CD179：SETH谈隐私季度更新

对吧？

Right?

我觉得现在你可以用Cold Card或Passport这类基于二维码的签名器配合Cakewallet使用，这简直太酷了。

Like, I think it's super cool that that now means you can use a cold card or a passport or any of these other QR based signers with Cakewallet.

我觉得Cupcake能和现有所有协调器配合使用真的很棒，不管是Cobalt、Sparrow还是Nunchuck。

I think it's really cool that you can use Cupcake with any of the existing coordinators, whether that's something like Cobalt or Sparrow, or Nunchuck.

这真的太酷了。

Like, that's really cool.

这正说明了开放标准如何能相互叠加。

And it just shows how open standards may compound on top of each other.

哦，是的。

Oh, yeah.

哦，是的。

Oh, yeah.

而且你们可以交付某些功能，然后它就能让一切运转起来。

And and you guys can ship something, and then it makes everything out.

比如你提到过多重签名。

Like, you'd mentioned multisig.

大概就像，再次强调，这取决于你的权衡模型。

Like, presumably, like, once again, like, it depends on your trade off model.

但比如，你可能在一个使用Sparrow多重签名的组织中——我认为多重签名对组织特别重要也特别实用。

But, like, you could be in an organization that's using a Sparrow multisig because I think multisig specifically is really important, really useful in organizations.

嗯。

Mhmm.

其中一个人可能在使用纸杯蛋糕签名器。

And one of the people could be using a cupcake signer.

而其他用户可能在使用硬件钱包。

And the rest of the users, you know, maybe they're on hardware wallets.

他们完全不知情。

They have no idea.

无所谓。

Whatever.

而且我是说开放

And and I mean open

标准。

standard.

挺酷的。

Pretty cool.

即使你能扩展到像某个组织——我的意思是，我知道这有点像费迪曼那种模式，比如村里的长老们，这群人可能花上千美元买硬件钱包来做多重签名，结果反而让多重签名变得毫无意义，他们最终只用一个人的热钱包。

Even if you can expand that to, like, an organization that isn't I mean, like, I know this this is kind of the Fediman thing of, like, the the village elders model of, like, this group of people who may be spending a thousand dollars on hardware wallets to do a multisig would make it completely pointless to do a multisig, and instead they just are using one dude's hot wallet.

这样的话，他们就能零成本突然开始使用多重签名，这相当不错。

Like, this this would allow them to, at no cost, suddenly be using multisig, which is pretty cool.

现在需要澄清的是，我们目前并未专门为多重签名功能进行开发。

We now to to clarify for now, we have not specifically built for multisig.

这确实不是我们的重点方向，但确实是我想要实现的功能之一。

That's not really a focus for us, but it's something that I I do want to do in there.

理论上你仍然可以这么做，但我们目前没有更高级的多重签名功能，比如地址验证、在设备上存储描述符以便实际验证地址这类功能。

Theoretically, you could still do it, but we don't have some of the more advanced multisig stuff like validating addresses, like storing the descriptor on the device so that you can actually validate addresses on device, that sort of thing.

因为其中部分功能确实会更复杂些，显然这不是Cupcake的核心重点，但它确实打开了多重签名的大门——这在世界很多地方原本是成本高得令人却步的。

Because some of that does get a little bit more a little bit more advanced, and it's obviously not our the the key focus of Cupcake, but it does open up, like, multisig, which would be prohibitively expensive in much of the world.

未来我们也会向他们开放这个功能。

Down the line, it will will open that up to them as well.

我的意思是，如果你们能加上这个功能会很好。

I mean, it'd be nice if you added that.

我猜这主要是个优先级问题吧。

I assume, like, it's just a lot a matter of priorities.

我是说，作为一个重度用户，多签对我来说最重要的是签名者需要验证找零地址。

I mean, the big thing is as a heavy user multisig is it's it's important to me that the signer is verifying the change address.

哦，是的。

Oh, yeah.

哦，是的。

Oh, yeah.

确实如此。

For sure.

这就是为什么我现在不建议将其用于多签，因为我们还没有像冷卡护照等设备那样更高级的功能。

And that's why, like, I wouldn't recommend it for multisig right now because we don't have that more advanced functionality that that cold card passport, etcetera do.

所以这会是...我的意思是，盲目签名并不完全准确，但目前你无法正确验证所有内容。

So it would be it would be I mean, blind signing isn't quite accurate, but you wouldn't be able to properly validate everything right now.

除非，比如说，你将Cupcake仅作为三个设备之一使用，可以在其他设备上验证，这样你仍然能获得部分验证。

Unless, like, for instance, you used Cupcake as only one of three where you could validate it on the other devices, where you're still getting some validation.

即使你不能在所有设备上验证，如果你能在两三个设备上验证，那仍然会很有趣。

Even if you can't validate it on all, if you can validate on two or three or something, you could could still be interesting.

但这绝对是我们将要添加的功能。

But that is definitely something that we we are gonna add.

但，说实话。

But, like, I'll be completely honest.

我认为，我们非常注重零售用户，多年来我一直明确表示，多签并不是大多数人需要的。

I think, like, we are very retail focused, and I've been pretty vocal over the years that I think multisig is not something that the vast majority of people need.

所以我真的非常专注于将我们的大部分资源投入到大多数用户的需求上。

So I really am pretty focused on, like, most of our resources going towards the, again, the majority.

比如，我们如何瞄准那95%的人群，了解他们的需求。

Like, how do we target the 95%, What they need.

大多数人并不需要多重签名，即使不需要。但正如你提到的，对组织来说，这才是杀手级应用。

And most people don't need multi sig, even if it isn't But organizations, like you mentioned, is the that's the killer app.

这正是比特币的闪光点——它比法定货币体系优越得多，这是比特币一个迷人而独特的跨界优势。

And that's where Bitcoin is like it makes things way better than the fiat paradigm, which is a fascinating, like, specific crossover for Bitcoin.

听着。

Look.

普通用户首先...比特币最美妙之处就在于根本没有所谓的最佳选择。

The average user the the the best option first of all, the beautiful thing about Bitcoin is there is no single best option.

对吧？

Right?

关键取决于你的工作模式、使用场景和技术能力。

It matters about your job model and your use case and your technical ability.

但就像你说的，对绝大多数用户而言，单签名的离线冷存储已经提供了绝佳的安全保障，既方便使用又不易出错。

But for the like you said, the overall majority users, single sig offline cold storage is is an amazing security set and very convenient to use and hard to fuck up.

如果你的威胁模型更复杂些，或许可以再加个密码短语。

Maybe add a pass raise on top of it if your threat model is a little

稍微

bit

更严峻些。

more severe.

而多重签名在我看来，通常适用于公众人物和组织机构。

And then multisig is, for me, like, it's usually public figures and organizations.

比如，多重签名正是在这里大放异彩。

Like, that's where multisig really shines.

他们在威胁模型中设置了高得多的门槛。

They have a a very much higher threshold in their in their threat model.

这是一个更重要的威胁模型。

It's a more significant threat model.

因此，他们可以利用额外的多重签名优势。

And as a result, they can take advantage of the additional multisig.

我常见的情况是，人们一上来就说'非多重签名不可'，然后又说'多重签名太复杂了，你该买我的比特币垃圾股，根本别考虑自我托管'。

What I see a lot is people immediately say multisig or bust, and then they say, oh, multisig's too overwhelming, so you should buy my my Bitcoin penny stock instead of doing self custody at all.

我认为对某些人来说，这种言论可能出自恶意，但对另一些人而言只是出于无知。

And I think for some people, that's probably coming from a malicious place, but for others, that's just a place of ignorance.

我认为我们应该'让单签钱包再次伟大'。

I think we should make single state great again.

单签热钱包在数字主权方面赋予你的力量被严重低估了。

I think it's incredibly underrated how much power you have from even a single state hot wallet in terms of, like, digital sovereignty.

但当你加入离线元素时，你就是在真正升级自己。

But once you add the offline elements, you're just really upgrading yourself.

我看到锯子被电击了。

I see sawzall zapped.

5,555 统计量。

5,555 stats.

他说：'比特币星期五快乐，怪胎们'。

He said happy Bitcoin Friday, freaks.

先生，感谢您的支持。

Thank you for your support, sir.

好的。

Okay.

我有几个话题想和您探讨。

I had a couple topics I wanted to hit with you.

嗯。

Mhmm.

有个死忠粉把它们全都塞进了Primal上的一个问题里。

And a ride or die freak loaded them all into a single question on Primal.

我会先读他的问题，然后您可以随意回答，如果有我想谈但遗漏的内容，我会引导我们回到正题。

So I'm gonna read his question, and then you can answer at will, and I will navigate us back if there's things that I wanted to talk about that we missed.

这是查理提的。

It's from Charlie.

他说：问问他为什么一直推广门罗币，而不是像Cashew那样在比特币上实现隐私功能。

He said, ask him why he keeps pushing Monero instead of privacy on Bitcoin like Cashew.

好的。

Okay.

我想听听门罗币最近发生的链重组事件。嗯。

I wanna hear about Monero's latest reorg Mhmm.

以及总体而言，为什么他认为这是个值得使用的山寨币。

And overall why he thinks it's a valid shitcoin to use.

这个问题问得好。

That's a good question.

是的。

Yeah.

首先我们快速回顾一下门罗币的安全状况，然后再重新讨论电子现金的问题。

Let's let's first quickly recap the Monero security situation, and then we can we can rehash the ecash thing.

对。

Yes.

那么，总的来说，为什么选择门罗币？

So, generally, why Monero?

我会...我们会解释为什么选择门罗币。

I'll I'll I'll we'll do why Monero.

我们将讨论门罗币最近遇到的安全问题，然后快速处理电子现金的话题。

We'll talk about the security issues that Monero has had recently, and then we'll we'll tackle eCash quickly.

那么为什么选择门罗币？

So why Monero?

正是因为我们节目开头讨论的那个原因。

Exactly for the reason that we were talking about at the top of the show.

没错。

Yes.

你可以在比特币上使用CoinJoin。

You can do CoinJoin on Bitcoin.

即使能用，它的状态也不理想。

It's not in a great state even if it's usable.

而且当你使用时，你会显得突出，并经常面临污点币或资金冻结的问题。

And when you do use it, you stand out and will face can often face issues with tainted coins, or getting on fundless.

使用起来也相当困难。

It's also quite difficult to use.

遗憾的是，这个人不会使用CoinJoin。

Person is not gonna CoinJoin, unfortunately.

如果不改变比特币的共识机制，目前用户体验的提升空间其实非常有限。

And there's no real way to improve the user experience that much beyond what it is right now without changes to Bitcoin's consensus.

幸运的是，比特币中我们确实还有其他辅助工具。

Thankfully, in Bitcoin, we do have some other tools that help.

我们有静默支付。

We have silent payments.

我是说，kQuad在这方面一直处于领先地位。

I mean, kQuad's been leading the way on that.

值得庆幸的是，其他人也开始加入了。

Thankfully, others are jumping in.

出乎意料的是，Sparrow已经搭建了一个非常棒的静默支付概念验证服务器。

Sparrow has built out an awesome proof of concept server for silent payments, which I did not expect.

据说他还在Sparrow中专门开发静默支付支持功能。

He's supposedly also building out silent payment support in Sparrow specifically.

我今天早上刚听说这个消息。

I just heard that this morning.

这个功能正在发展壮大，它在接收端很有帮助，但也给前瞻性隐私方面带来了挑战。

So that is growing and that helps on the receive side, but that dubs the forward looking privacy side.

我们有PayJoin，在发送端非常出色并能提供隐私优势，但如果PayJoin中使用的资金与不该关联的事物存在联系，仍可能导致问题——有时PayJoin反而会恶化隐私状况，因为你至少会向收款方暴露一个原本不会透露的UTXO。

We have PayJoin, which is fantastic on the sending side and can provide some privacy benefits, but also suffers from if the funds you're spending in the PayJoin are linked to things that they shouldn't be, you can still have problems where you actually can make your privacy worse sometimes with PayJoin, because you are revealing at least one additional UTXO that you wouldn't be otherwise to the person that you're paying.

我认为它现在仍是一个绝佳的工具，但若能契合这种整体隐私理念，效果会更理想。

Now I think it's still a fantastic tool, but it would be best when it's fit with this holistic privacy approach.

这在比特币上确实很难实现。

That's just really difficult on Bitcoin.

门罗币让这一切变得极其简单。

Monero makes all of that stupid simple.

你只需点击发送。

You just hit send.

无需任何额外操作，就能获得比特币竭尽全力也无法企及的隐私保护。

You get better privacy than Bitcoin can achieve at its best without having to do anything extra.

当然也存在缺点。

Obviously, you have downside.

我们可以谈谈价格。

We can talk price.

我一直在这里坦诚相告。

Like, I've I've been honest on here.

多年来门罗币表现远不及比特币，如果从未接触门罗币，按统计数据或美元计算，我的财富本应多得多。

Like, Monero has not done well compared to Bitcoin over the years, and I would be much wealthier if I had never touched Monero in terms of stats or dollars or whatever you wanna account in.

但我不认为这会影响它作为自由工具的本质。

But I don't think that changes the tool as a tool for freedom.

正因如此，当我推荐门罗币时，你绝对听不到任何关于价格投机或价值增长的言论——我从未有过这类建议。

And that's when I'm recommending Monero, you will very, very clearly note I have never ever, ever, ever made any comments about you should do it for price speculation or that I think the value will increase, anything like that.

我纯粹将其视为自由工具，实际是消费工具，而它在这方面表现极为出色。

I view it purely as a tool for freedom, realistically as a tool for spending, and it's exceptionally good at that.

是的。

Yeah.

在我开始讨论Banero安全话题之前，你有什么想法吗？

Any thoughts before I jump into the Banero Security stuff?

你知道，我的意思是，我要反驳Charlie的评论，他认为你专注于门罗币而忽视了比特币隐私工具。

You know, I mean, I would just I would I would push back on Charlie's comments that you're focused on Monero at the expense of Bitcoin privacy tools.

我是说，Cakewell尤其在移动端，在比特币隐私方面处于领先地位。

I mean, Cakewell is especially on mobile is leading the way in terms of Bitcoin

我们在比特币隐私上花费的时间比门罗币多得多。

privacy way more time on Bitcoin privacy than we are on Monero.

好的。

Okay.

但我确实想听听你的想法。

But I I do wanna hear your thought.

所以在我们讨论重组话题之前，我先抛出我的观点。

So so I'll I'll throw my perspective out there before we hit the reorg stuff.

我一直认为门罗币是个有趣的项目，因为我关心金融隐私。

The I've always thought Monero is an interesting project because I care about financial privacy.

门罗币最大的两个问题——你可以想象如果每笔交易默认采用静默支付和混币技术，这大致就是门罗币的隐私架构思路。

The two biggest issues with and and I think the freaks can think of Monero kind of you just imagine if, like, silent payments and coin join were the default for every transaction is how you can kind of think about the the privacy architecture more or less of Monero.

正因它是默认设置，使用起来更简单，因为你无需考虑任何事。

And because it's the default, it's easier to use because you don't have to think about anything.

你只需发送和接收，就能获得隐私保护的好处。

You just send and receive, and you're getting privacy benefits.

首先，主要缺点在于隐私优势带来的问题——即便没有技术层面的担忧，至少存在心理层面的顾虑：是否存在隐性通胀，以及供应量是否可审计。

Now the main the main negatives of it is, first of all, because of the privacy benefits, there have always been, if not technical concerns, but at least mental concerns about whether or not there's silent inflation and whether or not you can audit the supply.

其次，实际上存在尾部发行机制，因此从一开始就没有固定供应量。

And then second of all, there actually is a tail emission, so there isn't a fixed supply in the first place.

因此市场表现似乎表明，长期来看门罗币对比特币的价格呈下跌趋势。

And so the result, which the market has seemed to dictate, is that long term Monero's price tends to go down against Bitcoin.

所以作为储蓄工具，它严格劣于比特币。

So it's strictly worse for savings than Bitcoin.

这是第一个问题。

So that's one issue.

第二个我反复强调的问题（这次重组事件似乎印证了这点）——我一直认为采用CPU工作量证明算法本质上就劣于ASIC算法。

And then the second issue that I've talked about at length, which this reorg seems to kinda prove, is I've never I'm I'm I'm never I've always thought that it's inferior to do try and do a CPU based POW algo rather than an ASIC algo.

而门罗币支持者会持相反观点。

And and and Monero, pro Monero people would say the opposite.

他们认为不使用专用硬件、不需要大规模矿场正是特性而非缺陷。

They say it's a feature, not a bug, that it's not using specialized hardware, that you don't have it in massive hardware farms.

但我始终持相反看法：专用硬件使得对比特币的攻击难度越来越大，而门罗币未必具备这种防御性。

But my opinion has always been the opposite, that because you have this specialized hardware, it becomes harder and harder to attack Bitcoin while that's not necessarily the case with Monero.

我们来具体讨论这次重组事件，因为它验证了我的观点。

So let's talk about the reorg thing because to me, that kind of proved out that thesis on my side.

确实。

Yeah.

没错。

Yeah.

是的。

Yeah.

老实说确实如此。

It it honestly did.

没错。

Yeah.

我的意思是，给那些不太熟悉门罗币的人简单概括一下。

I mean, for a a quick summary for those who aren't super familiar with Monero.

门罗币从一开始就将抗ASIC的理念作为核心，我认为这非常善意且有趣。

So Monero has from its very beginning, the idea of ASIC resistance has been at its core, which I think is very, like, well meaning and very interesting.

而且在很多方面，我认为这是正确的方法，尤其是在门罗币发展初期。

And in many ways, I think the the right approach, especially early on in Monero's life cycle.

我觉得当我们比较门罗币和比特币时，有个难以理解的点是门罗币经历了从CPU挖矿到GPU挖矿，再到FPGA挖矿，最后到ASIC挖矿的独特缓慢过渡。

I think something when we compare, like, Monero with Bitcoin that's hard to grasp is Monero got to have this unique slow transition from CPU mind to GPU mind to FPGA mind to ASIC mind.

这意味着它拥有这种仅此一次的相对安全过渡能力。

And that meant that it had this one time only ability to transition between those things relative and relatively safe.

在比特币ASIC出现后，其他链就不可能再有这种机会了。

After ASICs existed for Bitcoin, that was no longer possible for any other chain.

比如，如果门罗币直接宣布明天就启用ASIC支持，很可能最终只会有一个ASIC制造商控制整个网络。

Like, if Monero had just said, we're gonna flip on ASIC support tomorrow, you're very likely going to have, at best, one ASIC manufacturer that then controls the network.

坦白说，你几乎不可能在一夜之间，甚至提前六个月通知，就为门罗币培养出五家不同的ASIC制造商。

Like, if we're completely honest, that it's very unlikely that you would have five different ASIC manufacturers for Monero overnight or even with a six month heads up or whatever.

因此你将面临制造中心化的问题——难以实现ASIC的去中心化获取。

So you would struggle to have manufacturing to central you would struggle to have decentralized access to ASICs.

极有可能，你将不得不采用比CPU挖矿或一般抗ASIC挖矿更为集中和受控的工作方式。

And very likely, you would have to work more centralized and controlled than doing CPU mining or generally ASIC resistant mining.

因此我认为这个想法非常合理，但这并不意味着它是完美的，甚至不一定是正确的方法。

So the idea, I think, is very sound, but that doesn't mean that it's perfect or even necessarily that it's the right approach.

但关于何为正确方法的争论，在门罗币社区已持续了十年之久。

But this has been a debate that's been going on in Monero for a decade now of what the right approach is.

我们最终采用的随机访问算法，本质上将你的CPU——即现代计算机中的中央处理器等——转化为挖掘门罗币最高效的工具。

We landed on random access algo that basically turns your CPU into an so the the modern CPU that you have in your etcetera, is essentially the most efficient way to be able to mine Monero.

而为门罗币开发更好的矿机，基本上意味着你在为全人类改进CPU性能，这本身也是件具有网络效益的好事。

And to make a better miner for Monero would basically mean you're improving CPUs for everybody, which would be also be just kind of a net good thing.

所以这个理念是站得住脚的。

So the idea is sound.

该方案的主要漏洞——同时恰恰是我最欣赏ASIC在网络安全中应用的一点——在于ASIC本身的沉没成本属性，以及硬件无法被转作他用的特性。

The main part where it falls apart and the main thing that I love about ASIC usage for network security is that there's a a sunk cost into the ASICs themselves, and there's an inability for people to repurpose hardware for other things.

而对于采用CPU挖矿的抗ASIC算法而言，这意味着AWS、微软、谷歌等拥有数据中心的公司，随时都能调动整个数据中心的力量来挖掘门罗币。

And when it comes to CPU mined ASIC resistant algorithms, what that means is AWS, Microsoft, Google, anyone who has data centers has a data center of Monero miners at their disposal at any moment.

他们可以随时启动矿机。

And they can turn them on.

也可以随时关闭。

They can turn them off.

他们能在营业时间用这些设备赚取巨额利润。

They can use them during business hours to make a lot of money.

而在设备闲置时，又能转而挖掘门罗币。

And then when they're idle, they can use them to mine Monero.

那里可能会发生许多许多不同的事情。

There are many, many different things that can happen there.

简而言之，通过这次最新攻击，又有一个山寨币为了营销目的故意压低价格。

And with this latest attack, like, long story short, there's another altcoin that's price was tanking for marketing purposes.

他们通过建立自己的门罗币矿池，并动用所有印制的货币补贴矿工，支付额外费用让他们在自己的矿池挖门罗币，从而对门罗币发起攻击。

They launched an attack on Monero by essentially launching their own Monero mining pool, and then using all of their printed currency to subsidize those miners to pay them extra to mine Monero on their pool.

然后他们搞了个奇怪的代币经济机制，比如回购并销毁自己的货币。

And then they did this weird tokenomics thing where, like, they bought back their own currency and burned it.

简直愚蠢至极。

Like, stupid stuff.

但这件事有趣且有用之处在于，他们确实成功攻击了门罗币。

But what is interesting and useful about it is that essentially they were able to attack Monero.

虽然从未发生过51%攻击。

Now there was never a 51 attack.

也从未掌控过整个网络。

There was never control over the network.

粗略估计他们可能曾短暂拥有过全网30%到35%的算力，但持续时间都不长。

Rough estimates are probably if they had 30 to 35% hash rate of the network at any at a moment in time, not for long periods of time.

最严重时表现为三周前门罗币出现18个区块的延迟——这显然是个问题，主要有两个原因。

And that manifested at its worst worst in a '18 block yard in Monero three weeks ago, maybe, something like that, which obviously is a problem, specifically for two reasons.

首先需要说明，门罗币的出块时间是两分钟。

One, just to caveat, Monero has two minute block times.

所以这相当于比特币网络中出现五个区块的重组。

So this would be equivalent to like a five block reorg in Bitcoin.

所以这是不同的。

So it's it's different.

虽然不完全可比，但18个区块深度的重组在门罗币中比在比特币中引发更多问题。

It's not perfectly comparable, but an 18 block deep reorg has more causes more problems in Monero than it does in Bitcoin.

因为在门罗币中，我们有个称为10区块锁的机制——基本上意味着资金需要10次确认才能花费——这是由于门罗币的隐私机制需要引用其他未花费的交易。

Because in Monero, the reason we have this thing called a 10 block lock, which basically means you can't spend funds until they have 10 confirmations, is the way that Monero's privacy works references other, unspent transactions.

而且我们无法知道门罗币网络中任何交易是否已被花费。

And we don't know if any transaction is spent in Monero's network.

如果交易被重组，虚假花费也可能被重组，这本质上会破坏这些交易的隐私性。

And if the transaction gets reorged, the fake spends also could get reorged, it can essentially destroy the privacy for those transactions.

因此如果交易在超过10个区块后被重组，它们就会失效，这会引发更多问题。

So transactions get invalidated if they get reorged out past 10 blocks, which causes more issues.

所以当时发生了这次大规模重组。

So there was this big reorg.

正如我所说，攻击本身虽未达到51%算力，但它充分证明：一个能凭空造币的攻击者——实际上这次攻击者确实做到了——其规模远小于国家行为体，却足以扰乱门罗币网络。

The attack itself, like I said, they never got 51%, but it was good proof that an attacker who can print money, which essentially its attacker was able to, at a scale that is much smaller than a nation state, was able to cause problems with Monero's network.

这验证了我们多年来的某些担忧，并促使门罗社区深入思考如何长期提升网络安全性。

And it proved out some concerns that we've had for years and has caused a lot of thought within the Monero community of how do we improve the security of Monero long term.

但这确实非常困难，因为就像我说的，你不能简单决定'明天或半年后转用ASIC挖矿'，因为必须确保这些ASIC能被广泛使用，否则只是换了个名义的中心化而已。

But it's it gets really hard because like I said, you can't just go like, oh, we'll just be ASIC mined tomorrow or in six months because you would really have to guarantee that there's gonna be broad access to those ASICs to ensure that you don't just end up centralizing under a different name rather than the one that you you already are struck.

实际上，我认为这对你们算是个相对温和的警醒。

I mean, in practice, I I think it was a relatively painless wake up call for you guys.

我认为实际上没有人遭受资金损失。

I don't think anyone actually lost any money.

这更像是拒绝服务攻击。

It was more of like a denial of service attack.

我见过门罗币社区提出的一些疯狂方案，试图在未来缓解这个问题。

I've seen some crazy proposals out of the Monero community about how to try and mitigate it going forward.

我只是想提出一个建议，一个未经请求的建议

I'm just gonna throw out a a a suggestion, unrequested suggestion

说来听听。

Let's hear it.

我觉得这个想法可能挺有意思，不过话说回来，这事跟我没什么利害关系。

That I think could be interesting, but also, like, I have no skin in the game.

为什么不直接抄袭莱特币的ASIC算法呢？

Just why don't you just steal Litecoin's ASIC algo?

直接抄袭Scrypt算法，这样就能坐享其成——毕竟门罗币社区看起来比莱特币社区专注得多，而且你们已经有现成的ASIC产业基础。

Just steal script, and then you get the entire because, I mean, the the Monero community seems to be way more dedicated than the Litecoin community, and you already have a bootstrapped ASIC industry there.

你们可以直接分叉门罗币。

You could just fork Monero.

门罗币本来就会相对频繁地进行分叉。

Monero already forks relatively often.

只要分叉到Scrypt算法，就能直接利用已经成熟的ASIC产业来挖门罗币。

Just fork it to script, and you have a completely established ASIC industry ready to go to mine Monero.

嗯。

Yeah.

我的意思是，这本质上属于联合挖矿，但这种方式也存在弊端。

There I mean, there are essentially, that would be merge mining, which there are downsides to that.

我觉得这是个有趣的想法，这就像是万不得已时的备选方案——如果其他方法都行不通，就把我的币与比特币或莱特币合并挖矿。

I I think it's an interesting idea, and it's one of those things that I think is like the if all else fails and shit hits the fan, just merge mine with Bitcoin or Litecoin.

嗯，合并挖矿确实存在问题，如果你是算法中排在第二位的币种。

Well, merge mining merge mining has issues if you're the second coin in line on the algo.

不过我们不会这么做。

We wouldn't, though.

呃，我是说...这可能取决于...这要看矿工挖它能获得多少收益。

Well, I mean Well, maybe the depends on how you it would depend on how much revenue miners would get from mining it

相比之下，我认为有充分理由相信门罗币会在那种情况下迅速超越莱特币，成为主导币种。

versus, like argument I think there's a decent argument to be made that quickly Monero would overtake Litecoin in that situation, and become the dominant one.

因为据我所知，莱特币的算法也与狗狗币进行了合并挖矿。

Because Litecoin's algos also merged mine with Dogecoin, I believe.

对。

Yeah.

没错。

Yeah.

确实。

Is.

曾经有段时间，狗狗币几乎要超越莱特币了。

And at one point, Dogecoin o almost overtook Litecoin.

当时莱特币团队的人都快急疯了。

Like, the Litecoin people were, like, freaking out.

但门罗币其实是有机会做到的。

But Monero actually would have an opportunity to.

我不知道。

I don't know.

我只是随口一说。

I'm just throwing it out there.

我会在一旁欣赏这场混乱。

I would enjoy the chaos from the sidelines.

而且我一直以来的理论是，区块链会试图攻击其他人的算法以试图接管它们。

And I think it I always I always theorized that that could be I my early theory theories were that people that chains were gonna try and attack other people's algos to try and take them over.

但实际情况是，几乎整个行业都转向了权益证明机制。

But what happened was the in almost the entire industry moved to proof of stake.

现在唯一采用工作量证明机制的主流区块链只有门罗币、莱特币和狗狗币。

And the only, like, all chains that are proof of work of, like, any reasonable size are Monero, Litecoin, and Dogecoin.

这就是我们现在的处境。

So that's where we are now.

总之

Anyway

老实说，这个观点很有趣。

That's an interesting point, honestly.

就这么说吧。

It out there.

我认为，要安全地使用ASIC芯片，唯一的方法就是选择那些已经有合理ASIC饱和度和分布的项目。

I mean, it's it's really the only way you could do ASICs, I think, safely, is you would have to do something that already have reasonable ASIC saturation and distribution to be able to do that.

是啊。

Yeah.

然后你会立刻发现那些拥有全部硬件设备并愿意参与挖矿的矿工，因为他们

And then you'd immediately have miners who have all the hardware and would be willing to mine because they

还有那些已经在生产硬件的制造商。

And manufacturers that are already making the hardware too.

是啊。

Yeah.

确实如此。

It's true.

没错。

Yeah.

总之，今天关于门罗币就聊到这里吧。

Anyway, that's enough Monero for today.

我肯定有些人会被这个话题激怒。

I'm sure there's gonna be people that are triggered by it.

我只想说，当所有比特币大V——或者说主要是比特币大V——都开始为比特币概念股站台后，比特币极端主义社区就已经丧失了道德高地。

I will just say that I think the Bitcoin maximus community has lost the moral high ground once all the Bitcoin influencers or mostly Bitcoin influencers went on the payroll of Bitcoin penny stocks.

所以

So

确实。

Yeah.

看着这一切发展真是耐人寻味。

It's been interesting to watch.

我觉得讨论最后一个非比特币的工作量证明机制如何应对这类情况要有趣得多。

I think it's it's much more interesting to talk through a one of the last remaining proof of work change that's not Bitcoin and how they're dealing with these types of situations.

好的。

Okay.

我想回到你之前提到的关于引入闪电网络的话题。嗯。

So I wanna go back to you've been talking about bringing Lightning Mhmm.

将闪电网络整合到Cakewallet。

Lightning to Cakewallet.

你们对此有什么想法？

How are you thinking about that?

历史上看，以自我托管方式实现闪电网络一直很困难。

Lightning historically has been difficult to do in a self custody way.

现在市面上出现了很多新选择。

There's a lot of new options out there.

是的。

Yeah.

我参与的一些项目一直在思考如何在这方面做到最好，就是让自我托管的闪电网络更易用。

Some of the projects I'm working on have been thinking about how best to execute on that front, just making self custody Lightning easier to use.

你们团队是怎么考虑的？

How how are you guys thinking about it?

确实。

Yeah.

说实话，我们花了一年时间挣扎着做这个决定，寻找合适的方案。

I mean, it's been a honestly, it's been a year long struggle to make that decision and find a good approach.

比如我刚加入Cake时做的第一件事，就是表示对当时采用的green light方案的闪电网络测试版不满意。

Like, I I think one of the first things I did when I first joined Cake was say, like, I just wasn't happy with beta, the lightning beta that we had at the time, which was using the green light approach.

我认为这已经证明，作为解决自托管闪电网络问题的方法，它本质上从一开始就行不通。

And I think that has proven itself out as just essentially a a nonstarter as a a way to solve this self custodial lightning thing.

几乎所有人都已经转向其他方案了。

Pretty much everybody's pivoted away from that.

由于多种原因，寻找替代解决方案变得异常困难。

And finding another solution has been incredibly difficult for many reasons.

其一是正确实施闪电网络永远无法达到用户愿意接受的使用体验。

One is that doing Lightning just properly is just never going to be the user experience that people are going to be willing to handle.

虽然情况有所改善，但它仍然无法成为绝大多数人愿意尝试使用的东西。

And it's it has gotten better, but it's still something that will will never become something that the the vast majority of people will be willing to jump in and use.

就像我之前提到的，我们的目标是覆盖95%的用户群体。

And again, like I've like I mentioned before, like, we're targeting the 95%.

显然，我们不想在自托管这个原则上妥协。

Like, obviously, we don't wanna compromise on self custody.

这正是我们面临挑战的原因——因为存在简单的方法可以牺牲自托管来解决闪电网络问题，但那意味着你既不是在用闪电网络，也不是在用比特币。

So that's what especially makes us challenging, is there are easy ways to just compromise on self custody and and solve lightning because you're not doing lightning, you're not doing Bitcoin.

但我们不愿放弃这两个关键点：既要让普通用户能使用闪电网络，又要坚持自托管原则。

But we didn't wanna sacrifice of hitting those two points of, like, how do we make Lightning something that's usable by the normal user and yet not give up on self custody?

这本质上意味着我们无法使用现有的任何方案，也不能采用那个曾短暂流行但现在似乎也在消亡的Liquid方案。

Essentially, just meant that we couldn't use anything that's out there today, and we couldn't use the liquid thing that everyone switched to for a little while, but that seems like that's dying out now as well.

所以最终我们只能在Spark和Arc之间做选择。

And so it really came down to Spark and Arc.

而Arc确实是个令人着迷的解决方案。

And Arc is, like, such a fascinating solution.

这确实是我长期以来的偏好，它是一种非常有趣且新颖的方式，既能解决闪电网络的诸多问题，又能让你在不放弃托管权的情况下更广泛地使用比特币。

That certainly has been my preference for a long time, and is a a very interesting, like, novel way to solve a lot of the problems with Lightning while actually allowing you to do a lot more with Bitcoin generally without giving up custody.

显然存在一些注意事项，如果我们真要深入探讨这些东西的实际运作原理、哪些是真正无需信任的、哪些是信任最小化的、以及托管风险存在于哪些环节之类的问题，我们可能得在这里耗上一整天。

Obviously, there are caveats, we could be here all day if we actually got into all the like, how this stuff actually works and what's actually trustless and what's trust minimized and where there's custody risk and stuff like that.

不过，我确实很喜欢ARC这个概念。

But, yeah, I really like the idea of ARC.

我认为简单的ARC加上闪电网络交换螺栓的设计理念，将会非常出色。

And I think the the concept of just simple ARC with bolts for swaps to Lightning is just like it's it's going to be good.

我对Arc的困扰在于——无论我怎么讨论这个话题，总会有人非常生气。

The problem that I've had with Arc, and like, no matter how I talk about this, someone's pretty mad.

所以我要事先声明一下，

So I'm just gonna preface this with like,

特别是如果这期节目涉及到相关内容。

especially if something to this episode.

没错。

Yeah.

我们会一次性触动所有人的神经。

We'll we'll trigger everybody in one.

但ARC的主要缺点在于其轮次运作机制——你必须进行VTXO刷新才能避免在大约三十天后将资金托管权实质上让渡给ARC服务商。对于桌面环境来说这不算大问题。

But the main downside with ARC is just that the way that rounds work, the way that you have to do VTXO refreshes in order to not essentially give up custody of funds after something like thirty days to the ARC service provider, is not a big problem if you're talking about a desktop environment.

但在移动端，尤其是iOS平台上，这就变得非常非常棘手。

It's really, really problematic when you're talking mobile, specifically iOS.

如果你只服务安卓用户且拥有优秀的工程团队，或者只服务桌面用户，那么采用Arc绝对是明智之选。

If you're serving only Android users and you have a good engineering team or you're serving only desktop users, I think Arc's just absolutely a no brainer.

比如说，超棒的工具。

Like, fantastic tool.

ArcLabs团队和第二团队正在逐步解决Arc的许多初期障碍。

ArcLabs guys and second guys are solving a lot of the initial hurdles with Arc as we go.

但最无法回避的核心问题（尤其在缺乏契约的情况下）是必须定期进行交互式协调交易——这在大多数人使用的移动端环境中实施起来非常困难。

But the main thing that you can't get away from, especially without covenants, is having to do interactive coordinated transactions regularly, which is something that is just really hard to do in an environment where most people are, which is on mobile.

这也是为什么移动端的CoinJoin从未让人感到愉快的主要原因。

And it's the main reason why, like, CoinJoin on mobile was never fun.

虽然你可以在Samurai钱包里操作，但从未实现过重新混币这类功能。

Like, you could do it in Samurai Wallet, but you were never remixing or anything like that.

确实不怎么样。

It was not Yeah.

体验相当糟糕。

It was pretty enjoyable.

这已经是安卓系统下的最佳情况了。

And that was the kind of the best case scenario, which is Android.

它从未登陆iOS是有原因的——在iOS上根本不可能实现这种功能。

There's a reason it never came to iOS because you would never ever be able to do that on iOS.

ARC也面临着许多相同的问题。

You have a lot of the same problems with ARC.

有些变通方案，比如ARC实验室团队提出的委托意图系统很有意思，但这只能解决刷新问题。

There are some ways to work around this, like the delegate intent system that the ARC labs guys have come up with is interesting, but that only handles the refresh.

它无法真正实现最终性——比如为自己认领VTXO，并确保无人能与ARC服务提供商合谋提前窃取这些资金。

That doesn't handle actually getting finality, like claiming a VTXO for yourself and ensuring that no one can collude with Arc service provider and steal those funds earlier.

而且在移动设备上确实很困难。

And it's just it's really hard on mobile.

Spark之所以有趣，是因为背后的人并不怎么样。

Now Spark is interesting because the people behind it are not great.

比如Light Spark、David Marcus、Libra之类的，随便举几个例子。

Like Light Spark, David Marcus, Libra, like, you name it.

那里有很多，嗯，有很多历史包袱。

There's a lot of, like, there's a lot of baggage there.

A 16 z。

A 16 z.

是啊。

Yeah.

它就像是ARC的反面，从来源上看完全相反。

It's like it's very much kind of like the antithesis of ARC in terms of where it's coming from.

但我认为对所有人来说，一个非常有价值的练习是先把那些放一边，考虑技术本身。

But I think something that is a very valuable exercise for everyone to do is put that aside and consider the tech.

你不应该直接忽视那些。

Now that you should not just dismiss that.

显然，这些东西的来源很重要，尤其是当你在讨论这个系统的长期前景时——当一家大公司在构建协议时，即使它是开放的，他们也会对发展有很大影响力。

Like, obviously, it matters where these things come from, especially when you're talking about what is the long term outlook of this system look like when one general company is building the protocol, even if it's an open protocol, they'll have a lot of sway in what happens.

所以了解这点很重要。

So it is important to know that.

但如果你把那些放一边，把Light Spark的怪异之处放一边，真正看看Spark协议，我认为它是一种非常务实、非常有趣的解决当今问题的方法，而且确实有效。

But if you put that aside, if you put the Light Spark weirdness aside, and you actually look at the Spark protocol, I think it's a very pragmatic, a very interesting approach to solving today's problems in a way that actually works as well.

主要是它比Arc简单得多，尽管你确实缺乏真正的终局性。

Mainly that it is quite a bit simpler than Arc, even though you do lack true finality.

在Arc中获得真正终局性的唯一方法是通过这些轮次，而这些在移动设备上基本不可能实现，至少不会有趣。

The only way you get true finality in Arc is by doing these rounds, which are basically impossible on mobile or are not gonna be fun on mobile at the very least.

它还具有对代币的原生支持，尽管你可能会说，我也讨厌稳定币和代币。

It also has native support for tokens, which say what you will, I hate stablecoins and tokens as well.

当今世界许多地方需要并使用稳定币，支持这一点将非常有用。

Much of the world is needs and uses stablecoins today, and support for that is something that will be useful.

而且我知道，像Arc一样，我确信它最终会通过Taproot资产支持稳定币。

And I know that, like, Arc, I'm sure, is going to have stablecoin support down the line through Taproot assets.

但它也是一个非常有趣的系统，能很好地解决当今的问题，并有一组很好的权衡。

But it also is just a it's a it's just a very interesting system that works quite well for today's problems and has a good set of trade offs.

是的。

Yeah.

这仍然是个艰难的决定。

It's still a hard decision.

我已经——我是说，我甚至数不清花了多少小时和多少人讨论过Spark和Arc两边，试图确保我们做出一个好的决定。

And I've had I mean, I can't even count the number of hours and conversations I've had on both the Spark and Arc side with everyone I can possibly speak to, trying to make sure that we make a good decision on this.

但弄清楚什么是务实现实的解决方案，以及什么是最佳权衡组合，这很有趣。

But it's been interesting to figure out, like, what is the pragmatic realistic solution and what are the best sets of trade offs?

其实，我对Spark剩下的主要问题是他们在隐私方面做得非常奇怪，现在很糟糕。

I mean, really, my main, like, remaining problem with Spark is they do some privacy things really weirdly, like, badly right now.

这不奇怪。

It's not weirdly.

他们故意地、刻意地试图将其隐私性降到最低。

They intentionally they intentionally try and make it as the least private possible.

我想我们会看到的。

I think we'll see.

我很好奇其中某些部分是否成立。

I I'm I'm curious if some of that holds.

目前除了区块浏览器外，大多数问题都出在Spark上——区块浏览器本不该存在却实际存在。

Most of the stuff that is problematic today outside of the Block Explorer, which does not need to exist and does exist for Spark.

但就像...你不能使用新地址这种技术复杂性，据称Spark很快就会解决这个问题。

But, like, the like, you can't use new addresses is part of the technical complexity with Spark that supposedly is going to be solved very soon.

这根本不是功能特性。

Like, that that's not a a feature.

目前这其实是个漏洞，据说是这样。

It's a bug right now, supposedly.

这就是为什么Lightspark团队的真实身份很重要。

Again, this is where who Lightspark are Lightspark are actually matters.

你需要有个真正值得信赖的人来持续改进这个系统。

Like, you you need to have someone you can actually trust that they're gonna iterate on this.

但问题在于主要应用场景是什么？

But it's also you get into the scenario where, like, what's the main use case?

主要应用场景就是简化版闪电网络，在系统内不经KYC时能提供合理的隐私保护。

The main use case is Lightning, Lightning simplified, reasonable privacy, especially if you're not KYCing within the system.

我知道有很多谣言说Lightspark最终会强制Spark用户进行KYC验证。

I know that there's a lot of, like, FUD that somehow Lightspark is gonna enforce KYC on Spark down the line.

我还没看到任何证据，但如果他们这样做显然会有害

I haven't seen any evidence of that, but that would be obviously detrimental if they

呃，我不认为他们能突击完成KYC，因为你可以在未经许可的情况下转移

Well, I don't I don't think they could shotgun KYC because you can you can move out with without permission.

他们可以

They could.

我是说，他们可以对金额太小的情况这样做

So I mean, they could do it for amounts that are too small for

让你无法转发

you to forward.

对

Yeah.

因为这是我认为你你你元音的一件事

Because that is one thing that think You you you vowel.

对

Yeah.

继续

Go on.

抱歉

Sorry.

抱歉

Sorry.

对

Yeah.

我正想说，我认为有一点讨论得不够充分，技术上来说，双方确实都有单边退出机制，但成本都很高。

I was just gonna say that is one thing that I think is, like, not discussed enough is technically, yes, both have unilateral exit, but it's quite costly in both.

据我所知，在Spark上单边退出的成本更高。

From what I understand, more expensive in Spark to unilaterally exit.

在很多场景下，这个成本差异很大。

In many scenarios, it it varies widely.

但在这两种情况下，单边退出的成本都会比普通的链上交易高得多。

But in both, it's going to be more expensive than just a regular on chain transaction to unilaterally exit.

所以如果你说的是小额交易，比如有人要用闪电钱包，很多时候单边退出在经济上根本不可行。

So if you're talking small amounts, like someone's gonna have a Lightning wallet, oftentimes, it wouldn't be something where you can actually economically feasibly unilateral exit.

这就是为什么Spark会说'先花这些资金，直到你证明身份'之类的方案居然可能实现，这很可怕。

And that's where the idea of, like, Spark saying, spend these funds until you prove who you are or something would actually be possible, which is terrifying.

不过只要有任何Spark运营方不同意这个KYC要求，这个方案就会失效。

That now that goes away if any of the Spark operators are not on board with that KYC thing.

所以这将成为判断系统是否具备抗审查能力的关键因素——这是个信任模型的问题。

So that will be the main kind of decider on if it can be a system that's relatively censorship resistant or not is it's it's a one of in trust model.

只要有任何Spark运营方是可靠的，整个系统就会可靠。

So if any of the Spark operators are good, then it will as a whole be good.

但目前所有Spark运营方都是LightSpark或其关联方。

But right now, the Spark operators are all LightSpark or LightSpark affiliated.

所以想看看是否有其他没有直接血缘或商业关系的运营方加入。

So kinda wanna see if if others come on and join that aren't directly related by blood or by business relationship.

要为他们说句话，据我了解他们确实在积极引入更多独立运营方。

I mean, in their defense, my understanding is they they're actively trying to bring on more independent operators.

他们是。

They are.

是的。

Yeah.

他们是。

They are.

而且据称，他们很快至少会再增加几个功能，但初期有意限制了范围，因为在测试阶段会增加复杂性，而且Spark还处于非常早期的阶段。

And, supposedly, they'll have at least a couple more soon, but have limited it intentionally at the beginning because it does add complexity in the, like, testing phase, and it's pretty early days for Spark.

不过确实。

But yeah.

最大的隐私疑问在于，他们本可以不公开广播每笔交易就运行整个系统，却主动选择公开，这就是你提到的浏览器方面的情况。

The big the big privacy question mark is, like, they you could they could run the whole thing without publicly broadcasting every transaction, but they're actively choosing to do that, which is what you mentioned with in terms of the explorer.

你仍然需要信任运营商，而运营商仍可能与ChainAnalysis合作。

You would still trust the operators, and the operators could still partner with ChainAnalysis.

但在我看来，这绝对比向全世界广播每笔交易要好得多。

But to me, that's strictly better situation than broadcasting it to the world every single transaction that's made.

而且这似乎完全没必要，除非——我是说——你们只是在过度合规。

And it seems completely unnecessary unless I I mean, and you're just overcomplying.

这就像一种预先的过度合规。

It's like a pre compliance overcompliance

我是说这种情况。

I mean type of situation.

从某些角度看，如果他们只是出于用户体验考虑，想让用户能查询钱包看到代币之类的

In some ways, if they just want it from a UX perspective of, like, people expect to be able to look up a wallet and see the tokens and stuff, like

不。

No.

好的。

Okay.

这并不理想

It's not a great

我想是吧。

I guess.

原谅它吧，从隐私角度看实在太糟糕了。

Excuse because it is so bad from a privacy perspective.

但人们必须注意，这就像VPN模式的隐私保护机制。

But it is very important for people to note that you it's it's like a VPN model kind of privacy.

你是在信任这个实体不会泄露你的交易记录。

You're trusting the entity not share your transactions.

比如在ARC中，你信任单一实体不会泄露那些交易。

Like, in ARC, you're trusting one entity to not share those transactions.

而在Spark中，你需要信任所有实体都不会泄露你的交易。

In Spark, you're trusting that none of the entities share your transactions.

就是这样

That's what

他们确实会泄露你的

they do share your

普通用户可能不会——至少我的意思是，除非我想错了。

The average user is probably not going to be, at least for I mean, in unless I'm thinking about it wrong.

我认为普通用户会使用Spark钱包来发送和接收闪电交易，他们只需要管理一个余额。

I think the average user is gonna be using a Spark wallet to send and receive a lightning, and they're just gonna have a single balance.

他们不会去查找Spark地址或那些所谓的独立标识。

They're not gonna be, like, looking up Spark addresses or, like, individual whatever they call them.

它们不是UTXO，但行为有点像UTXO。

They're not UTXOs, but they act kinda like UTXOs.

是啊。

Yeah.

这真的要看情况，老兄。

It really depends, man.

我很好奇想看看，因为和双方团队以及很多人交流后，我觉得普遍观点是闪电支付功能相比其他潜在用途——尤其是稳定币——规模微不足道。

I'm I'm curious to see because I think, like, talking to both teams and a lot of other people, I think the view is that the Lightning payment side is just tiny compared to all of the other potential usage, specifically stablecoins.

我认为Spark的构建方向对此非常明确。

I think the way Spark is building is very clear around that.

比如，他们的重点是

Like, their focus is

而稳定币将会使用原生的Spark地址来实现。

And the stablecoins will be native Spark addresses for that.

嗯。

Mhmm.

对。

Yep.

没错。

Yep.

首先，我看到两个关于Strike如何实现闪电网络的问题。

I mean so first off, I saw two questions about how does Strike do Lightning.

Strike以一种完全托管的方式实现闪电网络。

Strike just does Lightning in a very in a completely custodial way.

他们拥有优秀的工程团队，提供高流动性和支付可靠性，用户体验也非常出色。

They have a great engineering team, you have great liquidity and great payment reliability, and the UX is fantastic.

但由于是托管模式，显然你在Strike面前毫无隐私可言，而且Strike作为受监管的金融机构需要对你进行KYC验证。

But because it's custodial, you obviously have zero privacy from Strike, and Strike is a financial regulated entity that does KYC on you.

现在Strike还提供了API，方便其他钱包集成，Primal就是这样做的。

Now Strike also has an API that makes it easy for other wallets to implement it, which is what Primal did.

就Primal而言，他们的KYC要求比Strike低，因为Primal限制了通过它的转账金额，还有其他一些限制。

And in Primal's case, they do less KYC than Strike does because Primal limits the amount that you can transfer through it and has other yeah.

基本前提就是他们会限制你在钱包里随时持有的金额。

That that's the basic premise is that they they limit the amount you can hold in the wallet at any given time.

显然，这并不理想。

Obviously, this is not ideal.

我们希望看到的是转向...另外，cashew也有类似的权衡，cashew是托管式铸币机构，由于采用开放协议，这些机构之间可以互操作。

What we'd like to see is moving to a and and so also, cashew has a similar trade off, which cashew is you have custodial mints that are interoperable with each other because it's an open protocol.

但归根结底，你不需要依赖铸币机构来保护隐私，在这方面反而是个优势。

But at the end of the day, you have to rely on the mint not for your privacy, so it's a benefit on that front.

但在资金使用能力方面，你确实需要依赖它。

But you do have to rely on it in terms of the ability to spend your funds.

如果铸币机构离线，甚至都不需要是恶意的。

If the mint's offline, it doesn't even have to be malicious.

如果铸币厂离线，你就无法使用资金。

If the mint's offline, you're not able to spend your funds.

然后很明显，铸币厂操作员可能会卷款跑路。

And then, obviously, the mint operator can rug you.

我认为Cashew有很多优势，因为它易于实施。

I think Cashew has a lot of benefits because it's it's easy to implement.

它是可编程的。

It's programmable.

它是离线的。

It's offline.

它可以离线使用，具有极强的隐私性且使用成本非常低。

It can be used offline, and it has very strong privacy and is very cheap to use.

因此我认为Cashew有其用武之地，尤其适用于小额交易。

So I think Cashew has its place, especially for smaller amounts.

但ARG和Spark在尝试实现自我托管的闪电网络方面确实非常有趣。

But ARG and Spark specifically are really, really interesting in term terms of trying to implement self custody Lightning.

闪电网络。

Lightning.

它们有有趣的权衡模型。

They have interesting trade off models.

你可以无需许可地同时离开这两个系统。

You can leave both of them without permission.

正如Seth提到的，你知道，金额需要超过一定限额，但反过来也意味着，最坏情况下你只会自动损失一小笔钱。

As Seth mentioned, you know, the it needs to be over a certain amount, but the opposite side of that is it means, you know, worse comes to worse, you're gonna auto you lose a small amount.

对吧？

Right?

这是因为链上的限制。

So and that's because of on chain limitations.

比如，你在比特币链上结算的费用是多少？

It's like, what is your fee to settle on chain on Bitcoin?

然后根据我自己的分析，基本上和你的观点一致，我本来打算今天在钱包里实现它。

And then I will say for my own analysis, basically, right on point with yours, like, I think I was gonna implement it in a wallet today.

这完全就是Spark。

Like, it just a 100% be Spark.

我觉得实现起来要容易得多。

I think it's way easier to implement.

我真希望这不是真的。

I wish that wasn't true.

真的，我特别希望这不是事实。

Like, I really wish that wasn't true.

我内心的密码朋克在说无论如何都要用ARC，但我不确定现在能否在移动端以用户友好的方式实现。

Like, the cypherpunk in me is, like, just do ARC no matter what, but I I'm just not I'm not sure that it's actually doable today in a way that's user friendly on mobile.

但这不意味着问题无法解决，这也是我仍然想看到契约功能的主要原因之一。

But that's not to say it won't be solved, and that's one of the main reasons why I still wanna see covenants.

我不确定这些功能是否会实现，但它们能解决ARC的大部分问题，让它成为明显的赢家。

I'm not sure if those are ever gonna happen, but they would solve most of the problems with ARC and, think, make it the clear, clear winner.

是啊。

Yeah.

我想对聊天室里的其他人说，格雷格对我有个人成见，还喜欢编造谎言，请大家记住这一点。

I I would just say to other people that might be in the chat, Greg has a personal problem with me and likes to make up lies, so you can just keep that in mind going forward.

而且格雷格，如果你想进行诚实的对话，我一直很乐意和你坦诚交流，就像我过去多次告诉你的那样。

And, Greg, if you ever wanna have an honest conversation, I'm always happy to have an honest conversation with you as I've told you many times in the past.

目前Spark已在Satoshi钱包的测试版中实现，我一直在试用这个功能。

So Spark right now is implemented in the wallet of Satoshi beta, and I've been playing around with that.

虽然Satoshi钱包历史上是完全托管钱包，但在'武士'逮捕事件后他们退出了美国市场——因为作为不进行KYC的托管方，他们非常担忧。

And so while the Satoshi historically was a completely custodial wallet, and they left The US following the samurai arrests because as the custodian that wasn't doing KYC, they were quite concerned.

现在他们正通过Spark重新进入美国市场。

And they're reentering The US using Spark.

最棒的是它拥有合理的信任模型，同时用户体验完全保留了人们喜爱的托管式操作感。

And what's really cool about it is you have a decent trust model, and you have a decent trust model, but the u the UX feels very much like the custodial UX that people love.

就像拥有一个统一的余额账户。

You have, like, a single unified balance.

你可以直接通过闪电网络收发款项。

You just pay and receive over Lightning.

这他妈就是好用。

It just fucking works.

就我个人而言，这个领域充斥着太多炒作和废话，我通常都会选择忽略，直到能亲自体验为止。

So, anyway, I was I was me personally, like, I'm one of those people that there's so much hype and bullshit in the space, and there's only so much time that I tend to ignore stuff until I can play with it in person.

当我使用Satoshi钱包测试版时，才真正意识到Spark的价值所在。

And the the the realization that there was something there with Spark was when I used the wall of Satoshi beta.

我当时就想，哇。

And I was like, wow.

这玩意儿居然真他妈能用，而且操作特别简单。

It's, like, actually fucking working, and it's very easy to use.

不过你知道吧，最好别把全部身家都放进去。

And, you know, you probably shouldn't keep your life savings in it.

我的意思是，至少它还是个热钱包。

I mean, at the very least, it's still a hot wallet.

但如果你用它来日常消费，然后理想情况下再转移到离线冷存储的自托管方案，我觉得这个折中模式相当不错。

But if you're using it for spending and then ideally you move to self custody offline cold storage, it seems like a pretty good trade off model to me.

我很感激有这种东西存在。

I'm pretty grateful it exists.

再说一次，它不需要软分叉——我觉得比特币协议无论如何都不会有重大改动，不管你愿不愿意。

And once again, it doesn't require a soft fork, which I do not think we're gonna get any significant protocol changes to Bitcoin whether you want them or not.

所以对我来说，只有那些不需要软分叉的改进才有意思。

So the only things that are interesting to me are things that do not require a soft fork.

嗯。

Yeah.

关于Spark2最后还有个有趣的小细节。

One last minor thing about Spark two that would be interesting.

就像我们讨论过的，Spark有些设计选择比较奇怪，但有个完全可以实现的功能是给它添加盲签功能。

Like, there's some like we talked about, there's some odd design choices with Spark, but, like, one thing that would be quite possible would be to do to add blind signing to Spark.

如果你研究过状态链，过去其实已经实现过这种方案。

Like, if you look at state chains generally, this has been done in the past.

不知道为什么，我完全想不起之前的具体实现方法了。

For some reason, I'm totally blanking on the the previous approach here.

水星。

Mercury.

水星。

Mercury.

是的。

Yes.

水星层。

Mercury layer.

他们确实用盲签名实现了状态链。

They did they did state chains with blind signing.

但还存在其他缺点，比如无法拆分UTXO。

Now there were other downsides, like you couldn't break apart UTXOs.

所以你只能按实际存入的面额进行消费，这非常成问题。

So you could only spend in, the denominations that you actually deposited in, which is very problematic.

Spark解决了这个问题。

Spark solves that.

但Spark的奇特之处在于他们没有使用盲签名。

But the weird thing that Spark has done is they aren't using blind signing.

从技术复杂度角度看，这又让人感觉...好吧。

Now from a technical complexity perspective, But that makes again, it's like, okay.

但是，该做就做吧。

But, like, do it.

他们基本上就是借鉴了水星方案。

They basically they took took Mercury.

他们移除了隐私保护功能，简化了实现流程，这就是他们的做法。

They stripped out the privacy, and they made it easier to implement is what they did.

这可以理解。

Which is understandable.

但这引出了一个问题：它是一个开放协议。

But it also begs the question, it is an open protocol.

是否有人会站出来说，嘿，让我们采用Spark协议并开发一个PrivacyMax版本。

Is there someone who would step in and say, hey, let's take the Spark protocol and let's do the PrivacyMax version of this.

然后让我们在开放市场中竞争，看看谁愿意使用那个Spark实体而非LightSparks的Spark实体。

And then let's compete in an open market to see who wants to use that Spark entity versus the LightSparks Spark entity.

就像这样，一个开放协议和开放标准，任何人都可以随时加入并创建Spark实体。

Like, that an open protocol and an open standard, anyone can jump in and start a Spark entity tomorrow.

目前Spark服务提供商有流动性要求，比如闪电网络网关方面。

Now there are liquidity requirements from the the Spark service provider, like the Lightning Gateway side of things.

但从Spark实体的角度来看，它也没有Arc那样的流动性限制。

But from the Spark entity perspective, it doesn't have the same liquidity constraints that Arc does either.

所以更简单——可能这个词不准确——但更容易在那里启动实体并拥有不同的Spark运营商。

So it's much simple, probably isn't the right term, but it's easier to spin up an entity there and have different Spark operators.

你可以通过不公开所有交易、采用盲签名、引入其他隐私改进等方式，打造一个注重用户隐私的版本。

And you could do it in a way that focuses on user privacy with not publishing all the transactions, with doing blind signing, with bringing other privacy improvements.

这将很有趣。

It'll be interesting to see.

现在我要再次强调——我不知道你是否愿意相信他们的话——但Lightspark已经发布了路线图，其中明确将隐私保护作为重点。

Now, I I will say the again, I don't know if you wanna take them at their word, but Lightspark have put out a roadmap and there are clear focuses on privacy on that roadmap.

这会实现吗？

Will it happen?

显然，我我不知道。

Obviously, I I don't know.

我愿意相信它会实现，但我们拭目以待。

I'd like to think it will, but we we will see.

但他们已经承诺要修复无法使用多个地址的问题。

But they have committed already to fixing the ability to not use multiple addresses.

就像我说的，目前你必须重复使用地址，但他们已承诺会解决这个问题。

Like I said, right now, you have to reuse addresses, but they have already committed to fixing that.

这这一定会实现。

That that is gonna happen.

他们还表示希望提供比盲签名更好的隐私保护。

And they've said they want to do better privacy than blind signing.

他们仍未具体说明方案，但这完全有可能实现，隐私性也会得到提升。

They still haven't said what that is, but it is something that's very possible, improved privacy there as well.

所以这会很有趣。

So it'll it'll be interesting to see.

而且我我认为，就像你说的，这就是为当下而构建的，它确实有效。

And I I think, like you said, it's just it's one of those things that just it's built for today, and it works.

我们不需要软分叉。

We don't need to soft fork.

我们不必在可用性方面做出大量妥协，但确实存在其他权衡。

We don't have to make a ton of trade offs on the usability side, but there are other trade offs.

这确实是个难题，但无疑是一次有趣的探索。

And it's it's a difficult question, but it's it's been an interesting exploration for sure.

我很高兴我们终于有了一些有趣的选择，能够以大多数人实际可用方式实现自我托管的闪电网络。

And I'm glad that we finally have some interesting options on how to do self custodial Lightning in a way that's actually gonna be something most people can use.

是啊。

Yeah.

我的意思是，为他们辩护一下，任何真正发布过产品的人都会完全理解这一点——发布产品非常困难。

I mean, in their defense, and anyone who's actually ever shipped anything will completely understand this, it's very difficult to ship shit.

就我个人而言，他们完成得相对较快，而且已经达到了可用于生产环境的程度，这令人印象深刻。

And I personally they've done this relatively quickly, and they've gotten it to a point where it can be used in production, and it's impressive.

我是'公开迭代，持续改进'理念的坚定拥护者。

And I'm a huge I'm a huge believer in ship in the open, iterate over time.

所以让你知道。

So let you know.

让我们看看未来一年或两年会发生什么。

Let's see what happens over the next year or the next two years.