2014-11-20.log

--- Log opened Thu Nov 20 00:00:56 2014
-!- xabbix [~orw@unaffiliated/xabbix] has quit [Ping timeout: 240 seconds]00:08
-!- xabbix [~orw@bzq-79-177-186-73.red.bezeqint.net] has joined #bitcoin-wizards00:10
-!- Hunger- [hunger@proactivesec.com] has quit [Ping timeout: 264 seconds]00:11
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards00:13
-!- askmike [~askmike@83.162.194.88] has joined #bitcoin-wizards00:15
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:ed5c:4c2a:e03b:abd9] has quit [Ping timeout: 258 seconds]00:15
-!- Hunger- [hunger@proactivesec.com] has joined #bitcoin-wizards00:17
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 240 seconds]00:17
-!- LarsLarsen [~lars@50.161.197.33] has quit [Read error: Connection reset by peer]00:22
-!- LarsLarsen [~lars@50.161.197.33] has joined #bitcoin-wizards00:23
-!- ebfull [~ebfull@c-76-120-40-34.hsd1.co.comcast.net] has quit [Ping timeout: 244 seconds]00:23
-!- go1111111 [~go@162.244.138.37] has quit [Quit: Leaving]00:28
-!- LarsLarsen [~lars@50.161.197.33] has quit [Read error: No route to host]00:33
-!- LarsLarsen [~lars@50.161.197.33] has joined #bitcoin-wizards00:34
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards00:57
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]00:59
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards01:01
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has joined #bitcoin-wizards01:03
-!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection]01:05
-!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards01:05
* andy-logbot is logging01:05
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]01:13
-!- toffoo [~tof@186.205.188.251] has joined #bitcoin-wizards01:19
-!- toffoo [~tof@186.205.188.251] has quit []01:32
-!- lclc is now known as lclc_bnc01:36
-!- lclc_bnc is now known as lclc01:37
-!- ebfull [~ebfull@c-76-120-40-34.hsd1.co.comcast.net] has joined #bitcoin-wizards01:40
-!- coinheavy [~coinheavy@2602:306:ce9f:f5b0:25bb:69cd:7c62:a37b] has quit []01:45
-!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Quit: Leaving.]01:45
-!- CoinMuncher [~jannes@178.132.211.90] has joined #bitcoin-wizards01:47
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Ping timeout: 255 seconds]01:48
-!- todays_tomorrow [~me@d114-78-124-253.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards01:57
-!- todaystomorrow [~me@d114-78-122-114.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 264 seconds]02:01
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards02:02
OP_NULLit actually looks like DarkCoin will become a nice study of incentives, though I doubt they intend it to be. their "masternode" setup slowly absorbed more and more of the block reward as time goes on. https://github.com/darkcoin/darkcoin/blob/master/src/main.cpp#L1399-142802:03
-!- rabbit2 [8984d58f@gateway/web/cgi-irc/kiwiirc.com/ip.137.132.213.143] has joined #bitcoin-wizards02:06
rabbit2is it possible to have a security model where a 51% attack requires performing not just 51% of the work going on right now02:07
rabbit2but instead 51% of the work ever performed throughout the blockchain history02:08
sipahow would that work?02:08
rabbit2suppose that miners submit a hash right now02:08
-!- yoleaux [~yoleaux@xn--ht-1ia18f.nonceword.org] has joined #bitcoin-wizards02:08
rabbit2and then this hash allows them to create a 'virtual hashing machine'02:08
rabbit2the 'virtual hashing machine' operates as if it is performing hashes in perpetuity02:09
rabbit2the owner of the virtual hashing machine hold it's private key02:09
rabbit2and signs blocks using this private key02:09
rabbit2the virtual hashing machines are non-transferable02:09
sipayou're handwaving02:10
sipa"as if" doesn't work in practice; you need to know how to do that02:10
OP_NULLthat's got some weird properties as well. you can't measure hashrate from a single hash. if I'm the person who solved a more than 80 bit block hash, that means I would control most of the networks "hashrate", right?02:10
rabbit2okay, it's actually not that complicate02:10
-!- jaekwon_ [~omni@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards02:10
siparabbit2: it gets complicated if you actually try to solve the problems you're handwaving over02:10
rabbit2you hash once and this creates a unit of non-transferable stake that exists in perpetuity02:11
rabbit2you then select a unit of non-transferable stake at random to mine a block02:11
rabbit2the total hashing power available at any one point in time = all hashes performed since the creation of the blockchain02:11
sipathis seems vulnerable to the nothing at stake problem02:11
OP_NULLgo back to the bit where the miner makes the hash. how do you know what speed they were mining at? we don't even know what the speed of the network is today.02:12
rabbit2you would need to have a constant level of difficulty02:12
siparabbit2: have you heard about the nothing at stake problem?02:12
rabbit2yes, I don't think it is an issue here.02:13
rabbit2You can't credibly trade stake to someone else02:13
rabbit2Whoever created the stake by performing the hash will control it in perpetuity02:13
OP_NULLah. yeah that doesn't work. if you had the same difficulty today as you had in 2009, you'd be making 288,000,000,000,000,000 hashes a second which you would need to store.02:13
rabbit2OP_NULL: True enough, but let's ignore that problem for the time-being02:14
rabbit2sipa: could you explain why you think nothing at stake would apply here?02:15
-!- drawingthesun [~drawingth@106-68-72-107.dyn.iinet.net.au] has joined #bitcoin-wizards02:15
siparabbit2: you can't prevent using the stake on two competing chains simultaneously02:15
OP_NULLrabbit2: the fact remains that you can't measure absolute hashpower of a miner02:15
sipathat's the essential thing necessary for convergence: you need to force people to expend something, which they lose even if they vote wrong02:16
rabbit2yes, I see what you are saying sipa02:16
-!- drawingthesun [~drawingth@106-68-72-107.dyn.iinet.net.au] has quit [Max SendQ exceeded]02:16
sipaif the thing you are expending is defined by the chain itself, it doesn't work, as it exists in equal amounts in other chains02:16
sipahashing is expending something (calculation power)02:16
sipaspending tokens that are defined by the chain itself don't02:17
rabbit2it is not quite defined by the chain itself because it is actual02:17
rabbit2work02:17
sipait used to be02:17
sipayou can't use your tokens further back than the point where the hash was created, true02:17
-!- drawingthesun [~drawingth@106-68-72-107.dyn.iinet.net.au] has joined #bitcoin-wizards02:17
rabbit2to make someone expend something you would need to also require a contemporaneous work input to extend a chain02:17
rabbit2That would provide a sufficient incentive not to mine 2 chains at once.02:18
-!- todays_tomorrow [~me@d114-78-124-253.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 272 seconds]02:18
sipaif you can use the rest simultaneously, it doesn't add anythin02:19
rabbit2They would need to enter as separate inputs.02:19
sipait's not really about incentive... there is no cost to using pre-held stake an infinite number of times, and you don't lose anything by doing so02:20
rabbit2You would have to pay a cost in current work to use your pre-held stake02:20
sipawhich cost?02:20
sipacoins?02:20
sipadefined by your chain itself again?02:20
rabbit2No02:20
sipaor dollars?02:20
rabbit2You would need to submit novel work in conjunction with your tokens in order to extend a chain.02:21
sipahow do they interact?02:21
rabbit2The amount of novel work you need to submit could be quite small02:21
sipai have X tokens and H hashes, how much is it worth?02:21
rabbit2It could be some version of proof of activity for example02:21
sipaif the amount of novel work is small, then you have the same problem again02:21
sipabecause it is cheap to reuse the same tokens in different chains02:22
rabbit2The problem is just discouraging regular miners from mining multiple chains.02:22
sipayou're not discouraging anyone02:22
sipathe measure you use to judge different chains must be proportional to what was lost in creating them02:23
rabbit2Yes, you can reuse the same tokens on different chains. But if each use is costly in terms of current work, you won't want to.02:23
sipaso the PoW is not small02:23
sipathen what do you need the tokens for still?02:23
rabbit2i.e. you would stand a better chance of using all of your current work on the main chain, instead of allocating it to an alternate chain that is less likely to be extended02:23
rabbit2Someone would need the tokens to complete a 51% attack.02:24
sipaif the bottleneck is the proof-of-work, everyone will have plenty of tokens02:24
sipaif the bottleneck is the tokens, you suffer from nothing at stake02:24
rabbit2There doesn't have to be one bottleneck02:24
sipathen stop handwaving :)02:24
rabbit2You can combine two valuable resources02:24
rabbit2Okay, just think of your effective difficulty for current work as 1/(tokens used)^0.502:25
sipathat still means you've made hashing on multiple chains cheaper02:25
rabbit2Yes.02:25
-!- todaystomorrow [~me@d114-78-124-253.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards02:26
sipawhich is the problem we're trying to solve02:26
rabbit2Yes, it is a half-baked idea.02:26
rabbit2I just came up with it a few minutes ago.02:26
sipaok02:26
rabbit2It solves part of the problem.02:26
rabbit2Anyways nice talking to you I will think more02:26
-!- rabbit2 [8984d58f@gateway/web/cgi-irc/kiwiirc.com/ip.137.132.213.143] has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]02:27
-!- kristofferR [~kristoffe@208.37-191-147.fiber.lynet.no] has joined #bitcoin-wizards02:48
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 264 seconds]02:52
-!- Emcy [~MC@cpc3-swan1-0-0-cust615.7-3.cable.virginm.net] has joined #bitcoin-wizards03:00
-!- Emcy [~MC@cpc3-swan1-0-0-cust615.7-3.cable.virginm.net] has quit [Changing host]03:00
-!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards03:00
-!- rdponticelli [~quassel@gateway/tor-sasl/rdponticelli] has joined #bitcoin-wizards03:05
-!- jtimon [~quassel@c51-71.i07-13.onvol.net] has joined #bitcoin-wizards03:12
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Quit: Leaving.]03:43
hearndoes anyone happen to know a simple/quick reference for zero knowledge proofs of the correctness of a homomorphic-cryptosystem decryption? like a zkp that a paillier ciphertext was properly decrypted03:51
* hearn suspects gmaxwell would know03:51
-!- lmatteis [uid3300@gateway/web/irccloud.com/x-cmdkfnnczprllsrt] has joined #bitcoin-wizards03:52
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:ed5c:4c2a:e03b:abd9] has joined #bitcoin-wizards03:56
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards03:56
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:ed5c:4c2a:e03b:abd9] has quit [Read error: Connection reset by peer]03:59
-!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards04:10
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has quit [Ping timeout: 250 seconds]04:16
-!- Quanttek [~quassel@2a02:8108:d00:870:b86f:ca8d:9dc3:c04d] has joined #bitcoin-wizards04:21
-!- todays_tomorrow [~me@d114-78-115-218.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards04:23
-!- todaystomorrow [~me@d114-78-124-253.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 265 seconds]04:25
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]04:30
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards04:31
Alaniushearn: what is it precisely you're trying to prove? "this plaintext encrypts to this ciphertext" or "I know a plaintext that encrypts to this ciphertext"?04:40
hearnthe latter. this post seems relevant and the technique seems simple: http://crypto.stackexchange.com/a/674304:41
hearnor no sorry04:41
hearnthe former.04:41
Alaniusthen why not release the plaintext and the randomness?04:41
hearni have a ciphertext that resulted from adding some other ciphertexts together. here is the cleartext sum, and the proof that i did it correctly (Well you can just add the numbers yourself to get the final ciphertext)04:41
hearnyes that's what the linked answer says, pretty much04:42
hearni didn't realise it would be that simple04:42
Alaniusin the case of paillier it's not possible to release the randomness that matches a ciphertext that was produced from homomorphically adding04:44
Alaniusbecause that would require taking discrete logs04:44
Alaniushowever, you there is a proof saying "I raised this number to the correct exponent and the result is this"04:45
AlaniusI think it's called the Damgård-Jurik proof, let me find it for a sec04:45
Alaniusit will be in here: ftp://ftp.cs.au.dk/BRICS/Reports/RS/00/45/BRICS-RS-00-45.pdf04:46
sipaoh, hi Alanius!04:47
Alaniushey04:48
sipadidn't realize you found the way here :)04:48
hearnAlanius: yes i've seen reference to that kind of proof. need to research it.04:48
Alaniusgot to go no, good luck04:49
Alaniusnow*04:49
hearnthanks04:49
hearni'm not quite sure how being able to prove that statement helps me, though ...04:49
hearnit doesn't have to be paillier04:49
hearnany additively homomorphic scheme works04:50
hearnexponential elgamal is one i saw referenced as perhaps better suited to this task04:50
-!- PRab [~chatzilla@c-98-209-139-209.hsd1.mi.comcast.net] has quit [Remote host closed the connection]05:02
-!- hashtag_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 255 seconds]05:08
-!- bit2017 [~linker@113.161.87.238] has quit [Ping timeout: 255 seconds]05:23
-!- torsthaldo [~torsthald@unaffiliated/torsthaldo] has joined #bitcoin-wizards05:34
-!- askmike [~askmike@83.162.194.88] has quit [Read error: Connection reset by peer]05:35
-!- askmike_ [~askmike@83.162.194.88] has joined #bitcoin-wizards05:35
-!- zooko` [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards05:36
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Ping timeout: 250 seconds]05:37
-!- hashtag [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has joined #bitcoin-wizards05:43
-!- todays_tomorrow [~me@d114-78-115-218.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 265 seconds]05:45
-!- todays_tomorrow [~me@d114-78-115-218.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards05:46
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]05:59
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards06:00
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]06:00
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards06:00
-!- vmatekole [~vmatekole@p5DC47A54.dip0.t-ipconnect.de] has joined #bitcoin-wizards06:05
-!- OP_NULL [~OP_NULL@178.62.133.216] has quit [Quit: leaving]06:15
-!- Cory [~Cory@unaffiliated/cory] has quit [Ping timeout: 255 seconds]06:16
-!- wallet42 [~wallet42@unaffiliated/wallet42] has quit [Quit: Leaving.]06:19
-!- Cory [~Cory@unaffiliated/cory] has joined #bitcoin-wizards06:19
-!- rasengan [rasengan@pdpc/corporate-sponsor/privateinternetaccess.com/rasengan] has quit [Ping timeout: 265 seconds]06:26
-!- zooko` [~user@174-16-237-135.hlrn.qwest.net] has quit [Ping timeout: 272 seconds]06:26
-!- rasengan [rasengan@pdpc/corporate-sponsor/privateinternetaccess.com/rasengan] has joined #bitcoin-wizards06:28
-!- op_null [~op_null@178.62.133.216] has joined #bitcoin-wizards06:49
-!- s7z7g7 [~s7z7g7@cpe-70-94-46-51.kc.res.rr.com] has joined #bitcoin-wizards07:10
-!- coiner [~linker@113.23.8.112] has joined #bitcoin-wizards07:20
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has joined #bitcoin-wizards07:33
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards07:35
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards07:37
-!- zooko` [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards07:40
-!- orperelman [~wboy@bzq-79-177-159-207.red.bezeqint.net] has joined #bitcoin-wizards07:41
-!- c0rw1n is now known as c0rw|away07:45
-!- jaekwon [~Adium@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Ping timeout: 255 seconds]07:47
-!- jaekwon [~Adium@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards07:48
-!- op_null [~op_null@178.62.133.216] has quit [Quit: leaving]07:50
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:696c:56b6:f707:fbdf] has joined #bitcoin-wizards07:52
-!- jaekwon [~Adium@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Ping timeout: 265 seconds]07:52
-!- lclc is now known as lclc_bnc07:54
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards08:01
-!- OneNomos [~OneNomos@pool-71-163-228-125.washdc.east.verizon.net] has joined #bitcoin-wizards08:09
-!- orperelman [~wboy@bzq-79-177-159-207.red.bezeqint.net] has quit [Ping timeout: 244 seconds]08:14
-!- lclc_bnc is now known as lclc08:16
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has quit [Ping timeout: 250 seconds]08:16
-!- xmk3 [~xmk3@unaffiliated/xmk3] has joined #bitcoin-wizards08:22
-!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards08:34
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has joined #bitcoin-wizards08:39
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:e84c:ae8f:58a2:ef7b] has quit [Ping timeout: 258 seconds]08:50
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]08:59
-!- alferz [~alferz@unaffiliated/alfer] has joined #bitcoin-wizards09:02
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has joined #bitcoin-wizards09:09
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]09:17
-!- lclc is now known as lclc_bnc09:20
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]09:21
-!- zooko` is now known as zooko09:22
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards09:22
-!- ryanxcharles [~ryanxchar@162.245.22.162] has joined #bitcoin-wizards09:22
-!- alferz [~alferz@unaffiliated/alfer] has quit [Ping timeout: 244 seconds]09:25
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards09:26
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 264 seconds]09:26
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has quit [Remote host closed the connection]09:30
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]09:33
-!- s7z7g7 [~s7z7g7@cpe-70-94-46-51.kc.res.rr.com] has quit [Quit: Leaving]09:34
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards09:35
-!- askmike_ [~askmike@83.162.194.88] has quit [Remote host closed the connection]09:41
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards09:43
-!- vmatekole [~vmatekole@p5DC47A54.dip0.t-ipconnect.de] has quit [Remote host closed the connection]09:50
-!- vmatekole [~vmatekole@p5DC47A54.dip0.t-ipconnect.de] has joined #bitcoin-wizards09:53
-!- profreid [~profreid@a88-115-210-162.elisa-laajakaista.fi] has joined #bitcoin-wizards09:54
-!- vmatekole [~vmatekole@p5DC47A54.dip0.t-ipconnect.de] has quit [Remote host closed the connection]10:02
-!- hearn [~mike@195-170.62-188.cust.bluewin.ch] has joined #bitcoin-wizards10:03
-!- hearn [~mike@195-170.62-188.cust.bluewin.ch] has quit [Client Quit]10:04
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 240 seconds]10:12
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards10:13
-!- hearn [~mike@195-170.62-188.cust.bluewin.ch] has joined #bitcoin-wizards10:15
-!- orik [~orik@remote.snococpa.com] has joined #bitcoin-wizards10:22
-!- luny` [~luny@unaffiliated/luny] has joined #bitcoin-wizards10:27
-!- luny [~luny@unaffiliated/luny] has quit [Ping timeout: 265 seconds]10:30
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards10:39
-!- torsthaldo [~torsthald@unaffiliated/torsthaldo] has quit [Ping timeout: 264 seconds]10:40
-!- torsthaldo [~torsthald@unaffiliated/torsthaldo] has joined #bitcoin-wizards10:40
-!- dansmith_btc [~dansmith@85.25.117.24] has joined #bitcoin-wizards10:41
-!- zwischenzug [~zwischenz@33.Red-79-158-209.staticIP.rima-tde.net] has quit [Read error: Connection reset by peer]10:41
-!- orperelman [~wboy@bzq-79-177-159-207.red.bezeqint.net] has joined #bitcoin-wizards10:42
-!- iddo [~idddo@csm.cs.technion.ac.il] has quit [Ping timeout: 265 seconds]10:43
-!- paulpaschos [~paul@206.223.168.190] has quit [Client Quit]10:43
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]10:48
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards10:48
-!- eslbaer [~eslbaer@p548A4032.dip0.t-ipconnect.de] has joined #bitcoin-wizards10:49
-!- iddo [~idddo@csm.cs.technion.ac.il] has joined #bitcoin-wizards10:49
-!- askmike [~askmike@ip241-209-210-87.adsl2.static.versatel.nl] has joined #bitcoin-wizards10:52
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 265 seconds]10:53
-!- CoinMuncher [~jannes@178.132.211.90] has quit [Quit: Leaving.]10:54
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards10:54
-!- askmike [~askmike@ip241-209-210-87.adsl2.static.versatel.nl] has quit [Ping timeout: 245 seconds]10:56
-!- orik [~orik@remote.snococpa.com] has quit [Quit: Textual IRC Client: www.textualapp.com]10:58
-!- nuke_ [~nuke@130.43.1.211.dsl.dyn.forthnet.gr] has joined #bitcoin-wizards11:03
-!- nuke1989 [~nuke@ppp-2-87-148-81.home.otenet.gr] has quit [Ping timeout: 264 seconds]11:04
-!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has joined #bitcoin-wizards11:10
-!- orik [~orik@remote.snococpa.com] has joined #bitcoin-wizards11:14
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]11:16
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards11:24
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has quit [Ping timeout: 264 seconds]11:26
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has joined #bitcoin-wizards11:30
-!- llllllllll [~lllllllll@37-251-2-42.FTTH.ispfabriek.nl] has joined #bitcoin-wizards11:34
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]11:43
-!- lmatteis [uid3300@gateway/web/irccloud.com/x-cmdkfnnczprllsrt] has quit [Quit: Connection closed for inactivity]11:43
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has joined #bitcoin-wizards11:48
-!- altoz [~altoz@cpe-24-55-38-141.austin.res.rr.com] has quit [Ping timeout: 240 seconds]11:52
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has quit [Ping timeout: 250 seconds]11:55
-!- altoz [~altoz@cpe-24-55-38-141.austin.res.rr.com] has joined #bitcoin-wizards11:57
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has quit [Quit: Leaving]11:58
-!- luny` is now known as luny12:04
-!- askmike [~askmike@ip241-209-210-87.adsl2.static.versatel.nl] has joined #bitcoin-wizards12:13
-!- orperelman [~wboy@bzq-79-177-159-207.red.bezeqint.net] has quit [Ping timeout: 244 seconds]12:14
-!- epscy [~epscy@176.126.241.239] has quit [Ping timeout: 255 seconds]12:18
-!- nuke_ [~nuke@130.43.1.211.dsl.dyn.forthnet.gr] has quit [Ping timeout: 240 seconds]12:18
-!- orik [~orik@remote.snococpa.com] has quit [Quit: Textual IRC Client: www.textualapp.com]12:22
-!- jb55_ [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards12:27
-!- hearn [~mike@195-170.62-188.cust.bluewin.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]12:28
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 244 seconds]12:29
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards12:29
-!- wyager [~wyager@nat-128-62-66-201.public.utexas.edu] has joined #bitcoin-wizards12:32
-!- Dizzle [~Dizzle@12.130.116.11] has joined #bitcoin-wizards12:33
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has left #bitcoin-wizards []12:34
-!- wyager [~wyager@nat-128-62-66-201.public.utexas.edu] has quit [Quit: wyager]12:45
-!- wyager [~wyager@nat-128-62-66-201.public.utexas.edu] has joined #bitcoin-wizards12:46
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards12:48
-!- profreid [~profreid@a88-115-210-162.elisa-laajakaista.fi] has quit [Quit: profreid]12:52
-!- Dizzle [~Dizzle@12.130.116.11] has quit [Remote host closed the connection]12:54
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has joined #bitcoin-wizards12:54
-!- paulpasc_ [~paul@206.223.168.190] has joined #bitcoin-wizards12:57
-!- paulpasc_ [~paul@206.223.168.190] has quit [Client Quit]12:59
-!- paulpaschos [~paul@206.223.168.190] has quit [Ping timeout: 272 seconds]13:01
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards13:03
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has joined #bitcoin-wizards13:03
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]13:03
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards13:03
-!- eslbaer_ [~eslbaer@p579E8948.dip0.t-ipconnect.de] has joined #bitcoin-wizards13:05
-!- eslbaer [~eslbaer@p548A4032.dip0.t-ipconnect.de] has quit [Ping timeout: 255 seconds]13:05
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]13:07
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards13:07
-!- altoz_ [~altoz@cpe-24-55-38-141.austin.res.rr.com] has joined #bitcoin-wizards13:08
-!- wheninrome [~wheninrom@46.163.53.217] has joined #bitcoin-wizards13:08
-!- paulpaschos [~paul@206.223.168.190] has quit [Read error: Connection reset by peer]13:08
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards13:09
-!- paulpaschos [~paul@206.223.168.190] has quit [Client Quit]13:10
-!- altoz [~altoz@cpe-24-55-38-141.austin.res.rr.com] has quit [Ping timeout: 258 seconds]13:11
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has quit [Ping timeout: 255 seconds]13:11
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards13:12
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards13:12
HMsipa, anyone. what's the EC equivalent of g^b - kg^x  in terms of point operations?13:18
HMit's just B - kxG right13:19
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards13:19
HMyeah, nm, i'm going dappy13:19
HMwait...13:23
-!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards13:23
-!- wheninrome [~wheninrom@46.163.53.217] has left #bitcoin-wizards []13:37
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]13:47
-!- nuke1989 [~nuke@ppp-2-87-148-81.home.otenet.gr] has joined #bitcoin-wizards13:49
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has quit [Ping timeout: 265 seconds]13:50
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]13:51
kanzurewould it be feasible or desirable to include in the bitcoin transaction serialization a blockhash (covered by the signature) that states which blockhash must be in the history of the blockchain for this transaction to be accepted or considered valid?13:51
kanzureone of the reasons i'm thinking about that is because it would allow certain transactions to be issued only conditionally based on some prior transactions included in previous blocks13:52
-!- JeremieDeNoob [~jeremiede@modemcable026.213-130-66.mc.videotron.ca] has joined #bitcoin-wizards13:53
kanzure(such that the transaction can't be included in a history that does not have that prior block)13:53
-!- jb55_ [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]13:55
kanzurealso, this would be neat because you don't have to reference the immediately preceding block hash, or the exact block hash of some transaction that you want to depend on but rather any block after that point and you'll get mostly the desired effect13:57
kanzureand choosing different blockheights more specifically can occur based on your risk appetite or something.13:57
-!- hashtag [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has quit [Ping timeout: 240 seconds]14:01
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards14:02
-!- Dizzle [~Dizzle@ip-64-134-148-27.public.wayport.net] has joined #bitcoin-wizards14:02
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]14:02
-!- drawingthesun [~drawingth@106-68-72-107.dyn.iinet.net.au] has quit [Read error: Connection reset by peer]14:03
-!- wyager [~wyager@nat-128-62-66-201.public.utexas.edu] has quit [Quit: wyager]14:05
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]14:05
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards14:06
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards14:08
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards14:09
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 256 seconds]14:10
-!- epscy [~epscy@176.126.241.239] has joined #bitcoin-wizards14:15
-!- jaekwon [~Adium@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards14:15
-!- jb55 [~jb55@24.244.23.191] has joined #bitcoin-wizards14:19
-!- aburan28 [~ubuntu@static-108-45-93-73.washdc.fios.verizon.net] has quit [Remote host closed the connection]14:24
-!- jb55 [~jb55@24.244.23.191] has quit [Remote host closed the connection]14:29
-!- jb55 [~jb55@24.244.23.212] has joined #bitcoin-wizards14:30
-!- paulpaschos [~paul@CPE0021594f2445-CM001371144618.cpe.net.cable.rogers.com] has joined #bitcoin-wizards14:32
-!- jb55 [~jb55@24.244.23.212] has quit [Ping timeout: 245 seconds]14:34
-!- paulpaschos [~paul@CPE0021594f2445-CM001371144618.cpe.net.cable.rogers.com] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]14:37
-!- jb55 [~jb55@24.244.23.235] has joined #bitcoin-wizards14:41
-!- eslbaer_ [~eslbaer@p579E8948.dip0.t-ipconnect.de] has quit [Quit: Bye]14:44
-!- Quanttek [~quassel@2a02:8108:d00:870:b86f:ca8d:9dc3:c04d] has quit [Ping timeout: 272 seconds]14:51
-!- vmatekole [~vmatekole@e180206175.adsl.alicedsl.de] has joined #bitcoin-wizards14:54
-!- Dizzle [~Dizzle@ip-64-134-148-27.public.wayport.net] has quit [Quit: Leaving...]14:58
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]15:02
sipakanzure: gmaxwell proposed that before, actually :)15:03
sipaHM: yes15:04
gmaxwellkanzure: it's on the altwishlist page of mine, I called it transaction checkpoints.15:04
kanzurecould that be done by an opcode?15:04
-!- waxwing [~waxwing@se5x.mullvad.net] has quit [Ping timeout: 255 seconds]15:05
sipain theory, sure15:05
kanzurei mean in a way that does not fork the blockchain15:06
sipayes15:08
-!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has quit [Ping timeout: 258 seconds]15:09
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Read error: Connection reset by peer]15:10
-!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards15:10
-!- hashtag [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards15:11
gmaxwellkanzure: what I'd suggested there was no so much that it mandated the chain but it only let you collect the fees if it agreed. I suppose a bit could be used to signal stronger behavior... though there is a fungiblity hit if you have it so huge transaction graphs can't be confirmed.15:12
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards15:16
-!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 240 seconds]15:16
-!- hashtag [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 244 seconds]15:17
-!- waxwing [~waxwing@62.205.214.125] has joined #bitcoin-wizards15:17
-!- c0rw|away is now known as c0rw|timetravel15:21
-!- c0rw|timetravel is now known as c0rw1n15:24
-!- altoz_ is now known as altoz15:31
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards15:34
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Read error: Connection reset by peer]15:37
-!- askmike [~askmike@ip241-209-210-87.adsl2.static.versatel.nl] has quit [Remote host closed the connection]15:39
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 265 seconds]15:45
-!- AnoAnon [~AnoAnon@197.37.113.112] has joined #bitcoin-wizards15:54
-!- AnoAnon [~AnoAnon@197.37.113.112] has quit [Max SendQ exceeded]15:54
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards15:54
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]16:01
-!- AdrianG [~User@unaffiliated/amphetamine] has quit [Ping timeout: 272 seconds]16:08
-!- AdrianG [~User@unaffiliated/amphetamine] has joined #bitcoin-wizards16:09
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has quit [Ping timeout: 250 seconds]16:12
-!- Hunger- [hunger@proactivesec.com] has quit [Ping timeout: 264 seconds]16:13
-!- Hunger- [hunger@proactivesec.com] has joined #bitcoin-wizards16:15
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]16:20
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards16:20
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards16:25
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 256 seconds]16:25
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]16:25
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards16:26
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Ping timeout: 255 seconds]16:29
-!- PRab [~chatzilla@c-98-209-139-209.hsd1.mi.comcast.net] has joined #bitcoin-wizards16:30
-!- jtimon [~quassel@c51-71.i07-13.onvol.net] has quit [Remote host closed the connection]16:46
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards16:53
-!- JeremieDeNoob [~jeremiede@modemcable026.213-130-66.mc.videotron.ca] has quit []16:56
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards17:01
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has joined #bitcoin-wizards17:02
-!- coinheavy [~coinheavy@2602:306:ce9f:f5b0:dc24:c0c1:cfa3:eee] has joined #bitcoin-wizards17:06
-!- elliot_ [~elliot@162.244.138.37] has joined #bitcoin-wizards17:10
-!- elliot_ [~elliot@162.244.138.37] has quit [Remote host closed the connection]17:10
-!- llllllllll [~lllllllll@37-251-2-42.FTTH.ispfabriek.nl] has quit []17:11
-!- ryanxcharles [~ryanxchar@162.245.22.162] has quit [Ping timeout: 250 seconds]17:13
-!- torsthaldo [~torsthald@unaffiliated/torsthaldo] has quit [Ping timeout: 244 seconds]17:15
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has joined #bitcoin-wizards17:18
-!- jb55 [~jb55@24.244.23.235] has quit [Remote host closed the connection]17:33
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]17:34
-!- OneNomos [~OneNomos@pool-71-163-228-125.washdc.east.verizon.net] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]17:35
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards17:41
-!- todays_tomorrow [~me@d114-78-115-218.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 272 seconds]17:41
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has quit [Ping timeout: 265 seconds]17:45
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has quit [Ping timeout: 264 seconds]17:59
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]18:00
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards18:06
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit []18:09
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]18:28
-!- rabbit2 [8984d58f@gateway/web/cgi-irc/kiwiirc.com/ip.137.132.213.143] has joined #bitcoin-wizards18:28
rabbit2sipa here?18:29
rabbit2we were discussing shifting the 51% attack from need all of current hashing power18:29
rabbit2to all hashing power ever used in the history of the network18:29
rabbit2anyone feel like shooting my idea on this down?18:30
rabbit2I had conceded there was a nothing-at-stake problem with the idea.18:32
rabbit2This is not correct.18:32
rabbit2There is no nothing-at-stake problem.18:32
rabbit2Any nothing-at-stake fanatic want to take this on?18:33
rabbit2no then?18:33
rabbit2okay, I'll try again another time.18:33
kanzureuh?18:37
rabbit2uh18:37
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards18:37
rabbit2are you requesting an explanation?18:37
kanzureno, i think you are being silly18:37
kanzurewhy would you assume that your network agrees about history?18:38
kanzurethat's the whole problem18:38
rabbit2the network just has to agree about the amount of total work performed throughout history18:38
rabbit2this is verifiable18:38
rabbit2of course you don't observe work directly, but you can measure it based on all historical hash submissions18:39
rabbit2I submit work in the form of a txn18:39
kanzurethe absence of evidence is not the evidence of absence18:39
rabbit2why don't we discuss specifics instead of platitudes?18:40
rabbit2I submit work in the form of a txn below the current difficulty level18:40
rabbit2In this txn I submit a novel public key associated with this work18:41
-!- Dr-G3 [~Dr-G@gateway/tor-sasl/dr-g] has joined #bitcoin-wizards18:41
rabbit2This public key owns a unit of historical work for the indefinite future18:41
Luke-Jr[02:38:52] <rabbit2> the network just has to agree about the amount of total work performed throughout history <-- this is ALREADY the case18:41
rabbit2I know18:41
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has quit [Quit: Leaving]18:42
rabbit2The point is that you can turn historical work into a commodity18:42
Luke-Jr18:42
rabbit2Mining power does not need to be based on work currently performed as is presently the case18:42
rabbit2It could be based on all work performed throughout history18:42
kanzureyeah you could include a hash of previous work or something18:42
rabbit2So, I have this public key that is associated with the previous work I did18:43
rabbit2In each block, we draw a unit of historical work and select this unit of work as a block minter18:43
rabbit2The public key associated with the historical work signs the block.18:43
rabbit2You cannot transfer ownership of historical work on the chain.18:44
-!- Dr-G2 [~Dr-G@gateway/tor-sasl/dr-g] has quit [Ping timeout: 250 seconds]18:44
rabbit2So we can assume that the guy who did the work originally also controls the public key right now.18:44
rabbit2Someone could attempt to sign two competing chains with the same historical work18:44
rabbit2However, this is observable. If we see two contradictory chains signed with the same historical work, we can identify the offender18:45
rabbit2and include proof that he has signed two historical forks in the blockchain18:45
rabbit2based on this proof, the chain can confiscate his historical work, removing him from the lottery18:46
rabbit2he would lose a perpetual stream of txn fees due to his bad behavior18:46
kanzurelots of people have had that idea, are you aware of why they were broken18:46
kanzure(have you studied why they were broken)18:46
rabbit2no, I don't think so. But why don't you explain why it is broken?18:46
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards18:46
kanzurebecause my time is valuable and i am bored by you?18:47
rabbit2yes, I have studied a lot of this stuff18:47
kanzurei am simply informing you that you have a ready source of material to work from18:47
rabbit2and contributed to papers on it18:47
rabbit2could you explain why it is broken, please?18:47
kanzurei just said no, why are you asking so soon18:48
kanzure*asking again18:48
rabbit2there is no nothing-at-stake problem here18:48
rabbit2...18:48
rabbit2Wow18:48
kanzurei would start by grepping https://download.wpsoftware.net/bitcoin/wizards/18:49
rabbit2I have been over a lot of that quite thoroughly18:49
rabbit2...18:49
rabbit2Could you please be specific? Instead of saying, somewhere in 10000 pages of text is an explanation of why you are wrong.18:50
rabbit2Do you understand the nothing-at-stake problem?18:50
rabbit2Because I don't think you do.18:50
kanzurebased on what evidence?18:51
rabbit2I am assuming that you think what I am suggesting couldn't work due to the nothing-at-stake problem18:51
rabbit2is this correct?18:51
rabbit2Or is there some other problem you are referring to?18:52
rabbit2in your exceptionally vague reference to 10000 pages of text18:52
kanzureokay, so based on no evidence18:52
rabbit2can you simply answer, yes or no?18:52
rabbit2Or are you going to continue to say "I won't tell you what I think is wrong with your idea" even in the vaguest possible terms18:53
rabbit2however, I will continue to maintain that it is wrong18:53
-!- roidster [~chatzilla@71-95-216-43.static.mtpk.ca.charter.com] has joined #bitcoin-wizards18:53
kanzuredo you genuinely think that there are no alternative interpretations of my messages? i fully intend you to interpret my messages literally.18:53
-!- roidster is now known as Guest6232918:53
rabbit2Enough18:53
kanzurei haven't even made a statement about whether or not i think your idea is bad, and you have gone off into an extremely weird conversation based on zero evidence18:54
rabbit2you said, "lots of people have had that idea"18:56
rabbit2"are you aware why that idea is broken"18:56
rabbit2I asked for a reference to support "lots of people have had that idea"18:57
rabbit2to start out with18:57
rabbit2even a name would be helpful here18:57
rabbit2without a name or any other specifics, I have to guess at what you might mean18:57
rabbit2anyways "are you aware why that idea is broken" seems to indicate a "statement about whether or not I think your idea is bad"18:59
rabbit2if it doesn't and I misunderstood you then I apologize18:59
-!- go1111111 [~go1111111@50.23.131.235] has joined #bitcoin-wizards19:01
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]19:02
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards19:02
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards19:03
-!- rabbit2 [8984d58f@gateway/web/cgi-irc/kiwiirc.com/ip.137.132.213.143] has left #bitcoin-wizards []19:03
-!- rabbit2 [8984d58f@gateway/web/cgi-irc/kiwiirc.com/ip.137.132.213.143] has joined #bitcoin-wizards19:05
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 258 seconds]19:07
-!- rdponticelli [~quassel@gateway/tor-sasl/rdponticelli] has quit [Ping timeout: 250 seconds]19:10
kanzurewell you can choose to believe either that i am maliciously throwing you on a wild goose chase or that i genuinely believe that if you look in the logs that you will find previous proposals very similar to your "just know all competing histories" idea.19:11
kanzure(and attacks against same)19:11
rabbit2the attacks assume that it is possible to transfer ownership in the past19:12
rabbit2if it is not possible to transfer ownership on the chain, the attacks do not work anymore19:13
kanzurehmm, so i grepped the logs a bit and the oke0_ person seems to have your same idea19:13
kanzurego read the replies to his statements in the logs19:13
rabbit2thanks I will check it out19:13
kanzure(now why couldn't you have done that on your own? sigh)19:13
rabbit2could you provide a link19:16
kanzureno19:16
kanzurejust https://download.wpsoftware.net/bitcoin/wizards/19:16
kanzurensh asked for a pointer from the logbot, you're in luck http://download.wpsoftware.net/bitcoin/wizards/2014-05-29.txt19:17
-!- go1111111 [~go1111111@50.23.131.235] has quit [Ping timeout: 255 seconds]19:18
tromp_.txt -> .html19:18
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]19:19
-!- Dizzle [~Dizzle@12.130.116.19] has joined #bitcoin-wizards19:20
-!- Dizzle [~Dizzle@12.130.116.19] has quit [Remote host closed the connection]19:23
kanzureanother one was the zack-truthcoin person19:25
kanzure"< zack-truthcoin> if they are caught signing onto competing forks, then they lose all money."19:25
kanzurejust keeps happening again and again19:25
kanzureit's almost criminal to have no context at this point19:25
fennwhen they outlaw having no context, only criminals will be context-free19:26
kanzureexcept context is freely available and hugely useful19:27
kanzureif you are trying to design an alternative system of byzantine agreement it would be a good idea to check the -wizards logs19:27
rabbit2yes oke_ does have the exact same idea, (except that he wants to use some form of inflation)19:28
rabbit2to compare historical work to current work, I believe that could create problems19:29
rabbit2I don't see any critical objection raised to the idea in that thread19:29
kanzurekeep reading19:29
kanzurethere were many objections19:30
rabbit2But you are completely right that the idea has been proposed before19:30
rabbit2I read the entire thread19:30
rabbit2_oke addressed them all19:30
-!- weex_ [~weex@99-6-135-18.lightspeed.snmtca.sbcglobal.net] has joined #bitcoin-wizards19:30
kanzurewell try the truthcoin person next, ugh19:30
rabbit2He is right that you can't sell information19:30
kanzurethis should be your job, not mine19:30
rabbit2that you can stil use19:30
rabbit2truthcoin person is whom?19:30
rabbit2you are making my job much easier thank you19:30
kanzurehis name has "truthcoin" in it, just grep for that19:30
-!- woah [~woah@199-241-202-232.PUBLIC.monkeybrains.net] has joined #bitcoin-wizards19:30
-!- weex [~weex@fsf/member/weex] has quit [Read error: Connection reset by peer]19:31
kanzureor grep for "caught" in the logs19:31
kanzurehaha:19:31
kanzure15:34 < gmaxwell> mr_burdell: but the absense of time travel can prevent that.19:31
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has left #bitcoin-wizards []19:32
kanzurealso make sure you read the part that goes like "15:36 < gmaxwell> zack-truthcoin: In the situation I setup Alice allows her coins to...."19:32
gmaxwellperhaps the POS document needs some additional elaboration on this particular 'improvement'. I think it was andytoshi's hope that the document gave a general enough argument that people would stop getting snowed by "improvements" that didn't fix the fundimentals, but this one still seems to be popular.19:34
kanzurewhat i hate most is remembering any of it19:34
kanzureit's like a mental index of irc trolls or something. totally wasted space.19:35
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:696c:56b6:f707:fbdf] has quit [Ping timeout: 258 seconds]19:35
gmaxwellkanzure: have you ever read neal stephenson's anathem?  ... in the book the society of scholars has a punishment system which involves having to memorize from a book of subtly wrong proofs. ...  sometimes dealing with the altcoin stuff feels like that.19:35
rabbit215:36 <gmaxwell> doesn't apply to coke_0's idea because there is no expiration19:36
rabbit2the <zack_truthcoin> idea differs because the stake can expire19:36
rabbit2inflation is also a problem with coke_0's idea (depending on what he means by this) because it is also a form of expiration19:37
rabbit2you would not want to inflate at all, so that all historical work is equivalent regardless of when it was performed19:37
gmaxwellrabbit2: the perpetual bonds things have been proposed several times before, they suffer many problems. For one, they still really do expire, e.g. when you've used them long enough to get their initial value back, then they're economically expired. (if they _never_ do, then you have an incentives problem).  It also seems deeply impossible to prevent transferability in the face of rules-adversarial users.19:37
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards19:37
-!- go1111111 [~go1111111@50.23.113.236-static.reverse.softlayer.com] has joined #bitcoin-wizards19:38
rabbit2you can't prevent transferability through rules, but users have an economic incentive not to perform transfers19:38
rabbit2they're economically expired only after the work contained in them is so small that it is negligible19:39
gmaxwellFor example, here is how you make a non-transferable key transferable:  Instead of generating the key myself, I ask a smart card to do it. Then I transfer the smartcard to you. While maybe I tampered with the smartcard's security, it's likely good enough and it retains most of its value.19:39
gmaxwellrabbit2: there is no "work contained", because the history can be rewritten to the point where they have full work. This is the essance of a nothing at stake attack. Please don't jump ahead without understanding the argument.19:40
rabbit2I'm assuming the smartcard doesn't exist.19:40
gmaxwellthey already do exist.19:41
kanzuremaybe the term "nothing-at-stake" doesn't sound cool enough to be considered or something19:41
rabbit2I don't understand what you mean by this "rabbit2: there is no "work contained", because the history can be rewritten to the point where they have full work. This is the essance of a nothing at stake attack. Please don't jump ahead without understanding the argument. "19:42
gmaxwelland if you would prefer a transferability solution without tamper resistand hardware. ... it can work purely in softward, e.g. for any elgammel-group signature system,  I ask three non-cooperating parties to generate pubkeys A,B,C and I compute a composite pubkey Q = A+B+C+D (d is my pubkey).   Q is the key I register in the system, and A+B+C help me sign. later I can ask a,b,c to transfer their signing helping to another party.  Now ...19:43
gmaxwell... I can't cheat them on the trasfer without the collusion of A+B+C.19:43
rabbit2Yes, but I could collude with them...19:43
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards19:43
gmaxwellrabbit2: Yes, it's clear that you don't. Have you read pos.pdf?19:43
rabbit2The value of the expected value of the key after transfer will always be < the expected value of the key before transfer19:44
rabbit2so there are never economic incentives for transfer19:44
rabbit2if you do transfer a key, you would want to do so in a legal environment where you can go after people in meatspace19:44
gmaxwellrabbit2: sure, and? in bitcoin people are perfectly happy to trust their mining to mining pools who can secretly rob them. In practice for some threshold the key generators will be quite secure, and they make your bond much more valuable because they make it mostly tradable.19:45
gmaxwellrabbit2: how are they going to go after anyone? ... so you're now assuming that all participants in the system have some kind of identity? attested to by whom?19:45
rabbit2all participants don't have to have some kind of identity19:45
rabbit2however if you are going to go around transferring keys, then you would only want to do so among19:46
-!- c0rw1n is now known as c0rw|sleep19:46
rabbit2the set of participants that has strong identity in meatspace19:46
-!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards19:46
gmaxwellrabbit2: the transfer is preferable in some cases because of a time preference for money, money years from now is worth less than money today to many people much of the time.19:46
rabbit2you would obtain a higher price in this setting because you could go after people for cheating19:46
gmaxwell(ever heard of a loan? people pay some pretty remarkable interest...)19:46
rabbit2I have to go, but thanks for the discussion.19:47
gmaxwellBut this tangent is irrelevant until you've even understood the _MOST BASIC_ problems with pos.19:47
jaekwonyou can solve the nothing at stake problem… put it at stake for short range forks.  http://tendermint.com/posts/security-of-cryptocurrency-protocols/19:47
jaekwonyou don't need to solve the long range fork problem.  done.19:48
rabbit2right19:48
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 255 seconds]19:48
gmaxwellrabbit2: please don't come back until you've read pos.pdf and believe you can explain in your own terms what nothing at stake means in that context. :)19:48
rabbit2this is just applying the same logic to long-range forks by making a special form of stake that is nontransferable19:48
-!- kristofferR [~kristoffe@208.37-191-147.fiber.lynet.no] has quit [Quit: Textual IRC Client: www.textualapp.com]19:48
rabbit2anyways, really have to go19:48
rabbit2I've read it already19:48
rabbit2I understand what it means19:48
rabbit2goodbye19:49
-!- rabbit2 [8984d58f@gateway/web/cgi-irc/kiwiirc.com/ip.137.132.213.143] has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]19:49
gmaxwellApparently not, because you believe that the expiration of a bond works.19:49
kanzurehmm.19:49
kanzurewhere do these people come from?19:49
gmaxwellkanzure: there are some pretty strong monetary incentives to believe in varrious schemes right now.19:50
-!- c0rw|sle_ [~c0rw1n@102.79-67-87.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards19:50
kanzuredoes that factor losing everything by choosing a bad implementation/idea?19:51
gmaxwellno, because you can externalize those costs.19:51
fennaccording to gmaxwell's time preference for money, it doesn't matter (now) if it all comes crashing down (later)19:51
gmaxwell(plus, also keep in mind, that thats a 'tail' risk, ... if not an unlikely one, at least something outside of the now)19:51
gmaxwellfenn: yep.19:52
-!- c0rw|sleep [~c0rw1n@56.76-67-87.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 240 seconds]19:52
fennmumble mumble hyperbolic discounting cognitive bias19:52
kanzure"proof-of-work 2, now even proofier" (use different greek symbols)19:53
jaekwonwith all due respect… I think the entire proof-of-work camp is on the same boat.19:53
kanzureit's not a camp19:53
kanzureor a boat for that matter19:53
-!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 255 seconds]19:54
fennwhat you guys don't have an ephemerisle camp19:54
gmaxwellI mean, the world is full of people that do things which are effectively long-shots, with high risk of failure, even if they don't realize it or even know how to estimate the risks. (90% of startups fail pre series-b and yet droves of (mostly young) people continue to work at them for long hours at below market pay)19:54
kanzureright, it's certainly true that people make bad decisions19:54
kanzurei think the plan should be to try not to encounter them as much as possible19:55
andytoshi"X => we can assume the guy who did the work originally also controls the public key right now" if this is true then X is false by contrapositive19:55
kanzure(and i don't mean tests or barriers to entry. i don't agree with those.)19:57
-!- woah [~woah@199-241-202-232.PUBLIC.monkeybrains.net] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]19:57
-!- go1111111 [~go1111111@50.23.113.236-static.reverse.softlayer.com] has quit [Ping timeout: 245 seconds]19:57
-!- nubbins` [~leel@unaffiliated/nubbins] has joined #bitcoin-wizards19:57
andytoshijaekwon: have you updaded the tendermint stuff to reflect that the security model is totally different from bitcoin's (and significantly weaker)19:59
gmaxwellkanzure: some people from around here have gone off to create a private channel. I disagree with doing that, so I don't join it.19:59
jaekwonandytoshi: it's not weaker, andytoshi.19:59
andytoshisaying "you can solve the nothing at stake problem" is pretty misleading even if you follow it with "you don't need to solve the long range fork problem"19:59
andytoshisigh19:59
jaekwonandytoshi: it's stronger. read this post. http://tendermint.com/posts/security-of-cryptocurrency-protocols/19:59
Luke-Jrgmaxwell: it's basically silent anyway20:00
jaekwonand sigh all you want, i'm sorry there's a ton of cracks out here.20:00
jaekwon*cranks.20:00
jaekwoni'm sighing too. :/20:00
jaekwonand yes, the whitepaper has been updated. worth a new read.20:00
gmaxwellkanzure: I've thought things could perhaps be a bit more productive if there were a test of a really low bar to get voice; so time saved on pure noise stuff could be spent on the less interesting things that still pass the bar... but I fear any cost is too high. People with valuable things to say don't need to prove anything to anyone...20:01
jaekwonit's much clearer, is the feedback i've got.20:01
gmaxwellLuke-Jr: it's quieter in here in the past because some of us have stopped participating in here partially from frustration. (myself included at times)20:01
jaekwongmaxwell: here's a test…. have you implemented your protocol from scratch?20:01
jaekwonto completion?  because you learn what's wrong with your algo as you implement it, usually.20:01
jaekwonand if you haven't, then you can be sure that you've missed errors.20:01
kanzuregmaxwell: yeah i strongly discourage the use of tests for that. i can see why you have thought of it, and i don't have an alternative yet, but i'm still cooking up some ideas...20:02
Taekyou never know, the things you've been saying to rabbit2 might get through, 3 years from now he could be a valuable contributor20:02
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards20:02
Luke-Jrgmaxwell: well, if it's going to reduce the signal in the channel, I'd rather we just get stricter about the noise20:03
andytoshiTaek: the problem is that none of us have the time to be professors20:03
kanzureLuke-Jr: yeah maybe it would help to just ban quickly and indiscriminately20:03
kanzureor at least +q20:03
gmaxwellkanzure: e.g. a test can be created with a bar so low that basically only cohearence and simple background is required. But yes, things like that would have a non-trivial probablity of excluding e.g. me, just do to time constraints... so :(20:03
andytoshiit's a bit unfair, because years ago we were able to ask really basic questions (because nobody knew the answers back then), and now we're getting annoyed at new people for doing the same thing20:03
kanzurewell, there's irc logs to read20:03
kanzurethose sorts of documents did not exist back then20:04
Taeklogs are difficult to parse, especially if you're not familiar with tools like grep20:04
nubbins`if there's one thing noobs hate doing, it's reading logs20:04
kanzureand some of this is just obvious if you think about it long enough20:04
kanzureand it is wrong to demand that people teach you the correct modes of thought over irc20:04
andytoshisure, but it's hard to read logs because you can't step in to ask stuff, you're missing context, you don't know people, the timing and cadence are off, etc20:04
Taekbut things like asic.pdf and pos.pdf are a huge benefit to everyone20:04
kanzurethought-transfer just doesn't work very well that way20:04
Luke-Jrgmaxwell: well, if we +q people who say stupid things, then people with time constraints aren't affected20:04
gmaxwellkanzure: some people in here have been opposed to that in the past. (in particular, amiller took issue with me punting some stuff I considered kooky).  He expressed the view that he thought this channel should be a safe space to express ideas. And I can agree with that, it's really only the repetition that drives me nuts.20:04
kanzureyou are not going to learn how to emulate the bitcoin network in your head by reading two or three lines of irc messages20:04
Luke-Jrandytoshi: I don't get annoyed with basic questions in #bitcoin20:05
gmaxwellbut it's often not the indivigual person's direct fault, e.g. that their the 101th person with the same proposal.20:05
kanzureit is their fault for not checking20:05
kanzureor asking20:05
andytoshiLuke-Jr: this is true. maybe there should be a -wizards-help channel or something for people who are trying to understand nothing-at-stake20:05
kanzureif they posed it as a question, i would be less hateful20:05
gmaxwellwell increasingly so, now that andytoshi has written up some stuff.20:05
Luke-Jrmaybe we can have a bot that makes bookmarks20:06
gmaxwellbut there is a lot of writing that hasn't been done yet.20:06
andytoshikanzure is the archival bot :)20:06
Luke-Jreg !tag nothing-at-stake 30m ago20:06
kanzurebeep boop20:06
andytoshiLuke-Jr: that's a neat idea20:06
kanzurei am quickly climbing back to my previous ~50,000 bookmarks20:06
Luke-Jrthen have a list of "bookmarks" we can link to20:06
gmaxwelluh.. so there also seems to be some amount of information that exists only in some kind of special secret shared form.20:06
kanzurehttps://github.com/davidlazar/jotmuch20:06
kanzureoh there's a secret forum?20:06
kanzuresomeone should dump that20:06
gmaxwellIn that I've noticed that long timers around here have certian understandings which are very clearly held and identically structured, and yet they've _never_ been explicitly discussed.20:07
fennhe means implicit knowledge20:07
kanzurewell good ideas tend to gain momentum or something20:07
kanzureyou can't build castles on top of crap20:07
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:44fa:3cfd:f8a7:3926] has joined #bitcoin-wizards20:07
kanzurewell, you can try...20:07
kanzureLuke-Jr: i think that's a good idea20:08
gmaxwellYes, implicit knoweldge. It's just a product of to understand X you must also understand Y thats it's based on... and in talking about X we'll manage to teach everyone Y without ever mentioning it.20:08
Luke-Jrkanzure: up your alley to implement? :>20:08
gmaxwellWhich actually makes citing things from common understanding hard.20:08
kanzureLuke-Jr: i'd rather just pay someone to implement it, i have better things to be pretending to do20:08
Taekrepetition really helps. The 12th time you explain nothing-at-stake to someone, you can still manage to get an increased understanding of how it's broken20:08
kanzuregmaxwell: it seems that the most useful types of people are those that have lots of experience doing implicit-intuitive-mental-calculus already20:09
kanzureor at least the ones that are least damaging to signal/noise20:10
kanzureactually i don't know if it's experience20:10
gmaxwell(I have this expirence when I meet with bitcoiners sometimes where I explain my perspective on things and get a bunch of "yes, yes, exactly that!", and I think some of this is where there is latent understanding, a kind of zen-of-bitcoin-technology and all I'm doing is plucking on it.  ... but a lot of this stuff is not well documented.)20:10
gmaxwellsince we can have these nice conversations where all that is implicit and so we never disclose it where newcomers can easily absorb it. :(20:11
kanzurezen-of-byzantine-agreement-and-problems-of-distributed-systems20:11
fennso nobody answered my question earlier: does it make sense to set up a "bitcoin university" with teachers, peer review, research programs20:12
andytoshifenn: who would teach?20:12
kanzureno, because there would be no teachers20:12
gmaxwellyou all type too fast.20:12
kanzurehttp://www.seanwrona.com/typeracer/profile.php?username=kanzure20:13
andytoshikanzure is wrecking the average20:13
andytoshithe rest of us are 15 wpm20:13
gmaxwellfenn: well worse, I don't think we yet know how to teach this subject. (not that we really know how to teach anything all that well...)20:13
amillerwow kanzure you are faster than me http://www.seanwrona.com/typeracer/profile.php?username=socrates20:13
kanzurei cracked a keyboard the other day, true story20:13
Taekthe old 4chan mantra of "lurk m0ar" comes to mind. just idling in the channel is hugely beneficial.20:14
Luke-Jrfenn: where are you going to get the teachers?20:14
kanzureah, so we should implement 4chan-style harassment20:14
Luke-Jrfenn: the problem is bootstrapping newbies IMO20:14
fenntbh i have no idea what most of you do all day20:14
Luke-Jrok, I'm being redundant *catches up*20:14
kanzuremostly i complain over irc20:14
kanzure(and write code)20:15
fennso "nobody has time to teach" doesn't really make sense, because obviously you're wasting time dealing with random people like rabbit220:15
kanzurei also send out lots of email, that too...20:15
kanzurewell, isn't that teaching, fenn??20:15
gmaxwellTaek: I believe before I'd made any comment in bitcoin tech stuff I'd lurked several months, and also read the complete source code, mined a block (well ... not so easy anymore), and started making software changes locally.20:15
kanzureoops only one "?" was intended20:15
Luke-Jrfenn: I spend basically the whole day coding, to the near-neglect of my family :/20:15
kanzuregmaxwell: having people read the bitcoin source code might be interesting....20:15
andytoshifenn: i read things far about 14 hours each day most days. i can have a convo like this because it requires no brain cycles20:16
kanzurethat's how all of the original knowledge was derived anyway20:16
kanzureso it seems only natural to ask others to do the same20:16
Luke-Jrthe *complete* source code might be a bit much, but generally yes20:16
gmaxwellit's somewhat larger than it was originally. ... Though hopefully we'll improve readability more in upcoming refactorings.20:16
gmaxwellwell you can skip qt/ for example.20:16
Luke-Jr"find a consensus error in an alt implementation before you speak"20:17
Luke-Jr:P20:17
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Ping timeout: 250 seconds]20:17
gmaxwellLuke-Jr: I'd love to say that, except eventually you run out.20:17
kanzuretoday i found myself tracing SyncTransaction because i hadn't read it before :(20:17
Luke-Jrgmaxwell: nah, the smart people will just do an alt impl themselves to find an error in20:17
Luke-Jr:P20:17
Taekgmaxwell: that's probably an order of magnatude more than the average person. Idk how you'd build that culture though without shutting people out. +q doesn't seem like an awful idea though20:17
kanzure+q is pretty rude, heh20:17
gmaxwellAfter matt did bitcoinj full node and found a dozen known-to-no-human behaviors I really wanted to say "any altimp that hasn't found at least one of those is worthless" ... but sadly eventually there are none left and the bar is unfair and you never know if thats where you are.20:18
Luke-Jrkanzure: well, we don't want to stop them from learning20:18
gmaxwellI normally _hate_ +q. Generally I'd rather ban people.20:18
kanzureyes, asking for original bugs is bad20:18
gmaxwellkanzure: not just bugs but "oh... this is probably surprising to everyone"20:19
gmaxwell"hey guys, did you know X did Y?!"  turns out that there are a lot of surprising things in bitcoin, only some of which you could call bugs.20:19
kanzurealso, i would emphasize to pow-haters that right now it is vastly more beneficial to read source code than any number of white papers20:19
Taekgmaxwell: can you explain that more? I think I'd rather be +q'd than banned, though I'd probably feel pretty miserable about either20:20
Luke-Jrlike OP_SIZE ;)20:20
Luke-JrTaek: agreed fwiw20:20
kanzure+q is often not represented in irc clients and you don't really know that you're on global ignore or w/e20:20
gmaxwellIn bitcoin-dev I +q almost univerally because I think there are transparency considerations.  But generally if someone is behaving you want to keep them equal and respected as members of your community, and if they're not able to behave... you don't want them simmering and hating you, you want them to _leave_ and move on with their lives.. and +q is not good for achieving that.20:20
Taekthat's very fatherly lol20:21
gmaxwellsome people don't simmer and so +q would probably be fine, but a third party can't tell in advance. :)20:22
kanzurei actually thought that rabbit2 was just one of the other users coming back with a different nick20:22
gmaxwellkanzure: so ... yea, there have been people on IRC engaging in very elaborate trolling.  I don't know that this knoweldge is actually useful.20:23
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards20:23
kanzurethanks that's just going to make me more paranoid20:23
kanzurethere was this one person who genuinely thought that i had enough knowledge of cryonics to revive his mother from the dead (well, from cryonic storage)20:23
kanzure(on irc)20:23
gmaxwellE.g. for a long time there was a many nicked regular in #bitcoin who would start the most complex technical arguments, and it was very clear that he was pasting lines from IRC into goggle and that rapidly converting whatever came out into an argument.20:24
fennis it time for realtime deanonymization algorithms?20:24
kanzureright, drop a link to a site with a js tracking library i guess20:25
fennjust ngram frequency analysis20:25
gmaxwellI only know this for sure because he was really good at driving me nuts, because the arguments would start off pretty sane and then it would become clear that he didn't know what the #@#$ he was talking about... eventually I got the hypothesis he was basically performing some kind of search madlibs and I gave him some techno jibberish only to get a response clearly constructed from the google result for it.20:25
fennwas it xmj20:27
gmaxwellrealizing that this guy (in his multitude of identities) was one person was a material improvement to my mental well being (e.g. after that I went back through the logs and picked up the common subnet and common quit messages, and felt much saner).  I don't think knowing that he was doing some kind of crazy google madlibs actually improved anything for me.20:27
fennoops i mean mosasaur20:27
gmaxwellFor as willing as I am to argue with folks online, ... I don't actually enjoy doing it much.20:28
kanzurehmm. there has to be a better way to do this.20:28
kanzureso i suppose it could just be "try to figure out teaching" but i don't think that's a good use of time here....20:29
gmaxwellkanzure: well step 1 is andytoshi's whitepapers... we could be doing more of that.20:30
fennsometimes "read the source" is misinterpreted as "go away" instead of its literal denotation20:30
kanzurealmost everyone in here is more valuable providing scarce programming than the immediate benefits of poor attempts at educating others20:30
gmaxwellkanzure: well not exclusive. most people cannot be coding all the time. the level of engagement required here is usually pretty low.20:31
kanzurepersonally my rule is "always be coding", but i sometimes stop coding by accident20:31
kanzure(planning and thinking counts as coding)20:32
gmaxwellhm. this is probably a good policy.20:32
fenn"tacit knowledge refers to a knowledge possessed only by an individual and difficult to communicate to others via words and symbols. Therefore, an individual can acquire tacit knowledge without language. Apprentices, for example, work with their mentors and learn craftsmanship not through language but by observation, imitation, and practice."20:32
-!- GnarSith [~far@onegrandcircle.com] has left #bitcoin-wizards []20:32
fennseems inefficient but i don't have any better ideas20:33
kanzurewell there's certainly a craftsmanship aspect to coding20:33
gmaxwellfenn: I've expressed the notion before that communicating a complex idea is like building a ship in a bottle. You want to build this complex edifice in the mind of another person, but you've got to stuff everything through a little cylinder with tongs.20:34
Taekfenn: I don't think it's inefficient at all. Having your code reviewed by someone much better than you teaches you things that would take ages to figure out on your own, even with books and such20:34
kanzurethat's inefficient for the code reviewer20:35
gmaxwellso good education is an engineering challenge of breaking the complex idea down into parts that fit through the channel and yet snap themselves togeather once they get to the other side.20:35
fennTaek: sure, for the student it's great, but the teacher has to do that N times20:35
gmaxwellkanzure: review generally scales better than coding however.20:35
kanzureseems to be breaking on irc :)20:35
Taeklog(n)  if the students help each other out20:36
kanzurehmm20:36
Taek(log(n) might be too optimistic, but a lot less than n)20:36
Luke-Jrit's somewhat efficient to code, read a page of IRC, respond, code20:36
Luke-Jrdrives some people nuts though20:36
gmaxwellkanzure: there is a school of thought in some large development orgs. that your most expirenced coders should be spending most of their time reviewing the code of less expirenced folks. That basically most coding is time-fill boring stuff, and expirenced reviewers can rapidly cut through that, multiplying their effectiveness. I've seen enough of it that I think the idea has merit.20:37
kanzureworks for me. although i'm the multi-tasking 500-tabs-open watching-movies hacking-on-twenty-git-repos type of programmer.20:37
fennthere's another school of thought that says if most of your coding is boilerplate boring stuff you should be using a more powerful language20:38
kanzuregmaxwell: on a related note, i have been thinking about how to allocate attention/resources on large projects and stumbled into this: "So there's this well-known thing in quality engineering where getting bugs out earlier is easier, and this other well-known thing in programming where doing projects beginning-to-end gives you foresight about kinds of problems that might happen and makes the earlier designs bug-free and more efficient and ...20:39
kanzure... such. The right way to think about how projects get completed is as a dependency graph. A useful heuristic here is "How would I prove this is impossible as quickly as possible?". You want to prove the total task will work even if the subtasks fail, and otherwise abandon it. Then you want to prove each subtask is impossible, and replace it appropriately and re-plan integration as quickly as possible (etc etc). It's not as big a deal to ...20:39
kanzure... structure things perfectly if you have infinite resources and can parallelize everything, which is how the space shuttle and particle colliders are built. The big danger is doing the non-failfast steps first with one person. If one component has a major problem, that means one node is unexpectedly big. In practice, people replace that component with another component rather than delay, or engineer around it, or just accept the delay. ...20:39
kanzure... But the overall delay is not due to delay along a specific path--it's due to multiple delays, some on every critical path."20:39
kanzure(actally i think that applies to all kinds of thought, not just engineering projects)20:39
* kanzure polishes his keyboard20:39
gmaxwellwell that bumps into general "planning fallacy" there.20:40
kanzurebut there's evidence of things like entire particle colliders with millions of engineering components that don't get fully considered at the beginning and yet somehow still work at the end20:40
kanzure(without reviewing every excruciating detail upfront)20:41
-!- todaystomorrow [~me@d114-78-115-218.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards20:42
gmaxwellwell, if you look at biology there is never an overall architecture. Instead you have lots of parts which are responsive to their enviroment, and solve local problems.  While on the overall level evolution achieves some global design, but at the nuts and bolts level almost all effects are local. So it's not surprising that the LHC works.20:42
gmaxwellIt's another question if things built that way can be efficient, most of biology certantly isn't.20:42
kanzurethere was some weak connection from that i was supposed to make regarding code review and imparting implicit knowledge20:43
kanzureoh right, something about convining people to work from that general sort of plan of bounding their errors20:44
kanzureor, at code review time, that appears as particularly defensive coding etc20:44
kanzure.wik defensive programming20:45
yoleaux"Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software under unforeseen circumstances. The idea can be viewed as reducing or eliminating the prospect of Finagle's law having effect. Defensive programming techniques are used especially when a piece of software could be misused." — http://en.wikipedia.org/wiki/Defensive_programming20:45
gmaxwellI attended a nice lecture by sussman once on building computer systems that were weakly coupled and worked more like biology that was interesting, maybe in 2007 or so?  perhaps there is a copy of it online.20:45
gmaxwellthough I'm continually humbled at how hard a problm building robust systems actually is.20:46
kanzuremy favorite quote about biology is from jrayhawk, "... there is no source, the bytecode has multiple reentrent abstractions, is unstable and has a very low signal to noise ratio, the runtime is unbootstrappable, the execution is nondeterministic, it tries to randomly integrate and execute code from other computers... multiple reentrant and self-modifying abstractions. absolutely everything has subtle side effects."20:46
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 272 seconds]20:46
kanzure(i spent time working in a molecular biology lab and then a plant physiology lab. also diybio stuff.)20:46
fenn.title http://groups.csail.mit.edu/mac/users/gjs/6.945/readings/robust-systems.pdf20:47
yoleauxfenn: Sorry, that doesn't appear to be an HTML page.20:47
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards20:47
gmaxwellfenn: hot damn, thanks.20:47
fenni ran across that before, i forget how20:48
fenni also think http://langsec.org is relevant20:49
gmaxwellfenn: I'm surprised I knew the year. Well I knew "pre-bitcoin".20:49
gmaxwellin any case, the more time I spend on Bitcoin the further away I think we are from conquering these problems. Even basic directions are not obvious.20:49
Taekconquering which problems?20:51
gmaxwellbuilding strongly robust systems.20:51
gmaxwellFor example, I was talking to sipa earlier about GMP in libsecp256k1. Someday we'd like to use the very fast libsecp256k1 in consensus critical code. At the moment libsecp256k1 depends on gmp though the only non-trivial thing it uses from libgmp is the modular inversion.  The libgmp modular inversion is mystical number theory voodoo magic stuff, that does an inverse in sub-quadratic time, which seems impossible. It's much faster than ...20:53
gmaxwell... a normal fast implementation, I think maybe 10x faster than the one in openssl. Hundreds of times faster than a totally stupid implementation.  For non-batch ecdsa verification that inverse is basically the largest thing in the profile.20:53
gmaxwellNow, this mystery voodo inverse is a hurestic algorithim that automatically switches between several approaches. It is plausable that gmp contains bugs and there exist some numbers for which it computes incorrect inverses.  In a simpler implementation it's more likely to be mostly wrong or all correct.20:54
gmaxwellThis is concerning for consensus critical usage, since if many nodes will miscompute the inverse of even a single number that you can find, you can construct a signature the uses that number, and fork the network.  Moreover, GMP has several times replaced and retuned the algorithim (and probably will in the future), it also tunes it differently on different architectures.20:55
fennisn't it trivial to verify an inverse?20:55
gmaxwellfenn: not when you care about speed.20:55
gmaxwellI mean the whole goal is fast verification, going and multiplying out to check the inverse ... well switching to a simpler implementation is also an option.20:56
kanzureyes, well, good luck comparing 1000 different implementation choices in an n-dimensional problem space. maybe make nsh do it, he's good at weird things like that.20:57
gmaxwellOne though I had was ... well, at initilization one could compute blinding constants, and it's very cheap to randomize the inverses. Actually the whole verification path can be pretty cheaply randomized. And so if there were a numerical problem, instead of a large cluster failing the same... some random fraction of hosts would fork off.   .... Would this be an improvement?  It's not clear at all.20:58
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards20:58
kanzure(where has he been, anyway? did they finally arrest him?)20:58
fennidle 8 hours20:59
kanzure( http://mashable.com/2014/02/27/federal-reserve-hack/ )20:59
gmaxwellkanzure: nothing recent in google news for lauri love.20:59
kanzuregood. i can rest tonight.20:59
gmaxwellSo in this case here I have some idea thats reasonably cheap, and maybe gives the system more biological-like robustness. ... and it's not at all clear if its a horrible idea or a great one.21:00
gmaxwellI think what sipa prefers is to not randomize it, and internalize the inverse (I prefer to do that too), and then get everyone on exactly the same code.21:01
Taeksay you randomize it, and then have each node do 2-3 computations. If there are any disagreements the node realizes it needs to run a lot more code and figure out what's going on21:02
gmaxwellpratically that latter goal seems unreachable because it has a prerequsite that people understand the difficulties of consensus critical code in the same way that he or I do.21:02
-!- roidster [~chatzilla@71-95-216-43.static.mtpk.ca.charter.com] has joined #bitcoin-wizards21:02
-!- roidster is now known as Guest3853921:02
gmaxwellTaek: but then again do 2-3 computations is at odds with performance.21:02
Taekhow much faster is libsecp256k1?21:02
gmaxwellmore than 6x faster than openssl.21:03
Taekso even @ 3 computations, you've still got a huge speedup21:03
gmaxwellthere is a straight up trade-off between decenteralization and scale. So every bit of performance we get improves one or both of those.21:04
-!- Guest62329 [~chatzilla@71-95-216-43.static.mtpk.ca.charter.com] has quit [Ping timeout: 240 seconds]21:04
gmaxwellIf we weren't in a situation where the full node code is falling, I might buy that we have obvious breathing room and could give up a factor of N for a speculative robustness increase.21:04
Taekthinking about biological systems... it's interesting to imagine a global consensus system that can tolerate some threshold of imprecision21:06
gmaxwelllibsecp256k1 is currently still somewhat better than half the speed of the ed25519 verifier, though it's all hand written simd assembly and secp256k1 is straight C  (well, there is non-simd asm for the filed ops on x86_64 but its only about 3% faster than the current straight C code), plus ed25519 is schnorr, which is cheaper to verify (doesn't need that annoying inverse)... In theory I expect an equally optimized secp256k1 to be faster.21:07
gmaxwellTaek: well consensus does tolerate some imprecision. ... uh. e.g. your own host can be faulty and everything (except you) keeps ticking.21:07
gmaxwellThere are a couple of places where blinding approaches can be applied which _may_ turn some synchronized failures into randomized ones. But it's unclear how much that can actually work.  I've suggested several ideas now in this space, but I think none of them would have solved an actual problem that we've encountered in the past.21:08
gmaxwellunfortunately it seems really hard to do if you're unwilling to take an interger factor slowdown.21:09
TaekI wonder if we could do better though (not that I have suggestions). Imagine that *every* host is faulty by some epsilon (but randomly so) and yet the whole network manages to tick forward with stability21:09
kanzure"assume that every host is malicious"21:10
gmaxwellTaek: I have an intutive impression that there is likely a tradeoff between accepting honest-faulty and tolerating malicious hosts.21:11
kanzureif malicious hosts are acceptable then are they really malicious?21:11
gmaxwellLike the more tolerance you have the exponentially less secure to malice you become, but I'm waving my hands here.21:11
kanzureetc21:11
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]21:11
gmaxwellwithout a formal statement of what we're computing in the first place, the whole concept of faulty is a bit circular.21:12
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards21:12
-!- Guest38539 [~chatzilla@71-95-216-43.static.mtpk.ca.charter.com] has quit [Quit: ChatZilla 0.9.90.1 [SeaMonkey 2.22.1/20131113180422]]21:13
-!- weex_ [~weex@99-6-135-18.lightspeed.snmtca.sbcglobal.net] has quit [Ping timeout: 255 seconds]21:16
-!- jb55_ [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards21:16
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Read error: Connection reset by peer]21:16
-!- Stalker_I [~nam@118.68.26.144] has joined #bitcoin-wizards21:22
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:44fa:3cfd:f8a7:3926] has quit [Ping timeout: 258 seconds]21:33
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has joined #bitcoin-wizards21:38
-!- go1111111 [~go1111111@173.192.170.80-static.reverse.softlayer.com] has joined #bitcoin-wizards21:48
-!- woah [~woah@199-241-202-232.PUBLIC.monkeybrains.net] has joined #bitcoin-wizards22:05
go1111111on the topic of what to do about repetitive questions from uneducated people in this channel: it would be really unfortunate if this made you the legitimate wizards retreat to some private channel, or type less in here22:13
go1111111as someone trying to learn, i find these logs super valuable22:13
go1111111my suggestion for preserving the sanity of wizards, and the "wizards talking to each other" vibe: write up some doc on #bitcoin-wizards etiquette. remind people of the doc if they are wasting your time, and be liberal with bans that expire in a day or two. back to lurking..22:20
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]22:21
jaekwonI'll be more than happy to moderate a subforum on proof-of-stake and related algorithms and tear the proposal apart.  It's what I do now anyways.22:22
jaekwon*by subforum i mean irc channel.  could be #tendermint or something else22:23
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:696c:56b6:f707:fbdf] has joined #bitcoin-wizards22:25
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has quit [Ping timeout: 250 seconds]22:32
jaekwonYou can point them my way and I'll be sure they don't come back here until they've been re-educated.  Just point them to #tendermint. :)22:32
-!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has joined #bitcoin-wizards22:34
-!- go1111111 [~go1111111@173.192.170.80-static.reverse.softlayer.com] has quit [Ping timeout: 240 seconds]22:39
-!- mortale [~mortale@gateway/tor-sasl/mortale] has quit [Ping timeout: 250 seconds]22:42
Taekgmaxwell, you could probably do a lot better than run every signature 3 ways. If we know that ~99/100 are going to verify correctly, and we SPV-style assume that the longest chain is also accurate, you only verify something multiple times if it unexpectedly fails.22:44
Taekthe only risk then is verifying something that you shouldn't verify22:44
Taekbut if you apply some randomness to each of the verifications, an attacker has little to no ability to intentionally mess you up22:45
Taekplus everyone else is going to reject the fork and pick something else22:45
Taek:< but say an attacker releases a block with 10,000 verifications, knowing that nodes mess up 1% of the time. The majority of nodes will accept some bad transactions and consensus will break =/22:47
Taekoh wait no that's not a problem, because they'll reject the other 9000 bad transactions, and the block as a whole will be rejected22:48
-!- go1111111 [~go1111111@162.244.138.37] has joined #bitcoin-wizards22:52
-!- fanquake [~anonymous@unaffiliated/fanquake] has quit [Read error: Connection reset by peer]22:57
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]23:01
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards23:01
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]23:01
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards23:01
-!- mortale [~mortale@gateway/tor-sasl/mortale] has joined #bitcoin-wizards23:01
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards23:01
-!- lclc_bnc is now known as lclc23:05
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has quit [Remote host closed the connection]23:11
-!- jb55_ [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]23:12
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has joined #bitcoin-wizards23:13
-!- moribund112 [~textual@cpe-50-113-9-40.hawaii.res.rr.com] has joined #bitcoin-wizards23:13
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards23:21
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 255 seconds]23:22
-!- moribund112 is now known as moribund112[away23:30
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards23:30
-!- moribund112[away is now known as moribund11223:42
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]23:54
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards23:55
-!- vmatekole [~vmatekole@e180206175.adsl.alicedsl.de] has quit [Remote host closed the connection]23:58
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Ping timeout: 244 seconds]23:59
--- Log closed Fri Nov 21 00:00:57 2014

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!