--- Log opened Wed Nov 17 00:00:35 2021
00:01 -!- b10c [uid500648@ilkley.irccloud.com] has joined #bitcoin-wizards
00:43 -!- Guyver2 [Guyver@guyver2.xs4all.nl] has joined #bitcoin-wizards
00:43 -!- vysn [~vysn@user/vysn] has joined #bitcoin-wizards
01:53 -!- smartin [~Icedove@88.135.18.171] has joined #bitcoin-wizards
02:03 -!- kexkey [~kexkey@static-198-54-132-167.cust.tzulo.com] has quit [Ping timeout: 265 seconds]
02:05 -!- kexkey [~kexkey@static-198-54-132-103.cust.tzulo.com] has joined #bitcoin-wizards
02:22 -!- jonatack [jonatack@user/jonatack] has joined #bitcoin-wizards
03:10 -!- b10c [uid500648@ilkley.irccloud.com] has quit [Quit: Connection closed for inactivity]
03:24 -!- gazab [sid6611@user/gazab] has quit [Read error: Connection reset by peer]
03:24 -!- nikuhodai [sid167432@user/nikuhodai] has quit [Read error: Connection reset by peer]
03:24 -!- amiti [sid373138@lymington.irccloud.com] has quit [Read error: Connection reset by peer]
03:24 -!- amiti [sid373138@lymington.irccloud.com] has joined #bitcoin-wizards
03:25 -!- gazab [sid6611@user/gazab] has joined #bitcoin-wizards
03:25 -!- nikuhodai [sid167432@user/nikuhodai] has joined #bitcoin-wizards
03:25 -!- s0ph1a [sid246387@helmsley.irccloud.com] has quit [Ping timeout: 256 seconds]
03:25 -!- Liliaceae [sid282374@lymington.irccloud.com] has quit [Ping timeout: 264 seconds]
03:26 -!- bw [sid2730@user/betawaffle] has quit [Ping timeout: 268 seconds]
03:28 -!- bw [sid2730@user/betawaffle] has joined #bitcoin-wizards
03:28 -!- s0ph1a [sid246387@helmsley.irccloud.com] has joined #bitcoin-wizards
03:28 -!- Liliaceae [sid282374@lymington.irccloud.com] has joined #bitcoin-wizards
03:32 < andytoshi> yeah .. i think it's probably best to just do the extra work rather than defining an extra standard
03:32 < andytoshi> and actually, if i do what i'm suggesting, send people "encrypted" shares and ask them to decrypt them on receipt, then if this process requires they use the recovery process, then that's a good practice run
04:29 -!- AaronvanW [~AaronvanW@190.150.26.4] has joined #bitcoin-wizards
05:00 < andytoshi> ok, doing the share conversion on a 44-char message took me 4 minutes the first time, this is not much of a chore at all (and i think, with a more intuitive permutation and coloring it would be much faster)
05:00 < andytoshi> definitely not worth defining an extra OTP standard for
05:01 < andytoshi> also, i appreciate that every step in this process is character-by-character. so if i fuck up, the errors won't propagate, and if i can do the whole round-trip with fewer than 5 fuckups in principle i don't have to redo it
05:09 -!- kexkey_ [~kexkey@static-198-54-132-135.cust.tzulo.com] has joined #bitcoin-wizards
05:12 -!- kexkey [~kexkey@static-198-54-132-103.cust.tzulo.com] has quit [Ping timeout: 256 seconds]
05:13 < andytoshi> ..aand i made 3 errors, on 44 characters. which extrapolates to 5 on 70 chars, so even if i were doing a 256 bit secret it would've been recoverable. (also, like, in real life i wouldn't do the entire round-trip without checking any of the intermediate checksums)
05:20 < andytoshi> two errors generating the C share, and one error translating the A share during recovery
05:20 < andytoshi> if wonder if it's possible/reasonable to correct two errors by hand
05:21 -!- Guyver2 [Guyver@guyver2.xs4all.nl] has quit [Remote host closed the connection]
05:21 < andytoshi> errors aside, the whole recovery process is extremely fast, it took me a bit over ten minutes total to do all 3 steps
05:22 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Quit: = ""]
05:22 < andytoshi> the "recovery table" is hard to interpret, i think it should be a volvelle
05:41 < roconnor> Probably just needs a better table.
05:41 < roconnor> There are a lot of characters to squeeze into a volvelle.
05:43 < andytoshi> i think you don't need to have both characters together
05:44 < andytoshi> like, if I have the A and C shares ... to get the character for A i'd move the volvelle to "C" and see where "A" maps to
05:44 < andytoshi> and to get the character for C i'd move it to "A" and see where "C" maps to
05:44 < roconnor> sipa: Shouldn't we be able to recover 13 erasures with a 13 character checksum?  Wouldn't you get a system of 13 linear equations to solve?
05:45 < roconnor> andytoshi: oh, interesting.
05:47 < sipa> roconnor: i don't think that is necessarily true
05:48 -!- AaronvanW [~AaronvanW@190.150.26.4] has quit [Ping timeout: 265 seconds]
05:48 < sipa> if you can recover 13 erasures generally, you have a distance 14 code
05:48 < sipa> which implies you could also correct (without bound on computation) 6 errors
05:49 < sipa> roconnor: not all 13 equations will be linearly independent for all combinations of erasure positions
05:51 < roconnor> Right.
05:51 < sipa> but for a cyclic code (like BCH), if they are 13 consecutive positions, they will be
05:52 < sipa> and RS codes have the property that n-symbol checksums give rise to distance=n+1, so there you can fix n erasures anywhere
05:52 < roconnor> So between 8 and 13 ereasures can be recovered, depending on where they are.
05:52 < sipa> right
05:54 < roconnor> so like, a big coffee stain.
05:54 < sipa> depends on your font size, and the size of your caffeine withdrawal symptoms
05:56 -!- grubman9000 [~ufotofu@user/ufotofu] has joined #bitcoin-wizards
05:57 < roconnor> 93 choose 13 is 2 million billion, so I guess I can't compute every possible determinant to get the odds.
05:58 < sipa> my taproot vanity address search searched more keys than that
05:58 < roconnor> oh but 45 choose 13 is only 73 billion.
05:58 < roconnor> Do you think different generators will vary on how many of these determinants are non-zero?
05:58 < sipa> possibly yes
05:59 < roconnor> that would be maybe a reason to pick one of these generators over the other.
05:59 < sipa> and i think you can use the meet-in-the-middle approach we used for the bech32 search
05:59 < roconnor> I only have 3 generators to choose from.
05:59 < sipa> i forget exactly how it worked
05:59 < sipa> ha
06:00 -!- vysn [~vysn@user/vysn] has quit [Ping timeout: 265 seconds]
06:01 < roconnor> there is also some structure here.  If 12 generators are linearly dependentant, so will any 13th.
06:05 -!- AaronvanW [~AaronvanW@190.150.26.4] has joined #bitcoin-wizards
06:08 -!- b10c [uid500648@ilkley.irccloud.com] has joined #bitcoin-wizards
06:14 -!- CryptoDavid [uid14990@uxbridge.irccloud.com] has joined #bitcoin-wizards
06:15 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
06:30 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
06:47 -!- yanmaani [~yanmaani@gateway/tor-sasl/yanmaani] has quit [Ping timeout: 276 seconds]
06:49 -!- yanmaani [~yanmaani@gateway/tor-sasl/yanmaani] has joined #bitcoin-wizards
06:50 < yanmaani> Has anyone researched "cartel attacks" on Bitcoin?
06:51 < yanmaani> basically, you take 51% of the hashrate, you allow 49% to keep mining as long as they pay 10% of their block reward in tribute to them
06:59 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
07:19 -!- yanmaani [~yanmaani@gateway/tor-sasl/yanmaani] has quit [Remote host closed the connection]
07:19 -!- yanmaani [~yanmaani@gateway/tor-sasl/yanmaani] has joined #bitcoin-wizards
07:25 -!- willcl_ark [~quassel@user/willcl-ark/x-8282106] has quit [Ping timeout: 268 seconds]
07:26 -!- AaronvanW [~AaronvanW@190.150.26.4] has quit [Remote host closed the connection]
07:27 -!- willcl_ark [~quassel@user/willcl-ark/x-8282106] has joined #bitcoin-wizards
07:29 -!- Guyver2 [~Guyver@guyver2.xs4all.nl] has joined #bitcoin-wizards
07:29 -!- AaronvanW [~AaronvanW@190.150.26.4] has joined #bitcoin-wizards
07:29 -!- AaronvanW [~AaronvanW@190.150.26.4] has quit [Remote host closed the connection]
08:39 -!- CryptoDavid [uid14990@uxbridge.irccloud.com] has quit [Quit: Connection closed for inactivity]
08:52 -!- gene [~gene@gateway/tor-sasl/gene] has joined #bitcoin-wizards
09:05 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
09:40 -!- jonatack1 [jonatack@user/jonatack] has joined #bitcoin-wizards
09:42 -!- gene [~gene@gateway/tor-sasl/gene] has quit [Remote host closed the connection]
09:42 -!- jonatack12 [jonatack@user/jonatack] has joined #bitcoin-wizards
09:42 -!- gene [~gene@gateway/tor-sasl/gene] has joined #bitcoin-wizards
09:43 -!- jonatack [jonatack@user/jonatack] has quit [Ping timeout: 250 seconds]
09:43 -!- robot-dreams [~robot-dre@200.31.177.15] has joined #bitcoin-wizards
09:44 -!- robot-dreams [~robot-dre@200.31.177.15] has quit [Client Quit]
09:45 -!- jonatack1 [jonatack@user/jonatack] has quit [Ping timeout: 265 seconds]
09:52 < andytoshi> not that i'm aware of
10:31 < sanket1729_> yanmaani: sounds interesting
11:03 -!- Guyver2_ [~Guyver@guyver2.xs4all.nl] has joined #bitcoin-wizards
11:06 -!- Guyver2 [~Guyver@guyver2.xs4all.nl] has quit [Ping timeout: 250 seconds]
11:06 -!- Guyver2_ is now known as Guyver2
11:37 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
11:40 < yanmaani> it's happened in zcash(?) and in bitcoin cash, I think it was, but there it's formal, they call it a dev tax, goes into a multisig, etc.
11:41 < yanmaani> so the question is if you could do it without the dev tax, just "pay us or that's your blockchain"
11:43 < andytoshi> the dev tax is actually in the consensus rules though right?
11:43 < andytoshi> if it weren't, the situation would seem to be much less stable
11:44 < andytoshi> like, the cartel would get BTFO if they were out-51%ed ... which in the case of something like bcash, where they represent a tiny tiny fraction of the available hashpower in the world, seems like a big risk
11:48 < sipa> BTFO?
11:53 < andytoshi> "blown the fuck out"
11:54 < andytoshi> i mean they'd lose all their income
11:54 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
11:55 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
12:21 < andytoshi> roconnor: sipa: so, if i do the checksum verification algorithm on my word, and get a non-0 (well, non-target-value) result
12:22 < andytoshi> the result i get doesn't actually have any information about the correct codeword, does it
12:22 < andytoshi> it just encodes the difference between what i decoded, and the correct codeword
12:22 < andytoshi> so ... i could type the result into an untrusted online tool, couldn't i?
12:22 < andytoshi> and then get a "mask" that i could then apply to my secret with a volvelle
12:25 < andytoshi> let me be more precise: suppose I have a secret codeword C, which has become corrupted to become C'. Then when I compute C' as a polynomial mod g(x), I will get some non-m value, say m', which by itself has *no information about C*. since C = 0 mod g(x).
12:26 < andytoshi> instead, m' encodes something like "there is an error at position 3 of value g, and an error at position 17 of value h"
12:26 < sipa> andytoshi: all error locating / correction / erasure recovery algorithms can function purely on the basis of the checksum (error)
12:27 < sipa> (and location info, for erasures)
12:27 < andytoshi> so if I give m' to an online machine, it runs berlekamp-massey or whatever to interpret it, i can then take my volvulle to add g to position 3 of C' and 17 t position 17
12:27 < sipa> but it's not quite true that it contains no information about the data itself
12:27 < andytoshi> ah ok
12:27 < sipa> oh
12:27 < sipa> you mean on the _code_ word
12:27 < sipa> including the checksum
12:28 < sipa> yes, you're fine then
12:28 < andytoshi> yep
12:28 < sipa> because it's purely a function of the error you've made
12:28 < andytoshi> cool!!
12:28 < andytoshi> so i can actually outsource the hard parts of error correction
12:28 < sipa> the bech32 error locating code on http://bitcoin.sipa.be/bech32/demo/demo.html actually works that way
12:28 < andytoshi> and then hand-compute the parts that involve the actual secret codeword
12:29 < sipa> it runs the normal checksum algorithm, and then converts the checksum error to syndrome representation
12:29 < sipa> (which is a GF(32)-linear transformation!)
12:29 < sipa> and runs error locating on the result
12:29 < andytoshi> very cool
12:33 < andytoshi> where is the source for this website? maybe i'll just steal your code :)
12:33 < sipa> it will not be useful
12:33 < andytoshi> i'd like to write a corrector in python that i can fit on a printed page
12:33 < sipa> andytoshi: https://github.com/sipa/bech32/
12:34 < andytoshi> thanks
12:34 < sipa> but bech32, has only design distance 4
12:34 < sipa> the fact that it is actually distance 5 is due to exhaustive computation, not (known) algebraic properties
12:34 < sipa> so the error location algorithm is a weird mix of algebraic and brute force
12:34 < andytoshi> ahh ok
12:35 < sipa> also, for locating 2 errors... just brute force would work just fine
12:35 < andytoshi> alrighty, i'll implement off the description of various algorithms on wikipedia
12:36 < sipa> this may help for doing part of it: https://github.com/sipa/bech32/pull/64
12:36 < sipa> it has code for generating the exp/log/syndrome tables using sage
12:37 < sipa> so that would quite simply get you the syndromes of a checksum error
12:38 < sipa> then the hard part is computing the error locator polynomial and finding its roots
12:39 < andytoshi> the roots i can find by brute-force, i'm in GF(1024). finding the polynomial seems to involve some linear algebra that doesn't seem too hard (but might be annoying to implement in non-sage Python)
12:40 < sipa> it's not hard
12:41 < sipa> oh, you need Berlekamp-Massey
12:41 < sipa> i have python code for that somewhere
12:41 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
12:42 < sipa> andytoshi: you can probably reuse a whole lot of https://github.com/sipa/minisketch/blob/master/tests/pyminisketch.py
12:42 < andytoshi> thanks!
12:42 < sipa> you want a different field ops class
12:42 < sipa> one that may just work with exp/log tables
12:42 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
12:43 < sipa> it even has a root finding algorithm that's possibly faster than brute force
12:44 < sipa> but also possibly not, because you only care about roots alpha^{1..47} or whatever the length is
12:44 -!- Common [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
12:44 -!- Common_ [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
12:45 -!- Common [~Common@096-033-221-075.res.spectrum.com] has quit [Changing host]
12:45 -!- Common [~Common@user/common] has joined #bitcoin-wizards
12:46 < andytoshi> iirc the length of the code is 93, so might as well go all the way up to that
12:46 -!- Common_ [~Common@096-033-221-075.res.spectrum.com] has quit [Client Quit]
12:55 -!- Common_ [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
12:56 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
12:56 -!- Common_ [~Common@096-033-221-075.res.spectrum.com] has quit [Client Quit]
12:57 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
13:00 -!- Common_ [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
13:00 -!- Common__ [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
13:00 -!- Common__ [~Common@096-033-221-075.res.spectrum.com] has quit [Remote host closed the connection]
13:02 -!- smartin [~Icedove@88.135.18.171] has quit [Remote host closed the connection]
13:03 -!- smartin [~Icedove@88.135.18.171] has joined #bitcoin-wizards
13:05 < roconnor> interesting, so untrusted devices can do error correction.
13:09 < sipa> and the computation to do by hand before that point is just GF(32) math
13:12 < roconnor> though if you make a length error, it is a bit risky.
13:12 -!- sr_gi [~sr_gi@static-195-77-225-77.ipcom.comunitel.net] has quit [Read error: Connection reset by peer]
13:13 < sipa> it may be useful to encode the string with a notation like uuids or so
13:13 < sipa> with separations in fixed positions
13:15 -!- sr_gi [~sr_gi@static-195-77-225-77.ipcom.comunitel.net] has joined #bitcoin-wizards
13:15 < roconnor> OTOH the paper worksheet is a fixed length.
13:15 < roconnor> so mabye it hard to make a length error without noticing.
13:17 < sipa> you could make an insertion and a deletion error
13:18 < roconnor> okay well we should mark groups of 4 with a notch or something which is how cryptosteels are marked.
13:19 < roconnor> and large groups of 16 with bigger notches or something.
13:31 < andytoshi> i like that
13:31 < andytoshi> esp as i suspect people will store their checksummed keys in cryptosteels (this is what i intend to do)
13:31 < sipa> you should use a golomb ruler to locate the notches
13:32 < andytoshi> hahah i have never heard of this
13:32 < andytoshi> https://en.wikipedia.org/wiki/Golomb_ruler
13:51 < andytoshi> my TI-85 got here. unfortunately i have no AAAs
13:56 < roconnor> I can sell you some for $50 a pop.
13:57 < roconnor> oh this is bitcoin-wizards.
13:57 < roconnor> I can sell you some for 50 bitcoin a pop.
13:59 -!- Guyver2 [~Guyver@guyver2.xs4all.nl] has quit [Quit: Going offline, see ya! (www.adiirc.com)]
14:04 < sipa> :D
14:09 -!- Common [~Common@user/common] has quit [Read error: Connection reset by peer]
14:09 -!- Common_ [~Common@096-033-221-075.res.spectrum.com] has quit [Read error: Connection reset by peer]
14:13 -!- Common [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
14:13 -!- Common [~Common@096-033-221-075.res.spectrum.com] has quit [Changing host]
14:13 -!- Common [~Common@user/common] has joined #bitcoin-wizards
14:23 < roconnor> oh, you can tell if the string is supposed to be upper or lower case.
14:23 < roconnor> strings are supposed to be upper case if they begin with "MS1"
14:23 < roconnor> or lowercase if they begin with "ms1"
14:23 < roconnor> and if they don't begin with either of those, the user is entering data for the wrong application.
14:26 -!- Common [~Common@user/common] has quit [Read error: Connection reset by peer]
14:33 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
14:33 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
14:34 -!- Common [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
14:34 -!- Common [~Common@096-033-221-075.res.spectrum.com] has quit [Changing host]
14:34 -!- Common [~Common@user/common] has joined #bitcoin-wizards
14:36 -!- jasan [~j@tunnel625336-pt.tunnel.tserv1.bud1.ipv6.he.net] has quit [Ping timeout: 265 seconds]
14:39 -!- jasan [~j@tunnel625336-pt.tunnel.tserv1.bud1.ipv6.he.net] has joined #bitcoin-wizards
14:41 < sipa> roconnor: you don't want to account for the possibility there is an error in the first 2 characters?
14:43 < roconnor> sipa: I think i do not.
14:44 < roconnor> If they are trying to interpret some data blob according to this spec, then they know it must begin with ms1 or MS1.
14:44 < roconnor> and thus can immediately correct it.
14:45 < roconnor> bech32m seems to have given up on correcting HRPs.
14:45 < roconnor> you cannot correct it without knowing what the checksum is supposed to be
14:45 < roconnor> but what the checksum is supposed to be is a function of the prefix now?
14:46 < roconnor> Anyhow, I'm willing to be convinced otherwise and then shorten the maximum data length by 5.
14:48 < andytoshi> no, i agree with you
14:49 < andytoshi> this is all designed for human data transmission, a human is not going to screw up the HRP
14:49 -!- bfsfhkacjzgcytf [~bfsfhkacj@user/bfsfhkacjzgcytf] has quit [Ping timeout: 265 seconds]
14:52 -!- vysn [~vysn@user/vysn] has joined #bitcoin-wizards
14:54 < sipa> roconnor: yeah
14:55 < sipa> roconnor: though bip350 documents an algorithm for locating errors in segwit addresses, accounting for the constant-dependency on the witness version
14:57 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
14:58 -!- smartin [~Icedove@88.135.18.171] has quit [Quit: smartin]
14:59 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
15:02 < roconnor> I'm confused by that error locating paragraph.
15:03 < roconnor> wouldn't getting a checksum that is neither 1 nor BECH32M_CONST be very common and not very rare?
15:12 < sipa> yes, but that doesn't mean both correspond to up to two errors in specific positions
15:14 -!- yanmaani1 [~yanmaani@gateway/tor-sasl/yanmaani] has joined #bitcoin-wizards
15:14 < roconnor> "If both do (which should be very rare)" 
15:14 < roconnor> what is the very rare event?
15:16 < sipa> that a specific string (which is the result of applying a small error to a valid bech32 or bech32m string) can be seen as simultaneously a valid bech32 string with 1 or 2 errors, and a valid bech32m string with 1 or 2 errors
15:17 -!- yanmaani [~yanmaani@gateway/tor-sasl/yanmaani] has quit [Ping timeout: 276 seconds]
15:22 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
15:22 < roconnor> I though every random (sufficently) long string was 1 or 2 errors away from a valid bech32m and bech32.
15:23 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
15:24 < sipa> just by a counting argument that's not true; there are only 89*31 + 89*88/2*31^2 = 3766035 such errors
15:25 < roconnor> what usually happens when you do error correction on a random string?
15:26 < sipa> bech32 error correction will succeed with a probability of 3766035 / (2^30 - 1)
15:26 < sipa> so will bech32m error correction (but these two aren't independent events)
15:26 < roconnor> I mean, what happens in the math.
15:26 < roconnor> you compute syndromes
15:26 < roconnor> you compute a error locator polyomial.
15:27 < roconnor> it has roots
15:27 < roconnor> maybe the roots are outside the range [c ... c + n]?
15:27 < sipa> or it has more than 2 roots
15:27 < sipa> or it is not fully factorizable
15:28 < roconnor> ok
15:28 < sipa> i wish i had added some comments to https://github.com/sipa/bech32/blob/master/ecc/javascript/bech32_ecc.js
16:01 -!- bsduser2 [~ufotofu@user/ufotofu] has joined #bitcoin-wizards
16:02 -!- grubman9000 [~ufotofu@user/ufotofu] has quit [Ping timeout: 250 seconds]
16:07 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
16:07 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
16:08 -!- bsduser2 is now known as grubman9000
16:09 -!- bfsfhkacjzgcytf [~bfsfhkacj@user/bfsfhkacjzgcytf] has joined #bitcoin-wizards
16:20 -!- gene [~gene@gateway/tor-sasl/gene] has quit [Quit: gene]
16:38 -!- bfsfhkacjzgcytf [~bfsfhkacj@user/bfsfhkacjzgcytf] has quit [Quit: The Lounge - https://thelounge.chat]
16:41 < roconnor> andytoshi: Given a secret with an errounous checksum, then for every other serect you can add in the difference between the two with a checksum adding to 0, to get any other secret with "the same errors" and the same checksum result.
16:42 < roconnor> therefore the checksum result cannot leak any secret data.
16:42 < roconnor> Actually I don't think this is quite true.
16:42 < roconnor> The tool can compute the error differences.
16:43 < roconnor> the error correction factors
16:43 < roconnor> and some errors are more likely than others.
16:43 < roconnor> and thus some error correction factors are more likely than others.
16:43 < roconnor> so arguably the error correction factors leak secret data.
16:47 -!- bfsfhkacjzgcytf [~bfsfhkacj@user/bfsfhkacjzgcytf] has joined #bitcoin-wizards
16:51 -!- Common [~Common@user/common] has quit [Read error: Connection reset by peer]
16:52 -!- Common [~Common@096-033-221-075.res.spectrum.com] has joined #bitcoin-wizards
16:54 -!- Common [~Common@096-033-221-075.res.spectrum.com] has quit [Read error: Connection reset by peer]
17:04 < andytoshi> yeah, i considered that
17:05 < andytoshi> "there's an error in this position, so that position probably has a 5 or S in it" etc
17:05 < andytoshi> i think it's worth highlighting that amount of leakage but realistically it's probably completely irrelevant
17:06 < andytoshi> and like, you can run the error correction code on your own hardware..
17:07 < andytoshi> i think, even if you don't trust your hardware enough to put full secrets on it, you're probably okay leaking a fraction of a bit to it
17:11 < andytoshi> btw, i explained this system to kanzure tonight and showed him one of the volvelles. he said he'd prefer to have a 3-of-N splitting scheme but seemed very interested in being able to checksum and secret-split his stuff without dealing with computers
17:28 < roconnor> andytoshi: I'm optimistic a 3-of-N splitting is doable.
17:29 < roconnor> Probably will end up with 2 or 3 times as much work.
17:48 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #bitcoin-wizards
17:53 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Ping timeout: 276 seconds]
17:58 -!- vysn [~vysn@user/vysn] has quit [Ping timeout: 268 seconds]
18:00 -!- b10c [uid500648@ilkley.irccloud.com] has quit [Quit: Connection closed for inactivity]
18:08 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #bitcoin-wizards
19:04 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
19:04 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
19:41 -!- vysn [~vysn@user/vysn] has joined #bitcoin-wizards
19:55 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
19:56 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
20:21 -!- bfsfhkacjzgcytf [~bfsfhkacj@user/bfsfhkacjzgcytf] has quit [Ping timeout: 265 seconds]
20:41 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
20:43 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
20:44 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
20:45 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
20:46 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
20:47 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
21:01 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
21:02 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
21:07 -!- solocshaw [~Thunderbi@gateway/vpn/pia/solocshaw] has joined #bitcoin-wizards
21:12 -!- bfsfhkacjzgcytf [~bfsfhkacj@user/bfsfhkacjzgcytf] has joined #bitcoin-wizards
21:25 -!- plankster is now known as plankers
21:25 -!- plankers is now known as plankton
21:47 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
21:48 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
23:15 -!- plankton [~plankster@user/plankers] has quit [Ping timeout: 268 seconds]
23:23 -!- plankster [~plankster@user/plankers] has joined #bitcoin-wizards
23:49 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
23:50 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
23:59 -!- solocshaw [~Thunderbi@gateway/vpn/pia/solocshaw] has quit [Ping timeout: 256 seconds]
--- Log closed Thu Nov 18 00:00:36 2021