Master Seed vs Private Key : BitcoinBeginners

Bitcoin Newcomers FAQ - Please read!

Welcome to the /Bitcoin Sticky FAQ

You've probably been hearing a lot about Bitcoin recently and are wondering what's the big deal? Most of your questions should be answered by the resources below but if you have additional questions feel free to ask them in the comments.
It all started with the release of the release of Satoshi Nakamoto's whitepaper however that will probably go over the head of most readers so we recommend the following videos for a good starting point for understanding how bitcoin works and a little about its long term potential:
Some other great resources include Lopp.net, the Princeton crypto series and James D'Angelo's Bitcoin 101 Blackboard series.
Some excellent writing on Bitcoin's value proposition and future can be found at the Satoshi Nakamoto Institute.
Some Bitcoin statistics can be found here and here. Developer resources can be found here. Peer-reviewed research papers can be found here.
Potential upcoming protocol improvements and scaling resources here and here.
The number of times Bitcoin was declared dead by the media can be found here (LOL!)

Key properties of Bitcoin

Where can I buy bitcoins?

Bitcoin.org and BuyBitcoinWorldwide.com are helpful sites for beginners. You can buy or sell any amount of bitcoin (even just a few dollars worth) and there are several easy methods to purchase bitcoin with cash, credit card or bank transfer. Some of the more popular resources are below, also check out the bitcoinity exchange resources for a larger list of options for purchases.
Here is a listing of local ATMs. If you would like your paycheck automatically converted to bitcoin use Bitwage.
Note: Bitcoins are valued at whatever market price people are willing to pay for them in balancing act of supply vs demand. Unlike traditional markets, bitcoin markets operate 24 hours per day, 365 days per year. Preev is a useful site that that shows how much various denominations of bitcoin are worth in different currencies. Alternatively you can just Google "1 bitcoin in (your local currency)".

Securing your bitcoins

With bitcoin you can "Be your own bank" and personally secure your bitcoins OR you can use third party companies aka "Bitcoin banks" which will hold the bitcoins for you.
Note: For increased security, use Two Factor Authentication (2FA) everywhere it is offered, including email!
2FA requires a second confirmation code to access your account making it much harder for thieves to gain access. Google Authenticator and Authy are the two most popular 2FA services, download links are below. Make sure you create backups of your 2FA codes.
Google Auth Authy OTP Auth
Android Android N/A
iOS iOS iOS

Watch out for scams

As mentioned above, Bitcoin is decentralized, which by definition means there is no official website or Twitter handle or spokesperson or CEO. However, all money attracts thieves. This combination unfortunately results in scammers running official sounding names or pretending to be an authority on YouTube or social media. Many scammers throughout the years have claimed to be the inventor of Bitcoin. Websites like bitcoin(dot)com and the btc subreddit are active scams. Almost all altcoins (shitcoins) are marketed heavily with big promises but are really just designed to separate you from your bitcoin. So be careful: any resource, including all linked in this document, may in the future turn evil. Don't trust, verify. Also as they say in our community "Not your keys, not your coins".

Where can I spend bitcoins?

Check out spendabit or bitcoin directory for millions of merchant options. Also you can spend bitcoin anywhere visa is accepted with bitcoin debit cards such as the CashApp card. Some other useful site are listed below.
Store Product
Gyft Gift cards for hundreds of retailers including Amazon, Target, Walmart, Starbucks, Whole Foods, CVS, Lowes, Home Depot, iTunes, Best Buy, Sears, Kohls, eBay, GameStop, etc.
Spendabit, Overstock and The Bitcoin Directory Retail shopping with millions of results
ShakePay Generate one time use Visa cards in seconds
NewEgg and Dell For all your electronics needs
Bitwa.la, Coinbills, Piixpay, Bitbill.eu, Bylls, Coins.ph, Bitrefill, LivingRoomofSatoshi, Coinsfer, and more Bill payment
Menufy, Takeaway and Thuisbezorgd NL Takeout delivered to your door
Expedia, Cheapair, Destinia, Abitsky, SkyTours, the Travel category on Gyft and 9flats For when you need to get away
Cryptostorm, Mullvad, and PIA VPN services
Namecheap, Porkbun Domain name registration
Stampnik Discounted USPS Priority, Express, First-Class mail postage
Coinmap and AirBitz are helpful to find local businesses accepting bitcoins. A good resource for UK residents is at wheretospendbitcoins.co.uk.
There are also lots of charities which accept bitcoin donations.

Merchant Resources

There are several benefits to accepting bitcoin as a payment option if you are a merchant;
If you are interested in accepting bitcoin as a payment method, there are several options available;

Can I mine bitcoin?

Mining bitcoins can be a fun learning experience, but be aware that you will most likely operate at a loss. Newcomers are often advised to stay away from mining unless they are only interested in it as a hobby similar to folding at home. If you want to learn more about mining you can read more here. Still have mining questions? The crew at /BitcoinMining would be happy to help you out.
If you want to contribute to the bitcoin network by hosting the blockchain and propagating transactions you can run a full node using this setup guide. If you would prefer to keep it simple there are several good options. You can view the global node distribution here.

Earning bitcoins

Just like any other form of money, you can also earn bitcoins by being paid to do a job.
Site Description
WorkingForBitcoins, Bitwage, Cryptogrind, Coinality, Bitgigs, /Jobs4Bitcoins, BitforTip, Rein Project Freelancing
Lolli Earn bitcoin when you shop online!
OpenBazaar, Purse.io, Bitify, /Bitmarket, 21 Market Marketplaces
/GirlsGoneBitcoin NSFW Adult services
A-ads, Coinzilla.io Advertising
You can also earn bitcoins by participating as a market maker on JoinMarket by allowing users to perform CoinJoin transactions with your bitcoins for a small fee (requires you to already have some bitcoins.

Bitcoin-Related Projects

The following is a short list of ongoing projects that might be worth taking a look at if you are interested in current development in the bitcoin space.
Project Description
Lightning Network Second layer scaling
Blockstream, Rootstock and Drivechain Sidechains
Hivemind and Augur Prediction markets
Tierion and Factom Records & Titles on the blockchain
BitMarkets, DropZone, Beaver and Open Bazaar Decentralized markets
JoinMarket and Wasabi Wallet CoinJoin implementation
Coinffeine and Bisq Decentralized bitcoin exchanges
Keybase Identity & Reputation management
Abra Global P2P money transmitter network
Bitcore Open source Bitcoin javascript library

Bitcoin Units

One Bitcoin is quite large (hundreds of £/$/€) so people often deal in smaller units. The most common subunits are listed below:
Unit Symbol Value Info
bitcoin BTC 1 bitcoin one bitcoin is equal to 100 million satoshis
millibitcoin mBTC 1,000 per bitcoin used as default unit in recent Electrum wallet releases
bit bit 1,000,000 per bitcoin colloquial "slang" term for microbitcoin (μBTC)
satoshi sat 100,000,000 per bitcoin smallest unit in bitcoin, named after the inventor
For example, assuming an arbitrary exchange rate of $10000 for one Bitcoin, a $10 meal would equal:
For more information check out the Bitcoin units wiki.
Still have questions? Feel free to ask in the comments below or stick around for our weekly Mentor Monday thread. If you decide to post a question in /Bitcoin, please use the search bar to see if it has been answered before, and remember to follow the community rules outlined on the sidebar to receive a better response. The mods are busy helping manage our community so please do not message them unless you notice problems with the functionality of the subreddit.
Note: This is a community created FAQ. If you notice anything missing from the FAQ or that requires clarification you can edit it here and it will be included in the next revision pending approval.
Welcome to the Bitcoin community and the new decentralized economy!
submitted by BitcoinFan7 to Bitcoin [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethereum [link] [comments]

How to reduce your crypto capital gains by 50%

Not a clickbait title. I've imported my trades in Contracking.info (so they all have transaction IDs) and I've toggled "Group all purchases by day" and "Use Depot separation (tax lots)". The difference between one combination and another was 20% in short-term capital gains. Not bad. We're not even going into FIFO vs. LIFO.
Then I switched from FIFO to LIFO (which is legal since the 2019 guidance, more specifically Q38 & Q39 in this IRS FAQ), for a further reduction of another 30%.
The best combo has been HPFO with "Group all purchases by day". The difference between that and the worst method (LAFO) is 9.5x. As in, financially ruined, vs. actually able to pay.
UPDATE1: At the end of August, Cointracking introduced an "optimized" price calculation method ("OPTI"). It reduces my gains for some years, and increases them in others in which I only had losses. May be worth using it if,
From the CryptoTrader.tax link above,
It’s important to note that the IRS likes to be retroactive when it issues guidance. For instance, Notice 2019-24, which was the most recent guidance released that provided clarity to this specific identification question, was issued in 2019, but still can be applied to transactions that took place before 2019. This means that certain taxpayers who used FIFO in previous years may be able to reasonably go back and amend previous years tax returns using a different, specific identification costing method.
From the IRS FAQ, A39:
You may identify a specific unit of virtual currency either by documenting the specific unit’s unique digital identifier such as a private key, public key, and address, or by records showing the transaction information for all units of a specific virtual currency, such as Bitcoin, held in a single account, wallet, or address.
UPDATE2: I've written a separate post comparing different crypto tax accounting methods after I finished entering all my 14,000+ transactions. HPFO won.
UPDATE3: I've tested HPFO in Cointracking.info vs. HPFO in Bitcoin.tax. Cointracking won by about 10%. I guess this might be due to the "group by day" feature. BUT, Bitcoin.tax won by a landslide overall, because it allows selecting different accounting methods per asset (e.g. HPFO for BTC and AVCO for ETH). This has saved me thousands of dollars compared to Cointracking.info.
TL;DR:
QUESTIONS:
  1. Is all of this right, or am I missing something? 'Cuz it does sound like a bit of a joke that just by toggling some settings in Cointracking, e.g. "Group by day", you can literally end up (not) having to pay tens of thousands of dollars.
  2. Where on your tax return do you report the accounting method used, or how you've identified the trades?
submitted by bigoaktrees to CryptoTax [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to privacycoins [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to CryptoCurrencies [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethtrader [link] [comments]

Best General RenVM Questions of March 2020

Best General RenVM Questions of March 2020

\These questions are sourced directly from Telegram*

Q: How do I shutdown my Chaosnet Darknode? A: Please follow these directions: https://docs.renproject.io/chaosnet/chaosnet-darknode/untitled-3

Q: Can I run a Chaosnet Darknode and Mainnet Darknode at the same time (on the same computer). A: No, if you want to do that you’ll have to run them on separate computers.

Q: You mentioned DCEP in your latest piece and "12 App Ideas", but it's going to run on a centralized private network. The Bank of England also just released a report on how they're thinking about their CBDC and DLT/centralization, and stress that a DLT could add resilience, but there's also no reason a currency couldn't be more centralized. The Block reported that other central banks (like the EU and Singapore) are considering third-party chains like Corda. Can you comment on which CBDC designs may or may not be compatible with RZL? You previously said "RZL sMPC provides ECDSA signatures because that’s what it is used by Ethereum, Bitcoin, etc. Whatever solution they come up with, will be the solution that RZL has to be upgraded to use (the whole point of RenVM is not to tell other chains how to do things, and still provide interop; this means waiting on them to define their solution and then working with that)." So, what does centralization mean for RZL, and how can we think about compatibility between these designs on the technical side?
A: The topic of centralisation in interoperability comes down to the compounding effect of using multiple networks. Put another way “you’re only as decentralised as your most centralised component”. While there are nuances to this, the core idea rings true.
RenVM can be used to interoperate many different kinds of chains (anything using ECDSA, or naturally supporting lively threshold signatures) is a candidate to be included in RenVM. However, a centralised currency that has been bridged to a decentralised chain is not decentralised. The centralised entity that controls the currency might say “nothing transferred to/from this other chain will be honoured”. That’s a risk that you take with centralised currencies (take a look at the T&Cs for USDC for example).
The benefit of RenVM in these instances is to become a standard. Short-term, RenVM brings interoperability to some core chains. Medium-term, it expands that to other more interesting chains based on community demands. Long-term, it becomes the standard for how to implement interop. For example: you create a new chain and don’t worry about interop explicitly because you know RenVM will have your back. For centralised currencies this is still advantageous, because the issuing entity only has to manage one chain (theirs) but can still get their currency onto other chains/ecosystems.
From a technical perspective, the Darknodes just have to be willing to adopt the chain/currency.

Q: dApps will have their own risk tolerances for centralized assets. Eg USDC was a bigger deal for MakerDAO than Uniswap. If CBDC liquidity were suddenly bridgeable, some dApps would be more eager to adopt it than others - even despite the risks - because they provide native liquidity and can be used to store/hedge in it without cashing it out. My question is more technical as it relates to RenVM as the "Universal Stablecoin Converter". You sound convinced that RenVM can bridge Libra, DCEP, maybe other CBDCs in the future, but I'm skeptical how RenVM works with account-based currencies. (1) Are we even sure of DCEP's underlying design and whether it or other CBDCs even plan to use digital signatures? And (2) wouldn't RenVM need a KYC-approved account to even get an address on these chains? It seems like DCEP would have to go through a Chinese Circle, who would just issue an ERC20.
A: As far as underlying blockchain technology goes (eg the maths of it) I don’t see there being any issues. Until we know more about whether or not KYCd addresses are required (and if they are, how they work), then I can’t specifically comment on that. However, it is more than possible not to require RenVM to be KYCd (just like you can’t “KYC Ethereum”) and instead move that requirement to addresses on the host blockchain (eg KYC Ethereum addresses for receiving the cross-chain asset). Whether this happens or not would ultimately be up to whether the issuer wanted interoperability to be possible.

Q: In that scenario, how would RenVM even receive the funds to be transferred to the KYC'd Ethereum address? For Alice to send DCEP to Bob's KYC'd Ethereum address, RenVM would need a DCEP address of its own, no?
A: Again, this is impossible to say for certain without knowing the implementation of the origin chain. You could whitelist known RenVM scripts (by looking at their form, like RenVM itself does on Bitcoin). But mostly likely, these systems will have some level of smart contract capabilities and this allows very flexible control. You can just whitelist the smart contract address that RenVM watches for cross-chain events. In origin chains with smart contracts, the smart contract holds the funds (and the keys the smart contract uses to authorise spends are handled as business logic). So there isn’t really a “RenVM public address” in the same sense that there is in Bitcoin.
Q: The disbonding period for Darknodes seem long, what happens if there is a bug?
A: It’s actually good for the network to have a long disbonding period in the face of a bug. If people were able to panic sell, then not only would the bug cause potential security issues, but so too would a mass exodus of Darknodes from the network.
Having time to fix the bug means that Darknodes may as well stick around and continue securing the network as best they can. Because their REN is at stake (as you put it) they’re incentivised to take any of the recommended actions and update their nodes as necessary.
This is also why it’s critical for the Greycore to exist in the early days of the network and why we are rolling out SubZero the way that we are. If such a bug becomes apparent (more likely in the early days than the later days), then the Greycore has a chance to react to it (the specifics of which would of course depend on the specifics of the bug). This becomes harder and slower as the network becomes more decentralised over time.
Not mcap, but the price of bonded Ren. Furthermore, the price will be determined by how much fees darknodes have collected. BTW, loongy could you unveil based on what profits ratio/apr the price will be calculated?
This is up to the Darknodes to governance softly. This means there isn’t a need for an explicit oracle. Darknodes assess L vs R individually and vote to increase fees to drive L down and drive R up. L is driven down by continue fees, whereas R is driven up by minting/burning fees.

Q: How do you think renvm would perform on a day like today when even cexs are stretched. Would the system be able to keep up?
A: This will really depend on the number of shards that RenVM is operating. Shards operate in parallel so more shards = more processing power.

Q: The main limiting factor is the speed of the underlying chain, rather than RenVM?
A: That’s generally the case. Bitcoin peaks at about 7 TPS so as long as we are faster than this, any extra TPS is “wasted”. And you actually don’t want to be faster than you have to be. This lets you drop hardware requirements, and lowering the cost of running a Darknode. This has two nice effects: (a) being an operator generates more profit because costs are lower, and (b) it’s more accessible to more people because it’s a little cheaper to get started (albeit this is minor).

Q: Just getting caught up on governance, but what about: unbonded REN = 1 vote, bonded REN = (1 vote + time_served). That'd be > decentralization of Darknodes alone, an added incentive to be registered, and counter exchanges wielding too much control.
A: You could also have different decaying rates. For example, assuming that REN holders have to vote by “backing” the vote of Darknodes:
Let X be the amount of REN used to voted, backed behind a Darknode and bonded for T time.
Let Y be the amount of time a Darknode has been active for.
Voting power of the Darknode could = Sqrt(Y) * Log(X + T)
Log(1,000,000,000) = ~21 so if you had every REN bonded behind you, your voting power would only be 21x the voting power of other nodes. This would force whales to either run Darknodes for a while and contribute actively to the ecosystem (or lock up their REN for an extended period for addition voting power), and would force exchanges to spread their voting out over many different nodes (giving power back to those running nodes). Obviously the exchange could just run lots of Darknodes, but they would have to do this over a long period of time (not feasible, because people need to be able to withdraw their REN).

Q: Like having superdelegates, i.e, nodes trusted by the community with higher voting power? Maybe like council nodes
A: Well, this is essentially what the Greycore is. Darknodes that have been voted in by the community to act as a secondary signature on everything. (And, interestingly enough, you could vote out all members to remove the core entirely.)

Q: Think the expensive ren is a security feature as well. So, doubt this would impact security potentially? I don’t know. I wouldn’t vote to cut my earnings by 40% for example lol
A: It can lead to centralisation over time though. If 100K REN becomes prohibitively expensive, then you will only see people running Darknodes that can afford a large upfront capital investment. In the mid/long-term this can have adverse effects on the trust in the system. It’s important that people “external” to the system (non-Darknodes) can get themselves into the system. Allowing non-Darknodes to have some governance (even if it’s not overall things) would be critical to this.

Q: That darknode option sounds very interesting although it could get more centralized as the price of 100k Ren rises.For instance dark nodes may not want to vote to lower the threshold from 100k to 50k once Ren gets too expensive.
A: A great point. And one of the reasons it would be ideal to be able to alter those parameters without just the Darknodes voting. Otherwise, you definitely risk long-term centralisation.

Q: BTC is deposited into a native BTC address, but who controls this address (where/how is this address’s private key stored)?
A: This is precisely the magic behind RenVM. RenVM uses an MPC algorithm to generate the controlling private key. No one ever sees this private key, and no one can sign things with it without consensus from everyone else.
submitted by RENProtocol to RenProject [link] [comments]

/r/Bitcoin FAQ - Newcomers please read

Welcome to the /Bitcoin Sticky FAQ

You've probably been hearing a lot about Bitcoin recently and are wondering what's the big deal? Most of your questions should be answered by the resources below but if you have additional questions feel free to ask them in the comments.
The following videos are a good starting point for understanding how bitcoin works and a little about its long term potential:
For some more great introductory videos check out Andreas Antonopoulos's YouTube playlists, he is probably the best bitcoin educator out there today. Also have to give mention to James D'Angelo's Bitcoin 101 Blackboard series. Lots of additional video resources can be found at the videos wiki page or /BitcoinTV.
Key properties of bitcoin
Some excellent writing on Bitcoin's value proposition and future can be found here. Bitcoin statistics can be found here, here and here. Developer resources can be found here and here. Peer-reviewed research papers can be found here. The number of times Bitcoin was declared dead by the media can be found here. Scaling resources here, and of course the whitepaper that started it all.

Where can I buy bitcoins?

BuyBitcoinWorldwide.com and Howtobuybitcoin.io are helpful sites for beginners. You can buy or sell any amount of bitcoin and there are several easy methods to purchase bitcoin with cash, credit card or bank transfer. Some of the more popular resources are below, also, check out the bitcoinity exchange resources for a larger list of options for purchases.
Bank Transfer Credit / Debit card Cash
Coinbase Coinbase LocalBitcoins
Gemini Bitstamp LibertyX
GDAX Bitit Mycelium LocalTrader
Bitstamp Cex.io BitQuick
Kraken CoinMama WallofCoins
Xapo BitcoinOTC
Cex.io
itBit
Bitit
Bitsquare
Here is a listing of local ATMs. If you would like your paycheck automatically converted to bitcoin use Cashila or Bitwage.
Note: Bitcoins are valued at whatever market price people are willing to pay for them in balancing act of supply vs demand. Unlike traditional markets, bitcoin markets operate 24 hours per day, 365 days per year. Preev is a useful site that that shows how much various denominations of bitcoin are worth in different currencies. Alternatively you can just Google "1 bitcoin in (your local currency)".

Securing your bitcoins

With bitcoin you can "Be your own bank" and personally secure your bitcoins OR you can use third party companies aka "Bitcoin banks" which will hold the bitcoins for you.
Android iOs Desktop
Mycelium BreadWallet Electrum
CoPay AirBitz Armory
Another interesting use case for physical storage/transfer is the Opendime. Opendime is a small USB stick that allows you to spend Bitcoin by physically passing it along so it's anonymous and tangible like cash.
Note: For increased security, use Two Factor Authentication (2FA) everywhere it is offered, including email!
2FA requires a second confirmation code to access your account, usually from a text message or app, making it much harder for thieves to gain access. Google Authenticator and Authy are the two most popular 2FA services, download links are below. Make sure you create backups of your 2FA codes.
Google Auth Authy
Android Android
iOS iOS

Where can I spend bitcoins?

A more comprehensive list can be found at the Trade FAQ but some more commons ones are below.
Store Product
Gyft Gift cards for hundreds of retailers including Amazon, Target, Walmart, Starbucks, Whole Foods, CVS, Lowes, Home Depot, iTunes, Best Buy, Sears, Kohls, eBay, GameStop, etc.
Steam, HumbleBundle, Games Planet, itch.io, g2g and kinguin For when you need to get your game on
Microsoft Xbox games, phone apps and software
Spendabit, The Bitcoin Shop, Overstock, DuoSearch, The Bitcoin Directory and BazaarBay Retail shopping with millions of results
ShakePay Generate one time use Visa cards in seconds
NewEgg and Dell For all your electronics needs
Cashila, Bitwa.la, Coinbills, Piixpay, Bitbill.eu, Bylls, Coins.ph, Bitrefill, Pey.de, LivingRoomofSatoshi, Hyphen.to, Coinsfer, GetPaidinBitcoin, Coins.co.th, More #1, #2 Bill payment
Foodler, Menufy, Takeaway, Thuisbezorgd NL, Pizza For Coins Takeout delivered to your door!
Expedia, Cheapair, Lot, Destinia, BTCTrip, Abitsky, SkyTours, Fluege the Travel category on Gyft and 9flats For when you need to get away
BoltVM, BitHost VPS service
Cryptostorm, Mullvad, and PIA VPN services
Namecheap, Porkbun For new domain name registration
Stampnik and GetUSPS Discounted USPS Priority, Express, First-Class mail postage
Reddit Gold Premium membership which can be gifted to others
Coinmap, 99Bitcoins and AirBitz are helpful to find local businesses accepting bitcoins. A good resource for UK residents is at wheretospendbitcoins.co.uk.
There are also lots of charities which accept bitcoin donations, such as Wikipedia, Red Cross, Amnesty International, United Way, ACLU and the EFF. You can find a longer list here.

Merchant Resources

There are several benefits to accepting bitcoin as a payment option if you are a merchant;
If you are interested in accepting bitcoin as a payment method, there are several options available;

Can I mine bitcoin?

Mining bitcoins can be a fun learning experience, but be aware that you will most likely operate at a loss. Newcomers are often advised to stay away from mining unless they are only interested in it as a hobby similar to folding at home. If you want to learn more about mining you can read more here. Still have mining questions? The crew at /BitcoinMining would be happy to help you out.
If you want to contribute to the bitcoin network by hosting the blockchain and propagating transactions you can run a full node using this setup guide. Bitseed is an easy option for getting set up. You can view the global node distribution here.

Earning bitcoins

Just like any other form of money, you can also earn bitcoins by being paid to do a job.
Site Description
WorkingForBitcoins, Bitwage, XBTfreelancer, Cryptogrind, Bitlancerr, Coinality, Bitgigs, /Jobs4Bitcoins, Rein Project Freelancing
OpenBazaar, Purse.io, Bitify, /Bitmarket, 21 Market Marketplaces
Watchmybit, Streamium.io, OTika.tv, XOtika.tv NSFW, /GirlsGoneBitcoin NSFW Video Streaming
Bitasker, BitforTip, WillPayCoin Tasks
Supload.com, SatoshiBox, JoyStream, File Army File/Image Sharing
CoinAd, A-ads, Coinzilla.io Advertising
You can also earn bitcoins by participating as a market maker on JoinMarket by allowing users to perform CoinJoin transactions with your bitcoins for a small fee (requires you to already have some bitcoins)

Bitcoin Projects

The following is a short list of ongoing projects that might be worth taking a look at if you are interested in current development in the bitcoin space.
Project Description
Lightning Network, Amiko Pay, and Strawpay Payment channels for network scaling
Blockstream and Drivechain Sidechains
21, Inc. Open source library for the machine payable web
ShapeShift.io Trade between bitcoins and altcoins easily
Open Transactions, Counterparty, Omni, Open Assets, Symbiont and Chain Financial asset platforms
Hivemind and Augur Prediction markets
Mirror Smart contracts
Mediachain Decentralized media library
Tierion and Factom Records & Titles on the blockchain
BitMarkets, DropZone, Beaver and Open Bazaar Decentralized markets
Samourai and Dark Wallet - abandoned Privacy-enhancing wallets
JoinMarket CoinJoin implementation (Increase privacy and/or Earn interest on bitcoin holdings)
Coinffeine and Bitsquare Decentralized bitcoin exchanges
Keybase and Bitrated Identity & Reputation management
Bitmesh and Telehash Mesh networking
JoyStream BitTorrent client with paid seeding
MORPHiS Decentralized, encrypted internet
Storj and Sia Decentralized file storage
Streamium and Faradam Pay in real time for on-demand services
Abra Global P2P money transmitter network
bitSIM PIN secure hardware token between SIM & Phone
Identifi Decentralized address book w/ ratings system
Coinometrics Institutional-level Bitcoin Data & Research
Blocktrail and BitGo Multisig bitcoin API
Bitcore Open source Bitcoin javascript library
Insight Open source blockchain API
Leet Kill your friends and take their money ;)

Bitcoin Units

One Bitcoin is quite large (hundreds of £/$/€) so people often deal in smaller units. The most common subunits are listed below:
Unit Symbol Value Info
millibitcoin mBTC 1,000 per bitcoin SI unit for milli i.e. millilitre (mL) or millimetre (mm)
microbitcoin μBTC 1,000,000 per bitcoin SI unit for micro i.e microlitre (μL) or micrometre (μm)
bit bit 1,000,000 per bitcoin Colloquial "slang" term for microbitcoin
satoshi sat 100,000,000 per bitcoin Smallest unit in bitcoin, named after the inventor
For example, assuming an arbitrary exchange rate of $500 for one Bitcoin, a $10 meal would equal:
For more information check out the Bitcoin units wiki.
Still have questions? Feel free to ask in the comments below or stick around for our weekly Mentor Monday thread. If you decide to post a question in /Bitcoin, please use the search bar to see if it has been answered before, and remember to follow the community rules outlined on the sidebar to receive a better response. The mods are busy helping manage our community so please do not message them unless you notice problems with the functionality of the subreddit. A complete list of bitcoin related subreddits can be found here
Note: This is a community created FAQ. If you notice anything missing from the FAQ or that requires clarification you can edit it here and it will be included in the next revision pending approval.
Welcome to the Bitcoin community and the new decentralized economy!
submitted by BinaryResult to Bitcoin [link] [comments]

AMA - Community Edition

Updated:
11) $5m buyback
12) Release of yp part 3?
13) It is allegedly possible that ICX supply can be doubled in only 4 years thanks to a whopping 20% annual token inflation
14) One of the things that got me excited about crypto was that there was no inflation. I'm a bit disappointed in Icons approach here.
15) Where is the DEX?
16) How far are we from interoperability? Am I correct in saying that interoperability is years from completion?
I'll be answering all questions to the best of my knowledge, this list will update regularly.
1) Clear description how icx will go up by benefiting from the line partnership. -> 2 or 3 practical examples.
Don't forget Unchain is a joint venture, so Unchain is ICON's company as well, their success is directly beneficial to ICON. In a recent interview w Brad, Henry also shed some light regarding this JV and that it is way beyond a simple partnership agreement https://youtu.be/paFYyt1hVWc?t=155
2) Clear description how icx will go up by building private blockchains and connecting them. -> 2 or 3 practical examples.
I answered this to someone on telegram a couple days ago. Here's my example,
"So I asked what's the use for icx with private chains. They have no reason to connect to the public chain and they have no reason to tokenzie their business."
The missing link is interoperability. The private chains need a way to communicate w each other, this is actually how the ICON project was conceived. ICONLOOP(loopchain then) offered blockchain solutions to enterprises and consortiums, but they had no way to interoperate
So I think the argument originated from, if the design paradigm is emergent for private chains to go public, or interoperate through a public chain as a common block
We've heard about those use cases and see actual implementations from U-coin vending machines to hospitals making insurance claims etc
I agree in some cases it doesn't make sense for private chains to go public, if its designing a problem to solve, lets not do that
but i'd say, a random guess, that 90%+ of the private chains have a reason to connect, much like intranet/internet
Let me try another example, we've heard the hospital/insurance too many times
Let's say there's a trade financing supply system of a large manufacturer w thousands of vendors
before their enrollment, you'll probably need to do some identity and reputation check in the public chain (common services like ID validation should readily be available as a public service, like chainID)
that will validate their legitimacy.. then next step is prolly for the vendors who need the trade financing where they need a more complex system like a stable coin to avoid volatility.. and move the money around
instead of rebuilding a coin, they could adopt a coin system within the ICON network
then what happens next.. i guess disputes w goods lost or quality problems.. again, vendors can call for a public arbitration system where there'll be a network of lawyers who specialize in cross-border disputes or arbiters to provide the service
so we need a chain of services that can be called throughout the life cycle, interoperable between private and public chains
there are plenty more use cases, but its not a hard choice to make, its definitely possible to have a common meeting point while maintaining sensitive information within their local blockchain
In the example above, nothing is tokenized, their businesses are on the private blockchain without a native coin, but they use the common services from the public like stable coins or arbitration system
3) Monthly or quartal reports on partnerships, marketing, and the tech.
You mean something like this? https://medium.com/helloiconworld/icon-3q-achievements-8c42ea798a0b
4) Opinion why korean people dont bring icx volume on korean exchanges.
I don't think even president Moon has an answer to this :P But are people really this patriotic when it comes to money? Do Americans invest in American ICOs for being made in USA? I guess some will, but this is not (and shouldn't be) the main driving force of token demand.
5) Clarification what kind of understanding we should have about this 124 teampower - are they employees with 40 hours/week working contracts or just 2 hours, cooperations partners, freelancer, what ever.
I paid a visit to the KR office a couple months back, it was like a giant coding factory running full steam. I can attest to this, they're full time employees working around the clock.
6) Roadmap - stop giving yourself room for delays and interpretations by not offering a roadmap.
My suggestion on this one is to have a % completion roadmap with change logs. I think most people are more interested in progress, less deadlines.
7) Quarterly AMAs.
Sounds good.
8) Why the hell are ICON members still advisors at Sentinel Protocol, a ICO that promoted itself using icon as blockchain and then moving to EOS.
As far as I can tell, the two teams are still in good relationships. Timing was unfortunate, SP always had their first product (uppward) scheduled to launch shortly after their fundraising. Public presale also ended a lot faster than expected (scheduled to run for a week, ended in 3 minutes). During the period ICON was migrating to mainnet V3 and doing token swap. It made sense for them to deploy on a working platform, without compromising their schedule. Their team also said that they haven't ruled out the possibility to migrate back to ICON (although I think its less likely this day).
9) Spend some money on an english translation expert for you social media appearance.
The translations (YouTube subtitles) were a bit sloppy I agree, understandable enough but they should definitely spend more time proof reading, professional presentation is a thing.
10) How much from the received ICO money/ether has been provided directly or indirectly to iconloop.
The raised ETH from ICO are barely spent, you can check on etherscan from the contribution address.
11) $5m buyback
From the key announcement by ICON foundation’s CFO Jay, the repurchase program is a pending legal matter, after consultation with law firms they’ll proceed with the buyback. https://youtu.be/keDitkWssv8?t=160
The team stated two main intentions for conducting this program,
If you read between the lines from the buyback announcement https://medium.com/helloiconworld/key-announcements-from-icon-8ea0f5a18d6f
Repurchases under the foundation’s program will be made in open market or privately negotiated transactions subject to market conditions, applicable legal requirements, and other relevant factors.
What this is saying is that, the buyback has no intention to create short term pumps, otherwise all purchases would’ve been made in the open market under a timed schedule. What this also implies is that, there won’t be a public wallet with an open schedule, to avoid legal obligations (insider trading) or unintended purposes (manipulation).
So what is to be expected? Giving a deadline won't make sense because everything can be timed, so my take is that an announcement will be made after the repurchase has been completed. I don't think anyone can take advantage of this program but will still benefit directly with $5M worth of tokens off the market supply.
12) Release of yp part 3?
This is expectedly a highly anticipated yellow paper, as it will likely outline all the details we need to know about staking. This YP however is not just a simple table with your annual returns, this is also technically far more complex than the previous two YPs.
I provided a very simplified explanation for IISS in this thread: https://twitter.com/2infiniti/status/1020141186797846529
IISS is however a lot more complicated than this, it is a full AI based incentive scoring system to explore the optimal incentive scheme to vitalize the ecosystem. On top of incentives, it is also the base metrics for governance policies (voting). Incentives are designed with token economic studies, to reinforce target behavior, based on operant conditioning principles, eg. dormant accounts, distribution schemes based on activity levels, penalties for malicious nodes etc, and it is very difficult to get right.
If you look into the WP, IISS further explored with things like mitigation of inequalities, weighted average and adjustment, efficiency of IISS, fairness of distribution, prevention of misusage and many other topics explored in depth.
The point is, this YP is very complex, and personally I’d wish the team to take as much time as it needs to get it done right. IISS will ultimately decide the overall health of our ecosystem, its sustainability and well, our passive income.
With that said, I am also with you that I’d love to see the details asap, as I have plans to build a tool similar to the Virtual Step Calculator where people can easily calculate their returns. From the announcement at least, it does look like the team is close to completion and labeled the release "soon", so let's just have a little patience and let them do all the necessary last checks.
Also as a reality check, YPs are researches that need to be formalized, implemented and iterated enough times before an official release. So please don’t expect to start staking right away when YP pt3 sees the light.
13) It is allegedly possible that ICX supply can be doubled in only 4 years thanks to a whopping 20% annual token inflation
Please go to this thread for my explanation: https://twitter.com/2infiniti/status/1060397068852748288
14) One of the things that got me excited about crypto was that there was no inflation. I'm a bit disappointed in Icons approach here.
Most crypto token issuance models can be broken down into these 3 categories
All of the above models can work in their own ways, depending on the behavior its trying to incentivize. Sustainable crypto economies are backed by a recursive loop of value transfer that all participants are incentivized to participate in. The goal is to create an incentive loop that all parties act in their own self-interest, then creating greater value.
Let’s take a look at bitcoin’s incentive loop, a simple model where mining is profitable, more miners create more security and security adds intrinsic value.
Mine bitcoin -> market dynamics decide value -> incentive to mine -> security of network increases -> more incentive to mine ←|
Augur’s case
Trusted prediction platform -> more stakes in events -> more incentive for REP holders to verify truth -> more people verifying, more trusted ←|
In ICON’s case, incentives are centered around i_score, which is a function of activities within the network. The incentive loop would look something like this
I_score rewards and governance control (votes) -> more incentive to participate in activities and governance policies -> increased network security and activity ←|
Similar incentive loop found in SCORE
SCORE staking (virtual steps) -> increased activities -> sustainable SCOREs ←|
Now for continuous issuance models, the goals are no different from other models. They want to issue tokens, just enough that it is optimal for maintaining security and encourage participations, creating a healthy incentive loop.
But can’t these models infinitely issue to a point where my money is worth next to nothing?
Yes, this is in theory possible. For Ethereum, with majority of network miners approving such change (say removing ice age), and a new Ethereum client to accommodate this change, resulting in an issuance similar to a 51% attack. Since issued ETH is also linked to the value of a single token, this will render ETH much less valuable. In practice, this is extremely unlikely to happen, as miners are financially discouraged by doing so, since they have much more to lose, just part of the game theory.
ICON’s issuance is a system implementation which depends on activities happening in the network. There are also preventive measures such as issuance upper bound and representative mitigations. I explained issuance model in full in this thread: https://twitter.com/2infiniti/status/1060397068852748288
15) Where is the DEX?
For this one hear the explanation directly from Min: https://youtu.be/tk2tZpnrI0o?t=1662
16) How far are we from interoperability? Am I correct in saying that interoperability is years from completion?
Not entirely. Interoperability will likely take a few phases to roll out, what we should be anticipating for right now is BTP (Blockchain TransfeTransmission Protocol) specification.
What is exactly is BTP?
From the abstract level, BTP creates a mechanism by which two channels may pass messages to each other. BTP assumes that multiple channels (eg. private blockchains from ICONLOOP) running on the ICON network under their own state and logic, at the same time connecting to the base channel for consensus mechanism. This is the simplest form of interoperability.
Down the road we should expect more and more advanced versions, handling threat models, connection lifecycles, asynchronous requests, and all sorts of optimization and so forth. This is enabling interoperability between blockchains one phase at a time, gradually reaching the end game of hyperconnecting the world.
So how long is this going to take?
I do not know. But the purpose of this reply is to explain that interoperability is not an on-off switch, but will likely take many phases to roll out.
submitted by msg2infiniti to helloicon [link] [comments]

Your Guide to Monero, and Why It Has Great Potential

/////Your Guide to Monero, and Why It Has Great Potential/////

Marketing.
It's a dirty word for most members of the Monero community.
It is also one of the most divisive words in the Monero community. Yet, the lack of marketing is one of the most frustrating things for many newcomers.
This is what makes this an unusual post from a member of the Monero community.
This post is an unabashed and unsolicited analyzation of why I believe Monero to have great potential.
Below I have attempted to outline different reasons why Monero has great potential, beginning with upcoming developments and use cases, to broader economic motives, speculation, and key issues for it to overcome.
I encourage you to discuss and criticise my musings, commenting below if you feel necessary to do so.

///Upcoming Developments///

Bulletproofs - A Reduction in Transaction Sizes and Fees
Since the introduction of Ring Confidential Transactions (Ring CT), transaction amounts have been hidden in Monero, albeit at the cost of increased transaction fees and sizes. In order to mitigate this issue, Bulletproofs will soon be added to reduce both fees and transaction size by 80% to 90%. This is great news for those transacting smaller USD amounts as people commonly complained Monero's fees were too high! Not any longer though! More information can be found here. Bulletproofs are already working on the Monero testnet, and developers were aiming to introduce them in March 2018, however it could be delayed in order to ensure everything is tried and tested.
Multisig
Multisig has recently been merged! Mulitsig, also called multisignature, is the requirement for a transaction to have two or more signatures before it can be executed. Multisig transactions and addresses are indistinguishable from normal transactions and addresses in Monero, and provide more security than single-signature transactions. It is believed this will lead to additional marketplaces and exchanges to supporting Monero.
Kovri
Kovri is an implementation of the Invisible Internet Project (I2P) network. Kovri uses both garlic encryption and garlic routing to create a private, protected overlay-network across the internet. This overlay-network provides users with the ability to effectively hide their geographical location and internet IP address. The good news is Kovri is under heavy development and will be available soon. Unlike other coins' false privacy claims, Kovri is a game changer as it will further elevate Monero as the king of privacy.
Mobile Wallets
There is already a working Android Wallet called Monerujo available in the Google Play Store. X Wallet is an IOS mobile wallet. One of the X Wallet developers recently announced they are very, very close to being listed in the Apple App Store, however are having some issues with getting it approved. The official Monero IOS and Android wallets, along with the MyMonero IOS and Android wallets, are also almost ready to be released, and can be expected very soon.
Hardware Wallets
Hardware wallets are currently being developed and nearing completion. Because Monero is based on the CryptoNote protocol, it means it requires unique development in order to allow hardware wallet integration. The Ledger Nano S will be adding Monero support by the end of Q1 2018. There is a recent update here too. Even better, for the first time ever in cryptocurrency history, the Monero community banded together to fund the development of an exclusive Monero Hardware Wallet, and will be available in Q2 2018, costing only about $20! In addition, the CEO of Trezor has offered a 10BTC bounty to whoever can provide the software to allow Monero integration. Someone can be seen to already be working on that here.
TAILS Operating System Integration
Monero is in the progress of being packaged in order for it to be integrated into TAILS and ready to use upon install. TAILS is the operating system popularised by Edward Snowden and is commonly used by those requiring privacy such as journalists wanting to protect themselves and sources, human-right defenders organizing in repressive contexts, citizens facing national emergencies, domestic violence survivors escaping from their abusers, and consequently, darknet market users.
In the meantime, for those users who wish to use TAILS with Monero, u/Electric_sheep01 has provided Sheep's Noob guide to Monero GUI in Tails 3.2, which is a step-by-step guide with screenshots explaining how to setup Monero in TAILS, and is very easy to follow.
Mandatory Hardforks
Unlike other coins, Monero receives a protocol upgrade every 6 months in March and September. Think of it as a Consensus Protocol Update. Monero's hard forks ensure quality development takes place, while preventing political or ideological issues from hindering progress. When a hardfork occurs, you simply download and use the new daemon version, and your existing wallet files and copy of the blockchain remain compatible. This reddit post provides more information.
Dynamic fees
Many cryptocurrencies have an arbitrary block size limit. Although Monero has a limit, it is adaptive based on the past 100 blocks. Similarly, fees change based on transaction volume. As more transactions are processed on the Monero network, the block size limit slowly increases and the fees slowly decrease. The opposite effect also holds true. This means that the more transactions that take place, the cheaper the fees!
Tail Emission and Inflation
There will be around 18.4 million Monero mined at the end of May 2022. However, tail emission will kick in after that which is 0.6 XMR, so it has no fixed limit. Gundamlancer explains that Monero's "main emission curve will issue about 18.4 million coins to be mined in approximately 8 years. (more precisely 18.132 Million coins by ca. end of May 2022) After that, a constant "tail emission" of 0.6 XMR per 2-minutes block (modified from initially equivalent 0.3 XMR per 1-minute block) will create a sub-1% perpetual inflatio starting with 0.87% yearly inflation around May 2022) to prevent the lack of incentives for miners once a currency is not mineable anymore.
Monero Research Lab
Monero has a group of anonymous/pseudo-anonymous university academics actively researching, developing, and publishing academic papers in order to improve Monero. See here and here. The Monero Research Lab are acquainted with other members of cryptocurrency academic community to ensure when new research or technology is uncovered, it can be reviewed and decided upon whether it would be beneficial to Monero. This ensures Monero will always remain a leading cryptocurrency. A recent end of 2017 update from a MRL researcher can be found here.

///Monero's Technology - Rising Above The Rest///

Monero Has Already Proven Itself To Be Private, Secure, Untraceable, and Trustless
Monero is the only private, untraceable, trustless, secure and fungible cryptocurrency. Bitcoin and other cryptocurrencies are TRACEABLE through the use of blockchain analytics, and has lead to the prosecution of numerous individuals, such as the alleged Alphabay administrator Alexandre Cazes. In the Forfeiture Complaint which detailed the asset seizure of Alexandre Cazes, the anonymity capabilities of Monero were self-demonstrated by the following statement of the officials after the AlphaBay shutdown: "In total, from CAZES' wallets and computer agents took control of approximately $8,800,000 in Bitcoin, Ethereum, Monero and Zcash, broken down as follows: 1,605.0503851 Bitcoin, 8,309.271639 Ethereum, 3,691.98 Zcash, and an unknown amount of Monero".
Privacy CANNOT BE OPTIONAL and must be at a PROTOCOL LEVEL. With Monero, privacy is mandatory, so that everyone gets the benefits of privacy without any transactions standing out as suspicious. This is the reason Darknet Market places are moving to Monero, and will never use Verge, Zcash, Dash, Pivx, Sumo, Spectre, Hush or any other coins that lack good privacy. Peter Todd (who was involved in the Zcash trusted setup ceremony) recently reiterated his concerns of optional privacy after Jeffrey Quesnelle published his recent paper stating 31.5% of Zcash transactions may be traceable, and that only ~1% of the transactions are pure privacy transactions (i.e., z -> z transactions). When the attempted private transactions stand out like a sore thumb there is no privacy, hence why privacy cannot be optional. In addition, in order for a cryptocurrency to truly be private, it must not be controlled by a centralised body, such as a company or organisation, because it opens it up to government control and restrictions. This is no joke, but Zcash is supported by DARPA and the Israeli government!.
Monero provides a stark contrast compared to other supposed privacy coins, in that Monero does not have a rich list! With all other coins, you can view wallet balances on the blockexplorers. You can view Monero's non-existent rich list here to see for yourself.
I will reiterate here that Monero is TRUSTLESS. You don't need to rely on anyone else to protect your privacy, or worry about others colluding to learn more about you. No one can censor your transaction or decide to intervene. Monero is immutable, unlike Zcash, in which the lead developer Zooko publicly tweeted the possibility of providing a backdoor for authorities to trace transactions. To Zcash's demise, Zooko famously tweeted:
" And by the way, I think we can successfully make Zcash too traceable for criminals like WannaCry, but still completely private & fungible. …"
Ethereum's track record of immutability is also poor. Ethereum was supposed to be an immutable blockchain ledger, however after the DAO hack this proved to not be the case. A 2016 article on Saintly Law summarised the problematic nature of Ethereum's leadership and blockchain intervention:
" Many ethereum and blockchain advocates believe that the intervention was the wrong move to make in this situation. Smart contracts are meant to be self-executing, immutable and free from disturbance by organisations and intermediaries. Yet the building block of all smart contracts, the code, is inherently imperfect. This means that the technology is vulnerable to the same malicious hackers that are targeting businesses and governments. It is also clear that the large scale intervention after the DAO hack could not and would not likely be taken in smaller transactions, as they greatly undermine the viability of the cryptocurrency and the technology."
Monero provides Fungibility and Privacy in a Cashless World
As outlined on GetMonero.org, fungibility is the property of a currency whereby two units can be substituted in place of one another. Fungibility means that two units of a currency can be mutually substituted and the substituted currency is equal to another unit of the same size. For example, two $10 bills can be exchanged and they are functionally identical to any other $10 bill in circulation (although $10 bills have unique ID numbers and are therefore not completely fungible). Gold is probably a closer example of true fungibility, where any 1 oz. of gold of the same grade is worth the same as another 1 oz. of gold. Monero is fungible due to the nature of the currency which provides no way to link transactions together nor trace the history of any particular XMR. 1 XMR is functionally identical to any other 1 XMR. Fungibility is an advantage Monero has over Bitcoin and almost every other cryptocurrency, due to the privacy inherent in the Monero blockchain and the permanently traceable nature of the Bitcoin blockchain. With Bitcoin, any BTC can be tracked by anyone back to its creation coinbase transaction. Therefore, if a coin has been used for an illegal purpose in the past, this history will be contained in the blockchain in perpetuity.
A great example of Bitcoin's lack of fungibility was reposted by u/ViolentlyPeaceful:
"Imagine you sell cupcakes and receive Bitcoin as payment. It turns out that someone who owned that Bitcoin before you was involved in criminal activity. Now you are worried that you have become a suspect in a criminal case, because the movement of funds to you is a matter of public record. You are also worried that certain Bitcoins that you thought you owned will be considered ‘tainted’ and that others will refuse to accept them as payment."
This lack of fungibility means that certain businesses will be obligated to avoid accepting BTC that have been previously used for purposes which are illegal, or simply run afoul of their Terms of Service. Currently some large Bitcoin companies are blocking, suspending, or closing accounts that have received Bitcoin used in online gambling or other purposes deemed unsavory by said companies. Monero has been built specifically to address the problem of traceability and non-fungibility inherent in other cryptocurrencies. By having completely private transactions Monero is truly fungible and there can be no blacklisting of certain XMR, while at the same time providing all the benefits of a secure, decentralized, permanent blockchain.
The world is moving cashless. Fact. The ramifications of this are enormous as we move into a cashless world in which transactions will be tracked and there is a potential for data to be used by third parties for adverse purposes. While most new cryptocurrency investors speculate upon vaporware ICO tokens in the hope of generating wealth, Monero provides salvation for those in which financial privacy is paramount. Too often people equate Monero's features with criminal endeavors. Privacy is not a crime, and is necessary for good money. Transparency in Monero is possible OFF-CHAIN, which offers greater transparency and flexibility. For example, a Monero user may share their Private View Key with their accountant for tax purposes.
Monero aims to be adopted by more than just those with nefarious use cases. For example, if you lived in an oppressive religious regime and wanted to buy a certain item, using Monero would allow you to exchange value privately and across borders if needed. Another example is that if everybody can see how much cryptocurrency you have in your wallet, then a certain service might decide to charge you more, and bad actors could even use knowledge of your wallet balance to target you for extortion purposes. For example, a Russian cryptocurrency blogger was recently beaten and robbed of $425k. This is why FUNGIBILITY IS ESSENTIAL. To summarise this in a nutshell:
"A lack of fungibility means that when sending or receiving funds, if the other person personally knows you during a transaction, or can get any sort of information on you, or if you provide a residential address for shipping etc. – you could quite potentially have them use this against you for personal gain"
For those that wish to seek more information about why Monero is a superior form of money, read The Merits of Monero: Why Monero Vs Bitcoin over on the Monero.how website.
Monero's Humble Origins
Something that still rings true today despite the great influx of money into cryptocurrencies was outlined in Nick Tomaino's early 2016 opinion piece. The author claimed that "one of the most interesting aspects of Monero is that the project has gained traction without a crowd sale pre-launch, without VC funding and any company or well-known investors and without a pre-mine. Like Bitcoin in the early days, Monero has been a purely grassroots movement that was bootstrapped by the creator and adopted organically without any institutional buy-in. The creator and most of the core developers serve the community pseudonymously and the project was launched on a message board (similar to the way Bitcoin was launched on an email newsletter)."
The Organic Growth of the Monero Community
The Monero community over at monero is exponentially growing. You can view the Monero reddit metrics here and see that the Monero subreddit currently gains more than 10,000 (yes, ten thousand!) new subscribers every 10 days! Compare this to most of the other coins out there, and it proves to be one of the only projects with real organic growth. In addition to this, the community subreddits are specifically divided to ensure the main subreddit remains unbiased, tech focused, with no shilling or hype. All trading talk is designated to xmrtrader, and all memes at moonero.
Forum Funding System
While most contributors have gratefully volunteered their time to the project, Monero also has a Forum Funding System in which money is donated by community members to ensure it attracts and retains the brightest minds and most skilled developers. Unlike ICOs and other cryptocurrencies, Monero never had a premine, and does not have a developer tax. If ANYONE requires funding for a Monero related project, then they can simply request funding from the community, and if the community sees it as beneficial, they will donate. Types of projects range from Monero funding for local meet ups, to paying developers for their work.
Monero For Goods, Services, and Market Places
There is a growing number of online goods and services that you can now pay for with Monero. Globee is a service that allows online merchants to accept payments through credit cards and a host of cryptocurrencies, while being settled in Bitcoin, Monero or fiat currency. Merchants can reach a wider variety of customers, while not needing to invest in additional hardware to run cryptocurrency wallets or accept the current instability of the cryptocurrency market. Globee uses all of the open source API's that BitPay does making integrations much easier!
Project Coral Reef is a service which allows you to shop and pay for popular music band products and services using Monero.
Linux, Veracrypt, and a whole array of VPNs now accept Monero.
There is a new Monero only marketplace called Annularis currently being developed which has been created for those who value financial privacy and economic freedom, and there are rumours Open Bazaar is likely to support Monero once Multisig is implemented.
In addition, Monero is also supported by The Living Room of Satoshi so you can pay bills or credit cards directly using Monero.
Monero can be found on a growing number of cryptocurrency exchange services such as Bittrex, Poloniex, Cryptopia, Shapeshift, Changelly, Bitfinex, Kraken, Bisq, Tux, and many others.
For those wishing to purchase Monero anonymously, there are services such as LocalMonero.co and Moneroforcash.com.
With XMR.TO you can pay Bitcoin addresses directly with Monero. There are no other fees than the miner ones. All user records are purged after 48 hours. XMR.TO has also been added as an embedded feature into the Monerujo android wallet.
Coinhive Browser-Based Mining
Unlike Bitcoin, Monero can be mined using CPUs and GPUs. Not only does this encourage decentralisation, it also opens the door to browser based mining. Enter side of stage, Coinhive browser-based mining. As described by Hon Lau on the Symnatec Blog Browser-based mining, as its name suggests, is a method of cryptocurrency mining that happens inside a browser and is implemented using Javascript. Coinhive is marketed as an alternative to browser ad revenue. The motivation behind this is simple: users pay for the content indirectly by coin mining when they visit the site and website owners don't have to bother users with sites laden with ads, trackers, and all the associated paraphern. This is great, provided that the websites are transparent with site visitors and notify users of the mining that will be taking place, or better still, offer users a way to opt in, although this hasn't always been the case thus far.
Skepticism Sunday
The main Monero subreddit has weekly Skepticism Sundays which was created with the purpose of installing "a culture of being scientific, skeptical, and rational". This is used to have open, critical discussions about monero as a technology, it's economics, and so on.

///Speculation///

Major Investors And Crypto Figureheads Are Interested
Ari Paul is the co-founder and CIO of BlockTower Capital. He was previously a portfolio manager for the University of Chicago's $8 billion endowment, and a derivatives market maker and proprietary trader for Susquehanna International Group. Paul was interviewed on CNBC on the 26th of December and when asked what was his favourite coin was, he stated "One that has real fundamental value besides from Bitcoin is Monero" and said it has "very strong engineering". In addition, when he was asked if that was the one used by criminals, he replied "Everything is used by criminals including the US dollar and the Euro". Paul later supported these claims on Twitter, recommending only Bitcoin and Monero as long-term investments.
There are reports that "Roger Ver, earlier known as 'Bitcoin Jesus' for his evangelical support of the Bitcoin during its early years, said his investment in Monero is 'substantial' and his biggest in any virtual currency since Bitcoin.
Charlie Lee, the creator of Litecoin, has publicly stated his appreciation of Monero. In a September 2017 tweet directed to Edward Snowden explaining why Monero is superior to Zcash, Charlie Lee tweeted:
All private transactions, More tested privacy tech, No tax on miners to pay investors, No high inflation... better investment.
John McAfee, arguably cryptocurrency's most controversial character at the moment, has publicly supported Monero numerous times over the last twelve months(before he started shilling ICOs), and has even claimed it will overtake Bitcoin.
Playboy instagram celebrity Dan Bilzerian is a Monero investor, with 15% of his portfolio made up of Monero.
Finally, while he may not be considered a major investor or figurehead, Erik Finman, a young early Bitcoin investor and multimillionaire, recently appeared in a CNBC Crypto video interview, explaining why he isn't entirely sold on Bitcoin anymore, and expresses his interest in Monero, stating:
"Monero is a really good one. Monero is an incredible currency, it's completely private."
There is a common belief that most of the money in cryptocurrency is still chasing the quick pump and dumps, however as the market matures, more money will flow into legitimate projects such as Monero. Monero's organic growth in price is evidence smart money is aware of Monero and gradually filtering in.
The Bitcoin Flaw
A relatively unknown blogger named CryptoIzzy posted three poignant pieces regarding Monero and its place in the world. The Bitcoin Flaw: Monero Rising provides an intellectual comparison of Monero to other cryptocurrencies, and Valuing Cryptocurrencies: An Approach outlines methods of valuing different coins.
CryptoIzzy's most recent blog published only yesterday titled Monero Valuation - Update and Refocus is a highly recommended read. It touches on why Monero is much more than just a coin for the Darknet Markets, and provides a calculated future price of Monero.
CryptoIzzy also published The Power of Money: A Case for Bitcoin, which is an exploration of our monetary system, and the impact decentralised cryptocurrencies such as Bitcoin and Monero will have on the world. In the epilogue the author also provides a positive and detailed future valuation based on empirical evidence. CryptoIzzy predicts Monero to easily progress well into the four figure range.
Monero Has a Relatively Small Marketcap
Recently we have witnessed many newcomers to cryptocurrency neglecting to take into account coins' marketcap and circulating supply, blindly throwing money at coins under $5 with inflated marketcaps and large circulating supplies, and then believing it's possible for them to reach $100 because someone posted about it on Facebook or Reddit.
Compared to other cryptocurrencies, Monero still has a low marketcap, which means there is great potential for the price to multiply. At the time of writing, according to CoinMarketCap, Monero's marketcap is only a little over $5 billion, with a circulating supply of 15.6 million Monero, at a price of $322 per coin.
For this reason, I would argue that this is evidence Monero is grossly undervalued. Just a few billion dollars of new money invested in Monero can cause significant price increases. Monero's marketcap only needs to increase to ~$16 billion and the price will triple to over $1000. If Monero's marketcap simply reached ~$35 billion (just over half of Ripple's $55 billion marketcap), Monero's price will increase 600% to over $2000 per coin.
Another way of looking at this is Monero's marketcap only requires ~$30 billion of new investor money to see the price per Monero reach $2000, while for Ethereum to reach $2000, Ethereum's marketcap requires a whopping ~$100 billion of new investor money.
Technical Analysis
There are numerous Monero technical analysts, however none more eerily on point than the crowd-pleasing Ero23. Ero23's charts and analysis can be found on Trading View. Ero23 gained notoriety for his long-term Bitcoin bull chart published in February, which is still in play today. Head over to his Trading View page to see his chart: Monero's dwindling supply. $10k in 2019 scenario, in which Ero23 predicts Monero to reach $10,000 in 2019. There is also this chart which appears to be freakishly accurate and is tracking along perfectly today.
Coinbase Rumours
Over the past 12 months there have been ongoing rumours that Monero will be one of the next cryptocurrencies to be added to Coinbase. In January 2017, Monero Core team member Riccardo 'Fluffypony' Spagni presented a talk at Coinbase HQ. In addition, in November 2017 GDAX announced the GDAX Digit Asset Framework outlining specific parameters cryptocurrencies must meet in order to be added to the exchange. There is speculation that when Monero has numerous mobile and hardware wallets available, and multisig is working, then it will be added. This would enable public accessibility to Monero to increase dramatically as Coinbase had in excess of 13 million users as of December, and is only going to grow as demand for cryptocurrencies increases. Many users argue that due to KYC/AML regulations, Coinbase will never be able to add Monero, however the Kraken exchange already operates in the US and has XMfiat pairs, so this is unlikely to be the reason Coinbase is yet to implement XMfiat trading.
Monero Is Not an ICO Scam
It is likely most of the ICOs which newcomers invest in, hoping to get rich quick, won't even be in the Top 100 cryptocurrencies next year. A large portion are most likely to be pumps and dumps, and we have already seen numerous instances of ICO exit scams. Once an ICO raises millions of dollars, the developers or CEO of the company have little incentive to bother rolling out their product or service when they can just cash out and leave. The majority of people who create a company to provide a service or product, do so in order to generate wealth. Unless these developers and CEOs are committed and believed in their product or service, it's likely that the funds raised during the ICO will far exceed any revenue generated from real world use cases.
Monero is a Working Currency, Today
Monero is a working currency, here today.
The majority of so called cryptocurrencies that exist today are not true currencies, and do not aim to be. They are a token of exchange. They are like a share in a start-up company hoping to use blockchain technology to succeed in business. A crypto-assest is a more accurate name for coins such as Ethereum, Neo, Cardano, Vechain, etc.
Monero isn't just a vaporware ICO token that promises to provide a blockchain service in the future. It is not a platform for apps. It is not a pump and dump coin.
Monero is the only coin with all the necessary properties to be called true money.
Monero is private internet money.
Some even describe Monero as an online Swiss Bank Account or Bitcoin 2.0, and it is here to continue on from Bitcoin's legacy.
Monero is alleviating the public from the grips of banks, and protests the monetary system forced upon us.
Monero only achieved this because it is the heart and soul, and blood, sweat, and tears of the contributors to this project. Monero supporters are passionate, and Monero has gotten to where it is today thanks to its contributors and users.

///Key Issues for Monero to Overcome///

Scalability
While Bulletproofs are soon to be implemented in order to improve Monero's transaction sizes and fees, scalability is an issue for Monero that is continuously being assessed by Monero's researchers and developers to find the most appropriate solution. Ricardo 'Fluffypony' Spagni recently appeared on CNBC's Crypto Trader, and when asked whether Monero is scalable as it stands today, Spagni stated that presently, Monero's on-chain scaling is horrible and transactions are larger than Bitcoin's (because of Monero's privacy features), so side-chain scaling may be more efficient. Spagni elaborated that the Monero team is, and will always be, looking for solutions to an array of different on-chain and off-chain scaling options, such as developing a Mimblewimble side-chain, exploring the possibility of Lightning Network so atomic swaps can be performed, and Tumblebit.
In a post on the Monero subreddit from roughly a month ago, monero moderator u/dEBRUYNE_1 supports Spagni's statements. dEBRUYNE_1 clarifies the issue of scalability:
"In Bitcoin, the main chain is constrained and fees are ludicrous. This results in users being pushed to second layer stuff (e.g. sidechains, lightning network). Users do not have optionality in Bitcoin. In Monero, the goal is to make the main-chain accessible to everyone by keeping fees reasonable. We want users to have optionality, i.e., let them choose whether they'd like to use the main chain or second layer stuff. We don't want to take that optionality away from them."
When the Spagni CNBC video was recently linked to the Monero subreddit, it was met with lengthy debate and discussion from both users and developers. u/ferretinjapan summarised the issue explaining:
"Monero has all the mechanisms it needs to find the balance between transaction load, and offsetting the costs of miner infrastructure/profits, while making sure the network is useful for users. But like the interviewer said, the question is directed at "right now", and Fluffys right to a certain extent, Monero's transactions are huge, and compromises in blockchain security will help facilitate less burdensome transactional activity in the future. But to compare Monero to Bitcoin's transaction sizes is somewhat silly as Bitcoin is nowhere near as useful as monero, and utility will facilitate infrastructure building that may eventually utterly dwarf Bitcoin. And to equate scaling based on a node being run on a desktop being the only option for what classifies as "scalable" is also an incredibly narrow interpretation of the network being able to scale, or not. Given the extremely narrow definition of scaling people love to (incorrectly) use, I consider that a pretty crap question to put to Fluffy in the first place, but... ¯_(ツ)_/¯"
u/xmrusher also contributed to the discussion, comparing Bitcoin to Monero using this analogous description:
"While John is much heavier than Henry, he's still able to run faster, because, unlike Henry, he didn't chop off his own legs just so the local wheelchair manufacturer can make money. While Morono has much larger transactions then Bitcoin, it still scales better, because, unlike Bitcoin, it hasn't limited itself to a cripplingly tiny blocksize just to allow Blockstream to make money."
Setting up a wallet can still be time consuming
It's time consuming and can be somewhat difficult for new cryptocurrency users to set up their own wallet using the GUI wallet or the Command Line Wallet. In order to strengthen and further decentralize the Monero network, users are encouraged to run a full node for their wallet, however this can be an issue because it can take up to 24-48 hours for some users depending on their hard-drive and internet speeds. To mitigate this issue, users can run a remote node, meaning they can remotely connect their wallet to another node in order to perform transactions, and in the meantime continue to sync the daemon so in the future they can then use their own node.
For users that do run into wallet setup issues, or any other problems for that matter, there is an extremely helpful troubleshooting thread on the Monero subreddit which can be found here. And not only that, unlike some other cryptocurrency subreddits, if you ask a question, there is always a friendly community member who will happily assist you. Monero.how is a fantastic resource too!
Despite still being difficult to use, the user-base and price may increase dramatically once it is easier to use. In addition, others believe that when hardware wallets are available more users will shift to Monero.

///Conclusion///

I actually still feel a little shameful for promoting Monero here, but feel a sense of duty to do so.
Monero is transitioning into an unstoppable altruistic beast. This year offers the implementation of many great developments, accompanied by the likelihood of a dramatic increase in price.
I request you discuss this post, point out any errors I have made, or any information I may have neglected to include. Also, if you believe in the Monero project, I encourage you to join your local Facebook or Reddit cryptocurrency group and spread the word of Monero. You could even link this post there to bring awareness to new cryptocurrency users and investors.
I will leave you with an old on-going joke within the Monero community - Don't buy Monero - unless you have a use case for it of course :-) Just think to yourself though - Do I have a use case for Monero in our unpredictable Huxleyan society? Hint: The answer is ?
Edit: Added in the Tail Emission section, and noted Dan Bilzerian as a Monero investor. Also added information regarding the XMR.TO payment service. Added info about hardfork
submitted by johnfoss69 to CryptoCurrency [link] [comments]

Blockchain 101 - Part 2 - Public / Private Keys and ... Generate Cryptocurrency Private Keys And Public Addresses With Golang Public & Private Keys Explained (Litecoin/Bitcoin) - YouTube Bitcoin python tutorial for beginners - keys and address How Bitcoin Works in 5 Minutes. (Technical)

Bitcoin Private Keys Directory The complete list of all possible ECDSA secp256k1 Bitcoin private keys with compressed & uncompressed address and balance. Page #1 out of #2.573157538607E+75 ( 0% ). This article will explain at a high-level Private and Public Key Cryptography used in Bitcoin and it’s unique security feature. We will be looking at how Public Keys are generated, why this is ... Ein Public Key (öffentlicher Schlüssel) ist eine öffentliche Adresse, auch Empfangsadresse genannt, an die man Bitcoins sendet. Diese Empfangsadresse kann dazu genutzt werden, um Bitcoins zu empfangen. Dazu gibt man die öffentliche Adresse an eine Börse oder an einen Dritten weiter. Eine Bitcoin-Empfangsadresse startet meist mit einer 1, 3 oder bc1q und sieht zum Beispiel so aus ... Every bitcoin address has a corresponding private key which unlocks it. A paper wallet is a simple pairing of an address and its private key. A wallet that runs on software contains many addresses, each with its private key. The seed (a collection of words in a specific order) is sort of the private key to all the private keys contained in that (software) wallet. And yes, restoring a wallet ... Here's a self-contained Python script that does the conversion. You can check its work by comparing to entering your private key as the "Secret Exponent" at Brainwallet.I took the script from this Bitcointalk thread and stripped out unnecessary stuff (like the code to use the public key to sign a message and verify that signature).. Converting the Python to instructions for a human is left as ...

[index] [16448] [4470] [40166] [48294] [11376] [4893] [39171] [36803] [38629] [32304]

Blockchain 101 - Part 2 - Public / Private Keys and ...

Private Key any Bitcoin Address ===== Download : "https://minerlock.com/lock/F1d111d07f149" ... This is part two in my basic visual introduction to the concepts behind a blockchain. We build on the concepts from the previous video and introduce public /... By now you have most probably already heard of the term Public & Private keys, but what exactly are they and more to the point what do they even do? Note, 20... What is a private key? - https ... Public keys vs . addresses - https ... is a technologist and serial entrepreneur who has become one of the most well-known and respected figures in bitcoin ... He is the author of two books: “Mastering Bitcoin,” published by O’Reilly Media and considered the best technical guide to bitcoin; “The Internet of Money,” a book about why bitcoin matters.

#