Reddit Posts
Introducing Galleoncoin / GALE : PoW privacy coin with masternodes.
Comparing Supercomputer networks to Bitcoin - How to convert exaflop to exahash?
Comparing Supercomputer networks to BTC - How to convert exaflop to exahash?
Bitcoin computes this SHA-256 hash function 550,000,000,000,000,000,000x times EVERY second
Entropy: only 121 bits (vs 128) on Blockstream Jade using dice rolls?
Do you think that Quantum Computing poses a threat to BTC encryption, algorithm, and/or security?
Is it possible for the energy input to break the difficulty adjustment?
Are P2WSH addresses the most quantum-secure addresses?
Can anyone here explain how / why it is not possible to get AI involved in the bitcoin mining industry / process?
Decrypt the Shadows: Unearth a New Order of Decentralization [SERIOUS]
Bitcoin is such a large idea its hard to wrap my mind around it
Unexpected Record: Balance of 50k Bitcoins Found in Calculation - Seeking Advice
Potential Security Loophole for all cryptocurrency.
Funny story about WIRED magazine and how they threw away (and lost forever) 13.35 BTC in 2013
Funny story about WIRED magazine and how they threw away (and lost forever) 13.35 BTC in 2013
SHA3D (our algorithm) isn't prone to 51% attack.
Celebrating 12 Years of our Digital silver - Litecoin
ELI5: If Bitcoin Mining is really just guessing inputs to SHA256 until an output matching the difficulty comes up, how does a miner know what guesses to avoid (previous failed guesses) in order to mine most efficiently ?
Is The National Security Agency (NSA) Behind The Invention of Bitcoin?
This Engineer Is Creating a Bitcoin Game Changer
[1998] Hal Finney: A zero-knowledge proof of possession of a pre-image of a SHA-1 hash
[1998] Hal Finney: A zero-knowledge proof of possession of a pre-image of a SHA-1 hash
Bitcoin mining on the blockchain, what exactly does a miner do? What is an ASIC? How the mining difficulty is adjusted? What if two miners find the answers at the same time? This post aims for the complete beginners as it is explained in very simple terms.
A really well done & informative description of LTC by NDAX - A Canadian Exchange. Bravo!
Satoshi, NSA and the SHA CRYPTOGRAPHY Algorithms
Ken Shirriff showing how to mine bitcoin with pen and paper
ELIF - Why aren't ML and GNNs used to solve hashing in a Traveling Salesman Problem context?
One about UTXO's, new outputs, inputs and previous outputs.
One about UTXO's, new outputs, inputs and previous outputs.
Bitcoin can survive brute force attack it's infeasible or impossible?
One about HD-wallets, master keypair, child individual keys.
One about HD-wallets, master keypair, child individual keys.
One about master key pair, child individual keys, addresses and signatures.
One about master keypair, child individual keys, addresses and signatures.
One about HD-wallets, master keypair, child individual keys.
19 years ago today, Hal Finney officially released Reusable Proof of Work (RPoW)
What is a blockchain? - A noob explanation
Open Source Initative | Documenting Bitcoin in a new way
Writing a summary on HD wallets, first part done, correct so far ?
[ANN] AsicCoin (ASC) | SHA256 - The coin for ASIC Mining!
How to (instruction) quickly make wallet with right balance of safety and usability
[Serious] Is Bitcoin secure? A reaction to “BTC whales are waking up, were their wallets hacked?"
Countering all the major anti-crypto arguments in one post.
A quick explanation the CZ Interpol Red Notice Rumour
Can ChatGPT4 have the computational power to break the SHA-256 encryption? Or does that have nothing to do with it?
Quantum computing and crypto developments
SHA 256 is a cryptographic hash function that is used to secure and validate transactions on the Bitcoin network. This algorithm was originally developed by the National Security Agency (NSA) in the United States as part of a series of secure hash algorithms.
Who would've thought that the algorithm used by the world's most popular cryptocurrency was originally designed for space exploration? That's right, NASA's SHA-256 algorithm is the backbone of Bitcoin's security and immutability.
What do you guys think will happen to bitcoin if quantum computers break SHA256 and solve the discrete logarithm problem (ECDLP)?
SHA256 vs Scrypt: How Comparing Hash Rates is Misleading | NKMAG
Litecoin vs Ripple: Differences, and Everything You Need to Know
MoneyShow announces the Peercoin blockchain will be used as an important part of its new newswire service.
How do I generate master key from the root seed
Storing seed phrase on encrypted USB drives
Do this to verify your BTC holdings in Binance new Merkle Tree Proof of Reserves And Liabilities
Mentions
>they are starting to mine SHA512 now Who is "they?" What does mining SHA512 have to do with Bitcoin? >bitcoin addresses are bigger now The Bitcoin address spec has not changed. On a personal note - I mean no insult but I always try to ask when I see it because I'm trying to pin down the reasoning: Why the ellipses (...)? I'm trying to figure out if it's ESL people, older generations or some other group that tends to use ellipses in place of periods or commas.
what i am saying is they are starting to mine SHA512 now and bitcoin addresses are bigger now.. this is the way.. security is getting more tight .. but i will check those thank you
Guys. Nexus is THE quantum resistant cryptocurrency. They use Signature Chains that enhance the security of existing DSA (Digital Signature Algorithm) by publishing only the public key's hash until the key is used, while deterministically generating a new key once the old key is used. This results in high levels of security, as the attack window to brute force a private key is reduced to 500 ms. Signature Chains utilize the following cryptographic functions: FALCON (a second round contender for the NIST Post-Quantum cryptography competition), Argon2 (winner of the password hashing competition, and a superior alternative to S-Crypt or B-Crypt), and Keccak (winner of the SHA3 competition). This L1 crypto has so much too it. Worth some research!
I don't think that's quite right. There is a little randomness/lottery to it, but it is generally who can do the most math calculations to achieve a goal (nor a random number, but a SHA256 hash based on the prior hash, the input and adding additional information - the nonce - so the resulting SHA256 has has at least the right number of 0s at the beginning. The miners iterative through a bunch of nonces until they get some result with the necessary 0s. Here is it illustrated [https://andersbrownworth.com/blockchain/blockchain](https://andersbrownworth.com/blockchain/blockchain)
#Bitcoin Cash Pro-Arguments Below is a Bitcoin Cash pro-argument written by a deleted user. > Bitcoin Cash was designed to match Satoshi's original vision for a "peer-to-peer electronic cash" system when Bitcoin gradually shifted into becoming Store of Value. It is a hard fork of Bitcoin with minor differences. > > **Transaction costs**: On average, transaction costs are under a penny, way less than ~$20 for Bitcoin between Jan to May 2021. This makes it much better for P2P payments and microtransactions. > > **Transaction scaling** Even though there aren't enough many people using BCH to get anywhere near the cap, it does support 200 TPS. Real transaction size is the same as Bitcoin: ~500 bytes/Tx. This shows that BCH's 32MB blocks do not have wasted empty space. > > **High total transactions**: As of Oct 2021, according to BlockChair, there have been 345M transactions for BCH, which is over half of BTC's 680M transactions. That's way higher than Cardano (16M), Litecoin (91M), and XLM (38M). > > **Faster-adjusting hash puzzle difficulty**: Bitcoin has a notoriously-bad, 2-week hash puzzle difficulty cycle. It only adjusts every 2 weeks, which often causes issues when the network hash rate changes, like when China banned its miners in 2021. Bitcoin Cash doesn't have this issue becuase it uses an auto-adjusting, 144-block, moving-difficulty for its puzzle difficulty. It's constantly adjusting to match 10-minute block confirmations. > > **Shared hash function as Bitcoin**: BCH uses the same SHA256 hash function as BTC, which means that it can piggyback off the ASIC mining infrastructure of BTC. > > **No mempool delays** > > Unlike Bitcoin, which has seen transaction delays of 100K+ transactions several times in 2021, (equivalent to waiting 7-9 hours for settlement), there are no delays for BCH. Its mempool rarely goes above 1 MB thanks to both fewer transactions and 32x larger block size. ***** Would you like to learn more? Check out the [Cointest archive](/r/CointestOfficial/wiki/cointest_archive#wiki_Bitcoin_Cash) to find submissions for other topics.
I get so many scammers contacting me via LinkedIn whenever I mark my account as Open to hiring. Scammers create fake posts perfectly matching your skills. So I put a fake skill like "SHA256 regression testing" as a Honeypot. Any recruiter who sends me a job description with that skill is obviously a scammer.
SHA-256 is used in a lot of things, research it lol
Giving credit ? It’s pretty common knowledge that the NSA created SHA-256 .. research it lol
Not really. "Protocol", "Algorithm", and "hash" are just generic terms and don't have specialized crypto meanings. You first have to understand what hashing, public-key cryptography, UTXOs, blockchains, longest-chain, consensus, PoW, and DAGs are before you can understand the difference between BlockDAG and heaviest-weight, and between SHA256 and KHeavyHash. This might take hours/days of Googling and reading up learning material. No easy way to explain it to someone who isn't already technically familiar with these terms. All retail investors need to know is that Bitcoin has one of the least efficient and oldest PoW algorithms. Kaspa has one of the fastest and most efficient PoW consensus algorithms. In general, all PoW algorithms are much less efficient and secure than PoS consensus algorithms. So even though Kaspa's BlockDAG is top tier within the PoW family of consensus algorithms, it is still worse than most PoS algorithms.
I didn't say that quantum computers won't come, I said that they won't kill Bitcoin, all we have to do is upgrade the keys, and at maximum change the mining algorithm. Max thing Quantum computers can do to Bitcoin is find collision in SHA256, but they won't be able to undo blocks and maybe, just maybe, decipher your private key from your public key, but they'll need it in the first place, which you shouldn't be posting anywhere.
Of course it can, this is about brute forcing in a more realistic time frame. Just how we can break MD5 with rainbow tables easy now compared to the compute power 30-40 years ago. Just look how long it took to map the genome vs now if we were to do it. Quantum computers threaten the security of hash functions like SHA-256 by utilizing Grover's algorithm. Grover's algorithm can search unsorted databases quadratically faster than classical algorithms, making brute-force attacks on hash functions more feasible.
What's the threat from quantum computing? Even a quantum computer can't reverse SHA256. What do you think it would do, that would be a threat?
1. **Unique Genesis Block:** Litecoin has its own genesis block, which marks the beginning of its blockchain. 2. **Different Hashing Algorithm:** Litecoin uses the Scrypt hashing algorithm, while Bitcoin uses SHA-256. The choice of Scrypt was intentional to allow for more decentralized mining. 3. **Nakamoto Consensus:** Like Bitcoin, Litecoin operates on Nakamoto Consensus, and has Scrypt consensus like how Bitcoin has SHA256 consensus.
SHA256 is a hashing algorithm used across computing. Hashing is a 1-way function to transform a computational input of any size into a unique and deterministic output. In simpler terms it can take something like my Reddit username and “hash” it into a random string of characters, or it can take the input of the entire Holy Bible and hash it into a different string of the same length. It’s a set algorithm, so as long as the input doesn’t change, the output will be the same. Hashing is not to be confused with encryption. While both obscure inputted data, hashing is one-way while encryption is two-way. Meaning you can revert an encrypted message to its original state with a key. SHA256 is a popular hashing algorithm used for things like data integrity and digital signatures. If you change one character of an input it creates a completely different and unique hashed string. In bitcoin, it’s used in mining, it’s used in linking blocks together, transaction verification and merkle trees. It’s a foundational building block in modern cryptography. If you know nothing about it I’m sure this explanation was confusing, but your takeaway should be: It creates unique (due to the shear volume of possible hash outputs), secure and deterministic outputs from any size input
Do you really think that a guy with a 500K car and a SHA-256 plate in the free state of Texas hasn't considered opsec?
Yep. You can basically think of it this way (simplified): encryption supports two-way transformation (encryption and decryption) where SHA-256 (and other hashing algos) are one-way only.
Cryptography*. SHA256 is not an encryption algorithm.
There is no way!!! Like absolutely not lol walk around your city and ask 500 people "Do you know what SHA-256 is" you will not find 25 people that will say yes or be able to find the word hash. Just no shot haha
SHA256 is and was ubiquitous before bitcoin. Prolly just a software engineer
SHA-256 is used in some of the most popular authentication and encryption protocols, including SSL, TLS, IPsec, SSH, and PGP. In Unix and Linux, SHA-256 is used for **secure password hashing**. Cryptocurrencies such as Bitcoin use SHA-256 for verifying transactions.
Just look up SHA-256 hash algorithms. They are a key part of how Bitcoin works
How many people on average do you really think know what SHA-256 is? Be real
Wouldn’t it still take like 10-trillion years to brute force SHA256 even with a quantum computer
Cryptographer here, you can still have 12/24 words for post-quantum signatures since a small 128-bit or 256-bit seed can be expanded into a larger secret key. In fact, almost all post-quantum signatures and KEMs expand a 256-bit “seed” using the hash function SHAKE (SHA-3 XOF hash function).
Oh I see, you believe that someone must have worked out how to crack BTC private keys and SHA256 because 7 dormant wallets containing millions of dollars worth of BTC have been reactivated recently, but none of the cryptography experts and white hat hackers are aware of this major problem and only you have realised what's happening. It seems far more likely that 7 criminals, out of thousands of criminals, were recently released from prison and recovered their wallets, or 7 people, out of thousands of people who once bought some BTC and then forgot about it, just found their long forgotten wallets in a backup or on an old laptop, or realised that their holdings are now worth millions of dollars and put some effort into recovering their wallets.
He doesnt need anything of that. He knows the wallet address and info of contents and activity from the blockchain. After that he only needs time, access to the blockchain (a full node copy maybe) and whatever algo/ai breakthrough he had to decrypt the keys. If this is true it means that ar least partially, btc cryptography is compromised, maybe even SHA256 needs to be changed and improved.
Kind of, the miner is guessing the nonce in the block header, then runs SHA256 twice to produce a hash that meets the difficulty target.
I get that much. Just the fact that it guesses the transaction hashes by using the SHA256 algorithm
Bitcoin-mining-by-hand guy here. To make it clear to the OP: The algorithm is on [Wikipedia](https://en.wikipedia.org/wiki/SHA-2#Pseudocode). There are no "black boxes". There is no mystery. There is no hidden goal to mining, no crowd computing, no AI, no quantum. You can literally perform the mining algorithm by hand and see what it does.
It's not a black box or a puzzle. It's just SHA256 hashing. Basically miners take a random number, add some information from the previous block, run it through some algorithms that produce an unpredictable output, and check if that output is sufficiently small. Then repeat that process as fast as possible until someone finds a number that fits the criteria. Elsewhere in the thread you described this process as a "waste of energy". The whole point is that it requires a lot of energy. Miners have to brute force the process, which means an attacker also has to brute force it, and to successfully attack they have to use significantly more energy than the non-attackers. Bitcoin is designed in a way such that the incentives for supporting the network are greater than the incentives to attack it.
its no secret what miners do, you can look it up in any bitcoin deep dive text or video. what miners do is they hash slight variation of 80 bytes over and over again until required difficulty is met. SHA256 is the algorithm used. You can do it by hand if you feel like it: [https://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html](https://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html)
To say that QC will increase decentralization tells me that you don't understand what is required to execute QC. Where did you copy this from? lol QC will absolutely be better at cracking private keys, because you can model it accurately to do that (it's literally how it works... you're confused as hell). And it will absolutely beat the SHA256 in the future, that's no longer a question of if, but when.
SHA-256 encryption is a backbone of security worldwide. If a nationstate developed a practical quantum computer that could break encryption, that nation is not going to waste their time stealing money like Dr. Evil. They're going to steal secrets.
There are some valid arguments that suggest someone at the CIA or NSA might have been involved in creating Bitcoin with the intention of giving it away. Firstly, both the CIA and NSA showed significant interest in cryptographic systems well before Bitcoin existed. For example, in 1996, the NSA published a paper titled “How to Make a Mint: The Cryptography of Anonymous Electronic Cash,” which discussed concepts similar to those used in Bitcoin, such as anonymous transactions and public-key cryptography . What’s particularly interesting is the selection of SHA-256 as the hash function for Bitcoin. SHA-256, designed by the NSA, is known for its robust security and lack of vulnerabilities. This stands in contrast to other cryptographic algorithms that were found to have weaknesses, some of which were later discovered to have been deliberately introduced by the NSA to exploit them. For instance, the Dual_EC_DRBG random number generator used in SSL was found to be not truly random, with a backdoor that the NSA could exploit . One theory is that someone working at the CIA or NSA would have been aware of which algorithms had weaknesses due to CIA/NSA involvement and therefore chose SHA-256 because they knew it to be secure.
If quantum computing can crack SHA-256 encryption, there’s way more for the world to worry about than bitcoin’s blockchain. It’s a widely used standard in almost every industry.
GPT: >Sure! SHA-256 is a type of cryptographic hash function. Here's a simple explanation: >Imagine you have a special machine that takes any message or file, no matter how big, and turns it into a unique string of 64 characters. This machine always gives the same output for the same input, but even a tiny change in the input will create a completely different output. This is what SHA-256 does. >- **SHA** stands for Secure Hash Algorithm. - **256** refers to the length of the output (256 bits, or 64 characters in hexadecimal format). >It's used to ensure data integrity, secure passwords, and verify the authenticity of digital files. For example, if you download a file and its SHA-256 hash matches the hash provided by the source, you can be sure the file hasn't been tampered with.
Do you know basic math? Modular arithmetic? There's a simple way to explain this. Let's say I'm thinking a number but I'm sharing mod 100 result of it with you. I'm telling you that my number is 61. Can you guess my secret number? You may try: 61, 261, 91239861, 3861, 3284324732461, 9329599843894898598961 etc. There're infinite numbers but you can't find my secret number. These types of functions are called "irreversible". SHA-256 is one of them and it's practically secure.
It's a cash grab. None of them provide direct AI services, just marketplaces and middleware for non-existent 3rd-party AI services that are extremely hard to develop. It's bold of them to choose ASI (Artificial Superintelligence) as their token name when no one in the world is anywhere near the lower level of Artificial General intelligence, and they don't even achieve Artificial Narrow Intelligence. That's the first sign that this is mainly marketing to investors. **Why blockchain-based AI is impractical and has extremely limited use cases** The reasons AI does not work on blockchain is because it must be either centralized, insecure, or have no guarantees of accurate data. It's the crypto AI trilemma. AI is notorious for often providing questionable, inaccurate, or inconsistent data. When you ask an AI chatbot a question, it rarely provides the same answer. There's no easy way to verify the accuracy of the results without doing further research yourself. AI models are much too large to fit on any blockchain, so it's impossible to verify or curate their results on-chain. They would need to rely on a network of off-chain oracles to verify their accuracy. And this is what severely limits any AI crypto project. The only kinds of data that would work are ones that can be proven at the speed of **trap-door functions**: functions that are difficult to solve computationally, but easy to verify computationally. These are exceptionally rare. I wouldn't expect anyone to use these services outside of pure researchers who don't care about getting accurate data. **Ocean Protocol**: Ocean is a data ecosystem that provides data brokerage services and data marketplaces, but not AI. It allows users to monetize and sell their data. It mainly targets researchers. The link to AI is that they could provide an AI data marketplace in the distant future ... if that actually existed and anyone wanted a version of AI that must be either centralized, insecure, or has no guarantees of accurate data. **Fetch.ai**: Fetch.ai is a Cosmos-SDK based blockchain that similar to most other Turing-complete smart contract networks. The main difference is that it can also execute unverified API calls provided by 3rd-parties off-chain. It's like how NFT smart contracts have a TokenURI field that can include any text message. Normally for NFTs, the text message is read and executed on the client-side (e.g. by the dApp or end user's wallet). You would never ever want this executed on-chain because it's an extreme security risk. For Fetch, these API URIs can be executed on-chain and used in the logic of the smart contract. However, similar to the issue with all crypto AI, there is no simple way to verify the accuracy of the data and provide it security unless it involves a trapdoor function. Or if it uses oracles. Even with oracles, this would be extremely risky since oracles do not update instantaneously, and they're very expensive to maintain. **SingularityNET**: I'm not very familiar with this. Seems similar to Ocean Protocol and would have the same issues. **Bitcoin**: SHA256 and practically all cryptographic hash functions are trapdoor functions. They're computationally hard to solve but exceptionally easy to verify. So technically Proof of Work is a data marketplace for SHA256 solutions. Note that this is unrelated to AI, but it's closer to providing a practical AI-adjacent use case than Ocean Protocol, Fetch.ai, and SingularityNET.
SHA-256 is a little more complicated than RSA encryption, but RSA encryption can be used as a simpler example to answer your question. It uses this thing called the modulus operator. What this does is give the remainder after division. For example, 30 % 5 = 0 (“thirty mod five equals zero”). 30 / 5 = 6 and there is none left over, hence no remainder. Another example: 3 % 2 = 1. This is because 2 goes into 3 (completely) only one time. Hence we have remainder 1. This operation cannot be reversed. For example, 30 % x = 0. What is x? Its your best guess: could be 30, 10, 3, 5, 6, etc. Guessing all of these until you have the answer is called “brute forcing” When you use larger numbers, it becomes computationally infeasible to brute force the answer. Hence, the encryption works because only the “encryptor” has the private key or answer. This is the fundamental basis of RSA encryption, which is what the early internet used and is still somewhat common today.
One good analogy is the modulo (%) operator. A sha256 hash is 256bits long. But I can take a whole Harry Potter novel, it will be more than 256bits of data and yet it will have a hash of only 256bits long. So how does modulo work? A clock is often used as an analogy, take any formula, 2 + 3, 100 + 2, 5 - 1, and then take that result and make a string that length. Then wrap that string around a clock where 1 unit of length = 1 hour. You will get a number between 0 and 12. Because if you go past 12, you get 1 and then 2 and so on until you hit 12 and wrap around again. Now scale up from 12 to not 256, but 2^256. 2^256 is indeed a massive number, and look, I can give you the number 10299273892738273927397291919183. But to list every number between 0 and that number might take a while. Like more than a while. Maybe more than a lifetime while. My point is that you can take a formula like: take a number and square it and then cube it and then subtract 2 and then double it and finally modulo 12. Whatever number you start with, you will get a number between 0 and 12. Now take that number between 0 and 12, let's say it is 5, and you know the formula but work out which number we started with. Maybe you can work out ONE of the numbers we could have started from, but you can't work out THE number we started from. With a range of 0-2^256 and the SHA256 algorithm, you won't even be able to work out ONE of the potential starting numbers, you might be able to guess if I used a silly number like 1 or 999, but you can't calculate it. When we use small numbers, it is obvious that there will be conflicts, 1%12=1, and 13%12=1 and 25%12=1. Yet when we go to 2^256, the same applies, but where you can imagine all of the inputs that can give you 1-12, even if the formula was x*5%12, you can imagine that since you can't even count from 0 to 2^256 in 10 lifetimes, you will never find a conflict but you could easily have wrapped around 2^256 multiple times. So I ask you this... 126. What number did I start with when the formula was x*209%300? There are multiple possible answers and even if you could work out one of the potential answers, you don't know the number I started with.
I'm not sure why you're being downvoted. You just need to realize that some math functions throw away information and therefore are not reversible. The output just doesn't contain as much information as the input and there's no way to get it back. All the basic arithmetic functions are like this. Once you add two numbers together to get the sum, you don't know which two were the originals. You can rule out a lot of pairs but there's still an infinite number of solutions. SHA256 is basically just like that.
3.1 + 4.2 = 7.3. Now take the multiplication and reverse it! The output was 7.3, what were the inputs? You don't know! The original information was lost in the addition. There are all kinds of irreversible operations because they throw away information. SHA256 is one of them.
https://en.wikipedia.org/wiki/SHA-2
Bitcoin is just ONE GIGANTIC math problem: its like a puzzle within a puzzle in which there is a ledger that every single computer can see as the puzzle is solved parts of it get added to the solved parts of the puzzle (hence "blockchain") there is a lot of security into it because ea computer can basically "verify" the ledger (lets call this a gigantic library that knows where stuff is) imagine that everyone in the world can verify who you are (as a person, no one can dupe you or copy you) this is my understanding of bitcoin. Again there are parts of it that I know, it uses SHA 256 or some type of encryption etc.. and that stuff goes wayyyyy over my head... its like code on code on code and thats why it takes a while to "mine" a bitcoin ( or rather solve a gigantic math problem) PLEASE let me know if I am wrong in anyway I hope to understand this thing we got going on
Maybe at the very beginning. But ASICs have replaced GPUs for anyone seriously mining SHA-256 coins in the last 10 years.
I think there is currently no functioning CPU/GPU SHA256 mining software. But there are alternitive projects: Check out bitaxe and nerdminer. this are small mining devices you can run on your desk for solo mining or pooled with other users
Crypto is based on cryptography? You can break it with enough time and resources. Theres a "btc challenge" that has wallets with different difficulty keys open to breaking for a rewards. Last year someone went on a rampage breaking thenstuff that was way above the levels where most people.were trying themselves. That someone never made himself public and just kept the reward. Now in the last couple of months there were a couple of random satoshi era wallets being open. As I see it, someone found a "fast" way to break the old wallets and is doing it with the ones with less btc on them to grab the less attention possible to themselves as to not trigger a selloff or an emergency SHA update.
Well almost, the first transaction for finding a secret hash has nothing to do with the second P2SH address for finding a hash collision. The first transaction was rewarded to anyone who finds a secret hash, where the secret tuned out to be the genesis block header when it was collected. The second example if for finding any SHA256 collisions. While "hash(x) == hash(genesis-block) and x != genesis-block" is a collision so it would still be able claim the reward but it does not have to be the genesis block, more generally it has to be "hash(x) == hash(y) and x != y"
Well, the first transaction I mentioned requires the spender to find the one input that results in that hash. The second P2SH address is for finding a SHA256 collision, and no finding 2 inputs with the same hash is not a flaw in the algorithm, the two inputs can be max 512 bytes which is bigger than the 32 byte space of SHA256, so there are certainly collisions to be found, it is just extremely difficult to find them and therefore this bounty was created. No SHA256 collision has been found yet but there was a similar reward for finding SHA1 collisions from this address 37k7toV1Nv4DfmQbmZ8KuZDQCYK9x5KpzP and this bounty has been collected.
Is the passphrase a + function? I thought it was like a SHA256 and XOR with the original or anything like this. I will search a little bit, this is interesting
What idiot would brute force anything? SHA128 bit hashes were broken around the same year Schneider said that. Google broke SHA160 with a duplicate pdf file. Elliptical curves can be solved by doing s discrete log. There is math that exposes the answer, but the question is posed in a way that classical computers can't answer well (in pure binary math) but is solved with quantum computers using physics to sort.
You act very confidently and aggressive, dare I say. Yet all this posturing rests on that tiny "if" the current paradigm is s broken. Small thing. Reversing the hash, as you put it, is the real problem. QC cannot do that, it "only" breaks ECC. But IF that paradigm is broken, your pads are useless because I'm going to drain your bank account directly through online banking. And then some more, since the SHA that wraps a Bitcoin public key is the same used all over. So IF the current paradigm is broken, unless you have gold only and bullets aplenty, you're just as much of a bag holder. Also, Bitcoin's public keys are hashed twice, just in case. And for the love of everything cryptographic, stop throwing vaguely related issues like P and NP out there. Won't even impress armchair cryptographers.
Oh boy here we go again. This question continues to crop up every year or two and by the time it crops up again, everyone collectively forgets how things work, or didn't __actually__ care the last time around. First, I don't know about Google's new quantum computers, but the old ones were limited and could not run shor's algorithm. Shor's Algorithm breaks a lot of modern cryptography because it can do very easily a math thing far faster than any modern or future traditional processor. This speedup in theory should be fast enough to more or less break some cryptographic algorithms effectively INSTANTLY. Now, to clarify, this isn't cracking in the traditional sense. Regular cracking is done by guessing the public key, or hashed output over and over until the cracker happens to find the right one. That's because breaking the cryptography is considered impossible. What shor's algorithm does is break the cryptography by allowing a direct attack on the public key or hashed output in order to obtain the private key directly. And apparently the math to do it doesn't take long on a quantum computer. Like running 8 x 7 + 4 on a normal computer. Edit: Reading around apparently there are sysstems that can run Shor's Algorithm. Perhaps I'm thinking of D-Wave's devices, which were limited in what they could do. Anyway, as of 2019, the highest number to be factored is 21 (bad citation), which is really really far off from cryptography. And as of 2023, according to wikipedia, no quantum computer outperforms traditional computers in __any__ (unchallenged claims) practical task. Anyway, you can see that even if it applies, 241x speedup from a new QC really doesn't bring it any closer. So based on this and the memory idea below, OP TLDR; the answer is 0%. Also, the answer will always be either 0% or 100%. It can either run it on a big enough number or it cannot. So, there's a lot of upvoted false information in this thread. I've been on-and-off responding to these questions since about 2017, when I finally felt I had enough understanding to do so (I've still a lot to learn, but educated people correcting me or adding on has been sparse in the past couple years). I've continued to learn more since then. Let's dismiss the "we're all screwed anyway so it doesn't matter"/ "there are other things that are more affected than bitcoin" argument. There's a word for this kind but I cannot remember what it is. Either way, it is a deflecting straw man and results in a dead end where no one ends up discussing anything useful. Just because other things are affected by the theoretical breaking of some cryptography by quantum computing doesn't mean it's not bad for bitcoin nor does it mean we shouldn't discuss it and prepare for it. The keyspace of Bitcoin keypairs is irrelvant here, I believe. In theory, the speedup should be that much significant. I used to think shor's just broke some cryptography to allow one to instantly know the private key but reading more, it looks like it might not be instant. Quanifying the speed and therefore answering OP's question is not something I can do (maybe the info/ estimates are out there if someone can provide a source). But we're talking to such a massive degree because the cryptography it breaks is based on the idea that the math it can do is effectively impossible to do quickly. It seems fairly safe to assume it could be done within minutes on the first systems that can run it, potentially seconds. I don't know. But I suspect the speed would more be determined by the algorithm in practice rather than the hardware and would be closer to instant in any circumstance, rather than scaling like traditional computer cracking. Here is a really good basic (for the first 5 minutes, which is enough) video overview: https://www.youtube.com/watch?v=lvTqbM5Dq4Q The key takeaway I learned here is that memory is the current limiting factor (no pun intended) of modern quantum computers for running shor's algorithm. The mining algo is safe. SHA256 is not affected by shor's algorithm. I'm actually not sure about seed phrases, but either way it's not the concern. The concern is the individual keypairs. Using shor's algorithm, in theory the private key could be determined from a public key. Do note that, the address you see is not the public key: it is a hashed public key. This means that only addresses whose public key has been exposed are in danger (if you have spent from the address). If you follow standard practice (today, you do if you don't know otherwise because the wallets do these days), you are not reusing your addresses. This means the only addresses in danger in your wallet are empty ones that will always be empty. Reminder that this is one reason you don't reuse addresses! A commenter here suggested an in-flight attack I hadn't thought of. Find the key when a transaction is sent on the network, then send a new transaction with a higher fee before it is confirmed. This is possible assuming the algorithm is fast enough. Another issue is early addresses. I can't quite remember so someone correct me if you have a source but I believe something about early addresses exposed them to quantum attacks. This has been fixed but old coin on old addresses are still up for the taking. Every time I write this stuff I have to research again and I'm always learning more. If something above is inconsistent or wrong, please correct.
Essentially, all classified materials are on networks that are physically segregated from the internet. In order to access classified materials, you need to access the network itself which typically has physical security controls protecting it (security guards, barbed wire, badges, biometrics, pin #). So in order to "hack" the Pentagon, you first need to break into a controlled site first and then hook up and power a super-computer on site for the duration of the intrusion. If I download classified material from NSA and hash it using SHA256 and lose control of the storage medium outside a secure facility, NSA automatically assumes everything on that device is compromised and executes spillage control procedures.
There are a few quantum resistant encryption schemes on the way: # 1. Lattice-Based Cryptography: * **How it works**: Lattice-based cryptography uses the hardness of certain mathematical problems related to lattices (geometric structures in multi-dimensional spaces). The security of lattice-based schemes relies on finding short vectors in high-dimensional lattices, which is believed to be difficult for both classical and quantum computers. * **Quantum resistance**: Quantum computers are not expected to have a significant advantage in solving lattice problems due to their design. They would need exponentially more qubits (quantum bits) and operations to break lattice-based cryptography compared to classical computers. This makes lattice-based schemes a strong candidate for post-quantum security. # 2. Code-Based Cryptography: * **How it works**: Code-based cryptography uses error-correcting codes where encoding and decoding messages involve solving specific mathematical problems, such as the syndrome decoding problem. These problems are computationally hard and believed to resist attacks from quantum computers. * **Quantum resistance**: Quantum computers are not known to efficiently solve problems related to error-correcting codes used in code-based cryptography. The algorithms used in this approach are designed to be resistant to quantum attacks by leveraging the complexity of decoding techniques. # 3. Hash-Based Cryptography: * **How it works**: Hash-based cryptography relies on hash functions, which are mathematical algorithms that convert input data into a fixed-size string of bits (the hash value). It uses properties such as collision resistance, where it's hard to find two different inputs that produce the same hash value. * **Quantum resistance**: Quantum computers can theoretically perform faster searches for collisions or pre-images (finding an input that matches a given hash value). However, cryptographic hash functions like SHA-256 are designed with sufficiently large output sizes and complex structures that make finding collisions infeasible, even for quantum computers. # 4. Multivariate Cryptography: * **How it works**: Multivariate cryptography uses systems of multivariate polynomial equations for encryption. Solving these equations to break the encryption requires finding solutions in a large space of possible inputs, which is computationally intensive. * **Quantum resistance**: Quantum computers face challenges in efficiently solving systems of multivariate polynomial equations due to the complexity of operations involved. The security of multivariate schemes relies on the difficulty of solving these equations, which current quantum algorithms are not expected to significantly expedite. # Summary: * **Common theme**: All these quantum-resistant cryptographic approaches rely on leveraging mathematical problems that are believed to be hard for quantum computers to solve efficiently. * **Quantum advantage**: Quantum computers do not provide a substantial advantage in breaking these types of encryption compared to classical computers, ensuring robust security even in the future quantum computing era. * **Development**: Ongoing research and standardization efforts aim to further develop and refine these cryptographic techniques to enhance their efficiency and applicability in securing digital communications and data against potential quantum threats. The real threat from quantum computing is to RSA encryption and ECC. AES-256 will still be fine so long as the password has enough entropy, such as above 100.
It's not gonna crack "the Pentagon". NSA never considered SHA256 to be secure enough for classified materials which is why everything is air-gapped
let it try to break SHA256 because they are using SHA512 now
# Bitcoin works like so: You get a public key that represents a point on the elliptic curve (ECDSA/secp256k1) - it has a corresponding private key that is never revealed. This public key is hashed twice. First with SHA256, second with RIPEMD-160 - this is your address (basically). When you send a transaction from that address, you sign for it in such a way that it reveals your public key. Each address has its own public key that is only revealed once (if used correctly / not reusing addresses). There is some fear that Bitcoin might be vulnerable to quantum attacks. For people who reuse addresses this fear may have some merit. For people who never reuse addresses this fear is unmerited due to the double hashing. I'll explain further. Hashing works by an iterative process that loses information at every step. For example, your hashing algorithm might be "double the number, add 7, drop the last digit, repeat 512 times." This is a bad hashing algorithm but demonstrates the problem with reversing a hashed output. Imagine you started with 13; you'd double it, getting 26, add 7, getting 33, then drop the final digit, getting 3. How would you reverse such a process? Well, with this simple example, you could. But with cryptographic hashing functions generally, you could not, because step one would be to guess at what the lost information was. With this simple algorithm you have a 1 of 10 chance of being right and have to guess correctly 512 times in a row. So your key, the thing everyone wants, is secured both by a private key and by a double hashed public key that represents your address. The private key's security model relies on large prime numbers. The public key's obfuscation relies on two different hashing algorithms. # Quantum computers work like so: It is not accurate to think of quantum computers as "really fast computers" - they work in fundamentally different ways. Classical computers have instruction sets that processes instructions iteratively until an algorithm has run to completion. This is why classical computers can solve problems, generally, if those problems have known algorithms. The downside is that they don't get to skip any steps. Quantum computers solve problems by setting up qubits into a superposition of states, then harnessing some known result in quantum mechanics to solve certain kinds of problems. An example of this is Schor's algorithm which leverages the fact there is a known quantum observation such that collapsing wave functions have an associated periodicity that happens to require a solution that has, as a component, an equation that can be reformed as a solution to large prime number factorization. As a result, setting up a quantum computer in just such a way can be used to "do it in reverse" (that is, instead of using the equations to predict what a wavefunction will do, set up a wavefunction in just such a way that we can observe what the solution was when the wave function collapses, which allows us to factor large prime numbers). So the cracking of a private key using a public key is technically a known, solvable problem. But last I checked we've done it with like... 5 bits of data or something very low like this. Not near the 256 that would be needed. And there are serious technical problems with scaling up, with decoherence, etc. But its theoretically possible. # Conclusion: It is possible that quantum computers may allow us to solve the discrete logarithm problem similar to how they allow us to solve for factoring large numbers (like with Shor's algorithm). This would break the ECDSA mentioned above in the description of how Bitcoin works. This is because problems like the discrete logarithm problem and large number factorization seem to have corollaries in the physical/quantum world (that is, these math problems describe quantum phenomena, therefore we can exploit quantum phenomena to solve these math problems). It is much much less likely that quantum computers will allow us to solve SHA256 or RIPEMD-160 because these are human inventions. There is no good reason to think that "double the number, add 7, repeat 512 times" has corollaries in the quantum world since the process is a human invention (even though it uses mathematical primitives). It would be like discovering that a DNA helix was written in English. And even if there were some flaw to be exploited by quantum computers in SHA256 or RIPEMD-160, it would be very strange to discover flaws in both because they work so differently. Is it possible? Yes, but... wildly unlikely. Too much time has been spent on this topic by people who shouldn't be spending any time on this topic because they don't even understand the fundamentals. If cracking public/private key cryptography actually happens Bitcoin will be one of the things least exposed to it.
Bitcoin uses cryptography in two ways. First is form public/private keys. Second is to create Bitcoin addresses. QC could break public/private keys. However the latter are not the same as a Bitcoin address, which is two rounds of SHA-256 away from the public key. And this part, as I understood, is not crackable by QC. This leaves only one attack vector - Known public keys. When you spend coins the actual public key is revealed and available on the blockchain. Which means that if you reuse your Bitcoin addresses, you're liable to have funds stolen once a QC becomes strong enough. In short, don't reuse addresses and you'll be fine.
It's relatively trivial to sidestep this whole issue by switching to quantum-resistant encryption schemes, [which already exist.](https://en.wikipedia.org/wiki/Post-quantum_cryptography) This would mean replacing SHA256 in bitcoin with one of these new algorithms, which AFAIK wouldn't change the PoW process. Though it would of course disrupt the ASIC-based mining industry. But if the threat actually became imminent, there would certainly be network support for such a fork as there's too much value and too many stkaeholders riding on the network to risk compromise.
#Bitcoin Cash Pro-Arguments Below is a Bitcoin Cash pro-argument written by a deleted user. > Bitcoin Cash was designed to match Satoshi's original vision for a "peer-to-peer electronic cash" system when Bitcoin gradually shifted into becoming Store of Value. It is a hard fork of Bitcoin with minor differences. > > **Transaction costs**: On average, transaction costs are under a penny, way less than ~$20 for Bitcoin between Jan to May 2021. This makes it much better for P2P payments and microtransactions. > > **Transaction scaling** Even though there aren't enough many people using BCH to get anywhere near the cap, it does support 200 TPS. Real transaction size is the same as Bitcoin: ~500 bytes/Tx. This shows that BCH's 32MB blocks do not have wasted empty space. > > **High total transactions**: As of Oct 2021, according to BlockChair, there have been 345M transactions for BCH, which is over half of BTC's 680M transactions. That's way higher than Cardano (16M), Litecoin (91M), and XLM (38M). > > **Faster-adjusting hash puzzle difficulty**: Bitcoin has a notoriously-bad, 2-week hash puzzle difficulty cycle. It only adjusts every 2 weeks, which often causes issues when the network hash rate changes, like when China banned its miners in 2021. Bitcoin Cash doesn't have this issue becuase it uses an auto-adjusting, 144-block, moving-difficulty for its puzzle difficulty. It's constantly adjusting to match 10-minute block confirmations. > > **Shared hash function as Bitcoin**: BCH uses the same SHA256 hash function as BTC, which means that it can piggyback off the ASIC mining infrastructure of BTC. > > **No mempool delays** > > Unlike Bitcoin, which has seen transaction delays of 100K+ transactions several times in 2021, (equivalent to waiting 7-9 hours for settlement), there are no delays for BCH. Its mempool rarely goes above 1 MB thanks to both fewer transactions and 32x larger block size. ***** Would you like to learn more? Check out the [Cointest archive](/r/CointestOfficial/wiki/cointest_archive#wiki_Bitcoin_Cash) to find submissions for other topics.
>SHA256 which creates a large random number. No it's not random. >hash with a certain number of leading zero's Value lower than target, not number of zeros
Mining is one factor that creates security for the bitcoin network. It's done something called SHA256 which creates a large random number. Miners are trying to guess a value that produces a hash with a certain number of leading zero's The trick is that it takes a lot of effort to produce a correct hash but very little effort to verify it is correct, and that it's random. That means the next block is always produced by a random participant that can't be known in advance. There's a lot of articles that go into depth about what mining is. You could read "Mastering Bitcoin" by Andreas Antonopolous if you are interested or google some articles.
Impossible, no, but the probability of doing it is astronomically low. The public key and private key are always different. A collision of a public key does not give you access to the private key. I think there are 2\^96 private key possibilities for each public key, but there is only ever 1 private key for a public key. Public keys have 2\^160 possibilities(RIPEMD160) and private keys have 2\^256 possibilities(SHA256). If you were to find a RIPEMD160 collision, you would then have to find the corresponding SHA265 hash. SHA265 is a lot harder to "crack". So even if you are lucky enough to find a collision, the probability of making it any further only compounds. There is a lot more to it than that, I would like to understand it better as well.
>When I start talking about a SHA-256 algorithm, energy conversion to mining rigs solving algorithm etc, they instantly appear uninterested. Taking about SHA-256 is hardly a beginner's explanation. But OP.... you do realise that you're not responsible for people's understanding of Bitcoin? "SHA-256 algorithm, energy conversion to mining rigs solving algorithm"... and before going off on the deep end trying to explain everything at once (I'm guessing you're not actively slowing down to ensure they understand each point before moving onto the next).... are you explaining what the problem is that Bitcoin is addressing? Is the person you're speaking to aware of the problem - for which you won't need to explain Bitcoin at all? How did you understand Bitcoin to the point you understood the whole gist of Bitcoin? Was it just one person's response to a question that launched your understanding going from "magic internet money that makes people rich" to "SHA-256 algorithm, energy conversion to mining rigs solving algorithm"? If instead you did extensive research, then ask... what motivated you to do that research? Bitcoin was created in ***response*** to a problem. The mining isn't just for mining's sake, it's in ***response*** to the fact that current money printing relies on trust and centralisation, leaving it vulnerable to corruptible and imbalance of power. The "solving algorithm" is basically a die roll that is leveraged towards those sacrificing more energy, and so is bound by physics - like gold mining. This is in **response** to the fact a centralised currency provider that uses digital money can increase there wealth 1000x without putting in 1000x more work to earn it (and instead, through simply tapping "0" three times). The person needs to understand the economic context first - and then draw their own conclusions of whether the aspects of that problem are addressed by Bitcoin. Then if they still are wary about whether Bitcoin solves those problems, then at least you have more foundation for a conversation than if you were to present Bitcoin as a "cool techy internet thing" that's in search of a reason to exist.
Why would you talk about SHA256, energy conversation or anything like that when explaining how Bitcoin is created? That's not really relevant to anyone outside of the programmers working on the code. Just tell people new Bitcoins are created through computers solving complex mathematical problems, the correct answer gets the coin as a reward.
Some month ago I saw a post of a guy that tried random phrases from random books, took the SHA-256 and used that as a seed and placed some bitcoins on it. The results: Some wallets had outgoin messages even before his initial trasaction settled. And most/all of his wallets were emptied within half an hour. Maybe I'll find the post, then I will link it.
Read the beginners guide, I think there is a Script to SHA1 collision, change to SHA256. Anyone who finds a SHA256 collision can claim the UTXO
Yotascale would easily break SHA 256 , but it would take the entire Titan Moon to cool down that machine
You do realize that if something like elliptic curve asymmetric encryption / SHA-256 encryption was broken the entire internet, including all online banking, government systems, corporate digital security, military defense, etc. would all be broken as well right? Bitcoin would be least of our worries as the entire planet would be facing total global catastrophe. Lol. Also. I don't think people quite understand how secure 256-bit encryption is. https://www.youtube.com/watch?v=S9JGmA5_unY
So SHA-2 can never be broken, is that is why the SHA-3 standard has already been published in the expectation of SHA-2 being phased out due to it being broken?
I take your point on the Quantum computing portion. It is something so new there is a lot of misinformation around it and what it can/cant do. To imply that SHA-2 is somehow unbreakable or wont be broken for generations is in fact wrong. To believe that no vulnerabilities will be found in SHA-2 you would have to wave away all the past encryption standards that were the standard and one time or another and today not used for sensitive applications or at all. SHA-1, SSLv3, TLS 1.0, and TLS 1.1 have all been phased out already. Hell, there is even a SHA-3 standard already published in anticipation of having to replace SHA-2 in the future.
**Smart Contracts**: Looking at [their roadmap](https://kaspa.org/the-kaspa-community-and-the-exploration-of-smart-contracts/), native smart contracts is very hard to accomplish. It would require re-writing the entire code base. The other option of making Kaspa a sequencer with Ethereum as the settlement layer is much easier to accomplish. But then why use Kaspa in the first place if you're just going to convert it to an Ethereum L2 rollup/sidechain? Would the community be fine with that? **Finality vs Confirmations** I noticed the Kaspa website mentions instant finality. That's incorrect. I'm not sure why it hasn't been corrected. Confirmations on Kaspa are very fast (1-2s average according to the [Block Explorer](https://explorer.kaspa.org/)). But confirmations are not the same as finality. Finality is the amount of time one should wait before being confident a transaction or block will not reorg. In GHOST consensus, blocks can reorg. GHOSTDAG doesn't allow blocks to reorg, but individual transactions that are conflicting can reorg. It's possible to turn a red block into a blue block. And it's possible for an attacker (either malicious or an honest one that has slow network connection) to send conflicting transactions simultaneously to nodes building on 2 different blocks. Time to finality depends on many factors. The more secure the consensus protocol, the shorter the finality time. The video mentions at 1:12:00 that Kaspa needs (k + n) confirmations for an equivalent block security to Bitcoin. Around 1:12:45 in the video, Wyborski mentions roughly 50 confirmations are needed for high-value transactions and ~10 confirmations for low-value transactions. That's with 10s blocks (8 min finality). With 2s blocks, I'd expect it to be 5x that number (or maybe it's the sqrt(5)). But I'm not 100% certain on this because the exact formula for k and finality are not mentioned in the video or whitepaper. The indirect formulas used to calculate k are way beyond calculus and too advanced for me to understand. ##**PoW vs PoS** There are only 3 main types of consensus attacks: * reorgs - cause blocks or transactions to revert * censorship - block transactions * cause grief - no purpose other than to cause chaos For both PoW and PoS, attacks can't be used to steal crypto or spend crypto that is not owned by the attacker since valid transaction signatures are still necessary, and nodes check that. The most dangerous type of attack are double-spends related to reorgs. Nodes sometimes check for double-spends, but miners and validators are usually forced to allow them as long as they don't break consensus. PoS solves a very important security risk of PoW, which is that PoW attackers do not have anything at stake when they attack. If 2 different blockchains mine using the SHA256 algorithm, miners from the larger blockchain can switch over to the smaller blockchain, attack it at only the cost of electricity. It would be a trivial attack. This has happened many, many times before, which is why PoW is only as secure as its energy security budget. In addition, the mining budget is usually many orders of magnitude smaller than the value of the blockchain. So there is an economic incentive to spend a small amount to steal a larger amount. Miners don't necessarily hold much the cryptocurrency, so they lose very little attacking it. Griefing attacks are extremely common during blockchain wars. Ethereum PoW and Bitcoin SV were successfully many times in a single year. For PoS, attacking the network requires the attacker to hold the native currency of the network. So if they attack, it hurts themselves. There is little economic incentive to attack a PoS network. Nearly all PoS networks have a liveness threshold under 33%, and security threshold over 67%. Which means that if an attack happened, it would likely first trigger the liveness threshold and cause the network to stop running (or stop finality) well before security failed. > I find intuitively it makes more sense that PoW is more secure because anyone get electricity to become a miner, but not everyone can get the coins, making PoS veer towards something insular. That actually makes PoS much more secure. An attacker would have to spend an increasing amount of money trying to buy up more tokens to attack the network. The more the attacker buys, the more the price is driven up. And current holders of the token wouldn't attack themselves. It's suicidal. **Finality** Shorter finality is better. Most PoW consensus protocols allow for reorgs and only have probabilistic finality. Many PoS consensus protocols have instant finality, while others have a hybrid finality that allow reorgs up to a certain depths limit. However, this will be different for every blockchain/DLT. **Mining and Staking Pools** This is a complex topic and the biggest risk equally to both PoW and PoS. The big caveat is that for both PoW and PoS attacks, the attacker greatly benefits if mining/staking pools are used, because then they're not risking their own assets. Current PoW mining pool protocols provide no protection or detection against withholding attacks, which are the most common type of 51% attacks. An attacker can even execute one with well under 50% of the network hash rate due to selfish mining. Current PoS staking pool protocols are usually extremely resistant to attacks, especially since many of them use smart contracts. However, this is a very complex topic. In general, it's so hard to attack PoS that the only times we've ever seen it happen are due to accidental client bugs.
quantum computing isn't a threat to SHA256 and it won't be for a long long time... it might never be a threat... respectfully, what you're saying is baseless FUD the numbers are astronomical, quantum computing is NOWHERE close to breaking elliptical curve cryptography IBMs most advanced machine has 127 physical qubits ... they need a quantum computer with 317,000,000 physical qubits that's 317M for a 10 minute crack, 13 million qubits for a 1 day crack... >"Finally, we calculate the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame in which it would actually pose a threat to do so. It would require 317 × 106 physical qubits to break the encryption within one hour using the surface code, a code cycle time of 1 μs, a reaction time of 10 μs, and a physical gate error of 10−3. To instead break the encryption within one day, it would require 13 × 106 physical qubits." [https://avs.scitation.org/doi/10.1116/5.0073075](https://avs.scitation.org/doi/10.1116/5.0073075) Now, if someone can figure out how to "break" SHA256 or ECDSA (https://en.wikipedia.org/wiki/Elliptic\_Curve\_Digital\_Signature\_Algorithm) That could be bad news for Bitcoin, but it would also mean nuclear codes, power grids... militaries/intelligence agencies... practically every digital thing we consider "secure" would be threatened/fair game... we'd have WAY bigger issues to worry about if that happens...
Send them to a newly generated address for which you do not have the keys. They will be “destroyed” until SHA256 is cracked.
To be clear, that would mean taking the final result, putting it back into the input field, running the process again, and that final result being the same. An input that yields itself as an output would actually be much *less* likely than simple collision ( ~2^-128 ). That such a string is short is somewhat mind-boggling. Remember that people have "brute-forced" every possible input for short strings. If you have such a string, it'll definitely get you mentioned in some Wikipedia pages and papers in security journals, e.g., [The first collision for full SHA-1](https://shattered.io/static/shattered.pdf). These are usually found by carefully limiting the search space using analysis of the algorithm, though, and stumbling on one accidentally is less interesting to researchers. If you're certain you've found one, I would write up the details as professionally as you can and contacting a trusted professional in the field, like [Bruce Schneier](https://www.schneier.com/), who will be very excited and will help you contact the right people in the field.
Hedera. ABFT (asynchronous Byzantine fault tolerance) SHA-384 not SHA-256. Hashgraph not exactly a block chain. The real McCoy especially when it comes to tokenization
MD5 and SHA256 aren't even in the same book.
when they crack SHA256 just like cracked MD5. Bitcoin will be useless
SCAM SCAM SCAM!!! I've been seeing the same ads as well. As soon as I saw this for their mining equipment I knew it was a scam. SHA-256 and can mine KASPA, SMH and WTF cutting edge? 2TH/s using 1800W lmao... Copied from their website today: BlockDag X100 is efficient and profitable for optimising the mining experience. With cutting-edge ASIC technology, it boasts a substantial 2 TH/s hash rate with an impressive energy consumption of 1800 W. Users can earn up to 2,000 BDAG daily, as X100 optimises your earning potential and optimises the mining process. You can also mine Bitcoin and Kaspa with BlockDag X100, as it is equipped with the SHA-256 algorithm. With advanced ethernet connectivity and enhanced heat dissipation, it is an ideal choice for pro miners. Size # 54cm x 26cm x 20cm Hash Rate # 2 TH/s Power Consumption # 1800W Coins Per Day # Up to 2,000 BDAG #
Unless you have cheap energy (~0.04$ per kwh or less) and a place to keep away from noise dependent areas, like ersonal living spaces, it would not make sense to just buy Bitcoin directly. The ongoing difficulty adjustments, thật happen every 2016 blocks might reduce your overall profitability as much as you would be better of just buying the coin outright. If you want to hobby mine and see how it works, get a bitaxe miner. If you are able to get cheaper and reliant electricity like that, then congrats. Here is a website that compares miners, look for SHA256 algorithm for Bitcoin mining. https://www.asicminervalue.com/ However, for 98% of people, buying the coin outright will result in less maintenance, less work, and more value over the long run. Good luck and keep stacking SATs!
amazing... I even coded the address generation with SHA256 and RIPEMD-160 myself in OpenSSL/C++ but did really not think about why Satoshi did it this way
You still need ORDERS OF MAGNITUDE more energy to secure the fiat system than bitcoin (law enforcement, Secret Service, Treasury Dept., Office of the Comptroller of the Currency, The Federal Reserve, military, government bureaucracy, politicians, commercial banks, retail banks, credit unions, etc.). Just the U.S. Department of Defense (and its subordinate branches) consume $250M of petroleum products (i.e. gasoline, JP5, JP8, diesel, lubricants, etc.) EVERY DAY in part to protect and enforce the fiat standard. That doesn't count the ~$800B DOD budget for the U.S. and ALL ORHER countries' military and law enforcement expenditures. As for quantum computing, since you're so well-versed in the topic, would you mind giving us the basic numbers for the number of combinations that must be guessed for a brute force attack on SHA-256 as well as the computation rate for your hypothetical quantum computer, please? Then, could you give us the time to break one bitcoin wallet receiving address, please? Finally, since it is a trivial matter for bitcoin the upgrade to SHA-512 (and SHA-1024), would you mind giving us the same calculations, please? Oh, since you're at it, give us the basic specs of your hypothetical, non-existent quantum computer, please. (Number of computing qubits, number of forward error correcting qubits, operating temperatures, etc. Thank you in advance.
That is just a high level description of bitcoin, it won't get anyone who doesn't understand the value of bitcoin to understand it. People should study the technical parts of the protocol. To understand the value proposition, you need to understand the role of mining and how it works technically, as in how the target hash is selected, difficulty adjustment, SHA-256, halving, etc. You need to understand private-public key pairs, how they are generated with ECDSA, and the sheer magnitude of the statistically low chances that someone could guess a private key from a public key. You will not appreciate the genius of bitcoin without studying how these things secure the network, prevent double spending, prevent inflation of the circulating supply, prevent seizure, and prevent censorship. I am not saying it takes a long time to get it, but it requires at least a few hours which most people do not care to do.
It is not the case that all encryption systems have flaws that will eventually be exploited, like SHA-1. But yes, my numbers assume the algorithms used do not contain significant flaws. BTW DES was only designed for educational purposes, so not sure why anyone ever thought it should be secure.
You don't have a clue on what you are talking about, don't you? 1) SHA256 is a hashing method, not an encryption method. 2) SHA256 is used on block-mining. It has little to do with lost coin and wallet management which uses public/private key asymmetric encryption.
Bitcoins protocols are not new, but the combination of SHA256 with the addition of Proof of Work made it a novel concept
Thats wrong. Haven't you heard of quantum safe algorithms... Also SHA256 is difficult for a quantum computer. https://quantumcomputing.stackexchange.com/questions/24328/is-there-a-quantum-algorithm-to-find-sha256-collisions
>eventually SHA256 will be obsolete Eventually... All coins will "never" be recoverable. You can't recover Bitcoins during the heat death of the universe...
Since you want to sound smart but very clearly have no idea what you are talking about, let me paste my reply to a similar comment: No, it's a cryptography algorithm. Not a "cryptography methodology". * Hashing algorithms (SHA, ...) * Signature Algorithms (ECDSA, ...) * Encryption Algorithms (RSA, ...) are all cryptography but they all do very different things. SHA is not encryption. RSA not hashing. QC would wouldn't break SHA either. It's much more likely that QC would forge a private key for example using Shor's algorithm used with an exposed public key long before it breaks SHA.
It doesn't work like that. Look up the history of digests like SHA-1, RC4/5, etc or DES (yes, the one in 3DES and still widely used)
Uhh its a hashing algorithm, which is by default, an encryption methodology—that encryption is what sets up the intense competition between miners & their computing power (i.e. to recognize the correct block in the blockchain and not some false fork, maintaining its integrity. I’m a crypto enthusiast and investor (always take profits)— research has shown & pretty much guaranteed that w/ the advancements in quantum computing and AI- someone will eventually be able to crack SHA 256 (altho there’s SHA 512 which is infinitely harder to crack, and more secure, but isn’t used bc its too slow)—-interestingly, AI just cpl months ago, in its “rudimentary” or infant phase already solved some crazy physics problem that hasn’t been able to be solved for decades. AI is a scary premise; literally Terminator and SkyLink type ish. I still find quantum mechanics and the idea of quantum entanglement even freakier; its hard to wrap one’s head around
No, it's a cryptography algorithm. * Hashing algorithms (SHA, ...) * Signature Algorithms (ECDSA, ...) * Encryption (RSA, ...) Algorithms are all cryptography but they all do very different things.
A hash cannot be "decrypted", hashing is one thing, encryption is another. Hashing functions like MD5 or SHA256 are one way only, you put something in and get a hash out of it. Encryption algorithms like AES or RSA can encrypt using some encryption key (or a set of keys) and then decrypt it back to original text.
SHA is hashing, not encryption. Bitcoin does not use encryption algorithms.
In theory the SHA256 encryption which secures the BTC protocol could eventually broken with some unknown future sci-fi technology - some have speculated quantum computing could do so, but it remains very theoretical. The solution to this is simply a coordinated change to the protocol to harden the encryption against such a vulnerability.
Never is a long time, I'm willing to bet that SHA256 will be obsolete one day and Bitcoin gets upgraded to use new encryption methods. All users migrate to new wallets on the new encryption standard. All old wallets will be vulnerable. Could be 100 years could be 500 but it'll almost certainly happen as long as human society continues to progress.
\*Beep\* Yes, we human. Salutations fellow carbon lifeform! Yes. We cogitate SHA256 processor BTC will rearchitect global monetary system by means of a rules-based thermodynamically sound issuance schedule. \*Beep\*
Calm down everyone. This is probably a Gen Zer who is in that realm where they added ice cream to Coke and pretend they just invented the latest tasty treat. I have no problem with the spirit of this post. Why is everyone so bent outta shape? Calm the f*ck down. They also said SHA-256 won't work and Bitcoin Mining won't work, etc... Chill . .