--- Log opened Mon Aug 31 00:00:56 2015 00:01 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 00:12 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 00:27 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has left #bitcoin-wizards [] 00:39 -!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has quit [Ping timeout: 255 seconds] 00:46 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 00:46 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 01:11 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 260 seconds] 01:18 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] 01:24 -!- rubensayshi [~ruben@91.206.81.13] has joined #bitcoin-wizards 01:26 -!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards 01:27 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [] 01:29 -!- sparetire_ [~sparetire@unaffiliated/sparetire] has joined #bitcoin-wizards 01:40 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 01:41 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 01:50 -!- jtimon_ [~quassel@m952736d0.tmodns.net] has quit [Ping timeout: 265 seconds] 01:53 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 01:54 -!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards 02:01 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 02:03 -!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds] 02:04 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 02:04 -!- tripleslash [~triplesla@unaffiliated/imsaguy] has quit [Read error: Connection reset by peer] 02:07 -!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 240 seconds] 02:11 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 02:12 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 02:19 -!- AaronvanW [~ewout@x55b28c0b.dyn.telefonica.de] has joined #bitcoin-wizards 02:19 -!- AaronvanW [~ewout@x55b28c0b.dyn.telefonica.de] has quit [Changing host] 02:19 -!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards 02:27 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 02:28 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 02:35 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards 02:40 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 02:41 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 02:44 -!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-hakyrusrtonjdhmz] has joined #bitcoin-wizards 02:59 -!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 255 seconds] 03:00 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards 03:01 -!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards 03:07 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 03:08 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 03:12 -!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.] 03:23 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 255 seconds] 03:27 -!- mkarrer [~mkarrer@165.Red-83-55-152.dynamicIP.rima-tde.net] has joined #bitcoin-wizards 03:28 -!- mkarrer [~mkarrer@165.Red-83-55-152.dynamicIP.rima-tde.net] has quit [Client Quit] 03:30 -!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards 03:37 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 255 seconds] 03:47 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 03:48 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 03:57 -!- hazirafel [~ufoinc@31.154.92.14] has joined #bitcoin-wizards 04:09 -!- hazirafel [~ufoinc@31.154.92.14] has quit [Remote host closed the connection] 04:19 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)] 04:29 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 04:30 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards 04:31 -!- belcher [~user@unaffiliated/belcher] has joined #bitcoin-wizards 04:33 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 04:34 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 04:35 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 04:38 -!- hearn [~mike@185.25.95.132] has quit [Ping timeout: 252 seconds] 04:38 -!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards 04:39 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards 04:40 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 04:42 -!- King_Rex [~King_Rex@2600:1005:b11e:8cac:59f7:71ea:d6b9:5cef] has joined #bitcoin-wizards 04:42 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 04:45 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 04:49 -!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 04:49 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 04:50 -!- ratbanebo [~ratbanebo@2a02:1812:1515:2400:5ce6:3db6:c647:da28] has joined #bitcoin-wizards 04:52 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 04:54 -!- c0rw|zZz is now known as c0rw1n 04:55 -!- Huxy [~Huxy@cpe-104-32-148-17.socal.res.rr.com] has joined #bitcoin-wizards 04:57 -!- Huxy- [~Huxy@cpe-104-32-148-17.socal.res.rr.com] has quit [Ping timeout: 265 seconds] 05:07 -!- dc17523be3 [~unknown@cpe-66-68-54-206.austin.res.rr.com] has quit [Ping timeout: 244 seconds] 05:11 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 05:13 -!- dc17523be3 [~unknown@cpe-66-68-54-206.austin.res.rr.com] has joined #bitcoin-wizards 05:23 -!- smooth is now known as yGyG 05:24 -!- yGyG is now known as smooth 05:25 -!- hazirafel [~ufoinc@bzq-79-180-174-43.red.bezeqint.net] has joined #bitcoin-wizards 05:31 -!- p15x [~p15x@114.248.217.53] has quit [Max SendQ exceeded] 05:33 -!- p15x [~p15x@114.248.217.53] has joined #bitcoin-wizards 05:37 -!- p15x [~p15x@114.248.217.53] has quit [Max SendQ exceeded] 05:38 -!- p15x [~p15x@114.248.217.53] has joined #bitcoin-wizards 05:39 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards 05:42 -!- p15_ [~p15@209.234.248.40] has joined #bitcoin-wizards 05:43 -!- p15x [~p15x@114.248.217.53] has quit [Ping timeout: 246 seconds] 05:43 -!- p15 [~p15@209.234.248.23] has quit [Ping timeout: 260 seconds] 05:43 -!- hearn [~mike@185.25.95.132] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] 05:44 -!- p15x [~p15x@64.145.91.75] has joined #bitcoin-wizards 05:48 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [] 05:49 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] 05:52 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 246 seconds] 05:57 -!- hazirafel [~ufoinc@bzq-79-180-174-43.red.bezeqint.net] has quit [Quit: Leaving] 05:57 -!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards 06:02 -!- adam3us [~Adium@207.237.185.203] has quit [Quit: Leaving.] 06:02 -!- p15x_ [~p15x@64.145.91.83] has joined #bitcoin-wizards 06:04 -!- p15x [~p15x@64.145.91.75] has quit [Ping timeout: 250 seconds] 06:06 -!- adam3us [~Adium@207.237.185.203] has joined #bitcoin-wizards 06:08 -!- adam3us [~Adium@207.237.185.203] has quit [Client Quit] 06:13 -!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye] 06:15 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 268 seconds] 06:17 -!- kang_ [67efe9ed@gateway/web/freenode/ip.103.239.233.237] has joined #bitcoin-wizards 06:18 -!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards 06:20 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards 06:22 -!- smooth is now known as muneromooo 06:23 -!- muneromooo is now known as smooth 06:23 -!- smooth is now known as sm00th 06:25 -!- sm00th is now known as fIuffypony 06:25 -!- alferz [~alferz@unaffiliated/alfer] has quit [Ping timeout: 244 seconds] 06:26 -!- fIuffypony is now known as TheRealFluffypon 06:26 -!- TheRealFluffypon is now known as smooth 06:27 -!- jgarzik [~jgarzik@unaffiliated/jgarzik] has joined #bitcoin-wizards 06:28 -!- Jaamg [jhpiloma@gateway/shell/tkk.fi/x-muebzezsiflyjowe] has quit [Remote host closed the connection] 06:29 -!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-hakyrusrtonjdhmz] has quit [Quit: Connection closed for inactivity] 06:32 -!- alferz [~alferz@c-174-50-153-223.hsd1.ca.comcast.net] has joined #bitcoin-wizards 06:32 -!- alferz [~alferz@c-174-50-153-223.hsd1.ca.comcast.net] has quit [Changing host] 06:32 -!- alferz [~alferz@unaffiliated/alfer] has joined #bitcoin-wizards 06:36 -!- smooth is now known as Tank 06:36 -!- Tank is now known as Guest22470 06:36 -!- alferz [~alferz@unaffiliated/alfer] has quit [Ping timeout: 244 seconds] 06:36 -!- Guest22470 is now known as smooth 06:38 -!- Populus [Populus@unaffiliated/populus] has joined #bitcoin-wizards 06:38 -!- Populus [Populus@unaffiliated/populus] has quit [Changing host] 06:38 -!- Populus [Populus@gateway/vpn/mullvad/x-rhjwgcptwadehyev] has joined #bitcoin-wizards 06:42 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 06:43 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards 06:43 -!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-pccpiecsetvojxqg] has joined #bitcoin-wizards 06:48 -!- ratbaneb_ [~ratbanebo@78-23-10-185.access.telenet.be] has joined #bitcoin-wizards 06:51 -!- ratbanebo [~ratbanebo@2a02:1812:1515:2400:5ce6:3db6:c647:da28] has quit [Ping timeout: 256 seconds] 06:52 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 06:56 -!- afk11 [~afk11@unaffiliated/afk11] has joined #bitcoin-wizards 06:58 -!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards 07:05 -!- Populus [Populus@gateway/vpn/mullvad/x-rhjwgcptwadehyev] has quit [Read error: Connection reset by peer] 07:05 < kanzure> "Oblivious substring search with updates" https://eprint.iacr.org/2015/722.pdf 07:15 < nsh> oblivious updates? 07:15 -!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards 07:16 -!- Populus [~Populus@unaffiliated/populus] has joined #bitcoin-wizards 07:17 -!- hazirafel [~ufoinc@91.135.102.164] has joined #bitcoin-wizards 07:18 -!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards 07:18 -!- bigreddmachine [~bigreddma@c-67-176-94-89.hsd1.co.comcast.net] has joined #bitcoin-wizards 07:23 -!- bigreddmachine [~bigreddma@c-67-176-94-89.hsd1.co.comcast.net] has quit [] 07:23 -!- paci [~paci@host41-233-static.58-79-b.business.telecomitalia.it] has quit [Quit: Leaving] 07:26 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Ping timeout: 246 seconds] 07:27 -!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has quit [Quit: Leaving] 07:27 -!- p15x [~p15x@111.193.191.229] has joined #bitcoin-wizards 07:29 -!- p15x_ [~p15x@64.145.91.83] has quit [Ping timeout: 265 seconds] 07:31 -!- RH311ish [~RH311ish@65.78.60.74] has quit [Ping timeout: 246 seconds] 07:32 -!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Ping timeout: 264 seconds] 07:32 -!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards 07:39 -!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Ping timeout: 244 seconds] 07:39 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 07:43 -!- dEBRUYNE [~dEBRUYNE@ww010103.uvt.nl] has joined #bitcoin-wizards 07:46 -!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards 07:50 < kanzure> "snarkfront is a C++ embedded domain specific language (EDSL) over the underlying snarklib template library" https://github.com/jancarlsson/snarkfront 07:54 -!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has joined #bitcoin-wizards 07:54 -!- hazirafel [~ufoinc@91.135.102.164] has quit [Remote host closed the connection] 08:03 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 246 seconds] 08:04 < kanzure> andytoshi: do you know these guys? http://www.pepper-project.org/ 08:05 -!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat] 08:05 -!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards 08:05 < btcdrak> http://arxiv.org/abs/1402.2269 08:09 -!- nwilcox [~nwilcox@74-95-207-205-SFBA.hfc.comcastbusiness.net] has joined #bitcoin-wizards 08:11 < nsh> (snarkfront sounds like an extremist sect from Wonderland) 08:15 -!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards 08:22 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [Remote host closed the connection] 08:24 < andytoshi> kanzure: andrew blumberg is the only name i recognize; he does topology so i've never talked to him 08:24 < andytoshi> the others i don't know at all 08:24 < andytoshi> i was unaware that UT was involved with this project. very interesting 08:26 -!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Remote host closed the connection] 08:26 -!- dEBRUYNE [~dEBRUYNE@ww010103.uvt.nl] has quit [Ping timeout: 244 seconds] 08:27 -!- c0rw1n is now known as c0rw|away 08:28 -!- rodarmor [~rodarmor@static-100-38-11-146.nycmny.fios.verizon.net] has quit [Quit: leaving] 08:30 < kanzure> andytoshi: perhaps you should stalk them 08:31 < kanzure> "Merklized abstract syntax trees" http://css.csail.mit.edu/6.858/2014/projects/jlrubin-mnaik-nityas.pdf 08:44 < andytoshi> kanzure: i don't know nearly enough about academic verifiable computing lingo to stalk them usefully 08:44 < kanzure> i mean go meet them :P 08:45 < kanzure> "merkle hash trees for distributed audit logs" http://www.enseignement.polytechnique.fr/informatique/INF441/projets/merkle/merkle.pdf 08:46 -!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has joined #bitcoin-wizards 08:46 -!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has quit [Remote host closed the connection] 08:46 -!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has joined #bitcoin-wizards 08:50 < nwilcox> Because the blockchain provides consensus, it can be used to resolve collisions in a less-than-collision-resistant hash function. 08:50 < andytoshi> kanzure: i'll try to bug blumberg one of these days 08:51 < nwilcox> So would it be possible to replace pubkey / script hashes with a shorter bit string, provided we require anyone who needs to verify those hashes must also maintain context from the blockchain history? 08:51 -!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has joined #bitcoin-wizards 08:51 -!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Remote host closed the connection] 08:52 < andytoshi> kanzure: it's interesting that blumberg's high-level interests align so closely with my own, given that he does everything topologically (which i have zero interest in) 08:52 < nwilcox> This could be both a scaling and a usability hack. (Not sure what proportion of storage/bandwidth is hashes, so not sure how much it helps with that.) 08:53 < andytoshi> nwilcox: sure, if we could expect everyone to "maintain context" blockheaders themselves would suffice 08:53 < andytoshi> in that example the context for a transaction would be (a) the whole transaction, (b) its merkle path in the block to the hash in the header, (c) the same for all its inputs and so on 08:54 -!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards 08:55 < andytoshi> welll, actually, scratch that, i think this does not provide useful protection against double-spends unless everyone stores every transaction (and that's where we're at now) 08:55 < nwilcox> andytoshi: If k txouts pay to pubkey hash H, this currently uses k*H*hash_size bytes in aggregate for all of those txns, right? 08:55 < andytoshi> nwilcox: yes 08:56 < nwilcox> -and to verify a transaction "locally" (without double spend protection), a non-full-node can check hashes and signatures. 08:56 < zooko> nwilcox: but, those can be coalesced by the controller of the private key. 08:56 < andytoshi> ..but given that the pubkeyhash is (on a UI level) a label for the txouts, i'd expect k to be one in most cases 08:56 < zooko> If he wants. Not that he pays the scaling costs of not doing so. 08:57 < nwilcox> I'm confused a bit. If my wallet sends your wallet BTC in two separate transactions, doesn't it repeat your pubkey hash twice on the wire? 08:57 < andytoshi> nwilcox: no, if you send two transactions you need to spend (at least) two different txouts 08:58 < nwilcox> -and whenever any full node verifies blocks containing either of those two txns, they download the same hash twice. 08:58 < nwilcox> andytoshi: Two txouts to the same pubkey hash. 08:58 < kanzure> what's a "bucket merkle tree"? http://pastebin.com/ynQgBLJ5 08:58 < andytoshi> nwilcox: i'm telling you that's rare (and for privacy reasons we'd prefer it never happen) 08:59 < andytoshi> and no, they would not download the same hash twice; verifiers would have both txouts cached 08:59 < andytoshi> and the two transactions would refer to different txouts, which would have different (txhash, vout) identifiers 09:01 < nwilcox> andytoshi: First, let's set aside privacy. I'm willing to concede this isn't useful if it requires sacrificing privacy, but I want to explore it with that simplification. 09:01 < nwilcox> Next, when you say "two txns would refer to different txouts", you are refering to their txins, right? I'm focused on the scriptPubKey in the txouts. 09:02 < nwilcox> If (privacy be-damned), two transactions make payments to the same pubkey, the contain txouts which repeat the pubkey's hash, correct? 09:02 < andytoshi> yes 09:02 < nwilcox> s/the contain/they contain/g 09:03 < nwilcox> Ok, so if we sacrifice (in addition to privacy!) the ability for nodes to verify signatures "locally", then can't we only include a smaller number of bits on the wire and rely on the blockchain to resolve hash collisions? 09:04 < nwilcox> There are those two crucial sacrifices, and even then I'm not sure if this helps scalability at all. 09:04 < zooko> nwilcox: I'm trying to suggest something which I think has the same effect. 09:04 < nwilcox> resolving collisions eg: "Take sha256(msg) then truncate it to 64 bits. If that's already present in my contextual state, then take the sha256(sha256(msg)) and check again, etc.. 09:05 < nwilcox> zooko: What is that? 09:05 < zooko> nwilcox: the recipient can *spend* those two utxos. 09:05 < zooko> Then there are no longer 2, but only 1, utxo. 09:05 < nwilcox> zooko: Ah, okay. I'm focused on the bandwidth of transactions. That would involve repeating the pubkey hash twice for the initial two transactions, plus another transaction. 09:06 < nwilcox> Maybe utxo size in any given block is more important than serialization size of transactions. 09:06 < zooko> Ah, I was focused on the size of the utxo set, which is a different measure. 09:06 < nwilcox> Hrm... maybe I should learn about which measures represent the important scaling bottleneck. 09:07 < zooko> *nod* 09:07 -!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 09:07 < nwilcox> Changing block size is one way to address txn/time by changing bandwidth. 09:07 < nwilcox> Shrinking txn serialization size is another way to raise txn/time *without* changing bandwidth. 09:07 -!- adam3us [~Adium@172.56.5.56] has joined #bitcoin-wizards 09:08 < nwilcox> My intuition is that utxo set size isn't a bottleneck for scaling txn/time. 09:09 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards 09:09 < nwilcox> Actually, this hack may help with all hashes, regardless of their reuse, and therefore it may not impact bitcoin privacy at all. 09:10 < nwilcox> It still requires a fundamental change which sacrifices local transaction verification. 09:10 < nwilcox> -and it might not work when multiple transactions refer to different hashes whose shortened version collides within the same block. 09:12 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [Remote host closed the connection] 09:12 -!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-pccpiecsetvojxqg] has quit [Quit: Connection closed for inactivity] 09:12 -!- adam3us [~Adium@172.56.5.56] has quit [Ping timeout: 255 seconds] 09:12 < nwilcox> Hm... Actually the whole idea may be incoherent. In order to resolve collisions, a rule would say "the first colliding input, x_0, gets to 'claim' that output, and the next colliding input, x_1, has to be further processed." 09:13 < nwilcox> But the input x_0 (eg a pubkey) is typically not known to the blockchain when txos refer to it initially. 09:13 < zooko> Doesn't sound like a promising approach since, as you say, it requires a disruptive change which sacrifices a widely-used feature. 09:14 < nwilcox> I'm not sure how widely used local transaction verification is used... 09:15 < nwilcox> Safest to assume some important userbase for any feature of unknown usage. 09:16 -!- adam3us [~Adium@172.56.23.25] has joined #bitcoin-wizards 09:21 -!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye] 09:25 -!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 09:32 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards 09:32 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 09:36 -!- adam3us [~Adium@172.56.23.25] has quit [Ping timeout: 246 seconds] 09:38 -!- hearn_ [~mike@46.140.0.218] has joined #bitcoin-wizards 09:41 -!- Emcy_ [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards 09:41 -!- hearn [~mike@185.25.95.132] has quit [Ping timeout: 246 seconds] 09:43 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 240 seconds] 09:52 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 09:52 -!- hearn_ [~mike@46.140.0.218] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] 09:53 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 09:54 -!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Remote host closed the connection] 09:55 -!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Remote host closed the connection] 09:57 -!- jtimon [~quassel@md42736d0.tmodns.net] has joined #bitcoin-wizards 10:00 -!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards 10:00 -!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Read error: Connection reset by peer] 10:03 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 10:08 -!- nwilcox [~nwilcox@74-95-207-205-SFBA.hfc.comcastbusiness.net] has quit [Ping timeout: 264 seconds] 10:09 -!- kmels [~kmels@186.64.110.122] has joined #bitcoin-wizards 10:11 -!- Jaamg [jhpiloma@gateway/shell/tkk.fi/x-okyjhhkitmbubkij] has joined #bitcoin-wizards 10:11 -!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 250 seconds] 10:13 -!- kang_ [67efe9ed@gateway/web/freenode/ip.103.239.233.237] has quit [Quit: Page closed] 10:20 -!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has quit [Remote host closed the connection] 10:21 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 10:21 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Client Quit] 10:23 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 10:23 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Read error: Connection reset by peer] 10:23 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards 10:23 -!- jaekwon [~jaekwon@2601:645:c001:263a:69a5:68e6:e538:5eb3] has joined #bitcoin-wizards 10:26 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] 10:26 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 10:27 -!- jaekwon [~jaekwon@2601:645:c001:263a:69a5:68e6:e538:5eb3] has quit [Remote host closed the connection] 10:31 -!- nwilcox [~nwilcox@50-0-142-211.dsl.dynamic.fusionbroadband.com] has joined #bitcoin-wizards 10:34 -!- Anarcho [Anarcho@unaffiliated/anarcho] has quit [] 10:45 -!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Ping timeout: 250 seconds] 11:02 -!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has joined #bitcoin-wizards 11:10 < kanzure> oh for proof-of-treachery your supernode could really be a 1-of-10000 "at least 1 honest node" protocol of some kind. but they could still coerce everyone to change the fraud proof handling stuff because the costs of setting up an alternative set of supernodes is very high. maybe you could steal back their fees/income and give it to the one honest node as a result. 11:11 -!- adam3us [~Adium@172.56.18.132] has joined #bitcoin-wizards 11:12 -!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has left #bitcoin-wizards ["Textual IRC Client: www.textualapp.com"] 11:13 -!- rubensayshi [~ruben@91.206.81.13] has quit [Remote host closed the connection] 11:16 -!- jtimon [~quassel@md42736d0.tmodns.net] has quit [Ping timeout: 264 seconds] 11:17 -!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 11:18 < gmaxwell> The attacker could just paritition you from the 1-of-. All the fraud proof oriented approaches are very censorship vulnerable :(. The biggest weakness there, and I can't even say its purely additive, because of the supernode cost issues. 11:18 -!- nwilcox [~nwilcox@50-0-142-211.dsl.dynamic.fusionbroadband.com] has quit [Quit: leaving] 11:19 -!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards 11:19 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards 11:31 < kanzure> contigency plans for what to do about extremely costly supernodes would be a nice thing to have, like maybe instead of degradation of transactions/sec you can get degradation of some other property as you bootstrap again below that supernode costliness threshold. 11:34 -!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards 11:34 < kanzure> wait how does the partioning work? i was thinking of a 1-of-10,000 multisig party. 11:34 < gmaxwell> 08:54 < nwilcox> So would it be possible to replace pubkey / script hashes with a shorter bit string, provided we require anyone who needs to verify those hashes must also maintain context from the blockchain history? 11:34 < gmaxwell> You can, yes, of course you're exposed to attack under reorg and by miners; and-- you end up with forever growing random access data to deal with. 11:35 -!- BigBitz [~bigbitz@unaffiliated/bigbitz] has quit [Quit: This should never appear!] 11:36 < gmaxwell> kanzure: your security assumption is that at least 1 of 1000 is honest. Right? That means up to 999 are dishonest. A dishonest party signs, and a sybil attack prevents communication from the honest party. 11:36 < gmaxwell> So you get a no-fraud signature, and you're denied access to the wait-theres-fraud signature. 11:37 < kanzure> m-of-m but yes i see your point for 1-of-m (which is obvious) 11:37 < gmaxwell> now, if you said 1000-of-1000 you'd have it, but there is an obvious reliablity issue there. 11:38 < kanzure> i was referring to 1-of-m as in 1 has to be honest, but you're right that when saying x-of-y it's usually talking about the threshold to be considered valid, whoops 11:38 < gmaxwell> You could relax e.g. to a 990 of 1000 to have some redundancy, and perhaps thats more reasonable. 11:38 < kanzure> also you have backlog in pm to review 11:38 < gmaxwell> okay makes more sense. 11:38 < kanzure> but yeah the other issues you have brought up are also troubling 11:39 < kanzure> once you have a sufficiently high supernode cost, there's really no hope for rebooting the network 11:40 < kanzure> but this might be true for all possible systems :-) 11:42 -!- smk [9e557647@gateway/web/freenode/ip.158.85.118.71] has joined #bitcoin-wizards 11:43 -!- gill3s [~gill3s@pat35-3-82-245-143-153.fbx.proxad.net] has joined #bitcoin-wizards 11:44 -!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Ping timeout: 244 seconds] 11:48 -!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards 11:49 -!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has quit [Read error: Connection reset by peer] 11:51 -!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has joined #bitcoin-wizards 11:55 -!- Dizzle_ [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards 11:55 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Disconnected by services] 11:55 -!- Dizzle_ is now known as Dizzle 11:56 -!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 12:01 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Read error: Connection reset by peer] 12:01 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards 12:01 -!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Ping timeout: 264 seconds] 12:03 -!- hazirafel [~ufoinc@31.154.92.14] has joined #bitcoin-wizards 12:11 -!- eudoxia_ [~eudoxia@r167-57-95-52.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards 12:11 -!- eudoxia_ [~eudoxia@r167-57-95-52.dialup.adsl.anteldata.net.uy] has quit [Remote host closed the connection] 12:14 < gmaxwell> https://twitter.com/ChristopherA/status/638425326528233472 12:14 < gmaxwell> We've been building some interest outside of the bitcoin ecosystem on script-as-a-digital-signature-system 12:14 < gmaxwell> I wish we were further along with script replacement stuff. :( 12:15 -!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has quit [Ping timeout: 250 seconds] 12:15 -!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards 12:16 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Ping timeout: 240 seconds] 12:17 -!- nwilcox [~nwilcox@24.130.26.146] has joined #bitcoin-wizards 12:18 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 12:18 < aj> gmaxwell: "script replacement stuff" ? more info pls? :) 12:19 < gmaxwell> aj: There are several lines of long term development related to an improved replacement for Bitcoin script incorporating several of the powerful observations we've made in the last couple years. 12:20 < aj> gmaxwell: are there threads / white papers / ... about it that i could read? 12:20 < gmaxwell> scattered, and no awesome overviews right now. 12:21 < gmaxwell> The most important being the fundimenal difference between computation and verification. For example, division is expensive to perform. But if I asked you to verify a transcript of a program that divided you could still do so even if you were unable to divide yourself: You can take the answer and _multiply_ (which is cheap) and then check that the result agreed with the inputs. Turns out that 12:21 < gmaxwell> this thinking has deep implications. 12:22 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 12:22 < aj> gmaxwell: sounds like verifying a proof versus constructing one, too 12:22 < kanzure> .tw https://twitter.com/ChristopherA/status/638425326528233472 12:22 < yoleaux> Och, A cannae finde nae tweet 12:23 < nsh> 'Imagine a cert that embeds its own validation & revocation scripts, using a language like #Bitcoin transaction code. Interested? @pwuille?' 12:23 < gmaxwell> One way this thinking applies is what P2SH does-- the program comes with the signature, and the pubkey only commits to it. This can be applied recursively in a powerful way. Imagine your program as a tree that branches for every OR condition. Now build a hashtree over the program code. When you spend, you need only reveal the segments you actually executed, not the whole program. 12:23 < gmaxwell> We call that MAST: merkelized abstract syntax tree. 12:23 < kanzure> isn't this the MAST/MTUT thing. 12:23 < kanzure> yes ok. 12:24 < kanzure> also i think the spelling needs to be figured out because i saw merklized abstract syntax tree and merkleized and merkelized when i was reading most -wizards logs recently 12:24 < gmaxwell> I misspell all the things. 12:24 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards 12:24 < kanzure> here is an okay conversation about that particular mast concept: http://diyhpl.us/~bryan/papers2/bitcoin/wizards/2014-01-15.txt 12:25 < aj> kanzure: "merkled" ? "merky" (murky) ? :) 12:25 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 12:25 < gmaxwell> At an extreme you can get some incredible compression for two party contracts; e.g. make your script {2 of 2 multisig} OR {complex contract}. And so long as everyone cooperates, the network never sees the complex contract. 12:25 < kanzure> aj: no :-) 12:25 < nsh> (it's merkleized or Merkle-ized [s#z#s# as appropriate]) 12:26 < aj> kanzure: aww come on, it's perfect! it's murky because you never see the whole thing! 12:26 < gmaxwell> Another thing we've learned, is that any sensible multi-condition authorization scheme at the top level is a monotone boolean function. For example, it is not sensible to have a policy which says Alice && Bob && !Carol since carol could always just choose not to sign (or have her signature stripped). 12:27 < nsh> (which neatly corresponds to the kind of access structures you can achieve with certain types of group signature) 12:27 < nsh> (not that this does bitcoin any good, directly) 12:28 < gmaxwell> Monotone boolean functions are those functions that can be constructed exclusively with AND and OR gates (or, equally, with threshold gates). They have a useful property that they are trivally composable. E.g. you can take an AND or an OR of two sensible policies and you get a sensible policy, or you can put a sensible policy as any leaf in another sensible policy and get another one. 12:28 < gmaxwell> They also have the property that you can sign 'your part' of a monotone function without understanding any of the rest. E.g. they're cumulative. 12:29 < kanzure> also here are some other times that merkleized abstract syntax trees have come up: https://bitcointalk.org/index.php?topic=369605.0 and https://bitcointalk.org/index.php?topic=255145.msg2757327#msg2757327 and https://bitcointalk.org/index.php?topic=253385.0 and http://diyhpl.us/~bryan/papers2/bitcoin/wizards/2014-01-15.txt and 12:29 < kanzure> whoops last and is a fake 12:30 < nsh> cf. https://github.com/JeremyRubin/MAST/blob/master/paper/paper.pdf 12:30 < gmaxwell> So there has been a fair amount of discussion talking about the space of monotone functions, efficient encodings for them, etc. As it seems like it would be sensible for any future script to have a monotone decison tree as a first class construct. 12:31 * nsh nods 12:31 < gmaxwell> There are other assorted bits of thinking which are relevant, e.g. we now know how to make any such system very soft-fork friendly. 12:32 < gmaxwell> OTOH, soft-fork-friendlyness has bad effects when script is used outside of a consensus system. 12:32 < gmaxwell> https://github.com/ElementsProject/elements/pull/49 < see comments there. 12:33 < gmaxwell> or at least potentially bad effects. 12:33 < gmaxwell> Part of the importance of handling it specifically. 12:33 < kanzure> would a sighash type fix this 12:35 < gmaxwell> kanzure: what I had proposed previously is that at the top level you have a monotone tree and at each leaf there is a condition and each condition begins with a rule specifier. An application could choose how it handles unknown specifiers. In a consensus system, you'd assume an unknown specifier is a soft-fork and silently accept. 12:35 -!- smk [9e557647@gateway/web/freenode/ip.158.85.118.71] has left #bitcoin-wizards [] 12:35 < gmaxwell> In other contexts you'd assume it was a future feature and you'd reject with a notice that the signature couldn't be understood. 12:36 < nsh> hmm 12:37 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 12:37 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 12:38 < kanzure> there was also a "P3SH" suggestion regarding merklized abstract syntax trees or OP_PARTIAL_MAST or OP_MAST or something: https://bitcointalk.org/index.php?topic=1106586.msg11773568#msg11773568 12:38 < kanzure> OP_MAST_EVAL was https://bitcointalk.org/index.php?topic=255145.msg2757327#msg2757327 12:39 < kanzure> OP_PARTIAL_MERKLE_ROOT was https://bitcointalk.org/index.php?topic=175639.0 12:39 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 12:40 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 12:40 -!- sumah [~sum4h@50.248.81.66] has quit [Quit: Leaving] 12:42 < kanzure> "This system would allow new opcodes to be added in a cleaner fashion. Nodes which don't understand the opcodes would just accept the script." 12:42 -!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-icpehkfkhgxxhlxn] has joined #bitcoin-wizards 12:44 -!- drwin [~drwin@out-nat-33.jes.cz] has quit [] 12:45 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards 12:49 -!- fabianfabian [~fabianfab@5ED15F42.cm-7-2b.dynamic.ziggo.nl] has joined #bitcoin-wizards 12:53 -!- nullbyte [NSA@gateway/vpn/mullvad/x-pfwdhvcuaquketbq] has joined #bitcoin-wizards 12:57 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 12:58 -!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has quit [Read error: Connection timed out] 13:01 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 13:04 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 13:07 -!- drwin [~drwin@out-nat-33.jes.cz] has joined #bitcoin-wizards 13:09 -!- fabianfabian [~fabianfab@5ED15F42.cm-7-2b.dynamic.ziggo.nl] has quit [Read error: Connection reset by peer] 13:10 -!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: Later.] 13:12 -!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Remote host closed the connection] 13:13 -!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards 13:14 -!- zooko [~user@2601:281:8301:e87f:b8d1:78a1:ef0c:d34] has joined #bitcoin-wizards 13:19 -!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards 13:21 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 13:22 -!- gavinandresen [~gavin@unaffiliated/gavinandresen] has joined #bitcoin-wizards 13:22 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 13:28 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 13:32 -!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards 13:35 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 13:36 -!- adam3us [~Adium@172.56.18.132] has quit [Quit: Leaving.] 13:38 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 13:38 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 13:39 -!- digitalmagus [~digitalma@unaffiliated/digitalmagus] has quit [Ping timeout: 264 seconds] 13:40 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 13:42 -!- ginah [~nahnah@50.248.81.66] has joined #bitcoin-wizards 13:43 -!- nwilcox [~nwilcox@24.130.26.146] has quit [Quit: leaving] 13:45 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 13:45 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] 13:50 -!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has quit [Ping timeout: 252 seconds] 13:52 -!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has joined #bitcoin-wizards 13:53 -!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has joined #bitcoin-wizards 13:56 < andytoshi> gmaxwell: great summary of "new script" thinking, i haven't seen all that written out at once before 13:57 -!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 13:57 -!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Remote host closed the connection] 13:58 -!- gill3s [~gill3s@pat35-3-82-245-143-153.fbx.proxad.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 13:58 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 13:59 -!- SwedFTP [~SwedFTP@unaffiliated/swedftp] has quit [Ping timeout: 260 seconds] 13:59 -!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards 14:00 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 14:00 -!- drwin [~drwin@out-nat-33.jes.cz] has quit [Ping timeout: 240 seconds] 14:01 -!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards 14:02 -!- SwedFTP [~SwedFTP@unaffiliated/swedftp] has joined #bitcoin-wizards 14:02 -!- AnoAnon [~AnoAnon@197.39.234.135] has joined #bitcoin-wizards 14:02 -!- AnoAnon [~AnoAnon@197.39.234.135] has quit [Max SendQ exceeded] 14:03 < b-itcoinssg> What is the reasoning behind duplicating a leaf of an odd number merkle tree, instead of using the odd number leaf as a separate branch to build the merkle tree? 14:04 < gmaxwell> Your question is unclear to me. 14:05 < gmaxwell> The duplication bitcoin does is bad and creates a vulnerability, a second preimage attack. Something just needs to be padded there. Ideally it would be accomplished by something outside of the domain of the input. 14:06 -!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat] 14:09 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 14:09 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 14:09 -!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Remote host closed the connection] 14:10 -!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards 14:12 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 268 seconds] 14:13 < gmaxwell> On the subject of the index of bitcoin ideas stuff... there is now enough material gathered that sorting through it is hard. I'm thinking about ranking criteria which we could use to sort the stuff. Implemented? Widely deployed? Well-defined/described? Feasable? Useful? what other largely orthorgonal characteristics could we use to rank the sorts of raw ideas that have poured out of our ext 14:13 < gmaxwell> ended community? 14:16 -!- drwin [~drwin@out-nat-33.jes.cz] has joined #bitcoin-wizards 14:18 < kanzure> use nasa technology readiness levels http://esto.nasa.gov/files/trl_definitions.pdf 14:19 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 14:20 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 14:21 < gmaxwell> very nice. 14:22 < gmaxwell> Feasability is a bit orthorgonal though, e.g. there are ideas which I'm pretty sure actually don't work... but they are still interesting because they pose a problem which might be worth solving. 14:23 < gmaxwell> Or like all these proposals to fix value under signature with hardforks. I think thats boneheaded. :) but it only takes a few seconds of thought to go "oh yea, you can do the same thing with a softfork". 14:23 < gmaxwell> (well not just a hardfork but a total halt-all-transactions flag-day) 14:24 < gmaxwell> Really need better language than hard/soft forks, e.g. distinguishing details like must-upgrade-all-systems-at-once which traditionally had meant hardfork, but right now the recent blocksize stuff has made people think of hardforks incorrectly because the BIP101 proposed hardfork is a very unusual one. 14:25 -!- nwilcox [~nwilcox@c-73-202-109-21.hsd1.ca.comcast.net] has joined #bitcoin-wizards 14:25 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] 14:26 -!- user7779078 [~user77790@2a00:c98:2020:a003:21::2e] has joined #bitcoin-wizards 14:28 < kanzure> perhaps it should be judged by idea bus factor 14:30 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 14:31 < zooko> gmaxwell: +1 The terminology of "hard/soft fork" is a big impediment to my own thinking and to others I try to communicate with. 14:31 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 14:32 < gmaxwell> zooko: its an improvement over not having that distinction at all... but the terms arose organically, and without any real intent. 14:32 < gmaxwell> Hard fork was created to distinguish ordinary network forking from an unrecoverable difference in rules. 14:33 < gmaxwell> And then soft fork came about later to distinguish the changes that were only one-way hard-forks. 14:33 < kanzure> hmm i wonder if there's any cryptography stuff in the soviet patent system http://patentdb.su/ 14:35 < tromp_> hi, zooko 14:35 -!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 14:37 < zooko> Hiya tromp! 14:38 < tromp_> how's zerocash implementation coming along? 14:38 < zooko> We're finally making forward progress! Also, apparently the way publicity works, I have to avoid talking about it in forums where other people, especially journalists, could hear, if I want to get lots of publicity later from other journalists. :-/ 14:38 < zooko> I'm still working out that part. 14:39 < zooko> But fuck it, I'm going to answer your question right now and hopefully not regret it. 14:39 < zooko> So, we got cash in the bank, allowing us to hire another engineer, and so stop worrying about starving to death, and since then (which is quite recent), 14:39 < zooko> we're doing a bunch of boring engineering work like build system, unit tests, etc. 14:39 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 14:40 < zooko> My current priority is figuring out how to navigate this publicity stuff so that we can be all out in the open from there forward. 14:40 < zooko> Thanks for asking! 14:40 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 14:41 < tromp_> i ask because a while ago, you mentioned a possible testnet launch in august 14:41 < zooko> :-( My calendar has an old faded scratch on it that says "Launch Test Net" on 14:42 < zooko> Mon Aug 31. :-( 14:42 < tromp_> of course i know such ETAs just mean " guaranteed not to happen before ..." 14:42 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 14:42 < zooko> We don't ... Heh heh heh. 14:42 < zooko> I think the actual software is *almost* actually runnable for that purpose, but I'm blocked on my confusion about how to do PR. 14:42 < zooko> I also tried to hire a PR expert to help me with that, and then I was blocked on my confusion about how to hire PR experts. 14:42 < zooko> So I gave up on that and went back to working on it myself. 14:43 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 14:43 < zooko> "it" -> arranging PR, talking to journalists, etc. 14:43 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 14:44 < tromp_> btw, i recently got access to a beefy nVidia GPU card and completed my cuda miner for Cuckoo Cycle 14:44 < zooko> Oh, interesting! 14:44 < zooko> Are any altcoins deploying Cuckoo PoW yet? 14:44 < tromp_> turns out performance matches a 4-core hyperthreaded Core i7 14:45 < zooko> Cool data point! 14:45 < MRL-Relay> [othe] on what card model tromp? 14:45 < tromp_> GTX 980 14:45 < tromp_> optimum #threads was 512 14:45 < MRL-Relay> [othe] pretty much like cryptonight 14:45 < zooko> What' 14:45 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 14:45 < zooko> s cryptonight? 14:45 < tromp_> no, still not deployed, zooko 14:46 < MRL-Relay> [othe] zooko, the pow used in monero 14:46 < tromp_> perhaps more interesting, the GPU only spends 15% of runtime computing 14:46 * zooko looks at https://en.wikipedia.org/wiki/CryptoNote#Egalitarian_proof_of_work 14:46 < tromp_> tromp the rest being waiting for global memory accesses 14:47 < MRL-Relay> [othe] its better documented in the source https://github.com/monero-project/bitmonero/blob/master/src/crypto/slow-hash.c 14:47 < zooko> tromp: *nod* 14:47 < zooko> Thanks, othe. 14:47 < MRL-Relay> [othe] i guess that gives you a good hash/watt ratio for gpus 14:47 < tromp_> which means i don't have to worry too much about not having optimized the computational aspects:) 14:48 < zooko> tromp: *nod* 14:49 < zooko> Nice commenting. 14:49 < tromp_> what is performance advantage of GTX 980 over i7 with cryptonight, othe? 14:49 < zooko> In https://github.com/monero-project/bitmonero/blob/master/src/crypto/slow-hash.c 14:49 < MRL-Relay> [othe] the hash to watt ratio is around 2x better than for a cpu 14:50 < MRL-Relay> [othe] for AMD cards, nvidia cards are slower 14:50 < tromp_> no, in absolute terms, disregarding watts 14:50 < MRL-Relay> [othe] due to some slower memory it seems 14:50 < MRL-Relay> [othe] hash to watt is the only thing that counts 14:50 < MRL-Relay> [othe] a highend amd card does 2x the speed of an i7 14:50 < gmaxwell> I think the monero stuff is a regretfully bad example of POW stuff, in particular, the performance is so horriffic that its almost always a smoking out DOS attack. :( Also, a lot of the design seemed to have been motivated by an effort to unethically obfscuate it. (old history, sure, but its baggage on the design) 14:51 < gmaxwell> s/smoking out/smoking hot/ 14:51 < tromp_> i have no idea how much power the GTX980 uses when running cuckoo 14:53 < gmaxwell> I have no clue about current GPUs, but I know on older ones memory was a lot of the power usage. I significantly improved my bitcoin farm's H/j by downclocking the memory to the point that the cards would crash if a display was attached. :) 14:53 < tromp_> presumably the core i7 is at least twice as efficient in hash/watt 14:56 < smooth> gmaxwell: The performance isn't really that bad. Before it was properly optimized it was something like one second per hash which is obviously terrible. But now at <20ms/hash on one core, it's not. If you are going to get banned by sending bad hashes and you have to rely on botnets all over the place you will have trouble connecting fast enough to max out CPU 14:57 < zooko> Interesting data points! Thanks gmaxwell and smooth. 14:57 < tromp_> zooko, are you still going with catena for pow? 14:58 < zooko> No, probably the Password Hashing Competition's winner, which is a (variant of) Argon2. 14:58 < gmaxwell> smooth: for example, the privacy of the system is critically dependant on hiding yourself from network observers.. so you'd want to run over tor... but the banning as a fix to dealing with garbage doesn't work without expensive 'identities' for peers. :( 14:58 < zooko> There's one open question in my mind about efficiency of verification, which I *think* can be fixed with a Merkle Tree and the verifier verifying a subset of the proofs... 14:59 < zooko> But I'm not sure, hence the "open question" part... 14:59 < tromp_> you'll also have the challenge of needing to provide optimized gpu argon2 miners for a "fair" launch 15:00 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 15:00 < smooth> gmaxwell: i doubt that DoS is fixable without some kind of identities. If you dont get hit with CPU burning you will still get your network connection flooded. 15:00 -!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Ping timeout: 256 seconds] 15:00 < gmaxwell> smooth: I say this not to be negative about monero, it's a problem for bitcoin too... but just much worse for monero since the native POW is so costly to verify. Also, doesn't the 20ms number need hardware AES support? 15:00 < gmaxwell> smooth: on networks like tor you can use POW to prevent network flooding too. 15:00 < zooko> tromp: Hm. 15:01 < smooth> gmaxwell: yes with hardware AES, but even without its is much better than before, around 100ms i think. 15:01 < MRL-Relay> [othe] "fair" launch can only be archived when you emission the coins on some kind of better curve, like a few months dont emission a lot of coins at all, else some chinese gpu farm will just grab them all anyway and i doubt thats more "fair" 15:01 < gmaxwell> smooth: okay the number in my mind (which I thought was the unoptimized case) was 7 hashes per second. 15:01 < smooth> and increasingly little hardware lacks AES hardware 15:01 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 15:01 < gmaxwell> smooth: it's off by default in virtually every motherboard I've touched because of psycho export restriction cargo culting! :( 15:02 < zooko> gmaxwell: haha! really!? 15:02 < zooko> Wow. 15:02 < smooth> gmaxwell: interesting, i haven't seen that (turned off by default). i did notice the BIOS option showing up though 15:02 < gmaxwell> Just informal expirence, but at least both supermicro and asus (I think?) ship with it off by default in the bios. 15:02 < MRL-Relay> [othe] not for consumer boards? 15:03 < gmaxwell> Just got a MB-X10DA-I-O-P that shipped with it off. 15:03 < MRL-Relay> [othe] i run a bunch of asus boards, tho the ones sold in europe where are less weird crypto laws. all of them have aesni on by default 15:03 -!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Quit: Leaving...] 15:03 < gmaxwell> (a dual 2011v3 board) 15:03 < smooth> i agree with what othe said about launch. slowly ramp up the rewards over some time period that is reasnoable for people to deploy and optimize 15:03 < tromp_> zooko, have you considered using multiple pows, like myriad? 15:04 < MRL-Relay> [othe] multiple pow sound more like adding multiple points of failure 15:04 < zooko> tromp: we have. 15:04 < zooko> tromp: Myriad-like things went into the bucket of potentially good ideas that we don't have enough teeth to chew. 15:04 < zooko> That's a big bucket. 15:05 < tromp_> othe: it's not. when a system is secured by 50% pow1 and 50% pow2, it cannot be attacked by just getting tons of pow1 hashing power 15:05 < zooko> othe: there's a proposal for multi-PoW, named Myriad, which makes it so it only goes south if they *all* fail. 15:05 < zooko> It's a really neat idea. 15:05 < tromp_> the simplest attack wld be to duplicate both the existing pow1 and pow2 hashing power 15:05 < MRL-Relay> [othe] because botnets care about that? 15:05 < zooko> smooth: Hm. Interesting. 15:06 < smooth> zooko: i think i first heard it from gmaxwell, to be fair 15:06 < MRL-Relay> [othe] if you dont want your coin attacked use something were its *easy* to get a asic miner out, prolly sth like blake if u dont want to use sha 15:06 < zooko> smooth: I think it is safe to assume that all interesting novel cryptocurrency ideas were earlier proposed by gmaxwell. 15:06 < smooth> zooko: haha, nice 15:08 < smooth> tromp_: 50/50 you can still be attacked fairly easily right, maybe 3-4 is better 15:08 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 15:08 < tromp_> othe: except asic hashing power tends to get centralized, chinese gov can twist arm of serval of largest mining operations 15:09 < smooth> tbh so far we've seen all hashing power get fairly centralized 15:09 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 15:09 < zooko> smooth: including XMR? 15:09 < smooth> zooko: well its hard to say, maybe its all one big botnet right? 15:09 < zooko> What's the distribution of LTC mining like? 15:10 < tromp_> smooth: i think 2 is optimal. make one pow compute bound, and one memory bound 15:10 -!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 265 seconds] 15:10 < tromp_> smooth with 3 or 4 attacker can ignore 1 or 2 15:10 < smooth> in theory (in practice hard to say): cpu->botnets, gpu->big GPU farms, ASIC->manufactuers 15:11 < tromp_> sorry, i mean ignore just 1 15:11 < smooth> tromp_: but im thinking with 2 if you crack one hard then you get that, plus a small fraction of the other one and you're there 15:11 < zooko> smooth: what are the most valuable examples of CPU-oriented PoW coins? 15:11 < smooth> zooko: im pretty sure monero is the most valuable one 15:11 -!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has quit [Ping timeout: 250 seconds] 15:11 < zooko> Looking at http://coinmarketcap.com/ ... I don't know which ones have CPU-oriented PoW. 15:11 < zooko> I know Ethereum has GPU-oriented. 15:12 < tromp_> smooth: even if cracking means getting 4 times the existing hash power, yhou still need a significant fraction of the other 15:12 < smooth> if you think its really CPU oriented, which is kind of hard to say. could be GPUs or ... 15:12 < zooko> smooth: and is Monero mined by Botnets? 15:12 < zooko> According to http://coinmarketcap.com/ it has a market cap of only $4M. 15:12 < smooth> zooko: who knows really, its sort of the nature of mining that unless you have big public or semi-public operations like BTC its not transparent 15:13 < zooko> smooth: okay, thanks. 15:14 < smooth> zooko: filter non-mineable, monero is #9. bytecoin is phony, the rest are clearly not CPU 15:14 -!- kmels [~kmels@186.64.110.122] has quit [Ping timeout: 252 seconds] 15:14 < smooth> all above it ar esha, scrypt, x11 15:14 < gmaxwell> tromp_: doesn't sound like an unreasonable intution there--- the "dozen functions" stuff to me mostly sounds like "we're going to shove costs into ASIC design NRE, thus assuring there is no competative market for mining hardware" 15:14 < smooth> also bytecoin has essentially no mining either 15:15 < tromp_> coin magi is claimed to be gpu resistant. but i've also seen ppl claim it has private gpu miners 15:15 < smooth> magi has $26K market cap... 15:16 < tromp_> the cuckoo cycle gpu code is embaressingly simple; basically two 10 line routines 15:16 -!- c0rw|away is now known as c0rw1n 15:16 < smooth> tromp_: haven't many of the mining "breakthroughs" like going GPu or ASIC or whaever been more tha 4x jumps? 15:16 < tromp_> i'm a strong believer in avoiding complexity 15:17 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] 15:17 < smooth> it would imagine a good protection of multi would be one getting REALLY cracked 15:17 < smooth> or algorithmic improvements for that matter, not just hardware 15:18 < gmaxwell> I still think an under evaluated concern is how much advantage is actually needed to screw things up. 15:19 < gmaxwell> In the limit, mining runs at break even, small advantages are huge differences in profit. It may well be the case that a 10% efficiency difference (or whatever) pushes everyone less efficient out. 15:19 < smooth> maybe none :( 15:19 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 15:19 < gmaxwell> And so all these things that hope to prevent 10x-100x differences from specialized hardware are actually inadequate. 15:19 < smooth> i mean none inherent in the algorithm. in the real world someone always has an advantage, which is not really encouraging 15:20 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 15:20 < gmaxwell> right but do people have massively unequal access to advantage? 15:20 < gmaxwell> some kinds of advantage are useful... e.g. free power that doesn't scale. 15:21 < tromp_> gmaxwell: another extreme is millions of ppl willing to mine at a loss as in a lottery, makling commercial mining impossible 15:21 < gmaxwell> locations that need the waste heat anyways, but again, there is only so much low grade heat anyone needs. 15:21 < smooth> maybe we can say that someone always has a scalable advantage. i dont know if that is true, but it seems it very well might be 15:22 < tromp_> which is more likely if e.g. phones can mine overnight with moderate efficiency 15:22 -!- davec [~davec@cpe-24-243-251-52.hot.res.rr.com] has quit [Read error: Connection reset by peer] 15:22 < gmaxwell> tromp_: yea, surprisingly (to me) that hasn't worked _at all_ in bitcoin. It's extremely frustrating, several times I've seen people in one breath talk about mining at the biggest possible pool for low variance and the next they talk about spending their mining income at a negative expectation gambling 'dice' site. 15:23 < gmaxwell> smooth: there are disadvantages of scale too. Esp in heat removal... optimal heat removal efficiency wants the lowest density possible. 15:23 < smooth> someone even tried to sell a "lottery machine" miner. went nowhere 15:23 < tromp_> gmaxwell wonderful example of completely irrational behaviour 15:23 < smooth> gmaxwell: yes but what im saying is that if you assing to each actor a number indicating the degree of useful scalability (after netting out waste heat, etc.) it is not clear that someone isn't the absolute winner 15:24 < smooth> *assign to 15:24 < kanzure> hmm in treechains i really like the "parent blockchain sets the difficulty" because this fixes a lot of child chain difficulty retargeting attacks caused by large quantities of pow hashrate showing up and leaving 15:24 < gmaxwell> smooth: yes, someone is the 'winner' but some of the things I mention have upper limits.. many people have access to 'free' power (e.g. power paid for as part of a flat agreement), but can only draw a kilowatt or two. 15:25 < kanzure> ( looking at http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2014-March/004797.html ) 15:25 -!- kmels [~kmels@186.64.110.122] has joined #bitcoin-wizards 15:25 < smooth> gmaxwell: just saying it doesn't seem to have worked out that way. suggesting a model for maybe why not 15:25 < smooth> but also true the game is not over by any means 15:26 < gmaxwell> smooth: ah. Well in bitcoin space, because access to hardware has trumped energy cost at every point in time people were actually excited about getting involved. I don't think more is required than that. 15:26 < kanzure> does anyone have -wizards logs from 2014-03-01 to 2014-10-01? 15:26 < gmaxwell> I can point to several forum threads where people are calling me unkind names when I suggest energy efficiency as even a consideration! 15:26 < kanzure> gmaxwell: bah just wait until they start calling you a bioterrorist. i get that one a lot. 15:27 < kanzure> i was going to look up treechain stuff in -wizards logs but i am missing multiple months in my log archive :-( 15:28 -!- davec [~davec@cpe-24-243-251-52.hot.res.rr.com] has joined #bitcoin-wizards 15:32 < kanzure> hmm wait no that doesn't help with difficulty retargeting attacks on child chains.... something at n levels deep is 2^(n - c) more vulnerable to a somewhat successful miner from level (parent - c) 15:32 < kanzure> i guess you could just have 2^n more child blocks at those levels to make up for this -___- 15:32 < kanzure> er more child chains 15:34 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards 15:34 -!- hazirafel [~ufoinc@31.154.92.14] has quit [Ping timeout: 264 seconds] 15:34 < kanzure> ((this makes it so that on average the likelihood of a large-enough attacker selecting any particular child treechain to attack is very low)) (but why didn't this hold for pow altcoin altchains in the past?) 15:34 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)] 15:35 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 265 seconds] 15:35 < smooth> kanzure: maybe im misunderstanding your point but how is it not true. most altcoins have not been attacked 15:36 < gmaxwell> ryanc's defcon presentation is up: https://www.reddit.com/r/Bitcoin/comments/3j55qo/xpost_def_con_23_ryan_castellucci_cracking/ 15:36 < smooth> there is certainly a degree of "why even bother to attack this one when there are 1000 other ones just like it" 15:37 < gmaxwell> One of the many reasons why 'it hasn't broken yet!' is nearly useless. 15:37 < gmaxwell> (also: when things do break the cryptocurrency industry doesn't tend to learn from the break) 15:38 < kanzure> why would miner fees be enough to convince someone to mine at the << 2 difficulty child treechain but not the << 1 difficulty child treechain 15:38 -!- user7779078 [~user77790@2a00:c98:2020:a003:21::2e] has quit [Remote host closed the connection] 15:40 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 15:41 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 15:45 -!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has joined #bitcoin-wizards 15:47 -!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 15:50 < zooko> tromp: how much memory does your high-end GPU have? 15:50 < kanzure> "By the way, I had some more replies to my original mailing list post. Some people think that what I am doing can be achieved with bigger block sizes and with SPV nodes, but this is not true. One of the main advantages of this tree structure of subchains is that you can constrain your wallet to just one path of subchains, so you can download all the full blocks on each of these chains and be sure that you have the status of all the ... 15:50 < kanzure> ... UTXOs corresponding to your wallet. In simpler words, it lets you be sure of your balance in a scalable (O(log n)) way. Same with the balance of others you wish to track (such as your government representatives). I read a bit about so-called "UTXO commitments" but I don't think they are as reliable and decentralized as this method, since you still need supernodes to feed you the merkle-tree proofs. Can someone answer this?" 15:50 < kanzure> from https://bitcointalk.org/index.php?topic=1083345.0 15:51 < kanzure> "Actually, my scheme described above does not need merge-mined chains. As I mentioned, parent chains would get fees from child chain miners to put the hashes in, and (not sure if I said this) the fees can be in the form of outputs that are registered as spendable on the child chains only, so this would give the parent chain miners an incentive to be careful and validate as much as possible the transactions of the child chains." 15:51 < kanzure> "Still, in principle it would be a small matter for someone to lease and concentrate hashpower on one among thousands of chains and launch a 51% attack. So I also like your idea of a hierarchy of sidechains where lower chains handle smaller transactions, thus there is less incentive to waste time on a double-spending attack on a chain limited to micropayments." 15:52 < kanzure> hmmm i don't think anti-dos works like that :-) transaction value does not determine whether someone wants to ddos you 15:52 < kanzure> also it's not just double-spending that you have to defend against 15:52 -!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 272 seconds] 15:59 -!- ratbaneb_ [~ratbanebo@78-23-10-185.access.telenet.be] has quit [] 16:01 -!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving] 16:04 -!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards 16:06 < zooko> tromp: according to newegg (e.g. http://www.newegg.com/Product/Product.aspx?Item=N82E16814133611) it costs about $650 and has 6 GB RAM. 16:06 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 16:08 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 16:08 -!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-icpehkfkhgxxhlxn] has quit [Quit: Connection closed for inactivity] 16:09 -!- nwilcox [~nwilcox@c-73-202-109-21.hsd1.ca.comcast.net] has quit [Quit: leaving] 16:11 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has joined #bitcoin-wizards 16:13 * Luke-Jr ponders if there's any way to use idle GPU RAM for his system RAM :P 16:14 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 16:14 < gmaxwell> GPU swap. :P 16:20 < zooko> Heh heh. 16:20 < aj> gmaxwell: " so it would be nice if I could throw that into a theorm prover and ask it "is there any way to satisify this script that doesn't provide sixX or sigY"" -- has there been any progress on that in the past couple years? 16:20 < zooko> tromp: what parameters of Cuckoo were you testing? 16:20 < gmaxwell> aj: Not really, though -- well so if the top level of the script is a montone function its _very_ easy to answer that question. 16:21 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 16:22 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 16:24 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds] 16:24 < tromp_> zooko i tried size 2^28 16:24 -!- afk11 [~afk11@unaffiliated/afk11] has quit [Remote host closed the connection] 16:25 < tromp_> the GPU only does the edge trimming; the cycle detection (which takes less than 2% of runtime) is still on cpu 16:25 < tromp_> size 2^30 is roughly 4 times slower as expected 16:26 < zooko> So how much of the GPU's 6 GB of RAM did it use for the edge trimming? 16:27 -!- c0rw1n is now known as c0rw|zZz 16:29 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 16:30 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 16:32 < tromp_> Using 16MB edge and 32MB node memory. 16:32 < tromp_> in case of size 2^28 16:34 < smooth> gmaxwell> GPU swap <= instructions! http://www.gentoo-wiki.info/TIP_Use_memory_on_video_card_as_swap#Preparing_the_kernel 16:34 < tromp_> for size 2^32, that's of course Using 256MB edge and 512MB node memory. 16:36 -!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Remote host closed the connection] 16:37 -!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-ccbdrxfwnbtysgrm] has joined #bitcoin-wizards 16:38 -!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards 16:40 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 16:41 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 16:41 < tromp_> afk for dinner 16:41 -!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards 16:50 -!- nullbyte [NSA@gateway/vpn/mullvad/x-pfwdhvcuaquketbq] has quit [Read error: Connection reset by peer] 16:54 -!- adam3us [~Adium@172.56.19.127] has joined #bitcoin-wizards 17:02 < kanzure> but really- my request for -wizards logs was genuine. early 2014 stuff is missing. and i don't know when the channel was actually started. i have some 2013 logs but not before. 17:02 < kanzure> whoops i mean mid 2014 stuff is missing 17:02 < zooko> tromp: so 17:03 < gmaxwell> andytoshi: ^ 17:03 < zooko> tromp: was the benchmark which rated your GTX 980 as about as good as an i7, was that running 8 parallel instances of Cuckoo on the GTX 980? 17:03 < kanzure> ah correction: i do have all 2014 logs, but not pre-2013 logs. 17:03 < kanzure> gmaxwell: it was andytoshi's logs from 2013 that i have. 17:03 < gmaxwell> oh well then you have the start 17:03 < gmaxwell> before then -wizards was #bitcoin-dev and private messages between myself and petertodd. 17:03 < kanzure> this is like scraping the bottom of a nice cream bowl 17:04 < kanzure> hm okay.. 17:04 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 17:05 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 17:05 -!- mengine [~mengine@251.92-221-142.customer.lyse.net] has quit [Ping timeout: 265 seconds] 17:07 -!- kmels [~kmels@186.64.110.122] has quit [Ping timeout: 244 seconds] 17:08 < andytoshi> early 2014 i think i was not involved with bitcoin heavily, sorry 17:09 < andytoshi> but petertodd gave me some logs that i thought covered that era.. 17:09 < kanzure> yeah i was mistaken, sorry about that 17:09 -!- jaekwon [~jaekwon@75.101.96.71] has joined #bitcoin-wizards 17:09 < andytoshi> apparently not, just january 17:10 < andytoshi> oh, sorry, never mind, i was not reading all the scrollback 17:10 < kanzure> i have your logs 2013 to 2014-03-12, then i have my own logs from 2014-02-23 to now, and i had a logbot starting around 2014-10-19 and that's why i thought i was missing 2014-03-12 to 2014-10-19 17:10 < andytoshi> excellent 17:10 < kanzure> log reading is going as planned 17:11 < kanzure> i definitely don't have old #bitcoin-dev logs... mine only go back to 2013-03-11 (surprise surprise). 17:11 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 17:12 < kanzure> i might have to limit the irc log reading to "interesting sections" defined by bursts of messages in a time period, because reading a 105 MB irc log file is not so easy. 17:15 -!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving] 17:16 < Luke-Jr> mine probably go back to 2011 Jan 17:16 < kanzure> i'll figure out a way to read ~50 million words of logs if you hand them over? 17:17 < Luke-Jr> do I have to? :P 17:17 < gmaxwell> careful that your IRC client doesn't log PMs in random channels. 17:17 < Luke-Jr> gmaxwell: it does :< 17:17 < Luke-Jr> only ones I send though 17:17 < Luke-Jr> (eg, via /msg) 17:17 < gmaxwell> right. 17:17 < gmaxwell> irssi does 17:20 < gmaxwell> sipa: that failure is because benchsign does not re-increase the buffer size in the loop. 17:20 -!- zooko [~user@2601:281:8301:e87f:b8d1:78a1:ef0c:d34] has quit [Ping timeout: 246 seconds] 17:21 < gmaxwell> this is something of an API footgun-- a downside of an inout argument-- that maybe we should call out... 17:21 < gmaxwell> an adequate fix is 17:21 < gmaxwell> - int siglen = 74; for (i = 0; i < 20000; i++) { 17:21 < gmaxwell> + int siglen = 74; 17:21 < gmaxwell> oh well assuming my irc client hadn't butchered that. :) 17:21 < gmaxwell> damnit wrong channel 17:25 -!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds] 17:36 -!- mengine [~mengine@251.92-221-142.customer.lyse.net] has joined #bitcoin-wizards 17:39 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 17:40 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 17:41 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 17:44 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 17:48 -!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 17:52 < kanzure> "A working implementation of fully homomorphic encryption" http://eurocrypt2010rump.cr.yp.to/9854ad3cab48983f7c2c5a2258e27717.pdf 17:52 -!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 240 seconds] 17:55 -!- alpalp [6836eb1c@gateway/web/cgi-irc/kiwiirc.com/ip.104.54.235.28] has joined #bitcoin-wizards 17:57 -!- stonecoldpat1 [~a9380004@janus-nat-128-240-225-56.ncl.ac.uk] has joined #bitcoin-wizards 17:58 -!- stonecoldpat [~a9380004@janus-nat-128-240-225-56.ncl.ac.uk] has quit [Ping timeout: 252 seconds] 17:59 -!- huseby [~huseby@unaffiliated/huseby] has quit [Ping timeout: 252 seconds] 18:02 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards 18:03 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 18:05 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 18:06 -!- huseby [~huseby@unaffiliated/huseby] has joined #bitcoin-wizards 18:07 -!- adam3us [~Adium@172.56.19.127] has quit [Quit: Leaving.] 18:21 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 18:22 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 18:31 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has left #bitcoin-wizards [] 18:33 -!- Dr-G [~Dr-G@x4d08d842.dyn.telefonica.de] has joined #bitcoin-wizards 18:33 -!- Dr-G [~Dr-G@x4d08d842.dyn.telefonica.de] has quit [Changing host] 18:33 -!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards 18:33 -!- sparetire_ [~sparetire@unaffiliated/sparetire] has quit [Quit: sparetire_] 18:36 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has quit [Remote host closed the connection] 18:36 -!- Dr-G2 [~Dr-G@xd9bf72fc.dyn.telefonica.de] has quit [Ping timeout: 246 seconds] 18:38 -!- jaekwon [~jaekwon@75.101.96.71] has quit [Remote host closed the connection] 18:40 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 18:42 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 18:46 -!- King_Rex [~King_Rex@2600:1005:b11e:8cac:59f7:71ea:d6b9:5cef] has quit [Remote host closed the connection] 18:47 -!- King_Rex [~King_Rex@185.sub-70-193-67.myvzw.com] has joined #bitcoin-wizards 18:47 -!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has joined #bitcoin-wizards 18:51 -!- King_Rex [~King_Rex@185.sub-70-193-67.myvzw.com] has quit [Ping timeout: 246 seconds] 18:54 -!- belcher [~user@unaffiliated/belcher] has quit [Quit: Leaving] 18:56 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 18:57 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 19:01 -!- veleiro [~veleiro@fsf/member/veleiro] has quit [Read error: Connection reset by peer] 19:02 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 19:03 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 19:05 -!- tripleslash [~\\\@unaffiliated/imsaguy] has joined #bitcoin-wizards 19:05 -!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards 19:09 < kanzure> in this proposal, transactions are automatically forced into sidechains or other chains https://bitcointalk.org/index.php?topic=12348.0 19:11 < smooth> kanzure: interesting find 19:11 < smooth> I dont think this is correct really: "So to verify that a given transaction is valid, you'd have to have access to all the block chains" 19:12 < smooth> with a tree structure you could restrict transactions to only span one level up or down 19:13 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 19:14 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 19:14 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 19:15 < gmaxwell> that post doesn't seem very useful to me? it looks like its saying they can never merge again if there is more than 1MB of data off to the side?! 19:17 -!- btcdrak [uid52049@gateway/web/irccloud.com/x-ivmwjyzzmbarleix] has quit [Quit: Connection closed for inactivity] 19:24 -!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 19:24 -!- starsoccer [~starsocce@unaffiliated/starsoccer] has quit [Ping timeout: 244 seconds] 19:26 -!- starsoccer [~starsocce@ns372404.ip-94-23-252.eu] has joined #bitcoin-wizards 19:26 -!- starsoccer is now known as Guest99747 19:27 -!- Guest99747 [~starsocce@ns372404.ip-94-23-252.eu] has quit [Changing host] 19:27 -!- Guest99747 [~starsocce@unaffiliated/starsoccer] has joined #bitcoin-wizards 19:28 -!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 264 seconds] 19:32 -!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 260 seconds] 19:39 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 19:42 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 19:46 -!- moa [~kiwigb@opentransactions/dev/moa] has quit [Ping timeout: 244 seconds] 19:51 < smooth> gmaxwell: i think by merge it means that one new block would have two parents, allowed if the sum the sizes of both parent chains was <1 MB for 1000 blocks 19:52 < smooth> maybe that means average or something, hard to say, and probably never thought out 19:54 < gmaxwell> not sure how to grade proposals like that on our list. Like.. I'm not sure what it means well enough to say anything about it. 19:59 < ryan-c> if anyone wants to see it, my defcon talk about breaking brainwallets is up on youtube https://youtu.be/foil0hzl4Pg 20:00 < gmaxwell> ryan-c you're about 5 hours behind me. :) 20:01 < ryan-c> gmaxwell: did you already post the link? 20:02 < gmaxwell> 15:39 < gmaxwell> ryanc's defcon presentation is up: https://www.reddit.com/r/Bitcoin/comments/3j55qo/xpost_def_con_23_ryan_castellucci_cracking/ 20:02 < ryan-c> ah, that did not match my grep 20:03 -!- p15_ [~p15@209.234.248.40] has quit [Quit: Textual IRC Client: www.textualapp.com] 20:05 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] 20:08 -!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 240 seconds] 20:11 -!- p15 [~p15@209.234.248.32] has joined #bitcoin-wizards 20:11 -!- p15 [~p15@209.234.248.32] has quit [Client Quit] 20:12 -!- p15 [~p15@32.248.234.209.client.dyn.strong-ap1.bringover.net] has joined #bitcoin-wizards 20:15 -!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has quit [Quit: Leaving.] 20:18 -!- [7] [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services] 20:18 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards 20:21 -!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has joined #bitcoin-wizards 20:22 -!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-ccbdrxfwnbtysgrm] has quit [Quit: Connection closed for inactivity] 20:37 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 20:38 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 20:38 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards 20:38 -!- Populus [~Populus@unaffiliated/populus] has quit [Remote host closed the connection] 20:41 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 20:43 -!- PRab [~chatzilla@2601:40a:8000:8f9b:99a5:26ec:a97e:cce5] has quit [Read error: Connection reset by peer] 20:43 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 20:43 < kanzure> is there any chance of probabilistic payments + payment channels working? 20:44 -!- PRab [~chatzilla@2601:40a:8000:8f9b:99a5:26ec:a97e:cce5] has joined #bitcoin-wizards 20:44 < kanzure> also: 20:44 < kanzure> 20:32 <@gmaxwell> I argue a specific commitment structure where miners, armed with a succinct ZKP for NP statements, create blocks which provide only an update to the UTXO set, and a constant size proof that the new utxo set was an authorized modification according to some unspecified number of undisclosed transactions. 20:44 < kanzure> 20:33 <@gmaxwell> It's lovely, except for the current infeasability of running ECDSA verification in the prover unless we don't mind 12 hour blocks. :) 20:44 < kanzure> with payment channels already setup i don't think i'd mind 12 hour blocks 20:44 < kanzure> plus someone convinced rusty that channel setup can be (trustlessly) "subsidized" by hubs for users waiting to get utxos 20:50 < kanzure> also i think there was a proposal made somewhere "recently" about large multisig pools (using fancypants signature schemes) being onboarded on to lightning network, without causing utxo bloat? i don't know where i saw that. 20:50 < rusty> kanzure: hmm, I didn't see that... 20:50 < kanzure> well that's troubling, i was about to blame you for that one too 20:51 < kanzure> maybe aj 20:54 -!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 256 seconds] 20:55 -!- CodeShark [~androirc@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 250 seconds] 20:55 < aj> it was not me, perhaps the one armed man? 20:56 -!- dignork [~dignork@unaffiliated/dignork] has quit [Ping timeout: 244 seconds] 20:56 -!- larraboj [kax@heizenberg.ds.karen.hj.se] has quit [Ping timeout: 244 seconds] 20:57 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 20:58 -!- dignork [~dignork@unaffiliated/dignork] has joined #bitcoin-wizards 20:58 -!- larraboj [kax@heizenberg.ds.karen.hj.se] has joined #bitcoin-wizards 20:59 -!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards 20:59 -!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] 21:01 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] 21:03 -!- p15_ [~p15@5.248.234.209.client.dyn.strong-ap1.bringover.net] has joined #bitcoin-wizards 21:04 -!- p15 [~p15@32.248.234.209.client.dyn.strong-ap1.bringover.net] has quit [Ping timeout: 244 seconds] 21:11 -!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards 21:15 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 256 seconds] 21:16 -!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.] 21:21 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 21:21 < kanzure> etotheipi proposal about a merkle tree based on addresses and unspents: https://bitcointalk.org/index.php?topic=52859.msg885838#msg885838 21:22 < kanzure> but doesn't help with mining limits... 21:24 -!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards 21:25 < gmaxwell> yea, the address stuff is just a huge additional cost and an incentivization for address reuse. 21:25 -!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards 21:29 -!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 268 seconds] 21:30 < kanzure> "Sub-linear Zero-Knowledge Argument for Correctness of a Shuffle" https://bitcointalk.org/index.php?topic=96029.0 21:34 < ryan-c> Can anyone come up with a good reason for me to not post the passwords for the brainwallets that were mass-created at the end of August 2013? 21:35 < kanzure> sergio lerner's mavepay paper https://bitslog.files.wordpress.com/2012/04/mavepay1.pdf 21:36 < ryan-c> (they are all empty and have trivial passwords) 21:44 < moa> ryan-c: bandwidth limitations? 21:45 < ryan-c> moa: Heh. It's only about half a meg compressed even with the addresses listed. 21:48 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 21:48 < kanzure> does anyone have "Asymmetric Co-Dependant Cipherblock Sidechain.pdf" from https://bitcointalk.org/index.php?topic=93848.0 ? 21:53 < ryan-c> eh, i'm just gonna post it 21:53 < gmaxwell> buzzwords.pdf 21:54 -!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards 21:54 < ryan-c> lol 21:58 < ryan-c> https://rya.nc/aug_2013_brainwallets.txt 21:59 < ryan-c> hmm, someone has this channel piped to slack 22:08 < gmaxwell> ryan-c: is the Slack http fetcher still heatbleed vulnerable? 22:09 < ryan-c> gmaxwell: I don't know, but if it is that would be funny. 22:09 < ryan-c> I'll have to pcap a handshake for it at some point. 22:10 -!- CodeShark [~androirc@108-90-230-162.lightspeed.sndgca.sbcglobal.net] has joined #bitcoin-wizards 22:10 < ryan-c> gmaxwell: the other question is how well it does certificate verification :p 22:11 < gmaxwell> most things don't. 22:11 < gmaxwell> embedded https libraries are terrible about that. 22:11 < gmaxwell> http://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html 22:12 < ryan-c> After having done a few security evaluations, I assume https libs fuck up cert validation until they pass a test suite of shady certs 22:13 < ryan-c> and non-http protocols using tls are even worse... 22:14 < ryan-c> I found that $VENDOR who sells popular software for intranet wikis, ticketing, source control, etc had LDAPS support (which would be used for active directory in an enterprise environment) that didn't validate the server certificates. 22:15 < ryan-c> another vendor had a server management system (that ran as root) that would connect to a master config server and pull stuff down and execute it as root 22:16 < ryan-c> not only did it not validated https certificates, but if you blocked port 443 in the firewall it would fall back to using plain http with no additional integrity protection 22:16 < ryan-c> also it was written in perl and was obfuscated by encoding the sourcecode as whitespace 22:22 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards 22:27 < gmaxwell> there have been a couple bitcoin webwallets that used websockets for all their communications and either didn't use the https version or would silently fall back if the https failed. :) not limited to custom non-browser apps. 22:28 < ryan-c> gmaxwell: wut? was there some time period where unencrypted websockets were allowed from https pages? 22:31 < gmaxwell> oh yea, I think only FF23 started to actually block that. 22:32 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 246 seconds] 22:36 -!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 244 seconds] 22:37 < ryan-c> in retrospect, http javascript from https pages should never have been allowed 22:37 < gmaxwell> but advertisements! 22:37 < gmaxwell> would just be another reason to not deploy https at all. :( 22:38 < gmaxwell> now, ... https that looked entirely like HTTP and didn't display the lock icon, on any kind of mixed content would have been a boon. 22:38 < ryan-c> ad industry will probably be 99% https within a year 22:40 < ryan-c> yeah, it's a pity unauthenticated opportunistic crypto never really happened 22:40 < gmaxwell> I tried unsucessfully for a while to get firefox to artifically delay http loading so that it was never faster than https. Unsurprisingly this was not a popular idea. :) 22:41 -!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has quit [Ping timeout: 246 seconds] 22:42 < ryan-c> heh 22:44 < ryan-c> chrome will, in some cases which i have not yet bothered to find the constraints of, predictively establish https sessions to servers 22:45 < ryan-c> it'll do the tcp connection and handshake, then sit there waiting to make the http request 22:47 -!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] 22:50 -!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-hxpokmcvmwyssggi] has joined #bitcoin-wizards 22:55 -!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards 23:02 < b-itcoinssg> gmaxwell: thanks 4 replying, let me clarify, why not use the strategy of building an unbalanced tree as prescribed below rather than the existing protocol? And if this is a better strategy, would it be a soft fork or a hard fork if implemented http://web.archive.org/web/20080316033726/http://www.open-content.net/specs/draft-jchapweske-thex-02.html 23:07 -!- p15_ [~p15@5.248.234.209.client.dyn.strong-ap1.bringover.net] has quit [Ping timeout: 260 seconds] 23:10 -!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 240 seconds] 23:16 -!- p15 [~p15@111.193.191.229] has joined #bitcoin-wizards 23:21 -!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards 23:22 -!- badmofo [~badmofo@unaffiliated/badmofo] has joined #bitcoin-wizards 23:24 -!- p15_ [~p15@123.118.88.244] has joined #bitcoin-wizards 23:24 -!- p15x [~p15x@111.193.191.229] has quit [Ping timeout: 265 seconds] 23:25 -!- p15 [~p15@111.193.191.229] has quit [Ping timeout: 250 seconds] 23:27 -!- p15_ [~p15@123.118.88.244] has quit [Max SendQ exceeded] 23:28 -!- p15 [~p15@209.234.248.26] has joined #bitcoin-wizards 23:29 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 23:32 -!- p15x [~p15x@123.118.88.244] has joined #bitcoin-wizards 23:39 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] 23:40 -!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 264 seconds] 23:40 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 23:40 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Client Quit] 23:41 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards 23:41 -!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Client Quit] 23:43 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 23:44 < Eliel> gmaxwell: You don't happen to have a blog or some kind of a feed where you make a record of all the ideas you've come up with? 23:46 -!- btcdrak [uid52049@gateway/web/irccloud.com/x-kjoryacxoksdlykg] has joined #bitcoin-wizards 23:48 < gmaxwell> Eliel: No. I don't like blogs. :) 23:50 < Eliel> a shame, if you had one, it'd be a treasure trove. 23:56 -!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards 23:58 -!- jeremias [~jeremias@kangasbros.fi] has joined #bitcoin-wizards --- Log closed Tue Sep 01 00:00:57 2015