"paper bitcoin" story playing again, to avoid repetition here's a thread to debunk that theory. think about it: fundamentally there are very few people who are long-term short bitcoin because it's volatile and tends to go up 10x in short periods so no one wants to short it. one data point: there are generally no call or put options longer than 12 month duration. that's because no one wants to sell the calls. lots of people would buy them. with futures (perpetuals and dated futures) they are side-contracts, so there is a short seller for every buyer.

"a security is first and foremost an ethical concept, which is why the legal concept even exists" -@allenf32
you're relying on company management or service opetators who have privileged information, and management discretion affecting your investment. they defacto could rob you Cypherpunks like Wei Dai, Tim May, myself were interested in smart contracts, anonymous or pseudonymous commerce using reputations, good behavior bonds etc without the possibility for physical enforcement and smart contracts rather than court/arbitration process. A decade of alt

early this year i was curious of the claim "bitcoin 2x's per year on average". it checks: the decade jan 2013 - dec 2022 #bitcoin went up 2.036x/year (1200x in a decade). if that continues we'll cross $10mil/BTC and $200 tril market cap by end of next 2 halvenings, about 9 years. $200 trillion is a @halfin 2009 #bitcoin market cap prediction number. it's a LOT, displaces a significant part of the store of value premiums in bonds, real estate monetary premium, gold, 60:40 stock portfolios, etc. some think adoption will slow, derivatives reduce volatility.

what if gold miners agreed to "improve" it, selling gold plated lead as gold, wouldn't users have to follow? obviously no. yet for #bitcoin newcomers keep getting hung up on this. #bitcoin miners cannot change it, and it's more automatic: ever node assays and rejects digital lead the crux of it is buyers know what they want: pure real gold, and real bitcoin. money is a technology and #bitcoin is better gold, digital gold with a huge network effect and investor history and conviction: buyers know they want real bitcoin, and they can tell the difference.

for first-seen-safe transactions, a current topic of discussion, I had proposed in 2013 #bitcoin-wizards IRC a different way to do it, based on an older concept called "limited show" credentials, an idea comes from electronic cash where you want to deter double-spending in an offline electronic cash system (where people can spend device to device without being able to reach a server or the network), i think the same idea works for bitcoin, but with some new trade-offs. the idea is simple to understand - users could double-spend but if they do then

@nic__carter @VitalikButerin It depends what purpose it works for. Don't forget the context, some PoS coin promoters spend time FUDding PoW to sell their coins, and go as far as to claim PoS is "better" than PoW, and we all know why PoW is needed. PoS fails at those reasons, and so doesn't work (for purpose) @nic__carter @VitalikButerin Eg a central server "works" but it does not work as a basis for decentralised bearer money, without public audit, unilateral withdraw, fraud proofs and ability for users to fire, recover state and replace the server.

@JasonPLowery @TheGuySwann That's sort of standard academic cryptography protocol / computational security game theory language though. Alice isn't going to point kinetic weapons at Mallory, she's going to erect the physical analog of an electrical force field which is nuke proof around her data and comms. @JasonPLowery @TheGuySwann With cryptography in the digital domain there is an impenetrable asymmetric defense advantage. It's like everyone is walking around with a nuke proof personal force field. Stark opposite of physical domain which is composed of 99.999% soft targets vulnerable to asymmetric attack.

TIL "Mass Formation" aka group psychosis, considered a historic enabling factor of totalitarian regimes. explainer from Prof. Mattias Desmet is 👀 opening 🔥 lit. 30% of population susceptible to group psychosis. 40% see through it but avoid confrontation. something to be aware of. real phenomena, though bizarre sounding. apparently people who instinctively reject authority, don't like being told what to do or think, question everything, demand proof, sensible explanations, reach own conclusions, are less likely to be susceptible.

information asymmetry in #bitcoin is extreme.

i doubt china really "banned" mining because they "banned" it many times before, and yet de facto is operating year on year through "ban" after "ban"

also what do people think impact is for bitcoin if they somehow did? nothing much! they relocate miners to other countries, load on trucks into russia, or airfreight

short-term hash drops a bit. transactions slow for a week or so, profitable for other miners, then hashrate adjusts down, even more profitable for other miners, transactions back to normal. fin!

thoughts on leverage. *don't*! better just hodl, dca, cold store. if you're gonna use leverage for fun/profit, you're increasing risk a lot. do it with max 10% of coins (or less). never place a leverage trade without a limit stop, or implicit stop from small position liquidation. low leverage is another option, like 1.1-1.5x. but watch out for the funding rates, they run hot into the 30% APY. you can re-up and add more collateral but then your position exposure gets larger, and so the risk could go over your target, if the whole thing is liquidated anyway

@elonmusk @itsALLrisky the 10,000 alts tried all manner laughable physics and comp sci failed things btw. where to even start on how and why. @peterktodd explained that distributed minnig won't converge when block verification time plus speed of light in fiber optics exceeds the block interval. /1 @elonmusk @itsALLrisky @peterktodd further the broadcast+verification latency needs to be a fairly low fraction of block-interval or you get race-conditions, due to the lack of coordinated time in async networks. you can't "trust" other miners or you'd just as well use a centralized database. /2

Backstory for #bitcoin fork wars, less known tech dispute and ugly compromise, backdrop with consensus incompatible cavalier attitude, blew into a civil war on the re-run. Finally resolved via resounding market rejection and quiet departure of ring leader.

https://twitter.com/pete_rizzo_/status/1334907853241520131?s=19

Apparently while compromise was for P2SH many developers felt CHV was better designed. Peer pressure is bad, must think independently like aircraft systems training. Recall EVAL was resoundingly broken by O'Connor with 70mins review, reckless disaster averted.

#bitcoin bits > sats.

Time for a bits reboot, IMO. Sats are confusing, afaict sats were designed by Satoshi to be bitcents under bits.

1million is much easier than 100mil base.

Even bitcoin-qt (core) had bits for years.

You still have sats, just bits and bitcents (aka sats), like dollars and cents.

IMO one should think about @100trillionUSD's S2F model like Moore's Law: it's just an observation and speculative projection an observed trend may continue. "Moore's Law" projected the number of transistors in microprocessors would double every 2 years en.wikipedia.org/wiki/Moore%27s… many were wrongly projecting the imminent demise of Moore's Law for decades and despite expectation, it held for a remarkably long time: since 1975, only recently showing signs of physical limit asymptotic effects, new R&D and higher investment kept breaking expectation.

@ciphergoth re TCR mindsarentmagic.org/2020/01/04/100… I also thought on and off that it would be useful to have a 128-bit hash (secure within it's parameters). keyed universal hashes like UMAC can with 3rd party adversary swap collision (birthday 64bit) for 2nd pre-image (128-bit) security. a related thing applies to the original Schnorr paper, which mentions truncated the hash in the c=H(R,m), s=k+cx variant verification: c?=H(sG-cQ,m). however the paper threat model is dubious as the "signing server"can be attacker for some use cases and use birthday collisions

This is fun:

Sushi: loan, airdrop, pump, dump

Litecoin: silver to bitcoins gold, early mine/buy, coast, sell the top. Hat tip @binance

https://twitter.com/adam3us/status/1301406891076190209?s=19

TL;DR @gregoryneven et al proved 2-round musig insecure, we made 2-round work with deterministic nonces + bulletproof ZKP (2 round is good for usability). as SHA256 is CPU expensive @pwuille @n1ckler @real_or_random @yannickseurin designed Purify for low bulletproof complexity.

https://twitter.com/Blockstream/status/1301587578928402432

I thought it was a pretty neat and simple trick to disprove the impossibility by counter-example: make a bulletproof that the nonce is deterministic, cuts off wagner adaptive attack as there are no free variables left. hearing "impossible" led to "is that true, really?" question.

@mikeinspace it seemed to me that bitcoin design is a surprising maxima in a massive design surface, where any close design changes are basically worse, and changes that even work too complex to be worth it for little or no gain. so what you said is I think true, but surprising to people. @mikeinspace I think it's fair to find that surprising as usually a new idea can be significantly improved over time. however the non trivial design changes are just worse speaks of the design being such a narrow part of the design surface that works at all. it's a special hard to find design

To harden Bitcoin, we can build the shared resolve that the Satoshi psuedonym is burned, then the nym has no power to seek. Say a hypothetical Satoshi says some controversial stuff: we've learned decentralisation when no one cares and it does not matter /1

https://twitter.com/adam3us/status/1271970611842240512?s=20

in cryptography there is a concept of forward-secrecy (or backward-security: can't be forced to decrypt old encrypted messages, because ephemeral keys are deleted and the keys you do have can't decrypt your own old messages). it's not easy to do that in non-interactive settings/2

if you are actively trading and don't like high fees, use exchanges with 🌊 @Liquid_BTC integration, or complain to an exchange that doesn't. pay 1-2c to clear in 2mins final, while others are paying 50c-$2.50 for 1hr+ transfer.

https://twitter.com/adam3us/status/1264279001419431936?s=20

be part of the solution integration table

https://twitter.com/adam3us/status/1264286478999474177?s=20

@hasufl @TheRealBlockFi on bitfinex put USD in margin wallet, borrow BTC go to wallet->currency conversions, convert BTC to L-BTC. there's no market it's 1:1 no fee conversion. on BTSE it's automatic: in exchange there is no difference between L-BTC and BTC you just choose type on withdrawal/deposit. @hasufl @TheRealBlockFi on @bullbitcoin_ you just choose the type on withdraw L-BTC or BTC. (also L-CAD)