--- Log opened Sun Mar 01 00:00:08 2015 00:02 < maaku> GreenIsMyPepper: for what its worth I think a strip-outpoints sighash mode will be way easier to get into core than upgrading the utxo db to store a normalized id 00:03 < maaku> and accomplishes the same thing so long as you don't reuse addresses... 00:04 < GreenIsMyPepper> I would prefer it as well. Users can be kept from screwing up by not using that sighash flag at all. 00:06 < maaku> right it's not something that will accidentally happen 00:06 -!- Ody10 [~Odysseas@client-8-29.eduroam.oxuni.org.uk] has joined #bitcoin-wizards 00:07 < GreenIsMyPepper> The primary problem is whether malleability for multisig P2SH addresses which the user enters is a problem, if it is, then it might be nice to use a normalized id. 00:07 < GreenIsMyPepper> spending from that multisig P2SH, but again, that requires a pretty complicated wallet anyway... 00:08 < GreenIsMyPepper> However, I guess the problem is *really* about wallets not going to re-sign transactions automatically, so if it was defaulted to use a normalized txid, then it's far easier 00:09 < GreenIsMyPepper> I presume if one directly connected to a miner, the miner may have sufficient incentive to fix the transaction id FOR you to collect the fee :]] 00:12 < GreenIsMyPepper> But yeah, I suppose something like stripping the input entirely is more necessary for functionality, normalized is safety scissors and the question is how costly/painful the UTXO transition would be. 00:13 < maaku> i don't see the safety aspect ... the use cases are non-overlapping 00:16 < GreenIsMyPepper> Currently, the benefit would be current uses of bitcoin pay to address, they don't need to re-sign. Oh also, defaulting to normalized is safer when your alternative is to strip out the input (SIGHASH_NOINPUT) in case you receive another payment after that (can't control others making mistakes, only your own). 00:18 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 00:19 -!- da2ce7_ [~da2ce7@opentransactions/dev/da2ce7] has quit [Quit: Leaving] 00:19 < maaku> right, but my point is current users also don't need malleability protection 00:21 < maaku> you need malleability protection for protocols that are not being done today -- and the implementation of those protocols will use the strip-outpoints flag 00:21 < maaku> i wish it was possible to soft-fork checksig :\ 00:22 < bramc> My point is, you ideally avoid the malleability problem entirely by having utxos be indexed without including their signatures, and anyonecanpay functionality can be built into that by having new signature types 00:22 < sipa> it is; repurpose nop as checksig2 00:23 < GreenIsMyPepper> I don't disagree, however, people will do stupid things if there was only SIGHASH_NOINPUT. If you treat SIGHASH_NORMALIZED as a honeypot alone it has value, but that's being really cynical. 00:23 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has joined #bitcoin-wizards 00:23 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 00:23 < bramc> Of course, bitcoin doesn't actually work that way, and none of the altcoins have fixed that problem... 00:24 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 00:26 < maaku> sipa: that was an engineers lamentation, the NOP space being limited and such 00:26 < sipa> right, sure 00:27 < bramc> Also by making it so that it's a signature extension, it's then possible to make it so that some of the signatures are for everything and some are for their own inputs which might add some flexibility 00:28 < bramc> Also doesn't add anything to the overall size in the end 00:32 < maaku> hrm.. actually you could avoid the checksig{3,4,5,5,6...} problem by having the checksig2 take a sighash mask. then checksig2 could be soft-fork upgradeable... 00:32 < fluffypony> oh forgot to mention earlier this week, for andytoshi and adam3us in particular, MRL has a new research bulletin out that covers traceability attacks, temporal associations when selecting outputs to mix with, and an association by use attack: https://lab.getmonero.org/pubs/MRL-0004.pdf 00:33 < fluffypony> recommendations are made for fixing the traceability attacks (basically enforce global minimum mixin, and provide a path for unmixable outputs / dust to eventually be extracted) 00:33 < fluffypony> and an idea for reducing association by use attacks 00:34 < fluffypony> but temporal associations are trickier, and it comes down to choosing a reasonable distribution for selecting outputs to mix with (and there's not really enough data to make that determination) 00:36 < Luke-Jr> maaku: no need for a mask I think, just have it behave as OP_NOP for any unrecognised SIGHASH flag 00:36 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 245 seconds] 00:37 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 00:39 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards 00:41 < maaku> Luke-Jr: then it's trivial to steal coins 00:42 < maaku> a sighash is in the signature and fully malleable 00:42 < Luke-Jr> maaku: uh, if you use an unrecognised SIGHASH flag.. 00:42 < Luke-Jr> isn't it in the key? 00:42 < maaku> no, the sig 00:42 < maaku> that's what i'm saying, put a mask in the key 00:42 < maaku> so you constrain what can be malleated 00:43 < Luke-Jr> hm 00:44 < Luke-Jr> if we don't do that, we could add key recovery to the new checksig. or would that be too slow? 00:45 < sipa> only slightly slower 00:45 < Luke-Jr> I guess we still can even with a mask, just the data would be only a mask 00:46 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer] 00:46 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 00:46 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has joined #bitcoin-wizards 00:47 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 00:54 -!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has left #bitcoin-wizards [] 00:56 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 00:56 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has joined #bitcoin-wizards 01:04 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 01:04 -!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection] 01:05 -!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards 01:05 * andy-logbot is logging 01:05 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Quit: Leaving.] 01:06 -!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: This computer has gone to sleep] 01:09 -!- moa [~moa@opentransactions/dev/moa] has quit [Quit: Leaving.] 01:12 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Remote host closed the connection] 01:14 -!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Remote host closed the connection] 01:15 -!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards 01:22 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 01:23 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 01:24 -!- Ody10 [~Odysseas@client-8-29.eduroam.oxuni.org.uk] has left #bitcoin-wizards [] 01:28 -!- paveljanik [~paveljani@79-98-72-216.sys-data.com] has joined #bitcoin-wizards 01:28 -!- paveljanik [~paveljani@79-98-72-216.sys-data.com] has quit [Changing host] 01:28 -!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards 01:33 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer] 01:34 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 01:37 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 01:41 -!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 01:42 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 01:44 -!- brisque [~brisque@unaffiliated/brisque] has joined #bitcoin-wizards 01:44 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 246 seconds] 01:44 < brisque> http://democracyos.org/ 01:45 < yoleaux> 9 Oct 2014 15:41Z brisque: is there a document that has a list of inaccuracies in that unmentionable book? 01:45 < brisque> "Trust is deeply built into DemocracyOS using decentralized authority to certify every single decision made." 01:45 -!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 252 seconds] 01:46 < brisque> kanzure: sure, lots of them are already on the wiki. 01:50 < fluffypony> "DemocracyOS is coded entirely in javascript." 01:51 * fluffypony twitches 01:56 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has quit [Ping timeout: 265 seconds] 01:56 < brisque> if you make some assumptions about how they have designed the thing (it's not described), one gets the impression that "blockchain" is being used as a buzz word without consideration for what it actually affords a system that really does need authentication and sybil resistance. 01:58 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has joined #bitcoin-wizards 01:58 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has quit [Read error: Connection reset by peer] 01:58 -!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has quit [Read error: Connection reset by peer] 01:59 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has joined #bitcoin-wizards 01:59 -!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has joined #bitcoin-wizards 02:00 < adlai> s/affords/costs/? 02:03 < fluffypony> adlai: "affords" in the sense of "adds to" or "supplies" 02:04 -!- Rynomster [~quassel@unaffiliated/rynomster] has quit [Ping timeout: 264 seconds] 02:13 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 02:13 -!- xenog [~xeno@86-41-32-183-dynamic.b-ras2.dbn.dublin.eircom.net] has joined #bitcoin-wizards 02:13 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 02:15 < brisque> well the blockchain is quite interesting in that you have something with very good brand power (it's the first distributed consensus) with almost no applicability outside of canonical ordering. it's slow, awkward and ridiculously expensive, so you'd better have a very good rationality for throwing it into a design. as far as difficulty of justifiability goes, a block chain is well up there with shag carpet. 02:15 < nsh> but it really holds the room together 02:16 < Eliel> nsh: that it does :P 02:17 -!- llllllllll [~lllllllll@6d482698.ftth.concepts.nl] has joined #bitcoin-wizards 02:21 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 02:23 < sipa> brisque: plus it really only works with a sufficiently strong incentive structure 02:24 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer] 02:24 < sipa> making it hard to use for things that don't have any value to distribute to cooperating nodes 02:24 -!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards 02:25 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 02:27 < brisque> sipa: I've seen that justified as "well people run debian mirrors with no incentive", but I think that's missing the point that bitcoin is on a whole different scale of resistance heating. if you're at the risk of someone overtaking your network at ease with EC2, then it's probably not realistic to call it a distributed consensus. 02:28 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 02:28 < sipa> brisque: well, cost and reward 02:28 < sipa> many distributed network are pretty easy to attack for a well-funded entity, but with very little gain from doing so 02:29 < sipa> if the gain is faking monetary transactions, that's very different 02:32 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 02:36 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 02:49 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 02:59 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 03:06 -!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer] 03:07 < brisque> sipa: that's a good way of putting it, I've never really thought of bitcoin as incentivising malice before. 03:07 -!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards 03:08 -!- xenog [~xeno@86-41-32-183-dynamic.b-ras2.dbn.dublin.eircom.net] has quit [Ping timeout: 256 seconds] 03:08 -!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards 03:16 -!- mkarrer [~mkarrer@126.Red-83-32-132.dynamicIP.rima-tde.net] has joined #bitcoin-wizards 03:25 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 03:26 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 03:27 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards 03:27 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host] 03:27 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 03:28 < Taek> sipa: one reason you might want to combine multiple outputs under 1 signature is donation addresses 03:30 -!- hashtag_ [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has quit [Read error: Connection reset by peer] 03:30 -!- hashtag_ [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards 03:33 < sipa> Taek: help 03:33 < Taek> ? 03:33 < sipa> i think we should get rid of donation addresses 03:34 < sipa> they;re terrible for privacy 03:34 < Taek> for the sender too? 03:34 < brisque> definitely. 03:34 < sipa> for every single bitcoin user 03:35 < sipa> i think bitcoin as it's used today is pretty much unusable as a monetary system due its terrible privacy because of this 03:36 < Taek> hmm. I can't say I've thought about it enough to disagree competently 03:36 < sipa> i wonder how people would feel if their bank account's value was public 03:36 -!- dabura667 [uid43070@gateway/web/irccloud.com/x-uelnblcwccxbcyqj] has quit [Quit: Connection closed for inactivity] 03:37 < cbeams> sipa: I've often thought of setting up a simple http service that accepts a GET request and responds with a new HD-generated address. 03:38 < brisque> sipa: I think the only reason there's not more attention given to bitcoin privacy is that it's not particularly tangible. the term is "losing" privacy, but there's not an immediate impact most of the time compared with say, losing your money. 03:38 < cbeams> so you'd have 'donation URLs' vs. donation addresses 03:38 < brisque> cbeams: electrum supports that, not that you'd know. 03:38 < sipa> cbeams: payment protocol, please 03:38 < sipa> this exists 03:40 < sipa> brisque: yup 03:40 < cbeams> I guess the question, then, is why aren't people using what already exists? 03:40 < brisque> like I said, there's no immediate tangible impact. 03:41 < Taek> It's the same reason people don't use encryption when they email each other: their tools don't enable it automatically. 03:41 < brisque> when you reuse an address a tentacle doesn't reach through your window and grab you out of your chair, therefor it's perfectly fine. stop worrying. 03:43 < sipa> cbeams: because the idea of account==address is too appealing 03:43 < sipa> it's a mental model people can grasp 03:43 < cbeams> agree, but it seems to me that there isn't a convenient alternative even for those who *are* privacy minded. 03:43 < sipa> and it's transparent due to several websites 03:44 < cbeams> modify what I wrote above regarding a simple http service as "a simple payment-protocol-based http service" 03:44 < cbeams> not tied to electrum necessarily, 03:44 < sipa> cbeams: it has problems, because the server can steal your coins 03:44 < cbeams> just something standalone that people could download and run, and then advertise a url for 03:45 < sipa> (by giving out its own addresses, rather than the users) 03:45 < Eliel> no tangible impact plus it's more work to do it properly. 03:45 < sipa> it's fixable 03:45 < sipa> but few people seem to care 03:45 < Eliel> the first part wouldn't matter too much if it was easy to do it properly :) 03:46 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 03:47 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 03:48 < cbeams> sipa: regarding the server giving out its own addresses, I don't see how this is any more of a risk than a MITM modifying a static donation address. 03:48 < sipa> cbeams: indeed, but it's under the user's control 03:49 < cbeams> i.e. if the assumption is that everyone runs his own donation address service, and everyone trusts his own server, then risk is pretty well contained, no? 03:49 < sipa> MitM seems less of a problem, because nobody expects it to solve the problem 03:49 < fluffypony> cbeams: why not just use OpenAlias? 03:49 < sipa> (like: if i email you my address, people will trust that email delives the mail corrects) 03:49 < cbeams> first I've heard of it. 03:49 < fluffypony> Electrum 2.0 has an OpenAlias plugin 03:49 < fluffypony> openalias.org 03:49 -!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 246 seconds] 03:50 < sipa> fluffypony: doesn't seem to solve anything imho 03:50 < sipa> your address is still public? 03:51 < fluffypony> sipa: yes, which doesn't matter for Monero because of the dual-key stealth addresses, but sure, more of a concern with Bitcoin 03:51 < brisque> sipa: for monero in particular that's not a problem, their addresses are alike "stealth" addresses. 03:51 -!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 244 seconds] 03:51 < sipa> i see 03:51 < fluffypony> until stealth addresses become popular in BTC 03:51 < sipa> i really dislike stealth addresss 03:51 < fluffypony> oh interesting - may I ask why? 03:51 < sipa> they're a distraction that avoids building a real solution 03:52 < sipa> (which is out of band negotiation of transactions) 03:52 < sipa> which has so many extra advantages (better privacy, messaging, atomic refunds, no need to scan the blockchain for incoming transactions, ...) 03:53 < fluffypony> yeah we've been playing around with some ideas for exactly that 03:53 < fluffypony> but very far away 03:53 < brisque> fluffypony: scaling reusable addresses is a terrible problem, if nothing else. 03:53 < Eliel> it'd probably be doable to create a javascript module that takes a public key, makes a random number for each donation and then uses a similar derivation to BIP32 to make a new address for each donator. However, you'd either need to store all the random numbers somewhere or generate them from a sequence... both are a bit hairy with just javascript. 03:53 < sipa> stealth addresses are the correct solution for a small subset of problems 03:53 -!- c0rw1n [~c0rw1n@91.176.85.209] has quit [] 03:54 < sipa> but they're also a more convenient solution for many problems that can be solved in a much better way 03:54 -!- c0rw1n [~c0rw1n@91.176.85.209] has joined #bitcoin-wizards 03:54 < sipa> apart from the fact that no deployed solution exists fro them 03:54 < brisque> Eliel: I've thought of that before, but nothing stops people from just slurping the MPK and scanning for the addresses themselves. there's no additional privacy gained by it. 03:54 < fluffypony> Eliel: if they're deterministic then an attacker can determine them 03:54 < fluffypony> yeah what brisque said 03:54 < Eliel> ah yes, sequence is a no go then 03:55 < fluffypony> if you're trying to avoid address reuse then you may as well publish a deterministic pubkey 03:55 < Eliel> has to be random numbers 03:55 < sipa> fluffypony: that doesn't solve the privacy problem 03:55 < fluffypony> but if it's for privacy then deterministic is a no-go 03:55 < fluffypony> sipa: yep ^^ 03:55 < sipa> avoiding address reuse is not the goal, it's a means 03:55 < fluffypony> yeah 03:56 < brisque> fluffypony: publishing a MPK is pretty scary in terms of non hardened derivitation, it means that information leaks become critical flaws, or at the very least it enables people to be spear phished by leveraging their misunderstanding of deterministic wallets. 03:56 < sipa> yup 03:57 < fluffypony> yup, I was merely following the train of thought from Eliel's idea :) 04:00 -!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards 04:01 < Eliel> being able to do this properly kind of really calls for a secure distributed messaging system. 04:01 < sipa> why? there is no need for anything distributed here 04:02 < sipa> transaction and key negotiation is a private business between sender and receiver 04:02 < sipa> tcp/ip works fine 04:02 < sipa> use tor if you need better privacy 04:02 < Eliel> mostly because it's enough work to set up a secure (as in, no third party able to read your stuff) messaging system that most don't bother 04:04 < brisque> I'm not sure peer to peer privacy is a huge problem at this point in time, it's completely overwhelmed by other privacy flaws. maybe once those are on their way to being solved we can care about more communication magic. 04:05 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 04:06 < Eliel> basically, if we had such a system, it could be integrated into a bitcoin wallet and you could then publish a single identifier (public key) and others could send coins by generating a new address with it on the fly and sending you the private key. You could then combine the private keys to send the coins onward. 04:07 < Eliel> but since you don't have a messaging system you can trust to just work, that's not feasible. 04:08 < sipa> we have a messaging system 04:08 -!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 250 seconds] 04:08 < sipa> it's called tcp/ip 04:08 < brisque> if you're attempting to donate to someone to pay an invoice, you already have HTTP to do that 04:08 < maaku> Eliel: you're solving this on the wrong layer 04:09 < Eliel> sipa: tcp/ip lacks the key feature of what I just described. 04:09 < sipa> which is? 04:10 < Eliel> sipa: if the recipient is not online, communication just fails. 04:10 < fluffypony> Eliel: Monero does what you're describing but completely statically without requiring you or the sender to be online - a Monero address is two pubkeys serialised, to send a tx you compute a "destination" for outputs based on those two keys + some random data, so where an output goes to is not an address 04:11 < sipa> Eliel: meh 04:11 < sipa> Eliel: email works too without people being online the whole time 04:13 < Eliel> sipa: it works, most of the time, yes. But it's fragile and for most people there's a third party with access to their email. 04:13 -!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards 04:14 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards 04:14 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 252 seconds] 04:15 < sipa> Eliel: that can be solved by encryption 04:15 < sipa> Eliel: have an address that's a url + encryption key 04:15 < Eliel> and now you have a system that's way too complex to setup for it to get much use. 04:17 < sipa> gmail doesn't require setup, does it? 04:17 < sipa> nothing that people can't handle 04:17 < Eliel> email itself, no. Actually using the encrypted messages, especially if you want it automated, hell yes. 04:17 < sipa> i don't understand 04:18 < sipa> it's exactly like bitcoin addresses today 04:18 < sipa> except the communication doesn't go over the blockchain, but using a mailbox-type service 04:19 < sipa> the sender creates an encrypted message with a fully-signed but unpublished transaction, sends it to the mailbox service 04:19 < sipa> the receiver's client fetches the message, decrypts it, validates it, and broadcasts it 04:19 < sipa> done 04:19 < sipa> the message contains both the transaction as the nonce used to generate the destination key 04:20 < sipa> so it's impossible for the transaction to arrive at the receiver without him knowing the nonce to spend the coins 04:20 -!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has joined #bitcoin-wizards 04:22 < Eliel> the problem is, both the sender and receiver would need to have already setup their bitcoin wallets with their email. Just putting up a single bitcoin address as a donation address is still much easier and just works. 04:22 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 04:22 < sipa> i don't mean using actual email 04:23 < sipa> just an email like system 04:23 < sipa> integrated in wallet software 04:23 < sipa> and i don't care that it just works 04:23 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 04:23 < sipa> paypal also just works 04:25 < Eliel> ok, if you create a new kind of service for just bitcoin-wallet messaging, you could potentially make it easy enough that it does not rely on the donation sender having to do any setup. 04:25 -!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards 04:26 < Eliel> that'd at least make it sensible for donation receiver to set it up in a privacy enhancing way 04:26 < brisque> making some sort of communication network on top of bitcoins sounds like a horrible idea, frankly. stealth addresses are more preferable than that. 04:26 < Eliel> ... but this sounds just like payment protocol :P 04:26 < sipa> Eliel: it is the payment protocol 04:27 < Luke-Jr> brisque: uh, there's already a communication network 04:27 < Luke-Jr> otherwise bitcoin wouldn't work 04:27 < sipa> with an extension 04:27 < sipa> (to support encryption) 04:27 -!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has joined #bitcoin-wizards 04:28 < brisque> Luke-Jr: not entirely what I meant. "communication" being anything other than flooding transactions and blocks. 04:28 < Luke-Jr> brisque: well, that's still better than stealth addresses at least IMO 04:29 < Luke-Jr> probably wouldn't be that hard either - you could even have nodes pay an intermediary peer to relay if they can't connect directly 04:30 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards 04:30 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host] 04:30 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 04:30 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 04:30 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 04:30 -!- adlai [~Adlai@unaffiliated/adlai] has quit [Ping timeout: 264 seconds] 04:31 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 04:35 < brisque> Luke-Jr: that would result in bitcoin just being people's go-to flood network for everything under the sun, you can't do any sort of targeted routing within the current design (and I don't think you'd want to). an intermediary fee wouldn't work just due to dust and privacy. 04:36 -!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has quit [Remote host closed the connection] 04:38 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has quit [Ping timeout: 250 seconds] 04:40 -!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards 04:42 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 04:42 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 04:42 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 04:47 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds] 04:49 -!- Adlai [~Adlai@unaffiliated/adlai] has joined #bitcoin-wizards 05:11 -!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 252 seconds] 05:18 -!- erasmospunk [~erasmospu@net-2-38-211-181.cust.vodafonedsl.it] has joined #bitcoin-wizards 05:20 -!- erasmosp_ [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has joined #bitcoin-wizards 05:23 -!- erasmospunk [~erasmospu@net-2-38-211-181.cust.vodafonedsl.it] has quit [Ping timeout: 244 seconds] 05:28 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out] 05:28 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 05:32 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards 05:32 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host] 05:32 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 05:33 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 05:38 -!- Dr-G2 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has joined #bitcoin-wizards 05:41 -!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has quit [Ping timeout: 240 seconds] 05:43 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 05:48 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 245 seconds] 05:48 -!- instagibbs [60ff5d39@gateway/web/freenode/ip.96.255.93.57] has joined #bitcoin-wizards 05:52 < instagibbs> Flood network should really not be touched in favor of extra-consensus matters, I think most would agree 05:55 < brisque> if nothing else you quickly run into flooding problems. if you rate limit (like free transactions today) you make a trivial to jam and thus totally unreliable way of getting messages around. you could add some hashcash into the mix, but you get back to the core problem of hashcash where any level of difficulty that would hinder an attacker makes it unusable for an end user. 05:56 < sipa> indeed 06:01 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 06:02 -!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards 06:04 -!- Dr-G2 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has quit [Ping timeout: 256 seconds] 06:06 -!- ceedz [~eric@187.139.146.65] has joined #bitcoin-wizards 06:06 -!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer] 06:07 < instagibbs> centralization ftw! 06:07 < fluffypony> nah, just blockchain all the things 06:08 < instagibbs> I saw electrum people are working on(?) some sort of messaging layer using SMTP 06:08 -!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards 06:08 < fluffypony> nah it's more like payment protocol 06:08 < instagibbs> only saw some slides, and unfortunately they're passing around MPKs it appears 06:09 < fluffypony> but over email 06:09 < fluffypony> I have an intense dislike for email as a mechanism 06:09 < brisque> that's unpleasant as hell. 06:10 < instagibbs> fluffypony: why? 06:10 < fluffypony> instagibbs: I find it unreliable 06:11 < brisque> instagibbs: you've got to admit, it hasn't aged particularly well. 06:11 < instagibbs> Right, but I'm wary of re-creating wheels 06:11 < fluffypony> emails can be silently dropped for any number of reasons, and even the most well-learned antispam system has false positives 06:12 < brisque> reference for instagibbs "slides" reference. https://electrum.org/bitcoinaliases.pdf 06:16 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds] 06:17 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 06:17 -!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!] 06:18 < brisque> I assume in that model the server has to have an address indexed full node to do lookups against, otherwise an attacker can do a trivial denial of service attack where they request past the victim's address lookup cap limit, but never send anything to the addresses. 06:20 -!- ceedz [~eric@187.139.146.65] has quit [Quit: ceedz] 06:21 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Remote host closed the connection] 06:21 < brisque> the idea is a little uncomfortable anyway, despite it's name a MPK really is quite private material. a compromise of that server would both nullify any gain given by not reusing address, and it would also provide name to MPK maps. in fact it's probably worse than just reusing addresses, leaking a MPK is a disaster. 06:21 -!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards 06:22 < sipa> at least the privacy leak is restricted to the server by default (assuming no worse leak) 06:22 < sipa> as opposed to to the entire world, in case of reusing addresses 06:23 < sipa> not disagreeing with you, though 06:25 < kanzure> "i guess you could say it's sort of a dark optimism" 06:27 -!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has joined #bitcoin-wizards 06:31 -!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has quit [Ping timeout: 244 seconds] 06:33 -!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has joined #bitcoin-wizards 06:44 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:443c:ddbe:5bf5:b260] has joined #bitcoin-wizards 06:44 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 06:49 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 265 seconds] 06:52 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 06:56 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Ping timeout: 250 seconds] 06:56 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds] 06:57 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 06:57 -!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has quit [Remote host closed the connection] 06:59 -!- xenog [~xeno@46.7.118.40] has quit [Ping timeout: 265 seconds] 07:04 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards 07:04 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host] 07:04 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 07:12 -!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards 07:15 -!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye] 07:16 -!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards 07:23 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 07:26 -!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards 07:28 -!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has joined #bitcoin-wizards 07:28 -!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has quit [Remote host closed the connection] 07:28 -!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has joined #bitcoin-wizards 07:35 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards 07:36 -!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has quit [Remote host closed the connection] 07:38 -!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has joined #bitcoin-wizards 07:39 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 07:39 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards 07:41 -!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has quit [Remote host closed the connection] 07:42 -!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has joined #bitcoin-wizards 07:42 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 07:45 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 07:50 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 265 seconds] 07:51 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps] 08:04 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 08:04 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 08:09 -!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has joined #bitcoin-wizards 08:16 -!- HaltingState [~HaltingSt@unaffiliated/haltingstate] has joined #bitcoin-wizards 08:48 -!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards 08:51 -!- antgreen [~user@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Ping timeout: 264 seconds] 08:59 -!- coinrookie [~c0inr00ki@c-68-53-21-189.hsd1.tn.comcast.net] has quit [Ping timeout: 246 seconds] 09:02 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 09:05 -!- mpmcsweeney [~mpmcsween@c-50-189-4-61.hsd1.ma.comcast.net] has joined #bitcoin-wizards 09:05 -!- mpmcsweeney [~mpmcsween@c-50-189-4-61.hsd1.ma.comcast.net] has quit [Client Quit] 09:11 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 09:15 -!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: This computer has gone to sleep] 09:19 -!- lmatteis [uid3300@gateway/web/irccloud.com/x-dzczgkytvrywdzvs] has joined #bitcoin-wizards 09:23 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer] 09:26 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 09:39 -!- justanot1eruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 09:40 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 246 seconds] 09:40 -!- skittylx- [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards 09:41 -!- skittylx- [~skittylx@ks203868.kimsufi.com] has quit [Client Quit] 09:44 -!- luktgf [~vfbtgn@188.25.36.90] has quit [Quit: Leaving] 09:47 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 09:58 -!- brisque [~brisque@unaffiliated/brisque] has left #bitcoin-wizards ["Textual IRC Client: www.textualapp.com"] 10:00 -!- oujh [~vfbtgn@82.76.120.35] has joined #bitcoin-wizards 10:00 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] 10:01 -!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has joined #bitcoin-wizards 10:03 -!- instagibbs [60ff5d39@gateway/web/freenode/ip.96.255.93.57] has quit [Quit: Page closed] 10:11 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Read error: Connection reset by peer] 10:24 -!- grau [~grau@37.143.74.116] has joined #bitcoin-wizards 10:24 -!- grau [~grau@37.143.74.116] has quit [Client Quit] 10:30 -!- Emcy [~MC@152.27.187.81.in-addr.arpa] has joined #bitcoin-wizards 10:30 -!- Emcy [~MC@152.27.187.81.in-addr.arpa] has quit [Changing host] 10:30 -!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards 10:32 -!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards 10:32 -!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!] 10:33 -!- amincd [1710a2c6@gateway/web/freenode/ip.23.16.162.198] has quit [Ping timeout: 246 seconds] 10:37 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards 10:51 -!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards 10:51 -!- justanot1eruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 256 seconds] 10:56 -!- oujh [~vfbtgn@82.76.120.35] has quit [Ping timeout: 246 seconds] 10:56 -!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards 10:57 -!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 272 seconds] 10:58 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 10:59 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 11:00 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards 11:00 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host] 11:00 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 11:01 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 11:01 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 11:03 -!- justanotheruser [~Justan@128.211.171.2] has joined #bitcoin-wizards 11:03 -!- justanotheruser [~Justan@128.211.171.2] has quit [Changing host] 11:03 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 11:03 -!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has quit [Quit: Leaving] 11:12 -!- oujh [~vfbtgn@82.76.120.35] has joined #bitcoin-wizards 11:14 -!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has joined #bitcoin-wizards 11:15 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 11:15 -!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards 11:17 -!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards 11:27 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards 11:31 -!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye] 11:33 -!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!] 11:34 -!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards 11:34 -!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards 11:34 -!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Client Quit] 11:38 -!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Read error: Connection reset by peer] 11:38 -!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards 11:46 -!- lnr [~lnr@aim.engr.arizona.edu] has joined #bitcoin-wizards 11:48 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 11:50 -!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards 11:50 -!- agorist000 [~snizysnaz@68-114-156-198.dhcp.kgpt.tn.charter.com] has joined #bitcoin-wizards 11:50 -!- agorist000 [~snizysnaz@68-114-156-198.dhcp.kgpt.tn.charter.com] has quit [Changing host] 11:50 -!- agorist000 [~snizysnaz@unaffiliated/agorist000] has joined #bitcoin-wizards 11:50 -!- agorist000 [~snizysnaz@unaffiliated/agorist000] has quit [Client Quit] 11:52 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 252 seconds] 11:59 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards 12:06 -!- lclc [~lucas@unaffiliated/lclc] has quit [Ping timeout: 265 seconds] 12:10 -!- lclc [~lucas@unaffiliated/lclc] has joined #bitcoin-wizards 12:15 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Quit: Leaving.] 12:16 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 12:17 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] 12:28 -!- adam3us1 [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards 12:28 -!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer] 12:32 -!- lnr [~lnr@aim.engr.arizona.edu] has left #bitcoin-wizards [] 12:33 -!- shesek [~shesek@77.127.13.193] has quit [Ping timeout: 245 seconds] 12:36 -!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: ZZZzzz…] 12:42 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 12:44 -!- mkarrer [~mkarrer@126.Red-83-32-132.dynamicIP.rima-tde.net] has quit [] 12:45 -!- Dr-G [~Dr-G@unaffiliated/dr-g] has quit [Ping timeout: 250 seconds] 12:46 < bramc> I wonder about parsimony in signing library APIs. You should be able to squeeze out a few bytes by making the API 'Is this a valid signature of this thing?' instead of 'what is this a signature of?'. Some for the corresponding public key. 12:48 -!- shesek [~shesek@77.127.13.193] has joined #bitcoin-wizards 12:50 < bramc> So the verify function takes a target signature, a public key, and a purported signature, and it returns True or False based on whether that signature is valid for that public key and target. 12:50 < bramc> But maybe some of this doesn't save any bytes. Or is done that way already. I'll have to work through the details eventually. 13:01 -!- xenog [~xeno@46.7.118.40] has quit [Ping timeout: 240 seconds] 13:01 -!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: Leaving] 13:02 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 13:02 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 13:08 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer] 13:08 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 13:16 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 13:20 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Ping timeout: 246 seconds] 13:20 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 13:20 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 13:29 -!- lclc [~lucas@unaffiliated/lclc] has quit [Ping timeout: 250 seconds] 13:32 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards 13:32 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Client Quit] 13:40 -!- amincd [1710a2c6@gateway/web/freenode/ip.23.16.162.198] has joined #bitcoin-wizards 13:44 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 13:44 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 13:53 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Remote host closed the connection] 13:56 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Quit: Leaving.] 14:00 -!- lmatteis [uid3300@gateway/web/irccloud.com/x-dzczgkytvrywdzvs] has quit [Quit: Connection closed for inactivity] 14:03 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards 14:06 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Client Quit] 14:12 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 14:12 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 265 seconds] 14:14 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards 14:15 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Ping timeout: 252 seconds] 14:17 -!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has quit [Quit: Leaving] 14:19 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Ping timeout: 264 seconds] 14:21 -!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has quit [Quit: Profreid] 14:22 -!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has joined #bitcoin-wizards 14:23 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards 14:23 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Client Quit] 14:29 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards 14:31 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 14:34 -!- moa [~moa@opentransactions/dev/moa] has joined #bitcoin-wizards 14:41 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps] 14:43 < ebfull> so i've been way out of the loop... what's going on with SNARKs? any cool advancements or libraries? 14:46 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 14:46 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 14:48 < justanotheruser> ebfull: nothing new afaik. theres always been this https://github.com/scipr-lab/libsnark 14:48 -!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has quit [Remote host closed the connection] 14:49 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 14:54 -!- erasmosp_ [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has quit [Remote host closed the connection] 14:57 -!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 245 seconds] 15:05 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards 15:07 -!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds] 15:08 -!- grau [~grau@37.143.74.116] has joined #bitcoin-wizards 15:08 -!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has joined #bitcoin-wizards 15:08 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Remote host closed the connection] 15:11 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards 15:30 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 15:33 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Ping timeout: 256 seconds] 15:38 -!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards 15:43 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 15:47 -!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards 15:49 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps] 15:49 -!- jdvs [~John@unaffiliated/jdvs] has joined #bitcoin-wizards 15:54 -!- jdvs [~John@unaffiliated/jdvs] has quit [Quit: leaving] 15:58 -!- xenog [~xeno@46.7.118.40] has quit [Quit: Leaving.] 15:59 -!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards 16:06 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 16:07 < bramc> ebfull, snarks is quite an amazing thing but so far even with its amazingness appears to be quite impractical. 16:08 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards 16:09 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 16:11 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 256 seconds] 16:14 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 256 seconds] 16:17 -!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving] 16:18 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps] 16:21 -!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has quit [Ping timeout: 252 seconds] 16:21 -!- antgreen [~user@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards 16:24 -!- prodatalab_ is now known as prodatalab 16:27 < amiller> bramc, i dunno that seems like an awful summary to me 16:28 < amiller> ebfull, here's a short run down.... microsoft research and the scipr team keep going neck and neck with new systems 16:29 < amiller> microsoft research made a very practical system called gepetto, that has two layers of recursion (snarks proofs that another snark proof is valid, which can give better efficiency but im at a loss for a simple metaphor to explain why) https://eprint.iacr.org/2014/976.pdf 16:30 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 16:30 < bramc> amiller, I have yet to see a proposal for doing something in the real world with snarks which I actually believe can function 16:31 < amiller> the scipr team has found a set of parameters that allow for aribtrary layers of snark recursion, which is theoretically great but a) a bit slower than gepetto, b) not a good enough security level, so this is a proof-of-feasilbiyt more than anything else https://eprint.iacr.org/2014/595 16:32 < amiller> the scipr team has announced a paper (acepted to oakland15, but draft isnt anywhere online yet i guess) about a good way to do the trusted setup as amultiparty computation with a large number of parties http://www.ieee-security.org/TC/SP2015/program.html 16:33 -!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Ping timeout: 246 seconds] 16:36 < amiller> some guy made a small language for writing snark systems thats an alternative to the pinocchio c-to-circuits compiler and i guess is better, i haven't looked carefully http://comments.gmane.org/gmane.comp.encryption.general/22047 https://github.com/jancarlsson/snarkfront 16:39 < amiller> i updated my nonoutsourceable puzzle paper with more explanation of a concrete multi-tier reward system, there's an implementation using libsnark and pincochio (libsnark was better) but that's the same as the previous version http://cs.umd.edu/~amiller/nonoutsourceable.pdf 16:39 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards 16:40 < amiller> gmaxwell says he implemented a snark circuit that can be used with bitcoin today, it proves that the preimage of some hash is the solution to a bunch of a sudoku puzzles or something 16:41 < amiller> https://en.bitcoin.it/wiki/Zero_Knowledge_Contingent_Payment#Zero_knowledge_proof_to_binding 16:42 -!- cornus_ammonis [~Cornus@pool-173-73-119-83.washdc.fios.verizon.net] has joined #bitcoin-wizards 16:43 -!- PRab [~chatzilla@c-98-209-175-213.hsd1.mi.comcast.net] has quit [Quit: ChatZilla 0.9.91.1 [Firefox 35.0.1/20150122214805]] 16:44 < amiller> finally, zerocash is practical and is being actively developed 16:44 -!- PRab [~chatzilla@c-98-209-175-213.hsd1.mi.comcast.net] has joined #bitcoin-wizards 16:44 < amiller> ok, that's a short "the past three months in SNARKs" 16:53 < ebfull> thanks amiller :) 16:56 -!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards 16:58 -!- hashtag [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 246 seconds] 17:00 < bramc> Whether zerocash is practical remains to be seen 17:05 < bramc> Somewhat off topic: It turns out that the failing of a black market backed by bitcoin is the accumulation of databases of shipping addresses: http://aeon.co/magazine/technology/on-the-high-seas-of-the-hidden-internet/ 17:08 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 17:10 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 17:15 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 245 seconds] 17:17 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer] 17:18 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 17:26 -!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards 17:29 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 256 seconds] 17:32 -!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards 17:33 -!- moa [~moa@opentransactions/dev/moa] has quit [Quit: Leaving.] 17:54 -!- AnxiousGarlic [~Spider@130.225.244.206] has joined #bitcoin-wizards 17:54 -!- AnxiousGarlic [~Spider@130.225.244.206] has left #bitcoin-wizards [] 18:03 -!- llllllllll [~lllllllll@6d482698.ftth.concepts.nl] has quit [] 18:03 -!- espes__ [~espes@205.185.120.132] has quit [Ping timeout: 252 seconds] 18:05 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer] 18:05 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards 18:06 -!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye] 18:12 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 18:12 < andytoshi> adam3us1: so a cool way to think about about your ring signature scheme is to consider the hashes as DL-labelled vertices on a connected directed graph with an edge between A->B whenever B is a hash of some function of A. then the signing algo is: (1) pick a vertex V and compute its hash; (2) for each edge V->W where V has had its hash computed, compute W. if W is already computed, you have to know 18:12 < andytoshi> its discrete log else you lose 18:12 < andytoshi> (i hope that makes sense serialized to text). in the sig scheme as described your graph is always just a single hamilton cycle 18:12 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 18:13 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 18:13 < andytoshi> we can define an "admissible DL set" as one where if you know all the DLs in the set, you can do the signing algo, and the result is a ring signature which proves you know an admissible DL set but hides which one 18:14 < andytoshi> this leads to the question (which i am just investigating now in the last 5 minutes), what if you don't just do hamilton cycles? if we do weirdly shaped graphs how creative can we make the admissible sets? 18:14 < andytoshi> (for a hamilton cycle, each DL by itself constitutes an admissible set, i.e. you need to know one DL to compute the signature) 18:16 -!- d1ggy_ [~d1ggy@dslb-092-076-000-051.092.076.pools.vodafone-ip.de] has joined #bitcoin-wizards 18:17 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 264 seconds] 18:17 -!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards 18:18 -!- flower [~user@202.44.238.62] has joined #bitcoin-wizards 18:18 -!- espes__ [~espes@205.185.120.132] has joined #bitcoin-wizards 18:20 -!- flower_ [~user@202.44.238.62] has quit [Ping timeout: 256 seconds] 18:20 -!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has quit [Ping timeout: 272 seconds] 18:20 < bramc> Well this is an interesting result: In my pos system, if one attacker tries to do withholding attacks they might be able to get favorable forks a little more often from it, but if two attackers do withholding attacks the amount they screw each other from lack of cooperation is greater than the amount they can get ahead from it 18:23 < andytoshi> oops, the algo is not actually that simple. each vertex actually has four states "c_i (un)computed" × "s_i (un)computed", and the algo is: for each edge A->B, if A is "c_i uncomputed" set it to "c_i computed"; then if A is "s_i uncomputed" set B "c_i computed" (if it is already, you need to know B's DL else you fail), else if A is "s_i computed" and B "c_i computed" (if it already is, you fail) 18:26 < andytoshi> i think, but unsure, what this means is: every irreducible cycle requires you to know an arbitrary DL on the cycle; additionally every vertex with in-degree N requires you to know an arbitrary (N-1) of the N DL's corresponding to its inputs 18:32 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer] 18:32 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards 18:37 < andytoshi> above i meant "you need to know A's DL else you fail", not B's DL; also the last "and" should be "set" 18:38 -!- xenog [~xeno@46.7.118.40] has quit [Ping timeout: 250 seconds] 18:38 -!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 18:41 -!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Ping timeout: 246 seconds] 18:51 -!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 18:51 -!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has joined #bitcoin-wizards 18:51 -!- dc17523be3 [~unknown@193.138.219.233] has quit [Ping timeout: 264 seconds] 18:52 -!- dc17523be3 [~unknown@193.138.219.233] has joined #bitcoin-wizards 18:55 -!- p15 [~p15@89.248.174.54] has joined #bitcoin-wizards 18:57 -!- p15_ [~p15@124.64.96.201] has quit [Ping timeout: 250 seconds] 19:01 -!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has quit [Read error: Connection reset by peer] 19:02 -!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has joined #bitcoin-wizards 19:03 -!- damethos [~damethos@unaffiliated/damethos] has quit [Ping timeout: 264 seconds] 19:04 < andytoshi> i am assuming each hash is H(L, m, y_i^{s_i} g^{c_i}) where i runs through all the input nodes (so you get a bunch of simultaneous equations), not sure that doing anything else is worth how much harder it makes this to analyze 19:06 -!- gmaxwell [greg@wikimedia/KatWalsh/x-0001] has joined #bitcoin-wizards 19:16 -!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has joined #bitcoin-wizards 19:19 -!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has quit [Read error: Connection reset by peer] 19:20 -!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 19:22 -!- bigpup3 [~bigpuppy@pool-173-66-42-3.washdc.fios.verizon.net] has joined #bitcoin-wizards 19:22 -!- ryanxcharles [~ryan@2601:9:4680:dd0:d48a:363e:5916:7ebb] has quit [Quit: Leaving] 19:24 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 19:25 -!- Cory [~Cory@unaffiliated/cory] has quit [] 19:25 -!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has quit [Remote host closed the connection] 19:25 -!- bigpup3 [~bigpuppy@pool-173-66-42-3.washdc.fios.verizon.net] has quit [Quit: Leaving] 19:26 -!- bigpup3 [~bigpuppy@pool-173-66-42-3.washdc.fios.verizon.net] has joined #bitcoin-wizards 19:27 -!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Ping timeout: 244 seconds] 19:33 -!- ryanxcharles [~ryan@2601:9:4680:dd0:7c46:e371:e28e:f441] has joined #bitcoin-wizards 19:50 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 19:51 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 19:52 -!- Cory [~Cory@unaffiliated/cory] has joined #bitcoin-wizards 19:54 -!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [] 19:56 < bramc> Writing a better sim than I had before, it turns out that the attacker's bonus from pooling in the simple case was worse than I thought 19:56 < bramc> That said, using nth best helps a lot 20:03 -!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 272 seconds] 20:05 -!- licnep [uid4387@gateway/web/irccloud.com/x-qjenyklceftbsion] has joined #bitcoin-wizards 20:12 -!- brisque [~brisque@unaffiliated/brisque] has joined #bitcoin-wizards 20:14 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 20:16 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 20:17 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 20:19 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 245 seconds] 20:19 -!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards 20:19 -!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps] 20:23 -!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 246 seconds] 20:48 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:443c:ddbe:5bf5:b260] has quit [Ping timeout: 265 seconds] 20:52 -!- [7] [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services] 20:52 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards 20:54 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards 20:54 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds] 20:55 -!- grau [~grau@37.143.74.116] has quit [] 20:58 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 21:02 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 250 seconds] 21:03 -!- zwischenzug [~zwischenz@pool-108-51-197-41.washdc.fios.verizon.net] has joined #bitcoin-wizards 21:10 -!- coiner [~linker@115.79.55.177] has joined #bitcoin-wizards 21:10 -!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards 21:13 -!- cryptowest [~cryptowes@191.101.1.104] has quit [Excess Flood] 21:15 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards 21:17 -!- cryptowest [~cryptowes@191.101.1.104] has joined #bitcoin-wizards 21:19 -!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 256 seconds] 21:22 < bramc> argh 21:25 -!- erasmospunk [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has joined #bitcoin-wizards 21:28 < bramc> Making very pessimistic assumptions about an attacker's other possibilities, an attacker gets a lot more pooling advantage than I'd like 21:47 -!- NewLiberty [~NewLibert@2602:304:cff8:1580:443c:ddbe:5bf5:b260] has joined #bitcoin-wizards 21:49 < bramc> I should throw in the requirement that the nth best has to be endorsed by all the ones below it. That makes the attacks work a lot less. 21:53 < bramc> Or maybe that the nth best has to list the ones below it. Need to work this out. 21:56 -!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye] 21:57 < bramc> Okay even the listing ones below it thing works well, but, *sigh*, doing better than that creates massive headaches for the protocol. 22:01 -!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: Later.] 22:04 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Quit: Leaving.] 22:06 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 22:07 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 22:08 -!- p15_ [~p15@198.50.160.97.static-ca.cryptolayer.com] has joined #bitcoin-wizards 22:10 -!- p15 [~p15@89.248.174.54] has quit [Ping timeout: 244 seconds] 22:13 -!- licnep [uid4387@gateway/web/irccloud.com/x-qjenyklceftbsion] has quit [Quit: Connection closed for inactivity] 22:15 -!- hktud0 [ncidsk@unaffiliated/fluffybunny] has quit [Read error: Connection reset by peer] 22:17 -!- hktud0 [wq@unaffiliated/fluffybunny] has joined #bitcoin-wizards 22:18 < bramc> The short of it is that setting n to 2 or 3 works best, and it's critically important that the nth best sign off on the ones below it. Things work better if the lower ones have to sign off on the higher ones as well, but I'll have to think about that some more, it creates awful edge cases when things don't get completed properly 22:22 < bramc> Grumble grumble. At least I've got things working somewhat acceptably. My n is either going to be 2 or 3, I'm fairly sure of that now. 22:23 < brisque> what happens if they refuse to "endorse"? 22:28 -!- moa [~moa@opentransactions/dev/moa] has joined #bitcoin-wizards 22:31 -!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has quit [Ping timeout: 250 seconds] 22:32 -!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has joined #bitcoin-wizards 22:33 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 22:34 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 22:35 -!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 252 seconds] 22:37 < bramc> brisque, then the next one lower will endorse and they won't get their share of the mining reward 22:38 < bramc> At least, that's the way it is in the case where the nth best has to list the ones better than it. In the case where there's mutual interconnected endorsement it gets a lot more complicated and the failure modes are much more of a headache. 22:41 -!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards 22:41 < bramc> With full mutual endorsement required even n=2 works fairly well. That may turn out to be the way to go. 22:43 < bramc> It's possible than a fair number of people reading have no idea what I'm talking about 22:49 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 22:51 < gwillen> bramc: I don't suppose there's a summary somewhere 22:51 < gwillen> I'm curious enough to read it if there is 22:52 < bramc> gwillen, Unfortunately no, it's rather complicated and a bit of a moving target. A bunch of the blockstream people have an idea because I explained it to them in person 22:53 < gwillen> bramc: yeah, I am only recently a blockstream employee so I've heard bits and pieces from them, and bits and pieces in here, but unfortunately I missed hearing about it in person 22:53 -!- zwischenzug [~zwischenz@pool-108-51-197-41.washdc.fios.verizon.net] has quit [Remote host closed the connection] 22:53 -!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards 22:54 < bramc> The too short summary is that I'm working on a cryptocurrency where the mining is based on proofs of storage, with a whole lot of crazy engineering resulting to avoid grinding 22:55 < gwillen> ahhh, okay, yes; the basic scheme was described to me, as of when you described it to the blockstream people 22:56 < bramc> There's some commentary in the stuff about proofs of stake systems that intuitively it seems like there should be no way of avoiding grinding but noone's found a rigorous proof of it. It turns out that it is avoidable (sort of, with limitations) but doing proofs of storage is vastly less problematic than proofs of stake. 22:58 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 22:59 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 22:59 < bramc> Right now I'm working on reducing the potential for what grinding potential remains in my scheme. It can't be completely eliminated, but it can be reduced. It's looking like I'll get down to something like if you have a 10% pool you'll be able to get a 1% or .1% bonus, and if you can make a 40% pool you can get a 10% or 1% bonus 22:59 < bramc> depending on how the parameters are set. 22:59 < gwillen> interesting 23:00 < bramc> There's also some tradeoffs to how much advantage someone with a faster spow can get 23:00 * gwillen nods 23:01 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 240 seconds] 23:03 < bramc> The short of what I'm working on now is making it use the nth best match for determining the next challenge, where the n best have to be found collaboratively, so an attacker working on a fork is a lot less likely to have their fork get ahead. 23:06 -!- hktud0 [wq@unaffiliated/fluffybunny] has quit [Read error: Connection reset by peer] 23:06 -!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving] 23:08 -!- hktud0 [wq@unaffiliated/fluffybunny] has joined #bitcoin-wizards 23:10 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection] 23:25 -!- bedeho [~bedeho@195.159.234.190] has quit [Ping timeout: 244 seconds] 23:25 -!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: This computer has gone to sleep] 23:26 -!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards 23:28 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 23:28 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards 23:29 -!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 245 seconds] 23:32 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards 23:32 -!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host] 23:32 -!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards 23:34 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer] 23:34 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has joined #bitcoin-wizards 23:37 -!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Remote host closed the connection] 23:40 -!- bedeho [~bedeho@195.159.234.190] has joined #bitcoin-wizards 23:41 -!- cornus_ammonis [~Cornus@pool-173-73-119-83.washdc.fios.verizon.net] has quit [Ping timeout: 256 seconds] 23:47 -!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards 23:50 -!- cbeams [~cbeams@unaffiliated/cbeams] has quit [] 23:51 -!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has quit [Ping timeout: 256 seconds] 23:52 -!- null_radix [Elite7851@gateway/shell/elitebnc/x-cmutzjhanxdesdbi] has quit [Ping timeout: 252 seconds] --- Log closed Mon Mar 02 00:00:09 2015