2015-03-01.log

--- Log opened Sun Mar 01 00:00:08 2015
maaku	GreenIsMyPepper: for what its worth I think a strip-outpoints sighash mode will be way easier to get into core than upgrading the utxo db to store a normalized id	00:02
maaku	and accomplishes the same thing so long as you don't reuse addresses...	00:03
GreenIsMyPepper	I would prefer it as well. Users can be kept from screwing up by not using that sighash flag at all.	00:04
maaku	right it's not something that will accidentally happen	00:06
-!- Ody10 [~Odysseas@client-8-29.eduroam.oxuni.org.uk] has joined #bitcoin-wizards		00:06
GreenIsMyPepper	The primary problem is whether malleability for multisig P2SH addresses which the user enters is a problem, if it is, then it might be nice to use a normalized id.	00:07
GreenIsMyPepper	spending from that multisig P2SH, but again, that requires a pretty complicated wallet anyway...	00:07
GreenIsMyPepper	However, I guess the problem is really about wallets not going to re-sign transactions automatically, so if it was defaulted to use a normalized txid, then it's far easier	00:08
GreenIsMyPepper	I presume if one directly connected to a miner, the miner may have sufficient incentive to fix the transaction id FOR you to collect the fee :]]	00:09
GreenIsMyPepper	But yeah, I suppose something like stripping the input entirely is more necessary for functionality, normalized is safety scissors and the question is how costly/painful the UTXO transition would be.	00:12
maaku	i don't see the safety aspect ... the use cases are non-overlapping	00:13
GreenIsMyPepper	Currently, the benefit would be current uses of bitcoin pay to address, they don't need to re-sign. Oh also, defaulting to normalized is safer when your alternative is to strip out the input (SIGHASH_NOINPUT) in case you receive another payment after that (can't control others making mistakes, only your own).	00:16
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		00:18
-!- da2ce7_ [~da2ce7@opentransactions/dev/da2ce7] has quit [Quit: Leaving]		00:19
maaku	right, but my point is current users also don't need malleability protection	00:19
maaku	you need malleability protection for protocols that are not being done today -- and the implementation of those protocols will use the strip-outpoints flag	00:21
maaku	i wish it was possible to soft-fork checksig :\	00:21
bramc	My point is, you ideally avoid the malleability problem entirely by having utxos be indexed without including their signatures, and anyonecanpay functionality can be built into that by having new signature types	00:22
sipa	it is; repurpose nop as checksig2	00:22
GreenIsMyPepper	I don't disagree, however, people will do stupid things if there was only SIGHASH_NOINPUT. If you treat SIGHASH_NORMALIZED as a honeypot alone it has value, but that's being really cynical.	00:23
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has joined #bitcoin-wizards		00:23
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		00:23
bramc	Of course, bitcoin doesn't actually work that way, and none of the altcoins have fixed that problem...	00:23
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		00:24
maaku	sipa: that was an engineers lamentation, the NOP space being limited and such	00:26
sipa	right, sure	00:26
bramc	Also by making it so that it's a signature extension, it's then possible to make it so that some of the signatures are for everything and some are for their own inputs which might add some flexibility	00:27
bramc	Also doesn't add anything to the overall size in the end	00:28
maaku	hrm.. actually you could avoid the checksig{3,4,5,5,6...} problem by having the checksig2 take a sighash mask. then checksig2 could be soft-fork upgradeable...	00:32
fluffypony	oh forgot to mention earlier this week, for andytoshi and adam3us in particular, MRL has a new research bulletin out that covers traceability attacks, temporal associations when selecting outputs to mix with, and an association by use attack: https://lab.getmonero.org/pubs/MRL-0004.pdf	00:32
fluffypony	recommendations are made for fixing the traceability attacks (basically enforce global minimum mixin, and provide a path for unmixable outputs / dust to eventually be extracted)	00:33
fluffypony	and an idea for reducing association by use attacks	00:33
fluffypony	but temporal associations are trickier, and it comes down to choosing a reasonable distribution for selecting outputs to mix with (and there's not really enough data to make that determination)	00:34
Luke-Jr	maaku: no need for a mask I think, just have it behave as OP_NOP for any unrecognised SIGHASH flag	00:36
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 245 seconds]		00:36
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		00:37
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards		00:39
maaku	Luke-Jr: then it's trivial to steal coins	00:41
maaku	a sighash is in the signature and fully malleable	00:42
Luke-Jr	maaku: uh, if you use an unrecognised SIGHASH flag..	00:42
Luke-Jr	isn't it in the key?	00:42
maaku	no, the sig	00:42
maaku	that's what i'm saying, put a mask in the key	00:42
maaku	so you constrain what can be malleated	00:42
Luke-Jr	hm	00:43
Luke-Jr	if we don't do that, we could add key recovery to the new checksig. or would that be too slow?	00:44
sipa	only slightly slower	00:45
Luke-Jr	I guess we still can even with a mask, just the data would be only a mask	00:45
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer]		00:46
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		00:46
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has joined #bitcoin-wizards		00:46
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		00:47
-!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has left #bitcoin-wizards []		00:54
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		00:56
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has joined #bitcoin-wizards		00:56
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		01:04
-!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection]		01:04
-!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards		01:05
* andy-logbot is logging		01:05
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Quit: Leaving.]		01:05
-!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: This computer has gone to sleep]		01:06
-!- moa [~moa@opentransactions/dev/moa] has quit [Quit: Leaving.]		01:09
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Remote host closed the connection]		01:12
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Remote host closed the connection]		01:14
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards		01:15
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		01:22
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		01:23
-!- Ody10 [~Odysseas@client-8-29.eduroam.oxuni.org.uk] has left #bitcoin-wizards []		01:24
-!- paveljanik [~paveljani@79-98-72-216.sys-data.com] has joined #bitcoin-wizards		01:28
-!- paveljanik [~paveljani@79-98-72-216.sys-data.com] has quit [Changing host]		01:28
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards		01:28
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer]		01:33
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		01:34
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		01:37
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		01:41
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		01:42
-!- brisque [~brisque@unaffiliated/brisque] has joined #bitcoin-wizards		01:44
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 246 seconds]		01:44
brisque	http://democracyos.org/	01:44
yoleaux	9 Oct 2014 15:41Z <kanzure> brisque: is there a document that has a list of inaccuracies in that unmentionable book?	01:45
brisque	"Trust is deeply built into DemocracyOS using decentralized authority to certify every single decision made."	01:45
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 252 seconds]		01:45
brisque	kanzure: sure, lots of them are already on the wiki.	01:46
fluffypony	"DemocracyOS is coded entirely in javascript."	01:50
* fluffypony twitches		01:51
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has quit [Ping timeout: 265 seconds]		01:56
brisque	if you make some assumptions about how they have designed the thing (it's not described), one gets the impression that "blockchain" is being used as a buzz word without consideration for what it actually affords a system that really does need authentication and sybil resistance.	01:56
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has joined #bitcoin-wizards		01:58
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has quit [Read error: Connection reset by peer]		01:58
-!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has quit [Read error: Connection reset by peer]		01:58
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has joined #bitcoin-wizards		01:59
-!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has joined #bitcoin-wizards		01:59
adlai	s/affords/costs/?	02:00
fluffypony	adlai: "affords" in the sense of "adds to" or "supplies"	02:03
-!- Rynomster [~quassel@unaffiliated/rynomster] has quit [Ping timeout: 264 seconds]		02:04
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		02:13
-!- xenog [~xeno@86-41-32-183-dynamic.b-ras2.dbn.dublin.eircom.net] has joined #bitcoin-wizards		02:13
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		02:13
brisque	well the blockchain is quite interesting in that you have something with very good brand power (it's the first distributed consensus) with almost no applicability outside of canonical ordering. it's slow, awkward and ridiculously expensive, so you'd better have a very good rationality for throwing it into a design. as far as difficulty of justifiability goes, a block chain is well up there with shag carpet.	02:15
nsh	but it really holds the room together	02:15
Eliel	nsh: that it does :P	02:16
-!- llllllllll [~lllllllll@6d482698.ftth.concepts.nl] has joined #bitcoin-wizards		02:17
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		02:21
sipa	brisque: plus it really only works with a sufficiently strong incentive structure	02:23
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer]		02:24
sipa	making it hard to use for things that don't have any value to distribute to cooperating nodes	02:24
-!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards		02:24
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		02:25
brisque	sipa: I've seen that justified as "well people run debian mirrors with no incentive", but I think that's missing the point that bitcoin is on a whole different scale of resistance heating. if you're at the risk of someone overtaking your network at ease with EC2, then it's probably not realistic to call it a distributed consensus.	02:27
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards		02:28
sipa	brisque: well, cost and reward	02:28
sipa	many distributed network are pretty easy to attack for a well-funded entity, but with very little gain from doing so	02:28
sipa	if the gain is faking monetary transactions, that's very different	02:29
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		02:32
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		02:36
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		02:49
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		02:59
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer]		03:06
brisque	sipa: that's a good way of putting it, I've never really thought of bitcoin as incentivising malice before.	03:07
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards		03:07
-!- xenog [~xeno@86-41-32-183-dynamic.b-ras2.dbn.dublin.eircom.net] has quit [Ping timeout: 256 seconds]		03:08
-!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards		03:08
-!- mkarrer [~mkarrer@126.Red-83-32-132.dynamicIP.rima-tde.net] has joined #bitcoin-wizards		03:16
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		03:25
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		03:26
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards		03:27
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]		03:27
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		03:27
Taek	sipa: one reason you might want to combine multiple outputs under 1 signature is donation addresses	03:28
-!- hashtag_ [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has quit [Read error: Connection reset by peer]		03:30
-!- hashtag_ [~hashtagg_@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards		03:30
sipa	Taek: help	03:33
Taek	?	03:33
sipa	i think we should get rid of donation addresses	03:33
sipa	they;re terrible for privacy	03:34
Taek	for the sender too?	03:34
brisque	definitely.	03:34
sipa	for every single bitcoin user	03:34
sipa	i think bitcoin as it's used today is pretty much unusable as a monetary system due its terrible privacy because of this	03:35
Taek	hmm. I can't say I've thought about it enough to disagree competently	03:36
sipa	i wonder how people would feel if their bank account's value was public	03:36
-!- dabura667 [uid43070@gateway/web/irccloud.com/x-uelnblcwccxbcyqj] has quit [Quit: Connection closed for inactivity]		03:36
cbeams	sipa: I've often thought of setting up a simple http service that accepts a GET request and responds with a new HD-generated address.	03:37
brisque	sipa: I think the only reason there's not more attention given to bitcoin privacy is that it's not particularly tangible. the term is "losing" privacy, but there's not an immediate impact most of the time compared with say, losing your money.	03:38
cbeams	so you'd have 'donation URLs' vs. donation addresses	03:38
brisque	cbeams: electrum supports that, not that you'd know.	03:38
sipa	cbeams: payment protocol, please	03:38
sipa	this exists	03:38
sipa	brisque: yup	03:40
cbeams	I guess the question, then, is why aren't people using what already exists?	03:40
brisque	like I said, there's no immediate tangible impact.	03:40
Taek	It's the same reason people don't use encryption when they email each other: their tools don't enable it automatically.	03:41
brisque	when you reuse an address a tentacle doesn't reach through your window and grab you out of your chair, therefor it's perfectly fine. stop worrying.	03:41
sipa	cbeams: because the idea of account==address is too appealing	03:43
sipa	it's a mental model people can grasp	03:43
cbeams	agree, but it seems to me that there isn't a convenient alternative even for those who are privacy minded.	03:43
sipa	and it's transparent due to several websites	03:43
cbeams	modify what I wrote above regarding a simple http service as "a simple payment-protocol-based http service"	03:44
cbeams	not tied to electrum necessarily,	03:44
sipa	cbeams: it has problems, because the server can steal your coins	03:44
cbeams	just something standalone that people could download and run, and then advertise a url for	03:44
sipa	(by giving out its own addresses, rather than the users)	03:45
Eliel	no tangible impact plus it's more work to do it properly.	03:45
sipa	it's fixable	03:45
sipa	but few people seem to care	03:45
Eliel	the first part wouldn't matter too much if it was easy to do it properly :)	03:45
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		03:46
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		03:47
cbeams	sipa: regarding the server giving out its own addresses, I don't see how this is any more of a risk than a MITM modifying a static donation address.	03:48
sipa	cbeams: indeed, but it's under the user's control	03:48
cbeams	i.e. if the assumption is that everyone runs his own donation address service, and everyone trusts his own server, then risk is pretty well contained, no?	03:49
sipa	MitM seems less of a problem, because nobody expects it to solve the problem	03:49
fluffypony	cbeams: why not just use OpenAlias?	03:49
sipa	(like: if i email you my address, people will trust that email delives the mail corrects)	03:49
cbeams	first I've heard of it.	03:49
fluffypony	Electrum 2.0 has an OpenAlias plugin	03:49
fluffypony	openalias.org	03:49
-!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 246 seconds]		03:49
sipa	fluffypony: doesn't seem to solve anything imho	03:50
sipa	your address is still public?	03:50
fluffypony	sipa: yes, which doesn't matter for Monero because of the dual-key stealth addresses, but sure, more of a concern with Bitcoin	03:51
brisque	sipa: for monero in particular that's not a problem, their addresses are alike "stealth" addresses.	03:51
-!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 244 seconds]		03:51
sipa	i see	03:51
fluffypony	until stealth addresses become popular in BTC	03:51
sipa	i really dislike stealth addresss	03:51
fluffypony	oh interesting - may I ask why?	03:51
sipa	they're a distraction that avoids building a real solution	03:51
sipa	(which is out of band negotiation of transactions)	03:52
sipa	which has so many extra advantages (better privacy, messaging, atomic refunds, no need to scan the blockchain for incoming transactions, ...)	03:52
fluffypony	yeah we've been playing around with some ideas for exactly that	03:53
fluffypony	but very far away	03:53
brisque	fluffypony: scaling reusable addresses is a terrible problem, if nothing else.	03:53
Eliel	it'd probably be doable to create a javascript module that takes a public key, makes a random number for each donation and then uses a similar derivation to BIP32 to make a new address for each donator. However, you'd either need to store all the random numbers somewhere or generate them from a sequence... both are a bit hairy with just javascript.	03:53
sipa	stealth addresses are the correct solution for a small subset of problems	03:53
-!- c0rw1n [~c0rw1n@91.176.85.209] has quit []		03:53
sipa	but they're also a more convenient solution for many problems that can be solved in a much better way	03:54
-!- c0rw1n [~c0rw1n@91.176.85.209] has joined #bitcoin-wizards		03:54
sipa	apart from the fact that no deployed solution exists fro them	03:54
brisque	Eliel: I've thought of that before, but nothing stops people from just slurping the MPK and scanning for the addresses themselves. there's no additional privacy gained by it.	03:54
fluffypony	Eliel: if they're deterministic then an attacker can determine them	03:54
fluffypony	yeah what brisque said	03:54
Eliel	ah yes, sequence is a no go then	03:54
fluffypony	if you're trying to avoid address reuse then you may as well publish a deterministic pubkey	03:55
Eliel	has to be random numbers	03:55
sipa	fluffypony: that doesn't solve the privacy problem	03:55
fluffypony	but if it's for privacy then deterministic is a no-go	03:55
fluffypony	sipa: yep ^^	03:55
sipa	avoiding address reuse is not the goal, it's a means	03:55
fluffypony	yeah	03:55
brisque	fluffypony: publishing a MPK is pretty scary in terms of non hardened derivitation, it means that information leaks become critical flaws, or at the very least it enables people to be spear phished by leveraging their misunderstanding of deterministic wallets.	03:56
sipa	yup	03:56
fluffypony	yup, I was merely following the train of thought from Eliel's idea :)	03:57
-!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards		04:00
Eliel	being able to do this properly kind of really calls for a secure distributed messaging system.	04:01
sipa	why? there is no need for anything distributed here	04:01
sipa	transaction and key negotiation is a private business between sender and receiver	04:02
sipa	tcp/ip works fine	04:02
sipa	use tor if you need better privacy	04:02
Eliel	mostly because it's enough work to set up a secure (as in, no third party able to read your stuff) messaging system that most don't bother	04:02
brisque	I'm not sure peer to peer privacy is a huge problem at this point in time, it's completely overwhelmed by other privacy flaws. maybe once those are on their way to being solved we can care about more communication magic.	04:04
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		04:05
Eliel	basically, if we had such a system, it could be integrated into a bitcoin wallet and you could then publish a single identifier (public key) and others could send coins by generating a new address with it on the fly and sending you the private key. You could then combine the private keys to send the coins onward.	04:06
Eliel	but since you don't have a messaging system you can trust to just work, that's not feasible.	04:07
sipa	we have a messaging system	04:08
-!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 250 seconds]		04:08
sipa	it's called tcp/ip	04:08
brisque	if you're attempting to donate to someone to pay an invoice, you already have HTTP to do that	04:08
maaku	Eliel: you're solving this on the wrong layer	04:08
Eliel	sipa: tcp/ip lacks the key feature of what I just described.	04:09
sipa	which is?	04:09
Eliel	sipa: if the recipient is not online, communication just fails.	04:10
fluffypony	Eliel: Monero does what you're describing but completely statically without requiring you or the sender to be online - a Monero address is two pubkeys serialised, to send a tx you compute a "destination" for outputs based on those two keys + some random data, so where an output goes to is not an address	04:10
sipa	Eliel: meh	04:11
sipa	Eliel: email works too without people being online the whole time	04:11
Eliel	sipa: it works, most of the time, yes. But it's fragile and for most people there's a third party with access to their email.	04:13
-!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards		04:13
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards		04:14
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 252 seconds]		04:14
sipa	Eliel: that can be solved by encryption	04:15
sipa	Eliel: have an address that's a url + encryption key	04:15
Eliel	and now you have a system that's way too complex to setup for it to get much use.	04:15
sipa	gmail doesn't require setup, does it?	04:17
sipa	nothing that people can't handle	04:17
Eliel	email itself, no. Actually using the encrypted messages, especially if you want it automated, hell yes.	04:17
sipa	i don't understand	04:17
sipa	it's exactly like bitcoin addresses today	04:18
sipa	except the communication doesn't go over the blockchain, but using a mailbox-type service	04:18
sipa	the sender creates an encrypted message with a fully-signed but unpublished transaction, sends it to the mailbox service	04:19
sipa	the receiver's client fetches the message, decrypts it, validates it, and broadcasts it	04:19
sipa	done	04:19
sipa	the message contains both the transaction as the nonce used to generate the destination key	04:19
sipa	so it's impossible for the transaction to arrive at the receiver without him knowing the nonce to spend the coins	04:20
-!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has joined #bitcoin-wizards		04:20
Eliel	the problem is, both the sender and receiver would need to have already setup their bitcoin wallets with their email. Just putting up a single bitcoin address as a donation address is still much easier and just works.	04:22
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		04:22
sipa	i don't mean using actual email	04:22
sipa	just an email like system	04:23
sipa	integrated in wallet software	04:23
sipa	and i don't care that it just works	04:23
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		04:23
sipa	paypal also just works	04:23
Eliel	ok, if you create a new kind of service for just bitcoin-wallet messaging, you could potentially make it easy enough that it does not rely on the donation sender having to do any setup.	04:25
-!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards		04:25
Eliel	that'd at least make it sensible for donation receiver to set it up in a privacy enhancing way	04:26
brisque	making some sort of communication network on top of bitcoins sounds like a horrible idea, frankly. stealth addresses are more preferable than that.	04:26
Eliel	... but this sounds just like payment protocol :P	04:26
sipa	Eliel: it is the payment protocol	04:26
Luke-Jr	brisque: uh, there's already a communication network	04:27
Luke-Jr	otherwise bitcoin wouldn't work	04:27
sipa	with an extension	04:27
sipa	(to support encryption)	04:27
-!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has joined #bitcoin-wizards		04:27
brisque	Luke-Jr: not entirely what I meant. "communication" being anything other than flooding transactions and blocks.	04:28
Luke-Jr	brisque: well, that's still better than stealth addresses at least IMO	04:28
Luke-Jr	probably wouldn't be that hard either - you could even have nodes pay an intermediary peer to relay if they can't connect directly	04:29
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards		04:30
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]		04:30
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		04:30
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		04:30
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		04:30
-!- adlai [~Adlai@unaffiliated/adlai] has quit [Ping timeout: 264 seconds]		04:30
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		04:31
brisque	Luke-Jr: that would result in bitcoin just being people's go-to flood network for everything under the sun, you can't do any sort of targeted routing within the current design (and I don't think you'd want to). an intermediary fee wouldn't work just due to dust and privacy.	04:35
-!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has quit [Remote host closed the connection]		04:36
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:cdbd:393e:aeae:591] has quit [Ping timeout: 250 seconds]		04:38
-!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards		04:40
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		04:42
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		04:42
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		04:42
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]		04:47
-!- Adlai [~Adlai@unaffiliated/adlai] has joined #bitcoin-wizards		04:49
-!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 252 seconds]		05:11
-!- erasmospunk [~erasmospu@net-2-38-211-181.cust.vodafonedsl.it] has joined #bitcoin-wizards		05:18
-!- erasmosp_ [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has joined #bitcoin-wizards		05:20
-!- erasmospunk [~erasmospu@net-2-38-211-181.cust.vodafonedsl.it] has quit [Ping timeout: 244 seconds]		05:23
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection timed out]		05:28
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		05:28
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards		05:32
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]		05:32
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		05:32
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		05:33
-!- Dr-G2 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has joined #bitcoin-wizards		05:38
-!- Dr-G3 [~Dr-G@gtng-d9bf77a0.pool.mediaways.net] has quit [Ping timeout: 240 seconds]		05:41
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		05:43
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 245 seconds]		05:48
-!- instagibbs [60ff5d39@gateway/web/freenode/ip.96.255.93.57] has joined #bitcoin-wizards		05:48
instagibbs	Flood network should really not be touched in favor of extra-consensus matters, I think most would agree	05:52
brisque	if nothing else you quickly run into flooding problems. if you rate limit (like free transactions today) you make a trivial to jam and thus totally unreliable way of getting messages around. you could add some hashcash into the mix, but you get back to the core problem of hashcash where any level of difficulty that would hinder an attacker makes it unusable for an end user.	05:55
sipa	indeed	05:56
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		06:01
-!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards		06:02
-!- Dr-G2 [~Dr-G@gtng-d9bf77a0.pool.mediaWays.net] has quit [Ping timeout: 256 seconds]		06:04
-!- ceedz [~eric@187.139.146.65] has joined #bitcoin-wizards		06:06
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer]		06:06
instagibbs	centralization ftw!	06:07
fluffypony	nah, just blockchain all the things	06:07
instagibbs	I saw electrum people are working on(?) some sort of messaging layer using SMTP	06:08
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards		06:08
fluffypony	nah it's more like payment protocol	06:08
instagibbs	only saw some slides, and unfortunately they're passing around MPKs it appears	06:08
fluffypony	but over email	06:09
fluffypony	I have an intense dislike for email as a mechanism	06:09
brisque	that's unpleasant as hell.	06:09
instagibbs	fluffypony: why?	06:10
fluffypony	instagibbs: I find it unreliable	06:10
brisque	instagibbs: you've got to admit, it hasn't aged particularly well.	06:11
instagibbs	Right, but I'm wary of re-creating wheels	06:11
fluffypony	emails can be silently dropped for any number of reasons, and even the most well-learned antispam system has false positives	06:11
brisque	reference for instagibbs "slides" reference. https://electrum.org/bitcoinaliases.pdf	06:12
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds]		06:16
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		06:17
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]		06:17
brisque	I assume in that model the server has to have an address indexed full node to do lookups against, otherwise an attacker can do a trivial denial of service attack where they request past the victim's address lookup cap limit, but never send anything to the addresses.	06:18
-!- ceedz [~eric@187.139.146.65] has quit [Quit: ceedz]		06:20
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Remote host closed the connection]		06:21
brisque	the idea is a little uncomfortable anyway, despite it's name a MPK really is quite private material. a compromise of that server would both nullify any gain given by not reusing address, and it would also provide name to MPK maps. in fact it's probably worse than just reusing addresses, leaking a MPK is a disaster.	06:21
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards		06:21
sipa	at least the privacy leak is restricted to the server by default (assuming no worse leak)	06:22
sipa	as opposed to to the entire world, in case of reusing addresses	06:22
sipa	not disagreeing with you, though	06:23
kanzure	"i guess you could say it's sort of a dark optimism"	06:25
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has joined #bitcoin-wizards		06:27
-!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has quit [Ping timeout: 244 seconds]		06:31
-!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has joined #bitcoin-wizards		06:33
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:443c:ddbe:5bf5:b260] has joined #bitcoin-wizards		06:44
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		06:44
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 265 seconds]		06:49
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		06:52
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Ping timeout: 250 seconds]		06:56
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds]		06:56
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		06:57
-!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has quit [Remote host closed the connection]		06:57
-!- xenog [~xeno@46.7.118.40] has quit [Ping timeout: 265 seconds]		06:59
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards		07:04
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]		07:04
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		07:04
-!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards		07:12
-!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye]		07:15
-!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards		07:16
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		07:23
-!- xenog [~xeno@95.83.254.129] has joined #bitcoin-wizards		07:26
-!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has joined #bitcoin-wizards		07:28
-!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has quit [Remote host closed the connection]		07:28
-!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has joined #bitcoin-wizards		07:28
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards		07:35
-!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has quit [Remote host closed the connection]		07:36
-!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has joined #bitcoin-wizards		07:38
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		07:39
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards		07:39
-!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has quit [Remote host closed the connection]		07:41
-!- koeppelmann [~koeppelma@dyn-160-39-29-101.dyn.columbia.edu] has joined #bitcoin-wizards		07:42
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		07:42
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		07:45
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 265 seconds]		07:50
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps]		07:51
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		08:04
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		08:04
-!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has joined #bitcoin-wizards		08:09
-!- HaltingState [~HaltingSt@unaffiliated/haltingstate] has joined #bitcoin-wizards		08:16
-!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards		08:48
-!- antgreen [~user@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has quit [Ping timeout: 264 seconds]		08:51
-!- coinrookie [~c0inr00ki@c-68-53-21-189.hsd1.tn.comcast.net] has quit [Ping timeout: 246 seconds]		08:59
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		09:02
-!- mpmcsweeney [~mpmcsween@c-50-189-4-61.hsd1.ma.comcast.net] has joined #bitcoin-wizards		09:05
-!- mpmcsweeney [~mpmcsween@c-50-189-4-61.hsd1.ma.comcast.net] has quit [Client Quit]		09:05
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		09:11
-!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: This computer has gone to sleep]		09:15
-!- lmatteis [uid3300@gateway/web/irccloud.com/x-dzczgkytvrywdzvs] has joined #bitcoin-wizards		09:19
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Read error: Connection reset by peer]		09:23
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		09:26
-!- justanot1eruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		09:39
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 246 seconds]		09:40
-!- skittylx- [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards		09:40
-!- skittylx- [~skittylx@ks203868.kimsufi.com] has quit [Client Quit]		09:41
-!- luktgf [~vfbtgn@188.25.36.90] has quit [Quit: Leaving]		09:44
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		09:47
-!- brisque [~brisque@unaffiliated/brisque] has left #bitcoin-wizards ["Textual IRC Client: www.textualapp.com"]		09:58
-!- oujh [~vfbtgn@82.76.120.35] has joined #bitcoin-wizards		10:00
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]		10:00
-!- Grishnakh [~grishnakh@dsl-espbrasgw1-50dfb6-218.dhcp.inet.fi] has joined #bitcoin-wizards		10:01
-!- instagibbs [60ff5d39@gateway/web/freenode/ip.96.255.93.57] has quit [Quit: Page closed]		10:03
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Read error: Connection reset by peer]		10:11
-!- grau [~grau@37.143.74.116] has joined #bitcoin-wizards		10:24
-!- grau [~grau@37.143.74.116] has quit [Client Quit]		10:24
-!- Emcy [~MC@152.27.187.81.in-addr.arpa] has joined #bitcoin-wizards		10:30
-!- Emcy [~MC@152.27.187.81.in-addr.arpa] has quit [Changing host]		10:30
-!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards		10:30
-!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards		10:32
-!- prodatalab [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]		10:32
-!- amincd [1710a2c6@gateway/web/freenode/ip.23.16.162.198] has quit [Ping timeout: 246 seconds]		10:33
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards		10:37
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards		10:51
-!- justanot1eruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 256 seconds]		10:51
-!- oujh [~vfbtgn@82.76.120.35] has quit [Ping timeout: 246 seconds]		10:56
-!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards		10:56
-!- xenog [~xeno@95.83.254.129] has quit [Ping timeout: 272 seconds]		10:57
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		10:58
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		10:59
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards		11:00
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]		11:00
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		11:00
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		11:01
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		11:01
-!- justanotheruser [~Justan@128.211.171.2] has joined #bitcoin-wizards		11:03
-!- justanotheruser [~Justan@128.211.171.2] has quit [Changing host]		11:03
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		11:03
-!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has quit [Quit: Leaving]		11:03
-!- oujh [~vfbtgn@82.76.120.35] has joined #bitcoin-wizards		11:12
-!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has joined #bitcoin-wizards		11:14
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		11:15
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards		11:15
-!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards		11:17
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards		11:27
-!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye]		11:31
-!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Quit: Konversation terminated!]		11:33
-!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards		11:34
-!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards		11:34
-!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Client Quit]		11:34
-!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has quit [Read error: Connection reset by peer]		11:38
-!- prodatalab_ [~prodatala@c-69-254-45-177.hsd1.fl.comcast.net] has joined #bitcoin-wizards		11:38
-!- lnr [~lnr@aim.engr.arizona.edu] has joined #bitcoin-wizards		11:46
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		11:48
-!- zooko [~user@c-75-70-204-109.hsd1.co.comcast.net] has joined #bitcoin-wizards		11:50
-!- agorist000 [~snizysnaz@68-114-156-198.dhcp.kgpt.tn.charter.com] has joined #bitcoin-wizards		11:50
-!- agorist000 [~snizysnaz@68-114-156-198.dhcp.kgpt.tn.charter.com] has quit [Changing host]		11:50
-!- agorist000 [~snizysnaz@unaffiliated/agorist000] has joined #bitcoin-wizards		11:50
-!- agorist000 [~snizysnaz@unaffiliated/agorist000] has quit [Client Quit]		11:50
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 252 seconds]		11:52
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards		11:59
-!- lclc [~lucas@unaffiliated/lclc] has quit [Ping timeout: 265 seconds]		12:06
-!- lclc [~lucas@unaffiliated/lclc] has joined #bitcoin-wizards		12:10
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Quit: Leaving.]		12:15
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		12:16
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]		12:17
-!- adam3us1 [~Adium@host-92-18-107-164.as13285.net] has joined #bitcoin-wizards		12:28
-!- adam3us [~Adium@host-92-18-107-164.as13285.net] has quit [Read error: Connection reset by peer]		12:28
-!- lnr [~lnr@aim.engr.arizona.edu] has left #bitcoin-wizards []		12:32
-!- shesek [~shesek@77.127.13.193] has quit [Ping timeout: 245 seconds]		12:33
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: ZZZzzz…]		12:36
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		12:42
-!- mkarrer [~mkarrer@126.Red-83-32-132.dynamicIP.rima-tde.net] has quit []		12:44
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has quit [Ping timeout: 250 seconds]		12:45
bramc	I wonder about parsimony in signing library APIs. You should be able to squeeze out a few bytes by making the API 'Is this a valid signature of this thing?' instead of 'what is this a signature of?'. Some for the corresponding public key.	12:46
-!- shesek [~shesek@77.127.13.193] has joined #bitcoin-wizards		12:48
bramc	So the verify function takes a target signature, a public key, and a purported signature, and it returns True or False based on whether that signature is valid for that public key and target.	12:50
bramc	But maybe some of this doesn't save any bytes. Or is done that way already. I'll have to work through the details eventually.	12:50
-!- xenog [~xeno@46.7.118.40] has quit [Ping timeout: 240 seconds]		13:01
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: Leaving]		13:01
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		13:02
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		13:02
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer]		13:08
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		13:08
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		13:16
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Ping timeout: 246 seconds]		13:20
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		13:20
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		13:20
-!- lclc [~lucas@unaffiliated/lclc] has quit [Ping timeout: 250 seconds]		13:29
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards		13:32
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Client Quit]		13:32
-!- amincd [1710a2c6@gateway/web/freenode/ip.23.16.162.198] has joined #bitcoin-wizards		13:40
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		13:44
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		13:44
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Remote host closed the connection]		13:53
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Quit: Leaving.]		13:56
-!- lmatteis [uid3300@gateway/web/irccloud.com/x-dzczgkytvrywdzvs] has quit [Quit: Connection closed for inactivity]		14:00
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards		14:03
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Client Quit]		14:06
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		14:12
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 265 seconds]		14:12
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards		14:14
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Ping timeout: 252 seconds]		14:15
-!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has quit [Quit: Leaving]		14:17
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Ping timeout: 264 seconds]		14:19
-!- Profreid [~Profreitt@gateway/vpn/privateinternetaccess/profreid] has quit [Quit: Profreid]		14:21
-!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has joined #bitcoin-wizards		14:22
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards		14:23
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Client Quit]		14:23
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards		14:29
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		14:31
-!- moa [~moa@opentransactions/dev/moa] has joined #bitcoin-wizards		14:34
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps]		14:41
ebfull	so i've been way out of the loop... what's going on with SNARKs? any cool advancements or libraries?	14:43
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		14:46
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		14:46
justanotheruser	ebfull: nothing new afaik. theres always been this https://github.com/scipr-lab/libsnark	14:48
-!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has quit [Remote host closed the connection]		14:48
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards		14:49
-!- erasmosp_ [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has quit [Remote host closed the connection]		14:54
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 245 seconds]		14:57
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards		15:05
-!- Quanttek [~quassel@ip1f1171b4.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds]		15:07
-!- grau [~grau@37.143.74.116] has joined #bitcoin-wizards		15:08
-!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has joined #bitcoin-wizards		15:08
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Remote host closed the connection]		15:08
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards		15:11
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		15:30
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Ping timeout: 256 seconds]		15:33
-!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards		15:38
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		15:43
-!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards		15:47
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps]		15:49
-!- jdvs [~John@unaffiliated/jdvs] has joined #bitcoin-wizards		15:49
-!- jdvs [~John@unaffiliated/jdvs] has quit [Quit: leaving]		15:54
-!- xenog [~xeno@46.7.118.40] has quit [Quit: Leaving.]		15:58
-!- xenog [~xeno@46.7.118.40] has joined #bitcoin-wizards		15:59
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		16:06
bramc	ebfull, snarks is quite an amazing thing but so far even with its amazingness appears to be quite impractical.	16:07
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards		16:08
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		16:09
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 256 seconds]		16:11
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 256 seconds]		16:14
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving]		16:17
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps]		16:18
-!- bsm117532 [~bsm117532@static-108-21-236-13.nycmny.fios.verizon.net] has quit [Ping timeout: 252 seconds]		16:21
-!- antgreen [~user@CPE687f74122463-CM84948c2e0610.cpe.net.cable.rogers.com] has joined #bitcoin-wizards		16:21
-!- prodatalab_ is now known as prodatalab		16:24
amiller	bramc, i dunno that seems like an awful summary to me	16:27
amiller	ebfull, here's a short run down.... microsoft research and the scipr team keep going neck and neck with new systems	16:28
amiller	microsoft research made a very practical system called gepetto, that has two layers of recursion (snarks proofs that another snark proof is valid, which can give better efficiency but im at a loss for a simple metaphor to explain why) https://eprint.iacr.org/2014/976.pdf	16:29
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		16:30
bramc	amiller, I have yet to see a proposal for doing something in the real world with snarks which I actually believe can function	16:30
amiller	the scipr team has found a set of parameters that allow for aribtrary layers of snark recursion, which is theoretically great but a) a bit slower than gepetto, b) not a good enough security level, so this is a proof-of-feasilbiyt more than anything else https://eprint.iacr.org/2014/595	16:31
amiller	the scipr team has announced a paper (acepted to oakland15, but draft isnt anywhere online yet i guess) about a good way to do the trusted setup as amultiparty computation with a large number of parties http://www.ieee-security.org/TC/SP2015/program.html	16:32
-!- Dr-G3 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Ping timeout: 246 seconds]		16:33
amiller	some guy made a small language for writing snark systems thats an alternative to the pinocchio c-to-circuits compiler and i guess is better, i haven't looked carefully http://comments.gmane.org/gmane.comp.encryption.general/22047 https://github.com/jancarlsson/snarkfront	16:36
amiller	i updated my nonoutsourceable puzzle paper with more explanation of a concrete multi-tier reward system, there's an implementation using libsnark and pincochio (libsnark was better) but that's the same as the previous version http://cs.umd.edu/~amiller/nonoutsourceable.pdf	16:39
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has joined #bitcoin-wizards		16:39
amiller	gmaxwell says he implemented a snark circuit that can be used with bitcoin today, it proves that the preimage of some hash is the solution to a bunch of a sudoku puzzles or something	16:40
amiller	https://en.bitcoin.it/wiki/Zero_Knowledge_Contingent_Payment#Zero_knowledge_proof_to_binding	16:41
-!- cornus_ammonis [~Cornus@pool-173-73-119-83.washdc.fios.verizon.net] has joined #bitcoin-wizards		16:42
-!- PRab [~chatzilla@c-98-209-175-213.hsd1.mi.comcast.net] has quit [Quit: ChatZilla 0.9.91.1 [Firefox 35.0.1/20150122214805]]		16:43
amiller	finally, zerocash is practical and is being actively developed	16:44
-!- PRab [~chatzilla@c-98-209-175-213.hsd1.mi.comcast.net] has joined #bitcoin-wizards		16:44
amiller	ok, that's a short "the past three months in SNARKs"	16:44
ebfull	thanks amiller :)	16:53
-!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards		16:56
-!- hashtag [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 246 seconds]		16:58
bramc	Whether zerocash is practical remains to be seen	17:00
bramc	Somewhat off topic: It turns out that the failing of a black market backed by bitcoin is the accumulation of databases of shipping addresses: http://aeon.co/magazine/technology/on-the-high-seas-of-the-hidden-internet/	17:05
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		17:08
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		17:10
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 245 seconds]		17:15
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer]		17:17
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		17:18
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards		17:26
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 256 seconds]		17:29
-!- fanquake [~anonymous@unaffiliated/fanquake] has joined #bitcoin-wizards		17:32
-!- moa [~moa@opentransactions/dev/moa] has quit [Quit: Leaving.]		17:33
-!- AnxiousGarlic [~Spider@130.225.244.206] has joined #bitcoin-wizards		17:54
-!- AnxiousGarlic [~Spider@130.225.244.206] has left #bitcoin-wizards []		17:54
-!- llllllllll [~lllllllll@6d482698.ftth.concepts.nl] has quit []		18:03
-!- espes__ [~espes@205.185.120.132] has quit [Ping timeout: 252 seconds]		18:03
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer]		18:05
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has joined #bitcoin-wizards		18:05
-!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye]		18:06
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		18:12
andytoshi	adam3us1: so a cool way to think about about your ring signature scheme is to consider the hashes as DL-labelled vertices on a connected directed graph with an edge between A->B whenever B is a hash of some function of A. then the signing algo is: (1) pick a vertex V and compute its hash; (2) for each edge V->W where V has had its hash computed, compute W. if W is already computed, you have to know	18:12
andytoshi	its discrete log else you lose	18:12
andytoshi	(i hope that makes sense serialized to text). in the sig scheme as described your graph is always just a single hamilton cycle	18:12
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		18:12
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		18:13
andytoshi	we can define an "admissible DL set" as one where if you know all the DLs in the set, you can do the signing algo, and the result is a ring signature which proves you know an admissible DL set but hides which one	18:13
andytoshi	this leads to the question (which i am just investigating now in the last 5 minutes), what if you don't just do hamilton cycles? if we do weirdly shaped graphs how creative can we make the admissible sets?	18:14
andytoshi	(for a hamilton cycle, each DL by itself constitutes an admissible set, i.e. you need to know one DL to compute the signature)	18:14
-!- d1ggy_ [~d1ggy@dslb-092-076-000-051.092.076.pools.vodafone-ip.de] has joined #bitcoin-wizards		18:16
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 264 seconds]		18:17
-!- skittylx [~skittylx@ks203868.kimsufi.com] has joined #bitcoin-wizards		18:17
-!- flower [~user@202.44.238.62] has joined #bitcoin-wizards		18:18
-!- espes__ [~espes@205.185.120.132] has joined #bitcoin-wizards		18:18
-!- flower_ [~user@202.44.238.62] has quit [Ping timeout: 256 seconds]		18:20
-!- d1ggy [~d1ggy@dslb-088-071-013-176.088.071.pools.vodafone-ip.de] has quit [Ping timeout: 272 seconds]		18:20
bramc	Well this is an interesting result: In my pos system, if one attacker tries to do withholding attacks they might be able to get favorable forks a little more often from it, but if two attackers do withholding attacks the amount they screw each other from lack of cooperation is greater than the amount they can get ahead from it	18:20
andytoshi	oops, the algo is not actually that simple. each vertex actually has four states "c_i (un)computed" × "s_i (un)computed", and the algo is: for each edge A->B, if A is "c_i uncomputed" set it to "c_i computed"; then if A is "s_i uncomputed" set B "c_i computed" (if it is already, you need to know B's DL else you fail), else if A is "s_i computed" and B "c_i computed" (if it already is, you fail)	18:23
andytoshi	i think, but unsure, what this means is: every irreducible cycle requires you to know an arbitrary DL on the cycle; additionally every vertex with in-degree N requires you to know an arbitrary (N-1) of the N DL's corresponding to its inputs	18:26
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Read error: Connection reset by peer]		18:32
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has joined #bitcoin-wizards		18:32
andytoshi	above i meant "you need to know A's DL else you fail", not B's DL; also the last "and" should be "set"	18:37
-!- xenog [~xeno@46.7.118.40] has quit [Ping timeout: 250 seconds]		18:38
-!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		18:38
-!- Dr-G2 [~Dr-G@gtng-4d08ae67.pool.mediaways.net] has quit [Ping timeout: 246 seconds]		18:41
-!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		18:51
-!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has joined #bitcoin-wizards		18:51
-!- dc17523be3 [~unknown@193.138.219.233] has quit [Ping timeout: 264 seconds]		18:51
-!- dc17523be3 [~unknown@193.138.219.233] has joined #bitcoin-wizards		18:52
-!- p15 [~p15@89.248.174.54] has joined #bitcoin-wizards		18:55
-!- p15_ [~p15@124.64.96.201] has quit [Ping timeout: 250 seconds]		18:57
-!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has quit [Read error: Connection reset by peer]		19:01
-!- nuke1989 [~nuke@46-163-153.adsl.cyta.gr] has joined #bitcoin-wizards		19:02
-!- damethos [~damethos@unaffiliated/damethos] has quit [Ping timeout: 264 seconds]		19:03
andytoshi	i am assuming each hash is H(L, m, y_i^{s_i} g^{c_i}) where i runs through all the input nodes (so you get a bunch of simultaneous equations), not sure that doing anything else is worth how much harder it makes this to analyze	19:04
-!- gmaxwell [greg@wikimedia/KatWalsh/x-0001] has joined #bitcoin-wizards		19:06
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has joined #bitcoin-wizards		19:16
-!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has quit [Read error: Connection reset by peer]		19:19
-!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		19:20
-!- bigpup3 [~bigpuppy@pool-173-66-42-3.washdc.fios.verizon.net] has joined #bitcoin-wizards		19:22
-!- ryanxcharles [~ryan@2601:9:4680:dd0:d48a:363e:5916:7ebb] has quit [Quit: Leaving]		19:22
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		19:24
-!- Cory [~Cory@unaffiliated/cory] has quit []		19:25
-!- OneNomos [~OneNomos@pool-71-163-227-3.washdc.east.verizon.net] has quit [Remote host closed the connection]		19:25
-!- bigpup3 [~bigpuppy@pool-173-66-42-3.washdc.fios.verizon.net] has quit [Quit: Leaving]		19:25
-!- bigpup3 [~bigpuppy@pool-173-66-42-3.washdc.fios.verizon.net] has joined #bitcoin-wizards		19:26
-!- Dr-G3 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Ping timeout: 244 seconds]		19:27
-!- ryanxcharles [~ryan@2601:9:4680:dd0:7c46:e371:e28e:f441] has joined #bitcoin-wizards		19:33
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		19:50
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		19:51
-!- Cory [~Cory@unaffiliated/cory] has joined #bitcoin-wizards		19:52
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit []		19:54
bramc	Writing a better sim than I had before, it turns out that the attacker's bonus from pooling in the simple case was worse than I thought	19:56
bramc	That said, using nth best helps a lot	19:56
-!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 272 seconds]		20:03
-!- licnep [uid4387@gateway/web/irccloud.com/x-qjenyklceftbsion] has joined #bitcoin-wizards		20:05
-!- brisque [~brisque@unaffiliated/brisque] has joined #bitcoin-wizards		20:12
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		20:14
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		20:16
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		20:17
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 245 seconds]		20:19
-!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has joined #bitcoin-wizards		20:19
-!- jps [~Jud@cpe-74-72-116-143.nyc.res.rr.com] has quit [Quit: jps]		20:19
-!- hashtagg_ [~hashtag@CPE-69-23-213-3.wi.res.rr.com] has quit [Ping timeout: 246 seconds]		20:23
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:443c:ddbe:5bf5:b260] has quit [Ping timeout: 265 seconds]		20:48
-!- [7] [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services]		20:52
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards		20:52
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards		20:54
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 240 seconds]		20:54
-!- grau [~grau@37.143.74.116] has quit []		20:55
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		20:58
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Ping timeout: 250 seconds]		21:02
-!- zwischenzug [~zwischenz@pool-108-51-197-41.washdc.fios.verizon.net] has joined #bitcoin-wizards		21:03
-!- coiner [~linker@115.79.55.177] has joined #bitcoin-wizards		21:10
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards		21:10
-!- cryptowest [~cryptowes@191.101.1.104] has quit [Excess Flood]		21:13
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has joined #bitcoin-wizards		21:15
-!- cryptowest [~cryptowes@191.101.1.104] has joined #bitcoin-wizards		21:17
-!- vmatekole [~vmatekole@f052091088.adsl.alicedsl.de] has quit [Ping timeout: 256 seconds]		21:19
bramc	argh	21:22
-!- erasmospunk [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has joined #bitcoin-wizards		21:25
bramc	Making very pessimistic assumptions about an attacker's other possibilities, an attacker gets a lot more pooling advantage than I'd like	21:28
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:443c:ddbe:5bf5:b260] has joined #bitcoin-wizards		21:47
bramc	I should throw in the requirement that the nth best has to be endorsed by all the ones below it. That makes the attacks work a lot less.	21:49
bramc	Or maybe that the nth best has to list the ones below it. Need to work this out.	21:53
-!- skittylx [~skittylx@ks203868.kimsufi.com] has quit [Quit: Bye]		21:56
bramc	Okay even the listing ones below it thing works well, but, sigh, doing better than that creates massive headaches for the protocol.	21:57
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: Later.]		22:01
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has quit [Quit: Leaving.]		22:04
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		22:06
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		22:07
-!- p15_ [~p15@198.50.160.97.static-ca.cryptolayer.com] has joined #bitcoin-wizards		22:08
-!- p15 [~p15@89.248.174.54] has quit [Ping timeout: 244 seconds]		22:10
-!- licnep [uid4387@gateway/web/irccloud.com/x-qjenyklceftbsion] has quit [Quit: Connection closed for inactivity]		22:13
-!- hktud0 [ncidsk@unaffiliated/fluffybunny] has quit [Read error: Connection reset by peer]		22:15
-!- hktud0 [wq@unaffiliated/fluffybunny] has joined #bitcoin-wizards		22:17
bramc	The short of it is that setting n to 2 or 3 works best, and it's critically important that the nth best sign off on the ones below it. Things work better if the lower ones have to sign off on the higher ones as well, but I'll have to think about that some more, it creates awful edge cases when things don't get completed properly	22:18
bramc	Grumble grumble. At least I've got things working somewhat acceptably. My n is either going to be 2 or 3, I'm fairly sure of that now.	22:22
brisque	what happens if they refuse to "endorse"?	22:23
-!- moa [~moa@opentransactions/dev/moa] has joined #bitcoin-wizards		22:28
-!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has quit [Ping timeout: 250 seconds]		22:31
-!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has joined #bitcoin-wizards		22:32
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		22:33
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		22:34
-!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 252 seconds]		22:35
bramc	brisque, then the next one lower will endorse and they won't get their share of the mining reward	22:37
bramc	At least, that's the way it is in the case where the nth best has to list the ones better than it. In the case where there's mutual interconnected endorsement it gets a lot more complicated and the failure modes are much more of a headache.	22:38
-!- wallet42 [~wallet42@home-tomis2.rdsct.ro] has joined #bitcoin-wizards		22:41
bramc	With full mutual endorsement required even n=2 works fairly well. That may turn out to be the way to go.	22:41
bramc	It's possible than a fair number of people reading have no idea what I'm talking about	22:43
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		22:49
gwillen	bramc: I don't suppose there's a summary somewhere	22:51
gwillen	I'm curious enough to read it if there is	22:51
bramc	gwillen, Unfortunately no, it's rather complicated and a bit of a moving target. A bunch of the blockstream people have an idea because I explained it to them in person	22:52
gwillen	bramc: yeah, I am only recently a blockstream employee so I've heard bits and pieces from them, and bits and pieces in here, but unfortunately I missed hearing about it in person	22:53
-!- zwischenzug [~zwischenz@pool-108-51-197-41.washdc.fios.verizon.net] has quit [Remote host closed the connection]		22:53
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards		22:53
bramc	The too short summary is that I'm working on a cryptocurrency where the mining is based on proofs of storage, with a whole lot of crazy engineering resulting to avoid grinding	22:54
gwillen	ahhh, okay, yes; the basic scheme was described to me, as of when you described it to the blockstream people	22:55
bramc	There's some commentary in the stuff about proofs of stake systems that intuitively it seems like there should be no way of avoiding grinding but noone's found a rigorous proof of it. It turns out that it is avoidable (sort of, with limitations) but doing proofs of storage is vastly less problematic than proofs of stake.	22:56
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		22:58
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		22:59
bramc	Right now I'm working on reducing the potential for what grinding potential remains in my scheme. It can't be completely eliminated, but it can be reduced. It's looking like I'll get down to something like if you have a 10% pool you'll be able to get a 1% or .1% bonus, and if you can make a 40% pool you can get a 10% or 1% bonus	22:59
bramc	depending on how the parameters are set.	22:59
gwillen	interesting	22:59
bramc	There's also some tradeoffs to how much advantage someone with a faster spow can get	23:00
* gwillen nods		23:00
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 240 seconds]		23:01
bramc	The short of what I'm working on now is making it use the nth best match for determining the next challenge, where the n best have to be found collaboratively, so an attacker working on a fork is a lot less likely to have their fork get ahead.	23:03
-!- hktud0 [wq@unaffiliated/fluffybunny] has quit [Read error: Connection reset by peer]		23:06
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]		23:06
-!- hktud0 [wq@unaffiliated/fluffybunny] has joined #bitcoin-wizards		23:08
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit [Remote host closed the connection]		23:10
-!- bedeho [~bedeho@195.159.234.190] has quit [Ping timeout: 244 seconds]		23:25
-!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has quit [Quit: This computer has gone to sleep]		23:25
-!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards		23:26
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		23:28
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has joined #bitcoin-wizards		23:28
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 245 seconds]		23:29
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has joined #bitcoin-wizards		23:32
-!- cbeams [~cbeams@chello084114181075.1.15.vie.surfer.at] has quit [Changing host]		23:32
-!- cbeams [~cbeams@unaffiliated/cbeams] has joined #bitcoin-wizards		23:32
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaWays.net] has quit [Read error: Connection reset by peer]		23:34
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has joined #bitcoin-wizards		23:34
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Remote host closed the connection]		23:37
-!- bedeho [~bedeho@195.159.234.190] has joined #bitcoin-wizards		23:40
-!- cornus_ammonis [~Cornus@pool-173-73-119-83.washdc.fios.verizon.net] has quit [Ping timeout: 256 seconds]		23:41
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards		23:47
-!- cbeams [~cbeams@unaffiliated/cbeams] has quit []		23:50
-!- Dr-G2 [~Dr-G@gtng-4d08a1a5.pool.mediaways.net] has quit [Ping timeout: 256 seconds]		23:51
-!- null_radix [Elite7851@gateway/shell/elitebnc/x-cmutzjhanxdesdbi] has quit [Ping timeout: 252 seconds]		23:52
--- Log closed Mon Mar 02 00:00:09 2015

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!