Bitcoin Magazine

Show Menu
logo

QuarkCoin: Noble Intentions, Wrong Approach

One of the more interesting alternative cryptocurrencies to have come out of the dungeon that is the Bitcointalk altcoin forum is something called “Quark” (or sometimes “QuarkCoin”) – a cryptocurrency that aims to be “super secure” by employing multiple advanced hash algorithms in place of Bitcoin’s plain SHA256. The currency has acquired significant interest in the past few weeks, especially so because it has been picked up not just inside the Bitcoin community, but also among two mainstream figures: Bill Still, an American journalist, film producer and author responsible for the films The Money Masters and The Secret of Oz, and Max Keiser, host of a show with millions of viewers on the Russia Today TV network. So what is this new coin that seems to have so suddenly come out of nowhere, and why has it succeeded in getting so much attention where even Peercoin and Primecoin have failed?

Quark differs from Bitcoin in three key ways: its proof of work algorithm, its block interval and its distribution model. The proof of work algorithm in any (Bitcoin-like) cryptocurrency is the function that miners must compute in order to create valid blocks; in Bitcoin, for example, a valid block must have a SHA256 hash starting with 0000000000000000000 (that’s fifteen hexadecimal zeroes). Because SHA256 is essentially a pseudorandom function, the only way to create such a block is to keep trying, making an average of 260 attempts, before you eventually create a block that is valid. Artificially making block creation so hard is a security measure; it ensures that attackers will not be able to flood the network with illegitimate blocks, and therefore a fraudulent transaction history, without having more computing power than the entire legitimate network combined.

The proof of work algorithm in Quark is more complicated than Bitcoin, but not excessively so; instead of using just one hash function as Bitcoin does, Quark uses six: BLAKE, Blue Midnight Wish, Groestl, JH, Skein and Keccak. The six algorithms are implemented in series, with nine steps; three of the steps randomly apply one of two out of these six functions depending on the value of a bit. The point of this is twofold. First, it is intended to make Quark more resistant against the “black swan” risk of a single hash function getting cracked. Second, it is intended to make the currency secure against specialized hardware or even GPUs; “Being only CPU mined,” the introduction reads, “this coin offers the average individual the rewards of mining.”

The block interval in Bitcoin is 10 minutes, meaning that the “difficulty” (ie. the number of zeroes that a valid proof of work must have its SHA256 hash start with) automatically adjusts so that the network produces one block per ten minutes. In Quark, the interval is an ambitious 30 seconds. The distribution model in Bitcoin is an exponential decay model: for the first 210000 blocks (~4 years), 50 BTC is released per 10 minutes, for the next 210000 blocks 25 per 10 minutes, then 12.5 per 10 minutes, and so on in an exponential decay until eventually issuance will stop entirely in 2140. Quark’s issuance model is a similar exponential decay, but much faster; it starts off at 2048 QRK per block for three weeks, then 1024 for three weeks, and so on until it reaches 1 QRK per block after about seven months. Unlike Bitcoin, however, Quark then stays at 1 QRK per block forever – a “permanent linear inflation” model whose inflation rate will start off at 0.5%.

So What Are The Flaws?

Unfortunately, although Quarkcoin tries to make a number of bold and daring improvements on the Bitcoin parameters, it arguably fails in its objectives on almost every count. We can go through the various changes that Quarkcoin made, and see that almost each and every one of them either does a substandard job of doing what it is intended to do or even introduces problems of its own.

First, the hashing algorithms. As described above, the intent of having six hash algorithms is (1) to protect against “black swan” attacks on hash algorithms, and (2) to make the coin unfriendly to specialized hardware. The first purpose seems reasonable at first glance; if one of the six hash functions get cracked, that particular block will always be found instantly, and the other five hash functions will remain standing. However, the way that it was done manages to be simultaneously superfluous and inadequate.

One thing that must be understood about hash functions is that, unlike most public-key algorithms, hash functions are often very opaque in their implementations, relying on complicated permutations and arbitrary substitutions and transforms rather than elegant mathematics involving modular exponentiation or elliptic curve points. The design of hash functions attempts to maximize properties known as diffusion, confusion and nonlinearity – essentially, professional cryptographers literally come together and try to figure out how to make a function as opaque and jumbled up as possible so that no one, including the cryptographers themselves, can figure out what’s going on inside.

As a result, hash functions tend to naturally have many built-in redundancies, and it shows. When the MD5 hash function was cracked, it went down slowly. In 1993, researchers first found a “pseudo-collision” – two changes to an internal parameter called an initialization vector that lead to the same output. In 1996, researchers found a “collision” – two inputs that produce the same output – to one specific internal component of MD5, the compression function. It was not until 2004 that these insights were converted into a full collision attack on MD5 itself. Even today, MD5 is actually not fully broken; althoush collisions, finding X and Y such that MD5(x) = MD5(y), can be done in only a million computational steps, pre-images, or finding X such that MD5(x) = Y for a prespecified Y, still take over 2100 steps (although no longer quite the initial 2128. Hence, hash functions like SHA256 are already highly redundant and black-swan proof. In fact, if a critical black swan event does occur, it will likely be something like P=NP or quantum computing that affects all hash functions at once.

Furthermore, there is one place where the algorithm does not use redundant hash functions: the Merkle tree. Quark’s Merkle tree still uses good old SHA256. What’s more, an attack on Bitcoin’s Merkle tree does not even need the harder pre-image attack – a mere collision attack, albeit a highly specialized one, will suffice to make a double spend and even fork the entire network. The process is simple: make two transactions, T1: A -> B and T2: A -> A, such that hash(T1) = hash(T2). Publish T1. Then, publish T2 later and spread around blocks containing T2 in place of T1. Now, suppose B tries to spend the bitcoins that he received in a transaction T3. Some nodes, which have T1, will see that T3 is spending the bitcoins from T1 and thus recognize T3 as legitimate, and eventually a miner will make a block, B1, containing T3. Other miners, that have T2, however, will see T3 as invalid because it is spending bitcoins that have been sent to A, and thus reject B1. They will eventually make a new block B2 without T3. From there, the blockchain will split in half, with some blocks following B1 and others following B2. All this requires only a relatively simple collision attack against SHA256, and Quark does nothing against this.

The second application of Quark’s multi-hash mechanism is its resistance to ultraefficient mining through specialized hardware. However, the combined hash function created by composing BLAKE, groestl and the other functions does not have any particularly special properties; it is simply a hash function which takes up nine times as many lines of code. Producing specialized hardware devices (ie. ASICs) for mining it will certainly take nine times as much work, but once they exist they will be every bit as efficient as Bitcoin ASICs. They only do not exist now because there is not enough interest in Quark. A better way to make an ASIC-resistant coin is to use so-called “memory-hard hash functions” – functions that take a large amount of memory, as well as time, to calculate, so devices that attempt to do the computation millions of times in parallel will need to have petabytes of memory on hand; Litecoin does this, as does Primecoin with its sieve-based prime number chain algorithm, albeit unintentionally.

Next, we come to Quark’s 30 second block time. The idea of making blockchains with faster confirmations is a seductive one; Litecoin started the trend with its 2.5-minute blocks, Primecoin has 1-minute blocks, and now even faster coins like Krugercoin exist with 15-second blocks. Although accepting payments with any of these currencies is equally near-instant, as confirmations are not really required for security in most applications, such currencies have definite advantages in high-security applications such as gambling sites and depositing to exchanges. However, below roughly one minute such currencies run into two problems. First, there is the issue of “stale” blocks – when a miner finds a valid block, it takes about twelve seconds for that block to propagate through the network, and if any other miners find a valid block in those twelve seconds their work is essentially wasted. With a 10-minute block time, this is only a two percent decrease in de-facto network security. With a 2.5-minute block time, it becomes eight percent and with a 1-minute block time it becomes about 17% – significant, but far from fatal. Below one minute, however, these stales start to seriously threaten the security of the network.

The second issue is one of centralization. Suppose that miners are now organized into mining pools, where one mining pool necessarily has more market share than the others. Suppose this top mining pool has a 25% market share, and its next competitor is at 15%, and the baseline stale rate is 33%. Solo miners have 67% efficiency due to the stale rate. The 15% mining pool, however, itself mines the block 15% of the time, and so starts immediately working on the next block without delay. Hence, the 15% pool’s stale rate is only 33% * 0.85, or 28% – or 72% efficiency. The 25% pool enjoys 75% efficiency. Thus, new miners have an incentive to join the largest pool, making it even more powerful. This effect inevitably leads to large centralized mining pools which, combined with the reduces network security, means that one mining pool will almost certainly have de-facto control over the entire network. With Bitcoin and its 2% stale rate, this is not a significant issue. With Primecoin at 17%, this is a moderate concern. With Quark, this is arguably a fundamental flaw.

One possible solution to the first problem comes from a recent paper by Yonatan Sompolinsky and Aviv Zohar which suggests a way to actually include stale blocks as part of the blockchain; if a new currency integrated this, it may be able to address the security loss potentially down to even below a 10-second block time. However, the solution does not fully address the second concern; if these stale blocks that are part of the chain receive their mining rewards, then the currency becomes much weaker because there is no longer any incentive not to support fraudulent double-spending attacks, and if the stale blocks do not receive their rewards the efficiency centralization issue remains. Perhaps with some compromise, however, 10-30 second block times can be made viable in the future.

Finally, we have the distribution model. 50% of all Quark units were distributed within three weeks, a much steeper distribution curve than Bitcoin or any other cryptocurrency except perhaps Mastercoin and Ripple. Many have come to call his model a de-facto premine, “premine” being the technical term for when a currency is created with a number of units already in the hands of some centralized party. The Quark developers have made a post addressing this concern, saying that their currency is more fairly distributed than any other altcoin, showing that the percentage of all Quark units owned by the top 100 addresses (59%) is actually right in the middle of those of other major cryptocurrencies (cf. Namecoin at 56%, Litecoin at 48% and Peercoin at 64%).

However, this is somewhat misleading; of all of these other currencies, the percentage in question is the percentage out of those coins that are already in circulation. In the case of Litecoin, Peercoin and Namecoin, there are still many millions of currency units left to be distributed – and there is no particular reason why these new currency units should go to the same early adopters who were lucky enough to secure entire percentages of the currency’s money supply earlier in its life cycle. With Quark, the currency will take 100 years for its money supply to expand by 50%, so the 59% is not likely to go down by much any time soon. Ultimately, it is very hard to create a currency with a fair distribution model, and any specific technical approach will likely only last a few months before people with money and resources catch up to it at least to some extent. The only stable approach may be to simply premine it and then give out 0.001% to the first 100000 people that show up with a passport or at least a unique cell phone number.

The concerns that Quark seeks to address – Bitcoin’s slow block times, the unfairness of altcoin distribution and the threat of specialized hardware – are all very valid issues, and Quark’s recent success highlights the importance of these problems. However, Quark in its current state is not the solution. Litecoin and Primecoin are both very valid alternatives that seek to target many of the same goals, and have done so much more successfully. Hopefully, in time an even better cryptocurrency will be developed that will actually have all of the desired properties that we currently want; and ultimately every attempt and even every mistake made along the way is a stepping stone to achieving that goal.

Get Top Stories Weekly

We respect your email privacy

  • st__v

    Great article. I couldn’t really work out how multiple layers of hashing was anything other than wasted cycles. Thanks for the science behind it!

  • Tuumas

    No surprise to get such comments from BTC and LTC owner. At least you do not write total nonsense. So how about peercoin, namecoin etc. why is QRK raising also your interest so much…ridiculous FUD all over.

    • https://www.godel.com.au thedavidmeister

      The article is already very long and it’s not intended as a whitepaper on all altcoins. I assume, given the context of the article within a magazine dedicated to the topic, the author feels they have time to write about other altcoins in the future. The article is not really FUD, the points raised make total sense and are well researched.

  • manfred karrer

    like always. a pleasure to read your articles! thanks!

    • Paul

      +1

  • Guest

    “for the first 210000 blocks (~4 years), 50 BTC is released per 10 minutes”
    This should say QRK.

    Outstanding article as always. I look forward to reading your articles every week and I don’t think there has been one week in which I didn’t include a link to them in my bitcoin newsletter:)

    Thanks for the work you’re doing!

    • ryepdx

      No, that is indeed *Bitcoin’s* deployment algorithm.

  • snowden_farted

    Consider the following Vitalik;

    1) The 6 hashing functions does indeed provide 6x security at the transaction level. You mention the merkle tree as a soft spot – no difference than bitcoin. A merkle tree is typically involved in a black hole attack. From what I can tell, that amounts to a Denial of Service attack…SHA-256 should do fine here. The transaction level is where I see the need for added security, and Quark has it 6x.

    http://en.wikipedia.org/wiki/Packet_drop_attack

    2) My YouTube review on Quark

    https://www.youtube.com/watch?v=gYQH9pNMnk8

    3) Mining Pools – I don’t see why they can’t be regulated/controlled the same way as Bitcoin. If I recall, BTC Guild recently mined 7 consecutive blocks!

    4) The Quark mining schedule has been discussed in detail. It is different than bitcoin. I personally like the .5% inflation for Quark as a valid argument can be made that Bitcoin is deflationary.

    5) ASICS won’t be created to mine Quark – I did not follow your argument that specialized hardware could be created to bypass the CPU mining setup that is part of the Quark protocol.

    My personal opinion, is that a fine magazine like this should absolutely offer critical evaluations of alt-coins, but how about including ideas/thoughts on how to improve Quark as well. The crypto-community as a whole should encourage and support the rise of multiple alt-coins.

    I see big things ahead for Quark and hold a large position. I was not one of the original miners. Keiser Report on Dec 19th should be interesting.

    Cody

    • Vitalik Buterin

      How do 6 hash functions provide 6x security? What is the argument for this? Because 6 hash functions is really just the same thing as one hash function that’s 6x as complex. Also, if any hash function in the chain gets cracked the coin is screwed (say you can do a second-preimage attack on hash #k. Then, you mine one valid block, and then just keep repeating the second-preimage attack to get new blocks with exactly the same final hash). So in some ways you’re actually getting 6x insecurity.

      • Eric des Courtis

        Please Vitalik explain this to Bill Still! Many people with good intentions are following his recommendations (he is not technical enough to understand this).

        • snowden_farted

          I don’t follow?

          You would need to crack 6 hash functions and then 3 random hash functions before you could manipulate a transaction. My understanding is that each algorithm is like a deadbolt lock, and 6 locks are more secure than 1.

          6x insecurity argument does not hold water. The soft spot I see with Quark is the .5% inflation and the need to use transaction fees to keep a healthy network if CPU nodes.

          This will need to be carefully watched. The Quark protocol will go through many updates over the years. I like what I see with Quark.

          • Eric des Courtis

            No you don’t need to crack 6 hash functions you just need 51% of the hashrate to double spend because you can create your own competing chain. It doesn’t matter what the hashing algorithm is. By the way all of these hashing algorithms are provided with either VHDL or Verilog when submitted to NIST. So creating an ASIC or FPGA miner would be easier than you think.

      • bluesky

        Hi Vitalik. Thanks for highlighting issues that need to be answered by all crypto-currencies. I suspect that you are being a little unfair on Quark though. You are careful to use non-committal words such as ” … it arguably
        fails”, meaning that it could also be argued that Quark doesn’t fail, and hasn’t; and also, “So in some ways you are actually getting 6X insecurity”, meaning that in some ways you are getting 6X security!
        The issues you flag up are issues all future coins will have to address, not just Quark. However, what I liked about your section on “stale” blocks was that you indicated a solution (Sompolinsky & Zohar). I understand, that since your article, there have been improvements made to Quark security, that most probably address the points that you raise. Your article seems to have done some good!
        Regarding “pre-mining”: my view is that the developers are entitled to be believed unless proven otherwise. The coin seems to be widely distributed and has one of the largest transactional volumes in the crypto-coin world. Even if the developers had an advantage on launch, I don’t begrudge them making some money (seigniorage) for the effort that they have put in creating Quark. I have noticed though, in relation to another new coin that is being launched in February 2014, that unjustified attacks proliferate when the established order is threatened.
        And yes, I do declare an interest in Quark – plus Bitcoin and two other coins. I note also that you have an interest in your own coin which you mention that you are developing. Maybe, yours will be the perfect coin of the future.

        • bluesky

          What I am trying to get at is that a very definite, condemnatory assertion was made in the title of this article, which to my mind wasn’t backed up by equally definite statements of fact. “It arguably fails” and “So in some ways” are not good enough in my book to support a clear, precise, pronouncement. Quark’s future will depend on its resilience in coping and adapting to future threats. Vitalik, I would be interested to hear your views on the extra enhancements recently adopted by Quark.

  • science

    Tries to spread fear by contradicting yourself and saying sha256 < the pow algo for BITCOIN needsa relative simple collision . Lots of time to hack bitcoin Quark is full mature , attacker gets nothing , ultimate security , keep crying .

    • https://www.godel.com.au thedavidmeister

      I believe the author is saying that sha256 is being used in a different component of the underlying software in bitcoin and quark coin than the hashing algorithm used for mining. The point being made is that quark coin markets itself based on its security but fundamentally security is only as strong as the weakest link. You could have as many hashing algorithms chained together in your mining and it all be for naught if there’s a vulnerability elsewhere in the software.

  • takyzark

    is it just me? when I read this article I consider to buy qrk and hold for long term.

    • Dusty

      Yes, it’s only you :)

      • takyzark

        and how did you come with that conclusion? are you representing the rest of cryptocurrency user on earth? 😉

        • Dusty

          It was just a joke 😉

  • gryphondanu

    “Hence, hash functions like SHA256 are already highly redundant and black-swan proof.” …

    Until the NSA reveals its back door.

    • Eric des Courtis

      Just use the NIST submission in other words before it was modified by NIST (that is usually where they weaken it).

    • https://www.godel.com.au thedavidmeister

      mmm, if the NSA are involved in sha256 that is a real worry :(

  • jimasd

    so it’s no worse but no better then bitcoin, so who cares it’s cheap, and you can use it for the same things as bitcoin was created for, so, still a worthy crypto

    • https://www.godel.com.au thedavidmeister

      This isn’t true, you can’t use quark coins to buy nearly as many goods and services, or convert it into as many different currencies. Even if it achieves the same at the software level, it does not do as well as a currency. The point the author is making is not whether it is better or worse than bitcoin, but whether it lives up to its own hype/promises as well as it claims to.

      • jimasd

        it’s only 6 months old? how old is bitcoin…

        • https://www.godel.com.au thedavidmeister

          Unless quarkcoin can deliver its promised improvements over Bitcoin, it is by definition no better than Bitcoin as a protocol and the “coins” in the quarkcoin system will not magically become as valuable as coins in the bitcoin system are today, 3 years from now. If it ever becomes widely accepted that quarkcoin does not do what it promises effectively, it is hard to see how it would not inevitably become less valuable than bitcoins (many people are invested in it already) or other altcoins that do deliver on the “value add” that they promise.

          • jimasd

            im into DMD’s now anyway, but look at litecoin it has nothing new, it’s going pretty good

          • https://www.godel.com.au thedavidmeister

            litecoin was the first altcoin to introduce scrypt. It promised less domination of the mining market by ASIC miners, and so far it’s delivered on that, and people obviously see some value in that so they’ve invested in that coin somewhat.

  • jimasd

    bitcoin was first on the block, this is it’s one advantage…thats all

    • Jim

      That and the fact that a lot of people have try and failed to find a way to game the system.

  • Dusty

    Thanks Vitalik for the article, but this time there is an important missing/wrong piece of information: faster block confirmation does NOT mean better security, in fact in can mean exactly the opposite due to the higher stales etc.

    As explained by Edan Yago here:
    http://edanyago.me/2013/12/02/litecoin-can-benefit-bitcoin-but-currently-it-is-a-scam/

    Myth: Litecoin is faster than Bitcoin

    Reality: Litecoin transactions propogate at exactly
    the same speed as Bitcoin transactions – because the code is the same.
    Litecoiners make the speed claim based of the idea that Litecoin has
    faster confirmations. But speed of confirmation is not very useful.
    Firstly, for 99.9% of transactions, you don’t need to even think about
    confirmations. There has never been a recorded instance of double spend
    in Bitcoin. So if you see a transaction is “pending”, just chillax, the
    transaction is as good as done.

    Secondly, having faster confirmations means you need more of them to
    reach the same level of security. This is because confirmations are a
    measure of difficulty. Making them easier also makes each of them less
    valuable (there is an argument about how many litecoin confirmations
    equal one Bitcoin confirmation, so there might be some advantage – but
    it is slight). Basically, you can think of each confirmation as a bolt
    that locks-in the transaction. You can have one tough bolt or 3 weak
    ones.

    • Vitalik Buterin

      Actually, no, you can mathematically prove that the difficulty of double-spending a transaction depends ONLY on the number of confirmations and the attacker’s hashpower, not the block duration – unless you’re going so low (eg. 10-30s) that stales actually become an issue.

      • Dusty

        It’s not the longest chain that wins but “the chain that has most of work”, so having two blocks with “work/2″ each or one with “work” should be completely equal.

        Statistically speaking a certain amount of hashing power will produce a block with P work in a certain amount of time or two blocks with P/2 with half difficulty.

        But since there is latency on the network and some hashing power get lost after each block is propagated, having blocks with more time between them should give a (very slight) advantage as of total work done.

        At the very least, it should be equal.

  • nicklepickle

    Most people think its cpu only. Gpu are mining about 4x faster. This strategy appears intentional.

  • eugene lee

    I commend the technical explanations and theories behind the pros and cons of quark. But I see that the author joined the “Bitcoin community in March 2011″, so I’m going to assume he probably gots a fairly large amount of bitcoins in the early stages, which therefore means he will do whatever it takes to deflate the value of other cryptocurrencies. I’d say if the author or anybody else with a high level computer science degree knows what the best formula is for developing the perfect cryptocurrency, then do it.

    BTW, i do not own quarks, but a fair amound of Litecoins, fastcoins, digitalcoins, grandcoins, and sexcoins. Please tell me what the flaws are for those coins so I can convince myself to sell those and buy bitcoins.

    • Vitalik Buterin

      > But I see that the author joined the “Bitcoin community in March 2011″, so I’m going to assume he probably gots a fairly large amount of bitcoins in the early stages, which therefore means he will do whatever it takes to deflate the value of other cryptocurrencies.

      I don’t hold that many. Also, I support XPM heavily and LTC to some degree; if I like a coin I can always just convert some of my BTC to it and hold it as well.

      > I’d say if the author or anybody else with a high level computer science degree knows what the best formula is for developing the perfect cryptocurrency, then do it.

      Already on it. Look forward to an announcement from myself in about a month :)

      • Dorian

        How long are you spending making it? Any coin which will be worth using over Bitcoin will take a long time to develop. You should spend years working on it in consultation with other computer scientists as well as economists from a range of schools.

  • run23-4

    Pretty standard opinions from a bitcoin supporter. There are plenty of seats at the table my friends, try to keep open minds…

  • run23-4

    Since people love throwing the word around, Bitcoin has effectively been “premined” for about the past six-months. Today massive ASIC farms with huge hashing rates are essentially the only ones with access to mining bitcoin. Tomorrow those with the ability to expand hashing rate the fastest (ie ASIC developers and those who they preferentially sell to) will continue to restrict the access to mining bitcoins in perpetuity.

    • https://www.godel.com.au thedavidmeister

      Nice use of the double quotes on “premined” to mean something other than what “premined” means everywhere else in general bitcoin discourse. I think the word you’re looking for is “monopolised” or “centralised” but not “premined”

  • snowden_farted

    Vitalik – why was my response to your article not posted by the moderator?

    • Vitalik Buterin

      Sorry about that, approved your post.

  • ChiefClickClack

    Write CLEAR conclusions then support the conclusions with CLEAR and SIMPLE substance. Here’s my inference of what you’re trying to do: “Quark appears to have ‘superficial’ advantages over BitCoin, but it actually brings nothing new to the table; you can TRUST my opinion BC technical jargon, technical jargon, technical jargon…AND I have a Russian sounding name…AND I’m trying to defend BitCoin BC I’m one of its preminers.”

    • https://www.godel.com.au thedavidmeister

      I believe I understand every word of the article and I have no particular training in cryptography. Technical jargon in itself does not make something unclear. The author is careful to link to external references that explain much of the more advanced concepts, but free and on-demand services like Google exist for researching tougher concepts if/when you need.

      I don’t understand the desire to use the author’s real name as a criticism of the article, that’s truly nonsensical and petty.

    • Vitalik Buterin

      Fun fact: I never once managed to mine even a single satoshi of BTC. My only mining profits to date are 9.25 Tenebrix and 0.12 XPM.

      • https://www.godel.com.au thedavidmeister

        I managed to mine 0.4 BTC in like 2011 on a casual gaming box. Couldn’t do that now though 😉

  • mex

    Primecoin being atm only CPU is being abused by botnets, and ppl having free server to get most of the network… I thinks that is very bad for a coin…

    • Eric des Courtis

      I really wonder if CPU mining is a good idea at all sometimes. But at least Primecoin made a niche out of it. ASICs do a good job at keeping the currency consistent and therefore secure.

  • Jim

    Love your stuff man…

  • Eric des Courtis

    Vitalik great article! Do you think Quark will be able to gain enough value to keep mining profitable enough to prevent a 51% attack?

    • Penny

      If a 51% attack is potentially profitable enough to be worth attempting then that would imply QRKs value is high enough to incentivize adequate mining to prevent an attack…..No?

  • Berrtus

    The Bitcoin foundation should simply announce that they will adopt these possible future improvements as soon as they have been adequately tested and agreed to. The reason is that if Currencies are constantly being replaced by the next better one then they are not a safe place to store value. There may be room in the market for a few alt coins, but if the number is high and the turnover rate even occurs once every 10 years then all crypto currencies will store only limited value. How much wealth are you going to store in a coin that can be replaced at any random moment? Seriously even if it takes 10 years to fall from first to tenth place the risk is not acceptable.

    • Vitalik Buterin

      The Bitcoin developers will never make any substantial changes to the core protocol, barring emergencies such as quantum computing. It’s simply too risky to do that to a $8 billion currency. That’s why we need altcoins. But we do need altcoins that are well thought-out and designed with a clear understanding of what the issues are.

  • apple

    this article is very bias as well, and you try to pretend your backing up a lot of the info with facts but your really not doing that good of a job with it…

  • Richard Boase

    Great Article. Thanks Vitalik!

  • Nikato Muirhead

    I do not believe Quark was pre mined. There is no evidence of that. .If it was, it certainly wasn’t as bad as the million bitcoins pre mined by Satoshi. I couldn’t care less even if it was pre mined. I don’t mind paying a reasonable price for coins that are useful and secure.

  • jimasd

    buy DMD diamond it is around $2 currently
    DMD is an ASIC-resistant scrypt coin.
    combines proof-of-work and proof-of-stake, providing excellent resistance to 51% attacks.
    only 4.38 million DMD will be created ever!!
    Block time is one minute 9x faster then btc

    perfect investment

  • http://Thephora.net McChimpin’

    Excellent article, Vitalik! I agree with everything you say, except the ‘Noble Intentions’ part, because this is 100% scam, pure and simple.

  • Derek Pater

    wow, I would like to thank the author of this article, I will not pretend to understand it all, what about Dogecoin? from a marketing and exposure feature on-line its brilliant

  • roe

    im pretty sure that this article is just slander.
    This article is published 2 months ago and look what happend to QRK since then. QRK belongs to the top 5 cryptocurrency now. You will always have haters and i know that many people in the financial world laughed at BTC. Untill now. Now they can go and shame themselfs.
    The author has picked a relativly small coin and tried to destroy the faith people have therein. For whatever reason he has. His arguments, eventho littered with jargon, are not that strong in my opinion… he says a quantum computer would be able to hack it and will hack all the algoritmes all at once.
    .
    It is like saying: putting a good lock on your house wont stop burglars, because with dynamite its easily opened…

    to me it seems astho the author went trough a whole lot of trouble to discredit quarkcoin. im wondering why…

    • Tymat

      It went from being the top 5 to the 15th today according to coinmarketcap.com. That’s exactly the kind of evidence you would see from a pump and dump scam coin.

      • roe

        Hmm yeah… I dont think it’s pump and dump, but very very poor managing. They did try, with some new things implemented… But they failed misserably in the promotion department.

        Maybe it’s because of articles like this. Who knows… If people dont want you to succeed and they work against you, you can never become any good. People in the crypto world should work together, if we start fighting amongst eachother, we are doomed. I think that we, as the cryptocommunity, should never publish articles about why other coins suck and kill their reputation.

        Tho I admit that I was wrong and I expected QRK to be bigger by now… I still think the writer was wrong to publish an article about how crappy a particular coin is.

  • Jarrad Laursen

    They lost me when every second word was some long contrived piece of scientific babbel. He started off listing the flaws in bitcoin with no data just words like a food critic or something. Maybe be a little bit more objective next time