--- Log opened Sat Nov 27 00:00:44 2021
00:17 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
00:21 -!- morcos [~morcos@gateway/tor-sasl/morcos] has quit [Remote host closed the connection]
00:21 -!- morcos [~morcos@gateway/tor-sasl/morcos] has joined #bitcoin-wizards
00:30 -!- Guyver2 [Guyver@guyver2.xs4all.nl] has joined #bitcoin-wizards
00:45 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 245 seconds]
01:14 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
01:46 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 260 seconds]
01:58 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
01:59 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
02:04 -!- kexkey [~kexkey@static-198-54-132-133.cust.tzulo.com] has quit [Ping timeout: 256 seconds]
02:05 -!- kexkey [~kexkey@static-198-54-132-165.cust.tzulo.com] has joined #bitcoin-wizards
02:12 -!- jtrag [~jtrag@user/jtrag] has quit [Quit: <-----  is PODAK (Passed out drunk at keyboard), and he has somehow managed to quit/disconnect...]
02:12 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
02:43 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 256 seconds]
03:15 -!- Guyver2_ [Guyver@guyver2.xs4all.nl] has joined #bitcoin-wizards
03:18 -!- Guyver2 [Guyver@guyver2.xs4all.nl] has quit [Ping timeout: 268 seconds]
03:18 -!- Guyver2_ is now known as Guyver2
03:34 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
03:44 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
03:55 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
03:56 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
04:07 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 260 seconds]
04:42 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
04:43 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
04:58 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
05:30 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
05:31 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
05:32 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 268 seconds]
05:36 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
05:37 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
06:22 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
06:22 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
06:23 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
06:42 -!- Aaronvan_ [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
06:46 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 268 seconds]
06:59 < andytoshi> roconnor: nice! i think you're right, that this lets you do recovery (with work quadratic in k) using this extra symbol-lookup volvelle and no extra tables
06:59 < andytoshi> i think it obviates the need for the symbol multiplication table (and the need for the user to write out any of the symbols by hand, which is a nice benefit because a lot of them are hard to draw)
07:00 < andytoshi> i *don't* think that adding the symbol-multiplication table back in would reduce the work to linear though
07:00 < andytoshi> which sucks, because it means we're stuck with quadratic work, but is nice from a design point of view because it means we don't need to include that awkward volvelle
07:00 < roconnor> It does.
07:01 < andytoshi> oh?
07:01 < roconnor> I mean sort of.
07:01 < roconnor> The method I give requires translating the entire share k-1 times to get A0 A1 A2 ...
07:01 < roconnor> But you can instead multiply the symbols together
07:01 < roconnor> and then do that share translation only once.
07:02 < roconnor> which saves a lot of work.
07:02 < roconnor> But technically it is only a linear amount of work because it is a fuction of the share length not k.
07:02 < roconnor> That said, the share length is much much larger than k.
07:03 < andytoshi> you need to translate every share though
07:03 < andytoshi> and you're not always multiplying by the same product of symbols
07:04 < andytoshi> i think these two approaches (translate A to A0, then A1, then A2...; vs multiplying the symbols then translating A directly to A{k-1}) are the same amount of work
07:04 < andytoshi> i think it's clear that they're the same amount of work for a single share
07:05 < andytoshi> and what's less clear (but also true, i think) is that you can't reuse any of the multiplication work from share A for share C,D,E,etc
07:05 < roconnor> traslating A to A0 takes 48 steps and translating A0 to A1 takes another 48 steps.
07:06 < andytoshi> oh!
07:06 < andytoshi> lol derp
07:06 < roconnor> but taking the two symbols and multiplying them together takes 1 step, then translating A to A1 takes 48 steps.
07:06 < andytoshi> yeah you're right
07:07 < roconnor> Okay I've just pushed my new recover-share disc that replaces the recovery table.
07:07 < andytoshi> ok, so the total work for all shares is still quadratic in k .. but the multiplication wheel gets you a 48x speedup i think
07:07 < roconnor> I've also transposed it from my description above.
07:07 < roconnor> andytoshi: corret.
07:07 < andytoshi> ok, great, let me review all your pushes from the last day or two
07:08 < roconnor> Anyhow with the transposed disc the k-of-n recovery process is as follows.
07:08 < roconnor> dial the recover share disc to the current share you are operating on.
07:09 < andytoshi> my plan had been to work on share generation today (i think we were wrong that you can just look up (k, share index) in a table ... you actually need to look up (k, share index, initial share) ... so probably i can only fit the date for k = 2 through 8 or so onto a single page)
07:09 < roconnor> look up the symbols for all the other shares and multiply all those symbols togeter (using a multiplication table that I haven't written yet).
07:09 < roconnor> translate that share you are operating on with that resulting symbol.
07:09 < roconnor> Repeat this for every k share.
07:10 < andytoshi> roconnor: cool, makes perfect sense to me
07:10 < roconnor> add all the translation together.
07:10 < andytoshi> BTW< i am also working on a latex document that tries to "explain" the underlying math, or at least define enough terms that a motivated user could look everything up
07:11 < roconnor> sounds good.
07:11 < andytoshi> lol 14 new commits since i last fetched
07:11 < andytoshi> ok this'll take me a moment to review
07:12 < roconnor> The 2-of-n recovery simplifies to turn the dial to the share you are working on; look up the other share's symbol, translate your share you are working using that symbol.
07:13 < roconnor> repeat for the other share, and then add the two translations.
07:13 < andytoshi> yep
07:14 < roconnor> my big worry is that the recover share disc isn't symmetric so if users get it backwords things will fail.
07:14 < roconnor> But I think it will fail badly enough that they should notice.
07:14 < roconnor> I'm not sure there is much than can be done about it.
07:19 < andytoshi> the same problem exists with the current "create share C" disk
07:20 < andytoshi> the "recover share" one has symbols on the outside and letters on the front .. can you get that one backward?
07:20 < andytoshi> and the "multiply symbols" disc is symmetric since multiplication is commutative
07:20 < andytoshi> ah! but the "lookup symbol" disk will have letters on the outside (meaning share indices) and front (meaning data) and you can get that backward
07:21 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
07:21 < andytoshi> it's tempting to like, use a blackboard bold font for symbols that mean share indices
07:21 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
07:22 < andytoshi> BTW, happy to see that you computed the same precomp stuff that i did. and this even/odd thing is very elegant
07:22 < roconnor> the new worksheet can handle even or odd lengths
07:23 < roconnor> you can try replacing the `45 {32} repeat` with `46 {32} repeat` to see.
07:24 < roconnor> oh the layout of the prefix isn't quite right.
07:24 < roconnor> Anyhow, I can fix that later.
07:32 < andytoshi> yeah, the new code is much easier to clean up or tweak. no rush
07:34 < roconnor> The symbol elements represent the multiplicative group elements of alpha^n for n between 1 and 30.
07:35 < roconnor> If we represented them and arabic numbers, then multiplying them consists of adding up those exponents modulo 31.
07:35 < roconnor> That said, maybe a multiplication table for symbols is still better.
07:36 < andytoshi> that's a neat idea .. but i think the symbols would be better
07:36 < roconnor> me too.
07:37 < andytoshi> both because arabic numerals could get confused with bech32 characters; you often need two of them to represent one value; and because i think users might infer crazy things from "add these mod 31" and then go do wrong things
07:37 < andytoshi> like, they'll misinterpret what the numbers mean and then invent "shortcuts"
07:37 < andytoshi> i know i would do this :P
07:38 < andytoshi> the symbols have a nice "don't try to interpret these, just follow the directions" message to them
07:41 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
07:42 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
07:49 -!- Aaronvan_ is now known as AaronvanW
07:55 < andytoshi> roconnor: are the two blank spaces on the recovery translation wheel just there to make the alignment of the wheel contents look right? or do they have meaning?
07:55 < andytoshi> when i remove them things look pretty ugly :)
07:56 < andytoshi> oh there's one more commit which affects this
08:01 < andytoshi> BTW if you want the code to split the checksum table between two pages, it's on my russ32 branch (and IIRC that code is in ok enough shape that it's worth stealing)
08:03 < andytoshi> roconnor: ah! I get what you mean by "the recover share wheel isn't symmetric". on this one, you spin the volvelle to the working share, then look up the other shares
08:03 < andytoshi> and both of these are indices, there's not even any clever font-based-typing scheme we could use to distinguish them
08:03 < andytoshi> but if you swap them you'll be in trouble
08:04 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
08:05 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
08:05 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Quit: Leaving...]
08:07 < andytoshi> hmm, actually the "split up the checksum worksheet" commit has 'hack' in the commit message and it doesn't cleanly apply. maybe not worth stealing
08:09 -!- jamesecombs [~james@41.sub-174-211-172.myvzw.com] has joined #bitcoin-wizards
08:23 < roconnor> the two blank spaces on the translation recovery wheel correspond to 0 and 1, which are unused.
08:23 < roconnor> Actually 1 might be used in k-of-n for k > 2, so I'll probably put that one back in.
08:44 -!- solocshaw [~Thunderbi@gateway/vpn/pia/solocshaw] has joined #bitcoin-wizards
09:02 -!- jamesecombs [~james@41.sub-174-211-172.myvzw.com] has quit [Read error: Connection reset by peer]
09:17 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
09:18 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
09:48 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
10:13 < andytoshi> roconnor: https://github.com/roconnor-blockstream/SSS32/pull/17 draws the share creation tables for k = 2 to 6. by editing the source you can fit the table for k=31 into the same space, if you're crazy
10:14 < andytoshi> i still haven't tested this so it's possible i made some silly algebra error, but i made a PR so you can see what things look like
10:16 < andytoshi> some evidence that i messed something up is that the k=1 (you need to edit the source to draw it) has different symbols for every share .. i would expect it to have the multiplier 1 for every one
10:16 < andytoshi> some evidence that i didn't mess anything up is that the k=31 table does have a single fixed multiplier that you're supposed to multiply every share by to compute the final share
10:21 -!- Aaronvan_ [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
10:22 < andytoshi> ah there we go, i forgot to permute one of my variables to the human-readable order
10:23 < andytoshi> ok fixed the PR
10:24 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Ping timeout: 260 seconds]
10:25 < roconnor> that looks better.
10:25 < andytoshi> yep, now i see all the symmetries that i expect
10:25 < roconnor> The k=2 case has all pairs next to each other on the wheel.
10:25 < andytoshi> yep. as does the k=30 case, interestingly
10:25 < andytoshi> i haven't worked out the algebra but i intuitively expected "something like that"
10:25 < roconnor> the sum of all the coefficents adds up to 1.
10:26 < andytoshi> ah yep ofc
10:26 < andytoshi> actually -- is that true if i sum along rows *and* if i sum along columns? neat if so
10:26 < roconnor> And I definitely need to add Aleph to the wheel since it is now clearly used.
10:27 < roconnor> I was just thinking about the columns.
10:28 < andytoshi> ok :) i think it might be true of the rows as well, but i'm not motivated enough to check
10:28 < andytoshi> i think i'm as confident as i'm going to be in this table without actually testing it
10:29 < andytoshi> hmm, unfortunately i do not have a recovery wheel with me, nor will i have access to volvelle-making tools for several hours
10:31 < roconnor> Well let me add an Aleph to the recovery wheel first before you go printing anything.
10:31 < andytoshi> ah lol good catch
10:31 < roconnor> I removed it because, as you can see, it doesn't occur in k=2
10:33 < andytoshi> right
10:34 < andytoshi> i wonder what's up with share 4 in the 3-of-n case ... its column is all alephs
10:36 < roconnor> It's probaly okay 1 + 1 + 1 = 1
10:36 < roconnor> so it is an affine combination.
10:36 < andytoshi> lol interesting. i'll hand-compute it just to be sure
10:36 < roconnor> It should be the case that S + A + C = 4
10:37 < andytoshi> yep that is the case
10:38 < roconnor> intersting.  We should recommend using the A C and 4 shares when doing 3 of n
10:38 < andytoshi> ah yep, i see how the lagrange basis polynomials then work out. characteristic 2 is funny
10:38 < roconnor> I wonder if there are similar sets for 4 of n and higher.
10:38 < andytoshi> i think k=3 is special
10:39 < andytoshi> you have a bunch of terms of the form (x + y), where x and y are drawn from a 3-element set where every pair adds to the third one
10:39 < roconnor> we've restricted ourselves to setting the random shares to A C D ...
10:39 < andytoshi> i mean, we can change that by modifying permS i think
10:39 < roconnor> I mean, we probably still want to do something like that ... though there is room for specailizing each k.
10:39 < roconnor> bech32 fixes the alphabet interpretation.
10:40 < roconnor> But maybe we will be like: for k=4 start with B W Z and 4 or something.
10:40 < roconnor> we can look into it later.
10:40 < andytoshi> so then S is no longer the secret? that feels risky
10:40 < andytoshi> like it'll cause mistakes
10:40 < roconnor> no I wouldn't change that.
10:41 < andytoshi> ok, in that case i think you may be limited in your ability to choose "nice" starting shares
10:41 < roconnor> It's just that A C 4 happens to be such that if you are doing 3 -of-n and have those shares, you can just add them up.
10:41 < roconnor> and there are probably other triples with that property.
10:41 < roconnor> but, in particular, there are probably quadruples with that property too.
10:41 < andytoshi> yeah
10:41 < roconnor> It's just not any that are A C D ?
10:42 < roconnor> I guess n must be odd
10:42 < roconnor> so k = 5
10:42 < roconnor> maybe it isn't worth bothering for k = 5
10:42 < roconnor> let' those crazy people do their own thing.
10:42 < andytoshi> lol yeah
10:43 < roconnor> Just suggest that one of the shares for 3-of-n include 4.
10:43 < andytoshi> it's maybe worth adding a "tips and tricks" appendix which suggests the user ad-hoc uses A,C,4 for the "most important" 3-of-n shares
10:43 < roconnor> exactly.
10:45 < roconnor> You can rebase now.  I've added Aleph back to the wheel.
10:46 < andytoshi> kk rebased and pushed
10:49 < roconnor> by somewhat of a coincidence alpha represents alpha.
10:50 < roconnor> the generator of GF_32
10:55 < andytoshi> neat :)
10:56 < sipa> I choose to believe.
10:56 < sipa> This is no mere coincidence.
10:56 < andytoshi> hehehe
10:57 < andytoshi> roconnor: I am about to head out on a 3 hour car ride ... should i try to implement the 3-of-k recovery table and write out instructions for higher-k recovery? or will you do that?
10:57 < andytoshi> bear in mind there is a good chance that i cannot actually write postscript in a moving vehicle
10:57 < andytoshi> on account of motion sickness
10:58 < sipa> the portion of the wikipedia BCH article about decoding reads like it was written by someone with somewhat mediocre skills in english and communication
10:58 < sipa> after finding for example α 2 {\displaystyle \alpha ^{2}} \alpha ^{2} we can divide Λ {\displaystyle \Lambda } \Lambda by corresponding monom ( x − α 2 ) {\displaystyle \left(x-\alpha ^{2}\right)} {\displaystyle \left(x-\alpha ^{2}\right)} and the root of resulting monom could be found easily
11:00 < andytoshi> yeah that's pretty awkward grammar
11:00 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
11:00 < sipa> a guess a monom is a palidromic polynomial?
11:00 < sipa> *monomial
11:01 < sipa> **palindromic
11:01 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
11:02 < andytoshi> lol maybe. i haven't heard that term, i assumed it was a copy/paste mistake from wikitext to irc
11:02 < sipa> no, the article actually talks about monoms
11:23 -!- Aaronvan_ is now known as AaronvanW
11:31 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
11:31 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
11:40 -!- Guyver2_ [Guyver@guyver2.xs4all.nl] has joined #bitcoin-wizards
11:41 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
11:41 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
11:42 -!- Guyver2 [Guyver@guyver2.xs4all.nl] has quit [Ping timeout: 245 seconds]
11:42 -!- Guyver2_ is now known as Guyver2
12:07 -!- jamesecombs [~james@41.sub-174-211-172.myvzw.com] has joined #bitcoin-wizards
12:09 -!- jamesecombs [~james@41.sub-174-211-172.myvzw.com] has left #bitcoin-wizards []
12:12 -!- jtrag [~jtrag@user/jtrag] has quit [Read error: Connection reset by peer]
12:13 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
12:16 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
12:17 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
13:12 -!- sr_gi [~sr_gi@static-120-137-229-77.ipcom.comunitel.net] has quit [Read error: Connection reset by peer]
13:12 -!- sr_gi [~sr_gi@static-120-137-229-77.ipcom.comunitel.net] has joined #bitcoin-wizards
14:01 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
14:02 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
14:21 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
14:21 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
14:31 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
14:32 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
15:26 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
15:27 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
15:31 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
15:32 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
16:06 -!- Guyver2 [Guyver@guyver2.xs4all.nl] has quit [Quit: Going offline, see ya! (www.adiirc.com)]
16:10 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
16:11 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
16:42 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
16:43 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
16:45 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Remote host closed the connection]
16:57 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
16:57 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
17:15 -!- AaronvanW [~AaronvanW@190.53.113.19] has joined #bitcoin-wizards
17:41 -!- AaronvanW [~AaronvanW@190.53.113.19] has quit [Quit: Leaving...]
18:43 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
18:44 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
18:55 < ademan[m]> non-wizarding question since #bitcoin is clogged with nonsense as usual
18:55 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Remote host closed the connection]
18:56 < ademan[m]> I’m using HD address generation, and I’m wondering how I should derive my keys. The obvious answer is to use BIP-44/BIP-84 paths: `/84'/0'/account'/change/index` but I think it might be more convenient to my application to use something like `/9001'/0'/account'/stage/index` where stage refers to a key generated for each stage of the application-level transaction. `stage=0` might correspond to the commitment transaction,
18:56 < ademan[m]> `stage=1` might correspond to the commitment change output, `stage=2` might correspond to the revocation transaction. index would correspond to the application-level transaction number. This way keys related to a given application-level transaction are grouped logically. (Furthermore, is it valid for me to use `purpose=84` at all, if I’m deriving keys for p2wsh? )
18:58 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
18:58 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #bitcoin-wizards
18:59 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
19:00 < andytoshi> i use ad-hoc bip32 paths for my coins. tbh i kinda regret this because it makes backups more complicated and it means my coins can't be imported into any other wallet
19:00 < andytoshi> maybe descriptors will improve the import situation soon
19:01 < ademan[m]> yeah my import situation is hopeless without descriptors anyways since it's P2WSH
19:07 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
19:08 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
19:19 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
19:20 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
19:22 < roconnor> andytoshi: the average checksum table entry for V53S0VVV95U22 has 10.14 unique characters (out of 13).
19:23 < roconnor> he average checksum table entry for 17EQDDD06BEDA has 10.17 unique characters (out of 13).
19:24 < andytoshi> i'll bet those are two close to result in a meaningful usability difference?
19:24 < andytoshi> too close*
19:24 < andytoshi> i wonder if they have a meaningfully different number of Qs
19:24 < roconnor> still V53S0VVV95U22 is the winner by this metric.
19:24 < andytoshi> yep. convenient
19:26 < andytoshi> BTW - i don't think i can reasonably fit 4500 entries on a page, even being clever. i am going to look for algebraic shortcuts/compressions for a bit, but probably i will just restrict the table to n leq 16 .. 16 choose 3 is 560 which is much more manageable
19:26 < andytoshi> also BTW, the symbols for ACW are three diamonds in a row. not sure what to make of that
19:26 < roconnor> andytoshi: they both have an average of 0.4 Q's per entry.
19:26 < andytoshi> (i haven't double-checked them on paper though, so take that with a grain of salt)
19:26 < andytoshi> roconnor: ah ok
19:26 < roconnor> you can fit 4500 entries over multiple pages.
19:28 < roconnor> I think you put the most common entries first.  So ACD  then everythng with letter between A and E, then everything with letter betwen A and F, etc.
19:29 < roconnor> thee diamonds in a row?
19:29 < roconnor> That doesn't make sense, they don't add to 1.
19:31 < andytoshi> good point. ok lemme see what i did wrong
19:32 < andytoshi> ah i have messed up my permutations again
19:32 < andytoshi> one sec
19:33 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
19:34 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
19:34 < andytoshi> ok there we go. now i see the three alephs on AC4 as we expected, and no other eyebrow-raising triples
19:37 < andytoshi> i'm starting to run into postscript loop iteration limits which are really irritating. have to unroll a lot of stuff :/
19:54 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
19:55 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
19:57 -!- atuttle [~atuttle@static-198-54-131-168.cust.tzulo.com] has joined #bitcoin-wizards
20:24 -!- jtrag [~jtrag@user/jtrag] has quit [Remote host closed the connection]
20:25 -!- jtrag [~jtrag@user/jtrag] has joined #bitcoin-wizards
20:26 < andytoshi> so.. AC2, ALW, DER, Z5A, CYQ, 56C all have the symbols club/heart/beta ... and there are probably others, i haven't generated all the triples and i'm identifying these by hand
20:27 < andytoshi> but this is already in excess of the number of repeats you'd expect by naively counting (in theory there are 31^2 ~ 1000 possibilities for the first two symbols and the third is determined, meanwhile there are ~4500 different triples)
20:30 < andytoshi> can we group all these triples into orbits of some sort? is it easy for a user to compute what orbit he's in?
20:30 < andytoshi> also, whenever we have shares which add up to S, we will get aleph-aleph-aleph, so we expect that aleph-aleph-aleph will occur several hundred times
20:32 < andytoshi> 9DN is also club-heart-beta
20:34 < andytoshi> oh and when i said ALW i meant WAL
20:34 < andytoshi> er, LAW
20:43 < andytoshi> out of 1066 triples, only 40 are aleph-aleph-aleph actually, i think it must require more than "x + y + z = S"
20:51 < andytoshi> or there are a lot fewer solutions to x+y+z=S than i think
20:56 -!- copumpkin [~woohoo@user/copumpkin] has joined #bitcoin-wizards
21:03 -!- copumpkin [~woohoo@user/copumpkin] has quit [Ping timeout: 240 seconds]
21:05 -!- copumpkin [~woohoo@user/copumpkin] has joined #bitcoin-wizards
21:08 < andytoshi> ah yeah i was just overcounting solutions. i think there are 155 of them, which is consistent with my current count
22:15 < ademan[m]> would it violate user expectations for a wallet to derive an xpub from an xpriv, and store it in the clear?
--- Log closed Sun Nov 28 00:00:45 2021