no-fork native tokens

In case you missed it token fever is upon us.  Easy-issue tokens have driven the rise of ETH and other coins.  Coingeek offered some kind of a cash prize for building a native token system for BCH (which likely would work for other satoshi-codebase coins).  This is what they want:

o Securely create tokens;
o Issue tokens to user’s wallets;
o Redeem tokens from users; and
o Securely destroy tokens back into the originating cryptocurrency at the end of that token’s life cycle

This is solved with a simple no-fork wallet protocol, which can be built into a satoshi-codebase wallet, consisting of three RPC calls:

1 - watchtoken <txid> <utxo-index vout> <label> [rescan=true]

2 - sendtokentoaddress <amt> <address> <label>

3 - gettokenbalance <label>

The first "watchtoken" marks an individual UTXO (from transaction txid and output index vout) as a "genesis" token.  This is a lump of coin that will be marked and watched and counted as a separate asset than the underlying coin.

The rescan then needs to take place, now checking to see if the wallet owns any of this asset or not.  The procedure of determining what addresses control tokens when scanning the blockchain is as follows.  A given UTXO is either of this token_label type (lets call it FU) or it is not (lets call these not-FU).

The only UTXO which is of type FU is at first the one pointed to by the watchtoken(<txid>,<vout>,"FU") call.  After that, other outputs will be of type FU only if they are outputs of a transaction exactly formed as follows:


Inputs                      Outputs

type - FU                      ?
type - FU                      ?
...                           ...
...                           ...
type - NOT-FU                 ...


The only way that any output of a transaction can also be labelled "FU" is if these conditions hold:

a)  All inputs except one must be of type FU
b)  Either all outputs are of type FU and the NOT-FU is exactly the fee,  OR all outputs but one are of type FU, in total equal to the total amount of FU input to the transaction, and one other output is not-FU (the not-FU change).

Wallets will create FU transactions with all outputs FU if possible, but sometimes when one doesn't happen to have an exactly current-fee-sized not-FU UTXO lying around, one will want to include a not-FU change output.

There is one possible edge case which might confuse a wallet implementation, which is if there are multiple outputs of exactly the same amount and so which one is non-FU change and which one is FU is unclear.  One simple way to avoid this is to mandate that in such a case there are no FU outputs, and so any wallet making a transaction needs to make sure the not-FU change is not exactly equal in amount to any of the intended FU outputs.  Once this is taken care of it is always clear which single output is not-FU.

If the transaction does not pass these requirements then the outputs are all considered not-FU, and any FU input to the transaction is "destroyed" (or rather, is now considered only the underlying coin).

This simple protocol allows us to securely create tokens, by placing some number of satoshi in a UTXO and labeling these as our token.  This allows us to issue tokens to users wallets, as any wallet which can receive coin can now receive tokens (it us up to the wallet to recognize them, so the user must tell their wallet to watch for that token).  Redemption can be done with any transaction, the user is able to sign that they control the tokens or move them as the redemption-giver sees fit.  Destroying tokens can be done by making an unbalanced transaction not obeying the above strict rule for transactions that allow passing of token type.

One nice thing about this token system is that there is no need for any software updates for miners or nodes.  To a miner, these token transactions proceed as any other transaction proceeds

The rest is very self explanatory.  Gettokenblanace returns the total of any type FU coin on the chain controlled by the keys in the wallet.  Sendtokentoaddress creates a transaction with enough FU inputs for the receiver, any FU change if necessary, and enough non-FU coin to pay the network fee.


But how will people know that my token is called "BADASS" and not FU or c74d8fce1b3d488d17b4dc92c61600ae26f7ebf1ab3e144d8014a6614b340ad2,3  ?

You can ask people to use any label for your token that you like.  In the end the token will be defined by that first TXID, vout combination.

How can I issue more of my token later on?  

You can add a new token FU2 with a new genesis UTXO and tell people this will be redeemed just like FU1 by your company or redeemer-cat.

Can this work on an SPV wallet?  

It will be a little slow to scan the chain when a new "watchtoken" is issued.  More likely people will use some trusted servers which list token UTXOs for mobile tokening.

What if I want to use 1mBTC to create 1 million tokens?  

You can't.  1mBTC creates only 100k tokens and they are indivisible.  Yes this means no token will be worth less than 1sat.

What if I want to move tokens without having any coin (non-FU coin)?

You can't.  Just like Ethereum's "gas price" you need some underlying coin to pay the network fee.

What if I want to muve a bunch of coin to several addresses and a bunch of token to several addresses at the same time?  

You can't.  Token movements in this protocol need a dedicated transaction, there can be at most ONE non-token output to a valid token transaction.

What does it take to update the network?  

Nothing.  Your network is ready to roll with this token system already.




Celebrating indigenous peoples effort to protect forests, and the planet

From If Not Us Then Who: Indigenous peoples live and work in the lands they protect–and have been found to be the most effective guardians of the world’s forests. This International Day of Forests, we are taking the opportunity to celebrate their work they’re doing globally to protect our forests, and, in turn, our planet.

If Not Us Then Who

When we think of ‘saving the rainforest’, we might think of tree-planting, buying less and recycling more. But these important actions are just part of the picture. Indigenous peoples live and work in the lands they protect – and have been found to be the most effective guardians of the world’s forests. This International Day of Forests, we’re taking the opportunity to celebrate the work they’re doing globally to protect our forests, and, in turn, our planet.

Pressures on the world’s forests continue to build. From palm oil and soy plantations, to timber logging, cattle grazing and mineral mining, our growing population is demanding more and more from these resource rich areas. And while legislation is keeping some of the threats at bay, the majority of the world’s forests are continuing to face challenges to their existence.

Amidst these pressures, some areas of land are being razed to the ground while others are still standing. Why? Deforestation has been found to be five times higher outside of indigenous territories and conservation units, according to a recent study by RAISG (The Amazon Network of Georeferenced Socioenvironmental Information). In other words – the indigenous communities living and working within the forest are proving to be the best line of defence against deforestation.

Using their extensive knowledge of the forest ecosystem, these communities are using sustainable practices to live in a way that protects – and even regenerates – the land. Although they account for just 4% of the global population, they protect more than 80% of the world’s biodiversity (source: World Bank). By cultivating clean waterways, tackling forest fires, and restoring the habitats needed for rare species, they bring the land back into balance – and keep it that way.

This work doesn’t just protect the forest – it supports the planet. Forests act as a carbon sink – absorbing and holding on to carbon, preventing it entering the atmosphere and contributing to climate change. This stored carbon is released into the atmosphere when trees are logged and burned, making it all the more critical that forests are left standing.

As much as 24% of the carbon stored above ground in the world’s tropical forests – an amount that is more than 250 times the global air travel emissions of 2015 – is found in indigenous territories. Thanks to indigenous communities, this carbon is being kept in the ground, and complex ecosystems and rare species are being given a chance to thrive.

Indigenous peoples continue to defend and protect this land, but it’s coming under increasing threat from land thieves, agribusiness and mining companies. As pressures mount, and we race to prevent a catastrophic 2 degree temperature rise by 2100, there’s a growing sense of urgency to safeguard the earth’s forests.

Indigenous peoples continue to work tirelessly as the most effective guardians of the forest. These communities may be small in number, but their positive impact on the earth’s forests – and its future – is huge.

Charlie Lee Nails It

“It’s hard to say what will happen when it starts reaching the limit. Right now, the coin is working, Bitcoin and Litecoin are working because the mining reward is paying for the security… When you rely on fees and if the fees aren’t enough because the block size is constrained, then what happens? The security will drop. Is it better to have some small inflation every year and have that fixed and have that pay for the security or can transaction fees pay for security?”

-- Charlie Lee in





The Importance of the Monetary Supply Curve

Well that's a rather imposing title isn't it.

If you're going to talk about exchange commodities, you probably ought to consider how they are being issued.  A lot of cryptographic assets are issued today like type "D" in the above diagram, a standard ICO or full premine.  The trouble is that this puts all the coins in some small number of hands, which makes for unstable markets dominated by whales.  It's a top-heavy structure and while it can be propped, and perhaps grow some understory via trickle-down and some good marketing to adoption, this is probably not where you want to be in the long term.  Unless of course you got in at the very beginning, in which case: good luck finding the top.

The curve "A" sure looks a lot better at the start, as miners are able to generate coinbase transactions that keep the market from overheating and put coins in new participants hands.  However you can see from the plot that after enough time (by 2030 or so), the economy looks from a distance very much like curve "D".  The coinbase is nearly gone and now you have an entrenched whale class who moves markets at will, and little to give incentive to miners apart from a fee which drives away users.

Curve "B" solves this problem neatly but with one aesthetic flaw, namely that it has no cap to the supply and thus appears to not be a great long-term store of value.  Sure the miners are taken care of and the economy can grow in a relative stable manner but still the competition of less inflationary coins will drive the value down.  A lot of satoshi codebase coins leave this as the endstate after various early distribution schedules.

Curve "C" leads to large interest rates and hyperinflation, which could be desirable in certain situations but not for the long term wealth management crew.

This leaves us with curve "D", hastily drawn on in crayon.  This one is the logarithmic supply curve.  As you can tell it is capped, allowing for avoiding runaway inflation, and yet there is substantial coinbase reward to issue new currency for a very long time.  This should keep the price relatively stable by avoiding shocks and finding a balance between inflation resistance and coinbase incentives.

What do you think, which supply curve would you rather have in your coin and why?


Bitotal Adds Woodcoin


Nice looking new exchange out of the Netherlands.  Interesting crypto-products available as well.  Lets keep an eye on these guys.

Bitcoin as a Matriarchal Economy

Start at around 50:00 or so for the two minute version 🙂

WATCH: Vin Armani on Cryptosavagery, Patriarchy vs. Matriarchy And Culture

Ico Roundup Infographic

Crypto Kings Infographic

This post is a suggestion from a reader, taken from


Battle of the Blockchain

After bitcoin block 15323 was solved, more than 24 hours passed before the next block.  This is quite a bit longer than the target time of ten minutes.  Looking through the blocks at that time we see that they are mostly all empty, and there isn't much action with the difficulty.  Even a full day of the network and - not a single transaction.  This was the first year of mining and a lot of people just happened to turn their computers off for a spell.

Fastforward to 2016, now looking at the Woodcoin block chain.  In some sense we see a similar phenomenon, some long periods sans blocks.  This is a small coin, barely worth more than bitcoin was worth in 2009 at the time of block 15323.  However the mechanics here were very different:  a real battle over the blockchain.  Here's a chart showing some of the action:


You can see that most of the time, the network produces blocks near the target time of 2 minutes, which is 720 blocks per day.  However starting in late 2015, and continuing off and on until early 2017, the number of blocks per day drops quite a bit.  What was happening?

Drive-by Hashing

What was happening was that unknown miners were dropping a large amount of hashpower on the network, waiting for the difficulty to go up, and then leaving the network.  The rest of the miners then were forced to mine at much lower profitability as they struggled to solve blocks at a fraction of the usual rate.  For much of this time period a mining rig of 10 or so nvidia GPUs may have been enough to dominate the network and pull off such a disruption.

While waiting longer than usual for your transactions to clear with an anonymous exchange might be annoying, it isn't a disaster.  Transactions eventually go through, and are inherently unalterable so shouldn't cause any worry.  However some other shenanigans also appeared on the network during this time.

Rewinding the Drive-by

Although it isn't visible in the block chain today (which keeps only the longest chain demonstrating the most skein work), there was in fact another interesting battle occurring on the woodcoin blockchain in 2016.  Some might remember that large chain reorganizations occurred during this time as well.

Why the reorganizations?  It appears that somebody found a way to battle the drive-by hashers by simply not accepting the rapid blocks they published to the network.  Instead, a second group of miners mined in private on the chain of the previous (lower) difficulty.  Because the drive-by miner always left and then didn't continue to mine woodcoin blocks, eventually this new party was able to surpass the work of the driveby-hasher's chain and then submit their new longer chain to the network, claiming these blocks for themselves.

This caused some trouble, as pools suddenly saw all their winnings orphaned.  They complained and in one case even dropped support for woodcoin.  However, this was an amazing test of byzantine consensus and robustness of the woodcoin network using the satoshi protocol.  Consider it a stress test.

Could something like this happen today?  Well maybe.  The hash rate is a lot higher today however:

As the hashrate grows, it becomes harder and harder to play these kind of games in a profitable manner.  While this is great for the health of the woodcoin network it's a drag for those of you looking for blockchain battles and associated drama.  Well we can't please everyone can we.






ASIC Resistance : wtf is that?

Hello Everyone!

Maybe some of you have heard the claims of "ASIC resistance" amongst some proponents of this or that new proof-of-work algorithm, or even some non-work centralized algorithm.  "ASIC Proof" even.

Lets talk about what this might mean.

First off, it's worth pointing out that doing the appropriate hash function faster will make you more profit as a miner.  It's a computational problem, how fast can we compute these functions.

Consider some somewhat similar computational problem, that of factoring an integer or determining the discrete logarithm of some large number.  Here we have a nice history to look at, and we see that two areas have sped up this computation:  1)  Hardware    and     2)  Algorithm development (software).

There is no reason to suspect that hashing for proof-of-work public networks will be any different.  The algorithms and software WILL improve, and the hardware WILL improve.  This viewpoint might come from somebody who was alive during the peak stages of Moore's law, but still - that's really the way it is.  Software will improve, hardware will improve.

Provided of course that the network in question provides enough rewards to incentivize us to improve!

If the network hash remains worthless, then sure - we might not bother to get specially improved software or hardware.

So does "ASIC-Restistant" then mean that the coin will be worthless?  That would do the trick, but then again "resistance" implies that somebody was trying to break into the house, not that the materials visible through the windows were not worth bothering with.

That's probably not the type of ASIC resistance those who throw term about are going for.

But what else could it mean?  Several coins have now had proponents claim "ASIC Resistance" and have gone on to have promising futures :  Litecoin (and other Scrypt coins), Bytecoin (with Monero et al.),  Ethereum (Equihash et al.), and others.  However a quick search will show that dedicated mining hardware is available for all of these coins.

Is there any room for a valuable computable which cannot have a specific integrated circuit for its application?  I don't see any.  What am I missing?