2014-11-25.log

--- Log opened Tue Nov 25 00:00:01 2014
-!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has quit [Ping timeout: 265 seconds]00:01
-!- Graftec [~Graftec@gateway/tor-sasl/graftec] has joined #bitcoin-wizards00:13
-!- shesek [~shesek@77.125.14.5] has quit [Ping timeout: 264 seconds]00:19
-!- SubCreative is now known as Sub|zzz00:20
-!- go1111111 [~go1111111@162.244.138.37] has quit [Quit: Leaving]00:22
-!- go1111111 [~go1111111@50.23.131.238] has joined #bitcoin-wizards00:22
-!- op_null [~op_null@178.62.133.216] has quit [Quit: Lost terminal]00:23
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has quit [Remote host closed the connection]00:24
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards00:25
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]00:25
-!- cbeams_ is now known as cbeams00:28
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]00:28
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards00:28
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards00:35
-!- go1111111 [~go1111111@50.23.131.238] has quit [Ping timeout: 240 seconds]00:37
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]00:44
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards00:44
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]00:44
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards00:44
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has joined #bitcoin-wizards00:44
-!- bramm [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Remote host closed the connection]00:46
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards00:49
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]00:49
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards00:50
-!- todaystomorrow [~me@d114-78-126-229.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards01:00
-!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection]01:05
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Read error: Connection reset by peer]01:05
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards01:05
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]01:05
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards01:05
-!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards01:05
* andy-logbot is logging01:05
-!- woah [~woah@199-241-202-232.PUBLIC.monkeybrains.net] has quit [Quit: Textual IRC Client: www.textualapp.com]01:05
-!- Graftec [~Graftec@gateway/tor-sasl/graftec] has quit [Ping timeout: 250 seconds]01:09
-!- Graftec [~Graftec@gateway/tor-sasl/graftec] has joined #bitcoin-wizards01:09
-!- damethos [~damethos@unaffiliated/damethos] has quit [Ping timeout: 265 seconds]01:09
-!- bifforoni [~zorin@bzq-84-108-84-113.cablep.bezeqint.net] has joined #bitcoin-wizards01:26
-!- paulpaschos [~paul@24-212-224-219.cable.teksavvy.com] has joined #bitcoin-wizards01:31
-!- go1111111 [~go1111111@162.244.138.37] has joined #bitcoin-wizards01:38
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards01:41
-!- vdo [~vdo@unaffiliated/vdo] has joined #bitcoin-wizards01:41
-!- cryptokeeper [c08b7d80@gateway/web/cgi-irc/kiwiirc.com/ip.192.139.125.128] has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]01:42
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards01:47
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards01:47
-!- RoboTeddy [~roboteddy@2604:5500:13:5fc:20e3:a255:2c37:bc0] has quit [Ping timeout: 258 seconds]01:51
-!- OX3 [~OX3@gateway-nat.fmrib.ox.ac.uk] has joined #bitcoin-wizards01:58
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards02:00
-!- paulpaschos [~paul@24-212-224-219.cable.teksavvy.com] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]02:05
-!- lclc is now known as lclc_bnc02:09
-!- moa [~moa@opentransactions/dev/moa] has quit [Quit: Leaving.]02:11
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:d1e0:6eae:20cb:e70c] has quit [Ping timeout: 258 seconds]02:12
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has joined #bitcoin-wizards02:15
-!- CoinMuncher [~jannes@178.132.211.90] has joined #bitcoin-wizards02:23
-!- cashmen [~cashmen@jonny.cloakcoin.info] has left #bitcoin-wizards ["Once you know what it is you want to be true, instinct is a very useful device for enabling you to know that it is"]02:23
-!- todays_tomorrow [~me@d122-111-39-14.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards02:32
-!- lclc_bnc is now known as lclc02:34
-!- todaystomorrow [~me@d114-78-126-229.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 240 seconds]02:35
-!- fanquake [~anonymous@unaffiliated/fanquake] has quit [Quit: Sleeping]02:45
-!- todaystomorrow [~me@d122-111-39-14.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards02:51
-!- sipa [~pw@2a02:348:5e:5a29::1] has quit [Quit: leaving]02:52
-!- todays_tomorrow [~me@d122-111-39-14.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 240 seconds]02:53
-!- sipa [~pw@unaffiliated/sipa1024] has joined #bitcoin-wizards02:56
-!- vdo [~vdo@unaffiliated/vdo] has quit [Quit: Lost terminal]02:58
-!- c0rw|sle_ is now known as c0rw1n03:11
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 264 seconds]03:40
-!- c0rw1n is now known as c0rw|work03:40
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Quit: Leaving.]03:43
-!- damethos [~damethos@unaffiliated/damethos] has quit [Remote host closed the connection]03:44
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards03:45
-!- Qfwfq [~WashIrvin@unaffiliated/washirving] has quit [Ping timeout: 264 seconds]03:45
-!- Qfwfq [~WashIrvin@unaffiliated/washirving] has joined #bitcoin-wizards03:51
-!- c0rw|work is now known as c0rw1n03:51
-!- nubbins` [~leel@stjhnf0157w-047055221135.dhcp-dynamic.FibreOp.nl.bellaliant.net] has joined #bitcoin-wizards03:57
-!- nubbins` [~leel@stjhnf0157w-047055221135.dhcp-dynamic.FibreOp.nl.bellaliant.net] has quit [Changing host]03:57
-!- nubbins` [~leel@unaffiliated/nubbins] has joined #bitcoin-wizards03:57
-!- shesek [~shesek@77.125.14.5] has joined #bitcoin-wizards04:02
-!- OX3 [~OX3@gateway-nat.fmrib.ox.ac.uk] has quit [Ping timeout: 264 seconds]04:05
-!- OX3_ [~OX3@gateway-nat.fmrib.ox.ac.uk] has joined #bitcoin-wizards04:17
-!- nubbins` [~leel@unaffiliated/nubbins] has quit [Quit: Quit]04:17
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards04:26
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has quit [Ping timeout: 250 seconds]04:42
-!- fanquake [~anonymous@unaffiliated/fanquake] has quit [Quit: Sleeping]04:51
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards04:57
-!- rdponticelli [~quassel@gateway/tor-sasl/rdponticelli] has joined #bitcoin-wizards05:13
-!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has joined #bitcoin-wizards05:14
-!- bit2017 [~linker@113.161.87.238] has joined #bitcoin-wizards05:19
-!- coiner [~linker@113.161.87.238] has quit [Ping timeout: 258 seconds]05:23
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards05:24
-!- OX3_ [~OX3@gateway-nat.fmrib.ox.ac.uk] has quit [Remote host closed the connection]05:29
-!- OX3_ [~OX3@gateway-nat.fmrib.ox.ac.uk] has joined #bitcoin-wizards05:29
-!- cbeams_ [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards05:33
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]05:33
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has quit [Remote host closed the connection]05:37
-!- llllllllll [~lllllllll@37-251-2-42.FTTH.ispfabriek.nl] has joined #bitcoin-wizards05:42
-!- hashtag [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has joined #bitcoin-wizards05:42
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:350e:1093:a0ee:57ed] has quit [Ping timeout: 258 seconds]05:54
-!- OX3_ [~OX3@gateway-nat.fmrib.ox.ac.uk] has quit [Ping timeout: 255 seconds]05:54
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:350e:1093:a0ee:57ed] has joined #bitcoin-wizards06:00
-!- luny [~luny@unaffiliated/luny] has quit [Read error: Connection reset by peer]06:04
-!- koshii [~0@50.151.108.101] has joined #bitcoin-wizards06:05
-!- koshii [~0@50.151.108.101] has quit [Client Quit]06:06
-!- luny [~luny@unaffiliated/luny] has joined #bitcoin-wizards06:08
-!- OX3 [~OX3@gateway-nat.fmrib.ox.ac.uk] has joined #bitcoin-wizards06:19
-!- folksngo1ts [~gues@se5x.mullvad.net] has quit [Quit: leaving]06:21
-!- Qfwfq [~WashIrvin@unaffiliated/washirving] has quit [Ping timeout: 264 seconds]06:23
-!- Qfwfq [~WashIrvin@unaffiliated/washirving] has joined #bitcoin-wizards06:29
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards06:33
-!- fanquake [~anonymous@unaffiliated/fanquake] has left #bitcoin-wizards []06:37
-!- koshii [~0@50.151.108.101] has joined #bitcoin-wizards06:38
-!- koshii [~0@50.151.108.101] has quit [Client Quit]06:38
-!- koshii [~0@50.151.108.101] has joined #bitcoin-wizards06:43
-!- koshii [~0@50.151.108.101] has quit [Client Quit]06:47
-!- koshii [~0@50.151.108.101] has joined #bitcoin-wizards06:48
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:8c3a:e13b:e5ac:9702] has joined #bitcoin-wizards06:53
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]06:55
-!- OX3 [~OX3@gateway-nat.fmrib.ox.ac.uk] has quit [Ping timeout: 255 seconds]06:57
-!- OX3_ [~OX3@gateway-nat.fmrib.ox.ac.uk] has joined #bitcoin-wizards06:59
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards07:00
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has joined #bitcoin-wizards07:01
-!- paulpaschos [~paul@206.223.168.190] has quit [Client Quit]07:03
-!- bit2017 [~linker@113.161.87.238] has quit [Ping timeout: 258 seconds]07:06
andytoshiin case anyone is curious there are 15103496 utxos right now. i don't know what the total that ever existed is (it would be easy but my rust toolchain is not working right now so i can't change my code..)07:08
-!- OX3___ [~OX3@gateway-nat.fmrib.ox.ac.uk] has joined #bitcoin-wizards07:09
-!- nullbyte [~WW@unaffiliated/loteriety] has joined #bitcoin-wizards07:09
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards07:11
-!- OX3_ [~OX3@gateway-nat.fmrib.ox.ac.uk] has quit [Ping timeout: 250 seconds]07:11
-!- paulpaschos [~paul@206.223.168.190] has quit [Remote host closed the connection]07:12
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards07:13
sipai have 1509749407:16
kanzurehuh i am not even 0.006%07:16
sipa?07:17
kanzurethought i had proportionally more outputs than that07:17
sipahaha07:17
kanzurenope nevermind i am just bad at math07:18
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]07:21
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards07:22
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has joined #bitcoin-wizards07:27
-!- wallet42 [~wallet42@f052161246.adsl.alicedsl.de] has quit [Quit: Leaving.]07:28
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards07:29
-!- Quanttek [~quassel@ip1f12eb0d.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards07:36
-!- Quanttek [~quassel@ip1f12eb0d.dynamic.kabel-deutschland.de] has quit [Read error: Connection reset by peer]07:37
-!- Cory [~Cory@unaffiliated/cory] has quit [Read error: Connection reset by peer]07:40
-!- Cory [~Cory@unaffiliated/cory] has joined #bitcoin-wizards07:43
-!- coiner [~linker@118.69.162.103] has joined #bitcoin-wizards07:46
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]07:55
-!- Quanttek [~quassel@ip1f12ef56.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards07:55
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]07:58
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards08:01
-!- Quanttek [~quassel@ip1f12ef56.dynamic.kabel-deutschland.de] has quit [Ping timeout: 250 seconds]08:01
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has quit [Quit: Leaving.]08:11
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards08:12
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]08:20
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards08:25
-!- Quanttek [~quassel@ip1f12e8e8.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards08:26
-!- paulpaschos [~paul@206.223.168.190] has quit [Client Quit]08:26
-!- Quanttek [~quassel@ip1f12e8e8.dynamic.kabel-deutschland.de] has quit [Read error: Connection reset by peer]08:27
-!- Qfwfq [~WashIrvin@unaffiliated/washirving] has quit [Ping timeout: 250 seconds]08:28
-!- Quanttek [~quassel@2a02:8108:d00:870:993a:1c88:3499:1380] has joined #bitcoin-wizards08:31
-!- Quanttek [~quassel@2a02:8108:d00:870:993a:1c88:3499:1380] has quit [Read error: Connection reset by peer]08:32
-!- Qfwfq [~WashIrvin@unaffiliated/washirving] has joined #bitcoin-wizards08:33
-!- Quanttek [~quassel@ip1f12ed6c.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards08:34
-!- Quanttek_ [~quassel@ip1f11245c.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards08:35
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:350e:1093:a0ee:57ed] has quit [Ping timeout: 258 seconds]08:39
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]08:39
-!- Quanttek [~quassel@ip1f12ed6c.dynamic.kabel-deutschland.de] has quit [Ping timeout: 250 seconds]08:39
-!- Quanttek_ [~quassel@ip1f11245c.dynamic.kabel-deutschland.de] has quit [Ping timeout: 272 seconds]08:40
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards08:41
-!- bifforoni [~zorin@bzq-84-108-84-113.cablep.bezeqint.net] has quit [Ping timeout: 256 seconds]08:47
-!- paulpaschos [~paul@206.223.168.190] has joined #bitcoin-wizards08:47
-!- profreid [~profreid@a88-115-210-162.elisa-laajakaista.fi] has joined #bitcoin-wizards08:47
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]08:52
-!- ryanxcharles [~ryanxchar@162.245.22.162] has joined #bitcoin-wizards08:53
andytoshisipa: i'd expect you are right08:57
andytoshiiirc my counts do not go down during reorgs08:57
andytoshi(which is a bug, not deliberate)08:58
-!- nullbyte [~WW@unaffiliated/loteriety] has quit [Ping timeout: 256 seconds]09:01
-!- profreid [~profreid@a88-115-210-162.elisa-laajakaista.fi] has quit [Read error: Connection reset by peer]09:02
-!- nullbyte_ [~WW@unaffiliated/loteriety] has joined #bitcoin-wizards09:03
-!- nullbyte_ is now known as Guest2767809:04
-!- nuke1989 [~nuke@ppp-2-87-143-28.home.otenet.gr] has quit [Ping timeout: 244 seconds]09:05
-!- llllllllll [~lllllllll@37-251-2-42.FTTH.ispfabriek.nl] has quit []09:05
-!- Quanttek [~quassel@ip1f11245c.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards09:06
-!- Quanttek [~quassel@ip1f11245c.dynamic.kabel-deutschland.de] has quit [Read error: Connection reset by peer]09:07
sipaandytoshi: and it doesn't exclude pruned outputs09:07
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has quit [Quit: ERC Version 5.3 (IRC client for Emacs)]09:08
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards09:09
-!- bitstein [~bitstein@198.144.158.13] has joined #bitcoin-wizards09:10
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has quit [Read error: Connection reset by peer]09:12
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards09:13
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards09:20
NewLibertyStill, it might be a useful bug.09:31
andytoshiiirc mine doesn't exclude pruned outs either, i could be misremembering09:32
NewLibertySo long as you also have the pruned set.09:32
NewLibertythe diff would be interesting09:33
andytoshiwhy would i keep the pruned set around? the diff is not super interesting, almost all the pruned outs are op_returns09:34
andytoshii spent a ton of time writing an unspendability prover and it turned out to be really not useful :)09:34
-!- OX3___ [~OX3@gateway-nat.fmrib.ox.ac.uk] has quit [Remote host closed the connection]09:35
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards09:36
-!- Quanttek [~quassel@2a02:8108:d00:870:993a:1c88:3499:1380] has joined #bitcoin-wizards09:38
-!- paulpaschos [~paul@206.223.168.190] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]09:41
-!- op_null [~op_null@178.62.133.216] has joined #bitcoin-wizards09:42
-!- Dizzle [~diesel@70.114.207.41] has joined #bitcoin-wizards09:43
op_nullgmaxwell: I quite like parts of the "Deanonymisation of clients in Bitcoin P2P network" paper, particularly abusing addr messages to estimate the number of connections to a node.09:45
-!- bitstein [~bitstein@198.144.158.13] has quit [Quit: Textual IRC Client: www.textualapp.com]09:47
op_nullI think there's quite a good justification for people doing more interesting setups of their nodes just to mess with this sort of analysis. they'd probably struggle with any node that also used bluematt's fast transaction relay for example, as it can usually outrace the P2P network on most transactions.09:50
amillerop_null, if you liked that, you'll like my upcoming paper too09:50
op_nullsimilar sort of stuff, or just equally interesting?09:51
amillersimilar stuff09:51
op_nullI've long been interested in the number of sniffer peers that roam the network.09:51
op_null(to define that, peers which are not normal nodes, pretend to be /Satoshi/, download all inventory but send nothing back)09:52
op_nullbut yes, I'll be more than interested to read it09:53
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has quit [Read error: Connection reset by peer]09:53
-!- lclc is now known as lclc_bnc09:53
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards09:53
amillerthere are a handful of nodes that appear to connect to absolutely everyone, markets.blockchain.info is one09:54
op_nullblockchain.info's nodes are quite funny actually. they're terribly modified 0.7.x branches of the Satoshi client, the connection limit raised, mempool disabled, and all of the timings in the reconnection section removed.09:56
amillerop_null, how do you know that? i didn't look for source for their actual node09:57
op_nullamiller: it's not published, you can just see from their network behaviour what it is. if you don't filter their servers you almost always end up being connected to by them. if you want their IP addresses you just look at https://blockchain.info/connected-nodes until you appear on them.09:59
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has quit [Read error: Connection reset by peer]09:59
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards09:59
amilleryeah10:00
-!- licnep [uid4387@gateway/web/irccloud.com/x-qnnyvzavenwylxbe] has joined #bitcoin-wizards10:01
op_nullfor a while they had all the transaction validity checks disabled in order for Mt Gox's invalid transactions to show up in their block explorer. https://people.xiph.org/~greg/21mbtc.png10:02
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 256 seconds]10:03
-!- JeremieDeNoob [~jeremiede@modemcable026.213-130-66.mc.videotron.ca] has joined #bitcoin-wizards10:04
JeremieDeNoobhow does the address system work? is an ip address encoded in the address data or is the address registered on the network by the user who creates it?10:04
-!- adam3us1 [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards10:04
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has quit [Read error: No route to host]10:04
op_nullJeremieDeNoob: addresses are discovered in 3 ways depending how the node is operating. they attempt to use their own rumoured lsit of peers from previous runs, if that fails they use DNS to connect to a seed to find more valid IP addresses, and if that fails they attempt to connect to hardcoded peers.10:06
op_nullwith the rumouring system peers choose to announce themselves to their peers, or not, depending how the node is configured.10:07
-!- woah [~woah@75.101.111.82] has joined #bitcoin-wizards10:09
-!- CoinMuncher [~jannes@178.132.211.90] has quit [Quit: Leaving.]10:10
JeremieDeNoobhmmm10:11
JeremieDeNooband what happens if you send coins to a non existant address?10:11
op_nullthis is probably more a question for #bitcoin.10:11
andytoshiJeremieDeNoob: #bitcoin please10:12
andytoshithis is a research channel10:12
-!- nuke1989 [~nuke@ppp-2-87-136-239.home.otenet.gr] has joined #bitcoin-wizards10:12
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has quit [Ping timeout: 240 seconds]10:22
-!- jb55 [~jb55@208.98.200.98] has joined #bitcoin-wizards10:23
-!- jb55 [~jb55@208.98.200.98] has quit [Remote host closed the connection]10:24
-!- jb55 [~jb55@208.98.200.98] has joined #bitcoin-wizards10:24
-!- Guest48334 is now known as artifexd10:27
-!- artifexd [sid28611@gateway/web/irccloud.com/x-bfhigtkjnzpisipb] has quit [Changing host]10:27
-!- artifexd [sid28611@unaffiliated/artifexd] has joined #bitcoin-wizards10:27
-!- artifexd [sid28611@unaffiliated/artifexd] has quit [Changing host]10:27
-!- artifexd [sid28611@gateway/web/irccloud.com/x-bfhigtkjnzpisipb] has joined #bitcoin-wizards10:27
-!- dansmith_btc2 [dansmith3@knows.the.cops.are.investigat.in] has quit [Remote host closed the connection]10:28
-!- grandmaster [dansmith3@knows.the.cops.are.investigat.in] has joined #bitcoin-wizards10:34
-!- Sub|zzz is now known as SubCreative10:34
-!- cbeams_ is now known as cbeams10:41
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]10:41
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards10:41
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]10:46
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards10:46
-!- maraoz [~maraoz@186.137.72.181] has joined #bitcoin-wizards10:48
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]10:58
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]11:11
-!- hashtag_ [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has joined #bitcoin-wizards11:14
-!- hashtag [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has quit [Ping timeout: 255 seconds]11:17
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards11:20
-!- Dizzle__ [~diesel@70.114.207.41] has joined #bitcoin-wizards11:22
sl01_G11:23
-!- Dizzle [~diesel@70.114.207.41] has quit [Ping timeout: 264 seconds]11:25
-!- Starduster_ [~Guest1@unaffiliated/starduster] has joined #bitcoin-wizards11:27
-!- Starduster [~Guest1@unaffiliated/starduster] has quit [Ping timeout: 240 seconds]11:30
-!- maraoz [~maraoz@186.137.72.181] has quit [Ping timeout: 255 seconds]11:31
-!- maraoz [~maraoz@186.137.72.181] has joined #bitcoin-wizards11:32
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards11:34
-!- MoALTz_ [~no@user-164-126-106-206.play-internet.pl] has quit [Quit: Leaving]11:38
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]11:45
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has quit [Remote host closed the connection]11:50
-!- adam3us1 [~Adium@host-92-19-90-29.as13285.net] has quit [Quit: Leaving.]11:54
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards11:55
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards12:03
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:8c3a:e13b:e5ac:9702] has quit [Ping timeout: 258 seconds]12:12
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has quit [Ping timeout: 256 seconds]12:15
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has joined #bitcoin-wizards12:18
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has joined #bitcoin-wizards12:23
-!- orik [~orik@remote.snococpa.com] has joined #bitcoin-wizards12:30
-!- mkarrer [~mkarrer@193.Red-79-155-137.dynamicIP.rima-tde.net] has quit [Read error: Connection reset by peer]12:34
-!- mkarrer [~mkarrer@193.Red-79-155-137.dynamicIP.rima-tde.net] has joined #bitcoin-wizards12:35
-!- xmk3 [~xmk3@unaffiliated/xmk3] has quit [Quit: foo]12:38
-!- sl01_ [~sl01@li431-44.members.linode.com] has quit [Ping timeout: 256 seconds]12:40
-!- atgreen [~user@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Remote host closed the connection]12:42
-!- sl01 [~sl01@li431-44.members.linode.com] has joined #bitcoin-wizards12:47
pigeonsanother proof of stake blog post from vitalik12:48
-!- OX3_ [~OX3@host86-147-77-244.range86-147.btcentralplus.com] has joined #bitcoin-wizards12:49
op_null"..particularly with regard to the supposedly fundamental “nothing at stake” problem. As it turns out, however, the problems are solvable.."12:50
pigeonsthe solution for new nodes appearing on the network that don't know the current state is to ask blockchain.info ;P12:52
pigeonsreally says that12:53
gmaxwellyes, indeed many systems work just fine if you invoke centeralization. Of course you can also dispense with the blockchain, mining, etc, entirely under that model.... and in doing so get something much more scalable.12:54
andytoshidoes pos.pdf say this? "obviously you can evade this by changing the security model"12:54
andytoshiactually w/e, if that needs to be said the reader is hopeless12:55
andytoshior shilling12:55
op_nullpigeons: oh hell it does say to trust blockchain.info.12:55
kanzureandytoshi: i think saying that is quite relevant12:56
gmaxwellandytoshi: I thought it was clear enough; but perhaps that point deserves to be made more clear... not because the real audience of the paper needs to hear it, but because it's used by confused or dishonest people to be overly dismissive.12:57
sl01"This security assumption, the idea of “getting a block hash from a friend”, may seem unrigorous to many; Bitcoin developers often make the point that if the solution to long-range attacks is some alternative deciding mechanism X, then the security of the blockchain ultimately depends on X, and so the algorithm is in reality no more secure than using X directly"12:57
kanzureandytoshi: to someone trying to think about distributed consensus, it may not be obvious to them that the solution is to not use distributed consensus12:57
sl01"However, this logic ignores why consensus algorithms exist in the first place. Consensus is a social process, "12:57
kanzurewhether or not it is a social process will not violate relativity12:58
andytoshigmaxwell: i'll think about it. kanzure made a point to me last night that my documents are not really structured for the target audience we currently have for them12:58
-!- OX3_ [~OX3@host86-147-77-244.range86-147.btcentralplus.com] has quit [Ping timeout: 244 seconds]12:59
kanzureright, something like "your readers hate you"12:59
andytoshithat is, they were written for people who wanted to be wizards, not laypeople dealing with well-funded charlatons..12:59
gmaxwellto some extent this is making the same mistake that the patent office makes in thinking that an algorithim running in the mind of a man is fundimentally different than running in semiconductors.12:59
-!- OX3_ [~OX3@host86-144-45-255.range86-144.btcentralplus.com] has joined #bitcoin-wizards12:59
kanzureyes, people do not have magical relativity violating powers12:59
gmaxwellandytoshi: well tis not our remit to save everyone from charlatons.12:59
kanzurecertainly13:00
op_nullandytoshi: your documents do well arguing to say, a hacker news reader.13:00
gmaxwellandytoshi: Surely we'd like to do some of that as a side effect; but at least what I've thought much of the goal was being able to sync up people like e.g. kanzure with basic premises we understand.13:01
kanzureinstead of writing "You are wrong because X" it may be more helpful to write "Here are some things that are important, and here is what Bitcoin does, and here is why some related proposals are totally broken and not worth your attention. Sorry if it wasn't apparent that this was contested, but I can't be held responsible for the levels of junk out there."13:01
moawell the algorithm running in a semiconductor can be objectively measured and has different physical constraints13:01
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has joined #bitcoin-wizards13:01
kanzure(the apology is not necessary of course)13:02
gmaxwellmoa: this isn't really making the case though... I mean, it makes the case for more "Computational security against review", perhaps, but I doubt security against review should be anyone's goal. :)13:02
pigeonsusaully the repsonse i get to andy's papers are "he didn't talk about ~my~ PoS algorithm or ~my~ twist on making an asic resistant system"13:02
op_nullandytoshi: I'm not sure how much contact you have with altcoins, but there's an interesting behaviour that's developed around pos.pdf now. it's seen as the "FUDers post this but they're wrong" easy way out of the argument, because of course NXT has solved all of those problems but the author is too dumb to realise it.13:02
kanzureandytoshi: arguably bram doesn't want to be a layperson, and he was extremely put off by the "Is ASIC resistance desirable? No." format to the point of not even reading past that.13:03
andytoshiop_null: i've seen responses on reddit which dismiss it, but never ever a coherent argument13:03
andytoshiabout a single sentence13:03
kanzure"NXT exists and works because centralization" might have to be made more obvious13:04
andytoshiwhich makes me suspect that none of them have actually read it, because i have and found some typos, and there is no way i was totally correct in a document i one-shotted in an 8 hour "i should finally teach myself what pos is about" session13:04
gmaxwellwell again, the point of the document as it stands is not to argue that case against every carnie; ... it's sadly infeasable to do that because they're adaptive and unbounded in number.13:04
-!- gavinandresen [~gavin@unaffiliated/gavinandresen] has left #bitcoin-wizards []13:04
op_nullandytoshi: I don't think you'll get one out of NXT supporters in particular. they can't even describe their security decisions let alone how your document doesn't apply to them. their misgivings hinge on the fact that NXT now doesn't allow reorgs, which is the basis of their security assumptions now to some degree.13:04
kanzure(of course, you don't have to say NXT explicitly. just "you can use centralization if you want, but the other parts become irrelevant and pointless")13:04
helocarnie >.>13:04
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]13:04
-!- bitbumper [~bitbumper@197.115.124.24.cm.sunflower.com] has quit [Ping timeout: 256 seconds]13:05
kanzuregmaxwell: how would you explain bram's eyebrow dismissal then?13:05
gmaxwellhelo: "get your popcoin, peanuts! altcoins gets your altcoins! hot salted altcoins! come see the bearded lady! hot salted altcoins"13:05
andytoshiop_null: so, my response to that is simply "what the actual fuck", i unfortunately have developed an emotional allergy to trying to parse such confusion, so i don't13:05
helohaha13:05
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards13:05
kanzurearguably bram is someone that matches the target demographic13:05
op_nullandytoshi: it's of course all well and good that people have to do manual reorganisations, but like vitaliks post it means that new people joining the network still have to "phone a friend" to get consensus.13:05
andytoshibram is, and i think we were pretty successful with him once we convinced him we were not morons and he should maybe read our stuff13:06
kanzureyes but it involved one-on-one hand holding13:06
kanzureand he did look at the paper, but then dismissed it immediately because it disagreed with him blatantly ("Is asic resistance desirable? No.")13:06
-!- OX3_ [~OX3@host86-144-45-255.range86-144.btcentralplus.com] has quit [Read error: Connection reset by peer]13:06
gmaxwellkanzure: he dismiseed it out of hand with a really powerfully bad bit of reasoning. Not sure there is much to do about that.13:06
andytoshiwell, he is uniquely qualified to be dismissive..13:06
kanzurei think that if the first word was not "no" he may have read on :)13:07
andytoshiso some hand-holding does not worry me13:07
op_nullgmaxwell: expecting a lady and getting a drunken, shaved bear pretty well sums up altcoins.13:07
gmaxwellI'd agree that he's in the target audience, but to some extent on the fringe of it.13:07
moavanguard maybe13:07
gmaxwellop_null: "You can do this one out of every 30 times and still have 97% positive feedback."13:08
op_nullgmaxwell: wait that was pig faced woman, not bearded ladies that were shaven bears.13:08
gmaxwellkanzure: (wrt fringe) I mean to the extent that his interest in patience in learning what is already known is demonstratively low.13:09
gmaxwellmaybe improving now that he's (maybe) less dismissing everyone involved in bitcoin as idiots.13:09
kanzuresure maybe he thought all of the altcoin-motivated-stuff was bitcoin13:10
kanzuremaybe making an outline of things that are already known would be helpful13:11
kanzureand then references/links to irc logs (or whatever else) can be added later as they turn up13:11
-!- OX3_ [~OX3@host109-153-169-240.range109-153.btcentralplus.com] has joined #bitcoin-wizards13:11
op_nullwhy is vitalik still going on about ASIC resistance too?13:12
kanzurei wonder if someone can replace nxt (and related) with thin clients connecting to a central server, and convince users to switch somehow13:12
moalike an O'Reilly's for bitcoin maybe?13:12
tromp_Is ASIC resistance desirable? One kind of resistance is, the other is not.13:12
op_nulltromp_: I'm pretty sure you have that term set as a ping in your client :)13:13
Luke-Jrtromp_: it's undesirable and impossible in theory13:13
Luke-Jrs/in theory/by definition/13:13
tromp_my client only pings for tromp:(13:13
gmaxwelltromp_: when you also considering botnets and amazon, it's not clear to me that any kind is. But I full agree thats debatable.13:13
gmaxwellLuke-Jr: impossibility doesn't imply undesirablity. :)13:13
Luke-Jrgmaxwell: I know, but it's both :p13:14
helopaypal is not centralized nxt?13:14
gmaxwellkanzure: how do you know they haven't already?13:14
op_nullkanzure: there's at least one altcoin that is pretty much that.13:14
Luke-Jrhelo: only if owning PP currency meant you had PayPal stock?13:14
tromp_the kind thats not desirable is having a complex compute intensive pow requiring a very elaborate asic design13:14
kanzuregmaxwell: because then they would be less intersecting the bitcoin world, i would hope13:15
helohmmm13:15
tromp_that's the kind inviting the No response13:15
op_nullkanzure: there's one which is like 100k lines of obfsucated javascript with hardcoded passwords. for all we know it's totally centralised, and yes it's a traded thing that people use as a real altcoin.13:15
TaekPaypal has a federated 2 way peg with the US dollar13:15
gmaxwelltromp_: you can seperate that further, complex design (NRE frontloading) is undesirable and potentially quite harmful, because it eliminates competition for hardware.13:15
gmaxwellTaek: except as a federation it's particularly sucky, as it's a single party.13:16
gmaxwelland it's unauditable.13:16
gmaxwellAnd even if you can prove they've violated the protocol, it has no effect.13:16
-!- OX3_ [~OX3@host109-153-169-240.range109-153.btcentralplus.com] has quit [Remote host closed the connection]13:17
tromp_the other kind is that any conceivable (in familiar process technology) ASIC design won't have a huge performance gap with commodity hardware13:17
tromp_i would say that kind is desirable13:17
Taekgmaxwell: if PayPal acts sufficiently dishonestly the FBI will get involved, so it's not exclusively 1 party13:17
Luke-Jrtromp_: now explain what stops me from taking the commodity hardware and removing the parts I don't need to make an ASIC that performs better13:17
heloheh, it would be interesting if centralized-nxt had a split between "everyone else" and the central point13:18
Luke-Jrtromp_: the only way to do that is to make the commodity hardware *be* the ASIC itself - but that's not ASIC resistence, it's ASIC-is-already-deployed13:18
tromp_ok, Luke, imagine a cheap octa-core arm that has siphash as a native instruction13:18
tromp_you could hook that up to some dram chips and run cuckoo well.13:18
Luke-Jrtromp_: then you've got the rest of the ARM core eating electricity, producing heat, and slowing it down13:18
gmaxwelltromp_: maybe there should be a flowchart. I think that if/once you get down to gap reduction it's still not a closed argument, because botnets and commidity hardware; more considerations show up.13:19
tromp_or run the cuckoo logic on an fpga13:19
tromp_the mining cost may still be dominated by dram cost13:20
op_nullFPGA have an annoyingly high cost for their speed13:20
tromp_but cuckoo doesn't need much speed! only enough to saturate the dram13:20
Luke-JrIIRC some FPGA patents are expiring soon? ;)13:20
gmaxwellLuke-Jr: yea... hopefully the fpga market should heat up.13:20
tromp_any exotic ram, even if faster, will not be cost competitive13:21
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has quit [Quit: leaving]13:21
tromp_Luke, that arm core could produce less heat than the dram it's keeping busy13:22
op_nullisn't the power consumption of dram almost nothing?13:22
-!- licnep [uid4387@gateway/web/irccloud.com/x-qnnyvzavenwylxbe] has quit [Quit: Connection closed for inactivity]13:23
tromp_my claim is that $100 worth of custom hardware will not be orders of magnitude more efficient than $100 of commodity hardware13:23
tromp_which will keep many people mining on their existing hardware, even at a loss13:23
-!- Dizzle [~diesel@70.114.207.41] has joined #bitcoin-wizards13:24
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]13:24
gmaxwelltromp_: I have bitmain S1 miners here, underclocked as they are they're less than half as power efficient as my spoondooles S10... but they are turned off.13:24
gmaxweller not less than half.13:25
gmaxwell(they're about 75% as power efficient)13:25
tromp_yes, gmaxwell, but they're just obsolete custom hardware13:25
tromp_people don't turn off their desktop just because it's 2 years old13:25
tromp_it still works fine for them13:26
gmaxwellThey stopped cpu mining with bitcoin while it was still power-profitable to do so, even at $0.3/kwh.13:26
-!- Dizzle__ [~diesel@70.114.207.41] has quit [Ping timeout: 258 seconds]13:26
tromp_the commodity-custom gap is just way too big for bitcoin, and for scrypt as well13:27
gmaxwellPretty sure I was the last guy left still cpu mining (with my gobbs of opteron cores), meanwhile people were all actively telling each other that cpu mining was stupid and pointless. We don't need to speculate about this.13:27
moahow can a computer authenticate that it is interfacing/communicating with a human?13:27
helomoa: an oracle13:28
-!- AnoAnon [~AnoAnon@197.37.73.249] has joined #bitcoin-wizards13:28
kanzure(you have to cheat)13:28
-!- AnoAnon [~AnoAnon@197.37.73.249] has quit [Read error: Connection reset by peer]13:28
moalike a reverse turing test?13:28
op_nulltromp_: I think you are overestimating memory power usage somewhat. a random chip I picked off mouser screams along at 1.6GHz and draws 0.4W while doing it. 1.6W/GB or something like that.13:28
tromp_yes, it's on the order of 1W per  memory chip13:29
kanzuremoa: no13:30
tromp_but an arm core won't have to do many siphashes to saturate that memory chip and could easily use less than 1W13:30
tromp_an fpgu would do it with milliwatts13:31
tromp_fpga13:31
op_nullthat's still a lot better than my PC hardware. it draws something like 75W at idle.13:32
Elielgmaxwell: Well, it's probably not worth the time to keep checking that the miner is still running fine if you don't make at least some minimum amount per day.13:32
gmaxwellEliel: turns out that general desktop users get really unhappy if their computer is busy, and they do actually turn them off, don't like the noise they make when not suspended, etc. (The reason the ltcscrypt has such a small size is because larger thrashed caches so bad that it hurt interactivity, even running as an idle background task, apparently; or so said art)13:34
moaso anybody wondered about working an oracle into a mining algorithm?13:34
-!- NewLiberty [~NewLibert@2602:30a:c0a9:c3e9:7cc4:b642:6b45:6967] has joined #bitcoin-wizards13:35
BlueMattamiller: yea, theres also that guy on the forum who seems to have a passion for connecting to everyone just because he can13:38
amillerBlueMatt, who?13:38
BlueMattamiller: also, IIRC, (s)he doesnt do any procesing of data before relaying13:38
op_nullamiller: /Snoopy0.1/13:38
amilleroh yeah snoopy13:38
BlueMattno, not snoopy13:38
BlueMattgangnam style13:38
BlueMatt /nogleg13:39
kanzureandytoshi: check out page 2 second to last paragraph http://www.chroem.net/VAPUR.pdf (not sure if this is novel)13:39
op_nullthere's at least 4 of them. one badly pretends to be Satoshi but mucked up the version name.13:39
BlueMattsnoopy is the eth guys, no?13:39
kanzure"use this hash of the request to determine which nodes will be responsible for arbitration"13:39
helomoa: the oracle is a centralized point of trust by definition13:39
kanzureoh that's not repeatable, hm13:39
heloso it kinda depeats the purpose :)13:39
moanot the oracle we are looking for13:40
op_nullBlueMatt: no, I don't think it's Ethereum related at all.13:40
BlueMattop_null: huh? nooooo, eth zurick13:40
BlueMattzurich, that is13:40
gmaxwellBlueMatt: well it's easy to make noleg vanish off the network, just relay a transaction with a bad signature to it and everyone bans it.13:40
BlueMattgmaxwell: yes13:41
-!- maraoz [~maraoz@186.137.72.181] has quit [Ping timeout: 264 seconds]13:41
BlueMattop_null: tell me ethereum isnt trying to use the eth symbol :(13:41
BlueMattever heard of googleing before selecting a name?13:41
op_nullBlueMatt: oh no, sorry I extended eth to ethereum.13:42
-!- maraoz [~maraoz@186.137.72.181] has joined #bitcoin-wizards13:42
op_nullBlueMatt: but yes, they do use ETH as their shorter name for Ethereum13:42
BlueMattgmaxwell: someone should run a node behind some regular-changing-ip that relays invalid signatures to all nodes with strange version messages13:42
BlueMattgmaxwell: ie someone in .de behind deutsche telekom who gets a new ip every 24 hours whether they like it or not (not sure if they still do that...they used to)13:43
op_nullBlueMatt: people might have tried that already :>13:43
op_nullnot on a wide scale, just to see if a particular node relays them (it didn't)13:44
kanzurethis section of http://www.chroem.net/VAPUR.pdf seems very likely to be broken or wrong: "In other blockchain implementations, nodes creating new blocks are free to put whatever content"13:47
kanzuresomething about not allowing new peers unless existing peers agree?13:47
kanzure*existing peers agree to allow the new peer13:49
-!- Dizzle__ [~diesel@70.114.207.41] has joined #bitcoin-wizards13:49
kanzurei don't think "reverse sybil attack" is quite the right name for "an arbitrary compatible history"13:50
gmaxwellkanzure: so hard to not just completely ignore things that can't bother to get even the most simple details right.13:52
-!- Dizzle [~diesel@70.114.207.41] has quit [Ping timeout: 258 seconds]13:52
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards13:53
op_nullgmaxwell: doesn't stop that sort of thing from getting funding though, nobody else can see the red flags :(13:53
-!- bramm [~bram@38.99.42.130] has joined #bitcoin-wizards13:53
brammHey everybody13:54
tromp_hi, Bram13:54
kanzureoh had i known that they received funding i wouldn't have bothered looking13:54
-!- nuke1989 [~nuke@ppp-2-87-136-239.home.otenet.gr] has quit [Ping timeout: 244 seconds]13:54
BlueMattwe need a pre-funding #bitcoin-wizards arbitration system13:54
brammOh hey Tromp, I wanted to ask you some questions about cuckoo13:54
tromp_please do13:54
brammFirst, why is the graph bipartite? How does that matter?13:54
tromp_to simplify the algorithm13:55
moaBlueMatt: you could contract the out even13:55
op_nullkanzure: careful, I don't know anything about that project and didn't say they'd got funding for it. just in general things with technical red flags aren't picked up by the people who might fund them.13:55
-!- Dizzle__ is now known as Dizzle13:55
brammBut it could work fine on a non-bipartite?13:55
tromp_otherwise i have to deal with self-loops13:55
brammOh right, that makes sense13:56
-!- nuke1989 [~nuke@ppp-2-87-136-239.home.otenet.gr] has joined #bitcoin-wizards13:56
tromp_but it also simplifies the trimming13:56
tromp_which can alternate between the two sides13:56
tromp_finally, the tmto algorithms that use a breadth first search would get significantly more complex13:56
brammSo the overall view is that it requires N memory, and basically one pass over the whole thing with O(1) random lookups for each element?13:57
tromp_no, there's many passes (rounds of trimming)13:57
tromp_the basic algorithm is single pass though13:58
tromp_and #passes is still constant13:58
brammI think I understand the basic algorithm, I don't understand the multiple passes thing, it doesn't seem to be in the white paper13:58
tromp_yes, it's the edge trimmming section13:58
tromp_although it doesn't say much on number of rounds, i think13:59
tromp_the trimming just has to get the fraction of edges down to like 2%14:00
brammOh I see, I assumed that that was just as single pass, I'll have to process it14:00
tromp_no, trimming is in fact the majority of runtime (>98%)14:01
brammSo when you're done trimming everything remaining is in loops and it's a matter of finding a loop of the right length?14:01
tromp_no, many paths remain14:01
tromp_trimming just cuts of edges near leaves14:02
-!- hashtag_ [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has quit [Ping timeout: 265 seconds]14:02
tromp_cuts off14:02
tromp_which happens to be the vast majority of edges14:02
brammHow can there be any nodes which aren't part of a loop if all terminal nodes have been removed?14:02
tromp_there's like a dozen rounds of trimming14:02
tromp_it doesn't remove all leaf edges14:03
-!- OX3 [~OX3@host109-153-169-240.range109-153.btcentralplus.com] has joined #bitcoin-wizards14:03
tromp_doing that would require thousands of trimming rounds14:03
-!- NewLiberty [~NewLibert@2602:30a:c0a9:c3e9:7cc4:b642:6b45:6967] has quit [Ping timeout: 258 seconds]14:03
tromp_since you can have such long paths14:03
brammOh right14:03
-!- Dizzle__ [~diesel@70.114.207.41] has joined #bitcoin-wizards14:04
tromp_you just switch to the basic algorithm when you can afford to (memory wise)14:04
tromp_since the basic alg is very efficient at identifying loops)14:04
tromp_did you run the code?14:05
brammNo I've just read the paper and am absorbing it14:05
brammI'm struck by how special having an average fanout of 1 is14:05
tromp_just git clone and make test, it may be instructive to see it in action14:06
tromp_yes, it's on the threshold between having no and having tons of cycles14:07
-!- Dizzle [~diesel@70.114.207.41] has quit [Ping timeout: 264 seconds]14:07
brammLess than that and there are no loops, more than that and they're easy to find14:07
tromp_classic S curve14:08
-!- Dizzle__ is now known as Dizzle14:08
-!- OX3 [~OX3@host109-153-169-240.range109-153.btcentralplus.com] has quit [Ping timeout: 244 seconds]14:08
-!- OX3 [~OX3@host109-150-169-60.range109-150.btcentralplus.com] has joined #bitcoin-wizards14:09
brammAlso all the potential crypto issues people were talking about yesterday are a non-issue. If you secure hash the input before using it to generate nonces then all you're relying on is that hashing for security14:09
brammI'm much more concerned about the possibility that there might be some clever algorithm which might get rid of all the random lookups14:10
tromp_yes, i find it puzzling that zooko thinks there's anything to be attacked in the internal hash14:11
tromp_algorthmic improvements are the only likely problem14:12
brammI need to get lunch, be back in a minute with more questions14:12
tromp_in the worst case cuckoo just reduces to having to compute a few billion siphashes14:13
-!- rdponticelli [~quassel@gateway/tor-sasl/rdponticelli] has quit [Ping timeout: 250 seconds]14:20
brammYes but what's really interesting is the random memory accesses14:21
-!- OX3 [~OX3@host109-150-169-60.range109-150.btcentralplus.com] has quit [Ping timeout: 265 seconds]14:21
tromp_yes, those are hard to avoid14:22
brammWe can get the memory usage with a simpler scheme which has a smaller size of proof14:22
tromp_what do yo mean?14:22
brammJust using 4sum like I suggested will have a proof of work which is less than 200 bits instead of more than 100014:23
brammSo, here's my thought as to an algorithm for trying to do cuckoo faster, primarily worrying about avoiding random memory accesses:14:24
tromp_why wld you want to avoid rnd accesses?14:25
-!- OX3_ [~OX3@host86-181-187-243.range86-181.btcentralplus.com] has joined #bitcoin-wizards14:25
brammAs an attacker, trying to do the proofs as quickly as possible, assuming that the random accesses are the expensive thing14:25
-!- go1111111 [~go1111111@162.244.138.37] has quit [Ping timeout: 265 seconds]14:26
brammI mean, on the implementation side we want to do as few random accesses as possible to make things fast. I mentioned that shorter proofs thing because *if* it's possible to completely avoid the random accesses in implementation then there are some other proofs of work which might be preferable14:26
tromp_cuckoo aims to make rnd access unavoidable14:26
tromp_and thus makes the pow more power-friendly14:27
brammRight, we're in agreement on this14:27
brammSo here's my thought about a way of finding the loops which might avoid a lot of the random accesses:14:27
brammFirst we make a list of all nodes which it's possible to reach after exactly one hop, and a back pointer for each from where it came from14:28
brammThen we sort these14:28
tromp_bramm., did you read the sections on TMTO algorithms?14:28
tromp_you're proposing a variation on those. but they're not memory competitive with the trimming algorithm14:29
-!- OX3_ [~OX3@host86-181-187-243.range86-181.btcentralplus.com] has quit [Remote host closed the connection]14:30
brammThen we make a new list of all the nodes which can be reached after two hops, again including back pointers, and not allowing backtracking to get here, and we again sort that14:30
brammrepeat a certain number of times until the number of nodes left in the list is fairly small, then run the general algorithm14:30
brammMost of the paper's words have passed before my eyes, that doesn't mean I've understood them all :-)14:31
tromp_you're proposing to speed up the TMTO algorithms by sorting14:32
-!- Graftec [~Graftec@gateway/tor-sasl/graftec] has quit [Remote host closed the connection]14:32
brammYes, because sorting avoids random accesses14:32
-!- Graftec [~Graftec@gateway/tor-sasl/graftec] has joined #bitcoin-wizards14:32
tromp_note that those algorithms are over 20x slower to begin with14:33
brammWell that could kill it right there14:33
tromp_because they dont use memory as efficiently14:33
tromp_you can try modify the source code that i provide14:34
tromp_you can even win a bounty if you speed up the tmto's substantially14:34
tromp_btw, note that my trimming algorithm also does some bucket sorting of accesses14:35
tromp_but the acccesses are still many cache lines apart14:36
brammYeah it might be a very similar thing, I'll have to spend more time thinking about it14:36
brammYou can speed up bucket sorting by having separate near and far groupings, so you wait until there are multiple things to put into a far bucket before actually putting stuff there14:37
tromp_so it's not like you're gonna get nice consecutive accesses14:37
-!- op_null [~op_null@178.62.133.216] has quit [Quit: leaving]14:38
brammDo you have any idea how to get a closed form formula, or even non-monte-carlo approximation, for the chances of there being a loop of a given length?14:40
tromp_no, i don't14:41
tromp_except for length 214:41
tromp_but the expected # of such loops should be easy to derive14:43
tromp_just using linearity of expectation14:44
-!- Dizzle__ [~diesel@70.114.207.41] has joined #bitcoin-wizards14:44
-!- Dizzle [~diesel@70.114.207.41] has quit [Disconnected by services]14:45
-!- Dizzle__ is now known as Dizzle14:45
-!- Quanttek [~quassel@2a02:8108:d00:870:993a:1c88:3499:1380] has quit [Ping timeout: 258 seconds]14:45
tromp_well, good news: cuckoo cycle was accepted for BITCOIN 201514:48
brammGood to hear14:51
-!- orik [~orik@remote.snococpa.com] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]14:51
-!- OX3_ [~OX3@host86-181-187-243.range86-181.btcentralplus.com] has joined #bitcoin-wizards14:57
zookoYay!15:00
brammOkay I understand the trimming now but don't follow why it speeds things up. Doesn't it still have to do a random lookup per edge?15:00
brammzooko, if the input to cuckoo is run though a secure hash before being used your concerns about cryptographic security within the core don't matter15:00
brammI mean, it's trivial to generate strings which end in a bunch of zeros, we can still use those for proofs of work.15:01
tromp_the trimming is not a speedup but a big memory savings15:01
tromp_the basic algorithm takes 32 or 64 bits per edge15:01
tromp_the trimming only takes 1 bit15:01
brammOh right, because the limiting factor on cost is memory?15:01
tromp_yes15:01
brammI see15:01
zookoIf we could figure out how to generate 4 edges from a single blake2s invocation, that would be about twice as efficient as generating 4 edges from 4 siphash-2-4 invocations...15:03
brammzooko, It doesn't matter, blake2 wins you no security over sip hash15:03
-!- phantomcircuit [~phantomci@smartcontracts.us] has quit [Ping timeout: 256 seconds]15:04
tromp_zooko, just make a narrow blake2 of width 64 bits15:04
zookoI don't understand why you say that.15:04
zookotromp: Yeah, that would be fine, and it would be about half as efficient as SipHash-2-4.15:04
brammzooko, because the existence or not of a cycle is entirely dependent on the security properties of the secure hash which you ran your input though before generating the nonces15:04
-!- phantomcircuit [~phantomci@smartcontracts.us] has joined #bitcoin-wizards15:05
* zooko casts Summon lmgoodman15:06
-!- bifforoni [~zorin@bzq-84-108-84-113.cablep.bezeqint.net] has joined #bitcoin-wizards15:06
-!- orik [~orik@remote.snococpa.com] has joined #bitcoin-wizards15:06
-!- OX3_ [~OX3@host86-181-187-243.range86-181.btcentralplus.com] has quit [Ping timeout: 258 seconds]15:07
-!- licnep [uid4387@gateway/web/irccloud.com/x-bxsgacpuydvpnkim] has joined #bitcoin-wizards15:07
tromp_i think these discussions are going nowhere and we just have to agree to disagree on whether attacking cuckoo through lack of security of siphash is at all conceivable15:08
tromp_i dont even understand what bramm just said:(15:09
gmaxwellif it's security irrelevant, replace it with the identity function or x*2862933555777941757+3037000493 mod 2^6415:10
gmaxwellthats much faster than siphash.15:10
zookoI would be happy to try generating a more precise argument, but not right now.15:10
zookogmaxwell: ;-)15:10
gmaxwell(and less code too)15:10
-!- coke0 [~coke0@2607:fb90:1f06:f791:2afb:bafc:1ad4:2578] has joined #bitcoin-wizards15:11
brammgmaxwell, There's a later step of finding the loop, if the function is *too* simple, there may be shortcuts to finding the loop. In particular for a modular function like you propose it would probably have very long chains for trivial mathematical reasons15:12
brammThat said, sip hash is probably overkill - each step of loop finding is analogous to a single feistel round, and sip hash is much stronger than that15:12
brammtromp_, My point is, if an attacker can put any random stuff directly into the keying of the sip hash which forms the challenge then I'm a bit worried about attacks. If you sha256 it first there's nothing left.15:13
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]15:13
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards15:14
tromp_i alrd told zooko he should not hesitate to replace that sha256 step by blake2 :)15:15
brammAny attacks which are on *finding* the loop have very limited use of cryptography, because the cryptographic attack would have to outperform the alternative, which is to just do the cuckoo algorithm, which is by design fairly easy15:15
gmaxwell"analogous to a single feistel round" is bordering on technobabble.  The point I was making was that the function has security considerations but they're being swept under the rug here.  (and the function I gave intentionally has a period of ~2^62 ... which you may perhaps find to be suboptimal. :P it wasn't a serious proposal)15:15
gmaxwellagain, if any attack is a non-consideration, then a trivial function is sufficient.15:16
tromp_gmaxwell: the period is of no interest in cuckoo since there're no repeated hasing15:16
tromp_just a mapping to take a nonce to an edge endpoint15:18
brammgmaxwell, The only relevant question is whether you can find a 42nd pre image in less than 10 seconds15:18
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 240 seconds]15:18
brammThat's basically what an attack would boil down to. Anything where you're confident in that and you're fine. Which sip hash is.15:19
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Read error: Connection reset by peer]15:20
gmaxwellAccording to what research? ... and why do you assume that this is the only interesting attack?  What happens if an attacker is able to implement the function 100x more power efficiently?15:20
brammgmaxwell, Power efficiency doesn't matter because the CPU is sitting around bored15:21
Luke-Jrlol15:21
brammgmaxwell, and 'a single round of feistel' isn't technobabble, the fact that you think that shows that you're unfamiliar with the design of block ciphers15:22
Luke-JrCPUs have sat around bored for like a decade15:22
Luke-Jrhaven't*15:22
gmaxwellI'm familar with the design of block ciphers;  It's technobabble because it says absolutely nothing about security. I know what the words mean, I don't believe that you do, however.15:22
brammThere are common expectations for what a single round of a feistel cipher does, and it's less than siphash15:23
brammHonestly I can't justify something which has symmetric cipher properties if you dismiss terminology from symmetric ciphers as technobabble15:24
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards15:24
gmaxwellSure and a modern block cipher is analyized for its properies overall and in reduced round constructions. An arbritary function stuck into a set of lifting steps does not magically make for a block cipher that meets any particular security requirement... nor to I have any reason to think that block cipher security behavior is at all relevant for a POW.15:25
gmaxwellI'm just seeing a lot of irresponsible design work in here today. It's disappointing.15:25
moaprobably need a tighter definition of technobabble here15:25
brammgmaxwell, Have you read through how cuckoo works? The vast majority of crypto concerns one might have simply don't apply15:26
brammstarting with that doing a crypto attack when there's a perfectly normal proof of work as the intentionally designed immediate alternative is ridiculous. This isn't a block cipher.15:26
gmaxwellI read an earlier version of Trom's paper on it. I have a general understanding of it.15:27
-!- OX3_ [~OX3@host86-181-187-243.range86-181.btcentralplus.com] has joined #bitcoin-wizards15:27
-!- go1111111 [~go1111111@c-174-61-204-17.hsd1.wa.comcast.net] has joined #bitcoin-wizards15:27
gmaxwellbramm: Glad that you've realized that it isn't a block cipher.15:27
gmaxwellThe security concerns are different from a block cipher.  Internal structure in a work function has many times in the past lead to surprising optimizations.  One of the special challenges of work functions is that small optimization factors (like <10x) can still have a huge effect, which is unlike most cryptographic questions where we mostly care about asymptotic differences.15:29
brammI really don't understand your point. Would you have more confidence in my proposal to use 4sum? That has a much stronger mathematical backing.15:29
brammgmaxwell, we were just discussing the possible optimizations of implementation of cuckoo, none of them have to do with the prng, that isn't the weak point15:30
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards15:30
gmaxwellI think it's very concerning that in one breath it's argued that the structure of the internal hash function is irrelevant to security; and then in the next, replacing it with truly trivial (e.g. linear or identity) function is not.  So whats the security criteria one function passes that the other does not?15:31
gmaxwellbramm: someone optimizaing doesn't care what you think is weak they'll use any and all options, and to be secure a function must resist all of them; especially the ones you didn't think of.15:31
brammIt's lacking trivial modular mathematical properties. The sort of things which sip hash is designed specifically to not have15:31
brammsip hash is meant to be suitable as a keying algorithm in a hash table when an attacker is controlling the inputs, to continue to have even distribution regardless of what the attacker does. That is exactly the property which cuckoo is relying on15:32
brammYou also haven't answered my question about using 4sum15:33
gmaxwellWhich properties, specifically, are required?   So you're saying uniformity given attacker controlled but distinct inputs? even though the attacker knows the function?15:33
gmaxwellbramm: the underlying problem is more or less irrelevant to the specifics of optimization; assuming it's well studied in general.15:34
gmaxwellZooko made the argume above that blake2's uniformity properties had a ton of peer review and this was previously dismissed as inconsequential.15:34
brammgmaxwell, 4sum is extremely well studied. And the number of inputs into it is small enough that using a cryptographically secure hash for it wouldn't cost a significant amount of cpu15:35
brammnot inconsequential, overkill15:35
brammAnd I mean seriously, are you even aware of how many layers of stuff you'd have to break through to attack cuckoo based on the crypto, and how easy the same computations are to do just by doing them?15:36
gmaxwell(I'm mostly just continuing zooko's argument. My own concern are higher level; and more meta. E.g. concern about the wisdom of the specific goals, which reasonable people can disagree on,  and concern with what sounds like a very sloppy and dismissive attitude around security)15:36
brammgmaxwell, this isn't sloppy. Cuckoo is a coherently thought out and specified primitive. It's being published to be studied. It's based on well known primitives and problems15:37
gmaxwellbramm: I think you are showing a remarkable lack of awareness at how easy it is to screw up a part of a cryptosystem.  Again I repeat, you fundimental advance is needed in any particular area to turn out to have a design which can be substantially optimized.15:37
gmaxwellbramm: yes, the work here I introduced you to less than 24 hours ago, if you might recall.15:38
brammgmaxwell, You're making a highly general statement where I'm making a very specific statement about a very specific thing15:38
adam3ustromp: your restatement of andytoshi's claim that asic resistance is not desirable seems fair to me.  (that there exists negligible perf difference between general purpose hardware that could be interesting).  however it seems generically impossible.  "hardware wins"?15:39
gmaxwellBecuase I haven't gone out and broken it yet.  An example is scrypt that has some nice security proofs even, ... and then in litecoin when the rubber met the road the gpu implemenations were able to get big TMTO gains and produce high performance implementations that were previously claimed to be impossible.15:39
-!- OX3_ [~OX3@host86-181-187-243.range86-181.btcentralplus.com] has quit [Ping timeout: 264 seconds]15:41
adam3ustromp: and it seems desirable to have cheap hardware not expensive hardware so that we get closer to the objective of having the proof of cost be predominantly electrical cost (not amortised equipment cost)15:41
gmaxwellbramm: so what I'm saying is that the dismissve approach of "construct X is well studied, and Y is well studied, and Z is widely used, all in areas unrelated to POW"  doesn't mean that a particular composition of them is secure.  I recommended talking to tromp because he's basically the only person in this space even trying to do a good job. (and AFAICT doing so, within the confines of the goal he's adopted and the limitations of a ...15:41
gmaxwell... single person for a fairly short amount of itme)15:41
brammgmaxwell, I'm very concerned about such things for cuckoo, but like I said before the problems aren't in siphash15:41
bramm... I am talking to tromp15:42
gmaxwellbramm: perhaps it's not the weakest link sure. That I can buy. I wouldn't have brought it up myself, other than the fact that I expirenced some horror at zooko expressing concern and being dismissed.15:42
-!- RoboTeddy [~roboteddy@173.247.202.131] has joined #bitcoin-wizards15:42
gmaxwellI know you are.  I pointed that out because the prior sentence sounded like I was dismissing his efforts, which wasn't my intention.15:43
brammgmaxwell, My dismissiveness of what zooko is saying is over his contention that it may be possible to manipulate and insert loops or something like that, which it clearly isn't, because of the cryptographic properties of the hash function used at the beginning15:43
brammI mean, there are possible attacks, but not there15:44
coke0What is the best case scenario with ASIC resistant PoW? So for a while you have more de facto decentralization due to many people having low marginal cost in CPU cycles. The minute mining becomes a bit big, people will be happy to rent their CPU power to a pool. In general, cheap CPU cycles are an anomaly bound to be arbitraged away in the future15:46
gmaxwellbramm: How are you getting to that reduction? e.g. if I grind the initial hash, if the interior portion is sufficiently weak I may be able to very rapidly produce solutions.  Keeping in mind that there is something like a 20,000:1 difference is hashes/$ for sha256 between a general cpu and dedicated hardware (and considerably more in terms of H/joule).15:46
brammtromp_, My thought is that there may be some tricks which can reduce random access lookups in the trimming phase: First bucket sort as many edges as you can fit in near cache, then update those in memory in order, then maybe you've done fewer far random accesses15:47
tromp_bramm: that's what the current implementation does15:47
gmaxwellcoke0: right that is related to the botnet/ec2 concerns; e.g. million node botnets.  It's hard to reason about what the implications are. They've been used to blow away some altcoins in te past.15:47
tromp_using L2/L3 cache for the buckets15:47
gmaxwellcoke0: but thats a space thats hard to reason about.15:48
brammgmaxwell, If the inputs are secure hashed first, then there's nothing an attacker can do to increases or decrease the chances than any particular input they try actually contains a cycle, because cryptographically secure15:48
coke0less cryptography, more game theory15:48
brammThe borg is coming to get us!15:49
brammgmaxwell, Now determining whether there is a cycle and finding it, that's another story15:50
tromp_adam3us,coke0: i don't know what all the implications are of shifting power costs to equipment costs. but i feel that narrowing the custom/commodity performance gap is desirable15:50
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)]15:51
tromp_and beneficial for decentralization15:51
TaekI also don't fully understand why high ongoing costs (electricty) would be desirable vs. high equipment costs15:51
brammtromp_, How do you know the size of the near cache?15:52
adam3ustromp:  this (narrowing range of equipment advantage) was the original motivation of the memory bound functions (memory bandwidth limited) that memory latency was less varying than cpu power.15:52
gmaxwellTaek: because equipment costs are amortized.   E.g. you can see them as a centeralization effect. Now, I'm not trying to argue that this consideration breaks anything in particular.15:52
tromp_bramm: you'd recompile for different platforms on which you run cuckoo15:53
gmaxwellIt's just a consideration which I don't well understand at this point.15:53
tromp_bramm there's a few #define's for setting bucket sizes15:53
moaTaek: electricity is already widely available, expensive hardware not15:53
brammAh, gotcha15:53
coke0tromp_: I tend to agree, it buys a few years, but it feels like a bandaid15:54
gmaxwelltromp_: an argument Luke-Jr was trying to make earlier was that sha256 grinding asics are are already a commodity. Not as much as standard dram, but people are doing 20 million dollar mfgr runs of them, you can buy them by the reel fabricated on state of the art process.  Just something to think about.15:54
tromp_adam3us: also latency is a lot less varying than memory bandwidth15:54
zookoOkay, I have another thing to offer on the "hash function in cuckoo" topic.15:54
zookoI hope it is not unwelcome.15:54
zooko15:54
zookoIt would be possible to naively assume that a successful attack on cuckoo would have to take one of two forms:15:55
Taekhmm. moa: shipping is pretty cheap, but centralization of manufacturing facilities could be an issue15:55
zookoa) get a random graph, find a better optimization for finding a cycle in it15:55
adam3ustromp: if costs are shifted to equipment, do we know that the cost is linear in performance.  an old example is the people doing the memory bound pow stuff back in 2002 would probably be surprised by CPU cache sizes these days.15:55
zooko(including heuristically, i.e. your better optimization can choose to give up and go to a new random graph, if that helps)15:55
tromp_gmaxwell: but they're not a commodity that hold value well over a f ew years, unlike DRAM15:55
gmaxwellIf it does turn out to be the case that specalized CRAM or on-chip-via something another is several times more cost effective for cuckoo then I'd worry that even if the gap was small expirence says all the non-specialized hardware is out of business, and that new hardware may be less commodity than sha256 grinding asics. But this is somewhat in the realm of speculation.15:55
kanzureif there are truly no particular manufacturing optimizations to make for DRAM then would homebrew DRAM manufacturing work15:55
zookob) find a way to trick cuckoo into generating a random graph that has a cycle sitting there for you on a silver platter.15:56
tromp_and they're totally single purpose15:56
adam3ustromp: or hardware hackers are more creative than software give them credit for.15:56
zookoBut, this simplistic dichotomy would overlook possible attacks on cuckoo which involve biasing the graph in some way so that a (heuristic) cycle-finder can be more efficient.15:56
tromp_adam3us: cuckoo can scale memory use dynamically15:56
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]15:56
zookoIncluding the possibility of parallel approaches, i.e. the thing I suggested yesterday where you generate many biased graphs with some relation to one another, in order15:57
zookoto make your cycle-finder able to achieve superlinear cycle-finding in linear RAM.15:57
zooko(And of course superlinear computation.)15:57
gmaxwellzooko: it's not clear to me how such an approach actually fits into the application, since each run of this is initilized with its starting conditions.15:57
zookoSo, if you argue that there's no plausible way that a weakness in cuckoo's internal hash function could lead to a cycle sitting there for you on a silver platter, that's not a proof that there isn't some other successful attack.15:58
zookogmaxwell: my understanding of cuckoo may be incomplete... I think that "the attacker", i.e. the miner, has to build on top of a given input (e.g. the hash of the current block), and then gets to choose arbitrary nonces to mix in.15:59
tromp_no zooko, you get to choose the macro nonce and nothing else16:00
tromp_that fixes the graph16:00
zookoAh.16:00
Taekgmaxwell: amortization of equipment costs is less of a centralization thing and more of needing to be in it for the long haul. As I understand, it's only a centralization problem if the entry costs are high (e.g. needing a $150 miner to be competitive vs. needing a $15,000 miner to be competitive).16:01
-!- orik [~orik@remote.snococpa.com] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]16:01
coke0entry16:01
coke0cost is dominated by variance16:02
adam3ustromp: "the size of this array is chosen to be significantly larger than the largest cache available; at present, the size of hte array could be 16MB, say" :)  (2002 first paper on memory bound PoW.)16:02
coke0not the cost of the equipment per se, but the economic opportunity cost16:02
zookoI think this is the Fiat-Shamir transform: instead of me giving you a random graph and you solving a challenge in it (e.g. find a cycle in it), you can give16:02
zookome a random graph along with a solution to the challenge, but you have to prove that the graph was generated in a way that it would be hard for you to have picked an easy one.16:02
-!- JeremieDeNoob [~jeremiede@modemcable026.213-130-66.mc.videotron.ca] has quit [Remote host closed the connection]16:03
zookoI.e., by generating the graph using (in the old style, at least) a Random Oracle from something else that you are committed to,.16:03
zookoAm I understanding "Fiat-Shamir transform" right?16:03
brammzooko, You can't make the graphs biased16:03
tromp_coke0: one scenario is: big mining operators will fill warehouses with fpgas and dram clusters but will be less centralized because cooling and power costs are less of an issue16:03
brammSorry, accidentally missed the last few minutes of discussion before sending my last message16:04
coke0the cooling argument works at massive scales16:04
tromp_the scale will be limited by dram costs16:04
gmaxwellTaek: I don't quite follow that argument. Lets assume the operating costs are ~0. Say today mining is very profitable and so I go out and buy huge amounts of ram based hardware, enough to the point where I'm moving the market price and disrupting my profit plans or changing the network difficulty.  Okay. great. now time goes on and difficulty rises (from me and others doing that).  New entrants are locked out because they cannot ...16:05
adam3uszooko: fiat-shamir transform is using a hash output as a fair challenge.16:05
coke0so cooling won't be a limiting factor16:05
gmaxwell... expect a positive investment (e.g. relative to x% apy or whatever they'd expect in boring market investments).16:05
gmaxwellyea, thanks coke0 economic opportunity cost is what I should have said there, as thats more complete.16:05
coke0gmaxwell: exactly, mining has to offer a better sharpe ratio than the S&P16:05
brammI still haven't seen *any* discussion on what sorts of operations other than memory lookups might require the same power on ASICs as on CPUs16:06
tromp_many people will be happy to mine at a loss16:06
brammPeople do mine at a a loss. There are a lot of stupid VCs out there.16:06
gmaxwelltromp_: Expirence in bitcoin suggests this is untrue.16:06
-!- AaronvanW [~ewout@255pc208.sshunet.nl] has quit [Ping timeout: 265 seconds]16:06
tromp_either with a lottery mindset, or as a buy to obtain coins anonymously16:06
zookoadam3us: yes, that's what I'm claiming is implicity a part of cuckoo's design.16:06
gmaxwellbramm: they do, but not small scale miners intentionally.16:07
zookoAnd currently the hash spec'ed in cuckoo is SipHash.16:07
tromp_gmaxwell: that's partly because the performance gap is so huge16:07
gmaxwellAs I mentioned before there was not a CPU miner to be found back when cpu mining was still objectively profitable (but not very) over power costs for everyone.16:07
gmaxwellAnd even ignoring cpu miners; people turn off and lay dormant their old bitcoin mining asics that have half the power efficiency, even though there isn't a huge gap in performance.16:08
tromp_if you can install an app on your phone to mine overnight during charging, then you dont care about the cost16:08
kanzurethat motivation seems backwards16:08
-!- Dizzle [~diesel@70.114.207.41] has quit [Quit: Leaving...]16:09
-!- maraoz [~maraoz@186.137.72.181] has quit [Ping timeout: 256 seconds]16:09
coke0if you run on your phone, your mobile phone operator is a threat16:09
kanzurewhehter or not they care about cost is independent of er.... the thing we were talking about, i think.16:09
kanzure*whether16:09
sipatromp_: you may care about the decreased lifetime of the phone (overheating risks, ...)16:10
tromp_let's just wait and see when cuckoo cycle is adopted, how the mining scene develops16:10
kanzureso your goal seems to be something about arbitrarily low performance hardware16:10
gmaxwelltromp_: I thought that too, but people seemed to care.   also wrt costs. My initial gpu mining setup was probably about $30k in hardware at peak. Right now that buys as much memory as about 4000 cell phones. I don't know why you think that someone's cell phone mining isn't going to be insignificant compared to people mining industrially.16:10
kanzure*arbitrarily-low-performance16:11
tromp_it will be insignificant, but ppl will be happy  to run it anyway16:11
tromp_if the effort is really limited16:12
tromp_and they can dream of "winning the lottery"16:12
Elielas long as they think there's a point, some people will do it.16:12
Elielif it's not too difficult16:12
tromp_botnets will also help decentralize cuckoo (runs and hides:-)16:13
kanzurei can't tell if this would satisfy your goals or not, but it sounds like you might be happy if pool shares paid out for significantly smaller amounts than they are presently configured? this would not require anything about particularly low performance hardware, either.16:13
gmaxwelltromp_: this, again, hasn't been our expirence. I expected these things too, and they haven't happened. Even with cpus. Keep in mind we didn't go from cpus to 20,000 times more efficient asics over night.16:13
gmaxwelltromp_: expirence in some of the altcoins is that the botnets have frequently been used for attacks. :(16:13
gmaxwellkanzure: people don't usually seem to be unhappy about funny money numbers moving in pool accounting systems. The issue is that they're small.  I'm sure if my grep my logs I can find some quote along the lines of "You're a moron for cpu mining, it'll cost you $10 a month in power and it'll take you three weeks just to get a single bitcoin!"  from around a time when bitcoin was $10 the first time around. :)16:15
zookoBye for now, folks...16:15
tromp_bye, zooko16:15
-!- roidster [~chatzilla@96-41-48-194.dhcp.mtpk.ca.charter.com] has joined #bitcoin-wizards16:15
kanzureoh that's interesting16:15
-!- roidster is now known as Guest1720116:15
kanzurebut this does seem like it's related to pool accounting numbers16:16
kanzurelike, any hardware can be used for mining, as long as you're okay with not being profitable or something16:16
kanzureincluding certain cell phones (well, it might require some clever forethought)16:16
tromp_gmaxwell: back when bitcoin mining moved off cpus, i think smartcoin wallets were very much a rare thing16:16
gmaxwellhehe: people arguing htat botnet operators won't mine. (looking at logs)16:17
-!- op_null [~op_null@178.62.133.216] has joined #bitcoin-wizards16:17
gmaxwelltodaystomorrow: what do you mean by smartcoin wallets?16:17
gmaxweller damn complete, sorry todaystomorrow,  that was directed at tromp_16:17
tromp_i mean you need the convenience of a one -click install of a sandboxed app to entice a large number of ppl to take up cpu mining16:18
TaekIf operating costs (deprication included) are 0, the ROI is unbounded and gets better with time. New entrants can expect a great ROI but only if they stick around for many years. The question becomes "Should I sit on this $1m pile of hardware and make $X or should I sell it for $1m and invest the $1m somewhere else", which effects the incumbants equally to the newcomers.16:18
op_nullgmaxwell: botnet mining is interesting because we can assume are rational but also do anything over morality to get the biggest profit. you can say Eligius probably won’t mine forks to get fees other pools already mined, but a botnet owner has a clear motive and opportunity. they probably won’t due to lack of skill, though, the people running them never seem to be the brightest bunch.16:18
Taekif that makes sense16:18
phantomcircuitgmaxwell, people seriously arguing that?16:19
sipatromp_: in the CPU mining days, it *was* a one click install (the bitcoin GUI program did mining internally)16:19
sipawell, the very early cpu mining days16:19
gmaxwellWe actually disabled the default mining in the refernce client because of people who were _very_ angry that their cpu had been pegged for weeks without a result.16:20
gmaxwellphantomcircuit: well tux was, so take that for what its worth.16:20
sipathe magical one?16:20
op_nullphantomcircuit: hard to argue that point. people like the Skynet botnet's owner did an AMA and posted a screenshot of their "cloud hashing" console, complete with ponies.16:20
tromp_maybe you should have made it to only run overnight:)16:20
sipaop_null: wait, Skynet?16:21
op_nullLe Tor Botnet16:21
sipai thought it was from a movie16:21
op_nullhere's their screenshot, they mined at BTCGuild by the looks of things. https://i.imgur.com/Z2eB9GY.png16:22
gmaxwellop_null: 'rantional' is pretty bounded, my expirence with the botnet folks is that like other criminals many of them are morons (non-morons can find better ways to make a living).  E.g. the most halarious ones where the ones who would show up in #bitcoin-dev and demand to be taught to setup a pool for their botnet or they'd dos attack you (And then actually send a large dos attack when you punted them). ... thats probably the only ...16:22
gmaxwell... reason I've been happy about all those altcoins with their altpows .... drew off the sleezy botnet people completely.16:22
phantomcircuitgmaxwell, that's weird since there are literally people admitting to doing it as op_null says16:22
gmaxwellphantomcircuit: sure sure, this was back in early 2011 before it was really conspicious. Was looking at old logs.16:22
op_nullwhat was the hashrate in April 2014?16:23
phantomcircuitoh16:23
op_nuller 2012.16:23
kanzurenot just non-morons able to find better ways to earn money, but something about opportunity cost of continuing to look for job opportunities16:23
-!- zooko [~user@174-16-237-135.hlrn.qwest.net] has quit [Ping timeout: 245 seconds]16:23
kanzure(this is partly how you end up with lots of bizarre-good talent in ukraine or something)16:23
sipaop_null: http://bitcoin.sipa.be/speed-ever-large.png16:23
phantomcircuitgmaxwell, there was an argument to be made that it would be too obvious16:23
sipaop_null: wait, remove the '-large'; that one is busted16:23
sipaaround 10 TH/s16:24
op_nullphantomcircuit: the Skynet guy talked about that. he rigged up the miners so that only the people with the best GPUs mined, and not very hard, and only when the computer was inactive for his timezone. he was very very chatty about it, probably not so much now that he's in jail.16:24
phantomcircuitis he in jail?16:24
op_nullyeah, got busted ages ago16:25
op_nullDecember 9 201316:25
gmaxwellwhat blockheight do you want to know the hashrate for?16:25
op_null24th APril 2012, same day as the skynet botnet screenshot16:26
gmaxwellitcoin-cli  getnetworkhashps 288 17704616:26
gmaxwell1069889102213416:26
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has left #bitcoin-wizards []16:27
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has joined #bitcoin-wizards16:27
sipaheh, i forgot about that RPC16:27
op_nullso he was 0.1% of the network with a Botnet. not as big as I was expecting, but 2012 was pretty late for that sort of activity I guess.16:28
sipain march 2011 there was a fun one16:28
sipaa botnet with probably close to half the hashrate16:29
sipaovernight the hashrate doubled16:29
gmaxwell'mystery miner'16:29
sipayup16:29
sipathe MM16:29
op_nullgmaxwell: yes, there's several comments in the Monero threads about how good it is for botnets. phantomcircuit commented the same about X11. and the whole Dogecoin network storage botnet backs that up too.16:29
gmaxwellnetwork storage botnet?16:31
op_nullyeah. somebody made a Dogecoin mining botnet that used an exploit on some brand of NAS. got found out because it slowed them all down.16:31
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards16:31
op_nullhttp://www.secureworks.com/resources/blog/hacker-hijacks-synology-nas-boxes-for-dogecoin-mining-operation-reaping-half-million-dollars-in-two-months/16:32
sipaoh16:32
sipai was hoping dogecoin had switched to proof-of-storage16:32
-!- happycamper [~textual@64.147.222.97] has joined #bitcoin-wizards16:32
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 265 seconds]16:33
op_nullif anybody was interested in the Skynet botnet AMA, it's quite interesting just how frank he is about using peoples computers to mine for him. the user is "throwaway236236" http://redd.it/sq7cy16:34
op_nullthe numbers surprised me the most, $15/1000 infections is quoted. I wouldn't ever have pegged it to be so low.16:35
-!- woah [~woah@75.101.111.82] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]16:36
kanzurethat page does not mention skynet16:36
-!- rasengan [rasengan@pdpc/corporate-sponsor/privateinternetaccess.com/rasengan] has joined #bitcoin-wizards16:38
op_nullit's the same person though. they also had a very public twitter account where they made the same sort of comments. oddly enough, the last tweet they made is a dead mans switch. https://twitter.com/skynetbnet16:38
-!- happycamper [~textual@64.147.222.97] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]16:38
-!- rasengan [rasengan@pdpc/corporate-sponsor/privateinternetaccess.com/rasengan] has left #bitcoin-wizards []16:38
op_nullthat's neat. he screwed up and used a "vest" instead of "west" in a comment, forward a year he is arrested in germany.16:44
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.]16:45
gmaxwell"if it weren't for those damn kids"16:46
kanzureso er, should i assume that "better pool share payouts" do not solve the concerns regarding "low performance hardware should still be useful"?16:50
gmaxwellkanzure: I don't think the payouts were ever the limiting factor. I think people have a non-linear utility function for money.16:50
gmaxwellAnd one which goes negative for small amounts.16:51
kanzureso for someone such as tromp_ (or anyone else bringing up similar concerns, not specifically tromp_), the concern is not only that the hardware has to be cheap, but also the payouts have to be large per chunk of commodity hardware?16:51
op_nullfor bitcoin in particular the fees aren't related to the value, so small ammounts are less than worthless in a way. you have money but you can't spend it.16:51
-!- hashtag [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards16:52
kanzure"i have money, but you've never heard of it" i call it hipstercash16:52
-!- bramm [~bram@38.99.42.130] has quit [Quit: This computer has gone to sleep]16:52
gmaxwelltromp_ believes otherwise, I did too previously but could never understand people's behavior. Perhaps what we expierenced in bitcoin previously was a fluke... and people would continue to mine even if the returns were negligible.16:52
kanzure("and also i can't spend it anyway")16:52
op_nullwell, what amount of bitcoin is work something after the fee?16:53
gmaxwellwell any amount if it adds up for long enough in your pool account.16:53
kanzurewell, i could see a good argument for "the returns have to be at least enough such that you can withdraw something from the pool", which can be solved y lowering minimum withdrawal fees or polluting the blockchain with sub-satoshi outputs.16:54
kanzure*by16:54
kanzures/minimum withdrawal fees/minimum withdrawal amounts16:54
op_nullsub satoshi sort of doesn't work :P16:54
gmaxwell1e-8 btc is a really small amount.16:55
kanzurewell presumably these pools are paying out even smaller, per share, right?16:55
op_nulloh yeah, it's been under 1 satoshi a share for ages.16:55
gmaxwellwell for diff 1 share, but not like they're accepting diff 1 shares normally anymore either.16:56
op_nullBTC Guild pays 0.00000000023361 per diff1 share.16:56
op_nullthat varies though, like gmaxwell says they're not doing PPS16:56
kanzureso why isn't that the solution instead of trying to find a memory hard solution16:56
op_nulleven with more granularity it's still not worth my time to mine with old hardware.16:57
kanzurethe claim wasn't that it would be worth your time16:57
kanzure(with minimum wage laws especially, hehe)16:58
kanzureoh wait, maybe that was the claim16:59
kanzureregarding the overnight-cellphone-charging-and-mining example?16:59
gmaxwellI made the point that even a small performance gap (tromp believes he can get it under 'orders of magnitude' and I'll buy that) means that anything but the most efficient industral miners will be operating at a loss rapidly.17:00
gmaxwelltromp argued than that people would continue to mine at a loss. I pointed out that this is observably untrue in bitcoin; it was untrue when gpu mining was new and displacing cpu mining, it's untrue now relative to different generations of asic hardware.  He believes otherwise.  I can't argue further because I the behavior in bitcoin surprised me.17:01
gmaxwellAnd I don't know why people stopped cpu mining even before it was operating at a loss to continue to do so.17:02
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards17:02
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards17:03
op_nullit's "profitable" for me to mine Monero. but I don't because the profit doesn't cover the cost of me opening the miner application.17:03
gmaxwellearly gpu miners were only about 10x faster than cpus on a 1:1 device count ratio. Though it was more like 25:1 as they got in full swing.17:03
gmaxwellop_null: heh. well w/ monero you have the other issue that the software seems to have been originally written by malicious parties; who think nothing of exploiting the forks.. :(17:04
-!- c0rw1n is now known as c0rw|sleep17:04
op_nullI've always run it in a virtual machine and I don't own any particular amount of it. it's unfortunate that the Bytecoin people came up with such a neat idea and tried to scam with it over and over.17:05
gmaxwellbut interesting point; we have other 'memory hard' functions even if they're crappy in other respects (slow to verify) ... so you can't just say that the failure of expectations for ltc-scrypt is because ltc-scrypt wasn't memory hard enough.17:05
op_nulldid you know that most people concluded that all of the forks beside monero are the Bytecoin people's as well?17:05
gmaxwellop_null: I'd heard that.17:06
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards17:06
op_nullall of them randomised a key inside the app, except for monero. nobody even knew the key existed, so it's weird that so many forks did.17:06
op_nullfor Monero pools the hash function is a pretty big hit for them too. most of the pools handle it by not verifying all of the users shares and just assuming they are correct.17:07
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 256 seconds]17:08
op_nulladmittedly it does seem to run pretty terribly on GPUs no matter what people do with it. so it seems to be the most "GPU hard", but as a result their network is almost certainly a large portion Botnet miners.17:09
-!- Guest100 [~quassel@50-0-37-37.dsl.static.fusionbroadband.com] has quit [Remote host closed the connection]17:11
-!- jb55_ [~jb55@208.98.200.98] has joined #bitcoin-wizards17:12
-!- jb55 [~jb55@208.98.200.98] has quit [Ping timeout: 256 seconds]17:16
-!- maaku [~quassel@50-0-37-37.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards17:16
-!- maaku is now known as Guest3661217:16
-!- jb55_ [~jb55@208.98.200.98] has quit [Ping timeout: 272 seconds]17:17
-!- Guest36612 is now known as maaku17:17
-!- bramm [~bram@38.99.42.130] has joined #bitcoin-wizards17:29
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 265 seconds]17:33
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has quit [Ping timeout: 250 seconds]17:34
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has joined #bitcoin-wizards17:38
-!- roidster [~chatzilla@96-41-48-194.dhcp.mtpk.ca.charter.com] has joined #bitcoin-wizards17:43
-!- roidster is now known as Guest450217:43
brammtromp_, How well can cuckoo be parallelized on a single machine? I mean, how many memory lookups can you have going at once?17:43
op_nullI think you end up memory bandwidth limited17:44
-!- Guest17201 [~chatzilla@96-41-48-194.dhcp.mtpk.ca.charter.com] has quit [Ping timeout: 240 seconds]17:44
brammYeah I wonder if custom hardware could have more memory bandwidth17:44
brammAnd whether, say, you have separate memory bandwidth for each CPU or if it's a single aggregate thing. I don't know hardware.17:45
phantomcircuitbramm, memory bandwidth is typically per cpu17:45
op_nullfor off the shelf CPUs they usually have a limit on your memory bus17:46
phantomcircuitand yes custom hardware could have substantially more memory bandwidth17:46
phantomcircuitsince you could balance cpu speed and memory bus bandwidth17:46
op_nullfor some reason GPUs are actually getting thinner memory busses now, the newer nvidia ones do some sort of compression to try and get around the lack of raw bandwidth.17:47
phantomcircuitop_null, wide memory buses are difficult to get right17:48
op_nullyeah. you're not doing that in a breadboard i'm sure.17:50
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards17:51
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Quit: Textual IRC Client: www.textualapp.com]17:51
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards17:52
-!- licnep [uid4387@gateway/web/irccloud.com/x-bxsgacpuydvpnkim] has quit [Quit: Connection closed for inactivity]17:53
trompbramm, i tried with up to 32 threads. i think there's a plot in the paper with speedups17:54
tromp32 threads on opteron was more than enough to saturate the memory subsystem, but on Xeon dual core it's not maxed yet at 4317:55
trompsorry, at 3217:55
op_nulltromp: how fast is cuckoo cycle on a 8 core xeon?17:56
op_nullI assume you meant 16 threads on an 8 core xeon.17:56
trompi measured 1min/GB for 20 threads.17:56
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards17:57
trompso to use 1GB you prolly need a pretty long block interval alrd17:57
op_nulleverything else aside, I love the term "tomato" for TMTO17:58
trompi think that was David Anderson's idea17:58
trompthere are now Xeon's with 18 cores, so dual hyperthreaded cld give 72 threads; wld love to bench those17:59
op_nullI'd probably ened to live on the street to buy one of those.17:59
trompi expect those will max the memory system17:59
trompwld be nice if siphash was a native instruction...18:00
op_nullthink you missed out on that one. some of the SHA family will be soon though.18:00
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards18:00
trompbut it seems to be more a matter of supporting dozens of pending memory accesses18:01
trompi think with native siphash the cpu wld only spend a few % of runtime doing computation, and the rest waiting for mem18:03
trompnow it's 33% computation and 67% waiting18:03
phantomcircuittromp, is memory access linear or random with cuckoo cycle?18:04
trompaccess to the live nonces bits is linear; access to the degree counters is random18:04
-!- bramm [~bram@38.99.42.130] has quit [Quit: This computer has gone to sleep]18:04
trompalso access to the latter should be atomic18:05
trompin case of running multiple threads18:05
trompif not, then you risk missing some cycle18:06
tromp(which might be ok as long as risk is small)18:06
-!- go1111111 [~go1111111@c-174-61-204-17.hsd1.wa.comcast.net] has quit [Ping timeout: 264 seconds]18:13
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Remote host closed the connection]18:28
-!- go1111111 [~go1111111@2601:8:9d00:4300:b4e8:1eab:9f9f:acb5] has joined #bitcoin-wizards18:29
-!- Dr-G2 [~Dr-G@gateway/tor-sasl/dr-g] has joined #bitcoin-wizards18:39
-!- Dr-G3 [~Dr-G@gateway/tor-sasl/dr-g] has quit [Ping timeout: 250 seconds]18:42
-!- bifforoni [~zorin@bzq-84-108-84-113.cablep.bezeqint.net] has quit [Ping timeout: 264 seconds]18:44
-!- eristisk [~eristisk@gateway/tor-sasl/eristisk] has joined #bitcoin-wizards18:52
-!- zooko [~user@c-75-70-204-46.hsd1.co.comcast.net] has joined #bitcoin-wizards19:00
rustygmaxwell: I wish I had discovered https://en.bitcoin.it/wiki/User:Gmaxwell/features#Proofs earlier.  It basically describes pettycoin, with a few differences.19:02
rustygmaxwell: I use a lottery system for Proof of false inflation .  Pick random tx, take fee, multiply by number of txs, that's the reward.19:02
rustygmaxwell: your solution is more elegant.19:03
-!- coke0_ [~coke0@pool-108-21-231-34.nycmny.fios.verizon.net] has joined #bitcoin-wizards19:12
-!- coke0 [~coke0@2607:fb90:1f06:f791:2afb:bafc:1ad4:2578] has quit [Ping timeout: 258 seconds]19:16
-!- zooko [~user@c-75-70-204-46.hsd1.co.comcast.net] has quit [Ping timeout: 250 seconds]19:22
-!- todaystomorrow [~me@d122-111-39-14.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 245 seconds]19:29
-!- samson2 [~samson_@183.89.21.125] has joined #bitcoin-wizards19:35
-!- Guest4502 [~chatzilla@96-41-48-194.dhcp.mtpk.ca.charter.com] has quit [Quit: ChatZilla 0.9.90.1 [SeaMonkey 2.22.1/20131113180422]]19:35
-!- wallet42 [~wallet42@unaffiliated/wallet42] has joined #bitcoin-wizards19:35
-!- samson_ [~samson_@183.89.172.189] has quit [Ping timeout: 245 seconds]19:36
-!- go1111111 [~go1111111@2601:8:9d00:4300:b4e8:1eab:9f9f:acb5] has quit [Ping timeout: 258 seconds]19:39
-!- samson2 [~samson_@183.89.21.125] has quit [Ping timeout: 265 seconds]19:40
-!- go1111111 [~go1111111@2601:8:9d00:4300:b4e8:1eab:9f9f:acb5] has joined #bitcoin-wizards19:40
-!- samson_ [~samson_@180.183.83.162] has joined #bitcoin-wizards19:41
Taekgmaxwell, wrt using libsecp256k1, I thought of a solution which might allow you to use multiple paths without sacrificing a factor of N slowdown.19:43
Taekyou verify each signature with randomly selected blocks of code, but only once19:44
Taekif your conclusion matches the conclusion followed by the heaviest fork, you don't verify again and just accept it19:45
Taekif you get a confliction solution (meaning something didn't verify but the heaviest fork suggests that it was verified), you check using multiple paths or perhaps a completely different library19:46
Taekyour slowdown is only when you don't verify something that should be verified19:46
Taekthe risk is that you verify something that shouldn't be verified19:46
Taekbut since everyone is using random code paths, only some people (with enough potential paths, very very few people) will accept the transaction19:47
Taekand so some people will fork unintentionally because they confirm something that shouldn't be confirmed, the majority of mining power will not accept the invalid signature, and the heaviest fork will remain pure19:47
TaekI would argue that having multiple implementations to switch between randomly when verification is a lot stronger for the network than just having one.19:48
Taekbecause when most everyone uses the same library, a single mistake can cause a big fork. But if everyone is using dozens of implementations, to get a fork you have to find a signature that causes errors in the majority of the implementations19:49
Taeks/when verification/when verifying19:50
-!- coiner [~linker@118.69.162.103] has quit [Ping timeout: 264 seconds]19:50
-!- ebfull [~ebfull@c-76-120-40-34.hsd1.co.comcast.net] has quit [Remote host closed the connection]20:08
-!- ebfull [~ebfull@c-76-120-40-34.hsd1.co.comcast.net] has joined #bitcoin-wizards20:10
-!- jb55 [~jb55@S0106f46d049a0b83.vc.shawcable.net] has joined #bitcoin-wizards20:19
-!- coiner [~linker@113.161.87.238] has joined #bitcoin-wizards20:20
-!- ryanxcharles [~ryanxchar@162.245.22.162] has quit [Ping timeout: 240 seconds]20:26
-!- adam3us [~Adium@host-92-19-90-29.as13285.net] has quit [Ping timeout: 264 seconds]20:37
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 272 seconds]20:41
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards20:42
-!- nubbins` [~leel@stjhnf0157w-047055221135.dhcp-dynamic.FibreOp.nl.bellaliant.net] has joined #bitcoin-wizards20:44
-!- nubbins` [~leel@stjhnf0157w-047055221135.dhcp-dynamic.FibreOp.nl.bellaliant.net] has quit [Changing host]20:44
-!- nubbins` [~leel@unaffiliated/nubbins] has joined #bitcoin-wizards20:44
-!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has quit [Ping timeout: 250 seconds]20:45
-!- hashtag [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 255 seconds]20:46
-!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has joined #bitcoin-wizards20:48
-!- go1111111 [~go1111111@2601:8:9d00:4300:b4e8:1eab:9f9f:acb5] has quit [Ping timeout: 258 seconds]20:53
kanzureis there a better lamport paper than http://diyhpl.us/~bryan/papers2/bitcoin/Time,%20clocks,%20and%20the%20ordering%20of%20events%20in%20a%20distributed%20system%20-%20Lamport.pdf to be using20:56
-!- nubbins` [~leel@unaffiliated/nubbins] has quit [Quit: Quit]21:00
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards21:03
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Quit: Textual IRC Client: www.textualapp.com]21:08
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards21:09
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Client Quit]21:11
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards21:12
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Client Quit]21:13
-!- woah [~woah@199-241-202-232.PUBLIC.monkeybrains.net] has joined #bitcoin-wizards21:31
-!- woah [~woah@199-241-202-232.PUBLIC.monkeybrains.net] has quit [Ping timeout: 240 seconds]21:43
-!- RoboTeddy [~roboteddy@173.247.202.131] has quit [Ping timeout: 272 seconds]21:51
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has quit [Remote host closed the connection]21:51
-!- Aquent [~Aquent@gateway/tor-sasl/aquent] has joined #bitcoin-wizards21:51
-!- tdlfbx [~bsm117532@64.253.217.244] has quit [Ping timeout: 255 seconds]22:07
-!- tdlfbx [~bsm117532@64.253.217.244] has joined #bitcoin-wizards22:07
-!- gues_ [~gues@cpe-66-68-54-206.austin.res.rr.com] has joined #bitcoin-wizards22:07
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards22:11
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Read error: Connection reset by peer]22:12
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards22:12
-!- JohanTitor [~superobse@unaffiliated/superobserver] has quit [Ping timeout: 272 seconds]22:20
-!- lclc_bnc is now known as lclc22:28
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has joined #bitcoin-wizards22:44
-!- llllllllll [~lllllllll@53-109.bbned.dsl.internl.net] has joined #bitcoin-wizards22:45
-!- bramm [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards22:45
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards22:46
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:44ab:e55:4997:b865] has joined #bitcoin-wizards22:48
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Quit: Leaving.]22:49
-!- bramm [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: Leaving]23:07
-!- Guest27678 [~WW@unaffiliated/loteriety] has quit [Ping timeout: 240 seconds]23:24
-!- JonTitor [~superobse@unaffiliated/superobserver] has joined #bitcoin-wizards23:28
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit []23:35
-!- iambernie [~bernie@82-169-230-87.ip.telfort.nl] has quit [Remote host closed the connection]23:44
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]23:46
-!- orik [~orik@50-46-132-219.evrt.wa.frontiernet.net] has joined #bitcoin-wizards23:47
--- Log closed Wed Nov 26 00:00:02 2014

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!