Public chains have become a topic that is widely discussed, and it used to be all about comparing who had the better headlines and everyone was talking about Blockchain 3.0. Their normal method was to take a prominent indicator and make comparisons between them and a mainstream public chain in the market, and then come to a predetermined conclusion. Few articles objectively and comprehensively compare the current mainstream public chains in the market and give the public an intuitive and credible conclusion. Today, we are going to break this bad habit of this industry and make a horizontal comparison of the current mainstream public chains, and thus intuitively and objectively tell you what the differences are between public chains.submitted by According_Ticket7936 to u/According_Ticket7936 [link] [comments]
First generation public chain: BTC (father of blockchain)
Second generation public chain representatives: ETH, EOS
Third generation public chain representatives: polkaDOT, VDS, PT public chain
Criteria for the different generations: classification
EOS (Second generation public chain):
polkaDOT (Third generation public chain)
I am very optimistic about the PT public chain. As a latecomer, PT public chain has the first decentralized Dpos+Spos consensus mechanism in the blockchain circle. It has high security, high privacy levels, high efficiency, high capacity expansion, supports compatibility and cross chain technologies, which makes it easier to carry out multi technology development. It also innovates the efficiency of the destruction mechanism of mining coalescence, effectively improving the shortcomings of the traditional mining allocation mechanism, eliminating speculative players, and increasing the participation rate of consensus innovation in the technology and methodology. However, due to the weakness of the latecomers themselves, the ecosystem is in its infancy, and there has not been enough time for all of the innovative mechanisms to be tested by the market, so I can
chain and is an important basis for measuring the commercial prospects of the public chain, with a top score of five stars.
These four dimensions mainly consider the practicability of the public chain, and focus on the commercial value itself, as I believe that productivity is the only standard by which to measure technology.
BTC (first generation public chain)
ETH (Second generation public chain)
VDS (Third generation public chain)
PT Public Chain (Third generation public chain)
However, this score can only be used as a reference based on the specific current environment. Over time, the public chain ecosystem has had its ups and downs, user migration, pop-ups, technology iterations, etc., I still believe that the public chain, with its technical advantages and model innovations, such as PT, can stand out in the market, and time will be the best witness. Just as the PT white paper says, you will slowly get rich together if you make the right choice.
submitted by NeoLine_Wallet to NEO [link] [comments]
There is a plot in The Big Bang Theory: In 2010, Shelton first dug out Bitcoin and invited three other friends to play the mining game, but he was kicked out of the founding team. The time came in 2017, Bitcoin broke through $ 5,000. The trio found the mining computer of the year and planned how to spend the huge sum of money, but found that the folder was empty. It turned out that Shelton had stolen the computer to retaliate the trio, and downloaded the file to a USB flash disk. But in the past seven years, the USB flash disk has long disappeared.
The story comes from life. Although some drama elements are added to the plot of the TV series, the case of “Token lost” is common in real life.
In this article, let’s take a look at “the predecessors who have lost tokens”!
Count the cases of coin loss caused by personal reasons, learn from their experience, and never let “history” repeat.
Type 1: Private key on the “cloud”A user has always remembered the promotion of not taking screenshots of the private key and used another mobile phone to take the wallet private key and upload it to the cloud disk. This move gave criminals the opportunity to find his cloud disk password with the help of various third-party libraries, thus successfully obtaining his private key and stealing digital assets.
There is also a user who keeps his private key in the mailbox of a website, thinking it is foolproof. Unexpectedly, three years later, the website turned off the mailbox function, his mailbox could no longer be logged in, and the private key could not be found. He can only know that he has digital assets, but he cannot trade.
Therefore, you must pay attention to the choice of equipment when backing up the private key. It is best to copy it by hand, distinguish between upper and lower case, back up two copies, and save it in a safe place.
Type 2: Acquaintance crimeOnce a user was backing up his wallet, a friend happened to be by his side, but he didn’t pay much attention. After that, the friend obtained his private key by some means and transferred the tokens. Fortunately, this friend was located through the investigation and the digital assets were restored.
Cases of acquaintance crimes have often heard in recent years, and some even stolen by their relatives. However, in the known case of recovering stolen assets, there is a high probability that stolen by acquaintances. Therefore, if your digital assets are stolen, you can give priority to the possibility of “acquaintance crime”. In addition, when backing up the private key, pay attention to whether the surrounding is safe, and ensure that there are no people and cameras around.
Type 3: Missing one letter makes it difficult to find assetsLet’s talk about the actual cases recently handled by NeoLine customer service. These dozens of users have encountered the same problem: the private key cannot be imported because it is not case sensitive.
Such cases often happen in life. When users first started copying, they were very confident in their writing and did not do a second check. Moreover, they were able to distinguish between the upper and lower case at the beginning and were successfully imported.
After one or two years, the user took out the copied private key and imported it, but failed. Only then did they realize that some letters were indeed doubtful. Common: K and V are not case sensitive; q and 9 are indistinguishable, and I and 1 are unclear.
If you encounter this type, users who understand the code can write a script and run thousands of combinations, and you can find it out.
However, some users found the private key and found out that they didn’t know when the writing fainted. This situation is too bad, the probability of finding out is almost zero.
Therefore, we emphasize that when copying the private key, you must be careful, pay attention to the order, the writing is clear, pay special attention to case-sensitivity, and copy the copy to a safe place. Don’t let carelessness ruin your digital assets.
Type 4: The person opposite is not the right personI have seen such a case in a group chat. When a user was transferring funds, many people in the group were sending addresses, so he copied others’ addresses and transferred tokens. Fortunately, users in the group are familiar. After the negotiation, the currency was transferred back, which did not cause the “token loss” consequences.
NEXT Official website：https://neonext.io
NeoLine Official website：https://neoline.io
Scan code to pay attention to Neo NEXT official public number
Get more first-hand community information
See above about the TOS - of course you don’t have a right to redeem your tethers for fiat. Who are you? Get an account and go through thorough KYC/AML if you want to do any fiat operations.His responses seem naive to the fact that bitcoin exchanges can and have been operating as fractional reserves in the past under the guise of solvency.
Try simple logic. Running a fractional reserve would mean that the company couldn’t stay in business. Why would it do that?
If Taiwan closes Tether’s accounts? For what reason? Tether is a legally operating business in Taiwan.
Most of your answers here so far have boiled down to "this would never happen!"udecker's only response to this was
You also dodged his question about the audit, which has been getting asked and dodged now for almost a year.
At least your username checks out.
For future alpaca farmers, Sexton and Saitone laid out some of the major hallmarks of a speculative bubble, including: (1) The asset not the product is the thing being marketed (i.e. live alpacas, not fiber),Bitcoin cult members sell users the dream of egalitarian wealth, when in reality the math and code behind Bitcoin simply created a system where existing capital is proportionally transfered into Bitcoin during the temporary hyperinflationary phase at an accelerated rate based on how early one begins to to set up server farms. Early users spent measurably less capital to generate significantly more of the supply. The Bitcoin protocol and mining algorithm is not some fancy complex math (Bitcoin mining math amounts to a lottery system, more capital gives more lottery ticket printers). Mining boils down to wasting more work and energy for less output as time passes.
(2) investors have unrealistic expectations (alpaca fiber would replace wool, despite the lack of infrastructure; and besides the fact that people don’t really wear that much wool),Cryptocoins seek to turn money and now entire industries and services into speculative gift cards where the majorty of the supply is in the hands of a few "pre-sale ICO" kings and a few existing wealthy whales who have set up large warehouses in China, Washington, South East Asia, etc. Are we to expect the future robber barons who bought a bunch of gamer graphics cards to waste energy running this software deserve anything?
(3) information is controlled through industry sources (most of the information the researchers were able to dig up was put out by breeding associations),Even in the more reputable publications, journalists boil down the computer science into the marketing claims of what Blockchain and smart contracts cultist CLAIM it can do. These are solutions in search of problems.
(4) small scale investors predominate (Foster Farms did not open an alpaca plant).The cult of bagholders think they are the kings.
One important point: if we actually include all 7 billion people on the earth, most of whom have zero BTC or Ethereum, the Gini coefficient is essentially 0.99+. And if we just include all balances, we include many dust balances which would again put the Gini coefficient at 0.99+. Thus, we need some kind of threshold here. The imperfect threshold we picked was the Gini coefficient among accounts with ≥185 BTC per address, and ≥2477 ETH per address. So this is the distribution of ownership among the Bitcoin and Ethereum rich with $500k as of July 2017.https://medium.com/@balajis/quantifying-decentralization-e39db233c28e
In what kind of situation would a thresholded metric like this be interesting? Perhaps in a scenario similar to the ongoing IRS Coinbase issue, where the IRS is seeking information on all holders with balances >$20,000. Conceptualized in terms of an attack, a high Gini coefficient would mean that a government would only need to round up a few large holders in order to acquire a large percentage of outstanding cryptocurrency — and with it the ability to tank the price.
With that said, two points. First, while one would not want a Gini coefficient of exactly 1.0 for BTC or ETH (as then only one person would have all of the digital currency, and no one would have an incentive to help boost the network), in practice it appears that a very high level of wealth centralization is still compatible with the operation of a decentralized protocol. Second, as we show below, we think the Nakamoto coefficient is a better metric than the Gini coefficient for measuring holder concentration in particular as it obviates the issue of arbitrarily choosing a threshold.
...However, the maximum Gini coefficient has one obvious issue: while a high value tracks with our intuitive notion of a “more centralized” system, the fact that each Gini coefficient is restricted to a 0–1 scale means that it does not directly measure the number of individuals or entities required to compromise a system.
Specifically, for a given blockchain suppose you have a subsystem of exchanges with 1000 actors with a Gini coefficient of 0.8, and another subsystem of 10 miners with a Gini coefficient of 0.7. It may turn out that compromising only 3 miners rather than 57 exchanges may be sufficient to compromise this system, which would mean the maximum Gini coefficient would have pointed to exchanges rather than miners as the decentralization bottleneck.
Conversely, if one considers “number of distinct countries with substantial mining capacity” an essential subsystem, then the minimum Nakamoto coefficient for Bitcoin would again be 1, as the compromise of China (in the sense of a Chinese government crackdown on mining) would result in >51% of mining being compromised.
Shreemoon Rajbhandarisubmitted by Shreemoon to loopringorg [link] [comments]
My Intern Experience
During my time as an undergraduate, one of the key experiences recommended is to do an internship. Gaining work experience as an intern overseas will improve a skill set in my area of interest. Working somewhere as culturally different and economically significant as China is a talking point in any interviews. There are many reasons that made me choose to do an internship in China. Definitively the best part of the experience has been living out of your comfort zone. Encountering new situations and experiences, that increase my self awareness, my capabilities and also to discover my weaknesses.
Over the past 2 years, we have seen many digital currencies/cryptocurrencies being introduced globally.These have added the aspect of using this financial ecosystem to eventually solve social issues. This could be the application of Blockchain technology in areas like logistics/supply chain to food security. Eventually, there would be many more areas where blockchain and related technology developers would be needed. It's emerging to change the way we solve the many roadblocks that we face.
Blockchain is considered to be one of the most trending topics. This is the right time for me to learn about the technology and start implementing. Blockchain is a notion that can be implemented directly or indirectly to any sector as such. Only two months prior, I had a minimal amount of knowledge about blockchain innovation, and my insight into blockchain comprised distinctly of an obscure comprehension of bitcoin and cryptographic money all in all.
During my internship, I was given investigation material to help assemble my base comprehension of Loopring and the blockchain innovation that it depends on. In the wake of beginning at Loopring, I have been given significantly more prominent chance to learn. While my comprehension of blockchain is still new, it has improved extensively since my first day at the organisation.
In this post, I would like to talk about two cryptographic methods aiming to give privacy to blockchain technology ; the zk-SNARKS and zk-STARKS protocols are two significant examples. We will look into their advantages and disadvantages, comparison between two protocols, and conclusion.
ZK-SNARKS vs ZK-STARKS
Along with the countless benefits of the Internet from which we can benefit, when we use it for social media or business company purposes, privacy is at greater risk. Approximately 90 million of Facebook users information were damaged by Cambridge Analytical data. The Wall Street stated that “ this is just the beginning, and the results are expected to grow”. The Equifax data breach revealed information on social media channels from private users. Thus, birth dates were exposed to the majority of the populations. Due to the Uber hack, data from over 55 million customers were also shared and exposed.
Privacy has consistently been seen as a valuable element within the cryptocurrency community. There is always a growing focus on improving privacy within the cryptocurrency space. Bitcoin, Ethereum, Litecoin and many other cryptocurrencies are all actively searching for the most convenient approaches to increase their security. It is the antecedent to fungibility, which is vital for a broadly used form of money. Additionally, most crypto-asset holders do not want their transaction history to be completely public to the world. Among the different cryptographic methods aiming to give privacy to blockchain technology; the zk-SNARK and zk-STARKS protocols are two main significant examples.
Two leading technologies today offer their cryptocurrencies - Monero and zcash— and strive to address protection issues. Monero uses the technology of Ring Confidential Signature. By contrast, Z-Cash uses zk-SNARK( Zero-Knowledge transparent knowledge argument), a technology that provides the ability to conduct anonymous transactions.
In recent years, zk-SNARKS has exploded as the most promising technology to solve blockchain privacy. It is a technology derived from proofs of zero-knowledge, a type of proof that anyone with a verification key can check this “proof” without disclosing the information itself. If the statement holds, a verifier will be convinced by a correct proof. If the statement is false, it is true that no prover can convince a verified statement.
zk-SNARK stands for :
- Zero-knowledge : if the statement is true, there is nothing the verifier learns beyond the fact that the statement is true.
- Succinct : The proof size needs to be small enough in a few milliseconds to be verified.
- Non-interactive :Only one set of information is sent to the verifier for verification, therefore there is no back and forth communication between the prover and verifier.
- Argument of Knowledge : A computationally soundproof: soundness runs counter to a prover leveraging polynomial-time, i.e. limited computing. Also, Without access to the witness (the private input needed to prove the statement), the evidence can not be constructed.
zk-SNARKS aims to provide fast, scalable solutions to ensure financial security. Therefore, transaction encryption is possible.When zk-SNARK is applied to a cryptocurrency, it implies you can conceal the majority of the transaction data information. This incorporates the sender address, collector address, just as the transaction sum amount. zk-SNARKS enables us to shroud the majority of this data information, while likewise enabling the system to affirm and verify the transactions. It amplifies security while maintaining consensus. In the realm of blockchain, it is one of the most exceptional blockchain level protection innovation being used.
With the launch of version 3.0, Loopring’s decentralised protocol solution struck a noteworthy milestone in early May- adding off-chain scaling and fee optimisation using zk-SNARKs. Low fees, liquidity, transparency and security are the key goal of the loopring solution. Loopring says the new Loopring 3.0 based zk-SNARK will increase trade speeds and on-chain activity efficiency tenfold. The data previously stored on-chain in Loopring 3.0 is now stored off-chain in a Merkle tree and then used as required in zk-SNARKS, updating the tree.
Be that as it may, there are a few issues with zk-SNARKS. The main problem has been the need for a trusted setup. zk-SNARKS rely on a permission private key. This essentially undermines the entire purpose of decentralised public blockchain. By introducing the need to trust a person rather than code, you threaten the entire concept of trustlessness. In theory, a prover with sufficient computational power could create fake proofs, and this is one of the reasons why many consider quantum computers as a threat to zk-SNARKs (and blockchain systems).
Last year zk-SNARKS were incorporated on a MIT Tech Review list of the top 10 Breakthrough Technologies of 2018 among AI advancements. zk-SNARKS allows both a tremendous speedup in verifying the correctness of a computation while at the same time it hides the private details from prying eyes. Some of the potential uses citied in MIT article were verifying you’re over 18 without having to share your date of birth, and providing you have a enough money in your back account as collateral without having to give away account details like your exact balance. It establishes trust which you need to interact on the blockchain. Zk-SNARK proofs are as of now being used on Zcash, on JP Morgan Pursue's blockchain-based payment system, and as an approach to safely validate customers to servers.
The more developed version of zk-SNARKS is called zk-STARKS which stands for :
Argument of Knowledge
zk-STARKS verifications are currently being touted as the better than ever form of the convention, tending to a considerable lot of the past disadvantages of zk-SNARKs. It has demonstrated an approach to accomplish a similar degree of privacy as zk-SNARKS without the requirement for the trusted setup. Starks are practically superior to Snarks as they require weaker crypto suppositions, they don't require a trusted setup and are post-quantum resistant. zk-SNARKs are based on Elliptic-Curve Cryptography, which is susceptible to advances in Quantum-Computers. zk-STARKs, on the other hand are Post-Quantum system meaning that even if Quantum-computers become powerful and ubiquitous they will not have an advantage, compared to classical computers, in breaking zk-STARKs. Anyway they have a noteworthy downside, as in the proof being too enormous. Their problem is their storage requirements. STARKs are doubly scalable, which means the proof verification is exponentially faster than the original computation’s time but the drawback is the size of the proof they create being too large, possibly 2 or 3 orders of magnitude more than those produced by zk-SNARKs. One example : StarkWare solves the inherent problems of scalability and privacy of blockchains. Using STARK technology, they generate a full proof-stack to produce and verify computer integrity tests. They utilise STARKs to batch transactions into a single proof that is verified on Ethereum. Matt Taylor states that the present iteration of StarkDEX demonstrates the viability of using STARKs for the scalability of Layer-2 by showing a substantial rise in the amount of blockchain transaction.
The idea of zk-STARKS was proposed by Eli-Ben Sasson, a professor at the Technion-Israel institute of Technology. zk-STARKS provide proofs that can be verified a lot quicker than zk-SNARKS. At the present time, Z-cash and Ethereum are on the whole considering to utilize zk-STARKS. zk-STARKS have solved the trusted setup issue. They have totally expel the requirement for multiple parties to create the private key required for the string. Rather everything needed to produce the proofs is public and the verifications are generated from arbitrary numbers. zk-STARKS actually removed the necessity in zk-SNARKS for unbalanced cryptography and rather utilizes the hash fuctions like those found in Bitcoin mining. In addition, they ought to have longer timeframe of realistic usability as far as their crytographic resilience than zk-SNARKS. However, there are some impediment of zk-STARKS, the main issue with zk-STARKS is their size. The verifications it uses are basically too enormous to use in many blockchains as they stand. As indicated by Vitalik Buterin, zk-STARKS will result in proofs of a couple of hundreds kilobytes versus the 288 bytes seen in zk-SNARKS.
The Difference Between zk-STARKS and zk-SNARKS.
Source : The Medium - Coinmonks
The complexity of communication : With the computation’s expanded complexity, the zk-SNARKS communication complexity also increases linearly, whereas zk-STARKs develops in the opposite direction and grows slowly as the computation size grows.The graph above shows that the communication required by the zk-STARKs to complete the calculation rises much slower than zk-snarks as the underlying evidence increases in complexity.
Source : The Medium - Coinmonks
The complexity of the verifier : zk-STARKs slightly widening with the development in computation size. On the other side, for confirmation evidence, zk-SNARKs requires less time than zk-STARKs. zk-STARKs, for instance need up to 100 ms to verify and zk-SNARKs need only up to 10ms. The graph above illustrates the the time taken by the zk-STARK to verify an evidence rises very slowly compared to the zk-SNARK as the underlying evidence increases in complexity.
Overall these two protocols have excellent potential in the cryptocurrency globe and can be a breakthrough avenue for mainstream implementation. Both conventions are truly needed steps to protect our privacy.
submitted by iTradeBit to bitcoin_crypto [link] [comments]
Analysts and players in the market have been worrying about unequal distribution of the digital assets for several years already. Well-founded doubts arise among many traders that almost all digital gold is absorbed by whales which are controlling the market. Last year a study was conducted where it was indicated that the extreme inequality sharply increases the risk of the volatility of the market which is already not predictable.
The whales’ actions can lead to the situation when the market and the major coins may either take a leap into the top or fall down. Moreover, in both situations it will be the whales anyway who will benefit, and the rest of the players will have to count on a zero-sum outcome at best. And what is the reason why crypto whales are becoming ever richer and the grassroots players are becoming ever poorer?
It’s all a matter of classical economy. Cryptocurrency industry is in the process of the initial capital accumulation. If you look at the history of the classical economics, then it immediately becomes obvious that then, as it is now, money are being accumulated in the early arrivals’ addresses or in the wallets of the largest platforms’ owners.
No one has ever struck down the laws of the economy even for cryptocurrency market, and the fall in the actual number of Bitcoins and the increasing demand for them from the players aggravates the current situation even further. Besides, investors constantly prefer Bitcoin to all the rest of the currencies, and therefore its value in the long term will only rise.
Those players who have just acquired a small number of coins are at a disadvantage from the very beginning, and however long they would try to make money; they will still be losing to the whales. In addition, there is a theory which poses that cryptocurrencies were created specifically to form an elitist community outside of the authority of the governmental structures and regulators.
This may be so, but more likely the whales possessing considerable resources and authority are just acquiring another profitable asset for themselves relegatingeveryone else to the sidelines. It leads to the classical situation when only those who have both authority and money from the very beginning continue to accumulate their capital even in the digital currency, and everyone else will be able only to keep their deposits at best or to become poor at all, as it indeed happens.
submitted by INTCHAIN to INT_Chain [link] [comments]
The years of 2017 and ’18 were years focused on the topic of scaling. Coins forked and projects were hyped with this word as their sole mantra. What this debate brought us were solutions and showed us where we are right now satisfying the current need when paired with a plan for the future. What will be the focus of years to come will be anonymity and fungibility in mass adoption.
In the quickly evolving world of connected data, privacy is becoming a topic of immediate importance. As it stands, we trust our privacy to centralized corporations where safety is ensured by the strength of your passwords and how much effort an attacker dedicates to breaking them. As we grow into the new age of the Internet, where all things are connected, trustless and cryptographic privacy must be at the base of all that it rests upon. In this future, what is at risk is not just photographs and credit card numbers, it is everything you interact with and the data it collects.
If the goal is to do this in a decentralized and trustless network, the challenge will be finding solutions that have a range of applicability that equal the diversity of the ecosystem with the ability to match the scales predicted. Understanding this, INT has begun research into implementing two different privacy protocols into their network that conquer two of the major necessities of IoT: scalable private transactions and private smart contracts.
MimblewimbleOne of the privacy protocols INT is looking into is Mimblewimble. Mimblewimble is a fairly new and novel implementation of the same elements of Elliptic-Curve Cryptography that serves as the basis of most cryptocurrencies.
In bitcoin-wizards IRC channel in August 2016, an anonymous user posted a Tor link to a whitepaper claiming “an idea for improving privacy in bitcoin.” What followed was a blockchain proposal that uses a transaction construction radically different than anything seen today creating one of the most elegant uses of elliptic curve cryptography seen to date.
While the whitepaper posted was enough to lay out the ideas and reasoning to support the theory, it contained no explicit mathematics or security analysis. Andrew Poelstra, a mathematician and the Director of Research at Blockstream, immediately began analyzing its merits and over the next two months, created a detailed whitepaper [Poel16] outlining the cryptography, fundamental theorems, and protocol involved in creating a standalone blockchain.
What it sets out to do as a protocol is to wholly conceal the values in transactions and eliminate the need for addresses while simultaneously solving the scaling issue.
Confidential TransactionsLet’s say you want to hide the amount that you are sending. One great way to hide information that is well known and quick: hashing! Hashing allows you to deterministically produce a random string of constant length regardless of the size of the input, that is impossible to reverse. We could then hash the amount and send that in the transaction.
X = SHA256(amount)
4A44DC15364204A80FE80E9039455CC1608281820FE2B24F1E5233ADE6AF1DD5 = SHA256(10)
But since hashing is deterministic, all someone would have to do would be to catalog all the hashes for all possible amounts and the whole purpose for doing so in the first place would be nullified. So instead of just hashing the amount, lets first multiply this amount by a private blinding factor*.* If kept private, there is no way of knowing the amount inside the hash.
X = SHA256(blinding factor * amount)
This is called a commitment, you are committing to a value without revealing it and in a way that it cannot be changed without changing the resultant value of the commitment.
But how then would a node validate a transaction using this commitment scheme? At the very least, we need to prove that you satisfy two conditions; one, you have enough coins, and two, you are not creating coins in the process. The way most protocols validate this is by consuming a previous input transaction (or multiple) and in the process, creating an output that does not exceed the sum of the inputs. If we hash the values and have no way validate this condition, one could create coins out of thin air.
input(commit(bf,10), Alice) -> output(commit(bf,9), BOB), outputchange(commit(bf,5), Alice)
input(4A44DC15364204A80FE80E9039455CC1608281820FE2B24F1E5233ADE6AF1DD5, Alice) ->
As shown above, the later hashed values look just as valid as anything else and result in Alice creating 4 coins and receiving them as change in her transaction. In any transaction, the sum of the inputs must equal the sum of the outputs. We need some way of doing mathematics on these hashed values to be able to prove:
commit(bf1,x) = commit(bf2,y1) + commit(bf3,y2)
which, if it is a valid transaction would be:
commit(bf1,x) - commit(bf2+bf3,y1+y2) = commit(bf1-(bf2+bf3),0)
Or just a commit of the leftover blinding factors.
By the virtue of hashing algorithms, this isn’t possible. To verify this we would have to make all blinding factors and amounts public. But in doing so, nothing is private. How then can we make a valued public that is made with a private-value in such a way that you cannot reverse engineer the private value and still validate it satisfies some condition? It sounds a bit like public and private key cryptography…
What we learned in our primer on Elliptic-Curve Cryptography was that by using an elliptic curve to define our number space, we can use a point on the curve, G, and multiply it by any number, x, and what you get is another valid point, P, on the same curve. This calculation is quick but in taking the resultant point and the publically known generator point G, it is practically impossible to figure out what multiplier was used. This way we can use the point P as the public key and the number x as the private key. Interestingly, they also have the curious property of being additive and communicative.
If you take point P which is x • G and add point Q to it which is y • G, its resulting point, W = P + Q, is equal to creating a new point with the combined numbers x+y. So:
This property, homomorphism, allows us to do math with numbers we do not know.
So if instead of using the raw amount and blinding factor in our commit, we use them each multiplied by a known generator point on an elliptic curve. Our commit can now be defined as:
This is called a Pedersen Commitment and serves as the core of all Confidential Transactions.
Let’s call the blinding factors r, and the amounts v, and use H and G as generator points on the same elliptic curve (without going deep into Schnorr signatures, we will just accept that we have to use two different points for the blinding factor and value commits for validation purposes**). Applying this to our previous commitments:
and using the communicative properties:
which for a valid transaction, this would equal:
with ri, vi being the values for the input, ro,vo being the values for the output and rco, vco being the values for the change output.
This resultant difference is just a commit to the excess blinding factor, also called a commitment-to-zero:
You can see that in any case where the blinding factors were selected randomly, the commit-to-zero will be non-zero and in fact, is still a valid point on the elliptic curve with a public key,
And private key being the difference of the blinding factors.
So, if the sum of the inputs minus the sum of the outputs produces a valid public key on the curve, you know that the values have balanced to zero and no coins were created. If the resultant difference is not of the form
for some excess blinding factor, it would not be a valid public key on the curve, and we would know that it is not a balanced transaction. To prove this, the transaction is then signed with this public key to prove the transaction is balanced and that all blinding factors are known, and in the process, no information about the transaction have been revealed (the by step details of the signature process can be read in [Arvan19]).
All the above work assumed the numbers were positive. One could create just as valid of a balanced transaction with negative numbers, allowing users to create new coins with every transaction. Called Range Proofs, each transaction must be accompanied by a zero-knowledge argument of knowledge to prove that a private committed value lies within a predetermined range of values. Mimblewimble, as well as Monero, use BulletProofs which is a new way of calculating the proof which cuts down the size of the transaction by 80–90%.
*Average sizes of transactions seen in current networks or by assuming 2 input 2.5 output average tx size for MW
Up to this point, the protocol described is more-or-less identical between Mimblewimble and Monero. The point of deviation is how transactions are signed.
In Monero, there are two sets of keys/addresses, the spend keys, and the view keys. The spend key is used to generate and sign transactions, while the view key is used to “receive” transactions. Transactions are signed with what is called a Ring Signature which is derived from the output being spent, proving that one key out of the group of keys possesses the spend key. This is done by creating a combined Schnorr signature with your private key and a mix of decoy signers from the public keys of previous transactions. These decoy signers are all mathematically equally valid which results in an inability to determine which one is the real signer. Being that Monero uses Pedersen Commitments shown above, the addresses are never publically visible but are just used for the claiming, signing of transactions and generating blinding factors.
Mimblewimble, on the other hand, does not use addresses of any type. Yes. That’s right, no addresses. This is the true brilliance of the protocol. What Jedusor proved was that the blinding factors within the Pedersen commit and the commit-to-zero can be used as single-use public/private key pairs to create and sign transactions.
All address based protocols using elliptic-curve cryptography generate public-private key pairs in essentially the same way. By multiplying a very large random number (k_priv) by a point (G) on an elliptic curve, the result (K_pub) is another valid point on the same curve.
This serves as the core of all address generation. Does that look familiar?
Remember this commit from above:
Each blinding factor multiplied by generator point G (in red) is exactly that! r•G is the public key with private key r! So instead of using addresses, we can use these blinding factors as proof we own the inputs and outputs by using these values to build the signature.
This seemingly minor change removes the linkability of addresses and the need for a scriptSig process to check for signature validity, which greatly simplifies the structure and size of Confidential Transactions. Of course, this means (at this time) that the transaction process requires interaction between parties to create signatures.
CoinJoinEven though all addresses and amounts are now hidden, there is still some information that can be gathered from the transactions. In the above transaction format, it is still clear which outputs are consumed and what comes out of the transaction. This “transaction graph” can reveal information about the owners of the blinding factors and build a picture of the user based on seen transaction activity. In order to further hide and condense information, Mimblewimble implements an idea from Greg Maxwell called CoinJoin [Max13] which was originally developed for use in Bitcoin. CoinJoin is a trustless method for combining multiple inputs and outputs from multiple transactions, joining them into a single transaction. What this does is a mask that sender paid which recipient. To accomplish this in Bitcoin, users or wallets must interact to join transactions of like amounts so you cannot distinguish one from the other. If you were able to combine signatures without sharing private keys, you could create a combined signature for many transactions (like ring signatures) and not be bound by needing like amounts.
In this CoinJoin tx, 3 addresses have 4 outputs with no way of correlating who sent what
In Mimblewimble, doing the balance calculation for one transaction or many transactions still works out to a valid commit-to-zero. All we would need to do is to create a combined signature for the combined transaction. Mimblewimble is innately enabled to construct these combined signatures with the commit of Schnorr challenge transaction construction. Using “one-way aggregate signatures” (OWAS), nodes can combine transactions, while creating the block, into a single transaction with one aggregate signature. Using this, Mimblewimble joins all transactions at the block level, effectively creating each block as one big transaction of all inputs consumed and all outputs created. This simultaneously blurs the transaction graph and has the power to remove in-between transactions that were spent during the block, cutting down the total size of blocks and the size of the blockchain.
Cut-throughWe can take this one step further. To validate this fully “joined” block, the node would sum all of the output commitments together, then subtract all the input commitments and validate that the result is a valid commit-to-zero. What is stopping us from only joining the transactions within a block? We could theoretically combine two blocks, removing any transactions that are created and spent in those blocks, and the result again is a valid transaction of just unspent commitments and nothing else. We could then do this all the way back to the genesis block, reducing the whole blockchain to just a state of unspent commitments. This is called Cut-through. When doing this, we don’t have any need to retain the range proofs of spent outputs, they have been verified and can be discarded. This lends itself to a massive reduction in blockchain growth, reducing growth from O*(number of txs)* to O*(number of unspent outputs)*.
To illustrate the impact of this, let’s imagine if Mimblewimble was implemented in the Bitcoin network from the beginning, with the network at block 576,000, the blockchain is about 210 GB with 413,675,000 total transactions and 55,400,000 total unspent outputs. In Mimblewimble, transaction outputs are about 5 kB (including range proof ~5 kB and Pedersen commit ~33 bytes), transaction inputs are about 32 bytes and transaction proof are about 105 bytes (commit-to-zero and signature), block headers are about 250 bytes (Merkle proof and PoW) and non-confidential transactions are negligible. This sums up to a staggering 5.3 TB for a full sync blockchain of all information, with “only” 279 GB of that being the UTXOs. When we cut-through, we don’t want to lose all the history of transactions, so we retain the proofs for all transactions as well as the UTXO set and all block headers. This reduces the blockchain to 322 GB, a 94% reduction in size. The result is basically a total consensus state of only that which has not been spent with a full proof history, greatly reducing the amount of sync time for new nodes.
If Bulletproofs are implemented, the range proof is reduced from over 5kB to less than 1 kB, dropping the UTXO set in the above example from 279 GB to 57 GB.
*Based on the assumptions and calculations above.
There is also an interesting implication in PoS blockchains with explicit finality. Once finality has been obtained, or at some arbitrary blockchain depth beyond it, there is no longer the need to retain range proofs. Those transactions have been validated, the consensus state has been built upon it and they make up the vast majority of the blockchain size. If we say in this example that finality happens at 100 blocks deep, and assume that 10% of the UTXO set is pre-finality, this would reduce the blockchain size by another 250 GB, resulting in a full sync weight of 73 GB, a 98.6% reduction (even down 65% from its current state). Imagine this. A 73 GB blockchain for 10 years of fully anonymous Bitcoin transactions, and one third the current blockchain size.
It’s important to note that cut-through has no impact on privacy or security. Each node may choose whether or not to store the entire chain without performing any cut-through with the only cost being increased disk storage requirements. Cut-through is purely a scalability feature resulting in Mimblewimble based blockchains being on average three times smaller than Bitcoin and fifteen times smaller than Monero (even with the recent implementation of Bulletproofs).
What does this mean for INT and IoT?Transactions within an IoT network require speed, scaling to tremendous volumes, adapting to a variety of uses and devices with the ability to keep sensitive information private. Up till now, IoT networks have focused solely on scaling, creating networks that can transact with tremendous volume with varying degrees of decentralization and no focus on privacy. Without privacy, these networks will just make those who use it targets who feed their attackers the ammunition.
Mimblewimble’s revolutionary use of elliptic-curve cryptography brings us a privacy protocol using Pedersen commitments for fully confidential transactions and in the process, removes the dependence on addresses and private keys in the way we are used to them. This transaction framework combined with Bulletproofs brings lightweight privacy and anonymity on par with Monero, in a blockchain that is 15 times smaller, utilizing full cut-through. This provides the solution to private transactions that fit the scalability requirements of the INT network.
The Mimblewimble protocol has been implemented in two different live networks, Grin and Beam. Both are purely transactional networks, focused on the private and anonymous transfer of value. Grin has taken a Bitcoin-like approach with community-funded development, no pre-mine or founders reward while Beam has the mindset of a startup, with VC funding and a large emphasis on a user-friendly experience.
INT, on the other hand, is researching implementing this protocol either on the main chain, creating all INT asset transfer private or as an optional and add-on subchain, allowing users to transfer their INT from non-private chain to the private chain, or vice versa, at will.
Where it falls short？What makes this protocol revolutionary is the same thing that limits it. Almost all protocols, like Bitcoin, Ethereum, etc., use a basic scripting language with a function calls out in the actual transaction data that tells the verifier what script to use to validate it. In the simplest case, the data provided with the input calls “scriptSig” and provides two pieces of data, the signature that matches the transaction and the public key that proves you own the private key that created it. The output scripts use this provided data with the logic passed with it, to show the validator how to prove they are allowed to spend it. Using the public key provided, the validator then hashes it, checks that it matches the hashed public key in the output, if it does, it then checks to make sure the signature provided matches the input signature.
This verification protocol allows some limited scripting ability in being able to tell validators what to do with the data provided. The Bitcoin network can be updated with new functions allowing it to adapt to new processes or data. Using this, the Bitcoin protocol can verify multiple signatures, lock transactions for a defined timespan and do more complex things like lock bitcoin in an account until some outside action is taken.
In order to achieve more widely applicable public smart contracts like those in Ethereum, they need to be provided data in a non-shielded way or create shielded proofs that prove you satisfy the smart contract conditions.
In Mimblewimble, as a consequence of using the blinding factors as the key pairs, greatly simplifying the signature verification process, there are no normal scripting opportunities in the base protocol. What is recorded on the blockchain is just:
There are some proposals for creative solutions to this problem by doing so-called scriptless-scripts†. By utilizing the properties of the Schnorr signatures used, you can achieve multisig transactions and more complex condition-based transactions like atomic cross-chain swaps and maybe even lightning network type state channels. Still, this is not enough complexity to fulfill all the needs of IoT smart contracts.
And on top of it all, implementing cut-through would remove transactions that might be smart contracts or rely on them.
So you can see in this design we can successfully hide values and ownership but only for a single dimensional data point, quantity. Doing anything more complex than transferring ownership of coin is beyond its capabilities. But the proof of ownership and commit-to-zero is really just a specific type of Zero-knowledge (ZK) proof. So, what if, instead of blinding a value we blind a proof?
Part 2 of this series will cover implementing private smart contracts with zkSNARKs.
References and Noteshttps://github.com/ignopeverell/grin/blob/mastedoc/intro.md
** In order to prove that v=0 and therefore the commit to zero, in fact, has no Hcomponent without revealing r, we must use Schnorr protocol:
prover generates random integer n, computes and sends point 𝑇←n𝐻
verifier generates and sends random integer 𝑖
prover computes and sends integer 𝑠←𝑖𝑏+n modq, where q is the (public) order of the curve
verifier knowing point r𝐻 computes point 𝑖(r𝐻), then point 𝑖(r𝐻)+𝑇; computes point 𝑠𝐻; and ensures 𝑖(r𝐻)+𝑇=𝑠𝐻.
Original article here: https://medium.com/wanchain-foundation/ama-with-wanchain-vp-lini-58ada078b4fesubmitted by maciej_wan to wanchain [link] [comments]
“What is unique about us is that we have actually put theory into practice.”https://preview.redd.it/n6lo2xcmtn621.png?width=800&format=png&auto=webp&s=281acce4b45eed8acf0c52b201d01cb6f0d13507
Wanchain’s Vice President of Business Development, Lini, sat down with blockchain media organization Neutrino for an AMA covering a wide range of topics concerning Wanchain’s development.
The following is an English translation of the original Chinese AMA which was held on December 13th, 2018:
Neutrino: Could you please first share with us a little basic background, what are the basic concepts behind cross chain technology? What are the core problems which are solved with cross-chain? In your opinion, what is the biggest challenge of implementing cross chain to achieve value transfer between different chains?
Lini: Actually, this question is quite big. Let me break it down into three smaller parts:
In China, we like to use the word “cross-chain”, the term “interoperability” is used more frequently in foreign countries. Interoperability is also one of the important technologies identified by Vitalik for the development of a future blockchain ecosystem mentioned in the Ethereum white paper. So cross-chain is basically the concept of interoperability between chains.
In essence, blockchain is a distributed bookkeeping technique, also known as distributed ledger technology. Tokens are the core units of account on each chain, there currently exist many different chains, each with their own token. Of especial importance is the way in which each ledger uses tokens to interact with each other for the purpose of clearing settlements.
Cross chain technology is one of the foundational technological infrastructures that is necessary for the large scale application of blockchain technology.
Neutrino: As we all know, there are many different kinds of cross-chain technologies. Please give us a brief introduction to several popular cross-chain technologies on the market, and the characteristics of each of these technologies。
Lini: Before answering this question, it is very important to share two important concepts with our friends: heterogeneity and homogeneity, and centralization and decentralization.
These two points are especially important for understanding various cross-chain technologies, because there are many different technologies and terminologies, and these are some of the foundational concepts needed for understanding them.
There are also two core challenges which must be overcome to implement cross-chain:
Combining the above two points, we look at the exploration of some solutions in the industry and the design concepts of other cross-chain projects.
First I’d like to discuss the Relay solution.
However the Relay solution must consume a relatively large amount of gas to read the BTC header. Another downside is that, as we all know, Bitcoin’s blocks are relatively slow, so the time to wait for verification will be long, it usually takes about 10 minutes to wait for one block to confirm, and the best practice is to wait for 6 blocks.
The next concept is the idea of Sidechains.
This solution is good, but not all chains contain SPV, a simple verification method. Therefore, there are certain drawbacks. Of course, this two way peg way solves challenge beta very well, that is, the atomicity of the transaction.
These two technical concepts have already been incorporated into a number of existing cross chain projects. Let’s take a look at two of the most influential of these.
The first is Polkadot.
This is just a summary based on Polkadot’s whitepaper and most recent developments. The theoretical design is very good and can solve challenges alpha and beta. Last week, Neutrino organized a meetup with Polkadot, which we attended. In his talk, Gavin’s focus was on governance, he didn’t get into too much technical detail, but Gavin shared some very interesting ideas about chain governance mechanisms! The specific technical details of Polkadot may have to wait until after their main net is online before it can be analyzed.
Next is Cosmos.
Cosmos is a star project who’s basic concept is similar to Polkadot. Cosmos’s approach is based on using a central hub. Both projects both take into account the issue of heterogeneous cross-chain transactions, and both have also taken into account how to solve challenges alpha and beta.
To sum up, each research and project team has done a lot of exploration on the best methods for implementing cross-chain technology, but many are still in the theoretical design stage. Unfortunately, since the main net has not launched yet, it is not possible to have a more detailed understanding of each project’s implementation. A blockchain’s development can be divided into two parts: theoretical design, and engineering implementation. Therefore, we can only wait until after the launch of each project’s main network, and then analyze it in more detail.
Neutrino: As mentioned in the white paper, Wanchain is a general ledger based on Ethereum, with the goal of building a distributed digital asset financial infrastructure. There are a few questions related to this. How do you solve Ethereum’s scaling problem? How does it compare with Ripple, which is aiming to be the standard trading protocol that is common to all major banks around the world? As a basic potential fundamental financial infrastructure, what makes Wanchain stand out?
Lini: This question is actually composed of two small questions. Let me answer the first one first.
The TPS of Ethereum is not high at this stage, which is limited by various factors such as the POW consensus mechanism. However, this point also in part is due to the characteristics of Ethereum’s very distributed and decentralized features. Therefore, in order to improve TPS, Wanchain stated in its whitepaper that it will launch its own POS consensus, thus partially solving the performance issues related to TPS. Wanchain’s POS is completely different from the POS mechanism of Ethereum 2.0 Casper.
Of course, at the same time, we are also paying close attention to many good proposals from the Ethereum community, such as sharding, state channels, side chains, and the Raiden network. Since blockchain exists in the world of open source, we can of course learn from other technological breakthroughs and use our own POS to further improve TPS. If we have some time at the end, I’d love to share some points about Wanchain’s POS mechanism.
Wanchain is focused on different use cases, it is to act as a bridge between different tokens and tokens, and between assets and tokens. For various cross-chain applications it is necessary to consume WAN as a gas fee to pay out to nodes.
So it seems that the purpose Ripple and Wanchain serve are quite different. Of course, there are notary witnesses in the cross-chain mechanism, that is, everyone must trust the middleman. Ripple mainly serves financial clients, banks, so essentially everyone’s trust is already there.
Neutrino: We see that Wanchain uses a multi-party computing and threshold key sharing scheme for joint anchoring, and achieves “minimum cost” for integration through cross-chain communication protocols without changing the original chain mechanism. What are the technical characteristics of multi-party computing and threshold key sharing? How do other chains access Wanchain, what is the cross-chain communication protocol here? What is the cost of “minimum cost?
Lini: The answer to this question is more technical, involving a lot of cryptography, I will try to explain it in a simple way.
In sMPC multiple parties each holding their own piece of private data jointly perform a calculation (for example, calculating a maximum value) and obtain a calculation result. However, in the process, each party involved does not leak any of their respective data. Essentially sMPC calculation can allow for designing a protocol without relying on any trusted third parties, since no individual ever has access to the complete private information.
Secure multiparty computing can be abstractly understood as two parties who each have their own private data, and can calculate the results of a public function without leaking their private data. When the entire calculation is completed, only the calculation results are revealed to both parties, and neither of them knows the data of the other party and the intermediate data of the calculation process. The protocol used for secure multiparty computing is homomorphic encryption + secret sharing + OT (+ commitment scheme + zero knowledge proofs, etc.)
Wanchain’s 21 cross chain Storeman nodes use sMPC to participate in the verification of a transaction without obtaining of a user’s complete private key. Simply put, the user’s private key will have 21 pieces given to 21 anonymous people who each can only get 1/21 part, and can’t complete the whole key.
Wanchain uses the threshold M<=N; N=21; M=16. That is to say, at least 16 Storeman nodes must participate in multi-party calculation to confirm a transaction. Not all 21 Storeman nodes are required to participate. This is a solution to the security problem of managing private keys.
Cross-chain communication protocols refers to the different communication methods used by different chains. This is because heterogeneous cross-chain methods can’t change the mechanism of the original chains. Nakamoto and Vitalik will not modify their main chains because they need BTC and ETH interoperability. Therefore, project teams that can only do cross-chain agreements to create different protocols for each chain to “talk”, or communicate. So the essence of a cross-chain protocol is not a single standard, but a multiple sets of standards. But there is still a shared sMPC and threshold design with the Storeman nodes.
The minimum cost is quite low, as can be shown with Wanchain 3.0’s cross chain implementation. In fact it requires just two smart contracts, one each on Ethereum and Wanchain to connect the two chains. To connect with Bitcoin all that is needed is to write a Bitcoin script. Our implementation guarantees both security and decentralization, while at the same time remaining simple and consuming less computation. The specific Ethereum contract and Bitcoin scripts online can be checked out by anyone interested in learning more.
Neutrino: What kind of consensus mechanism is currently used by Wanchain? In addition, what is the consensus and incentive mechanism for cross-chain transactions, and what is the purpose of doing so? And Wanchain will support cross-chain transactions (such as BTC, ETH) on mainstream public chains, asset cross-chain transactions between the alliance chains, and cross-chain transactions between the public and alliance chains, how can you achieve asset cross-chain security and privacy?
Lini: It is now PPOW (Permissioned Proof of Work), in order to ensure the reliability of the nodes before the cross-chain protocol design is completed, and to prepare to switch to POS (as according to the Whitepaper roadmap). The cross-chain consensus has been mentioned above, with the participation of a small consensus (at least 16 nodes) in a set of 21 Storeman nodes through sMPC and threshold secret sharing.
In addition, the incentive is achieved through two aspects: 1) 100% of the cross chain transaction fee is used to reward the Storeman node; 2) Wanchain has set aside a portion of their total token reserve as an incentive mechanism for encouraging Storeman nodes in case of small cross-chain transaction volume in the beginning.
It can be revealed that Storeman participation is opening gradually and will become completely distributed and decentralized in batches. The first phase of the Storeman node participation and rewards program is to be launched at the end of 2018. It is expected that the selection of participants will be completed within one quarter. Please pay attention to our official announcements this month.
In addition, for public chains, consortium chains, and private chains, asset transfer will also follow the cross-chain mechanism mentioned above, and generally follow the sMPC and threshold integration technology to ensure cross-chain security.
When it comes to privacy, this topic will be bigger. Going back to the Wanchain Whitepaper, we have provided privacy protection on Wanchain mainnet. Simply put, the principle is using ring signatures. The basic idea is that it mixes the original address with many other addresses to ensure privacy. We also use one-time address. In this mechanism a stamp system is used that generates a one-time address from a common address. This has been implemented since our 2.0 release.
But now only the privacy protection of native WAN transactions can be provided. The protection of cross-chain privacy and user experience will also be one of the important tasks for us in 2019.
Neutrino: At present, Wanchain uses Storeman as a cross-chain trading node. Can you introduce the Storeman mechanism and how to protect these nodes?
Lini: Let me one problem from two aspects.
Neutrino: On December 12th, the mainnet of Wanchain 3.0 was launched. Wanchain 3.0 opened cross-chain transactions between Bitcoin, Ethereum and ERC20 (such as MakerDao’s stable currency DAI and MKR). What does this version mean for you and the industry? This upgrade of cross-chain with Bitcoin is the biggest bright spot. So, if now you are able to use Wanchain to make transactions between what is the difference between tokens, then what is the difference between a cross chain platform like Wanchain and cryptocurrency exchanges?
Lini: The release of 3.0 is the industry’s first major network which has crossed ETH and BTC, and it has been very stable so far. As mentioned above, many cross-chain, password-protected theoretical designs are very distinctive, but for engineering implementation, the whether or not it can can be achieved is a big question mark. Therefore, this time Wanchain is the first network launched in the world to achieve this. Users are welcome to test and attack. This also means that Wanchain has connected the two most difficult and most challenging public networks. We are confident we will soon be connecting other well-known public chains.
At the same time of the release of 3.0, we also introduced cross chain integration with other ERC20 tokens in the 2.X version, such as MakerDao’s DAI, MKR, LRC, etc., which also means that more tokens of excellent projects on Ethereum will also gradually be integrated with Wanchain.
Some people will be curious, since Wanchain has crossed so many well-known public chains/projects; how is it different with crypto exchanges? In fact, it is very simple, one centralized; one distributed. Back to the white paper of Nakamoto, is not decentralization the original intention of blockchain? So what Wanchain has to do is essentially to solve the bottom layer of the blockchain, one of the core technical difficulties.
Anyone trying to create a DEX (decentralized exchange); digital lending and other application scenarios can base their application on Wanchain. There is a Wanchain based DEX prototype made by our community members Jeremiah and Harry, which quite amazing. Take a look at this video below.
Neutrino: What are the specific application use cases after the launch of Wanchain 3.0? Most are still exploring small-scale projects. According to your experience, what are the killer blockchain applications of the future? What problems need to be solved during this period? How many years does it take?
Lini: As a cross-chain public chain, we are not biased towards professional developers or ordinary developers, and they are all the same. As mentioned above, we provide a platform as infrastructure, and everyone is free to develop applications on us.
For example, if it is a decentralized exchange, it must be for ordinary users to trade on; if it is some kind of financial derivatives product, it is more likely to be used by finance professionals. As for cross-chain wallets which automatically exchange, I’m not sure if you are talking about distributed exchanges, the wallet will not be “automatic” at first, but you can “automatically” redeem other tokens.
Finally, the remaining WAN tokens are strictly in accordance with the plan laid out in the whitepaper. For example, the POS node reward mentioned above will give 10% of the total amount for reward. At the same time, for the community, there are also rewards for the bounty program. The prototype of the DEX that I just saw is a masterpiece of the overseas community developers, and also received tokens from our incentive program.
Neutrino community member’s question: There are many projects in the market to solve cross-chain problems, such as: Cosmos, Polkadot, what are Wanchain’s advantages and innovations relative to these projects?
Lini: As I mentioned earlier, Cosmos and pPolkadot all proposed very good solutions in theory. Compared with Wanchain, I don’t think that we have created anything particularly unique in our theory. The theoretical basis for our work is cryptography, which is derived from the academic foundation of scholars such as Yao Zhizhi and Silvio Micali. Our main strong point is that we have taken theory and put it into practice..
Actually, the reason why people often question whether a blockchain project can be realized or not is because the whitepapers are often too ambitious. Then when they actually start developing there are constant delays and setbacks. So for us, we focus on completing our very solid and realizable engineering goals. As for other projects, we hope to continue to learn from each other in this space.
Neutrino community member Amos from Huobi Research Institute question: How did you come to decide on 21 storeman nodes?
Lini: As for the nodes we won’t make choices based on quantity alone. The S in the POS actually also includes the time the tokens are staked, so that even if a user is staking less tokens, the amount of time they stake them for will also be used to calculate the award, so that is more fair. We designed the ULS (Unique Leader Selection) algorithm in order to reduce the reliance on the assumption of corruption delay (Cardano’s POS theory). which is used for ensuring fairness to ensure that all participants in the system can have a share of the reward, not only few large token holders.
Wu Di, a member of the Neutrino community: Many big exchanges have already begun to deploy decentralized exchanges. For example, Binance, and it seems that the progress is very fast. Will we be working with these influential exchanges in the future? We we have the opportunity to cooperate with them and broaden our own influence?
Lini: I also have seen some other exchange’s DEX. Going back the original point, distributed cross-chain nodes and centralized ones are completely different. I’m guessing that most exchanges use a centralized cross-chain solution, so it may not be the same as the 21 member Storeman group of Wanchain, but I think that most exchanges will likely be using their own token and exchange system. This is my personal understanding. But then, if you are developing cross chain technology, you will cooperate with many exchanges that want to do a DEX. Not only Binance, but also Huobi, Bithumb, Coinbase… And if there is anyone else who would like to cooperate we welcome them!
Neutrino community member AnneJiang from Maker: Dai as the first stable chain of Wanchain will open a direct trading channel between Dai and BTC. In relation to the Dai integration, has any new progress has been made on Wanchain so far?
Lini: DAI’s stable currency has already been integrated on Wanchain. I just saw it yesterday, let me give you a picture. It’s on the current 3.0 browser, https://www.wanscan.org/, you can take a look at it yourself.
This means that users with DAI are now free to trade for BTC, or ETH or some erc20 tokens. There is also a link to the Chainlink, and LRC is Loopring, so basically there are quite a few excellent project tokens. You may use the Wanchain to trade yourself, but since the DEX is not currently open, currently you can only trade with friends you know.
About NeutrinoNeutrino is a distributed, innovative collaborative community of blockchains. At present, we have established physical collaboration spaces in Tokyo, Singapore, Beijing, Shanghai and other places, and have plans to expand into important blockchain innovation cities such as Seoul, Thailand, New York and London. Through global community resources and partnerships, Neutrino organizes a wide range of online an offline events, seminars, etc. around the world to help developers in different regions better communicate and share their experiences and knowledge.
About WanchainWanchain is a blockchain platform that enables decentralized transfer of value between blockchains. The Wanchain infrastructure enables the creation of distributed financial applications for individuals and organizations. Wanchain currently enables cross-chain transactions with Ethereum, and today’s product launch will enable the same functionalities with Bitcoin. Going forward, we will continue to bridge blockchains and bring cross-chain finance functionality to companies in the industry. Wanchain has employees globally with offices in Beijing (China), Austin (USA), and London (UK).
You can find more information about Wanchain on our website. Additionally, you can reach us through Telegram, Discord, Medium, Twitter, and Reddit. You can also sign up for our monthly email newsletter here.
Bitcoin’s zero-sum game. by John Quiggin on January 23, 2018. That’s the title of my latest piece in Inside Story. Nothing that will surprise anyone who’s been paying attention to what I’ve written on this, so I’ll just cite the conclusion . Since bitcoins are not useful as a medium of exchange, or desirable in themselves, their true value is zero. The highest price at which bitcoins ... In game theory, there are two types of games. Zero sum game: It is a game in which the gain of one player comes at the expense of another player. Non zero sum game: A game where the gain of one player doesn’t come at the expense of another player. So, how does one apply game theory? Let’s go back to what we were discussing again, should or shouldn’t a company advertise a particular ... Additionally, in a zero-sum game, the gain of one player is always equal to the loss of the other player in the game. A non-zero sum game, on the other hand, is a game in which the sum of the outcomes of all involved players is not zero. Bitcoin and Bitcoin Cash will coexist and serve different use cases, just like Bitcoin and Ethereum. Its not ... Bitcoin and other digital currencies are new kinds of money and exchange networks that are superior in nearly every way to state-controlled fiat money. Due to the fact that all monies are directly competing with one another as economic units, money create a zero-sum game of competitive economics against one another. The Prisoner’s Dilemma is a non-cooperative game theory model and a classic example of a non-zero sum game situation. A non-zero sum game is a situation where interacting parties’ aggregate gains and losses can be more or less than zero. This results in the ability of non-zero sum games to be either non-competitive or competitive as compared to zero-sum games that are strictly competitive.
[index]          
Ever wondered if stock market is a zero sum game? Whether the profits of one investor is the loss of another? Well, wonder no more. In this very brief yet il... What does ZERO-SUM THINKING mean? ZERO-SUM THINKING meaning - Duration: 4:02. The Audiopedia 879 views. 4:02 . Game Theory 101: What Is a Nash Equilibrium? (Stoplight Game) - Duration: 6:03 ... Is Trading a Zero Sum Game? Do you think Trading is a zero sum game? No. Its not Zero sum game meaning is when one loses and other wins from what one lost. In this video i explained Zero sum game ... I am starting a new series on game theory with this video. Patreon: https://www.patreon.com/user?u=36571443 Zero sum game is a type of game where for one per... #btc #cryptocurrency #buybitcoin Walk through the steps on how to buy Bitcoin on GDAX without having to pay for the high margin trading fees. Buy Bitcoin FOR 0% FEES (Tutorial) GDAX limit order ...