2015-01-08.log

--- Log opened Thu Jan 08 00:00:17 2015
-!- e1782d11df4c9914 [e1782d11df@gateway/vpn/mullvad/x-thupnfbyklmkmafd] has joined #bitcoin-wizards00:01
-!- coiner [~linker@14.169.160.197] has quit [Ping timeout: 240 seconds]00:05
-!- lclc is now known as lclc_bnc00:08
-!- coiner [~linker@115.79.55.177] has joined #bitcoin-wizards00:08
-!- MoALTz_ [~no@user-109-243-165-112.play-internet.pl] has quit [Quit: Leaving]00:11
-!- hashtag_ [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards00:20
-!- e1782d11df4c9914 [e1782d11df@gateway/vpn/mullvad/x-thupnfbyklmkmafd] has quit [Ping timeout: 240 seconds]00:22
-!- hashtag [~hashtagg_@69.23.213.3] has quit [Ping timeout: 255 seconds]00:23
-!- e1782d11df4c9914 [~e1782d11d@cpe-66-68-54-206.austin.res.rr.com] has joined #bitcoin-wizards00:25
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards00:26
-!- phoenix1995 [~phoenix19@116.90.238.2] has quit [Ping timeout: 252 seconds]00:31
-!- adlai [~Adlai@gateway/tor-sasl/adlai] has quit [Ping timeout: 250 seconds]00:33
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.]00:36
-!- lclc_bnc is now known as lclc00:40
-!- tacotime [~mashkeys@198.52.200.63] has quit [Ping timeout: 244 seconds]00:42
-!- adam3us [~Adium@c31-67.i07-8.onvol.net] has quit [Quit: Leaving.]00:45
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:2cb2:da29:14a2:2f75] has quit [Ping timeout: 244 seconds]00:48
-!- tacotime [~mashkeys@198.52.200.63] has joined #bitcoin-wizards00:50
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]00:51
-!- Guest74209 [~Pan0ram1x@095-096-084-122.static.chello.nl] has quit [Ping timeout: 265 seconds]00:53
-!- CoinMuncher [~jannes@178.132.211.90] has joined #bitcoin-wizards00:58
-!- Pan0ram1x [~Pan0ram1x@095-096-084-122.static.chello.nl] has joined #bitcoin-wizards00:59
-!- Pan0ram1x is now known as Guest7917600:59
-!- bendavenport [~bpd@64.124.157.148] has quit [Ping timeout: 252 seconds]01:04
-!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection]01:05
-!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards01:05
* andy-logbot is logging01:05
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]01:05
-!- lclc is now known as lclc_bnc01:23
-!- shesek [~shesek@77.126.229.16] has quit [Ping timeout: 256 seconds]01:34
-!- ahmed_sleep is now known as ahmed_01:37
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards01:41
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards01:42
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards01:47
-!- shesek [~shesek@77.126.229.16] has joined #bitcoin-wizards01:48
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has joined #bitcoin-wizards01:49
-!- Graftec [~Graftec@gateway/tor-sasl/graftec] has joined #bitcoin-wizards01:50
-!- adam3us [~Adium@c31-67.i07-8.onvol.net] has joined #bitcoin-wizards01:50
-!- ucerron [49cc4c7f@gateway/web/freenode/ip.73.204.76.127] has quit [Ping timeout: 246 seconds]01:50
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 240 seconds]01:51
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards01:53
-!- shesek [~shesek@77.126.229.16] has quit [Ping timeout: 244 seconds]01:58
-!- lclc_bnc is now known as lclc02:00
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]02:00
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards02:01
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards02:02
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]02:05
-!- Emcy_ [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards02:07
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 252 seconds]02:07
-!- todays_tomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards02:08
-!- todaystomorrow [~me@d114-78-96-116.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 264 seconds]02:11
-!- adlai [~Adlai@gateway/tor-sasl/adlai] has joined #bitcoin-wizards02:12
-!- shesek [~shesek@77.126.229.16] has joined #bitcoin-wizards02:14
-!- damethos [~damethos@unaffiliated/damethos] has quit [Ping timeout: 265 seconds]02:18
fluffyponyhas the validity of this ever been discussed: http://zerocharactersleft.blogspot.co.at/2014/10/zero-confirmation-bitcoin-transactions.html02:18
@sipai don't see what it is trying to achieve02:24
fluffyponyno idea, someone just mentioned it to me02:25
fluffyponydoesn't seem very zero-conf02:26
@sipait sounds like it is creating a refund transaction with an unconfirmed input... and then claims it is a solution to double spending? wtf02:26
@sipaoh i see, it just tries to explain the principle of building transactions that use unconfirmed inputs02:28
@sipanothing new - but it only works for services that don't do more than send money back/further as a result of succesfull transactions02:29
@sipasatoshidice has used that technique for years, and the only result was their customers being hurt by double spending instead of them02:30
-!- vmatekole [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has joined #bitcoin-wizards02:31
-!- mbelshe_ [~mike@64.124.157.148] has joined #bitcoin-wizards02:44
-!- BlueMatt [~BlueMatt@unaffiliated/bluematt] has quit [Ping timeout: 245 seconds]02:45
-!- BlueMatt [~BlueMatt@unaffiliated/bluematt] has joined #bitcoin-wizards02:46
-!- mbelshe [~mike@64.124.157.148] has quit [Ping timeout: 245 seconds]02:46
-!- mbelshe_ is now known as mbelshe02:46
midnightmagicfor a while it was them03:08
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]03:18
-!- lclc is now known as lclc_bnc03:25
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards03:31
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards03:31
-!- eudoxia [~eudoxia@r179-25-154-217.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards03:43
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]03:43
-!- vmatekol_ [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has joined #bitcoin-wizards03:45
-!- vmatekole [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has quit [Ping timeout: 264 seconds]03:49
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards03:50
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has quit [Remote host closed the connection]03:54
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has joined #bitcoin-wizards03:54
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]04:01
-!- vmatekol_ [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has quit [Read error: Connection reset by peer]04:05
-!- c0rw1n [~c0rw1n@63.120-67-87.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards04:05
-!- vmatekole [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has joined #bitcoin-wizards04:07
-!- hearn [~mike@46.140.2.244] has joined #bitcoin-wizards04:21
-!- Quanttek [~quassel@2a02:8108:d00:870:b3c:833:b74d:88f] has joined #bitcoin-wizards04:34
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards04:48
-!- coiner [~linker@115.79.55.177] has quit [Ping timeout: 255 seconds]04:48
-!- koshii [~0@c-68-58-151-30.hsd1.in.comcast.net] has quit [Quit: leaving]04:51
-!- Dr-G [~Dr-G@gateway/tor-sasl/dr-g] has joined #bitcoin-wizards05:06
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards05:07
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Ping timeout: 250 seconds]05:11
-!- hearn [~mike@46.140.2.244] has quit [Ping timeout: 264 seconds]05:15
-!- maraoz [~maraoz@43-161-16-190.fibertel.com.ar] has joined #bitcoin-wizards05:24
-!- lclc_bnc is now known as lclc05:32
-!- Fistful_of_Coins is now known as o3u05:34
-!- o3u is now known as Guest6980605:35
-!- Guest69806 is now known as Fistful_of_coins05:35
-!- fanquake [~anonymous@unaffiliated/fanquake] has quit [Quit: fanquake]05:37
-!- shesek [~shesek@77.126.229.16] has quit [Ping timeout: 255 seconds]05:39
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards05:45
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards05:45
-!- fanquake [~anonymous@unaffiliated/fanquake] has left #bitcoin-wizards []05:46
-!- hearn [~mike@185.25.95.132] has quit [Read error: Connection reset by peer]05:51
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards05:51
-!- hashtag [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has joined #bitcoin-wizards05:57
-!- hearn [~mike@185.25.95.132] has quit [Read error: Connection reset by peer]05:59
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards06:00
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:f841:2e72:cd85:721b] has joined #bitcoin-wizards06:03
-!- nullbyte [~WW@cpe-66-68-54-206.austin.res.rr.com] has joined #bitcoin-wizards06:14
-!- nullbyte [~WW@cpe-66-68-54-206.austin.res.rr.com] has quit [Changing host]06:14
-!- nullbyte [~WW@unaffiliated/loteriety] has joined #bitcoin-wizards06:14
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards06:17
-!- lclc is now known as lclc_bnc06:24
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]06:26
-!- eslbaer [~eslbaer@p548A587F.dip0.t-ipconnect.de] has joined #bitcoin-wizards06:31
-!- hashtagg_ [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has joined #bitcoin-wizards06:33
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Quit: No Ping reply in 180 seconds.]06:35
-!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards06:35
-!- hashtag [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has quit [Ping timeout: 252 seconds]06:37
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards06:38
-!- skyraider [uid41097@gateway/web/irccloud.com/x-csrpcngartbvqixo] has joined #bitcoin-wizards06:40
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 244 seconds]06:41
-!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has quit [Ping timeout: 264 seconds]06:42
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards06:46
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards06:48
-!- narwh4l [~michael@unaffiliated/thesnark] has joined #bitcoin-wizards06:50
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 244 seconds]06:51
-!- shesek [~shesek@dsl212-235-31-144.bb.netvision.net.il] has joined #bitcoin-wizards06:51
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards06:56
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards06:56
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 240 seconds]06:59
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Ping timeout: 250 seconds]07:00
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:f841:2e72:cd85:721b] has quit [Read error: Connection reset by peer]07:01
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 265 seconds]07:03
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards07:04
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards07:09
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards07:10
-!- vdo [~vdo@177.Red-88-0-21.dynamicIP.rima-tde.net] has joined #bitcoin-wizards07:10
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 264 seconds]07:11
-!- e1782d11df4c9914 [~e1782d11d@cpe-66-68-54-206.austin.res.rr.com] has quit [Ping timeout: 264 seconds]07:14
-!- adlai [~Adlai@gateway/tor-sasl/adlai] has quit [Ping timeout: 250 seconds]07:14
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards07:15
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 264 seconds]07:16
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:f18e:ee68:34d7:3d86] has joined #bitcoin-wizards07:20
-!- hearn [~mike@185.25.95.132] has quit [Ping timeout: 244 seconds]07:20
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has joined #bitcoin-wizards07:25
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards07:26
-!- thrasher` [~thrasher@27-33-27-140.static.tpgi.com.au] has quit [Ping timeout: 245 seconds]07:26
-!- mortale [~mortale@gateway/tor-sasl/mortale] has joined #bitcoin-wizards07:27
-!- adlai [~Adlai@gateway/tor-sasl/adlai] has joined #bitcoin-wizards07:27
-!- vmatekole [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has quit [Remote host closed the connection]07:28
-!- vmatekole [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has joined #bitcoin-wizards07:31
-!- jps [~Jud@96-37-132-146.static.leds.al.charter.com] has joined #bitcoin-wizards07:40
-!- jps [~Jud@96-37-132-146.static.leds.al.charter.com] has quit [Client Quit]07:40
-!- nessence [~alexl@178.19.221.38] has joined #bitcoin-wizards07:40
-!- roconnor [~roconnor@e120-pool-d89a63c0.brdbnd.voicenetwork.ca] has joined #bitcoin-wizards07:41
roconnorsipa: Can I argue that broken crypto design and how to avoid it is ontopic here?07:48
@sipasure07:49
@sipanot serializing something for min/max looks broken, as it can collide with cases where min/max are specified?07:50
-!- hearn [~mike@46-253-188-152.dynamic.monzoon.net] has joined #bitcoin-wizards07:50
roconnorto recap: https://github.com/openssh/openssh-portable/blob/master/kexgex.c#L72 is the function that hashes a bunch of data for the server to sign for authentation during one of the key exchange methods, specificall the one described in rfc 4419.07:50
roconnorIn text it is07:51
roconnor H = hash(V_C || V_S || I_C || I_S || K_S || min || n || max ||07:51
roconnor       p || g || e || f || K)07:51
roconnorBut there are actually two different methods described in rfc 441907:51
roconnorSSH_MSG_KEX_DH_GEX_REQUEST_OLD and SSH_MSG_KEX_DH_GEX_REQUEST07:51
roconnorusing a different header distingishes them.07:51
roconnorand the difference is that the old method07:52
roconnorInstead of sending "min || n || max", the client only sends "n".  In07:52
roconnor   addition, the hash is calculated using only "n" instead of "min || n07:52
roconnor   || max".07:52
roconnorso that means a hash  H = hash(V_C || V_S || I_C || I_S || K_S || n ||  p || g || e || f || K) is used with the old method07:52
roconnorbut, as you've pick up on, the header used to select between the old method and the new method isn't part of the data being hashed.07:53
@sipaha07:53
roconnorSo we can try to play a game where a MITM substituse the old protocol for the new protocol by changing the header07:53
-!- mortale [~mortale@gateway/tor-sasl/mortale] has quit [Remote host closed the connection]07:54
roconnorand tries to create a situation where he gets a signature for the old protocol from the server and gets the client to validate the same serialized data, but under a different interpretation07:54
-!- catlasshrugged [~satoshi-u@65.209.60.146] has joined #bitcoin-wizards07:55
roconnorone where p, g, which are supposed to be a prime number for a field size and g is a generator of a large multipicative subgroup, are different values07:55
roconnorperhaps values where discrete logs are easy to compute because the multiplicative subgroup is small.07:56
roconnoranyhow, I tried for half an hour with a friend yesterday, but the conclusion was that there isnt' enough leway in the protocol to make this work.07:56
-!- mortale [~mortale@gateway/tor-sasl/mortale] has joined #bitcoin-wizards07:56
-!- _Iriez [wario@distribution.xbins.org] has quit [Ping timeout: 244 seconds]07:57
roconnorAnyhow, even if it is fine; this doesn't really inspire confidence that it takes 30 minutes of understanding incidental details of serialization formats to believe the protocol is secure.07:58
roconnorIf the serialization was different, if f and e were swapped, perhaps something might be possible.  Probably not, but it would be easier.07:59
@gmaxwellTLS/SSL has had several bugs of this type too. There is some propostal (IIRC for TLS 1.3) to make the session keys basicaly hash a transcript of ALL the prior headers, because figuring out which ones were needed is apparently beyond human ability.07:59
-!- hearn [~mike@46-253-188-152.dynamic.monzoon.net] has quit [Read error: Connection reset by peer]08:00
roconnorgmaxwell: hah, really?08:00
roconnorThis was literly the first thing I looked at in OpenSSL and it was already suspicous.08:00
-!- treehug88 [~treehug88@34-253.as32345.tumblrhq.com] has joined #bitcoin-wizards08:00
roconnorNot to blame OpenSSL, it is rfc 4419 that is broken.08:01
roconnorer OpenSSH.08:01
@gmaxwellThere was some ranty complaint I'd responded to recently that included an argument that Bitcoin was "bad" because it didn't have adequate ciphersuite agility. (which isn't really true but whatever).  In my response I pointed out that it looked like agility is actually responsible for more security weaknesses than supporting bad ciphersuites.08:01
-!- hearn [~mike@46-253-188-152.dynamic.monzoon.net] has joined #bitcoin-wizards08:02
roconnorMy rule of thumb is, if you have an if statement in your data format parser and it is choosing a branch based on data that isn't in the data blob, you are going to have a bad time.08:03
-!- catlasshrugged [~satoshi-u@65.209.60.146] has quit [Remote host closed the connection]08:04
roconnorA bit of a problem is that some of these data formats don't have parsers, but if a parser would have such an if statement, you are still going to have a bad time, even if the parser doesn't exist.08:04
@sipaadvantage to encryption algorithms (vs hashing): your decoding will fail in this case :)08:04
-!- catlasshrugged [~satoshi-u@63.142.161.6] has joined #bitcoin-wizards08:05
@gmaxwellroconnor: in general these hashed things should also be application distinguished. Otherwise you get some genius user that reuses a key from one application in another; and you find out there there is a potential emulation where you can get the other application to act as a messages of doom signing oracle.08:06
roconnorAbsolutely, though openssh appears to do a resonable job regarding that.08:07
-!- hashtag [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards08:08
@gmaxwellso if that hash were keyed with "RFC4419.3.1" it likely would have been okay, even missing an important field.08:08
-!- Quanttek [~quassel@2a02:8108:d00:870:b3c:833:b74d:88f] has quit [Ping timeout: 244 seconds]08:10
-!- hashtag_ [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 244 seconds]08:11
-!- hearn [~mike@46-253-188-152.dynamic.monzoon.net] has quit [Read error: Connection reset by peer]08:12
-!- catlasshrugged [~satoshi-u@63.142.161.6] has quit [Quit: Leaving]08:12
-!- catlasshrugged [~satoshi-u@63.142.161.6] has joined #bitcoin-wizards08:12
-!- hearn [~mike@46-253-188-152.dynamic.monzoon.net] has joined #bitcoin-wizards08:12
@gmaxwellhttps://bitcointalk.org/index.php?topic=918018.0 "Bi-directional micropayment channels with CHECKLOCKTIMEVERIFY"08:12
roconnorgotta go. ciao.08:12
-!- roconnor [~roconnor@e120-pool-d89a63c0.brdbnd.voicenetwork.ca] has quit [Quit: Konversation terminated!]08:13
-!- hearn_ [~mike@46.140.2.242] has joined #bitcoin-wizards08:15
-!- hearn_ is now known as Guest5662008:16
-!- coiner [~linker@14.169.160.197] has joined #bitcoin-wizards08:16
-!- nessence [~alexl@178.19.221.38] has quit [Remote host closed the connection]08:16
-!- hearn [~mike@46-253-188-152.dynamic.monzoon.net] has quit [Ping timeout: 264 seconds]08:19
-!- NewLiberty is now known as NewLiberty-afk08:25
-!- catlasshrugged is now known as Guest7094308:25
-!- Guest70943 [~satoshi-u@63.142.161.6] has quit [Ping timeout: 240 seconds]08:25
-!- nessence [~alexl@178.19.221.38] has joined #bitcoin-wizards08:28
-!- eudoxia [~eudoxia@r179-25-154-217.dialup.adsl.anteldata.net.uy] has quit [Quit: Leaving]08:36
-!- maraoz [~maraoz@43-161-16-190.fibertel.com.ar] has quit [Ping timeout: 244 seconds]08:39
-!- bendavenport [~bpd@64.124.157.148] has joined #bitcoin-wizards08:40
-!- NewLiberty-afk is now known as NewLiberty08:42
-!- lclc_bnc is now known as lclc08:43
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards08:48
-!- Guest56620 [~mike@46.140.2.242] has quit [Ping timeout: 264 seconds]08:49
-!- hearn [~mike@185.25.95.132] has quit [Read error: Connection reset by peer]08:50
-!- nullbyte [~WW@unaffiliated/loteriety] has quit [Ping timeout: 265 seconds]08:51
-!- maraoz [~maraoz@43-161-16-190.fibertel.com.ar] has joined #bitcoin-wizards08:51
-!- nullbyte [WW@gateway/vpn/mullvad/x-psgbyouloewsbega] has joined #bitcoin-wizards08:52
-!- nullbyte [WW@gateway/vpn/mullvad/x-psgbyouloewsbega] has quit [Changing host]08:52
-!- nullbyte [WW@unaffiliated/loteriety] has joined #bitcoin-wizards08:52
-!- nullbyte [WW@unaffiliated/loteriety] has quit [Changing host]08:52
-!- nullbyte [WW@gateway/vpn/mullvad/x-psgbyouloewsbega] has joined #bitcoin-wizards08:52
-!- skyraider [uid41097@gateway/web/irccloud.com/x-csrpcngartbvqixo] has quit [Quit: Connection closed for inactivity]08:55
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards08:57
-!- hearn [~mike@185.25.95.132] has quit [Read error: Connection reset by peer]08:58
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards08:58
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]09:10
-!- todays_tomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 244 seconds]09:13
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:d049:6ac3:c0cc:c48e] has quit [Ping timeout: 244 seconds]09:21
-!- catlasshrugged [~satoshi-u@65.209.60.146] has joined #bitcoin-wizards09:21
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards09:25
-!- cluckj [~cluckj@cpe-24-92-48-18.nycap.res.rr.com] has joined #bitcoin-wizards09:27
-!- mode/#bitcoin-wizards [+o andytoshi] by ChanServ09:27
-!- coiner [~linker@14.169.160.197] has quit [Read error: Connection reset by peer]09:30
-!- coiner [~linker@14.169.160.197] has joined #bitcoin-wizards09:30
-!- mode/#bitcoin-wizards [-b ajweiss!*@*$##fix_your_connection] by andytoshi09:31
-!- ajweiss [~adam@static-100-38-11-146.nycmny.fios.verizon.net] has joined #bitcoin-wizards09:31
-!- nuke1989 [~nuke@46-161-92.adsl.cyta.gr] has quit [Ping timeout: 244 seconds]09:33
-!- skyraider [uid41097@gateway/web/irccloud.com/x-pswomzeadtkmdtmx] has joined #bitcoin-wizards09:33
-!- damethos [~damethos@unaffiliated/damethos] has quit [Ping timeout: 264 seconds]09:33
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards09:34
-!- lclc is now known as lclc_bnc09:35
-!- nuke1989 [~nuke@46-161-92.adsl.cyta.gr] has joined #bitcoin-wizards09:35
-!- Iriez [wario@distribution.xbins.org] has joined #bitcoin-wizards09:36
-!- nessence [~alexl@178.19.221.38] has quit [Remote host closed the connection]09:37
-!- vdo [~vdo@177.Red-88-0-21.dynamicIP.rima-tde.net] has quit [Quit: Lost terminal]09:40
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]09:40
-!- nuke1989 [~nuke@46-161-92.adsl.cyta.gr] has quit [Ping timeout: 244 seconds]09:40
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards09:41
-!- hearn [~mike@185.25.95.132] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]09:41
-!- nuke1989 [~nuke@46-161-92.adsl.cyta.gr] has joined #bitcoin-wizards09:42
-!- tacotime [~mashkeys@198.52.200.63] has quit [Remote host closed the connection]09:44
-!- tacotime [~mashkeys@198.52.200.63] has joined #bitcoin-wizards09:45
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Ping timeout: 250 seconds]09:45
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards09:47
-!- ryanxcharles [~ryanxchar@162-245-22-162.v250d.PUBLIC.monkeybrains.net] has joined #bitcoin-wizards09:48
-!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards09:48
Emcy_anyone know where/how gavin came up with the 20mb figure for new blocksize?09:54
Emcy_arbitrary?09:54
Emcy_from that post it seems like he spent a while showing that a few yrs old hardware can handle quite bigger blocks but we already knew that, really. The issue is bandwidth.09:56
-!- CoinMuncher [~jannes@178.132.211.90] has quit [Quit: Leaving.]09:57
Emcy_the issue of bandwidth seems to have been left almost as an after thought :/. I could tell you that 20mb blocks would preclude me running a node full time on the internet service i have right now today, let alone the future09:58
@gmaxwellEmcy_: I don't think we knew it in a strong sense, but we did assume it and would have been surprised otherwise. Back in 2013 I had a conversation with Gavin and a number of others at Bitcoin 2013 and I expressed the view that I think that kind of testing is a hard prereq to even having a discussion about the wisdom of doing anything; its simply to easy to do the test as an initial check to see w09:59
@gmaxwellhere the wheels fall off. So, indeed, while it doesn't address the Important Issues; it's still a useful and interesting thing to do.09:59
Emcy_sure, the tests have to be done10:00
Emcy_its a good thing to show definitively what we expected to be the case10:00
Emcy_im just worried he is still too dismissive of the bandwidth issue10:01
Emcy_of that he bases his conclusions around an assumption of google fiber or something10:01
Emcy_lots of people have data caps as low as 200gb/m. Mine is actually less (and it depends ont he time of day, which is also getting more common)10:02
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]10:03
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards10:03
-!- treehug88 [~treehug88@34-253.as32345.tumblrhq.com] has quit [Ping timeout: 256 seconds]10:04
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Ping timeout: 250 seconds]10:07
-!- treehug88 [~treehug88@static-96-239-100-47.nycmny.fios.verizon.net] has joined #bitcoin-wizards10:09
Emcy_I AM FRETTING ABOUT IT10:12
Emcy_ok im going to sleep10:12
@gmaxwellProbably of some interest here, OpenSSL bug Bignum squaring may produce incorrect results (CVE-2014-3570)  has been de-embargoed.  This bug was discovered as part of the development of libsecp256k1. I've comment some about it on HN: https://news.ycombinator.com/item?id=885739810:13
-!- treehug88 [~treehug88@static-96-239-100-47.nycmny.fios.verizon.net] has quit [Ping timeout: 245 seconds]10:14
-!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has joined #bitcoin-wizards10:14
* nsh perks10:16
midnightmagicgmaxwell, sipa: will you guys be re-adding the comparison testing back into libsecp256k1 now?10:18
-!- treehug88 [~treehug88@66.6.34.252] has joined #bitcoin-wizards10:21
@gmaxwellprobably not, actually. We're still doing high level (full system) comparison testing, just not unit (basic operation) level. We don't really have so much 1:1 matching of the basic operations anymore in any case. E.g. we don't need a generic bignum implementation anymore.10:21
-!- MoALTz [~no@user-109-243-165-112.play-internet.pl] has joined #bitcoin-wizards10:30
-!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards10:32
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards10:33
midnightmagicgmaxwell: is the testing that was pulled out available anywhere or could it be of use to a third-party ec library?10:33
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]10:33
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards10:34
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]10:34
@gmaxwellit's in the git history. but it requires access to 'internals' do it's not easy to just use with things.10:36
midnightmagicah, that's nice then. thank you, history is perfect.10:37
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards10:38
nshgmaxwell, what was the mistake in BN_sqr.c?10:41
nshhaving trouble finding the fix in openssl's commits10:41
nsh(also trying to find out if libressl is affected)10:41
@sipansh: in crypto/bn/asm/x86_64-asm.c iirc10:42
nshoh, ah10:42
@sipain a macro with asm.code10:42
@gmaxwellnsh: almost certantly.10:42
@gmaxwellsipa: IIRC the C code was wrong too. no?10:42
-!- treehug88 [~treehug88@66.6.34.252] has quit [Ping timeout: 244 seconds]10:42
@gmaxwell(been a while, we threw this over to openssl months ago)10:42
@sipayes10:43
@gmaxwell10:42 < sipa> the C code was #if 0'd out, but yes10:43
@sipait was #if 0'd out10:43
@gmaxwellRight, relevant for libressl perhaps.10:43
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 240 seconds]10:46
-!- treehug88 [~treehug88@static-96-239-100-47.nycmny.fios.verizon.net] has joined #bitcoin-wizards10:47
-!- treehug88 [~treehug88@static-96-239-100-47.nycmny.fios.verizon.net] has quit [Max SendQ exceeded]10:48
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]10:48
-!- treehug88 [~treehug88@34-254.as32345.tumblrhq.com] has joined #bitcoin-wizards10:49
@gmaxwellI'm really pretty proud of our testing in libsecp256k1; when redirected to OpenSSL in a blackbox-ish manner, it found a bug that had probablity p=2^-128 for 'random' inputs. This was part of what I was referring to in the 0.10 release nodes when I wrote "we have reason to believe that libsecp256k1 is better tested and more thoroughly reviewed than the implementation in OpenSSL".10:49
nshhmm10:50
-!- treehug88 [~treehug88@34-254.as32345.tumblrhq.com] has quit [Read error: Connection reset by peer]10:50
-!- faraka [49cc4c7f@gateway/web/freenode/ip.73.204.76.127] has joined #bitcoin-wizards10:51
midnightmagicwell it is pretty neat. congratulations on finding a fundamental problem.10:55
nshsquaring a bit number looks very difficult10:56
nshi wonder how much of that is an artifact of the x86 legacy and how much is just mathematics10:56
nshyou'd think it'd be easy to formally prove the correctness of a limbed squaring function10:57
zookogmaxwell: nice work!10:57
-!- treehug88 [~treehug88@34-254.as32345.tumblrhq.com] has joined #bitcoin-wizards10:58
nshbut otoh i inhabit a wondrous fairy-tale land of theory and whimsy unsullied by having to make things, or worse, make them work10:59
farakawould it make sense to implement a zkp to audit exchange transactions? to the same end of peter todds auditing method for exchanges?10:59
nshaudit in what sense?10:59
farakalet's say i have a merkle chain of n items, is it possible to create a zero knowledge proof of the existence of a correct chain between hash 1 to n?11:00
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Remote host closed the connection]11:02
nshhmmm11:03
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards11:03
nshstrangely this came up at congress11:03
farakalink?11:06
nshin discuss, which unfortunately i don't remember much detail of, sorry11:07
nshbut afaik, you can make produce a ZKP of a route-to-node in an authenticated data structure under some or other model11:08
nshandytoshi or gmaxwell or petertodd would know infinitely more than me on the matter11:08
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards11:08
nshin the context of exchange settlements you just want to prove consistency, which is an easier problem in general11:09
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards11:11
-!- catlasshrugged [~satoshi-u@65.209.60.146] has quit [Remote host closed the connection]11:13
-!- catlasshrugged [~satoshi-u@63.142.161.8] has joined #bitcoin-wizards11:14
ajweissdid you guys happen upon a value that squared wrongly or was that found by auditing openssl?11:20
-!- shesek [~shesek@dsl212-235-31-144.bb.netvision.net.il] has quit [Ping timeout: 240 seconds]11:20
midnightmagicajweiss: https://news.ycombinator.com/item?id=885768311:20
@gmaxwellajweiss: it was a result of "greybox" testing, I suppose you could say.11:22
@gmaxwellOf course we've also audited OpenSSL, but there is only so deep someone who has a goal of something other than openssl is going to go into their optimized math code. :)11:22
catlasshrugged@kristovatlas: Updated SharedCoin advisory: Blockchain has claimed to fixed the privacy issue (not yet confirmed). http://t.co/XN0XGCxuFv11:23
-!- belcher [~belcher-s@5ec3973e.skybroadband.com] has joined #bitcoin-wizards11:24
-!- belcher [~belcher-s@5ec3973e.skybroadband.com] has quit [Changing host]11:24
-!- belcher [~belcher-s@unaffiliated/belcher] has joined #bitcoin-wizards11:24
-!- webdeli [~projects@42.39.233.220.static.exetel.com.au] has joined #bitcoin-wizards11:25
ajweisslow transition probability?11:26
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds]11:28
@gmaxwellajweiss: numbers like 111100000000000000000111111111111111111111000011110000000000111111111:28
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards11:29
-!- nessence [~alexl@178.19.221.38] has joined #bitcoin-wizards11:34
nshi wonder if it's possible/worthwhile to bitsquat bitcoin addresses11:42
nshthe checksum seems to be concerned with glyph-substitutions rather than bitflips11:43
@gmaxwellnsh: I believe I previously created an issue for bitcoin core to post-verify signed transactions against the reencoded input precisely due to that concern.11:44
nshhmm11:45
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving]11:48
@gmaxwelle.g. take your signed txn, and reencode the addresses out of it. Verify the addresses and values against the inputs as far back up the stack as you can.11:52
-!- Dizzle [~diesel@70.114.207.41] has joined #bitcoin-wizards11:53
* nsh nods11:54
ajweissinteresting... it's a technique used for efficient testing of digital circuits...11:55
tacotimedeanonymizing sharedcoin tx is kind of like shooting fish in a barrel12:03
catlasshruggedtacotime: how recently did you look at it?12:04
tacotimemonths ago, so maybe it's improved since then12:05
catlasshruggedit has *changed* since then, I can't speak to whether it's improved12:05
tacotimethe problem with all centralized mixing services is that they could care less as to whether proper mixing is occurring so long as it simply appears to be occurring to the end user12:05
tacotimeas long as people are using it, they get their 1-3% fee or whatever12:06
catlasshruggedtru dat12:06
-!- Quanttek [~quassel@2a02:8108:d00:870:e23f:49ff:fe47:9364] has joined #bitcoin-wizards12:07
-!- webdeli [~projects@42.39.233.220.static.exetel.com.au] has quit [Quit: Leaving...]12:10
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Read error: Connection reset by peer]12:12
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards12:13
-!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has quit [Quit: Profreid]12:16
-!- austeritysucks [~AS@unaffiliated/austeritysucks] has quit [Ping timeout: 255 seconds]12:19
-!- faraka [49cc4c7f@gateway/web/freenode/ip.73.204.76.127] has quit [Ping timeout: 246 seconds]12:19
-!- Dizzle__ [~diesel@70.114.207.41] has joined #bitcoin-wizards12:20
-!- Dizzle [~diesel@70.114.207.41] has quit [Disconnected by services]12:21
-!- Dizzle__ is now known as Dizzle12:21
-!- vmatekole [~vmatekole@p5DC46BC2.dip0.t-ipconnect.de] has quit [Remote host closed the connection]12:30
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards12:33
-!- catlasshrugged [~satoshi-u@63.142.161.8] has quit [Ping timeout: 264 seconds]12:36
-!- catlasshrugged [~satoshi-u@63.142.161.2] has joined #bitcoin-wizards12:40
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]12:50
-!- todays_tomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards12:53
-!- shesek [~shesek@77.126.229.16] has joined #bitcoin-wizards12:53
DougieBot5000faraka: WRT zero-knowledge merkle chain, in theory a zk_SNARK constructed with the rules for validation of your chain could be used to verify that there exists a valid chain satisfying those properties12:54
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 264 seconds]12:55
DougieBot5000it may not be practical though, as I don't think zk-SNARKS are very efficient12:55
DougieBot5000yet?12:55
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Ping timeout: 244 seconds]12:56
@gmaxwell11:00 < faraka> let's say i have a merkle chain of n items, is it possible to create a zero knowledge proof of the existence of a correct chain between hash  1 to n?12:57
@gmaxwellwhat does "correct chain" mean?12:57
@gmaxwellIf correct means "anything at all" then sure. Your proof is return true;  :)12:58
DougieBot5000I just took it to mean "satisfying some validation criterion"12:58
DougieBot5000gmaxwell: aside from the obv implementation and practical issues with something like a zk-SNARK, is there any reason one could not be used to bootstrap clients for the initial chain download?12:59
DougieBot5000either use a proof that X number of headers from the genesis are correct (the proof generator would need to download and verify them) or by directly specifying the UTXO set as an output13:00
DougieBot5000in the first case, it might save some verification and lookups, but the clinet would still need to generate the UTXO set itself13:01
DougieBot5000in the second case, it should be good to go (except for blocks newer than the proof generation time)13:01
DougieBot5000am i missing something obvious?13:02
@gmaxwellThe first case doesn't save much, but can be used to avoid some dos attacks. (e.g. wasting your time fetching a chain that isn't really best).  We give a log-scaling snarkless ZKP for this in the sidechains whitepaper.13:04
@gmaxwellAs far as the second, been suggested many times before, it's just infeasble currently.13:04
-!- soundx [~soundx@gateway/tor-sasl/soundx] has quit [Remote host closed the connection]13:04
@gmaxwellState of the art ZKP performance (which has only 80 bit security and requires trusted setup) has the prover evaluate its code with speed ~= 10Hz.13:05
DougieBot5000Do you get any speedups by removing the need for zero-knowledge from the SNARK? Most of the papers i find on SNARKS are the ZK variety13:05
DougieBot5000yeah, the trusted setup is a big sticking point13:06
@gmaxwellNo. ZK is almost a "for free" side-effect of the proof being sublinear in the size of the execution transcript.13:06
DougieBot5000i imagine though that simply having someone generate a proof only once a month or longer would be sufficient and amoritze the large proof generation cost somewhat13:06
DougieBot5000well, amoritize is the wrong word there13:06
DougieBot5000i see13:07
DougieBot5000hmm, at 10HZ though, even a fraction of the chain would take forever to validate13:07
@gmaxwell(to put the 10Hz into context, state of the art ecdsa verification takes 183k cycles on x86_64 and x86_64 cycles are more powerful than the proof system cycles)13:07
@gmaxwell(though there are better ways to perform that particular operation, it's stupidly slow in any case)13:07
@gmaxwellDougieBot5000: yes, we could afford _insane_ proof costs, since we only need to do one (or a few; due to trusted setup) proofs for the whole world. But insane has limits.13:08
DougieBot5000i see. Perhaps when we have 20+ years of chain history and better SNARK implementations, it may be feasible to roll some chunk of that into a snark proof13:09
@gmaxwellDougieBot5000: Yes, I think it's likely. There is nothing fundimental preventing this from being acceptably fast.13:09
DougieBot5000What are the verification times like for the 80 bit state-of-the-art you mentioned?13:10
DougieBot5000I seem to remember it being either constant time, or some small polynomial related to circuit size or something?13:10
@gmaxwellon the order of 10ms. So the system with has state of the art prover performance/scaling is slightly slower to verify because it must use an insanely constrained set of cryptographic parameters that make the verifier a bit slower.13:11
DougieBot5000Thats not bad at all13:12
DougieBot5000well, thanks for answering my questions gmaxwell, dont let me waste any more of your time13:12
DougieBot5000a pleasure, as always13:12
@gmaxwellDougieBot5000: most of the things you've seen people write about are all based on the same underlying cryptosystem (GGPR'12), and have more or less the same benefits and weaknesses (super fast to verify, tractable to prove for small statements, trusted setup)13:12
DougieBot5000any work on removing the trusted setup component?13:13
DougieBot5000I try to keep up, but that Eli Ben-Sasson just keeps cranking out papers on it13:13
phantomcircuitgmaxwell, everytime i think i've come up with something novel i realize it's either already been designed or is only slightly different13:14
phantomcircuitheh13:14
DougieBot5000yeah, same here13:15
DougieBot5000i remember coming up with a blockchain compression idea a year or two ago13:15
DougieBot5000not only was it not new, it was worse that what everyone else had come up with years before that13:15
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]13:20
-!- Greed [~Greed@unaffiliated/greed] has quit [Quit: Classic.]13:21
-!- Greed [~Greed@unaffiliated/greed] has joined #bitcoin-wizards13:22
@gmaxwellBetter than coming up with things that are so stupid no one has mentioned them at all.13:22
-!- todays_tomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 244 seconds]13:24
phantomcircuitgmaxwell, :)13:25
zookoYeah. ☺ I know I'm on the right track when I'm inventing things that better thinkers have already invented, studied, and superceded.13:26
ajweiss"you know, for kids!"13:27
-!- nessence [~alexl@178.19.221.38] has quit [Remote host closed the connection]13:28
-!- coiner [~linker@14.169.160.197] has quit [Ping timeout: 255 seconds]13:30
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards13:34
-!- Dizzle [~diesel@70.114.207.41] has quit [Disconnected by services]13:46
-!- Dizzle__ [~diesel@70.114.207.41] has joined #bitcoin-wizards13:46
-!- Dizzle__ is now known as Dizzle13:46
-!- Quanttek [~quassel@2a02:8108:d00:870:e23f:49ff:fe47:9364] has quit [Ping timeout: 244 seconds]13:47
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards13:55
-!- hashtagg_ [~hashtag@cpe-98-157-219-44.ma.res.rr.com] has quit [Ping timeout: 244 seconds]13:57
-!- TechGhost420 [~kvirc@rrcs-71-43-208-2.se.biz.rr.com] has joined #bitcoin-wizards14:05
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]14:07
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has joined #bitcoin-wizards14:13
-!- austeritysucks [~AS@users69.kollegienet.dk] has joined #bitcoin-wizards14:15
-!- austeritysucks [~AS@users69.kollegienet.dk] has quit [Changing host]14:15
-!- austeritysucks [~AS@unaffiliated/austeritysucks] has joined #bitcoin-wizards14:15
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: This computer has gone to sleep]14:23
-!- wyager [~wyager@cpe-24-160-153-232.satx.res.rr.com] has joined #bitcoin-wizards14:37
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:39
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has quit [Remote host closed the connection]14:39
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)]14:40
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:40
-!- maraoz [~maraoz@43-161-16-190.fibertel.com.ar] has quit [Ping timeout: 252 seconds]14:43
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has joined #bitcoin-wizards14:47
-!- eslbaer [~eslbaer@p548A587F.dip0.t-ipconnect.de] has quit [Ping timeout: 245 seconds]14:49
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards15:04
phantomcircuitinteresting observation, if a transaction has equal sized outputs coin selection picks the lowest index number15:07
phantomcircuitpossibly that should be randomized15:07
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has quit [Ping timeout: 245 seconds]15:07
-!- NewLiberty is now known as NewLiberty-afk15:08
phantomcircuitcase in point https://blockchain.info/tx/14f2680565ba651d89247e59befeae4c9ef5f140bc589acf059655e6c3bd75ff15:09
@gmaxwellhm? it does?15:14
phantomcircuitgmaxwell, appears to15:16
@gmaxwellif you would have asked I would have said I thought we randomly shuffled the inputs first.15:16
phantomcircuitoh actually15:16
phantomcircuiti wonder if im doing this to myself15:16
phantomcircuityes i am foot gunning15:16
phantomcircuitnvm15:16
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]15:19
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards15:22
-!- PaulCapestany [~PaulCapes@204.28.124.82] has quit []15:24
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 255 seconds]15:25
-!- PaulCapestany [~PaulCapes@204.28.124.82] has joined #bitcoin-wizards15:25
-!- Dizzle [~diesel@70.114.207.41] has quit [Quit: Leaving...]15:25
farakadoes anyone have a copy of the hop whitepaper by cunicula?15:29
-!- catlasshrugged [~satoshi-u@63.142.161.2] has quit [Ping timeout: 244 seconds]15:30
@gmaxwellop_mul:  Oh hey, I think I may know why that crazy nonce reuser reuses nonces.  Maybe they use a single random nonce per transaction. Doing so would make the signing for the second and later intputs about 100x faster.15:30
@gmaxwellop_mul: so if they're super slow HSM or something they might have decided this suicidal sounding optimization was a good idea and done it intentionally.15:31
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has joined #bitcoin-wizards15:33
-!- treehug88 [~treehug88@34-254.as32345.tumblrhq.com] has quit []15:34
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]15:38
-!- epscy [~epscy@176.126.241.239] has quit [Ping timeout: 265 seconds]15:42
-!- RoboTeddy [~roboteddy@2601:9:3483:2400:1504:e12:6080:36ce] has joined #bitcoin-wizards15:42
-!- NewLiberty-afk is now known as NewLiberty15:47
-!- epscy [~epscy@176.126.241.239] has joined #bitcoin-wizards15:47
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards15:48
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has quit [Ping timeout: 246 seconds]15:55
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards15:57
-!- hashtag_ [~hashtag@69.23.213.3] has joined #bitcoin-wizards16:03
-!- RoboTeddy [~roboteddy@2601:9:3483:2400:1504:e12:6080:36ce] has quit [Read error: Connection reset by peer]16:03
-!- RoboTeddy [~roboteddy@2601:9:3483:2400:1504:e12:6080:36ce] has joined #bitcoin-wizards16:04
-!- hearn [~mike@84-75-198-85.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]16:04
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]16:06
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has joined #bitcoin-wizards16:15
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]16:18
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has quit [Remote host closed the connection]16:24
-!- devrandom [~devrandom@gateway/tor-sasl/niftyzero1] has joined #bitcoin-wizards16:25
-!- RoboTeddy [~roboteddy@2601:9:3483:2400:1504:e12:6080:36ce] has quit [Read error: Connection reset by peer]16:32
-!- RoboTeddy [~roboteddy@2601:9:3483:2400:1504:e12:6080:36ce] has joined #bitcoin-wizards16:33
-!- skyraider [uid41097@gateway/web/irccloud.com/x-pswomzeadtkmdtmx] has quit [Quit: Connection closed for inactivity]16:35
-!- siervo [uid49244@gateway/web/irccloud.com/x-fwcbocjnrcqsdbmk] has joined #bitcoin-wizards16:36
-!- siervo [uid49244@gateway/web/irccloud.com/x-fwcbocjnrcqsdbmk] has quit [Client Quit]16:39
-!- op_mul [~op_mul@178.62.78.122] has joined #bitcoin-wizards16:50
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards16:51
-!- wyager [~wyager@cpe-24-160-153-232.satx.res.rr.com] has quit [Quit: wyager]16:52
op_mulgmaxwell: I'm not sure I'd call that suicidal so long as you're keeping track of which keys use which nonces. at that point though you'd probably be getting off getting a less-shit HSM though.16:52
op_mulyou also make it alarmingly obvious which transactions are yours. nobody else has that behaviour. part of the reason I think it's intentional is that the signer uses compressed points, if it was just a stupid Sony-level implementation they wouldn't be doing that.16:54
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards17:07
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has quit [Ping timeout: 246 seconds]17:09
-!- belcher [~belcher-s@unaffiliated/belcher] has quit [Quit: Leaving]17:20
-!- RoboTeddy [~roboteddy@2601:9:3483:2400:1504:e12:6080:36ce] has quit [Ping timeout: 244 seconds]17:21
-!- HaltingState [~HaltingSt@unaffiliated/haltingstate] has joined #bitcoin-wizards17:32
-!- zooko` [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards17:32
-!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has quit [Ping timeout: 264 seconds]17:34
-!- narwh4l [~michael@unaffiliated/thesnark] has quit [Quit: Leaving]17:35
-!- hashtagg [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards17:42
-!- hashtag [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 252 seconds]17:43
-!- adam3us [~Adium@c31-67.i07-8.onvol.net] has quit [Quit: Leaving.]17:48
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Quit: pgokeeffe]17:53
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has joined #bitcoin-wizards17:54
-!- HaltingState [~HaltingSt@unaffiliated/haltingstate] has quit [Quit: Leaving]18:00
-!- d1ggy_ [~d1ggy@dslc-082-082-157-078.pools.arcor-ip.net] has joined #bitcoin-wizards18:03
-!- ryanxcharles [~ryanxchar@162-245-22-162.v250d.PUBLIC.monkeybrains.net] has quit [Ping timeout: 244 seconds]18:06
-!- d1ggy__ [~d1ggy@dslb-088-071-001-101.088.071.pools.vodafone-ip.de] has quit [Ping timeout: 264 seconds]18:07
-!- TechGhost420 [~kvirc@rrcs-71-43-208-2.se.biz.rr.com] has quit [Ping timeout: 245 seconds]18:12
-!- Dizzle [~Dizzle@2605:6000:1018:c04a:6441:98aa:5dd2:6813] has joined #bitcoin-wizards18:21
-!- c0rw1n [~c0rw1n@63.120-67-87.adsl-dyn.isp.belgacom.be] has quit []18:22
nanotubeBlueMatt, gmaxwell, do you want gribble here? can be easily arranged, once my server issues are solved.18:23
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has joined #bitcoin-wizards18:26
-!- TechGhost420 [~kvirc@207.207.22.62] has joined #bitcoin-wizards18:28
-!- GibsonA [~thrasher@27-33-27-140.static.tpgi.com.au] has quit []18:30
-!- Dr-G2 [~Dr-G@gateway/tor-sasl/dr-g] has joined #bitcoin-wizards18:32
-!- TechGhost420 [~kvirc@207.207.22.62] has quit [Ping timeout: 256 seconds]18:34
-!- Dr-G [~Dr-G@gateway/tor-sasl/dr-g] has quit [Ping timeout: 250 seconds]18:35
-!- ebfull [~ebfull@c-76-120-40-34.hsd1.co.comcast.net] has joined #bitcoin-wizards18:36
-!- Dizzle [~Dizzle@2605:6000:1018:c04a:6441:98aa:5dd2:6813] has quit [Ping timeout: 265 seconds]18:49
-!- TechGhost420 [~kvirc@207.207.28.164] has joined #bitcoin-wizards18:49
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has quit [Ping timeout: 255 seconds]18:55
-!- Dizzle [~Dizzle@cpe-72-182-36-12.austin.res.rr.com] has joined #bitcoin-wizards18:55
-!- bendavenport [~bpd@64.124.157.148] has quit [Ping timeout: 252 seconds]18:58
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has joined #bitcoin-wizards19:07
-!- ryanxcharles [~ryanxchar@2601:9:4680:dd0:8ddf:c65e:b6d3:3462] has joined #bitcoin-wizards19:14
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has quit [Ping timeout: 246 seconds]19:17
-!- roconnor [~roconnor@e120-pool-d89a63c0.brdbnd.voicenetwork.ca] has joined #bitcoin-wizards19:21
-!- gribble [~gribble@unaffiliated/nanotube/bot/gribble] has joined #bitcoin-wizards19:41
-!- nullbyte [WW@gateway/vpn/mullvad/x-psgbyouloewsbega] has quit [Ping timeout: 244 seconds]19:49
-!- nullbyte [WW@unaffiliated/loteriety] has joined #bitcoin-wizards19:50
-!- nullbyte [WW@unaffiliated/loteriety] has quit [Changing host]19:50
-!- nullbyte [WW@gateway/vpn/mullvad/x-yljruxuocayzjhei] has joined #bitcoin-wizards19:50
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has joined #bitcoin-wizards19:53
-!- pgokeeffe [~pgokeeffe@101.165.93.194] has quit [Ping timeout: 245 seconds]19:58
-!- user7779_ [user777907@gateway/vpn/mullvad/x-vjuhydyhbhbaladh] has joined #bitcoin-wizards20:02
-!- zooko`` [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards20:04
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 244 seconds]20:04
-!- zooko` [~user@c-75-70-204-109.hsd1.co.comcast.net] has quit [Ping timeout: 264 seconds]20:06
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has joined #bitcoin-wizards20:11
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 244 seconds]20:13
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards20:15
-!- user7779_ [user777907@gateway/vpn/mullvad/x-vjuhydyhbhbaladh] has quit [Ping timeout: 264 seconds]20:15
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards20:17
-!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has quit [Remote host closed the connection]20:18
-!- Shiftos [~shiftos@gateway/tor-sasl/shiftos] has joined #bitcoin-wizards20:19
-!- GAit [~lnahum@enki.greenaddressit.p3.tiktalik.io] has quit [Remote host closed the connection]20:26
-!- user7779078 [~user77790@ool-4354b720.dyn.optonline.net] has quit [Ping timeout: 240 seconds]20:30
-!- user7779078 [user777907@gateway/vpn/mullvad/x-ixspuvqyodkfxdal] has joined #bitcoin-wizards20:32
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Remote host closed the connection]20:42
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has joined #bitcoin-wizards20:51
-!- wyager [~wyager@cpe-24-160-153-232.satx.res.rr.com] has joined #bitcoin-wizards20:51
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has quit [Remote host closed the connection]20:55
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has joined #bitcoin-wizards20:56
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has joined #bitcoin-wizards21:01
-!- RoboTeddy [~roboteddy@c-67-180-192-179.hsd1.ca.comcast.net] has quit [Ping timeout: 255 seconds]21:01
-!- coutts [sid31766@gateway/web/irccloud.com/x-orzglfwmoczhzjub] has quit [Quit: Connection closed for inactivity]21:01
-!- todaystomorrow [~me@d114-78-105-180.bla803.nsw.optusnet.com.au] has quit [Ping timeout: 265 seconds]21:04
-!- wyager [~wyager@cpe-24-160-153-232.satx.res.rr.com] has quit [Quit: wyager]21:09
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards21:10
-!- MoALTz_ [~no@user-109-243-165-112.play-internet.pl] has joined #bitcoin-wizards21:12
-!- MoALTz [~no@user-109-243-165-112.play-internet.pl] has quit [Ping timeout: 244 seconds]21:14
-!- kyletorpey [~kyle@c-24-131-0-5.hsd1.va.comcast.net] has joined #bitcoin-wizards21:17
-!- Dizzle [~Dizzle@cpe-72-182-36-12.austin.res.rr.com] has quit [Quit: Leaving...]21:34
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:f18e:ee68:34d7:3d86] has quit [Ping timeout: 265 seconds]21:38
-!- jtimon [~quassel@238.pool85-59-137.dynamic.orange.es] has quit [Quit: No Ping reply in 180 seconds.]21:49
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 244 seconds]21:55
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards21:58
-!- user7779078 [user777907@gateway/vpn/mullvad/x-ixspuvqyodkfxdal] has quit [Remote host closed the connection]22:03
-!- TechGhost420 [~kvirc@207.207.28.164] has quit [Ping timeout: 264 seconds]22:07
-!- SDCDev [~quassel@unaffiliated/sdcdev] has joined #bitcoin-wizards22:22
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards22:28
-!- SDCDev [~quassel@unaffiliated/sdcdev] has quit [Remote host closed the connection]22:41
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:709c:9bb5:57c1:18d6] has joined #bitcoin-wizards22:59
-!- faraka [835eba0a@gateway/web/freenode/ip.131.94.186.10] has quit [Ping timeout: 246 seconds]23:12
-!- bendavenport [~bpd@c-50-131-42-132.hsd1.ca.comcast.net] has joined #bitcoin-wizards23:28
-!- Dizzle [~Dizzle@2605:6000:1018:c04a:a87c:587:9965:90b] has joined #bitcoin-wizards23:39
-!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has quit [Quit: bvu]23:45
-!- lclc_bnc is now known as lclc23:52
-!- soundx [~soundx@gateway/tor-sasl/soundx] has joined #bitcoin-wizards23:52
-!- bvu [~bvu@cpepool9cmts2-62.sanbrunocable.com] has joined #bitcoin-wizards23:54
--- Log closed Fri Jan 09 00:00:17 2015

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!