I love a good funny every now and then but I used to come to this sub to get quality info and news about the bitcoin core project. I love the other crypto subs , big and small, simply because they have a fair amount of news about the coin’s development and implementation and then a respectable amt of funnys. Idk if the mods will see this or if this will do anything to change the mood of the sub but I am just frustrated that we have gone so far from the true origins of bitcoin. P.s enough…
Check bitcoin wisdom.
I mean honestly, who would title their article "Bye, bitcoin: China to ban trading of virtual currencies" laden with old news unless they were intentionally trying to manipulate prices.
Just a PSA to upvote
EDIT: The FUD on this post in the comments by people is a sad example of people who didn't buy in early enough for their liking. The world isn't fair, don't trust these screwballs. Do your own research.
CryptoPRredditor for 2 months [score hidden] 6 minutes ago
"Article making a bold statement with no sources. Give the writer of the article some love on twitter: https://twitter.com/Chao_Deng/status/907092179599818753 And then let her employer know the stellar job she did: https://twitter.com/WSJ/status/907102690106372106"
I'M ANTI FUD, HODLER ALL DAY, KEEP IT REAL BITCOIN, PEACE
Bitcoin is becoming a fucking joke. The debate has been going for years now. How ridiculous is it?
Everyday we see a new actor coming in trying to control Bitcoin. The latest (old news) newcomer being Craig Wright.
Even if he is Satoshi, his creation is now public domain. He can patent his way into patent trolling as much as he wants, that won't change anything to the fact that he has now lost control of his creation. It's now public domain and community driven. I personally don't give a fuck about him and I think many share my opinion.
Which brings me to to a point that I have been hammering for the last couple of months: IT'S TIME TO CHANGE THE PoW!
I'm so tired of reading and hearing about all this drama. Why can't people see that there is no compromise possible with these people?
Wake up for fuck's sake.
Appeasement doesn't work, it's the same thing as when dealing with terrorists.
And the people trying to control Bitcoin right now, are economic terrorists.
Bitcoin needs to evolve out of centralization. This is the only thing that we should be discussing. Anything else is appeasement.
I don't give a fuck about the millions that they have invested into their stupid proprietary hardware. I see threads about people wanting to start mining and people pointing them to Bitmain. How stupid and naive are we?!?! It's reaching comedic level of absurdity.
Will we give up so easily as a community? Will we allow them to centralize Bitcoin and let the original vision die so easily?
If you think that UASF will save Bitcoin, you are delusional and you are very naive. We are dealing with sharks that will crash the entire ecosystem if they want to. They won't go down alone, that is if we allow them.
It's time to pay very close attention to the man behind the curtain.
The ASIC mining controversy – Why don't we revert to GPU mining? Why do we allow China to corner the Bitcoin mining market with proprietary hardware?
The Bitcoin Stockholm Syndrome AKA Jihan Wu, Bitmain and ASIC. A change of PoW is the only definitive long term solution.
The Nuclear Option. What would happen if Chinese miners decided tomorrow to stop processing Bitcoin to protest against UASF?
UASF is not the solution.
BigchainDB is "a scalable blockchain database" (which falls under the category of so-called "private" or "permissioned" "blockchains", I believe) which was released in February 2016. It generated a lot of hype due to impressive scalability benchmarks: it was able to process a million transactions per second.
BigchainDB got a lot of praise from private blockchain enthusiasts. It entered many partnerships, e.g. with Eris Industries, Everledger, Capgemini, etc.
But BigchainDB's architecture is fundamentally flawed. All BigchainDB nodes, by design, connect to a single RethinkDB cluster. (RethinkDB is a distributed NoSQL database, kinda like MongoDB but better.) If something bad happens to that RethinkDB cluster, the whole blockchains goes down.
E.g. suppose one node is hijacked by an attacker and executes "dropTable" on the RethinkDB cluster it is connected to. All other nodes will go down because they don't have an independent storage.
I think it's a beautiful illustration to Andreas Antonopolous's argument that private blockchains will end up less secure:
In the end, it also lags behind in terms of security because it’s not exposed to the kind of robust peer review that an open Internet-based system has to have to survive. While bitcoin is getting stronger and stronger with security, these things will actually wither.
The idea being that intranets end up being these really insecure places where you’re running Outlook and FrontPage and old versions of Apache that haven’t been patched. Whereas on the Internet, if you’re Facebook, if you’re Google, if you’re Apple and you’re operating Internet applications, you have to be robust. You have to respond to vulnerability. You have to make systems that are antifragile, resilient to attack and they’re constantly evolving and they’ve become very robust.
I used to think that this argument is weird, but we've got a confirmation: a system which is fundamentally flawed gets all the praises and people start building apps on top of it before it is thoroughly analyzed.
You might think I'm just making this up or exaggerating. It's hard to believe that all 9 people working on BigchainDB (that's how many co-authors its whitepaper has) don't see a problem with using a single shared RethinkDB cluster. I though that maybe I'm missing something, so I asked this question in their gitter:
killerstorm @killerstorm May 01 23:03 Hey people, do you I understand it correctly that all nodes are connected to a single rethinkdb cluster? what if one of nodes will execute r.dropDb(…)?
Rodolphe Marques @r-marques May 02 12:56 @killerstorm yes all federation nodes are connected to a single rethinkdb cluster. We are working on a consensus protocol that requires a majority of the nodes to agree in any change done in the database (voting of blocks is part of that consensus protocol). For data deletion we are listening to changefeeds on the data and revert any change that should not happen. Regarding more admin tasks like table and db drops we are trying to leverage rethinkdb permissions and replication to make sure no single node is able to just drop the database (still work in progress).
killerstorm @killerstorm May 02 15:39 Sorry, I don't see how changefeed can protect against data loss. Where would data come from after it's deleted? Is there a backup?
Rodolphe Marques @r-marques May 02 15:41 backups are a planned feature. Changefeeds can be used to restore data when documents are deleted. When documents are deleted the changedfeed will return the documents that were deleted Although changefeeds are not enough to prevent dataloss in case a node uses db drop.
So they confirmed that a single db drop can destroy this "blockchain database".
But they say that some time in future they will start working on securing their system. A day after I asked a question about dropDb, they added an issue: How to lock down the RethinkDB "admin" account?:
@killerstorm pointed out that anyone with admin access to RethinkDB could just drop the database. What can be done to prevent that and similar things (e.g. dropping tables)?
So, basically, 8 months after they started the project and 3 months after they released it publicly they became aware that this problem exists. Wow, just wow.
Obviously, this isn't the only potential attack vector. It's just the simplest thing which came to my mind. There are probably thousands of serious attack vectors. The fundamental issue is that RethinkDB is not Byzantine fault tolerant, it is not designed as such, it's just an ordinary database. And so if you implement a "blockchain" as a thin layer on top of RethinkDB you get it exposed to potential attackers.
It's hard to imagine that none of people working on BigchainDB weren't aware of the problem, that would imply that all 9 people working on it are pants-on-head stupid.
No, they know that BigchainDB isn't "Byzantine fault tolerant", it is mentioned in the white paper.
They just don't see a problem with it. It is a startup mindset: make an MVP, "fake it till you make it", generate buzz… Security is literally their last priority. They believe that they will add security after they get a lot of money from partners, investors, etc. And, meanwhile, it's just a prototype, bro.
The problem with it is that it's highly misleading. Here's what BigchainDB paper says about security:
Byzantine faults: In order to operate in a trustless network, BigchainDB incorporates measures against malicious or unpredictable behavior of nodes in the system. These include mechanisms for voting upon transaction and block validation. Efforts to achieve full Byzantine tolerance are on the roadmap and will be tested with regular security audits.
It incorporates measures, you see. Mechanisms. Business people reading this will understand that it's "mostly secure".
While in reality it's like not secure at all. It can be destroyed with a single line of code.
The mechanisms they are talking about are hashes and signatures. It's similar to what Bitcoin does, but by themselves hashes and signatures do not make things secure. You need to use proper architecture and protocols. After all, hashes and public key cryptography existed for almost 50 years, but we've got Bitcoin only 7 years ago.
An apt analogy for BigchainDB would be a cargo cult of a blockchain tech: it has hashes like in a real one, it has blocks, etc. There is superficial similarity. But it doesn't "fly" like a real one, because superficial similarity doesn't define object properties.
And BTW that 1 M tps benchmark they didn't isn't impressive: they were, basically, testing RethinkDB IO speed (as they say themselves). Yep, sure, RethinkDB is great. BigchainDB, on the other hand…
The lack of focus on security is understandable when if you take into account that there are no serious uses for "private blockchains" yet. People are just experimenting with stuff, doing proof-of-concepts and whatnot. Everybody understands that you aren't going to have real adversaries when you run an internal test. So these make-believe blockchains are OK.
Maybe in future this stuff will mature app. BigchainDB might become secure if RethinkDB becomes Byzantine fault tolerant, for example. But, personally, I'm rather disappointed with the "security last" approach and deceptive marketing.
I work in a company which might be, potentially, a BigchainDB competitor. This isn't a coincidence: obviously, "blockchain tech" people review blockchain tech software.
So this post might be seen as "shitting on your competitor" kind of a post, I understand that. But I'm writing this on my own, in my spare time. And when I mentioned BigchainDB to my colleagues, they recommended against writing any articles.