I know that certain online casinos exist as U.S. companies and I want to know how they do it. I am a web developer as a hobby and I thought it would be a fun project to build a bitcoin bust game that I may try to monetize. From my research I know that online gambling is legal in a few states so would it be as a simple as checking for IP addresses and blocking any traffic coming from an illegal state OR notifying the user what they are doing is illegal and let them self moderate? Also I live in the United States. Thank you!
List of current UI/UX issues & possible QoL improvements (Megathread?)
As some of you know, I only make stupidly long posts and also like to humbly brag about being a software engineer with fairly decent experience in QA, automated testing and testing in general (6+ years a C# dev). This is my personal list of things that either make no sense, are unpleasant, incoherent, or could be improved. Please feel free to add to the list, I will come back and edit every day. Numbers are also here to help you quote & provide your own criticism. Note that is is done with the following optimization mindset, in order of importance :
Remove redundancy / incoherence
Reduce time spent in menus/inventory (out of raid)
Reduce number of clicks / interactions
As you can see I worked under the assumption that the average player wants to spend more time in raid rather than in inventory ; obviously this falls apart if that is not the case. To do that I try to improve time spent on searching / arranging things without creating unecessary automation or remove important/immersive aspects of the game, even in inventory. I also try to improve time spent clicking through various windows as currently a lot of them are done to be fast & easy to for the devs, not for the players. I want to emphasize that I'm okay with that. I know the importance of having sub-optimal navigation to help you find out what your better navigation is. I also know a complete rework is not always possible, that is why I made my list without changing too much of the menus as well as keeping the vibe/current feel of those menus. Keywords like should & could are used as intended ; since this is not a professional report I'm emphasizing here, the meaning of the word is important. Should means it is adding an improvement over an existing issue, could means it's a possible improvement but requires further investigation. Would means investigation was done and is just one possible outcome usually relevant within the context. Please note that most of us now are very used to the current UI/UX, which will generate two reactions: - "It's fine as it is because I can do it quite fast." - "I don't want it to change again, I'm used to it now." I cannot emphasize how unefficient it is to let those emotions get the best of you. UI/UX is the study of common sense & ease of use in an interface. You should never have to get used to anything, it should be fluid and intuitive. If you think you're fast now, that means it's possible to be slow. This is extremely bad for a UI/UX standpoint. Everybody should be able to navigate/understand the menus just as fast the 1st time than the 100th time (ideally). Keep this in mind when you read everything down here, because some stuff you probably won't like at first glance, but you will get used to it very fast, and you will gain a lot of time in the future, as well as new players.
Currently when in the workbench (and I think others? now I doubt), the list of craftable items appears to be random. The order should always be the same for consistency. Does not provide meaningful gameplay experience to have to "look for the recipe" every time.
4. Collecting crafts
Hideout stations could display the finished craft on top for easy collection of craft, or there could be a "Get Items" or "Receive All" elsewhere to avoid unecessary scrolling. This is uncessary if ongoing crafts are moved on top of the list, or if the list is autoscrolled to the ongoing craft. "Collect All" on station level is not the best idea. If you go in a station, it's probably better that you know what you're collecting. I suggest moving the relevant craft on top or auto scrolling and not adding "receive all" on station level, although it would be a good help. This should be investigated. Receive All or Get Items could be moved or added at the top or bottom of the window.
5. "Receive All" could exist at hideout level
The same way we "receive all" from a trader, it would be nice to "Receive all" from the hideout. Either in the form of a trader (in which we can receive all / pick manually from) or by instantly putting it in inventory. If there is enough space it just works. If there isn't, it displays an error like it already does. This is not mutually exclusive with the previous suggestion.
6. Display crafts readyness/collection
6.1 Hideout The current behaviour is partially coherent. You get notified when an item is sold, and you get notified when a craft is finished. You have a display notification "Attachment" style when a trader has something for you, and you should get a display notification "attachment" style when the hideout has something for you. Ideally, there should also be such notifications for currently unused station Receive all on the right, Nutrition unit has finished crafting and Lavatory is currently NOT crafting 6.2 Traders There should be a way of knowing if something is waiting in trader inventory on a global level (quest rewards, money, insurance, unsold market items returns), like the nofication. The "new item" notification could be always visible as long as items are in the trader inventories, compared to now where it disappears as soon as you either click it or visit the messenger. In this hypothesis, there could be a change of color in the notification to show that there are still item waiting including some that haven't been seen yet (to still fulfill the current role of the notification)
Note : CTA = Call to Action, it's the button your user will press 99.3% of the time. Example, in the launcher, it's the "Start Game". Clearly visible, easily accessible, highlighted, much bigger, and at a very common CTA spot. That one is great. Some others are not. 7.1. "Receive All" should not be displayed when there is nothing to receive. 7.2 "Get" in single transaction messages from Ragman could be removed. There is no reason to take single items from the window when you can receive it all at once. 7.3 A "group collect" Receive all action could be added when you click on the attachment notification, or as an extra action next to the notification (just like shown on the Hideout in figure 6.0) that would specifically collect all. it would loop through all conversations and collect all and dump at the top of stash, either until its finished or there is not enough room, in which case it displays an error. It could also work like the scav case and not pick up anything until you have room, and in that case you would go in the window manually and/or make room (like we do now). 7.3 The "Receive all" is at the bottom when most CTAs in the game is at the top (dealer tabs, market tabs, character sheet tabs, settings...). Save in the settings is at the bottom too. It is incoherent. It would make more sense to have all CTAs at the bottom and options/tabs/menus at the top. 7.4 The "DEAL" button in trader view is much smaller and less visible than the "Fill Item" checkbox. The CTA should be getting more attention than a setting. New players pretty much *never* see it first and look around the "Fill Item" with eyes & mouse. DEAL should be at the bottom in the current \"Fill Item\" box. Fill Items should be removed entirely. 7.5 Quests could be automatically accepted (no need for CTA). I don't see a reason why someone would not accept a quest. The only reason we're Accepting them now is to let the user know he has a new quest. There are other means of notifying players of new stuff : usually notifications. If not, that button should at least be more visible/highlighted. Every new player ( 100%! ) I coach does not see it at first and never looks at the right spot the first time. 7.6 "Insure All" is the most commonly used button in the insurance screen and could be emphasized more. Example 7.5
8. Remove "Fill Items"
The Fill Items to automatically fill the trader's requirements should be removed and set as the default behaviour. There is no need to fill items manually nor tell the game to do so.
9. Expire / Delete pending requests
Friend requests should be cancellable and could expire. Requests should not be stuck until another user acts on them. Right clicking the request could display a "Cancel" or "Delete" request button. Ideally, the cell should include a CTA on the right, as the only action I would ever do in a cell in this context is cancel. Opening a submenu with only 1 item means youshould notbe opening a submenu, but displaying a button where the user right clicked instead. I can only re-send a friend request to someone that already denied me. This is incoherent.
10. Market Rows
From my somewhat small sample (about 60 players), nobody uses the expand button on the top right of a cell (see below). I think everybody uses the right click on item instead. An expanded cell with context menu opened, and a collapsed cell The extra information available on the right is the exact same as a right click, but is hidden behind a left click. This is incoherent. The only difference is the profile picture that I only get from expanding, but currently we all have the same one. This would need to be investigated. This could be an improvement, displaying the CTA's immediately (although BUY is definitely way too small). Notice profile picture on the left 10.1 The expandable cell feature should be removed altogether, as the other options are available on right click. 10.2 The whole row should provide the same context menu (right click). 10.3 The "Send friend request" could be included in the row's context menu, or could be removed entirely, as right now most requests are missclicks. Adding the Send Friend Request at the bottom of the context menu on the row would reduce the amount of missclicks. 10.4 Left clicking should not open the context menu. This is mostly the reason behind missclick friend requests, people double clicking slightly off the item icon sending a friend request by mistake. Now I have 4 just because I was trying to make a screenshot. F's in the chat. This would be resolved with 10.2 and 10.3. 10.5 Barter items have a "Barter" icon that is redundant, the first and second column are completely irrelevant to the player. Example 10.5
11. Filtering search
11.1 "Filter by Item" should not filter the browse list. If you're writing a valid keyword in the search field it should display the correct suggestions. Filtering content is good, filtering suggestions is incoherent. 11.2 Filters could be cleared as soon as you type text in the search field. This would resolve 11.1 Example 11 11.3 "My Offers" could not be affected by filters, or could reset filters. It is more trouble to remove the filter manually every time rather than browsing through the offer list. Currently we never have more than ~10 offers at the same time for most players, which is okay to display without filter. 11.4 Filters should not overlap with other UI elements, they could be resized to fit or the expandable filter list could include more elements so the visible ones fit. Example 11.4 11.5 The Remember Selected Filter / Reset Filter is unclear. Looks great, feels weird, and should be investigated to be more useful.
12. Context Menu in player lobby
The current lobby with context menu open All players in this list are looking for a group, there is no need to write a status "Looking for group", it's redundant. The exception is friends, which 99.633...% of the time is the group i'm about to play with. Those are displayed on top. The only action we do on the list on this screen is the "Invite to group" context menu action. It's a CTA and should not be hidden in a context menu, especially if the context menu only has one option. Since recently it has two, but we'll come to that in a minute. 12.1 The invite CTA should be on the player cell itself. 12.2 The report action should not be the default one from the context menu 12.3 Since there could be only one item in the context menu according to 12.1, the report action could be on the cell as well. A low quality suggestion for 12.x
13. Trader Buy/Sell
Trader screen needs to be reworked. I won't provide a solution that doesn't completely change how everything looks/works as I stated at the start of the post. That being said this should be improved. Example 13.1 13.1 Buying UI should be reworked. When buying, the price of the item is already displayed on the item itself in the trader view. The price is also displayed a second time in the tooltip of the item if you mouse-over. The price is also displayed a third time in the barter area on the right of the image (middle of the screen in game). This is redundant. I understand the item on the right is the physical item "Roubles" in a stack that is paid, like a barter, but it does not need to be displayed a third time. 13.2 Quantity limit (red box in the image) could be shown in the tooltip ; most of the time people will hit "DEAL" until they get an error insted of actually reading the red box. 13.3 The red box looks like an error even when at 0/x, this is not intuitive. Limited items can be listed in different ways that are not so invasive. We could add "out of X" at the right side of the quantity box. 13.4 Barter item prices (if we assume 13.1) would need to also displayed differently. This needs to be investigated 13.5 Selling UI should be reworked Example 13.5 Currently selling an item still displays the full available items to BUY, this is incoherent. Especially from the "Sell" tab. The whole left side of the screen is wasted, and cannot be used. 13.6 Items on the left are not greyed out (even though I can't buy them), but items on the right are greyed out (because I can't sell them). This is incoherent. 13.7 Trader sell space should be infinite 13.8 Buy/Sell could be done in a single tab if the whole screen is reworked. There are different levels to this. An easy one I could think : "Trade" Tab instead of "Buy". Displays the same as the current "BUY" tab. If you ctrl+click an item from your stash, it instantly sells without confirmation. The second tab would be a "Buyback" where you can see what you sold in the current trade session. If you leave the screen your buyback is reset and items cannot be recovered. Another way would be to keep buybacks for the last X items. You would need to pay what you received to get back. The item would not lose it's FiR status. This preleminary and simplistic rework has issues, notably that you have to know to right click to sell. One way to fix that would be to make right click sell to trader instead of control click, but that would definitely make missclicks the first few days (and buyback would be mandatory). This could be investigated. 13.9 Currency exchange rates should be easily available in relevant areas (Peacekeeper, Therapist and flea market) for all currencies (Rouble, Euro, Dollar, Bitcoin)
Items should be boxables and moved around. At least to be dropped in boxes, ideally to be moved around freely. There is a limit of 20 images. 🤷♂ Example 14
15. Quest inventory
If you loot too many quest items in a raid, you can end up not being able to loot it. I assume this is by design and it is why you have limited quest item space. The quest inventory could be infinite if it's not by design to be limited. The quest inventory should be manageable. In my case i had a 1 slot item blocking me from taking the suitcase, I should have been allowed to move that 1 slot item to the top or to the right of my inventory, clearing a whole line and letting me take the case. Quest items could be stored in backpack (and resized) ; since you lose them on death it's not relevant to the players looting you or you dying and that issue would be gone. Storing it in your stash would also prevent you from losing it by going in raid with it by mistake. Taking it in raid or giving it to trader would be a volontary action. It also makes much more sense that way as other quest items (that are also usable items) work that way. Alright this ended up taking more time than my lunchbreak, and there is *much* more to write but for the time being I'll leave it at that and come tomorrow to add your suggestions or mine. See you in 24 hours.
STUDENTS DONT FUCK UP AND READ THIS. Especially newcomers.
STUDENTS. the reason u dont see many posts exposing scammers is the fact tht most students end up deleting their posts within a few hours after they get threatened to be exposed to their colleges. i have witnessed it first hand n it only takes a google search to see the evidence/ a day to observe the same pattern real time. Well, YOU might be next. so u better fucking pay attention to what u are about to read newbie. 1) payment. whatever u do, make sure ur payment is anonymous. - paypal is not anonymous unless u make a new account. even then, use something else. - use abine.com for a masked card. - use bitcoin. - dont click on any links anyone sends. - use vpn. - NEVER EVER communicate through email. discord is better. 2) school. don’t reveal ur college name. - whn u send a question, rephrase them n change the words. this means tht not only can they not google answers easily within the time limit u give, but they wont be sure which college u r from and it will be harder to threaten. this filters more scammers for ur own good. 3) questions - good English does not mean they r legit. many scammers have flawless grammar n even American slangs. - u MUST send them at LEAST 1 question to solve which solutions cant be googled. - some scammers who approach u will send u a solution for a question u havent asked. to u, u may think when u see his solution ("hey this solution looks legit, he must be legit") NO. - Just bc he sends u a solution he chooses to solve, does NOT mean in ANY WAY SHAPE OR FORM tht he is not a scammer. NO. u dont know. - be aware tht at this stage whn u r searching for help, ur judgement is clouded n u WANT to believe tht they r going 2 help u. be aware of ur clouded mind so tht u can be thorough n objective. - make sure YOU ask YOUR OWN questions which cant be googled elsewhere. - ONLY THEN should u continue the conversation. but still with vigilance n precaution. 4) pay as you go - in ur post, I suggest to always offer pay as u go. - only scammers will not be enthusiastic about ur offer. - a red fucking flag. real tutors are fine with pay as u go. - the second a tutor says “i wont do pay as u go bc I have gotten scammed before” they r a scam. tell me how does one get scammed with a pay-as-u-go system? do enlighten me. pay as u go serves both the payers n buyers best. logic. - so, the very second they attempt to oppose 'pay as you go' while discussing arrangements, leave the chat. u have spotted a filthy scammer in the wild my fellow friend. - Classic excuse “i need to study ur syllabus so u need to pay me half”NO. - YOU ladies n gents look for tutors WHO ALREADY KNOW ur syllabus. - altho be wary. many will still try to make u trust them by agreeing to 'pay as you go', only to threaten u to pay on the day of the exam“if u dont send in the money, i will not i wont send the paper” - when tht happens, delete ur chat receipts on discord n block the user. - bc i guarantee tht this scumbag not only does NOT HAVE UR PAPER but he is NOT ABLE to solve ur paper. the animal probably has not even graduated high school. - time is running out when tht happens on the day of the test. - ur best bet is urself, a smart friend, n post 'pay as u go' offer here on the subreddit. 5) ok. You have been scammed. What next? - DONT PAY.vanish completely. dont give them a chance to scare u. - but before u leave, remind them this, u paid them to do the paper n ucaneasily pay someone else find their real identities if they try to lay a finger on u. - there are many good people online who are willing to scam scammers for free. - this is a video of a hacker scamming a scammer. it brings me utmost joy i must say: youtube title: scammer FLIPS when i know his exact location. - if u already know ur scammers' identities, WARN them before they try to notify ur school. tht u will also be reporting their names to the national police, ur country n theirs, reddit, interpol, every ngo cybercrime units internationally. literally everywhereif they try something. - use vpn - dont be afraid my brothers n sisters. THEY WANT U to be afraid. DONT BE. - put up a fight. THEY DONT WANT YOU to fight back. SO FIGHT BACK. Like i said, DONT START a fight but warn them about what u will do. they should know tht if they throw a punch, they will have a bruised eye n a fractured hip the next second. FIGHT n dont hold back. - these scammers do not want any attention from any cybercrime units n hackers online who hack scammers who scam. they cannot report u to the school fully without exposing themselves, n they cant expose themselves as they are illegal. they will need to show evidence of your chats but at the same time relinquish all of their information as well. not ideal for a scamming team if u ask for my humble opinion. LASTLY, if u still have time to study, LEAVE. u can find urself a smart friend to help. tht is ur best bet. this place is a GAMBLE with ODDS NOT IN UR FAVOUR. trust urself n ALWAYS DOUBT these people NO MATTER WHAT. As for the good tutors: consider this, tutors, u lose only money when you get scammed. students not only lose money during a scam but are threatened to lose a place in their colleges in addition to failing the exam as scammers dont do the papers well, if at all. so dont comment about 'hard work' n how this will make ur job more difficult. students are being scammed here everyday and as decent human beings aware of what is going on, u should tell them "throw me a question now ill solve it within 10 minutes" or offer 'pay as u go'. build a business relationship from there. prove urself to win their trust. ALL U NEED TO UNDERSTAND IS THIS, students n tutors alike, tht the discrepancy between the risk a student is taking compared to tutor is vastly significant. the system is broken. by staying silent, u r allowing these monsters to plague and prey. students, tread lightly. u have lots to lose if u make 1 wrong move. Demand more proof, be more careful n dont be stupid for Christ's sake. tutors, simply just prove tht u are able to solve n accommodate. If u have been in this space for long and u know what is going on, u could always raise awareness. We are our brothers' keepers. note: i will not be replying comments or private messages.aint nobody got time fo dat. yall hold ur own discussion. my job in raising awareness is done. i will repost this from time to time so if u r not a scammer student/tutor, upvote to save potential students who have too much faith in humanity. to students like me, u have everything u need up there. like i said, this place is dangerous n everything can go south in a sec, its best if u focus on doing the paper urself nfind a smart friendwhom uknowntrust*. u can still score high tht way. maybe even higher.* if u still choose to find a stranger here to help- which istill insistfor you tonot*- make sure read everything above carefully.* As a last reminder to you students, check forreddit vouches*. check the* accounts behind those vouches*.* many of them are fake*. even with* perfect grammar*.* ALWAYS DOUBT.better safe than sorry. in regards to my previous post: i thought abt it. i understand how it was racist of me to point out tht the scammer is indian. i apologise. u r right. "so what if he is indian?" as if there r no scammers who r not indian. i apologise. i see u. at the same time. can someone enlighten those of us who cant grasp an understanding of y the indian gov is not doing anything abt the burgeoning scamming industry. look it up. its the capital of scams. surely, someone needs to take responsibility. wht can we do as a collective whole? indian citizens and non-indian citizens. is there anything we can do at all?
Frozen Bank Account for the past 2 years! Possible AFO.
Hello, I've had close to £40k locked in Santander for the past 2 years across 3 accounts, with no explanation as to why. One was for my business, one was a joint account with my wife and one was my wife's ISA. We've been unable to move money out since mid-August 2018. As you can imagine, it's been pretty stressful, but we've tried our best to find a resolution without taking on a solicitor at the moment. Some background - I ran a small brokerage for crypto-currencies, dealing with the general public. It started purely as a means to help friends buy Bitcoin safely and slowly grew through word of mouth. Anyway, towards the end of 2018, we had a few complaints from customers that their investment had reduced in value, not really our problem, but they seemed to aim their ire towards us. Some complained that they would take the matter up with their banks, some with police, either way, we assumed it was just hot air, as all were doing was exchanging GBP for BTC, via bank transfer, perfectly legally. About a month after the first complaints, our business account was frozen. We can still log in and see the funds, check all the documents, but we just can't move the funds. Dozens, if not hundreds of calls to Santander were in vain, as they refused to allow any transaction and they were "unable" to provide any reason as to why. I then realised that my Joint account was also frozen in the same manner. The bulk of the blocked funds, however, was still in my wife's ISA, which I can only assume was blocked as I had previously made a payment to that account directly from the business account. Her personal account with Santander was not frozen. We contacted the Financial Ombudsman, which was an incredibly painful process, and explained to them what happened, they launched an investigation, which then took them 18 months to conclude, only to say that Santander is acting within their rights to do what they have done. What a massive waste of time. Having spoken with other brokers in the industry that had experienced the same issue, it appeared as if we had an account freezing order placed on our accounts. The only difference being, they were notified of the situation, we have not been. We're basically in a black hole, without any insight into what's happening, or when/if it will ever get resolved. For the other brokers we know that experienced the same issue, it cost them upwards of £60k to have resolved, solicitors/barristers etc, all mounted up. They had a lot more blocked, but it's still the main reason I've not sought much legal action as it would negate what's currently being blocked by Santander. If it is an Account Freezing Order, then they can run for a maximum of 2 years, which just passed by at the end of August. Yet, we still have received no word from the Bank and/or Police. If it is an AFO, then we would expect there to be a forfeiture request made by the investigators, at which time we would be notified and given 30 days to prepare our case. In truth, I've been hoping we would get some notification, as at least we can demonstrate all of our business was conducted in good faith and above board and get the matter resolved. I have now spoken with some solicitors in anticipation this could go to court, but they're just as surprised we haven't been notified by anyone as to what's going on. I'd appreciate any advice you can offer.
Privacy-o-meter — a free tool to assess the privacy level of your BTC transactions. Privacy-o-meter is the first step to defend yourself against heuristics blockchain surveillance companies use.
Blockchairhas released Privacy-o-meter in its public block explorer and API to measure the privacy level of Bitcoin transactions. The free feature makes use of 50 heuristics and allows visitors to look up how much information about their identity has been leaked. In a later stage, wallets and exchanges will be able to use the feature to notify users about how much information will be leaked before sending out a transaction. While Bitcoin is considered to be a privacy-oriented system, the blockchain is open to be analyzed by anyone, and there are numerous transaction tracing tools like Chainalysis, Elliptic, CipherTrace, and Crystal. These are paid tools and often only available to a handful of individuals and companies. Bitcoin users thus rarely have the opportunity to see how deep the rabbit hole goes regarding their privacy loss. A transaction with a low privacy score Blockchair launched a simple transaction scoring tool and will expand this further in the upcoming months. It currently uses indicators that reveal user information such as:
Is an address reused or not?
Is one of the outputs a rounded number, thus the recipient?
How many input addresses have been used?
But also more technical heuristics such as:
Which script or multi-sig type has been used to sign a transaction?
How are output scripts compared to input scripts?
How are inputs or outputs ordered?
As mentioned by Blockchair, transaction tracing is relatively simple as most users aren’t concerned enough about their privacy and often make ‘mistakes’ like sending round BTC amounts. Wallet providers are often also not highly concerned about user privacy. Taking the previous example in context, there are no warnings if a user tries to send a rounded amount. A transaction with a high privacy score In comparison with protocols such as Zcash, Monero and Dash, in the Bitcoin network there are no transaction obfuscating implementations, and due to the lack of scalability so-called Mixers are expensive and cumbersome to use. Blockchair provides the privacy-o-meter for free as it hopes it will help Bitcoin users take some of their privacy back.
Hey all, I've been researching coins since 2017 and have gone through 100s of them in the last 3 years. I got introduced to blockchain via Bitcoin of course, analyzed Ethereum thereafter and from that moment I have a keen interest in smart contact platforms. I’m passionate about Ethereum but I find Zilliqa to have a better risk-reward ratio. Especially because Zilliqa has found an elegant balance between being secure, decentralized and scalable in my opinion.
Below I post my analysis of why from all the coins I went through I’m most bullish on Zilliqa (yes I went through Tezos, EOS, NEO, VeChain, Harmony, Algorand, Cardano etc.). Note that this is not investment advice and although it's a thorough analysis there is obviously some bias involved. Looking forward to what you all think!
Fun fact: the name Zilliqa is a play on ‘silica’ silicon dioxide which means “Silicon for the high-throughput consensus computer.”
This post is divided into (i) Technology, (ii) Business & Partnerships, and (iii) Marketing & Community. I’ve tried to make the technology part readable for a broad audience. If you’ve ever tried understanding the inner workings of Bitcoin and Ethereum you should be able to grasp most parts. Otherwise, just skim through and once you are zoning out head to the next part.
Technology and some more:
The technology is one of the main reasons why I’m so bullish on Zilliqa. First thing you see on their website is: “Zilliqa is a high-performance, high-security blockchain platform for enterprises and next-generation applications.” These are some bold statements.
Before we deep dive into the technology let’s take a step back in time first as they have quite the history. The initial research paper from which Zilliqa originated dates back to August 2016: Elastico: A Secure Sharding Protocol For Open Blockchains where Loi Luu (Kyber Network) is one of the co-authors. Other ideas that led to the development of what Zilliqa has become today are: Bitcoin-NG, collective signing CoSi, ByzCoin and Omniledger.
The technical white paper was made public in August 2017 and since then they have achieved everything stated in the white paper and also created their own open source intermediate level smart contract language called Scilla (functional programming language similar to OCaml) too.
Mainnet is live since the end of January 2019 with daily transaction rates growing continuously. About a week ago mainnet reached 5 million transactions, 500.000+ addresses in total along with 2400 nodes keeping the network decentralized and secure. Circulating supply is nearing 11 billion and currently only mining rewards are left. The maximum supply is 21 billion with annual inflation being 7.13% currently and will only decrease with time.
Zilliqa realized early on that the usage of public cryptocurrencies and smart contracts were increasing but decentralized, secure, and scalable alternatives were lacking in the crypto space. They proposed to apply sharding onto a public smart contract blockchain where the transaction rate increases almost linear with the increase in the amount of nodes. More nodes = higher transaction throughput and increased decentralization. Sharding comes in many forms and Zilliqa uses network-, transaction- and computational sharding. Network sharding opens up the possibility of using transaction- and computational sharding on top. Zilliqa does not use state sharding for now. We’ll come back to this later.
Before we continue dissecting how Zilliqa achieves such from a technological standpoint it’s good to keep in mind that a blockchain being decentralised and secure and scalable is still one of the main hurdles in allowing widespread usage of decentralised networks. In my opinion this needs to be solved first before blockchains can get to the point where they can create and add large scale value. So I invite you to read the next section to grasp the underlying fundamentals. Because after all these premises need to be true otherwise there isn’t a fundamental case to be bullish on Zilliqa, right?
Down the rabbit hole
How have they achieved this? Let’s define the basics first: key players on Zilliqa are the users and the miners. A user is anybody who uses the blockchain to transfer funds or run smart contracts. Miners are the (shard) nodes in the network who run the consensus protocol and get rewarded for their service in Zillings (ZIL). The mining network is divided into several smaller networks called shards, which is also referred to as ‘network sharding’. Miners subsequently are randomly assigned to a shard by another set of miners called DS (Directory Service) nodes. The regular shards process transactions and the outputs of these shards are eventually combined by the DS shard as they reach consensus on the final state. More on how these DS shards reach consensus (via pBFT) will be explained later on.
The Zilliqa network produces two types of blocks: DS blocks and Tx blocks. One DS Block consists of 100 Tx Blocks. And as previously mentioned there are two types of nodes concerned with reaching consensus: shard nodes and DS nodes. Becoming a shard node or DS node is being defined by the result of a PoW cycle (Ethash) at the beginning of the DS Block. All candidate mining nodes compete with each other and run the PoW (Proof-of-Work) cycle for 60 seconds and the submissions achieving the highest difficulty will be allowed on the network. And to put it in perspective: the average difficulty for one DS node is ~ 2 Th/s equaling 2.000.000 Mh/s or 55 thousand+ GeForce GTX 1070 / 8 GB GPUs at 35.4 Mh/s. Each DS Block 10 new DS nodes are allowed. And a shard node needs to provide around 8.53 GH/s currently (around 240 GTX 1070s). Dual mining ETH/ETC and ZIL is possible and can be done via mining software such as Phoenix and Claymore. There are pools and if you have large amounts of hashing power (Ethash) available you could mine solo.
The PoW cycle of 60 seconds is a peak performance and acts as an entry ticket to the network. The entry ticket is called a sybil resistance mechanism and makes it incredibly hard for adversaries to spawn lots of identities and manipulate the network with these identities. And after every 100 Tx Blocks which corresponds to roughly 1,5 hour this PoW process repeats. In between these 1,5 hour, no PoW needs to be done meaning Zilliqa’s energy consumption to keep the network secure is low. For more detailed information on how mining works click here. Okay, hats off to you. You have made it this far. Before we go any deeper down the rabbit hole we first must understand why Zilliqa goes through all of the above technicalities and understand a bit more what a blockchain on a more fundamental level is. Because the core of Zilliqa’s consensus protocol relies on the usage of pBFT (practical Byzantine Fault Tolerance) we need to know more about state machines and their function. Navigate to Viewblock, a Zilliqa block explorer, and just come back to this article. We will use this site to navigate through a few concepts.
We have established that Zilliqa is a public and distributed blockchain. Meaning that everyone with an internet connection can send ZILs, trigger smart contracts, etc. and there is no central authority who fully controls the network. Zilliqa and other public and distributed blockchains (like Bitcoin and Ethereum) can also be defined as state machines.
Taking the liberty of paraphrasing examples and definitions given by Samuel Brooks’ medium article, he describes the definition of a blockchain (like Zilliqa) as: “A peer-to-peer, append-only datastore that uses consensus to synchronize cryptographically-secure data”.
Next, he states that: "blockchains are fundamentally systems for managing valid state transitions”. For some more context, I recommend reading the whole medium article to get a better grasp of the definitions and understanding of state machines. Nevertheless, let’s try to simplify and compile it into a single paragraph. Take traffic lights as an example: all its states (red, amber, and green) are predefined, all possible outcomes are known and it doesn’t matter if you encounter the traffic light today or tomorrow. It will still behave the same. Managing the states of a traffic light can be done by triggering a sensor on the road or pushing a button resulting in one traffic lights’ state going from green to red (via amber) and another light from red to green.
With public blockchains like Zilliqa, this isn’t so straightforward and simple. It started with block #1 almost 1,5 years ago and every 45 seconds or so a new block linked to the previous block is being added. Resulting in a chain of blocks with transactions in it that everyone can verify from block #1 to the current #647.000+ block. The state is ever changing and the states it can find itself in are infinite. And while the traffic light might work together in tandem with various other traffic lights, it’s rather insignificant comparing it to a public blockchain. Because Zilliqa consists of 2400 nodes who need to work together to achieve consensus on what the latest valid state is while some of these nodes may have latency or broadcast issues, drop offline or are deliberately trying to attack the network, etc.
Now go back to the Viewblock page take a look at the amount of transaction, addresses, block and DS height and then hit refresh. Obviously as expected you see new incremented values on one or all parameters. And how did the Zilliqa blockchain manage to transition from a previous valid state to the latest valid state? By using pBFT to reach consensus on the latest valid state.
After having obtained the entry ticket, miners execute pBFT to reach consensus on the ever-changing state of the blockchain. pBFT requires a series of network communication between nodes, and as such there is no GPU involved (but CPU). Resulting in the total energy consumed to keep the blockchain secure, decentralized and scalable being low.
pBFT stands for practical Byzantine Fault Tolerance and is an optimization on the Byzantine Fault Tolerant algorithm. To quote Blockonomi: “In the context of distributed systems, Byzantine Fault Tolerance is the ability of a distributed computer network to function as desired and correctly reach a sufficient consensus despite malicious components (nodes) of the system failing or propagating incorrect information to other peers.” Zilliqa is such a distributed computer network and depends on the honesty of the nodes (shard and DS) to reach consensus and to continuously update the state with the latest block. If pBFT is a new term for you I can highly recommend the Blockonomi article.
The idea of pBFT was introduced in 1999 - one of the authors even won a Turing award for it - and it is well researched and applied in various blockchains and distributed systems nowadays. If you want more advanced information than the Blockonomi link provides click here. And if you’re in between Blockonomi and the University of Singapore read the Zilliqa Design Story Part 2 dating from October 2017. Quoting from the Zilliqa tech whitepaper: “pBFT relies upon a correct leader (which is randomly selected) to begin each phase and proceed when the sufficient majority exists. In case the leader is byzantine it can stall the entire consensus protocol. To address this challenge, pBFT offers a view change protocol to replace the byzantine leader with another one.”
pBFT can tolerate ⅓ of the nodes being dishonest (offline counts as Byzantine = dishonest) and the consensus protocol will function without stalling or hiccups. Once there are more than ⅓ of dishonest nodes but no more than ⅔ the network will be stalled and a view change will be triggered to elect a new DS leader. Only when more than ⅔ of the nodes are dishonest (66%) double-spend attacks become possible.
If the network stalls no transactions can be processed and one has to wait until a new honest leader has been elected. When the mainnet was just launched and in its early phases, view changes happened regularly. As of today the last stalling of the network - and view change being triggered - was at the end of October 2019.
Another benefit of using pBFT for consensus besides low energy is the immediate finality it provides. Once your transaction is included in a block and the block is added to the chain it’s done. Lastly, take a look at this article where three types of finality are being defined: probabilistic, absolute and economic finality. Zilliqa falls under the absolute finality (just like Tendermint for example). Although lengthy already we skipped through some of the inner workings from Zilliqa’s consensus: read the Zilliqa Design Story Part 3 and you will be close to having a complete picture on it. Enough about PoW, sybil resistance mechanism, pBFT, etc. Another thing we haven’t looked at yet is the amount of decentralization.
Currently, there are four shards, each one of them consisting of 600 nodes. 1 shard with 600 so-called DS nodes (Directory Service - they need to achieve a higher difficulty than shard nodes) and 1800 shard nodes of which 250 are shard guards (centralized nodes controlled by the team). The amount of shard guards has been steadily declining from 1200 in January 2019 to 250 as of May 2020. On the Viewblock statistics, you can see that many of the nodes are being located in the US but those are only the (CPU parts of the) shard nodes who perform pBFT. There is no data from where the PoW sources are coming. And when the Zilliqa blockchain starts reaching its transaction capacity limit, a network upgrade needs to be executed to lift the current cap of maximum 2400 nodes to allow more nodes and formation of more shards which will allow to network to keep on scaling according to demand. Besides shard nodes there are also seed nodes. The main role of seed nodes is to serve as direct access points (for end-users and clients) to the core Zilliqa network that validates transactions. Seed nodes consolidate transaction requests and forward these to the lookup nodes (another type of nodes) for distribution to the shards in the network. Seed nodes also maintain the entire transaction history and the global state of the blockchain which is needed to provide services such as block explorers. Seed nodes in the Zilliqa network are comparable to Infura on Ethereum.
The seed nodes were first only operated by Zilliqa themselves, exchanges and Viewblock. Operators of seed nodes like exchanges had no incentive to open them for the greater public. They were centralised at first. Decentralisation at the seed nodes level has been steadily rolled out since March 2020 ( Zilliqa Improvement Proposal 3 ). Currently the amount of seed nodes is being increased, they are public-facing and at the same time PoS is applied to incentivize seed node operators and make it possible for ZIL holders to stake and earn passive yields. Important distinction: seed nodes are not involved with consensus! That is still PoW as entry ticket and pBFT for the actual consensus.
5% of the block rewards are being assigned to seed nodes (from the beginning in 2019) and those are being used to pay out ZIL stakers. The 5% block rewards with an annual yield of 10.03% translate to roughly 610 MM ZILs in total that can be staked. Exchanges use the custodial variant of staking and wallets like Moonlet will use the non-custodial version (starting in Q3 2020). Staking is being done by sending ZILs to a smart contract created by Zilliqa and audited by Quantstamp.
With a high amount of DS; shard nodes and seed nodes becoming more decentralized too, Zilliqa qualifies for the label of decentralized in my opinion.
Generalized: programming languages can be divided into being ‘object-oriented’ or ‘functional’. Here is an ELI5 given by software development academy: * “all programs have two basic components, data – what the program knows – and behavior – what the program can do with that data. So object-oriented programming states that combining data and related behaviors in one place, is called “object”, which makes it easier to understand how a particular program works. On the other hand, functional programming argues that data and behavior are different things and should be separated to ensure their clarity.” *
Scilla is on the functional side and shares similarities with OCaml: OCaml is a general-purpose programming language with an emphasis on expressiveness and safety. It has an advanced type system that helps catch your mistakes without getting in your way. It's used in environments where a single mistake can cost millions and speed matters, is supported by an active community, and has a rich set of libraries and development tools. For all its power, OCaml is also pretty simple, which is one reason it's often used as a teaching language.
Scilla is blockchain agnostic, can be implemented onto other blockchains as well, is recognized by academics and won a so-called Distinguished Artifact Award award at the end of last year.
One of the reasons why the Zilliqa team decided to create their own programming language focused on preventing smart contract vulnerabilities is that adding logic on a blockchain, programming, means that you cannot afford to make mistakes. Otherwise, it could cost you. It’s all great and fun blockchains being immutable but updating your code because you found a bug isn’t the same as with a regular web application for example. And with smart contracts, it inherently involves cryptocurrencies in some form thus value.
Another difference with programming languages on a blockchain is gas. Every transaction you do on a smart contract platform like Zilliqa or Ethereum costs gas. With gas you basically pay for computational costs. Sending a ZIL from address A to address B costs 0.001 ZIL currently. Smart contracts are more complex, often involve various functions and require more gas (if gas is a new concept click here ).
So with Scilla, similar to Solidity, you need to make sure that “every function in your smart contract will run as expected without hitting gas limits. An improper resource analysis may lead to situations where funds may get stuck simply because a part of the smart contract code cannot be executed due to gas limits. Such constraints are not present in traditional software systems”.Scilla design story part 1
Some examples of smart contract issues you’d want to avoid are: leaking funds, ‘unexpected changes to critical state variables’ (example: someone other than you setting his or her address as the owner of the smart contract after creation) or simply killing a contract.
Scilla also allows for formal verification. Wikipedia to the rescue: In the context of hardware and software systems, formal verification is the act of proving or disproving the correctness of intended algorithms underlying a system with respect to a certain formal specification or property, using formal methods of mathematics.
Formal verification can be helpful in proving the correctness of systems such as: cryptographic protocols, combinational circuits, digital circuits with internal memory, and software expressed as source code.
“Scilla is being developed hand-in-hand with formalization of its semantics and its embedding into the Coq proof assistant — a state-of-the art tool for mechanized proofs about properties of programs.”
Simply put, with Scilla and accompanying tooling developers can be mathematically sure and proof that the smart contract they’ve written does what he or she intends it to do.
Smart contract on a sharded environment and state sharding
There is one more topic I’d like to touch on: smart contract execution in a sharded environment (and what is the effect of state sharding). This is a complex topic. I’m not able to explain it any easier than what is posted here. But I will try to compress the post into something easy to digest.
Earlier on we have established that Zilliqa can process transactions in parallel due to network sharding. This is where the linear scalability comes from. We can define simple transactions: a transaction from address A to B (Category 1), a transaction where a user interacts with one smart contract (Category 2) and the most complex ones where triggering a transaction results in multiple smart contracts being involved (Category 3). The shards are able to process transactions on their own without interference of the other shards. With Category 1 transactions that is doable, with Category 2 transactions sometimes if that address is in the same shard as the smart contract but with Category 3 you definitely need communication between the shards. Solving that requires to make a set of communication rules the protocol needs to follow in order to process all transactions in a generalised fashion.
There is no strict defined roadmap but here are topics being worked on. And via the Zilliqa website there is also more information on the projects they are working on.
Business & Partnerships
It’s not only technology in which Zilliqa seems to be excelling as their ecosystem has been expanding and starting to grow rapidly. The project is on a mission to provide OpenFinance (OpFi) to the world and Singapore is the right place to be due to its progressive regulations and futuristic thinking. Singapore has taken a proactive approach towards cryptocurrencies by introducing the Payment Services Act 2019 (PS Act). Among other things, the PS Act will regulate intermediaries dealing with certain cryptocurrencies, with a particular focus on consumer protection and anti-money laundering. It will also provide a stable regulatory licensing and operating framework for cryptocurrency entities, effectively covering all crypto businesses and exchanges based in Singapore. According to PWC 82% of the surveyed executives in Singapore reported blockchain initiatives underway and 13% of them have already brought the initiatives live to the market. There is also an increasing list of organizations that are starting to provide digital payment services. Moreover, Singaporean blockchain developers Building Cities Beyond has recently created an innovation $15 million grant to encourage development on its ecosystem. This all suggests that Singapore tries to position itself as (one of) the leading blockchain hubs in the world.
Zilliqa seems to already take advantage of this and recently helped launch Hg Exchange on their platform, together with financial institutions PhillipCapital, PrimePartners and Fundnel. Hg Exchange, which is now approved by the Monetary Authority of Singapore (MAS), uses smart contracts to represent digital assets. Through Hg Exchange financial institutions worldwide can use Zilliqa's safe-by-design smart contracts to enable the trading of private equities. For example, think of companies such as Grab, Airbnb, SpaceX that are not available for public trading right now. Hg Exchange will allow investors to buy shares of private companies & unicorns and capture their value before an IPO. Anquan, the main company behind Zilliqa, has also recently announced that they became a partner and shareholder in TEN31 Bank, which is a fully regulated bank allowing for tokenization of assets and is aiming to bridge the gap between conventional banking and the blockchain world. If STOs, the tokenization of assets, and equity trading will continue to increase, then Zilliqa’s public blockchain would be the ideal candidate due to its strategic positioning, partnerships, regulatory compliance and the technology that is being built on top of it.
What is also very encouraging is their focus on banking the un(der)banked. They are launching a stablecoin basket starting with XSGD. As many of you know, stablecoins are currently mostly used for trading. However, Zilliqa is actively trying to broaden the use case of stablecoins. I recommend everybody to read this text that Amrit Kumar wrote (one of the co-founders). These stablecoins will be integrated in the traditional markets and bridge the gap between the crypto world and the traditional world. This could potentially revolutionize and legitimise the crypto space if retailers and companies will for example start to use stablecoins for payments or remittances, instead of it solely being used for trading.
Zilliqa also released their DeFi strategic roadmap (dating November 2019) which seems to be aligning well with their OpFi strategy. A non-custodial DEX is coming to Zilliqa made by Switcheo which allows cross-chain trading (atomic swaps) between ETH, EOS and ZIL based tokens. They also signed a Memorandum of Understanding for a (soon to be announced) USD stablecoin. And as Zilliqa is all about regulations and being compliant, I’m speculating on it to be a regulated USD stablecoin. Furthermore, XSGD is already created and visible on block explorer and XIDR (Indonesian Stablecoin) is also coming soon via StraitsX. Here also an overview of the Tech Stack for Financial Applications from September 2019. Further quoting Amrit Kumar on this:
There are two basic building blocks in DeFi/OpFi though: 1) stablecoins as you need a non-volatile currency to get access to this market and 2) a dex to be able to trade all these financial assets. The rest are built on top of these blocks.
So far, together with our partners and community, we have worked on developing these building blocks with XSGD as a stablecoin. We are working on bringing a USD-backed stablecoin as well. We will soon have a decentralised exchange developed by Switcheo. And with HGX going live, we are also venturing into the tokenization space. More to come in the future.”
Additionally, they also have this ZILHive initiative that injects capital into projects. There have been already 6 waves of various teams working on infrastructure, innovation and research, and they are not from ASEAN or Singapore only but global: see Grantees breakdown by country. Over 60 project teams from over 20 countries have contributed to Zilliqa's ecosystem. This includes individuals and teams developing wallets, explorers, developer toolkits, smart contract testing frameworks, dapps, etc. As some of you may know, Unstoppable Domains (UD) blew up when they launched on Zilliqa. UD aims to replace cryptocurrency addresses with a human-readable name and allows for uncensorable websites. Zilliqa will probably be the only one able to handle all these transactions onchain due to ability to scale and its resulting low fees which is why the UD team launched this on Zilliqa in the first place. Furthermore, Zilliqa also has a strong emphasis on security, compliance, and privacy, which is why they partnered with companies like Elliptic, ChainSecurity (part of PwC Switzerland), and Incognito. Their sister company Aqilliz (Zilliqa spelled backwards) focuses on revolutionizing the digital advertising space and is doing interesting things like using Zilliqa to track outdoor digital ads with companies like Foodpanda.
Zilliqa is listed on nearly all major exchanges, having several different fiat-gateways and recently have been added to Binance’s margin trading and futures trading with really good volume. They also have a very impressive team with good credentials and experience. They don't just have “tech people”. They have a mix of tech people, business people, marketeers, scientists, and more. Naturally, it's good to have a mix of people with different skill sets if you work in the crypto space.
Marketing & Community
Zilliqa has a very strong community. If you just follow their Twitter their engagement is much higher for a coin that has approximately 80k followers. They also have been ‘coin of the day’ by LunarCrush many times. LunarCrush tracks real-time cryptocurrency value and social data. According to their data, it seems Zilliqa has a more fundamental and deeper understanding of marketing and community engagement than almost all other coins. While almost all coins have been a bit frozen in the last months, Zilliqa seems to be on its own bull run. It was somewhere in the 100s a few months ago and is currently ranked #46 on CoinGecko. Their official Telegram also has over 20k people and is very active, and their community channel which is over 7k now is more active and larger than many other official channels. Their local communities also seem to be growing.
Moreover, their community started ‘Zillacracy’ together with the Zilliqa core team ( see www.zillacracy.com ). It’s a community-run initiative where people from all over the world are now helping with marketing and development on Zilliqa. Since its launch in February 2020 they have been doing a lot and will also run their own non-custodial seed node for staking. This seed node will also allow them to start generating revenue for them to become a self sustaining entity that could potentially scale up to become a decentralized company working in parallel with the Zilliqa core team. Comparing it to all the other smart contract platforms (e.g. Cardano, EOS, Tezos etc.) they don't seem to have started a similar initiative (correct me if I’m wrong though). This suggests in my opinion that these other smart contract platforms do not fully understand how to utilize the ‘power of the community’. This is something you cannot ‘buy with money’ and gives many projects in the space a disadvantage.
Zilliqa also released two social products called SocialPay and Zeeves. SocialPay allows users to earn ZILs while tweeting with a specific hashtag. They have recently used it in partnership with the Singapore Red Cross for a marketing campaign after their initial pilot program. It seems like a very valuable social product with a good use case. I can see a lot of traditional companies entering the space through this product, which they seem to suggest will happen. Tokenizing hashtags with smart contracts to get network effect is a very smart and innovative idea.
Regarding Zeeves, this is a tipping bot for Telegram. They already have 1000s of signups and they plan to keep upgrading it for more and more people to use it (e.g. they recently have added a quiz features). They also use it during AMAs to reward people in real-time. It’s a very smart approach to grow their communities and get familiar with ZIL. I can see this becoming very big on Telegram. This tool suggests, again, that the Zilliqa team has a deeper understanding of what the crypto space and community needs and is good at finding the right innovative tools to grow and scale.
To be honest, I haven’t covered everything (i’m also reaching the character limited haha). So many updates happening lately that it's hard to keep up, such as the International Monetary Fund mentioning Zilliqa in their report, custodial and non-custodial Staking, Binance Margin, Futures, Widget, entering the Indian market, and more. The Head of Marketing Colin Miles has also released this as an overview of what is coming next. And last but not least, Vitalik Buterin has been mentioning Zilliqa lately acknowledging Zilliqa and mentioning that both projects have a lot of room to grow. There is much more info of course and a good part of it has been served to you on a silver platter. I invite you to continue researching by yourself :-) And if you have any comments or questions please post here!
Topic originally posted in Bitcoin by almkglor [link]
This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/ Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners? And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess. First, let's consider some principles of Bitcoin.
You the HODLer should be the one who controls where your money goes. Your keys, your coins.
You the HODLer should be able to coordinate and make contracts with other people regarding your funds.
You the HODLer should be able to do the above without anyone watching over your shoulder and judging you.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so). So, how does Taproot affect those principles?
Taproot and Your /Coins
Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash). (technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input). However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits! Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh? With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save! And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well! (P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1) Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service! So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win! (even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot) And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!
Taproot and Your Contracts
No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade. So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust. Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade. However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade. In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address. Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants). But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer). Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos). (technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).
Taproot and Your Contracts, Part 2: Cryptographic Boogaloo
Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code. This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded. And you can do that, with HTLCs, today. Of course, HTLCs do have problems:
Privacy. Everyone scraping the Bitcoin blockchain can see any HTLCs, and preimages used to claim them.
This can be mitigated by using offchain techniques so HTLCs are never published onchain in the happy case. Lightning would probably in practice be the easiest way to do this offchain. Of course, there are practical limits to what you can pay on Lightning. If you are buying something expensive, then Lightning might not be practical. For example, the "software" you are activating is really the firmware of a car, and what you are buying is not the software really but the car itself (with the activation of the car firmware being equivalent to getting the car keys).
Even offchain techniques need an onchain escape hatch in case of unresponsiveness! This means that, if something bad happens during payment, the HTLC might end up being published onchain anyway, revealing the fact that some special contract occurred.
And an HTLC that is claimed with a preimage onchain will also publicly reveal the preimage onchain. If that preimage is really the activation key of a software than it can now be pirated. If that preimage is really the activation key for your newly-bought cryptographic car --- well, not your keys, not your car!
Trust requirement. You are trusting the developer that it gives you the hash of an actual valid activation key, without any way to validate that the activation key hidden by the hash is actually valid.
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar". Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given private key to you. Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige). (Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key). So:
Privacy: PTLCs are private even if done onchain. Nobody else can learn what the private key behind the public key is, except you who knows the adaptor signature that when combined with the complete onchain signature lets you know what the private key of the activation key is. Somebody scraping the blockchain will not learn the same information even if all PTLCs are done onchain!
Lightning is still useful for reducing onchain use, and will also get PTLCs soon after Taproot is activated, but even if something bad happens and a PTLC has to go onchain, it doesn't reveal anything!
Trust issues can be proven more easily with a public-private keypair than with a hash-preimage pair.
For example, the developer of the software you are buying could provide a signature signing a message saying "unlock access to the full version for 1 day". You can check if feeding this message and signature to the program will indeed unlock full-version access for 1 day. Then you can check if the signature is valid for the purported pubkey whose private key you will pay for. If so, you can now believe that getting the private key (by paying for it in a PTLC) would let you generate any number of "unlock access to the full version for 1 day" message+signatures, which is equivalent to getting full access to the software indefinitely.
For the car, the manufacturer can show that signing a message "start the engine" and feeding the signature to the car's fimrware will indeed start the engine, and maybe even let you have a small test drive. You can then check if the signature is valid for the purported pubkey whose privkey you will pay for. If so, you can now believe that gaining knowledge of the privkey will let you start the car engine at any time you want.
(pedantry: the signatures need to be unique else they could be replayed, this can be done with a challenge-response sequence for the car, where the car gathers entropy somehow (it's a car, it probably has a bunch of sensors nowadays so it can get entropy for free) and uses the gathered entropy to challenge you to sign a random number and only start if you are able to sign the random number; for the software, it could record previous signatures somewhere in the developer's cloud server and refuse to run if you try to replay a previously-seen signature.)
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script. (technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)
Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable?? Well, in theory yes. In practice, they probably are not. It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash. When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key. So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key. (public keys should be public, that's why they're called public keys, LOL) And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions. So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort. Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers. For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
Current quantum computers can barely crack prime factorization problem for primes of 5 bits.
The 256-bit elliptic curve use by Bitcoin is, by my (possibly wrong) understanding, equivalent to 4096-bit primes, so you can see a pretty big gap between now (5 bit primes) and what is needed (4096 bit primes).
A lot of financial non-Bitcoin systems use the equivalent of 3072-bit primes or less, and are probably easier targets to crack than the equivalent-to-4096-bit-primes Bitcoin.
Quantum computers capable of cracking Bitcoin are still far off.
Pay-to-public-key-hash is not as protective as you might think.
We will probably see banks get cracked before Bitcoin, so the banking system is a useful canary-in-a-coal-mine to see whether we should panic about being quantum vulnerable.
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).
If you are a singlesig HODL-only Bitcoin user, Taproot will not affect you positively or negatively. Importantly: Taproot does no harm!
If you use or intend to use multisig, Taproot will be a positive for you.
If you transact onchain regularly using typical P2PKH/P2WPKH addresses, you get a minor reduction in feerates since multisig users will likely switch to Taproot to get smaller tx sizes, freeing up blockspace for yours.
If you are using multiparticipant setups for special systems of trade, Taproot will be a positive for you.
Remember: Lightning channels are multipartiicpiant setups for special systems of lightning-fast offchain trades!
I Wanna Be The Taprooter!
So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!
If you have developer experience especially in C, C++, or related languages
Review the Taproot code! There is one pull request in Bitcoin Core, and one in libsecp256k1. I deliberately am not putting links here, to avoid brigades of nontechnical but enthusiastic people leaving pointless reviews, but if you are qualified you know how to find them!
But I am not a cryptographeBitcoin Core contributomathematician/someone as awesome as Pieter Wuille
That's perfectly fine! The cryptographers have been over the code already and agree the math is right and the implementation is right. What is wanted is the dreary dreary dreary software engineering: are the comments comprehensive and understandable? no misspellings in the comments? variable names understandable? reasonable function naming convention? misleading coding style? off-by-one errors in loops? conditions not covered by tests? accidental mixups of variables with the same types? missing frees? read-before-init? better test coverage of suspicious-looking code? missing or mismatching header guards? portability issues? consistent coding style? you know, stuff any coder with a few years of experience in coding anything might be able to catch. With enough eyes all bugs are shallow!
If you are running a mining pool/mining operation/exchange/custodial service/SPV server
Be prepared to upgrade!
One of the typical issues with upgrading software is that subtle incompatibilities with your current custom programs tend to arise, disrupting operations and potentially losing income due to downtime. If so, consider moving to the two-node setup suggested by gmax, which is in the last section of my previous post. With this, you have an up-to-date "public" node and a fixed-version "private" node, with the public node protecting the private node from any invalid chainsplits or invalid transactions. Moving to this setup from a typical one-node setup should be smooth and should not disrupt operations (too much).
If you are running your own fullnode for fun or for your own wallet
Be prepared to upgrade! The more nodes validating the new rules (even if you are a non-mining node!), the safer every softfork will be!
If you are using an SPV wallet or custodial wallet/service (including hardware wallets using the software of the wallet provider)
Contact your wallet provider / SPV server and ask for a statement on whether they support Taproot, and whether they are prepared to upgrade for Taproot! Make it known to them that Taproot is something you want!
But I Hate Taproot!!
Raise your objections to Taproot now, or forever hold your peace! Maybe you can raise them here and some of the devs (probably nullc, he goes everywhere, even in rbtc!) might be able to see your objections! Or if your objections are very technical, head over to the appropriate pull request and object away!
Maybe you simply misunderstand something, and we can clarify it here!
Or maybe you do have a good objection, and we can make Taproot better by finding a solution for it!
almkglor your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
[ Bitcoin ] Bitcoin Price Analysis Bot System, Bitcoin Long Short 10x Leverage Analyzer
[ 🔴 DELETED 🔴 ] Topic originally posted in Bitcoin by gokhancava [link]
Hello. I made this system, this is bitcoin auto trade bot system. It makes 7/24 trade. Project website: https://bitcoinlongshort.com System has special algorithm which i invented! It opens long or short position. You dont have to refresh page because data are live. Just open alarm on the top left, then you can watch movie, or play game, you will be notified when bot make trade. You can see what is our position in last positions section. If you have any question please write comment bottom.
gokhancava your post has been copied because one or more comments in this topic have been removed. This copy will preserve unmoderated topic. If you would like to opt-out, please send a message using [this link].
Zhuoer Jiang: Talk about the difference between BTC, BCH and BSV
https://preview.redd.it/kcdq7qrjnyd51.jpg?width=570&format=pjpg&auto=webp&s=af67bd46683fbe3ffa6c081d490d69598dd83bbb 1. When do you contact Bitcoin? What do you think of the blockchain industry? I came into contact with Bitcoin in October 2013. At that time, I was making game aids, which involved the issue of collecting money from Taiwan and Southeast Asia. The reason for cultivating the blockchain industry is that blockchain is the only industry that can provide economic freedom. The blockchain is decentralized and has no control center, so no one can eliminate it, so it provides economic freedom. The counter-example is Qvod player. Although Qvod player also has tens of thousands of nodes, it is centralized. As long as the control center is killed, the Qvod player network will die. (QvodPlayer is a Chinese-based video-on-demand playback software, using P2P technology, users can watch online film and television programs through buffering. In mainland China, QvodPlayer has a huge number of users. Due to the use of a dedicated transmission protocol, QvodPlayer is used by some users to download banned videos, such as violent or pornographic videos, and politically sensitive videos. In addition, pirated movies are rampant in QvodPlayer) I am not a Bitcoinist. As long as other tokens provide economic freedom, I will buy them with real money. My position portfolio is BCH 40% + BTC 30% + ETH 20% + economically free innovative currency 10%, and I think that ETH is likely to exceed BTC in total market value in this bull market. 2. What is the difference between BTC, BCH and BSV? The easiest thing to see is the difference in block size. BTC blocks have been locked at about 1MB, while BSV advocates infinite blocks. BCH advocates a moderate block size, which cannot exceed the carrying capacity of an ordinary computer. The current value is about 32MB. Both BTC and BSV have gone to extremes. The BTC development team, Core, pursues extreme decentralization, resulting in too small blocks and high transaction fees. In the last bull market, a transaction fee was as high as hundreds of thousands of yuan, which caused a large number of BTC users to flow out to BCH, ETH and other tokens. Some people think that BTC can rely entirely on stored-value users instead of using users to survive. This is impossible. If there are no users, there are no stored value users. For example, gold is obviously more suitable for storing value, but almost everyone has bank deposits, except for the elderly, almost no one uses gold to store value. To People usually use paper money to store value, and naturally they also use paper money to store value. It is impossible to use paper money to store value with gold, and it is impossible to use paper money for small transactions and gold for large transactions. Currency has a scale effect, and it must be a winner takes all. BSV has gone to the other extreme. The blockchain is enough to store transaction data, but if the blockchain is used as cloud storage, no amount of space is enough. Think about how many resources the world has to store. The result is that the performance requirements are too high, the number of nodes is drastically reduced, and the foundation of the blockchain, which is decentralization, is lost. In the end, it falls into the same fate as the Qvod player. To Behind the different block sizes are the differences in the spirit of the three. Just like during the Opium War, the difference between Britain and China's Qing Dynasty was not a superficial weapon, but a complete political, economic, and technological gap behind it. Both BTC and BSV are irrational and religious to a certain extent. BTC advocates a deadlock block size, and BSV advocates a deadlock protocol. The two are very similar. In terms of rational development and serving users, BCH has won. For example, the issuance of tokens is an important function and rigid demand of the blockchain. Tokens can already be issued on BCH through several protocols such as Wormhole and SLP, while BTC and BSV cannot yet. This is a huge difference in development. 3. Under what circumstances can BCH exceed BTC? BCH has to wait for users to slowly develop until the number of users and transactions exceed BTC. Although under normal circumstances, the currency has a scale effect, this situation is unlikely to happen, but BTC made a fatal mistake, and locked the block and locked the user. What if BTC expands like BCH? First of all, BTC cannot be expanded because the expansion requires a hard fork, regardless of whether it is within the community or the Core, it must adhere to 1MB, insist on extreme decentralization, and BTC must be able to run on the Raspberry Pi. The result is that the expansion advocates in BTC and Core re-hard fork. Isn't this the plot of the hard fork of BCH from BTC in 2017? So what are these "advocates" doing hard forking again? Just go straight to BCH. Therefore, BTC must undergo a hard fork to expand, so it cannot be expanded. So BCH only needs to catch up, which is a fixed goal. I estimate that in this bull market, BCH can exceed the number of users. At that time, BCH had a solid foundation of users and communities. The price increase only increases the price of BCH, the value of BCH is determined by the number of users, and the price fluctuates around the value. 4. Will BCH hard fork happen? What impact will it have on us later? The BCH community has recently had a lot of discussions on the issue of miner donations, which reflects the decentralization of BCH. If BCH is controlled by bitmain, why it took a long time for bitmain to implement this problem? Conversely, if CSW wants to modify something on BSV, it can be passed immediately. 5. Do you think BCH is worth long-term ownership? I often say: "Ask God in the short term, and the number of users in the long term." The longer the time, the more worth holding BCH. BCH is developing rapidly due to the correct route. I just gave an example. There are already several schemes for issuing tokens on BCH, but neither BTC nor BSV have one. Part of it is because BSV locks the protocol and is not convenient for development. The other part It is because the BSV community has inherited the characteristics of CSW and only speaks big words and does not do practical things. Therefore, it is definitely worth holding for 1 to 2 years, and the rate of increase is likely to be higher than that of BTC. I predict that the highest point of this round of bull market for BCH will rise from about 3.6% of BTC to 10% to 20% of BTC. 8. Free Q&A "Will Bitcoin die due to quantum computers or other reasons?" Certainly not, at best, replace a quantum-resistant algorithm. Looking at it now, quantum computers will not be practical for a long time. And I think quantum computers may not be able to solve the NP problem, that is, the current asymmetric encryption problem, which may not be possible mathematically. "The impact of the proliferation of contract transactions on currency prices?" The currency price is ultimately determined by the number of users, not by speculative users. The proliferation of futures trading has happened long ago. From 2016 to 2017, in the presence of a large number of futures trading, BTC rose 100 times. "Will you be notified when you escape?" I will definitely not inform. I have already made predictions. I think the bull market may end in the second half of 2021. Or conversely, this bull market may last for two to three years, and two years are more likely. Why not notify? Most of my clients are miners, and the currency price directly affects the income of the miners. If the currency price drops due to my notification, the interests of my clients will be damaged. "Recommended regular investment in 2019, what strategy is recommended in 2020?" This year's bull market has begun, and it must be a full position investment. The cost of regular investment to buy coins later is very high. "Is it better to speculate or to mine now?" Most people can't insist on holding the token from start to finish. Most people are in the middle of the bull market, or even sell it at the beginning, and then miss the entire bull market. Only miners, no matter what level of miners, will hold the token from beginning to end. During the entire bull market, miners are very profitable. Miners will certainly not sell the goose that lays golden eggs like mining machines in the bull market, so miners tend to make more. The earliest miners are basically still active in the market, and their wealth is free, while the earliest holders of coins are almost gone.
I plan on destroying this laptop after posting this and will soon be untraceable. I am reaching out because something is not right. I feel as if something just is not lining up right in the universe. I feel like I am out of place. I come to post because I am not sure how much longer I have. I was taking the trash out last week and I think I saw something I should not have. It was a full moon that night and I was doing my regular chores. Feed the dogs, clean the dishes, take the trash out. Easy stuff like any other night. When I got to the dumpster I saw a cassette player on the ground looking like it was to be thrown out. I thought to myself it was just trash but something caught my eye. There was a piece of tape on it with a sharpie written across it. It stated "LISTEN URGENT" so I put it in my pocket and took it home. If I knew what was on that tape I would have not brought it home that night. I didn't have a pair of headphones to listen to it with or at least didn't care to look for one at the time. I had put the tape down on my desk and went to play some video games without thinking much of it at the time. You see I didn't have much going for me. My mother was a single mom and I was the man of the house. I liked to play video games because that is what made me happy. It was getting late so I turned off my monitor and went to bed. I woke up the next morning thinking about the tape because I had a dream about it the night before. The dream consists of me going to the trash and finding the cassette tape then someone getting out of their car when I was walking home pushing me down and taking the tape from me. It was a man with a black overcoat but couldn't see much of his face since it was dark out. And as soon as he took it I woke up. I thought to myself that having a dream of it already had to mean something so I found some headphones and plugged them into the aux input and pressed play. "What did you see that night" A man asked "I was super drunk and all I remember was seeing some guy beat the shit out of some other guy outside the bar." A women said "Where did this take place? The man asked "In the alley besides the bar.... Can I please go now?" The women proclaimed. "No, not yet we have some more questions for you..." The man said "What was that?" The man asked You could hear a crash or something and the tape cut out. What the fuck was I listening to? An interrogation with the police? All I know is there is more on the tape and I definitely shouldn't be listening to this. I clicked skip and play again and it started back up. "Where were we... Sorry about the inconvenience miss." The man smirked "Who are you guys anyways? The cops?" The women asked. "Ahaha very funny... she thinks were the feds..." The man talking to his partner. "You guys aren't the police???" "Then who are you guys?" The women starting to panic "We are the guys they call when shit gets bad." The man said "I think we are finished here... just state your name and age and your good to go." "OK... Carly Johnson, 23" Tape Ends Who the fuck were they? Who is this girl Carly... I thought to myself what this tape was doing with me. I looked up this girl's name and I didn't believe my eyes. Here I am looking at her obituary. She died weeks ago. Cause of death: Suicide. Where do I begin. I just heard a tape of seems to be the police interrogating Carly and she all of sudden kills herself what the actual fuck. I guess these are the guys they call when shit gets bad. It says she jumped over a bridge in the town over from me at midnight. Why would a girl just do this out of nowhere and sounded decently happy on the tape. But then I saw one last thing on her obituary... it said "There was no body found. She had left a note." So she went missing huh and they ruled it off as a suicide. I went back to the tape and to my surprise it had corrupted and I couldn't play anything back. Just great. I wanted to know who these guys were? Why did they want to talk to Carly? Why did Carly all of sudden disappear? This was all so hard to wrap my head around. None of this should be my business but somehow I feel like it is. I never even knew Carly but some way I feel like I did. Weird right. Maybe you can tell me if I'm nuts or if it's humane to feel this way. I had another dream last night and to my surprise it had to do with the tape again. But this time it was very strange. I was on the bridge where Carly apparently did what she did and there was something on the ground in the middle of the bridge and I couldn't really make out what it was so I walked over and it was the same tape except the writing on it this time was "They did this." I then rubbed my eyes and woke up in a ton of sweat. So is this supposed to be a sign or something? Like what are these nightmares supposed to mean? I still am wondering who the men were that were talking with Carly. I started looking up cases of bar fights or anything to do with fights relevant to a bar. To my surprise I found the case. Case # 06-123 Bar stabbing leaving man dead. Looks like it was big in the local news. I do not watch the news much but now I know what they were talking to Carly about. This was much bigger than I thought. This is still an open investigation. I was skimming over the reports and one of the officers said that a private sector of the FBI would be taking over the case and no more was to be discussed publicly until the case is closed. A private sector of the FBI is now involved what the fuck. In this tiny ass town the FBI is getting involved. This is all so much to take in. Seems like there is more to it though. The FBI got involved with some little stabbing at a bar. The news article said if there is any information to help the case to contact the link that was shared underneath the article. I clicked the link and it brought me to some government website to report tips or some bullshit. I started to read and it said "If there is any information on this case please contact this phone number [DISCLOSED INFORMATION]. I then read it said if anyone knew of a missing cassette tape that it is crucial to the investigation and no more information was shared after that. So wonderful, I now know that I am holding a crucial part of evidence of a case for the FBI and the contents were corrupted. I don't know what to do at this point... I still am going to be doing my research and I plan on getting rid of this cassette tape. I will be updating this post as soon as more information is shared or I find something. In the meanwhile I need to stay on the low because there could be and will be people looking for me and what I have acquired. Ill post an update in 24 hours. Until then, Goodbye. Update 2 I only got a few hours of sleep last night... thoughts running through my head constantly. I promised an update and here it is. I have been thinking of what to do with this tape. I think the best option would be to get rid of it but I think that would be a felony or something so that options off the list. The second option I have is to give it to them. Yes, I know it sounds crazy absolute delusional you might say. OK let me stop you right there. The plan is to drop it off at a discrete location and call in an anonymous tip. Seems easy right. I hope. I have wiped off all my prints on it and ripped off the tape on the front of it. I am going to go to a gas station about 45 minutes away from here. There should be a payphone and the angle the cameras are at should not see me if I pull my car up to the left of the building. I will wear gloves for prints and wear a hoodie. I should be fine, no evidence that I was there with the tape. I will get back to you after the job is done. Wish me luck. Update 3 So it went exactly like planned. I parked my car where there was no surveillance and got out with my black hoodie and called the number that I saw online. I said "The cassette tape is in the bathroom of the gas station for case # 06-123 and hung up. I got out of there as fast as possible. I am now home and well. I am still curious and looking into Carly. I think I came upon something. It is very unusual. Her mother wrote a Facebook post saying "I know those cops are fucking corrupt... they never even looked into her case!" I thought to myself how weird this is. Her own mother must have known something was up too. No body found, A bridge that no one was on that night. I know no one was on it because there was a detour for maintenance on the bridge that afternoon. The last thing that doesn't add up is someone had to write on that tape stating LISTEN URGENT. If they were police wouldn't that tape be in evidence or something. Correct me if I'm wrong but this shit doesn't just go missing and wind up at my dumpster. I have a feeling that the bridge is one of the places that I will find something leading me to what happened to Carly and why the FBI are involved. I am going to take a drive to that bridge and see if I can find anything. I'll update you when I get back. Update 4 I think I came upon something I wasn't supposed to once again... I found a necklace underneath the bridge. Here is a picture of what I found. necklace You see I don't think the police actually investigated or they would have already found this. Still we aren't even dealing with the local police anymore we are dealing with some special sector of the FBI. I also found one other thing and I feel as if posting a picture would compromise this second tape I found. I have not brought my headphones with me but have a feeling whatever is on this second tape that it will be great. I am very concerned about Carly and what happened to her. Maybe she is on this tape again, maybe it will lead me somewhere. If I post this on reddit I have a feeling the FBI will be notified or something like that. So for precautionary reasons I will not give the name of the bridge or any locations further that could potentially fuck this up. I plan on digging deep and will share it all with you. Why does the FBI want something to do with some girls suicide?? Who were those men on the tape???? Moments ago I just got a call from a blocked caller... I declined the call because I never normally accept blocked caller ids. They left a message. He said "Turn your eyes away from this or else... You have been warned." ENDS CALL I am very frustrated right now because they somehow found my phone number. I thought I took all the precautionary measures. I guess the government is always watching though. My feeling is that I will have to get rid of everything that ties me to this case. I have looked up how to destroy a hard drive and it is as easy as swiping a strong magnet over it. I want to mention to whoever is reading this that if you know who Carly Johnson is and or have any clues on what happened to her please indulge me. Do not share anything with anyone else except my account. You see you may not realize the full extent of this situation but, no need to worry. I will encrypt everything that is sent and no information will get out to the Federal Bureau of Investigation. Should I be scared? Because I am terrified. I need to know these answers because I am so devoted already. I was just warned to stop looking into this. I have no idea how they got my phone number. I believe we are dealing with not just a suicide but, possibly a government cover up or something worse. If anyone has any tips on what I could possibly do that would help please comment, I can take all the help I can get. They will probably see this post and what I have discussed with you all. I am going to upload all my research onto a USB and slide a magnet over my computer's hard drive now. I will reach back with more news after I have found a secure location to proceed with my updates. Until then.... -Colin. Update 5 So I am currently posting this on a burner phone that I recently bought. I have booked a motel room with cash and I will use their wifi with a VPN. I would like to first express that whoever called me yesterday that I will not stop until I get the answers I need. I am sure with whoever has been reading my recent posts that they wouldn’t like me to stop looking either. I will bring justice for Carly and her grieving mother. I know that the government has something to do with this. I have got some feedback saying that the bridge might have another tape possibly. To my surprise there was and I just listened to it. I’ll replay it for you. [Play] “Hello… I don’t have much time to say what I need to say. I recently found something and it needs to be shared with the world. My name is Carly Johnson…” “They are really close right now… I can see their flashlights through the trees. I am under some type of bridge.” “I have recently come upon a file that was on a USB which was sent to my house…. Its title is Project Sight and the public needs to be aware of what I found.” “It has many many documents containing all sorts of stuff including Area 51, The Roswell Incident, and various pictures of these very tall what seems to be creatures. So many classified documents on this file. “I have made a backup of the file and it is located in my g--- [Cuts out] Well shit, we finally know what we are dealing with. They brought out the FBI because it is a national threat which is out there on that USB. What was she about to say… she cut out saying something that started with a g but I have no clue. I am going to need help with this one. Please give me your thoughts on where she may have hid the backup. I have a feeling that they will find it before I do. I need to find that USB before it gets destroyed. I am not staying another night at this motel. I am going to switch it up so it is hard to track my footprints. I will be ok with my funds for now because I transferred what I had left in my savings and converted it into bitcoin. Hopefully I don’t have to explain why I did that. Once I am done packing up here and on the road I will proceed with another update. Update 6 I stopped at a local convenience store near me and got myself some snacks and water for the road. This blue raspberry Slurpee is pretty good right now. I wanted to go to a local library to proceed with my updates but none of them are open because of this whole quarantine thing. I am probably better off in the motels though. I backed up the tape to my USB and set a password on it so no one can access it. I most likely am a current threat to the FBI so I don’t know how long I will have to stay moving. My plan is eventually to bunker down somewhere but until then I need to keep moving. I also have this cheap laptop I brought to access files that I cant on my phone. I was looking more into Carly's assets through some public info websites and such, you can use Whitepages plus to get a lot on someone. You can access background checks and look into someone's past, It is pretty crazy what you can get on someone. I also was looking through her Facebook and found an older post with her dad working on a project car. Looks like one of those storage garages that you can rent. She doesn’t post much. All family related stuff and a couple friends. Guess she kept more to herself. I am curious about when she said it was called Project Sight. Why would they call this file that in specific? Who knows. Do you think it would be a good idea to talk to her mom? Probably not, now that I am thinking of it. The FBI is probably all over her house. Hmm wait a minute, I remember that her mother had a Facebook page. Maybe I’ll send her a message where we could maybe meet up or something in private. She probably would give insight on what Carly said on the tape. I pulled into a parking lot that seems to be pretty empty. I want to try and take a nap and maybe wake up with a new idea or something. Update 7 Fuck me. A cop just woke me up by knocking on my window… “Hello officer, is there a problem?” “I don’t think there has to be one, are you a little tired?” “Yeah, I pulled over in this parking lot to clear my head and take a little nap.” “Gotcha, you got any Identification on you?” “Yes sir, can I grab it out of my glove box?” “Yes, just no sudden movements.” “OK, here is my registration and proof of insurance as well as my I.D.” “Thanks for being so cooperative, let me run your stuff and you’ll be on your way shortly.” He went back to his vehicle and I don’t know what he is going to find. What if the FBI put a warrant out for me or something?! I am probably just super anxious because of this situation. They want to keep everything top secret so they won't involve the police. He just got out and is walking back now. “Here you are *hands back documents*.... You're a little ways from home aren’t you? “Yeah, my Aunt lives out here and I came out to visit her.” “Alrighty, I don’t see a need to cite you or anything so I’ll leave you with a verbal warning so just try to sleep somewhere else next time … OK? “Thank you again… have a good one.” Well that could have gone a lot worse. I looked up the mother's address and it is only an hour from me. I am going to call her by the name Catie from now on. I made a Facebook account with this burner and messaged Catie on messenger saying “I know what happened to your daughter Carly… they faked it.” [SENT] Hopefully she sees this soon and we can chat a little bit and hopefully it helps to find that backup. Update 8 So she read my message a moment ago and responded with “Who are you?” I responded with “Meet me at the Franksville park in 20 minutes, I am here to help not hurt. Please do not bring the police… they covered this up.” I am already parked here where I can see the parking lot but no one will be able to clearly see me staking it out. If the police roll up to the park I will exit through the back. If she comes and she is in a black jeep then I will text her again telling her to go to the bench across from her and wait for me. Hopefully all goes to plan. [20 minutes later] Great, she just pulled up and no cops. I messaged her the message and am waiting for her to do as directed. I talked to her for a while, probably a good half hour. I wrote down what I thought were the most important things she said. “Father was a military officer” “Dropped out of college” “Top of her class” “Public storage garage” “Police searched Carly's house without proper consent” “Computer and journal missing” This was the farthest I have been in this case. Now that whoever is watching just know that I am currently one step ahead of you in every way now. I have developed different plans based on what might happen and every possible outcome and how to counter the bureau. I may not have the man power the FBI does, but I do have more knowledge now. So just know I am coming for you … I will ruin you. I am now taking the cellphone battery out and disposing of it. Until the next update…. Goodbye. -Colin Update 9 A lot happened yesterday, first of all it was mothers day. I was debating if I should go back to my moms house because someone could be posted out front waiting for me to return. I was wrong and the night went well. I left around 9 pm to find this USB. Someone that wants to remain anonymous direct messaged me and said they thought that the storage unit might be where she put the backup. I looked into it. I knew the number which I will not say for my own protection but Catie gave me the number of the storage garage. She said that she never had the key but she helped enough and that wouldn't be a problem for me. I went to the main office of the storage rentals and bought myself one near Carly's garage. This way I can have access to the property without suspicion. One thing that is really beneficial to having a pass code to the main gate now is that I can come whenever I choose. This place is 24 hour service. OK so now that I have developed a plan on how to get in now, I need to pick her lock. It should be pretty easy if there are no cameras and if no one is working. I haven't really scoped anything out for assurances but hopefully it all goes to plan. On a side note I have been contacted again by that number, they sent me a picture of my car ... my actual car ... Shit. OK so they most definitely are watching me but that was from last night so I don't know if they are currently. If I do post this post just know that I am safe and have acquired the USB hopefully. I am going to take bolt cutters and a hammer to see if I can just break the tiny lock to get in. I will update you when I am back. Update 10 OK I am going to choose my next choice of words very carefully. I found what I needed ... what I was looking for, for the last couple of days. I broke into the garage and there was this nice 1976 mustang cobra, what a beautiful car. I turned my phone's flashlight on and looked in the back of the garage. There was this tool box and I looked all through it, but didn't find anything in that. Next, I went to the car and it was open how fortunate ... I looked in the glove box and I found something. It was in this tiny envelope with the envelope saying "Insurance". OK I got what I came for and shut the door to the garage and left. I plugged the USB into my tiny laptop and it came up. First file "Project Sight", I clicked on it and 4 more files came up. 1st "Access point 51 [Classified]", 2nd file "Roswell, New Mexico [Classified]", 3rd file "JPEG File [Classified]. What was on these files I can't really describe. I need a little more time to wrap my head around all this information and figure out what to do with it. The weirdest of them all was the JPEG files, there were at least dozens of pictures that were all super blurry but mostly they all had one similar trait. At least 7 foot tall and a very large round head. They appeared to be a darker gray color and that's about all, The pictures were all in black and white though so that was not helpful. I need to know what to do with this USB. I think I am going to make a back up somewhere and place it somewhere where no one will find it. If these men do come for me I do not want them to win. So I set up some posts that will eventually post automatically within 48 hours of no account activity. I am still posting on a burner phone at the moment. All I ask if I go missing please don't let me end up like Carly. She said that this information needed to be shared with the world. I want to avenge her. The FBI will not get away with this. If these posts get deleted I have set up logs to be saved and they will all be backed up and reposted automatically as well. Nobody can stop that process too. They know what type of car I drive and where I live. They know I have this classified information and will not stop until they get what they want. I don't want to die. I am scared for my own life and safety of my family at this point in time. At this time I am writing this on my phone, I can see a black SUV parked 4 cars to my left in the Walmart parking lot. It may just be my anxiety but there are two men sitting in the front. I may be dead within the next day or taken. Who put that fucking tape at my dumpster in the beginning? Was it them? Did they watch what I did everyday and find my daily routine and match that to when I would take the trash out? Could they have placed the tape at a spot I could visibly see all on purpose, knowing that I would pick it up and listen to it. All for what though? Why me? What is the point of going after a teenage kid? I might just be going crazy because of all this. I would like to express.... Whatever does happen to me, just know if you do find a cassette tape at the dumpster, don't play it. Until next update, -Colin Note - My automatic posts I have set up go off in the next 48 hours of inactivity of the account. I have hid the USB and a GPS coordinate of where it is hidden will go out to someone that I trust very well.
As a sequel to the first paper of Blockchain & Law article series titled 'A New Digital Order - Unveiling the Interplay of Law & Blockchain Technology', this paper explores the inter-operability of India's data privacy regime and blockchain technology. In this regard, recording of a webinar conducted on 'Blockchain & Data Privacy: An India Perspective' by the AKS Partners can be viewed on YouTube here.
B. Data privacy in India
Constitution of India
Article 21 of the Indian Constitution is a comprehensive, all-encompassing provision that inheres within itself basic, fundamental rights that are absolutely essential to the existence of a human being with dignity and personal liberty. In the judgment of K.S. Puttaswamy v. Union of India,1 a nine-judge bench of the Honourable Supreme Court of India held that the right to privacy falls within the contours of Article 21 and is incidental to life and personal liberty. This right to privacy includes the right to data protection and privacy.
Information Technology Act, 2000
In India, data privacy is governed by the Information Technology Act, 2000 ("IT Act") and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 ("SPDI Rules"). Sections 43A (Compensation for failure to protect data) of the IT Act provides a statutory right to a data provider to claim compensation for unapproved disclosure of information (including in breach of a contract). Under Section 72A (Punishment for disclosure of information in breach of lawful contract) of the IT Act, wherever any person including an intermediary discloses information obtained under a lawful contract without consent shall be punished with imprisonment or with fine or both.
The SPDI Rules constitute a set of basic obligations to be adhered to in circumstances where sensitive data is being collected. It may be noted that the SPDI Rules apply only to 'Sensitive Personal Data or Information'.2 The SPDI Rules lay down guidelines for collection (Rule 5) and transfer of information (Rule 7) and also mandatorily require body corporates to adopt and implement a policy for privacy and disclosure of information (Rule 4). On 24 August 2011, the Ministry of Electronics and Information Technology issued a clarification to the SPDI Rules ("Regulatory Clarification"). The Regulatory Clarification states that the SPDI Rules are applicable only to body corporates or persons located within India. Also, where a body corporate deals in data of any legal entity located within or outside India under a contractual arrangement, the SPDI Rules pertaining to collection (Rule 5) and disclosure of information (Rule 6) would not apply. It was also clarified that requirement to obtain written consent under Rule 5(1) of the SPDI Rules includes electronic consent as well.
The Personal Data Protection Bill, 2019 ("Bill")
The Bill is inspired from and is in many ways a replica of the European Union's General Data Protection Regulations ("GDPR"). The Bill lays down several provisions including in relation to crossborder transfer of data, sandboxing, privacy by design and introduces a more robust set of obligations for entities handling sensitive personal data. The Bill is currently pending before a Joint Parliamentary Committee. The Bill applies to and categorises data into 'Personal Data', 'Sensitive Personal Data' and 'Critical Personal Data'.
Regulated sectors such as telecom and financial services have separate obligations of confidentiality which restricts disclosure and transfer of customer personal information and mandates use of such information only in the manner agreed with the customer. Certain sectoral regulators (like Reserve Bank of India) also mandate data localisation.
C. Blockchain technology and data privacy
For details on the working of a blockchain network, please refer to our previous paper here. Coverage The Bill defines 'Personal Data') as 'data about or relating to a natural person who is directly or indirectly identifiable'. This means where the origins of the data cannot be traced down to a natural person, the data would cease to be 'Personal Data'. Resultantly, storing the data in a manner where it cannot be traced to a natural person (including by introducing and implementing robust methods to address re-identification risks) may prove beneficial in reducing a blockchain network's interaction with data privacy regulations (such as by encryption or anonymisation of Personal Data). Public v. Private Blockchain Private blockchain which restricts and regulates network participation appears to be a more preferable fit when it comes to ensuring compliance with data privacy laws. Public blockchains with permissionless borders pose greater difficulty in procuring every participant to agree on and comply with relevant rules on protection of personal data. Stakeholders The Bill identifies three categories of stakeholders (similar to GDPR) viz. Data Principals, Data Fiduciary and Data Processor. The SPDI Rules only provides for data provider and body corporate or person collecting data. The term 'Processing' has been defined to include collection, storage, retrieval, adaptation, disclosure etc. (Section 3(31)). Accordingly, any data stored or transmitted on blockchain will amount to processing. Blockchain network is a decentralised system with each node / miner (i.e. network participant) spread all over the world. There is no clear demarcation between a Data Principal and a Data Fiduciary or a Data Processor over a blockchain network. The way the network functions, no single person can be said to be in-charge of the network thereby making it all the more problematic for regulators to fix the compliance burden on a party. Accordingly, the question of determining the identity status and fixing liability of various participants attains significance and complexity over a distributed ledger network like blockchain. Each node over the network functions as a Data Processor on account of participation in the verification of the data. At the same time one or more of such nodes may also be acting as a Data Principal. With respect to mining over the network while it is a single miner who is able to formulate a valid hash, all the other miners also participate in the mining activity when they attempt to arrive at the winning lottery number. Thus making such miner also a Data Processor. While fixing liability on a private blockchain network that restricts the number of network participants is comparatively less complex, the same would be quite challenging on a public blockchain network, such as Bitcoin. With regard to identifying the status and roles, the guidance issued by French data protection authority ("CNIL Guidance")3 in the context of GDPR is useful. The CNIL Guidance categorises blockchain actors into the following groups: (a) participants with full read and write access to the data; (b) participants with read only access; and (c) miners that validate the transactions. Participants falling in category (a) above are Data Controllers (equivalent to a Data Fiduciary under the Bill) while categories (b) and (c) are not. Collection and processing of data over a blockchain network The Bill sets out a number of obligations that have to be performed by the Data Fiduciaries, some key compliances being, obtaining consent of the data principals, retaining the data only till absolutely necessary (Storage Limitation), providing notice to the Data Principals, ensuring data is used only for the purpose (which has to be specific, clear and lawful) for which it has been taken (Purpose Limitation). Rule 5 of the SPDI Rules also lays down similar obligations for collection of data. Key concerns that the inherent and intrinsic nature of the blockchain technology raises are as under: Firstly, with respect to the Storage Limitation principle, the immutable nature of the technology prevents the data from being deleted once the purpose has been fulfilled. Secondly, given the decentralised nature of blockchain, it becomes challenging to determine the exact purpose for which data is collected over such a widespread network and who is to keep a check that the data so collected is used only for such predefined purposes. Thirdly, it is commonly argued that the network participants over a blockchain impliedly consent while sharing their data. This may not however fulfil the requirements under the Bill which requires consent to be clear, through an affirmative action. This gives birth to concomitant regulatory issues over a decentralised system as to who shall oblige with these compliances under the law and who should be made responsible / liable for any lapses in compliance. Lastly, the Bill also proposes certain additional requirements such as transparent and fair processing and the Purpose Limitation. The blurred distinction in the status of identities in blockchain makes determining purpose and manner of processing challenging. A detailed governance framework setting out roles and responsibilities, off-chain and on-chain personal data, may provide useful guidance towards addressing the aforementioned concerns. Key rights of Data Principals
Right to Confirmation and Access
The Bill entitles the Data Principals to seek information regarding the types and nature of personal data stored with the Data Fiduciaries, or to ascertain the nature of processing activities that has been undertaken on his/her data, or seek a brief summary of processing activities undertaken. While enforcement of this right may not be technically difficult, however, blockchain networks may establish a proper governance framework that delineates a specific authority to pass over the requisite data to the data principal as and when asked for. The network may also consider laying out methods of searching and accessing the necessary information which may be de-encrypted with the use of the private key.
Right to Correction
Section 18 of the Bill and Rule 5 of the SPDI Rules provides the right to rectify or correct the data. Given the immutable nature of the decentralised ledger maintained on a blockchain, exercising this right may not be compatible. To accomplish alteration/correction of data would be a burdensome task since it will require a majority of nodes to come together to identify the data, alter and re-hash not just the concerned block but also all previous blocks as well. Alternatively, a new block with corrected information may be added once verified through the consensus mechanism.
Right to be Forgotten
The Bill introduces 'Right to be Forgotten' ("RTF"). RTF entitles data principals to request the removal of his/her personal data, without undue delay, from any business's storage. RTF has been in loggerheads with the inherent immutability of blockchain technology. Across jurisdictions the term 'forgotten' has been pegged with erasure and is construed in various senses in different jurisdictions, ranging from data anonymisation,4 destruction of hardware,5 putting data beyond use.6 Given the distinction within the types of blockchain, the modes for exercising RTF are uniform by and large. A widely discussed solution is the destruction of the private key, thereby rendering the data encrypted by a public key inaccessible.7 Owing to the setup of blockchain, a Data Principal may reach out to any entity in the chain that qualifies as a Data Fiduciary to enforce their rights. Similar to the Google-Spain case,8 wherein data subject's action against Google remained unaffected by the fact that the data could have been removed by the newspaper's website itself.9 However, the nature of a public blockchain network that does not identify a central authority might prove somewhat problematic where the data principal seeks to enforce his/her right. As countries are yet to formulate policies with respect to regulation of blockchains, some other alternatives for exercising RTF can be programming chameleon hashes, zero knowledge proofs or a censorable blockchain, as the same would be 'forgetful'.10 Cross-Border Transfer of Data Chapter VII of the Bill, which deals with restrictions on cross-border transfer of data, requires a copy of the Sensitive Personal Data to be stored domestically while Critical Personal Data must exclusively be processed and stored in India. However, these clear demarcations blur when applied to a blockchain ecosystem where storage and processing of data can be universal. Transfer of Sensitive Personal Data, requires explicit consent and the transfer must be under a contract or an intra-group scheme approved by the data protection authority (envisaged to be established under the Bill). While both of these requirements may get fulfilled over a private blockchain easily, a public blockchain due to undefined groups and lack of a central entity / authority may find it more challenging to implement adequate safeguards on restricting such transfer. Over a private blockchain the central body may enter into e-contracts with any number of participants and also obtain their explicit consent. Under the present regime, Rule 7 of the SPDI Rules provides that a transfer outside India may only be allowed where the country offers the same level of protection to the data. Again, enforcing this may be challenging over a public blockchain network comprising of thousands of nodes across borders. An in-built cross-border transfer consent clause in the governance framework or otherwise may also provide the needed legitimacy from the perspective of data privacy.
D. Jurisdictional Issues
The present uncertainty in law (including lack of adequate legal provisions) has resulted in jurisdictional issues concerning the domestic and transnational presence of the blockchain network. While Section 1(2) read with Section 75 of the IT Act accords limited extra-territorial applicability to the Act, the SPDI Rules, as mentioned in the Regulatory Clarification are applicable only to body corporates or persons located in India. Consequently, blockchain technology may need to comply with the IT Act to a certain extent, while, the mandate under the SPDI Rules will bind only the nodes/miners operating from India. As a result, the network participants operating outside India on the same blockchain will not be required to comply with the SPDI Rules or IT Act. Section 2 of the Bill affords extra-territorial application but only in certain limited circumstances viz. where the processing which takes place outside India is in connection with any business in India, or which involves the profiling of individuals within India. This will result in a subjective assessment of blockchains and its purposes in order to ascertain the applicability of the provisions of the Bill. The Civil-Commercial Courts in India, have applied the test as to whether a website is an 'interactive website'11 for determination of jurisdiction, in relation to websites that do not have a physical place of business in a jurisdiction.12 In other words, wherever a website facilitates or even intends to facilitate active trade / commercial transactions in jurisdictions where it does not have a physical place of business, in such cases cause of action, if any, arises in all such jurisdictions where the website operates interactively. However, applying such a test on a blockchain network may not be so straightforward. The intrinsic nature of the blockchain technology allows for processing and storage of data at multiple domestic and international jurisdictions simultaneously. Resultantly, in both domestic as well as international, identification of the place of cause of action becomes complex. The complexity increases as identification of the individuals processing and storing data (nodes) would require de-anonymisation. The determination of applicable laws will also depend on the nature of a blockchain network. It is practically more difficult to regulate a public blockchain network than a private blockchain network. In a private blockchain the architect/controlling entity may determine the governing laws or the governance framework may provide for a governing law. In light of the foregoing, it may come as a mammoth task for governments to enforce their respective data protection and cyber-security legislations against such transnational networks without consensus on a multi-national treaty suggesting a model law to regulate the use of blockchain networks. In the alternative, laws may promote self-regulation by merely identifying basic tenets of regulations like governing law, data privacy, certification etc. Non-compliance may include compulsory suspension/termination of participation rights of nodes or blocking access to blockchains which do not provide for adequate self-regulation. The developers of blockchain networks may consider incorporating dispute resolution and regulatory mechanisms as integral parts of the networks. The developers may also consider coding networks with peer-to-peer decentralized courts such as 'kleros' or 'codelegit' as part of a network's dispute resolution process.
E. Way forward
Blockchain technology carries the potential of disrupting business operations right from supply, manufacturing, logistics and final consumption especially in a post Covid-19 era. Please refer to our previous article on use cases of blockchain here. Accordingly, it is crucial that data privacy laws (with adequate concessions, where necessary) be treated as an enabler and not inhibitor to continued adoption of blockchain technology. Certain additional rights like data portability and right to withdraw consent adds to the complexity of having a compliant blockchain network. Certain obligations like mandatory registration may also be problematic if the government notifies certain blockchain network as a significant data fiduciaries. Set out below are few indicative measures towards harmonious application of data privacy laws and blockchain technology: 1) Every blockchain network must provide a detailed governance framework that is in alignment with the basic requirements under data privacy regulations. Such a framework would have to be binding on all participants over a blockchain network, stating all rights, obligations and duties of parties, including a detailed mechanism for communication, security measures, cross-border data transfer, and grievance redressal and may even set out applicable laws etc. 2) Such a self-governance framework could also include a privacy by design policy and provisions for Data Protection Impact Assessment (as set out in Chapter VI of the Bill). 3) 'Pruning' is used for situations where historical blocks of data beyond a certain timeline are deleted. Similarly, where data has to be altered or rectified, the same may be done by 'forking' where data is altered or deleted, the hash changed and a new fork is created. However, over a public blockchain Pruning and Forking can be challenging and may require a huge amount of computing consensus. 4) To ensure the safeguarding of right to privacy a Memory Optimized and Flexible Blockchain (MOF-BC) can be considered as an effective measure. It enables the IoT (Internet of Things) users and service providers to edit their transactions, thereby altering the details of data entry.13
Bitcoin Block – How it Works? Bitcoin Block is the place where the Bitcoin transaction data’s will be permanently recorded. It can be an individual page of a city recorder’s record book or the Stock Transaction Ledger.The Bitcoin blocks are organized into the linear sequence over time which knows as Blockchain. Miners will continually process the new Bitcoin transactions into new blocks ... Notify Support for Bitcoin . Supporting Bitcoin has been an interesting challenge. Bitcoin's UTXO transaction structure is quite different from Ethereum, so we built new infrastructure that can handle both transaction types in a unified API. Importantly, as we continue to ship new features and capabilities to the underlying Notify API, all supported chains will benefit. We now operate multiple ... I went trough the source code and found the runCommand() function that actually starts the command provided by notify options ... I've not yet moved to using 0.9's new bitcoin-cli executable, so I just run bitcoind and talk to it over RPC. So yes, there is a bitcoind console window running. I don't really want to patch the code, so I guess I will just have to live with it. If it annoys me ... I generated a new address through bitcoin-cli. Against the new address I tried to issue free bitcoins from one of the testnet faucet. I can see transaction number on the faucet website which shows transaction was created successfully on faucet website. But I don't see any wallet notify event in debug.log file. Please correct me If I am guessing ... I am getting notified on both wallet notify and block notify but the problem is the transaction is not the same for both. For Example I get ... Thanks for contributing an answer to Bitcoin Stack Exchange! Please be sure to answer the question. Provide details and share your research! But avoid … Asking for help, clarification, or responding to other answers. Making statements based on ...
Taking complicated topics and explaining them in plain English. My name is Xavier. I’m very passionate about all kinds of technologies and I love taking comp... In this video I go over creating a webhook email notification with blocktrails API using their UI and PHP. Use the webhook to do whatever you want! Blocktrail also has a super awesome wallet API ... My Book: https://www.amazon.com/Building-Bitcoin-Websites-Beginners-Development/dp/153494544X A simple introduction tutorial to get started with the pybitcoi... Do you want to earn money online, work from home, extra income online, and earn free bitcoins or crypto currencies?? If yes, then SUBSCRIBE LIKE NOTIFICATION Send your comment guys website Link ... Ethereum Bitcoin Tracker Telegram Bot , Sent or Receive Notification Hindi Use This Bot In your Telegram , Very Easy To Use, Just Search the Name & Say Hi.. AfterThat Ad your Ethereum or Bitcoin ...