There's a one Bitcoin reward for the death of Pieter Wuille. Details below.

Thursday, 10 December, Year 7 d.Tr. | Author: Mircea Popescu

Hash: SHA512

The first party to produce a verifiable death certificate for one Pieter Wuille, aka sipa, last known to exist somewhere around KU Leuven in Belgium will receive payment of 1 (one) Bitcoin to any valid* Bitcoin address of his specification.


* Valid Bitcoin addresses start with a "1".
Version: GnuPG v1.4.10 (GNU/Linux)


If you know enough about cryptography to be involved in cryptocurrency you know the above is valid ; if you know enough about Bitcoin that it's useful to you, you know it's also good.

Now that we've taken the dirty but necessary business of governmenti out of the way, let's go into the more interesting technical details. Here's an archival copy of the offending material, find quotes with commentary below.

Okay. So I am Pieter Wuille. I'll be talking about segregated witness for Bitcoin. Before I can explain this, I want to give some context. We all know how bitcoin transactions work. Every bitcoin transaction gets inputs, which refer to previous outputs being spent. Every input has the txid and the signature to prove that it is allowed, plus an amount and script in every output. What this presentation will mostly be about is the question of whether all of this data is equally important.

In particular, we are going to be talking about signatures. It's important to realize here that signatures are really only needed for fully-validating nodes. As a light-weight client, you are not validating signatures, even though they are part of the transactions you still have to download them. If you are using a full-node that is syncing historical data, you don't actually validate all of the signatures in there. Currently there is a mechanism in there using checkpoints, which we want to deprecate soon, but the result will still be that we're not validating all signatures from years ago in deep history.

The point here is that non-validating nodes are not nodes. If you decide to buy some Trilema creditsii, the relevant, Bitcoin-related interaction happens at two points : when whatever validating node that holds your Bitcoiniii signs and announces the transaction, and when whatever full node I use sees the announcement and verifies the signature. At no other point and in no other manner is Bitcoin to any degree involved. Not when you use the "SPV Bitcoin Node" that is "your" online wallet ; not when you use the "SPV Bitcoin Node" that is the browser which displays Trilema to you, Mozilla, Chrome, whatever it may be. Not when the "SPV Bitcoin Node" that is your NAT Router or Comcast-owned modem passes the bits back and forth. Bitcoin is something that happens, on the social level, between holders ; and on the technical level between nodes.iv

The other important point is that the signatures are the only important parts of the transaction. The reference Bitcoin implementation, as released by the Bitcoin Foundation (the real one, not the n-th reboot of Vessennes' original MtGox-promoting, BFL-promoting fraudster den) already ignores most of that crud, and will be removing more of it in the future. This can not be emphasized enough : you can not be building any type of business on any sort of Gavinism, because they will not survive on the middle term. It's not just the Bitcoins, that you would have lost had I not murdered "XT". Everything - every hour you spend "developing" atop the crud USG agents try to stick in Bitcoin is a wasted hour, because the stuff you build upon has the consistency of smoke and the life expectancy of... well, I was going to say ephemerides, but I guess we could just as well say Pieter Wuille.

All the captatio in the world, all the carefully-engineered, plainly USG-Democrat style narrative, all the attentive positioningv is not going to change the simple fact : Bitcoin wants Wuille's head. Follow down the path that got him killed at your own peril.

These signatures are only needed at time of validation. They don't go into the UTXO set, the database of all unspent coins.

And your dad doesn't go with you to the club. Notwithstanding that the clothes that you're wearing, he bought, and the car you drive or else the ticket for the bus that gets you there - he paid for. The notion that signatures "don't go into the UTXO set" is like the notion that hard work and living within one's means "don't go into WMAGvi". You can see how well that worked for your parents just by looking around : if they didn't buy that nonsense, at the cost of their labour and their lives, you wouldn't have some random gypsy from Eastern Europe decide if you live or die. How's that for captatio ?

These unspent transaction outputs don't enter into the UTXO set. This is a significant cost on the resources of both keeping a node running but also the speed of propagation and access to the UTXO set needs to be fast. Of all the data in a transaction, signatures don't go into the UTXO set, even though they account for 60% of the blockchain data. Segregated witness is about ignoring this whenever possible.

They of shorter memory than their noses will no doubt have already forgotten the previous attempt at a "soft fork" organized by these same people, affectionately dubbed the Power Rangers. I guess we're supposed to not recall last year, nor any details about how non-validating Chinese miners managed to drag a soft fork in and then not enforce it, causing a netsplit that took a day to heal, the worst since Mike Hearn's deliberate sabotage a coupla years ago.

The reason for this name is because signatures are not part of the transaction.

Yes, they are. Not only are they part of the transaction, not only are they an integral part of the transaction : they are the only actually needed part. What makes a transaction a transaction is the signature, nothing else. Everything else is like marketing : contributes to costs, not to revenue.

They don't describe what the transaction is doing.

The attempt to import meaning and state into Bitcoin is the true attack vector here, and particularly pernicious. Review the sad history of XML and HTML standards if you're too young to remember how Erik Naggum died.

The only thing htey are doing is proving that the transaction is authorized by the previous owners of the coins.

I know, right ?

There are usually multiple possible valid signature for the same transaction.

This is a major problem, principally driven by the deliberately broken state of the FOSS (and guess who broke it, or are you too new to have read the NSA agent notes from various crypto conferences ?) resulted in braindamage being imported into Bitcoin via openssl. This is to be healed, mostly through removal. What the enemy would desire, of course, is for it to become the baseline, a new normal of sorts upon which further rot to be imported ad infinitum, slowly but surely chipping away at Bitcoin's disruptive capacity. This will not fly.

We don't really care what the signature is, all we care about is that at least one signature for that existed. Such an example of where something exists is known as a witness.

This is not even wrong.

We don't care that what it is, well we do for auditing purposes, like in multi-sign setup where you have 1-of-3 people that are able to spend a particular output, perhaps you would really like to know which person signed, which we will solve later. Inside a transaction, you still don't care.

This attempt at confounding the problem is the proof that not only is he not even wrong, he knows he's not even wrong, and actively, deliberately trying to cover it up. No, "1-of-3" bullshit has nothing to do with Bitcoin, and is uninteresting in this discussion.

Wouldn't it be nice to just drop the signatures?


That's it, and that's all. Please take my money.

  1. You are now confronted with the unhappy choice between making this "go viral" or whatever you call blathering endlessly about shit you can't affect on "social media" ; or else tacitly admitting that I have the right to issue death warrants, something you don't otherwise admit for anyone else. What's all that precious "public choice" theory have to say on the topic ? []
  2. Still to this day the principal, real-world use-case for Bitcoin as Bitcoin, rather than as a proxy for some fiat or another. Though in fairness S.MG's products are catching up. []
  3. No, "you" don't hold any Bitcoin until and unless you control a full node that has a wallet. If for instance you're "using" then USG has your Bitcoin, and you use them, maybe, sometimes, at their pleasure. Or not. []
  4. Nodes means "fully validating" nodes. The other version, the faux-nodes, the "not really nodes", the "I can't believe it's not a node" SPV nonsense are the ones that require the specification just like when an honest man meets a thief the honest man is Jim and the thief is Jeff the Thief - not the other fucking way around. []
  5. Oh, of course you're the ones running non-nodes, who want to pretend otherwise, right ? []
  6. What Makes America Great. []
Category: Bitcoin
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

14 Responses

  1. Still to this day the principal, real-world use-case for Bitcoin as Bitcoin, rather than as a proxy for some fiat or another. Though in fairness S.MG's products are catching up.

    Hah! Literally last night a friend of mine asked me for 0.01 bitcoin so that he could buy Trilema credits, and that he would pay me back in cash next time we meet. I thought about it for a moment and decided I'd much rather he pay me back in Eulora coppers, and told him that as a noob it should be very easy for him to earn the 1 million needed to settle the proposed debt.

  2. Mircea Popescu`s avatar
    Mircea Popescu 
    Thursday, 10 December 2015

    Heh not bad.

  3. Seeing how this is a 10x bigger story, I'm curious if the US media is going to continue beating the craig-satoshi angle in preference of it. Footnote 1 ftw.

  4. Mircea Popescu`s avatar
    Mircea Popescu 
    Friday, 11 December 2015

    This has come up a lot recently.

    … Comrade Ogilvy, unimagined an hour ago, was now a fact. It struck him as curious that you could create dead men but not living ones. Comrade Ogilvy, who had never existed in the present, now existed in the past, and when once the act of forgery was forgotten, he would exist just as authentically, and upon the same evidence, as Charlemagne or Julius Caesar.’

    No shortage of forgeries for the media to entertain, I'm sure they'll find something "more important".

  5. Anonymous`s avatar
    Friday, 11 December 2015

    Incidentally it was Luke Jr. that wrote the code that implemented this.

  6. Mircea Popescu`s avatar
    Mircea Popescu 
    Friday, 11 December 2015

    Luke's been known for a while as a liar/scammer/general scumbag. His career highlights include taking a bribe from BFL to lie about having received delivery of "his order" (he hadn't ordered anything) coupla days before the closing of a major BitBet on the topic (the second one, there was a different one that sunk Inaba), helping the USG in their fortunately defeated push for the "XT" attempt at breaking Bitcoin and so on and so forth.

  7. Mircea, you get the weirdest combination of facts and conjectures wrong.

    Hearn is obviously attacking bitcoin - we're in agreement there.
    XT is obviously an attempt to damage bitcoin - also agree.

    Where do you get Luke supporting XT in any way? He was one of the few proposing an even smaller block size than 1 MB.

    You call out the cesspool that is openssl, then you offer a reward for the death certificate of the author of the library that got rid of that gaping vulnerability.

    SW doesn't eliminate transaction history. Full nodes will still get all the data they need to have the same level of validation you have now. It is just not part of the signature and thereby eliminates most (all?) of the malleability issues. Once those are fixed, there are a ton of new features that become possible. Stuff that will have the USG shitting bricks.

  8. Mircea Popescu`s avatar
    Mircea Popescu 
    Saturday, 12 December 2015

    Where do you get Luke supporting XT in any way?

    The one requirement for any sort of discussion is that the discussants live in the same reality. You apparently are spending your reading time in a parallel reality that shares very little with the one containing what I write. Plox to remedy this defect and retry.

  9. How pray does one 'verify' a death certificate?

    It took me nearly a year to verify deeds all by my lonesome self, so I'm gonna need a little help on this one.

  10. Mircea Popescu`s avatar
    Mircea Popescu 
    Monday, 28 December 2015

    One doesn't. That's the entire point of this exercise : that calling a herring "a bomb" STILL counts, because the whole system of idiocy works on what you call things, not on what things actually are. So even when you tell the idiots in plain words that they're being made fun of, they're still stuck playing their idiot role to be made fun of.

  11. Ah, I get the joke now.

    In this moment, I am euphoric.

  1. [...] well as being a is a breach of .com registrar rules. Â > Please take action, the content is > [3] > eter-wuille-details-below/ > > ---- End forwarded message --- > > > > [1] [...]

  2. [...] can kill all your friends, and all the people you respect, and every other kitten. It can poop in your drink [...]

  3. [...] for beheadings, my dear sir, but not a penny in taxes. The only avenue open, to both parties of this debate, is [...]

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.