--- Log opened Thu May 19 00:00:27 2022
00:12 -!- AaronvanW [~AaronvanW@user/AaronvanW] has quit [Ping timeout: 246 seconds]
00:38 -!- Guyver2 [~Guyver@77-174-98-73.fixed.kpn.net] has joined #bitcoin-wizards
00:46 -!- AaronvanW [~AaronvanW@user/AaronvanW] has joined #bitcoin-wizards
01:03 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Ping timeout: 240 seconds]
01:04 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #bitcoin-wizards
01:10 -!- instantp10neer [~instantp1@user/instantp10neer] has quit [Ping timeout: 240 seconds]
01:15 -!- instantp10neer [~instantp1@user/instantp10neer] has joined #bitcoin-wizards
01:15 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
01:23 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 240 seconds]
02:44 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Ping timeout: 240 seconds]
02:45 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #bitcoin-wizards
03:19 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
03:22 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 256 seconds]
03:54 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
04:02 -!- instantp10neer [~instantp1@user/instantp10neer] has quit [Read error: Connection reset by peer]
04:04 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
04:07 -!- Guyver2 [~Guyver@77-174-98-73.fixed.kpn.net] has left #bitcoin-wizards [Closing Window]
04:34 -!- djb27__ [~djb27@user/djb27] has joined #bitcoin-wizards
04:37 -!- djb27__ [~djb27@user/djb27] has quit [Read error: Connection reset by peer]
04:38 -!- djb27_ [djb27@user/djb27] has quit [Ping timeout: 244 seconds]
05:14 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
05:41 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
05:47 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Quit: = ""]
05:56 < kanzure> can any of the trustless setup stuff be used for trustless PRNG?
07:22 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
07:25 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 250 seconds]
07:53 -!- Tiraspol [~Tiraspol@user/tiraspol] has quit [Ping timeout: 240 seconds]
07:53 -!- Tiraspol [~Tiraspol@c-98-220-224-193.hsd1.il.comcast.net] has joined #bitcoin-wizards
07:53 -!- Tiraspol [~Tiraspol@c-98-220-224-193.hsd1.il.comcast.net] has quit [Changing host]
07:53 -!- Tiraspol [~Tiraspol@user/tiraspol] has joined #bitcoin-wizards
08:39 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
08:48 < jeremyrubin> Yes, see VDFs
09:03 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
09:55 -!- roconnor [~roconnor@coq/roconnor] has quit [Ping timeout: 240 seconds]
10:11 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
11:00 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
11:10 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
11:30 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
11:34 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 256 seconds]
12:13 -!- geyaeb [~geyaeb@gateway/tor-sasl/geyaeb] has quit [Ping timeout: 240 seconds]
12:15 -!- geyaeb [~geyaeb@gateway/tor-sasl/geyaeb] has joined #bitcoin-wizards
12:35 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
13:03 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
13:12 -!- Guest3752 [~kenshiro@47.232.134.37.dynamic.jazztel.es] has joined #bitcoin-wizards
13:17 < Guest3752> Hi! I want to share an idea just in case it can be useful: what if Bitcoin consensus becomes an hybrid consensus, just like now, but adding an additional layer on top PoW based on a typical BFT PoS. To be short, this would work like this: when everything is running fine, the network works in full PoS mode and everyone can run a validator in a cheap VPS in the cloud. When there is a conflict in PoS consensus, the network 
13:17 < Guest3752> revert to PoW, miners turn on their miners and it stays in that way until it's resolved. Some examples of "revert to PoW" situations would be: network stuck because 2/3 of validators are not signing blocks, censorship detected (old transaction with reasonable gas floating in mempool more than N blocks (and there are space in the blocks), and network split. What do you think? :)
13:20 < reardencode> lolno.
13:21 < reardencode> Sorry, I'll elaborate in a less twitterish fashion: The thing that is necessary for Bitcoin's security is a high number of days of continuous work of all miners in the world to rewrite the chain.
13:21 < reardencode> If we only turn on the POW miners periodically then we won't be extending the days-to-rewrite, and the chain will become less secure over time.
13:21 < reardencode> There are other problems, but that's probably the single biggest one.
13:25 < Guest3752> I understand but this is BFT PoS, to be short, all blocks must be signed by 2/3 of validators and when it's done the block is immutable, it's like a hardcoded checkpoint. 
13:25 < BlueMatt[m]> no its not at all like a hardcoded checkpoint
13:25 < BlueMatt[m]> because unlike a hardcoded checkpoint there can be multiple valid histories
13:26 < BlueMatt[m]> in a practical sense its not even remotely immutable
13:26 < BlueMatt[m]> its locally immutable, but not consensus or network-wide immutable
13:26 < BlueMatt[m]> which is actually a really bad design
13:26 < Guest3752> I understand, but Casper fixes this with a penalty system: if an honest node detect a validator double-signing blocks with the same height, it submits the proof to the network, and it automatically burns the entire stake of the attacker
13:27 < Guest3752> so trying to create more than 1 branch it's suicidal
13:27 < BlueMatt[m]> that still doesnt make it final
13:28 < BlueMatt[m]> it only means if the network blows up maybe someone will be peanalized, but the network has blown up so its not like it helps things
13:28 < Guest3752> that can't be reverted in any legal way, so the block is final, there is to way back
13:28 < Guest3752> I mean "there is no way back"
13:28 < BlueMatt[m]> I think you dont understand how pos works
13:29 < Guest3752> I do, I read Casper FFG paper
13:29 < BlueMatt[m]> you may wish to google "subjective finality" I think thats what the eth people call "its not final, but like, if we pretend its final maybe we can pretend it is"
13:29 < Guest3752> note that "vanilla" PoS is very different of BFT PoS
13:29 < BlueMatt[m]> not in this sense its not no
13:29 < reardencode> the term might be "weak subjectivity"?
13:29 -!- AaronvanW [~AaronvanW@user/AaronvanW] has quit [Quit: Leaving...]
13:30 < BlueMatt[m]> or that
13:30 < BlueMatt[m]> right
13:30 < Guest3752> ok, I understand, they fix that with a maybe 2 month lock of staking deposits
13:30 < Guest3752> so as far nodes turn on at least one time each 2 months, they can't be cheated following another branch
13:30 < BlueMatt[m]> no, that still does not make it final
13:31 < Guest3752> only new nodes, or nodes turned off more than 2 months, need "help" in the case there is an evil branch
13:31 < BlueMatt[m]> nope, still not
13:32 < Guest3752> inside the 2 month window, any attacker with more than 2/3 of stake (that's very extreme) willing to create another branch, burns instantly his deposit
13:33 < Guest3752> an attacker with less than 2/3 of staking power never could even create the branch
13:33 < BlueMatt[m]> okay, so you agree its not final in any way, just a maybe-punishment assuming you can get something on-chain after an attacker started attacking
13:33 < BlueMatt[m]> (well, or large stakers got hacked)
13:33 < Guest3752> there is absolute finality inside the 2 month window, thanks to automatic slashing
13:34 < BlueMatt[m]> eh, I've got work to do
13:34 < BlueMatt[m]> maybe go reread the various eth pos explainers, there's quite a few floating around and most of them are quite honest about the nuances here from what I've seen.
13:34 < Guest3752> outside the 2 months windows, new nodes would need only to ask for the current tip of the chain add it to their node (and only if there are 2 branches, very rare to happen)
13:35 < BlueMatt[m]> lol thats also not true
13:35 < BlueMatt[m]> how do you know, objectively, if there are two branches?
13:35 < Guest3752> note that I'm not proposing Casper but a simpler and more restricted version
13:35 < Guest3752> Casper is still using "longest chain", but based on checkpoints
13:36 < BlueMatt[m]> right, I'm talking about the general class of issues/differences between pos and pow
13:36 < BlueMatt[m]> that apply universally
13:36 < Guest3752> they sacrifice some security for livenes
13:36 < BlueMatt[m]> you should go read up more on pos :)
13:36 < Guest3752> I propose something more similar to Tendermint, but with the slashing of Casper, which would be much simpler than Casper
13:37 < Guest3752> the main difference is this:
13:37 < Guest3752> if 2/3 of validators don't sign the block, the network halts, no exceptions. Then, it revert to PoW.
13:37 < Guest3752> Casper is more complicated to have more liveness, but we don't need it, because we can always revert to PoW :)
13:38 < BlueMatt[m]> please go read up more on pos and its concrete properties :)
13:38 < Guest3752> ok, I recommend you read more about Casper FFG :)
13:39 < BlueMatt[m]> 🙄
13:39 < Guest3752> the "BFT" part resolves most nightmares of "vanilla" PoS
13:39 < reardencode> Nothing that you've mentioned helps to address the problem that the PoW fallback is useless if it's not continuously funded and maintaining rewrite-hardness with current technology.
13:39 < BlueMatt[m]> no it doesnt, unless you own 1/3 of the stake, at least.
13:41 < Guest3752> neardencode I think it does, because there is real finality with each signed block, so no previous PoW is required (and I think we can trust there are some nodes online inside the 2 months (or other) time window) 
13:42 < Guest3752> remember, 2/3 of validators must sign each block, it's very restrictive. You can't create 2 legal branches with less than 2/3 of staking power. And if you do, the other nodes slash you.
13:43 < BlueMatt[m]> if there were "real finality" then sure. but that fundamentally cannot exist. it doesnt exist in pow (though a concrete cost is assigned to it) and does not exist in pos (where no concrete cost is assigned, though a theoretical one of slashing is depending on a ton of nuance)
13:43 < reardencode> The problem is that "falling back" on a PoW that doesn't have any history of work to rely on to show that the blocks produced really do represent the majority of available hashrate is like falling back on what your best buddy says. At some time later, someone could go back to a previous PoW fallback and rewrite that, and then force the PoS to resume on top of their revised work.
13:43 < reardencode> Only a continuous PoW chain is actually final, as Matt says.
13:44 < reardencode> haha, sorry, not _actually_ final -- but final to a definitive cost.
13:44 < BlueMatt[m]> right, power costs $
13:45 < Guest3752> because there are always some nodes online during the 2 month window, there is history of a legal PoW chain that once upgraded to BFT PoS, started to create checkpoints and that. All nodes would agree to that until the last checkpoint
13:46 < Guest3752> there is no way to undo that history, and remember the penalties of double signing- in the PoS part
13:47 < Guest3752> I can't imagine a situation in which someone even having 2/3 of staking power can attack the network without burning his stake and making everyone else much richer
13:47 < BlueMatt[m]> its funny, you say "there is no way" and then you describe what happens if it is undone. you're contradicting yourself :p
13:47 < Guest3752> no, I describe what happens if someone "try" to undo it :P
13:48 < Guest3752> the consensus make the attack impossible
13:48 < BlueMatt[m]> no, you describe the punishment, not a prevention
13:48 < BlueMatt[m]> a punishment with lots of caveats, I might add
13:48 < Guest3752> is also the prevention, because no legal node adds even 1 block of the evil chain, thx to consensus rules
13:49 < BlueMatt[m]> I think we have different definitions of english words, so I'm gonna go back to work :)
13:49 < Guest3752> ok ^^
13:49 < Guest3752> thx anyway
13:49 < Guest3752> :)
13:50 < Guest3752> Ethereum is going to be full PoS soon, you will see it's not attacked, it's totally suicidal.
13:52 < reardencode> Like many Bitcoiners, I'll 1) believe that the eth merge is gonna happen exactly when it does and not a second earlier. Also, the lack of attacks against ethereum tells me ~nothing about what would be safe on Bitcoin. Bitcoin is up against the world's most powerful governments and central banks.
13:55 < BlueMatt[m]> pos generally works quite well - because capital in ~every human system since the dawn of mankind has been absurdly centralized. thus, pos acts as a federated system, and federated systems are pretty easy to make work well. agreed, however, that it not being attacked isn't all that relevant to anything, and none of this implies we want bitcoin to end up in the same place.
13:55 < Guest3752> I think with a complex set of rules, you can have a safe PoS. The only danger I see an evil actor with lot of money increasing his stake slowly until it has 2/3 of stake and then it can start to censor transactions. But I think it should be easy to detect censored transactions (old transactions, legal, with proper gas, with free space on blocks floating in the mempool more than N blocks) but as it can detected, it could be 
13:55 < Guest3752> automatically resolved with a "revert to PoW" situation, starting from last legal checkpoint.
13:56 < BlueMatt[m]> https://www.youtube.com/watch?v=d7qKD7zpltI
13:59 < Guest3752> with a pure PoS, it's resolved with a hard fork burning all staking deposits. That danger also incentivices everyone, especially whales, to not stake too much.
14:00 < Guest3752> which makes the network even more decentralized (many little stakers)
14:02 < Guest3752> thx for conversation, have to go :)
14:03 -!- Guest3752 [~kenshiro@47.232.134.37.dynamic.jazztel.es] has quit [Quit: byee]
14:21 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
15:28 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
15:31 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 246 seconds]
15:54 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
15:55 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 250 seconds]
17:16 -!- peace777 [sid338452@id-338452.hampstead.irccloud.com] has quit []
17:16 -!- peace777 [sid338452@id-338452.hampstead.irccloud.com] has joined #bitcoin-wizards
18:31 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
18:32 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 250 seconds]
18:50 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #bitcoin-wizards
18:58 -!- Tiraspol [~Tiraspol@user/tiraspol] has quit [Ping timeout: 240 seconds]
18:58 -!- Tiraspol [~Tiraspol@c-98-220-224-193.hsd1.il.comcast.net] has joined #bitcoin-wizards
18:58 -!- Tiraspol [~Tiraspol@c-98-220-224-193.hsd1.il.comcast.net] has quit [Changing host]
18:58 -!- Tiraspol [~Tiraspol@user/tiraspol] has joined #bitcoin-wizards
19:46 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
19:49 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 256 seconds]
22:11 -!- dongcarl [~dongcarl@pool-108-6-233-95.nycmny.fios.verizon.net] has quit [Ping timeout: 260 seconds]
22:12 -!- dongcarl [~dongcarl@pool-108-6-233-95.nycmny.fios.verizon.net] has joined #bitcoin-wizards
23:05 -!- ElBaltico [~ElBaltico@138.204.158.9] has joined #bitcoin-wizards
23:30 -!- tromp [~textual@dhcp-077-249-230-040.chello.nl] has joined #bitcoin-wizards
23:36 -!- z9z0b3t1_ [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has quit [Ping timeout: 250 seconds]
23:43 -!- z9z0b3t1c [z9z0b3t1c@gateway/vpn/protonvpn/z9z0b3t1c] has joined #bitcoin-wizards
--- Log closed Fri May 20 00:00:28 2022