Yes, in practice mining mostly follows price, but it's still not quite that cut and dry.
Miners also need to sell bitcoin to recoup operational costs. They influence the value of bitcoin by being an active trader and setting limits to their sale price.
Current price influences future mining. Past mining influences current price.
Well, theoretically the value of Bitcoin would be a function of energy costs and mining difficulty, but that hasn’t happened in practice, and would still be volatile anyway.
It's an okay-ish alternative to a password, but if we're going to use cryptographic secrets for auth, I'd hope to see more of a handshake and challenge-response involved.
As it stands, anyone who has access to a private key momentarily can generate any number of tokens for use, practically indefinitely (just sign a timestamp for every second for the next N years). This system is open to replay attacks as well.
It also glosses over the entire problem of trust establishment, cert revocation, etc.
> Heartbleed (and all the other serious memory exploits) required a great deal of skill and a lot of luck to exploit, and in return you either don't get a remote execution, or you get a very tiny chance of a remote execution.
Heartbleed wasn't about RCE at all. It was about memory disclosure -- memory that contained secret signing keys. The fallout was that keys needed to be revoked and rotated.
Reading out memory and extracting the secret keys was actually pretty simple. There were multiple POCs available.
Miners also need to sell bitcoin to recoup operational costs. They influence the value of bitcoin by being an active trader and setting limits to their sale price.
Current price influences future mining. Past mining influences current price.