
Dai/Nakamoto emails - jc123
http://www.gwern.net/docs/2008-nakamoto
======
bachback
the b-money paper is very well worth reading even today. appendix A hints at
what we call today proof of stake. the property club in b-money is more of a
political organization than the participants in the Bitcoin network:

"community is defined by the cooperation of its participants, and efficient
cooperation requires a medium of exchange"

"I hope this is a step toward making crypto-anarchy a practical as well as
theoretical possibility."
[http://www.weidai.com/bmoney.txt](http://www.weidai.com/bmoney.txt)

amazing how mute Wei's reaction was and still is. b-money was a nice idea, but
it seems he was never too much interested in impelementation. the request is
obviously fake. Nakamoto was clearly well versed in the history of this topic
and was very likely to be around in 1998.

other than that, gwern is still the authority on Bitcoin. "What’s wrong with
Bitcoin is that it’s ugly."

[http://www.gwern.net/Bitcoin%20is%20Worse%20is%20Better](http://www.gwern.net/Bitcoin%20is%20Worse%20is%20Better)

~~~
sillysaurus3
That's a good quote: "What's wrong with bitcoin is that it's ugly." It refers
to the protocol and the technical implementation, and it's quite true for the
reasons mentioned in the article. For example, it seems possible that the
world's largest mining pools may eventually try to unite in order that a
single entity can control more than 51% of the hashing power invested into
bitcoin. As mining technology becomes more specialized, the probability of
this will continue to go up. Being able to control the fate of an entire
currency is tempting, and it will get more tempting as bitcoin gains
widespread adoption.

In spite of all that, it still works, and works reasonably well. The protocol
is also full of all kinds of nice features planned for the future. There was
an article that went into these plans in a lot of depth (which unfortunately I
can't find offhand) but the point was that bitcoin is capable of far more than
just being a simple money transmitter.

So that's the protocol aspect. But what about the social aspect? How has that
fared?

It turns out that bitcoin is dangerous to its users. The reason it's dangerous
is also its core strength: irreversible transactions.

There have been so many losses due to theft and fraud. Some guy on Reddit
posted that he'd lost his 16BTC after he took his macbook into an Apple store
for some minor repair. Some employee popped his harddrive into an external
enclosure and scanned it for wallet.dat files, then made off with his coins by
using a mixer. No one could prove anything, and that thief is now thousands of
dollars richer while the victim is that much poorer.

One unexpected reason for the danger to consumers is the legal protections
provided to corporations. It's relatively easy to start an exchange right now.
It's as easy as starting a corporation and putting together a website. And if
users are persuaded to send their coins to the exchange, and the exchange
happens to lose those coins due to e.g. a massive technical problem, an
unforeseen protocol problem like malleability, theft by an attacker, or even
theft by the founders themselves, then the users are completely hosed. They
lose everything. What happens to the corporation? It's dissolved, and that's
that. No one from the failed corporation is exposed to any kind of legal
risks. That's the whole point of a corporation: so that the people starting
them aren't directly liable for the corporation failing. But when a bitcoin
exchange or webwallet fails, all of the users lose their money.

This unfortunately happened to me on Mt. Gox. They recently discovered 200,000
BTC that they accidentally misplaced, so hopefully those will be distributed
among customers in a few months and I'll get about 10-15% of my holdings back.
In the meantime, it's pretty clear that the exchanges can basically do
whatever they want. How can consumers know which exchange to trust? The answer
is that you can't trust any of them. There is no mechanism by which to recover
from disaster, and disaster is just a matter of time. Bitcoin The Protocol has
the chance to last decades. How confident are you that your favorite exchange
(or broker dealer like Coinbase) will last that long?

Beyond that, there is still no turnkey solution for consumers to manage their
coins themselves. There are _solutions_ , but they are uncomfortable. They
require careful reading and time, both of which are inconvenient. The current
best solution is a dedicated cold storage computer (or Raspberry Pi) running
Armory, and to make multiple paper backups and store them yourself in various
locations, so that it's unlikely your computer and your papers are all wiped
out simultaneously.

And even with that kind of protection, someone can still hold a gun to your
head and force you to send them your bitcoin, and there's not a damn thing you
can do to protect yourself if they succeed. All transactions on the blockchain
are public, so if someone gets wind that you control a 1,000 BTC wallet,
suddenly you're a target. If they compel you to send your coins to them and
somehow get away, you'll never get them back. Heck, if they force you to send
them your coins and _don 't_ get away, it's still unlikely you'll ever get
your coins back. They'll just sit in prison and bide their time, then enjoy
your coins as a pension plan for when they get out of prison.

Is there hope? Perhaps. As far as I can tell, what's needed is for an
exchange/dealer like Coinbase to purchase some kind of high-risk insurance
which is guaranteed to pay out in the event of a disaster. The insurance plan
would have to be able to cover all coins that the exchange holds at the time
of the disaster. Since Coinbase has >1M user wallets, Coinbase probably
controls quite a lot of coins. Let's say that they hold ~1/4th the number of
coins Mt. Gox claimed to: about 200,000 BTC. Let's say the price per coin at
the time of the disaster is $400/coin. That's $80M of losses which the
insurance company would have to cover. And _how_ precisely will they pay out
to the exchange's users? Or even to the exchange themselves? Let's say the
insurance company hands over $80M. Now the goal is to use that $80M to buy
back enough coins from some other source in order to return all lost coins.
Well, you can't do it! You'll skyrocket the price of bitcoin from $400 to
$MASSIVE_NUMBER if you tried to buy 200,000 coins, especially if everyone
realized what you were trying to do. So the exchange may still wind up hosed!
And of course, that means the _users_ will wind up hosed in the end.

~~~
hendzen
To respond to one of your points:

> The current best solution is a dedicated cold storage computer (or Raspberry
> Pi) running Armory, and to make multiple paper backups and store them
> yourself in various locations, so that it's unlikely your computer and your
> papers are all wiped out simultaneously.

The Trezor, a hardware wallet that signs transactions without exposing private
keys to the computer it is connected to just shipped its first unit:
[https://bitcointalk.org/index.php?topic=553818.0](https://bitcointalk.org/index.php?topic=553818.0)

Dedicated hardware wallets (which will hopefully be cheap and readily
available) may be the future solution to malware related theft.

------
Aqueous
To me, the argument from silence is compelling. Bit gold is not just similar
to BitCoin - it is virtually identical. The only thing BitCoin has that
BitGold doesn't is that concensus is formed by the holders of a majority of
the computational power, rather than the majority of nodes. This is what makes
BTC byzantine resilient. And the question Wei Dai asks - why would he cite
b-money and not bit gold - is precisely why I'm inclined to think it is Szabo.
For him to not mention Bit Gold in light of the similarity is highly
suspicious indeed.

~~~
Confusion
A smart man, especially someone that understands security, would foresee the
argument from silence. If anything, I think it is a deliberate red herring to
make suspicion fall on Szabo.

~~~
bachback
it worked pretty well. one way to think about it: did Nakamoto want to be
known? then reason from there. then consider the negation. the deeper point in
all of this: why do we trust people in the first place?

~~~
Aqueous
i think nakamoto/szabo is ambivalent on this point. i think he cared enough to
cover his tracks enough so that no conclusive evidence of his identity can be
found. but he did not care enough to clear certain circumstantial evidence
from the picture, such as aspects of his writing style, and the times of day
he posted which link him to szabo and the aforementioned forward-dating of
posts.

i think some part of nakamoto wishes to have credit for BitCoin, or at least
not permit someone else to take credit - which is part of why he came out of
hiding to redirect people away from dorian nakamoto. to protect him, but also
to ensure that credit was not conclusively misattributed.

------
codecondo
Unfortunately, I don't follow Bitcoin a whole lot, but could someone please
tell me what is the point of all this and why are people so 'excited' to find
out more about Satoshi.

(the font of the website is fine @stephen)

~~~
dmix
Satoshi changed the world and the newsmedia and humans in general are obsessed
with geniuses and successful people. It's also a natural phenomenon that
people are drawn to something that's mysterious and forbidden (read the book
"Artful Persuasion").

I doubt it has much to do with anything rational, such as benefiting from
finding out who he is or obtaining more insight from Sathoshi. It's just deep
rooted human curiosity.

~~~
codecondo
Hey man,

thanks for the answer, totally hear what you're saying and I'll look into that
book, thanks for suggesting it!

------
sktrdie
What is the reason for Satoshi wanting to remain anonymous? The others
(hashcash, bitgold, b-money creators) didn't seem to bother with anonymity.
This is why I highly doubt Satoshi is actually a pseudonym.

~~~
sfk
One reason may be that bitcoin is a Ponzi scheme.

~~~
hendzen
I wouldn't say it fits the technical definition of a Ponzi scheme.

Now, the technology (the opensource daemon, and the network of nodes running
it to create a peer to peer ledger and all that jazz) is really an quite
interesting experiment in distributed systems.

The culture around Bitcoin the 'currency' at the moment (and forseeable
future) is more complicated.

At worst its a pyramid scheme, and at best its an asset bubble. In practice I
would say it most resembles a sophisticated, decentralized Multi-Level-
Marketing scheme (MLM) of a particularly novel and insidious variety (Note
that MLMs such as Amway & Herbalife have plodded along for years). This can be
said not just of bitcoin, but of the entire ecosystem of cryptocurrencies.

Ironically, the fact that it has value derives from its perverse incentivizes
of its "investors" to create a cycle of pump and dump bubbles, that bring more
people into the fold each time. These speculators provide a liquidity pool
that makes bitcoin useful to those who actually use it because they are shut
out of the traditional payment system. Alarmingly, it seems at the moment that
this group deriving actual utility (over credit cards) consists primarily of
hackers, drug dealers, gamblers, arms dealers, pornographers, and other
participants of the grey/black market economy. Yes, there is a big pool of
legitimate merchants accepting bitcoin because of low transaction fees & no
chargebacks, but adoption by non-speculator 'legitimate consumers' is far
beyond merchant adoption.

The end game is uncertain. If the liquidity pool eventually grows large enough
(resulting in a stable, high value) such that people feel confident to start
settling contracts denominated in bitcoin (see mpex.co for a particularly
sophisticated example), this will represent a massive challenge to the power
of the state to control commerce and enforce taxation. In other words, an
crypto-anarchists wet dream.

Perhaps bitcoin will stay somewhere around the size it is now or perhaps an
order of magnitude larger in which case it may stay a fringe payment
technology with a shady reputation, much like Liberty Reserve and egold before
it.

It is also possible that governments will regulate it away by requiring all
addresses be registered (see: [http://blog.gardeviance.org/2014/03/how-to-fix-
bitcoin.html](http://blog.gardeviance.org/2014/03/how-to-fix-bitcoin.html)).
Or maybe they will just get fed up and attack it by targeting it at its
primary point of centralization: all mining ASICs are currently fabbed at
TSMC. TSMC could perhaps could be coerced into adding some kind of backdoor or
kill switch into the next generation of mining chips. Note that other
cryptocurrencies have and will adopt ASIC resistant PoW schemes that limit
this at a risk of allowing a 51% attack by a large botnet (or entity with
massive computing resources like Google or the NSA).

Either way, Pandora's Box has been opened. Future cryptocurrencies are in the
works that use cutting edge advances in zero-knowledge proving techniques to
completely eliminate the need for a public transaction history. With regards
to bitcoin (and other Nakamoto-chain based cryptocurrencies) specifically, the
widely noted scaling problems will be solved by ongoing work on 2-way pegging
to side chains, tree-chains, and other ways of 'sharding' the blockchain,
while maintaining bitcoin's enforced scarcity.

\-----------------------

So really, the reason why I want to know who Satoshi is, is because bitcoin is
an incredible hack. Not just of computers and networks, but also of minds. To
secure the network, mining has to be incentivized by giving the coins value,
which means Satoshi anticipated not just the technical aspects of enforcing
concensus in the ledger of coins, but also the economic & psychological
aspects of getting people to think the coins are valuable (and that their
value would increase). I'd personally like to know what motivated he/she/they
to build & design Bitcoin, and what his/her/their thoughts were as it took
off, and what he/she/they think of the current ecosystem.

------
stephenitis
just me or was that page barely readable due to font, color, spacing, and
width?

~~~
ChrisNorstrom
Someone posted that method on HN not too long ago. It's meant to increase
readability by helping the eyes distinguish one line of text from the next.
It's ugly and a tiny bit distracting at first but it really does work. Just
give it a try. I zipped through those 2 paragraphs really quickly. I think
it's Javascript based.

~~~
pja
It's based on this:
[http://www.beelinereader.com/](http://www.beelinereader.com/) by the looks of
things (there's a beeline.min.js script included at the bottom of the page).

It looks very weird, but I can believe that it might improve reading speed.

------
jlgaddis
What is the fascination with finding out the real identity of Satoshi? Mere
curiosity or ... ?

~~~
iwwr
We may soon see Satoshi on the Forbes list of billionaires. It'd be a
journalistic scoop.

------
neverminder
I wonder if someone actually considered the possibility that Satoshi Nakamoto
might not even be a single person?

~~~
bachback
very unlikely. all the code is written uniformly. all the posts carry one
style. it looks as if at the time there was only one person in the world who
was crazy enough to think this could actually work.

~~~
conformal
hi there. i'm the management behind btcd, an alternative full node bitcoin
implementation, and i can say that it is very unlikely the original code is
the product of a single person. additionally, the amount of work that must
have gone into testing and setting the myriad constants for bitcoin is huge,
far more than a single person is capable of in a few-year period.

i won't share all the magic but consider this: have you noticed how there are
big and little endian flips littered throughout the code, especially in the
script code? do you think that a single dev would just arbitrarily assign
endianness throughout the code, then have the script code be big endian?

~~~
betterunix
"do you think that a single dev would just arbitrarily assign endianness
throughout the code, then have the script code be big endian?"

I have seen crazier things. A single developer who works on the code a bit,
takes a break, then works on it a bit more can easily have switched
conventions.

