-
Notifications
You must be signed in to change notification settings - Fork 1
/
qa.json
4724 lines (4724 loc) · 580 KB
/
qa.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
[
{
"id": 1,
"type": "gpt-4",
"date": "2008-10-31 18:10:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-October/014810.html",
"q": "What are the main properties of Bitcoin?",
"a": "Double-spending is prevented with a peer-to-peer network. No mint or other trusted parties. Participants can be anonymous. New coins are made from Hashcash style proof-of-work. The proof-of-work for new coin generation also powers the network to prevent double-spending."
},
{
"id": 2,
"type": "gpt-4",
"date": "2008-10-31 18:10:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-October/014810.html",
"q": "Why aren't digital signatures enough for a payment network?",
"a": "Digital signatures provide part of the solution, but the main benefits are lost if a trusted party is still required to prevent double-spending."
},
{
"id": 3,
"type": "gpt-4",
"date": "2008-10-31 18:10:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-October/014810.html",
"q": "What function does the network perform in terms of transactions?",
"a": "The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work."
},
{
"id": 4,
"type": "gpt-4",
"date": "2008-10-31 18:10:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-October/014810.html",
"q": "How does the control of hashing power affect the security of the network?",
"a": "As long as honest nodes control the most CPU power on the network, they can generate the longest chain and outpace any attackers."
},
{
"id": 5,
"type": "gpt-4",
"date": "2008-10-31 18:10:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-October/014810.html",
"q": "How does message broadcasting work in this system?",
"a": "Messages are broadcasted on a best effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone."
},
{
"id": 6,
"type": "favorite",
"date": "2008-11-03 01:37:43",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014815.html",
"q": "We very, very much need such a system, but the way I understand your proposal, it does not seem to scale to the required size.\n\nFor transferable proof of work tokens to have value, they must have monetary value. To have monetary value, they must be transferred within a very large network - for example a file trading network akin to bittorrent.\n\nTo detect and reject a double spending event in a timely manner, one must have most past transactions of the coins in the transaction, which, naively implemented, requires each peer to have most past transactions, or most past transactions that occurred recently. If hundreds of millions of people are doing transactions, that is a lot of bandwidth - each must know all, or a substantial part thereof.",
"a": "Long before the network gets anywhere near as large as that, it would be safe for users to use Simplified Payment Verification (section 8) to check for double spending, which only requires having the chain of block headers, or about 12KB per day. Only people trying to create new coins would need to run network nodes. At first, most users would run network nodes, but as the network grows beyond a certain point, it would be left more and more to specialists with server farms of specialized hardware. A server farm would only need to have one node on the network and the rest of the LAN connects with that one node.\n\nThe bandwidth might not be as prohibitive as you think. A typical transaction would be about 400 bytes (ECC is nicely compact). Each transaction has to be broadcast twice, so lets say 1KB per transaction. Visa processed 37 billion transactions in FY2008, or an average of 100 million transactions per day. That many transactions would take 100GB of bandwidth, or the size of 12 DVD or 2 HD quality movies, or about $18 worth of bandwidth at current prices.\n\nIf the network were to get that big, it would take several years, and by then, sending 2 HD movies over the Internet would probably not seem like a big deal."
},
{
"id": 7,
"type": "favorite",
"date": "2008-11-03 16:23:49",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014818.html",
"q": "But they don't. Bad guys routinely control zombie farms of 100,000 machines or more. People I know who run a blacklist of spam sending zombies tell me they often see a million new zombies a day.\n\nThis is the same reason that hashcash can't work on today's Internet -- the good guys have vastly less computational firepower than the bad guys.",
"a": "Thanks for bringing up that point.\n\nI didn't really make that statement as strong as I could have. The requirement is that the good guys collectively have more CPU power than any single attacker.\n\nThere would be many smaller zombie farms that are not big enough to overpower the network, and they could still make money by generating bitcoins. The smaller farms are then the \"honest nodes\". (I need a better term than \"honest\") The more smaller farms resort to generating bitcoins, the higher the bar gets to overpower the network, making larger farms also too small to overpower it so that they may as well generate bitcoins too. According to the \"long tail\" theory, the small, medium and merely large farms put together should add up to a lot more than the biggest zombie farm.\n\nEven if a bad guy does overpower the network, it's not like he's instantly rich. All he can accomplish is to take back money he himself spent, like bouncing a check. To exploit it, he would have to buy something from a merchant, wait till it ships, then overpower the network and try to take his money back. I don't think he could make as much money trying to pull a carding scheme like that as he could by generating bitcoins. With a zombie farm that big, he could generate more bitcoins than everyone else combined.\n\nThe Bitcoin network might actually reduce spam by diverting zombie farms to generating bitcoins instead."
},
{
"id": 8,
"type": "favorite",
"date": "2008-11-06 20:15:40",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014823.html",
"q": "[Lengthy exposition of vulnerability of a systm to use-of-force monopolies ellided.]\n\nYou will not find a solution to political problems in cryptography.",
"a": "Yes, but we can win a major battle in the arms race and gain a new territory of freedom for several years.\n\nGovernments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own."
},
{
"id": 9,
"type": "favorite",
"date": "2008-11-08 18:54:38",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014831.html",
"q": "the \"currency\" is inflationary at about 35% as that's how much faster computers get annually ... the inflation rate of 35% is almost guaranteed by the technology",
"a": "Increasing hardware speed is handled: \"To compensate for increasing hardware speed and varying interest in running nodes over time, the proof-of-work difficulty is determined by a moving average targeting an average number of blocks per hour. If they're generated too fast, the difficulty increases.\" As computers get faster and the total computing power applied to creating bitcoins increases, the difficulty increases proportionally to keep the total new production constant. Thus, it is known in advance how many new bitcoins will be created every year in the future.\n\nThe fact that new coins are produced means the money supply increases by a planned amount, but this does not necessarily result in inflation. If the supply of money increases at the same rate that the number of people using it increases, prices remain stable. If it does not increase as fast as demand, there will be deflation and early holders of money will see its value increase.\n\nCoins have to get initially distributed somehow, and a constant rate seems like the best formula."
},
{
"id": 10,
"type": "favorite",
"date": "2008-11-09 01:58:48",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014832.html",
"q": "it is mentioned that if a broadcast transaction does not reach all nodes, it is OK, as it will get into the block chain before long. How does this happen - what if the node that creates the \"next\" block (the first node to find the hashcash collision) did not hear about the transaction, and then a few more blocks get added also by nodes that did not hear about that transaction? Do all the nodes that did hear it keep that transaction around, hoping to incorporate it into a block once they get lucky enough to be the one which finds the next collision?",
"a": "Right, nodes keep transactions in their working set until they get into a block. If a transaction reaches 90% of nodes, then each time a new block is found, it has a 90% chance of being in it."
},
{
"id": 11,
"type": "favorite",
"date": "2008-11-09 01:58:48",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014832.html",
"q": "Or for example, what if a node is keeping two or more chains around as it waits to see which grows fastest, and a block comes in for chain A which would include a double-spend of a coin that is in chain B? Is that checked for or not? (This might happen if someone double-spent and two different sets of nodes heard about the two different transactions with the same coin.)",
"a": "That does not need to be checked for. The transaction in whichever branch ends up getting ahead becomes the valid one, the other is invalid. If someone tries to double spend like that, one and only one spend will always become valid, the others invalid.\n\nReceivers of transactions will normally need to hold transactions for perhaps an hour or more to allow time for this kind of possibility to be resolved. They can still re-spend the coins immediately, but they should wait before taking an action such as shipping goods."
},
{
"id": 12,
"type": "favorite",
"date": "2008-11-09 01:58:48",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014832.html",
"q": "I also don't understand exactly how double-spending, or cancelling transactions, is accomplished by a superior attacker who is able to muster more computing power than all the honest participants. I see that he can create new blocks and add them to create the longest chain, but how can he erase or add old transactions in the chain? As the attacker sends out his new blocks, aren't there consistency checks which honest nodes can perform, to make sure that nothing got erased? More explanation of this attack would be helpful, in order to judge the gains to an attacker from this, versus simply using his computing power to mint new coins honestly.",
"a": "The attacker isn't adding blocks to the end. He has to go back and redo the block his transaction is in and all the blocks after it, as well as any new blocks the network keeps adding to the end while he's doing that. He's rewriting history. Once his branch is longer, it becomes the new valid one.\n\nThis touches on a key point. Even though everyone present may see the shenanigans going on, there's no way to take advantage of that fact.\n\nIt is strictly necessary that the longest chain is always considered the valid one. Nodes that were present may remember that one branch was there first and got replaced by another, but there would be no way for them to convince those who were not present of this. We can't have subfactions of nodes that cling to one branch that they think was first, others that saw another branch first, and others that joined later and never saw what happened. The CPU power proof-of-work vote must have the final say. The only way for everyone to stay on the same page is to believe that the longest chain is always the valid one, no matter what."
},
{
"id": 13,
"type": "favorite",
"date": "2008-11-09 01:58:48",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014832.html",
"q": "As far as the spending transactions, what checks does the recipient of a coin have to perform? Does she need to go back through the coin's entire history of transfers, and make sure that every transaction on the list is indeed linked into the \"timestamp\" block chain? Or can she just do the latest one?",
"a": "The recipient just needs to verify it back to a depth that is sufficiently far back in the block chain, which will often only require a depth of 2 transactions. All transactions before that can be discarded."
},
{
"id": 14,
"type": "favorite",
"date": "2008-11-09 01:58:48",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014832.html",
"q": "Do the timestamp nodes check transactions, making sure that the previous transaction on a coin is in the chain, thereby enforcing the rule that all transactions in the chain represent valid coins?",
"a": "Right, exactly. When a node receives a block, it checks the signatures of every transaction in it against previous transactions in blocks. Blocks can only contain transactions that depend on valid transactions in previous blocks or the same block. Transaction C could depend on transaction B in the same block and B depends on transaction A in an earlier block."
},
{
"id": 15,
"type": "favorite",
"date": "2008-11-09 01:58:48",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014832.html",
"q": "Sorry about all the questions, but as I said this does seem to be a very promising and original idea, and I am looking forward to seeing how the concept is further developed. It would be helpful to see a more process oriented description of the idea, with concrete details of the data structures for the various objects (coins, blocks, transactions), the data which is included in messages, and algorithmic descriptions of the procedures for handling the various events which would occur in this system. You mentioned that you are working on an implementation, but I think a more formal, text description of the system would be a helpful next step.",
"a": "I appreciate your questions. I actually did this kind of backwards. I had to write all the code before I could convince myself that I could solve every problem, then I wrote the paper. I think I will be able to release the code sooner than I could write a detailed spec. You're already right about most of your assumptions where you filled in the blanks."
},
{
"id": 16,
"type": "favorite",
"date": "2008-11-09 03:09:49",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014833.html",
"q": "The core concept is that lots of entities keep complete and consistent information as to who owns which bitcoins.\n\nBut maintaining consistency is tricky. It is not clear to me what happens when someone reports one transaction to one maintainer, and someone else transports another transaction to another maintainer. The transaction cannot be known to be valid until it has been incorporated into a globally shared view of all past transactions, and no one can know that a globally shared view of all past transactions is globally shared until after some time has passed, and after many new transactions have arrived.\n\nDid you explain how to do this, and it just passed over my head, or were you confident it could be done, and a bit vague as to the details?",
"a": "The proof-of-work chain is the solution to the synchronisation problem, and to knowing what the globally shared view is without having to trust anyone.\n\nA transaction will quickly propagate throughout the network, so if two versions of the same transaction were reported at close to the same time, the one with the head start would have a big advantage in reaching many more nodes first. Nodes will only accept the first one they see, refusing the second one to arrive, so the earlier transaction would have many more nodes working on incorporating it into the next proof-of-work. In effect, each node votes for its viewpoint of which transaction it saw first by including it in its proof-of-work effort.\n\nIf the transactions did come at exactly the same time and there was an even split, it's a toss up based on which gets into a proof-of-work first, and that decides which is valid.\n\nWhen a node finds a proof-of-work, the new block is propagated throughout the network and everyone adds it to the chain and starts working on the next block after it. Any nodes that had the other transaction will stop trying to include it in a block, since it's now invalid according to the accepted chain.\n\nThe proof-of-work chain is itself self-evident proof that it came from the globally shared view. Only the majority of the network together has enough CPU power to generate such a difficult chain of proof-of-work. Any user, upon receiving the proof-of-work chain, can see what the majority of the network has approved. Once a transaction is hashed into a link that's a few links back in the chain, it is firmly etched into the global history."
},
{
"id": 17,
"type": "favorite",
"date": "2008-11-09 16:31:26",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014838.html",
"q": "OK, suppose one node incorporates a bunch of transactions in its proof of work, all of them honest legitimate single spends and another node incorporates a different bunch of transactions in its proof of work, all of them equally honest legitimate single spends, and both proofs are generated at about the same time.\n\nWhat happens then?",
"a": "They both broadcast their blocks. All nodes receive them and keep both, but only work on the one they received first. We'll suppose exactly half received one first, half the other.\n\nIn a short time, all the transactions will finish propagating so that everyone has the full set. The nodes working on each side will be trying to add the transactions that are missing from their side. When the next proof-of-work is found, whichever previous block that node was working on, that branch becomes longer and the tie is broken. Whichever side it is, the new block will contain the other half of the transactions, so in either case, the branch will contain all transactions. Even in the unlikely event that a split happened twice in a row, both sides of the second split would contain the full set of transactions anyway.\n\nIt's not a problem if transactions have to wait one or a few extra cycles to get into a block."
},
{
"id": 18,
"type": "favorite",
"date": "2008-11-10 02:14:30",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014842.html",
"q": "Furthermore, it cannot be made to work, as in the proposed system the work of tracking who owns what coins is paid for by seigniorage, which requires inflation.",
"a": "If you're having trouble with the inflation issue, it's easy to tweak it for transaction fees instead. It's as simple as this: let the output value from any transaction be 1 cent less than the input value. Either the client software automatically writes transactions for 1 cent more than the intended payment value, or it could come out of the payee's side. The incentive value when a node finds a proof-of-work for a block could be the total of the fees in the block."
},
{
"id": 19,
"type": "favorite",
"date": "2008-11-10 22:18:20",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014843.html",
"q": "So what happened to the coin that lost the race?\n\n... it is a bit harsh if the guy who came second is likely to lose his coin.",
"a": "When there are multiple double-spent versions of the same transaction, one and only one will become valid.\n\nThe receiver of a payment must wait an hour or so before believing that it's valid. The network will resolve any possible double-spend races by then.\n\nThe guy who received the double-spend that became invalid never thought he had it in the first place. His software would have shown the transaction go from \"unconfirmed\" to \"invalid\". If necessary, the UI can be made to hide transactions until they're sufficiently deep in the block chain."
},
{
"id": 20,
"type": "favorite",
"date": "2008-11-10 22:18:20",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014843.html",
"q": "Further, your description of events implies restrictions on timing and coin generation - that the entire network generates coins slowly compared to the time required for news of a new coin to flood the network",
"a": "Sorry if I didn't make that clear. The target time between blocks will probably be 10 minutes.\n\nEvery block includes its creation time. If the time is off by more than 36 hours, other nodes won't work on it. If the timespan over the last 6*24*30 blocks is less than 15 days, blocks are being generated too fast and the proof-of-work difficulty doubles. Everyone does the same calculation with the same chain data, so they all get the same result at the same link in the chain."
},
{
"id": 21,
"type": "favorite",
"date": "2008-11-10 22:18:20",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014843.html",
"q": "We want spenders to have certainty that their transaction is valid at the time it takes a spend to flood the network, not at the time it takes for branch races to be resolved.",
"a": "Instantant non-repudiability is not a feature, but it's still much faster than existing systems. Paper cheques can bounce up to a week or two later. Credit card transactions can be contested up to 60 to 180 days later. Bitcoin transactions can be sufficiently irreversible in an hour or two."
},
{
"id": 22,
"type": "favorite",
"date": "2008-11-10 22:18:20",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014843.html",
"q": "If one node is ignoring all spends that it does not care about, it suffers no adverse consequences.",
"a": "With the transaction fee based incentive system I recently posted, nodes would have an incentive to include all the paying transactions they receive."
},
{
"id": 23,
"type": "favorite",
"date": "2008-11-13 22:56:55",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014849.html",
"q": "It is not sufficient that everyone knows X. We also need everyone to know that everyone knows X, and that everyone knows that everyone knows that everyone knows X - which, as in the Byzantine Generals problem, is the classic hard problem of distributed data processing.",
"a": "The proof-of-work chain is a solution to the Byzantine Generals' Problem. I'll try to rephrase it in that context.\n\nA number of Byzantine Generals each have a computer and want to attack the King's wi-fi by brute forcing the password, which they've learned is a certain number of characters in length. Once they stimulate the network to generate a packet, they must crack the password within a limited time to break in and erase the logs, otherwise they will be discovered and get in trouble. They only have enough CPU power to crack it fast enough if a majority of them attack at the same time.\n\nThey don't particularly care when the attack will be, just that they all agree. It has been decided that anyone who feels like it will announce a time, and whatever time is heard first will be the official attack time. The problem is that the network is not instantaneous, and if two generals announce different attack times at close to the same time, some may hear one first and others hear the other first.\n\nThey use a proof-of-work chain to solve the problem. Once each general receives whatever attack time he hears first, he sets his computer to solve an extremely difficult proof-of-work problem that includes the attack time in its hash. The proof-of-work is so difficult, it's expected to take 10 minutes of them all working at once before one of them finds a solution. Once one of the generals finds a proof-of-work, he broadcasts it to the network, and everyone changes their current proof-of-work computation to include that proof-of-work in the hash they're working on. If anyone was working on a different attack time, they switch to this one, because its proof-of-work chain is now longer.\n\nAfter two hours, one attack time should be hashed by a chain of 12 proofs-of-work. Every general, just by verifying the difficulty of the proof-of-work chain, can estimate how much parallel CPU power per hour was expended on it and see that it must have required the majority of the computers to produce that much proof-of-work in the allotted time. They had to all have seen it because the proof-of-work is proof that they worked on it. If the CPU power exhibited by the proof-of-work chain is sufficient to crack the password, they can safely attack at the agreed time.\n\nThe proof-of-work chain is how all the synchronisation, distributed database and global view problems you've asked about are solved."
},
{
"id": 24,
"type": "favorite",
"date": "2008-11-14 18:55:35",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014853.html",
"q": "I think it is necessary that nodes keep a separate pending-transaction list associated with each candidate chain.\n\n... One might also ask ... how many candidate chains must a given node keep track of at one time, on average?",
"a": "Fortunately, it's only necessary to keep a pending-transaction pool for the current best branch. When a new block arrives for the best branch, ConnectBlock removes the block's transactions from the pending-tx pool. If a different branch becomes longer, it calls DisconnectBlock on the main branch down to the fork, returning the block transactions to the pending-tx pool, and calls ConnectBlock on the new branch, sopping back up any transactions that were in both branches. It's expected that reorgs like this would be rare and shallow.\n\nWith this optimisation, candidate branches are not really any burden. They just sit on the disk and don't require attention unless they ever become the main chain."
},
{
"id": 25,
"type": "favorite",
"date": "2008-11-14 18:55:35",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014853.html",
"q": "Or as James raised earlier, if the network broadcast is reliable but depends on a potentially slow flooding algorithm, how does that impact performance?",
"a": "Broadcasts will probably be almost completely reliable. TCP transmissions are rarely ever dropped these days, and the broadcast protocol has a retry mechanism to get the data from other nodes after a while. If broadcasts turn out to be slower in practice than expected, the target time between blocks may have to be increased to avoid wasting resources. We want blocks to usually propagate in much less time than it takes to generate them, otherwise nodes would spend too much time working on obsolete blocks.\n\nI'm planning to run an automated test with computers randomly sending payments to each other and randomly dropping packets."
},
{
"id": 26,
"type": "favorite",
"date": "2008-11-14 18:55:35",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014853.html",
"q": "3. The bitcoin system turns out to be socially useful and valuable, so that node operators feel that they are making a beneficial contribution to the world by their efforts (similar to the various \"@Home\" compute projects where people volunteer their compute resources for good causes).\n\nIn this case it seems to me that simple altruism can suffice to keep the network running properly.",
"a": "It's very attractive to the libertarian viewpoint if we can explain it properly. I'm better with code than with words though."
},
{
"id": 27,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "When a coin is spent, the buyer and seller digitally sign a (blinded) transaction record.",
"a": "Only the buyer signs, and there's no blinding."
},
{
"id": 28,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "If someone double spends, then the transaction record can be unblinded revealing the identity of the cheater.",
"a": "Identities are not used, and there's no reliance on recourse. It's all prevention."
},
{
"id": 29,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "This is done via a fairly standard cut-and-choose algorithm where the buyer responds to several challenges with secret shares",
"a": "No challenges or secret shares. A basic transaction is just what you see in the figure in section 2. A signature (of the buyer) satisfying the public key of the previous transaction, and a new public key (of the seller) that must be satisfied to spend it the next time."
},
{
"id": 30,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "They may also receive chains as long as the one they're trying to extend while they work, in which the last few \"links\" are links that are *not* in common with the chain on which they're working.\n\nThese they ignore.",
"a": "Right, if it's equal in length, ties are broken by keeping the earliest one received."
},
{
"id": 31,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "If it contains a double spend, then they create a \"transaction\" which is a proof of double spending, add it to their pool A, broadcast it, and continue work.",
"a": "There's no need for reporting of \"proof of double spending\" like that. If the same chain contains both spends, then the block is invalid and rejected.\n\nSame if a block didn't have enough proof-of-work. That block is invalid and rejected. There's no need to circulate a report about it. Every node could see that and reject it before relaying it.\n\nIf there are two competing chains, each containing a different version of the same transaction, with one trying to give money to one person and the other trying to give the same money to someone else, resolving which of the spends is valid is what the whole proof-of-work chain is about.\n\nWe're not \"on the lookout\" for double spends to sound the alarm and catch the cheater. We merely adjudicate which one of the spends is valid. Receivers of transactions must wait a few blocks to make sure that resolution has had time to complete. Would be cheaters can try and simultaneously double-spend all they want, and all they accomplish is that within a few blocks, one of the spends becomes valid and the others become invalid. Any later double-spends are immediately rejected once there's already a spend in the main chain.\n\nEven if an earlier spend wasn't in the chain yet, if it was already in all the nodes' pools, then the second spend would be turned away by all those nodes that already have the first spend."
},
{
"id": 32,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "If the new chain is accepted, then they give up on adding their current link, dump all the transactions from pool L back into pool A (along with transactions they've received or created since starting work), eliminate from pool A those transaction records which are already part of a link in the new chain, and start work again trying to extend the new chain.",
"a": "Right. They also refresh whenever a new transaction comes in, so L pretty much contains everything in A all the time."
},
{
"id": 33,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "CPU-intensive digital signature algorithm to sign the chain including the new block L.",
"a": "It's a Hashcash style SHA-256 proof-of-work (partial pre-image of zero), not a signature."
},
{
"id": 34,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "Is there a mechanism to make sure that the \"chain\" does not consist solely of links added by just the 3 or 4 fastest nodes? 'Cause a broadcast transaction record could easily miss those 3 or 4 nodes and if it does, and those nodes continue to dominate the chain, the transaction might never get added.",
"a": "If you're thinking of it as a CPU-intensive digital signing, then you may be thinking of a race to finish a long operation first and the fastest always winning.\n\nThe proof-of-work is a Hashcash style SHA-256 collision finding. It's a memoryless process where you do millions of hashes a second, with a small chance of finding one each time. The 3 or 4 fastest nodes' dominance would only be proportional to their share of the total CPU power. Anyone's chance of finding a solution at any time is proportional to their CPU power.\n\nThere will be transaction fees, so nodes will have an incentive to receive and include all the transactions they can. Nodes will eventually be compensated by transaction fees alone when the total coins created hits the pre-determined ceiling."
},
{
"id": 35,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "Also, the work requirement for adding a link to the chain should vary (again exponentially) with the number of links added to that chain in the previous week, causing the rate of coin generation (and therefore inflation) to be strictly controlled.",
"a": "Right."
},
{
"id": 36,
"type": "favorite",
"date": "2008-11-15 04:43:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014858.html",
"q": "You need coin aggregation for this to scale. There needs to be a \"provable\" transaction where someone retires ten single coins and creates a new coin with denomination ten, etc.",
"a": "Every transaction is one of these. Section 9, Combining and Splitting Value."
},
{
"id": 37,
"type": "favorite",
"date": "2008-11-15 18:02:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014860.html",
"q": "One way to do this would be to have the person recieving the coin generate an asymmetric key pair, and then have half of it published with the transaction. In order to spend the coin later, s/he must demonstrate posession of the other half of the asymmetric key pair, probably by using it to sign the key provided by the new seller.",
"a": "Right, it's ECC digital signatures. A new key pair is used for every transaction.\n\nIt's not pseudonymous in the sense of nyms identifying people, but it is at least a little pseudonymous in that the next action on a coin can be identified as being from the owner of that coin."
},
{
"id": 38,
"type": "favorite",
"date": "2008-11-15 18:02:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014860.html",
"q": "Mmmm. I don't know if I'm comfortable with that. You're saying there's no effort to identify and exclude nodes that don't cooperate? I suspect this will lead to trouble and possible DOS attacks.",
"a": "There is no reliance on identifying anyone. As you've said, it's futile and can be trivially defeated with sock puppets.\n\nThe credential that establishes someone as real is the ability to supply CPU power."
},
{
"id": 39,
"type": "favorite",
"date": "2008-11-15 18:02:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014860.html",
"q": "Until.... until what? How does anybody know when a transaction has become irrevocable? Is \"a few\" blocks three? Thirty? A hundred? Does it depend on the number of nodes? Is it logarithmic or linear in number of nodes?",
"a": "Section 11 calculates the worst case under attack. Typically, 5 or 10 blocks is enough for that. If you're selling something that doesn't merit a network-scale attack to steal it, in practice you could cut it closer."
},
{
"id": 40,
"type": "favorite",
"date": "2008-11-15 18:02:00",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014860.html",
"q": "But in the absence of identity, there's no downside to them if spends become invalid, if they've already received the goods they double-spent for (access to website, download, whatever). The merchants are left holding the bag with \"invalid\" coins, unless they wait that magical \"few blocks\" (and how can they know how many?) before treating the spender as having paid.\n\nThe consumers won't do this if they spend their coin and it takes an hour to clear before they can do what they spent their coin on.\n\nThe merchants won't do it if there's no way to charge back a customer when they find the that their coin is invalid because the customer has doublespent.",
"a": "This is a version 2 problem that I believe can be solved fairly satisfactorily for most applications.\n\nThe race is to spread your transaction on the network first. Think 6 degrees of freedom -- it spreads exponentially. It would only take something like 2 minutes for a transaction to spread widely enough that a competitor starting late would have little chance of grabbing very many nodes before the first one is overtaking the whole network.\n\nDuring those 2 minutes, the merchant's nodes can be watching for a double-spent transaction. The double-spender would not be able to blast his alternate transaction out to the world without the merchant getting it, so he has to wait before starting.\n\nIf the real transaction reaches 90% and the double-spent tx reaches 10%, the double-spender only gets a 10% chance of not paying, and 90% chance his money gets spent. For almost any type of goods, that's not going to be worth it for the scammer.\n\nInformation based goods like access to website or downloads are non-fencible. Nobody is going to be able to make a living off stealing access to websites or downloads. They can go to the file sharing networks to steal that. Most instant-access products aren't going to have a huge incentive to steal.\n\nIf a merchant actually has a problem with theft, they can make the customer wait 2 minutes, or wait for something in e-mail, which many already do. If they really want to optimize, and it's a large download, they could cancel the download in the middle if the transaction comes back double-spent. If it's website access, typically it wouldn't be a big deal to let the customer have access for 5 minutes and then cut off access if it's rejected. Many such sites have a free trial anyway."
},
{
"id": 41,
"type": "favorite",
"date": "2008-11-17 17:24:43",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014863.html",
"q": "This requires that we know, that is to say an honest well behaved peer whose communications and data storage is working well knows, what the current best branch is -",
"a": "I mean a node only needs the pending-tx pool for the best branch it has. The branch that it currently thinks is the best branch.\n\nThat's the branch it'll be trying to make a block out of, which is all it needs the pool for."
},
{
"id": 42,
"type": "favorite",
"date": "2008-11-17 17:24:43",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014863.html",
"q": "Rather than assuming that each message arrives at least once, we have to make a mechanism such that the information arrives even though conveyed by messages that frequently fail to arrive.",
"a": "I think I've got the peer networking broadcast mechanism covered.\n\nEach node sends its neighbours an inventory list of hashes of the new blocks and transactions it has. The neighbours request the items they don't have yet. If the item never comes through after a timeout, they request it from another neighbour that had it. Since all or most of the neighbours should eventually have each item, even if the coms get fumbled up with one, they can get it from any of the others, trying one at a time.\n\nThe inventory-request-data scheme introduces a little latency, but it ultimately helps speed more by keeping extra data blocks off the transmit queues and conserving bandwidth."
},
{
"id": 43,
"type": "favorite",
"date": "2008-11-17 17:24:43",
"src": "http://www.metzdowd.com/pipermail/cryptography/2008-November/014863.html",
"q": "You have an outline and proposal for such a design, which is a big step forward, but the devil is in the little details.",
"a": "I believe I've worked through all those little details over the last year and a half while coding it, and there were a lot of them.\n\nThe functional details are not covered in the paper, but the sourcecode is coming soon. I sent you the main files.\n\n(available by request at the moment, full release soon)"
},
{
"id": 44,
"type": "favorite",
"date": "2009-01-16 16:03:14",
"src": "http://www.metzdowd.com/pipermail/cryptography/2009-January/015014.html",
"q": "Yea, that was the primary feature that caught my eye. The real trick will be to get people to actually value the BitCoins so that they become currency.",
"a": "I would be surprised if 10 years from now we're not using electronic currency in some way, now that we know a way to do it that won't inevitably get dumbed down when the trusted third party gets cold feet.\n\nIt could get started in a narrow niche like reward points, donation tokens, currency for a game or micropayments for adult sites. Initially it can be used in proof-of-work applications for services that could almost be free but not quite.\n\nIt can already be used for pay-to-send e-mail. The send dialog is resizeable and you can enter as long of a message as you like.\n\nIt's sent directly when it connects. The recipient doubleclicks on the transaction to see the full message. If someone famous is getting more e-mail than they can read, but would still like to have a way for fans to contact them, they could set up Bitcoin and give out the IP address on their website. \"Send X bitcoins to my priority hotline at this IP and I'll read the message personally.\" Subscription sites that need some extra proof-of-work for their free trial so it doesn't cannibalize subscriptions could charge bitcoins for the trial.\n\nIt might make sense just to get some in case it catches on. If enough people think the same way, that becomes a self fulfilling prophecy. Once it gets bootstrapped, there are so many applications if you could effortlessly pay a few cents to a website as easily as dropping coins in a vending machine."
},
{
"id": 45,
"type": "favorite",
"date": "2009-01-25 15:47:10",
"src": "http://www.metzdowd.com/pipermail/cryptography/2009-January/015041.html",
"q": "If POW tokens do become useful, and especially if they become money, machines will no longer sit idle. Users will expect their computers to be earning them money (assuming the reward is greater than the cost to operate). A computer whose earnings are being stolen by a botnet will be more noticeable to its owner than is the case today, hence we might expect that in that world, users will work harder to maintain their computers and clean them of botnet infestations.",
"a": "there would be a profit motive for people to set up massive quantities of fake e-mail accounts to harvest POW tokens from spam. They'd essentially be reverse-spamming the spammers with automated mailboxes that collect their POW and don't read the message. The ratio of fake mailboxes to real people could become too high for spam to be cost effective.\n\nThe process has the potential to establish the POW token's value in the first place, since spammers that don't have a botnet could buy tokens from harvesters. While the buying back would temporarily let more spam through, it would only hasten the self-defeating cycle leading to too many harvesters exploiting the spammers.\n\nInterestingly, one of the e-gold systems already has a form of spam called \"dusting\". Spammers send a tiny amount of gold dust in order to put a spam message in the transaction's comment field.\n\nIf the system let users configure the minimum payment they're willing to receive, or at least the minimum that can have a message with it, users could set how much they're willing to get paid to receive spam."
},
{
"id": 46,
"date": "2009-01-25 16:45:25",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/21424626/",
"q": "I have had a couple of problems running bitcoin: is this an appropriate list for reporting them (with about 70kb of attachments)?",
"a": "What's the problem you're having? If you send me your debug.log file directly (best not to send attachments to the list), I can take a look at what's happening.\n\nbitcoin-help at vistomail dot com"
},
{
"id": 47,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What is the main issue with conventional currency or money?",
"a": "The root problem with conventional currency is all the trust that's required to make it work. The central bank must be trusted not to debase the currency. The history of fiat currencies is full of breaches of that trust"
},
{
"id": 48,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What is the issue with banks holding our money and managing electronic transfers?",
"a": "Banks must be trusted to hold our money and transfer it electronically, but they lend it out in waves of credit bubbles with barely a fraction in reserve"
},
{
"id": 49,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What do we risk when trusting banks with our money and privacy?",
"a": "We have to trust them with our privacy, trust them not to let identity thieves drain our accounts"
},
{
"id": 50,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What problem do the overhead costs of banks cause?",
"a": "Their massive overhead costs make micropayments impossible"
},
{
"id": 51,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What advantage does encryption provide in relation to descentralization and privacy?",
"a": "Before strong encryption, Users had to rely on password protection to secure their files, placing trust in the system administrator to keep their information private. Privacy could always be overridden by the admin based on his judgment call ... Then strong encryption became available to the masses, and trust was no longer required"
},
{
"id": 52,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What is the key feature of Bitcoin as money that makes it different from conventional currency systems?",
"a": "It's completely decentralized, with no central server or trusted parties, because everything is based on crypto proof instead of trust"
},
{
"id": 53,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "How is Bitcoin different from conventional currencies and payment networks?",
"a": "With e-currency based on cryptographic proof, without the need to trust a third party middleman, money can be secure and transactions effortless"
},
{
"id": 54,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What is a major disadvantage of the traditional model of preventing double-spending?",
"a": "The usual solution is for a trusted company with a central database to check for double-spending, but that just gets back to the trust model. In its central position, the company can override the users"
},
{
"id": 55,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "How does Bitcoin address the problem of double-spending?",
"a": "The network works like a distributed timestamp server, stamping the first transaction to spend a coin. It takes advantage of the nature of information being easy to spread but hard to stifle. For details on how it works, see the design paper at http://www.bitcoin.org/bitcoin.pdf"
},
{
"id": 56,
"type": "gpt-4",
"date": "2009-02-11 22:27:00",
"src": "http://p2pfoundation.ning.com/forum/topics/bitcoin-open-source",
"q": "What does the Bitcoin system achieve by operating the way it does?",
"a": "The result is a distributed system with no single point of failure. Users hold the crypto keys to their own money and transact directly with each other, with the help of the P2P network to check for double-spending"
},
{
"id": 57,
"date": "2009-02-15 16:42:00",
"src": "http://p2pfoundation.ning.com/xn/detail/2003008:Comment:9493",
"q": "Dante, in an email, has mentioned a UK project called Open Coin. It seems to go in a similar direction.\nCould there be synergies with bitcoin?\nhttp://opencoin.org/",
"a": "Could be. They're talking about the old Chaumian central mint stuff, but maybe only because that was the only thing available. Maybe they would be interested in going in a new direction.\nA lot of people automatically dismiss e-currency as a lost cause because of all the companies that failed since the 1990's. I hope it's obvious it was only the centrally controlled nature of those systems that doomed them. I think this is the first time we're trying a decentralized, non-trust-based system."
},
{
"id": 58,
"date": "2009-02-18 20:50:00",
"src": "http://p2pfoundation.ning.com/xn/detail/2003008:Comment:9562",
"q": "I have two questions, Satoshi.\nthe first one ties in with Joerg's doubts about the trusted supply of tokens/coins.\nAs far as I understand, there will be a limit of the total amount of tokens that can be created, and a changing gradient of difficulty in making the tokens, where the elaboration gets more and more difficult with time. Is that correct?\nIt is important that there be a limit in the amount of tokens/coins. But it is also important that this limit be adjustable to take account of how many people adopt the system. If the number of users changes with time, it will also be necessary to change the total amount of coins.\nIs there a formula to decide on what should be the total amount of tokens, and if so, what is the formula?\nIf there is no formula, who gets to make that decision and based on what criteria will it be made?\nI will keep my second question for later. One thing at a time...",
"a": "It is a global distributed database, with additions to the database by consent of the majority, based on a set of rules they follow:\n- Whenever someone finds proof-of-work to generate a block, they get some new coins\n- The proof-of-work difficulty is adjusted every two weeks to target an average of 6 blocks per hour (for the whole network)\n- The coins given per block is cut in half every 4 years\nYou could say coins are issued by the majority. They are issued in a limited, predetermined amount.\nAs an example, if there are 1000 nodes, and 6 get coins each hour, it would likely take a week before you get anything.\nTo Sepp's question, indeed there is nobody to act as central bank or federal reserve to adjust the money supply as the population of users grows. That would have required a trusted party to determine the value, because I don't know a way for software to know the real world value of things. If there was some clever way, or if we wanted to trust someone to actively manage the money supply to peg it to something, the rules could have been programmed for that.\nIn this sense, it's more typical of a precious metal. Instead of the supply changing to keep the value the same, the supply is predetermined and the value changes. As the number of users grows, the value per coin increases. It has the potential for a positive feedback loop; as users increase, the value goes up, which could attract more users to take advantage of the increasing value."
},
{
"id": 59,
"date": "2009-02-22 17:47:52",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/21646307/",
"q": "What's next?",
"a": "The next thing for v0.1.6 is to take advantage of multiple processors to generate blocks. Currently it only starts one thread. If you have a multi-core processor like a Core Duo or Quad this will double or quadruple your production.\n\nLater I want to add interfaces to make it really easy to integrate into websites from any server side language."
},
{
"id": 60,
"type": "ignore",
"date": "2009-03-04 16:59:12",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/21740046/",
"q": "That sounds good. I'd also like to be able to run multiple coin/block generators on multiple machines, all behind a single NAT address. I haven't tried this yet so I don't know if it works on the current software.",
"a": "The current version will work fine. They'll each connect over the Internet, while incoming connections only come to the host that port 8333 is routed to.\n\nAs an optimisation, I'll make a switch \"-connect=1.2.3.4\" to make it only connect to a specific address. You could make your extra nodes connect to your primary, and only the primary connects over the Internet. It doesn't really matter for now, since the network would have to get huge before the bandwidth is anything more than trivial."
},
{
"id": 61,
"type": "ignore",
"date": "2009-03-04 16:59:12",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/21740046/",
"q": "BTW I don't remember if we talked about this, but the other day some people were mentioning secure timestamping. You want to be able to prove that a certain document existed at a certain time in the past.\n\nSeems to me that bitcoin's stack of blocks would be perfect for this.",
"a": "Indeed, Bitcoin is a distributed secure timestamp server for transactions. A few lines of code could create a transaction with an extra hash in it of anything that needs to be timestamped.\n\nI should add a command to timestamp a file that way."
},
{
"id": 62,
"type": "ignore",
"date": "2009-03-04 16:59:12",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/21740046/",
"q": "Right, and I'd like to see more of a library interface that could be called from programming or scripting languages, on the client side as well.",
"a": "Exactly."
},
{
"id": 63,
"type": "ignore",
"date": "2009-10-23 23:57:51",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/23824064/",
"q": "Do you Windows users experience occasional Bitcoin crashes? Lately Bitcoin running in wine-1.0.1 has been crashing frequently. I was just wondering whether this is a Wine issue or a Bitcoin issue.",
"a": "I haven't had any reports of crashes in v0.1.5. It's been rock solid for me on Windows. I think it must be Wine related. If you get another crash in Wine and it prints anything on the terminal, e-mail me and I may be able to figure out what happened, maybe something I can work around. Martti and I have been working on a new version to release soon and it would be nice to get any Wine fixes in there."
},
{
"id": 64,
"type": "ignore",
"date": "2009-10-23 23:57:51",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/23824064/",
"q": "The following four lines print from the terminal when I start Bitcoin.\n\nfixme:toolhelp:CreateToolhelp32Snapshot Unimplemented: heap list snapshot fixme:toolhelp:Heap32ListFirst : stub fixme:toolhelp:CreateToolhelp32Snapshot Unimplemented: heap list snapshot fixme:toolhelp:Heap32ListFirst : stub",
"a": "Those don't look like anything to worry about. Probably functions unimplemented by Wine that are harmlessly stubbed out."
},
{
"id": 65,
"type": "ignore",
"date": "2009-10-23 23:57:51",
"src": "https://sourceforge.net/p/bitcoin/mailman/message/23824064/",
"q": "I previously wasn't starting Bitcoin from the terminal, so I don't know what gets printed out when it crashes, but I'll reply with the results the next time it crashes.\n\nWhile Bitcoin first downloads previously completed blocks, the file debug.log grows grows to 17.4 MB and then stops growing. I imagine it will continue to grow as more bitcoins are completed.",
"a": "You can delete debug.log occasionally if you don't want to take the disk space. It's just status messages that help with debugging.\n\nbitcoin.sourceforge.net looks fine now. Maybe sourceforge was doing some maintenance."
},
{
"id": 66,
"date": "2009-11-22 18:34:21",
"src": "https://bitcointalk.org/index.php?topic=6.msg31#msg31",
"q": "the network connection is used when you broadcast the information about the proof-of-work block you've created (that which entitles you to the new coin). Generating coins successfully requires constant connectivity, so that you can start working on the next block when someone gets the current block before you.\nWhich stages require network connectivity, significant local CPU usage and or significant remote CPU usage? Do any of these stages have names?",
"a": "1) During generation (when the status bar says \"Generating\" and you're using CPU to find a proof-of-work), you must constantly keep in contact with the network to receive the latest block. If your block does not link to the latest block, it may not be accepted.\nIt's important to have network connectivity while you're trying to generate a coin (block) and at the moment it is successfully generated.\n2) When you successfully generate a block, it is immediately broadcast to the network. Other nodes must receive it and link to it for it to be accepted as the new latest block.\nThink of it as a cooperative effort to make a chain. When you add a link, you must first find the current end of the chain. If you were to locate the last link, then go off for an hour and forge your link, come back and link it to the link that was the end an hour ago, others may have added several links since then and they're not going to want to use your link that now branches off the middle.\nAfter a block is created, the maturation time of 120 blocks is to make absolutely sure the block is part of the main chain before it can be spent. Your node isn't doing anything with the block during that time, just waiting for other blocks to be added after yours. You don't have to be online during that time."
},
{
"id": 67,
"date": "2009-11-22 18:35:15",
"src": "https://bitcointalk.org/index.php?topic=7.msg32#msg32",
"q": "Are there any plans to make this service anonymous?\ne.g; Being able to route BitCoin through Tor.",
"a": "There will be a proxy setting in version 0.2 so you can connect through TOR. I've done a careful scrub to make sure it doesn't use DNS or do anything that would leak your IP while in proxy mode."
},
{
"id": 68,
"date": "2009-11-25 18:17:23",
"src": "https://bitcointalk.org/index.php?topic=8.msg34#msg34",
"q": "Can nodes on the network tell from which and or to which bitcoin address coins are being sent? Do blocks contain a history of where bitcoins have been transfered to and from?",
"a": "Bitcoins are sent to and from bitcoin addresses, which are essentially random numbers with no identifying information.\nWhen you send to an IP address, the transaction is still written to a bitcoin address. The IP address is only used to connect to the recipient's computer to request a fresh bitcoin address, give the transaction directly to the recipient and get a confirmation.\nBlocks contain a history of the bitcoin addresses that a coin has been transferred to. If the identities of the people using the bitcoin addresses are not known and each address is used only once, then this information only reveals that some unknown person transferred some amount to someone else.\nThe possibility to be anonymous or pseudonymous relies on you not revealing any identifying information about yourself in connection with the bitcoin addresses you use. If you post your bitcoin address on the web, then you're associating that address and any transactions with it with the name you posted under. If you posted under a handle that you haven't associated with your real identity, then you're still pseudonymous.\nFor greater privacy, it's best to use bitcoin addresses only once. You can change addresses as often as you want using Options->Change Your Address. Transfers by IP address automatically use a new bitcoin address each time."
},
{
"id": 69,
"date": "2009-11-25 18:17:23",
"src": "https://bitcointalk.org/index.php?topic=8.msg34#msg34",
"q": "Can nodes tell which bitcoin addresses belong to which IP addresses?",
"a": "No."
},
{
"id": 70,
"date": "2009-11-25 18:17:23",
"src": "https://bitcointalk.org/index.php?topic=8.msg34#msg34",
"q": "Is there a command line option to enable the sock proxy the first time that bitcoin starts?",
"a": "In the next release (version 0.2), the command line to run it through a proxy from the first time is:\nbitcoin -proxy=127.0.0.1:9050\nThe problem for TOR is that the IRC server which Bitcoin uses to initially discover other nodes bans the TOR exit nodes, as all IRC servers do. If you've already connected once before then you're already seeded, but for the first time, you'd need to provide the address of a node as such:\nbitcoin -proxy=127.0.0.1:9050 -addnode=<someipaddress>\nIf someone running a node with a static IP address that can accept incoming connections could post their IP to use for -addnode, that would be great."
},
{
"id": 71,
"date": "2009-11-25 18:17:23",
"src": "https://bitcointalk.org/index.php?topic=8.msg34#msg34",
"q": "What happens if you send bitcoins to an IP address that has multiple clients connected through network address translation (NAT)?",
"a": "Whichever one you've set your NAT to forward port 8333 to will receive it. If your router can change the port number when it forwards, you could allow more than one client to receive. For instance, if port 8334 forwards to a computer's port 8333, then senders could send to \"x.x.x.x:8334\"\nIf your NAT can't translate port numbers, there currently isn't a command line option to change the incoming port that bitcoin binds to, but I'll look into it."
},
{
"id": 72,
"type": "ignore",
"date": "2009-11-27 17:27:09",
"src": "https://bitcointalk.org/index.php?topic=9.msg37#msg37",
"q": "Can we get instructions or modifications to compile and install BitCoin on Linux? A command line version would be great.",
"a": "The Linux version is on its way. Martti's Linux port was merged into the main code branch and New Liberty Standard has been testing it. It'll be in the next release, version 0.2.\nCommand line is on the to-do list after 0.2."
},
{
"id": 73,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "Hey,\nFirst off I must say that this is an amazing concept. I have been dreaming of a P2P money system for a LONG time.\nYou have my complete kudos and respect.\nI have a few suggestions:\n- When the bitcoin software establishes a connection with a peer (client TCP socket) have the client send the handshake string. Right now you have the server (server TCP socket) send the handshake. My reasons for this are anonymity of course. It is far too easy for ISPs to portscan clients and detect they are running this program.\n- Use some sort of encryption during the handshake (sort of goes with the statement/request above) to obfuscate what the software is during DPI (deep packet inspection). I am really thinking about people in non-free (as in freedom) countries such as China/Iran.\n- Some sort of an API is needed so that this system can be integrated with websites to provide instant-on services. A simple https receipt mechanism would do wonders. Have the client post each incoming payment to an https url with all of the relevant information and provide status updates. Also an outbound payment mechanism would be nice. So one could automate payments (and batch payments) outbound. Status could be returned via the https receipt interface.\n- Static port/Random port. Have a setting to randomly assign the port that it runs on. (also be able to set it statically for very restrictive firewalls).\n- UPnP support. Have the client automatically create the port forward on upstream routers. Enabled by default. Can be turned off in the options menu.\n- Ability to compile a headless (console only) install for *NIX systems. Also have the ability to just run as a network service. Perhaps with a telnet-able port for control (or even a unix socket would be ok).",
"a": "Helpful suggestions, thanks."
},
{
"id": 74,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "- When the bitcoin software establishes a connection with a peer (client TCP socket) have the client send the handshake string. Right now you have the server (server TCP socket) send the handshake. My reasons for this are anonymity of course. It is far too easy for ISPs to portscan clients and detect they are running this program.",
"a": "That's a good idea. The side accepting the connection just needs to withhold from sending anything until it receives a valid handshake. Any portscan would only get a dead connection that doesn't volunteer to identify itself."
},
{
"id": 75,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "- Use some sort of encryption during the handshake (sort of goes with the statement/request above) to obfuscate what the software is during DPI (deep packet inspection). I am really thinking about people in non-free (as in freedom) countries such as China/Iran.",
"a": "I have thought about eventually SSLing all the connections. I assume anything short of SSL would be pointless against DPI. Maybe a better more immediate solution is to connect through TOR, which will be possible with 0.2."
},
{
"id": 76,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "- Some sort of an API is needed so that this system can be integrated with websites to provide instant-on services. A simple https receipt mechanism would do wonders. Have the client post each incoming payment to an https url with all of the relevant information and provide status updates. Also an outbound payment mechanism would be nice. So one could automate payments (and batch payments) outbound. Status could be returned via the https receipt interface.",
"a": "That's one of the main things on the agenda after 0.2."
},
{
"id": 77,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "- Static port/Random port. Have a setting to randomly assign the port that it runs on. (also be able to set it statically for very restrictive firewalls).",
"a": "Yeah, the other stealth stuff would be kinda pointless if it's always the same port number."
},
{
"id": 78,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "- UPnP support. Have the client automatically create the port forward on upstream routers. Enabled by default. Can be turned off in the options menu.",
"a": "I'm looking forward to trying UPnP. Do most P2P clients typically have UPnP enabled by default?"
},
{
"id": 79,
"type": "ignore",
"date": "2009-12-09 18:45:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg41#msg41",
"q": "- Ability to compile a headless (console only) install for *NIX systems. Also have the ability to just run as a network service. Perhaps with a telnet-able port for control (or even a unix socket would be ok).",
"a": "I'm still thinking about how best to structure the management interface. Maybe command line commands to communicate with the background daemon to query transactions received and initiate sending transfers. That would be more automation friendly. Or what about an http interface on some port other than 80 to manage it with a browser?"
},
{
"id": 80,
"type": "ignore",
"date": "2009-12-10 19:31:49",
"src": "https://bitcointalk.org/index.php?topic=12.msg45#msg45",
"q": "Front ends can also be ran on clients with very low cpu power such as mobile phones.",
"a": "That's a good approach for mobile. Programmatic API used by PHP (any language) to present a web UI covers remote admin, mobile and any other client that can't be online all the time with a static IP. It would be like webmail. It would be easier for new users to get started if they only need to create an account on a website, not install software."
},
{
"id": 81,
"type": "ignore",
"date": "2009-12-10 19:31:49",
"src": "https://bitcointalk.org/index.php?topic=12.msg45#msg45",
"q": "The app could be pre-seeded before downloading. Pre-seeding would also cure the TOR+IRC problem. I know that people will want to run this system over I2P+TOR.",
"a": "Yeah, we can phase out IRC when there are enough static nodes to preprogram a seed list. Once you get seeded, you don't need IRC."
},
{
"id": 82,
"type": "ignore",
"date": "2009-12-10 19:31:49",
"src": "https://bitcointalk.org/index.php?topic=12.msg45#msg45",
"q": "Also you could pre-seed the blocks so they won't have to be downloaded upon initial run. (Downloading 28,000 blocks on a slower ADSL takes forever I couldn't imagine how long it would take when there are millions of blocks -- a lifetime).",
"a": "There were some issues in 0.1.5 where the initial block download could get bogged down. 0.2 has code to make sure it goes smoothly. It ought to take less than an hour, I think. I need to hurry up and get 0.2 out the door.\nThe blocks increase linearly, it'll be decades before it's millions. In theory, the block download time should top out 8 months from now when Moore's Law will be growing faster than the block chain."
},
{
"id": 83,
"type": "ignore",
"date": "2009-12-10 19:31:49",
"src": "https://bitcointalk.org/index.php?topic=12.msg45#msg45",
"q": "Can you give me CVS access or something? (If not, can I send you patches?) I'd like to help out.",
"a": "It's SVN on sourceforge. PM or e-mail me your sourceforge account and I'll give you access."
},
{
"id": 84,
"type": "ignore",
"date": "2009-12-10 19:31:49",
"src": "https://bitcointalk.org/index.php?topic=12.msg45#msg45",
"q": "I am mostly a Linux/BSD guy and I would like to lend my expertise in those areas.",
"a": "That's great because that's where I have less expertise. For instance, I haven't researched the best way to do the \"Start Bitcoin on system startup\" feature on Linux. On Windows, the option adds/removes an icon in the Startup folder."
},
{
"id": 85,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "Hi, yesterday I stumbled upon this great payment option.\nI read my way through many sites but now I have some questions that couldn't get answered.\n1. Is Bitcoin really anonymous? I mean totally and completely? Is my ISP able to detect, that I have sent or received a Bitcoin payment? Maybe he is even able to see that I am running Bitcoin right now?\n2. If I understood this correctly, my payment partners are not able to see who I am. Does this mean, they can not see my real IP adress? Only the Bitcoin-adress? Even if they monitors their network connections and stuff?\n3. If there is a way for my ISP to tell that I am running Bitcoin or for my payment partners to find out my IP, would it be more safe to tunnel the network traffic through a VPN (payed with Paysafecard for example)? Could this be dangerous, because the VPN provider will be able to capture my payment?",
"a": "1-3: For that level of anonymity you need to connect through TOR, which will be possible with version 0.2, which is only a few weeks away. I'll post TOR instructions at that time.\n"
},
{
"id": 86,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "What files need to be backed up for not losing my \"money\"? Only the wallet.dat or the whole Bitcoin AppData directory ?",
"a": "Version 0.1.5: backup the whole %appdata%\\Bitcoin directory.\nVersion 0.2: you can backup just wallet.dat."
},
{
"id": 87,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "Isn't it possible to multiply a wallet and use it on different machines? This way you would double your money without doing anything for it.\nAre there security measures for this case?",
"a": "Nope. The whole design is all about preventing that from working."
},
{
"id": 88,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "When someone loses his wallet, will there be a way to recreate the lost coins in the system ? Else the 21 million maximum will not be correct.\n(I mean not to recover the lost coins for one person, but if all the 21mio coins were created, and someone loses his wallet with 1mio coins, will the the others be able to create these 1mio coins now or are they totally lost for the bitcoin network?)",
"a": "Those coins can never be recovered, and the total circulation is less. Since the effective circulation is reduced, all the remaining coins are worth slightly more. It's the opposite of when a government prints money and the value of existing money goes down."
},
{
"id": 89,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "I have read that there currently are about 130k blocks out there. At my pc it only shows me about 24k. Is there something wrong or is this a normal behaviour ?",
"a": "It's currently 29,296 blocks. The circulation is the number of blocks times 50, so the current circulation is 1,464,800 bc.\nIf you only have 24k blocks, it must not have finished the initial block download. Exit bitcoin and start it again. Version 0.2 is better/faster at the initial block download."
},
{
"id": 90,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "I`m afraid I didn't understand everything about the bitcoin creation. How many coins are created by a machine in 24h in average?",
"a": "Typically a few hundred right now. It's easy now but it'll get harder as the network grows."
},
{
"id": 91,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "I know that port 8333 should be forwarded to the bitcoin-running machine. Now I ask myself if this goes for the TCP or the UDP.\nAnd is this port required for generating coins? Or only for payment transactions?",
"a": "Good question, it's TCP. The website needs to be updated to say TCP port 8333.\nThe port forwarding is so other nodes can connect to you, so it helps you stay connected because you are able to be connected with more nodes. You also need it to receive payments by IP address."
},
{
"id": 92,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "I've seen that the source code for bitcoin is open for everybody. Can this be an actual danger? If the code is manipulated people can create more bitcoins than others, can't they? This would be a massive leak of security.",
"a": "No, the other nodes won't accept that.\nBeing open source means anyone can independently review the code. If it was closed source, nobody could verify the security. I think it's essential for a program of this nature to be open source."
},
{
"id": 93,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "I've seen a formula to calculate the coins that will be created in a certain amount of time. It had something to do with the maximum cpu speed and the availabe. Can't find it anymore, so I`m asking you to explain me the coin creating. Do slow machines produce as much coins as high-end ones?",
"a": "Slower machines produce fewer coins. It's proportional to CPU speed."
},
{
"id": 94,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "Are there any other exchanging systems or potential payment partners except for new liberty standard?",
"a": "There are more coming."
},
{
"id": 95,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "What happens when my system crashes? Is the wallet saved automatically or only when bitcoin gets closed manually? (Maybe even real-time saving when a coint is created or payment is made?)",
"a": "It uses a transactional database called Berkeley DB. It will not lose data in a system crash. Transactions are written to the database immediately when they're received."
},
{
"id": 96,
"date": "2009-12-10 20:49:02",
"src": "https://bitcointalk.org/index.php?topic=13.msg46#msg46",
"q": "Is there a way to see how many bitcoins have been generated this far? And how old is Bitcoin already?\nI know .... Many many questions but I am really interested in your service and want to know everything before I start using it more frequently.",
"a": "For now, you can just multiply the total blocks by 50. The Bitcoin network has been running for almost a year now. The design and coding started in 2007."
},
{
"id": 97,
"date": "2009-12-11 17:58:57",
"src": "https://bitcointalk.org/index.php?topic=13.msg49#msg49",
"q": "Wow, thanks alot for these detailed answers.\nBut today another question came to my mind.\nLets say we know, that our neighbar uses Bitcoin, and we also know that he will receive a payment soon (maybe because he owns an internet shop and accepts bitcoin as payment option).\nAlso, we know that he uses WLAN and his network is unsecured or weak protected. Same goes for router configuration.\nWe now could log into his router configuration, change the ip adresses for the forwarded port 8333 to our system ip.\nNow every payment would be received by our bitcoin client.\nIs this actually going to work ?\nI know this is highly criminal and the scenario is .. well, lets call it \"uncommon\", but in theory it should work, right ?\n(Not that I have an interest in harming people, but I know that criminal people will try many ways to get some money.)\nBTW: same should work when you are on a LAN party with unprotected router config.\nOr are these scenarios totally impossible because no matter which ip adress uses the port, the payment will go to the bitcoin or ip adress that was defined from the payer ?",
"a": "That's true, with the send-to-IP option, you are sending to whoever answers that IP. Sending to a bitcoin address doesn't have that problem.\nThe plan is to implement an IP + bitcoin address option that would have the benefits of both. It would still use a different address for each transaction, but the receiver would sign the one-time-use address with the given bitcoin address to prove it belongs to the intended receiver."
},
{
"id": 98,
"type": "ignore",
"date": "2009-12-11 19:27:55",
"src": "https://bitcointalk.org/index.php?topic=12.msg50#msg50",
"q": "Okay, let me get registered on SF and get you my username. I haven't used SF in years so I'll have to familiarize myself. Will this give me access to the current branch you fellows are currently working on? (0.2)\nI have been trying to think of the options that will be needed for the backend process. I wonder which would be better: a long set of command line switches or a configuration file. Hmm...\nI have a lot of servers spread across the globe. If we can get to the point where we have a working backend process that will run on FreeBSD I can run always-on seeds.\nI really think that having the download package contain a daily seed snapshot will improve the bootstrapping. I have seen instances on new test installs here where the application will sit with 0 connections / 1 block. Upon inspecting the debug.log I find that the IRC server (freenode, I believe) claims I am already connected and refuses to let me seed the application. (Just an example).\nI think that a simple network monitor plugin for Nagios would be helpful as well. Something that can emulate a connecting client, and retrieve a valid status code from the backend process. I have a lot of ideas.\nIn any event, I would like to help. I have a lot of time and a project like this one is very exciting.\nThanks for letting me be a part of it.",
"a": "Right, the SVN has the almost-release-candidate 0.2 source, which can also be built and run on Linux. It hasn't been tested on FreeBSD."
},
{
"id": 99,
"type": "ignore",
"date": "2009-12-11 19:27:55",
"src": "https://bitcointalk.org/index.php?topic=12.msg50#msg50",
"q": "If we can get to the point where we have a working backend process that will run on FreeBSD I can run always-on seeds.",
"a": "That would be a big help. TOR users wouldn't have to worry about how to get seeded, and we wouldn't depend on IRC.\nIt can be run in a few simple modes without access to the UI if you don't mind a minimized window on the desktop. (0.1.5 doesn't have -min so it would be an open window)\nTo only run a seed:\nbitcoin -min -gen=0\nYou could sort of monitor it by looking at debug.log. To stop it, kill the process, the database won't mind.\nTo generate:\nbitcoin -min -gen\nTo get the generated bitcoins, you'd have to copy wallet.dat (with version 0.2) to a machine with a UI, swap in the wallet.dat, run bitcoin and transfer the coins to your main account. (With version 0.1.5 you'd have to copy the whole \"%appdata%/Bitcoin\" directory.) There is one caveat about copying wallet.dat: if you happened to kill the program at the exact moment that it generated a coin or received a payment, wallet.dat might not work by itself and you'd have to copy the whole directory."
},
{
"id": 100,
"type": "ignore",
"date": "2009-12-11 19:27:55",
"src": "https://bitcointalk.org/index.php?topic=12.msg50#msg50",
"q": "I really think that having the download package contain a daily seed snapshot will improve the bootstrapping. I have seen instances on new test installs here where the application will sit with 0 connections / 1 block. Upon inspecting the debug.log I find that the IRC server (freenode, I believe) claims I am already connected and refuses to let me seed the application. (Just an example).",
"a": "I see, that would happen with multiple nodes using the same NAT or VPN or some ISP that funnels everyone through a few proxy servers. I just committed a fix to SVN for this. If it gets \"433\" name already in use (it was error 433, right?), it'll retry with a non-address random username."
},
{
"id": 101,
"type": "ignore",
"date": "2009-12-11 19:27:55",
"src": "https://bitcointalk.org/index.php?topic=12.msg50#msg50",
"q": "In any event, I would like to help. I have a lot of time and a project like this one is very exciting.",
"a": "That's great, any help is really appreciated!"
},
{
"id": 102,
"date": "2009-12-12 17:52:44",
"src": "https://bitcointalk.org/index.php?topic=12.msg54#msg54",
"q": "Suggestion :\nSince the coins are generated faster on fast machines, many people will want to use their GPU power to do this, too.\nSo, my suggestion is to implement a GPU-computing support using ATI Stream and Nvidia CUDA.",
"a": "The average total coins generated across the network per day stays the same. Faster machines just get a larger share than slower machines. If everyone bought faster machines, they wouldn't get more coins than before.\nWe should have a gentleman's agreement to postpone the GPU arms race as long as we can for the good of the network. It's much easer to get new users up to speed if they don't have to worry about GPU drivers and compatibility. It's nice how anyone with just a CPU can compete fairly equally right now."
},
{
"id": 103,
"type": "ignore",
"date": "2009-12-12 18:17:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg55#msg55",
"q": "I almost have the svn 0.2 compiling on Mac OS X 10.4.11/Intel (I also have a PPC970 machine here as well so a PPC build would be possible as well). The windowing is native carbon too via wxwidgets! It is FAST! I had to create a new makefile (makefile.osx; based on makefile.unix of course.. given any thought to using autoconf?) and put some ifdef's into header.h. I have patches. I will keep toying around. I might try it on FreeBSD next.",
"a": "Mac support would be nice. wxWidgets really pays off for cross platform.\nPlease don't try PPC. PPC is big-endian and Bitcoin is little-endian, there would be endless endian bugs making it harder for me to debug the network if there's a potentially byte-swapping node out there. PPC is on its way out anyway.\nConsidered autoconf. Autoconf is a necessity for large projects with a quagmire makefile, but I think we're small enough that it's more optimal without it. I'd rather keep the makefile simple as long as possible."
},
{
"id": 104,
"type": "ignore",
"date": "2009-12-12 18:17:10",
"src": "https://bitcointalk.org/index.php?topic=12.msg55#msg55",
"q": "I think that breaking bitcoin into two apps is ideal. A wxwidgets front end (since it is mostly all there) and a backend that binds to a control TCP socket. I have been reading over the source to see how hard it would be to break it apart and I think it should be fairly simple. Of course an API would have to be developed.",
"a": "My head hurts just thinking about that. Funnelling all the UI backend through a TCP connection would make everything twice as hard. There's too much bandwidth between the UI and the internal data structures in order to keep the listview control updated, because of the way the listview control works.\nI'd rather have command line control, that would get us remote admin and batch automation."
},
{
"id": 105,
"type": "ignore",
"date": "2009-12-13 16:51:25",
"src": "https://bitcointalk.org/index.php?topic=12.msg62#msg62",
"q": "One quick question about \"natural deflation\" (as I call it). I have noticed that it is possible to spend to old addresses that no longer work. In essence the coins can not be claimed. Wouldn't there be a natural deflation effect because of this? I mean if the coins max out at 21,000,000 wouldn't the number of coins slowly work backwards due to payment errors?",
"a": "There would be a command line switch at runtime to tell it to run without UI. All it needs to do is not create the main window. A simplistic way would be to disable \"pframeMain->Show\" and \"ptaskbaricon->Show\" in ui.cpp. The network threads don't care that the UI isn't there. The only other UI is a message box in CheckDiskSpace if it runs out of disk space.\nThen a separate command line utility to communicate with it to do things. Not sure what it should be named.\n\"natural deflation\"... I like that name for it. Yes, there will be natural deflation due to payment mistakes and lost data. Coin creation will eventually get slow enough that it is exceeded by natural deflation and we'll have net deflation."
},
{
"id": 106,
"type": "ignore",
"date": "2009-12-14 17:15:56",
"src": "https://bitcointalk.org/index.php?topic=12.msg67#msg67",
"q": "Can anyone shed some light here?\ng++ -c -O0 -Wno-invalid-offsetof -Wformat -g -D__WXMAC__ -DNOPCH -DBUILD_MACOSX -I\"/usr/include\" -I\"/usr/local/include/wx-2.8\" -I\"/usr/local/include\" -I\"/usr/local/boost_1_41_0\" -I\"/sw/include/db4\" -I\"/usr/local/ssl/include\" -I\"/usr/local/lib/wx/include/mac-ansi-release-2.8\" -o headers.h.gch headers.h\n...\nui.h:430: error: no matching function for call to 'wxTextCtrl::SetValue(const std::basic_string<char, std::char_traits<char>, std::allocator<char> >&)'\n/usr/local/include/wx-2.8/wx/textctrl.h:303: note: candidates are: virtual void wxTextCtrlBase::SetValue(const wxString&)",
"a": "It looks like the implicit conversion from std::string to wxString isn't working. That's used everywhere, the conversion needs to work.\nwxString is complicated by supporting win32's 16-bit wchar and 8-bit ansi dual-compile. You can get that problem on Windows if the \"unicode\" (meaning wchar) build is used, so that wxString is wchar and std::string is char.\nIt's probably some wxWidgets compile defines or build configuration. What \"configure\" options did you use?\nI'm not sure __WXMAC__ is the right define. It may be the Mac Classic support that's complicating wxString, and we only want OSX. Try __WXOSX__ (or see below)\nhttp://docs.wxwidgets.org/stable/wx_cppconst.html\n\"There are two wxWidgets ports to Mac OS. One of them, wxMac, exists in two versions: Classic and Carbon. The Classic version is the only one to work on Mac OS version 8. The Carbon version may be built either as CFM or Mach-O (binary format, like ELF) and the former may run under OS 9 while the latter only runs under OS X. Finally, there is a new Cocoa port which can only be used under OS X. To summarize:\n* If you want to test for all Mac platforms, classic and OS X, you should test both __WXMAC__ and __WXCOCOA__.\n* If you want to test for any GUI Mac port under OS X, use __WXOSX__.\n* If you want to test for any port under Mac OS X, including, for example, wxGTK and also wxBase, use __DARWIN__\""
},
{
"id": 107,
"type": "ignore",
"date": "2009-12-15 20:37:32",
"src": "https://bitcointalk.org/index.php?topic=12.msg70#msg70",
"q": "It is also throwing the same std::string issue on the latest version of Ubuntu Linux.",
"a": "Then it must be something you're doing differently with building or configuring wxWidgets.\nWhat options did you use on the wxWidgets \"configure\" script? The options I used are in build-unix.txt."
},
{
"id": 108,
"type": "ignore",
"date": "2009-12-15 20:37:32",
"src": "https://bitcointalk.org/index.php?topic=12.msg70#msg70",
"q": "One question: how do I enable the debug.log? I have tried stopping bitcoin and touching ~/.bitcoin/debug.log and starting bitcoin again. It never seems to write to the file. Am I missing something?",
"a": "Never heard of that happening. Is there anything in debug.log? If you touched the file, that sounds like something is there. Does the program have write access to the file?"
},
{
"id": 109,
"type": "ignore",
"date": "2009-12-17 18:38:06",
"src": "https://bitcointalk.org/index.php?topic=12.msg77#msg77",
"q": "To build on FreeBSD:\nInstall all of the required software from /usr/ports and then compile using the makefile.fbsd\n\"It just works\".",
"a": "That's good, is it running fine on FreeBSD?\nI committed the changes to headers.h. For consistency, I used __BSD__. The complete list of defines is at http://docs.wxwidgets.org/stable/wx_cppconst.html\n#ifdef __BSD__\n#include <netinet/in.h>\n#endif\nmalloc.h is only needed on windows, I'll move that into the __WXMSW__ section before it causes any more trouble."
},
{
"id": 110,
"type": "ignore",
"date": "2009-12-18 17:37:48",
"src": "https://bitcointalk.org/index.php?topic=12.msg79#msg79",
"q": "Hi. I would like to second the headless/non-GUI mode for /*nix/i systems. It would be useful to be able to start the Bitcoin software from an initscript or one's ~/.bashrc (or equivalent) file and let it run in the background, silently cranking away.\nAlso, what would the feasibility of changing the location of the wallet.dat file be for the Win32 client? I ask this because I was playing around with the .zipped Windows Bitcoin client yesterday, and it struck me that it would make a good portable application. I was toying with the idea of decompressing it into a TrueCrypt volume on a USB drive so that it could, say, be taken on the road, run for a few hours, and then shut down just before the volume was unmounted, but it created the wallet.dat file in the C:\\Documents and Settingsame\\Application Data\\Bitcoin directory. In effect, using a portable version of Bitcoin to eventually grow a portable wallet.",
"a": "What you can currently do is set \"Minimize to the tray\" in options, then run it as \"bitcoin -min\" so it starts minimized. The only visible part will be a small (20x20) icon on the tray, which can be doubleclicked if you want to access the UI. Note: there's a bug with tray icons sometimes disappearing on 64-bit Karmic Koala, not sure if it's from 64-bit or Karmic, it was fine on 32-bit Jaunty.\nWe didn't have time to implement the \"Start Bitcoin on system startup\" feature on Linux in time for 0.2 so it's greyed out. I figured Linux people wouldn't mind doing that manually anyway. I guess they need to know about the -min switch to do it right.\nYou can locate the data directory where you want with the \"-datadir=<directory>\" switch. I know someone is already doing that to put it on a TrueCrypt USB drive."
},
{
"id": 111,
"type": "ignore",
"date": "2010-01-05 20:00:46",
"src": "https://bitcointalk.org/index.php?topic=17.msg85#msg85",
"q": "Other nodes aren't going to know which IP you're sending to, your client just connects directly to it. Both IP's are fine as long as the connection routes to the right computer. Anyway, I'd use the inner address inside a network for simplicity.",
"a": "The transfer is immediate if you send by IP address. If you send by bitcoin address and the recipient isn't online at the time, it might take 30 minutes or more to see it.\nAlso, the recipient needs to be synced up with the block chain before it'll see the received transaction. That means the status bar at the bottom needs to say at least 33000 blocks, like \"x connections 33200 blocks x transactions\"."
},
{
"id": 112,
"type": "ignore",
"date": "2010-01-05 20:00:46",
"src": "https://bitcointalk.org/index.php?topic=17.msg85#msg85",
"q": "The number of blocks of a transaction is the amount of new blocks that have been generated by the whole network after the transaction. Each new block in the chain means new coins to its creator. One \"generated\" -transaction in your transaction list means that you have generated one block. You're not the first one to find the concept of a \"block\" a bit confusing on the first sight.",
"a": "Would it be clearer if the status said \"x confirmations\", like:\n2/unconfirmed\n3/unconfirmed\n4/unconfirmed\n5/unconfirmed\n6 confirmations\n7 confirmations\n8 confirmations\nEach block essentially means another node has confirmed that it agrees with all transactions up to that point."
},
{
"id": 113,
"type": "ignore",
"date": "2010-01-14 20:17:20",
"src": "https://bitcointalk.org/index.php?topic=18.msg97#msg97",
"q": "Can bitcoin be compiled to run on 64 bit systems yet? -m64 seems to break the compile.\n(Not trying to nag or anything).\nOn a side node: I have noticed that the network is about 3x larger than normal now. I see more nodes!",
"a": "I haven't tried compiling 64-bit yet. 64-bit wouldn't make it any faster, since it uses 64-bit numbers in only a few places and SHA-256 is a 32-bit algorithm, but it may be convenient for those running a 64-bit OS. If I get a chance I'll try -m64 and see what the problem is.\nYou can run the 32-bit version on 64-bit Linux by installing ia32-libs. (sudo apt-get install ia32-libs) If we made a Debian package, it could automatically pull that in as a dependency."
},
{
"id": 114,
"date": "2010-01-20 20:07:15",
"src": "https://bitcointalk.org/index.php?topic=21.msg112#msg112",
"q": "What exactly does the number of connections do for me? Do I generate more coins with more connections, or is it equivalent no matter what?\nIt seems that from time to time, Tor gets tied up and can go for a few hours with 3 or 4 connections. Then, when I restart bitcoin or restart Tor to refresh my connections, I can get 7,8, or even more (9 currently).\nI haven't really been able to tell if coins generate slower or not with less connections, but I was curious if it does correlate. If not, how exactly will having more connections help me out compared to less?",
"a": "Coins generate at the same speed with any number of connections >= 1.\nMore connections just add redundancy. If you only had one connection, what if that node is slow or busy, or only connected to you? Having several connections increases the certainty that you're well connected to the network. That hasn't been a problem in practice, the network is very thoroughly connected. If you have 2 or 3 connections, you're fine."
},
{
"id": 115,
"date": "2010-01-20 22:05:28",
"src": "https://bitcointalk.org/index.php?topic=22.msg113#msg113",
"q": "Hello,\nI have had another idea.\nIt would be very cool to be able to have TOR and I2P seeds. For example: I could run BT within TOR-land on a .onion address. A client could connect their BT to TOR and have it seed from a .onion address and use it as a connected peer. (Likewise for I2P: someone could run a .i2p service that is -- well -- BC).\nI might setup a couple of nodes in this fashion and post the tunnels on this forum. I already run a lot of I2P and TOR nodes so adding BC to the mix is quite trivial.\nI support the idea of making BC compatible with TOR and I2P to increase the privacy of the system. I mean: why re-invent the wheel? There are thousands of mix network nodes just sitting there that can be used to enhance BC.\nCheers!",
"a": "I've been thinking about that for a while. I want to add the backend support for .onion addresses and connecting to them, then go from there.\nThere aren't many .onion addresses in use for anything because the user has to go through a number of steps to create one. Configure TOR to generate a .onion address, restart TOR, configure it with the generated address. Perhaps this is intentional to keep TOR so it can't be integrated into file sharing programs in any sufficiently automated way."
},
{
"id": 116,
"type": "ignore",
"date": "2010-01-27 21:52:27",
"src": "https://bitcointalk.org/index.php?topic=27.msg156#msg156",
"q": "Lately when I've been trying to send coins, the following popups twice, then the application terminates.\nEXCEPTION: St13runtime_error\nSendMoney() : wtxNew.AcceptTransaction() failed\nc:\\Documents and Settingsame\bitcoin-0.2.0\bitcoin.exe in\nCMyApp::OnExceptionInMainLoop()\nWhen i restart bitcoin.exe, the transaction is showing as 0/unconfirmed. The status do not change even when the total block count increases.\nI'm running two instances of bitcoin in my home LAN, one at my desktop computer, and one in a virtual machine on my laptop, with the switch -connect=192.168.0.2 (ip of desktop computer).\nThis occurs when I send to my own bitcoin address, to my other computers bitcoin address and to an other bitcoin address not currently active anywhere. I'm not sending by ip.\nI've been moving wallets and index-files back and forth, could this have something to do with this?",
"a": "That is what happens if you copy wallet files around. If you copy your wallet file to a second computer, then they both think the money in the wallet is theirs. If one spends any of it, the other doesn't know those coins are already spent and would try to spend them again, and that's the error you would hit.\nNow that it's clear this is a key error message, it ought to be something more like \"the money appears to be already spent... this could happen if you used a copy of your wallet file on another computer.\"\nYou can move or backup your wallet file, but it needs to have only one \"lineage\" and only used in one place at a time. Any time you transfer money out of it, then you must no longer use any previous copies.\nThis brings up a good point. In the case of restoring a backup that may be from before you spent some coins, we need to add functionality to resync it to discover which coins have already been spent. This would not be hard to do, it just hasn't been implemented yet. I'll add it to the list. This would make it mostly repair the situation instead of giving that error message."
},
{
"id": 117,
"date": "2010-01-28 01:01:48",
"src": "https://bitcointalk.org/index.php?topic=25.msg159#msg159",
"q": "I think it was some technical limitation. Satoshi could tell more about this?",
"a": "Yes, it's a technical limitation. Sending by bitcoin address enters the transaction into the network and the recipient discovers it from the network. You don't connect directly with them and they don't have to be online at the time.\nI very much wanted to find some way to include a short message, but the problem is, the whole world would be able to see the message. As much as you may keep reminding people that the message is completely non-private, it would be an accident waiting to happen.\nUnfortunately, ECDSA can only sign signatures, it can't encrypt messages, and we need the small size of ECDSA. RSA can encrypt messages, but it's many times bigger than ECDSA."
},
{
"id": 118,
"type": "ignore",
"date": "2010-01-28 01:08:33",
"src": "https://bitcointalk.org/index.php?topic=28.msg160#msg160",
"q": "Yes it will.\nImportance is relative. You can use the number of blocks to calculate some statistics. Also, if you press ctrl+[numpad+], you will see the serial number and hash of the blocks. (At least on windows).",
"a": "Where it says \"# blocks\" in the status column I'm changing it to say \"# confirmations\". That might be clearer.\nIf you doubleclick on the transaction you get a little more information."
},
{
"id": 119,
"date": "2010-01-28 23:08:02",
"src": "https://bitcointalk.org/index.php?topic=27.msg170#msg170",
"q": "Yes, I thought it had something to do with that.\nIt would be nice if there was a wallet tool for merging wallet files, removing unused bitcoin addresses and as you say resyncing. (I tried to just re-download all the blocks, but as you know the transactions stayed anyway.)\nWhat about resyncing in the future when the Merkle-tree is pruned?",
"a": "The resync idea would go through your wallet and check it against the block index to find any transactions that your current computer doesn't realize are already spent. That could happen if they were spent on another computer with a copy of the wallet file, or you had to restore the wallet to a backup from before they were spent. Currently, the software just assumes it always knows whether its transactions are spent because it marks them spent in wallet.dat when it spends them.\nA wallet merge tool is possible to implement but much less in demand once resync solves most of the problem. With resync, you could do about the same thing by sending all the money from one wallet to the other. The receiver would resync and discover all its overlapping coins were spent, then receive them in the new transaction."
},
{
"id": 120,
"type": "ignore",
"date": "2010-01-28 23:26:09",
"src": "https://bitcointalk.org/index.php?topic=29.msg172#msg172",
"q": "Satoshi, when we may expect the new command line-abled version of Bitcoin? Or is it possible to compile Bitcoin 0.2 in a way it can be used by command lines?",
"a": "That's the right way to do it as riX says. The software can generate a new bitcoin address whenever you need one for each payment. \"Please send X bc to [single-use bitcoin address] to complete your order\" When the server receives that amount to the bitcoin address, that could trigger it to automatically fulfil the order or e-mail the shop owner.\nAdding command line support is a high priority. It's just a matter of getting the time to code it."
},
{
"id": 121,
"date": "2010-01-29 00:22:13",
"src": "https://bitcointalk.org/index.php?topic=25.msg173#msg173",
"q": "Why don't you make them send the email before the transaction? Then you could reply to that email with a new and unique bitcoin address. You don't even need to use email, it would be equally secure, although not that anonymous, to announce the customers email together with the bitcoin address on the frontpage of your site.\nThe method you are using now is equal to someone sending you cash in an envelope anonymously, including a note with the time he posted it, after which you send goods back to the first person calling you stating the time and amount in the envelope. (Including the mailman and anyone who has access to you mailbox).\nSending the email before the transaction is equal to someone calling you, getting a unique box address which to send the money to. When the money arrives to that post box, you send the goods to the customer.",
"a": "The recommended ways to do a payment for an order:\n1) The merchant has a static IP, the customer sends to it with a comment.\n2) The merchant creates a new bitcoin address, gives it to the customer, the customer sends to that address. This will be the standard way for website software to do it.\nRSA vs ECDSA: it's not the size of the executable but the size of the data. I thought it would be impractical if the block chain, bitcoin addresses, disk space and bandwidth requirements were all an order of magnitude bigger. Also, even if using RSA for messages, it would still make sense to do all the bitcoin network with ECDSA and use RSA in parallel for only the message part. In that case, everything that's been implemented up to now would be implemented exactly as it has been.\nWe can figure out the best way to do this much later. It could use a separate (maybe existing) e-mail or IM infrastructure to pass messages, and instead of RSA, maybe just put a hash of the message in the transaction to prove that the transaction is for the order described in the message. The message would have to include a salt so nobody could brute force the hash to reveal a short message."
},
{
"id": 122,
"type": "ignore",
"date": "2010-01-29 00:42:49",
"src": "https://bitcointalk.org/index.php?topic=18.msg174#msg174",
"q": "I second the request for 64-bit support, even if it wouldn't make the app run faster. I'm no expert, but I can't see any harm in it. On the other hand, it's a good way to embrace the future.",
"a": "I committed a fix for 64-bit compile and some fixes to support wxWidgets 2.9.0.\nThere was one compile error in serialize.h with min(sizeof()) that I fixed for 64-bit. The rest of the 64-bit compile errors I was getting were in wxWidgets 2.8.9, so I started working on supporting wxWidgets 2.9.0.\nwxWidgets 2.9.0 is UTF-8. We've been using the ANSI version of wxWidgets 2.8.9 in anticipation of wxWidgets UTF-8 support.\nI compiled and ran on 64-bit Ubuntu 9.10 Karmic.\nI think the only bug left is where the status number is mashed up. I'm not sure why, I have to suspect it's a UTF-8 thing, but no idea how that could happen. Haven't looked into it.\nbuild-unix.txt is updated and two makefiles on SVN:\nmakefile.unix.wx2.8\nmakefile.unix.wx2.9\nUnfortunately there's still no debian package for either version of wxWidgets we use. They only have the wchar (\"unicode\") version of wxWidgets 2.8, which is a disaster because wchar wxString doesn't convert to std::string. We use either ANSI wxWidgets 2.8, or wxWidgets 2.9. So you still have to get it and build it yourself."
},
{
"id": 123,
"type": "ignore",
"date": "2010-02-03 23:36:54",
"src": "https://bitcointalk.org/index.php?topic=35.msg220#msg220",
"q": "I wanted to document an issue I encountered when first installing and using the Bitcoin software.\nDespite a correct installation and port forward settings I noticed that Bitcoin was not generating any coins or 'blocks' despite having 20+ connections for the first 24hrs. The block count just remained at 0. After realizing that Bitcoin was not 'catching up' with the collective network block download or generation I opened up the Task Manager to investigate the issue further.\nI noticed that the bitcoin.exe process seemed to be 'fighting' for CPU usage against MsMpEng.exe (Microsoft Security Essentials). I hadn't noticed any system slowdown due to having a fairly high spec. PC. After adding bitcoin.exe and the appropriate program folder locations to Exclude 'Files and Locations' and 'Exclude Processes' - Bitcoin instantly started generating blocks and the CPU processes returned to normal.\nI did not have any virus alerts or even 'false positive' identifications for Bitcoin. I know that the software is 100% OK. I'm assuming that the 'Live Protection' engine in Microsoft Security Essentials just doesn't 'play well' with some aspect of the CPU hungry cycles used in 'block' generation.\nI have yet to do more testing, however I also encountered the same issue when using Comodo Internet Security (free version).\nThis is obviously going to be an issue for lots of new Bitcoin users who will perhaps be less 'tech savvy'. Has anyone else encountered any similar issues ?",
"a": "Thanks for that. Which version of Windows?"
},
{
"id": 124,
"date": "2010-02-04 00:07:07",
"src": "https://bitcointalk.org/index.php?topic=34.msg222#msg222",
"q": "Not so ? I have had 2 machines connected (getting 4+ connections on each) and generating Bitcoins on the same static IP address. The port 8333 is of course forwarded for connection through my firewall, which I guess is what you mean. However, connections to other nodes are made without port 8333 being specifically forwarded through my router to a specific machine (sub-net IP), which is of course the best way to max connectivity. I understand Bitcoin only requires 1 other connection for transactions, yes ?\nI think my original question was valid and thanks for clarifying this everyone. NewLibertyStandard I think is correct \"If I remember correctly I think I was told that they would be sent to the first bitcoin application with whom the sender connects.\"\nI dislike communication on forums, it's hard to discuss topics sometimes when all parties mean the same thing and communicate it in a different way !\nI have enough internet connections, routers and PC equipment - So, I'm off to make an 'official' test for myself whilst I RTM",
"a": "Port forwarding forwards a port to one computer. It tells the router which computer handles connections to that port. So that's the computer receiving.\nIf you didn't set up port forwarding, then incoming connections won't go to any computer, and attempts to send to that IP would just say it couldn't connect to the recipient and nothing is sent. When sending by IP, you still send to a bitcoin address, but your computer connects to that IP, gets a new bitcoin address from it, gives the transaction directly to the them and confirms that it was received and accepted.\nSomeone should post their static IP so people can try out sending by IP and also give that user free money.\nThere's a 32-bit checksum in bitcoin addresses so you can't accidentally type an invalid address.\nIf 4) you send to a recipient who has abandoned or lost their wallet.dat, then the money is lost. A subtle point can be made that since there is then less total money in circulation, everyone's remaining money is worth slightly more, aka \"natural deflation\"."
},
{
"id": 125,
"type": "ignore",
"date": "2010-02-04 00:30:50",
"src": "https://bitcointalk.org/index.php?topic=22.msg223#msg223",
"q": "OK thanks riX.\nSo, once Bitcoin has connected to at least one node then the -connect option will eliminate the 6667 warnings.\nIs Bitcoin using any kind of 'peer exchange' or DHT because this still does not seem to prevent the constant Tor 'exit' warnings and therefore Tor's requirement to try a new 'exit' node for connection. (which is problematic ! For Tor anyway, not Bitcoin ) This is really what I meant by \"However, Bitcoin must try to connect with all nodes to check its not missing any blocks ?\" I just communicated it incorrectly.\nI2P would seem to be a much easier solution to implement to increase a Bitcoins users anonymity.\nhttp://forum.i2p2.de/viewtopic.php?t=3946&sid=213e3cd998db98c4511675ecbba17af4\nI'm also testing JonDonym http://anonymous-proxy-servers.net/ (only the paid services support socks !) However, they do accept paysafecards which can currently be brought in exchange for Bitcoins.",
"a": "When using proxy port 9050, it will only make one attempt to connect to IRC, then give up, since it knows it will probably always fail because IRC servers ban all the TOR exit nodes. If you're using another port, it would assume it might be a regular old normal proxy and would keep retrying IRC at longer and longer intervals. You should not use Polipo or Privoxy as those are http filters and caches that would corrupt Bitcoin's messages if they make any changes. Bitcoin might be trying to overcome it by reconnecting. You should use port 9050.\nAs riX says, the \"is giving Tor only an IP address. Apps that do DNS...\" warnings are nothing to worry about. Bitcoin doesn't use DNS at all in proxy mode.\nSince Bitcoin can't get through to IRC through Tor, it doesn't know which nodes are currently online, so it has to try all the recently seen nodes. It tries to conserve connection attempts as much as possible, but also people want it to connect quickly when they start it up and reconnect quickly if disconnected. It uses an algorithm where it tries an IP less and less frequently the longer ago it was successful connected. For example, for a node it saw 24 hours ago, it would wait 5 hours between connection attempts. Once it has at least 2 connections, it won't try anything over a week old, and 5 connections it won't try anything over 24 hours old."
},
{
"id": 126,
"date": "2010-02-05 19:44:46",
"src": "https://bitcointalk.org/index.php?topic=34.msg250#msg250",
"q": "Perhaps there should be a feature against this? For instance, if a transaction isn't accepted by the recipient for a long period of time (a month?), the transaction will be canceled and the coins returned to the one who sent them?",
"a": "That's not possible. You've handed control of the money over to the recipient's keypair. Only that key can control it.\nIt's similar to if you encrypt a file with AES and a strong password, and you lose the password. The data is lost."
},
{
"id": 127,
"date": "2010-02-06 21:06:32",
"src": "https://bitcointalk.org/index.php?topic=7.msg264#msg264",
"q": "Someone correct me people, but I thought it IS already anonymous! Can the person I'm transferring money to know my IP or something?",
"a": "When you send to a bitcoin address, you don't connect to the recipient. You send the transaction to the network the same way you relay transactions. There's no distinction between a transaction you originated and one you received from another node that you're relaying in a broadcast. With a very small network though, someone might still figure it out by process of elimination. It'll be better when the network is larger.\nIf you send by IP, the recipient sees you because you connect to their IP. You could use TOR to mask that.\nYou could use TOR if you don't want anyone to know you're even using Bitcoin.\nBitcoin is still very new and has not been independently analysed. If you're serious about privacy, TOR is an advisable precaution."
},
{
"id": 128,
"date": "2010-02-06 23:25:53",
"src": "https://bitcointalk.org/index.php?topic=44.msg267#msg267",
"q": "Removing or extending the 21M limit would be a disaster, it's the finite supply of this digital cash that makes it useful as money.\nAllowing for the currency to be further divided would solve that issue. No one loses the value of any of their currency held(devaluation or debasing), while at the same time being able to break off smaller pieces of a ฿ to trade.\nBesides, the whole point is that there is no (central)control over the supply, this would allow it to be extinguished by governments or abused by a central authority (like today's central banks & governments)\nI am wondering Satoshi, what would be the technical difficulty of implementing ฿ as 0.000(or more zeroes) instead of 0.00?\nThis is not a request since there is no need for it yet, but may wish to acommadate a larger user base in the future.",
"a": "Eventually at most only 21 million coins for 6.8 billion people in the world if it really gets huge.\nBut don't worry, there are another 6 decimal places that aren't shown, for a total of 8 decimal places internally. It shows 1.00 but internally it's 1.00000000. If there's massive deflation in the future, the software could show more decimal places.\nIf it gets tiresome working with small numbers, we could change where the display shows the decimal point. Same amount of money, just different convention for where the \",\"'s and \".\"'s go. e.g. moving the decimal place 3 places would mean if you had 1.00000 before, now it shows it as 1,000.00."
},
{
"id": 129,
"date": "2010-02-08 01:22:29",
"src": "https://bitcointalk.org/index.php?topic=45.msg278#msg278",
"q": "Is there a high-res bitcoin logo? Or a vector-image?",
"a": "No, sorry. I've been meaning to redo it. The largest icon that still looks good is the 20x20 one which is used for the tray icon in GNOME. Any larger than that looks bad. The 16x16 and 20x20 ones have quite a bit of hand tweaking to get the pixels to work out right. If you just scale down a larger image, the pixels end up blurred and awkward in places where the lines in \"BC\" don't land square on a pixel.\nThe best 16x16 with full alpha channel is in src/rc/bitcoin.ico. I don't like the 32x32 version.\nI'm attaching bitcoin20x20.png, the 20x20 version with full transparency."
},
{