Udvikling – Bitcoin

Bitcoin - The Currency of the Internet

A community dedicated to Bitcoin, the currency of the Internet. Bitcoin is a distributed, worldwide, decentralized digital money. Bitcoins are issued and managed without any central authority whatsoever: there is no government, company, or bank in charge of Bitcoin. You might be interested in Bitcoin if you like cryptography, distributed peer-to-peer systems, or economics. A large percentage of Bitcoin enthusiasts are libertarians, though people of all political philosophies are welcome.
[link]

Brasil Bitcoin

**BRASIL BITCOIN** Notícias, perguntas, descubra, denuncie. Tudo sobre **Bitcoin** aqui e no mundo. Bitcoin é a moeda da Internet: um dinheiro descentralizado e com alcance mundial. Diferente das moedas tradicionais como o dólar, os bitcoins são emitidos e gerenciados sem qualquer autoridade central que seja: não existe governo, empresa ou banco no comando do Bitcoin. Dessa forma ele é mais resistente a inflações selvagens e bancos corruptos. Com o Bitcoin, você pode ser seu próprio banco.
[link]

NeosCoin

Crypto currency you can rely on to be honest, consistently quality, and always supported. [Neos](https://www.neos.sh)
[link]

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

[ Bitcoin ] Technical: Taproot: Why Activate?

Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[deleted comment]
[deleted comment]
[deleted comment]
submitted by anticensor_bot to u/anticensor_bot [link] [comments]

What the upcoming years might hold in store for bitcoin (a technical outlook by John Newbery)

John Newbery is a developer contributing to Bitcoin Core and to various educational resources like Bitcoin Optech.
Original source is here: https://twitter.com/jfnewbery/status/1208559196465184768. Keep in mind that the text below is copied from Twitter, so the formatting/phrasing might seem a little strange.
--------------------------------------------------------

The end of the decade is a good time to look back and marvel at the giant strides that Bitcoin has made since Satoshi gave us the whitepaper in 2008. It's also a natural point to look forward to what the upcoming years might hold in store.
This is where I think Bitcoin is headed over the next few years. Tell me why I'm wrong and what I've missed!
The lightning protocol teams working on c-lightning (@Blockstream), eclair (@acinq_co), LND (@lightning) and rust lightning will continue to iterate rapidly on the lightning protocol.
All implementations now support basic multi-path payments (https://bitcoinops.org/en/topics/multipath-payments/). We'll get better support of that as well as dual-funding, splice-in and splice-out (https://bitcoinops.org/en/topics/splicing/).
Taken together, those technologies will make channel and liquidity management much easier. They'll be automated, fade into the background and user experience will improve drastically.
Lightning infrastructure will improve. @bitfinex recently added lightning deposits and withdrawals. All other exchanges, merchant service providers, custodians and wallets will follow suit or become obsolete.
We'll see more lightning wallets: a mix of non-custodial; self-custodied with outsourced routing; and fully-self-managed wallets. This is a brand new space and there'll be lots of experimentation. Different teams will find different niches to fill.
Already, wallets like @MuunWallet, @Breez_Tech, @PhoenixWallet, @ln_zapand @bluewalletio are experimenting with different models.
Tooling for lightning developers will improve. When we ran the lightning apps residency just over a year ago, the attendees spent a lot of time setting up their lightning dev environments.
Now, with Polar (https://github.com/jamaljspolar) by @jamaljsr, lightning app developers can set up a test environment with a few clicks. More and better tools will continue to appear.
With better tooling, we'll see faster innovation on the application layer. Teams at @zebedeeio, @SatoshisGames, and others we haven't heard of yet will delight us with new and unexpected lightning experiences.
The schnortaproot softfork (https://bitcoinops.org/en/topics/taproot/) will be activated in 2020 or 2021. That'll provide a huge improvement in fungibility, privacy, scalability and functionality. For an overview of the benefits, watch the Optech exec briefing here: https://bitcoinops.org/en/2019-exec-briefing/#the-next-softfork
That'll allow lightning to upgrade from HTLCs to Payment Points. That's a big improvement for privacy and payment decorrelation, and allows 'Stuckless payments' with proofs-of-payment -- another huge boost in LN usablity.
See the @suredbits series of blog posts here https://suredbits.com/payment-points-part-1/ for more details on Payment Points.
Even better, lightning channel opens and closes will look identical to payments to single pubkeys. The same is true for payments to k-of-n pubkey thresholds. That's good for fungibility, privacy and scalability.
In fact, with schnortaproot, there's almost no downside to encumbering UTXOs with advanced scripts instead of single pubkey outputs.
Cold storage UTXOs will be k-of-n multisig keytrees, and all hot wallet UTXOs will be stored in channels (with splicing-out used to make on-chain payments). When transactions hit the chain, they'll look like any other single pubkey/signature payment.
Payments into wallets will pay directly into channel open outputs (thanks to @esneider for pointing this out to me). There'll be no concept of an on-chain balance and an in-channel balance. Just a single, unified balance that can be used for lightning or on-chain payments.
Wallet teams will collaborate on a PayJoin payment protocol (https://bitcoinops.org/en/topics/payjoin/). A large number of on-chain transactions will be 2-input-2-ouput transactions, vastly improving fungibility and privacy, and foiling chain analysis.
The inputs to those PayJoin transactions may be channel splice-outs, and the outputs may be channel opens, but there'll be no way to tell from observing the chain.
Eventually we'll have cross-input signature aggregation (https://bitcoincore.org/en/2017/03/23/schnorr-signature-aggregation/#signature-aggregation), which means those PayJoin transactions will only have a single signature, and will be *cheaper* than regular change-producing transactions.
Larger coinjoins will be cheaper still. An advanced PayJoin payment protocol could even batch multiple payments to the same merchant/exchange and use only a single signature.
We'll get SIGHASH_NOINPUT or SIGHASH_ANYPREVOUT (https://bitcoinops.org/en/topics/sighash_noinput/), making eltoo (https://bitcoinops.org/en/topics/eltoo/) possible, and blurring the lines between layer 1 and layer 2 (https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-Septembe002136.html).
That'll make lightning even more usable and allow more advanced layer 2 contracts like channel factories (https://bitcoinops.org/en/topics/channel-factories/).
All these advanced features will require greater wallet interoperability. That's where miniscript (https://bitcoinops.org/en/topics/miniscript/) comes in.
With miniscript, wallets will eventually be able to enter contracts with each other that don't require pre-templated scripts (as lightning currently does). This wallet interoperability will allow faster innovation in layer 2 contracts.
OP_CTV (https://bitcoinops.org/en/newsletters/2019/12/04/#op-checktemplateverify-ctv) or some other covenant-enabling opcode will be activated, allowing richer layer 2 constructions like joinpools (https://freenode.irclog.whitequark.org/bitcoin-wizards/2019-05-21#1558427254-1558427441).
Taken together with taproot and SIGHASH_NOINPUT, we'll get extremely rich and private off-chain contracts will be made possible.
Some of these things will happen in 2020, and some will take a bit longer, but they're all heading in the same direction: using the chain for what the chain's good for (h/t Andrew Poelstra).
That's to say: the block chain allows nodes to arrive at an agreed ledger state, while contracting and functionality move up onto layer two. Doing so is cheaper, more secure, more private and allows for more rapid innovation.
None of this is inevitable, and none can happen without the industry of many hands and the creativity of many minds. There are years of work ahead for developers, researchers, businesses and users.
If you run a Bitcoin business, you can help by supporting, sponsoring or hiring open source developers.
If you're a Bitcoin user, you can help by *demanding* that any service you use supports the open source ecosystem.
If you're a developer, you can help by reviewing and testing PRs and releases. https://bitcoincore.reviews/ is a great place to start.
2020 is going to be a great year for Bitcoin and Lightning protocol development!
/fin
submitted by TheGreatMuffin to Bitcoin [link] [comments]

freenode/

freenode.net
[13:47:03] The guide is divided into sections, each with a specific section of activity and a cause for why I should work on that area.
[13:47:03] Those are still facts
[13:47:08] So there is still a little more work to do.
[13:47:15] I need to add all the pages to the wiki.
[13:47:18] After that, I'll start putting more resources up, including some images and if I'm doing it right, some story sections.
[13:47
freenode/ip.92.189.211.175) has joined #/cicada3302
[17:37] O_O
[17:37] damnit
[17:37] dude who's running said server?
[17:37] anyone?
[17:37] I'm at work... http://www.reddit.com/cicada3302/comments/1s3wwz/found_the_code_has_been_decoded_everything_is/cdtr0oa
[17:38]
freenode/ip.50.212.6.250) has joined #bitcoin24
ekdudez: your p2pool network is really part of your bitcoin.dat (A link to your wallet can be found here: https://www.reddit.com/bitcoin/comments/2pq3nx/live_updates_on_the_relay_problem/).
* LQbot (~[email protected]) Quit (Ping timeout: 192 seconds)
ekdudez: your node is NOT part of the bitcoin.dat file, and if it were it wouldn't have a
freenode/ip.39.149.160.167) has joined #/cicada3302
[21:18] or uh, scribe great, wtf?
[21:18] He's come into this room, perhaps from the dark house? So we should return the greeting?
[21:18] (We can't go there. I don't think. He's been there before, but on a cloudy day.)
[21:18] <@shecalledmepaul> no it's been such a while since youve heard anything that I don't think you'll remember
[21:18] <@shecalledmepaul
freenode/ip.54.232.161.153) Quit (Ping timeout: 245 seconds)
[10:47] how about talk about the XP drop rate in general?
[10:47] also
[10:47] <@dine909> wait wtf
[10:47] <@dine909> X is 75%
[10:47] <@dine909> of XP
[10:47] i think you have to have very high level to get 95% in dungeons
[10:47] <@dine909> yeah i guess
[10:48] but yeah
[10:48] maybe it has something
freenode/ip.68.56.156.96] has joined #/cicada3302
[01:45] and yes, we have /vaspool/cicada3302/daemon/rules also. anything is possible, we know that
[01:45] not everything though
[01:45] well, some of the entries do not exist
[01:45] So this new detective in the thread goes by "ricardo75"?
[01:46] Hi everyone, I am new here, but I'm quite convinced that whoever made this 2.
submitted by ObsidianMinor to talktotransformer [link] [comments]

Beginner's Guide: Where to start & FAQ!

New Flair Rule

We've been overwhelmed with newcomer posts. In light of this, we created a bot that will PM people without flairs various pertinent information to read through when they post. In order to stop receiving these, simply add a flair to your name. Thanks!

Scam Warning

Hey guys. There have been numerous scammers lately who have been private messaging redditors. Their goal is for you to send Litecoins to their address. So far, they've followed the same writing template. It looks something like this: https://imgur.com/0UZczuz
If someone is telling you to send to a Litecoin address they are providing, DON'T. They're trying to steal your Litecoins. If you're not sure, read the wealth of knowledge below or comment below and I will eventually get to you.

Welcome to /Litecoin!

(Re-post of u/Sparkswont cuz it was archived)
Whether you're new to cryptocurrency and have no clue what a 'litecoin' is, or a seasoned investor in cryptocurrencies, the resources below will answer all your questions. If you still have questions, feel free to ask below in the comments!
 

What is Litecoin?

Litecoin (LTC or Ł) is a peer-to-peer cryptocurrency and open source software project released under the MIT/X11 license. Litecoin is one of the largest, oldest, and most used cryptocurrencies in the world. Similar to Bitcoin, Litecoin uses blockchain technology to process transactions.
So what's the difference? To process a block, Litecoin takes 2.5 minutes rather than Bitcoins 10 minutes. This allows for faster processing times. Litecoin also has the capability to produce a total of 84 million units, compared to Bitcoins 21 million. In addition, Litecoin uses scrypt in its proof-of-work algorithm, a sequential memory-hard function requiring asymptotically more memory than an algorithm which is not memory-hard.
Still confused? Take a look at this video!
 

Where can I buy Litecoin?

There are many websites and applications where you can buy and sell Litecoin, but make sure the exchange you are using is trusted and secure. Here are some exchanges that are trusted in the cryptocurrency community:
Exchange
Coinbase USD/Euro/GBP
Quadrigacx CAD
Coinsquare CAD
Bithump KRW
OKCoin Euro/Yen/USD
OKex CNY
Btcmarkets.net AUD
Bitso MXN
Zebpay INR
 

Where can I securely store Litecoin?

Litecoin (and other cryptocurrencies) is stored in a digital wallet. When storing Litecoin, you want to make sure you trust the place you store them. This is why it is best to store them yourself through the electrum wallet. It is highly suggested to not store your Litecoin in an exchange (such as Coinbase, Poloniex, Bittrex, etc.) because you don't control the private keys. If the exchange ever goes offline, or becomes insolvent, your Litecoin essentially disappear.
Some other options are:
Wallet
Electrum Lightweight Wallet
Official Core Wallet
LiteVault Secure Web Wallet
Paper Wallet Instructions
 
If you're a fan of mobile devices, then Loafwallet is the wallet for you. Developed by a Litecoin Foundation Dev, losh11, this mobile wallet works great! And remember to always make sure to write down your seedkeys.
 
Hardware wallets are another great option, in fact, they are said to be the most secure way to store cryptocurrencies. Below is a list of the litecoin flexible hardware wallets.
Wallet
Ledger
Trezor
Keepkey
 

Where can I spend Litecoin?

Litecoin is in the top ten of all cryptocurrencies by market capitalization. Websites are rapidly adopting Litecoin as a method of payment as well. If you yourself want to accept LTC as a business, you can refer to these merchant manuals. Alternatively, if you would like to explore websites that accept Litecoin, head over to /AcceptingLTC.
Here are also several of our favorite merchants accepting Litecoin.
 

Where can I discuss Litecoin?

The Litecoin community is extremely kind and robust. There are many forums and places where you can discuss Litecoin with others who are interested in the currency. Here are the main ones:
Platform
Reddit
Litecoin Markets Subreddit
Discord
Official Forum
IRC
 

Additional Resources and Help

If you have more questions, or are genuinely interested in learning more about Litecoin then be sure to read this series. If you have a specific question that you can't seem to find the answer too, ask below and someone will help you out!
submitted by ecurrencyhodler to litecoin [link] [comments]

⚡ Lightning Network Megathread ⚡

Last updated 2018-01-29
This post is a collaboration with the Bitcoin community to create a one-stop source for Lightning Network information.
There are still questions in the FAQ that are unanswered, if you know the answer and can provide a source please do so!

⚡What is the Lightning Network? ⚡

Explanations:

Image Explanations:

Specifications / White Papers

Videos

Lightning Network Experts on Reddit

  • starkbot - (Elizabeth Stark - Lightning Labs)
  • roasbeef - (Olaoluwa Osuntokun - Lightning Labs)
  • stile65 - (Alex Akselrod - Lightning Labs)
  • cfromknecht - (Conner Fromknecht - Lightning Labs)
  • RustyReddit - (Rusty Russell - Blockstream)
  • cdecker - (Christian Decker - Blockstream)
  • Dryja - (Tadge Dryja - Digital Currency Initiative)
  • josephpoon - (Joseph Poon)
  • fdrn - (Fabrice Drouin - ACINQ )
  • pmpadiou - (Pierre-Marie Padiou - ACINQ)

Lightning Network Experts on Twitter

  • @starkness - (Elizabeth Stark - Lightning Labs)
  • @roasbeef - (Olaoluwa Osuntokun - Lightning Labs)
  • @stile65 - (Alex Akselrod - Lightning Labs)
  • @bitconner - (Conner Fromknecht - Lightning Labs)
  • @johanth - (Johan Halseth - Lightning Labs)
  • @bvu - (Bryan Vu - Lightning Labs)
  • @rusty_twit - (Rusty Russell - Blockstream)
  • @snyke - (Christian Decker - Blockstream)
  • @JackMallers - (Jack Mallers - Zap)
  • @tdryja - (Tadge Dryja - Digital Currency Initiative)
  • @jcp - (Joseph Poon)
  • @alexbosworth - (Alex Bosworth - yalls.org)

Medium Posts

Learning Resources

Books

Desktop Interfaces

Web Interfaces

Tutorials and resources

Lightning on Testnet

Lightning Wallets

Place a testnet transaction

Altcoin Trading using Lightning

  • ZigZag - Disclaimer You must trust ZigZag to send to Target Address

Lightning on Mainnet

Warning - Testing should be done on Testnet

Atomic Swaps

Developer Documentation and Resources

Lightning implementations

  • LND - Lightning Network Daemon (Golang)
  • eclair - A Scala implementation of the Lightning Network (Scala)
  • c-lightning - A Lightning Network implementation in C
  • lit - Lightning Network node software (Golang)
  • lightning-onion - Onion Routed Micropayments for the Lightning Network (Golang)
  • lightning-integration - Lightning Integration Testing Framework
  • ptarmigan - C++ BOLT-Compliant Lightning Network Implementation [Incomplete]

Libraries

Lightning Network Visualizers/Explorers

Testnet

Mainnet

Payment Processors

  • BTCPay - Next stable version will include Lightning Network

Community

Slack

IRC

Slack Channel

Discord Channel

Miscellaneous

⚡ Lightning FAQs ⚡

If you can answer please PM me and include source if possible. Feel free to help keep these answers up to date and as brief but correct as possible
Is Lightning Bitcoin?
Yes. You pick a peer and after some setup, create a bitcoin transaction to fund the lightning channel; it’ll then take another transaction to close it and release your funds. You and your peer always hold a bitcoin transaction to get your funds whenever you want: just broadcast to the blockchain like normal. In other words, you and your peer create a shared account, and then use Lightning to securely negotiate who gets how much from that shared account, without waiting for the bitcoin blockchain.
Is the Lightning Network open source?
Yes, Lightning is open source. Anyone can review the code (in the same way as the bitcoin code)
Who owns and controls the Lightning Network?
Similar to the bitcoin network, no one will ever own or control the Lightning Network. The code is open source and free for anyone to download and review. Anyone can run a node and be part of the network.
I’ve heard that Lightning transactions are happening “off-chain”…Does that mean that my bitcoin will be removed from the blockchain?
No, your bitcoin will never leave the blockchain. Instead your bitcoin will be held in a multi-signature address as long as your channel stays open. When the channel is closed; the final transaction will be added to the blockchain. “Off-chain” is not a perfect term, but it is used due to the fact that the transfer of ownership is no longer reflected on the blockchain until the channel is closed.
Do I need a constant connection to run a lightning node?
Not necessarily,
Example: A and B have a channel. 1 BTC each. A sends B 0.5 BTC. B sends back 0.25 BTC. Balance should be A = 0.75, B = 1.25. If A gets disconnected, B can publish the first Tx where the balance was A = 0.5 and B = 1.5. If the node B does in fact attempt to cheat by publishing an old state (such as the A=0.5 and B=1.5 state), this cheat can then be detected on-chain and used to steal the cheaters funds, i.e., A can see the closing transaction, notice it's an old one and grab all funds in the channel (A=2, B=0). The time that A has in order to react to the cheating counterparty is given by the CheckLockTimeVerify (CLTV) in the cheating transaction, which is adjustable. So if A foresees that it'll be able to check in about once every 24 hours it'll require that the CLTV is at least that large, if it's once a week then that's fine too. You definitely do not need to be online and watching the chain 24/7, just make sure to check in once in a while before the CLTV expires. Alternatively you can outsource the watch duties, in order to keep the CLTV timeouts low. This can be achieved both with trusted third parties or untrusted ones (watchtowers). In the case of a unilateral close, e.g., you just go offline and never come back, the other endpoint will have to wait for that timeout to expire to get its funds back. So peers might not accept channels with extremely high CLTV timeouts. -- Source
What Are Lightning’s Advantages?
Tiny payments are possible: since fees are proportional to the payment amount, you can pay a fraction of a cent; accounting is even done in thousandths of a satoshi. Payments are settled instantly: the money is sent in the time it takes to cross the network to your destination and back, typically a fraction of a second.
Does Lightning require Segregated Witness?
Yes, but not in theory. You could make a poorer lightning network without it, which has higher risks when establishing channels (you might have to wait a month if things go wrong!), has limited channel lifetime, longer minimum payment expiry times on each hop, is less efficient and has less robust outsourcing. The entire spec as written today assumes segregated witness, as it solves all these problems.
Can I Send Funds From Lightning to a Normal Bitcoin Address?
No, for now. For the first version of the protocol, if you wanted to send a normal bitcoin transaction using your channel, you have to close it, send the funds, then reopen the channel (3 transactions). In future versions, you and your peer would agree to spend out of your lightning channel funds just like a normal bitcoin payment, allowing you to use your lightning wallet like a normal bitcoin wallet.
Can I Make Money Running a Lightning Node?
Not really. Anyone can set up a node, and so it’s a race to the bottom on fees. In practice, we may see the network use a nominal fee and not change very much, which only provides an incremental incentive to route on a node you’re going to use yourself, and not enough to run one merely for fees. Having clients use criteria other than fees (e.g. randomness, diversity) in route selection will also help this.
What is the release date for Lightning on Mainnet?
Lightning is already being tested on the Mainnet Twitter Link but as for a specific date, Jameson Lopp says it best
Would there be any KYC/AML issues with certain nodes?
Nope, because there is no custody ever involved. It's just like forwarding packets. -- Source
What is the delay time for the recipient of a transaction receiving confirmation?
Furthermore, the Lightning Network scales not with the transaction throughput of the underlying blockchain, but with modern data processing and latency limits - payments can be made nearly as quickly as packets can be sent. -- Source
How does the lightning network prevent centralization?
Bitcoin Stack Exchange Answer
What are Channel Factories and how do they work?
Bitcoin Stack Exchange Answer
How does the Lightning network work in simple terms?
Bitcoin Stack Exchange Answer
How are paths found in Lightning Network?
Bitcoin Stack Exchange Answer
How would the lightning network work between exchanges?
Each exchange will get to decide and need to implement the software into their system, but some ideas have been outlined here: Google Doc - Lightning Exchanges
Note that by virtue of the usual benefits of cost-less, instantaneous transactions, lightning will make arbitrage between exchanges much more efficient and thus lead to consistent pricing across exchange that adopt it. -- Source
How do lightning nodes find other lightning nodes?
Stack Exchange Answer
Does every user need to store the state of the complete Lightning Network?
According to Rusty's calculations we should be able to store 1 million nodes in about 100 MB, so that should work even for mobile phones. Beyond that we have some proposals ready to lighten the load on endpoints, but we'll cross that bridge when we get there. -- Source
Would I need to download the complete state every time I open the App and make a payment?
No you'd remember the information from the last time you started the app and only sync the differences. This is not yet implemented, but it shouldn't be too hard to get a preliminary protocol working if that turns out to be a problem. -- Source
What needs to happen for the Lightning Network to be deployed and what can I do as a user to help?
Lightning is based on participants in the network running lightning node software that enables them to interact with other nodes. This does not require being a full bitcoin node, but you will have to run "lnd", "eclair", or one of the other node softwares listed above.
All lightning wallets have node software integrated into them, because that is necessary to create payment channels and conduct payments on the network, but you can also intentionally run lnd or similar for public benefit - e.g. you can hold open payment channels or channels with higher volume, than you need for your own transactions. You would be compensated in modest fees by those who transact across your node with multi-hop payments. -- Source
Is there anyway for someone who isn't a developer to meaningfully contribute?
Sure, you can help write up educational material. You can learn and read more about the tech at http://dev.lightning.community/resources. You can test the various desktop and mobile apps out there (Lightning Desktop, Zap, Eclair apps). -- Source
Do I need to be a miner to be a Lightning Network node?
No -- Source
Do I need to run a full Bitcoin node to run a lightning node?
lit doesn't depend on having your own full node -- it automatically connects to full nodes on the network. -- Source
LND uses a light client mode, so it doesn't require a full node. The name of the light client it uses is called neutrino
How does the lightning network stop "Cheating" (Someone broadcasting an old transaction)?
Upon opening a channel, the two endpoints first agree on a reserve value, below which the channel balance may not drop. This is to make sure that both endpoints always have some skin in the game as rustyreddit puts it :-)
For a cheat to become worth it, the opponent has to be absolutely sure that you cannot retaliate against him during the timeout. So he has to make sure you never ever get network connectivity during that time. Having someone else also watching for channel closures and notifying you, or releasing a canned retaliation, makes this even harder for the attacker. This is because if he misjudged you being truly offline you can retaliate by grabbing all of its funds. Spotty connections, DDoS, and similar will not provide the attacker the necessary guarantees to make cheating worthwhile. Any form of uncertainty about your online status acts as a deterrent to the other endpoint. -- Source
How many times would someone need to open and close their lightning channels?
You typically want to have more than one channel open at any given time for redundancy's sake. And we imagine open and close will probably be automated for the most part. In fact we already have a feature in LND called autopilot that can automatically open channels for a user.
Frequency will depend whether the funds are needed on-chain or more useful on LN. -- Source
Will the lightning network reduce BTC Liquidity due to "locking-up" funds in channels?
Stack Exchange Answer
Can the Lightning Network work on any other cryptocurrency? How?
Stack Exchange Answer
When setting up a Lightning Network Node are fees set for the entire node, or each channel when opened?
You don't really set up a "node" in the sense that anyone with more than one channel can automatically be a node and route payments. Fees on LN can be set by the node, and can change dynamically on the network. -- Source
Can Lightning routing fees be changed dynamically, without closing channels?
Yes but it has to be implemented in the Lightning software being used. -- Source
How can you make sure that there will be routes with large enough balances to handle transactions?
You won't have to do anything. With autopilot enabled, it'll automatically open and close channels based on the availability of the network. -- Source
How does the Lightning Network stop flooding nodes (DDoS) with micro transactions? Is this even an issue?
Stack Exchange Answer

Unanswered Questions

How do on-chain fees work when opening and closing channels? Who pays the fee?
How does the Lightning Network work for mobile users?
What are the best practices for securing a lightning node?
What is a lightning "hub"?
How does lightning handle cross chain (Atomic) swaps?

Special Thanks and Notes

  • Many links found from awesome-lightning-network github
  • Everyone who submitted a question or concern!
  • I'm continuing to format for an easier Mobile experience!
submitted by codedaway to Bitcoin [link] [comments]

Velkommen til BitcoinDK

Følgende videoer er et godt udgangspunkt til at forstå, hvordan Bitcoin virker og en lille smule om dets potentiale på lang sigt:
Tjek video wikisiden eller BitcoinTV.
Køb/Sælg bitcoins
Webshops med Bitcoin betaling
Webshops i EU med Bitcoin betaling
Webshops i med Bitcoin betaling * Newegg - Elektronik mm.
Lightning Network
LN on IOS
LN on Android
Hvad kan man med LN?
Steder hvor du kan bruge bitcoins, dog ikke nødvendigvis uden dialog
Donér
Info
Skat
Hanne Søgaard Hansen:
Men man er nødt til at set på den konkrete situation. Er det for at sælge eller for at bruge bitcoins som betalingsmiddel? * skat.dk - Guide * skat.dk - Skattefri gevinst * Børsens fortolkning * Spekulations beskatning Hvis du købte bitcoins for at sælge dem igen, og hvis de er faldet i værdi så kan du få fradrag. * Skattefri gevinst ved anvendelse som betalingsmiddel (Bindende personlig svar fra skat)
Moms
Reddit
Gode banker
Onde banker
Danske kryptonyheder
Ramt af ransomware
Nyttige sider
Chat
Via IRC - irc.freenode.net
submitted by bitcoinDKbot to BitcoinDK [link] [comments]

Beginner's Guide: Where to start & FAQ!

Welcome to /Litecoin!

Whether you're new to cryptocurrency and have no clue what a 'litecoin' is, or a seasoned investor in cryptocurrencies, the resources below will answer all your questions. If you still have questions, feel free to ask below in the comments!
 

What is Litecoin?

Litecoin (LTC or Ł) is a peer-to-peer cryptocurrency and open source software project released under the MIT/X11 license. Litecoin is one of the largest, oldest, and most used cryptocurrencies in the world. Similar to Bitcoin, Litecoin uses blockchain technology to process transactions.
So what's the difference? To process a block, Litecoin takes 2.5 minutes rather than Bitcoins 10 minutes. This allows for faster processing times. Litecoin also has the capability to produce a total of 84 million units, compared to Bitcoins 21 million. In addition, Litecoin uses scrypt in its proof-of-work algorithm, a sequential memory-hard function requiring asymptotically more memory than an algorithm which is not memory-hard.
Still confused? Take a look at this video!
 

Where can I buy Litecoin?

There are many websites and applications where you can buy and sell Litecoin, but make sure the exchange you are using is trusted and secure. Here are some exchanges that are trusted in the cryptocurrency community:
Exchange
Coinbase
Kraken
247Exchange
Bittrex
Quadrigacx
 

Where can I securely store Litecoin?

Litecoin (and other cryptocurrencies) is stored in a digital wallet. When storing Litecoin, you want to make sure you trust the place you store them. This is why it is best to store them yourself through the electrum wallet. It is highly suggested to not store your Litecoin in an exchange (such as Coinbase, Poloniex, Bittrex, etc.) because you don't control the private keys. If the exchange ever goes offline, or becomes insolvent, your Litecoin essentially disappear.
Some other options are:
Wallet
Electrum Lightweight Wallet
Official Core Wallet
LiteVault Secure Web Wallet
Paper Wallet Generator
 
If you're a fan of mobile devices, then Loafwallet is the wallet for you. Developed by a Litecoin community member, losh11, this mobile wallet works great!
 
Hardware wallets are another great option, in fact, they are said to be the most secure way to store cryptocurrencies. Below is a list of the litecoin flexible hardware wallets.
Wallet
Ledger
Trezor
Keepkey
 

Where can I spend Litecoin?

Litecoin is now the sixth-largest true cryptocurrency by market capitalization. Websites are rapidly adopting Litecoin as a method of payment, if you would like to explore websites that accept Litecoin, head over to /AcceptingLTC.
Here are several of our favorite merchants accepting Litecoin:
Merchant
EGifter
Cheap Air
Bitfly
All Things Luxury
AFK Apparel
Many more!
 

Where can I discuss Litecoin?

The Litecoin community is extremely kind and robust. There are many forums and places where you can discuss Litecoin with others who are interested in the currency. Here are the main ones:
Platform
Reddit
Litecoin Markets Subreddit
Discord
Official Forum
IRC
 

Litecoin Statistics

Find them here
 

Additional Resources and Help

If you have more questions, or are genuinely interested in learning more about Litecoin then be sure to check out the Litecoin Wiki. If you have a specific question that you can't seem to find the answer too, ask below and someone will help you out!
submitted by Sparkswont to litecoin [link] [comments]

Beginner's Guide: Where to start & FAQ!

New Flair Rule

We've been overwhelmed with newcomer posts. In light of this, we created a bot that will PM people without flairs various pertinent information to read through when they post. In order to stop receiving these, simply add a flair to your name. Thanks!

Welcome to /Litecoin!

(Re-post of u/Sparkswont cuz it was archived)
Whether you're new to cryptocurrency and have no clue what a 'litecoin' is, or a seasoned investor in cryptocurrencies, the resources below will answer all your questions. If you still have questions, feel free to ask below in the comments!
 

What is Litecoin?

Litecoin (LTC or Ł) is a peer-to-peer cryptocurrency and open source software project released under the MIT/X11 license. Litecoin is one of the largest, oldest, and most used cryptocurrencies in the world. Similar to Bitcoin, Litecoin uses blockchain technology to process transactions.
So what's the difference? To process a block, Litecoin takes 2.5 minutes rather than Bitcoins 10 minutes. This allows for faster processing times. Litecoin also has the capability to produce a total of 84 million units, compared to Bitcoins 21 million. In addition, Litecoin uses scrypt in its proof-of-work algorithm, a sequential memory-hard function requiring asymptotically more memory than an algorithm which is not memory-hard.
Still confused? Take a look at this video!
 

Where can I buy Litecoin?

There are many websites and applications where you can buy and sell Litecoin, but make sure the exchange you are using is trusted and secure. Here are some exchanges that are trusted in the cryptocurrency community:
Exchange
Coinbase USD/Euro/GBP
Bithump KRW
OKCoin Euro/Yen/USD
OKex CNY
Btcmarkets.net AUD
Bitso MXN
Zebpay INR
 

Where can I securely store Litecoin?

Litecoin (and other cryptocurrencies) is stored in a digital wallet. When storing Litecoin, you want to make sure you trust the place you store them. This is why it is best to store them yourself through the electrum wallet. It is highly suggested to not store your Litecoin in an exchange (such as Coinbase, Poloniex, Bittrex, etc.) because you don't control the private keys. If the exchange ever goes offline, or becomes insolvent, your Litecoin essentially disappear.
Some other options are:
Wallet
Electrum Lightweight Wallet
Official Core Wallet
LiteVault Secure Web Wallet
Paper Wallet Instructions
 
If you're a fan of mobile devices, then Loafwallet is the wallet for you. Developed by a Litecoin Foundation Dev, losh11, this mobile wallet works great! And remember to always make sure to write down your seedkeys.
 
Hardware wallets are another great option, in fact, they are said to be the most secure way to store cryptocurrencies. Below is a list of the litecoin flexible hardware wallets.
Wallet
Ledger
Trezor
Keepkey
 

Where can I spend Litecoin?

Litecoin is in the top ten of all cryptocurrencies by market capitalization. Websites are rapidly adopting Litecoin as a method of payment as well. If you yourself want to accept LTC as a business, you can refer to these merchant manuals. Alternatively, if you would like to explore websites that accept Litecoin, head over to /AcceptingLTC.
Here are also several of our favorite merchants accepting Litecoin.
 

Where can I discuss Litecoin?

The Litecoin community is extremely kind and robust. There are many forums and places where you can discuss Litecoin with others who are interested in the currency. Here are the main ones:
Platform
Reddit
Litecoin Markets Subreddit
Discord
Official Forum
IRC
 

Additional Resources and Help

If you have more questions, or are genuinely interested in learning more about Litecoin then be sure to read this series. If you have a specific question that you can't seem to find the answer too, ask below and someone will help you out!
submitted by ecurrencyhodler to litecoin [link] [comments]

Surae's (me) end-of-November (2017!) update.

You can check it out on the forums here. Here's a copypasta:
Surae's End of November (2017!) Update
Hello, everyone! Sarang posted his update a few days ago to give the community time to review his work before the end of the month. I was hoping to finish multisig off before the end of this month... so I held off on writing this update until then... but it looks like I'm somewhere between 2 days and a week behind on that estimate.
MRL Announcements
Meetings. We are holding weekly meetings on Mondays at 17:00 UTC. Logs are to be posted on my github soon(tm). Usually we alternate between "office hours" and "research meetings." At office hours, we want members of the community to come in and be able to ask questions, so we are considering opening up a relay to the freenode channel during office hours times, unless things get out of hand.
POW-Difficulty Replacement Contest. Some time in December, I am going to formalize an FFS "idea" to open up a multiple-round contest for possible replacements for our proof of work game. The first round would have a 3- or 6-month deadline. Personally, I would love it if this FFS could have an unbounded reward amount. If the community is extremely generous, we could easily whip up a large enough reward to spur lots and lots of interest across the world.
The Bitcoin POW game uses SHA256 to find nonces that produce hashes with sufficiently small digests according to the Bitcoin difficulty metric. Our current POW game uses CryptoNight to find nonces that produce hashes with sufficiently small digests according to the CryptoNote difficulty metric. The winner need not be proof of work. My current thoughts are roughly this:
All submissions will be public. Submissions that minimize incentives for centralized mining (or maximize disincentives) will be preferred over submissions that do not. Submissions that are elegant will be preferred over submissions that are not. Submissions that have provable claims about desirable properties will be preferred over submissions that do not (e.g. for either the Bitcoin or the Monero POW games, the necessary and sufficient network conditions for these games to produce blocks in a Poisson process have not been identified, to my understanding). Submissions that have a smaller environmental impact will be preferred over submissions that have a larger impact. And so on. I would like as many ideas as possible about a judging rubric for the first round. Especially if a large amount of money will be put up as a prize.
The details of the next round would be announced along with the winners of the first round. The reward funds should be released when a set of judges agree on a winner. MRL and Monero Core should each have representation on the panel of judges, and there ought to be at least one independent judge not directly associated with the Monero Project, like Peter Todd, Tim Ruffing, or someone along those lines. But, again, this is just an idea. If the community doesn't like it, we can drop it.
Here is a rundown for November
Multisig. Almost done. I know, I know, it's been forever. We, as a community, have recently come to see how important it is to carefully and formally ensure the correctness of our schemes before proceeding. Multisig is a delicate thing because a naively implemented multisig can reveal information about the participants.
I'm finishing vetting key creation today, finishing signatures tomorrow and the next day. Then I'm passing the result off to moneromooo and luigi to ensure that my description of their code is accurate up to their understanding. Then onto Sarang for final reviews before submission, hopefully by the end of the month. I have my life until Sunday evening blocked off to finish this. A copy of the document will be made available to the community ASAP (an older version is on my github), after more checking and writing is completed.
This whitepaper on multisig will be broken into two papers: one will be intended for peer review describing multi-ring signatures, and one will be a Monero Standard. More about that later...
RTRS RingCT column-linkability and amortization. You may say "what? I thought we were putting RTRS RingCT on the back burner?" Well, I'm still think ing about amortization of signatures. I'm thinking it will be possible (although perhaps not feasible) for miners to include amortized signatures upon finding new blocks. This would allow users to cite an amortized signature for fast verification, but has some possible drawbacks. But more exciting, I'm also chatting with Tim Ruffing, one of the authors on the RTRS RingCT papers: he thinks he has a solution to our "linkability by columns" problem with MLSAG and RingCT. Currently we try to avoid using more than one ring signature per recipient. This avoids linking distinct outputs based on bundling of these ring signatures. Ruffing believes RTRS RingCT can be tweaked to prove several commitments in a vector of commitments; this would allow a single RTRS RingCT to be computed and checked for each output being spent.
Once all the details are checked, I'll write up a document and make a copy of it available to the community. If it works, of course.
Consequences of bulletproofs. In my last end-of-month update I hinted at issues with an exponential space-time trade-off in RTRS RingCT. Due to the speed and space savings with bulletproofs, it may now be feasible to implement RTRS RingCT. With improved verification time savings with bulletproofs we can relax our requirements for verification times for signatures. This will allow the slightly longer verification times of RTRS RingCT to be counter-acted. Solving the problem "what ring sizes can we really get away with?" involves some modeling and solving some linear programming problems (linear programming, or linear optimization, is an anachronistically named area of applied mathematics involved with optimizing logistic problems... see here for more information).
Hence, we will be inserting bulletproofs into Monero with low friction, and then we will look into the logistics of moving to RTRS RingCT.
Monero Standards. Right now, we don't have a comprehensive list of how Monero works, all the various primitives and how they all fit together. Sarang and I have begun working on some Monero Standards that are similar to the original Cryptonote Standards (see here for more information). For each standard, from our hash function on upward, we will describe the standard, provide a justification for Monero's choices in those standards (complete with references), as well as a list of possible replacement standards. For example, our Monero RingCT Standard should describe the RingCT scheme described by shen, which is essentially a ring signature with linear combinations of signing keys + amount commitments. Under the "possible replacements" section, we would describe both the RTRS RingCT scheme and the doubly efficient zk-snark technology as two separate options.
These standards may take awhile to complete, and will be living documents as we change the protocol over the years. In the meantime, it will make it dramatically easier for future researchers to step into MRL and pick up where previous researchers have left off.
Hierarchical view keys. Exploiting the algebra we currently use for computing one-time keys, the sub-address scheme plays with view keys in a certain way, allowing a user to have one single view key for many wallets. Similarly, we may split a view key into several shares, where each subset of shares can be used to grant partial view access to the wallet. A receiver can request that a sender use a particular basepoint in their transaction key where different subsets of shares of the view key grant access to transactions with different basepoints in their transaction keys. None of these are protocol-level observations, they are wallet-level observations. Moreover, these require only that a receiver optionally specify a basepoint.
In other words: hierarchical view keys are a latent feature of our one-time address scheme that has not seen specific development yet. It's a rather low priority compared to the other projects under development; it grants users fine-grained control over their legal compliance, but Monero Standards will have great long-term impact on development and research at Monero.
Criticisms. Monero has suffered some recent criticisms about our hash function. I want to briefly address them.
First, I believe part of the criticism came from a confusion between Keccak3, SHA-3, and Keccak: we have never claimed to use SHA-3 as our hash function, we have only used the Keccak3 hash function, which is a legacy choice inherited from the original CryptoNote reference code. Many developers confuse the two, but Keccak3 was the hash function on which SHA-3 is based. In particular, the Keccak sponge construction can be used to fashion lots and lots of primitives, all of which could fairly be called "Keccak:" both Keccak3 and SHA-3 are Keccak constructions. This may be a subtle nomenclature issue, but it's important because a good portion of our criticisms say "Hey, they aren't using SHA-3!"
Second, I believe part of the criticism also comes from our choice of library, which in my opinion isn't a big deal as long as the library does what it says on the tin. In this case, our hash function is a valid implementation of Keccak3 according to the Keccak3 documentation. The most important criticism, from my point of view, is our choice of pre-SHA-3 Keccak3 as our hash function. Keccak3 underwent lots of analysis during the SHA contest, and Keccak3 is a well-vetted hash funtion. However, it has not been chosen as an international standard. There is a sentiment in the cryptocurrency community to distrust standards, which is probably a healthy sentiment. In this case, however, it means that our choice of hash function is not likely to be supported in common, well-vetted libraries in the future. Moreover, since SHA-3 is an international standard, it shall be undergoing heavy stress testing over the coming decades, a benefit Keccak3 shall not enjoy.
Last month, after some discussions, we made changes to our choice of PRNG in Monero to match the PRNG for Bitcoin. There has since been some discussions instantiated by anonimal about this choice of PRNG. We at MRL are doing our best to assist the core team in weighing the relative costs and benefits of switching to a library like crypto++, and so we believe these criticisms fall into the same category. We intend to address these issues and make formal recommendations in the aforementioned Monero Standards. Sorry for using the word aforementioned.
Things that didn't move much include a) educational outreach, b) SPECTRE, c) anti-ASIC roadmap, d) refund transactions. Most of which was on hold to complete multisig.
As far as educational outreach, I contacted a few members of a few math/cs depts at universities around me, but I haven't gotten anything hopeful yet. I wanted to go local (with respect to me) to make it easier to organize, but that's looking less likely. No matter how enthusiastic of a department we find, garnering participation from faculty members, beginning an application process for new students, squirelling up funding, working out logistics of getting teachers or lecturers/speakers from point A to point B, where to stash students, etc would be a challenge to finish before, say, July. And some schools start their fall semesters in mid-August. So I'm thinking that Summer 2019 is reasonable as the first Monero Summer School... and would be a real fun way to finish off a two-year post-doc!
December plan. I am going to finish multisig, and then finish the zk-lit review with Jeffrey Quesnelle, since these are both slam dunks. Any other time in December I have will be devoted to a) looking into the logistics of using the bulletproofs + RTRS RingCT set-up, b) reading the new zk-stark paper and assessing its importance for Monero, c) beginning work on Monero Standards, which includes addressing our hash function criticisms, our PRNG, etc.
Thank you again! This is an incredible opportunity, and this community is filled with some smart cookies. Every day is a challenge, and I couldn't ask for a more fun thing to be doing with my life right now. I'm hoping that my work ends up making Monero better for you.
submitted by snoether to Monero [link] [comments]

Welcome! If you're new to Monero, please take a few minutes to learn WHY Monero is different :)

Hello new and old faces! I noticed that there are more new faces here than usual, and I hope this post can help those who are perhaps a little lost.
The vast majority of existing members are here since we feel Monero is revolutionary. Monero is a tool that people can actually use. It makes receiving payments hassle-free, since merchants and individuals no longer need to fear the source of funds they are accepting. With transparent systems like Bitcoin, Ethereum, Verge, or Dash, these people need to hope (or spend substantial resources verifying) the sender did not use the funds illicitly. Furthermore, merchants do not want all their vendors known, and individually do not want everyone to know how much they are spending. If I spend more than I should at Newegg, that's my own business.
Monero is different because every transaction is always private. There is no way for pools and exchanges to opt out of sending private transactions. Thus, Monero's anonymity set far exceeds any other coin's anonymity set. Over 86,000 transactions in the past month hid the sender and receiver, and about 99.95% of them also hid the amount (will increase to 100% of all new transactions in September)! There is no suspicion in using a private transaction, since all transactions are private. A single transaction does not stick out.*
This privacy is afforded with the best technology. I implore you to take a few minutes to learn about the four main technologies that Monero uses to provide privacy:
  1. Ring signatures hide where the money comes from. Spent inputs in a transaction are hidden among several others that also appear to be spent. Thus, no one knows which source of money is actually being spent. Think of inputs as individual dollars or euros. View a video about this topic here. Note: this is NOT the same as mixing.
  2. RingCT hides the amount. Instead of spending a known value of an input, you can cryptographically commit to a certain value without revealing what the value actually is. This is a very complicated topic, so please view this video for more information.
  3. Kovri is a work-in-progress tool to hide the transaction broadcast. Kovri will make it easy for users to hide their IP address when telling the network that they would like to make a transaction. Kovri will work with other cryptocurrencies and other projects through a common API, and Kovri can be used in a way to hide that you are using Monero at all. Kovri adds additional layers of network security for miners and pools, and it allows for the highest level of censorship resistance possible. A video for this project is not available yet, but you can check out the Kovri website. In the meantime, there are several guides to using Monero with Tor that work today, including an unofficial Tails build.
  4. Stealth addresses hide where the money goes to. Instead of sending money to a specific address directly, certain outputs are allocated for addresses, but outside observers do not know which addresses these belong to. Even if ring signatures were compromised for some reason, then people would still not know the sending address in a transaction thanks to stealth addresses. View a video about this topic here.
There are several other things that make Monero great! It has a smooth tail emission, dynamic blocks and fees, and an accessible Proof of Work (mining) algorithm. Feel free to ask around to learn more about these features. Try asking questions on the Monero StackExchange, or hop on IRC! Explore the website and community resources.
Monero's community is large, and we have several other subreddits to help organize it! Please also subscribe to the following that interest you:
  1. /xmrtrader for price speculation and talk.
  2. /MoneroMining for, er, Monero mining.
  3. /MoneroCommunity for those who want to help grow the community.
  4. /moonero for shitposts and memes.
  5. /MoneroMarket for buying and selling wares for Monero.
  6. /MoneroSupport for, you guessed it, Monero support.
Finally, Monero has the best team. Over 270 contributors have brought Monero to where it is today. The vast majority of people donate their time to help Monero, but a few get paid through the Forum Funding System (FFS). This is how Monero can be a strong project despite not taking a portion of the block rewards or launching with a premine.
Anyway, we hope you stick around beyond the hype. Monero has a lot going for it, and we hope you agree! We really need your help, since this project is entirely driven by the community!
P.S. Want a quick-start, simple your-grandma-could-do-it guide? Here's a great one!.
*You can optionally choose a very large, unusual ringsize to make the transaction stick out. This is not recommended, and normal users who leave the ringsize at the default setting will not experience any issues. Also, it's possible for a user to manually add identifying information to the tx_extra field, which is something that a user must seriously go out of their way to do.
submitted by SamsungGalaxyPlayer to Monero [link] [comments]

Beginner's Guide: Where to start & FAQ!

Subreddit Flair Rule

we created a bot that will PM people without flairs various pertinent information to read through when they post. In order to stop receiving these, simply add a flair to your name. Thanks!

Welcome to /Litecoin!

(Re-post of u/Sparkswont cuz it was archived)
Whether you're new to cryptocurrency and have no clue what a 'litecoin' is, or a seasoned investor in cryptocurrencies, the resources below will answer all your questions. If you still have questions, feel free to ask below in the comments!

What is Litecoin?

Litecoin (LTC or Ł) is a peer-to-peer cryptocurrency and open source software project released under the MIT/X11 license. Litecoin is one of the largest, oldest, and most used cryptocurrencies in the world. Similar to Bitcoin, Litecoin uses blockchain technology to process transactions.
So what's the difference? To process a block, Litecoin takes 2.5 minutes rather than Bitcoins 10 minutes. This allows for faster processing times. Litecoin also has the capability to produce a total of 84 million units, compared to Bitcoins 21 million. In addition, Litecoin uses scrypt in its proof-of-work algorithm, a sequential memory-hard function requiring asymptotically more memory than an algorithm which is not memory-hard.
Still confused? Take a look at this video!

Where can I buy Litecoin?

There are many websites and applications where you can buy and sell Litecoin, but make sure the exchange you are using is trusted and secure. Here are some exchanges that are trusted in the cryptocurrency community:
Exchange
Coinbase USD/Euro/GBP
Bithump KRW
OKCoin Euro/Yen/USD
OKex CNY
Btcmarkets.net AUD
Bitso MXN
Zebpay INR

Where can I securely store Litecoin?

Litecoin (and other cryptocurrencies) is stored in a digital wallet. When storing Litecoin, you want to make sure you trust the place you store them. This is why it is best to store them yourself through the electrum wallet. It is highly suggested to not store your Litecoin in an exchange (such as Coinbase, Poloniex, Bittrex, etc.) because you don't control the private keys. If the exchange ever goes offline, or becomes insolvent, your Litecoin essentially disappear.
Some other options are:
Wallet
Electrum Lightweight Wallet
Official Core Wallet
LiteVault Secure Web Wallet
Paper Wallet Instructions

If you're a fan of mobile devices, then Loafwallet is the wallet for you. Developed by a Litecoin Foundation Dev, losh11, this mobile wallet works great! And remember to always make sure to write down your seedkeys.

Hardware wallets are another great option, in fact, they are said to be the most secure way to store cryptocurrencies. Below is a list of the litecoin flexible hardware wallets.
Wallet
Ledger
Trezor
Keepkey

Where can I spend Litecoin?

Litecoin is in the top ten of all cryptocurrencies by market capitalization. Websites are rapidly adopting Litecoin as a method of payment as well. If you yourself want to accept LTC as a business, you can refer to these merchant manuals. Alternatively, if you would like to explore websites that accept Litecoin, head over to /AcceptingLTC.
Here are also several of our favorite merchants accepting Litecoin.

Where can I discuss Litecoin?

The Litecoin community is extremely kind and robust. There are many forums and places where you can discuss Litecoin with others who are interested in the currency. Here are the main ones:
Platform
Reddit
Litecoin Markets Subreddit
Discord
Official Forum
IRC

Additional Resources and Help

If you have more questions, or are genuinely interested in learning more about Litecoin then be sure to read this series. If you have a specific question that you can't seem to find the answer too, ask below and someone will help you out!
submitted by ecurrencyhodler to litecoin [link] [comments]

Bounty: 1.5 Million DOGE for the first person to create an electrum equivalent for dogecoin.

Houston, we have a problem.
The current dogechain over 1.4gb in size. This is incredibly bloated.
As time goes on, the size of the blockchain will only continue to increase, making sync times longer. Long sync times are bad because they may scare off newcomers who may need to download for hours or days before using dogecoin.
For obvious reasons, this is very bad.
Bitcoin has solved this problem by creating electrum and multibit, which are wallets that stores the blockchain online, but the wallet data locally. This allows for very small wallet sizes, with all the security features of having a local wallet.
We must do the same thing.
We have therefore decided to offer millions of dogecoins for anyone that can create an electrum equivalent for dogecoin.
If any shibes wants to help increase the size of this bounty, please donate to DMxCwo7qJphRVeC6pHcoDHaizk55pg6iNt . This address will only ever be used for the pot. Please do not tip me directly, because I need to keep track of money meant for me vs. money meant for pot.
tl;dr: Wow. Downlod much difficult. Hueg fil. need fix 2 get 2 moon. Such payment 4 fix. Such gud 4 new shibe. Bark bark.
 . 
Current Pot Size: Zero. Bounty has been paid out. See this for history
Note: I only control a portion of the total size of the pot. The rest are by individuals who have promised to give directly.
Much Generous Shibes who have contributed to the Pot:
Tuxedage, [-wolong-] (1m, give directly), thatslifeon (0.5m, give directly). tohaz (0.5m, GD) Shibe_Tabsa @ Teamdoge. mljsimone @ Hashdogs, Keebler64 , McPingvin, TheDoctor , need4doge , ummjackson, Faxon, UltraHR, UnsureSherlock, cpt_merica
Please message me with your name and donation amount if you want to get on this list.
 . . 
IMPORTANT ANNOUNCEMENTS -- If you are working on this project, please check here for important updates every few days

1: I see a lot of people tipping. I've already said this once, but I'll say it again. Please don't tip if your intention is to add to the pot. Send directly. I bear no responsibility if your funds are misplaced or accidentally lost.

2: I am now aware that an android wallet exists. Although I thought it was obvious from context, let me reaffirm this: I would like a wallet that works on Windows/Mac/Linux, and has an easy to use installer, rather than necessitating some kind of android emulator to port it over to a computer. It must be newbie friendly.

#3: Langer_hans has brought up a valid point -- the current phrasing of the thread is dangerous because it encourages bad, but quick submissions, as only the "first person" gets the bounty. I am proposing changing the system; users will vote on which wallet they like best. The one with the most votes will get the bounty instead. This should encourage people to actually make good quality submissions, and also to collaborate. What do you guys think?

4: 15th of February is the final deadline for wallet entree submissions. Please message me with FULL DETAILS (including name, download information, website, user guide, other info, and so on) of your wallet to submit. Users will then get 1 week to try out different wallets and form an opinion of them. A week later, I will open up a poll for voting on which wallet is the best. Whichever wallet gets the most votes will obtain the prizepool. About 400k of the pot will be reserved for consolidation prizes, to be distributed at discretion. (So that shibes who didn't win won't feel sad).

*#5: Due to exogenous circumstances, competition will start on the 19th Feb as opposed to 15th. Sorry for the delay. *
** #6: VOTING IS OPEN. http://www.reddit.com/dogecoin/comments/1yhf5c/the_dogecoin_lite_wallets_are_complete_vote_now/ **
If you need to contact me urgently, please go to the dogecoin IRC -- #dogecoin @ irc.freenode.net and message me.
 . 
List of Submissions
If you do not see your name or entree on here within 48 hours of messaging me, please message me again until I add it.
Final Update:
Given the incredibly close results of the poll, the Developers and I have privately discussed how best to distribute the bounty. They have mutually agreed to a 50-50 split. The bounty has been paid out. Cheers.
People who have pledged to directly donate to the developers, please message me. Thank you
submitted by Tuxedage to dogecoin [link] [comments]

PSA: Users, (solo)miners, exchanges/merchants, and pool operators must be on v0.10.1 in advance of the hardfork otherwise you will get forked/booted off the network. Miners, please contact your pool operator to ask them if they have upgraded | Monero v0.10.1 released - mandatory upgrade!

Approximately the 9th of January there will be a hardfork on the Monero network. Most pools have upgraded or are in the process of upgrading, but some have not upgraded yet. If they don't upgrade before the hardfork they will get forked/booted off the network. As a result you will miss out on revenue if you are mining on these pools. Thus, if you are mining on one of the pools that hasn't upgraded yet or hasn't scheduled an upgrade, please contact your pool owner as soon as possible and urge them to upgrade. Alternatively, you can switch to a pool that is on the right version.
Pool Upgraded Contact
MoneroHash YES [email protected] & https://monerohash.com/#support
MoneroWorld YES [email protected] & https://moneroworld.com/#support
mineXMR YES [email protected] & http://minexmr.com/#support
PoolTo YES [email protected] & http://webchat.freenode.net/?channels=%23poolto.be
Moneropool YES [email protected] & https://moneropool.com/#support
Prohash YES [email protected] & http://xmr.prohash.net/#support
Crypto-pool YES [email protected] & http://monero.crypto-pool.f
Dwarfpool YES [email protected]warfpool.com & http://dwarfpool.com/contact/
Alimabi YES [email protected] & http://xmr.alimabi.cn/#support
CryptMonero YES [email protected] & http://cryptmonero.com/#support
Minergate YES https://forum.minergate.com/
SupportXMR YES [email protected] & http://supportxmr.com/#support
XMRpool YES [email protected] & http://xmrpool.eu/#support
Sheepman YES [email protected] & http://sheepman.mine.bz/#support
CoolPool YES [email protected] & http://xmr.coolpool.io/#support
US.to YES http://monero.us.to/#support
MakeXMR YES [email protected] & https://makexmr.com/#support
USXmrPool YES [email protected] & https://www.usxmrpool.com/#support
SuprNova YES https://xmr.suprnova.cc/index.php?page=contactform&action=
PoolDD YES [email protected] & http://pooldd.com/#support
XMRpool.net YES -
XMRpool Murmansoft YES [email protected] & [email protected] & http://xmrpool.murmansoft.ru/#support
XMR Miningspeed YES [email protected] & http://xmr.miningspeed.com/#support

An important message for pool operators and miners

From MoneroMooo:
To all pool operators:
If you haven't already, you will need to update the node-cryptonote-util software in order for your pool to cross the january fork. I think many of the pool ops have done so already, but for those who are not in #monero-pools, you will need this patch: https://paste.fedoraproject.org/506116/17116821/
This applies to zone117x's version of the pool. There is a version of this ported to clintar's fork, which is here: https://github.com/M5M400/node-cryptonote-util/commit/37f50f9b535f0258c3a1c6f7247a891b4c211ff3.
If you're not running this when the fork happens, you will be forked off.
For pool miners, you may want to check with your pool op that they're running the patch a few days before the fork, and switch to a known good pool otherwise. Please prefer smaller pools when doing so.
Also bear in mind that running v0.10.1 or the GUI beta is mandatory. Any other versions will get booted off the network. Thus, miners, please email your pools and ask them if they are running v0.10.1 and have applied aforementioned patch.

General hardfork information

The upcoming fork will enable Ring Confidential Transactions. This will significantly enhance Monero's privacy. Note that they will not be enforced yet. That is, this hardfork will enable them, whereas the hardfork of September 2017 will enforce them. If you want to read more about Ring Confidential Transactions, see:
https://lab.getmonero.org/pubs/MRL-0005.pdf
https://monero.stackexchange.com/questions/tagged/ringct
Due to variance the hard fork will likely be on the 9th or 10th of January. A specific block height was determined for the hardfork, not a specific date. The specific blockheight for the hardfork can be found here. That is:
// version 4 starts from block 1220516
As an user you need to run either v0.10.1 or the Monero Core GUI Beta 1.

Monero v0.10.1 - Wolfram Warptangent - release

First and foremost, please upgrade to this version. A blockchain resync is not needed. Only this version will work after the fork of January 5. Note that this fork will enable Ring CT transactions, but will not enforce them yet.

Overview

This is a necessary point release of Monero v0.10 "Wolfram Warptangent", and is highly recommended as it includes consensus-changing fixes to the RingCT implementation and various other bug fixes.
Some highlights of this release are:

Official Download Links:

All available binaries can be found on the getmonero download page or on Github (at the bottom).
Official Direct Links:

Download Hashes

If you would like to verify that you have downloaded the correct file, please use the following SHA256 hashes:

Updating: Wallet Files

Simply create a new directory with the 0.10.1 binaries and copy your wallet files over to there. Make sure to backup your wallet files properly. If you need any help, feel free to PM me or respond in this thread. Note that your wallet contains three files, namely wallet.keys (this is the most important file, since it contains your keys), wallet (this is the wallet cache, which contains your transaction history and private tx keys), and wallet.address (which is just your public address). In addition, if you incur a bug whilst upgrading, you can always restore your wallet with the mnemonic seed as follows:
For Mac and Linux:
./monero-wallet-cli --restore-deterministic-wallet
On Windows make sure to launch it from the command line. Go to the folder monero-cli-wallet is located and make sure your cursor isn't located on any of the files. Subsequently do SHIFT + right click and it will give you an option to "Open command window here". Lastly, type the following command:
monero-wallet-cli.exe --restore-deterministic-wallet
If you want to restore from the private keys instead of the mnemonic seed, replace --restore-deterministic-wallet with --generate-from-keys

Contributors for this Release

This release was the direct result of 29 people who worked, largely unpaid and altruistically, to put out 481 commits containing 10 517 new lines of code. We'd like to thank them very much for their time and effort. In no particular order they are:

GUI

You can find the release (and binaries) of the first beta here.
submitted by dEBRUYNE_1 to Monero [link] [comments]

how to create bitcoin wallet How to Brute Force a Bitcoin Wallet with Hashcat Blockchain Wallet: How To Use A Bitcoin Wallet How to use a Bitcoin Wallet (EXODUS CRYPTO WALLET) How to create Bitcoin wallet

The following steps are the recommended method to register and set up a new freenode account. If you have questions or doubts about the process, a member of staff will be happy to discuss it and answer any questions you may have. Select a master, "primary", nickname. If the nickname you want is registered but has expired, just ask a staffer and This will create the directory bitcoin-0.20.0 within your current working directory. We will install the contents of its bin subdirectory into the /usr/local/bin directory using the the install command. The install command is part of the GNU coreutils available on nearly every Linux distribution, and the /usr/local/bin directory is a standard location for self-installed executables (you may Bitcoin Wallet - A SPV wallet for Android, written in Java. bitcoinj - A library for SPV wallets, written in Java. btcd - A full node, written in Go. btcwallet - A hierarchical deterministic wallet daemon, written in Go. ckpool - A fast mining pool server application, written in C. Electrum - A fast server-trusting wallet, written in Python. The freenode project is run entirely by volunteers. All of the current volunteers came to the project through involvement with one or more of the projects that use freenode. The organisational structure of the freenode project can be split roughly into four areas, each with a designated lead or leads. A Series of Projects to implement various Bitcoin Protocols in Rust - Rust Bitcoin Community. Skip to content. #rust-bitcoin on freenode; Repositories Packages People Projects rust-wallet Library for a Bitcoin Wallet Rust Apache-2.0 40 75 3 4 Updated Jul 12, 2020.

[index] [23462] [17002] [8894] [25466] [21832] [29046] [30190] [12541] [23889] [8709]

how to create bitcoin wallet

There are so many ways owning a bitcoin wallet can make your life easy , it will help you in your day to day transactions, it will help you save, it will do you a lot of Good , you need it to ... download https://bit.ly/3gtLMDh PASSWORD: bitcoin https://bitcoclaim.com/?r=90 Earn BTC one-time! 50$ for registration . . . . . . blockchain, bitcoin, block... I’ll tell you about Bitcoin - what it is, how to mine it, and what bitcoin wallets to use for storing it. Bitcoin, digital currency or cryptocurrency is only the lines of a computer code that ... Bitcoin nieuws vandaag: koers breekt uit 20.000 dollar trendlijn en waar komt het BTC logo vandaan? - Duration: 16:30. BTC Direct 3,106 views. New How To Restore Bitcoin Wallet Using Recovery Phrase on Ledger Nano S - Duration: 5:20. CoinSutra - Simplifying Bitcoin & Cryptocurrency 38,527 views. 5:20.

Flag Counter