--- Log opened Thu Jun 04 00:00:41 2020 02:56 -!- nickler [~nickler@static.219.205.69.159.clients.your-server.de] has quit [Ping timeout: 265 seconds] 02:56 -!- nickler [~nickler@static.219.205.69.159.clients.your-server.de] has joined #rust-bitcoin 03:06 -!- Annabelle57Funk [~Annabelle@static.57.1.216.95.clients.your-server.de] has joined #rust-bitcoin 03:06 < stevenroose> andytoshi: about your cargo lock comment: it's true that with cargo lock, you're safe, but a library like rust-bitcoin isn't able to fix dependencies in the same way. cargo.lock of dependencies are ignored. so anyone starting a new project depending on rust-bitcoin will download the latest version crates that fit the cargo.toml description of the rust-bitcoin deps, we can't prevent (1) 03:06 < stevenroose> crates.io from replying with arbitrary code and (2) maintainers of deps pushing arbitrary patch updates 03:06 < stevenroose> we should probably fix our dependencies by version more strongly to protect against that at least, but IIRC we only have serde as an external dependency 03:13 -!- surja795 [~surja795@c-24-62-248-154.hsd1.ma.comcast.net] has joined #rust-bitcoin 04:11 -!- surja795 [~surja795@c-24-62-248-154.hsd1.ma.comcast.net] has quit [Remote host closed the connection] 05:34 -!- gribble [~gribble@unaffiliated/nanotube/bot/gribble] has quit [Disconnected by services] 05:36 -!- philbw4_ [~znc-admin@157.245.253.12] has joined #rust-bitcoin 05:36 -!- Annabelle57Funk [~Annabelle@static.57.1.216.95.clients.your-server.de] has quit [Ping timeout: 246 seconds] 05:36 -!- wpaulino [~wpaulino@unaffiliated/wpaulino] has quit [Ping timeout: 246 seconds] 05:36 -!- philbw4 [~znc-admin@157.245.253.12] has quit [Ping timeout: 246 seconds] 05:37 -!- wpaulino [~wpaulino@unaffiliated/wpaulino] has joined #rust-bitcoin 05:45 -!- gribble [~gribble@unaffiliated/nanotube/bot/gribble] has joined #rust-bitcoin 05:56 < yancy> stevenroose interesting. so first time builds could create a cargo.lock that's not the same (since nothing was previously committed)? It seems like this is not an unsolvable problem. Is there no way for Cargo to defend against this? 06:03 -!- Terrence80Kuhn [~Terrence8@static.57.1.216.95.clients.your-server.de] has joined #rust-bitcoin 06:32 < stevenroose> yancy: Cargo.toml could allow for users to specify a hash for a dependency. It currently doesn't allow that. 06:33 < stevenroose> This gets a bit tricky when you have multiple crates with a common dependency but a different version that are trying to interact. 06:34 < stevenroose> right now if crate A depends on C v1.0.0 and crate B depends on C v1.1.0, then Cargo will pick v1.1.0 because A's v1.0.0 dependency implicitly means ">=1.0.0 <2.0.0" 06:35 < stevenroose> but if A has C v1.0.0 and B has C v2.0.0 then they you couldn't use a type from C that A returned to be used in B 06:36 < stevenroose> now in the first scenario if they would be using hashes and A's C v1.0.0 was accompanied by a hash, it could not mean implicitly ">=1.0.0 <2.0.0" but it would mean "==1.0.0" and B's would mean "==1.1.0" so they would not be compatible 06:36 < stevenroose> So it's not a trivial problem to solve in principle, that's for sure 06:37 < stevenroose> and there's two aspects to the thread model: crates.io being malicious or getting hacked and serving a wrong version of the crate and the crate owners themselves uploading a bad version of the crate 06:38 < stevenroose> (the latter also includes the crate owners' oauth account getting hacked and the attacker uploading the bad version) 06:39 < stevenroose> the crates.io issue can be solved by supporting git, which cargo does but not in a very nice/useful way I thikn (need to test that better). but the first issue is arguably the least pressing 06:39 < stevenroose> unless you only use crates from quite trusted parties, then the frist becomes you only issue 07:38 < sgeisler> I guess one of the best solutions would be to take crev reviews into account when choosing versions. 07:40 < sgeisler> If dep A needs C >=1.1.0 and B needs C <2.0.0 and there are C 1.1.0, 1.2.0, 1.3.0, 1.4.0 but only 1.3.0 has reviews from people you trust cargo should choose C 1.3.0. 07:40 < sgeisler> That seems to be a semi-scalable way to manage dependency trust 07:41 < sgeisler> You still need a web of trust and cargo would fail quite often if there aren't enough reviews to satisfy the constraints 07:41 < sgeisler> But that would tell you which crates to focus your review on 08:34 < sgeisler> andytoshi: I'm playing around with rust-miniscript and after wrapping my head around the dozens of abstraction levels I'm kinda missing an easy way to go from a policy to a descriptor by specifying how to wrap the script 08:35 < sgeisler> Is this functionality just missing and needs to be implemented or is there a fudnamental problem with that? I imagine `Policy` to have a `to_sh()` and `to_wsh()` function. 08:36 < sgeisler> Because `format!("sh({})", policy.compile().unwrap()).parse().unwrap();` just can't be it. 08:41 < sgeisler> Also: the descriptor language seems to be derived from the miniscript AST representation and not the policy language. Why not make it policy lang+encapsulation types (sh, wsh)? That would be much easier to read/write on an application level. 09:33 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has quit [Ping timeout: 260 seconds] 09:34 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has joined #rust-bitcoin 10:02 < andytoshi> sgeisler: you can directly construct a Descriptor 10:02 < andytoshi> Descriptor::Wsh(policy.compile()) 10:03 < andytoshi> sgeisler: i don't understand your question about policy lang_encapsulation 10:03 < andytoshi> that seems the worst of all worlds 10:03 < andytoshi> it has this bitcoin cruft (sh, wsh, whatever) but can't actually be used on bitcoin 11:31 -!- belcher [~belcher@unaffiliated/belcher] has quit [Quit: Leaving] 11:51 -!- belcher [~belcher@unaffiliated/belcher] has joined #rust-bitcoin 12:17 -!- Terrence80Kuhn [~Terrence8@static.57.1.216.95.clients.your-server.de] has quit [Ping timeout: 244 seconds] 12:36 < sgeisler> Oh damn, I always overlook direct enum construction for the lack of `pub`, thx for clearing up my confusion 12:40 < sgeisler> What I meant with the lang encapsulation is, if you can't define how to wrap the script your application will either have to decide for the user or make it configurable in another way whereas `sh(and(pk(A), pk(B)))` would enable the user to define both policy and "address type". 12:41 < sgeisler> But it's probably ok to just say it's all `wsh` from here on. 12:41 < sgeisler> So that this question doesn't even come up 13:49 -!- surja795 [~surja795@c-24-62-248-154.hsd1.ma.comcast.net] has joined #rust-bitcoin 13:49 -!- surja795 [~surja795@c-24-62-248-154.hsd1.ma.comcast.net] has quit [Remote host closed the connection] 13:50 -!- surja795 [~surja795@c-24-62-248-154.hsd1.ma.comcast.net] has joined #rust-bitcoin 13:51 -!- surja795 [~surja795@c-24-62-248-154.hsd1.ma.comcast.net] has quit [Client Quit] 14:19 < sgeisler> Iff `compile` is deterministic (I hope so) this should be a sane thing to do, shouldn't it?: https://github.com/apoelstra/rust-miniscript/pull/93 14:19 < sgeisler> *and somewhat stable 15:35 -!- sgeisler [sid356034@gateway/web/irccloud.com/x-wytsersrsromyynn] has quit [Ping timeout: 246 seconds] 15:35 -!- elichai2 [sid212594@gateway/web/irccloud.com/x-fwjjixdouqwfdrwz] has quit [Ping timeout: 260 seconds] 15:35 -!- fjahr [sid374480@gateway/web/irccloud.com/x-ixfgxajkuakwodov] has quit [Ping timeout: 272 seconds] 15:35 -!- Aleru [sid403553@gateway/web/irccloud.com/x-osvqqxazaeheaotb] has quit [Ping timeout: 272 seconds] 15:36 -!- rodarmor [sid210835@gateway/web/irccloud.com/x-keuoaawcwhipvvkb] has quit [Ping timeout: 272 seconds] 15:36 -!- jamesob [sid180710@gateway/web/irccloud.com/x-ylcugpkygwylqefk] has quit [Ping timeout: 260 seconds] 15:36 -!- valwal_ [sid334773@gateway/web/irccloud.com/x-vpbnsrodnoqsjuqc] has quit [Ping timeout: 260 seconds] 15:37 -!- prusnak [sid403625@gateway/web/irccloud.com/x-huaafpzwimkrhpiy] has quit [Ping timeout: 244 seconds] 15:37 -!- jkczyz [sid419941@gateway/web/irccloud.com/x-wjxmksunuwrmguxl] has quit [Ping timeout: 260 seconds] 15:37 -!- moneyball [sid299869@gateway/web/irccloud.com/x-idfrgkxmsbhwxvay] has quit [Ping timeout: 256 seconds] 15:37 -!- schmidty [sid297174@gateway/web/irccloud.com/x-sxrueubhxjmfakcd] has quit [Ping timeout: 272 seconds] 15:37 -!- prusnak [sid403625@gateway/web/irccloud.com/x-hkezqmmeoszcbmgq] has joined #rust-bitcoin 15:37 -!- moneyball [sid299869@gateway/web/irccloud.com/x-flptnlazuymwjekt] has joined #rust-bitcoin 15:38 -!- elichai2 [sid212594@gateway/web/irccloud.com/x-ncldrsilsbytwleo] has joined #rust-bitcoin 15:39 -!- valwal_ [sid334773@gateway/web/irccloud.com/x-qifsswwtchwsflxx] has joined #rust-bitcoin 15:41 -!- Aleru [sid403553@gateway/web/irccloud.com/x-mdhadtakanjjzcvz] has joined #rust-bitcoin 15:41 -!- rodarmor [sid210835@gateway/web/irccloud.com/x-yaiwqwmqvexigaaz] has joined #rust-bitcoin 15:41 -!- sgeisler [sid356034@gateway/web/irccloud.com/x-goixuwidhatkpyik] has joined #rust-bitcoin 15:41 -!- jkczyz [sid419941@gateway/web/irccloud.com/x-cmdidozedoxkrfli] has joined #rust-bitcoin 15:42 -!- jamesob [sid180710@gateway/web/irccloud.com/x-jggcdmnrhnqruafg] has joined #rust-bitcoin 15:42 -!- schmidty [sid297174@gateway/web/irccloud.com/x-nngxwkzqbkdnzwpw] has joined #rust-bitcoin 15:43 -!- fjahr [sid374480@gateway/web/irccloud.com/x-nnnlcpasqlezucfe] has joined #rust-bitcoin 17:11 -!- dpc [dpcmatrixo@gateway/shell/matrix.org/x-hamewajlrgkctuqc] has quit [Ping timeout: 246 seconds] 17:16 -!- dpc [dpcmatrixo@gateway/shell/matrix.org/x-tpmsvlrpivpswnqv] has joined #rust-bitcoin 18:07 -!- DeanGuss [~dean@gateway/tor-sasl/deanguss] has joined #rust-bitcoin 18:25 -!- ghost43_ [~daer@gateway/tor-sasl/daer] has joined #rust-bitcoin 18:25 -!- ghost43 [~daer@gateway/tor-sasl/daer] has quit [Ping timeout: 240 seconds] 19:21 -!- ghost43_ [~daer@gateway/tor-sasl/daer] has quit [Remote host closed the connection] 19:22 -!- ghost43 [~daer@gateway/tor-sasl/daer] has joined #rust-bitcoin 20:01 -!- DeanGuss [~dean@gateway/tor-sasl/deanguss] has quit [Remote host closed the connection] 20:02 -!- DeanGuss [~dean@gateway/tor-sasl/deanguss] has joined #rust-bitcoin 20:06 < andytoshi> sgeisler: can you specify where you need `compile` determinism? 20:07 < andytoshi> i don't think it is deterministic actually because of the use of floating point comparisons 20:07 < andytoshi> i definitely like the idea of having a DescriptorKey which does all the cool things descriptor keys can do in Core 20:07 < andytoshi> btw sgeisler ##miniscript might be a better channel for this 23:36 -!- vindard [~vindard@190.83.165.233] has quit [Ping timeout: 256 seconds] --- Log closed Fri Jun 05 00:00:41 2020