Hey I have same question. Did you figure out what is actually sig in sigscript here?

That signature is bob’s signature which satisfies the locking script on the UTXO. It proves he owns the output assigned to that address

@@Altcoinminimalist Alright, but this is not the answer to the question. What is the message that is signed using Bob's secret key?

@@amirphl7834 that would be the signature hash (z)

It should be "Sum(inputs) >= Sum(outputs)". They mention it in the video.

Rules are enforced programmatically by all the full-nodes. Additionally the rules are enforced by the users running full-nodes, not the miners, although miners can run nodes too. I strongly suggest reading Andrea's Mastering Bitcoin for an in depth explanation of the bitcoin network and protocol.

The nodes that follow what u propagate to them without running the code & checking and verifying for themselves are not considered full nodes, ie does not play a role (like having a vote) in the consensus. So, if u did so (verify wrongly, or change the rules, or....) u r considered a "malicious" node, the idea here u won't succeed in enforcing ur malicious rules unless u r running more than 50% of the full nodes of the network what is called 51% attack

@@shymaaarafat1342 This isn't quite correct. A 51% attack refers to a malicious party having a majority of the hash rate and being able to rewrite the chain. This happens because if you have 51% of the hash power you can start mining from an arbitrary block (the more recent the block the easier it is to perform the attack) and probabilistically generate malicious replacement blocks (with more work put into them) over time than the honest actors and force all nodes to accept them. In the scenario you gave where 51% of nodes are running malicious software with different rules for consensus, you end up with what we call a hard fork.

@@coffle1 Ok, I recalled the Q&A here 1-He was asking why a wrong block a malicious miner propagates won't get accepted maybe nodes will not have time to check. 2-I replied checks (signature & hash verify) are done automatically for each block if you are a full node, if u r not (don't verify) then u r not considered a "full node" and ur vote doesn't count on whether this block is accepted or not. (By the way, coming back here from the future 2022, some Ethereum L2 suggested protocols I think apply optimistic consensus maybe approaching what the original asker described; ie accept without verify until a complain or contradiction happens didn't follow more on the details of that; called optimistic roll-up I think heard about it Justin Drake talk but did not follow more ) . 3- When I say 51% attack I mean an attack that can only succeed with at least 51% nodes participating, not necessarily the most famous one u mentioned about the monopoly of at least 51% of the hash power. -I don't recall talking about the malicious consensus software here, only in twitter because it was in a latter time I guess, but ur reply resembles one I got there. -My answer is a forks happen when a rule changes or some kind of disagree happens consciously; ie people are completely aware of the dispute and taking a fully informative decision on which direction they're going. The situation I describe is ur verifying code was hacked, and you absolutely have no idea why ur verifying result is different from other full nodes ( generally full nodes don't know each other to meet and talk about it) -So if someone managed to tamper/hack more than 50% of the protocol versions he will do what he wants, it's like u hired someone to stand on a gate and let people pass according to some rule RA, if he changed the rule to RB without telling you then RB will be the passing criteria until someone complains directly to you and you decided to investigate and "roll back" faulty blocks. . Final Remarks: -------------------------- 1Maybe a deeper analysis will prove this needs more than 2/3 malicious code versions, as in byzantine BFT, not just 50%; however roughly speaking I believe it's 50% 1/2 because this permission less with randomly chosen leaders (leaders mean miners here) 2-For a more deeper thorough look on consensus (and somehow abstract & theoritical) u may study Tim Roughgarden "Foundations of Blockchains" course on KZbin & GitHub

@@shymaaarafat1342 The original asker saying “checking takes time and they don’t want to check” is a little ambiguous in that it doesn’t precisely explain who “they” are. As you said in (2), full nodes will always check. On whether something is a fork: It doesn’t matter if a maintainer of a node is conscious of it running hacked software or not, if it results in the full node not verifying blocks correctly then it’s seen as malicious to the rest of the network. The bottom line is that if the consensus rules of a node on an existing protocol is different then the original nodes on the network, it will *always* be considered a hard fork regardless of how that node came to be that way. The full nodes still running the original consensus rules (be it 10% or 90%) will still be part of the original chain while the “hacked” nodes will be considered a hard fork (assuming there’s a shared history). The “hacked” nodes will never have a say in consensus for those running nodes with the original consensus rules.

1- she said prevent "replay attack", ie resending or re-including the same transaction again in another block with all its valid signatures & hashes&.... 2-Destroy here ( in any UTXO based cryptocurrency) means deleting the old variable and creating/inserting another one to hold the new value -She said it & it's true the UTXO model is not a default natural easy to think of, not like our minds in computer community with the variable model, or in the banking finance community as the account model; still it has its benefits. -think of it as when u pay with fiat currency: if u pay say with 100$ the 100$ has a serial number, the change u get say 50$ has a different serial number. -What happen here is the input UTXO is completely deleted from the current set of UTXOS, and a new one is created for the change; even if the change is going back to u the same person, this gives u the chance of creating a new address to keep ur anonymity (if u kept the same address people will probably know it's u) -Now if someone tried to resend this old transaction again, they will not find the spent UTXO in the current UTXOS set

Hey :) If the remaining bitcoin doesn't go to the miner, what determines the fee?

@@nathannewell3017 the fee are determined by the network. If you go to Bitcoin Explorer you will see the fee. The Bitcoin works like cash. If need to pay you 0.5 btc but I send you 1 btc then I will get 0.5 - fee back to my wallet. There is even a special address for the changes.

She means when u subtract the sum of output values from the sum of input values the difference≥0 goes to the miner as the transaction fee, and it's allowed to be zero because sometimes the miner him/her self is making a transaction. -As for what is mentioned in the other reply about how the fee is determined, that's another issue than this lecture: Different sites/ wallets recommend a fee for u, or u can look for the current average/median fee in statistical sites like blockchair.com, blockchain.com,.... and the general rule is the larger fee u choose to pay the faster ur transaction is included in a block because miners naturally like to maximize their revenue (profit)

@@xjazz666 No, the part that goes back to your wallet has to be an output. She is talking about unspent coins from the inputs. That means the remaining bitcoin does go to the miner.

why is lecture 9 not there

Lecture 9 is not available.

Lecture 9 was on 'Peer-to-peer Networks' and had a guest lecturer. Sometimes the guest lecturer doesn't sign the IP forms. We will not show their lecture without permission.

well thank you for the whole series though i'm having fun exploring. this is the best.@@mitocw

r/iamverysmart