- In `for (var i = 0; i < arrayName.length; i++) { ... }`, the type of `i` will be `uint8`, because this is the smallest type that is required to hold the value `0`. If the array has more than 255 elements, the loop will not terminate.

- The `constant` keyword for functions is currently not enforced by the compiler. Furthermore, it is not enforced by the EVM, so a contract function that "claims" to be constant might still cause changes to the state.

WTF?! Trivial loops won't terminate to due (unchecked) integer overflow, and the `constant` keyword does nothing? It's a complete gong show. I'm not touching anything to do with this language with a 100 foot pool. Is the hype bubble just that big?

[0] https://news.ycombinator.com/item?id=14807779

[1] https://solidity.readthedocs.io/en/develop/security-consider...

Edit: Oops, it looks like I'm mixing up my multi-million dollar screw-ups. First in July $30 million was stolen due to the "public is default" debacle, and then the fix for that problem introduced another bug (the developers forget to call the `initWallet` function), which lead to the $280 million being frozen in November[2]. Holy crap.

[2] https://news.ycombinator.com/item?id=15642856

Even the language designed to describe the "hack" was garbage. It wasn't a "hack", if code is law, all bugs are code and therefore part of law. There was no "thief" that "stole" anything either. Code is law. Somebody followed the contract down to the letter and made a trade to their benefited. Code is law.

If the central tenant of "code is law" cannot even be held and real meatspace-based humans can modify history at will.... what value does ethereum add at all besides pissing away an unimaginable amount of energy turning non-renewable fossil fuels into heat?

If anybody can modify history.... just use AWS. It's cheaper.

The "code is law" is just hype about how amazing and new and unprecedented this thing is, but it's a truly bad idea. The reversibility of bugs is a good thing. In human law, there are exceptions, and appeals, etc. Aiming for a completely mechanical system is the type of unnuanced thinking that leads me to be extremely skeptical of the entire cryptocurrency community, and in particular made me think that Ethereum was a total joke run by unserious people.

Computer tools must adapt to human nature, not the other way around. Ethereum's hype train ignored that. Such temporary hype trains can help get the train moving, but it's always important to separate the hype and marketing from the reality. Especially in everything from post 2000 in the Silicon Valley, hype and marketing are what drives success much more than product itself. We need to remember to not get high on our own supply, and not believe the bullshit that gets peddled in order to drive platform adoption.

I don't know if there's any alternative to that; any such system is going to have some means of enforcing truth and power, and means of gaining or losing it.

Cryptocurrencies are not a way of escaping that fundamental fact. They shift where the power is. Having that alternative to current ledger and contract systems can be valuable to people in certain situations.

Thinking that Ethereum or Bitcoin or any blockchain tech escapes these fundamental power relationships is exactly the type of inanity that makes the tech seem unserious. It's a hype train, it's not true, but there is still the potential for value.

Cool, so in reality a lot less than 51% of people can screw over every else.

Again, what is it that ETH provides society that's new and useful?

New: state-level actor(s) cannot stop an organization from receiving payment merely by forcing your third-party payment processor to freeze funds/stop payments.

Example: sci-hub. If they were receiving payments through Mastercard/Visa it would have almost certainly been frozen long ago. However, since they (apparently) get funded by receiving Bitcoin, they continue to operate. In the meantime, grad students and professors get the convenience of using sci-hub's interface to easily retrieve journal articles.

Even if sci-hub eventually gets taken down completely (or a researcher finds a catastrophic bug in all cryptocurrencies), the total time during which sci-hub served documents funded by Bitcoins was a benefit to society.

ETH allows fancier transaction scripts than Bitcoin, but the same argument holds-- a state level actor cannot just stop the contract from being executed simply by putting pressure on a third party.

Based on this article, I'd say there is value in ETH just as there is value in writing a complex, multi-threaded application in a memory-unsafe language. It's a bad idea, but for some special cases it may be better than doing nothing at all.

In most transaction, the third party also act as an insurance, a safety. If something goes wrong, the third party is supposed to be here to make sure everybody got their fair share without the need to take legal action, which can be difficult to near impossible sometime.

If I get scamed, does the smart contract allow a chargeback ? Who is going to make sure I was scam and not abusing ? etc.

What insurance would you need when sending a Bitcoin donation to a site where thousands of researchers already benefited by retrieving scientific journal articles?

I didn't write, "cryptocurrencies will replace all third party payment systems." I gave a single example of a situation where third party payment systems don't function and Bitcoin does.

They just haven't gotten around to it yet. The decentralized nature of cryptocurrencies increases the number of entities that need to be pressured, but doesn't make state-level actors completely powerless.

Since stopping cryptocurrencies is harder than freezing third party payments (evidence: see Wikileaks), this is a single, narrow example of the usefulness of cryptocurrencies. Researchers get the convenience of sci-hub's frontend for longer than they would if sci-hub had relied on a third party payment system.

Finally, there are a lot of good reasons why in democracy we vote per-head and not per-share. It's a big thing, but that is also being dismissed by cryptocurrencies.

They've forked before they could be forced to again.

Again, what is it that ETH provides society that's new and useful?

If you want to throw up your hands and declare this all a waste of time, feel free. You'll have lots of company, and for good reason, but setting some arbitrarily high goal such as "providing something new and useful to society" just makes it sound like you've got an axe to grind.

There's plenty of things about Ethereum (and blockchain exchanges and how they are used and hyped) to criticize legitimately, but this doesn't seem to be one of them.

Ethereum forces a global authority :)

Not only do those who designed the cryptocoin plus early adapters (the former are the latter, but not necessarily vice versa) get more rich with thin air generated by electricity, they also get more powerful. No wonder these things rise up like mushrooms from the ground.

Man, if I were into this, I'd just convince people 24/7 to get into these cryptocoins. Best way to get rich doing virtually nothing but some marketing. Right?

And if you're just going to use ETH to pay for real compute hardware in the cloud so you can run real software, at that point why not just use BTC?

Turing-completeness doesn't automatically make something useful.

By the very nature of your argument if a Turing-complete blockchain isn't inherently worth something than a stack-based language which isn't Turing complete is certainly worthless.

I feel like your arguing with me for the sake of arguing? What's your point ETH isn't perfect, so what, it's relatively new tech which is exploring an interesting problem. The fact it's valued X _may be_ a fair evaluation or even undervalued given it's impact. The upside being possibly a DAO controlled by an AI efficiently providing resources to humanity in a way human's can't given traditional power structures. Or maybe fiat isn't so bad and we don't want robot overlords so we scrap it all. At the end of the day who cares, as long as your smart about the money you've invested into to the ecosystem you won't be hurt by a Black Swan in the cryptosphere. I think anyone working on ETH up to Vitak would have the same sentiment.

If you want to build a better language for interfacing with the VM your free to do so.

You argue for purity of a principle. Very few people actually care about such a notion. The majority has more practical concerns. The fact that a theft that would have made the whole currency seem insecure has been reversed was seen as a proof of solidity by many users.

The current system at least theoretically has democratic (or otherwise) control over who the 0.1% in power are. In a system like BTC or ETH it's just 'who has the most compute?' or in proof of stake, 'who's the richest?'

The 'diminish trust in the network' threat really only discourages an existing good actor (invested in the network) from turning into a bad actor.

If I've been mining a cryptocurrency for years and I decide I want to move on to mining something else, what stops me from using 51% to destroy the currency before I move on to mining something else? If I moved my currency holdings out (or have been liquidating them regularly, as any sensible miner might), what's to lose?

It may not be for you, and it may not be for society writ large, but it is an excellent and very important idea. Removing human judgement is exactly the point. Whether this thrills or horrifies you is, I think, a personality trait.

I attach neither horror nor thrill to that idea, I find it laughable. We all have our abstract ideals, and these abstract ideals eventually meet the reality of human interaction. There is no possibility of removing human judgement, as long as humans are in control of the machines. Humans may temporarily agree to go with whatever the machines say, but that is only a temporary status, as whoever controls the machines has ultimate control.

I'm still a little lost. What value does ETH provide if we cede to human emotions and social power structures at the end of the day? We don't need to invent a cryptocracy to realize a world where people who own 51% of the power can acceptably or at least "fairly" screw over the the dissenting lot with 49%... that is just old school power. It has been around for ages.

In theory, ETH proposed a playing field where law is specified using a language that everyone agrees upon, and where applications of said law are recorded on a decentralized public ledge and even executed using the compute power of the underlying network. The system was valuable precisely because it provided a cryptographically robust way to circumvent humanity for the purpose of recording law with authority and confidence.

But all we've learned from this experiment is that when someone messes up, or not, and it impacts a lot of people (in these cases negatively), they will appeal to the people who own the power and request execution of an "authorized" (not by the original rules but by virtue of ownership of power) out-of-band attack against the system. In other words, they'll collude to perform an illegal move in order to counter the undersireable outcome. In essence, it's a network coup.

Don't get me wrong, I think this is kinda cool too. And if ETH or blockchains or whatever is the zeitgeist what inspires people to continue to imagine and build transparent societies where we have better and better distribution of power, perhaps it has artistic value.

But these events jade people, and the reason they lose trust in the system is because they learn just how easily it is not to be trusted.. how human it is. You put your faith in a system only to see the network owners use their power to operate outside of it.

Of course this is great when you are the beneficiary of a network reset. But by condoning rewriting history, you've chosen to sacrifice the system and pander to your emotions above those of the people who shared trust with you when everyone agreed to play by the rules. So maybe you don't live in an ivory tower: there may appear to be few victimes (namely the bad actor) but finally don't forget the contracts that become void when the network is reset. To those who bought in ideologically to ETH, these events effectively invalidate the entire system. And ETH becomes a failed experiment.

We both appear to agree that ETH is still human. You claim this is a boon. I am skeptical. I am still curious why being human innately makes ETH more valuable. Perhaps you mean the fact that the participants evoked "human mode" over "machine mode" is an indication that people value this system dearly. I do not disagree. But I'd argue this value comes from a different place. This value comes from a desire for, well, value itself. This is a different, darker, value. It's no longer simply valued for its merit: the vision for a mechanically infungable system isolated from human emotional responses. But it's just another victim of human irrationality, greed, ignorance, and laziness. And that is a little sad in my opinion.

Just to be clear I'm not bitter I've never owned any ether.

What a completely idiotic notion that is. Language can be used to deceive, and if the neverending freakshow of "smart contract" bugs shows anything it is that computer languages are not exempt.

Removing human judgement is exactly the point.

The Underhanded C Contest is not about human judgement.

We have processes that deal with human reality. We build political parties to extend power, we have judges and parliaments, where laws are written, people enter contracts every day - the system works mostly well. Ethereum is an improvement on exactly what?

And even if it were, why roll back the block chain to rectify the situation? In traditional accounting, wouldn't you need a ledger record of both the mistake and its correction?

This is exactly what happened. The blockchain wasn't rolled back. New transactions crediting the victims were injected into it.

So can I make a purchase, receive the goods and then claim a bug?

Reversibility of platform bugs is a good thing, reversibility of contract bugs is basically reversibility of plain transactions, which makes the whole idea of cryptocurrency useless.

(the fact that the creator of Ethereum was heavily invested in the DAO doubtless played a role as well... it's different when it's your money that got stolen, and he had the power to do something about it.)

Still though, people don't understand that the legal system is a feature, not a bug. A neutral arbiter that can judge the spirit of the contract and come to a decision that resolves the matter fairly for everybody... that way you don't need to guarantee bug-free code forever.

There was a post here a while back that made the interesting point that essentially everything cryptocurrency attempts to do is anti-user and the problems they claim to solve would actually be viewed as features by most people. For example, no chargebacks! But chargebacks are a good thing, if the good turns out to be significantly not as described then you can get your money back. Or - immutable history! But it's actually quite nice when the bank can remove fraudulent charges when my wallet gets stolen, I quite like having that recourse.

3% merchant fees for Visa don't seem so bad compared to the DAO hack and Solidity and all that other shit.

Laws are, after all, code. Programmers are the new lawyers.

The problem with the "hack" was that our laws/code are still incredibly primitive.

I don't have an issue with the rollback - because that's part of the design, and I really doubt they'll be able to do that again if the ownership of ETH spreads out more.

These problems will work themselves out.

Think of Ethereum as a very slow decentralized computer. People make mistakes building applications all the time, but this doesn't necessarily mean the underlying language, or for a better comparison, the compiler is at fault. Problems with the underlying language can cause problems with applications, obviously. Programmer error =/= language/compiler error, while both can occur.

People have been talking about the Parity hack like it's Ethereum's fault. Imo that's as absurd as blaming C for your program crashing to your coding error.

Your post, while you are confusing two types of errors, isn't completely off. Solidity does need improving. Any language has to pick tradeoffs, and evolves over time as it becomes apparent what the system's needs are. But Ethereum and Solidity aren't to blame for most of the ETH-based apps that rushed to market without an appropriate level of QA and review, cut corners, made mistakes, and caused catastrophic problems for their users like the Parity bug... this should be ringing bells, folks.

https://news.ycombinator.com/item?id=14810008

https://news.ycombinator.com/item?id=14691212

It turns out that having a language designed by a 17-year-old who knows some Javascript might not be the best idea in the world, who would have thought?

The language needs to be thrown away and a more proper one implemented, plain and simple. Solidity is unfit for purpose.

But I definitely assign some guilt and responsibility for all the money lost in solidity contracts to creators of ethereum.

At the end of the day of course, the biggest error was on the part of the app developer, #1 because they used a bad platform, #2 because they didn't QA enough to compensate for the platform being bad.

But it still comes down to the fact that Ethereum and Solidity are low quality and the low quality results in more bugs and lost money than we'd see otherwise. It's just like the bad old days of Windows XP (and the modern days of Cryptolockers) except now money is directly vanishing into the ether because bad software is controlling it.

The point is that the designers of Ethereum shouldn't have been so short-sighted as to choose the hipster JS offshoot of the week to build their massive multi-million dollar distributed computing system on top of.

Most of the largest headlines involving loss of funds in the Ethereum network have been due to programmer or user error. Keep in mind that Ethereum is still in its "experimental" phase - it isn't "supposed" to have billions of dollars put into it just yet, but the market doesn't care about this as long as the prices are going up. Ethereum could be much worse than it is, but that wouldn't mean its value would go to zero, or even do down. Plenty of top coins by market capitalization have been orders of magnitude worse, or just outright scams. Remember "The market can stay irrational for longer than you can remain solvent".

It's still a very new area of technology despite the amount of money that pours into it. There's innovation, but it can be difficult to see it in the midst of the hype.

On something so absolute as Ethereum, I would expect them to use a very dumb language with as few complications and complexities as possible, and then to formally verify the crap out of it, and quickly make it the most consistent, predictable, and stable language on the planet (again, possible only with a very barebones language that does not have complex features). The fact that Ethereum has been around for so many years and this has not happened indicates that it's not a serious platform.

What other classes of errors are there that Ethereum is successfully avoiding?

Well, that's reassuring. Should we expect that there will be no more programmer errors in the future on the Ethereum network then? Isn't Ethereum's job to minimize those errors?

Network effect and name recognition, the same reasons that Bitcoin hasn't been supplanted by Monero or Zcash or any of the other dozens of coins that do virtually everything better than Bitcoin.

The really interesting thing is that the original plan for Bitcoin included many of the same programmable-money features as Ethereum. The instructions are still in the bytecode but I believe they were disabled in one of the patches, except for a handful of instructions that implement the basic "send money from A to B" type functionality.

My impression is these were supposed to be enabled/used at some future date, but this is just one more thing that's gotten bogged down by the infighting and politics of the project. Much like blocksize - 1 MB was just a number picked to avoid transaction spamming blowing things up in the early days, not a divinely inspired number intended to be used for all time. But the project is so stagnant and calified that they can't handle even the smallest day-to-day tasks like this. God forbid we change one of Satoshi's sacred constants.

That doesn't explain the lack of guarantee on "constant". What is the technical detail which prevents such a guarantee?

So I'd say yeah, technically not but practically it is.

"Pyramid Scheme is implemented using the appropriately-named Racket."

http://www.larcenists.org/

There are a couple of other languages in development that might improve the ecosystem:

* Vyper https://github.com/ethereum/vyper

* Serpent https://github.com/ethereum/serpent

There are a couple projects working on it (eg Viper), though many seems to prefer starting a new blockchain.

Edit: s/Serpent/Viper/

https://youtu.be/ycF0WFHY5kc?t=991

Are you acquainted with Javascript or windows?

Bitcoin proved that global cryptocurrency is absolutely sustainable, it just can’t be cheap.

It has not.

* Transactions don't scale: they're are expensive, and not instant.

* There are practically no ways to spend Bitcoins in the physical world.

* The electricity costs of mining are not sustainable by mankind. Although some people in China want you to believe otherwise.

> blockchain has limited scalability, second layer doesn't. also blockchain transactions were never supposed to be instant.

Of course it wasn't supposed to be instant. That's why its a shit system to use as currency just like gold bars are a shit currency cause one has to drag them from the mine to the bank to the store. This Bitcoin thing was meant to be a currency, right?

I guess you're talking about Lightning Network though which Bitcoin evangelists appear to market as the Second Coming of Christ. Well, it isn't active yet, and it isn't part of Bitcoin ie. it isn't "Bitcoin". So... I was right.

> there are plenty

Not really. Many have been removed lately. There were Bitcoin debit cards. Well, they got revoked. Steam? Doesn't accept Bitcoins anymore due to high transaction costs. And those are just a few examples.

> in fact nothing is instant, check this thing called physics.

That's odd. I just put money on my debit card from my bank and it took like a minute. And I consider that slow! If I buy something from a store, which I did today, its instant enough that I can put my bank card in my wallet and move on. That's why I call it instant. The fact it isn't instant, is true, but it is nowhere near the latency of Bitcoin. And Bitcoin's latency is nowhere near my bank to debit card transaction. My statements regarding slow (and expensive) transactions were true.

> bitcoin is not even a blip in total world energy spending and less than that in total world energy production.

Yes, when it consumes more energy than my entire country, it is. Plus, when it is thin air we're discussing, it is.

> also if you check the dictionary for word sustainable:

How about you look up the word in your dictionary, called environment?

> bitcoin is sustainable by design.

Circulus in probando.

Wake me up when I can pay BTC at the same places where I can pay with EUR. I'll even do a concession! Wake me up when a United States resident can pay BTC at the same places they can pay with USD.

Reductio ad absurdum. I mentioned several reasons.

> Lightning network is active on mainnet, not sure what exactly batted that information from reaching you.

Why are Bitcoin transactions still slow?

> Revokation of debit cards had nothing to do with bitcoin and there are plenty of companies that still offer them.

Of course it is related to Bitcoin. Please link 5 of these currently valid Bitcoin debit card products. If they're so rampantly available, surely you can link 5 easily?

> That some merchants choose to drop support because low value transactions aren’t economical is unfortunate but also temporary.

Yeah, life is temporary as well rolleyes. This is a non-argument. You cannot tell when the problem is solved, and its a severe issue for adoption of Bitcoin.

> Nope, still not a blip. So yourself a favor and spend more than 5 seconds to inform yourself on the topic.

Yet, it is, and I can't be bothered to spend time to reply to the rest of your ad hominem.

> You’re conflating energy use with energy source, nobody is burning oil to mine bitcoins - those guys are out of business.

I didn't mention oil (ever heard of Co2?). I mentioned that power source has impact on the environment because that is reality 101. If I have 100 buckets of sustainable water, and I piss in 90 of them, then the rest of the world only got 10 buckets of sustainable water left for general consumption. Which is a loss of sustainable energy. So using unnecessarily vast amounts of energy is a loss for the environment. Of course this isn't in the interest of miners or Bitcoin evangelist like yourself.

> That explains everything

That explains nothing, its just one of your ad hominem fallacies which tells the reader something about you, not me.

Instead, this explains everything: https://en.wikipedia.org/wiki/Multi-level_marketing

Dear reader, please don't fall for the Bitcoin scam. Read the above link instead, and notice the parallels with the Bitcoin/cryptocurrency mania. Specifically, the parallel with ICO and early adopters of cryptocurrencies.

Yes, I did, see the various posts I made. Posts you supposedly read, and responded to. You even addressed the multiple premises yourself! You're even addressing various of them in this very post!

> if you intended to ask

That wasn't my intention to ask, it is precisely what I asked. Read it back. Your answer to slow transaction premise was: "this is the solution to the problem" so I say "but it isn't available" to which you say "well it isn't widely available yet" rolleyes. How about you start being practical for a change?

> quick google shows a whole bunch: cryptopay.me, bitpay, spectrocoin, xapo, www.shiftpayments.com. there's 5 for you.

BitPay was on hold, doesn't inspire confidence. Plus:

"Sorry about that! The BitPay Card is not available for order in your area yet. We're working to bring it to more countries soon. If you’d like, we can notify you when it becomes available in your area."

"Why We're Updating the Minimum BitPay Payment Amount to $100 22 DECEMBER 2017 PRODUCT UPDATE, 12/23/17: We continue to monitor bitcoin network conditions, but we have re-enabled BitPay merchant invoices and BitPay card bitcoin-to-dollar loads for $5 or above. BitPay Card orders are also once again available."

Sounds like "working as intended"..

I checked Xapo as well, seems like its a virtual card only.

> everybody is aware that issue exists [...]

Ah, that one. Well, that's odd, I just asked my 5 year old about it and she had no idea what I was talking about.

Wake me up when you can do small transactions. It is kinda important being able to perform small transactions with a currency. You know, I can go to the store right now and auth with a PIN and here's what that costs me: 0,00 EUR. I can even auth with a NFC card, if I enabled that and am OK with that and all.

> it's called a free market

Red herring.

> if it is economically viable for mining companies to spend energy at their location for the price at that location - not much you can do about it.

Yeah, there is: not supporting cryptocurrency where mining is lucrative or not supporting cryptocurrency. You can opt to not support cryptocurrency by simply not joining the MLM/pyramid scheme. Actually, if you got savings, you're probably better off investing in safe stocks such as AAPL (~48% profit last year) or GOOGL (~36% profit last year). The likelihood of these two companies going belly up is very low. You can also spread further, or in multiple markets.

> it's only unnecessary by your definition and understanding of bitcoin.

My definition of the irrelevance of Bitcoin as well as.

I haven't seen any place in Amsterdam Area (where I live, throughout Europe considered a tech hub) accepting Bitcoin. When I was in Berlin, saw zero Bitcoin as well. C-Base didn't accept it either. They did accept this currency called EUR, though.

Bitcoin's slow transaction speed wouldn't be an issue for something like dentist/doctor. Those have your PII including your SSN (or well, the Dutch equiv here), and you got physical contact with them. The payment here even goes via insurance company. Have never heard of any Dutch insurance company accepting Bitcoin though.

You haven't looked very hard, than. This is a "black swan" thing, by the way. So here's why you are entirely wrong:

* thuisbezorgd.nl accepts Bitcoin. Has done that for years. You can order from any snackbar, febo, pizza-joint, sushi-bar and pay with Bitcoin. Literally thousands of places in Amsterdam.

* mollie.com has offered a bitcoin-payment option for all their merchants to enable for years. Many webshops in the netherlands have enabled this (I use at least three on a monthly basis) who will then accept bitcoin.

* At least two lodging/guesthouses in Amsterdam accept BTC to sleep there.

* At least 8 coffee-shops (the ones selling actual coffee) and restaurants accept it.

* A cinema (Filmhuis Cavia), a barber, a grocery-shop, a vegan restaurant, a lawyer (Plasman) and probaly many more.

So, there you are: you were wrong: You can spend your BTC just fine in the fysical world. Even in the city you live in.

Mollie, OTOH, is just a niche.

Now, let us discuss the amount of Thuisbezorgd transactions paid by means of Bitcoin. Paraphrasing their own words: "far less than 1%, and it hasn't increased over time" [1] (Nov 2017). They also convert the Bitcoin to EUR right away. That tells us something about the adoption of Bitcoin in the general public when your best example is this one. The elephant in the room is that paying with Bitcoin isn't feasible in this example due to the high transaction costs, and slow transaction speed.

Apart from Thuisbezorgd all of these examples are just that, exceptions and niches. They don't paint a Bitcoin paradise where one can spend their Bitcoins. If I take public transport, I gotta pay with EUR. If I pay for my OV Chipkaart (NFC) then I gotta put the money on the card via... EUR. There's no alternative to that. If I then go to IKEA and buy a bank, I gotta pay with EUR. If I then ask PostNL to deliver it, I gotta pay with, you guessed it, EUR. And if we'd go for a quickie at my fav fast food restaurant, Maoz, well they don't accept Bitcoins either.

Thuisbezorgd supports it (though I have no idea on the effect on delivery time, and transaction costs must be very high relative to the food. For one pizza that wouldn't be feasible) the rest is practically irrelevant.

Take this for example:

> At least two lodging/guesthouses in Amsterdam accept BTC to sleep there.

Two, woah! Blimey the free market provides us two options! Which ones? Wake me up when its market penetration is above 50%. Same can be said about your 8 (!!!) coffee-shops/restaurants. Look, it is a given that with so many stores (thousands) in such a small area, a few shops are going to adopt it. There were also shops who committed to the tulip mania back in the days, there are people in Amsterdam who work in MLM scheme, there are criminals as well, there's illegal prostitution, and there's Scientologists as well. That doesn't mean its a tech hub who adopted Bitcoin, doesn't mean the entire city is criminal, doesn't mean the entire city is full with illegal prostitution, nor that the entire city believes in Xenu.

A Bitcoin techhub or paradise would be a place where you can live your daily life by means of merely Bitcoins. We're not even remotely close to that in Amsterdam. I don't think it will ever happen. Although its in the interest of the Bitcoin facade to believe that, yes, Bitcoin can be easily used in the real world right now because you want to be able to cash out when the bubble busts (or right before that) your options are in practice severely limited. You cannot even remotely compare it to a strong currency like USD or EUR. Fuck me man, 8 cafetaria/restaurants to pick from in Amsterdam is seen as a techhub? A Pyrrhic victory, that's what that is.

> You can spend your BTC just fine in the fysical world.

Only at a very miniscule amount of stores. I wouldn't call this Amsterdam place "a techhub who adopted Bitcoin."

[1] https://www.ad.nl/economie/thuisbezorgd-nl-is-voorzichtig-me...

You said there were "no options to pay in the phisical world".

I proved you wrong, because there are. Just one option would have proved you wrong, yet in reality there are far more than one. In Amsterdam alone.

And so your arguments start to move. Now it suddenly needs "a large adoption" and not a "niche" (mollie, btw is one of the largest, if not the largest PSP in the netherlands). And they shift from "no-where where I can pay" to "you can pay, but very few people actually do so".

You could also just admit that you were wrong because you were not aware that there is an actual community out there, even in your hometown, who accepts Bitcoin, pays with it and as such makes it an actual payment system. You could admit that you were not aware of this, but that now you are, you know that Bitcoin is used; just not in the way you envision it, or not by the people and companies that you would like to.

Also note that many people (I'm not aware that you did this!) mention that bitcoin is both a failure because no-one ever pays with it, yet also mention that it is a failure because the confirmation times are high and fees are growing; which is a direct effect of too much people using it.

No, I said I didn't notice them in the physical world (and I still haven't, fwiw). Never seen any physical store say "we accept Bitcoin", never. I was clearly talking about my anecdata which is still, from my perspective, valid.

That has a different meaning than what you make out of it. I never wrote about the online world. You gave as example Thuisbezorgd; that's not the physical world. That's not a brick & mortar store. They're a virtual middleman service.

I avoid them btw, because I can get cheaper deals by cutting them out as middleman and giving a higher tip to the hard working delivery boy instead.

> (mollie, btw is one of the largest, if not the largest PSP in the netherlands)

Really, never heard of. I guess iDEAL and PayPal just went out of business. Good luck competing with iDEAL, btw.

> You could also just admit that you were wrong because you were not aware that there is an actual community out there, even in your hometown, who accepts Bitcoin, pays with it and as such makes it an actual payment system.

The existence of something doesn't describe its state or, in this case, adoption level. The adoption level (or market penetration) is very important in the subject of payment systems, but you prefer to ignore it and spout red herrings like this instead to pursue your character assasination agenda.

> You could admit that you were not aware of this, but that now you are, you know that Bitcoin is used; just not in the way you envision it, or not by the people and companies that you would like to.

I was aware Thuisbezorgd accepted Bitcoin. I was also aware that it wasn't being used much, as I quoted. That article was no news to me. The question whether its used or not is important in the discussion as put forth above. Is it used a lot? No, not really (far less than 1%). The question about transaction costs/time was also still up in the air. I guess you don't know the answer to that either.

> Also note that many people (I'm not aware that you did this!) mention that bitcoin is both a failure because no-one ever pays with it, yet also mention that it is a failure because the confirmation times are high and fees are growing; which is a direct effect of too much people using it.

My orig. point was it doesn't scale.

As for what you wrote here the fact transactions happen doesn't mean people are paying with Bitcoins in the physical world. It might as well be a bunch of astroturfers (the way Reddit came to existence), or a bunch of people buying drugs (the way Silkroad ran). You don't know.

But we do have a statement like the one from Thuisbezorgd.

Now I'd like to see a statement from a serious computer manufacturer like Apple or reseller like Media Markt or Bol.com stating they accept Bitcoin (all I read is businesses like Steam quitting accepting Bitcoin as payment method instead). Things like that are a sign of widespread adoption. What isn't a sign of widespread adoption: 8 bloody restaurants/pubs in the capital city (!!) accepting Bitcoin. That's a sign of a tiny, irrelevant niche.

PS: Oh, and with regards to the bubble, we didn't discuss Tether.

https://www.mollie.com/nl/

They do the iDeal, Sofort, Creditcards, Bitcoin And so on, for some of the largest ecommerce platforms in the netherlands, as well as the majority of the small ecommerce shops. They are a PSP, which is very much a middleman, which is why you may not have heard of them.

Albert Heyn, Deliveroo, Douwe Egberts are just a few of the larger Dutch brands that use Mollie.

Note that not evey merchant using mollie will have Bitcoin enabled, I'm not sure if e.g. ah.nl has the bitcoin option enabled, but I haven't checked them either.

I'm leavin this discussion here. You come across as someone who has some axe to grind with Bitcoin. Which makes you appear angry, frustrated and shifty. There are places where you can spend your bitcoin. In Amsterdam. A lot. I've spent mine in some. There are places where you can spent your Bitcoin in my hometown, I've spent them there. I've seen stickers on doors, in both Amsterdam and Arnhem (And Barcelona, Berlin, Antwerp, Ghent). My wife and I were selling her stuff on several markets in Amsterdam (and festivals such as Lowlands), my wife has a "bitcoin accepted here" sign. You may not have seen it, but it was there. I know, because I was there. And you know what? People buy stuff with bitcoin from her. Very few, true, but they do.

But as soon as I point this out, it suddenly does not count as places to spend your bitcoin in the physical world because you haven't seen them yourselves, or because you decide that the volume processed there is too low. I'm out.

Their entry on Wikipedia got deleted. That's how relevant they are. They're a BV with <= 50 people. MKB.

iDEAL/Currence is a PSP as well.

How important has Bitcoin been for Mollie? Do you have any data on the absolute or relative amount of Bitcoin transactions?

> Note that not evey merchant using mollie will have Bitcoin enabled, I'm not sure if e.g. ah.nl has the bitcoin option enabled, but I haven't checked them either.

??? Hello? Have you ever ordered on ah.nl??? I order there practically every week. You pay either in store if you pick it up, or you gotta pay by PIN if they deliver. You CANNOT pay online. Do you get that? They got barely time to deliver the groceries in your house. Do you think they'd be cool to wait till the Bitcoin transaction was finalised? Who are you kidding?!?!?!

> You come across as someone who has some axe to grind with Bitcoin.

Of course I do, its akin to MLM. I already burned my hands on that. Why would I want other people to get burned by scammers?

> or because you decide that the volume processed there is too low

You never refuted the volume being important premise. You had the opportunity to do this in your previous 2 posts but you neglected that by coming up with more niche examples which simply don't prove the existence of a Bitcoin techhub as you put forth in your earlier post. I know there are niche examples, and I know you're well aware of them. Here, have a cookie. What I'm interested in is figuring out how important Bitcoin is for the Amsterdam Area. From what I can tell by the data I have we have:

* Adoption (market penetration). Terrible. Only a few niche cases.

* Volume. Terrible. One data point from Thuisbezorgd, one data point from yourself.

And this isn't rocket science its reflected by the lack of large online stores accepting Bitcoin. Its reflected by the high transaction fees, and slow transaction speed. You say that's a sign of Bitcoin being used for legit transactions in the physical world. Where's the proof for that? Nothing we observe points to that. Might as well be bots to ensure people cannot and do not cash out their Bitcoins. All you've proven is that there are quite some niches which reluctantly accept Bitcoin, and very few data on volume. The rest is all red herring & ad hominem.

This scheme is not unsafe because of miners. Transactions are public. As soon as Alice’s “reveal” message is published to the network, everyone can submit guesses using the revealed number. And miners are incentivized to include whichever transaction pays the highest fee, which means the transaction fee of the guessing transactions published after the “reveal” transaction will converge with the prize sum.

Alice’s commit transaction needs to specify some block height after which further guesses are ignored, and then publish the “reveal” message some (safe) number of blocks after this.

You're right that this particular example has other downsides. The goal was to present the simplest examples of some attacks and issues that are easy to miss when doing blockchain programming. As I mentioned in another comment (https://news.ycombinator.com/item?id=16144892), the important thing is that, as a developer for a given chain, you need to be aware of the pitfalls of your chain (keeping in mind some apply across chains) so you can design around them. That includes the pitfall you described---everything is public, and that introduces some careful decisions that need to be made when building smart contracts. That one is pretty widely discussed; on the other hand, we hadn't seen any other content with a basic introduction to the pitfalls around miner misbehavior, so we felt James's post was super valuable.

I think a key piece of it is the last paragraph:

> Miners aren’t your friends or enemies — they’re a force of nature in our consensus systems. Systems that fail to plan around this will eventually lose out to clever miners.

We've built many systems today that fail to take into account the dangers of ignoring security, and we're starting to pay the price. Public blockchain apps will need to be careful to have a decent understanding of the threats, especially since many of these threats have the potential to be even more directly tied to money than security issues in current systems. The more important (you consider) your system, the more important it is that your threat model include entities that are required for your system to function, like miners.

The is-blockchain-hype-or-here-to-stay debate will unambiguously be settled if OWASP ever publishes a top-10 blockchain programming list.

Yes, "paradigms" in the sense that broken bones and multiresistent germ infections are technically both "injuries" and can be fixed by "healing".

I think securing code against random accidents or even against specific, well-known vulnerabilities is something entirely different than writing a program for a processor that actively works against you.

We're realizing this right now in the context of adversarial code with Meltdown/Spectre and Rowhammer. I think this is a similar but even worse situation.

I think this is unsafe as well. Noted that since everyone can verify the real answer, there is no point for Alice to reveal it. As a result, as soon as anyone submits the correct answer, the miners can cheat and replace the answer as their own.

After some degree of thinking, I find that it is quite difficult to design a secure smart contract such guessing game. I haven’t find a way can fulfill all following security properties: (a) the Alice has to pay for the first person who finds the correct answer; (b) that person can only collect reward after showing the the correct answer; and (c) the miner cannot cheat.

I wonder if anyone has a solution for the above problem. Also, if such solution exists, we can actually use it to implement the RSA challenge [1] in smart contract.

[1]: https://en.wikipedia.org/wiki/RSA_Factoring_Challenge

In any case, the blog post has Alice rewarding whoever comes closest, not whoever guesses the exact value. For a sufficiently large range of numbers (e.g. 128 bits), you wouldn’t really need a salt since the probability of anyone guessing the exact value would be negligible.

This surely is a very bad thing. I'm not saying programming smart contracts should be trivial. Or maybe I am.

I guess the thing is - for Ethereum to have any chance of surviving it needs to be simple to write simple contracts. Easy things should be easy and hard things should be possible. And footguns should be removed from the language...

This is an understatement, and belies the more appropriate: blockchain programming is dangerous.

Proceed with extreme caution.

Except the miner can simply include the transactions but add its own guess before all of them - so the miner would collect the fees and the guessing game prize.

Oddly the mining analogy reminds me most of Eve Online, which has a professionally tuned in-game economy and where you basically have a graphic representation of everything mentioned in the article, including the tedium and energy of mining, the endless technological arms race (designed to make you invest as much time as possible or buy credits to leapfrog other players), and pointless destruction of wealth - intra-player conflict is where most of the action and excitement is because the exploratory aspect of the game is only as interesting as it yields new technology that gets recycled back into the arms race.

Perhaps the solution is a medium of exchange that doesn't use absolute units, but is a function of your ability to pay.

This is already implemented in many areas of modern life, especially by governments (Obamacare, progressive taxation, social security, etc), and it has a major negative side effect of incentivizing poverty: either real (by encouraging the young to work as little as possible) or faked (by encouraging those with accumulated wealth to conceal it as much as possible).

My own personal view is that using starvation to incent work is acceptable only if society is unable to produce enough food for everyone; in that case, those few points to the GDP have real impact. I personally don't feel that it's okay to use starvation to incent work when that work largely produces luxuries, but that's just me, and everyone has an opinion on this one.

[1]Interestingly, historically this aphorism has been a leftist saying... that is, the rich should have to work, too. Leaving aside my controversial views of the bible, in more recent history, John Smith used it to this meaning in Jamestown, and then in the early 20th century, Lenin argued that it was a fundamental principle necessary for socialism to work. Both were talking about situations were people were starving (the early days of Jamestown and the early days of the Russian revolution, respectively) More recently, it's used as a rightest saying, arguing that the poor ought to work or starve, something that was the assumed truth in earlier ages.

I think most people would agree with you on that one. And the fact that people in "rich" countries are still food-insecure is horrible.

One problem is that there isn't a clear bright line between "starvation" (in the sense of malnutrition) and "nutritious but not very tasty food" and "nutritious and tasty but not very pretty food". And you can keep going in that vein to things like "not having a flat-screen tv", say, which I think most people would classify as quite different from "starvation". But there isn't an obvious cutoff point on the way.

Oh, and what we consider sufficiently nutritious today may not be so considered tomorrow. Both literally (at some point nutrition science discovered vitamins and then trace minerals, etc), but people nowadays also get into arguments about whether internet access is a fundamental right like food or a luxury. And whether personal transportation (e.g. cars) is a fundamental right. What will people think about access to a self-driving car 50 years from now: luxury or fundamental right?

In practice, what we consider below-acceptable standards of living (which we as a society need to subsidize until they reach acceptable levels) are a good bit higher than what was considered totally acceptable 50 years ago. That's a natural consequence of society growing richer, of course and I would say it's a _good_ thing.

But here's the question that bothers me: Had we frozen per-capita production at 50 years ago levels, while subsidizing living standards to a level above the 50-years-ago acceptable minimum but below the today acceptable minimum, such that vast numbers of people today would be forced to live below what we consider an acceptable living standard today, would that be a net gain? In the short term, clearly yes (we subsidized people at a higher level). In the medium term (to today), it seems clear to me the answer is no. In the longer term (200 years from now, say), I have no idea.

It's hard to tell even post facto, much less a priori, whether we're over-subsidizing or under-subsidizing to achieve maximal happiness. And that's even if we can all agree on a timeframe. Combine that with the fact that different people already have different definitions of what constitutes minimum acceptable living standards, and it becomes very hard to apply ethical considerations to this problem in a principled way. :(

Except that ethereum is lying when they say this. The DAO contract was nullified and censored. The Ethereum Foundation and the DAO team were bailed out and had preferential treatment.

We should probably change the title to match the original one.

* You want to register a domain name on the blockchain and associate it with your address, so you submit "register foo".

* The miner sees it, and inserts an earlier transaction registering foo to them instead.

Solution:

* You register the hash of foo, which registers the plaintext encoded by that hash, then wait until the transaction is accepted publicly and submit a second transaction that reveals to everyone the plaintext of the hash that you registered.

The miner could still try to guess at which name you're registering based on the hash (by having a long list of potential names to hash just in time), but I can't think of a way to do better than that. Anyone else?

I used to have an Ethereum mining operation, before it became unprofitable to do so. It was one of the most fun ventures of my life. All the cards and enormous heat and fans exchanging outside air in. It felt like I was part of something futuristic and new, solving problems I had never had experience with before. I miss it very much, I wish it could have gone on forever.

I use NiceHash and have historically made about $2/day per GTX1070. This past month though I've been making more that double that.

EDIT: Use this site to find out if your cards will be profitable considering your energy costs: https://www.nicehash.com/profitability-calculator

I do want to leave one important caveat. NiceHash was recently hacked and anyone who left their money in their online NiceHash wallest lost it. They recently came back online and claimed they have a plan for paying people back and will give more details at the end of this month. That being said they have paid me for my mining since the hack. If you do use them I'd recommend withdrawing to wallets you control as often as possible.

A GTX1070 costs about $800. At $4/day, it will take you 200 days to make back your principle (ignoring power costs, difficulty scores going up etc. - in reality it will obviously take you even longer to cover your costs).

If you had put that same $800 in to buying ETH (picked because it's a relatively safe, "boring" coin) on 1st July, 200 days later (or 7 months) it would have been worth $2,140 (yielding a $1,340 profit per card equivalent cost invested - note I'm using ETH price on 1st Jan 2018 and not including the recent growth to a new all time high). And the profit will likely x5 (or more) this year if you hold on to your ETH.

A couple years ago I dabbled in mining. I got a top end card that would mine transactions for 16+ hours a day. When I actually wanted to use my computer, I'd flip mining off for a couple of hours and do whatever I needed.

I got to game with ultra graphics, have a PC for school work, and do some mining.

£48 per day minus £4.80 costs. Every day? For just leaving something switched on? It is quite appealing.

I got my 1080ti's for £650 a pop. ROI is 108 days. That's why people, myself included, are doing it.

Versus £5,200 capital to invest immediately in a basket of safe (as much as crypto currencies can be), liquid coins that will likely x3 to x8 over a 12 month period.

To each their own I guess but it's not the bet for me.

Sure, you could hold "shitcoins" that are currently easier to mine but that's a lot more risky than long term holding something like ETH, LTC, XMR (at least I think it is anyway).

So: * Mine whatever is most profitable to mine at that time. * On mining that coin, convert to whichever investment vehicle gives you the risk/return that you want (BTC, ETH, XLM, VFIFX, US T-bonds, etc).

I don't mine ETH directly with Nvidia hardware though it is still profitable on AMD gear. I use whattomine.com to get a rough estimate of my daily earnings...

I mine to a pool called miningpoolhub which auto exchanges my shitcoins to LTC (or whatever I choose). From there I send to Coinbase -> GDAX -> Sell for ETH or FIAT. So far, since starting mining 1 month ago I have ROI'd 1.8 1080ti's already. Once they've paid themselves off the rest is pure profit and the best part, GPUs have intrinsic value beyond mining.

Also as per other commentors - coins I mined will appreciate too. If I buy ETH with FIAT (which I have also done btw) I am literally buying thin air. At least with GPUs I own a thing if the shit hits the proverbial!

- whattomine.com - https://goo.gl/94KHv4

- https://simplemining.net/

- https://miningpoolhub.com

Following the Gregorian calendar (international defacto standard) this statement is always false, never true.

There's no way all these coins are going to be accepted currencies (literally none are, not even Bitcoin). There's no way all these coins will retain long-term value either.

Anyone who joins in on the mining is doing two things: 1) joining in on the pyramid schemes (on which you as miner and cryptocurrency owner depend) 2) adding to more electricity waste.

As for GPUs. Once the shit hits the fan their price will freefall. If their price falls now, they're pretty much worthless. More so because many of them will be abused. GPUs aren't made to be used 24/7. But yeah, you can play games on all your 1080s...

Seems safer to me (if you're worried about a huge crash) to leave your principle investment equivalent amount on a good exchange with fiat support (e.g. Bitstamp) setup a sensible stop loss order and then, as soon as you've x2 your original investment, pull your initial stake out and leave the rest in crypto (on a Nano Ledger S or similar).

What if satoshi appeared and dumped his entire stake? That is probably the worst case scenario I can think of.

Sounds like a pretty good deal.

What you didn't take into you account as well was the fact that this is $3,000 if Ethereum doubles in price, $4,500 if it tripes like you specified.

The only way to avoid diminishing mining returns as difficulty increases is to swap to a new, lesser known coin. Eventually you run out of coins to swap to or the ones you are mining don't go up in value (because if they did, bigger miners would come in and knock you out of the game as the difficulty shoots up). All the time your GPUs are ageing too.

If you want a steady income with arguably a lesser risk profile and more staying power than personal mining offers, why not put some money in to coins that offer node payouts?

There's no way all these coins [1] retain proper value compared to NASDAQ [2]. Take AAPL for example: ~48% [3] in one year. GOOGL for example: ~36% [4] on one year.

[1] https://whattomine.com/calculators

[2] http://money.cnn.com/data/hotstocks/index.html

[3] http://money.cnn.com/quote/quote.html?symb=AAPL

[4] http://money.cnn.com/quote/quote.html?symb=GOOGL

As soon as a coin's value increases, more mining hash power enters the scene and difficulty shoots up (ruining your profit margin). You then swap to another coin, eventually the same thing happens. Rinse, repeat.

During all of this, you still have to make back your initial investment on the GPUs and power, then you have usually another 6-9 months max before your entire rig is too outdated and you have to start again buying newer, faster cards (which will then take you another 3-5 months just to earn back your cost).

Just seems a very painful and slow way to cash in on the crypto bonanza (which isn't going to last forever).

which cryptocurrency is this? I'm only getting <£3/day mining ETH on my 1080ti..

Mined coin is only just a little less traceable than exchange purchased coin.

In this market that just seems like the equivalent of burning your money in the street.

If anything, at this point (especially with more and more new coins adopting PoS rather than PoW) I'd say it's more risky than just buying a stable coin (ETH, BTC, LTC etc) and sitting on it for a year (and that's before factoring in the risk of lost potential earnings had you simply bought rather than mined or that your mining pool gets hacked).

After paying off the card (<=4 months of mining) all earnings from mining can be converted to USD for example on a monthly basis. The odds of even 1/10th of major coins switching to PoS in the near future is very low.

I completely agree that just owning coins has way more upside and I suspect you'll do very well! But I prefer the asymetrical mining returns - I have lots of upside and almost zero downside versus extreme upside and extreme downside (crash in coin prices, hacks, regulation, etc.) from owning coins. But to each their own!

So your options there are to either buy ETH on the market, or invest in a miner that will pay itself off in 3 months with ETH, then just provide pure profit for as long as it's, well, profitable.

Where on earth are you getting that statistic? Newegg sells GTX 1070 ti's for ~500 when they are in stock. Same with bhphotovideo.

Depending on what coin you mine you can net $8-10 dollars a day - then exchange it to ETH/LTC/XMR/etc.

Also factoring in the growth rate of the exchanged currency the ROI on that is less than 3 months.

I just stuck "GTX1070" in Amazon and that's the rough price that came up.

There is limited resale value in the cards (depreciation etc), but even after PoS hits there will be enough mineable things that selling them off wouldn't be necessary. Love or hate it, you could use a service like Nicehash.

It becomes unprofitable if the difficulty spikes, but not the value, so your hardware takes a long time to mine little. Often this happens between new technology generations, like when ASIC miners made GPU miners unusable for Bitcoin.

Right now Ethereum is still quite profitable to mine. I have a bunch of GTX1060's with a combined hashrate of 100MH/s running on an EthOS system. That's enough to earn between 0.35-0.4 ETH a month at the moment. The power usage is around 300W with some twiddling - around £25-30 per month.

You also have to consider speculative value of the coin. Suppose you were mining 1ETH a month back in January '17. Your monthly payout (about $30) would have barely covered electricity, but now 1ETH a month is practically a minimum wage salary. You need to be honest with yourself why you're doing it - are you making money to spend today or are you holding?

Classic capitalist view. It's not that miners are forced to reinvest, if all miners were satisfied with the status quo then it could continue and each miner would get the same returns - depending on the structure of the system, greater demand could even drive hash value up.

But miners aren't satisfied, they want more, and new miners want a go at picking from the money tree. So the available pickings get higher up (require more resource expenditure). In theory, and often practically, it drives optimisation. Ultimately the return should be so low as to match safe investment returns.

It seems it should be possibly to design a system such the the coin holders can effectively own the means of hash production, which would keep value in the system.

I would consider myself center-left and I think you're confusing "capitalism" with "realism".

Any political system that requires altruism towards strangers is doomed. Altruism grows out of community - and requires consequences for "bad" behaviour to some degree. Tragedy of the Commons and all that.

(Genuine question)

Unless you're lucky enough to mine two blocks in a row, I don't see how you can gain directly from malicious transaction reordering. You'll consume the first retrieve fee, but the second retrieve will be in a later block (which you probably won't mine).

I'm not saying this is ok, but I'm also not sure this particular situation is worth the effort to exercise.

Transaction insertion, however, sounds like it would be very effective for the case presented. On the other hand, how big a deal are "guessing game" dapps?

You can sum all this up by saying, "consolidation of mining power can be used to exploit the network at the cost of non-miners". But consolidation is a problem for reasons beyond just these examples.

Finally, if a network becomes so corrupt, people will move to a different cryptocurrency (which will lower the value of the corrupt network). Thus, the bad actors would be taking small short term gains at their own cost of long term survival (especially when considering sunk costs in hardware).

It might not be worth the effort when volume is low, but if you have a highly-used set of contracts susceptible to this, there will be a stronger incentive to take advantage of them. With high volume, if you do it only occasionally, you can gain an edge without necessarily revealing network corruption (unless someone is looking for it). Additionally, this kind of careful misbehavior can lead to consolidation---by allowing some clever miners to gain enough of an advantage to continually grow their operation.

Note also that only the most basic transaction reordering gains solely from transaction fees. Transaction insertion requires no further blocks, and forced errors can be used to subsidize miner transactions (rather than simply to gain later on). Lastly, censorship has more than economic advantages, depending on the underlying application.

If the whole network becomes corrupt, people will move; however, there's a lot of room between "enough malicious transactions to cause a problem" and "network is so corrupt people are leaving", particularly if a chain is popular. Indeed, if a chain is popular, "just leaving" is not necessarily an immediate option. The important thing is that, as a developer for a given chain, you want to make sure you're aware of these pitfalls (whichever ones apply to your chain---many will apply across many chains) so you can design around them. More than many platforms, building for public chains require adversarial thinking. Or perhaps better put, they should require adversarial thinking. It's easy to forget that when you're getting started.

This is even more true when you're building components that you intend others to build on, which is what we're doing. That's what motivates the interest we have on our team in these kinds of concerns. We feel they're important to share as development on public blockchains gains greater visibility, interest, and therefore new developers.

Sure, you can error out a transaction but what gain is to be had over just being a 'rational actor' and collecting the transaction fee rather than giving your rivals a potential payday?

Unless they have an extremely high probability of mining the follow-on transactions this attack seems to have a very low (or even negative) benefit.

Though I would posit that if this attack were ever consistently profitable the system would have a much bigger problem to deal with.

The funny thing about that is I'm funding my other needs for graphics cards[1] by mining. I wouldn't say I've "paid" $400 for any of them past the first one since all of the others have been funded with mining profits. And I probably wouldn't own three graphics cards were it not for mining.

At some point, I firmly believe, the bubble will pop on all of this and those cards will come back down to earth (I've been saying this for over 4 years, though, and have been wrong for at least that long). Until then, mining to buy video cards is always an option. :)

[0] Mining is kind of a secondary reason. The primary reason is that I wanted to learn CUDA and I know myself well enough to know that if I don't have a project in mind, I will never take the time to learn it, so I set about optimizing an existing CUDA mining implementation and set about learning it successfully.

[1] I play computer games pretty rarely, but I like to fuss around with modeling programs and having a few of these really speeds up rendering in programs that support IRAY. I'm using it for playing with ML code, as well, which wasn't enough of a project to get me interested in learning CUDA, but is enough to keep me interested now that I know the language a bit.

If nvidia is now in demand for mining, are people going for that because AMD is nowhere to be found and they're just going for the next-best thing, or has nvidia gotten better at this?

> There are two ways to increase mining profitability: generate more revenue, or reduce expenses.

No. There are more ways. Mining the right coin at the right time and selling it at the right time for example.

Mining has a lot of common ground with investing in the stock market. It's not that simple.

Also, how easy is it to detect that miners are doing these things? If it's not terribly difficult, then maybe a federated system would iron out some of the wrinkles?

Edit: Regarding detection, of course- but I'm not sure detection lends itself to a general solution outside name-and-shame. Most of these are things developers should code defensively against.

Disclosure: lead at Keep, edited this piece

Detection is hard. Like with selfish mining, it looks just like normal network operation in most cases. Most obvious mitigations don't work well either. E.g. we could try to establish canonical tx ordering in the tx pool. But then we would have to come to consensus about what the txpool is. Which is a bit of a chicken/egg problem.

There's a reason the valuations of Bitcoin and Ether waiver every time it seems a pool is coming close to 51% mining power, it's because everyone is scared of what happens when that happens.

In the real world, I think miners approaching 51% of mining power is an accidental and temporary thing. It means that the coin is overvalued, and investors are over investing in mining operations. As the article states, the amount of profit these operations turn really isn't that big. They're operating on thin margins, and operations going bankrupt is not unheard of.

There's simply no reason to go and "own" the network. Best case, you'll turn a loss, worst case, you destroy the network and lose your entire investment.

Blockchain's dependency on distributed computation remaining democratic with a diverse range of self-interests is axiomatic to the model.

If you get big enough and profitable enough, the miners will have an incentive to specifically refuse to include your maintenance transactions unless you include a large transaction fee - in other words, market segmentation for transactions.

As far as when does it becomes profitable to play games with consensus? Never. Most miners mine using pools like suprnova, ethermine, and nanopool. I don't have control over whether we are appropriately confirming transactions or not, but it would be pretty unwise for my pool to start violating consensus.

With PoS cheating is likely to become a bigger issue [1], since with PoW the miners who get punished will have wasted their time and electricity.

Would be great to hear comments from more knowledgable people.

[1] https://twitter.com/hugohanoi/status/951762596255838209

Block validation can only enforce certain kinds of rules, such as:

* People can only spend outputs they have the private key for

* You can't spend an output that has already been spent

* The block reward has a predetermined size

There are other kinds of rules that we don't know how to enforce yet. For example, we might want the rule, "Always create blocks with the top n transactions that offer the highest fee per byte, out of all the new transactions you've learned about". The trouble is that we don't know how to prove that a miner has learned of a transaction over the network. (Maybe there was a network partition, or maybe their internet connection died for a minute-- how can we tell between those conditions, and the case where the miner learned of but ignored a transaction?)

The "misbehaviors" listed in the article fall into this category: things we might like to make rules against, but don't know how to (or know how to, but haven't bothered yet).

[1] http://www.truthcoin.info/blog/pos-still-pointless/

[2] https://arxiv.org/abs/1706.05407

If you give people a certain block reward, say 1$ per year, then the capital they are willing to invest to gain that reward will be 1$ divided by the worldwide rate of capital returns at the given risk level.

The argument is that it doesn't matter if we are dealing with capital that is locked away in mining hardware + lost as electricity or in a smart contract. The total amount of "economic work" locked away will be the same.

I think that's correct. Proof of stake is not cheaper for the short-term economy than proof of work.

But what about the long term? 100 years? The kind of time frame that investors don't worry about, but we as mankind should?

I guess what I'm saying is that locking away capital today maybe has less long term damage than wasting extreme amounts of energy.

(1) Anyone can decide to become a 'randomness provider' by putting up a large security depsoit

(2) Every epoch (some number of blocks), each provider chooses a private random number and commits to it by publishing its hash

(3) During the next epoch but, each provider publishes the random they committed to earlier.

(4) xor together all the random values. The result is a pseudorandom number everyone can agree on, and which should be sufficiently good for many applications include PoS selection

If any provider fails to publish the random number they committed to, they lose their security deposit and there is no random value provided for the associated epoch. The process starts over.

If you're worried about bribing attacks over all providers, recognize that all we need is a single altruistic provider to keep the system safe. Altruistic behavior may be rare compared to selfish behavior, but I think we can usually rely on its nonzero presence.

If you're still really worried that collusion could be going on amongst ALL randomness providers, just become a provider yourself.

It's possible for a provider to wait for all other providers to reveal their values, and then privately determine whether or not the final random value would be favorable to them; they then have the option of canceling the epoch by keeping their private value hidden and losing their security deposit. This option (in combination with a particular application, and the size of the security deposit of providers) puts a bound on what the random value can be safely used for (e.g., if it's for a lottery, the expected value of another truly random swing at the jackpot has to be lower than the value of a security deposit).

You also need to be sure that the others don't ignore the single altruistic source.

In a byzantine system, you can't distinguish if somebody is offline or if the others are silencing him.

Well sure, but the code people run listens to all the providers. Everyone is listened to automatically. That's part of the social consensus encoded in software. If you don't follow along, you end up on your own fork. That's how these systems work — e.g, you also need to make sure that people don't "ignore" the consequences of failed hash checks throughout a cryptocurrency codebase.

It would be quite possible to run your provider on a machine hidden somewhere, and inject your transactions to nodes at random points in the network. It'd be pretty tough to silence someone directly.

Miner censorship attacks, e.g. a 51% attack, are also possible (i.e., all miners, or a sufficient majority, refuse to mine your tx until the epoch ends). This kind of censorship threat is always present for all kinds of transactions; in theory they're particularly pernicious for protocols like this one that require a tx to be submitted by a deadline. But no one is claiming that these systems are completely invulnerable to a misbehaving majority of miners or validators.

It works because the system can regress over time, e.g. value at t=n can be used to secure a greater amount of value at t=n+1. (Although value needn't be strictly increasing for system to operate; if value decreases, so do the security requirements)

1 - https://eprint.iacr.org/2016/1067.pdf

They are of course vulnerable to some amount of manipulation, but with a good algorithm that could be rendered sufficiently costly to become impractical.

Or is there an extra reward for the creator?

(They also pointed the issue that led to the DAO hack and recommended "value reverts to the sender upon exception".)

https://steemit.com/ethereum/@dhumphrey/f2pool-manipulates-u...

These are only serial dependent -- ie: A pays B, B pays C. You cannot reorder and still remain valid.

The security of the standard tx is the strength of the public key hash function RIPEMD-160. The security of Pay to Script Hash is finding a valid SHA256 collision with OPCODES.

The witness variants are a new tx format that uses less space (aka segwit).

The attack is simply a Denial of service, an attacker can block a tx. So if A pays B was never included in a block, B could never pay C.