
Bitcoin: A Peer-to-Peer Electronic Cash System (2008) [pdf] - sova
https://bitcoin.org/bitcoin.pdf
======
joaobatalha
It truly is a wonderful paper. Lots of information in it. You don't need that
much background knowledge to understand it, but it can take a few reads to
wrap your mind around it.

I would suggest also taking a look at the annotated version of the whitepaper
on Fermat's Library:

\-
[https://fermatslibrary.com/s/bitcoin](https://fermatslibrary.com/s/bitcoin)

I wrote some of the annotations and tried as much as possible to make it so
that this annotated version would provide a motivated reader with all the
resources needed to truly understand the bitcoin protocol.

Michael Nielsen's blogpost about Bitcoin
([http://www.michaelnielsen.org/ddi/how-the-bitcoin-
protocol-a...](http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-
actually-works/)) is also a great read.

~~~
kharms
Wow, thanks for sharing that link to Fermat’s library. What an amazing
resource.

~~~
perseusprime11
Will it ever be possible to use AI/ML to identify Satoshi based on the writing
style of this original paper of bitcoin?

~~~
tuxxy
I think I remember seeing a medium article speculating that the NSA has done
this.

Found it: [https://medium.com/cryptomuse/how-the-nsa-caught-satoshi-
nak...](https://medium.com/cryptomuse/how-the-nsa-caught-satoshi-
nakamoto-868affcef595)

~~~
perseusprime11
Very interesting!

~~~
dajohnson89
that'd explain why he's missing

~~~
perseusprime11
Do we know if Satoshi lurks around hacker news and is having a chuckle reading
the comments here?

~~~
sova
A fellow coder can dream.

------
superquest
I didn't read the whitepaper for years because I assumed I wouldn't understand
it.

When I finally (recently) did I was dumbstruck by its simplicity.

This was a big lesson for me: I should always at least try to understand these
big ideas even if deep understanding will probably elude me.

~~~
Frogolocalypse
That is the beauty of it. It is only eight pages long, but fundamentally
changes the concept of money.

The only thing that people should recognize is that it doesn't really try to
explain the game theory behind it. It is a technical paper. When it all sinks
in, it becomes clear that it is pure genius, but that certainly took me a
while to grasp.

~~~
betterunix2
"That is the beauty of it. It is only eight pages long, but fundamentally
changes the concept of money."

Not really; it only serves to validate the beliefs of people who already
agreed with the basic premise that money is something that can exist without
central authority. That view was already common long before the Bitcoin paper.
Plenty of libertarians believe that money is an emergent phenomenon of free
markets, something which arises on its own as the market converges on a common
currency as its medium of exchange.

On the other hand, if you are aligned with the mainstream of economics, the
entire premise of the paper is easily dismissed. In that view, money can never
be separated from banks, the paper is basically nonsense.

~~~
Frogolocalypse
What it did, was it made it possible to create a decentralized store of value
without the need of a central authority. And that has definitely made people
question their understanding of what money even is.

~~~
betterunix2
Not really. Anyone who is confident in the mainstream view of money, which
requires the existence of a bank or government of some kind, would quickly
dismiss Bitcoin. If I cannot pay my taxes or mortgage with it, why should I
accept it?

(And of course, if I can pay my taxes and mortgage, how can anyone claim to
have removed the central authority from money? Just like the gold standard,
nothing would prevent a government from changing its mind about whether or not
to accept Bitcoin for tax payments.)

Like I said, if you already believe that money can exist without a central
authority, Bitcoin simply serves as validation. Otherwise it does not really
change anything, because if you accept mainstream views of money, then the
premise of Bitcoin makes no sense at all.

You think Bitcoin is a decentralized store of value? Tell that to all those
people whining about the Mtgox bankruptcy proceeding, which is being resolved
by paying for the lost BTC according to the price in Yen _at the time Mtgox
declared bankruptcy_ which is a tiny fraction of the current prices. When push
comes to shove the "value" being stored is measured in fiat currency, with all
its associated central authorities.

~~~
sumedh
> Tell that to all those people whining about the Mtgox bankruptcy proceeding

Not sure what your point is, dollars(cash) can be stolen as well.

~~~
betterunix2
The context: MtGox is currently going through a bankruptcy proceeding in
Japan. The complaint right now is that the creditors i.e. people who had
accounts with positive BTC balances when MtGox declared bankruptcy will be
repaid in JPY, according to the price of their BTC balance when MtGox declared
bankruptcy in 2014. Since then, the value of BTC has obviously increased quite
a lot, so much so that MtGox can actually use its remaining BTC assets to
repay those creditors, leaving plenty of BTC to pay the shareholders.

In other words, even if you think Bitcoin acts as a "store of value," that
still does not make it "money" according to the law. You can have 1BTC or
100BTC, but the law is only concerned with the monetary (i.e. fiat currency)
value at some particular time (not necessarily right now).

~~~
Frogolocalypse
Ergo : Don't trust banks.

~~~
betterunix2
...the same would apply if I had promised to pay you in BTC and then failed to
make that payment. This is not really about trusting banks.

~~~
Frogolocalypse
Actually it is.

------
hug0
Surely, if 1000 people own 40% of a currency which had evangelical aims to
service 7.5 billion people, then it is impossible to call it decentralised...
Add this to the obvious fact that the vast majority of new bitcoins mined are
from china, which due to the scale of processing power now has a monopoly due
to capital barriers. The conclusion is... great experiment, but as in all
deliberate implementations of social ,political, or economic theory. The real
world is a very different beast to one man's view from a desk. I feel sorry
for any new uneducated investors getting in now. This has become nothing more
than a pyramid scheme that adds no value whatsoever to the world. Not
cryptocurrency as an idea, but bitcoin's current iteration and implementation.

~~~
lawn
> Surely, if 1000 people own 40% of a currency which had evangelical aims to
> service 7.5 billion people, then it is impossible to call it
> decentralised...

Decentralized can have many meanings. What is important is that you can
transact with anyone without a third party having any say. For that 99% of all
coins could be in the hands of a single person as long as there would be
enough left for others to use.

> Add this to the obvious fact that the vast majority of new bitcoins mined
> are from china, which due to the scale of processing power now has a
> monopoly due to capital barriers

As long as they do not collude to destroy or disrupt the network it has no
relevance at all.

> This has become nothing more than a pyramid scheme that adds no value
> whatsoever to the world. Not cryptocurrency as an idea, but bitcoin's
> current iteration and implementation.

As Bitcoin is practically useless due to high fees and congestion, I agree.
But not because the reasons you gave.

~~~
hug0
> Decentralized can have many meanings. What is important is that you can
> transact with anyone without a third party having any say.

I understand the premise of decentralised transactions, it's just that if the
value of the currency can be manipulated by small group, it is not removing
the need for trust, just shifting it...

> As long as they do not collude to destroy or disrupt the network it has no
> relevance at all.

I thought the point of decentralisation was to remove the need to trust
others...

> As Bitcoin is practically useless due to high fees and congestion, I agree.
> But not because the reasons you gave.

AGREE! 7tps vs Visas 4,000tps with a peak capacity of 56,000 tps...

~~~
lawn
> it's just that if the value of the currency can be manipulated by small
> group, it is not removing the need for trust, just shifting it...

I think there's different aspects to "manipulated".

Large holders or exchanges can always manipulate the price, this is true for
cryptocurrencies, the stock market and other things as well. Cryptocurrencies
is however much less mature and more easily manipulated, but I foresee it to
stabilize in the years to come.

If we're thinking of the miners to manipulate the coin I think the real genius
of Bitcoin is they are heavily incentivized not to. All miners are heavily
invested in Bitcoin's success so it's in their best interest not to destroy
Bitcoin's value.

> I thought the point of decentralisation was to remove the need to trust
> others...

To be clear: what miners can do if they collude is try to revert transactions
or block new transactions. If this happens it would be obvious and Bitcoin's
value would be severely damaged.

There is trust yes, but it's more trust in the incentives behind Bitcoin than
to specific miners themselves.

------
jancsika
Equally elucidating are the responses on the Cryptography List from other
cryptographers[1], plus the responses a few months later when Bitcoin 0.1 was
released[2].

You can pretty easily tell which cryptographers read the whitepaper and which
ones did not. :)

[1]:
[http://www.metzdowd.com/pipermail/cryptography/2008-October/...](http://www.metzdowd.com/pipermail/cryptography/2008-October/thread.html)

[2]:
[http://www.metzdowd.com/pipermail/cryptography/2009-January/...](http://www.metzdowd.com/pipermail/cryptography/2009-January/thread.html)

~~~
Lxr
> I made the proof-of-work difficulty ridiculously easy to start with, so for
> a little while in the beginning a typical PC will be able to generate coins
> in just a few hours.

If only I had given up “just a few hours” back in 2009...

~~~
betterunix2
...and held the coins until today. Or maybe next year it will be worth 10x
more.

Put another way, if you had sold your desktop and invested all the proceeds in
Amazon stock in 1997, and held that stock until now, you would have a 66000%
return; basically you would have become a millionaire by now. Of course you
would have had to held those shares through two big market crashes and the
recessions that followed.

On the other hand, how could anyone have known that 20 years ago Amazon was
going to be the winner? You might have invested all the proceeds in some
company that did not survive the dot-com crash. Likewise, in 2009 most people
doubted Bitcoin; even today there is plenty of doubt about the long-term
prospects. There is no point in kicking yourself over a failure to invest in a
big winner, especially when that winner defies all the wisdom on valuations.

~~~
tCfD
Brin and Page themselves tried to sell Google to excite.com for less than $1MM
in 1997. Luckily for them they got turned down. Hal Finney stopped mining
coins after it started overheating his PC too often. Would he have done this
if he believed each 50 coin block would someday be worth over half a million
bucks? I think that would justify buying a second desktop or perhaps a better
cooling fan.

Nobody knows what the future fortunes of any venture will be, anyone who
claims to have known the future success of Bitcoin all along is lying, or they
would have sold their blood and worldly possessions to snag as many coins as
humanly possible in anticipation.

------
2bitencryption
I love reading papers that solve fundamental, well-known problems.

They frequently seem so obvious after-the-fact, like "how did we miss this?"
Like, here, stated in just a few pages, is an idea that so many smart people
have been chasing after for years. And it's presented so well that it seems
intuitive, when in reality it was a very difficult challenge.

~~~
garmaine
> "how did we miss this?"

If anyone is wondering, the answer is that the academics had blinders on in
their search for a cryptographic solution to the problem of decentralized
transaction ordering, an impossible thing. Satoshi's solution is to accept
that impossibility and use economic incentives to achieve eventual consensus
instead, and it turns out eventual consensus is good enough.

~~~
nhaehnle
I doubt that that's the one true answer. If I had been researching the topic
at the time, I would have accepted eventual consensus. As somebody who has
done research into algorithms, the reason why I would have disregarded
Bitcoin's approach is that it's inherently terribly inefficient.

~~~
garmaine
Many cryptographic protocols are much less efficient. I asserted that only as
someone who was in that space an personally knows the people who were doing
research on this in the 90’s and 00’s. Nearly all effort was focused on
finding a solution that had finality of settlement guarantees.

There was also some work on hashcash money, but it made the economically naive
and inaccurate assumption that value of the currency must be linked to the
cost of production, which is also explicitly not the case in bitcoin.

------
cwyers
The document is littered with references to CPUs, including the phrase "one
CPU one vote." I think a Bitcoin where CPUs were doing the blockchain
processing would be much different that the current one dominated by farms of
dedicated hardware. I don't know if it would be better, but I think this is a
pretty stark reminder that Bitcoin is not behaving as intended.

~~~
the_real_sparky
This has turned into an interesting question since some coins now are
specifically designed to be resistant to ASICs. The downside for those coins
is that botnets or general purpose hardware (that can be purchased or rented
for an attack and then resold for other uses later) are a serious threat to
the network. A potential benefit for Bitcoin is that the network may actually
be more secure with custom ASICS because the people investing millions into
developing the custom hardware stand to lose everything if they attack or
seriously harm the network. That equipment would be useless for any other
purpose, and that same dominating hardware makes the Bitcoin network immune to
attack from general purpose hardware.

~~~
cwyers
If you need a relatively small handful of people to control the ecosystem to
make it secure from large numbers of decentralized users, then _what the heck
do you need Bitcoin for?_

~~~
the_real_sparky
I think that the mistake here is believing that the miners control the
network, when most likely the miners simply work for the decentralized
network. When the miners become centralized there is little they can do that
the users/nodes can’t unwind with a software update, even up to the point of
firing those miners completely if necessary (changing the proof of work so
that their current hardware is worthless). I think that long-term the
incentives are aligned for them to simply do their job.

------
cryptodogemoon
Satoshi's mining/minting algorithm is manipulative by design.

Less computational energy and the least amount if users produced the most
coins (for minimal external capital input).

Satoshi could have used a linear curve anticipating network growth matching
minting and computational increase, but instead choose to exploit late
adopters.

Early adopters will attempt to psychologically exploit new users by selling
their asset for more than the cost of production and acquisition.

This has directly created the situation where utility is not in use but in
exploitation of passing the hot potato to greater fools.

ecash should not exploit new users.

~~~
cyphunk
do you have examples of any cryptocurrencies that introduce such a curve. the
centralization of wealth problem is serious.

------
gtrubetskoy
A bit of trivia: the word(s) "block chain" never mentioned in the paper.

------
shripadk
It still baffles me that the Nobel Prize for Economics was not awarded to
Satoshi Nakamoto albeit a pseudonym for real person/people.

~~~
TheCowboy
Because creating the blockchain hasn't yet been shown to have either advanced
the field of the study of economics, or increased our understanding of
economics. It is often years later that economists are awarded.

Giving an award for Bitcoin right now would seem more like giving an award to
the financial institutions that created securitized loan products before the
housing crisis. Right now it seems more like a novelty technology that hasn't
yet made itself relevant for long-term innovation except to generate
excitement about it.

And you underestimate that you still can't give someone an award who does not
exist to receive it.

~~~
shripadk
What you said makes sense.

> And you underestimate that you still can't give someone an award who does
> not exist to receive it.

Which is what baffles me. I thought we should be honouring ideas and the
people who created/discovered them (whether or not they exist to receive the
award). It's weird that people get more precedence over ideas. What's worse is
that the prize isn't awarded posthumously as well!

------
apo
This paper packs an enormous idea into a tiny package. It's worth reading -
and re-reading.

If you've studied electronic cash systems and/or cryptographic systems before,
the paper is quite easy to read. Otherwise it's a challenge. At least that's
what I found.

Here's a companion article that fills in some of the blanks.

[https://bitzuma.com/posts/how-bitcoin-works/](https://bitzuma.com/posts/how-
bitcoin-works/)

------
maerF0x0
This should be required reading, along with a test, before anyone is allowed
to buy/"invest" in them.

~~~
pfisch
Do you know how a fridge works? How about an airplane? How about how to make
steel? How to sew a shirt? How to drill and process oil to make gasoline?
Every level of the internet stack? How to program hardware drivers? How to
farm everything you eat?

Do you see how stupid what you are saying is yet?

~~~
jamespitts
I'd argue that we should read the White Paper for any of these technologies
before investing in them in their infancy :)

~~~
ryanobjc
Is bitcoin in it's infancy?

You have CBOE offering futures on it. The prez of JPMC pro bitcoin. You have
so many exchanges.

This ain't the era of mtgox, $10m pizzas and running your own full bitcoin
node and joining a mining pool.

Bitcoin is out of it's infancy.

~~~
FabHK
> The prez of JPMC pro bitcoin.

Jamie Dimon, CEO of JP Morgan, famously called Bitcoin "a fraud" that "won't
end well" and is "worse than tulip bulbs."

You must be thinking of something/someone else?

[https://www.bloomberg.com/news/articles/2017-09-12/jpmorgan-...](https://www.bloomberg.com/news/articles/2017-09-12/jpmorgan-
s-ceo-says-he-d-fire-traders-who-bet-on-fraud-bitcoin)

------
sillysaurus3
How can we stop Bitcoin?

If Bitcoin wins, we'll become subservient to an algorithm we have no incentive
to change.

It will only take a few more 10x increases before people stop smiling at this
possibility. The time to plan for subverting Bitcoin is now, not later.

I'm deeply concerned about the potential of Bitcoin to become a financial
black hole. I've written about this twice before:

[https://news.ycombinator.com/item?id=15867483](https://news.ycombinator.com/item?id=15867483)

[https://news.ycombinator.com/item?id=15864248](https://news.ycombinator.com/item?id=15864248)

The discussion was interesting, but not useful. We need plans, and we need
them now, while there may still be time to do something about it.

The central question: If the entire resources of all world governments were
brought to bear on the task of destroying Bitcoin, what would be the most
effective way to do this?

I can't think of anything, and no one else has been able to either. Satoshi's
email is prescient:
[http://satoshi.nakamotoinstitute.org/emails/cryptography/4/](http://satoshi.nakamotoinstitute.org/emails/cryptography/4/)

\--

 _> [Lengthy exposition of vulnerability of a systm to use-of-force
>monopolies ellided.] > >You will not find a solution to political problems in
cryptography.

Yes, but we can win a major battle in the arms race and gain a new territory
of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled
networks like Napster, but pure P2P networks like Gnutella and Tor seem to be
holding their own.

Satoshi_

\--

Why should you worry? I've articulated some of the concerns here:
[https://news.ycombinator.com/item?id=15867841](https://news.ycombinator.com/item?id=15867841)

Ultimately, it may be hopeless to try to solve this. But I can't shake the
feeling that we're staring at a 0.1% chance of life as we know it changing
forever. We will lose all monetary controls.

Doomsday prophecies have a long and sordid history, but the dinosaurs only had
to look up at the sky at the right time to see theirs approaching. And, like
the meteor, Bitcoin keeps growing bigger and brighter.

Look at [https://i.imgur.com/h0giZzF.jpg](https://i.imgur.com/h0giZzF.jpg) We
won't be able to deal with cases like the 2008 crash. If the basis of the
worlds' wealth becomes crypto, what will we do?

Madness of Crowds is worth reading: [https://vantagepointtrading.com/wp-
content/uploads/2010/05/C...](https://vantagepointtrading.com/wp-
content/uploads/2010/05/Charles_Mackay-
Extraordinary_Popular_Delusions_and_the_Madness_of_Crowds.pdf)

 _It was now that the frenzy of speculating began to seize upon the nation.
Law 's bank had effected so much good, that any promises for the future which
he thought proper to make were readily believed. The Regent every day
conferred new privileges upon the fortunate projector. The bank obtained the
monopoly of the sale of tobacco; the sole right of refinage of gold and
silver, and was finally erected into the Royal Bank of France. Amid the
intoxication of success, both Law and the Regent forgot the maxim so loudly
proclaimed by the former, that a banker deserved death who made issues of
paper without the necessary funds to provide for them. As soon as the bank,
from a private, became a public institution, the Regent caused a fabrication
of notes to the amount of one thousand millions of livres. This was the first
departure from sound principles, and one for which Law is not justly
blameable. While the affairs of the bank were under his control, the issues
had never exceeded sixty millions. Whether Law opposed the inordinate increase
is not known, but as it took place as soon as the bank was made a royal
establishment, it is but fair to lay the blame of the change of system upon
the Regent._

~~~
sixdimensional
Sometimes, I sincerely wonder if the true point of releasing Bitcoin to the
wild anonymously was because the creator had a strong hunch on what would
happen and how the example of Bitcoin would in one fell swoop both serve as
example of the fallacy of our current currency systems, as well as
simultaneously challenge them, and become this kind of black hole you speak
of.

Why else would the creator remain anonymous, unless they were truly a good
Samaritan or feared for their safety. This feels like an experiment and an
example as much as anything.

I suspect there is much more to this story than we know, but who knows, that
could just be the conspiracy theorist in me talking!

~~~
wolco
It is an experiment.

------
pimmen
The white paper is very approachable, and Bitcoins is a technical marvel. My
big problem with Bitcoins has nothing to do with blockchains, trust or even
security. All of that looks great. My problem with Bitcoin is simply that it’s
a deflationary currency, and can only ever be a deflationary currency.

Prove me wrong by spending, lending or investing your Bitcoins.

------
DavidShares
OP should probably link to another source for the original Bitcoin white
paper, for example
[https://bitcoin.com/bitcoin.pdf](https://bitcoin.com/bitcoin.pdf)

The reason being is that the owners of Bitcoin.org are actively trying to
rewrite the white paper even against the larger community’s wishes. I believe
sometime in the near future the owners will go ahead with their plans anyways
as they seem to do that when it comes to other issues too.

Ref:

[https://github.com/bitcoin-dot-
org/bitcoin.org/issues/1904#i...](https://github.com/bitcoin-dot-
org/bitcoin.org/issues/1904#issuecomment-342973983)

[https://github.com/bitcoin-dot-
org/bitcoin.org/issues/1325](https://github.com/bitcoin-dot-
org/bitcoin.org/issues/1325)

~~~
statoshi
The linked whitepaper is the original, which is what matters for the purpose
of this post.

------
cyrildorsaz
It will never work.

~~~
qsucvatz
It's all hinged on SHA-256 and RIPEMD-160 being good cryptographic hashes, and
ECC being a good digital signature. Crazy town.

~~~
comboy
Maybe actually take a look at the paper.

SHA-256 could be more broken than SHA-1 and it would still serve perfectly
well for mining.

If you don't reuse addresses then even if ECDSA is broken then your coins are
still safe. And ECDSA being broken is pretty much the darkest scenario. In
which case it can simply be replaced with something else starting at specific
block.

RIPEMD-160 just hides your public key.

~~~
garmaine
> SHA-256 could be more broken than SHA-1 and it would still serve perfectly
> well for mining.

Sure, but the block header only commits to the double-SHA256 hash tree of
transactions. If SHA-2 was broken I could create a single block header that
commits to two different valid histories, allowing arbitrary double-spends and
irreconcilable divergent views of the network.

Not to mention being able to spend anyone's coins by finding alternate pub
keys or hashes that collide with their committed p2pkh or p2sh outputs.

I'd say that's pretty broken.

~~~
comboy
Transactions follow very specific binary format. I don't think it's even
plausible that you could find collision within those constraints. Plus, as you
said it is double hashed. So then you would have to find collision within
small fixed amount 32 bytes. It's just not happening.

Regarding the second one, google bitcoin address collision, it was repeated so
many times with great analogies that I'm not going to try to do it here yet
another time.

~~~
garmaine
The post I was responding to was the exact hypothetical “if SHA-2 were
broken...”

All arguments about collision and preimage resistance are based on the
assumption of SHA-2 doing what we think it does. A catastrophic break of SHA-2
would destroy the bitcoin ledger.

------
m3kw9
I still don’t get how if I start trying a proof of work, and someone faster
than me finishes the same proof of Work first, I would never mine a single
bitcoin? Is that even the right question?

~~~
dan_mctree
There's no continuous project you're working on. It's just getting a lot of
chances of winning the lottery. If someone finishes before you, you just
slightly alter the number you're searching for and continue on. You're also
not really working towards the same thing. Your solution probably includes you
sending the blockreward to yourself and their solution includes them sending
it to themselves too, on top of that you may also choose other secondary
transactions. The chosen transactions influence the number you need to find.

It does happen that two blocks are found at nearly the same time, before
adjustments can be made. In those cases one of the two ends up getting
'orphaned', it's relatively rare compared to normal blocks though.

------
the_real_sparky
I’d be interested in everyone else’s opinion about the odds that Bitcoin
becomes an asset class to rival gold (say at least $2T market cap vs the $8T
gold currently is). Right now I’m guessing 20%. Those odds still make the
current price a positive expected value (since the 1/5 future has such a
handsome payoff), but with a 4/5 chance of failure it wouldn’t be very smart
to do this with more than a few percent of net worth. Thoughts?

------
fartnuggs
Bitcoin Cash follows this paper much more to a tee than Segwit Coin.

Back to low fees, on chain scaling, and the future of p2p cash!

------
cyphunk
rest in peace, hal finney

------
scottnyc
I view this paper with both love and hate. I think it's technically brilliant
and fascinating, and at the same time incredibly naive and will do far more
harm than good in this world.

While a trust free payment mechanism sounds wonderful, this implementation
cannot succeed in the real world. In my mind proof-of-work is already an
ecological disaster. As long as the price of bitcoin goes up, there is an
incentive for miners to commit more energy and resources - yet those resources
do not increase productivity. Whether there is 1 transaction or 200k,
Megawatts are wasted to mine that block. I doubt 99% of people getting into
Bitcoin have a remote understanding of how this works. This concerns me far
more than the threat of upending governments - my biggest fear is in fact that
governments will instead choose to adopt this technology because they would
love the ability to track the history of every transaction.

While there are several proposed solutions to many of bitcoins weaknesses, we
live in the real world, and the real world goes where the money is. While
bitcoin is decentralized in design, in reality, it is controlled by a few
mining factions who ultimately control what code enhancements get adopted and
how the game is played. Why would they want to increase the block-size, when a
smaller block will lead to greater fees? Running a full node is getting
expensive, and soon, only the deep pockets will be left to guard.

People will never get bitcoin. It's simply too confusing for the average
person. The user experience is a disaster. You're telling me once I buy
bitcoin, I'm supposed to transfer it to a hardware wallet? What's a hardware
wallet? Wait, so if I accidentally am off by one character in the address I
sent money too it's gone forever? There's no one I can call? Bitcoin should
never have been any more than just a novelty for the technically inclined, or
a technology used for something other than a currency. It's why I can't stand
Coinbase - they are lining up the naive (and greedy) masses into the
slaughterhouse.

I have non-technical friends who do not understand that their bitcoin is not
backed by anything. They do not understand that the money they put in, was
immediately taken out by someone else, and that the price of bitcoin is just a
funny number. The $XXX billion dollar market cap is fiction. Owning a bitcoin
does not give you claim to the output of some productive asset like a stock
would. Unfortunately, history tells us we're in the early innings. The real
dumb money is just getting in the door. But when the music stops, and the
evangelists have squeezed enough out of this lemon, that funny number will go
back to zero. And a lot of people who couldn't afford it will get really hurt.

I'm confident that I could be making a killing in bitcoin right now. But it's
not about the money for me - my conscience just keeps saying stay away. I
really hope either I've completely got it wrong or bitcoin just dies soon.

~~~
nmj
You managed to cram so much wrong into a post it's unbelievable. Let's start
with your 'off by one' address scare tactic. Bitcoin addresses contain a
built-in check code, so it's generally not possible to send Bitcoins to a
mistyped address.

[https://en.bitcoin.it/wiki/Address](https://en.bitcoin.it/wiki/Address)

Ecological concerns? A global, nacent value exchange system uses a little more
than the total electricity of holiday lights. In fact many miners use cheap
unused energy that would be otherwise costly to build infrastructure to sell
normally.

[https://icenter.co/chinese-hydroelectric-crackdown-herald-
de...](https://icenter.co/chinese-hydroelectric-crackdown-herald-demise-cheap-
bitcoin-mining/)

Too confusing? Seems familiar. Here's a video from 1994 with some talk show
hosts confused about 'internet'. Just watch this, please.

[https://www.youtube.com/watch?v=UlJku_CSyNg](https://www.youtube.com/watch?v=UlJku_CSyNg)

~~~
scottnyc
Fair on the first point (thank you, good to learn). Still doesn't make me feel
better if I send something to the wrong (yet) valid address that I have no
recourse to fix that. Or if I lose my key there is no institution who would be
there to help me.

Hydro may be cheap for now, but does that make it okay? If Bitcoin keeps going
up, at some point we'll exhaust those more convenient resources. The
comparison to holiday lights is misleading because I never said that wasn't
bad for the environment either. I'm not sure I can trust a site like
icenter.co given it appears pro-bitcoin, but many people are analyzing the
environmental impact of bitcoin and it's not negligible and only growing.
You're right, it's nascent, and that's the scary part given how inefficient it
is.

I stand by too confusing, especially when it comes to financial products. Try
to explain proof-of-work to a non-technical person in less than 30 minutes.
Explain hard-forks, segwit2, lightning network, double-spend, network attacks,
and why the recommendation is to never leave your bitcoin on an exchange.

Our current system of money and banking isn't great, but this is not an
improvement.

Edit: Now you've sent me down this other rabbit whole of educating myself on
China's Hydro power. China's overbuilding of Dams may be in itself be a big
problem (methane release, destruction of biodiversity, 300k deaths). I'd hate
for Bitcoins popularity to contribute to the demand side of this equation.

~~~
ryanwaggoner
Average person on the street knows almost literally nothing about how money of
any kind works. They don’t understand fractional reserve banking, marginal
taxation, compound interest, present / future value of money, marginal
utility, double entry bookkeeping, annuities, amortization, dividend yields,
etc, etc, etc. It’s exactly the same with technology and cars and on and on.
Seriously, people do not get it. And yet the systems mostly work. We’re
actually pretty good at taking complicated things and making them usable. Do
you think people have the foggiest idea what happens under the hood with Apple
Pay? There’s no way that the future of mass market cc will look anything like
it does now.

From where I stand, there is zero reason that crypto-currency couldn’t be the
backbone of all money in a few decades. It’s starting to feel inevitable.

------
jeandejean
If only it could have stayed a great idea instead of becoming a huge carbon
emitter fueled by people naked greed...

------
fartnuggs
Hats off to CSW/Kleiman/?/Finney for what they did. They opened pandoras box.
No going back now.

------
bitcoin2017
Keep in mind that the 'bitcoin.org' is now controlled by infamous 'Theymos',
who is known for the 7000BTC scam and became anti-Bitcoin since 2014.

So it's highly risky to cite Bitcoin White Paper from this site, if you wanna
read untampered version.

------
tait
I feel like I’ve seen this before. Could it be a repost?

------
polock
Paper which is changing the world. Beautiful indeed.

------
martin1975
Nice work, David Chaum!

~~~
jacquesm
If David Chaum were to release something like bitcoin it would only be after
filing a few hundred patents, re-working it every time _just_ before release
and making partnerships with every commercial entity under the sun.

------
zerostar07
this will never work

------
Frogolocalypse
It is also important to understand in technical terms what a 'peer' is in
bitcoin. A peer is a node, which is a client that validates all transactions
and blocks in the blockchain. It is this understanding which forces people to
respect the resource requirements of nodes, because any reduction in nodes is
a reduction in peers. Any increase in resources requirements must be carefully
planned and implemented to ensure the security of the network is maintained.

~~~
dpkp
This seems incorrect. Isn't a node a process on the network that is mining
blocks? It does not seem as if a process that simply reads blocks but does not
add any hashrate is participating in the network as I understand it.

~~~
Frogolocalypse
> Isn't a node a process on the network that is mining blocks?

No. It is only the validation that is important, because it is only the
validation that ensures that consensus is maintained between nodes, and valid
transactions can be included in the blockchain. Nodes even define the
algorithm that miners must use in order to produce valid blocks.

There has been a hard education for people over the past year that have
carried an incomplete understanding of how bitcoin works, and that has been
encouraged by centralized companies that are attempting to wrest control of
bitcoin away from its nodes. There have been four wildly unsuccessful hostile
fork attempts (XT/Classic/BU/2x), and two in which alt-coins were forked
(BCH/BGLD) from bitcoin in order to attempt to convince people to use their
alt-coin instead of bitcoin. All of these attempts have been failures, because
all of these attempts have not understood how bitcoin works, and the fact that
nodes are the peers in bitcoin, and they police and enforce consensus.

~~~
dpkp
I guess I just have never found support for that in the nakamoto paper. You
obviously have strong feelings about it, and I'm not trying to provoke an
argument. I just still don't understand where in the paper there is any
discussion of non-mining nodes. The only place I can find mention of nodes
that are not working on constructing new blocks on the network is in Section 8
re: the simplified verification protocol.

~~~
tfha
I believe the original intention was that all nodes would be mining nodes, and
that there would be tens of thousands, or even hundreds of thousands.

I believe in 2008 Satoshi did not understand the full implications of ASICs or
economies of scale. (S)he probably didn't even realize that ASICs existed.

Regardless of the whitepaper, in our modern cyberscape the only way to be
certain that the original rules (21m coins, can only spend your own money,
etc.) are followed is to be confident that a wide and deep pool of users are
verifying them. That is strictly at odds with heavy on-chain scaling.

~~~
unlimitless
I'll just leave this here...

[http://satoshi.nakamotoinstitute.org/emails/cryptography/2/](http://satoshi.nakamotoinstitute.org/emails/cryptography/2/)

"At first, most users would run network nodes, but as the network grows beyond
a certain point, it would be left more and more to specialists with server
farms of specialized hardware. A server farm would only need to have one node
on the network and the rest of the LAN connects with that one node."

Satoshi was well aware of specialized hardware. If the majority of the planet
were using bitcoin, it would not be necessary for every user to be a node. It
would still be plenty "wide and deep" if businesses were running it. The
security of SPV is actually quite good.

[http://satoshi.nakamotoinstitute.org/posts/bitcointalk/188/](http://satoshi.nakamotoinstitute.org/posts/bitcointalk/188/)

"I anticipate there will never be more than 100K nodes, probably less. It will
reach an equilibrium where it's not worth it for more nodes to join in. The
rest will be lightweight clients, which could be millions.

At equilibrium size, many nodes will be server farms with one or two network
nodes that feed the rest of the farm over a LAN."

[http://satoshi.nakamotoinstitute.org/posts/bitcointalk/287/](http://satoshi.nakamotoinstitute.org/posts/bitcointalk/287/)

"The current system where every user is a network node is not the intended
configuration for large scale. That would be like every Usenet user runs their
own NNTP server. The design supports letting users just be users. The more
burden it is to run a node, the fewer nodes there will be. Those few nodes
will be big server farms. The rest will be client nodes that only do
transactions and don't generate."

------
paulgerhardt
Well this is an exceptionally cute idea, but there is absolutely no way that
anyone is going to have any faith in this currency.

~~~
Frogolocalypse
Reality seems to disagree with you.

~~~
paulgerhardt
[https://news.ycombinator.com/item?id=599852](https://news.ycombinator.com/item?id=599852)

~~~
meri_dian
Beautiful

------
curyous
Be careful of linking to the whitepaper on the bitcoin.org site, they have
contemplated changing it in the past.

Best to link to the one on bitcoin.com:
[https://www.bitcoin.com/bitcoin.pdf](https://www.bitcoin.com/bitcoin.pdf)

~~~
Veratyr
The content is exactly the same:

> curl
> '[https://www.bitcoin.com/bitcoin.pdf'](https://www.bitcoin.com/bitcoin.pdf')
> | md5

d56d71ecadf2137be09d8b1d35c6c042

> curl [https://bitcoin.org/bitcoin.pdf](https://bitcoin.org/bitcoin.pdf) |
> md5

d56d71ecadf2137be09d8b1d35c6c042

Of the two organizations, .org seems far more trustworthy.

[https://www.bitcoin.com/about-us](https://www.bitcoin.com/about-us): "Please
keep in mind that this is a commercial website"

[https://bitcoin.org/en/about-us](https://bitcoin.org/en/about-us):
"Bitcoin.org was originally registered and owned by Bitcoin's first two
developers, Satoshi Nakamoto and Martti Malmi. When Nakamoto left the project,
he gave ownership of the domain to additional people, separate from the
Bitcoin developers, to spread responsibility and prevent any one person or
group from easily gaining control over the Bitcoin project."

~~~
ryebit
Satoshi Nakamoto even disclaimed that bitcoin.com was "unrelated", and that
he/she/they registered bitcoin.org as the site they using to publish
information.

[https://bitcointalk.org/index.php?topic=88.msg806#msg806](https://bitcointalk.org/index.php?topic=88.msg806#msg806)

------
dabeeeenster
My theory is that this paper was written either by the Israelis or the
Iranians. Just a hunch. Any takers?

Anyone think a single person could be behind it? I personally dont think so...

~~~
aviv
“Satoshi Nakamoto”…

Samsung and Toshiba together makes —- Satoshi

Nakamichi and Motorola together makes —- Nakamoto

Seen this one before on reddit somewhere.

~~~
nemothekid
Satoshi is a regular Japanese name - don’t think it a portamanteu (ex.
Director Satoshi Kon)

