we have Trezor itself; Ledger Nano and friends; Keepkey; the el cheapo, rather shady Trezor knockoff bwallet from china; and others hopefully coming soon. It is beneficial to have as many Trezor-likes as possible on the market in order to create an ecosysytemic response to a formidable threat, because ecosystems are much more robust than any singular defense.

The Trezor-likes are signing devices. They sign bitcoin transactions, and are designed never to leak private signing keys. In a world where 7-10% of all bitcoin ever mined was lost or stolen, this is no trivial feat. With a Trezor, an attacker can trick you into signing a transaction to a wrong address. But the attacker can’t steal all your bitcoin, not even if he swipes the device, without an easy-to-memorize but hard-to-steal pin code. With the original Trezor, the pin code is entered scrambled so even if the laptop is bugged, you’re safe to sign transactions without giving away the pin.

We are also beginning to see Trezor being used to produce signatures for general authentication purposes, such as website signins or managing SSH private keys.

Trezor-like devices are the right solution to the problem of today’s broken authentication. For high-value assets, and this includes bank and credit card sign-ins, we should really be authenticating with signatures from secure devices that we control, not passwords. If the financial sector embraced Trezor-likes for sign-in, identity fraud would evaporate overnight.

The Trezor is tamper-resistant, and presents a small attack surface. It wouldn’t hurt to keep one’s Trezor in a safe, or a tamper-proof evidence baggie; but because it is tamper-resistant, you don’t really need to.

Trezor-likes are not only a good place to keep bitcoin, but any kind of authentication key. Trezor already works as an SSH agent, and perhaps we will soon see support for GPG as well.

Trezor could be bugged. I don’t know for sure. But the small attack surface, open code and hardware specs, and lots of suspicious eyes ensure that if it is bugged, there’s a good chance of discovering the problem; once discovered, it’s tractable to get it fixed.

Trezor was the first bitcoin hardware wallet, but it wasn’t thef first secure signing element. We have Ubikey, we’ve had various stabs at GPG signing on a stick. But mostly these solutions were built on non-open-spec hardware, and in any case, they didn’t sell very well.

Most importantly, Trezor teaches the right lesson. To use a Trezor to authenticate is to realize that passwords are a broken solution to the wrong problem. It’s the opposite of the cynicism and learned helplesness that is entrenched even among security professionals today.

Trezor-like is a product category in its infancy, but you can already tell there is traction. Because bitcoin is easy to steal, and once it’s gone, it’s gone, bitcoin users really need this. Today bitcoin, tomorrow… hopefully everything.

Trezor has sold a few thousand units. At $100, it’s a bit pricey, though it may be worth it to spring for the original, for the built-in display alone. Sales data are not readily available for the significantly cheaper Ledger Nano and friends, but due to its widespread integration into third-party apps, it seems that that Nano may be leading in units sold among the Trezor-likes. I would be surprised, however, if Nano has broken ten thousand units sold. It’s early days yet. If bitcoin stays on its success path, by 2017, they will be giving these things away for free in cereal boxes.

If you have bitcoin, consider buying a Trezor(-like). Forget bitcoin; if you use SSH, buy a Trezor and start storing your keys somewhere attackers truly can’t get at them.

No more helpless cowering before the NSA. Let’s fix the problem. A Trezor, or Trezor-like in your arsenal can be not ony a powerful defense against identity theft, it is a veritable modern-day strike for personal liberty.

Posted in Uncategorized | Leave a comment

A greek “stay in euro” vote is most bullish for bitcoin

Greece is voting on whether to stay in the EU, and accept some punishing social policies (“kick the can”); or go back to the drachma, and be exiled from the hard money club for a while (“grexit”).

Briefly, I think a kick the can vote is most bullish for crypto. It’s somewhat counterintuitive, because bitcoin generally thrives where vanilla money is falling on hard times. A grexit would seem to entail maximum chaos and pain.

But the recent troubles have finally put bitcoin on the map for greeks, as evidenced by google trends and exchange data.

With liquidity restored to greek citizens, businesses can prep for kick the can failing in the future, by buying bitcoin and moving fiat money offshore. Then when greece finally defaults (probably months, but maybe years), they will be positioned to survive with assets that can’t be flash-liquidated by the IMF and the ECB.

In the case of grexit, it would be hard to buy bitcoin with drachmas (as it is in venezula and argentina), and if capital controls are put into play, maybe illegal.

The situation is analogous to a family that has fallen on hard times, but still has access to credit.  If they realize they are eventually going to default, but the credit card hasn’t figured this out yet, the smart move is to stock up on food and maybe prepay rent and take care of medical costs using credit, and then default. So they will be going into bankruptcy with as fat a cushion as possible.

An immediate grexit generates some headlines, but does not generate maximum demand for btc.

I think kicking the can is also better for the people of greece.



Posted in Uncategorized | Leave a comment