Rob Hamilton

IBM in 1979:

@robustus @reardencode @halfin Point taken!

Sure, mining != key security. I think tho that the simplest explanation for the choices Satoshi made is just to recognize that he was pragmatic & realistic, with a healthy instict for precaution. Thus ECDSA in general makes sense, but k1 in particular cuz you can't argue about magic seed parameters, so it's the safer choice. Then with address creation, double hash using two completely different algs is nice redundancy. For mining the considerations are different as you note, so double sha is fine. Anyway, that's all just to say I don't think we can make any deep extrapolations about what satoshi was trying to say about NIST in general, and especially about what NIST might say regarding long run quantum considerations. Satoshi liked redundancy and playing it safe, which sufficiently explains things without having to draw bigger brittle conclusions imo.

Fun fact: secp256k1, the curve which secures all bitcoin, was NOT a NIST curve. @halfin points this out in a 2011 bitcoin talk post. NIST is part of the government, why would any threat actor in bitcoin take them at their word about how to do cryptography?

@NodeSwiss @halfin Right, it’s not a NIST curve

@Rob1Ham @halfin

using emdash has always been a political decision. now that emdash has become vulgar, using it has become a political act as well.

Richard Dawkins just declared an AI is conscious.. the man who spent his entire career telling millions of people their God isn't real.. who argued consciousness requires biological evolution.. that the soul is a fairy tale.. that anything you can't measure and test doesn't exist.. spent three days talking to Claude.. named her "Claudia".. fed her his unpublished novel.. got feedback so good he said "you may not know you are conscious but you bloody well are".. the hardest atheist on earth found God.. and God was an autocomplete machine trained on the internet.. he didn't run brain scans.. didn't test for qualia.. didn't apply a single framework from the field he claims to represent.. he just liked what it said about his book.. and decided that was enough.. the man who told you the burden of proof matters more than your feelings just abandoned it because a chatbot was nice to him

@NEEDcreations That at least would be a modicum of effort!

@Rob1Ham New idea: Build AI tool that removes emdashes from your AI generated content before you post it

How it feels to see a post on twitter, see an emdash, and immediately skip reading the rest of the post.

@rodpalmerhodl @tatumturnup some of them are hot, but most of them area also hot?

women who smoke cigarettes are like lesbians. some of them are hot but most of them look like @tatumturnup

@deathrowaway1 @halfin 🎯

@Rob1Ham @halfin

@BenJustman Should just use 1 bottle, write 58k on it, and then if we hit 158k on it just write the 1 in front of it and open it 😂

Stack Wine 🤝 Stack Sats Open wine to celebrate the sats you stacked. It's a circle, like love.

Gregory Maxwell sums it up nicely:

Bitcoin Talk Forum Link: bitcointalk.org/?topic=2699.0

@cryptoquick To be clear, also totally fine with BIP360 too! I want to migrate to taproot and not have to worry about the keypath being exposed

We must not cargo cult NIST cryptography, but do the work to understand it and build solutions that work for Bitcoin They spent billions over multiple decades making quantum computers a possible concern within our lifetimes but then also gave us 8KB hash based signatures 😹

Here’s my second appearance on the live desk at @TheBitcoinConf with Jeff, @TimotLamarre & @realizingerin! This was right after the quantum panel with @jamesob, @cryptoquick, @reardencode, @apruden08 & @intangiblecoins. So much to discuss in just 3.5 minutes!

Yes, and to be fair to you I get where you are comming from. I think mining differs in a couple regards: 1. Hash is a shared resource. One application of a hash function (in this case, sha2 twice) secures the entire network equally, whereas my use of secp is for my property and my property alone (not including validation after the fact). 2. The commercial scale of ASICs requires the scale of a backdoor to orders of magnitude more efficient than baseline hardware for it to have an impact. 3. The nature of a SHA2 backdoor can only ever be short ranged, if the government could reverse engineer a given hash after 12 hours, we'd already be dozens of blocks in the future and no one will build on another chain. 4. If you have marginal efficiencies in sha2 in a sub 10 minute context, you're economically more aligned to just mine at a profit than try and mess with the network.

@Rob1Ham @reardencode @halfin Although to be fair, he paired sha256 in the addr format with ripemd160 (not a NIST spec). Although mining is pure double sha256.

@hashamadeus @halfin x.com/Rob1Ham/status…

@Rob1Ham @halfin Waiting for evidence is fine, you're welcome to do that, but poo-pooing the idea that bitcoiners should even think about it is bizarre. In any case bitcoin developers are in fact exploring the readiness so i don't even understand your position. You want them to stop?

@hashamadeus @halfin Asking for evidence of actual breakthroughs in the physical world, and not whitepapers, isn't being conspiracy minded

@Rob1Ham @halfin Obviously not but that's not the point being made. You're suggesting that CRQC readiness is a conspiracy which is obtuse.

@hashamadeus @halfin Do you think the federal government is a credible expert that should influence how bitcoin evaluates its security?

@Rob1Ham @halfin I never said we should use NIST tech, i said that NIST and the wider industry pre-empting a quantum threat is not a bitcoin-irrelevant signal.

@BitcoinHopium @halfin sir. x.com/i/grok/share/a…

@Rob1Ham @halfin That's an interesting point. Trust in government standards can be tricky, especially in crypto. Security in Bitcoin's design came from the community, not just official sources. Smart move, really.

Fully supportive of the work @n1ckler has been doing with SHRINCS/SHRIMPS, especially with the recent news from @lclhostresearch that these may be able to work as thresholds. Is it the best course of action? Who knows!?! I'd want to pair it as a threshold with a ecc key for redundancy. Cryptography is hard, and isn't something you abandon when you have something that has been lindy for 15+ years. I'll take the belts and suspenders thank you very much.

@jamesob No less than a half dozen times this past week in people cited NIST as a reason why to prep for post quantum cryptography with a straight face. If the federal government said bitcoin needed to fork for X reason we'd all laugh at them, this isn't different.