Congrats on TREZOR!Hi Bitcoiners!
it's time for some questions and answers again... You can ask me anything about Slush Pool or TREZOR hardware wallet but I will happy to talk to you about other topics. .........
a very intuitive and easy to use tool for newcomers to Bitcoin or users with average computer skills. TREZOR is gradually expanding into a digital identity vault, we have introduced a password-less login to websites but it's potential is way more far reaching.
Slush Pool <https://mining.bitcoin.cz>
Paralelni Polis <http://www.paralelnipolis.cz/en/>
Thank you! Positive feedback is one of main motivation for our projects .Congrats on TREZOR!
During last years we've gained broad experience with DDoS mitigation and although there's no silver bullet for all kind of attacks, every incident help us a lot to to improving our infrastructure even more. For DDoS mitigation we use various strategies, one of them is mutual trust between us and our major miners, for which we run private servers on hidden locations (or even on their own infrastructure). Thanks to this, significant part of hashrate cannot be kept down by classic DDoS.Have you taken any steps to mitigate ddos attacks on your nodes if/when you reenable bip 101 mining?
Yes, U2F support is already in progress (https://github.com/trezor/trezor-mcu/tree/u2f). The biggest challenge now is to implement PIN protection into U2F stack, but we're on track of working solution. We definitely see TREZOR as a personal security device, so native support for such protocols and use cases have a high priority in our team.Is U2F coming? Would it be the only U2F device where it can be pin protected, backed up, and re-programmed?
Definitely building bigger team since beginning. Being alone on everything for more than two years since 2010 was mind blowing experience. I had to be online 24/7/365 which almost ruined my personal life. That was because I did not recognized for long time how big this is going to be. Now the pool is developed and maintained by team of six professionals (and good friends of me!), which kicked the quality of service to another level.@Marek, thanks for all your contributions to the community!!
1) what would you do different in the Pool business knowing what you know now?
Never ending DDoS incidents. Especially on the beginning that was pretty common and I sometimes did not sleep for many days, fighting attacks and moving pool around the world to different datacenters (because after attacks some datacenters refused to host the project).2) What were the biggest challenges in running a pool, starting a pool?
Although I never wanted to go into hardware business, it learn me A LOT and I'm thankful for that experience! Both pool business and TREZOR wallet were pretty stressful projects (each in different way). However I regret it only few times .3) hind sight 20/20 of course, is there a better niche you could have spent your time? I guess this is simialr to question 1... but if you could do it over again would you still do pools and hardware wallets?
We have third major project in pipeline which (I believe) will have significant impact on Bitcoin. But I prefer to not disclose any details yet!4) The opportunities in Bitcoin are enormous... but what do you think the top 3 are? Is it wallet software? POS deployment? What say you...
Definitely not! It was a nice hobby project. Those days, Bitcoin was unrecognized by anybody except few geeks on bitcointalk forum. There was a good chance it will die suddenly because of some stupid mistake or overlooked detail in whole concept. Even when I quit my daily job in summer 2011 I was like "ok, let's try this, I can go back to job anytime". However, at that time, Bitcoin took my whole life. I literally quit my 40 hours/week job to work 80+ hours/job as a pool operator.When you started working on a mining pool for Bitcoin, did you have any idea what a large part of your life it would become? When did you realize that you might have stumbled onto something great?
I travel often with TREZOR in my pocket and I've never had any question regards it. TREZOR is too small and even metallic version is not detected by scanners. If somebody would ask me, I would probably say it's a flash memory. If somebody insist to explain more, I would say it's as a flash storage of private keys for my digital life.HI Marek,
Thank you for taking part in this AMA, I got a feeling that you will get a lot of questions from our members and here is mine.
A member recenly posted this: alternative-clients/two-disadvantages-o ... lit=trezor
The first question he has was quite easy to solve but the 2nd question not so easy.
He is inquiring about traveling across borders with a Trezor and how to explain the devise to airport customs/security.
Just wondering how you do or would explain this yourself and what rules apply that you know of?
I know each countrie would have different laws but is this something you have experienced?
I've build the pool because I as a small miner wanted to stay in the game for longer. So I think the oposite is true! Without pools and optimized protocols, the barrier to enter mining industry would be much higher. Just see how many people mine on P2Pool - and it is just about setting up the bitcoin node! I believe without share-based pools the mining industry would be in hands of few long time ago.In hindsight do you think pooled mining and/or the Stratum protocol has contributed at all to the centralization of mining? Do you see some centralization of mining infrastructure as an unavoidable necessity?
I have come to think it's a very relevant question and you can better weight people's opinions having an idea of how many Bitcoins they hold (or do not hold.) So Instead of asking their opinion on bitcoin, I'm now asking every participants the same question:"Never ask anyone for their opinion [...] Just ask them what they have -or don't have- in their portfolio"
I'm mildly for BIP101 and I like the work which Gavin put into the project, but I think some other solutions will work, too. Although rising proposed in BIP101 may be a bit aggressive, it's just a limit - not the block size itself! Remember that Satoshi used the limit as a precaution of various DoS attacks to network for its first day of existence, talking about removing eventually. On the opposite, keeping the limit low in time of Bitcoin expansion limits the economy of blockchain and it may be dangerous for bitcoin adoption rate. I'm closely related in Paralelni Polis, the bitcoin-only space in Prague, and I see even today that small blocksize may affect real-world usage of Bitcoin.What are your opinions regarding the Blocksize-issue? are you for BIP100(increase of up to 17%)/BIP101(8 MB and up to GBs)/BIP103(2-4-8-32MB)?
I use TREZOR as my primary bitcoin storage, Mycelium wallet on my phone for change and NFC card for terminals in Paralelni Polis for the fastest way of paying for coffee. It's just "beep" - I even don't need to unlock my phone! .Do you hold bitcoins yourself(in the trezor,web Wallet,mobile wallet or desktop wallet)?
I'm generally skeptical about "bitcoin with faster blocks" altcoins. In my opinion the social network of users is what counts. Litecoin and other copypasta-coins does not offer significant improvement over Bitcoin to attract enough users.What are you opinions regarding alt-coins such as litecoin?
Block halvening years ago shown that it's not an issue at all. It is just a demonstration how differently the economic works when all participants have full information. Such predictive and seamless changes would never happen in normal fiat economic with central bankers, which can change rules in any day without telling anybody in advance.What do you think about bitcoins future(block halvening,openbaazar etc)?
It is technically doable, but it's not in our pipeline for now. We do not see Core as a software ready for common users. Even Core developers said they may eventually remove Wallet from the code, because it it hard to maintain such monolithic code. I rarely agree with them; Core should be just an minimalistic implementation of node enforcing network rules and keeping blockchain running. They should leave other parts of infrastructure to people with better skills for UX.Are you open for a (sort of) plugin of trezor with Bitcoin Core wallet/Bitcoin XT?
Definitely yes. SSH login is already working in linux (https://medium.com/@satoshilabs/trezor- ... a622d7e609) and it should be straightforward to add support into Putty for Windows (but I did not use Windows for years, so I cannot say 100%). U2F is already in progress (I linked github repository few posts before). We plan Yubikey emulation too, yet ETA is not set.can or will trezor be able to be used in a similar way to the yubikey on top of the bitcoin functionality it already provides? ssh keys/2fa etc.
That would be a long list of scam attempts . Some of them were successful, at least for some time. For example we have a case where somebody in ISP company was hijacking Stratum connections of customers and pointed it into another pool. But generally this does not happen often, the most common are attempts to impersonate to pool users and get an access to pool accounts. For that reason we encourage people to send bitcoins away from the service as soon as they trigger anti-spam threshold. In the end there's not much to steal from the Pool...Hi Slush,
Can you give a ballpark update on the number of Trezors sold to date ?
Can you elaborate at all on the shenanigans that people attempt to defraud mining pools, past and present ?
THAT was the reason why we were refusing to add PPS for years, although many users left the pool and joined some fancy PPS service. However PPS is like playing a russian roulette; statistically you never have enough bitcoins to survive long enough period of bad luck. Not talking to technical issues alone (like BtcGuild paid out to users 1000+ BTC by mistake during migration to bitcoind 0.8) and scam attempts like block withholding. As far as I can say, we never experienced such attempts, because on score-based pool it does not have much sense.For example about 18 months ago BTCGuild, Eligius, Bitminter and others were hit with a winning share withholding attacks and DDOS attacks. Around this time PPS options were removed by most pools, attackers had their balances witheld and Giga' s pool closed down.
There may be various motivations behind such attacks. Profit, damaging competitors, destabilisation of bitcoin network, fear, ... I honestly don't think too much about "why", it's not important at all .https://bitcointalk.org/index.php?topic ... msg7282674
https://bitcointalk.org/index.php?topic ... msg6060325
Do such innovative attacks still occur ? Do you think these attacks on independent pools are a proxy attack on the decentralisation of independent miners' hashrate ?
I don't have any information regards this cause.What are your thoughts on Ghash's behaviour at that time - they dropped their fee from 2% to 0%, an employee was caught double spending, and I suspected them of selfish mining/block witholding with a high orphan rate (often chains of 2-3 consecutive orphaned blocks).
SPV mining (mining based on blocks without full verification) is going against the purpose of mining itself - validating transactions and keeping blockchain healthy.What are your thoughts on SPV mining - perhaps this is an ingenius solution to larger block propagation times between pools?
Do you like giant red underpants?
We've tried hard to introduce safe passphrase entry on TREZOR, but nothing was really usable. Even PIN entry is a bit geeky and it is sometimes hard to explain for average joe (although most people like it once they understand the concept ).slush,
I love the two Trezors I own, and really like that i can set them up to be identical, and use them interchangeably.
My question is when will you (or are you considering to) have the passphrase entry obfuscated like you do for PINs? I recognize that I might have to scroll through a few pages (with the two Trezor buttons) to see all the letter and symbol pairings. I also recognize that some people may not like it since their passphrases might use extended character sets. However, I would think that during the initial setup (or in advanced mode) the user could activate the passphrase obfuscation with the full knowledge that they are limited to a certain set of characters (upper, lower, numeric, limited symbols). This approach would give me massive peace-of-mind regarding keyloggers. Is this idea in the works?
Users browsing this forum: No registered users and 2 guests