# Bitcoin Elliott Wave - Bitcoin Dan Boneh Bitcoin Price World

Finally! Real privacy for Bitcoin transactions from some Core developers

Greg Maxwell made a VERY exciting announcement for some real cutting edge stuff: a way to get full privacy with transactions in Bitcoin!
The great thing about this is, unlike ZCash, this new method:
There is a video here that describes confidential transactions in more detail. But the exciting announcement today is a way to make confidential transactions work with a size overhead only 3 times that of normal transactions. When combined with the further privacy improvement of CoinJoin or ValueShuffle, there is virtually no size overhead and no trusted third party or sharing of private data is required!
Thank you Greg, Pieter, and other Core team contributors for this excellent work on confidential transactions, coinjoin, and working on the theory and engineering to bring this to Bitcoin! Exciting developments! Thanks also Benedikt Bünz, Jonathan Bootle for your discovery of BulletProofs and Dan Boneh, Andrew Poelstra for your work on this.
Update: As pwuille pointed out, while the size overhead is 3X (or less per transaction w/ coinjoin), the CPU overhead for verification is still an order of magnitude higher than regular transactions. But we'll know more once they start working on an implementation.
submitted by fortunative to Bitcoin [link] [comments]

A message to /r/investing and /r/technology: You don't get it because you don't understand it...

You too, /bitcoin, but I believe a sizable minority actually do understand it.
The learning curve to understand why cryptocurrencies are an important development is very steep. I have a very hard time accepting things on faith, so I spent quite a bit of my time understanding the intricacies of what Bitcoin is. This is going to be a long post, because I'm going to walk you through what I had to learn to understand it.
I am a huge xkcd fan. When I first came upon bitcoin, I saw it in the context of this (looks like we need an update): http://xkcd.com/980/huge/#x=-6432&y=-6592&z=4
I remember pouring over that chart... It put a lot of things in perspective... and then I came upon "Market value of all Bitcoins." I'm pretty sure I had heard of bitcoin earlier than that, but it didn't really peak my interest until I saw it in this context. I remember at that time thinking the Bitcoin was like eGold or Digicash... but that didn't keep me from looking it up. And what I found amazed me, people were solving problems for Bitcoins. But I still didn't get it... why did it have value? I then found the Bitcoin whitepaper... http://bitcoin.org/bitcoin.pdf - I had some computer science knowledge, but not a lot of cryptography knowledge, so the paper made some sense, but not a lot. I was under the mistaken impression that cryptography fails... often. I kept hearing about failures of the MD5's and DES's and thought that all crypto would fail in a similar way. At this point, I did buy some Bitcoins, but I hadn't "bought into the idea." I then proceeded to learn more about cryptography. After asking a few questions on reddit, I decided I had to dive in a little more. I found a coursera course by Dan Boneh and went through the course (I have a math minor, so it was a great level to jump in at). I learned about crypto and was sastified well enough to have a lot more faith in it.
But it still didn't make sense to me why some very smart people would put faith in a currency, so I did some searching and found the mailing list posts from when Satoshi originally described bitcoin. I came upon a post from Hal Finney during the discussion - http://www.mail-archive.com/[email protected]/msg09996.html
One thing I might mention is that in many ways bitcoin is two independent ideas: a way of solving the kinds of problems James lists here, of creating a globally consistent but decentralized database; and then using it for a system similar to Wei Dai's b-money (which is referenced in the paper) but transaction/coin based rather than account based. Solving the global, massiely decentralized database problem is arguably the harder part, as James emphasizes. The use of proof-of-work as a tool for this purpose is a novel idea well worth further review IMO.
Ah hah! This is when the light really went on. Satoshi had taken cryptographic ideas/primitives and put them together in a novel way... He took other peoples ideas and modified them enough to come to a practical, but not complete solution to the problem of coming to a distributed consensus. When I say practical, I mean in the way an engineer might apply physics formulas to designing a vehicle. He took the parts and stuck them together in a way that was "good enough" to solve a distributed decentralized consensus. It's not perfect (51% attack, etc.), but it was good enough.
At this point... I believed the mechanics were sound. It was a consensus protocol that didn't exist before. It could be used as a way to transfer value by shared consensus. It only has value because people use it and believe in it, but the ones who originally believed in it believed in it for good reason.
Now after reading through that, I want you to watch two videos: https://www.youtube.com/watch?v=mD4L7xDNCmA https://www.youtube.com/watch?v=Pu4PAMFPo5Y
Disclosure: I own bitcoins, so this whole talk was designed to get you to buy into the evil Ponzi Tulip Pyramid scheme so I can make my millions and retire off the suffering of thousands of other people.
tl;dr: It's the protocol, stupid.
If you guys want to ask me questions or throw arguments at me, I will be happy to respond within reason.
submitted by throckmortonsign to Bitcoin [link] [comments]

Provisions: how Bitcoin exchanges can prove their solvency

It has long been a goal of the Bitcoin community for exchanges to be able to cryptographically prove solvency—that is, to prove that they still control enough bitcoins to cover all of their customers’ accounts. Greg Maxwell first proposed an approach using Merkle trees in 2013, but this requires revealing (at a minimum) the total value of the exchange’s assets and which addresses the exchange controls. Exchanges have specifically cited these privacy risks as a reason they have not deployed proofs of solvency, relying on trusted audit instead.
In a new paper presented this month at CCS (co-authored with Gaby G. Dagher, Benedikt Bünz, Jeremy Clark and Dan Boneh), we present Provisions, the first cryptographic proof-of-solvency with strong privacy guarantees. Our protocol is suitable for Bitcoin but would work for most other cryptocurrencies (e.g. Litecoin, Ethereum). Our protocol hides the total assets and liabilities of the exchange, proving only that assets are strictly greater than liabilities. If desired, the value of this surplus can be proven. Provisions also hides all customer balances and hides which Bitcoin addresses the bank controls within a configurable anonymity set of other addresses on the block chain. The proofs are large, but reasonable to compute on a daily basis (in the tens of GB for a large exchange, computable in about an hour). Best of all, it is very simple and fast for each user to verify that they have been correctly included. We can even extend the protocol to prevent collusion between exchanges. The details are in the paper, the full version of which is now online.
https://freedom-to-tinker.com/blog/jbonneau/provisions-how-bitcoin-exchanges-can-prove-their-solvency/
submitted by packetinspector to BitcoinMarkets [link] [comments]

[uncensored-r/Bitcoin] Finally! Real privacy for Bitcoin transactions from some Core developers

The following post by fortunative is being replicated because some comments within the post(but not the post itself) have been silently removed.
The original post can be found(in censored form) at this link:
np.reddit.com/ Bitcoin/comments/7d5zbc
The original post's content was as follows:
Greg Maxwell made a VERY exciting announcement for some real cutting edge stuff: a way to get full privacy with transactions in Bitcoin!
The great thing about this is, unlike ZCash, this new method:
  • Doesn't use untested new cryptography
  • Can be high performance (compared to alternatives)
  • Doesn't require a trusted setup
  • Doesn't break pruning
There is a video here that describes confidential transactions in more detail. But the exciting announcement today is a way to make confidential transactions work with a size overhead only 3 times that of normal transactions. When combined with the further privacy improvement of CoinJoin or ValueShuffle, there is virtually no size overhead and no trusted third party or sharing of private data is required!
Thank you Greg, Pieter, and other Core team contributors for this excellent work on confidential transactions, coinjoin, and working on the theory and engineering to bring this to Bitcoin! Exciting developments! Thanks also Benedikt Bünz, Jonathan Bootle for your discovery of BulletProofs and Dan Boneh, Andrew Poelstra for your work on this.
Update: As pwuille pointed out, while the size overhead is 3X (or less per transaction w/ coinjoin), the CPU overhead for verification is still an order of magnitude higher than regular transactions. But we'll know more once they start working on an implementation.
submitted by censorship_notifier to noncensored_bitcoin [link] [comments]

Progress On Hardfork Proposals Following The Segwit Blocksize Increase | Peter Todd | Aug 05 2016

Peter Todd on Aug 05 2016:
Repost by request from my blog, apologies for the somewhat screwy formatting!
layout: post
title: "Progress On Hardfork Proposals Following The Segwit Blocksize Increase"
date: 2016-08-05
tags:
With segwit getting close to its initial testnet release in Bitcoin Core
v0.13.0 - expected to be followed soon by a mainnet release in Bitcoin Core
v0.13.1 - I thought it'd be a good idea to go over work being done on a
potential hard-fork to follow it, should the Bitcoin community decide to accept
the segwit proposal.
First of all, to recap, in addition to many other improvements such as fixing
transaction malleability, fixing the large transaction signature verification
DoS attack, providing a better way to upgrade the scripting system in the
future, etc. segwit increases the maximum blocksize to 4MB. However, because
it's a soft-fork - a backwards compatible change to the protocol - only witness
(signature) data can take advantage of this blocksize increase; non-witness
data is still limited to 1MB total per block. With current transaction patterns
it's expected that blocks post-segwit won't use all 4MB of serialized data
allowed by the post-segwit maximum blocksize limit.
Secondly, there's two potential upgrades to the Bitcoin protocol that will
further reduce the amount of witness data most transactions need: [Schnorr
signatures](https://bitcoinmagazine.com/articles/the-power-of-schnorr-the-signature-algorithm-to-increase-bitcoin-s-scale-and-privacy-1460642496) and BLS aggregate signatures.
Basically, both these improvements allow multiple signatures to be combined,
the former on a per-transaction level, and the latter on a per-block level.
Last February
some of the mining community and some of the developer community got together to discuss potential
hard-forks, with the aim of coming up with a reasonable proposal to take to the
wider community for further discussion and consensus building. Let's look at
where that effort has lead.

Ethereum: Lessons to be learned

But first, Ethereum. Or as some have quipped, the Etherea:
The Battle for Etherea. https://t.co/2ATQRQRXnH">https://t.co/2ATQRQRXnH— Samson Mow (@Excellion) https://twitter.com/Excellion/status/759677608753627136">July 31, 2016
If you've been following the crypto-currency space at all recently, you
probably know that the Ethereum community has split in two following a very
controversial hard-fork to the Ethereum protocol, To make a long story short, a
unintended feature in a smart-contract called "The DAO" was exploited by a
as-yet-unknown individual to drain around $50 million worth of the Ethereum
currency from the contract. While "white-hat attackers" did manage to recover a
majority of the funds in the DAO, a hard-fork was proposed to rewrite the
Ethereum ledger to recover all funds - an action that many, including myself,
have described as a bailout.
The result has been a big mess. This isn't the place to talk about all the
drama that's followed in depth, but I think it's fair to say that the Ethereum
community found out the hard way that just because you give a new protocol the
same name as an existing protocol, that doesn't force everyone to use it. As of
writing, what a month ago was called "Ethereum" - Ethereum Classic - has 20% of
the hashing power as the bailout chain, and peaked only two or three days ago
at around 30%. As for market cap, while the combined total for the two chains
is similar to the one chain pre-fork, this is likely misleading: there's
probably a lot of coins on both chains that aren't actually accessible and
don't represent liquid assets on the market. Instead, there's a good chance a
significant amount of value has been lost.
In particular, both chains have suffered significantly from transaction replay
issues. Basically, due to the way the Ethereum protocol is designed - in
particular the fact that Ethereum isn't based on a UTXO model - when the
Ethereum chain split transactions on one chain were very often valid on another
chain. Both attacks and accidents can lead to transactions from one chain
ending up broadcast to others, leading to unintentional spends. This wasn't an
unexpected problem:
.https://twitter.com/petertoddbtc">@petertoddbtc we knew it would happen weeks before launch, we didn't want to implement replay-protection b.c. of implementation complexity— Vlad Zamfir (@VladZamfir) https://twitter.com/VladZamfistatus/759552287157133313">July 31, 2016
...and it's lead to costly losses. Among others Coinbase has lost [an unknown amount of
funds](https://twitter.com/eiaine/status/758560296017416194) that they may have to buy back. Even worse, BTC-e lost pretty much their entire balance
of original Ethereum coins - apparently becoming insolvent - and instead of
returning customer funds, they decided to declare the original Ethereum chain a scam instead.
A particularly scary thing about this kind of problem is that it can lead to
artificial demand for a chain that would otherwise die: for all we know
Coinbase has been scrambling behind the scenes to buy replacement ether to make
up for the ether that it lost due to replay issues.
More generally, the fact that the community split shows the difficulty - and
unpredictability - of achieving consensus, maintaining consensus, and
measuring consensus. For instance, while the Ethereum community did do a coin
vote as I suggested, turnout was extremely
low - around 5% - with a significant minority in opposition (and note that
exchanges' coins were blacklisted from the vote due to technical reasons).
Additionally, the miner vote also had low turnout, and again, significant
minority opposition.
With regard to drama resulting
from a coin split, something I think not many in the technical community had
considered, is that exchanges can have perverse incentives to encourage it. The
split resulted in significant trading volume on the pre-fork, status quo,
Ethereum chain, which of course is very profitable for exchanges. The second
exchange to list the status-quo chain was Poloniex, who have over 100
Bitcoin-denominated markets for a very wide variety of niche currencies - their
business is normally niche currencies that don't necessarily have wide appeal.
Finally, keep in mind that while this has been bad for Ethereum, it'd be even
worse for Bitcoin: unlike Ethereum, Bitcoin actually has non-trivial usage in
commerce, by users who aren't necessarily keeping up to date with the latest
dramaHHHHH news. We need to proceed carefully with any
non-backwards-compatible changes if we're to keep those users informed, and
protect them from sending and receiving coins on chains that they didn't mean
too.

Splitting Safely

So how can we split safely? Luke Dashjr has written both a
BIP, and
preliminary code
to do a combination of a hard-fork, and a soft-fork.
This isn't a new idea, in fact Luke posted it
to the bitcoin-dev mailing list last February, and it's been known as an option
for years prior; I personally mentioned it on this blog last January.
The idea is basically that we do a hard-fork - an incompatible rule change - by
"wrapping" it in a soft-fork so that all nodes are forced to choose one chain
or the other. The new soft-forked rule-set is simple: no transactions are
allowed at all. Assuming that a majority of hashing power chooses to adopt the
fork, nodes that haven't made a decision are essentially 51% attacked and will
follow an empty chain, unable to make any transactions at all.
For those who choose not to adopt the hard-fork, they need to themselves do a
hard-fork to continue transacting. This can be as simple as blacklisting the
block where the two sides diverged, or something more complex like a
proof-of-work change.
On the plus side, Luke's proposal maximizes safety in many respects: so long as
a majority of hashing power adopts the fork no-one will accidentally accept
funds from a chain that they didn't intend too.

Giving Everyone A Voice

It's notable that what Luke calls a "soft-hardfork" has also been called a
"forced soft-fork" by myself, as well as an "evil fork" by many others - what
name you give it is a matter of perspective. From a technical point of view,
the idea is a 51% attack against those who choose not to support the new
protocol; it's notable that when I pointed this out to some miners they were
very concerned about the precedent this could set if done badly.
Interestingly, due to implementation details Ethereum hard-fork was similar to
Luke's suggestion: pre-fork Ethereum clients would generally fail to start due
to an implementation flaw - in most cases - so everyone was forced to get new
software. Yet, Ethereum still split into two economically distinct coins.
This shows that attempting to k...[message truncated here by reddit bot]...
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-August/012936.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Dan Boneh - YouTube Stanford Webinar - The Future of Bitcoin and Cyber Security Bitcoin’s Value Proposition 2020  EASILY EXPLAINED  BEGINNER FRIENDLY  Bitcoin Expert Dan Held Efficient Confidential Transactions Using Bulletproofs-Dan Boneh, Stanford University  NEO DevCon 1 Dan Boneh - YouTube

The study of cryptocurrency and blockchain at educational institutions could impact positively on the space filling skill gaps in the industry, according to a report by Bitcoinist Dan Boneh. Note: HW#1 is posted on the course web site. Due Sep. 28. Recap. SHA256: a collision resistant hash function that outputs 32-byte hash values. Applications: a binding commitment to one value: commit(𝑚) ⇾ H(𝑚)or to a list of values: commit(𝑚1, …, 𝑚𝑛) ⇾ Merkle(𝑚1,…,𝑚𝑛) Proof of work with difficulty D Recap (2) Digital signatures: (Gen, Sign, Verify) Gen ... Bitcoin Dan Boneh (1) Bitcoin To Atm (4) Bitcoin Meetups San Francisco (3) Buy Bitcoins With Bank (1) Best Bitcoin Dice Sites (3) Convert Bitcoin In Dollars Bitcoin Services Inc Btsc (3) Convert Bitcoin In Dollars Bitcoin Transaction Energy (2) Convert Bitcoin In Dollars Bitcoin Gold Converter (3) Convert Bitcoin In Dollars Banks Bitcoin Ransomware (9) Convert Bitcoin In Dollars Bitcoin ... Dan Boneh Bitcoin, CS 251 Bitcoin and Cryptocurrencies — Syllabus! Panduan Lengkap Bitcoin council tax bailiffs income support Dan dan boneh bitcoin Mata Uang Digital Lainnya! View Lecture 3 - Bitcoin Scripts and Wallets.pdf from CS 251 at Paris School of Business. CS251 Fall 2020 (cs251.stanford.edu) Bitcoin Scripts and Wallets Dan Boneh Note: HW#1 is posted on the course

[index] [30854] [40441] [9848] [30537] [32295] [19402] [45524] [49003] [20768] [21289]

Dan Boneh - YouTube

Dan Boneh's video blog on cryptography and computer security. Dan Boneh is a professor of Computer Science at Stanford University working on applied cryptogr... This is a compilation of all lectures from an older version of the course "Cryptography I" taught by Dan Boneh of Stanford and offered on Coursera. Dan Boneh: What is the future of cryptography? - Duration: 4:53. Stanford University School of Engineering 17,751 views. 4:53. Lecture 1 — Intro to Crypto and Cryptocurrencies - Duration: 58:42 ... Stanford professor Dan Boneh teaches “Blockchain Primitives: Cryptography and Consensus,” providing an introduction to the cryptographic foundation of blockc... In this webinar, Stanford Professor Dan Boneh discusses recent developments in crypto currency and computer security. From writing secure code to applications of the blockchain, you will uncover ...

#