I'm disappointed that the article doesn't point out that this is really a nice, round, negative 10 BTC if you work out the overflow (in satoshis).
> The rapid implementation of the patch was vital in keeping Bitcoin a viable cryptocurrency. 184 billion Bitcoin would have devalued the currency completely, leaving it at the mercy of the person holding the newly-minted Bitcoin.
It would have become worthless, sure, but I imagine that other people would have also just gone around creating additional batches of 184 billion BTC and driving the project into the ground, rather than letting one person walk off with effectively the entire thing.
skizm · 22h ago
Could all the large centralized mining pools (ghash and the like) plus exchanges like coinbase and binance blacklist or burn the 184B BTC? Didn't ethereum do something similar to revere a $600M "hack" a while ago?
zahlman · 18h ago
What they actually did sounds a lot easier to me.
osigurdson · 15h ago
>> It took just five hours before a “soft fork” was rolled out
This is the dumb part about today's crypto imo. It is just a type of consensus among humans. People like to say its "all math" or some fundamental property of nature but that isn't true at all. It is a constant in a text file + people agreeing on its value. I.e. if a sufficient number of people agree that "we're bumping it up to 1 billion now", that is how many there would be. The argument really is how much better is this mechanism than other stores of value? Fiat currency is also a number where some people are given a magic wand to make more of it up on the spot. Gold is something that you either store in your house and hope that it is real or have someone else store it for you (or pretend to store it). Real estate is fine until the city / government decides that you don't own the title anymore. Basically it is a comparison of one absurd mechanism vs other absurd ones but perhaps Bitcoin is less absurd in the final analysis.
wagwang · 14h ago
Some arbitraries are better than other arbitraries. For bitcoin, you'd need 50% of supply to arbitrarily make decisions which is a pretty high threshold, and for all its faults, there hasn't been any egregious soft forks on bitcoin for almost 20 yrs.
woah · 14h ago
That's not how Bitcoin works at all. No amount of the supply (or hashpower) can let you make arbitrary decisions.
Having 50+% of the hashpower could let you double spend by mining on two forks in parallel, but it will never let you change the rules of the protocol, since these are defined on clients run by many people.
In fact that is what happened in the article. Someone realized there was a problem, got everyone to change their clients, and it changed. The first person to notice the bug did not need to hold any Bitcoin at all to make this change.
osigurdson · 14h ago
Right but some number of humans can collectively decided to change literally anything about Bitcoin. It isn't some fundamental constant of nature. The question really is who are the humans that could actually decide this, what are their incentives, what would make them decide to change it? If only you and I are running the original Bitcoin code then it isn't really Bitcoin. "Real" Bitcoin is a function of human decisions and has fundamentally very little to do with the code. Purchasing Bitcoin is simply a decision to trust this group of humans.
woah · 8h ago
This group of humans is anyone else who decides to run the same version of Bitcoin as you
osigurdson · 8h ago
Yes, but who actually decides? I doubt it is as egalitarian as it seems. Perhaps to put it in monetary terms, how much money would be required to incentivize this group to double the number of Bitcoin? Would $999T be sufficient?
npoc · 1h ago
If anyone creates a different bitcoin version with double the number of bitcoins, that new network would be worthless.
Not only would no-one have confidence that the same thing wouldnt happen again, but the value of the bitcoin in this new version would be half that of the old system. No one who holds bitcoin (the people who count here) would agree to use the new version. It would be dead in the water.
Even if it did manage to gain traction (which it wouldn't), the people still using the old version would prevail due to their use of harder money, just as bitcoiners are prevailing over fiat-holders.
It's like trying to change the text of the bible - something of that order of difficulty but still much, much harder due to the enormous incentives to carry on using the previous harder version.
tripplyons · 13h ago
There is nothing wrong with having 50% of the supply. The protection is based on the distribution of hashing power. An attacker with 51% of the hashing power can double spend, but cannot "arbitrarily make decisions".
HaZeust · 14h ago
>"egregious soft forks on bitcoin for almost 20 yrs."
What?? Are we just going to forget about BTC, BCH and BSV? Same thing happened with Ethereum too - with Ethereum (ETH) and Ethereum Classic (ETC).
tripplyons · 13h ago
Those are hard forks, which require validators to run different code.
yieldcrv · 8h ago
It’s a dumb PvP game that you can try to beat! But so is everyone else! Now nation states are competing against each other and the private sector!
Bitcoin is a mind virus that’s working. It co-opts human minds and synthetics to support itself. If you understood that perspective, you would have contributed to its growth earlier, others get it later.
mNovak · 17h ago
>> That Satoshi himself intervened, and did so so quickly, showed that Bitcoin was not as easily hackable as some might have assumed
I don't know if this is the central takeaway I get from this. Moreso it shows Bitcoin dodged a bullet, in that there was still a central figure or group with enough clout to roll back and fork the chain.
npoc · 1h ago
Even if it was caught by the bullet, the weakness would then have been fixed and the network eventually grown again in its new robust form. The people that knew this would have bought more bitcoin in the price crash and ultimately be heavily rewarded for keeping faith in the system.
You can't hold down superior money.
pimlottc · 18h ago
I’m surprised they don’t spend more time taking about the “soft fork” that voided the coins. For all the talk about the immutability of bitcoin transactions, it’s worth mentioning that things were once a lot more fluid.
kragen · 15h ago
I think orphaned blocks still happen regularly? Although blockchain.com's graph drops to 0 in August 02017, I think that might just be a bug in their metrics collection.
zaphirplane · 1d ago
At today’s price that’s … like … err more zeros than I’ve got fingers
FatalLogic · 1d ago
I think it's US$21.7 trillion? That's now about 15% of the total global money supply.
So, it's good that the transaction was undone, or 15% of our planet would now be owned by some hacker.
(To be real: if they had not undone the transaction immediately, then the price of Bitcoin would have collapsed, and probably that would have been the end of Bitcoin)
LikesPwsh · 1d ago
At a certain scale, face value is meaningless and all that matters is liquidity.
$21tn in bitcoin isn't going to get you any more money than $1tn would.
daveguy · 18h ago
Yup, good point. Another flaw along with software and compute that no one seems to pay attention to. When the Bitcoin bubble pops everyone trying to squeeze through a few transactions is going to identify the actual worth of Bitcoin.
infthi · 11h ago
Hackers could have redistributed their coins to the existing wallets in the same ratio their balances were at the time of attack, keeping some coins (say, 1/21) to themselves as a reward. The outcome would've been: the hackers become owners of 1/21 of all bitcoins ever; Satoshi either keeps his 1/21 or is left with 1/184000 (depends on the implementation); everyone else sees their balance increase 20k times overnight. bitcoin/fiat exchange rate drops the same 20k times, so noone has lost any fiat value. Block rewards immediately become essentially worthless; mining becomes 100% fee powered.
Imo not great, not terrible.
willis936 · 1d ago
(And maybe that wouldn't have been so bad)
lcnPylGDnU4H9OF · 15h ago
Quadrillion, not trillion. ~200 billion * ~100 thousand = ~20 quadrillion. So, about 15,000% of the global money supply. (I had to look it up in case BTC actually lost 99.9% of its value and I just missed the news.)
gsky · 23h ago
If code is the law, hackers will rule the world
anonfordays · 17h ago
I've never come across this quote. It is useful, thank you!
Kinrany · 22h ago
The price of Bitcoin would be way different if that much of it existed
pickledoyster · 1d ago
>15% of our planet would now be owned by some hacker
why? It's not like btc has anywhere near the trade volume for 15% of global money supply.
FatalLogic · 1d ago
>(To be real: if they had not undone the transaction immediately, then the price of Bitcoin would have collapsed, and probably that would have been the end of Bitcoin)
Yes, Bitcoin does not have sufficient trade volume, and it was a joke anyway. Bitcoin would probably not have survived even one more month in 2010, if there were 184 billion new "fake" bitcoins added in the mix.
Even ignoring all the problems about the Bitcoin software being proven to be seriously broken, those 184 billion extra bitcoins meant that every other Bitcoin was suddenly worth about $0.0000000000000001
pickledoyster · 1d ago
apologies, the joke went over my head
anupj · 1d ago
The 184 billion BTC overflow bug is a reminder that even “immutable” code is only as trustworthy as its review process. The real miracle isn’t that a bug happened, but that Satoshi patched it in hours and the network agreed to roll back. Decentralization is great, but consensus is everything
vbezhenar · 1d ago
As long as there's singular entity which leads the changes to the protocol, there's no decentralization.
Salgat · 18h ago
BTC has occasionally obtained community driven patches by distributed consensus rather than a centralized approach (as recently as 2021 with the Taproot soft fork). When Quantum Computing finally becomes a threat to BTC, there will almost certainly be a distributed consensus to update the protocol again. Now what happened with Ethereum could be argued as not so decentralized since the organization (Ethereum Foundation) has extremely strong political influence over the corporations that support it.
clysm · 14h ago
I really hate the “someone will certainly solve this problem!” mentality.
You can’t just magically update the protocol to work around the ability of someone to break elliptic curve cryptography. That not how this works. It’s not how any of this works.
greyface- · 14h ago
> You can’t [...] update the protocol to work around the ability of someone to break elliptic curve cryptography
How would you protect all the old stuck or stale BTC wallets that used the original crypto? An awful lot of cold-stored or presumed-lost BTC would be hard or impossible to migrate to post-quantum protection, no? A quarter of mined BTC? Half?
More of an economic than technical puzzle these days. But wouldn't you need users to protect their wallets post-fork?
KetoManx64 · 8h ago
You tell people that value their bitcoin to migrate to new wallets. Bitcoin is self sovereignty and self-ownership. You are responsible for securing your own wallet.
The bitcoin that has been lost doesn't matter, because it's lost. That becomes fair game to whoever can find the computational resources to crack the cryptography of the wallets to get to it. At that point BTC will probably be $500k-$1M in price, and it might just be the driving force behind mainstream adoption of quantum computing.
yieldcrv · 8h ago
You… can.
Once people catch wind of bitcoin being moved from secure places, nodes will cease processing transactions, quantum capable thieves will be frozen
Network will upgrade if it hasnt already, nodes will only process transactions on the network with the most other nodes
They might even resume from a few block back. No different than branching from an old commit
If this doesnt match your philosophy of legitimacy, you can try continuing in the orphanage chain and get other nodes to join you. May the longest chain win!
This has all been theorized before and has subsequently happened before and the resolution has given confidence to attract more capital.
hyghjiyhu · 1d ago
Your critique is valid but outdated. This happened way back in 2010. Satoshi disappeared a long time ago now.
There are still influential people, but none with the authority of Satoshi himself.
wslh · 22h ago
Bitcoin (et al) is/are not fully decentralized in the sense that a core development team actively maintains and proposes changes, even minimal ones. While it's true that major updates require broad consensus and may be rejected by nodes if controversial, we should acknowledge that certain points of centralization exist, particularly around development and decision making. These often overlooked aspects now carry more financial consequences, especially as Bitcoin becomes more intertwined with regulated financial instruments and political power.
For example, now, many L2s around Bitcoin are fully depending , and influencing on a future change: enabling again the OP_CAT opcode [1].
Bitcoin can be forked, and in fact has been. You didn't mention mining centralization, which is another avenue.
dennnis · 21h ago
One of the biggest points of failure I can see happening is self hosted node packaged software services like umbrel. Where they are just updating your node for you.
joshstrange · 23h ago
See also, the DAO hack.
whatsupdog · 15h ago
What Ethereum did after DAO was way more sinister. At least with the Bitcoin "roll-back" there were no transactions reversed. The miners just got together and started mining from a previous point in the Blockchain, and eventually the new chain had more work done and was validly accepted by even outdated nodes. Ethereum just went ahead and added this to their protocol: "ummm this transaction stands reversed, you don't need to verify signature for this particular transaction". This blot will stay in the protocol for ever.
jowea · 23h ago
Yeah that's a great example. I think sometimes people take "code is law" too seriously, when it is clear to me the code is just a deterministic way to form a consensus that works 99% of the time and the other 1% you get forking.
FabHK · 18h ago
Indeed. Permissionless blockchain is much less of a technological innovation, but more of a governance innovation, specifically an accountability sink, where instead of a named entity (corporation, institution, person) being in charge, you have this amorphous blob in charge that does come together if its interests are affected (this 184 bn Bitcoin bug, the DAO hack, etc.), but otherwise even in the presence of heinous crimes shrugs and says: "who, me? what can I do?"
I don't understand why that's so attractive to so many participants - possibly because the enormous negative externalities of such a thing more often than not don't fall on themselves, but other, more vulnerable people.
(Not always though: when 200 Bitcoin were stolen from ultra-libertarian Bitcoin developer Luke Dashjr, he came crying for help from the bad bad centralized FBI rather quickly...)
exe34 · 1d ago
Leading doesn't mean coercion. Leadership in decentralization implies consent.
LegionMammal978 · 23h ago
Comsent by whom? In most "decentralized governance" projects I've heard about, all you need is for the holders of 51% of the tokens to agree, and the holders of the other 49% have no recourse but to leave.
fouc · 23h ago
with bitcoin isn't it more about 51% of the compute rather than 51% of the token?
Geee · 21h ago
No, that's completely different thing. Mining power only "decides" about the blocks in the blockchain. 51% is only relevant in the context of taking over the blockchain by 51% attack.
Software versions and updates require social / economic consensus and have nothing to do with mining power. Bitcoin is open-source protocol / software and everyone can use whichever version they like. But there's also economic incentives to use the most used version and to make sure that it will keep being the most used version, i.e. forks are bad and should be avoided, therefore it's in everyone's interest to reach consensus.
daveguy · 18h ago
So there are two different places that a coup against bitcoin could occur? Processing and Software.
With something like 45% of processing controlled by entities in Iran, China, and Russia, it seems like an absolute fools game to put any significant wealth in Bitcoin. All it would take is a significantly effective worm to destroy bitcoin. But hypers gonna hype.
You couldn't pay me to hold a Bitcoin.
mathiaspoint · 16h ago
It's the same as any currency. If the place you want to spend it only accepts currency y then you must trade for currency y to spend money there.
Since Bitcoin is software anyone can fork it and create a currency y with the same ledger up to the fork but few people do because convincing other people to trade for it without a very strong argument is hard.
drexlspivey · 15h ago
What do you think "Iran" can do if they controlled 51% of processing power?
daveguy · 13h ago
Double spend any bitcoins in their possession?
Or just announce and prove that they are doing it, thereby causing a run on bitcoin and all the other bozobucks.
LegionMammal978 · 22h ago
Yes, but I was talking about "decentralized leadership" in all the projects following Bitcoin, which often use 51% of stake instead of 51% of mining capacity, under the social theory that the biggest stakeholders will be the most invested in the outcome of the project.
MichaelZuo · 22h ago
Those with at least 51% of the sustained hash power can already redefine “Bitcoin” to be whatever they want… At any time whatsoever? (assuming they stay cohesive enough as a bloc)
So this seems like a pointless distinction.
olalonde · 21h ago
That statement is a bit misleading. The damage an attacker can do through a 51% attack is much more limited than that. It allows an attacker to censor transactions or perform double spends, but it does not allow them to "redefine Bitcoin" (e.g. change consensus rules, arbitrarily reassign coins, etc.).
MichaelZuo · 11h ago
Why can’t such a bloc for example rename Bitcoin to Buttcoin?
olalonde · 9h ago
Anyone can do that, it doesn't require 51% of the hash power. And it's already been done hundreds, if not thousands, of times (the more technical term for them is "shitcoin").
Retric · 21h ago
51% hashing power doesn’t prevent forks. Including forks to 51% of the token systems.
That’s the thing people thing of crypto coins as math, but they’re still a social construct.
londons_explore · 13h ago
> and the network agreed to roll back
Is there a tiny community of a couple of nodes running the original network?
pards · 1d ago
Just like the Ethereum fork in 2016 [0]. Before then, the battle cries of the crypto advocates were:
- Blockchains are immutable!
- The code is the law!
...until someone exploited a code defect and took the founders' money, then they re-write history and ignored the hypocrisy.
> ...until someone exploited a code defect and took the founders' money, then they re-write history and ignored the hypocrisy.
Not everybody agreed - and so the Ethereum Classic blockchain was created, causing all the problems that go hand in hand with having different, forked blockchains:
That's different because in Bitcoin's case there was a clear violation of the specification, of how it supposed to work. So the bug was fixed to make the software working as it intended to be. If there were two node implementations then one would just stop to work until fixed.
In Ethereum's case there were no violation of any specification. In fact there were no bug in the blockchain itself. Just someone took founder's money, they didn't like it and so they decided to get them back. And note that after that, there were bugs in the nodes code that were breaking the spec (which you should compare to the bitcoin's bug), but because of multiple node implementations only some of the nodes stopped and so we don't care about those issues.
mrweasel · 18h ago
That's probably more important than worrying about bugs in the code. There will be bugs, the concern is what are the rules for rectifying the damage done by those bugs. Plus, where do I go to appeal if I disagree with the decision?
Dylan16807 · 16h ago
> ignored the hypocrisy
You don't need to exaggerate so strongly.
bravesoul2 · 23h ago
Powers gonna power
nivertech · 1d ago
It’s based on a social consensus only, the rest (Nakamoto Consensus, PoW, longest chain, difficulty adjustment, block halving, artificial limited supply, decentralization, censorship-resistant P2P network, open source, etc.) is a combination of a Rube Goldberg machine & crypto bros LARPing.
aleph_minus_one · 1d ago
I halfway disagree:
There is a huge scientific merit of the algorithms for reaching a distributed consensus when not all participants can be trusted (including the fact that the Bitcoin paper uses game theory to give evidence why malicious entities attempting to create another fork will by the mere design of the algorithms have a hard time).
What is, of course, social consensus are some aspects about what it "socially" means that there exists this concrete consensus in the blockchain. By the design of the protocol and its data structures, there do exist boundaries concerning possible "social interpretations" of this consensus, but a lot of aspects are up to different interpretations.
FabHK · 18h ago
> There is a huge scientific merit of the algorithms for reaching a distributed consensus when not all participants can be trusted
Not quite. Distributed consensus had been solved in the 1980's theoretically and the 1990's practically, even in the presence of byzantine nodes. What Nakamoto consensus was first in was to extend this to the permissionless setting (at enormous expense & inefficiency, and with no benefits, in my view; though enabling large scale rule breaking or "censorship resistance", which some see as a benefit).
Bitcoin didn’t solved a forkability and finality problems. Blockchain (or more properly hashchain) is a linked list of hashpointers, and since anyone can create a hashpointer pointing to the head of the hashchain - it means anyone can fork it. And indeed Bitcoin was forked multiple times, and the solution to forks was almost always either centralized and/or social.
IMO PBFT consensus algos have a niche applications anyway, and not required for Electronic Cash implementation, only for decentralized and/or disintermediated Systems-of-Record, but that’s a complete opposite of bearer instruments like electronic cash.
bravesoul2 · 23h ago
Bitcoin is the OG Birkin Handbag. Valuable for the story. People compete to own a bit of it for that. You can create your own Bitcoin clone and own all of it! But no story, no value.
aleph_minus_one · 22h ago
> You can create your own Bitcoin clone and own all of it!
That is what I wrote:
> What is, of course, social consensus are some aspects about what it "socially" means that there exists this concrete consensus in the blockchain.
In your private Bitcoin clone, such a consensus has a "socially much more boring" interpretation.
bravesoul2 · 5h ago
I'm not disagreeing though. Just adding.
guappa · 23h ago
> There is a huge scientific merit of the algorithms for reaching a distributed consensus when not all participants can be trusted
Yes, they existed a long time ago and aren't wasteful as a way to generate "value".
aleph_minus_one · 22h ago
> Yes, they existed a long time ago and aren't wasteful as a way to generate "value".
Can you give me a literature reference for such a result, because this claim surprises me.
Of course Merkle trees existed long before - but they are just "cryptographically signed data structures", and thus don't solve the distributed consensus problem.
Of course eCash existed long before - but it depended on some central authority.
Of course distributed consensus algorithms existed long before - but they depended on the fact that all participants are trustable.
Thus, in my opinion Satoshi Nakamoto indeed made a really important scientific contribution for a quite specific algorithmic problem.
FabHK · 18h ago
> Of course distributed consensus algorithms existed long before - but they depended on the fact that all participants are trustable.
No. They depended on the fact that all participants were known (in other words, the permissioned setting). Among those known ones, some (less than n/3) could go bonkers, all the way byzantine, and the honest nodes would still be guaranteed to find consensus (with consistency and availability).
tliltocatl · 1d ago
Yes, but no. The Rube Goldberg of PoW isn't just for show, it's a protection from Sybil attack (not that it makes the economics of it any less of a disaster).
nivertech · 23h ago
You cherry picked one thing from the list, and even there made a mistake.
In Bitcoin PoW used as a method for leader election of the node composing the list of validated transactions on the ledger (aka block), or even an empty list of transactions (aka Nakamoto-style Consensus).
But without all the Rube Goldbergian nonsense it’s simply an illegal/unlicensed lottery where the participants pay with electricity for the right to earn records on the longest chain (aka UTXO with mining block rewards).
FabHK · 18h ago
> You cherry picked one thing from the list, and even there made a mistake.
Not quite. Nakamoto consensus is PoW + LCR, and the PoW part is for Sybil resistance, and the LCR part is for consensus.
nivertech · 18h ago
he wrote
> The Rube Goldberg of PoW isn't just for show, it's a protection from Sybil attack
he cherry picked PoW
no, Nakamoto-style consensus is not the same thing as PoW, or even PoW+LCR, not even the same thing as Bitcoin consensus.
Nakamoto-style consensus simply means that we're doing a leader election, and the leader does the transaction validation (aka mining a block in Bitcoin-speak).
The novelty of Nakamoto-style consensus is how we're doing this leader election, i.e. using PoW, PoW+LCR, PoS, PoET, PoA, Proof-of-X, etc.
Ajedi32 · 16h ago
That "rube goldberg machine" is what makes social consensus possible in a distributed system where everyone is anonymous and there's no single centralized authority.
olalonde · 23h ago
Seems someone missed the boat...
nivertech · 23h ago
Nocoiners cannot understand Bitcoin?
olalonde · 23h ago
Some do and have reasonable criticism, but you are just mixing up concepts and sound pretty bitter - hence my assumption.
nivertech · 22h ago
show me at least one so-called "bitter" example from my posts
I have been researching crypto for over a decade. And I would be glad if I was corrected if I was wrong, instead of receiving personal remarks
olalonde · 22h ago
> Show a single so called “bitter” example from my posts
"crypto bros LARPing". "it’s simply an illegal/unlicensed lottery"
> And I would be happy to be corrected if I made a mistake, instead of getting personal remarks.
How could it? PBFT is an algorithm, not a problem to be solved. Bitcoin is byzantine fault tolerant though.
> Bitcoin didn’t solved a forkability and finality problems.
There's no such thing as a "forkability problem" and Bitcoin solves finality through PoW.
> And indeed Bitcoin was forked multiple times, and the solution to forks was almost always either centralized and/or social.
That's wrong. The vast majority of forks are resolved algorithmically. There were only 2 or 3 unintentional hard forks in the early days that were due to bugs. This hasn't happened since 2013.
The only real "social" aspect of Bitcoin is what value people decide to assign to the coins.
nivertech · 20h ago
> "crypto bros LARPing"
I was at Bitcoin scene since 2011, I think that I can distinguish LARPing from the real thing. It's not me who created a dychotomy between fiat and crypto, between HODLers/coiners and noicoiners, between Traditional Finance and Crypro Finance, between CeFi and DeFi, between IPOs and ICOs, etc. Crypto always looked like a Pinoccio who want to become a "real boy".
> "it’s simply an illegal/unlicensed lottery"
yes, the PoW-based mining is litterally called a puzzle solving or a lottery. How do you call a game where everyone buys a ticket with electricity, but only one at a time wins a block reward?
> How could it? PBFT is an algorithm, not a problem to be solved. Bitcoin is byzantine fault tolerant though.
OK, BFT (not PBFT algo) is a class of problems with many proposed solutions, but none is good enough if you need scalability. Bitcoin is a partital solution under multiple constraints, even 1/3 of malicious nodes can undermine it. Internet backbone (BGP) should be trusted. Governments should allow it. etc.
> There's no such thing as a "forkability problem" and Bitcoin solves finality through PoW.
the on-chain Bitcoin transactions are never final. Everyone have their own heuristic how many blocks to count depending on the amount transacted. Protocol only defines how many blocks gamblers (miners) need to wait before they can spend their lottery winnings (block rewards).
> That's wrong. The vast majority of forks are resolved algorithmically. There were only 2 or 3 unintentional hard forks in the early days that were due to bugs. This hasn't happened since 2013.
There were many more than 2-3 both intentional and bugs, but why argue? Even 2-3 hard forks are enough to show that it's bad design. Forks should be impossible by design.
> The only real "social" aspect of Bitcoin is what value people decide to assign to the coins.
IMO there are many more social aspects here beside price discovery of UTXO records and social consensus. Bitcoin core governance, Mining centralization in China. Cypherpunks. LARPing.
olalonde · 19h ago
> Bitcoin is a partial solution under multiple constraints, even 1/3 of malicious nodes can undermine it. Internet backbone (BGP) should be trusted. Governments should allow it. etc.
This is wrong on multiple counts. Bitcoin's security model does not assume BGP is trustworthy, nor does it rely on government permission. And the claim that 1/3 malicious nodes can undermine it misapplies BFT theory. Bitcoin doesn't use a quorum-based consensus like PBFT, so thresholds like 1/3 aren't the relevant failure mode. Instead, the attack vector is hashrate-based, and even a 51% attack doesn't let you rewrite history arbitrarily, just temporarily reorder recent blocks.
> The on-chain Bitcoin transactions are never final.
This is misleading. Bitcoin finality is probabilistic, like nearly everything in cryptography. It's final in the same sense that cryptographic signatures are unforgeable: with extremely high probability. The six-confirmation rule of thumb reflects the difficulty of deep chain reorgs which have never exceeded two blocks in practice on Bitcoin mainnet.
> There were many more than 2-3 [hard forks]... even 2-3 are enough to show it's bad design.
This conflates implementation bugs with protocol design flaws. The forks were caused by programming errors, not bad design.
> Bitcoin is a lottery.
You could argue that Bitcoin mining is because it's is probabilistic and there's a reward. But unlike a lottery, it serves an important role: securing the Bitcoin network.
Honestly, your critique reads more like cope than a technical argument.
FabHK · 18h ago
> Bitcoin finality is probabilistic, like nearly everything in cryptography.
Yes, Bitcoin finality is probabilistic, and practically good enough after half a day or so (though 20 blocks were rolled back on at least 2 occasions).
However, many things in cryptography are not probabilistic. And in BFT-type consensus, every block is immediately final; the question of finality doesn't even arise (which is why the concept only gained prominence with Nakamoto consensus).
Regarding forks, there was BCH, BSV, etc. - those were not programming errors.
olalonde · 18h ago
> though 20 blocks were rolled back on at least 2 occasions
Do you mean because of the bugs mentioned earlier or during the normal course of operations? Curious to read more about that.
> Regarding forks, there was BCH, BSV, etc. - those were not programming errors.
That's a different kind of "fork" though and those are arguably not Bitcoin. They're basically just competing cryptocurrencies that happened to use an existing blockchain to get started.
nivertech · 17h ago
> those are arguably not Bitcoin
Q.E.D.
You proved it’s a social consensus
olalonde · 16h ago
Naming things is, indeed. The protocol is not.
freejazz · 15h ago
Incredibly pedantic, no less when this whole thing started with "seems like someone missed the boat"
olalonde · 9h ago
What's incredibly pedantic is insisting that Bitcoin is based on "social consensus." That’s only true in the most superficial or tautological sense - like saying anything people agree to use is based on "social consensus". It doesn't explain at all how the Bitcoin protocol actually achieves consensus (proof of work).
nivertech · 18h ago
1. 1/3 malicious nodes under some conditions and BGP
This is backed by academic papers. Ask google or GhatGPT. You may argue that these papers are wrong or outdated, but then you need to tell this to the researchers who wrote them, not to me.
2. finality is binary, probabilistic finality is an oxymoron
3. > This conflates implementation bugs with protocol design flaws.
there is no formal spec for Bitcoin, there is a short informal whitepaper and a reference C++ implementation. Anyway the paper named "Bitcoin: A Peer-to-Peer Electronic Cash System", and for this specific purpose design is flawed, without regards to bugs.
4. > Bitcoin is a lottery.
Now you're hallucinating quotes I never wrote.
> Honestly, your critique reads more like cope than a technical argument.*
can you show a specific example of the "cope"?
olalonde · 16h ago
> can you show a specific example of the "cope"?
Pretty much all your comments here amount to twisting definitions, misapplying technical concepts, and nitpicking in search of "gotchas." Not to mention all the "LARPing" comments. It screams how to cope with having missed out, which, to your credit, you more or less admitted.
nivertech · 16h ago
Saying everything is X is like saying nothing is X
So, you think that if I had BTC, it would’ve magically changed my views on how Bitcoin consensus works?
BTW: I think Scrum/Agile is also LARPing, do you think if I’ll get a Scrum Master certification it will change my views on Scrum?
> The rapid implementation of the patch was vital in keeping Bitcoin a viable cryptocurrency. 184 billion Bitcoin would have devalued the currency completely, leaving it at the mercy of the person holding the newly-minted Bitcoin.
It would have become worthless, sure, but I imagine that other people would have also just gone around creating additional batches of 184 billion BTC and driving the project into the ground, rather than letting one person walk off with effectively the entire thing.
This is the dumb part about today's crypto imo. It is just a type of consensus among humans. People like to say its "all math" or some fundamental property of nature but that isn't true at all. It is a constant in a text file + people agreeing on its value. I.e. if a sufficient number of people agree that "we're bumping it up to 1 billion now", that is how many there would be. The argument really is how much better is this mechanism than other stores of value? Fiat currency is also a number where some people are given a magic wand to make more of it up on the spot. Gold is something that you either store in your house and hope that it is real or have someone else store it for you (or pretend to store it). Real estate is fine until the city / government decides that you don't own the title anymore. Basically it is a comparison of one absurd mechanism vs other absurd ones but perhaps Bitcoin is less absurd in the final analysis.
Having 50+% of the hashpower could let you double spend by mining on two forks in parallel, but it will never let you change the rules of the protocol, since these are defined on clients run by many people.
In fact that is what happened in the article. Someone realized there was a problem, got everyone to change their clients, and it changed. The first person to notice the bug did not need to hold any Bitcoin at all to make this change.
Not only would no-one have confidence that the same thing wouldnt happen again, but the value of the bitcoin in this new version would be half that of the old system. No one who holds bitcoin (the people who count here) would agree to use the new version. It would be dead in the water.
Even if it did manage to gain traction (which it wouldn't), the people still using the old version would prevail due to their use of harder money, just as bitcoiners are prevailing over fiat-holders.
It's like trying to change the text of the bible - something of that order of difficulty but still much, much harder due to the enormous incentives to carry on using the previous harder version.
What?? Are we just going to forget about BTC, BCH and BSV? Same thing happened with Ethereum too - with Ethereum (ETH) and Ethereum Classic (ETC).
Bitcoin is a mind virus that’s working. It co-opts human minds and synthetics to support itself. If you understood that perspective, you would have contributed to its growth earlier, others get it later.
I don't know if this is the central takeaway I get from this. Moreso it shows Bitcoin dodged a bullet, in that there was still a central figure or group with enough clout to roll back and fork the chain.
You can't hold down superior money.
So, it's good that the transaction was undone, or 15% of our planet would now be owned by some hacker.
(To be real: if they had not undone the transaction immediately, then the price of Bitcoin would have collapsed, and probably that would have been the end of Bitcoin)
$21tn in bitcoin isn't going to get you any more money than $1tn would.
Imo not great, not terrible.
why? It's not like btc has anywhere near the trade volume for 15% of global money supply.
Yes, Bitcoin does not have sufficient trade volume, and it was a joke anyway. Bitcoin would probably not have survived even one more month in 2010, if there were 184 billion new "fake" bitcoins added in the mix.
Even ignoring all the problems about the Bitcoin software being proven to be seriously broken, those 184 billion extra bitcoins meant that every other Bitcoin was suddenly worth about $0.0000000000000001
You can’t just magically update the protocol to work around the ability of someone to break elliptic curve cryptography. That not how this works. It’s not how any of this works.
Have you reviewed any of the proposals to do exactly that? https://bitcoinops.org/en/topics/quantum-resistance/
You agree on a post-quantum algorithm…
https://en.m.wikipedia.org/wiki/Post-quantum_cryptography
Then you update the protocol…
https://www.reddit.com/r/Bitcoin/comments/qth9ii/how_does_bi...
Right?
More of an economic than technical puzzle these days. But wouldn't you need users to protect their wallets post-fork?
The bitcoin that has been lost doesn't matter, because it's lost. That becomes fair game to whoever can find the computational resources to crack the cryptography of the wallets to get to it. At that point BTC will probably be $500k-$1M in price, and it might just be the driving force behind mainstream adoption of quantum computing.
Once people catch wind of bitcoin being moved from secure places, nodes will cease processing transactions, quantum capable thieves will be frozen
Network will upgrade if it hasnt already, nodes will only process transactions on the network with the most other nodes
They might even resume from a few block back. No different than branching from an old commit
If this doesnt match your philosophy of legitimacy, you can try continuing in the orphanage chain and get other nodes to join you. May the longest chain win!
This has all been theorized before and has subsequently happened before and the resolution has given confidence to attract more capital.
There are still influential people, but none with the authority of Satoshi himself.
For example, now, many L2s around Bitcoin are fully depending , and influencing on a future change: enabling again the OP_CAT opcode [1].
[1] https://github.com/sCrypt-Inc/awesome-op-cat
I don't understand why that's so attractive to so many participants - possibly because the enormous negative externalities of such a thing more often than not don't fall on themselves, but other, more vulnerable people.
(Not always though: when 200 Bitcoin were stolen from ultra-libertarian Bitcoin developer Luke Dashjr, he came crying for help from the bad bad centralized FBI rather quickly...)
Software versions and updates require social / economic consensus and have nothing to do with mining power. Bitcoin is open-source protocol / software and everyone can use whichever version they like. But there's also economic incentives to use the most used version and to make sure that it will keep being the most used version, i.e. forks are bad and should be avoided, therefore it's in everyone's interest to reach consensus.
With something like 45% of processing controlled by entities in Iran, China, and Russia, it seems like an absolute fools game to put any significant wealth in Bitcoin. All it would take is a significantly effective worm to destroy bitcoin. But hypers gonna hype.
You couldn't pay me to hold a Bitcoin.
Since Bitcoin is software anyone can fork it and create a currency y with the same ledger up to the fork but few people do because convincing other people to trade for it without a very strong argument is hard.
Or just announce and prove that they are doing it, thereby causing a run on bitcoin and all the other bozobucks.
So this seems like a pointless distinction.
That’s the thing people thing of crypto coins as math, but they’re still a social construct.
Is there a tiny community of a couple of nodes running the original network?
[0]: https://en.wikipedia.org/wiki/The_DAO
Not everybody agreed - and so the Ethereum Classic blockchain was created, causing all the problems that go hand in hand with having different, forked blockchains:
> https://en.wikipedia.org/wiki/Ethereum_Classic
In Ethereum's case there were no violation of any specification. In fact there were no bug in the blockchain itself. Just someone took founder's money, they didn't like it and so they decided to get them back. And note that after that, there were bugs in the nodes code that were breaking the spec (which you should compare to the bitcoin's bug), but because of multiple node implementations only some of the nodes stopped and so we don't care about those issues.
You don't need to exaggerate so strongly.
There is a huge scientific merit of the algorithms for reaching a distributed consensus when not all participants can be trusted (including the fact that the Bitcoin paper uses game theory to give evidence why malicious entities attempting to create another fork will by the mere design of the algorithms have a hard time).
What is, of course, social consensus are some aspects about what it "socially" means that there exists this concrete consensus in the blockchain. By the design of the protocol and its data structures, there do exist boundaries concerning possible "social interpretations" of this consensus, but a lot of aspects are up to different interpretations.
Not quite. Distributed consensus had been solved in the 1980's theoretically and the 1990's practically, even in the presence of byzantine nodes. What Nakamoto consensus was first in was to extend this to the permissionless setting (at enormous expense & inefficiency, and with no benefits, in my view; though enabling large scale rule breaking or "censorship resistance", which some see as a benefit).
Bitcoin didn’t solved a forkability and finality problems. Blockchain (or more properly hashchain) is a linked list of hashpointers, and since anyone can create a hashpointer pointing to the head of the hashchain - it means anyone can fork it. And indeed Bitcoin was forked multiple times, and the solution to forks was almost always either centralized and/or social.
IMO PBFT consensus algos have a niche applications anyway, and not required for Electronic Cash implementation, only for decentralized and/or disintermediated Systems-of-Record, but that’s a complete opposite of bearer instruments like electronic cash.
That is what I wrote:
> What is, of course, social consensus are some aspects about what it "socially" means that there exists this concrete consensus in the blockchain.
In your private Bitcoin clone, such a consensus has a "socially much more boring" interpretation.
Yes, they existed a long time ago and aren't wasteful as a way to generate "value".
Can you give me a literature reference for such a result, because this claim surprises me.
Of course Merkle trees existed long before - but they are just "cryptographically signed data structures", and thus don't solve the distributed consensus problem.
Of course eCash existed long before - but it depended on some central authority.
Of course distributed consensus algorithms existed long before - but they depended on the fact that all participants are trustable.
Thus, in my opinion Satoshi Nakamoto indeed made a really important scientific contribution for a quite specific algorithmic problem.
No. They depended on the fact that all participants were known (in other words, the permissioned setting). Among those known ones, some (less than n/3) could go bonkers, all the way byzantine, and the honest nodes would still be guaranteed to find consensus (with consistency and availability).
In Bitcoin PoW used as a method for leader election of the node composing the list of validated transactions on the ledger (aka block), or even an empty list of transactions (aka Nakamoto-style Consensus).
But without all the Rube Goldbergian nonsense it’s simply an illegal/unlicensed lottery where the participants pay with electricity for the right to earn records on the longest chain (aka UTXO with mining block rewards).
Not quite. Nakamoto consensus is PoW + LCR, and the PoW part is for Sybil resistance, and the LCR part is for consensus.
> The Rube Goldberg of PoW isn't just for show, it's a protection from Sybil attack
he cherry picked PoW
no, Nakamoto-style consensus is not the same thing as PoW, or even PoW+LCR, not even the same thing as Bitcoin consensus.
Nakamoto-style consensus simply means that we're doing a leader election, and the leader does the transaction validation (aka mining a block in Bitcoin-speak).
The novelty of Nakamoto-style consensus is how we're doing this leader election, i.e. using PoW, PoW+LCR, PoS, PoET, PoA, Proof-of-X, etc.
I have been researching crypto for over a decade. And I would be glad if I was corrected if I was wrong, instead of receiving personal remarks
"crypto bros LARPing". "it’s simply an illegal/unlicensed lottery"
> And I would be happy to be corrected if I made a mistake, instead of getting personal remarks.
Sure.
> Nakamoto Consensus didn’t solved a secure scalable PBFT (Practical Byzantine Fault Tolerant) Consensus.
How could it? PBFT is an algorithm, not a problem to be solved. Bitcoin is byzantine fault tolerant though.
> Bitcoin didn’t solved a forkability and finality problems.
There's no such thing as a "forkability problem" and Bitcoin solves finality through PoW.
> And indeed Bitcoin was forked multiple times, and the solution to forks was almost always either centralized and/or social.
That's wrong. The vast majority of forks are resolved algorithmically. There were only 2 or 3 unintentional hard forks in the early days that were due to bugs. This hasn't happened since 2013.
The only real "social" aspect of Bitcoin is what value people decide to assign to the coins.
I was at Bitcoin scene since 2011, I think that I can distinguish LARPing from the real thing. It's not me who created a dychotomy between fiat and crypto, between HODLers/coiners and noicoiners, between Traditional Finance and Crypro Finance, between CeFi and DeFi, between IPOs and ICOs, etc. Crypto always looked like a Pinoccio who want to become a "real boy".
> "it’s simply an illegal/unlicensed lottery"
yes, the PoW-based mining is litterally called a puzzle solving or a lottery. How do you call a game where everyone buys a ticket with electricity, but only one at a time wins a block reward?
> How could it? PBFT is an algorithm, not a problem to be solved. Bitcoin is byzantine fault tolerant though.
OK, BFT (not PBFT algo) is a class of problems with many proposed solutions, but none is good enough if you need scalability. Bitcoin is a partital solution under multiple constraints, even 1/3 of malicious nodes can undermine it. Internet backbone (BGP) should be trusted. Governments should allow it. etc.
> There's no such thing as a "forkability problem" and Bitcoin solves finality through PoW.
the on-chain Bitcoin transactions are never final. Everyone have their own heuristic how many blocks to count depending on the amount transacted. Protocol only defines how many blocks gamblers (miners) need to wait before they can spend their lottery winnings (block rewards).
> That's wrong. The vast majority of forks are resolved algorithmically. There were only 2 or 3 unintentional hard forks in the early days that were due to bugs. This hasn't happened since 2013.
There were many more than 2-3 both intentional and bugs, but why argue? Even 2-3 hard forks are enough to show that it's bad design. Forks should be impossible by design.
> The only real "social" aspect of Bitcoin is what value people decide to assign to the coins.
IMO there are many more social aspects here beside price discovery of UTXO records and social consensus. Bitcoin core governance, Mining centralization in China. Cypherpunks. LARPing.
This is wrong on multiple counts. Bitcoin's security model does not assume BGP is trustworthy, nor does it rely on government permission. And the claim that 1/3 malicious nodes can undermine it misapplies BFT theory. Bitcoin doesn't use a quorum-based consensus like PBFT, so thresholds like 1/3 aren't the relevant failure mode. Instead, the attack vector is hashrate-based, and even a 51% attack doesn't let you rewrite history arbitrarily, just temporarily reorder recent blocks.
> The on-chain Bitcoin transactions are never final.
This is misleading. Bitcoin finality is probabilistic, like nearly everything in cryptography. It's final in the same sense that cryptographic signatures are unforgeable: with extremely high probability. The six-confirmation rule of thumb reflects the difficulty of deep chain reorgs which have never exceeded two blocks in practice on Bitcoin mainnet.
> There were many more than 2-3 [hard forks]... even 2-3 are enough to show it's bad design.
This conflates implementation bugs with protocol design flaws. The forks were caused by programming errors, not bad design.
> Bitcoin is a lottery.
You could argue that Bitcoin mining is because it's is probabilistic and there's a reward. But unlike a lottery, it serves an important role: securing the Bitcoin network.
Honestly, your critique reads more like cope than a technical argument.
Yes, Bitcoin finality is probabilistic, and practically good enough after half a day or so (though 20 blocks were rolled back on at least 2 occasions).
However, many things in cryptography are not probabilistic. And in BFT-type consensus, every block is immediately final; the question of finality doesn't even arise (which is why the concept only gained prominence with Nakamoto consensus).
Regarding forks, there was BCH, BSV, etc. - those were not programming errors.
Do you mean because of the bugs mentioned earlier or during the normal course of operations? Curious to read more about that.
> Regarding forks, there was BCH, BSV, etc. - those were not programming errors.
That's a different kind of "fork" though and those are arguably not Bitcoin. They're basically just competing cryptocurrencies that happened to use an existing blockchain to get started.
Q.E.D.
You proved it’s a social consensus
This is backed by academic papers. Ask google or GhatGPT. You may argue that these papers are wrong or outdated, but then you need to tell this to the researchers who wrote them, not to me.
2. finality is binary, probabilistic finality is an oxymoron
3. > This conflates implementation bugs with protocol design flaws.
there is no formal spec for Bitcoin, there is a short informal whitepaper and a reference C++ implementation. Anyway the paper named "Bitcoin: A Peer-to-Peer Electronic Cash System", and for this specific purpose design is flawed, without regards to bugs.
4. > Bitcoin is a lottery.
Now you're hallucinating quotes I never wrote.
> Honestly, your critique reads more like cope than a technical argument.*
can you show a specific example of the "cope"?
Pretty much all your comments here amount to twisting definitions, misapplying technical concepts, and nitpicking in search of "gotchas." Not to mention all the "LARPing" comments. It screams how to cope with having missed out, which, to your credit, you more or less admitted.
So, you think that if I had BTC, it would’ve magically changed my views on how Bitcoin consensus works?
BTW: I think Scrum/Agile is also LARPing, do you think if I’ll get a Scrum Master certification it will change my views on Scrum?