Freedom fighter, stoic, thinker, maker.
Bitcoin Engineer and Leader. 🦢
Former
@CasaHODL
,
@BitGo
.
I tweet about bitcoin and freedom. Tesla and SpaceX too.
Under my controversial post yesterday stating that CAT is gonna happen and we should do additional things with it, one topic stood out as worth exploring further. How do soft forks, hard forks, UASF, URSF, and other bitcoin forking terms relate? What do they all mean and what
@Safety
I see that you have elected to ban Hamas affiliated accounts, but not those of the IDF. How can you be confident that one is a terrorist organization and the other is not. To my eye, they both seem to violate international law and murder civilians.
@satoshimoneybtc
₿ 0.00,283,947
Fade the leading 0s, but show them to help people develop comfort with the relationship between sats and bitcoin. I find it really helpful to have the fixed-precision representation - always 8 digits after the decimal.
BIP352 Silent Payments addresses are amazing.
I know we're all used to BIP32 extended public keys and extended private keys (xpub and xpriv), but hear me out.
With an xpub/xpriv setup, you have exactly 2 levels of disclosure for your keys. You give anyone who wants to send you
Running a bitcoin node doesn't give you power. It gives you sovereignty.
Sovereignty to choose whether to be in consensus or not. Sovereignty to have a reliable view of the open relay network or not. Not power to force your rules on others.
Listening the the recently ended
@BitcoinMagazine
spaces conversation between
@brian_trollz
and
@LynAldenContact
really hammered home the need for a new way of talking about upgrades for bitcoin.
Lyn repeatedly brought up a difference between "more expressive" and "less
Ouch. UTXO management matters. Accepting tiny deposits on chain is expensive.
Hey
@coinbase
, you considered using Lightning network instead of losing millions of dollars?
Since Magic Eden started using this address in early December '23, Coinbase has paid 65.16 BTC* to consolidate 183,743 inputs worth 140.30 BTC.
For 110,444 of those (worth 12.30 BTC), the fees paid actually exceeded the value of the inputs, leading to a dead loss of 34 BTC.
If you think bitcoin is going to usher in your personal fantasy of an idealized culture, you're wrong.
Bitcoin is fuck you money, and that includes you, personally.
ROFL. Just got 900 of the 1000 USD that MtGox owed me. Nearly a decade later. Had to give trashpal my SSN so they can snitch to the feds that I might owe income tax on my $100 loss over 10 years.
@CSI_Starbase
I very nearly cannot believe they flipped and landed softly using that flap.
Frankly, this test flight makes me extremely optimistic about the future safety and re-usability of the vehicle.
Some personal opinions on the relative power and risk of various things being proposed for bitcoin's future:
Risk of a bug in the code itself (low to high): CAT
CTV
APO
LNHANCE
I've appreciated the feedback that I can sometimes come across as FUDing when I say that bitcoin will die if it ossifies.
Let's be perfectly clear (and I said most of this on
@stephanlivera
): If bitcoin ossifies as it is, I think it'll be good money for a decade or two before
@MrHodl
@boyacaxa
@reardencode
@stephanlivera
This is exactly the type of thing that makes me suspicious of CTV folk. The FUD tactics. Sure, not everyone does it, but it's pretty ugly behaviour for a "bitcoiner". It's very shitcoinny in nature.
CTV, APO, LNHANCE, TXHASH, CCV, VAULT, etc. have failed to gain consensus because they are variously framed by both what they do enable and what they deliberately avoid enabling (e.g. CTV and LNHANCE avoid enabling Drivechains, but do enable coinpools and lightning symmetry
@reardencode
@rusty_twit
I would've liked to see more of pros cons vs smaller change like CTV, maybe in the bip itself but that's probably not the place for that discussion
Big thanks to
@achow101
for taking the time to go through the history of the BIP119 (CTV) validation logic PR on bitcoin core with me today. Some of what I've said about CTV is not totally accurate.
The code has had some changes within the past 2 years to resolve important an
Briefly, here's the definition of restored script:
* Restore all opcodes from bitcoin 0.3.4 (with L/RSHIFT renamed to UP/DOWNSHIFT)
* Protect from DOS by using a varops validation budget that ensures that scripts cannot have a worse worst case validation time than today
* Convert
My proposal to provide CTV+APO with high quality upgrade paths, no additional cost for APO or Tapscript CTV, and in a clear unified structure. Thanks to Russel O'Connor for the earlier OP_TXHASH+CSFS proposal, and everyone who gave me feedback.
> you cannot change Bitcoin, only adapt to its reality
This cannot be repeated enough. People who bitcoin flushes out over the many years are those who develop a fixed view of what bitcoin is (or should be) and are unable to adapt to its reality.
Vitalik: Bitcoin is a computer
It's massive opportunity to redefine the cultural & technological landscape of Bitcoin
One thing I've insisted on for years is that you cannot change Bitcoin, only adapt to its reality
IMHO
@pete_rizzo_
&
@DavidFBailey
and the BM team have been models of resilience & adaptation
Since we're going to add OP_CAT to bitcoin, we owe it to ourselves to enable better vaults than
@rot13maxi
's abomination.
With CAT, CTV, and TWEAKADD, ergonomic vaults are possible with simple scripts. With CSFS too, post-signed (in contrast to pre-signed) vaults are possible.
Many good points from an irritating source.
One important counterpoint is that many who use and enjoy lightning (myself included) do so with eyes open to the limitations of channel based scaling. Which is not the same as it being a failure. Channel based scaling works great for
Take a moment to appreciate that we are living in the transition period between the age of democratic republics and the age of Snow Crash style franculates.
Yesterday a private company launched the most powerful rocket ever. The launch was heralded by a flyby of privately owned
I finally made time to read John Law's lightning scaling with simple covenants paper:
The structures he proposes have remarkable similarity to Ark, but with some twists. Long and short CTV or APO-based covenants are sufficient to build highly scalable
@gladstein
> What is my experience like? Do I receive "Bitcoin"? Or Lightning? Or something different?
You receive bitcoin in a shared UTXO. Just like you currently receive bitcoin in a lightning channel if you're a lightning user.
> Do I write down a seed phrase that can be used to
@TomerStrolight
@p0stc4p0n3
Always happy to have a high bandwidth conversation on the topic, but here it is:
* Updates to the bitcoin ledger are largely secured by public keys and signatures.
* Public keys and signatures are data.
* It is possible to craft public keys and/or signatures so that they
If you say "CTV lets government make permanent whitelists" in 2024, your opinion of any and all upgrades to bitcoin will be ignored. We need to evaluate whether to take someone's opinion seriously on these important questions and this a fair minimum bar.
I've been a bitcoin maximalist since it meant only one public blockchain money makes sense and all other "crypto" should just be anchored to bitcoin. Not sure what this new wave of bitcoin purity maximalism is about, but it's definitely not what I'm here for.
Update on LNHANCE vs APO for LN-Symmetry(Eltoo):
Thanks
@4moonsettler
for pointing this out and sending me to do more research.
As noted by
@theinstagibbs
, using CTV(ish) in LN-Symmetry can eliminate round-trips from parts of the resulting payment protocol, but this has further
Here's a comparison of some covenant proposals for bitcoin and which of 3 (relatively) near term features they support.
TXHASH/TX+CSFS lack BIPs or code (+bikeshed)
APO+CTV or APO+ open up design space for bitcoiners and are ~ready now
There will never be an AI supremacy. Why? Power efficiency.
A human requires ~15MWh of energy to develop adult level intelligence (including a college degree). Tesla's 2023 training cluster uses that much energy in 2 hours.
According to Tesla's site, it takes 70,000 GPU hours
@brian_trollz
The question is: Are we anything more than probabilistic models mirroring training data (i.e. our life experience)? My speculation is that to a close approximation, we are the same as these AI models. The problem is that we're incredibly (and I mean exponentially) more efficient
Reasons to soft fork bip119/CTV (over APO) are piling up:
CTV enables Ark and other protocols immediately.
@ajtowns
thinks the lightning devs should focus on Taproot channels and other features:
APO cannot emulate CTV:
But (for
Lightning scaled by packing more payments into each update to the base ledger.
Output covenants will scale by packing more balances into each UTXO.
These lower fees for making payments and holding balances without increasing block size or validation cost.
@ndeet
@OwenKemeys
@robin_linus
@csuwildcat
@Polyd_
If you read through Jeremy Rubin's CTV advent calendar from 2 years ago, you'll see some scaling type proposals mixed in there.
Fundamentally, we need to solve 2 things for the type of scaling we seem to agree that bitcoin needs: 1) Scaling of n-payments and 2) scaling of
Important update: Mutiny Wallet will be winding down operations by the end of the year.
We're exploring new directions as a company. For full details on the shutdown and our future plans, please read our latest blog post:
I have come up with a better design for Lightning Symmetry channel scripts when combined with LNHANCE. This design presentsa significant weight saving in non-cooperative closes compared to APO-Symmetry channels, or previous ideas for LNHANCE-Symmetry.
I alluded to this when talking with
@real_vijay
, but didn't make it explicit: by the time a bitcoin change becomes a need it's already too late. If centralized custodians holding most bitcoin are rehypothecating or forking it, we can't then improve UX of self custody and recover
@theonevortex
@adam3us
@reardencode
It’s also the case that some software changes are “needs” whereas others are “wants”, and it’s ok to distinguish between the two, and it doesn’t mean that only “needs” should be implemented.
This exchange has been very useful to me.
I think the "CAT introduces infinite everything" has been reduced to the following:
CAT introduces the possibility of open sequence AMMs and trustless 2wp sidechains.
These essentially devolve to the same thing: a miner can choose
@ajtowns
@robin_linus
If we include MEVil etc in the “attack surface” I think Robin is clearly right? If we don’t probably not? Seems y’all are talking past each other here.
*blockspace is a scarce resource extracted from the network by miners*
The only restriction on its use is price, which is working perfectly to manage the relationship between supply and demand.
If the network wants to change the allowable production schedule or design of
@tayvano_
Best guess is that the attacker found a vulnerable signing procedure in some coin, token, or airdrop claim that these users all participated in. That old signature(s) let them extract a private key at a known unhardened bip32 path and compute the root key.
Repeat after me: "Bitcoin is an adversarial network, people will do what the hell they want."
If miners activate CAT and users decide to transact using nodes that enforce it, then guess what, it's bitcoin.
Repeat after me - "Miner Activated" forks are not forks.
They're not active in any useful sense - They take "anyone can spend" opcodes and turn them into "miners can spend" opcodes while risking chain splits that degrade the security of the network.
Only a fool would like this
Realized the bit commitments I "invented" for BitVM are actually Lamport signatures which
@JeremyRubin
already told me about in 2021.
Updated the BitVM white paper to add a proper citation of Jeremy's work.
@Devon_Eriksen_
@jk_rowling
You've just blown my mind. This makes perfect sense. So many young men in my generation grew up being constantly treated as defective girls and women.
I need to digest.
@portna
Let me repeat your words to you: this is not a cold, it's a cold.
Coronaviruses of many strains cause 20% of colds. They did before 2019, and they do after.
New strains pop up periodically and occasionally cause more severe illness in initial years. Then, just another cold.
I've been working hard on getting this to be concrete instead of FUD. There are 2 features introduced by CAT that could lead down a perilous path:
1) By allowing us to deconstruct any hashed opcode or Schnorr sighash, it allows introspection of any data hashed by those things.
@benthecarman
Nobody can explain the attack vector or degree of risks for OP_CAT and that sounds like the worst f*cking idea ever. If we don’t know the limits of what this can do or the potential effects it could have, adding it into
#Bitcoin
sounds like a horrible idea, imo.
I had the pleasure of discussing ossification with
@real_vijay
on
@stephanlivera
's show earlier this week. Check the show out here:
Few notes that I didn't quite get to:
* I completely agree with Vijay's skepticism toward the egalitarian streak of certain
@PeterScottMorg1
Say it with me: The current fee spike is caused by "spam" of a variant that does not in any way take advantage of the increased limits from Taproot, nor the discount of SegWit. They would actually save fees by using a legacy P2PK, bare multisig, or OP_RETURN.
@caesararum
Did a bit of research in response to this.
In short, it's hard to be iodine deficient in the modern world.
1cup of most milk is 75% RDA
4eggs is 100%
100g salmon has 10%
100g cod has 150%
Hell, even a slice of Wonderbread has 2%
Historically, poor people eating survival
@Cipherhoodlum
If you had heard podcasts about OP_CSV back in the day would it have been compelling to you? Why bother having relative lock times when we already have absolute lock times? And yet CSV was critical to enabling Lightning Network.
CTV is similar - it seems unassuming: Let a user
SLP505 MuSig2 in Practice, APO, CTV & Bitcoin Soft Forks with
@reardencode
Brandon and I chat:
- MuSig2 benefits
- MPC gang vs script boys
- CTV
- APO
- New proposal offering features of both
Totally the wrong question to ask. This isn't about a need, or an urgency. It's merely about making bitcoin the best and strongest it can be.
There will be ever stronger attacks against bitcoin and we would be delinquent in our responsibilities as early adopters not to maximize
Don't fall for the false choice of "which script."
The fake threat of a miner activated fork is a marketing tactic to fool you into thinking you have to choose one.
The real Q is:
Do we need to activate ANY script BIP right now?
Let's answer that first.
Loving this rumor that miners might try to activate CAT. Embrace forks.
What I'm curious about: who will sell against CAT? I won't, even though I think there are better paths for bitcoin next than CAT. I'll hold both if this turns into a chain split.
I've now had a chance to review this BIP, and I think the proposal is excellent. My detailed comments are here:
The only real reservation I have with this proposal is the size of code change (~4x compared to CTV).
Can/should we just do CTV first? :)
Steven Roose just submitted a PR for TXHASH which is a great covenants proposal similar to CTV, but more expressive. Steven and
@brqgoo
designed it for Ark to solve some edge cases regarding fees, which wasn't possible with CTV.
I strongly support TXHASH
It's weird to be accused of trying to derail or delay bitcoin development when I've been focusing my available energy on finding common ground, clarifying confusing concepts, and moving forward with improvements to bitcoin. I made a comparison chart of different covenants and the
@TomerStrolight
That's because the block interval before their block was 18 minutes and the ones on either side were 3.
Which simply shows that important time sensitive transactions pay a premium to stay in the next block as block intervals extend.
It's time to scale Bitcoin.
We're thrilled to announce OP_NEXT, a technical and workshop-heavy conference exploring Bitcoin's next soft fork.
We'll be hosting OP_NEXT at the Fidelity Center For Applied Technology on Saturday, November 9.
He's right. But he misses that it's also true in reverse.
When Satoshi slap dash patched CVE 2010 5137 he significantly disabled self sovereign holding of bitcoin. By finishing the fix, we make no sacrifice of store of value, but do enable greater self sovereign holding.
This was the most interesting part of
@PeterMcCormack
and
@saylor
's recent conversation in my opinion.
"...at some point we're sacrificing the interests of sound money in pursuit of the ideal of sovereignty of the individual and it's not clear to me that you get both."
I read this blog from
@TheBlueMatt
, which may or may not have been inspired by my post about a rumored CAT MASF.
I largely (and unsurprisingly) agree with Matt on most of it, but diametrically disagree with his framing that increasing expressiveness of
@1440000bytes
eCash is amazing - it has all of the custody risks of a self custody wallet _and_ all of the custody risks of a custodial wallet wrapped into one!
Note: I'm actually a fan of ecash, and there are privacy and other bearer asset benefits of it, but we gotta be realistic about the
I support activating CTV.
Regardless of method.
Sooner preferred to later.
Regardless of whether we also do APO, VAULT, TXHASH, CSFS, or anything else concurrently or subsequently.
CTV (check testosterone verify) paired with CSFS (check sandwich from stack) and IKEY (intermittent ketosis) will bring forth a golden age of gainz (in adoption).
#LNHANCE