Gold collapsing. Bitcoin UP.

Daniel Krawisz, creator of ShufflePuff, changes his opinion on anonymity vs. sunshine, just as I have changed mine.

Read his latest article, written into this transaction:

This is the real paradigm divide between BSV and the rest of crypto. It's not pro- or anti-government so much as pro- or anti-sunshine. There are many non-anarchists who nonetheless cling to the vague and unexamined notion that darker is better as far as reining in government and central bank excess. Likewise there are many anarchists for whom a modified Bill Murray quote applies: "I always want to say to people who want to be rich and famous: 'try being rich first'. See if that doesn't cover most of it."

Well if you want to dissolve the state, try creating a system that doesn't let government hide its money flows. See if that doesn't cover most of the grievances you thought you wanted anonymity for.

If we are honest with ourselves I believe most of us never thought through the implications of a fully transparent but pseudonymous ledger, instead succumbing to assurances that it was soon to be fully anonymizable. We assumed the feature was a bug. That prevented us from seeing the true power of Bitcoin and the sunshine principle with privacy provided by economics.

It is inexpensive to audit government accounts because government is a small central entity, or as Larken Rose calls it, "a tiny dot ordering everyone else around." At scale, with proper privacy measures such as avoidance of address reuse and splitting/combining as the whitepaper mentions, the transaction web becomes so complex that it isn't economical or even possible for governments to practice widespread surveillance of the blockchain. It can only choose high-value targets to investigate, at cost.

This is yet another paradigm shift effected by Satoshi, turning the whole problem on its head via economics, just as he did with his solution to the Byzantine Generals problem.
Yes, totally agree. Bsv is the only coin with a mature concept of privacy vs anonymity. All other fail to understand and / or cynically see cryptocoins only valuable as a means for darknet payments.

Bch mostly competes with btc and xmr and dash and ltc to become the darling of darknets. Imho this is a failure strategy.

On btc ... They really gone crazy with ln. If you have a public node, you allow anybody to have a channel with you. When someone with tainted utxo has a channel with you and transfers coins via lightning, you basically end up with tainted coins.

It's not a problem right now, as nobody uses ln, but in case it gets popular, many many users will find themselves with tainted coins and hardly a way to prove where they had them from. This might become a terrible problem for many.

Now no kyc cash bitcoin market hodl hodl announced activated ln. What could go wrong?


Active Member
Mar 14, 2016
Anonymity, pseudonymity, privacy and transparency are still not understood by most. And in regards to the digital sphere I bet we will have to wait a few more decades to draw more definite conclusions.

Until then I welcome all different approaches, as it is not clear yet if the "dark" or the "bright" variant or a complex interplay between both variants is most beneficial to society.


Active Member
Sep 15, 2015
Nchain has more copyrights of the Bitcoin whitepaper, more threats to sue bloggers for libel, more bullying, more support from ass-kissers, more clowning, and more lies. Therefore, they are the developers of the true Bitcoin. If this doesn't smell like deja vu, please reconsider your approach to consuming and processing outside information. At some point, when you get to that place of complete honesty with yourself, you will admit that something is wrong.
What feels like deja vu is the unsubstantiated allegations and trolling from the anti-CSW camp.

I... SMELL... FEAR...

Also, I wondered why CSW had a supercomputer in his house. Turns out he teaches a masters level supercomputing course.
Following @freetrader link, I read the selfish mining bet story. I didn't know it was so simple.

Honest chain has 2/3 of hashrate, last block was found ten minutes ago. When is the next block expected? Csw says 5 min, Peter says 15min.

The theory of Peter's side: mining has no memory, the likelihood to find a lucky hash is always the same: 15 min. Like when you throw a dice, chance to get six eyes is always 1/6. Simple high school math.

But ... I think this concept doesn't work with expected times at all. If Peter is right, and expected time of lucky hash is 15 min .. What is it after one min of Unlukck hashes turned by? Still 15 min? When 20 min turned by?

The pure concept of expected time to be lucky is that there is a high chance an event takes place after it didn't for a certain amount of time. If expected time is always the same at any given time point after unlucky hashes, it makes no sense to talk about expected time at all.

The idea of expected time is that an event should occur after n minutes of it.not occurring
  • Like
Reactions: kostialevin


Active Member
"The pure concept of expected time to be lucky is that there is a high chance an event takes place after it didn't for a certain amount of time."

The concept of 'expected time' doesn't depend on that. What you're describing is NOT a memoryless process, and it's not how Bitcoin mining works.

"If expected time is always the same at any given time point after unlucky hashes, it makes no sense to talk about expected time at all."

Not quite. This is indeed a confusing topic, but the way to think of it is this: at every point in time miners have some chance of finding a block with the very next hash that they do. Similarly, if you are rolling a dice with a million sides, for every roll you have a 1 in a million chance of getting a specific number. You can calculate the expected # of rolls before you roll a specific number. The result won't be infinity. But if you roll the dice at a constant rate, then the expected # of rolls also gives you an expected amount of time. So there is no theoretical distinction between "expected number of rolls" and "expected time."

So we know (1) there is a finite amount of time you're expected to roll a 5 in, if you're rolling a million sided dice and doing one roll per second. After every unsuccessful roll that amount of time remains the same as it was before the last roll. (2) We know that in the dice example, your previous rolls don't make your future rolls more or less likely to be a 5. (3) This is exactly analogous to hashing.
lol, very late to the party. I tested it by myself, and it's always 10 minutes. I even increased time after last block to 795 seconds, and it's still, even a bit more than 10 min. I tried to test it with 1200 Sec, but now my server run out bandwidth ...

now I increased ellapsed time to 1500 seconds. Even after this the intervalls are on average longer than 10 minutes. This is quite funny. Now 2500 Seconds, and still average intervalls > 10 min. This is really funny.

What I don't understand ...

The question in case was:

Honest Miners have 66% of hashrate, expected time to find a block at any t is 15min.
Selfish Miner has 33% of hashrate, expected time to find a block at any t is 30 min.

If the selfish miner finds block x after ten minutes after t0, he expects to find the next block after 30 minutes. So to find block x and block (x+1) he'll need 40 minutes from t0.

At the same time (t0 + 10 min), the honest miners expects to find block x at t0+25min and block (x+1) at t0+40min.

So it's 50:50 that the selfish miner can publish his chain of two blocks. If he wins, he gets two blocks in a row with 33% hashrate, if he loses he gets none (and wasted 10min of work). So he basically has 1 block in 40 minutes, which means his expected time to find a block would be 40 minutes instead of 30 min.

Again, sorry for being two years late to this party.
Last edited:


Mar 28, 2019
@awemany @theZerg @sickpig @shilch @freetrader
having had some time to think about it, what is your take on the proposed explanation for the iteration of SHA256?
I commented on the double hash some time ago. It's a plausible explanation, but of course we don't know whether proving knowledge of the preimage without revealing it was Satoshi's intention.

@Christoph Bergmann
Again, sorry for being two years late to this party.
Looked into this pretty late as well. I don't know the history of that bet but it looks like it is a poorly worded one (the fact that it's written in present tense although time is a critical aspect here in one thing).
The question in the bet is: "What is the expected time at which an honest miner will find a competing block at height N?"
Who is expecting? Which time is it right now?
At t=-10 the honest miners would expect a block at t=0 on average.
At t=-10 the dishonest miner would expect a block from the honest miners at t=5 on average.
At t=0 the honest miners would expect a block at t=10 on average.
At t=0 the dishonest miner would expect a block at t=15 on average.
The expected time will always be 10 minutes on average from now for the honest miners, and it will be 15 minutes from now for the dishonest miner.
I would say that Rizun is more correct in this bet than Wright because the bet clearly states the selfish miner *does* (or better: will) find a block at t=0, so that makes one wonder why you would do a prediction if you set conditions for the future beforehand without knowing them (dunno how to phrase that). I fail to see what to conclude from the result of this bet.


Well-Known Member
Aug 26, 2015
more changes incoming:

Malfix is a proposed consensus change in Bitcoin Cash designed to address transaction malleability. It’s a fairly controversial proposal, in part because it would be the most invasive hardfork BCH has done to date, but also because people just don’t believe it’s needed. In this article I will present a new use case for Malfix that has not been considered before … giving BCH full Ethereum-style smart contracting capability.


Well-Known Member
Aug 26, 2015
i got this concept from pwuille and i keep using it; you seriously degrade fungibility/privacy by pigeon holing (labelling) your tx into a smaller subgroup of tx types:

Once that is done, then we can pick a guaranteed-unused version number for the new transaction format. This is required so that wallets can perform a context-free decode of a transaction.

but maybe they don't care as long as it brings home the bacon.


Well-Known Member
Sep 22, 2015
the substance of this assessment is that introducing a new txn version would create too much "headache for developers".

let's just say we have a different priority set.
Last edited:
  • Like
Reactions: kostialevin


Well-Known Member
Aug 26, 2015
aka "deadwood": Bitcoin Cash, Bitcoin Gold, Metaverse ETP, HyperCash and Gold Bits Coin are the biggest in a group of 123 coins, representing 13% of total crypto market capitalization in November 2017, that did not maintain Bitcoin market capitalization during the bubble in December 2017. As a group, they are down 77% since November 2017. Investors gave up on them long ago.

Finally, the most exciting place to look for new investment is coins introduced to the public after the peak. Bitcoin SV, Tezos, Ontology, MakerDAO and Chain are the five biggest, but there are 1,072 by my count.