2015-09-04.log

--- Log opened Fri Sep 04 00:00:00 2015
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds]00:00
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]00:01
-!- ebfull [~ebfull@73.34.119.0] has quit [Ping timeout: 244 seconds]00:02
-!- DougieBot5000_ [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards00:04
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Killed (hobana.freenode.net (Nickname regained by services))]00:04
-!- DougieBot5000_ is now known as DougieBot500000:04
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has quit [Quit: WeeChat 1.3]00:06
-!- gill3s [~gill3s@unaffiliated/gill3s] has joined #bitcoin-wizards00:06
-!- deego [~user@unaffiliated/deego] has joined #bitcoin-wizards00:07
-!- veleiro [~veleiro@fsf/member/veleiro] has quit [Ping timeout: 250 seconds]00:11
-!- ebfull [~ebfull@73.34.119.0] has joined #bitcoin-wizards00:16
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]00:20
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has quit [Quit: Leaving.]00:21
-!- rubensayshi [~ruben@91.206.81.13] has joined #bitcoin-wizards00:21
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards00:21
-!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards00:28
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards00:35
-!- NLNico [~NLNico@unaffiliated/nlnico] has joined #bitcoin-wizards01:06
-!- priidu [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards01:11
-!- spinza [~spin@197.89.184.38] has quit [Excess Flood]01:13
-!- spinza [~spin@197.89.184.38] has joined #bitcoin-wizards01:20
-!- NLNico [~NLNico@unaffiliated/nlnico] has quit [Ping timeout: 250 seconds]01:33
-!- NLNico [~NLNico@unaffiliated/nlnico] has joined #bitcoin-wizards01:35
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.]01:37
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has joined #bitcoin-wizards01:50
-!- NLNico [~NLNico@unaffiliated/nlnico] has quit [Ping timeout: 255 seconds]01:59
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 240 seconds]02:01
-!- NLNico [~NLNico@unaffiliated/nlnico] has joined #bitcoin-wizards02:01
-!- nullbyte [~NSA@193.138.219.233] has quit [Ping timeout: 265 seconds]02:08
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards02:16
-!- metamarc [~cypher@unaffiliated/agorist000] has joined #bitcoin-wizards02:17
-!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards02:18
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Ping timeout: 250 seconds]02:25
-!- gmaxwell [greg@wikimedia/KatWalsh/x-0001] has quit [Ping timeout: 246 seconds]02:25
-!- gmaxwell [greg@mf4-xiph.osuosl.org] has joined #bitcoin-wizards02:25
-!- gmaxwell is now known as Guest3627002:26
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards02:33
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards02:38
-!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 240 seconds]02:41
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 268 seconds]02:45
-!- Ylbam [uid99779@gateway/web/irccloud.com/x-shdkzlaqgecziert] has quit [Quit: Connection closed for inactivity]03:00
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards03:06
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Ping timeout: 244 seconds]03:14
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards03:16
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 272 seconds]03:23
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards03:27
-!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has joined #bitcoin-wizards03:58
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Quit: Quitte]04:09
-!- harding [~harding@mail.dtrt.org] has joined #bitcoin-wizards04:17
-!- King_Rex [~King_Rex@53.sub-70-193-64.myvzw.com] has joined #bitcoin-wizards04:35
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards04:38
-!- warptangent [~warptan@unaffiliated/warptangent] has quit [Remote host closed the connection]04:38
-!- warptangent [~warptan@unaffiliated/warptangent] has joined #bitcoin-wizards04:47
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer]04:48
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards04:49
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards05:02
-!- fuc [~fuc@ool-43571e2c.dyn.optonline.net] has joined #bitcoin-wizards05:18
-!- fuc is now known as mrhodl05:18
-!- mrhodl [~fuc@ool-43571e2c.dyn.optonline.net] has quit [Client Quit]05:18
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ]05:18
-!- Ylbam [uid99779@gateway/web/irccloud.com/x-wswgyjzrlpvyjnfo] has joined #bitcoin-wizards05:21
-!- Quanttek [~quassel@ip1f11db5b.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards05:21
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has joined #bitcoin-wizards05:39
-!- MrHodl [~fuc@185.22.183.202] has joined #bitcoin-wizards05:42
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Quit: Leaving]05:50
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards05:52
-!- davispuh [~quassel@212.93.100.199] has joined #bitcoin-wizards05:54
-!- binaryFate [~jeremie@joule.ulb.ac.be] has joined #bitcoin-wizards05:56
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has joined #bitcoin-wizards06:00
-!- damethos [~damethos@unaffiliated/damethos] has quit [Remote host closed the connection]06:06
-!- kang_ [67efe9d5@gateway/web/freenode/ip.103.239.233.213] has joined #bitcoin-wizards06:15
-!- c0rw|zZz is now known as c0rw1n06:17
-!- afk11 [~afk11@unaffiliated/afk11] has joined #bitcoin-wizards06:17
-!- davispuh [~quassel@212.93.100.199] has quit [Ping timeout: 264 seconds]06:20
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Read error: Connection reset by peer]06:20
-!- Emcy [~MC@cpc3-swan1-0-0-cust996.7-3.cable.virginm.net] has joined #bitcoin-wizards06:22
-!- Emcy [~MC@cpc3-swan1-0-0-cust996.7-3.cable.virginm.net] has quit [Changing host]06:22
-!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards06:22
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards06:26
-!- hazirafel [~ufoinc@31.154.91.221] has joined #bitcoin-wizards06:29
-!- MrHodl [~fuc@185.22.183.202] has quit []06:31
-!- rubensayshi [~ruben@91.206.81.13] has quit [Read error: Connection reset by peer]06:34
-!- ufoinc__ [~ufoinc@31.154.91.221] has joined #bitcoin-wizards06:34
-!- rubensayshi [~ruben@91.206.81.13] has joined #bitcoin-wizards06:34
-!- hazirafel [~ufoinc@31.154.91.221] has quit [Ping timeout: 252 seconds]06:38
-!- ufoinc__ [~ufoinc@31.154.91.221] has quit [Ping timeout: 256 seconds]06:38
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards06:39
-!- GGuyZ [~GGuyZ@dhcp-18-189-28-106.dyn.mit.edu] has joined #bitcoin-wizards06:41
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards06:44
-!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards06:52
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards07:10
-!- eudoxia [~eudoxia@r167-57-55-201.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards07:11
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards07:14
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has left #bitcoin-wizards []07:18
-!- chris13243 [~chris@107.25.161.212] has joined #bitcoin-wizards07:25
-!- NLNico_ [~NLNico@unaffiliated/nlnico] has joined #bitcoin-wizards07:27
-!- NLNico [~NLNico@unaffiliated/nlnico] has quit [Read error: Connection reset by peer]07:27
-!- chris13243 [~chris@107.25.161.212] has quit [Ping timeout: 264 seconds]07:34
-!- Guest36270 [greg@mf4-xiph.osuosl.org] has quit [Changing host]07:43
-!- Guest36270 [greg@wikimedia/KatWalsh/x-0001] has joined #bitcoin-wizards07:43
-!- Guest36270 is now known as gmaxwell07:43
-!- GGuyZ [~GGuyZ@dhcp-18-189-28-106.dyn.mit.edu] has quit [Quit: GGuyZ]07:51
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards07:56
-!- chris13243 [~chris@108.121.115.250] has joined #bitcoin-wizards07:56
-!- NLNico_ [~NLNico@unaffiliated/nlnico] has quit [Ping timeout: 240 seconds]07:57
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has joined #bitcoin-wizards07:58
-!- NLNico_ [~NLNico@unaffiliated/nlnico] has joined #bitcoin-wizards08:01
-!- nwilcox [~nwilcox@74-95-207-205-SFBA.hfc.comcastbusiness.net] has joined #bitcoin-wizards08:03
-!- shen_noe [~shen_noe@104.156.228.141] has quit [Quit: Leaving]08:05
-!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards08:13
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds]08:14
-!- NLNico_ [~NLNico@unaffiliated/nlnico] has quit [Ping timeout: 252 seconds]08:18
-!- chris13243 [~chris@108.121.115.250] has quit [Ping timeout: 244 seconds]08:24
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 240 seconds]08:26
-!- mkarrer_ [~mkarrer@165.Red-83-55-152.dynamicIP.rima-tde.net] has joined #bitcoin-wizards08:27
-!- mkarrer [~mkarrer@77.Red-81-33-48.dynamicIP.rima-tde.net] has quit [Read error: Connection reset by peer]08:27
-!- mkarrer_ [~mkarrer@165.Red-83-55-152.dynamicIP.rima-tde.net] has quit [Remote host closed the connection]08:28
-!- mkarrer [~mkarrer@247.Red-83-36-8.dynamicIP.rima-tde.net] has joined #bitcoin-wizards08:28
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Remote host closed the connection]08:29
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has quit [Quit: WeeChat 1.4-dev]08:30
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards08:48
-!- NLNico [~NLNico@unaffiliated/nlnico] has joined #bitcoin-wizards08:50
-!- nwilcox [~nwilcox@74-95-207-205-SFBA.hfc.comcastbusiness.net] has quit [Ping timeout: 268 seconds]08:54
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]09:00
-!- chris13243 [~chris@72-57-138-43.pools.spcsdns.net] has joined #bitcoin-wizards09:00
-!- nullbyte [~NSA@198.203.28.43] has joined #bitcoin-wizards09:00
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has joined #bitcoin-wizards09:01
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has quit [Client Quit]09:02
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has joined #bitcoin-wizards09:03
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has quit [Client Quit]09:03
-!- NLNico [~NLNico@unaffiliated/nlnico] has quit [Quit: Leaving]09:05
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has joined #bitcoin-wizards09:05
-!- trippysalmon [rob@2001:984:6466:0:51d:b5ab:ab61:bed8] has joined #bitcoin-wizards09:05
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards09:07
-!- nullbyte [~NSA@198.203.28.43] has quit [Ping timeout: 264 seconds]09:08
-!- hazirafel [~ufoinc@31.154.91.221] has joined #bitcoin-wizards09:12
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Remote host closed the connection]09:24
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards09:28
-!- hazirafel [~ufoinc@31.154.91.221] has quit [Read error: Connection reset by peer]09:29
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards09:36
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards09:40
-!- gill3s [~gill3s@unaffiliated/gill3s] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]09:44
-!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 260 seconds]09:46
-!- chris13243 [~chris@72-57-138-43.pools.spcsdns.net] has quit [Ping timeout: 252 seconds]09:46
-!- priidu [~priidu@unaffiliated/priidu] has quit [Ping timeout: 268 seconds]09:48
-!- nullbyte [~NSA@198.203.28.43] has joined #bitcoin-wizards09:52
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has quit [Read error: Connection reset by peer]09:55
-!- kang_ [67efe9d5@gateway/web/freenode/ip.103.239.233.213] has quit [Quit: Page closed]09:55
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has joined #bitcoin-wizards09:57
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 246 seconds]09:59
-!- firebird_ [b90c2f30@gateway/web/freenode/ip.185.12.47.48] has joined #bitcoin-wizards10:00
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards10:00
firebird_https://bytecoin.org/blog/cryptonote-aggregate-addresses-whitepaper/10:00
kanzurehttps://bytecoin.org/static/files/docs/aggregate-addresses.pdf10:01
-!- ginah [~nahnah@50.248.81.66] has quit [Remote host closed the connection]10:06
dEBRUYNEkanzure, firebird_: Monero already integrated that, see -> https://github.com/monero-project/bitmonero/pull/317 & subsequent -> https://github.com/monero-project/bitmonero/pull/36110:08
kanzureheh using pastebin for proposals.. oh well. http://pastebin.com/bp5RKXuC10:09
-!- afk11 [~afk11@unaffiliated/afk11] has quit [Read error: Connection reset by peer]10:09
-!- estem [~estem@50.248.81.66] has joined #bitcoin-wizards10:10
gmaxwellfirebird_: thanks, I'd be surprised if the same observation wasn't made in prior stealth address discussions in bitcoin.10:10
-!- kmels [~kmels@186.64.110.122] has joined #bitcoin-wizards10:12
gmaxwellTo save people time,  when scanning transactions, the transaction contains the ephemeral public key R. You'd look for your address as  P =  H(aR)G + B  where a is your viewing secret and B is your spending pubkey.10:12
firebird_I'm not sure it works the same way in Monero10:12
gmaxwellThe paper suggests that you compute D = H(aR)G   and then for each output perform a point subtraction to recover the apparent B.10:12
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards10:13
gmaxwellThis lets you have many distinct spending private keys, with one scanning key.  The advantage of doing so is that you don't have to do seperate ECDH work per spending private key.10:13
gmaxwellAnd the advantage of that is that if you're a webwallet you can tall customers apart.10:14
dEBRUYNEfirebird_: Paging fluffypony to elaborate :P10:14
fluffyponydEBRUYNE: no we did something different10:15
fluffyponywe have a third component, a short payment ID, that is optional and encrypted10:16
fluffypony(well, optionally encrypted)10:16
gmaxwellI think the complexity claim in the paper is bogus, It's staying it takes the complexity from Addresses * Txn to Addresses+Txn, but thats only true if you totally discount the point additions.   The ECDH is probably only about (say) 20x slower than the point additions (as those adds will need a sqrt, a ge+gej, and a modular inversion), so I don't think it's reasonable to ignore them.10:17
fluffyponygmaxwell: agreed10:17
gmaxwellfluffypony: is the payment ID stuff adequate for web-ishwallets and such?10:18
-!- jack-jack [b23fe762@gateway/web/freenode/ip.178.63.231.98] has joined #bitcoin-wizards10:18
fluffyponygmaxwell: no, more for deposit-taking systems where they provide the payment ID to the payee, and then they're able to identify incoming transactions for that user10:18
gmaxwellYea, so I think this is perhaps a worthwhile approach, but not amazing. :)10:19
fluffyponythe one-viewkey-many-spendkeys idea for a webwallet is an interesting application of it10:19
fluffyponyI don't see that they've realised that is even a possibility10:19
gmaxwellhahah10:20
fluffyponyso well done gmaxwell, you've figured out a novel application of their scheme10:20
fluffyponythat actually gives it value :-P10:20
gmaxwellI usually have to come up with an application for something in order to understand it.10:20
gmaxwellBut indeed, they don't really seem to explicitly call that out.10:20
gmaxwellBut you can give them a bit more credit, they might have been thinking it and just not communicated it really well.10:20
fluffyponyI couldn't come up with an application for it, so I rejected it as pointless, but I was thinking in terms of a single user's wallet (in which case if you want separate "addresses" for fear of them being associated together you'd have to roll both keys)10:21
-!- rubensayshi [~ruben@91.206.81.13] has quit [Ping timeout: 240 seconds]10:21
fluffyponygmaxwell: nah, their conclusion: "Aggregate addresses is the solution that significantly improves Bytecoin transaction processing for services. This scheme is useful for all CryptoNote currencies as it drastically upgrades user experience and effectively depreciates Payment ID."10:21
jack-jackI'm sorry, joined I joined in the middle of the chat10:22
fluffyponyjack-jack: you're forgiven10:22
jack-jackwhat's the novelty application that gmaxwell came up with?10:23
gmaxwellOkay I was slightly wrong on the above   complexity is    ECDH * Transactions + Sqrt,GeGej,Inv * Outputs + hashtable,  OR  it's ECDH * Transactions + Sqrt,GeGej,Fe * Outputs * Addresses.   It is a complexity improvement over ECDH * Transactions * Addresses.10:23
fluffyponyjack-jack: one lemon tree, but the tree doesn't know who owns individual lemons10:23
gmaxwellfluffypony: yea, I think its a dumb replacement for payment ID.10:23
-!- nullbyte [~NSA@198.203.28.43] has quit [Ping timeout: 244 seconds]10:23
gmaxwellIt's not a complexity improvement over payment ID, but it may be a usability/security improvement of it.10:24
fluffyponyyeah, which we achieved by first serializing the payment ID into the address, and then shortening + encrypting it10:24
fluffypony(because there's no difference between a 95-char address and a 150ish-char address10:25
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards10:25
jack-jack150 chars is more than a tweet :)10:26
fluffyponyheh heh10:26
fluffyponypayment IDs are optional, and you can use OpenAlias in a tweet anyway :)10:26
-!- nullbyte [NSA@gateway/vpn/mullvad/x-ageuuwqziecnlihq] has joined #bitcoin-wizards10:26
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has quit [Quit: WeeChat 1.4-dev]10:26
-!- ghtdak [~ghtdak@unaffiliated/ghtdak] has joined #bitcoin-wizards10:26
jack-jackand why including pid at all?10:27
gmaxwelloh their scheme has a privacy flaw.10:27
kanzuredoes it make sense to use pow for situations like "supernode with signing pool federated consensus has fraud proof showing fraud, network has to decide on alternative non-fraudulent signing pool, use pow to do a first-past-the-post election race for alternative signing pool for whole network to switch to"? this seems to fail for things like "oops the alternative signing pool/server supernode the network has picked doesn't actually have ...10:27
kanzure... the necessary capacity".10:27
kanzure(this is for "graceful recovery of catastrophic consensus failures, like an evil mining cartel or evil fraudulent supernode")10:28
gmaxwellYea, privacy of their scheme is busted.10:28
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]10:28
fluffyponyjack-jack: to identify payments without the payee having to tell you the details of the transaction10:29
jack-jackgmaxwell: what do you mean?10:29
gmaxwellLets imagine that there addresses with keys  (a, B1), (a, B2), (a, B3)  which are known to you.  A transaction shows up on the network with two outputs P1 and P2 and you would like to test the hypothesis that the transaction pays B1 and B2.10:29
kanzureoh actually i guess it would be pretty hard to pick a machine that did not have the necessary capacity- even trash laptops these days can do 20k/sec transaction verification. but someone might have put up their arduino as an alternative :-)...10:29
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Ping timeout: 240 seconds]10:29
gmaxwellSo you check if P1 - P2 == B1 - B2  and if the relation holds, the transaction pays those two addresses.   This is because P1 = B1 + D  and P2 = B2 + D    and the D (contribution of the ephemeral part) cancels under addition.10:30
gmaxwellI feel stupid to have not seen that immediately. :(10:30
gmaxwellLook right?10:30
fluffyponyah10:32
fluffyponypity10:33
ryan-cjack-jack: note that twitter allows tweets to contain 140 characters - which can be more than 140 bytes total10:33
gmaxwellThis can be fixed, if the scheme does ECDH per output instead of per transaction.  Even just the Hash. E.g.   H(index||aR)G  changing the complexities from O(transactions) to O(outputs)10:34
gmaxwellI guess I'll write a short little latex formated note so people will find my cryptanalysis credible. lol.10:35
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards10:35
ryan-cheh10:35
ryan-cit's funny how much more credible latex makes things10:35
gmaxwellhm. I created a directory called "crytponote.b" and it struck me how much that sounds like a virus name. :P10:36
-!- c0rw1n [~c0rw1n@228.208-241-81.adsl-dyn.isp.belgacom.be] has quit [Read error: Connection reset by peer]10:36
-!- c0rw1n [~c0rw1n@228.208-241-81.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards10:37
jack-jackgmaxwell: > This can be fixed, if the scheme does ECDH per output instead of per transaction.  Even just the Hash. E.g.   H(index||aR)G  changing the complexities from O(transactions) to O(outputs)10:37
jack-jackgmaxwell: actually, it is the way it is implemented10:37
jack-jack;)10:37
ryan-cgmaxwell: It looks like you're trying to write a ransomeware. Would you like help?10:38
jack-jackhttps://cryptonote.org/cns/cns006.txt10:38
jack-jack>> one-time public key P = H(r*A || n)*G + B10:38
gmaxwelljack-jack: That isn't what the paper describes. It also increases the computational complexity considerably, as it means a fixed basis multiply per output.10:38
jack-jackthe number of output is also hashed10:39
fluffyponyalso lol @ 201210:39
jack-jackhowever it was omitted both in original CN whitepaper and this one10:39
-!- CodeShark [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards10:39
jack-jackgj10:40
fluffyponyby original you mean the fake v1 that had all the bits ripped out from v2 but left footnotes in that referred to non-existent sections?10:40
jack-jackby original I mean the whitepaper that allowed you to have a meaningful life :)10:40
jack-jackbut that's not the point10:40
jack-jackfinally, R is random10:41
jack-jackah, nope comment on R is irrelevant in case of 1 tx10:43
jack-jackR is common, but considering output number being hashed, D's will be different for different outputs10:43
-!- c0rw1n is now known as greenbat10:45
jack-jackI should agree, this whitepaper messes up the things actually implemented. Here: "First, for each transaction, the derivation is computed: D = Hs(aR)G" should be "for each output".10:47
jack-jackBut that's not an uncommon mistake, thanks for the feedback10:48
gmaxwellIt can't say "for each output" because there is no output specific index anywhere.10:48
-!- trippysalmon [rob@2001:984:6466:0:51d:b5ab:ab61:bed8] has quit [Ping timeout: 250 seconds]10:49
-!- jojva [~dev@shattrath.sceen.net] has quit [Quit: Quitte]10:49
jack-jackyep, oversimplified10:50
jack-jackgmaxwell: >It also increases the computational complexity considerably, as it means a fixed basis multiply per output10:51
jack-jackthat's actually what was stated: "As a result, the time it takes to process M outputs if there are N users is proportional to M + N, not M · N as with the naive approach"10:51
jack-jackgmaxwell: it should be as follows: "First, for each output, the derivation is computed: D = Hs(aR||n)G, where n is the index of the output in the transaction"10:54
gmaxwellD needs a subscript.10:54
gmaxwellIf you're revising the paper, feel free to thank me for commentary.10:55
gmaxwellDn = Hs(aR||n)G   and  Pn = Bn + Dn    in the sender   and    Bn = Pn - Dn in the reciever.  and lookup Bn in the hashtable.10:56
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards10:58
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has quit [Ping timeout: 244 seconds]10:58
-!- greenbat is now known as c0rw1n10:59
-!- davispuh [~quassel@212.93.100.199] has joined #bitcoin-wizards10:59
-!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards11:01
gmaxwell10:30 < xiphmont> I wonder if USB superposition implies that cellphones are quantum 1/2 spin devices and, if so, can they be entangled?11:01
gmaxwell10:33 < gnafu> How can they get entangled?  They're wireless!11:01
gmaxwell10:56 < TD-Linux> spook action at a distance11:01
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]11:03
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 252 seconds]11:04
petertoddwhat's the current status of stuff like moxie for deterministic code execution? looks like there's moxie, ethereum vm, bitcoin script, and... ?11:04
-!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 264 seconds]11:05
tromp_TinyRAM11:07
tromp_see http://www.scipr-lab.org/specs.html11:07
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 246 seconds]11:07
petertoddtromp_: thanks!11:08
-!- chris13243 [~chris@72-62-133-13.pools.spcsdns.net] has joined #bitcoin-wizards11:08
petertodd"The TinyRAM architecture is a random-access machine designed to be a convenient tool for expressing the correctness of nondeterministic computations." <- _non_deterministic?!11:08
petertoddinteresting definition they must be using11:09
kanzurealso there's this thing https://github.com/pepper-project/tinyram11:09
petertoddpresumably that's in relation to how the proofs hide stuff, or something :/11:09
-!- CodeShark [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has quit []11:09
petertoddkanzure: thanks11:09
kanzurewas trying to convince andytoshi to infiltrate that group to see what's up (since it's local to him)11:09
petertoddheh11:10
-!- Quanttek [~quassel@ip1f11db5b.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds]11:10
petertoddI'm trying to figure out what's a reasonable recommendation to make to a client(s) about what direction to be going in for smartcontracts crud11:10
kanzurealso https://github.com/scipr-lab/libsnark/blob/1767d5d9602fb8ac2ce9fa928c9dfc0d78975bf2/src/relations/ram_computations/rams/examples/ram_examples.tcc11:13
tromp_so that would depend on whether they want to do zero knowledge proofs for their smart contracts11:13
-!- shen_noe [~shen_noe@104.156.228.141] has joined #bitcoin-wizards11:13
petertoddIMO zero-knowledge proofs are too early to trust, so it'd just be to have a secure VM that can't be escaped11:14
phantomcircuitpetertodd, afaik the only solution to receive significant review is bitcoin script11:14
phantomcircuitfun11:14
petertoddphantomcircuit: heh, I can believe that11:14
tromp_There's also http://oblivm.com/hawk/ which must have a vm hidden in there11:15
petertoddphantomcircuit: OTOH, I know of someone using the python isolation tools for this... I basically said I'd have to say in my security review that we're assuming there is no security, and they (fortunately!) agreed11:15
phantomcircuitha11:16
petertoddtromp_: huh, never seen hawk before11:16
-!- jack-jack [b23fe762@gateway/web/freenode/ip.178.63.231.98] has quit [Quit: Page closed]11:17
tromp_and then there's Tezos and Tauchain...11:17
phantomcircuitpetertodd, i would assume that most sandboxing mechanisms have some kind of time limit on execution11:18
phantomcircuitrather than a resource counter11:18
petertoddphantomcircuit: yeah, I think time/space limits are the way to go for engineering simplicity11:18
phantomcircuitwhich is bad11:18
phantomcircuittime restrictions are bad11:18
petertoddphantomcircuit: ah, yeah, wallclock time is very bad11:18
petertoddphantomcircuit: needs to be instruction "time"11:18
phantomcircuityeah11:18
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards11:22
-!- GGuyZ [~GGuyZ@172.56.22.156] has joined #bitcoin-wizards11:22
-!- chris13243 [~chris@72-62-133-13.pools.spcsdns.net] has quit [Ping timeout: 264 seconds]11:25
-!- nullbyte [NSA@gateway/vpn/mullvad/x-ageuuwqziecnlihq] has quit [Ping timeout: 246 seconds]11:25
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bhaoenjwhxyghjgn] has joined #bitcoin-wizards11:26
-!- CodeShark [CodeShark@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards11:30
gmaxwellI found moxie when looking for something like tinyram. .. no code available for tinyram AFAIK, and moxie has pretty nice GCC support, and I heard LLVM/clang was in progress.11:31
gmaxwellphantomcircuit: non-determinstic just means that there can be non-public inputs.11:31
-!- veleiro [~veleiro@fsf/member/veleiro] has quit [Quit: Leaving.]11:32
phantomcircuitpetertodd, ^11:32
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 246 seconds]11:32
gmaxwellE.g. you can setup a transcript where you prove F(A,b) == True for some B.   Tinyram itself does nothing to help you hide B, but its setup to not gratitiously inflate the size of the public data for schemes where you can hide inputs.11:33
petertoddgmaxwell: makes sense11:33
petertoddgmaxwell: I'm thinking for practical systems, we'll find the GCC support to be pretty useful11:34
gmaxwellAnd the circuit arithemetic implementing it is especially small, given that.11:34
gmaxwellpetertodd: Yea "no shit".11:34
petertoddgmaxwell: heh :)11:34
gmaxwellpetertodd: so there is a paper on doing interactive proofs for faithful execution on x86.11:35
petertoddgmaxwell: oh!11:35
gmaxwell(because some people like pain)11:35
petertoddgmaxwell: how do the proofs work?11:36
gmaxwelle.g. where you build a hashtree over the transcript and if multiple oracles disagree you do log() queries to find the point of first disagreement then you check that step and reject the bad oracle.11:36
-!- GGuyZ [~GGuyZ@172.56.22.156] has quit [Ping timeout: 246 seconds]11:36
gmaxwellSo it works so long as one oracle is honest.11:36
petertoddgmaxwell: right, sounds very useful11:36
gmaxwellas you'll eventually find the truthteller.11:37
petertoddgmaxwell: has anyone implemented anything like that for moxie? (how many moxie VM's are there? I think I just saw jgarzik's, and the qemu one11:37
gmaxwellNo one has, it wouldn't be hard. the most tricky part is that you need to make the dram a hashtree.11:38
gmaxwellotherwise you can't compactly prove the result of a load instruction.11:38
petertoddgmaxwell: right, and that doens't sound hard to do (modulo speed)11:38
gmaxwellFortuneately moxie has seperate load/store and no other instruction has access to anything but registers.11:39
-!- shen_noe [~shen_noe@104.156.228.141] has quit [Quit: Leaving]11:41
petertoddgmaxwell: right, sounds easy enough11:42
petertoddrelated question: how appropriate is moxie for a scriptPubKey replacement? (including for OpenPGP) Would you want to add some "system calls" for baked in sha256/ecc, etc?11:42
-!- Yoghur114 [~jorn@g227014.upc-g.chello.nl] has joined #bitcoin-wizards11:43
gmaxwellIt really needs crypto accelerators (thats what we'd likely call fixed function units for crypto if we were talking about some SOC)-- performing things like SHA256 directly in it has performance that probably makes it unusable without fancy jit stuff, which defeats some of the assurance purposes.11:44
gmaxwell(and they could easily be done safely and without compromising the assurances, I think).11:44
petertoddmakes sense; has anyone done any prototypes of that?11:44
gmaxwellI have non-released stuff fussing around with it.  Still unsure of the best way to handle it. I'm not sure if anyone has actually played with that.11:45
gmaxwellThe prerhaps bigger issue as a scriptpubkey replacement is that the code is not very succinct.11:45
-!- c0rw1n [~c0rw1n@228.208-241-81.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 244 seconds]11:46
gmaxwellIt's less compact than x86, generally, and no comparison to Script for in-domain things.11:46
-!- firebird_ [b90c2f30@gateway/web/freenode/ip.185.12.47.48] has quit [Quit: Page closed]11:46
gmaxwelle.g. see pieter's key tree stuff where the hashtree stuff is 6 bytes per level (and would be 8 bytes total, if Script had FOR/NEXT like HP RPN does)11:46
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has quit [Quit: Leaving.]11:47
petertoddyeah, already opcodes are at least 16bits for instance11:47
gmaxwellyou obviously also need a setup to provide it access to useful data from the enclosing enviroment.11:47
petertoddbasically some kind of well-defined memmapping - might be nice to adopt a standard function call style for that11:48
gmaxwellthey also just do a lot less. which is good and even essential when targeting it with a C compiler. :)11:48
petertoddyup11:48
Elielwould it really need baked in opcodes? If you can define functions by hash of the function code, only one transaction ever needs to include the function itself and then implementations can then implement optimized versions of specific hashes for often used functions.11:48
gmaxwellEliel: No, because the computational burden of an operation must be normative in a consensus system.11:48
gmaxwellE.g. a side effect of any function is updating the cycle counter, so...11:49
petertoddEliel: that's an approach too, but needs a well-defined function call scheme, and as gmaxwell says, has consensus issues11:49
gmaxwellEliel: what I was actually doing though, in my setup was handling the accelerators using function calls though. Because that made it easier to use standard moxie toolchain.11:49
petertoddgmaxwell: as though the function was calling memory that didn't actually exist?11:50
gmaxwellpetertodd: yea, just in my accelerated version I intercepted the jump and switched to the replacement.11:50
gmaxwellbut otherwise a native version could be used in a dumb machine (e.g. so gdb works)  though the execution wasn't exactly identical.11:51
-!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards11:51
-!- c0rw1n [~c0rw1n@228.208-241-81.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards11:51
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Quit: Leaving.]11:52
Elielalso, for estimating the computational burden for a script. I think I'd approach it by requiring the script to specify an upper limit for itself, that could then be used for determining the transaction fee. You'd incentivize correct upper bounds by automatically failing the script if it violates it's own defined upper bound.11:52
gmaxwellin any case what I'd planned on accelerating was  memcmp/memcmp/bzero/etc. along with hash functions, and ecc (for a couple high performance curves).  I looked into pulling in all of GMP but it seemed like to much work to make certantly safe.11:53
petertoddgmaxwell: sounds like a decent way to handle it would be to basically pretend that part of memory existed, but for some reason couldn't be accessed by the actual code, and for debugging actually load that memory with code implementing the real thing11:53
gmaxwellEliel: yep, absolutely-- discussed here before. Though you need to also ban peers that give you failing scripts (if you weren't already thinking that)11:53
petertoddgmaxwell: all sounds reasonable11:53
Elielgmaxwell: well, that's only necessary for scripts with unusually high upper bounds.11:54
CodeSharkunless we have conditional branching, is there ever a case where computational cost cannot be reasonably estimated simply by parsing?11:55
petertoddgmaxwell: one thing with smartcontract crud is you may have a situation where you want to basically be able to "call" another chunk of user-written code in a deterministic way, and have it either do the calculation fo rreal, or just return a cached answer11:55
petertoddgmaxwell: e.g. so you could split up some massive computation like... verify every transaction in a huge chain11:55
kanzurepetertodd: there has been talk about embedding moxiebox interpreter called by opcode..11:55
gmaxwellCodeShark: nice unless there.  technically we only need a grammer where computational cost is trivial to determine, but compiling general code to such systems is hard.11:56
-!- adam3us [~Adium@178.197.228.122] has joined #bitcoin-wizards11:56
petertoddthe programming model in that case becomes nice and simple to the end user, whre they're just calling functions with names like VerifyTransaction()11:56
CodeSharkin particular, looping on conditionals complicates cost evaluation...or makes it impossible to do so11:58
petertoddCodeShark: well, IMO cost though actual instructions executed is way simpler; our track record of doing otherwise is poor...11:58
gmaxwellCodeShark: cost can be easily and reliably measured by tracing.11:59
gmaxwelland you can abort at the limit.12:00
gmaxwellBasically the input is  cost,script   and yes, someone can send you an incorrect cost, but no less than they can just send you a correct cost but a script that is unsuccessful.12:00
gmaxwellin all cases the upper bound on computation must still be fairly low... though computation could be broken up as PT suggests.12:01
gmaxwellNormally you'd hide the computation from the network using the coinswap transformation.12:02
kanzure"just use a merklized abstract syntax tree to hide the actual computation, and tell everyone they better behave or else" doesn't work?12:02
gmaxwell(or the fancier bonded versions suggested by Ed Felten and his students)12:03
gmaxwellkanzure: sure but the threat has to be credible.12:03
gmaxwellYou can't hide the computation when the network can't actually process it, or the threat is a dead letter.12:03
-!- adam3us [~Adium@178.197.228.122] has quit [Quit: Leaving.]12:03
kanzureexcessive computation causes all outputs to go to fees? :-)12:04
-!- priidu [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards12:04
kanzurebut yes i see your point12:04
gmaxwellkanzure: then I make an invalid spend of your coins that also does excessive computations.12:05
gmaxwellMOAR COINS FOR THE MINE GODS.12:05
jgarzikkanzure, fyi had no bandwidth for review - looks like gud stuf12:06
-!- mkarrer [~mkarrer@247.Red-83-36-8.dynamicIP.rima-tde.net] has quit []12:06
-!- adam3us [~Adium@178.197.232.114] has joined #bitcoin-wizards12:07
-!- mkarrer [~mkarrer@247.Red-83-36-8.dynamicIP.rima-tde.net] has joined #bitcoin-wizards12:07
kanzurejgarzik: thanks12:08
-!- erasmospunk [~erasmospu@179.43.156.162] has joined #bitcoin-wizards12:08
-!- blackwraith [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards12:09
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has joined #bitcoin-wizards12:10
-!- priidu [~priidu@unaffiliated/priidu] has quit [Ping timeout: 260 seconds]12:11
CodeSharkif the computation can be broken up and smaller pieces verified and paid for individually it could work12:12
gmaxwellwell for defined party contracts you can teach the network to perform the interactive protocol I gave above.12:14
gmaxwelland you bond performance.12:14
gmaxwell(by gave I mean cited)12:14
gmaxwell(and by cited I mean mentioned vaguely without giving enough information for you to actually find it)12:14
CodeSharklol12:14
gmaxwell(though I did say enough that you likely don't need the paper)12:14
-!- mountaingoat [~mountaing@unaffiliated/mountaingoat] has quit [Remote host closed the connection]12:14
CodeSharkspeaking of which, I'm putting together a list of commitment structure proposals (UTXO commitments, fraud proofs, etc..) for Montreal. If anyone here would like to have their work included, please PM me12:16
gmaxwellCodeShark: make sure you check with the archivist.12:16
CodeSharkit's for a presentation, gmaxwell12:17
CodeSharkalthough perhaps it will end up becoming a publication12:17
-!- adam3us [~Adium@178.197.232.114] has quit [Quit: Leaving.]12:18
kanzureCodeShark: he means "make sure you ask kanzure for all the links about those things"12:20
CodeSharkoh...ok :)12:20
kanzureCodeShark: asking people for links to their work is unfortunately never going to work12:20
CodeSharkso do you have a list?12:21
kanzureyes... one sec.12:21
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]12:23
kanzureCodeShark: http://diyhpl.us/~bryan/irc/bitcoin/utxo-commitments-or-fraud-proofs.stdout.txt12:23
-!- CohibAA [~CohibAA@unaffiliated/cohibaa] has joined #bitcoin-wizards12:23
CodeSharkwonderful, thank you very much :)12:24
kanzureif you would like me to run a query with another tag please let me know12:24
-!- mountaingoat [~mountaing@unaffiliated/mountaingoat] has joined #bitcoin-wizards12:24
kanzureas for fraud proofs i think this is the best link out of the bunch, at least for describing the necessary types of fraud proofs https://bitcointalk.org/index.php?topic=1103281.msg11743498#msg1174349812:26
CodeSharkright, I had seen that one before - but admittedly I don12:27
CodeSharkI don't spend much time on bitcointalk12:27
CodeSharkso many of the others I haven't fully read through12:27
-!- eudoxia_ [~eudoxia@r167-57-96-88.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards12:27
kanzurealso i double checked and it seems i have some non-github content about proofchains over here: http://0bin.net/paste/vLDRrhx-ALufTR94#DmA7QRjxtKebJ66MJfbQTrVYPUKC1khfdpWT8pdbZpJ12:28
kanzure(single-use seals)12:28
gmaxwellThere is fraud proof discussion I had quite early in bitcoin-dev and on the mailing list I think... back before I realized that the bitcoin whitepaper mentioned them in the SPV section.12:29
CodeSharkheh12:29
petertoddkanzure: thanks, but that should be on github :)12:29
gmaxwellObviously there is that little table on that wiki page from me.12:29
kanzurehttps://github.com/proofchains/python-proofchains12:30
kanzurepetertodd: right, right..12:30
petertoddkanzure: https://github.com/proofchains/python-proofchains/blob/master/proofchains/core/uniquebits/singleuseseal.py12:30
-!- eudoxia_ [~eudoxia@r167-57-96-88.dialup.adsl.anteldata.net.uy] has quit [Client Quit]12:30
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards12:30
kanzurepetertodd: it is hard keeping 4000 links straight12:31
-!- eudoxia [~eudoxia@r167-57-55-201.dialup.adsl.anteldata.net.uy] has quit [Ping timeout: 240 seconds]12:31
-!- hsmiths [uid95325@gateway/web/irccloud.com/x-xtwdoiglfenniqep] has joined #bitcoin-wizards12:32
CodeSharkglad someone's doing this crucial task, kanzure :)12:41
CodeSharkmuch appreciated - we really do need it12:41
kanzureCodeShark: my presentation is a review of all scalability proposals that have been made since 2009. if you have things that you think are in danger of being missed, please send them my way...12:41
CodeSharksure. and mine is on validation costs and incentives. ditto :)12:42
kanzurevalidation costs hmm.12:43
-!- eudoxia [~eudoxia@167.57.96.88] has joined #bitcoin-wizards12:43
kanzuremaybe: https://bitcointalk.org/index.php?topic=206303.0 https://bitcointalk.org/index.php?topic=277471.0 https://bitcointalk.org/index.php?topic=1100305.0 https://bitcointalk.org/index.php?topic=21995.012:43
-!- digitalmagus [~digitalma@unaffiliated/digitalmagus] has quit [Ping timeout: 246 seconds]12:45
-!- chris13243 [~chris@68.27.186.20] has joined #bitcoin-wizards12:49
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has joined #bitcoin-wizards12:51
-!- adam3us [~Adium@178.197.232.153] has joined #bitcoin-wizards12:56
-!- chris13243 [~chris@68.27.186.20] has quit [Ping timeout: 252 seconds]13:02
ghtdakiset13:03
-!- Hunger-- [hunger@proactivesec.com] has quit [Ping timeout: 264 seconds]13:08
-!- tromp__ [~tromp@ool-18be0bd8.dyn.optonline.net] has joined #bitcoin-wizards13:09
-!- hazirafel [~ufoinc@31.154.91.221] has joined #bitcoin-wizards13:09
-!- tripleslash [~\\\@unaffiliated/imsaguy] has joined #bitcoin-wizards13:10
-!- gwollon [~gwillen@li450-236.members.linode.com] has joined #bitcoin-wizards13:12
-!- zxzzt_ [~prod@static-100-38-11-146.nycmny.fios.verizon.net] has joined #bitcoin-wizards13:12
-!- petertod1 [~pete@ec2-52-5-185-120.compute-1.amazonaws.com] has joined #bitcoin-wizards13:12
-!- otoburb_ [~otoburb@unaffiliated/otoburb] has joined #bitcoin-wizards13:12
-!- [\\\] [~\\\@unaffiliated/imsaguy] has quit [Ping timeout: 244 seconds]13:12
-!- tromp [~tromp@ool-18be0bd8.dyn.optonline.net] has quit [Ping timeout: 244 seconds]13:12
-!- Iriez [wario@distribution.xbins.org] has quit [Ping timeout: 244 seconds]13:12
-!- SDCDev [~quassel@unaffiliated/sdcdev] has quit [Read error: Connection reset by peer]13:12
-!- JayDugger1 [~jwdugger@108.19.186.58] has quit [Ping timeout: 244 seconds]13:12
-!- epscy [~epscy@176.126.241.239] has quit [Ping timeout: 244 seconds]13:12
-!- gwillen [~gwillen@unaffiliated/gwillen] has quit [Ping timeout: 244 seconds]13:12
-!- Meeh [~meeeeeeh@meeh.sigterm.no] has quit [Ping timeout: 244 seconds]13:12
-!- zxzzt [~prod@static-100-38-11-146.nycmny.fios.verizon.net] has quit [Ping timeout: 244 seconds]13:12
-!- helo [~helo@unaffiliated/helo] has quit [Ping timeout: 244 seconds]13:12
-!- jcorgan [~jcorgan@unaffiliated/jcorgan] has quit [Ping timeout: 244 seconds]13:12
-!- petertodd [~pete@ec2-52-5-185-120.compute-1.amazonaws.com] has quit [Ping timeout: 244 seconds]13:12
-!- otoburb [~otoburb@unaffiliated/otoburb] has quit [Ping timeout: 244 seconds]13:12
-!- helo [~helo@69.60.98.175] has joined #bitcoin-wizards13:12
-!- helo [~helo@69.60.98.175] has quit [Changing host]13:12
-!- helo [~helo@unaffiliated/helo] has joined #bitcoin-wizards13:12
-!- Iriez [wario@distribution.xbins.org] has joined #bitcoin-wizards13:13
-!- JayDugger [~jwdugger@108.19.186.58] has joined #bitcoin-wizards13:13
-!- maraoz [~maraoz@c-73-15-187-144.hsd1.ca.comcast.net] has joined #bitcoin-wizards13:13
-!- jcorgan [~jcorgan@ec2-54-67-38-167.us-west-1.compute.amazonaws.com] has joined #bitcoin-wizards13:13
-!- jcorgan [~jcorgan@ec2-54-67-38-167.us-west-1.compute.amazonaws.com] has quit [Changing host]13:13
-!- jcorgan [~jcorgan@unaffiliated/jcorgan] has joined #bitcoin-wizards13:13
-!- Meeh [~meeeeeeh@meeh.sigterm.no] has joined #bitcoin-wizards13:13
-!- SDCDev [~quassel@unaffiliated/sdcdev] has joined #bitcoin-wizards13:13
-!- epscy [~epscy@176.126.241.239] has joined #bitcoin-wizards13:13
-!- otoburb_ [~otoburb@unaffiliated/otoburb] has quit [Client Quit]13:14
-!- kang_ [67efe9d5@gateway/web/freenode/ip.103.239.233.213] has joined #bitcoin-wizards13:16
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards13:18
Taekkanzure, all: has there been any discussion on what happens if we discover that bitcoin will not scale beyond a certain point13:24
-!- chris13243 [~chris@70-7-83-124.pools.spcsdns.net] has joined #bitcoin-wizards13:24
Taekeven the lightning network is not going to scale to 7 billion humans on 1mb blocks13:24
Taekassuming that 1mb is indeed a hard limit, and that lightning is the best we can do off-chain, what happens?13:24
kanzureyou can use multisig pools for receiving cheap utxos on the blockchain in that circumstance13:25
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards13:26
Taekmeaning multiple people sharing each utxo?  Sounds trust-required13:27
kanzurei think you could make multisig "pools" more trustless13:27
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bhaoenjwhxyghjgn] has quit [Ping timeout: 250 seconds]13:27
-!- adam3us [~Adium@178.197.232.153] has quit [Quit: Leaving.]13:28
kanzurethere might be a legitimate reason to think that the only transactions that should get committed are breach-remedy transactions, heh13:29
-!- nullbyte [~NSA@198.203.28.43] has joined #bitcoin-wizards13:29
kanzureanyway, if you really need to have extra data, you could always do the extension block idea, or auxiliary blocks plugged in via transactions that specify their existence or something, or sidechains that are either chains themselves with normal verification constraints or federated pools (which is almost very similar to "hrrr multisig pools") with signed blocks or signed ledgers..13:30
kanzuremulti-chain lightning network nodes let users respond to fee pressures to select other types of utxos they are okay with receiving http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-September/010909.html13:31
-!- adam3us [~Adium@178.197.236.137] has joined #bitcoin-wizards13:32
kanzure(although you don't have to immediately exit into utxos anyway)13:33
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards13:34
TD-Linuxmoxie looks pretty awesome. though it seems clearly targeted toward hw implementation vs a software one13:34
gmaxwellthe software impl is perfectly reasonable though.13:35
-!- adam3us [~Adium@178.197.236.137] has quit [Quit: Leaving.]13:36
kanzureTaek: some people are not going to understand bitcoin, no matter how amazing our software is, and persuading them to use bitcoin anyway without understanding safety implications might be unethical. so it's possible that not everyone is going to use bitcoin...13:36
phantomcircuitTaek, lightning (aka hash locked bidirectional micro payment channels configured into a network) are almost certainly not the best that we can do13:37
TD-Linuxfor an interpreter, yes. but I imagine that bitcoin wouldn't want to integrate a JIT...13:37
kanzureTaek: also in general it causes lots of angry users when they were told about certain features that turn out to be oops not true13:37
kanzurephantomcircuit: go on13:37
phantomcircuitkanzure, you already mentioned the obvious, probabilistic payments13:37
kanzureTaek: for example, advertising bitcoin as anonymous is *dangerous* to user safety and is *actively harmful*13:37
phantomcircuitfor something like starbucks that receives a few million payments per day a 100,000x probability is reasonable13:38
kanzureyes i have not completely internalized those proposals yet13:38
kanzurehttps://bitcointalk.org/index.php?topic=62558.013:38
kanzurehttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/2013-May/002564.html13:38
gmaxwellTD-Linux: yea no, fair enough. When I say the software is good I mean its a switch statement that almost fits on your screen.13:38
gmaxwellTD-Linux: not that its fast or easy to make fast, I agree.13:38
phantomcircuitmore so though there is good reason to believe that the payment channels in a lightning like setup can be rebalanced, thus allowing for channels to remain open indefinitely13:39
kanzureright13:39
kanzurephantomcircuit: has anyone looked at whether probabilistic payments + lightning or other payment channels works?13:39
phantomcircuitthere is the obvious question there about how you keep bitcoin mining secure in such a scenario though13:39
-!- nullbyte [~NSA@198.203.28.43] has quit [Ping timeout: 272 seconds]13:39
phantomcircuitkanzure, i've not seen any discussion about combining the two approaches no13:39
kanzurewell, the lightning network nodes might be miners13:40
-!- nullbyte [NSA@gateway/vpn/mullvad/x-suntigubcdbwjacp] has joined #bitcoin-wizards13:41
phantomcircuitkanzure, indeed they should be but unfortunately the current market indicates that those who should be miners dont seem to be13:41
phantomcircuitfor example all of the exchanges should be mining even if only at 0.1-1% of the network levels13:42
kanzureis there a good link that i can use about this13:42
phantomcircuit(at 1% of the network you get to select the transactions in approximately 1 block every day)13:42
-!- otoburb [~otoburb@unaffiliated/otoburb] has joined #bitcoin-wizards13:43
-!- adam3us [~Adium@178.197.236.52] has joined #bitcoin-wizards13:44
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards13:45
Taekphantomcircuit: if starbucks is receiving payments at 100,000x, doesn't that mean that some people are going to get slammed with a $XXX,XXX bill for their coffee cup?13:45
-!- adam3us [~Adium@178.197.236.52] has quit [Client Quit]13:46
kanzure"I doubt many want to risk paying much more than 100 times more than they bargained for."13:46
phantomcircuitTaek, they pool their money before hand13:47
Taek"So, to make that work, there would need to be a way for Alice to put that 1 BTC on hold for Bob's benefit, albeit only temporarily.  This way, Alice can't swipe the coin out from under Bob, but on the other hand, Bob doesn't get to keep control of the coin if he doesn't receive a winning share after a certain amount of time." -> also seems like a hard problem13:47
phantomcircuitit's like the lottery13:47
phantomcircuitactually the mechanism would probably be the same as with micropayment channels13:48
phantomcircuitso potentially it's made irrelevant by them13:48
Taekyeah I've always assumed that probabilistic payments were approx. inferior to payment channels13:48
gmaxwellthey make a different tradeoff.13:49
gmaxwellI expect they could be combined too, but maybe not much reason to do that.13:49
Taekwhat is the benefit to using probabilistic payments?13:50
gmaxwellWhen people start talking about micropayments-- true micropayments, like sub usd cent in value-- probablistic payments are probably most interesting.13:50
phantomcircuitgmaxwell, you'd need to combine funds into a single multisig with a mechanism to recover funds if someone disappears13:50
phantomcircuitwhich i suspect basically ends up looking like a super cumbersome micropayment channel13:50
gmaxwellphantomcircuit: nah, I posted PP schemes that I think work and give all interesting properties, including doublespend detection.13:51
gmaxwellI even had you add opcodes to elements-alpha to make them implementable!13:51
gmaxwell(thats why I wanted verifying signature data on the stack)13:51
-!- kang_ [67efe9d5@gateway/web/freenode/ip.103.239.233.213] has quit [Quit: Page closed]13:52
phantomcircuitgmaxwell, yeah i know, but if you're doing very high odds you want to pool the risk with other users13:52
phantomcircuit100x is probably the highest that a single person is going to want to go13:52
gmaxwellBecause you can prevent PP doublespend by having a bonded coin that can be redeemed/destroyed on presentation of a proof of two signatures with another key.13:52
phantomcircuit100x is obviously still very useful13:52
gmaxwellphantomcircuit: depends on the fee level.13:53
phantomcircuitwell and i guess if it's sub cent payments it can be much higher13:53
phantomcircuit1000x on a 0.001 payment would be fine13:53
gmaxwellright. In any case, it's speculative if really tiny payments make _social_ sense, but I think we have the technology to make them reasonably efficient.13:54
Taekif you make the majority of your daily purchases using PP, it would seem reasonable to have a pool set aside of several thousand dollars to draw from.13:54
gmaxwellbigger hurdle is that many people really dislike payments with variance, on both the sending and recieving side.13:55
phantomcircuitgmaxwell, btw even with dbcache=4 the bottleneck on this rpi2 seems to be merkle tree root calculations13:55
phantomcircuitfScriptChecks = false and cpu saturated13:55
gmaxwellphantomcircuit: so leveldb wastes a ton of cpu on lookups, dunno why.13:56
gmaxwellso that might also be a factor for you.13:56
phantomcircuitgmaxwell, oh right, it's because it's bisecting the table files13:56
Taekre: tradeoffs, with PP you could pay any address, but with payment channels you don't have that flexibility13:56
phantomcircuitthe table files are sorted and lookups within them are done by bisecting the file13:56
phantomcircuitand it's walking the journal file for each lookup which is O(n) (but hopefully with a small n most of the time)13:57
gmaxwelltaek: networked channels mostly makes that a non-issue.13:58
gmaxwellTaek: the parties just need channels up to _someone_ and you do path finding and make a series of pairwise trades.13:58
phantomcircuitindeed the current designs call for onion routed payments to be the default13:59
gmaxwelllike the original ripple system, but trading an asset rather than a debt so payment is guarenteed. :)13:59
phantomcircuitit's expected that the cost per payment will be so low that 5x increase for strong privacy will be a no brainer13:59
Taekgmaxwell: true, but that comes with implementation overhead, and if each pairwise trade is charging some sort of fee, you deal with fee overhead as well13:59
-!- CohibAA [~CohibAA@unaffiliated/cohibaa] has quit [Remote host closed the connection]13:59
kanzurepayment routing includes things like finding fee-optimal paths14:00
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Ping timeout: 264 seconds]14:00
phantomcircuitTaek, people keep brining this up and suggesting it will make the network centralized, but it's expected the the cost will be so low that it wont have any effect14:00
gmaxwellTaek: illogical thinking, or actually if you think through there is a highly unethical argument burried in there; let me explain.14:00
-!- dEBRUYNE_ [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards14:00
phantomcircuitfor example i intend to setup a hub as soon as it's possible and charge nothing14:00
phantomcircuit(not with lots of funds available of course, but still)14:00
kanzurere: the importance of paying to addresses, i don't think addresses are useful. they will die eventually...14:01
gmaxwellTaek: Lets imagine a transaction directly hits the bitcoin network. Then every node in the world and all future ones through history are _forced_ to transfer and process it if they want to participate.  The total cost is considerable, though much of it is an externality.14:01
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 255 seconds]14:01
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]14:02
gmaxwellTaek: now for the channel case, the similar per node costs are involved, but only for a few nodes, the total cost is much lower, and participation is voluntary.14:02
Taekkanzure: I don't understand 'they will die eventually...' ?14:02
CodeSharkthe term "bitcoin address" is a somewhat unfortunate misnomer...the parallel with, say, email (which is already used and understood by many) just isn't really there14:02
gmaxwellTaek: also, --- least cost routing network, so almost perfect competition... and fees would often be negative, due to channel rebalancing.14:02
kanzureTaek: bitcoin addresses are really just one particular standard for contracts; there's no reason to keep using those.14:02
-!- xabbix [~xabbix@unaffiliated/xabbix] has quit [Ping timeout: 240 seconds]14:03
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:03
gmaxwellSo the comparison about 'but won't participants in my payment want fees?'  is saying "I don't want to pay the true price for processing my transaction in a highly efficient market, but I'd rather externalize a thousands of fold cost on other parties that have no real choice except to not run a bitcoin node at all"14:04
-!- tromp [~tromp@rtc35-217.rentec.com] has joined #bitcoin-wizards14:04
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: Leaving]14:04
gmaxwelland keep in mind, there is no reason to assume the bitcoin transactions themselves will be free, the validation costs get externalized, but POW security costs are not.14:05
-!- Madars [~null@unaffiliated/madars] has quit [Ping timeout: 252 seconds]14:05
-!- kyuupichan [~Neil@ae051180.dynamic.ppp.asahi-net.or.jp] has quit [Ping timeout: 244 seconds]14:06
-!- Madars [~null@unaffiliated/madars] has joined #bitcoin-wizards14:06
Taekgmaxwell: from a purely utilitarian perspective,  the cost of using networked channels is (setup + routing fees)*# of payments14:06
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has quit [Read error: Connection reset by peer]14:06
Taekin a PP setup, the cost is (txn fee)*(# of payments)*(probability of payment)14:06
-!- chris13243 [~chris@70-7-83-124.pools.spcsdns.net] has quit [Ping timeout: 264 seconds]14:07
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has joined #bitcoin-wizards14:07
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has quit [Client Quit]14:07
-!- zooko [~user@73.14.172.248] has joined #bitcoin-wizards14:07
CodeSharkthe cost of routing transactions for a relatively tiny percentage of all transactions taking place is also relatively tiny compared to the cost of focing everyone in the world to have to validate each transaction14:07
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has joined #bitcoin-wizards14:07
Taekwrt the ethical problem, I'm not really sure how to answer that. I usually assume (perhaps incorreclty) that at some point the blockchain will be constantly 100% full14:07
gmaxwellTaek: no, setup  + routing*payments.14:07
-!- RoboTeddy [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Ping timeout: 264 seconds]14:07
Taekoh right14:07
-!- erasmospunk [~erasmospu@179.43.156.162] has quit [Ping timeout: 244 seconds]14:08
-!- Logicwax [~Logicwax@c-76-126-174-152.hsd1.ca.comcast.net] has quit [Ping timeout: 244 seconds]14:08
-!- tromp_ [~tromp@rtc35-217.rentec.com] has quit [Ping timeout: 250 seconds]14:08
phantomcircuitTaek, i keep saying "is expected to be" but really the cost of payment routing will be virtually zero14:08
gmaxwellbut setup can be disregarded, assuming its widely used, everyone will have channels setup already.  And PP assumes a linear utility for money, ... you want your paycheck via a PP? :P14:08
CodeSharkwe already pay for routing via ISPs14:09
CodeSharkimagine if someone were insisting the Internet should be a flood network instead :p14:09
kanzurecomparisons to internet architecture are not useful; internet is terrible architecture.14:09
TaekCodeShark: I don't think that's a valid comparison. You can't exactly do 'probabilistic packets'14:09
kanzure(i'm just upset about someone using an argument about "peering agreements" on me.. bleh.)14:10
CodeSharkthe point isn't to tout the merits of current Internet architecture, kanzure - but to point out how much worse it could be14:10
-!- jeremyrubin [~jeremyrub@biohazard-cafe.mit.edu] has quit [Ping timeout: 268 seconds]14:10
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]14:10
-!- erasmospunk [~erasmospu@mi-18-24-58.service.infuturo.it] has joined #bitcoin-wizards14:11
CodeSharkas much as I dislike the centralized nature of ISPs and resource allocation, I'd rather pay my ISP than have to wade through every single message everyone everywhere on the Internet broadcasts14:12
Taekyou'd still have to get the messages from an ISP?14:13
CodeSharkno, you could just use shortwave radio or something :p14:13
fluffyponyCodeShark: someone told me on Reddit a few days ago that in "5-7 years everything will be decentralised"14:13
fluffyponyall I could think about is message-passing everyone's stupid media downloads14:13
CodeSharkwell, decentralization doesn't have to mean flood networks14:14
gmaxwellnice timing re ISPs comment and #bitcoin14:14
CodeSharkI'm thinking more of an ad-hoc mesh network where routing services can be provided by anyone14:15
-!- erasmospunk [~erasmospu@mi-18-24-58.service.infuturo.it] has quit [Ping timeout: 246 seconds]14:15
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has joined #bitcoin-wizards14:16
CodeSharkyou could still do stupid media downloads...but it won't be free (although it might very well be cheaper than current ISPs)14:16
TaekI have a hard time thinking about fair-cost models for a payment routing network, but it does seem to me like 'free' routing would be dangerous for the router14:17
-!- xabbix [~xabbix@unaffiliated/xabbix] has joined #bitcoin-wizards14:17
gmaxwellCodeShark: usually transfer stunts like that very much do not work. Last mile bandwidth is enomrously more expensive (in physical terms) than datacenter bandwidth.14:17
Taekif there's a lot of traffic going a particular direction on the network, you could have all of your channels drained in that direction14:17
Taekand then you need to somehow find a way to rebalance14:17
gmaxwellTaek: no need for 'the router'14:17
gmaxwellTaek: you rebalance by offering negative fees to move in the other direction.14:17
Taekright, but you can only afford negative fees if you were charging positive fees in the first place14:18
gmaxwell(or zero fees if you're not that desperate)14:18
gmaxwellTaek: what no!14:18
Taekok what did I miss?14:18
-!- chris13243 [~chris@107.25.80.127] has joined #bitcoin-wizards14:19
kanzureyour negative fees can be subsidized upstream14:19
gmaxwellTaek: there is a channel from me to you, and I've paid you all the coins in it, so all the coins are on your side now.  Later someone wants to route through me to reach codeshark, they could come via andytoshi to me,  but I'd rather move some of the taek-gmaxwell channel back to me, so I offer negative fees that way, even though I never connected any fees before.14:19
gmaxwell(and it's totally reasonable for me to do this, since rebalancing the channel saves me fees in the future-- e.g. the fees I'd have closing and establising a new channel)14:20
gmaxwells/connected/collected/14:20
TaekI still having trouble visualizing a whole network doing this, but I think that only makes sense in a limited scope.14:22
-!- erasmospunk [~erasmospu@81.17.20.66] has joined #bitcoin-wizards14:22
-!- zooko [~user@73.14.172.248] has quit [Ping timeout: 272 seconds]14:22
TaekLet's we have a network where everyone is connected to K and nobody else14:22
Taekand for whatever reason, today a bunch of payments are going to G, so K's channel to G gets drained14:23
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 260 seconds]14:23
TaekK knows that in the future he's going to need to make more payments to G, so now he needs to re-fill that channel14:24
Taekunless there are more random processes that help reset it, the channel is stuck without some form of encouragement14:25
gmaxwellYes, indeed, though thats an uninteresting and degenerate topology.14:25
Taekhmm.14:25
Taekperhaps so. Was just trying to create something easier to reason about14:25
kanzurethe point is that negative fees are a form of fee competition so that your negative fees are selected over competing alternatives14:25
gmaxwellwhat you said so far is true, but it's a problem with the topology.  If you imagine several stars,  e.g. K1,K2,K3 and each user is connected to two of them.. then you can start seeing how things work.14:26
gmaxwell(though even stars are kind of degenerate at all, but that topo is enough to see all the behaviors I'm talking about)14:27
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards14:27
Taekdo you mind explaining further?14:27
CodeSharkyou're basically rewarding people for replenishing your channel14:27
CodeSharkso you don't have to renegotiate one14:27
gmaxwellnow when K1->G ends up all on G's side, zero or negative fees going the order way creates a reason for someone on K3 paying someone on K1  to use the K3->G->K1->X route.14:28
CodeSharkyou offer a route that, while not necessarily the most efficient, helps replenish your channel14:28
CodeSharkand rewarding people for using it14:28
TaekCodeShark: I understand that, but the only reason your channel is depleted in the first place is that *other people* were using it.14:28
Taek*presumably for free14:28
CodeShark?14:29
CodeSharkwhy would you presume that?14:29
gmaxwellTaek: no-- your software would charge fees for transactions that moved channels in ways they don't like, and pay fees for transactions that move channels in ways they like.14:29
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Quit: Leaving...]14:29
Taekgmaxwell: oh. Somehow I thought we were assuming that fees were going to be 0 to move money around.14:30
kanzurefees can be zero for as long as you have a positive balance on the channel14:30
-!- chris13243 [~chris@107.25.80.127] has quit [Ping timeout: 244 seconds]14:30
gmaxwellTaek: for any given transaction they may be-- if you can find a route whos rebalance you can help.14:30
Taekgmaxwell: certainly, though I would expect on-average you'd wind up paying relatively small fees, and in proportion to the volume of money14:31
gmaxwellBasically you can imagine it like this, there is a cost to reset channels. channel fees should amortize that cost fairly across all the users that exploit the channel.14:31
Taekyeah that makes sense14:32
gmaxwellthats why you have to think of a more complex topology than a hub/spoke or you can't see those effects and there is little to no shared amoritization.14:32
CodeSharkad-hoc mesh networks :)14:33
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards14:33
CodeSharka "hub" is just a regular node that offers routing services14:34
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:34
gmaxwellbecause you'd like to minimize your costs every participant should be a 'hub'.14:34
gmaxwellotherwise you have no oppturnity to get other people to rebalance your channels.14:35
kanzurealso every lightning network node should randomly start up new channels with very small balances with random other nodes, and then increase the channel balance over time once the node has proven trustworthy14:36
kanzurebecause random network growth has many privacy advantages and other effects14:36
CodeSharkyes, resistant to partitioning14:36
CodeSharkas well14:36
Taekbeing a hub means greater setup costs, and if the average participant has more connections it means the overall network is more expensive (in terms of block space)14:37
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has quit [Client Quit]14:37
CodeSharkwe want to avoid having, say, two huge cliques linked only by a single link :)14:37
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards14:37
Taekof course, that makes that link very powerful14:37
kanzureTaek: hubness setup costs are what?14:37
Taekyou have to put a transaction on the blockchain for every link you establish14:38
gmaxwellTaek: it doesn't mean greater setup costs.14:39
gmaxwellconsider, _eventually_ your channel will deplete. And you must setup again.  Now if you do _no_ rebalancing, two channels will take twice as long to deplete as one (assuming equal value and uniform usage).14:40
TaekI wish I understood without needing it to be spoon-fed to me lol14:40
gmaxwellBut having two up at one means you can prolong your channels by rebalancing.14:40
CodeSharkthe cost of the anchor transaction can be negotiated between the two parties14:40
CodeSharkand might have something to do with risk metrics14:40
gmaxwelland indeed, someone else can pay that setup cost if doing so helps their rebalancing.14:40
Taekgmaxwell: I see. You'd want to optimize for the total number of channels that get created over time, which includes channels that need to be refreshed.14:41
gmaxwellYup.14:41
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Remote host closed the connection]14:41
gmaxwelland rebalancing can have a huge effect, increasing the lifetime manyfold.14:42
-!- instagibbs_ [6c1fd228@gateway/web/freenode/ip.108.31.210.40] has joined #bitcoin-wizards14:42
-!- jeremyrubin [~jeremyrub@biohazard-cafe.mit.edu] has joined #bitcoin-wizards14:42
-!- RoboTedd_ [~roboteddy@c-67-188-40-206.hsd1.ca.comcast.net] has quit [Remote host closed the connection]14:43
-!- mjerr [~mjerr@p5B209723.dip0.t-ipconnect.de] has quit [Ping timeout: 272 seconds]14:43
TaekOk. I'm now trying to reason about the fundamental limitations of such a system. Let's assume that there exists some magic configuration which guarantees perfect rebalancing at 3 connections per participant14:44
Luke-Jrgmaxwell: why would my channel deplete? O.o14:44
Luke-Jras long as I'm paid more than I spend, I wouldn't expect that.14:44
TaekThe network grow linearly over time limited by the blockchain size14:45
TaekYou'd still need to refresh channels any time that someone had a change in their total network14:45
Taek*networth14:45
gmaxwellLuke-Jr: 'deplete' means unbalance.14:45
Luke-Jrok14:45
instagibbs_Taek: or open another channel, no?14:45
CodeSharkwouldn't it be possible for multiple parties to negotiate opening up a clique with a single anchor transaction?14:46
* Luke-Jr will need to go over Rusty's latest stuff to learn the new terms :p14:46
gmaxwellLuke-Jr: Channels obey conservation of coins. A 10 BTC channel always has 10 BTC into it, but it's 'depleted' when the 10 BTC is all owned by one side or the other.14:46
gmaxwellwell I dunno if rusty used depleted, thats how I think of it. :P14:46
Taekinstagibbs_: yeah, same idea. You need another transaction to represent that your gains/losses have reached the limits of your channels14:46
instagibbs_This is all really fascinating.14:46
-!- erasmospunk [~erasmospu@81.17.20.66] has quit [Ping timeout: 265 seconds]14:47
TaekSo then when there is networth fluidity on the network, it prevents new people from joining14:47
instagibbs_But another channel seems superior most times, since again, your open channels are + value14:47
Taekalso interesting to think that the human population grows exponentially (or device population, if devices start doing their own blockchain things_14:47
gmaxwellallow me to introduce you to the friendly but stern logistic function.14:49
gmaxwellHuman population doesn't grow exponentially. :P14:49
Taekinstagibbs_: Yeah seems like there's no reason to completely close a channel ever.14:49
gmaxwellat least not the population on earth!14:50
-!- erasmospunk [~erasmospu@81.17.20.66] has joined #bitcoin-wizards14:50
instagibbs_Taek: well under attack scenario you need to close out more. more $$$ to settle14:50
instagibbs_other than that it's hard to imagine14:50
-!- Logicwax [~Logicwax@c-76-126-174-152.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:50
Taekgmaxwell: historically it grew exponentially no? You are just pointing out that there is a physical limit to the # of humans that fit on the planet?14:51
gmaxwellRight.14:51
gmaxwell(and we're actually within spitting distance of current best esimates of it! at least in exponential growth terms)14:51
CodeSharkwe could easily stick the entire world's population into the grand canyon...but most would probably starve pretty quickly14:52
gmaxwellyes, this was assuming people staying alive. :P14:52
gmaxwellnot turning them into some kind of bizarre meat-moon.14:52
-!- chris13243 [~chris@70-7-16-143.pools.spcsdns.net] has joined #bitcoin-wizards14:53
-!- chris13243 [~chris@70-7-16-143.pools.spcsdns.net] has quit [Read error: Connection reset by peer]14:53
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:53
Taekinteresting14:55
zooko14:55
TaekAssuming that the human population stops at 10 billion, and that the average lifespan is 100 years14:55
Taekand that there's approx. no net flow of networth14:55
Taekand that each human needs exactly 2 channels to keep their channels alive indefinitely14:56
Taekyou end up at 6 tps14:56
instagibbs_That's the kind of napkin math we need.14:56
instagibbs_;)14:56
-!- RoboTeddy [~roboteddy@c-67-188-40-9.hsd1.ca.comcast.net] has joined #bitcoin-wizards14:56
TaekThat's why I'm here :)14:56
gmaxwellyou're going to need more dimensions to make that cow any more spherical.14:56
gmaxwellBut yea, it's impressive the gains you can get.14:57
-!- hazirafel [~ufoinc@31.154.91.221] has quit [Ping timeout: 246 seconds]14:58
gmaxwellI can get you something like 11 tps in 1mb with a soft fork, incidentally. just by changing to BLS signatures. (not saying that 1mb is a reasonable limit in such a world... but it's amusing)14:59
kanzuremeat-moon isn't as difficult as it may sound14:59
kanzurehttp://www.islandone.org/MMSG/aasm/14:59
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards15:00
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [Remote host closed the connection]15:00
-!- erasmospunk [~erasmospu@81.17.20.66] has quit [Ping timeout: 246 seconds]15:00
-!- RoboTeddy [~roboteddy@c-67-188-40-9.hsd1.ca.comcast.net] has quit []15:01
kanzurealso you can just compress people down and run them on clouds anyway15:02
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]15:02
fluffyponyI like that idea15:02
kanzurefor that one there's http://diyhpl.us/~bryan/papers2/brain-emulation-roadmap-report.pdf15:03
kanzurestrangely, those two documents share some authors despite being written 30 years apart15:05
-!- erasmospunk [~erasmospu@81.17.20.66] has joined #bitcoin-wizards15:05
kanzure"the other stuff that ralph merkle is up to"15:06
phantomcircuitgmaxwell, i've had people argue that my assertion that IBD scales O(n^2) with O(n) block increase is false because there is a limit to the size of block you can construct due to merkle tree construction being O(n log n)15:06
phantomcircuitwhich is just comical as fuck15:06
phantomcircuitsomething something cubic blocks15:07
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat]15:07
kanzureer, then what is merkle tree construction actually limited towards?15:08
gmaxwellphantomcircuit: you can show them pieter's code, it happily builds trees that are 2^26 in size and such. of course the tree doesn't get any wider if your transactions just get fat instead of numerous.15:09
gmaxwellkanzure: in pieter's new code the MT construction uses log2(entries) memory and takes time roughly equal to sha2d-ing the data twice.15:10
kanzurecool15:10
gmaxwellso you could build a tree over all the atoms in the universe with a ordinary desktop, no problem, if were patient enough to hash the universe twice.15:10
phantomcircuitkanzure, it is actually O(n log n) but i've written code that does 300k append operations per second in O(log n) space so realistically the O(n log n) limit is like15:10
phantomcircuithuge15:10
kanzurefor the record i am not patient enough to hash the universe twice15:11
gmaxwellphantomcircuit: it's not n log n. it's n*2.15:11
gmaxwellefficient MT contruction is linear time.15:11
phantomcircuitgmaxwell, each append is O(log n) but for the current n value, oopsies15:12
kanzurei wonder if we should have someone do a "here's some common scaling laws and graphs of common curves to consider when we complain about scaling"15:12
kanzure"this part of the graph is where all lobsters on the planet can have 2 transactions per millenia"15:13
kanzureer, *do a presentation about15:13
-!- eudoxia [~eudoxia@167.57.96.88] has quit [Quit: Leaving]15:13
-!- chris13243 [~chris@70.7.149.11] has joined #bitcoin-wizards15:14
gmaxwellphantomcircuit: not so.  You defer work and ripple up.15:14
phantomcircuithmm yeah15:14
phantomcircuitit's log n worst case15:14
phantomcircuitO(1) best case15:14
phantomcircuityeah you're right15:14
gmaxwellit's really just N*2 hashes total for efficient software I promise.15:15
phantomcircuityeah i can see why now15:15
-!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has quit [Remote host closed the connection]15:16
-!- erasmospunk [~erasmospu@81.17.20.66] has quit [Ping timeout: 264 seconds]15:18
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Remote host closed the connection]15:19
-!- instagibbs_ [6c1fd228@gateway/web/freenode/ip.108.31.210.40] has quit [Quit: Page closed]15:28
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Ping timeout: 246 seconds]15:29
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Read error: Connection reset by peer]15:31
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]15:46
gmaxwellHey, maybe a bit of fun mindless work-- Pieter recently posted sage code that does mechnical verification of the group law in libsecp256k1, https://github.com/sipa/secp256k1/commit/914bef100c15139c53a42486a6cdf56f48e534d9  but what it doesn't do is verify that what the library actually implements (in https://github.com/bitcoin/secp256k1/blob/master/src/group_impl.h ) are actually the same.  So I'15:54
-!- chris13243 [~chris@70.7.149.11] has quit [Read error: Connection reset by peer]15:54
gmaxwellm offering a 5 BTC bounty for the first discovered substantive (e.g. invalidates the integrity of the proof) difference due to a transcription error between the implementations of secp256k1_gej_* and their sage replicas.15:54
-!- belcher [~user@unaffiliated/belcher] has joined #bitcoin-wizards15:54
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving]16:06
-!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards16:06
-!- zooko [~user@c-73-217-16-2.hsd1.co.comcast.net] has joined #bitcoin-wizards16:06
-!- tucenaber [~tucenaber@unaffiliated/tucenaber] has quit [Ping timeout: 256 seconds]16:10
gmaxwell(also knowing you tried and failed would earn you my debt, if anyone does so you can register your failure by ACKing https://github.com/bitcoin/secp256k1/pull/302 )16:11
-!- kyuupichan [~Neil@ae051180.dynamic.ppp.asahi-net.or.jp] has joined #bitcoin-wizards16:12
-!- dEBRUYNE_ [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 244 seconds]16:13
-!- zooko [~user@c-73-217-16-2.hsd1.co.comcast.net] has quit [Ping timeout: 244 seconds]16:21
-!- MrHodl [~fuc@185.22.183.196] has joined #bitcoin-wizards16:24
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has quit [Quit: sparetire_]16:24
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards16:28
-!- MrHodl [~fuc@185.22.183.196] has quit [Ping timeout: 250 seconds]16:28
-!- tucenaber [~tucenaber@o144.231.lokis.net.pl] has joined #bitcoin-wizards16:32
-!- tucenaber [~tucenaber@o144.231.lokis.net.pl] has quit [Changing host]16:32
-!- tucenaber [~tucenaber@unaffiliated/tucenaber] has joined #bitcoin-wizards16:32
-!- chris13243 [~chris@72-57-94-244.pools.spcsdns.net] has joined #bitcoin-wizards16:34
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ]16:37
-!- arubi [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards16:39
-!- snthsnth [~snthsnth@98.207.208.241] has joined #bitcoin-wizards16:40
-!- tucenaber [~tucenaber@unaffiliated/tucenaber] has quit [Ping timeout: 244 seconds]16:45
-!- tucenaber [~tucenaber@unaffiliated/tucenaber] has joined #bitcoin-wizards16:48
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer]16:48
-!- GAit [~GAit@2.230.161.158] has joined #bitcoin-wizards16:49
-!- Guest89 [~textual@c-73-15-187-144.hsd1.ca.comcast.net] has quit [Quit: Textual IRC Client: www.textualapp.com]16:54
-!- GAit [~GAit@2.230.161.158] has quit [Quit: Leaving.]17:02
-!- dhaK [dhaK@2a02:1610:1:1003:20c:29ff:fe3e:4633] has joined #bitcoin-wizards17:02
-!- nullbyte [NSA@gateway/vpn/mullvad/x-suntigubcdbwjacp] has quit [Ping timeout: 264 seconds]17:03
-!- sausage_factory [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards17:04
-!- blackwraith [~priidu@unaffiliated/priidu] has quit [Ping timeout: 240 seconds]17:05
kanzure"While error detecting codes, such as CRCs, are better than cryptographic techniques, neither provide adequate coverage for active electronics in safety-critical systems. This is illustrated by the Schrödinger CRC scenario where a CRC-protected message with a single Byzantine faulty bit presents different data to different observers and each observer sees a valid CRC.[3][4]" ouch17:06
gmaxwellI think I saw a presentation with a Schrödinger CRC.17:08
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards17:09
-!- GAit [~GAit@2-230-161-158.ip202.fastwebnet.it] has quit [Client Quit]17:09
kanzurethe nasa system fault tolerance stuff slide deck?17:10
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds]17:11
-!- chris13243 [~chris@72-57-94-244.pools.spcsdns.net] has quit [Ping timeout: 250 seconds]17:11
midnightmagicI've had a storage bitflip on an ECC-ram machine17:12
gmaxwellI don't agree with the WP article, FWIW.17:12
gmaxwellI've seen some really awesome errors with CRC protected systems that wouldn't be possible with a digital signature. Though obviously performance usually avoids it.17:13
gmaxwellAn example was a part that was transparently replacing the CRC on messages that came in, without verifying the inbound CRC.17:13
gmaxwellSo it always turned detectable corruption into undetectable corruption. And the fact that it could calculate a CRC at all was totally undocumented, just some side effect of hardwired seralizer logic.17:14
gmaxwellhad the system been using a MAC the design just wouldn't have worked.17:14
midnightmagicMichael Wolfe, the guy who's one of the primary designers of the portland group compiler suite, insisted to me personally and in front of a classroom of about 80 people that the reason they didn't bother supporting ATI hardware even by 2013-ish was because ATI hardware at the time didn't have ecc ram onboard and so it would deliver unreliable results. (some models actually did have ecc by th17:24
midnightmagicen.) This was directly refuted as a valid reason by at least 15 other academics I spoke with including team leads and head scientists, and during about half of all the paper presentations at the conference, who all uniformly said all their algorithms and software are designed with highly unreliable computing elements *specifically in mind.* I've always wondered what it would mean to rebuild17:24
midnightmagicconsumer-level software like bitcoin with local reliable computing, and whether this could help us more-accurately detect faulty hardware (beyond just voting schemes, but actual self-testing autonomous, isolated agents running within an internally redundant machine.)17:24
gmaxwellsounds great, just give me 4x overhead to play with. :P17:25
midnightmagic:-) I've got a machine here you can monkey around on if you want.17:26
jgarzikwith Scaling Bitcoin being a concentration of devs, I wonder if it would be a good idea to adopt DEFCON best practices and bring a burner laptop and burner phone, leaving the primaries at home17:26
gmaxwellWe do internally redundant computation for some things in bitcoin core. :)17:26
gmaxwelljgarzik: Luke-Jr did this for bitcoin2013 and I believe I heard someone mentioning doing it for scaling bitcoin.17:26
Taekjgarzik: I had a dream last night where all 5 people with commit access were murdered17:27
gmaxwellperhaps I'll do that as well. I have a whole stack of burner laptops. :)17:27
gmaxwellhm but they don't have batteries.17:27
midnightmagicI have burner desktops! And car batteries!17:27
gmaxwellplus if someone tries to attack you, you can throw battery acid at them. What could go wrong?17:28
gmaxwellyou can get old x61 laptops for almost free, though usually not with working batteries.17:29
midnightmagicrolled a 1, critical fumble, arggghhh17:30
jgarzikrofl I have way too many burner desktops17:31
kanzurei would be far far more interested in capturing whatever malware people try to release17:32
phantomcircuitmidnightmagic, iirc lots of people have realized that their automated bug reporting stuff should include a hardware testing suite17:34
phantomcircuitapparently reduces the volume of bug reports significantly17:34
phantomcircuitit would be nice if there was a kernel level memory tester that ran in the background slowly17:34
* phantomcircuit looks around for rusty17:34
kanzureyou can make jgarzik do it17:35
midnightmagic"Installation of Bitcoin requires a kernel module to be loaded at boot-time.."17:35
Luke-Jrgmaxwell: I did? O.o17:41
kanzuregmaxwell: re: that wikipedia article about byzantine generals' problems,17:41
kanzureseems that iang wrote up some reasonable criticism here http://financialcryptography.com/mt/archives/001522.html17:41
kanzurenot sure if that was the origin of "dynamic membership set" stuff17:41
gmaxwellLuke-Jr: I thought you did!17:42
Luke-Jrgmaxwell: I just never trust mobile stuff period.17:43
gmaxwellkanzure: no, other way around.17:43
Luke-Jrmy laptop is essentially no more than a SSH+VNC thinclient17:43
gmaxwellLuke-Jr: I thought you had a seperate new netbook.17:43
Luke-Jroh, that exists. but I almost never use it.17:44
kanzureok17:44
Luke-JrI guess maybe my usage patterns makes them somewhat effectively "burner", but I've never really considered them that way because I have nothing more permanent in that form factor17:45
Luke-Jralthough the last year, I've found VNC is a pain due to my DSL upload :/17:45
kanzurewe should plant someone with really obvious malware and then have a game to find the plant17:45
-!- kmels [~kmels@186.64.110.122] has quit [Ping timeout: 246 seconds]17:46
kanzure(no we shouldn't)17:46
-!- chris13243 [~chris@70-0-141-35.pools.spcsdns.net] has joined #bitcoin-wizards17:46
gmaxwellAndytoshi recently believed his laptop was stolen and it had been left suspended, unlocked with all his credentials available. Don't let this happen to you.17:47
phantomcircuitgmaxwell, i brought a burner laptop/cellphone to defcon17:48
phantomcircuitdidn't have a burner sim though17:49
phantomcircuitpossibly there's malware on it17:49
gmaxwellI am continually frustrated that no machine learning software flaw detector exists.17:51
ryan-cI reuse my burner sim between DEFCONs17:52
ryan-c(and i have a burner phone)17:53
ryan-cI'm pretty sure malware on SIM is possible.17:56
phantomcircuitryan-c, it definitely is but iirc you need to have the keys for the sim to load anything onto them17:58
ryan-ckanzure: A few years ago some guys were spamming the CTF network with wireshark dissector 0-days - that was fun, especially once people started replaying them.17:58
phantomcircuitbut being defcon probably someone there has stolen those17:58
ryan-ctbh, if i were the sort of person to drop 0days at a conference i'd go for blackhat or better yet rsa18:00
phantomcircuitryan-c, blackhat you might actually get in trouble for it18:00
ryan-cphantomcircuit: yes, true18:00
phantomcircuitrsa they'd call the fbi18:00
phantomcircuit... over from the other table18:00
ryan-calso true18:01
ryan-cdepends on goals18:01
ryan-cgoals at defcon are much more likely to be merely trolling18:01
-!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 246 seconds]18:02
ryan-cbut yeah, at defcon someone exploiting phones even if caught probably would at worst have their toys and badge taken away by goons18:02
ryan-cexploiting people on the wifi would probably be considered "amusing" (donno if anyone was there for it, but this was pretty funny https://web.archive.org/web/20130116161913/http://www.evilscheme.org/defcon)18:03
ryan-cLuke-Jr: I become a fan of "laptop is a thin client and browser" model.18:05
ryan-cdo you use mosh?18:06
gmaxwellmosh <318:06
gmaxwellif you do not use mosh, stop what you are doing and install.18:06
ryan-chaha18:07
ryan-cso true18:07
Luke-JrI think I installed mosh, but never use it18:07
bsm117532+1 on mosh18:07
gmaxwellryan-c: well I used a special protocol called airhook for many years, which got many of the advantages of mosh. But it was finniky and I couldn't suggest it easily to other people.18:07
ryan-cbefore mosh, i did hacky shit with airhook http://airhook.ofb.net/18:07
Luke-Jrroaming sounds like a bad feature in this case :P18:07
ryan-chahah18:07
gmaxwell0_o18:07
gmaxwellryan-c: if you ever still use it, it has a realloc misuse bug I've been carrying patches for years for.. :)18:08
kanzuretelepaths are the worst18:08
-!- maraoz [~maraoz@c-73-15-187-144.hsd1.ca.comcast.net] has quit [Quit: Leaving]18:08
ryan-cgmaxwell: I do not still use it. Is that why it very occasionally corrupted ssh packets?18:08
gmaxwellryan-c: yes, likely!18:08
ryan-ciirc that would cause my ssh sessions to die once every couple of weeks18:09
Luke-Jrmy SSH connections die fairly often over T-Mobile :/18:09
ryan-coh, google authenticator for pam is pretty great too18:09
ryan-cLuke-Jr: mosh will fix that for you18:09
gmaxwelllots of cell networks corrupt ssh and ssh doesn't tolerate.. mosh does.18:09
gmaxwelland mosh is usable across a 1 second ping with 30% packet loss.18:10
gmaxwell(so was airhook)18:10
kanzurewhat about temporary sim card resellers in the area?18:10
ryan-ci use mosh on tmobile during my bart commute pretty much every day18:10
Luke-Jrkanzure: let me know if you find any18:10
kanzureuh thanks18:10
Luke-Jr:P18:10
kanzureoh.18:10
ryan-cmosh (and airhook) also handle "network went away for several days"18:10
Luke-JrI prefer if my SSH connection dies if I might have disappeared..18:11
ryan-cand "ip address of client changed"18:11
gmaxwellryan-c: so talking with friends, we were thinking that my phone was somehow amazingly better because I said it worked fine the whole caltrain trip from SF to southbay.18:11
gmaxwellryan-c: and then later I realized it's because I'm using mosh and terminal apps and they're trying to use webapps.18:11
ryan-cgmaxwell: lol18:12
gmaxwellAnd yes, webapps just do not work with 1 second ping times and 30% packet loss. :)18:12
kanzurewhat does mosh really have over ssh + tmux18:12
Luke-Jrkanzure: what gmaxwell just said? :P18:12
* kanzure looks at https://mosh.mit.edu/18:12
ryan-ckanzure: predictive local echo18:12
kanzuressh + tmux handles that situation just fine18:12
Luke-Jrkanzure: no18:12
kanzuredoes for me?18:12
ryan-ckanzure: tolerates 90% packet loss18:12
kanzurehaven't measured packet loss though18:13
Luke-Jrkanzure: SSH gets really bad if there's significant packet loss18:13
Luke-Jrsince it's TCPO18:13
-!- MrHodl [~fuc@185.22.183.203] has joined #bitcoin-wizards18:13
Luke-JrTCP*18:13
ryan-ckanzure: basically it compensates for all the terribleness of cell networks18:13
kanzurethis is an appealing feature "Mosh doesn't fill up network buffers, so Control-C always works to halt a runaway process." but tmux sorta breaks this anyway18:13
gmaxwellI think the predictive local echo is ... kinda boring.18:14
gmaxwellkanzure: mosh works across crappy connections where TCP is barely usable. Including ones that are OK but randomly go out like when you're in transportation or at a conference.18:14
ryan-cgmaxwell: I really like it hiding the latency.18:14
Luke-JrI wish someone did a network transparency layer for Qt with mosh-like semantics :P18:15
gmaxwellI don't look at what I'm typing in any case.  Actually what I like about it is that it lets me see the latency by changing the color of the text as its acknoweldged.18:15
ryan-ccolor?18:15
ryan-cit does underlines for me18:15
kanzurereading what you write directly violates "don't repeat yourself", it's good to have principles18:15
gmaxwellLuke-Jr: any modern X11 stuff is hardly usable remotely. :( so sad.  but it's all blasting pixmaps in really inefficient ways across the wire.18:15
Luke-Jrgmaxwell: that's why I want the network layer inside Qt: send text and widget types18:16
gmaxwellryan-c: or that, I'm on a low latency connection right now so I can't see it.18:16
ryan-cgmaxwell: I am a heavy command line user and often am editing command pipelines, so it telling me where the cursor is going to be is helpful18:16
kanzureeh cursor prediction is easy18:17
kanzureit's a seventh or eighth sense18:17
gmaxwellryan-c: this is what counting and ctrl-<arrows> is for. :)18:18
ryan-cgmaxwell: probably18:19
ryan-ci'm pretty sure you're the only other person i've talked to who's used airhook18:19
gmaxwellwell, there are several production systems out there that I created that use it.18:20
gmaxwellIncluding a fax <> sat gateway thing with lots of oil rigs that use it.18:20
ryan-ci gotta take off, meeting some friends for dinner18:20
gmaxwellbut yea, I'm not sure I've ever encountered someone I didn't introduct to it that knew about it.18:20
ryan-coh, yeah, it'd be fantastic for satellite comms18:20
gmaxwellI've been using it since like ... CDPD days.18:20
-!- chris13243 [~chris@70-0-141-35.pools.spcsdns.net] has quit [Ping timeout: 255 seconds]18:22
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards18:33
-!- Dr-G [~Dr-G@x4d08d145.dyn.telefonica.de] has joined #bitcoin-wizards18:35
-!- Dr-G [~Dr-G@x4d08d145.dyn.telefonica.de] has quit [Changing host]18:35
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards18:35
-!- King_Rex [~King_Rex@53.sub-70-193-64.myvzw.com] has quit [Remote host closed the connection]18:36
-!- Yoghur114 [~jorn@g227014.upc-g.chello.nl] has quit [Remote host closed the connection]18:36
-!- ASTP001 [~ASTP001@50-78-139-77-static.hfc.comcastbusiness.net] has quit [Ping timeout: 264 seconds]18:38
-!- Dr-G2 [~Dr-G@xd9bf77f1.dyn.telefonica.de] has quit [Ping timeout: 272 seconds]18:39
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards18:47
-!- Ylbam [uid99779@gateway/web/irccloud.com/x-wswgyjzrlpvyjnfo] has quit [Quit: Connection closed for inactivity]18:50
-!- chris13243 [~chris@72.62.203.163] has joined #bitcoin-wizards19:24
-!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards19:25
-!- snthsnth [~snthsnth@98.207.208.241] has quit [Ping timeout: 272 seconds]19:28
-!- ajweiss [~adam@static-100-38-11-146.nycmny.fios.verizon.net] has quit [Quit: leaving]19:38
-!- sausage_factory [~priidu@unaffiliated/priidu] has quit [Ping timeout: 240 seconds]19:39
-!- davispuh [~quassel@212.93.100.199] has quit [Read error: Connection reset by peer]19:47
-!- belcher [~user@unaffiliated/belcher] has quit [Quit: Leaving]19:53
-!- chris13243 [~chris@72.62.203.163] has quit [Ping timeout: 256 seconds]19:55
-!- fkhan [weechat@gateway/vpn/mullvad/x-ilhuivpqrqyspunz] has quit [Ping timeout: 246 seconds]20:00
-!- MrHodl [~fuc@185.22.183.203] has quit []20:01
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.]20:11
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards20:11
-!- [7] [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services]20:13
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards20:13
-!- hazirafel [~ufoinc@31.154.91.221] has joined #bitcoin-wizards20:16
-!- adam3us [~Adium@62-2-191-242.static.cablecom.ch] has quit [Quit: Leaving.]20:21
-!- fkhan [~weechat@193.138.219.233] has joined #bitcoin-wizards20:24
-!- fkhan [~weechat@193.138.219.233] has quit [Changing host]20:24
-!- fkhan [~weechat@unaffiliated/loteriety] has joined #bitcoin-wizards20:24
-!- superobserver [~superobse@unaffiliated/superobserver] has quit [Ping timeout: 246 seconds]20:24
-!- robbak [~robbak@unaffiliated/robbak] has quit [Quit: Konversation terminated!]20:25
-!- superobserver [~superobse@unaffiliated/superobserver] has joined #bitcoin-wizards20:28
-!- hazirafel [~ufoinc@31.154.91.221] has quit [Ping timeout: 264 seconds]20:31
-!- p15 [~p15@10.248.234.209.client.dyn.strong-ap1.bringover.net] has joined #bitcoin-wizards20:36
-!- kang_ [67efe917@gateway/web/freenode/ip.103.239.233.23] has joined #bitcoin-wizards20:38
-!- CodeShark [CodeShark@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 260 seconds]20:43
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ]20:45
-!- dEBRUYNE_ [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards20:47
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards20:49
-!- chris13243 [~chris@99.204.125.165] has joined #bitcoin-wizards20:50
-!- chris13243 [~chris@99.204.125.165] has quit [Read error: Connection reset by peer]20:50
-!- adam3us [~Adium@178.197.225.106] has joined #bitcoin-wizards20:51
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-cayslxusigmlowsd] has quit [Quit: Connection closed for inactivity]20:52
-!- adam3us [~Adium@178.197.225.106] has quit [Client Quit]20:53
-!- adam3us [~Adium@178.197.225.106] has joined #bitcoin-wizards20:55
-!- dEBRUYNE_ [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 265 seconds]20:56
-!- adam3us [~Adium@178.197.225.106] has quit [Quit: Leaving.]21:08
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards21:17
-!- GGuyZ_ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards21:27
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Read error: Connection reset by peer]21:27
-!- GGuyZ_ is now known as GGuyZ21:27
-!- GGuyZ_ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards21:29
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Read error: Connection reset by peer]21:29
-!- GGuyZ_ is now known as GGuyZ21:29
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards21:40
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Read error: Connection reset by peer]21:40
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards21:40
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards21:41
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ]21:47
-!- p15 [~p15@10.248.234.209.client.dyn.strong-ap1.bringover.net] has quit [Ping timeout: 268 seconds]22:03
-!- adam3us [~Adium@178.197.224.143] has joined #bitcoin-wizards22:06
-!- adam3us [~Adium@178.197.224.143] has quit [Client Quit]22:07
-!- jtimon [~quassel@159.30.134.37.dynamic.jazztel.es] has quit [Ping timeout: 256 seconds]22:21
-!- Hunger-- [hunger@proactivesec.com] has joined #bitcoin-wizards22:48
-!- fkhan [~weechat@unaffiliated/loteriety] has quit [Ping timeout: 244 seconds]22:50
-!- p15 [~p15@209.234.248.5] has joined #bitcoin-wizards22:52
-!- fkhan [weechat@unaffiliated/loteriety] has joined #bitcoin-wizards22:52
-!- fkhan [weechat@unaffiliated/loteriety] has quit [Changing host]22:52
-!- fkhan [weechat@gateway/vpn/mullvad/x-ubnnpslidjquurvz] has joined #bitcoin-wizards22:52
-!- Hunger-- [hunger@proactivesec.com] has quit [Ping timeout: 240 seconds]22:52
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 272 seconds]23:00
-!- veleiro [~veleiro@fsf/member/veleiro] has quit [Ping timeout: 265 seconds]23:06
-!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards23:07
-!- dhaK is now known as dhafk23:10
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has quit [Read error: Connection reset by peer]23:21
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has joined #bitcoin-wizards23:21
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]23:23
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards23:25
-!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has joined #bitcoin-wizards23:26
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards23:38
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]23:39
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards23:40
-!- priidu [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards23:47
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]23:48
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards23:49
-!- Hunger-- [hunger@proactivesec.com] has joined #bitcoin-wizards23:52
--- Log closed Sat Sep 05 00:00:01 2015

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!