Some people seems to adulate Satoshi, think he can do nothing wrong and his word are to be interpreted as gospel. While I share Satoshi's plan to create peer to peer digital cash, I do think it is important that we think for ourselves. Here are some errors Satoshi made:
Early version of bitcoind allows you to spend any coin by using "op_true op_return" as signature.
It was initially possible to fork each version of the client on its own chain using "op_version"
Input value were not direcatly covered by signature, making it impossible for offline devices to check how much is spent and paid in fees.
It is possible to put op_checksig in an input script. Coputing the signature hash fails and return 1 as an error code, but error code was checked so it is possible to produce a valid signature signing 1.
Version fields are completely useless because they don't degrade gracefully. In case of hard fork, you can't |ake sense of the new data regardless of version, and in case of soft forks, they aren't useful.
Places where addresses could be useful, for instance outputs, do not have one.
Numerous opcodes were seriously flawed in early version, some of them exibiting buffer overflow.
It was possible to create several coinbases with the same txid, and in fact, satoshi lost coins doing so. This breaks numerous assumption about the txns graph being a dag by design.
Block size and/or tx count are not covered by pow. This creates DoS vector that lead to the introduction of the block size. Bitcoin Ulimited suffered from attacks after neglecting these DoS vectors.
The script number format is little endian, one complement. No more comments on that one.
The original code had numerous problems checking signature encoding, at least one could lead to a chain split between 32 and 64 bits archituctures.
The merkle tree doesn't handle empty branches properly. This lead to a vulnerability where you could repeat transactions is a block and get a node to reject it.
It is also possible to generate a valid 64 bytes transaction that looks like an intermediate node in the merkle tree, making it possible to lie to spv by brute forcing 70bits or so, which isn't considered secure.
Verifying signatures was O(n*m) where n is the number of checksig ops and m the transaction size. This makes it possible to generate transaction that are absurdly expensive to validate.
You can follow @deadalnix.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more