--- Log opened Sat Jan 10 00:00:18 2015
00:08 -!- lclc_bnc is now known as lclc
00:34 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has joined #bitcoin-wizards
00:34 -!- orik [~orik@c-71-227-207-191.hsd1.wa.comcast.net] has joined #bitcoin-wizards
00:35 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:b18f:30df:de11:ee9f] has quit [Ping timeout: 244 seconds]
00:39 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has quit [Ping timeout: 256 seconds]
00:40 -!- lclc is now known as lclc_bnc
00:47 -!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards
01:05 -!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection]
01:05 -!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards
01:05  * andy-logbot is logging
01:09 -!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has quit [Ping timeout: 250 seconds]
01:10 -!- lclc_bnc is now known as lclc
01:21 -!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has joined #bitcoin-wizards
01:22 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards
01:22 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has quit [Quit: bvu]
01:27 -!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has joined #bitcoin-wizards
01:28 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has joined #bitcoin-wizards
01:28 -!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has joined #bitcoin-wizards
01:31 -!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards
01:32 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has quit [Ping timeout: 245 seconds]
01:37 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has quit [Quit: bendavenport]
01:43 -!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has quit [Ping timeout: 265 seconds]
01:46 -!- damethos [~damethos@unaffiliated/damethos] has quit [Ping timeout: 252 seconds]
01:48 -!- d1ggy_ is now known as d1ggy
01:58 -!- orik [~orik@c-71-227-207-191.hsd1.wa.comcast.net] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
02:22 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Remote host closed the connection]
02:30 -!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards
02:37 -!- epscy [~epscy@176.126.241.239] has quit [Ping timeout: 256 seconds]
02:44 < adlai> gmaxwell: "One exciting enhancement to this idea I have is making the power H(header||nonce..." what do you mean by "the power"? is that a thinko for "the POW"?
02:44 < adlai> (from https://en.bitcoin.it/wiki/User:Gmaxwell/alt_ideas)
02:52 -!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]
03:12 -!- lclc is now known as lclc_bnc
03:20 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has joined #bitcoin-wizards
03:26 -!- nuke_ is now known as nuke1989
03:33 -!- austeritysucks [~AS@unaffiliated/austeritysucks] has quit [Ping timeout: 264 seconds]
03:40 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards
03:43 -!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards
03:48 -!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards
03:50 -!- Quanttek [~quassel@ip1f112539.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds]
03:57 -!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Read error: Connection reset by peer]
03:57 -!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards
04:00 -!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Client Quit]
04:03 -!- Guest82541 is now known as maaku
04:11 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:392e:9c5a:879b:970] has joined #bitcoin-wizards
04:13 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Ping timeout: 245 seconds]
04:24 -!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
04:26 -!- lclc_bnc is now known as lclc
04:27 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 255 seconds]
04:29 -!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards
04:29 -!- nessence [~alexl@178.19.221.38] has joined #bitcoin-wizards
04:30 -!- narwh4l [~michael@unaffiliated/thesnark] has joined #bitcoin-wizards
04:31 -!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Client Quit]
04:39 -!- spinza [~spin@197.89.19.57] has quit [Excess Flood]
04:39 -!- Emcy_ [~MC@unaffiliated/mc1984] has quit [Read error: Connection reset by peer]
04:40 -!- spinza_ [~spin@197.89.19.57] has joined #bitcoin-wizards
04:40 -!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
04:43 -!- luny` [~luny@unaffiliated/luny] has joined #bitcoin-wizards
04:47 -!- luny [~luny@unaffiliated/luny] has quit [Ping timeout: 264 seconds]
04:58 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards
05:00 -!- wizkid057 [wk@unaffiliated/wizkid057] has quit [Ping timeout: 264 seconds]
05:03 -!- wizkid057 [wk@unaffiliated/wizkid057] has joined #bitcoin-wizards
05:09 -!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Remote host closed the connection]
05:09 -!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards
05:09 -!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards
05:22 -!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Read error: Connection reset by peer]
05:23 -!- austeritysucks [~AS@unaffiliated/austeritysucks] has joined #bitcoin-wizards
05:25 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
05:27 -!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards
05:27 -!- epscy [~epscy@176.126.241.239] has joined #bitcoin-wizards
05:28 -!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Client Quit]
05:29 -!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards
05:29 -!- Dr-G3 [~Dr-G@gateway/tor-sasl/dr-g] has quit [Ping timeout: 250 seconds]
05:29 -!- Dr-G3 [~Dr-G@gateway/tor-sasl/dr-g] has joined #bitcoin-wizards
05:33 -!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Client Quit]
05:38 -!- Tjopper [~Jop@dhcp-077-249-237-229.chello.nl] has quit [Ping timeout: 264 seconds]
05:41 < adam3us> about naming ^^ much, it seems like u dont want to call your project *coin or people will auto assume its an alt and ignore.
05:42 -!- lclc is now known as lclc_bnc
05:48 < midnightmagic> new name:  "jimmy" . "jimmy turn the lights back on..!  jimmy!"
05:52 -!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards
05:54 -!- hashtag_ [~hashtag@69.23.213.3] has quit [Ping timeout: 255 seconds]
05:55 -!- NomosOne [~NomosOne@pool-71-178-107-61.washdc.east.verizon.net] has joined #bitcoin-wizards
05:55 -!- c0rw1n [~c0rw1n@63.120-67-87.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 245 seconds]
05:59 -!- c0rw1n [~c0rw1n@133.173-243-81.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards
06:09 -!- austeritysucks [~AS@unaffiliated/austeritysucks] has quit [Ping timeout: 245 seconds]
06:15 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
06:17 -!- spinza_ is now known as spinza
06:17 -!- Quanttek [~quassel@2a02:8108:d00:870:e23f:49ff:fe47:9364] has joined #bitcoin-wizards
06:28 -!- maraoz [~maraoz@149-136-235-201.fibertel.com.ar] has joined #bitcoin-wizards
06:30 -!- austeritysucks [~AS@unaffiliated/austeritysucks] has joined #bitcoin-wizards
06:43 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 265 seconds]
06:51 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Quit: No Ping reply in 180 seconds.]
06:57 -!- Emcy [~MC@cpc3-swan1-0-0-cust570.7-3.cable.virginm.net] has joined #bitcoin-wizards
06:57 -!- Emcy [~MC@cpc3-swan1-0-0-cust570.7-3.cable.virginm.net] has quit [Changing host]
06:57 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
06:59 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards
07:02 -!- Emcy_ [~MC@cpc3-swan1-0-0-cust570.7-3.cable.virginm.net] has joined #bitcoin-wizards
07:02 -!- Emcy_ [~MC@cpc3-swan1-0-0-cust570.7-3.cable.virginm.net] has quit [Changing host]
07:02 -!- Emcy_ [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
07:03 -!- afk11 [tkerin@jbell.maths.tcd.ie] has joined #bitcoin-wizards
07:05 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 264 seconds]
07:07 -!- Emcy_ [~MC@unaffiliated/mc1984] has quit [Ping timeout: 244 seconds]
07:08 -!- nsh [~lol@wikipedia/nsh] has quit [Read error: Connection reset by peer]
07:09 -!- nsh [~lol@2001:41d0:8:c2da::1337] has joined #bitcoin-wizards
07:15 -!- samson_ [~samson_@180.183.87.65] has quit [Ping timeout: 245 seconds]
07:20 -!- nsh [~lol@2001:41d0:8:c2da::1337] has quit [Read error: Connection reset by peer]
07:21 -!- nsh [~lol@2001:41d0:8:c2da::1337] has joined #bitcoin-wizards
07:22 -!- adam3us [~Adium@c31-67.i07-8.onvol.net] has quit [Read error: Connection reset by peer]
07:22 -!- adam3us2 [~Adium@c31-67.i07-8.onvol.net] has joined #bitcoin-wizards
07:24 -!- narwh4l [~michael@unaffiliated/thesnark] has quit [Remote host closed the connection]
07:24 -!- nsh [~lol@2001:41d0:8:c2da::1337] has quit [Read error: Connection reset by peer]
07:25 -!- nsh [~lol@2001:41d0:8:c2da::1337] has joined #bitcoin-wizards
07:32 -!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Quit: Leaving.]
07:36 -!- nessence [~alexl@178.19.221.38] has quit [Remote host closed the connection]
07:37 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
07:38 < kanzure> adam3us2: well, vanity grinding to get "BITCOIN*" is a little pointless because even non-bitcoin rule-sets could do the same. as long as it has verifiable correctness, i suppose it wouldn't be damaging.
07:39 -!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has joined #bitcoin-wizards
07:44 -!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has quit [Ping timeout: 264 seconds]
07:56 < kanzure> .title http://kryptoslogic.blogspot.com/2015/01/openssls-squaring-bug-and-opportunistic.html
07:56 < yoleaux> Kryptos Logic Research: OpenSSL's squaring bug, and opportunistic formal verification
08:01 -!- lclc_bnc is now known as lclc
08:06 -!- NikolaiToryzin [~stqism@freebsd/user/stqism] has quit [Ping timeout: 264 seconds]
08:07 <@gmaxwell> Thats very much relevant to my interests.  Alas, they say nothing useful about the difficult problem of bridging the gap between software and input to the solver-- there they rewrote the code by hand (which is failure prone and takes time), do they expect someone to do that for all of the 400kloc of openssl?; or that current SMT solvers reason very poorly about finite-ranged numbers (basically of
08:07 <@gmaxwell>  all the available ones I've used, Z3 is pretty much the only one that would even return an answer on a problem as simple as that).
08:11 < kanzure> "Note that while we are using Z3 here for its convenient Python bindings," oh that is nice of them
08:13 < kanzure> hmm... http://z3.codeplex.com/
08:13 -!- atgreen-mobile [~AndChat29@out-on-232.wireless.telus.com] has joined #bitcoin-wizards
08:17 -!- austeritysucks [~AS@unaffiliated/austeritysucks] has quit [Ping timeout: 240 seconds]
08:18 <@gmaxwell> and it's lovely non-commercial use only license? :)
08:19 -!- yamamushi [~yamamushi@opentransactions/dev/yamamushi] has quit [Quit: Leaving.]
08:21 -!- nullbyte [~WW@unaffiliated/loteriety] has quit [Ping timeout: 252 seconds]
08:23 < kanzure> non-commercial is troubling... i don't think i've ever seen a good definition that works and doesn't break everything.
08:23 < Eliel> let me guess, that will cause problems for using it with bitcoin.
08:23 -!- nullbyte [WW@gateway/vpn/mullvad/x-ykvabyaxywiaikmo] has joined #bitcoin-wizards
08:23 -!- nullbyte [WW@gateway/vpn/mullvad/x-ykvabyaxywiaikmo] has quit [Changing host]
08:23 -!- nullbyte [WW@unaffiliated/loteriety] has joined #bitcoin-wizards
08:23 -!- nullbyte [WW@unaffiliated/loteriety] has quit [Changing host]
08:23 -!- nullbyte [WW@gateway/vpn/mullvad/x-ykvabyaxywiaikmo] has joined #bitcoin-wizards
08:24 < Eliel> Although, considering that microsoft appears to have a pro-bitcoin strategy brewing, they might be open to discussion about the license.
08:24 -!- execut3 [~shesek@IGLD-84-228-22-89.inter.net.il] has joined #bitcoin-wizards
08:26 -!- shesek [~shesek@77.125.154.211] has quit [Ping timeout: 245 seconds]
08:27 -!- c0rw1n_ [~c0rw1n@133.173-243-81.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards
08:28 -!- c0rw1n [~c0rw1n@133.173-243-81.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 265 seconds]
08:37 -!- execut3 [~shesek@IGLD-84-228-22-89.inter.net.il] has quit [Ping timeout: 252 seconds]
08:38 -!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards
08:38 -!- samson_ [~samson_@180.183.87.95] has joined #bitcoin-wizards
08:43 <@gmaxwell> Eliel: it's a sham; it's more or less impossible to use anything "non-commercial" in any case where you wouldn't just use it with a "all rights reserved never use this at all license"
08:43 <@gmaxwell> (fortunately people happily use "all rights reserved never use this at all" without fear all the time)
08:44 < Eliel> heh, true
08:44 <@gmaxwell> but if that were the only barrier involved here I'd be super happy.
08:46 <@gmaxwell> The hard parts are usefully extracting the code into a from that the SMT solver can do something with; usefully expressing the hypothesis you wish to prove (and knowing that the hypothesis is right), ... and then deailing with the frequent fallout when the prover gets stuck.
08:46 < Eliel> that's why I'd personally love to have the consensus code written in Haskell :P
08:47 <@gmaxwell> Eliel: uh. with implicit, hidden computational and memory complexity?
08:47 <@gmaxwell> Haskell has a nicely powerful type system which is still no replacement for formal methods.
08:48 -!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has quit [Quit: Profreid]
08:50 -!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards
08:51 < Eliel> well, perhaps somewhat simplified haskell.
08:53 -!- execut3 [~shesek@IGLD-84-228-22-89.inter.net.il] has joined #bitcoin-wizards
08:53 -!- atgreen-mobile [~AndChat29@out-on-232.wireless.telus.com] has quit [Ping timeout: 245 seconds]
08:58 -!- nessence [~alexl@178.19.221.38] has joined #bitcoin-wizards
08:58 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Remote host closed the connection]
08:58 -!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:f902:fc51:6034:a88c] has joined #bitcoin-wizards
08:59 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has quit [Remote host closed the connection]
09:00 -!- gsdgdfs [Transisto@213.179.213.218] has joined #bitcoin-wizards
09:01 -!- Transisto [~Trans@modemcable026.188-59-74.mc.videotron.ca] has quit [Ping timeout: 264 seconds]
09:01 -!- samson_ [~samson_@180.183.87.95] has quit [Ping timeout: 244 seconds]
09:01 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 255 seconds]
09:02 -!- atgreen-mobile [~AndChat29@out-on-232.wireless.telus.com] has joined #bitcoin-wizards
09:04 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards
09:06 <@gmaxwell> kanzure: hey, their proof appears to be wrong too.
09:06 <@gmaxwell> kanzure: consider the case where c2,c1,c0,a,b are all UINT_MAX.
09:06 -!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has joined #bitcoin-wizards
09:09 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
09:15 -!- skyraider [uid41097@gateway/web/irccloud.com/x-luanfnuxzfcppqnn] has joined #bitcoin-wizards
09:16 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
09:19 -!- afk11 [tkerin@jbell.maths.tcd.ie] has quit [Quit: Leaving]
09:19 -!- Krellan_ [~krellan@162-234-2-142.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards
09:22 < Eliel> gmaxwell: is there a language that implements formal methods properly?
09:22 <@gmaxwell> Coq.
09:24 < copumpkin> a few others, but chances are most things you want to do you'd do in coq
09:25 -!- austeritysucks [~AS@users69.kollegienet.dk] has joined #bitcoin-wizards
09:25 -!- austeritysucks [~AS@users69.kollegienet.dk] has quit [Changing host]
09:25 -!- austeritysucks [~AS@unaffiliated/austeritysucks] has joined #bitcoin-wizards
09:32 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]
09:35 <@gmaxwell> kanzure: it showed up on HN and I connected there: https://news.ycombinator.com/item?id=8866401
09:39 < kanzure> whois nanolith
09:42 < kanzure> "From an epistemological perspective, a test suite to confirm a property using chosen examples is not nearly as good as a formal proof that guarantees a property over a given domain. For simple cases, such as branch coverage, the test suite may be good enough. As complexity increases, or when testing things like modular arithmetic over an elliptic curve, unit testing leads to false confidence. But, just like in empirical testing, it's ...
09:42 < kanzure> ... possible to build bad proofs. This is where the specialization comes in. There may be plenty of competent engineers who can hack at a test suite, but their results will not be nearly as comprehensive as someone trained in formal verification. It all comes down to epistemology. What do we know, and how do we know it? What possible defects exist in our system, and how bad can they be?"
09:44 < kanzure> epistemology is simple if you deny knowing anything at all :)
09:44 < kanzure> although this is less useful hehe
09:45 <@gmaxwell> I probably don't disagree with what he really means; but I think the argument there is vacuous; you could replace formal methods with Aura-alignment and argue the same thing.
09:47 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Quit: Leaving]
09:47 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
09:48 -!- gsdgdfs [Transisto@213.179.213.218] has quit [Ping timeout: 264 seconds]
09:49 -!- mode/#bitcoin-wizards [-o andytoshi] by andytoshi
09:50 -!- Transisto [Transisto@216.18.237.158] has joined #bitcoin-wizards
09:51 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
09:53 -!- gsdgdfs [Transisto@78.157.217.209] has joined #bitcoin-wizards
09:54 -!- Tjopper [~Jop@dhcp-077-249-237-229.chello.nl] has joined #bitcoin-wizards
09:56 -!- Transisto [Transisto@216.18.237.158] has quit [Ping timeout: 245 seconds]
09:59 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has joined #bitcoin-wizards
10:00 -!- gsdgdfs [Transisto@78.157.217.209] has quit [Ping timeout: 244 seconds]
10:00 -!- luny` is now known as luny
10:01 < Eliel> I don't think that's even an argument, really. Just information without any arguments to back it up. No way to verify it unless you already know a lot about the subject matter.
10:04 -!- vmatekole [~vmatekole@e180174225.adsl.alicedsl.de] has quit [Ping timeout: 245 seconds]
10:10 -!- samson_ [~samson_@180.183.162.60] has joined #bitcoin-wizards
10:20 -!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
10:20 -!- e1782d11df4c9914 [e1782d11df@gateway/vpn/mullvad/x-pltmuoypfoyasyee] has joined #bitcoin-wizards
10:31 -!- vmatekole [~vmatekole@f052091132.adsl.alicedsl.de] has joined #bitcoin-wizards
10:34 -!- NikolaiToryzin [~stqism@freebsd/user/stqism] has joined #bitcoin-wizards
10:36 -!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has joined #bitcoin-wizards
10:41 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards
10:44 -!- Tjopper1 [~Jop@dhcp-077-249-237-229.chello.nl] has joined #bitcoin-wizards
10:45 -!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has quit [Quit: Leaving]
10:46 -!- Tjopper [~Jop@dhcp-077-249-237-229.chello.nl] has quit [Ping timeout: 245 seconds]
10:47 -!- c0rw1n_ is now known as c0rw1n
10:49 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]
10:50 -!- vmatekole [~vmatekole@f052091132.adsl.alicedsl.de] has quit [Remote host closed the connection]
10:50 <@gmaxwell> hurrah:
10:51 <@gmaxwell> " Update
10:51 <@gmaxwell> Somebody points out that the proof is incorrect; the issue here is that we are working over the bitvector logic, which makes our proof implicitly modulo 296. The underlying assumption here, which we also made, is that the result fits into the 3 output words. This is reasonable in the context in which the function is used, but without context it does make the proof incorrect. An easy way to correc
10:51 <@gmaxwell> t this is to add a few bits of slack to account for overflow:"
10:51 <@gmaxwell> (I'm really happy that they didn't split hairs on it being incorrect)
10:51 <@gmaxwell> (might have been polite to credit me though)
10:53 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
10:55 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:392e:9c5a:879b:970] has quit [Ping timeout: 265 seconds]
10:59 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has joined #bitcoin-wizards
10:59 -!- woah [~woah@f053072197.adsl.alicedsl.de] has joined #bitcoin-wizards
11:08 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Remote host closed the connection]
11:08 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
11:12 -!- PRab [~chatzilla@c-98-209-175-213.hsd1.mi.comcast.net] has quit [Read error: Connection reset by peer]
11:12 -!- nessence [~alexl@178.19.221.38] has quit [Remote host closed the connection]
11:13 < Eliel> ah, they substituted you for somebody.
11:13 <@gmaxwell> Cool!
11:13 <@gmaxwell> oh hm?
11:13 <@gmaxwell> It's still somebody. Thats fine.
11:13 < Eliel> ah, I get the feeling you misunderstood. I should probably have ordered the words otherwise.
11:14 <@gmaxwell> yea.
11:17 < Eliel> (currently sick with a slight fever, it's affecting my thinking a bit)
11:21 -!- PRab [~chatzilla@c-98-209-175-213.hsd1.mi.comcast.net] has joined #bitcoin-wizards
11:24 -!- lclc is now known as lclc_bnc
11:25 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:7d78:8de7:d68c:6d30] has joined #bitcoin-wizards
11:25 -!- adam3us2 [~Adium@c31-67.i07-8.onvol.net] has quit [Ping timeout: 244 seconds]
11:34 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has quit [Quit: bvu]
11:38 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has joined #bitcoin-wizards
11:41 -!- user7779_ [user777907@gateway/vpn/mullvad/x-lygqmwfyyzrdjkgo] has joined #bitcoin-wizards
11:41 -!- Dizzle [~Dizzle@cpe-72-182-36-12.austin.res.rr.com] has joined #bitcoin-wizards
11:41 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 245 seconds]
11:42 -!- adam3us [~Adium@c31-67.i07-8.onvol.net] has joined #bitcoin-wizards
11:45 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has quit [Quit: bvu]
11:46 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has quit [Quit: bendavenport]
11:52 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards
12:00 -!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards
12:04 -!- DoctorBTC [~DoctorBTC@unaffiliated/doctorbtc] has quit [Ping timeout: 252 seconds]
12:06 -!- DoctorBTC [~DoctorBTC@unaffiliated/doctorbtc] has joined #bitcoin-wizards
12:20 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has joined #bitcoin-wizards
12:24 -!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Quit: Leaving.]
12:27 -!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Ping timeout: 244 seconds]
12:29 -!- Tjopper1 [~Jop@dhcp-077-249-237-229.chello.nl] has quit [Ping timeout: 245 seconds]
12:29 -!- NomosOne [~NomosOne@pool-71-178-107-61.washdc.east.verizon.net] has quit [Remote host closed the connection]
12:36 -!- licnep [uid4387@gateway/web/irccloud.com/x-sorhldidpxbukmaq] has joined #bitcoin-wizards
12:39 -!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has quit [Quit: bvu]
12:41 -!- zwischenzug [~zwischenz@gateway/vpn/privateinternetaccess/zwischenzug] has joined #bitcoin-wizards
12:56 -!- NomosOne [~NomosOne@pool-71-178-107-61.washdc.east.verizon.net] has joined #bitcoin-wizards
13:04 -!- Tjopper [~Jop@dhcp-077-249-237-229.chello.nl] has joined #bitcoin-wizards
13:09 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has left #bitcoin-wizards []
13:10 -!- Dizzle [~Dizzle@cpe-72-182-36-12.austin.res.rr.com] has quit [Remote host closed the connection]
13:18 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 264 seconds]
13:18 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards
13:21 -!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards
13:33 -!- thanos [~thanos@p5493B966.dip0.t-ipconnect.de] has joined #bitcoin-wizards
13:36 -!- thanos [~thanos@p5493B966.dip0.t-ipconnect.de] has quit [Client Quit]
13:37 -!- woah [~woah@f053072197.adsl.alicedsl.de] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
13:42 -!- e1782d11df4c9914 [e1782d11df@gateway/vpn/mullvad/x-pltmuoypfoyasyee] has quit [Ping timeout: 240 seconds]
13:53 -!- adam3us [~Adium@c31-67.i07-8.onvol.net] has quit [Ping timeout: 264 seconds]
13:55 -!- adam3us [~Adium@c31-67.i07-8.onvol.net] has joined #bitcoin-wizards
14:01 -!- user7779_ [user777907@gateway/vpn/mullvad/x-lygqmwfyyzrdjkgo] has quit [Remote host closed the connection]
14:02 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
14:06 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 255 seconds]
14:12 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards
14:12 -!- belcher [~belcher-s@5ec397f4.skybroadband.com] has joined #bitcoin-wizards
14:12 -!- belcher [~belcher-s@5ec397f4.skybroadband.com] has quit [Changing host]
14:12 -!- belcher [~belcher-s@unaffiliated/belcher] has joined #bitcoin-wizards
14:15 -!- jaekwon_ [~omni@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards
14:20 -!- eslbaer_ [~eslbaer@p548A4B5D.dip0.t-ipconnect.de] has quit [Ping timeout: 255 seconds]
14:21 -!- butters [~butters@95.90.241.127] has joined #bitcoin-wizards
14:36 -!- yoleaux [~yoleaux@xn--ht-1ia18f.nonceword.org] has quit [Ping timeout: 246 seconds]
14:45 -!- jaekwon_ [~omni@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Remote host closed the connection]
14:50 -!- licnep [uid4387@gateway/web/irccloud.com/x-sorhldidpxbukmaq] has quit [Quit: Connection closed for inactivity]
14:58 -!- user7779078 [user777907@gateway/vpn/mullvad/x-mwuawxhapqyswhth] has joined #bitcoin-wizards
15:04 -!- zwischenzug [~zwischenz@gateway/vpn/privateinternetaccess/zwischenzug] has quit [Remote host closed the connection]
15:05 -!- nullbyte [WW@gateway/vpn/mullvad/x-ykvabyaxywiaikmo] has quit [Ping timeout: 244 seconds]
15:05 -!- NewLiberty is now known as NewLiberty-afk
15:07 -!- nullbyte [~WW@unaffiliated/loteriety] has joined #bitcoin-wizards
15:13 -!- NewLiberty-afk [~NewLibert@2602:304:cff8:1580:7d78:8de7:d68c:6d30] has quit [Ping timeout: 265 seconds]
15:15 -!- Krellan_ [~krellan@162-234-2-142.lightspeed.sntcca.sbcglobal.net] has quit [Remote host closed the connection]
15:24 -!- user7779078 [user777907@gateway/vpn/mullvad/x-mwuawxhapqyswhth] has quit [Remote host closed the connection]
15:27 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
15:31 -!- nullbyte [~WW@unaffiliated/loteriety] has quit [Ping timeout: 244 seconds]
15:32 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 255 seconds]
15:33 -!- Dizzle [~Dizzle@cpe-72-182-36-12.austin.res.rr.com] has joined #bitcoin-wizards
15:33 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has quit [Quit: bendavenport]
15:33 -!- nullbyte [WW@gateway/vpn/mullvad/x-ovafbkggtzybtkdo] has joined #bitcoin-wizards
15:33 -!- nullbyte [WW@gateway/vpn/mullvad/x-ovafbkggtzybtkdo] has quit [Changing host]
15:33 -!- nullbyte [WW@unaffiliated/loteriety] has joined #bitcoin-wizards
15:33 -!- nullbyte [WW@unaffiliated/loteriety] has quit [Changing host]
15:33 -!- nullbyte [WW@gateway/vpn/mullvad/x-ovafbkggtzybtkdo] has joined #bitcoin-wizards
15:33 -!- atgreen-mobile [~AndChat29@out-on-232.wireless.telus.com] has quit [Read error: Connection reset by peer]
15:33 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
15:37 -!- Dizzle__ [~Dizzle@2605:6000:1018:c04a:3016:1558:e979:c347] has joined #bitcoin-wizards
15:37 -!- Dizzle [~Dizzle@cpe-72-182-36-12.austin.res.rr.com] has quit [Ping timeout: 264 seconds]
15:38 -!- yoleaux [~yoleaux@xn--ht-1ia18f.nonceword.org] has joined #bitcoin-wizards
15:41 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
15:51 -!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: This computer has gone to sleep]
15:52 -!- Starduster [~guest@unaffiliated/starduster] has quit [Read error: Connection reset by peer]
15:57 -!- Starduster [~guest@unaffiliated/starduster] has joined #bitcoin-wizards
16:12 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]
16:23 -!- Fistful_of_coins [~o3u@unaffiliated/o3u] has quit [Ping timeout: 240 seconds]
16:24 -!- nullbyte [WW@gateway/vpn/mullvad/x-ovafbkggtzybtkdo] has quit [Ping timeout: 244 seconds]
16:25 -!- nullbyte [WW@gateway/vpn/mullvad/x-cxykwvbdaswmsqhl] has joined #bitcoin-wizards
16:29 -!- NomosOne [~NomosOne@pool-71-178-107-61.washdc.east.verizon.net] has quit []
16:31 -!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards
16:35 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Quit: Bye]
16:36 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
16:42 < phantomcircuit> I've been looking at time lock puzzles, specifically one which can be cheaply verified (excluding a chain of hashes) and cheaply created (seemingly excluding all solutions)
16:43 < phantomcircuit> (ie the problem needs a backdoor)
16:43 < kanzure> maybe there's a class of timelock puzzles that you can iterate over, but not know the solutions to upfront?
16:44 < phantomcircuit> im not sure that's why i was asking :P
16:45 <@gmaxwell> phantomcircuit: what exactly are you excluding a chain of hashes for.
16:45 < kanzure> hey you wanted a solution hehe
16:47 < phantomcircuit> gmaxwell, need to be able to cheaply validate partial solutions
16:48 < phantomcircuit> not to mention doesn't fit the second constraint either
16:50 <@gmaxwell> phantomcircuit: find me a partile preimage of 0
16:50 <@gmaxwell> ^ I generated you a timelock puzzle in constant time.
16:51 <@gmaxwell> phantomcircuit: what do you mean by "cheaply validate partial solutions"  You mean you need to cheaply validate a cumulative solution from many partial ones, in order to have progress and low variance?
16:51 <@gmaxwell> If so, thats what the compact SPV proof does from the sidechains paper.
16:54 < phantomcircuit> hmm maybe i didn't articulate that very well
16:55 < phantomcircuit> E(m, k) such that k is cheap to construct if you know s, but can be otherwise constructed without s
16:55 -!- Krellan_ [~krellan@2001:470:1f05:12fe:9dea:4e91:39b2:5e38] has joined #bitcoin-wizards
16:55 <@gmaxwell> right so you want encryption, and not just a proof of work.
16:55 < phantomcircuit> right
16:56 -!- adam3us [~Adium@c31-67.i07-8.onvol.net] has quit [Quit: Leaving.]
16:56 < phantomcircuit> gmaxwell, encryption which can be decrypted by someone without the key, but only by solving a time lock puzzle
16:56 <@gmaxwell> right so you actually want a asymetric encryption scheme where public keys can be generated without knowing the private keys; and then can be cracked with predictable time. I can give you something along those lines.
16:57 < phantomcircuit> right
16:57 <@gmaxwell> For example generate random small EC curves, and random pubkeys in them. Encrypt with M of these things. (M to lower variance)
16:58 <@gmaxwell> Unfortunately EC attacks are not progress free, so larger participants have an advantage; which may be bad for some applications.
16:58 <@gmaxwell> I am not aware of an public key encryption scheme where the best attack is a guess and check that allows you to blindly construct pubkeys.
16:58 < phantomcircuit> yeah it needs to be progress free
17:00 < phantomcircuit> i can actually use a chain of hashes for this but it's considerably suboptimal
17:00 <@gmaxwell> oh perhaps a scheme based on error correcting codes. could satisify that largely.
17:01 <@gmaxwell> your chain of hashes is symetric crypto though; sender has to solve the whole puzzle themselves first.
17:01 < phantomcircuit> right
17:01 < phantomcircuit> that's seriously not ideal, but would actually work
17:01 <@gmaxwell> rivest timelock puzzle works; but its trapdoored. the creator has a secret that can unlock it again for free.
17:02 < phantomcircuit> that's actually acceptable
17:02 <@gmaxwell> oh well then you want the rivest timelock puzzle.
17:02 < op_mul> is it intended to be malicious, or a known backdoor?
17:02 < phantomcircuit> http://people.csail.mit.edu/rivest/lcs35-puzzle-description.txt
17:02 < phantomcircuit> that one?
17:02 <@gmaxwell> op_mul: no no not that kind of backdoor, perhaps I should say trapdoor.
17:03 < op_mul> you did say trapdoor, I just wanted to confirm it was an intentional differentiation.
17:03 <@gmaxwell> Basically the puzzle is to compute successive squarings of a value mod some value. This is easy if you know the orders of the group (from the prime factors of the value), you can just compute the Nth squaring directly if you do.
17:04 <@gmaxwell> If you don't know the factors, the best known way is to compute it the slow way.
17:04 <@gmaxwell> by actually doing all the squarings.
17:05 <@gmaxwell> it can be blinded too, as adam back pointed out on bct... which is kinda cool.
17:05 <@gmaxwell> he'd wanted to use it for brainwallet (yuck) hardening; but for that application you have to store the value you're mod someplace.
17:07 <@gmaxwell> by blinded I mean you can take an instance of the puzzle... modify it in a way that makes it indistinguishable from random, and hand it to someone to grind... and they can give you the value back to unblind and they learn nothing about your instance (at all, absolute zero knoweldge).
17:08 <@gmaxwell> so they can't use that interaction with you to can any advantage in cracking your wallet for themselves.
17:08 < phantomcircuit> if im reading this right you can provide a cheaply verified solution to a third party without knowing the trapdoor secret, is that correct?
17:12 <@gmaxwell> Say I know the factors P,Q of N (the composite these operations are mod). I can directly compute the X-th squaring of Y with O(1) work, lets call that answer A.  I can tell you N, Y, X, H(A)  and you can do the work (with O(X) operations) and find A, and show people.
17:15 < phantomcircuit> gmaxwell, it seems to me like you could abuse this to limit withholding attacks while also resisting censorship
17:15 < phantomcircuit> but only if you already have a pow system to provide ordering
17:16 <@gmaxwell> sounds like you're talking about comitted transactions or something related. The problem with what I was just talking about for that is that the 'setup' is trusted.  Imagine,  I generate N, Y, X, H(A) ... but really instead of H(A)  I just use a random value. So you do the X work, and the result doesn't match.
17:17 <@gmaxwell> I can't prove that to anyone.
17:17 <@gmaxwell> (well they can check for themseles with X work)
17:18 < phantomcircuit> hmm yeah
17:20 -!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has quit [Ping timeout: 250 seconds]
17:21 -!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has joined #bitcoin-wizards
17:21 <@gmaxwell> thats where you need something that doesn't have a trapdoor.
17:21 <@gmaxwell> and you end up back at the discrete log based challenge I mentioned ( which is also on the altideas page from a few years ago)
17:23 <@gmaxwell> so one possibility is this.   Take a strong curve (like secp256k1), generate a random private key, and the matching public key.  Reveal 256-x bits where x is some usefully small number like 64.  Include a zero knoweldge proof that the revealed bits are consistent, so you know a search will be successful.
17:24 <@gmaxwell> A snark could do the ZKP of course, but there may be less magic way.
17:25 < phantomcircuit> i was kind of waiting for the zk-snark solution to pop up :P
17:25 <@gmaxwell> if you use a strong curve, the rho attack which has progress is infeasable, so you're left with only the progress free attack.
17:26 <@gmaxwell> Though beware non-black-box group properties that might yield some speedup when you know part but not all of a key.
17:26 < phantomcircuit> right, but ultimately you dont want a progress free attack
17:27 < phantomcircuit> if it's easy to attack the program in parallel then it's not particularly useful as a time lock
17:28 < phantomcircuit> it's generally easy to improve the performance of a problem that can be solved in parallel
17:28 <@gmaxwell> phantomcircuit: it's easy to give it progress.
17:28 <@gmaxwell> you just apply encryption recursively.
17:28 <@gmaxwell> e.g. generate N puzzles, and encrypted the Nth with the N-1th
17:31 -!- bosma [~bosma@S01067cb21bda6531.vc.shawcable.net] has quit [Quit: Leaving]
17:31 -!- bosma [~bosma@S01067cb21bda6531.vc.shawcable.net] has joined #bitcoin-wizards
17:33 < Eliel> ... what happened to the "has to be progress free"?
17:38 -!- MoALTz__ [~no@user-109-243-165-112.play-internet.pl] has joined #bitcoin-wizards
17:38 < phantomcircuit> Eliel, for this you actually want progress
17:39 < Eliel> oh ok.
17:39 < Eliel> I just thought you said earlier you needed a progress free algo. Perhaps I misunderstood then.
17:40 < phantomcircuit> oh i did say that
17:40 < phantomcircuit> derp
17:40 < phantomcircuit> that's wrong
17:40 -!- MoALTz_ [~no@user-109-243-165-112.play-internet.pl] has quit [Ping timeout: 255 seconds]
17:50 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Quit: Bye]
17:51 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
17:56 -!- erodesstar [~erodessta@189.248.205.230] has joined #bitcoin-wizards
17:57 -!- jaekwon_ [~omni@2601:9:4980:1736:818f:caba:d459:5380] has joined #bitcoin-wizards
18:00 -!- erodesstar [~erodessta@189.248.205.230] has quit []
18:04 < amiller> phantomcircuit, have you looked at the expander graph based timelock puzzle
18:04 < amiller> phantomcircuit, http://www.cs.virginia.edu/~mohammad/files/papers/15%20TimeStamp.pdf
18:05 < amiller> eh i can't tell from your description of what you're actually looking for whether you want it to have a trapdoor or not
18:06 < amiller> i think you want timelock encryption and nevermind i have nothing new to say about that
18:06 < phantomcircuit> amiller, i horribly screwed up describing what i was looking for
18:07 < amiller> :p
18:08 < phantomcircuit> i want to encrypt a message such that the message can be decrypted by solving a time lock puzzle or if the original secret is provided
18:08 < phantomcircuit> optimally in such a way that the typical case isn't expensive
18:08 < phantomcircuit> ie construction is cheap
18:09 < phantomcircuit> amiller, that make sense
18:09 < phantomcircuit> ?
18:10 < amiller> yeah, got it... if i read the scrollback enough times it would have been clear :) the rivest timelock puzzle is good for that
18:10 < petertodd> phantomcircuit: https://github.com/petertodd/timelock
18:11 < petertodd> phantomcircuit: making construction cheap is not possible without sacrificing any hope of having predictability of decryption time (problem becomes parallelizable)
18:13 -!- shesek [~shesek@IGLD-84-228-47-120.inter.net.il] has joined #bitcoin-wizards
18:16 -!- execut3 [~shesek@IGLD-84-228-22-89.inter.net.il] has quit [Ping timeout: 244 seconds]
18:17 < phantomcircuit> petertodd, parallelization construction is a sufficient advantage for this application
18:17 < petertodd> phantomcircuit: what's the application?
18:18 < petertodd> phantomcircuit: note that timelock is parallelizable for the creator of the timelock
18:18 < phantomcircuit> yeah that's fine
18:18 < phantomcircuit> (indeed that's likely preferable)
18:18 < petertodd> you do have to do 100% of the work, but you can throw as many computers at it as you want
18:19 < amiller> i can't figure out how it works from the readme, looks cool though
18:19 < phantomcircuit> the missing piece for me is being able to show a third party that you did all the work and prove to them what the result was
18:19 < petertodd> amiller: it's just multiple parallel hash chains - you create them from a set of n nonces, then encrypt each chain with the result of the previous chain
18:20 < petertodd> amiller: the key trick is the result of a chain is also used to derive a secret key, which can be used to spend bitcoins on the blockchain, giving an incentive to tell the world how fast the cracking effort is going
18:20 < phantomcircuit> amiller, n seeds, encrypt seed n+1 with the final hash in the chain for seed n
18:20 < amiller> oh, ok i see
18:21 < phantomcircuit> petertodd, ah so you get a fuzzy timestamp of how fast someones able to do this
18:21 < phantomcircuit> that's neat
18:21 < amiller> thats really cool
18:22 < petertodd> exactly! and by opening it up to anyone in the world, you give all kinds of people incentives to push the envelope of performance, giving you good data on how many hash/s is possible
18:23 < petertodd> scalar performance is stagnent remember - best performance some grad students could pull out of some crazy liquid nitrogen cooled FPGA is probably only an order of magnitude worse than a expensive ASIC, maybe even closer if said students are really clever
18:23 < petertodd> I do need to change it to make the timelock algorithm be something even more common like AES encryption of fixed data - will map well to reasonably common ASIC implementations hopefully
18:27 -!- shesek [~shesek@IGLD-84-228-47-120.inter.net.il] has quit [Ping timeout: 264 seconds]
18:28 < phantomcircuit> so a time lock puzzle in which any party that does the work to solve the puzzle can produce a proof of the puzzles solution (or if the setup was broken the lack of a solution)
18:28 < phantomcircuit> something tells me moon math
18:29 < petertodd> so proof the puzzle has a solution is dead simple: just provide the secret key created by doing the calculation
18:30 < petertodd> proof the puzzle doesn't have a solution OTOH is moon math,
18:30 < phantomcircuit> right it's the proof that the puzzle doesn't have a solution that i suspect it moon mathy
18:30 < phantomcircuit> is*
18:31 < petertodd> yeah, you may be able to do it by constructing a merkle tree over some of the inner parts of the calculation though - say every 10,000 hashes
18:32 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards
18:33 < petertodd> the main thing is ask what exactly are you trying to prove? the ideal from the point of view of the uninterested timelock cracker is they want to know if they're going to get a reward by attempting to crack the timelock.
18:33 -!- Dr-G2 [~Dr-G@gateway/tor-sasl/dr-g] has joined #bitcoin-wizards
18:34 < petertodd> easiest thing to do there is just force the publication of the timelock in the first place to be accompanied by a bitcoin sacrifice around the same level as the value of each individual chain - you'll potentially waste some time, but at least it wasn't free to waste your time
18:35 < petertodd> a merkle tree then could save others time by letting them quickly verify your findings that the timelock puzzle was broken - but it's not clear that's actually in your incentive strictly speaking
18:36 -!- Dr-G3 [~Dr-G@gateway/tor-sasl/dr-g] has quit [Ping timeout: 250 seconds]
18:36 -!- belcher [~belcher-s@unaffiliated/belcher] has quit [Quit: Leaving]
18:37 < petertodd> now in theory you could construct a bitcoin-like script that would get you a reward for proving a timelock was broken, but the obvious way to do that is to hash basically every intermediate result into some giant tree... kinda ugly
18:37 < petertodd> er, s/ugly/stupidly inefficient to create/
18:37 < petertodd> (never mind that bitcoin is missing CAT so you can't create such a script :( )
18:47 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Quit: Bye]
18:48 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
18:58 -!- d1ggy_ [~d1ggy@dslb-088-071-005-104.088.071.pools.vodafone-ip.de] has joined #bitcoin-wizards
19:02 -!- d1ggy [~d1ggy@dslb-092-076-003-073.092.076.pools.vodafone-ip.de] has quit [Ping timeout: 244 seconds]
19:06 -!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
19:09 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 252 seconds]
19:11 -!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]
19:13 -!- jaekwon_ [~omni@2601:9:4980:1736:818f:caba:d459:5380] has quit [Remote host closed the connection]
19:24 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has quit [Quit: bendavenport]
19:26 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards
19:26 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has quit [Client Quit]
19:33 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Quit: Bye]
19:33 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
19:37 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
19:40 -!- djruffkutz [~djruffkut@ool-43563765.dyn.optonline.net] has joined #bitcoin-wizards
19:41 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 240 seconds]
19:42 < phantomcircuit> gmaxwell, might do best to ignore mr connor
19:42 -!- djruffkutz [~djruffkut@ool-43563765.dyn.optonline.net] has quit [Excess Flood]
19:43 <@gmaxwell> but if I stop responding a terminator from the future may kill my mother! (or wait, save me from another robot from the future? I forget how this goes)
19:43 < gwillen> gmaxwell: depends on which movie
19:44 < gwillen> (same robot in both cases, IIRC)
19:44 < kanzure> all robots from the future are dangerous because they might be here to kill past-you
19:45 < kanzure> (i know someone who is deeply troubled by this to the point of something approximating inaction)
19:45 < phantomcircuit> gmaxwell, he's some altcoin creator (appears to have actually done some real work on that though!)
19:46 <@gmaxwell> phantomcircuit: seems to be nothing on his github but promises, no code; there is a 'whitepaper' http://vanillacoin.net/papers/vanillacoin.pdf  ... supprised to have not seen op_mul quoting from this one yet.
19:46 <@gmaxwell> In any case, given that data I expect your assumptions are right.
19:47 < op_mul> gmaxwell: I figured people would be getting bored of that.
19:47 < phantomcircuit> gmaxwell, there is actual code
19:47 < phantomcircuit> it's all headers though :P
19:49 < op_mul> "I have thought about eventually SSLing all the connections. I assume anything
19:49 < op_mul> short of SSL would be pointless against DPI.
19:50 < op_mul> I'm not sure that really has any impact anyway. imagine for a second that all the bitcoin nodes ran on port 443 and used perfect SSL. you could still censor their connections by just looking at who they connect to.
19:50 < phantomcircuit> op_mul, anyways that cat5e run works perfectly fine with devices
19:51 < phantomcircuit> other*
19:53 < op_mul> (that assumes a eavesdropper with the ability to kill connections, not sit in the middle of them)
19:54 < phantomcircuit> op_mul, which is of course actually much easier
20:03 -!- atgreen-mobile2 [~AndChat29@out-on-232.wireless.telus.com] has joined #bitcoin-wizards
20:05 -!- atgreen-mobile2 [~AndChat29@out-on-232.wireless.telus.com] has quit [Read error: Connection reset by peer]
20:05 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Read error: Connection reset by peer]
20:05 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
20:08 -!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Remote host closed the connection]
20:09 -!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards
20:11 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 244 seconds]
20:12 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards
20:15 -!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 264 seconds]
20:17 -!- agorist0000 [~fircuser@97.95.172.50] has joined #bitcoin-wizards
20:26 -!- agorist0000 [~fircuser@97.95.172.50] has quit [Remote host closed the connection]
20:38 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
20:42 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 255 seconds]
20:53 -!- Fistful_of_Coins [~o3u@162.243.79.19] has joined #bitcoin-wizards
20:59 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Read error: Connection reset by peer]
20:59 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards
20:59 -!- atgreen-mobile [~AndChat29@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Client Quit]
21:16 -!- maraoz [~maraoz@149-136-235-201.fibertel.com.ar] has quit [Ping timeout: 245 seconds]
21:18 -!- irc88 [~irc88@204.28.117.162] has joined #bitcoin-wizards
21:19 -!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards
21:22 -!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Client Quit]
21:27 -!- c0rw1n [~c0rw1n@133.173-243-81.adsl-dyn.isp.belgacom.be] has quit []
21:28 -!- woah [~woah@f053072197.adsl.alicedsl.de] has joined #bitcoin-wizards
21:29 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 264 seconds]
21:29 -!- Emcy [~MC@cpc3-swan1-0-0-cust570.7-3.cable.virginm.net] has joined #bitcoin-wizards
21:29 -!- Emcy [~MC@cpc3-swan1-0-0-cust570.7-3.cable.virginm.net] has quit [Changing host]
21:29 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
21:34 -!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving]
21:36 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 264 seconds]
21:38 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
21:43 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 244 seconds]
22:05 -!- skyraider [uid41097@gateway/web/irccloud.com/x-luanfnuxzfcppqnn] has quit [Quit: Connection closed for inactivity]
22:08 -!- woah [~woah@f053072197.adsl.alicedsl.de] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
22:19 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards
22:34 -!- iddo [~idddo@csm.cs.technion.ac.il] has quit [Read error: Connection reset by peer]
22:39 <@gmaxwell> ::sigh:: https://github.com/bitcoin/bitcoin/pull/5634#issuecomment-69484895
22:39 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
22:42 < op_mul> ._.
22:42 < op_mul> 'This bug does not have any relations to "network consensus" like Gavin has stated.'
22:43 < op_mul> "ERROR: CScriptCheck() : ee6f0a01bc1ae0f7e79545a947d98ca2cee01394c69187ac6d1efbbc25f2ca5b:0 VerifySignature failed: Script evaluated without error but finished with a false/empty top stack element"
22:44 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 255 seconds]
22:44 < op_mul> (many more lines follow of blocks failing verification, my node banning all of it's peers and freaking out)
22:51 -!- delll [~chatzilla@yh97.internetdsl.tpnet.pl] has joined #bitcoin-wizards
23:02 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has quit [Quit: bendavenport]
23:07 -!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards
23:08 -!- Dizzle__ is now known as Dizzle
23:08 < op_mul> hm, why do we ban on an invalid block anyway, doesn't that impede the discovery of a large, invalid chain with valid PoW? my node would never have known, because it banned every peer it knew about.
23:11 <@gmaxwell> https://bitcointalk.org/index.php?topic=920344.0
23:12 <@gmaxwell> op_mul: because they just wasted a huge chunk of your resources. The banning keeps people from iterating invalidity to starve you and potentially partition you.
23:14 < op_mul> not what I would have expected, but alright. I've found a few nodes on the network with 0 connections other than me, I'm assuming they hit some memory corruption or something and banned all of their peers as a result.
23:15 < op_mul> quite a few behind the main chain, too, though not at any regular interval.
23:15 <@gmaxwell> yea, luke has (used to have?) graphs of this
23:16 < phantomcircuit> <phantomcircuit> [03:42:28] gmaxwell, might do best to ignore mr connor
23:16 < phantomcircuit> :(
23:16 < op_mul> according to bitnodes.io it's 16% of the network that aren't at the tip, which is alarmingly high in my mind.
23:18 <@gmaxwell> phantomcircuit: didn't have any liquor hard enough to forget that nonsense, it seemed.
23:18 < op_mul> syncing nodes don't announce themselves, so it wouldn't be attributed to that I don't think.
23:18 < phantomcircuit> gmaxwell, haha
23:19 <@gmaxwell> op_mul: thats 'at the tip mean'?  I mean, one should allow for 1 block plus rescan time slop.
23:19 <@gmaxwell> op_mul: and exclude anything pre-0.8 for obvious reasons.
23:19 < op_mul> 6 or more blocks behind. I'd give better stats but bitnodes doesn't publish them now.
23:21 < phantomcircuit> op_mul, i suspect there's a good number of nodes stalled waiting on a bad peer
23:21 < phantomcircuit> there seems to be a good number of connectable peers which dont respond to getdata requests at all
23:22 < op_mul> yes, I've noticed that too. a good litmus test to find fake nodes is to do an obscure network command like clearfilter.
23:23 < op_mul> would be nice to be able to know if these peers got stuck while syncing, or got left behind by the chain.
23:27 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards
23:28 < midnightmagic> same model of robot anyway. different unit.
23:31 < op_mul> one is a *lot* more interesting though
23:40 < midnightmagic> yeah the one that happened before arnold decided he wanted to be the good guy so he wouldn't scare his kids
23:40 < midnightmagic> :-(
23:40 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards
23:45 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]
23:48 -!- faraka [32ce680e@gateway/web/freenode/ip.50.206.104.14] has joined #bitcoin-wizards
23:58 -!- MoALTz [~no@user-109-243-165-112.play-internet.pl] has joined #bitcoin-wizards
--- Log closed Sun Jan 11 00:00:20 2015