New quadratic delays in Bitcoin scripts
Posted by SDLerner in Uncategorized on April 17, 2017
I have a fixation with algorithm complexity. When I was young I was an early optimizer, and, I must admit, that didn’t help me much in dates. Today I occasionally code a sub-optimized algorithm when there is no need for high performance, but it stills bothers me when I do. When I review code, it […]
The relation between Segwit and AsicBoost, covert and overt
Posted by SDLerner in Uncategorized on April 10, 2017
I will try to explain the relation between Segwit and AsicBoost, in both the covert and overt forms, in certain detail. I will also try to explain why a method was recently proposed to reduce the interference between covert-AsicBoost and some protocol improvements, by reducing the incentives for covert AsicBoost. The proposal makes covert AsicBoost more expensive, […]
A Bitcoin transaction that takes 5 hours to verify
Posted by SDLerner in Uncategorized on January 8, 2017
In 2013 I found a Bitcoin transaction that takes 3 minutes to verify (CVE-2013-2292) related to O(N^2) hashing in signatures. Since then, the O(N^2) argument has popped up in many contexts, mainly in discussions about a block size increase. Now the problem is partially solved by Segwit. During January 2016 I tried to beat the […]
Drivechains vs Sidechains
Posted by SDLerner in Uncategorized on October 7, 2016
As segwit has been merged by Bitcoin Core, and the block size increase seems it will never be merged, I perceive waters are calmer. Not because there is consensus, but because it feels there will never be. But ScalingBitcoin Milan conference is close, tomorrow precisely. So let’s work on other ways to expand Bitcoin without […]
Uncle Mining, an Ethereum Consensus Protocol Flaw
Posted by SDLerner in Uncategorized on April 28, 2016
A year ago I was hired by Eth Dev Ltd through Coinspect to perform a security audit on the Ethereum design. One of our findings was that the uncle reward strategy in Ethereum was weird, and could lead to miners abusing the uncle rewards to almost triple the money supply. We discovered this problem because […]
“SPV mining” is the solution, not the problem
Posted by SDLerner in Uncategorized on January 8, 2016
Is was Wednesday, March 26, 2014. It was a cold winter outside, but not inside an old building of the Princeton university campus. The room, full of people, was warm. I was standing in front of some of the brightest minds in Bitcoin: Andresen, Bonneau, Eyal, Maxwell, Miller, Gün Sirer, Szabo, Todd and Zooko, to name only a few. My talk was about “SPV Mining”, […]
Proof of unique blockchain storage revised
Posted by SDLerner in Uncategorized on September 16, 2015
In this post I describe a new way to for a node in the Bitcoin blockchain to prove to its peers that it is storing a copy of the blockchain. The core primitive that enables this protocol this is the Asymmetric-Time Function (ATF). You won’t get much info by googling ATF since I coined that term […]
DagCoin: a cryptocurrency without blocks
Posted by SDLerner in Uncategorized on September 11, 2015
Back in 2012 I thought a lot on a new cryptocurrency that could merge the concepts of transaction and block. Each transaction would carry a proof-of-work and reference one or more previous transactions. The resulting authenticated data structure would be a Direct Acyclic Graph (DAG) of transactions where each transaction “confirms” one or more previous […]
How DECOR++ can eradicate selfish mining incentive by design
Posted by SDLerner in Uncategorized on August 16, 2015
A year ago I proposed the DECOR protocol, a new rule for cryptocurrencies to reduce significantly the amount of orphan blocks and then allow block rate to be as high as one every 5 seconds, and at the same time it promised to address the problem of selfish mining. After one year, I’ve received very […]
Simulated Brains, Smart-contracts and the direction of time
Posted by SDLerner in Uncategorized on March 30, 2015
There are three fantastic discoveries in computer science that fascinate me: fully-homomorphic encryption , Indistinguishability Obfuscation, and sz-Snarks. Using these constructions, it’s possible to create an obfuscated program and allow others to execute the program in a way that the when the program produces an output, people cannot learn anything about its inner workings. The […]
Recent Comments