Archive for the ‘crypto’ Category

zeek rollups can enable full blockchain scalability and full blockchain privacy

Wednesday, August 17th, 2022

The fundamental strength of the blockchain architecture is that it is a immutable public ledger. The fundamental flaw of the blockchain architecture is that it is an immutable public ledger.

This is a problem for privacy and fungibility, but what is really biting is scalability, the sheer size of the thing. Every full peer has to download every transaction that anyone ever did, evaluate that transaction for validity, and store it forever. And we are running hard into the physical limits of that. Every full peer on the blockchain has to know every transaction and every output of every transaction that ever there was.

As someone said when Satoshi first proposed what became bitcoin: “it does not seem to scale to the required size.”

And here we are now, fourteen years later, at rather close to that scaling limit. And for fourteen years, very smart people have been looking for a way to scale without limits.

And, at about the same time as we are hitting scalability limits, “public” is becoming a problem for fungibility. The fungibility crisis and the scalability crisis are hitting at about the same time. The fungibility crisis is hitting eth and is threatening bitcoin.

That the ledger is public enables the blood diamonds attack on crypto currency. Some transaction outputs could be deemed dirty, and rendered unspendable by centralized power, and to eventually, to avoid being blocked, you have to make everything KYC, and then even though you are fully compliant, you are apt to get arbitrarily and capriciously blocked because the government, people in quasi government institutions, or random criminals on the revolving door between regulators and regulated decide they do not like you for some whimsical reason. I have from time to time lost small amounts of totally legitimate fiat money in this fashion, as an international transactions become ever more difficult and dangerous, and recently lost an enormous amount of totally legitimate fiat money in this fashion.

Eth is highly centralized, and the full extent that it is centralized and in bed with the state is now being revealed, as tornado eth gets demonetized.

Some people in eth are resisting this attack. Some are not.

Bitcoiners have long accused eth of being a shitcoin, which accusation is obviously false. With the blood diamonds attack under way on eth, likely to become true. It is not a shitcoin, but I have long regarded it as likely to become one. Which expectation may well come true shortly.

A highly centralized crypto currency is closer to being an unregulated bank than a crypto currency. Shitcoins are fraudulent unregulated banks posing as crypto currencies. Eth may well be about to turn into a regulated bank. When bitcoiners accuse eth of being a shitcoin, the truth in their accusation is dangerous centralization, and dangerous closeness to the authorities.

The advantage of crypto currency is that as elite virtue collapses, the regulated banking system becomes ever more lawless, arbitrary, corrupt, and unpredictable. An immutable ledger ensures honest conduct. But if a central authority has too much power over the crypto currency, they get to retroactively decide what the ledger means. Centralization is a central point of failure, and in world of ever more morally debased and degenerate elites, will fail. Maybe Eth is failing now. If not, will likely fail by and by.

Eth is full of enemies, but it is also the leading edge of blockchain scaling technology.

Zk-starks and zk-snarks

Zk-snark stands for “Zero-Knowledge Succinct Non-interactive Argument of Knowledge.”

A zk-stark is the same thing, except “Transparent”, meaning it does not have the “toxic waste problem”, a potential secret backdoor. Whenever you create zk-snark parameters, you create a backdoor, and how do third parties know that this backdoor has been forever erased?

zk-stark stands for Zero-Knowledge Scalable Transparent ARguments of Knowledge, where “scalable” means the same thing as “succinct”

Ok, what is this knowledge that a zk-stark is an argument of?

Bob can prove to Carol that he knows a set of boolean values that simultaneously satisfy certain boolean constraints.

This is zero knowledge because he proves this to Carol without revealing what those values are, and it is “succinct” or “scalable”, because he can prove knowledge of a truly enormous set of values that satisfy a truly enormous set of constraints, with a proof that remains roughly the same reasonably small size regardless of how enormous the set of values and constraints are, and Carol can check the proof in a reasonably short time, even if it takes Bob an enormous time to evaluate all those constraints over all those booleans.

Which means that Carol could potentially check the validity of the blockchain without having to wade through terabytes of other people’s data in which she has absolutely no interest.

Which means that peers on the blockchain would not have to download the entire blockchain, keep it all around, and evaluate from the beginning. They could just keep around the bits they cared about.

Unfortunately producing a zk-stark of such an enormous pile of data, with such an enormous pile of constraints, could never be done, because the blockchain grows faster than you can generate the zk-snark.

So, zk-rollups, zeek rollups.

zk-stark rollups, zeek rollups

Zk-stark rollups are a privacy technology and a scaling technology.

Fundamentally a ZK-stark proves to the verifier that the prover who generated the zk-stark knows a solution to an np complete problem. Unfortunately the proof is quite large, and the relationship between that problem, and anything that anyone cares about, extremely elaborate and indirect. The proof is large and costly to generate, even if not that costly to verify, not that costly to transmit, not that costly to store.

So you need a language that will generate such a relationship. And then you can prove, for example, that a hash is the hash of a valid transaction output, without revealing the value of that output, or the transaction inputs.

But if you have to have such a proof for every output, that is a mighty big pile of proofs, costly to evaluate, costly to store the vast pile of data. If you have a lot of zk-snarks, you have too many.

So, rollups.

Instead of proving that you know an enormous pile of data satisfying an enormous pile of constraints, you prove you know two zk-starks.

Each of which proves that someone else knows two more zk-starks. And the generation of all these zk-starks can be distributed over all the peers of the entire blockchain. At the bottom of this enormous pile of zk-starks is an enormous pile of transactions, with no one person or one computer knowing all of them, or even very many of them.

Instead of Bob proving to Carol that he knows every transaction that ever there was, and that they are all valid, Bob proves that for every transaction that ever there was, someone knew that that transaction was valid. Neither Carol nor Bob know who knew, or what was in that transaction.

You produce a proof that you verified a pile of proofs. You organize the information about which you want to prove stuff into a merkle tree, and the root of the merkle tree is associated with a proof that you verified the proofs of the direct children of that root vertex. And proof of each of the children of that root vertex proves that someone verified their children. And so forth all the way down to the bottom of the tree, the origin of the blockchain, proofs about proofs about proofs about proofs.

And then, to prove that a hash is a hash of a valid transaction output, you just produce the hash path linking that transaction to the root of the merkle tree. So with every new block, everyone has to just verify one proof once. All the child proofs get thrown away eventually.

Which means that peers do not have to keep every transaction and every output around forever. They just keep some recent roots of the blockchain around, plus the transactions and transaction outputs that they care about. So the blockchain can scale without limit.

ZK-stark rollups are a scaling technology plus a privacy technology. If you are not securing peoples privacy, you are keeping an enormous pile of data around that nobody cares about, (except a hostile government) which means your scaling does not scale.

And, as we are seeing with Tornado, some people Eth do not want that vast pile of data thrown away.

To optimize scaling to the max, you optimize privacy to the max. You want all data hidden as soon as possible as completely as possible, so that everyone on the blockchain is not drowning in other people’s data. The less anyone reveals, and the fewer the people they reveal it to, the better it scales, and the faster and cheaper the blockchain can do transactions, because you are pushing the generation of zk-starks down to the parties who are themselves directly doing the transaction. Optimizing for privacy is almost the same thing as optimizing for scalability.

State of the art

We are not there yet.

In principle we know how to create a zk-stark that can prove successful execution of an arbitrary turing machine. In practice we do not.

In principle we know how to create a zk-stark that can prove verification of several other zk-starks. In practice we do not.

We have a vast multitude of zk-snark systems that can prove particular things, for example that the inputs to a transaction are equal to the outputs without revealing the transaction.

We need a turing complete zk-stark engine, one that can produce a proof that any algorithm was performed with the expected result, and do not yet have one. There are people that claim to have built them, but their source is closed.


correction added seventeenth of September

https://blog.polygon.technology/plonky2-is-now-open-source/

“Earlier this year, Polygon announced Plonky2, a zero-knowledge proving system that represents a major breakthrough for ZK tech. Plonky2 offers two main benefits: incredibly fast proofs and extremely efficient recursive proofs. It’s a huge leap forward for the ZK space, and we’ve been blown away by the response from the developer community: people want to build on Plonky2.

Today we’re proud to announce that Plonky2 and Starky are open source. They are now dual-licensed under the MIT license and Apache2.”

This is wonderful and unexpected news, but I am overwhelmed by real life events, and cannot take advantage of it until 2023

As of today, all blockchains that do not use zk-rollups are obsolete, all blockchains that rely on everyone verifying everything are obsolete. We now have the solution to the enormous and ever growing blockchain, and the enormous amount of private information it makes dangerously public.

Someone said when Satoshi first proposed what became bitcoin: “it does not seem to scale to the required size.” And ever since then people have been struggling to solve that problem. Now we have a solution.


A closed source zk-stark system is not a zk-stark system, because when Carol applies her verifier to Bob’s argument of knowledge, how can she know what it is verifying?

Further, closed source cryptography seldom actually works. When hostile outsiders take a look at it, usually falls over. They may think they have what they claim to have, but do not necessarily actually have it. They may think that their verifier is verifying the zk-stark produced by their prover, when it is actually verifying something far weaker.

We need a compiler, that, given code for an arbitrary algorithm in a language for the virtual machine, produces a prover that executes the code in virtual machine and also produces a zk-stark proving that the code was executed with the expected result, and the compiler also produces a verifier that verifies the zk-stark. And that compiler has to be open source, without magic secret unexplained codes in it.

A closed source blockchain is not a blockchain, but an unregulated bank, because those who have the closed source could do anything, and a closed source zk-stark system is not a zk-stark system, because not an argument of knowledge, but a mere claim of authority.

We know know in principle how to produce a fully scalable blockchain – but actually doing so is another thing altogether.

How a fully scalable blockchain running on zeek rollups would work

A blockchain is of course a chain of blocks, and at scale, each block would be far too immense for any one peer to store or process, let alone the entire chain.

Each block would be a Merkle patricia tree, or a Merkle tree of a number of Merkle patricia trees, because we want the block to be broad and flat, rather than deep and narrow, so that it can be produced in a massively parallel way, created in parallel by an immense number of peers. Each block would contain a proof that it was validly derived from the previous block, and that the previous block’s similar proof was verified. A chain is narrow and deep, but that does not matter, because the proofs are “scalable”. No one has to verify all the proofs from the beginning, they just have to verify the latest proofs.

Each peer would keep around the actual data and actual proofs that it cared about, and the chain of hashes linking the data it cared about to Merkle root of the latest block.

All the immense amount of data in the immense blockchain that anyone cares about would exist somewhere, but it would not have to exist everywhere, and everyone would have a proof that the tiny part of the blockchain that they keep around is consistent with all the other tiny parts of the blockchain that everyone else is keeping around.

Current events

Monday, March 7th, 2022

This blog does not normally report, nor pay much attention to, current events, except as they illustrate the long sweep of history.

But, there is a bunch of stuff happening now. Four demons doing a weak-ass imitation of the the four horsemen of the apocalypse are on their way.

First and foremost for me is that the heat on crypto currency is going up, and it looks like the blood diamonds attack on bitcoin may well be imminent. Executive order coming this week. Chances are it will be a big nothing burger, because Shaniqua will be leading the charge against crypto currency, but we will see.

Justification being that bitcoin is being used to get around SWIFT.

Well then, big profits to be made in whatever crypto currency winds up being used to get around SWIFT. When last I checked zk-SNARKs were not yet ready for prime time, and the lightning network was not yet ready for prime time, but it is time to check again.

Getting ready to move again, and not at all sure where to move to.

And on the first horseman, plague:

I have been following Igor Chudov for a little while, and at first it was “Oh wow. The craziest conspiracy theories about Covid are true”

And then after a bit it was more “too long, don’t read. Of course the worshipers of the Mighty and Awesome Covid Demon are evil and insane. What did you expect?”

Looks like the Covid hysteria was demonic, not merely evil. The story now coming out around Covid is not necessarily proof that people who seem to be be demon possessed are possessed by literal demons rather than figurative demons, but it is compelling evidence that modeling them as possessed by literal demons is predictive of their behavior, and predicts better than the rational pursuit of short term self interest by evil means.

Worst Fears Realized: Pfizer mRNA Integrates into your DNA

If the demons keep the upper hand, war with Russia will aim not at victory, but nukes.

With the attention of the Global American Empire on war, it has now become suddenly safer to examine the truth about the Awesome, Mighty, and Holy Covid Demon, but I still see a lot of stubborn resistance and denial, and a heavy handed and hamfisted effort to prevent discovery.

No very dramatic news on the second horseman: War. Globohomo is murdering civilians who attempt to flee Ukrainian cities, and Ukrainian politicians who are trying to get peace, or at least position themselves for a new Russian aligned regime. The Global American Empire is planning a never ending asymmetric war in the Ukraine.

Looking at the movement of Russian forces, looks like they intend to restore the 1914 border between Russian Europe and Western Europe. They seem to be positioning a significant force along the 1914 border. Ukrainians east of the 1914 border mostly speak Russian, of a sort, Ukranians west of the 1914 border mostly speak “Ukranian”.

If they adequately secure the border, either the Global American Empire winds up enduring an unfavorable peace, or escalating to conventional war. Which, with demons literal or figurative running the operation, is likely to go nuclear.

In the long sweep of history, we are not headed for one specific destination, for when glass shatters, it can break in any of a thousand ways, but the pace of events so far is consistent with the continuing trend, in place since 1820, of chaotic and entropic events driven by ever increasing leftism getting faster and faster, despite the fact that we are no longer being bombarded with tales of peaceful dark skinned joggers being attacked by white males, and enforcement of the rituals of Covid Worship seems to have been forgotten. The direction keeps changing, so difficult to make an assessment of how fast movement is happening, except in retrospect.

In 1970 we fell of the track headed towards technological singularity. So far, we still seem to be on track for left singularity, or at least not yet obviously off the track.

Everything is ultimately driven by faith, for an army needs a state religion, and a state needs an army. Our Churches are celebrating gay sex with obscene sacraments, those that do not go along are apt to be burned down, and the police uninterested in finding who burned them down, just as in the Ukraine, people who seek peace, or merely attempt to flee war, are apt to be murdered, while in Russia, for all its grave faults, white men are once again building Cathedrals.

All FIPS compliant cryptographic libraries are backdoored and in the pocket of our enemies

Tuesday, November 2nd, 2021

As are many non FIPS compliant cryptographic libraries. We know from the Snowden leaks that the NSA has spent hundreds of millions of dollars trying to make sure that cryptographic implementations have backdoors supplied for the NSA.

A good way to make money is to construct a cryptographic library, and, if it gets to be widely used, a mysterious and secretive generous benefactor will show up.

To resolve the dragnet problem for passwords, since I cannot help using backdoored software, what I do is have a long master password, from which I generate for each account a ninety six bit random gibberish password.

Any one cryptographic algorithm is usually fine by itself – nothing is wrong with AES256 and SHA256, though there is something very wrong with AES128 as usually used. Used correctly, AES128 is fine, but it never is used correctly.

But any one cryptographic algorithm is useless by itself. To do anything useful, has to be integrated with several other algorithms, an api provided to access and use that integration, and then another library has to use the cryptographic library through that API. And that integration, api, and libraries using libraries, is where the mischief usually is.

Typically you have one flaw, which is obscure, complicated, relatively harmless by itself, and another flaw in something totally unrelated, which is also obscure, complicated, and relatively harmless by itself. You put all these flaws together, with industrial scale precomputation and industrial scale collection of hashes of secrets, and all the encryption falls apart. The Snowden slides would seem to suggest that the NSA has broken the SSL TLS algorithms used in most vpns.

Every major state spy agency, and several private agencies, attempt to collect every face that has ever appeared on the internet, every email address, every username, and every password, and link them together.

The mechanism that the fips compliant libraries, or rather the software that uses them, provide to collect the passwords, and to link them with usernames and email addresses is that they reveal the hashes of email addresses, passwords, and usernames to passive listeners. And the agency collections hundreds of millions of such hashes.

If you have one hash, and you want to try ten billion things to see if one of them gives the correct hash, takes a while. If you have a million hashes, and you want to try ten billion things to see which ones match one of your hashes, takes about the same amount of time. So this form of leakage is primarily useful to those that collect the leaks on an industrial scale. The backdoors are provided to be convenient to those that seek to sweep up all data, not convenient to those who want to eavesdrop a particular conversation.

Let us suppose you want to have free wifi wherever you go.

It used to be that whenever someone signed on with his wifi network, the unsalted hash of his password was transmitted in the clear. So every time someone goes in and out of range of his wifi network, his cell phone transmits the unsalted hash. (Actually it is more complicated than that, I oversimplify, but the end effect is that a passive listener gets the hash of the password.)

This was inconvenient for the agencies, since people do not sign into their wifi all that often, so the Wifi protocol was modified on some slender excuse to continually retransmit the hash all the time, regardless of whether anyone needs it, wants it, or can use it.

So, you have a background process on your laptop collecting these hashes, and once a week or so, you let a process run overnight that tries a hundred billion passwords against a every network you have been in range of. Most of the passwords will be revealed. And now your laptop can sign into a free wifi network wherever you are. Handy.

Which gets interesting if it is the network of a big corporation, because you are now inside their firewall, rinse and repeat similar tricks to get their administrative passwords. Then hold their data for ransom.

If you comment on a WordPress blog, the standard worpress avatar plugins give you an avatar. And somehow, for some entirely inexplicable reason, the blog sends the avatar image, the username, and a hash of the user email address to a central repository. Supposedly the WordPress plugin avatar privacy does not do this, but I was recently informed that it does the equivalent in a more roundabout way, which I have now fixed.

This post was inspired by Let’s talk about PAKE, a post on how to do login by password correctly – so that the server does not know, and cannot learn, the password. Using the opaque zero knowledge protocol, the server never knows the password or the hash of the password, and the client never knows the per user salt, or per user key stored on the server, no hashes of interesting information are exchanged. If the server is evil, or the bad guys seize the server, everything is still encrypted and they have to run, not a hundred million trial passwords against all users, but a hundred million passwords against each user. And user can make the process of trying a password far more costly and slow than just generating a hash. Opaque zero knowledge is designed to be as unfriendly as possible to big organizations harvesting data on an industrial scale. The essential design principle of this password protocol is that breaking a hundred million passwords by password guessing should be a hundred million times as costly as breaking one password by password guessing. So this post is not about the opaque password protocol. It is about why it is needed.

Bitcoin time

Saturday, October 23rd, 2021

I have been diversifying from Bitcoin to ADA, because I was profoundly unhappy with Bitcoins scalability, and with its implementation of the lightning network, and I recommended that other people do so.

This turned out to be a bad idea.

The bitcoin lightning network substantially eases the scaling problem for an order of magnitude or two growth, after which scalability is likely to start biting again.

The bitcoin lightning network’s problems appeared to be insoluble to me, because of the way bitcoin works, and because I was just not seeing the will or coherent organization needed to fix them.

The taproot update to bitcoin, however, makes it possible to fix the lightning network, and suggests the existence of will and organization capable of fixing it, and with intent to do so. I conjecture that the recent rise in bitcoin is substantially driven by this prospect.

The biggest immediate problem with the lightning network is unrelated to the issues that taproot addresses: backup. Backup of your lightning network is broken, unless you are merely the client of some big node,.

The big point and big value proposition of cryptocurrency is that you don’t have to suffer client status, with all its grave costs, dangers, and inconveniences. It is client status that is the problem that bitcoin was originally created to fix.

To recover your lightning wallet you need both the master secret and the current state of your lightning wallet. Which you probably lost in the crash. Backups will not work, because the state of your lightning wallet, unless you are a mere client of a single important node, is likely to change frequently and unpredictably. The current backup solutions are a collection of complicated half assed workarounds which are likely to mostly work most of the time, provided you know who all your counterparties are, they are still around, and they are honest, well behaved, and well intentioned.

The correct solution is that every time your wallet state changes, it should send a copy of the state change, not the entire state, just the change in state, encrypted to a secret that only the possessor of the master secret can generate, to a couple of backups in the cloud.

Then if your lightning wallet crashes, you could recreate it from your master secret by re-running all the state changes from the beginning.

I don’t know why this was not implemented. Perhaps it is just that they had, and have, more pressing problems to deal with, but now that there is substantial, and rapidly growing, money in the lightning network it becomes a lot more pressing. I intend to go lightning, once backup is adequately addressed, and am going back to bitcoin right now.

Where we go from here

Saturday, January 23rd, 2021

Electoral politics is dead, though its corpse will continue to be paraded about for a considerable time. It will not be revived for a very long time, for a live Republic requires a virtuous elite, and creating a virtuous elite is a project that requires a virtuous King, and a few generations.

I hoped and prayed that Trump would retain power – either as president, or as leader of the resistance, and I lost several bets that he would. Also my investments were to some extent premised on him retaining power.

On the other hand, I have also been making preparation for a more complete disappearance, and so far, it looks like that may not be needed for a while.

I have for decades predicted war, democide, or genocide around 2026 or so, and have never shifted in that prediction. On the whole, things seem to be moving as expected, at about the rate expected. Trump retaining power might have eventually caused me to change that prediction, but a lot more would have had to happen following him retaining power for me to change that prediction. It took Augustus Caesar a decade or so after becoming dictator to sort things out in Rome, and he had death squads and an army at his back. Had Trump successfully performed the coup or started the civil war that I expected, it would have been only the small beginning of what is needed to reverse the decline.

When a holiness spiral goes this far, it takes a lot to stop it. And the further it goes, the more it takes. And even after it is stopped, you still have a big problem, as Sulla had a big problem, and Augustus Caesar continued to have big problems, because you have a degenerate elite, as Russia had after communism collapsed.

I am not necessarily predicting armed conflict in 2026 or so to be the end of our troubles – it could well be the beginning of the end of our troubles, but it could be the beginning of even greater unpleasantness to come, the start of a long dark age for the white race, which is likely to be a long dark age for all races.

Trump is delusionally attempting to appease his enemies. He should be running away. A Trump restoration could only happen after the pattern of the Rwandan genocide, when the exiles returned to conquer a grotesquely dysfunctional and murderous government. And, on January the sixth, Trump revealed himself as not the man for that. He could still become the man for that, but every time he opens his mouth, this looks less and less likely.

In the near future, we can expect the deep state to struggle with the radical left for power. (The Republican party will lose all relevance) Everyone, including the radical left expects the deep state to win and restore normality, but this is normalcy bias. The establishment left lacks cohesion, so each member of the establishment left will try to make his own deal with the radical left at the expense of the rest of the establishment left.

We are now in a situation paralleling the overthrow of Czar and the overthrow of King Louis the sixteenth. The deep state expected to continue governing Russia and France, without the inconvenience of a King bothering them, but was soon in for a big surprise.

Everyone in the deep state thinks that with the democratically elected president out of the way, they will be running the country, but there are far too many of them, they are all going to cut a deal with the radical left, and they are all going to find themselves with the short end of the stick in their deals.

Eventually the leftism spiral will be ended by a Napoleon or a Stalin. If we are lucky a Cromwell. Then leftism will slowly empty out for lack of new applecarts to knock over. At which point an alternative religion will gain mass traction. And that new religion will need to ready itself for eventually becoming the state religion, as progressivism is now the state religion.

The time for electoral politics is over, and the time for an alternative mass religion is not yet. It will likely take quite some time before our enemies have finished destroying each other, so what do we do in preparation for our enemies to destroy each other?

We preserve the truth of Gnon in preparation for the day where it is possible to compete with the state religion, which will become possible only after it empties out of genuine zeal and faith, which is not going to happen until a Stalin restrains it from knocking over any more applecarts, or all applecarts are utterly destroyed.

The time for an advocacy movement is not yet. We are an analysis movement – Trumpism was an advocacy movement, and I had high hopes, but it was crushed, and anything slightly resembling it will be crushed harder.

The time for advocacy will be when leftism empties out, which is not going to happen with applecarts falling over everywhere.

Our key issue is patriarchy, and each of us should promote it at the individual level, by being alpha in our interactions with women, and by telling our women that this is God’s will, and by approving or disapproving of individual associates according to whether their conduct undermines or supports their family and our own.

Some time ago I was at a party, and my host had failed his wife’s shit test, and was angry and despondent. I said “Why don’t you just tell her to do it your way”, to which he despondently replied that it was over and settled. “It is done”. He is blue pilled, and I doubt a lecture on Game, Game Theory, Evolutionary Game Theory, and Evolutionary Psychology would have gone down well, even had I been sober enough to give it, and he sober enough to understand it, which we probably were not. So I just said “A man should be King under his own roof”, and moved on, letting the matter drop. A few minutes thereafter, he passed the shit test with flying colors, his wife eager to please. Perhaps it was that I simply simply rejected the false and evil morality that was poisoning his will and this gave him the strength to do what was right. The left pretends that everyone agrees with their anger and lies, and people believe it, believe that everyone agrees, because no public doubt is permitted, but if one man does what is right, good, and true, and will say to his friends that it is right, good, and true, people that are hurting from the conflict between leftism and reality can feel it in their hearts.

The state has so many evil laws, that it is generally unable to enforce them against those who live according to the will of Gnon, and are confident in the righteousness of so doing.

Leftism is getting brittle, because the ever greater gap between leftist doctrine and people’s lived experience is hurting people. But the child who cries the that emperor has no clothes is not going to cause leftism to fall over as long as fresh applecarts remain for leftism to knock over. It is not public advocacy time yet.

We also need to address the namefag problem and the destruction of the market economy using cryptographic means. Bitcoin was huge step in the direction of fixing the market economy, making possible transactions that are increasingly obstructed by laws and regulation.

There were many attempts on cypherpunks to address the increasing dysfunction of money and accounting. They failed until Satoshi created bitcoin. Digital gold failed because the government simply seized the backing. Bitcoin was successful, but it is a prototype that is prematurely being used as the final system.

We need to build the technology for a semi underground market economy and name system. Satoshi’s blockchain, namecoin’s blockchain, and the Jitsi name system are prototypes for what is needed.

Nothing that matters has changed in social technology, with the big and important exception of double entry accounting and corporate form that it made possible.

I expect that the blockchain and triple entry cryptographically signed accounting will also make an advance in social technology possible, changes that the ICO prefigures, but right now our problems are with social technology that has not advanced since the time of Greece and Rome. Building the things that make new social technologies possible are a step towards the recovery of old social technologies.

When the time is ripe, we will need to reboot systems that are very old, and have been broken. At the same time, while waiting for the conditions that will make a reboot possible, we need to work on the social technologies of the future. Which is corporations as sidechains on the blockchain, for these technologies will make it possible to preserve truth, technology, and the market economic order through what may be well be a very long dark age.

We preserver reality, truth, and respect for Gnon, and attempt to preserve the market economy underground.

We are in an environment that is not only hostile to the vast majority of men having sex, and hostile to all men having children, but also hostile to the market economy. Vox Day’s corporate cancer is devouring the market economy. Corporations are being repurposed from producing value to producing holiness.

We are now using white designed but East Asian built cpus, because corporate cancer has devoured our fabs, and are likely to soon be using Chinese designed CPUs. People are starting to use the Exynos SoC, which is a Samsung design built in a Samsung fab for a Samsung built and designed CPU, and the Media Tec chips, which are designed and built in Taiwan. If I was building a home security system today, it would be running on Taiwanese designed and built CPUs and SoCs.

White people lost the fabs to corporate cancer, and are starting to lose the software, chip design and chip architecture. To resist this trend while the very holy progressives are still in charge of the state religion, we need separation of information and state – which is part of the same program as the faith of Gnon, for the faith of Gnon requires us to protect the truth from a state and state religion that is hostile to truth.

While our ultimate goal is a state and state religion that enforces truth and truthfulness, as Charles the Second’s men at arms protected the Royal Society from Puritan attempts to forcibly deplatform them, for the duration our goal is agorist, to build social media platforms, economic platforms and market platforms that are not state controlled, as the Royal Society existed underground during puritan rule as the Invisible College. Agorism has no answer to large scale organized violence, and neither did the Invisible College, but after the Restoration, the Invisible College became the state sponsored Royal Society.

I may be blogging less for a while, because I am working on the design document of a very large project, and a very small foundation stone of actual software for that project.

Stormfront is a honeypot

Sunday, October 29th, 2017

Stormfront uses Google Analytics. Google Analytics runs an alarmingly large pile of obfuscated javascript code on your browser that if you visit Stormfront, can very likely uniquely identify your browser, even if you are accessing Stromfront through Tor to anonymize your IP.

Thus, you visit Stormfront, carefully using a fake name and an anonymized IP. And then you visit Youtube with the same browser, and Youtube says that you cannot watch this video unless you sign in with your Google account, which Google goes to alarmingly great lengths to link to your true name, thereby linking your browser fingerprint to your true name.

How to do cryptocurrency right

Sunday, October 8th, 2017

Proof of work tends to be inherently slow, has inherently high transaction costs, and the miner’s interests are not identical with those holding currency as a store of value and those using currency as a medium of exchange.

Proof of stake is nontrival to get right. It is a form of the infamously difficult to understand (and infamously difficult to program correctly) Paxos protocol. The Paxos protocol has the great advantage over the proof of work in that after an unpredictable and possibly large time, it announces a definite result, whereas with the bitcoin proof of work protocol, no result is ever final, it just becomes exponentially probable.

Ignore the carping that proof of stake is inherently flawed. Any implementation of proof of stake that is easy to understand is likely inherently flawed, that being the infamous nature of Paxos.

Bitcoin was genuinely decentralized from the beginning, and over time became more centralized. Big exchanges and a small number of big miners are on the path to inadvertently turning it into another branch of the oppressive and corrupt government fiat money system.

The new altcoin offering are for the most part not genuinely decentralized. They have a plan for becoming genuinely decentralized some time in the future, but the will and ability to carry the plan through has not been demonstrated.

Assume that, instead of everyone being a peer, we have few dozen or so peers, the peers distributed among several nuclear armed jurisdictions, and each peer has a hundred million or so clients, and each peer stores the entire blockchain forever.

OK, we are talking rather large peers. A terabyte of storage, a hundred dollars worth, will keep one of them going for a week. Say two terabytes for redundancy. I don’t think cost of storage is going to be a significant problem.

Scaling, however, is the hard problem. Making enormous amounts of storage actually useful and effective is the problem. The amount of storage per client is absolutely insignificant. The amount of bandwidth per client is absolutely insignificant. Having a useful connection between enormous numbers of clients and enormous amounts of storage via enormous amounts of bandwidth is the hard part.

Prompt response is another problem. It inherently takes time, and potentially large and unpredictable time, to reach consensus on the blockchain.

We can, however, have fast trust base responses followed by consensus: Since the peers are pretty big, you can trust a peer for your payment during the short time it takes for consensus to settle.

The way this would work is that every client is hosted by a peer. If his host should crash, or turn evil, he can move to another peer, though during the move he will not be able to make fast transactions. When he makes a payment, the peer hosting him testifies that this is not a double spend, and the payment is instantly flagged to the recipient as cleared – but it does not get flagged as settled, and the recipient cannot spend the payment, until it gets incorporated into the blockchain consensus, about twenty minutes later. Since the peers are big and long lived, you can trust them with your money for half an hour or so, and if you don’t want to trust them,, or you don’t trust some of them, you just wait for the transaction to be incorporated into the consensus.

A bad time to invest in Bitcoin

Sunday, October 8th, 2017

Back in 2013 I urged people to invest in Bitcoin.

Yesterday someone asked my cleaning lady to invest in Bitcoin.

Now if someone had asked her to accept payment in Bitcoin, or send payment in Bitcoin, then this would be compelling evidence that one should invest in Bitcoin.

But when cleaning ladies are asked to invest in Bitcoin, not a good investment.

When Bitcoin began, everyone was a miner, and everyone was a peer, everyone stored the entire blockchain. Which was great, but did not scale. And now people are struggling with half assed ideas about how to get it to scale.  Bitcoin can no longer deliver on its original promises, has not figured out what new promises to make, and many of the new promises are unworkable, or are scams, or are likely to turn into scams.

Cryptocurrency

Monday, September 25th, 2017

Our financial system is corrupt and oppressive. Cryptocurrencies represent an opportunity to route around that system, and make lots of money doing so.

Cryptocurrency is real, and presents the opportunity to make enormous amounts of money. Also, cryptocurrency scams are real, and present the opportunity to lose enormous amounts of money. Like the dot-com bubble in the 90s, you can add the concept of blockchain to just about anything and have a ‘business’ worth millions, no matter how idiotic the original idea. The vast majority of initial coin offerings are investments in businesses that are not providing anyone with any value, have no real customers and no obvious prospect of ever having any real customers.

The successful altcoin will be genuinely decentralized, as bitcoin was designed to be, originally was, and to some extent still is. Most of the altcoins, possibly all of them except the Bitcoins and Ethereum, are furtively centralized.

It will use, or at least offer the option, of Zooko type wallet names, as Bitcoin and Ethereum do.

It will be scalable to enormous numbers of transactions with low transaction costs, as Steemit and Ripple are, but Bitcoin and Ethereum are not.

It will support sidechains, and exchanges will be sidechained.

It will be a blogging and tweeting platform, as Steemit is, and will be a decentralized blogging and tweeting platform, as Steemit is not.

Every website reporting on the altcoin boom and the initial coin offering boom has an incentive to not look too closely at the claimed numbers. Looks to me that only Bitcoin and Steemit.com have substantial numbers of real users making real arms length transactions. Maybe Ethereum and Ripple also. The rest are unlikely to have any significant number of real, arms length, users. The white papers don’t tell you the qualifications of the people running the operation, or what they are going to do, what milestones they hope to reach.

The crypto coin business is full of scammers, and there is no social pressure against scammers, no one wants to look too closely, because a close look would depress the market. There is no real business plan, no very specific or detailed idea of how the coin offering service is going to be of value, how it is going to get from where it is now, to where it is going to usefully be. It is very hard to find out how many real users a crypto currency has, and how much stuff is available denominated in that crypto currency.

Most of the alt currencies are just me-too copies of bitcoin, not adding any substantial value, and/or they cannot scale, and they are deceptive about how centralized and how vulnerable to state attack they are. Nearly all of them are furtively centralized, as Bitcoin never was. They all claim to be decentralized, but when you read the white paper, as with Waves, or observe actual practice, as with Steemit, they are usually completely centralized, and thus completely vulnerable to state pressure, and quite likely state seizure as an unregulated financial product, thus offer no real advantage over conventional financial products. When you buy an initial coin offering, you are usually buying shares, usually non voting shares, in a business with no assets and no income and no clear plan to get where they will have assets and income, as in the dot com boom.

The numbers show that Bitcoin is number one, ethereum number two, ripple number four, and steemit.com number eighteen, but my wild assed guess is that Bitcoin is number one, steemit number two, ethereum number three. I have absolutely no idea where ripple stands. No one is providing data that would enable us to estimate real, arms length users.

Bitcoin exchanges are banks, and banks naturally become fractional reserve institutions. Bitcoin exchanges are furtively and secretly investing customer deposits, without reporting the resulting term transformation.

Genuinely free market banks, and bitcoin exchanges are genuinely free market banks, have a financial incentive to engage in term transformation – borrow short, lend long. Which is great for everyone until a rainy day comes, rains on everyone, and everyone withdraws their deposits all at the same time, and suddenly all those long term loans cannot be liquidated except at a loss, whereupon the banks exchanges turn to the state, and so begin the transition from a backed currency to a state currency, ceasing to be free market banks.

The trouble with fractional reserve is that free market banks, banks trading in a backed, rather than state, currency, tend to deny, understate and misrepresent the term transformation risk, making them slowly, and often unintentionally, drift into becoming scams. If the reserve fraction is visible to customers, then we could rely on caveat emptor. Right now, however, every bitcoin exchange is drifting into becoming a scam.

We need, and we could easily have but do not have, a system where the amount of bitcoins owed to customers by an exchange is knowable and provable, and the amount of bitcoins owned by an exchange is knowable and provable, so that the reserve fraction is visible, whereupon the exchange would have to provide information about the extent and nature of its term transformation, or else would likely lose customers, or at least would lose large, long term customers. This would involve the decentralized cryptocurrency making each exchange a sidechain operating a centralized cryptocurrency backed by the decentralized cryptocurrency. Which would also help mightily with scaling.

Bitcoin and ethereum is truly decentralized, in that it is a protocol that any entity can use, and that in practice lots of entities do use. If the government grabs some hosts, or some hosts do bad things, they can just be ignored, and the system continues elsewhere. They also use Zooko type identities, which in practice means your wallet name looks like line noise. This is outstandingly user hostile, and a reason so many people use exchanges, but it provides the core of resistance to state power.

Unfortunately, Bitcoin and Ethereum face scaling limits. Maybe ethereum will fix its scaling limits. Bitcoin does not seem to be fixing them. This makes Bitcoin and Ethereum transactions inherently expensive, which is likely to prevent them from replacing the corrupt and oppressive US government controlled financial system.

Steemit.com has a far superior design which does not result in scaling limits – although we have yet to see how its witness election system will perform at scale – as the system scales, money holders have less incentive to vote, less incentive to vote responsibly, and voting will inherently cost more.

Steemit.com is also highly centralized. The altcoin that will win will be the one needs to be scalable all the way to Visa and Mastercard levels, and needs to be visibly decentralized, visibly resistant to state seizure, and needs to have a mechanism that makes the fractional reserves of exchanges visible to exchange users.

Bitcoin was genuinely decentralized from the beginning, and over time became more centralized. Big exchanges and a small number of big miners are on the path to inadvertently turning it into another branch of the oppressive and corrupt government fiat money system.

The new altcoin offering are for the most part not genuinely decentralized. They have a plan for becoming genuinely decentralized some time in the future, but the will and ability to carry the plan through has not been demonstrated.

I like the steemit design. The witness system is scalable, the witness election system has problems which may be fixable, or may be inherent.

But I have a suspicion that investing in steemit is only going to profit whoever owns steemit.com, not the owners of steemit currency.

According to Steemit documentation, it looks like a well designed cryptocurrency that deserves to replace Bitcoin, because it is more scalable, more user friendly, and more immediately usable.

Well, that is what it looks like. Except its front end is the steemit.com website, and any one website can easily be seized by the feds. If actually decentralized, it should be a bunch of websites using a common crypto currency and a common identity system,

Remember usenet: A common protocol, and an internal name system. The particular host through which you accessed it did not matter all that much, because all hosts had to behave much the same. Steemit should be something like usenet with money, and it is not.

The way usenet worked, anyone (meaning anyone’s computer and his client program) could join as a client by having an agreement with a host, and anyone (meaning anyone’s powerful and well connected computer system) could join as a host by having an agreement with a few existing members.

A successful altcoin needs to be a blogging platform like Steemit, but it also needs to be a federation, like Usenet or Mastodon. Many of the blogs will be offering goods or services for cryptocurrency.

Then one could be more sure that success of the federation currency would benefit owners of the currency, rather than owners of a single central website.

Needs to be Mastodon with the ability to support a blog like post, and like Steemit, and unlike Mastodon, to send and receive money. Steemit.com is wordpress.com with the ability to send and receive money.

Bitcoin has a decentralized name system, rooted in Zooko style names that are not human intelligible. Its resistance to state power comes partly from the fact that there are several miners and anyone can be a miner, and partly from its decentralized name system.

Steemit has a communication and blogging system. But if I hold steemit currency, steemit.com connects that to my phone number, which the government connects to my true name. All that handy dandy data that the government would like all in one place that you can serve a warrant on or mount a raid on. Or just sell for profit.

Need a decentralized communication, identity, name, and blogging system, unlike Steemit.com’s centralized communication and blogging system, and a name system that is resistant to government intervention and control, like Bitcoin’s name system. Thus the blogs offering goods and services for crypto currency will be resistant to regulation or seizure by the state. When a ruler meddles as much as our state does, he gives dangerously great power to those dangerously close to him. The regulatory state inevitably drifts into anarcho tyranny, or, like Venezuela, into violent and chaotic anarchy.

But we also want human readable names. How can we square Zooko’s triangle? (As Aaron Schwarz famously asked, and then infamously gave a very stupid answer.) I will give my answer as to how a crypto currency can square Zooko’s triangle in a following post. (The answer being, much as namecoin does it.)

Censoring the internet

Saturday, August 26th, 2017

Racist sites are being taken off the internet. Expect “racist” sites to follow.

The internet is built to resist censorship, and it is time for alt tech that takes advantage of this. patronize Gab.ai, duckduckgo, hatreon, and infogalactic.com, assuming that they are still up by the time you read this. If they are not, namecoin and tor.