--- Log opened Sun Dec 11 00:00:35 2016 00:11 -!- Alopex [~bitcoin@cyber.dealing.ninja] has quit [Remote host closed the connection] 00:13 -!- Alopex [~bitcoin@cyber.dealing.ninja] has joined #bitcoin-wizards 00:25 -!- Alopex [~bitcoin@cyber.dealing.ninja] has quit [Remote host closed the connection] 00:27 -!- Alopex [~bitcoin@cyber.dealing.ninja] has joined #bitcoin-wizards 00:33 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-nkbyamsttgmvejgy] has joined #bitcoin-wizards 00:42 -!- edvorg [~edvorg@host-46-50-214-114.bbcustomer.zsttk.net] has joined #bitcoin-wizards 00:47 -!- sausage_factory [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 00:48 -!- blackwraith [~priidu@unaffiliated/priidu] has quit [Ping timeout: 268 seconds] 00:57 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 01:00 -!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has joined #bitcoin-wizards 01:03 -!- blackwraith [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 01:04 -!- sausage_factory [~priidu@unaffiliated/priidu] has quit [Ping timeout: 245 seconds] 01:09 -!- sausage_factory [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 01:11 -!- blackwraith [~priidu@unaffiliated/priidu] has quit [Ping timeout: 265 seconds] 01:46 -!- Alopex [~bitcoin@cyber.dealing.ninja] has quit [Remote host closed the connection] 01:48 -!- Alopex [~bitcoin@cyber.dealing.ninja] has joined #bitcoin-wizards 01:54 -!- _whitelogger [~whitelogg@uruz.whitequark.org] has quit [Remote host closed the connection] 01:55 -!- _whitelogger [~whitelogg@uruz.whitequark.org] has joined #bitcoin-wizards 02:08 -!- devylon [~devylon@HSI-KBW-095-208-024-121.hsi5.kabel-badenwuerttemberg.de] has quit [Quit: Lingo: www.lingoirc.com] 02:15 -!- ManfredMacx [~hyperion@78-0-208-110.adsl.net.t-com.hr] has joined #bitcoin-wizards 02:58 -!- draynium_ [U2FsdGVkX1@ma.sdf.org] has joined #bitcoin-wizards 03:03 -!- draynium [~d@45.63.76.107] has quit [Quit: ] 03:29 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has quit [Read error: Connection reset by peer] 03:39 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 268 seconds] 03:54 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 03:56 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 04:49 -!- nickler [~nickler@185.12.46.130] has quit [Ping timeout: 245 seconds] 04:49 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has joined #bitcoin-wizards 04:51 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 240 seconds] 04:51 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards 04:52 -!- pro [~pro@unaffiliated/pro] has joined #bitcoin-wizards 04:54 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 05:00 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 05:04 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 05:14 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 05:15 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 05:18 -!- LeMiner [~LeMiner@5ED1AFBF.cm-7-2c.dynamic.ziggo.nl] has quit [Read error: Connection reset by peer] 05:20 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Ping timeout: 248 seconds] 05:23 -!- alpalp [~allen@cpe-24-27-58-209.austin.res.rr.com] has joined #bitcoin-wizards 05:23 -!- alpalp [~allen@cpe-24-27-58-209.austin.res.rr.com] has quit [Changing host] 05:23 -!- alpalp [~allen@unaffiliated/alpalp] has joined #bitcoin-wizards 05:29 -!- hashtag [~hashtagg_@cpe-174-97-254-80.ma.res.rr.com] has joined #bitcoin-wizards 06:15 -!- blackwraith [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 06:16 -!- sausage_factory [~priidu@unaffiliated/priidu] has quit [Ping timeout: 260 seconds] 06:25 -!- sausage_factory [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 06:27 -!- blackwraith [~priidu@unaffiliated/priidu] has quit [Ping timeout: 260 seconds] 06:27 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-nkbyamsttgmvejgy] has quit [Quit: Connection closed for inactivity] 06:30 -!- BashCo [~BashCo@unaffiliated/bashco] has quit [] 06:33 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Remote host closed the connection] 06:33 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #bitcoin-wizards 06:43 -!- BashCo [~BashCo@unaffiliated/bashco] has joined #bitcoin-wizards 07:00 -!- d9b4bef9 [~d9b4bef9@web419.webfaction.com] has quit [Remote host closed the connection] 07:00 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards 07:01 -!- d9b4bef9 [~d9b4bef9@web419.webfaction.com] has joined #bitcoin-wizards 07:09 -!- AaronvanW [~ewout@207pc74.sshunet.nl] has joined #bitcoin-wizards 07:09 -!- AaronvanW [~ewout@207pc74.sshunet.nl] has quit [Changing host] 07:09 -!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards 07:18 -!- uiuc-slack [~uiuc-slac@li175-104.members.linode.com] has quit [Remote host closed the connection] 07:19 -!- uiuc-slack [~uiuc-slac@li175-104.members.linode.com] has joined #bitcoin-wizards 07:29 -!- shesek [~shesek@bzq-84-110-57-45.red.bezeqint.net] has quit [Ping timeout: 260 seconds] 07:36 -!- Giszmo [~leo@pc-40-227-45-190.cm.vtr.net] has joined #bitcoin-wizards 07:40 -!- Sosumi [~Leon@bl10-113-190.dsl.telepac.pt] has joined #bitcoin-wizards 07:41 -!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has joined #bitcoin-wizards 07:47 -!- shesek [~shesek@bzq-84-110-57-94.red.bezeqint.net] has joined #bitcoin-wizards 07:58 -!- nickler [~nickler@185.12.46.130] has joined #bitcoin-wizards 08:11 -!- ManfredMacx [~hyperion@78-0-208-110.adsl.net.t-com.hr] has quit [Quit: Leaving] 08:21 -!- Topogetcyrpto [~Topogetcy@41.251.129.242] has quit [Ping timeout: 258 seconds] 08:28 < nicolagreco> petertodd: does the proof-of-publication that you write about in your post only applies to transactions, correct? Can I do a proof of publication of a digest? 08:31 -!- laurentmt [~Thunderbi@176.158.157.202] has joined #bitcoin-wizards 08:36 -!- Topogetcyrpto [~Topogetcy@160.176.136.117] has joined #bitcoin-wizards 08:40 -!- laurentmt [~Thunderbi@176.158.157.202] has quit [Quit: laurentmt] 09:12 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-fbjjhbsxmvzzhqzy] has joined #bitcoin-wizards 09:14 -!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards 09:22 -!- edvorg [~edvorg@host-46-50-214-114.bbcustomer.zsttk.net] has quit [Ping timeout: 256 seconds] 09:41 -!- kankles [~kankles@107.152.98.147] has quit [Ping timeout: 264 seconds] 09:53 -!- kankles [~kankles@107.152.98.147] has joined #bitcoin-wizards 09:59 -!- nickler [~nickler@185.12.46.130] has quit [Ping timeout: 256 seconds] 09:59 -!- nickler [~nickler@185.12.46.130] has joined #bitcoin-wizards 10:08 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 258 seconds] 10:40 -!- CubicEarth [~cubiceart@2002:329f:7e15:0:cc7f:1bb:d934:205] has joined #bitcoin-wizards 10:43 -!- CubicEarth [~cubiceart@2002:329f:7e15:0:cc7f:1bb:d934:205] has quit [Remote host closed the connection] 10:44 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 10:45 -!- alferz [~alferz@unaffiliated/alfer] has quit [Ping timeout: 244 seconds] 10:50 -!- ipwn_ [~ipwn@bl18-232-89.dsl.telepac.pt] has joined #bitcoin-wizards 10:51 -!- ipwn [~ipwn@bl18-232-89.dsl.telepac.pt] has quit [Ping timeout: 264 seconds] 10:58 -!- Topogetcyrpto [~Topogetcy@160.176.136.117] has quit [Quit: Topogetcyrpto] 10:59 -!- laurentmt [~Thunderbi@176.158.157.202] has joined #bitcoin-wizards 10:59 -!- laurentmt [~Thunderbi@176.158.157.202] has quit [Client Quit] 11:01 -!- blackwraith [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 11:02 -!- sausage_factory [~priidu@unaffiliated/priidu] has quit [Ping timeout: 246 seconds] 11:03 -!- gigq [~gigq@2602:302:d14c:51a0:f0ad:c41b:d2a4:fe61] has quit [Ping timeout: 260 seconds] 11:05 -!- gigq [~gigq@2602:302:d14c:51a0:9484:1bc1:f5e7:ecd7] has joined #bitcoin-wizards 11:19 -!- JackH [~laptop@79-73-186-159.dynamic.dsl.as9105.com] has joined #bitcoin-wizards 11:20 < kanzure> in chaumian group signatures, why is the identify of the signer unknowabe? 11:27 < kanzure> "Short linkable ring signatures for e-voting, e-cash and attestation" https://eprint.iacr.org/2004/281.pdf 11:29 -!- Topogetcyrpto [~Topogetcy@160.176.136.117] has joined #bitcoin-wizards 11:34 -!- Fistful_of_Coins [o3u@162.243.79.19] has quit [Ping timeout: 248 seconds] 11:34 < kanzure> i guess i want "signer distinguishability" 11:41 < kanzure> libgroupsig supports traceability.... 11:45 -!- sausage_factory [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 11:47 -!- blackwraith [~priidu@unaffiliated/priidu] has quit [Ping timeout: 256 seconds] 11:48 -!- JackH [~laptop@79-73-186-159.dynamic.dsl.as9105.com] has quit [Remote host closed the connection] 11:51 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 11:52 -!- CubicEarth [~cubiceart@2002:329f:7e15:0:cc7f:1bb:d934:205] has joined #bitcoin-wizards 12:05 -!- blackwraith [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards 12:07 -!- sausage_factory [~priidu@unaffiliated/priidu] has quit [Ping timeout: 246 seconds] 12:14 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 12:41 -!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 13:03 -!- Sosumi [~Leon@bl10-113-190.dsl.telepac.pt] has quit [Quit: Bye] 13:07 -!- MoALTz_ [~no@77-254-9-16.adsl.inetia.pl] has quit [Quit: Leaving] 13:07 -!- Topogetcyrpto_ [~Topogetcy@105.156.121.22] has joined #bitcoin-wizards 13:08 -!- alpalp [~allen@unaffiliated/alpalp] has quit [Ping timeout: 240 seconds] 13:08 -!- Topogetcyrpto [~Topogetcy@160.176.136.117] has quit [Ping timeout: 250 seconds] 13:08 -!- Topogetcyrpto_ is now known as Topogetcyrpto 13:10 -!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has quit [Quit: Leaving.] 13:18 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 250 seconds] 13:21 -!- Dizzle__ [~Dizzle@2605:6000:1019:4099:88ed:245d:72a:befc] has joined #bitcoin-wizards 13:24 -!- Dizzle [~Dizzle@2605:6000:1019:4099:6c72:22d6:a7da:2c2e] has quit [Ping timeout: 258 seconds] 13:25 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has quit [Remote host closed the connection] 13:25 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has joined #bitcoin-wizards 13:37 -!- CubicEarth [~cubiceart@2002:329f:7e15:0:cc7f:1bb:d934:205] has quit [Remote host closed the connection] 13:45 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 13:54 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 13:54 -!- CubicEarth [~cubiceart@2002:329f:7e15:0:cc7f:1bb:d934:205] has joined #bitcoin-wizards 13:56 -!- CubicEar_ [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 13:56 -!- CubicEar_ [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Read error: Connection reset by peer] 13:58 -!- Topogetcyrpto_ [~Topogetcy@41.251.128.139] has joined #bitcoin-wizards 13:58 -!- CubicEarth [~cubiceart@2002:329f:7e15:0:cc7f:1bb:d934:205] has quit [Ping timeout: 258 seconds] 14:00 -!- Topogetcyrpto [~Topogetcy@105.156.121.22] has quit [Ping timeout: 258 seconds] 14:00 -!- Topogetcyrpto_ is now known as Topogetcyrpto 14:10 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 14:10 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 14:10 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 14:13 -!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)] 14:13 -!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving] 14:14 -!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards 14:19 -!- belcher [~belcher@unaffiliated/belcher] has quit [Ping timeout: 260 seconds] 14:23 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 14:40 -!- d9b4bef9 [~d9b4bef9@web419.webfaction.com] has quit [Remote host closed the connection] 14:40 -!- belcher [~belcher@unaffiliated/belcher] has joined #bitcoin-wizards 14:41 -!- d9b4bef9 [~d9b4bef9@web419.webfaction.com] has joined #bitcoin-wizards 14:41 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 14:51 -!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Quit: Ex-Chat] 14:54 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 14:59 -!- alpalp [~allen@unaffiliated/alpalp] has joined #bitcoin-wizards 14:59 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has joined #bitcoin-wizards 15:08 -!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 15:24 -!- hashtag_ [~hashtagg_@cpe-174-97-254-80.ma.res.rr.com] has joined #bitcoin-wizards 15:26 -!- hashtag [~hashtagg_@cpe-174-97-254-80.ma.res.rr.com] has quit [Ping timeout: 258 seconds] 15:28 -!- CrazyLoaf [uid67551@gateway/web/irccloud.com/x-shejwfjyhmcnpbbs] has joined #bitcoin-wizards 15:59 -!- blackwraith [~priidu@unaffiliated/priidu] has quit [Ping timeout: 246 seconds] 16:12 -!- PERSIAN [~PERSIAN@mtrlpq4709w-lp130-05-76-64-85-166.dsl.bell.ca] has quit [Ping timeout: 260 seconds] 16:19 < fluffypony> kanzure: you need traceability to prevent double spends (in a cryptocurrency setting) and double votes (in a blind voting setting) 16:19 -!- belcher [~belcher@unaffiliated/belcher] has quit [Ping timeout: 265 seconds] 16:20 < kanzure> fluffypony: i need something other than an accumulator. i need to check if a pubkey participated in a signature, without having a list of all the pubkeys that made the group signature (or aggregate signature or something). 16:21 < fluffypony> hmmmm 16:21 < fluffypony> yeah in Monero's ring sigs you can see all the pubkeys, and whilst the key image doesn't reveal the true signer it does require the pubkeys to verify 16:22 < fluffypony> I don't know if you can have verification of the traceable component without revealing the pubkeys in a ring 16:22 < fluffypony> and not being able to verify the trace is obviously bad, because then it could be false 16:22 < kanzure> also i would like this magic to be constant size 16:23 < fluffypony> bed time, I'll give this some thought tomorrow 16:23 < kanzure> thank you 16:28 -!- belcher [~belcher@unaffiliated/belcher] has joined #bitcoin-wizards 16:57 -!- _whitelogger [~whitelogg@uruz.whitequark.org] has quit [Remote host closed the connection] 16:58 -!- _whitelogger [~whitelogg@uruz.whitequark.org] has joined #bitcoin-wizards 16:59 -!- CubicEarth [~cubiceart@c-50-159-126-21.hsd1.wa.comcast.net] has quit [] 17:07 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-fbjjhbsxmvzzhqzy] has quit [Quit: Connection closed for inactivity] 17:15 -!- Dizzle [~Dizzle@2605:6000:1019:4099:4d0b:5555:d8c3:86f1] has joined #bitcoin-wizards 17:17 -!- Dizzle__ [~Dizzle@2605:6000:1019:4099:88ed:245d:72a:befc] has quit [Ping timeout: 245 seconds] 17:43 -!- PaulCapestany [~PaulCapes@2604:5500:17:2ea:80ba:b743:538a:b5ae] has joined #bitcoin-wizards 17:43 < kanzure> it's interesting to think about history size limits and rate limits in a client-side validation scheme perspective-- it can be a rate limit on transaction history size growth, or on total number of transactions, many other things. 17:47 -!- Dizzle [~Dizzle@2605:6000:1019:4099:4d0b:5555:d8c3:86f1] has quit [Quit: Leaving...] 17:48 -!- Topogetcyrpto [~Topogetcy@41.251.128.139] has quit [Quit: Topogetcyrpto] 17:48 < kanzure> Taek: have you described your "no blocks, only transactions" scheme somewhere? 17:58 -!- CrazyLoaf [uid67551@gateway/web/irccloud.com/x-shejwfjyhmcnpbbs] has quit [Quit: Connection closed for inactivity] 18:01 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has quit [Remote host closed the connection] 18:01 -!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has joined #bitcoin-wizards 18:10 -!- Topogetcyrpto [~Topogetcy@41.251.128.139] has joined #bitcoin-wizards 18:14 -!- kankles [~kankles@107.152.98.147] has quit [Ping timeout: 250 seconds] 18:34 -!- kankles [~kankles@107.152.98.147] has joined #bitcoin-wizards 18:36 -!- Topogetcyrpto [~Topogetcy@41.251.128.139] has quit [Quit: Topogetcyrpto] 18:41 -!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has joined #bitcoin-wizards 18:48 -!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz...] 18:49 -!- rusty2 is now known as rusty 18:52 -!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Quit: Leaving.] 18:52 -!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards 19:02 -!- CrazyLoaf [uid67551@gateway/web/irccloud.com/x-dpejvhmwkrybjojh] has joined #bitcoin-wizards 19:21 -!- Topogetcyrpto [~Topogetcy@41.251.128.139] has joined #bitcoin-wizards 19:23 -!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving] 19:58 -!- alpalp [~allen@unaffiliated/alpalp] has quit [Ping timeout: 264 seconds] 20:12 -!- pro [~pro@unaffiliated/pro] has quit [Quit: Leaving] 20:15 -!- rusty2 [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 250 seconds] 20:16 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 20:22 -!- Transisto2 [~Trans@modemcable017.144-178-173.mc.videotron.ca] has joined #bitcoin-wizards 20:29 -!- Madars [~null@unaffiliated/madars] has joined #bitcoin-wizards 20:48 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 260 seconds] 20:54 < Taek> kanzure: It evolved in to Jute, which is the presentation I gave in Milan 20:54 -!- wasi [~wasi@gateway/tor-sasl/wasi] has quit [Ping timeout: 245 seconds] 20:55 < kanzure> alright. i've been looking at a way to do a scheme with a single merkle root of a merkle tree of arbitrary data. starting to look into all the DAGy parts i might want to put in there. 20:58 < Taek> I think client side validation has a lot of potential, but you still need some guarantee of extensibility 20:58 < Taek> err - my understanding of client side validation is that you now somekthing is valid becuase the spender gives you the whole history of the transaction, which makes it easy for you to know that the transaction is correct without having the whole history of everythign 20:59 < kanzure> Taek: my problem at the moment is that blocks require a list of pubkeys, and i'm trying to eliminate that requirement :\ otherwise it's O(n) block size again 21:00 < Taek> are we talking about Peter Todd's work? 21:00 -!- legogris [~legogris@128.199.205.238] has quit [Remote host closed the connection] 21:00 < Taek> my understanding is that you only need to download the history relevant to you 21:00 < Taek> which would include the public key stuff 21:00 -!- legogris [~legogris@128.199.205.238] has joined #bitcoin-wizards 21:01 < kanzure> Taek: so, in my shceme, blocks do not include merkle tree updates/deltas/diffs 21:02 < Taek> pardon if I missed a link from earlier, but do you have a general description somewhere? 21:02 < kanzure> Taek: http://gnusha.org/bitcoin-wizards/2016-12-03.log 21:02 < kanzure> start near "weirdo proof-of-publication scheme" 21:03 < kanzure> also i can eliminate the list of output hashes in that description, in exchange for an extra client-side consensus rule (which is a good trade in my opinion) 21:17 -!- Alopex [~bitcoin@cyber.dealing.ninja] has quit [Remote host closed the connection] 21:17 -!- wasi [~wasi@gateway/tor-sasl/wasi] has joined #bitcoin-wizards 21:17 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 245 seconds] 21:17 -!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards 21:18 < kanzure> and now the trick is to eliminate the list of pubkeys. somehow. :| 21:19 -!- Alopex [~bitcoin@cyber.dealing.ninja] has joined #bitcoin-wizards 21:22 < Taek> hmm 21:23 < Taek> how do you get rid of the output hashes? 21:24 < kanzure> Taek: use same merkle tree location determined by pubkey or some other previous detail from history. always use same location. 21:24 < kanzure> list of output hashes was to prevent double spending. but having only one possible location for a double spend to appear at eliminates this problem (for a double spend in the current block). 21:25 < Taek> That's more or less what I was picturing 21:25 < Taek> but, you need to see the data in that merkle tree location every block to know that the output wasn't spent 21:25 < kanzure> no :) 21:26 < Taek> oh? 21:26 < kanzure> say you're a recipient receiving a bunch of merkle inclusion proofs 21:26 < Taek> oh is that what the list of public keys is for? 21:26 < kanzure> the spender says yo dawg i don't have a proof for block N 21:26 < kanzure> in the normal scheme you would say "well in block N you probably are hiding a double spend, so... give me the merkle inclusion proof" 21:27 < kanzure> for a spender that was offline during block N, he wont have any merkle inclusion proof to share you, right? this is indistinguishable from the malicious behavior :D. 21:27 < kanzure> so the alternative is to have the list of pubkeys yes 21:27 < kanzure> now, a list of pubkeys can be forged by a miner, therefore you need an aggregate signature where all the participants sign the merkle root (as an indication that yes they received a merkle inclusion proof from the miner) 21:28 < kanzure> so a potential recipient needs to be able to check all the intermediate blocks (between merkle inclusion proofs for each 'coin') to determine whether the recipient should expect to receive a merkle inclusion proof 21:29 < kanzure> if they do not receive the proof, then the recipient knows that they might be receiving double spent coins 21:32 < kanzure> so eliminating the list of pubkeys-- but keeping that property--- is important because you get a <10 kb block size for almost arbitrarily many transactions. 21:34 < Taek> I see 21:34 < Taek> it's interactive then 21:35 < Taek> at least as I currently understand it 21:35 < Taek> where, first you have the 'aggregating' phase, where everyone is submitting transactions to the miner, and then you have the inclusion signing phase 21:35 < Taek> hmm 21:36 < Taek> maybe there is some wiggle room to cut down on interactivity 21:38 < kanzure> sure, there's some problems there, and also the merkle inclusion proof stuff is a huge huge burden on clients 21:38 < Taek> depends I guess on how complex the history of the transaction is 21:39 < kanzure> it would probably grow pretty huge. but perhaps there's various kinds of magic to deal with that elsewhere. 21:39 < kanzure> and also, the interactivity puts a constraint on history growth at least inside a single block, because of DoS problems as you grow the size of the number of spenders heh 21:40 < kanzure> (although the DoS problems might not be real--- if someone doesn't sign, that might be OK. it's just invalid data.) 21:40 < Taek> well, you've got this ability to compress things a lot, maybe enough that you can put strict spendability rules on an output. For example, it can only be spent to a single input 21:40 < Taek> this means that the history of the output grows linearly with the number of times it has been spent, as opposed to exponentially 21:40 < Taek> it also means that people with more money have more history, because you'd probably set every output to like 0.0001 btc or something 21:41 < Taek> and that seems pretty fair to me 21:41 < kanzure> my number one priority was looking at the block data structure, before thinking about transaction history proof size reduction stuff 21:41 < Taek> yeah still stuck with those public keys 21:41 < kanzure> and O(n) list of pubkeys is a real bummer 21:41 < Taek> well, this seems like something that snarks might be useful for 21:42 < Taek> the O(n) pubkeys + sigs being the input, and a snark sig being the output 21:42 < Taek> though that's still not good enough imo because the interactivity requirements are pretty big 21:42 -!- windsok [~windsok@45.63.59.8] has quit [Ping timeout: 250 seconds] 21:42 < kanzure> the output is just a signature over the merkle root, for each pubkey or something, to prove that the spenders have received their merkle inclusion proofs 21:42 < Taek> right 21:43 < kanzure> well, so, the other way to think about this is: design a system where you know that the entire block data structure is just a merkle root and some other constant size data. and then build up from there. 21:43 < kanzure> if you were okay with long-hiding double spends, you could just use a merkle root and be done with it 21:44 < kanzure> clients would be responsible for detecting double spends in transaction graph history data 21:45 < kanzure> however, literally anyone could collude with any miner to introduce a double spend 21:45 < Taek> right 21:45 -!- wasi [~wasi@gateway/tor-sasl/wasi] has quit [Ping timeout: 245 seconds] 21:46 < Taek> having a giant list of public keys is still better I think than what we're doing today 21:46 < Taek> it's like maybe 4x scalability or something, in terms of what data is necessary for everyone to store 21:47 < kanzure> well if each pubkey is 32 bytes, do the math, it's like 30k transactions/block only 21:47 < kanzure> where are you getting 4x from btw? 21:48 < Taek> mostly pulled it out of the air. Transactions are 225 bytes today, and with this you can squeeze it down to 32 + some constant factor 21:48 < Taek> but you lose a lot of the scriptability 21:48 -!- CrazyLoaf [uid67551@gateway/web/irccloud.com/x-dpejvhmwkrybjojh] has quit [Quit: Connection closed for inactivity] 21:48 < kanzure> the scriptability is on the client side, it's still there 21:49 < Taek> oh right 21:49 < kanzure> .wa 1 MB / 32 bytes 21:49 < yoleaux> kanzure: Sorry, no result! 21:52 < Taek> 31,250 21:52 < Taek> :p 21:53 < Taek> I guess then that everything else is constant size 21:56 < kanzure> it feels very strange that a merkle root scheme like this is limited to only 31,250 21:57 < Taek> So, if we combine a scheme like this with something like Jute and push the block size out to say... 10 MB, that's 15 billion transactions per year. Which is enough to scale to the whole planet if most everyone is using lightning 22:00 < kanzure> somehow i thought a merkle tree scheme should get us way more than 31,250/block 22:00 -!- wasi [~wasi@gateway/tor-sasl/wasi] has joined #bitcoin-wizards 22:05 < kanzure> Taek: it might be more than 31,250/block technically... since the same pubkey could refer to multiple inputs. 22:05 < Taek> so we need a way to eliminate the public keys, and ideally also a way to remove the interactivity from the inclusion proof 22:05 < kanzure> to eliminate the interactivity, you would have to include the inclusion proofs in the block data. tada! but this is going in the opposite direction :). 22:06 < Taek> also, have to be careful about how much burden is being placed on the miner - providing 30,000 inclusion proofs to people making requests is going to be a bottleneck at some ponit 22:06 < Taek> though it's a lot easier than having blocks of the same size, because instead of doing the data through a flood network it's all direct-to-spender 22:07 < kanzure> no, the miner can choose to make a small block 22:07 < Taek> and collect less fees, which would be a centralization pressure 22:07 < kanzure> if they can't handle 30,000 inclusion proofs then they can just do a handful of inclusion proofs --- in fact, some spenders could do aggregation, and then distribute inclusion proofs to their multisig participants etc 22:08 < Taek> aggregation might also be how you eliminate smoe of the interactivity 22:08 < Taek> If I recall, some of the MAST signature stuff has a way to deal with absent participants 22:08 < Taek> basically the size of the signature grows with the number of people absent from the signing process 22:08 < kanzure> re: collecting less fees, i dunno if that's true.... so, the bottleneck is actually miner's validation of historical data. it's not the ability to generate inclusion proofs. if you encourage everyone to submit through multisig, then you only give back 1 inclusion proof. it's the validation of prior history that kills a small miner. 22:09 < Taek> doesn't need to be the miner's job to only include valid transactions 22:09 < kanzure> if you had lots of "freshly minted" fees, a small miner can take that almost immediately, without any difficulty, for almost an arbitrary number of transactions 22:09 < Taek> miner shouldn't have to do any script verification 22:10 < kanzure> miners must do script verification --- how do they check their fees? :D 22:10 < Taek> ah darn 22:10 < kanzure> but yes, other than fees, miners can include totally invalid wacky stuff, sure 22:11 < kanzure> which they are welcome to do. 22:13 < kanzure> in fact, if you're a small miner, perhaps you outsource your history validation or you accept any history of any fee at all, on the hopes that you can later upgrade to beefier hardware. but you could also instead choose to accept coins with shorter histories... if a coin was mined 500 blocks ago, spent once, you only have 2 inclusion proofs or something, it's not so bad... it's only coins ... 22:13 < kanzure> ...that have a lot of weird history that become problematic for small miners. 22:14 < Taek> hmm I really like the way you can skip the inclusion proofs by mandating that inclusion proofs are only valid if there's a signature from the spender in the block header 22:15 < kanzure> and likewise: coin spends are only valid if the signature is in the block too 22:15 < kanzure> (well, a related signature at least) 22:15 < Taek> you could also make life easier for the miner by paying the fee using outputs with little history 22:16 < kanzure> also.... if you're transacting a lot, you're incentivized to go do that on some other system. only use on-chain for occasional movements. 22:16 < kanzure> (because doing many transactions increases the history size) 22:16 < kanzure> yes, in general you would select coins that have little history, not just for the miner fee but for all of your spends 22:17 < Taek> it is interesting because it means coins with more history are worth less 22:17 < kanzure> the client-side can also have some pruning rules if you were really worried about transaction history hyper growth.... after a transaction has been in the strong set for a certain amount of time, perhaps it's okay to assume it doesn't need further validation. (not to mention that everyone is already doing validation caching of course) 22:21 -!- Giszmo [~leo@pc-40-227-45-190.cm.vtr.net] has quit [Quit: Leaving.] 22:24 < kanzure> Taek: what kind of DAG goodness can be applied to this? 22:25 < Taek> The dag stuff that I've been working on is mostly concerned with turning a dag into a line 22:25 < kanzure> and weak blocks in parents 22:25 < Taek> Or rather, taking a bunch of blocks that were produced in parallel and finding a secure way to get a strict/total ordering on them 22:27 < Taek> so, I don't think most of that applies here 22:28 < kanzure> in my scheme, you can give very tiny output amounts to small cpu miners i think 22:29 < Taek> ? 22:30 < Taek> I don't quite follow 22:30 -!- windsok [~windsok@45.63.59.8] has joined #bitcoin-wizards 22:30 < kanzure> the client-side rules can be whatever; the miner splits the coinbase output into a hundred billion pieces or something. 22:31 < Taek> ah 22:31 < Taek> hmm 22:31 < Taek> that's almost more p2pool-ish 22:32 < Taek> I'll have to sleep on it some, this seems like a pretty interesting way to build up a block 22:32 < Taek> re: the script stuff, you'd really end up with like 2 scripts 22:32 < Taek> the first is the one that is public and seen by everyone, and the second is the one that's only seen by the validator 22:33 < Taek> because, if you're doing something like m-of-n multisig, you need any 'm' to be able to spend the output 22:33 < Taek> but if you only have 1 public key, you essentially get a situation where any of the 'n' can spend the output and then withhold the data from everyone else 22:33 < Taek> they might spend the output in an invalid way, but nobody would ever know because the data is being withheld 22:37 -!- Transisto2 [~Trans@modemcable017.144-178-173.mc.videotron.ca] has quit [] 22:39 < kanzure> err i think maybe coalitions in a multisig scheme would be able to double spend each other, based on which coalition signed last time or something? i dunno 22:47 < Taek> they couldn't double spend I don't think, just prevent the other person from spending 22:56 -!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 250 seconds] 23:00 -!- Ylbam [uid99779@gateway/web/irccloud.com/x-jmntxozuayuobkqa] has joined #bitcoin-wizards 23:12 -!- xissburg [~xissburg@unaffiliated/xissburg] has quit [Quit: ZZZzzz...] 23:12 -!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has joined #bitcoin-wizards 23:24 -!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 252 seconds] 23:35 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards 23:44 -!- Emcy_ [~MC@cpc13-swan4-2-0-cust361.7-3.cable.virginm.net] has joined #bitcoin-wizards 23:44 -!- Emcy_ [~MC@cpc13-swan4-2-0-cust361.7-3.cable.virginm.net] has quit [Changing host] 23:44 -!- Emcy_ [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards 23:47 -!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 258 seconds] 23:58 -!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds] --- Log closed Mon Dec 12 00:00:36 2016