(PDF) Bitcoin Message: Data Insertion on a Proof-of-Work ...
Package - nan
verilog - creating 16to4 bit priority encoder with 4to2 ...
Proposal: The Sia Foundation
A common sentiment is brewing online; a shared desire for the internet that might have been. After decades of corporate encroachment, you don't need to be a power user to realize that something has gone very wrong. In the early days of the internet, the future was bright. In that future, when you sent an instant message, it traveled directly to the recipient. When you needed to pay a friend, you announced a transfer of value to their public key. When an app was missing a feature you wanted, you opened up the source code and implemented it. When you took a picture on your phone, it was immediately encrypted and backed up to storage that you controlled. In that future, people would laugh at the idea of having to authenticate themselves to some corporation before doing these things. What did we get instead? Rather than a network of human-sized communities, we have a handful of enormous commons, each controlled by a faceless corporate entity. Hey user, want to send a message? You can, but we'll store a copy of it indefinitely, unencrypted, for our preference-learning algorithms to pore over; how else could we slap targeted ads on every piece of content you see? Want to pay a friend? You can—in our Monopoly money. Want a new feature? Submit a request to our Support Center and we'll totally maybe think about it. Want to backup a photo? You can—inside our walled garden, which only we (and the NSA, of course) can access. Just be careful what you share, because merely locking you out of your account and deleting all your data is far from the worst thing we could do. You rationalize this: "MEGACORP would never do such a thing; it would be bad for business." But we all know, at some level, that this state of affairs, this inversion of power, is not merely "unfortunate" or "suboptimal" – No. It is degrading. Even if MEGACORP were purely benevolent, it is degrading that we must ask its permission to talk to our friends; that we must rely on it to safeguard our treasured memories; that our digital lives are completely beholden to those who seek only to extract value from us. At the root of this issue is the centralization of data. MEGACORP can surveil you—because your emails and video chats flow through their servers. And MEGACORP can control you—because they hold your data hostage. But centralization is a solution to a technical problem: How can we make the user's data accessible from anywhere in the world, on any device? For a long time, no alternative solution to this problem was forthcoming. Today, thanks to a confluence of established techniques and recent innovations, we have solved the accessibility problem without resorting to centralization. Hashing, encryption, and erasure encoding got us most of the way, but one barrier remained: incentives. How do you incentivize an anonymous stranger to store your data? Earlier protocols like BitTorrent worked around this limitation by relying on altruism, tit-for-tat requirements, or "points" – in other words, nothing you could pay your electric bill with. Finally, in 2009, a solution appeared: Bitcoin. Not long after, Sia was born. Cryptography has unleashed the latent power of the internet by enabling interactions between mutually-distrustful parties. Sia harnesses this power to turn the cloud storage market into a proper marketplace, where buyers and sellers can transact directly, with no intermediaries, anywhere in the world. No more silos or walled gardens: your data is encrypted, so it can't be spied on, and it's stored on many servers, so no single entity can hold it hostage. Thanks to projects like Sia, the internet is being re-decentralized. Sia began its life as a startup, which means it has always been subjected to two competing forces: the ideals of its founders, and the profit motive inherent to all businesses. Its founders have taken great pains to never compromise on the former, but this often threatened the company's financial viability. With the establishment of the Sia Foundation, this tension is resolved. The Foundation, freed of the obligation to generate profit, is a pure embodiment of the ideals from which Sia originally sprung. The goals and responsibilities of the Foundation are numerous: to maintain core Sia protocols and consensus code; to support developers building on top of Sia and its protocols; to promote Sia and facilitate partnerships in other spheres and communities; to ensure that users can easily acquire and safely store siacoins; to develop network scalability solutions; to implement hardforks and lead the community through them; and much more. In a broader sense, its mission is to commoditize data storage, making it cheap, ubiquitous, and accessible to all, without compromising privacy or performance. Sia is a perfect example of how we can achieve better living through cryptography. We now begin a new chapter in Sia's history. May our stewardship lead it into a bright future.
Today, we are proposing the creation of the Sia Foundation: a new non-profit entity that builds and supports distributed cloud storage infrastructure, with a specific focus on the Sia storage platform. What follows is an informal overview of the Sia Foundation, covering two major topics: how the Foundation will be funded, and what its funds will be used for.
The Sia Foundation will be structured as a non-profit entity incorporated in the United States, likely a 501(c)(3) organization or similar. The actions of the Foundation will be constrained by its charter, which formalizes the specific obligations and overall mission outlined in this document. The charter will be updated on an annual basis to reflect the current goals of the Sia community. The organization will be operated by a board of directors, initially comprising Luke Champine as President and Eddie Wang as Chairman. Luke Champine will be leaving his position at Nebulous to work at the Foundation full-time, and will seek to divest his shares of Nebulous stock along with other potential conflicts of interest. Neither Luke nor Eddie personally own any siafunds or significant quantities of siacoin.
The primary source of funding for the Foundation will come from a new block subsidy. Following a hardfork, 30 KS per block will be allocated to the "Foundation Fund," continuing in perpetuity. The existing 30 KS per block miner reward is not affected. Additionally, one year's worth of block subsidies (approximately 1.57 GS) will be allocated to the Fund immediately upon activation of the hardfork. As detailed below, the Foundation will provably burn any coins that it cannot meaningfully spend. As such, the 30 KS subsidy should be viewed as a maximum. This allows the Foundation to grow alongside Sia without requiring additional hardforks. The Foundation will not be funded to any degree by the possession or sale of siafunds. Siafunds were originally introduced as a means of incentivizing growth, and we still believe in their effectiveness: a siafund holder wants to increase the amount of storage on Sia as much as possible. While the Foundation obviously wants Sia to succeed, its driving force should be its charter. Deriving significant revenue from siafunds would jeopardize the Foundation's impartiality and focus. Ultimately, we want the Foundation to act in the best interests of Sia, not in growing its own budget.
The Foundation inherits a great number of responsibilities from Nebulous. Each quarter, the Foundation will publish the progress it has made over the past quarter, and list the responsibilities it intends to prioritize over the coming quarter. This will be accompanied by a financial report, detailing each area of expenditure over the past quarter, and forecasting expenditures for the coming quarter. Below, we summarize some of the myriad responsibilities towards which the Foundation is expected to allocate its resources.
Maintain and enhance core Sia software
Arguably, this is the most important responsibility of the Foundation. At the heart of Sia is its consensus algorithm: regardless of other differences, all Sia software must agree upon the content and rules of the blockchain. It is therefore crucial that the algorithm be stewarded by an entity that is accountable to the community, transparent in its decision-making, and has no profit motive or other conflicts of interest. Accordingly, Sia’s consensus functionality will no longer be directly maintained by Nebulous. Instead, the Foundation will release and maintain an implementation of a "minimal Sia full node," comprising the Sia consensus algorithm and P2P networking code. The source code will be available in a public repository, and signed binaries will be published for each release. Other parties may use this code to provide alternative full node software. For example, Nebulous may extend the minimal full node with wallet, renter, and host functionality. The source code of any such implementation may be submitted to the Foundation for review. If the code passes review, the Foundation will provide "endorsement signatures" for the commit hash used and for binaries compiled internally by the Foundation. Specifically, these signatures assert that the Foundation believes the software contains no consensus-breaking changes or other modifications to imported Foundation code. Endorsement signatures and Foundation-compiled binaries may be displayed and distributed by the receiving party, along with an appropriate disclaimer. A minimal full node is not terribly useful on its own; the wallet, renter, host, and other extensions are what make Sia a proper developer platform. Currently, the only implementations of these extensions are maintained by Nebulous. The Foundation will contract Nebulous to ensure that these extensions continue to receive updates and enhancements. Later on, the Foundation intends to develop its own implementations of these extensions and others. As with the minimal node software, these extensions will be open source and available in public repositories for use by any Sia node software. With the consensus code now managed by the Foundation, the task of implementing and orchestrating hardforks becomes its responsibility as well. When the Foundation determines that a hardfork is necessary (whether through internal discussion or via community petition), a formal proposal will be drafted and submitted for public review, during which arguments for and against the proposal may be submitted to a public repository. During this time, the hardfork code will be implemented, either by Foundation employees or by external contributors working closely with the Foundation. Once the implementation is finished, final arguments will be heard. The Foundation board will then vote whether to accept or reject the proposal, and announce their decision along with appropriate justification. Assuming the proposal was accepted, the Foundation will announce the block height at which the hardfork will activate, and will subsequently release source code and signed binaries that incorporate the hardfork code. Regardless of the Foundation's decision, it is the community that ultimately determines whether a fork is accepted or rejected – nothing can change that. Foundation node software will never automatically update, so all forks must be explicitly adopted by users. Furthermore, the Foundation will provide replay and wipeout protection for its hard forks, protecting other chains from unintended or malicious reorgs. Similarly, the Foundation will ensure that any file contracts formed prior to a fork activation will continue to be honored on both chains until they expire. Finally, the Foundation also intends to pursue scalability solutions for the Sia blockchain. In particular, work has already begun on an implementation of Utreexo, which will greatly reduce the space requirements of fully-validating nodes (allowing a full node to be run on a smartphone) while increasing throughput and decreasing initial sync time. A hardfork implementing Utreexo will be submitted to the community as per the process detailed above. As this is the most important responsibility of the Foundation, it will receive a significant portion of the Foundation’s budget, primarily in the form of developer salaries and contracting agreements.
Support community services
We intend to allocate 25% of the Foundation Fund towards the community. This allocation will be held and disbursed in the form of siacoins, and will pay for grants, bounties, hackathons, and other community-driven endeavours. Any community-run service, such as a Skynet portal, explorer or web wallet, may apply to have its costs covered by the Foundation. Upon approval, the Foundation will reimburse expenses incurred by the service, subject to the exact terms agreed to. The intent of these grants is not to provide a source of income, but rather to make such services "break even" for their operators, so that members of the community can enrich the Sia ecosystem without worrying about the impact on their own finances.
Ensure easy acquisition and storage of siacoins
Most users will acquire their siacoins via an exchange. The Foundation will provide support to Sia-compatible exchanges, and pursue relevant integrations at its discretion, such as Coinbase's new Rosetta standard. The Foundation may also release DEX software that enables trading cryptocurrencies without the need for a third party. (The Foundation itself will never operate as a money transmitter.) Increasingly, users are storing their cryptocurrency on hardware wallets. The Foundation will maintain the existing Ledger Nano S integration, and pursue further integrations at its discretion. Of course, all hardware wallets must be paired with software running on a computer or smartphone, so the Foundation will also develop and/or maintain client-side wallet software, including both full-node wallets and "lite" wallets. Community-operated wallet services, i.e. web wallets, may be funded via grants. Like core software maintenance, this responsibility will be funded in the form of developer salaries and contracting agreements.
Protect the ecosystem
When it comes to cryptocurrency security, patching software vulnerabilities is table stakes; there are significant legal and social threats that we must be mindful of as well. As such, the Foundation will earmark a portion of its fund to defend the community from legal action. The Foundation will also safeguard the network from 51% attacks and other threats to network security by implementing softforks and/or hardforks where necessary. The Foundation also intends to assist in the development of a new FOSS software license, and to solicit legal memos on various Sia-related matters, such as hosting in the United States and the EU. In a broader sense, the establishment of the Foundation makes the ecosystem more robust by transferring core development to a more neutral entity. Thanks to its funding structure, the Foundation will be immune to various forms of pressure that for-profit companies are susceptible to.
Drive adoption of Sia
Although the overriding goal of the Foundation is to make Sia the best platform it can be, all that work will be in vain if no one uses the platform. There are a number of ways the Foundation can promote Sia and get it into the hands of potential users and developers. In-person conferences are understandably far less popular now, but the Foundation can sponsor and/or participate in virtual conferences. (In-person conferences may be held in the future, permitting circumstances.) Similarly, the Foundation will provide prizes for hackathons, which may be organized by community members, Nebulous, or the Foundation itself. Lastly, partnerships with other companies in the cryptocurrency space—or the cloud storage space—are a great way to increase awareness of Sia. To handle these responsibilities, one of the early priorities of the Foundation will be to hire a marketing director.
The Foundation Fund will be controlled by a multisig address. Each member of the Foundation's board will control one of the signing keys, with the signature threshold to be determined once the final composition of the board is known. (This threshold may also be increased or decreased if the number of board members changes.) Additionally, one timelocked signing key will be controlled by David Vorick. This key will act as a “dead man’s switch,” to be used in the event of an emergency that prevents Foundation board members from reaching the signature threshold. The timelock ensures that this key cannot be used unless the Foundation fails to sign a transaction for several months. On the 1st of each month, the Foundation will use its keys to transfer all siacoins in the Fund to two new addresses. The first address will be controlled by a high-security hot wallet, and will receive approximately one month's worth of Foundation expenditures. The second address, receiving the remaining siacoins, will be a modified version of the source address: specifically, it will increase the timelock on David Vorick's signing key by one month. Any other changes to the set of signing keys, such as the arrival or departure of board members, will be incorporated into this address as well. The Foundation Fund is allocated in SC, but many of the Foundation's expenditures must be paid in USD or other fiat currency. Accordingly, the Foundation will convert, at its discretion, a portion of its monthly withdrawals to fiat currency. We expect this conversion to be primarily facilitated by private "OTC" sales to accredited investors. The Foundation currently has no plans to speculate in cryptocurrency or other assets. Finally, it is important that the Foundation adds value to the Sia platform well in excess of the inflation introduced by the block subsidy. For this reason, the Foundation intends to provably burn, on a quarterly basis, any coins that it cannot allocate towards any justifiable expense. In other words, coins will be burned whenever doing so provides greater value to the platform than any other use. Furthermore, the Foundation will cap its SC treasury at 5% of the total supply, and will cap its USD treasury at 4 years’ worth of predicted expenses. Addendum: Hardfork Timeline We would like to see this proposal finalized and accepted by the community no later than September 30th. A new version of siad, implementing the hardfork, will be released no later than October 15th. The hardfork will activate at block 293220, which is expected to occur around 12pm EST on January 1st, 2021.
Addendum: Inflation specifics The total supply of siacoins as of January 1st, 2021 will be approximately 45.243 GS. The initial subsidy of 1.57 GS thus increases the supply by 3.47%, and the total annual inflation in 2021 will be at most 10.4% (if zero coins are burned). In 2022, total annual inflation will be at most 6.28%, and will steadily decrease in subsequent years.
We see the establishment of the Foundation as an important step in the maturation of the Sia project. It provides the ecosystem with a sustainable source of funding that can be exclusively directed towards achieving Sia's ambitious goals. Compared to other projects with far deeper pockets, Sia has always punched above its weight; once we're on equal footing, there's no telling what we'll be able to achieve. Nevertheless, we do not propose this change lightly, and have taken pains to ensure that the Foundation will act in accordance with the ideals that this community shares. It will operate transparently, keep inflation to a minimum, and respect the user's fundamental role in decentralized systems. We hope that everyone in the community will consider this proposal carefully, and look forward to a productive discussion.
Introduction Since the development of the first so-called “blockchain” database named“Bitcoin”, complex transaction behavior was a “Holy Grail” for people wondering how they could pay, bet, play, and even order pizza with such assets. The first complex transaction logic implementation was made available right in “Bitcoin” with a stack virtual machine providing a limited set of operations for the end-user to make some fun with it. Fine example is an Omni-layer built on top of the operations set, which end-user intention is to provide creation and usage of the custom user-defined assets. Such a system successfully fulfilled contemporary requirements for liquid asset transfer. Unfortunately, such an application logic usage rapidly overflowed the throughput available, so no mass adoption happened. Another attempt to provide the customizable complex transaction behavior was made with the creation of “Ethereum”, which provided an unnecessarily created from scratch programming language called“Solidity” for the creation of even more complex application logic, hoping it would not overflow the database throughput. Obviously this leads to another failure. Primal language and naive database architecture understanding did not survive the reality check - in 2017 the protocol was literally down with CryptoKitties hype. The scalability troubles got up again, so another popular solution was rapidly proposed. Its name was EOS. The solution was to split the computable transaction complex behavior and to process it with the set of cluster nodes, which were called “block producers”. This lead to the entrustment of an enormous responsibility to these “Block producers”.They were now not only about data storage providers, but also computation providers. Now, these guys not only store and process your data, but they even define the way your transaction behaves itself, define if they allow such a transaction to be written or not. Furthermore, such an “improvement” lead to the unacceptable database node hardware requirements, which made the support truly awful. Moreover, such a split was not enough for building production-ready applications - who would like to find out if the upvote transaction, which was even payed for, was at first queued and then rejected? Proposal CyberWay is a decentralized application platform that addresses and overcomes the shortages mentioned above. EOS-compatibility CyberWay is an upgraded fork of EOS. So, the backward compatibility is held. The code contains most of the tolerable EOS parts, but excludes the awful ones. So-called“Smart Contracts” API backward compatibility is held too, but the insides have changed. That means every EOS application could easily become theCyberWay-based one and vice versa. Enough of that. Next. Bandwidth EOS’s bandwidth distribution is closely related to the amount of asset the particular user owns. Furthermore, it requires for the user to hold the asset to be available for the usage at any time. That means the asset becomes a highly valuable, but also it becomes the non-available for the newcomers one. So no newcoming applications are welcomed to be built with EOS. Striving to eliminate these inconveniences Cyberway introduces some changes. The bandwitdh accounting is split to the couple of categories:
Priority-based bandwidth allows a user to get required computational facilities according to the amount of core-asset available.
Shared bandwidth supplies users with the unused computational power according to the particular user activity.
State Storage EOS’s state storage is extremely unreliable and does not ensures that data is saved and restored after restart correctly. Furthermore, EOS does not provide any convenient API, but supposes the data structure stored inside would be complex. CyberWay solves these troubles. CyberWay uses the external DBMS for the state storage, which means the particular developer favorite query language can be used and the external well-designed replication and clusterization mechanisms, done by real engineers and scientists, are also about to reduce the hardware costs and make life easier. Event Engine Because of the storage internals being factored out the separate service, the additional transaction content-based event engine implementation is required. It is now impossible to alert the CyberWayexecutable from the various database if something happened or not, just like it was in EOS. Monitoring-purposed event engine, implemented as apart of updateable application, takes back the ability to track changes coming with every transaction, even if the data storage is completely outside. Virtualization Just like EOS, CyberWay requires for the transaction behaviour to be updated easier, than updating the whole cluster software. That is why the WebAssembly engine is used for the virtualization purposes and withC++ as primary language for the application development. Separation Why don’t just patch EOS? Several troubles are about the data itself, and not the code:
EOS’s architecture made the memory quant an expensive one: according to the https://eosrp.io the cost of such a memory quant fluctuates from \$0.2 to \$0.5. That means any transaction-intensive application (e.g. some social applications) with even a quite small amount of active users (e.g. 2000-3000) would take at least 400MB per week, which would cost up to \$200,000.
EOS’s custom transaction behavior is stored inside the huge hash-table allocated over a shared memory and the access is provided with an interface, based on quite sophisticated executable logic, which also costs.
The obvious solution - to make a cache service and process the data all inside it - is also quite a task because:
The so-called “Constitution” of EOS defines the largest time interval available for the unused data to be stored with the same ownership as 3 years. This is quite unacceptable with some kind of applications (e.g. social ones) demanding data availability from the very beginning, but the changes are hard to make because lots of other application types are perfectly fine with this.
EOS is made to produce replication packages as fast as it can - about half of a second. Such a frequency is fine for marketing purposes, but it significantly reduces the complexity of custom transaction logic. This is also unacceptable.
Reduced amount of validators - only 21, and no significant increase is expected because of EOS protocol restrictions.
Censorship availability for validators implemented right in the protocol core.
Applications Applications are welcomed to use the following. Shared Bandwidth Shared bandwidth sets a limit for the user activity based on its’ staked asset amount, but no less than some basic threshold. This is required to prevent spam to database from the newcomers, and redistribute more computational resources to the successful application developers. Shared bandwidth is accounted separately for the network, RAM and CPU usage. Coming to accounting - this is done with particular application bandwidth balance, which shares the convenient part for the user performing the transaction. That is why this is called “Shared”bandwidth. The application is a multi-signature account, which requires at least one additional signature from the particular user, for its bandwidth to be used. This type of bandwidth allows CyberWay to provide applications with free on-boarding of users at early stages via CyberWay Acceleration Program. Later successful application could get CYBER tokens within Acceleration Program from special fund. Priority-Based Bandwidth Priority-based bandwidth is required for the user to surely write the transaction. It is formed with the amount of core asset staked by the particular user and guarantees the transaction gets written right at next replication time. The whole amount of staked core asset forms the bandwidth market. Each account gets a share from the whole bandwidth market according to the amount of core asset the account has staked. Considering the case some user-owned and staked the significant part of the whole bandwidth supply means the reduction of the resources available for other users. This is definitely not something requiring applications want. That is why CyberWay introduces the prioritization of the bandwidth. That means the bandwidth gets split to a couple of categories:
Guaranteed bandwidth, which works exactly as EOS’s one.
Priority bandwidth, which is defined according to the particular account priority.
How does account earn the priority? There are couple of ways:
Perform less transactions using the currently available guaranteed bandwidth. The priority lowers as more transactions gets put inside with a single user.
Stake more core asset. The guaranteed/prioritized bandwidth split ratio is set by the cluster validators.
Memory Rent Cluster RAM is something the applications require to work. In contrast to EOS, CyberWay supposes the RAM to be rented from so-called block producers, but not to be owned. The rules are the following:
Every block producer sets a price for 1Kb memory per month. The price begins from the median price value across all block producers.
Users place their orders for some particular memory amount rent per month.
The order is recognized as emplaced for a week, after that it gets evaluated in case the cluster-wide demanded memory is lower than the amount of proposed one.
In case the proposed amount of memory is lower than demanded, proposed memory gets auctioned.
In case the memory rent time is up, but there is still some user data stored inside, the archive operation is introduced. Block producers are in charge of initiating such an archivation and the restore is available for the user for the price median-valued among block producers. DBMS-based State Storage In spite of existing so-called “blockchain” databases, CyberWay does not intend to implement the database management software and uses the external DBMS as a state storage for more reliability. For now, only MongoDB is available, but in case of requirements, more are coming. Sucha configuration considered to be troublesome for managing, but more reliable in long term. Embedded state storage is also available in CyberWay. RocksDB is used for the in-memory and in-daemon storage management component that is faster thanMongoDB. Event Engine As the state storage engine is incapsulated and factored out of the controller daemon, the event engine is implemented as a helper application, synchronizing and managing the data in external storages. The input of such an application is a transaction set, each of which gets registered as “processed” and only after this the data are unpacked to state storage. Such an approach allows to make sure the routine data operations are processed as required and to split the data managing daemon to single responsibility micro-services. Domain Names Every created account is not identified with a key as other databases do, but it gets a unique 8 byte identifier encoded in base32. Also a human-readable 63 byte length unique names are available for the assignment for every user. In case of the amount of such names is greater than one, it gets charged and called a “Domain Name”. Every domain name can be auctioned from base protocol or created by owner of a lower-level domain name. Domain names are transferable and reassignable. Therefore, a need for conversion between a domain name and account identifier gets satisfied with a newly introduced sufficient mechanism much as need for domain transactions. Domain transactions are transactions which get applied to the data only related to the particular domain-name/application. Protocol Properties Protocol properties are also got changed comparing to EOS’s ones. Block Generation First of all, block generation time is increased for achieving more stable node replication. EOS’s 0.5 second block replication time is fine for most application in case of all the nodes are located in the same datacenter. But for truly distributed protocol, this requires to be increased due to increased network latency. CyberWay supposes the block replication time to be 3 seconds. Block Producers Block producers are the key members of a protocol. They keep the database safe and consistent and get rewarded for that. In spite of EOS’s 21 default block producers, in CyberWay the number of block producers is to be increased up to 101 in the future. This is required for more decentralization to be achieved. Consensus Algorithm CyberWay consensus algorithm is heavily inspired by Tezos’ and Cosmos’ one. So, active users are rewarded for voting and non-active users are punished for not voting. Every account is allowed to vote for several validators with staked tokens. Block producer’s weigh is determined as follows: w = m / sqrt(S), where m is a number of votes for any particular candidate, S is a total number of votes for any particular candidate (or number of stakes tokens as 1 vote is 1 token). A particular block producer receives a reward from the emission and redistributes a share of it among his supporters. In case of misbehavior, e.g. a block omission, the block producer as well as his supporters are fined. The staked tokens are burned. This novelty makes block producers more responsible, and voters more careful and thoughtful. The block producers get a share of emission. The share depends on the total amount of staked tokens. The more tokens are staked, the less inflation is. Thus, the CyberWay has in-built incentives for users to participate in governance via voting. Moreover, the passive users are diluted as they do not get any rewards from validators. What if some user considers another user to understand better, which block producer is the best service provider? This gets covered by CyberWay with a proxy mechanism which ensures that some user could delegate his own assets to another user called “Proxy”. The proxy user gets fees for its service. Censorship In contrast to EOS, CyberWay completely removes any inequality between the users. There are no privileged accounts, no so-called “Constitution”, no blacklists. Workers Workers are the mechanism first introduced in BitShares. These are users, who get their issuance share for making improvements for the protocol. The improvement can be registered and referenced by any user, particular improvement to resolve is selected via voting by validators. Conclusion CyberWay is a fork of EOS, specified to handle more complex applications with more decentralization available. Workers are considered to be the most powerful tool for decentralized protocol improvements. The scalability and performance CyberWay introduces is fine enough for running complex social applications or financial service applications or gaming applications. The absence of censorship and privileged accounts makes CyberWay more decentralized than EOS, while introduced technical features enable developers to build advanced applications on top of it.
Wallet: Wallet releases:https://github.com/ProjectHelixCoin/helix/releases/ Mining: Pool: -a quark -o stratum+tcp://minpool.net:6300 -u your_wallet_address -p c=HLIX (1% fee) (Recommended pool) -a quark -o stratum+tcp://minepool.online:4045 -u -p c=HLIX (0.5% fee) stratum+tcp://18.104.22.168:8143 (1% fee) ONLY USE THIS ONE AS BACKUP WHEN OTHERS ARE DOWN CPU miner:CPUminer-multi cpuminer-gw64-corei7 -a quark -o stratum+tcp://minpool.net:6300 -u your_wallet_address -p c=HLIX pause AMD miner:Sgminer -k quarkcoin -o stratum+tcp://minpool.net:6300 -u your_wallet_address -p c=HLIX pause NVIDIA miner:CCminer ccminer-x64 -a quark -o stratum+tcp://minpool.net:6300 -u your_wallet_address -p c=HLIX pause
Helix has numerous features. Remember that this list is not limited, and that we will always work hard to add new features:
Fast and secure transactions.
Strong privacy with options for both private and transparent transactions.
Rewards for participating in the Helix network. This includes Proof of Stake (PoS) as well as the possibility for masternode rewards.
Participating in governance and voting in important matters that concern the whole community.
Multi-OS wallets: Windows, MacOS, Linux, and many more to come.
Very easy access to all our features and wallets.
We will continue to work hard on making Helix grow, check out our roadmap for details.
We believe in empowering individuals by creating a strong community. We give freedom back to the people by using our strong Helix blockchain network and decentralized technology. This allows people to do business without the compromise of being subject to surveillance by centralized or legal institutions.
Proof of Stake
Bitcoin uses a cryptographic hashing algorithm to encode the transactions in the blockchain. Miners create these hashes by using a ‘Proof of Work’ (PoW) algorithm. The network hashrate is actually inflating as it requires a lot of power to create a new block in its blockchain. Unlike Bitcoins PoW mechanism, Helix blockchain uses a hybrid system. The first 90.200 blocks are PoW, and after this period we switch to a PoS mechanism. The rewards a user receives depends on the amount of stake the participant has in the Helix network. The more you participate in validating and processing Helix transactions and its blocks, the more rewards you receive. Therefore, it’s incentivized to invest in Helix as a valuable core product.
The value of Helix lies in its main vision: building a secure and scalable currency. Therefore, Helix implemented masternodes, which can be used to earn more Helix by passive income to increase your holdings with a great risk/reward ratio. A masternode costs 10.000 HLIX and gives a ROI of 60%. Masternodes are enhanced nodes that are always up and running, which provide additional functions and security to the Helix network. Masternodes provide an enhanced form of staking, increase the privacy and speed of transactions and enables participation in governance and voting within the Helix community. A Helix masternode processes Zerocoin (zHLIX) transactions which ensures topnotch privacy (more about this subject under ‘Privacy’).
Helix believes in true and strong privacy. Bitcoins transactions are traceable for anyone who’s interested to find out. A high degree of privacy doesn’t allow this potential loss of privacy. That’s why Helix implemented the Zerocoin protocol. For detailed information about Zerocoin, read their whitepaper. For this service, Helix coins have to convert into a zHLIX coin. This process, called ‘minting’, is provided by masternodes running on the Helix Blockchain. No traces are left behind during this process. RSA-2048 encryption makes sure no information about the users is shared whatsoever. To reverse this process, you can send your zHLIX coins to your own address back into regular HLIX coins.
The community started with a couple of early adopters who were unhappy about the way some projects were run by its developers. No innovation or vision whatsoever made us motivated to create something better. Since Helix did not have an ICO and only started with a functional pre-mine of 1%, it’s really thanks to the true core believers who put in their time and effort that made Helix a reality. We aim to provide 24/7 support, and we believe in a community who help each other out. Positivity and fun should be your top priority as a Helix community member. In accordance to this, we created the Helix masternode governance system to bring back the power to the people. By letting you decide on important matters, you’re in control of your investment.
More people are joining every day and we hope this growth won’t stop. Don’t feel afraid to join us and introduce yourself. We’re looking forward to meet you! With the upcoming years ahead of us, we believe that exciting things will happen. Helix is a premium privacy ¬centric cryptocurrency, with strong features resulting in a decentralized, effectively anonymous cryptocurrency, with immediate (private) transactions and an incentivized network to provide additional services and security to the blockchain network of Helix. We will continue to work hard on the project, and hope to see you join us.
From here... https://bitcointalk.org/index.php?topic=5006583.0 Questions. Chapter 1: Introduction 1. What are the main Bitcoin terms? 2. What is a Bitcoin address? 3. What is a Bitcoin transaction? 4. What is a Bitcoin block? 5. What is a Bitcoin blockchain? 6. What is a Bitcoin transaction ledger? 7. What is a Bitcoin system? What is a bitcoin (cryptocurrency)? How are they different? 8. What is a full Bitcoin stack? 9. What are two types of issues that digital money have to address? 10. What is a “double-spend” problem? 11. What is a distributed computing problem? What is the other name of this problem? 12. What is an election? 13. What is a consensus? 14. What is the name of the main algorithm that brings the bitcoin network to the consensus? 15. What are the different types of bitcoin clients? What is the difference between these clients? Which client offers the most flexibility? Which client offers the least flexibility? Which client is the most and least secure? 16. What is a bitcoin wallet? 17. What is a confirmed transaction and what is an unconfirmed transaction? Chapter 2: How Bitcoin works. 1. What is the best way to understand transactions in the Bitcoin network? 2. What is a transaction? What does it contain? What is the similarity of a transaction to a double entry ledger? What does input correspond to? What does output correspond to? 3. What are the typical transactions in the bitcoin network? Could you please name three of such transactions and give examples of each type of the transaction? 4. What is a QR and how it is used in the Bitcoin network? Are there different types of QRs? If so, what are the different types? Which type is more informational? What kind of information does it provide? 5. What is SPV? What does this procedure check and what type of clients of the Bitcoin network usually use this procedure? Chapter 3: The Bitcoin client. 1. How to download and install the Core Bitcoin client? 2. What is the best way to test the API available for the Core Bitcoin client without actually programming? What is the interface called? 3. What are the major areas of operations in the Bitcoin client? What can we do with the client? 4. What are the available operations for the Bitcoin addresses? 5. What are the available read operations for the Bitcoin transactions? How is a transaction encoded in the Bitcoin network? What is a raw transaction and what is a decoded transaction? 6. If I want to get information about a transaction that is not related to any address in my own wallet, do I need to change anything in the Bitcoin client configuration? If yes, which option do I need to modify? 7. What are the available read operation for the Bitcoin blocks? 8. What are the available operations for the creation of the transactions in the Bitcoin network? 9. How do you normally need to address the unspent output from the previous transaction in order to use it as an input for a new transaction? 10. What is the mandatory operation after creating a new transaction and before sending this new transaction to the network? What state does the wallet have to be in order to perform this operation? 11. Is the transaction ID immutable (TXID)? If not why, if yes, why and when? 12. What does signing a transaction mean? 13. What are the other options for Bitcoin clients? Are there any libraries that are written for some specific languages? What types of clients do these libraries implement? Chapter 4: Keys, Addresses and Wallets. 1. What is a PKC? When it was developed? What are the main mathematical foundations or functions that PKC is using? 2. What is ECC? Could you please provide the formula of the EC? What is the p and what is the Fp? What are the defined operations in ECC? What is a “point to infinity”? 3. What is a Bitcoin wallet? Does this wallet contain coins? If not, what does it contain then? 4. What is a BIP? What it is used for? 5. What is an encrypted private key? Why would we want to encrypt private keys? 6. What is a paper wallet? What kind of storage it is an example of? 7. What is a nondeterministic wallet? Is it a good wallet or a bad wallet? Could you justify? 8. What is a deterministic wallet? 9. What is an HD wallet? 10. How many keys are needed for one in and out transaction? What is a key pair? Which keys are in the key pair? 11. How many keys are stored in a wallet? 12. How does a public key gets created in Bitcoin? What is a “generator point”? 13. Could you please show on a picture how ECC multiplication is done? 14. How does a private key gets created in Bitcoin? What we should be aware of when creating a new private key? What is CSPRNG? What kind of input should this function be getting? 15. What is a WIF? What is WIF-Compressed? 16. What is Base58 encoding and what is Base58Check encoding? How it is different from Base64 encoding? Which characters are used in Base58? Why Base58Check was invented? What kind of problems does it solve? How is Base58Check encoding is created from Base58 encoding? 17. How can Bitcoin addresses be encoded? Which different encodings are used? Which key is used for the address creation? How is the address created? How this key is used and what is the used formula? 18. Can we visually distinguish between different keys in Base58Check format? If yes, how are they different from each other? What kind of prefixes are used? Could you please provide information about used prefixes for each type of the key? 19. What is an index in HD wallets? How many siblings can exist for a parent in an HD wallet? 20. What is the depth limitation for an HD wallet key hierarchy? 21. What are the main two advantages of an HD wallet comparing to the nondeterministic wallets? 22. What are the risks of non-hardened keys creation in an HD wallet? Could you please describe each of them? 23. What is a chain code in HD wallets? How many different chain code types there are? 24. What is the mnemonic code words? What are they used for? 25. What is a seed in an HD wallet? Is there any other name for it? 26. What is an extended key? How long is it and which parts does it consist of? 27. What is P2SH address? What function are P2SH addresses normally used for? Is that correct to call P2SH address a multi-sig address? Which BIP suggested using P2SH addresses? 28. What is a WIF-compressed private key? Is there such a thing as a compressed private key? Is there such a thing as a compressed public key? 29. What is a vanity address? 30. What is a vanity pool? 31. What is a P2PKH address? What is the prefix for the P2PKH address? 32. How does the owner prove that he is the real owner of some address? What does he have to represent to the network to prove the ownership? Why a perpetrator cannot copy this information and reuse it in the next transactions? 33. What is the rule for using funds that are secured by a cold storage wallet? How many times you can send to the address that is protected by the private key stored in a cold storage? How many times can you send funds from the address that is protected by the private key stored in a cold storage? Chapter 5: Transactions. 1. What is a transaction in Bitcoin? Why is it the most important operation in the Bitcoin ecosystem? 2. What is UTXO? What is one of the important rules of the UTXO? 3. Which language is used to write scripts in Bitcoin ecosystem? What are the features of this language? Which language does it look like? What are the limitations of this language? 4. What is the structure of a transaction? What does transaction consists of? 5. What are the standard transactions in Bitcoin? How many standard transactions there are (as of 2014)? 6. What is a “locking script” and what is an “unlocking script”? What is inside these scripts for a usual operation of P2PKH? What is a signature? Could you please describe in details how locking and unlocking scripts work and draw the necessary diagrams? 7. What is a transaction fee? What does the transaction fee depend on? 8. If you are manually creating transactions, what should you be very careful about? 9. Could you please provide a real life scenario when you might need a P2SH payment and operation? 10. What is the Script operation that is used to store in the blockchain some important data? Is it a good practice? Explain your answer. Chapter 6: The Bitcoin Network. 1. What is the network used in Bitcoin? What is it called? What is the abbreviation? What is the difference between this network architecture and the other network architectures? Could you please describe another network architecture and compare the Bitcoin network and the other network architectures? 2. What is a Bitcoin network? What is an extended Bitcoin network? What is the difference between those two networks? What are the other protocols used in the extended Bitcoin network? Why are these new protocols used? Can you give an example of one such protocol? What is it called? 3. What are the main functions of a bitcoin node? How many of them there are? Could you please name and describe each of them? Which functions are mandatory? 4. What is a full node in the Bitcoin network? What does it do and how does it differ from the other nodes? 5. What is a lightweight node in the Bitcoin network? What is another name of the lightweight node? How lightweight node checks transactions? 6. What are the main problems in the SPV process? What does SPV stand for? How does SPV work and what does it rely on? 7. What is a Sybil attack? 8. What is a transaction pool? Where are transaction pools stored in a Bitcoin network client? What are the two different transaction pools usually available in implementations? 9. What is the main Bitcoin client used in the network? What is the official name of the client and what is an unofficial name of this client? 10. What is UTXO pool? Do all clients keep this pool? Where is it stored? How does it differ from the transaction pools? 11. What is a Bloom filter? Why are Bloom filters used in the Bitcoin network? Were they originally used in the initial SW or were they introduced with a specific BIP? Chapter 7: The Blockchain. 1. What is a blockchain? 2. What is a block hash? Is it really a block hash or is it a hash of something else? 3. What is included in the block? What kind of information? 4. How many parents can one block have? 5. How many children can one block have? Is it a temporary or permanent state of the blockchain? What is the name of this state of the blockchain? 6. What is a Merkle tree? Why does Bitcoin network use Merkle trees? What is the advantage of using Merkle trees? What is the other name of the Merkle tree? What kind of form must this tree have? 7. How are blocks identified in the blockchain? What are the two commonly used identities? Are these identities stored in the blockchain? 8. What is the average size of one transaction? How many transactions are normally in one block? What is the size of a block header? 9. What kind of information do SPV nodes download? How much space do they save by that comparing to what they would need if they had to download the whole blockchain? 10. What is a usual representation of a blockchain? 11. What is a genesis block? Do clients download this block and if yes – where from? What is the number of the genesis block? 12. What is a Merkle root? What is a Merkle path? Chapter 8: Mining and Consensus. 1. What is the main purpose of mining? Is it to get the new coins for the miners? Alternatively, it is something else? Is mining the right or good term to describe the process? 2. What is PoW algorithm? 3. What are the two main incentives for miners to participate in the Bitcoin network? What is the current main incentive and will it be changed in the future? 4. Is the money supply in the Bitcoin network diminishing? If so, what is the diminishing rate? What was the original Bitcoin supply rate and how is it changed over time? Is the diminishing rate time related or rather block related? 5. What is the maximum number of Bitcoins available in the network after all the Bitcoins have been mined? When will all the Bitcoins be mined? 6. What is a decentralized consensus? What is a usual setup to clear transactions? What does a clearinghouse do? 7. What is deflationary money? Are they good or bad usually? What is the bad example of deflationary spiral? 8. What is an emergent consensus? What is the feature of emergent consensus? How does it differ from a usual consensus? What are the main processes out of which this emergent decentralized consensus becomes true? 9. Could you please describe the process of Independent Transaction Verification? What is the list of criteria that are checked against a newly received transaction? Where can these rules be checked? Can they be changed over time? If yes, why would they be changed? 10. Does mining node have to be a full node? If not, what are the other options for a node that is not full to be a mining node? 11. What is a candidate block? What types of nodes in the Bitcoin network create candidate blocks? What is a memory pool? Is there any other name of the memory pool? What are the transactions kept in this memory pool? 12. How are transactions added to the candidate block? How does a candidate block become a valid block? 13. What is the minimum value in the Bitcoin network? What is it called and what is the value? Are there any alternative names? 14. What is the age of the UTXO? 15. How is the priority of a transaction is calculated? What is the exact formula? What are the units of each contributing member? When is a transaction considered to be old? Can low priority transactions carry a zero fee? Will they be processed in this case? 16. How much size in each block is reserved for high priority transactions? How are transactions prioritized for the remaining space? 17. Do transactions expire in Bitcoin? Can transactions disappear in the Bitcoin network? If yes, could you please describe such scenario? 18. What is a generation transaction? Does it have another name? If it does, what is the other name of the transaction? What is the position of the generation transaction in the block? Does it have an input? Is the input usual UTXO? If not – what is the input called? How many outputs there are for the generation transaction? 19. What is the Coinbase data? What is it currently used for? 20. What is little-endian and big-endian formats? Could you please give an example of both? 21. How is the block header constructed? Which fields are calculated and added to the block header? Could you please describe the steps for calculation of the block header fields? 22. What is a mantissa-exponent encoding? How is this encoding used in the Bitcoin network? What is the difficulty target? What is the actual process of mining? What kind of mathematical calculation is executed to conduct mining? 23. Which hash function is used in the Bitcoin mining process? 24. Could you describe the PoW algorithm? What features of the hash function does it depend on? What is the other name of the hash function? What is a nonce? How can we increase the difficulty of the PoW calculation? What do we need to change and how do we need to change this parameter? 25. What is difficulty bits notation? Could you please describe in details how it works? What is the formula for the difficulty notation? 26. Why is difficulty adjustable? Who adjusts it and how exactly? Where is the adjustment made? On which node? How many blocks are taken into consideration to predict the next block issuance rate? What is the change limitation? Does the target difficulty depend on the number of transactions? 27. How is a new block propagated in the network? What kind of verification does each node do? What is the list of criteria for the new block? What kind of process ensures that the miners do not cheat? 28. How does a process of block assembly work? What are the sets of blocks each full node have? Could you please describe these sets of blocks? 29. What is a secondary chain? What does each node do to check this chain and perhaps to promote it to the primary chain? Could you please describe an example when a fork occurs and what happens? 30. How quickly forks are resolved most of the time? Within how many new block periods? 31. Why the next block is generated within 10 minutes from the previous? What is this compromise about? What do designers of the Bitcoin network thought about when implementing this rule? 32. What is a hashing race? How did Bitcoin hashing capacity has changed within years from inception? What kind of hardware devices were initially used and how did the HW utilization evolved? What kind of hardware is used now to do mining? How has the network difficulty improved? 33. What is the size of the field that stores nonce in the block header? What is the limitation and problem of the nonce? Why was an extra nonce created? Was there any intermediate solution? If yes, what was the solution? What are the limitations of the solution? 34. What is the exact solution for the extra nonce? Where does the new space come from? How much space is currently used and what is the range of the extra nonce now? 35. What is a mining pool? Why was it created? How are normally such pools operated? Do they pay regularly to the pool participants? Where are newly created Bitcoins distributed? To which address? How do mining pools make money? How do the mining pools calculate the participation? How are shares earned calculated? 36. What is a managed pool? How is the owner of the pool called? Do pool members need to run full nodes? Explain why or why not? 37. What are the most famous protocols used to coordinate pool activities? What is a block template? How is it used? 38. What is the limitation of a centralized pool? Is there any alternative? If yes, what is it? How is it called? How does it work? 39. What is a consensus attack? What is the main assumption of the Bitcoin network? What can be the targets of the consensus attacks? What can these attacks do and what they cannot do? How much overall capacity of the network do you have to control to exercise a consensus attack? Chapter 9: Alternative Chains, Currencies and Applications. 1. What is the name of alternative coins? Are they built on top of the Bitcoin network? What are examples of them? Is there any alternative approach? Could you please describe some alternatives? 2. Are there any alternatives to the PoW algorithm? If yes – what are the alternatives? Could you please name two or three? 3. What is the operation of the Script language that is used to store a metadata in Bitcoin blockchain? 4. What is a coloured coin? Could you please explain how it is created and how it works? Do you need any special SW to manage coloured coins? 5. What is the difference between alt coins and alt chains? What is a Litecoin? What are the major differences between the Bitcoin and Litecoin? Why so many alt coins have been created? What are they usually based on? 6. What is Scrypt? Where is it used and how is it different from the original algorithm from which it has been created? 7. What is a demurrage currency? Could you please give an example of one blockchain and crypto currency that is demurrage? 8. What is a good example of an alternative algorithm to PoW? What is it called and how is it different from the PoW? Why the alternatives to Bitcoin PoW have been created? What is the main reason for this? What is dual-purpose PoW algorithms? Why have they been created? 9. Is Bitcoin “anonymous” currency? Is it difficult to trace transactions and understand someone’s spending habits? 10. What is Ethereum? What kind of currency does it use? What is the difference from Bitcoin? Chapter 10: Bitcoin security. 1. What is the main approach of Bitcoin security? 2. What are two common mistakes made by newcomers to the world of Bitcoin? 3. What is a root of trust in traditional security settings? What is a root of trust in Bitcoin network? How should you assess security of your system? 4. What is a cold storage and paper wallet? 5. What is a hardware wallet? How is it better than storing private keys on your computer or your smart phone?
Jonas Schnelli on Aug 08 2016: Hi As already mentioned in the recent BIP151 thread (https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-June/012826.html), I propose the following authentication scheme to basically allow MITM detection and rejection in conjunction with BIP151. The proposed authentication BIP does require BIP151. The propose BIP does assume, node operators want to build trusted connections for various reasons. BIPs mediawiki github page available here: https://github.com/bitcoin/bips/compare/master...jonasschnelli:2016/07/auth_bip?expand=1 BIP: ??? Title: Peer Authentication Author: Jonas Schnelli Status: Draft Type: Standards Track Created: 2016-03-23 == Abstract == This BIP describes a way how peers can authenticate – without opening fingerprinting possibilities – to other peers to guarantee ownership and/or allowing to access additional or limited services. == Motivation == We assume peer operators want to limit the access of different services or increase datastream priorities to a selective subset of peers. Also we assume peers want to connect to specific peers to broadcast or filter transactions (or similar action that reveals sensitive informations) and therefore they want to authenticate the remote peer and make sure that they have not connected to a MITM. Benefits with peer authentication:
Peers could detect MITM attacks when connecting to known peers
Peers could allow resource hungry transaction filtering only to
Peers could allow access to sensitive information that can lead to
node fingerprinting (fee estimation)
Peers could allow custom message types (private extensions) to
authenticated peers A simple authentication scheme based on elliptic cryptography will allow peers to identify each other and selective allow access to restricted services or reject the connection if the identity could not be verified. == Specification == The authentication scheme proposed in this BIP uses ECDSA, ___secrets will never be transmitted___. ___Authentication initialization must only happen if encrypted channels have been established (according to BIP-151 ).___ The encryption-session-ID is available once channels are encrypted (according to BIP-151 ). The identity-public-keys used for the authentication must be pre-shared over a different channel (Mail/PGP, physical paper exchange, etc.). This BIP does not cover a "trust on first use" (TOFU) concept. The authentication state must be kept until the encryption/connection terminates. Only one authentication process is allowed per connection. Re-authenticate require re-establishing the connection. === Known-peers and authorized-peers database === Each peer that supports p2p authentication must provide two users editable "databases"
known-peers contains known identity-public-keys together with a
network identifier (IP & port), similar to the "known-host" file supported by openssh.
=== Local identity key management === Each peer can configure one identity-key (ECC, 32 bytes) per listening network interface (IPv4, IPv6, tor). The according identity-public-key can be shared over a different channel with other node-operators (or non-validating clients) to grant authorized access. === Authentication procedure === Authentication after this BIP will require both sides to authenticate. Signatures/public-keys will only be revealed if the remote peer could prove that they already know the remote identity-public-key.
-> Requesting peer sends AUTHCHALLENGE (hash)
<- Responding peer sends AUTHREPLY (signature)
-> Requesting peer sends AUTHPROPOSE (hash)
<- Responding peer sends AUTHCHALLENGE (hash)
-> Requesting peer sends AUTHREPLY (signature)
For privacy reasons, dropping the connection or aborting during the authentication process must not be possible. === AUTHCHALLENGE message === A peer can send an authentication challenge to see if the responding peer can produce a valid signature with the expected responding peers identity-public-key by sending an AUTHCHALLENGE-message to the remote peer. The responding peer needs to check if the hash matches the hash calculated with his own local identity-public-key. Fingerprinting the requesting peer is not possible. 32bytes challenge-hash `hash(encryption-session-ID || challenge_type || remote-peers-expected-identity-public-key)` challenge_type is a single character. i if the AUTHCHALLENGE-message is the first, requesting challenge or r if it's the second, remote peers challenge message. === AUTHREPLY message === A peer must reply an AUTHCHALLENGE-message with an AUTHREPLY-message. | 64bytes || signature || normalized comp.-signature || A signature of the encryption-session-ID done with the identity-key If the challenge-hash from the AUTHCHALLENGE-message did not match the local authentication public-key, the signature must contain 64bytes of zeros. The requesting peer can check the responding peers identity by checking the validity of the sent signature against with the pre-shared remote peers identity-public-key. If the signature was invalid, the requesting peer must still proceed with the authentication by sending an AUTHPROPOSE-message with 32 random bytes. === AUTHPROPOSE message === A peer can propose authentication of the channel by sending an AUTHPROPOSE-message to the remote peer. If the signature sent in AUTHREPLY was invalid, the peer must still send an AUTHPROPOSE-message containing 32 random bytes. The AUTHPROPOSE message must be answered with an AUTHCHALLENGE-message – even if the proposed requesting-peers identity-public-key has not been found in the authorized_peers database. In case of no match, the responding AUTHCHALLENGE-message must contains 32 bytes of zeros. | 32bytes || auth-propose-hash || hash || `hash(encryption-session-ID == Post-Authentication Re-Keying == After the second AUTHREPLY message (requesting peers signature -> responding peer), both clients must re-key the symmetric encryption according to BIP151 while using ___a slightly different re-key key derivation hash___. They both re-key with `hash(encryption-session-ID || old_symmetric_cipher_key || requesting-peer-identity-public-key || responding-peer-identity-public-key)` == Identity-Addresses == The peers should display/log the identity-public-key as an identity-address to the users, which is a base58-check encoded ripemd160(sha256) hash. The purpose of this is for better visual comparison (logs, accept-dialogs). The base58check identity byte is 0x0F followed by an identity-address version number (=0xFF01). An identity address would look like TfG4ScDgysrSpodWD4Re5UtXmcLbY5CiUHA and can be interpreted as a remote peers fingerprint. == Compatibility == This proposal is backward compatible. Non-supporting peers will ignore the new AUTH* messages. == Example of an auth interaction == Before authentication (once during peer setup or upgrade)
Requesting peer and responding peer create each an identity-keypair
(standard ECC priv/pubkey)
Requesting and responding peer share the identity-public-key over a
different channel (PGP mail, physical exchange, etc.)
Responding peer stores requesting peers identity-public-key in its
authorized-peers database (A)
Requesting peer stores responding peers identity-public-key in its
known-peers database together with its IP and port (B) Encryption
Encrypted channels must be established (according to BIP-151 )
Requesting peer sends an AUTHCHALLENGE message
[32 bytes, hash(encryption-session-ID || "i" ||
Responding peer does create the same hash `(encryption-session-ID ||
"i" || )` with its local identity-public-key
If the hash does not match, response with an AUTHREPLY message
containing 64bytes of zeros.
In case of a match, response with an AUTHREPLY message
[64 bytes normalized compact ECDSA signature (H)] (sig of the
encryption-session-ID done with the identity-key)
Requesting peer does verify the signature with the
If the signature is invalid, requesting peer answers with an
AUTHREPLY message containing 32 random bytes
In case of a valid signature, requesting peer sends an AUTHPROPOSE
[32 bytes, hash(encryption-session-ID || "p" ||
Responding peer iterates over authorized-peers database (A), hashes
the identical data and looks for a match.
If the hash does not match, responding peer answer with an
AUTHCHALLENGE message containing 32 bytes of zeros.
In case of a match, responding peer sends an AUTHCHALLENGE message
with the hashed client public-key AUTHCHALLENGE:
[32 bytes, hash(encryption-session-ID || "r" ||
Requesting peer sends an AUTHREPLY message containing 64 bytes of
zeros if server failed to authenticate
Otherwise, response with signature in the AUTHREPLY message
[64 bytes normalized compact ECDSA signature (H)] (sig of the
encryption-session-ID done with the identity-key)
Responding peer must verify the signature and can grant access to
Both peers re-key the encryption after BIP151 including the
Spoonnet: another experimental hardfork | Johnson Lau | Feb 06 2017
Johnson Lau on Feb 06 2017: Finally got some time over the Chinese New Year holiday to code and write this up. This is not the same as my previous forcenet ( https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-January/013472.html ). It is much simpler. Trying to activate it on testnet will get you banned. Trying to activate it on mainnet before consensus is reached will make you lose money. This proposal includes the following features:
A fixed starting time. Not dependent on miner signalling. However, it requires at least 51% of miners to actually build the new block format in order to get activated.
It has no mechanism to prevent a split. If 49% of miners insist on the original chain, they could keep going. Split prevention is a social problem, not a technical one.
It is compatible with existing Stratum mining protocol. Only pool software upgrade is needed
A new extended and flexible header is located at the witness field of the coinbase transaction
It is backward compatible with existing light wallets
Dedicated space for miners to put anything they want, which bitcoin users could completely ignore. Merge-mining friendly.
Small header space for miners to include non-consensus enforced bitcoin related data, useful for fee estimation etc.
A new transaction weight formula to encourage responsible use of UTXO
A linear growth of actual block size until certain limit
Sighash O(n2) protection for legacy (non-segwit) outputs
Optional anti-transaction replay
A new optional coinbase tx format that allows additional inputs, including spending of immature previous coinbase outputs
Specification [Rationales]: Activation:
A "hardfork signalling block" is a block with the sign bit of header nVersion is set [Clearly invalid for old nodes; easy opt-out for light wallets]
If the median-time-past of the past 11 blocks is smaller than the HardForkTime (exact time to be determined), a hardfork signalling block is invalid.
Child of a hardfork signalling block MUST also be a hardfork signalling block
Initial hardfork signalling is optional, even if the HardForkTime has past [requires at least 51% of miners to actually build the new block format]
HardForkTime is determined by a broad consensus of the Bitcoin community. This is the only way to prevent a split.
Main header refers to the original 80 bytes bitcoin block header
A hardfork signalling block MUST have a additional extended header
The extended header is placed at the witness field of the coinbase transaction [There are 2 major advantages: 1. coinbase witness is otherwise useless; 2. Significantly simply the implementation with its stack structure]
There must be exactly 3 witness items (Header1; Header2 ; Header3)
**Header1 must be exactly 32 bytes of the original transaction hash Merkle root. **Header2 is the secondary header. It must be 36-80 bytes. The first 4 bytes must be little-endian encoded number of transactions (minimum 1). The next 32 bytes must be the witness Merkle root (to be defined later). The rest, if any, has no consensus meaning. However, miners MUST NOT use this space of non-bitcoin purpose [the additional space allows non-censensus enforced data to be included, easily accessible to light wallets] **Header3 is the miner dedicated space. It must not be larger than 252 bytes. Anything put here has no consensus meaning [space for merge mining; non-full nodes could completely ignore data in this space; 252 is the maximum size allowed for signal byte CompactSize]
The main header commitment is H(Header1|H(H(Header2)|H(Header3))) H() = dSHA256() [The hardfork is transparent to light wallets, except one more 32-byte hash is needed to connect a transaction to the root]
To place the ext header, segwit becomes mandatory after hardfork
A “backdoor” softfork the relax the size limit of Header 2 and Header 3:
A special BIP9 softfork is defined with bit-15. If this softfork is activated, full nodes will not enforce the size limit for Header 2 and Header 3. [To allow header expansion without a hardfork. Avoid miner abuse while providing flexibility. Expansion might be needed for new commitments like fraud proof commitments]
Hardfork network version bit is 0x02000000. A tx is invalid if the highest nVersion byte is not zero, and the network version bit is not set.
Masked tx version is nVersion with the highest byte masked. If masked version is 3 or above, sighash for OP_CHECKSIG alike is calculated using BIP143, except 0x02000000 is added to the nHashType (the nHashType in signature is still a 1-byte value) [ensure a clean split of signatures; optionally fix the O(n2) problem]
Pre-hardfork policy change: nVersion is determined by the masked tx version for policy purpose. Setting of Pre-hardfork network version bit 0x01000000 is allowed.
Only txs with masked version below 3 are counted. [because they are fixed by the BIP-143 like signature]
Each SigHashSize is defined as 1 tx weight (defined later).
SIGHASH_SCALE_FACTOR is 90 (see the BIP above)
New tx weight definition:
Weight of a transaction is the maximum of the 4 following metrics:
** The total serialised size * 2 * SIGHASH_SCALE_FACTOR (size defined by the witness tx format in BIP144) ** The adjusted size = (Transaction weight by BIP141 - (number of inputs - number of non-OP_RETURN outputs) * 41) * SIGHASH_SCALE_FACTOR ** nSigOps * 50 * SIGHASH_SCALE_FACTOR. All SigOps are equal (no witness scaling). For non-segwit txs, the sigops in output scriptPubKey are not counted, while the sigops in input scriptPubKey are counted. ** SigHashSize defined in the last section Translating to new metric, the current BIP141 limit is 360,000,000. This is equivalent to 360MB of sighashing, 2MB of serialised size, 4MB of adjusted size, or 80000 nSigOp. See rationales in this post: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-January/013472.html Block weight growing by time:
Numbers for example only. Exact number to be determined.
Block weight at HardForkTime is (5,000,000 * SIGHASH_SCALE_FACTOR)
By every 16 seconds growth of the median-time-past, the weight is increased by (1 * SIGHASH_SCALE_FACTOR)
The growth stops at (16,000,000 * SIGHASH_SCALE_FACTOR)
The growth does not dependent on the actual hardfork time. It’s only based on median-time-past [using median-time-past so miners have no incentive to use a fake timestamp]
The limit for serialized size is 2.5 to 8MB in about 8 years. [again, numbers for example only]
New coinbase transaction format:
Existing coinbase format is allowed, except the new extended header in the coinbase witness. No OP_RETURN witness commitment is needed.
A new coinbase format is defined. The tx may have 1 or more inputs. The outpoint of the first input MUST have an n value of 0xffffffff, and use the previous block hash as the outpoint hash [This allows paying to the child of a particular block by signing the block hash]
ScriptSig of the first (coinbase) input is not executed. The size limit increased from 100 to 252 (same for old coinbase format)
Additional inputs MUST provide a valid scriptSig and/or witness for spending
Additional inputs may come from premature previous coinbase outputs [this allows previous blocks paying subsequent blocks to encourage confirmations]
Witness merkle root:
If the coinbase is in old format, the witness merkle root is same as BIP141 by setting the witness hash of the coinbase tx as 0 (without the 32 byte witness reserved value)
If the coinbase is in new format, the witness hash of the coinbase tx is calculated by first removing the extended header
The witness merkle root is put in the extended header 2, not as an OP_RETURN output in coinbase tx.
The witness merkle root becomes mandatory. (It was optional in BIP141)
Other consensus changes:
BIP9 will ignore the sign bit. [Setting the sign bit now is invalid so this has no real consensus impact]
An experimental implementation of the above spec could be found at https://github.com/jl2012/bitcoin/tree/spoonnet1 Not the same as my previous effort on the “forcenet”, the “spoonnet” is a full hardfork that will get you banned on the existing network. Haven’t got the time to test the codes yet, not independently reviewed. But it passes all existing tests in Bitcoin Core. No one should use this in production, but I think it works fine on testnet like a normal bitcoind (as long as it is not activated) Things not implemented yet:
Post-hardfork support for old light wallets
Wallet support, especially anti-tx-replay
New p2p message to transmit secondary header (lower priority)
Full mining and mempool support (not my priority)
Potential second stage change: Relative to the actual activation time, there could be a second stage with more drastic changes to fix one or both of the following problems:
SHA256 shortcut like ASICBoost. All fixes to ASICBoost are not very elegant. But the question is, is it acceptable to have bitcoin-specific patent in the consensus protocol? Still, I believe the best way to solve this problem is the patent holder(s) to kindly som...[message truncated here by reddit bot]...
Gregory Maxwell on Jan 10 2015: OpenSSL 1.0.0p / 1.0.1k was recently released and is being pushed out by various operating system maintainers. My review determined that this update is incompatible with the Bitcoin system and could lead to consensus forks. Bitcoin Core released binaries from Bitcoin.org are unaffected, as are any built with the gitian deterministic build system. If you are running third-party or self-compiled Bitcoin Core or an alternative implementation using OpenSSL you must not update OpenSSL or must run a Bitcoin software containing a workaround: https://github.com/bitcoin/bitcoin/commit/488ed32f2ada1d1dd108fc245d025c4d5f252783 (versions of this will be backported to other stable branches soon) The tests included with Bitcoin Core in the test_bitcoin utility already detect this condition and fail. (_Do not ignore or disable the tests in order to run or distribute software which fails_) The incompatibility is due to the OpenSSL update changing the behavior of ECDSA validation to reject any signature which is not encoded in a very rigid manner. This was a result of OpenSSL's change for CVE-2014-8275 "Certificate fingerprints can be modified". While for most applications it is generally acceptable to eagerly reject some signatures, Bitcoin is a consensus system where all participants must generally agree on the exact validity or invalidity of the input data. In a sense, consistency is more important than "correctness". As a result, an uncontrolled 'fix' can constitute a security vulnerability for the Bitcoin system. The Bitcoin Core developers have been aware of this class of risk for a long time and have taken measures to mitigate it generally; e.g., shipping static binaries, internalizing the Leveldb library... etc. It was somewhat surprising, however, to see this kind of change show up as a "low" priority fix in a security update and pushed out live onto large numbers of systems within hours. We were specifically aware of potential hard-forks due to signature encoding handling and had been hoping to close them via BIP62 in 0.10. BIP62's purpose is to improve transaction malleability handling and as a side effect rigidly defines the encoding for signatures, but the overall scope of BIP62 has made it take longer than we'd like to deploy. (Coincidentally, I wrote about this concern and our unique demands on cryptographic software as part of a comment on Reddit shortly before discovering that part of this OpenSSL update was actually incompatible with Bitcoin: https://www.reddit.com/Bitcoin/comments/2rrxq7/on_why_010s_release_notes_say_we_have_reason_to/cnitbz3 ) The patches above, however, only fix one symptom of the general problem: relying on software not designed or distributed for consensus use (in particular OpenSSL) for consensus-normative behavior. Therefore, as an incremental improvement, I propose a targeted soft-fork to enforce strict DER compliance soon, utilizing a subset of BIP62. Adding a blockchain rule for strict DER will reduce the risk of consensus inconsistencies from alternative implementations of signature parsing or signature verification, simplify BIP62, and better isolate the cryptographic validation code from the consensus algorithm. A failure to do so will likely leave us in this situation, or possibly worse, again in the future. The relevant incompatible transactions are already non-standard on the network since 0.8.0's release in February 2013, although there was seemingly a single miner still mining incompatible transactions. That miner has been contacted and has fixed their software, so a soft-fork with no chain forking should be possible. original: http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-January/007097.html
Facilitating Discussion of 0.9.0 FINAL of Bitcoin Core (aka Bitcoin QT)
To facilitate a detailed discussion of some of the finer points of this update, I added numbering to each bullet in release notes, and also posted it to RapGenius, where people can annotate it if they'd like. I'm not a programmer, but I'm curious to hear what programmers and other people smarter than me have to say about all the new changes. http://rapgenius.com/The-bitcoin-dev-team-bitcoin-090-final-lyrics EDIT1 : Doh! Reddit detroyed all the formatting and now i'm on baby duty so can't fix it. EDIT 2: Nap time! Just fixed the formatting :) ---- 0.9.0 RELEASE NOTES ---- Part 1. RPC: 1.1 - New notion of 'conflicted' transactions, reported as confirmations: -1 1.2 - 'listreceivedbyaddress' now provides tx ids 1.3 - Add raw transaction hex to 'gettransaction' output 1.4 - Updated help and tests for 'getreceivedby(account|address)' 1.5 - In 'getblock', accept 2nd 'verbose' parameter, similar to getrawtransaction, but defaulting to 1 for backward compatibility 1.6 - Add 'verifychain', to verify chain database at runtime 1.7 - Add 'dumpwallet' and 'importwallet' RPCs 1.8 - 'keypoolrefill' gains optional size parameter 1.9 - Add 'getbestblockhash', to return tip of best chain 1.10 - Add 'chainwork' (the total work done by all blocks since the genesis block) to 'getblock' output 1.11 - Make RPC password resistant to timing attacks 1.12 - Clarify help messages and add examples 1.13 - Add 'getrawchangeaddress' call for raw transaction change destinations 1.14 - Reject insanely high fees by default in 'sendrawtransaction' 1.15 - Add RPC call 'decodescript' to decode a hex-encoded transaction script 1.16 - Make 'validateaddress' provide redeemScript 1.17 - Add 'getnetworkhashps' to get the calculated network hashrate 1.18 - New RPC 'ping' command to request ping, new 'pingtime' and 'pingwait' fields in 'getpeerinfo' output 1.19 - Adding new 'addrlocal' field to 'getpeerinfo' output 1.20 - Add verbose boolean to 'getrawmempool' 1.21 - Add rpc command 'getunconfirmedbalance' to obtain total unconfirmed balance 1.22 - Explicitly ensure that wallet is unlocked in importprivkey 1.23 - Add check for valid keys in importprivkey Part 2. Command-line options: 2.1 - New option: -nospendzeroconfchange to never spend unconfirmed change outputs 2.2 - New option: -zapwallettxes to rebuild the wallet's transaction information 2.3 - Rename option '-tor' to '-onion' to better reflect what it does 2.4 - Add '-disablewallet' mode to let bitcoind run entirely without wallet (when built with wallet) 2.5 - Update default '-rpcsslciphers' to include TLSv1.2 2.6 - make '-logtimestamps' default on and rework help-message 2.7 - RPC client option: '-rpcwait', to wait for server start 2.8 - Remove '-logtodebugger' 2.9 - Allow -noserver with bitcoind Part 3. Block-chain handling and storage: 3.1 - Update leveldb to 1.15 3.2 - Check for correct genesis (prevent cases where a datadir from the wrong network is accidentally loaded) 3.3 - Allow txindex to be removed and add a reindex dialog 3.4 - Log aborted block database rebuilds 3.5 - Store orphan blocks in serialized form, to save memory 3.6 - Limit the number of orphan blocks in memory to 750 3.7 - Fix non-standard disconnected transactions causing mempool orphans 3.8 - Add a new checkpoint at block 279,000 Part 4. Wallet: 4.1 - Bug fixes and new regression tests to correctly compute the balance of wallets containing double-spent (or mutated) transactions 4.2 - Store key creation time. Calculate whole-wallet birthday 4.3 - Optimize rescan to skip blocks prior to birthday 4.4 - Let user select wallet file with -wallet=foo.dat 4.5 - Consider generated coins mature at 101 instead of 120 blocks 4.6 - Improve wallet load time 4.7 - Don't count txins for priority to encourage sweeping 4.8 - Don't create empty transactions when reading a corrupted wallet 4.9 - Fix rescan to start from beginning after importprivkey 4.10 - Only create signatures with low S values Part 5. Mining: 5.1 - Increase default -blockmaxsize/prioritysize to 750K/50K 5.2 - 'getblocktemplate' does not require a key to create a block template 5.3 - Mining code fee policy now matches relay fee policy Part 6. Protocol and network: 6.1 - Drop the fee required to relay a transaction to 0.01mBTC per kilobyte 6.2 - Send tx relay flag with version 6.3 - New 'reject' P2P message (BIP 0061, see https://gist.github.com/gavinandresen/7079034 for draft) 6.4 - Dump addresses every 15 minutes instead of 10 seconds 6.5 - Relay OP_RETURN data TxOut as standard transaction type 6.6 - Remove CENT-output free transaction rule when relaying 6.7 - Lower maximum size for free transaction creation 6.8 - Send multiple inv messages if mempool.size > MAX_INV_SZ 6.9 - Split MIN_PROTO_VERSION into INIT_PROTO_VERSION and MIN_PEER_PROTO_VERSION 6.10 - Do not treat fFromMe transaction differently when broadcasting 6.11 - Process received messages one at a time without sleeping between messages 6.12 - Improve logging of failed connections 6.13 - Bump protocol version to 70002 6.14 - Add some additional logging to give extra network insight 6.15 - Added new DNS seed from bitcoinstats.com Part 7. Validation: 7.1 - Log reason for non-standard transaction rejection 7.2 - Prune provably-unspendable outputs, and adapt consistency check for it 7.3 - Detect any sufficiently long fork and add a warning 7.4 - Call the -alertnotify script when we see a long or invalid fork 7.5 - Fix multi-block reorg transaction resurrection 7.6 - Reject non-canonically-encoded serialization sizes 7.7 - Reject dust amounts during validation 7.8 - Accept nLockTime transactions that finalize in the next block Part 8. Build system: 8.1 - Switch to autotools-based build system 8.2 - Build without wallet by passing --disable-wallet to configure, this removes the BerkeleyDB dependency 8.3 - Upgrade gitian dependencies (libpng, libz, libupnpc, boost, openssl) to more recent versions 8.4 - Windows 64-bit build support 8.5 - Solaris compatibility fixes 8.6 - Check integrity of gitian input source tarballs 8.7 - Enable full GCC Stack-smashing protection for all OSes Part 9. GUI: 9.1 - Switch to Qt 5.2.0 for Windows build 9.2 - Add payment request (BIP 0070) support 9.3 - Improve options dialog 9.4 - Show transaction fee in new send confirmation dialog 9.5 - Add total balance in overview page 9.6 - Allow user to choose data directory on first start, when data directory ismissing, or when the -choosedatadir option is passed 9.7 - Save and restore window positions 9.8 - Add vout index to transaction id in transactions details dialog 9.9 - Add network traffic graph in debug window 9.10 - Add open URI dialog 9.11 - Add Coin Control Features 9.12 - Improve receive coins workflow: make the 'Receive' tab into a form to request payments, and move historical address list functionality to File menu 9.13 - Rebrand to Bitcoin Core 9.14 - Move initialization/shutdown to a thread. This prevents "Not responding" messages during startup. Also show a window during shutdown 9.15 - Don't regenerate autostart link on every client startup 9.16 - Show and store message of normal bitcoin:URI 9.17 - Fix richtext detection hang issue on very old Qt versions 9.18 - OS X: Make use of the 10.8+ user notification center to display Growl-like notifications 9.19 - OS X: Added NSHighResolutionCapable flag to Info.plist for better font rendering on Retina displays 9.20 - OS X: Fix bitcoin-qt startup crash when clicking dock icon 9.21 - Linux: Fix Gnome bitcoin: URI handler Part 10. Miscellaneous: 10.1 - Add Linux script (contrib/qos/tc.sh) to limit outgoing bandwidth 10.2 - Add '-regtest' mode, similar to testnet but private with instant block generation with 'setgenerate' RPC 10.3 - Add 'linearize.py' script to contrib, for creating bootstrap.dat 10.4 - Add separate bitcoin-cli client
Bitcoin Core 0.10.0 released | Wladimir | Feb 16 2015
Wladimir on Feb 16 2015: Bitcoin Core version 0.10.0 is now available from: https://bitcoin.org/bin/0.10.0/ This is a new major version release, bringing both new features and bug fixes. Please report bugs using the issue tracker at github: https://github.com/bitcoin/bitcoin/issues The whole distribution is also available as torrent: https://bitcoin.org/bin/0.10.0/bitcoin-0.10.0.torrent magnet:?xt=urn:btih:170c61fe09dafecfbb97cb4dccd32173383f4e68&dn;=0.10.0&tr;=udp%3A%2F%2Ftracker.openbittorrent.com%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.publicbt.com%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.ccc.de%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr;=udp%3A%2F%2Fopen.demonii.com%3A1337&ws;=https%3A%2F%2Fbitcoin.org%2Fbin%2F Upgrading and downgrading How to Upgrade If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or bitcoind/bitcoin-qt (on Linux). Downgrading warning Because release 0.10.0 makes use of headers-first synchronization and parallel block download (see further), the block files and databases are not backwards-compatible with older versions of Bitcoin Core or other software:
Blocks will be stored on disk out of order (in the order they are
received, really), which makes it incompatible with some tools or other programs. Reindexing using earlier versions will also not work anymore as a result of this.
The block index database will now hold headers for which no block is
stored on disk, which earlier versions won't support. If you want to be able to downgrade smoothly, make a backup of your entire data directory. Without this your node will need start syncing (or importing from bootstrap.dat) anew afterwards. It is possible that the data from a completely synchronised 0.10 node may be usable in older versions as-is, but this is not supported and may break as soon as the older version attempts to reindex. This does not affect wallet forward or backward compatibility. Notable changes Faster synchronization Bitcoin Core now uses 'headers-first synchronization'. This means that we first ask peers for block headers (a total of 27 megabytes, as of December 2014) and validate those. In a second stage, when the headers have been discovered, we download the blocks. However, as we already know about the whole chain in advance, the blocks can be downloaded in parallel from all available peers. In practice, this means a much faster and more robust synchronization. On recent hardware with a decent network link, it can be as little as 3 hours for an initial full synchronization. You may notice a slower progress in the very first few minutes, when headers are still being fetched and verified, but it should gain speed afterwards. A few RPCs were added/updated as a result of this:
getblockchaininfo now returns the number of validated headers in addition to
the number of validated blocks.
getpeerinfo lists both the number of blocks and headers we know we have in
common with each peer. While synchronizing, the heights of the blocks that we have requested from peers (but haven't received yet) are also listed as 'inflight'.
A new RPC getchaintips lists all known branches of the block chain,
including those we only have headers for. Transaction fee changes This release automatically estimates how high a transaction fee (or how high a priority) transactions require to be confirmed quickly. The default settings will create transactions that confirm quickly; see the new 'txconfirmtarget' setting to control the tradeoff between fees and confirmation times. Fees are added by default unless the 'sendfreetransactions' setting is enabled. Prior releases used hard-coded fees (and priorities), and would sometimes create transactions that took a very long time to confirm. Statistics used to estimate fees and priorities are saved in the data directory in the fee_estimates.dat file just before program shutdown, and are read in at startup. New command line options for transaction fee changes:
-txconfirmtarget=n : create transactions that have enough fees (or priority)
so they are likely to begin confirmation within n blocks (default: 1). This setting is over-ridden by the -paytxfee option.
-sendfreetransactions : Send transactions as zero-fee transactions if possible
(default: 0) New RPC commands for fee estimation:
estimatefee nblocks : Returns approximate fee-per-1,000-bytes needed for
a transaction to begin confirmation within nblocks. Returns -1 if not enough transactions have been observed to compute a good estimate.
estimatepriority nblocks : Returns approximate priority needed for
a zero-fee transaction to begin confirmation within nblocks. Returns -1 if not enough free transactions have been observed to compute a good estimate. RPC access control changes Subnet matching for the purpose of access control is now done by matching the binary network address, instead of with string wildcard matching. For the user this means that -rpcallowip takes a subnet specification, which can be
a single IP address (e.g. 22.214.171.124 or fe80::0012:3456:789a:bcde)
a network/CIDR (e.g. 126.96.36.199/24 or fe80::0000/64)
a network/netmask (e.g. 188.8.131.52/255.255.255.0 or fe80::0012:3456:789a:bcde/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff)
An arbitrary number of -rpcallow arguments can be given. An incoming connection will be accepted if its origin address matches one of them. For example: | 0.9.x and before | 0.10.x | |--------------------------------------------|---------------------------------------| | -rpcallowip=192.168.1.1 | -rpcallowip=192.168.1.1 (unchanged) | | -rpcallowip=192.168.1.* | -rpcallowip=192.168.1.0/24 | | -rpcallowip=192.168.* | -rpcallowip=192.168.0.0/16 | | -rpcallowip=* (dangerous!) | -rpcallowip=::/0 (still dangerous!) | Using wildcards will result in the rule being rejected with the following error in debug.log:
Error: Invalid -rpcallowip subnet specification: *. Valid are a single IP (e.g. 184.108.40.206), a network/netmask (e.g. 220.127.116.11/255.255.255.0) or a network/CIDR (e.g. 18.104.22.168/24).
REST interface A new HTTP API is exposed when running with the -rest flag, which allows unauthenticated access to public node data. It is served on the same port as RPC, but does not need a password, and uses plain HTTP instead of JSON-RPC. Assuming a local RPC server running on port 8332, it is possible to request:
In every case, EXT can be bin (for raw binary data), hex (for hex-encoded binary) or json. For more details, see the doc/REST-interface.md document in the repository. RPC Server "Warm-Up" Mode The RPC server is started earlier now, before most of the expensive intialisations like loading the block index. It is available now almost immediately after starting the process. However, until all initialisations are done, it always returns an immediate error with code -28 to all calls. This new behaviour can be useful for clients to know that a server is already started and will be available soon (for instance, so that they do not have to start it themselves). Improved signing security For 0.10 the security of signing against unusual attacks has been improved by making the signatures constant time and deterministic. This change is a result of switching signing to use libsecp256k1 instead of OpenSSL. Libsecp256k1 is a cryptographic library optimized for the curve Bitcoin uses which was created by Bitcoin Core developer Pieter Wuille. There exist attacks against most ECC implementations where an attacker on shared virtual machine hardware could extract a private key if they could cause a target to sign using the same key hundreds of times. While using shared hosts and reusing keys are inadvisable for other reasons, it's a better practice to avoid the exposure. OpenSSL has code in their source repository for derandomization and reduction in timing leaks that we've eagerly wanted to use for a long time, but this functionality has still not made its way into a released version of OpenSSL. Libsecp256k1 achieves significantly stronger protection: As far as we're aware this is the only deployed implementation of constant time signing for the curve Bitcoin uses and we have reason to believe that libsecp256k1 is better tested and more thoroughly reviewed than the implementation in OpenSSL.  https://eprint.iacr.org/2014/161.pdf Watch-only wallet support The wallet can now track transactions to and from wallets for which you know all addresses (or scripts), even without the private keys. This can be used to track payments without needing the private keys online on a possibly vulnerable system. In addition, it can help for (manual) construction of multisig transactions where you are only one of the signers. One new RPC, importaddress, is added which functions similarly to importprivkey, but instead takes an address or script (in hexadecimal) as argument. After using it, outputs credited to this address or script are considered to be received, and transactions consuming these outputs will be considered to be sent. The following RPCs have optional support for watch-only: getbalance, listreceivedbyaddress, listreceivedbyaccount, listtransactions, listaccounts, listsinceblock, gettransaction. See the RPC documentation for those methods for more information. Compared to using getrawtransaction, this mechanism does not require -txindex, scales better, integrates better with the wallet, and is compatible with future block chain pruning functionality. It does mean that all relevant addresses need to added to the wallet before the payment, though. Consensus library Starting from 0.10.0, the Bitcoin Core distribution includes a consensus library. The purpose of this library is to make the verification functionality that is critical to Bitcoin's consensus available to other applications, e.g. to language bindings such as [python-bitcoinlib](https://pypi.python.org/pypi/python-bitcoinlib) or alternative node implementations. This library is called libbitcoinconsensus.so (or, .dll for Windows). Its interface is defined in the C header [bitcoinconsensus.h](https://github.com/bitcoin/bitcoin/blob/0.10/src/script/bitcoinconsensus.h). In its initial version the API includes two functions:
bitcoinconsensus_verify_script verifies a script. It returns whether the indicated input of the provided serialized transaction
correctly spends the passed scriptPubKey under additional constraints indicated by flags
bitcoinconsensus_version returns the API version, currently at an experimental 0
The functionality is planned to be extended to e.g. UTXO management in upcoming releases, but the interface for existing methods should remain stable. Standard script rules relaxed for P2SH addresses The IsStandard() rules have been almost completely removed for P2SH redemption scripts, allowing applications to make use of any valid script type, such as "n-of-m OR y", hash-locked oracle addresses, etc. While the Bitcoin protocol has always supported these types of script, actually using them on mainnet has been previously inconvenient as standard Bitcoin Core nodes wouldn't relay them to miners, nor would most miners include them in blocks they mined. bitcoin-tx It has been observed that many of the RPC functions offered by bitcoind are "pure functions", and operate independently of the bitcoind wallet. This included many of the RPC "raw transaction" API functions, such as createrawtransaction. bitcoin-tx is a newly introduced command line utility designed to enable easy manipulation of bitcoin transactions. A summary of its operation may be obtained via "bitcoin-tx --help" Transactions may be created or signed in a manner similar to the RPC raw tx API. Transactions may be updated, deleting inputs or outputs, or appending new inputs and outputs. Custom scripts may be easily composed using a simple text notation, borrowed from the bitcoin test suite. This tool may be used for experimenting with new transaction types, signing multi-party transactions, and many other uses. Long term, the goal is to deprecate and remove "pure function" RPC API calls, as those do not require a server round-trip to execute. Other utilities "bitcoin-key" and "bitcoin-script" have been proposed, making key and script operations easily accessible via command line. Mining and relay policy enhancements Bitcoin Core's block templates are now for version 3 blocks only, and any mining software relying on its getblocktemplate must be updated in parallel to use libblkmaker either version 0.4.2 or any version from 0.5.1 onward. If you are solo mining, this will affect you the moment you upgrade Bitcoin Core, which must be done prior to BIP66 achieving its 951/1001 status. If you are mining with the stratum mining protocol: this does not affect you. If you are mining with the getblocktemplate protocol to a pool: this will affect you at the pool operator's discretion, which must be no later than BIP66 achieving its 951/1001 status. The prioritisetransaction RPC method has been added to enable miners to manipulate the priority of transactions on an individual basis. Bitcoin Core now supports BIP 22 long polling, so mining software can be notified immediately of new templates rather than having to poll periodically. Support for BIP 23 block proposals is now available in Bitcoin Core's getblocktemplate method. This enables miners to check the basic validity of their next block before expending work on it, reducing risks of accidental hardforks or mining invalid blocks. Two new options to control mining policy:
-datacarrier=0/1 : Relay and mine "data carrier" (OP_RETURN) transactions
if this is 1.
-datacarriersize=n : Maximum size, in bytes, we consider acceptable for
"data carrier" outputs. The relay policy has changed to more properly implement the desired behavior of not relaying free (or very low fee) transactions unless they have a priority above the AllowFreeThreshold(), in which case they are relayed subject to the rate limiter. BIP 66: strict DER encoding for signatures Bitcoin Core 0.10 implements BIP 66, which introduces block version 3, and a new consensus rule, which prohibits non-DER signatures. Such transactions have been non-standard since Bitcoin v0.8.0 (released in February 2013), but were technically still permitted inside blocks. This change breaks the dependency on OpenSSL's signature parsing, and is required if implementations would want to remove all of OpenSSL from the consensus code. The same miner-voting mechanism as in BIP 34 is used: when 751 out of a sequence of 1001 blocks have version number 3 or higher, the new consensus rule becomes active for those blocks. When 951 out of a sequence of 1001 blocks have version number 3 or higher, it becomes mandatory for all blocks. Backward compatibility with current mining software is NOT provided, thus miners should read the first paragraph of "Mining and relay policy enhancements" above. 0.10.0 Change log Detailed release notes follow. This overview includes changes that affect external behavior, not code moves, refactors or string updates. RPC:
f923c07 Support IPv6 lookup in bitcoin-cli even when IPv6 only bound on localhost
b641c9c Fix addnode "onetry": Connect with OpenNetworkConnection
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), uninstall all earlier versions of Bitcoin, then run the installer (on Windows) or just copy over /Applications/Bitcoin-Qt (on Mac) or bitcoind/bitcoin-qt (on Linux). If you are upgrading from version 0.7.2 or earlier, the first time you run 0.9.0 your blockchain files will be re-indexed, which will take anywhere from 30 minutes to several hours, depending on the speed of your machine. On Windows, do not forget to uninstall all earlier versions of the Bitcoin client first, especially if you are switching to the 64-bit version.
Windows 64-bit installer
New in 0.9.0 is the Windows 64-bit version of the client. There have been frequent reports of users running out of virtual memory on 32-bit systems during the initial sync. Because of this it is recommended to install the 64-bit version if your system supports it. NOTE: Release candidate 2 Windows binaries are not code-signed; use PGP and the SHA256SUMS.asc file to make sure your binaries are correct. In the final 0.9.0 release, Windows setup.exe binaries will be code-signed.
The 'chainstate' for this release is not always compatible with previous releases, so if you run 0.9 and then decide to switch back to a 0.8.x release you might get a blockchain validation error when starting the old release (due to 'pruned outputs' being omitted from the index of unspent transaction outputs). Running the old release with the -reindex option will rebuild the chainstate data structures and correct the problem. Also, the first time you run a 0.8.x release on a 0.9 wallet it will rescan the blockchain for missing spent coins, which will take a long time (tens of minutes on a typical machine).
Rebranding to Bitcoin Core
To reduce confusion between Bitcoin-the-network and Bitcoin-the-software we have renamed the reference client to Bitcoin Core.
Autotools build system
For 0.9.0 we switched to an autotools-based build system instead of individual (q)makefiles. Using the standard "./autogen.sh; ./configure; make" to build Bitcoin-Qt and bitcoind makes it easier for experienced open source developers to contribute to the project. Be sure to check doc/build-*.md for your platform before building from source.
Another change in the 0.9 release is moving away from the bitcoind executable functioning both as a server and as a RPC client. The RPC client functionality ("tell the running bitcoin daemon to do THIS") was split into a separate executable, 'bitcoin-cli'. The RPC client code will eventually be removed from bitcoind, but will be kept for backwards compatibility for a release or two.
The behavior of the walletpassphrase RPC when the wallet is already unlocked has changed between 0.8 and 0.9. The 0.8 behavior of walletpassphrase is to fail when the wallet is already unlocked:
> walletpassphrase 1000 walletunlocktime = now + 1000 > walletpassphrase 10 Error: Wallet is already unlocked (old unlock time stays)
The new behavior of walletpassphrase is to set a new unlock time overriding the old one:
> walletpassphrase 1000 walletunlocktime = now + 1000 > walletpassphrase 10 walletunlocktime = now + 10 (overriding the old unlock time)
Transaction malleability-related fixes
This release contains a few fixes for transaction ID (TXID) malleability issues:
-nospendzeroconfchange command-line option, to avoid spending zero-confirmation change
IsStandard() transaction rules tightened to prevent relaying and mining of mutated transactions
Additional information in listtransactions/gettransaction output to report wallet transactions that conflict with each other because they spend the same outputs.
Bug fixes to the getbalance/listaccounts RPC commands, which would report incorrect balances for double-spent (or mutated) transactions.
New option: -zapwallettxes to rebuild the wallet's transaction information
This release drops the default fee required to relay transactions across the network and for miners to consider the transaction in their blocks to 0.01mBTC per kilobyte. Note that getting a transaction relayed across the network does NOT guarantee that the transaction will be accepted by a miner; by default, miners fill their blocks with 50 kilobytes of high-priority transactions, and then with 700 kilobytes of the highest-fee-per-kilobyte transactions. The minimum relay/mining fee-per-kilobyte may be changed with the minrelaytxfee option. Note that previous releases incorrectly used the mintxfee setting to determine which low-priority transactions should be considered for inclusion in blocks. The wallet code still uses a default fee for low-priority transactions of 0.1mBTC per kilobyte. During periods of heavy transaction volume, even this fee may not be enough to get transactions confirmed quickly; the mintxfee option may be used to override the default.
0.9.0 Release notes
New notion of 'conflicted' transactions, reported as confirmations: -1
'listreceivedbyaddress' now provides tx ids
Add raw transaction hex to 'gettransaction' output
Updated help and tests for 'getreceivedby(account|address)'
In 'getblock', accept 2nd 'verbose' parameter, similar to getrawtransaction, but defaulting to 1 for backward compatibility
Add 'verifychain', to verify chain database at runtime
Add 'dumpwallet' and 'importwallet' RPCs
'keypoolrefill' gains optional size parameter
Add 'getbestblockhash', to return tip of best chain
Add 'chainwork' (the total work done by all blocks since the genesis block) to 'getblock' output
Make RPC password resistant to timing attacks
Clarify help messages and add examples
Add 'getrawchangeaddress' call for raw transaction change destinations
Reject insanely high fees by default in 'sendrawtransaction'
Add RPC call 'decodescript' to decode a hex-encoded transaction script
Make 'validateaddress' provide redeemScript
Add 'getnetworkhashps' to get the calculated network hashrate
New RPC 'ping' command to request ping, new 'pingtime' and 'pingwait' fields in 'getpeerinfo' output
Adding new 'addrlocal' field to 'getpeerinfo' output
Add verbose boolean to 'getrawmempool'
Add rpc command 'getunconfirmedbalance' to obtain total unconfirmed balance
Explicitly ensure that wallet is unlocked in importprivkey
Add check for valid keys in importprivkey
New option: -nospendzeroconfchange to never spend unconfirmed change outputs
New option: -zapwallettxes to rebuild the wallet's transaction information
Rename option '-tor' to '-onion' to better reflect what it does
Add '-disablewallet' mode to let bitcoind run entirely without wallet (when built with wallet)
Update default '-rpcsslciphers' to include TLSv1.2
make '-logtimestamps' default on and rework help-message
RPC client option: '-rpcwait', to wait for server start
Allow -noserver with bitcoind
Block-chain handling and storage:
Update leveldb to 1.15
Check for correct genesis (prevent cases where a datadir from the wrong network is accidentally loaded)
Allow txindex to be removed and add a reindex dialog
Log aborted block database rebuilds
Store orphan blocks in serialized form, to save memory
Limit the number of orphan blocks in memory to 750
design a 8 to 3, valid output - priority encoder with AND,OR,NOT Gates. 0. How to set priority in priority encoder? 0 <Verilog, FPGA> Priority encoder and normal encoder . 1. Confused why outputs of a priority encoder could be X instead of 0 or 1. Hot Network Questions Is there an alternative word to be used in place of Humanoid? Why do the contents of the Space Shuttle External Tank not match ... 0/2 + 0/4 + 1/8; 1 121 12321 triangle in python; 1 bitcoin; 1 day ago python datetime; 1 line if statement python ; 10 Python Pandas tips to make data analysis faster; 10 sided dice in python; 123ink; 16 bit floating point numpy; 1d array to one hot; 2 list difference python; 2 plater die game in python; 231a codeforces solution in python; 2600/6; 2d array in python; 2d array python3; 2d list ... I want to make a 16to4 bit priority encoder just using 4 to 2 priority encoder? I am using verilog code, I used six 4 to 2 encoder. at the first I'v used 4 encoders and after that I put their output the input of the other tow encoders; but it doesn't work correctly at all! design a 8 to 3, valid output - priority encoder with AND,OR,NOT Gates. 3. How does sin/cos encoder increase the resolution of an incremental encoder? 0 <Verilog, FPGA> Priority encoder and normal encoder . 1. Confused why outputs of a priority encoder could be X instead of 0 or 1. Hot Network Questions Why does the momentum operator generate real eigenvalues? Hadith: insects falling in fire ... Where a Local handle only lives as long as the HandleScope in which it was allocated, a Persistent handle remains valid until it is explicitly disposed. Due to the evolution of the V8 API, it is necessary for NAN to provide a wrapper implementation of the Persistent classes to supply compatibility across the V8 versions supported.
3) Binary income ( 8% of 1 : 1 ratio ) 4) Session income ( 4.25% for 40 sessions) Note: You will get 2 session income per week. Session income will start after joining of 15 days, it means you ... We aim to understand how bitcoin nodes validate a bitcoin transaction by concatenation of output and input scripts . Therefor we analyze the format of Bitcoin transaction. By using this method you can decrypt the files and folders for windows 10. Encrypted files and folders are meant to protect any intrusion or unwanted access ... Digital Electronics: Priority Encoder Contribute: http://www.nesoacademy.org/donate Website http://www.nesoacademy.org/ Facebook https://goo.gl/Nt0PmB Tw... Encoder(8 to 3 Priority) - Duration: 6 minutes, 2 seconds. 35,843 views; 3 years ago; 7:02. Binary division of fractional numbers ( 3 cases of fractional binary division) - Duration: 7 minutes, 2 ...