 Evangelos asks, from page 20, a Bitcoin user downloads a piece of software, for example, the Bitcoin Core client software. Evangelos' question is, what if this downloaded software is infected and serves under interest? Who is responsible to distribute software if we are talking about a totally decentralized system? How can I understand if it will be the original client software? That's a great question, Evangelos. First, let's look at how we deliver secure software to everyone who wants to use the Bitcoin Core software, or any other version of the software, any other form of Bitcoin client. Then let's look at what happens if it's not the correct software. First of all, Bitcoin is developed using an open-source model. That means there is a collaborative development process that happens in a public system. That development is happening on GitHub, which is a collaborative coding software platform. Developers from all around the world contribute changes to the code. Those are reviewed by thousands and thousands of people who each look at the code. A group of about 150 developers who work on this in a very concentrated manner, some of them working full-time on the software, all review and offer their opinion on the code. Some developers, through experience and many years of working on this project, organize all of the changes into the latest version of the software. They produce releases, and a release is simply a specific version, which includes the changes in the code. This is being reviewed in source code by many developers from all around the world. When Bitcoin was developed, a new system for building software was developed called Githian. In fact, this is an invention by the Bitcoin developers that is now used for secure software distribution across the world, and across other platforms, not just Bitcoin. Githian is a system whereby software can be built independently on multiple different platforms. The results of the software-built mechanism are called a deterministic build, meaning that the Githian system simulates the exact same platform across many different computers that build the software independently from the source code. From a specific version of the source code, they produce a binary that can be executed on different platforms. For example, 64-bit, x86 processors for use on Windows or on Linux, and those builds have a fingerprint. What Githian does is, by building the software independently on many different systems and then comparing the fingerprint, it can tell you if you are getting the exact same executable result as everybody else. That becomes one of the release builds. These are published on websites, such as Bitcoin.org, Bitcoincore.org, and other places, where individual users, developers, miners, etc., can download executables. Of course, you could also download the source code using the Githian system, or just the traditional build mechanism. You can build the executable and see what is produced. If you know you have the right source code, then through building it on your own platform, on your own computer, you can get a trusted executable. Once you have the executable, you can also do a fingerprint on that executable. You can compare that fingerprint to the published fingerprint, which are available on a number of different sites. Confirm that, in fact, you have built the exact same executable as everybody else, and you have the expected result. This ensures that when people download either the executable or the source code, they have a very dependable chain that goes back to the developers and the highly reviewed code that the developers are collaborating on. Of course, no process is perfect. What happens if your software has been compromised? Here is the other thing. If you have software that is compromised, the biggest risk is actually to your own individual wallet on that software. For example, if you downloaded a Bitcoin Core software that had malware installed in it, that will endanger your system. If you haven't used a deterministic build, or if you didn't download the software from a reputable source, you may download infected software. The thing that is most at risk there is your funds. If you put money into a wallet on a system that has some form of malware, then you are very likely to lose your money. That is what the virus is going to target. It doesn't pose a threat to the rest of the Bitcoin system. The reason for that is because on the Bitcoin network, no node trusts any other node. It is assumed that your node, when communicating with other nodes on the network, assumes that all of the other nodes cannot be trusted. It doesn't take any of the data that is sent to it at face value. It doesn't assume that the data is correct. Every Bitcoin node independently validates all of the transactions, blocks, and forms its own authoritative opinion, as to whether the nodes it is connected to are telling it the truth or not. If it finds nodes that are consistently lying to it, sending it wrong transactions, or invalid blocks, it disconnects from those nodes and stops talking to them. Every node has this defensive mechanism where it doesn't trust any other node on the network. It validates for its own authoritative perspective the transactions, the blocks, all the way back to the Genesis block. As a result, you don't need to trust that other software is doing what it is supposed to do. You don't trust that other software is doing what it is supposed to do. You validate yourself, or rather your computer node validates everything itself. We can have malicious software introduced into Bitcoin. It is hard to do because of this deterministic build process. You can essentially evaluate a chain of custody that goes from the developer source code that is widely reviewed all the way to the executable. Even if you don't validate that, the risk that that poses is primarily to your own funds and your own machine. No other node on the network will trust you. By default, we don't trust other systems. The trustless nature of Bitcoin, the decentralized nature of Bitcoin, is because it doesn't trust any other nodes on the network. How is consensus on new rules and upgrades reached, and who decides on what updates to include or reject? Our developer is getting paid to do that. Consensus on new rules and upgrades is reached in stages and at different parts of the system. Ultimately, the people who decide which upgrades get implemented are the people running nodes, and specifically the five constituencies of consensus, the five groups of people that have control over consensus. These five groups have overlap between them, but broadly speaking, they are the miners who choose what software to mine with, the merchants who choose what software to run on the nodes that are accepting payments for buying and selling commercial goods, and services, the exchanges that are running nodes and deciding what rules to accept transactions for deposits and withdrawals, and exchanges of cryptocurrency, the developers who write the software but can't force anybody to run that software, and the companies that create wallets that decide what rules those wallets will work with, and ultimately also the users who run those wallets or run their own nodes. Consensus is an emergent phenomenon, meaning that the rules emerge from the agreement of all of those parties to operate under a single set of rules, and those who deviate from the rules are punished by loss of funds. They lose opportunity, they lose profit, they lose funds directly. Developers are getting paid nowadays, because there are many companies that are willing to subsidize or fund or hire developers to work not only on their own projects, but also to work on the core protocol. But there are probably more than 400 contributors to the core protocol, for example, in the Bitcoin Core project. They are paid by a number of different companies, and many of them are volunteers. Also, you've got to keep in mind that many of these developers can get a job pretty much anywhere they want, and get paid very well for that job, so they work wherever they want to work, and on the projects they want to work. They are very independent in that way. They can't be forced to implement a change, they are not interested in implementing it. In fact, even the companies that pay them have to let them work on whatever they want to work, because otherwise they'd stop working there. Many of these developers, if you ask them, why do you work for this company, they'll tell you, I work for this company because all of the most smart people in the world that I know work for this company, too. Probably one of the best rewards for a developer, or any creative or artistic person, is to work among the best in their field, and to be able to work with the best in their field on a daily basis. They don't do it for money. How can a node running on one software, for example Bitcoin Core, communicate with other nodes running a different software? How does a miner decide which software to use? Is it common for a miner to switch to another software? That's a great question. So there's a difference between the software, the protocol, and the consensus rules, and all three matter. So you can have one piece of software, Bitcoin Core, and that has a certain implementation, but it uses the common protocol to communicate on the network, and it follows the common consensus rules. Bitcoin Core, as the reference client, tends to lead in what the interpretation of the protocol and the consensus rules is, but nobody has to run Bitcoin Core. You can run a different software. For example, there is an implementation in Node.js called Bcore, which is fully compatible in the protocol level, fully compatible in the consensus rules. There's another implementation called Libitcoin, and Libitcoin is fully compatible with Bitcoin Core in the protocol and in the consensus rules. So by speaking a common language and following the same rules, these three different clients can communicate on the same network, arrive at the same consensus as to what has happened on the network, and continue to remain within consensus by following those rules. A miner can run any one of those, for example, to do mining, and it really depends on what their preference is, in terms of scalability and code quality and maintainability and security. Is it common for a miner to switch to another software? Not really. Part of the reason for that is because Bitcoin Core has demonstrated an extremely high level of quality, with very well-tested software that's tested not only by the developers, but of course by everybody else who's running it, and very high standards for code maintenance and security updates, which means that a miner switching to another software, they can of course do that, if they believe that the other software will be better maintained, deliver better quality code or more secure code than the Bitcoin Core project. So far, that doesn't seem to be happening. Most miners use, I think all miners, in fact, use Bitcoin Core because it's proven to be the most reliable software out there.