--- Log opened Wed Nov 27 00:00:02 2024
00:27 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
00:36 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
01:03 -!- Cory31 [~Cory31@user/pasha] has quit [Quit: Client closed]
01:03 -!- Cory31 [~Cory31@user/pasha] has joined #bitcoin-wizards
01:11 -!- Guyver2 [~Guyver@77-174-98-73.fixed.kpn.net] has joined #bitcoin-wizards
01:14 -!- itsarjn_ [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
01:17 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Ping timeout: 248 seconds]
01:18 -!- Cory31 [~Cory31@user/pasha] has quit [Quit: Client closed]
01:18 -!- Cory31 [~Cory31@user/pasha] has joined #bitcoin-wizards
01:38 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
01:40 -!- itsarjn_ [~itsarjn@user/itsarjn] has quit [Ping timeout: 245 seconds]
03:02 -!- Netsplit *.net <-> *.split quits: hugomd, stoner19, kico, emcy__, ariard
03:05 -!- emcy__ [~emcy@85.255.234.197] has joined #bitcoin-wizards
03:05 -!- kico [~kico@user/kico] has joined #bitcoin-wizards
03:05 -!- hugomd [~hugomd@user/hugomd] has joined #bitcoin-wizards
03:05 -!- ariard [~ariard@167.99.46.220] has joined #bitcoin-wizards
03:05 -!- emcy__ [~emcy@85.255.234.197] has quit [Remote host closed the connection]
03:05 -!- emcy__ [~emcy@85.255.234.197] has joined #bitcoin-wizards
03:09 -!- stoner19 [stoner19@2607:5300:60:8796::109] has joined #bitcoin-wizards
03:09 -!- stoner19 [stoner19@user/stoner19] has changed host
03:13 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
03:22 -!- Guyver2 [~Guyver@77-174-98-73.fixed.kpn.net] has left #bitcoin-wizards [Closing Window]
03:47 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
03:48 -!- deusexbeer [~deusexbee@188.170.83.177] has quit [Ping timeout: 252 seconds]
03:52 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
04:56 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
05:05 -!- gf2718 [~gf2718@78.245.83.31] has joined #bitcoin-wizards
05:25 -!- jackielove4u [~jackielov@user/jackielove4u] has quit [Quit: The Lounge - https://thelounge.chat]
05:27 -!- jackielove4u [~jackielov@user/jackielove4u] has joined #bitcoin-wizards
05:28 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has joined #bitcoin-wizards
05:29 -!- andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has quit [Remote host closed the connection]
05:38 -!- gf2718 [~gf2718@78.245.83.31] has quit [Read error: Connection reset by peer]
05:46 < andytoshi> Ademan_: yes, at 1Mhash/sec it would take 584k years, and that does sound about right for a single-core run without dedicated opcodes (with simd you can maybe get another 2 or 3x)
05:49 < andytoshi> even consumer hardware has dedicated sha2 opcodes now, but that's probably only a factor 1000 at best
05:50 < andytoshi> so i think "infeasible on consumer hardware" will be true for many years
05:51 < andytoshi> hard to find numbers for GPUs these days but i think they're something like 10-100 Mhash, which doesn't help
05:52 < andytoshi> FPGAs i think are on the order of a ghash or two; you can cobble together a few hundred of them in a data center and that'd be enough to do the computation in a year
05:53 -!- Cory31 [~Cory31@user/pasha] has quit [Quit: Client closed]
05:53 -!- Cory31 [~Cory31@user/pasha] has joined #bitcoin-wizards
05:53 < andytoshi> and ASICs of course are much much faster. the bitmain s21 claims 234 TH/s which would take you just under a day to build the tree on a single one
05:54 < andytoshi> ignoring memory access costs, and the small constants related to use of sha2 vs sha2d (or maybe other cheaper hashes are ok)
05:55 < andytoshi> Ademan_: having said that, if somebody builds the tree, you can then spot-check its correctness. and if something is wrong it is easy to create a transferrable proof
06:41 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
06:42 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
07:10 < Ademan_> thanks andytoshi that all sounds about what my gut was telling me
07:15 < Ademan_> on the ASIC front afaik down at the hardware level they actually operate on a block header (since they need to do trillions of these a second they're not asking an MCU for a new block header to hash, they're incrementing the nonce themselves and rehashing, I don't know all of the details but I was looking at some (old) bitmain asic data sheets and reverse engineered info ~a year ago very casually)
07:16 < Ademan_> (that's to say I COULD be misremembering but I did actually look into it once heh)
07:20 < andytoshi> yeah, you can't use a literal mining asic for this. producing a merkle tree would be a fair bit more complicated and likely much slower
07:23 < andytoshi> oh, also, in a world with CAT you can compress multiple levels into the tree .. like, rather than each leaf being a 32-bit result, each leaf can hold 16 results and still be within the 512-bit sha2 block size. (actually i think it's only 14 because sha2 forces an 8-bit length suffix, but ok). so that's a 14x speedup
07:23 < andytoshi> then imagine you have an asic whose cores can compute 8 of these groups and then the merkle root of that (so 3 layers of the tree). that is probably a reasonable amount of hardware
07:25 < andytoshi> i guess it needs to be more than 8. let's say 64, so 6 layers of the tree. that's a bit annoying because i think it'd involve 64 separate sha2 circuits all working at once, but it's certainly doable
07:25 < andytoshi> so now the ASIC is able to produce the "leaves" of a 55-bit tree
07:26 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
07:26 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
07:27 < andytoshi> and completing the tree is 1142 years with your single-core machine. but should be easy to get that under one year with hardware acceleration, multiple procs, etc
07:28 < andytoshi> probably my numbers need to be tweaked. and i'm not an asic designer. but this seems 100% feasible if you're willing to tape out an asic, and may even be feasible just with fpgas
07:28 < andytoshi> but. i think it's reasonable to say that 32-bits is about the limit here. you can probably do 33 or 34, but not 48 or 64
07:35 -!- solocshaw [~Thunderbi@c-73-255-91-223.hsd1.tx.comcast.net] has joined #bitcoin-wizards
07:36 < Ademan_> yeah I think you're probably right that it's feasible if you're able to tape out a custom asic, but boy that's a lot of effort haha
07:37 -!- gf2718 [~gf2718@18.109-136-217.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards
07:40 < Ademan_> I suppose there could be a world where that could be commodified as some kind of accelerator
07:41 -!- gf2718 [~gf2718@18.109-136-217.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 246 seconds]
07:54 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
07:56 < andytoshi> yeah, i would guess that if these were useful there'd be companies that specialized in generating these giant merkle trees (and maybe even selling proofs from them)
07:56 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
07:56 < andytoshi> they could even publish the whole tree and still have a feasible business, since not many people are interested in storing 2^64 hashes themselves
08:18 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
08:19 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 260 seconds]
08:46 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
08:54 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
08:56 < Ademan_> Publishing roots down to a certain depth would also drastically cut down on computation time
09:09 -!- gf2718 [~gf2718@2a02:a03f:65fc:3900:dccd:9da4:8d59:68ec] has joined #bitcoin-wizards
09:14 -!- gf2718 [~gf2718@2a02:a03f:65fc:3900:dccd:9da4:8d59:68ec] has quit [Ping timeout: 245 seconds]
09:25 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
09:36 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
09:46 -!- deusexbeer [~deusexbee@188.170.74.127] has joined #bitcoin-wizards
10:08 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
10:11 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
10:15 -!- Guest26 [~Guest13@80.208.69.37] has joined #bitcoin-wizards
10:24 -!- narodnik [~narodnik@2a02:aa13:8342:1400:81b3:9662:6650:690d] has quit [Quit: WeeChat 4.4.2]
10:27 -!- narodnik [~narodnik@2a02:aa13:8342:1400:81b3:9662:6650:690d] has joined #bitcoin-wizards
10:28 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
10:39 -!- gf2718 [~gf2718@2a02:a03f:65fc:3900:dccd:9da4:8d59:68ec] has joined #bitcoin-wizards
10:39 -!- Guest26 [~Guest13@80.208.69.37] has quit [Quit: Client closed]
10:44 -!- gf2718 [~gf2718@2a02:a03f:65fc:3900:dccd:9da4:8d59:68ec] has quit [Ping timeout: 252 seconds]
10:44 < jeremyrubin> Ademan_ yep -- you can publish to a certain depth and recomputing the parts you need is a lot cheaper
10:46 < jeremyrubin> andytoshi:maybe you can make merkle trees in bitcoin using some sort of hash collision hardness, e.g. sha1(a) == sha1(b) = d is somehow similar to sha256(a || b)
10:47 < jeremyrubin> but without getting to free start a and b seems tough to do
10:47 < andytoshi> lol! yeah i think there's something there
10:47 < andytoshi> but yeah
10:47 < andytoshi> without CAT to "pull apart" a and b
10:49 < jeremyrubin> sha1(a) == sha1(b) == d, a == sha1(e) == sha1(f), b == sha1(g) == sha1(h) would mean d can open to e,f,g,h
10:51 < jeremyrubin> andytoshi: also another colliderscript question, did you consider that you could maybe do sha1(x) == easy_hash_160(y) = d?
10:51 < jeremyrubin> i guess that doesn't work since you usually use just the same value to satisfy
10:57 -!- narodnik [~narodnik@2a02:aa13:8342:1400:81b3:9662:6650:690d] has quit [Quit: WeeChat 4.4.3]
11:00 -!- narodnik [~narodnik@2a02:aa13:8342:1400:81b3:9662:6650:690d] has joined #bitcoin-wizards
11:03 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
11:10 -!- pablomartin [~pablomart@193.160.247.182] has joined #bitcoin-wizards
11:11 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
11:44 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
11:48 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
12:07 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
12:14 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
12:23 -!- pablomartin [~pablomart@193.160.247.182] has quit [Remote host closed the connection]
12:30 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
12:40 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
13:02 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
13:04 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Remote host closed the connection]
13:06 < andytoshi> jeremyrubin: i need hashes on both sides to have a big script opcode
13:06 < andytoshi> so i can't use easy_hash_160
13:07 < andytoshi> now, it may be that we could allow sha1(x) = ripemd160(y) = d ... i'm not sure if our formalism allows that. i definitely didn't consider it
13:07 < andytoshi> might be able to save a bit of work that way?
13:07 < andytoshi> one bit*
13:07 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
13:24 -!- gf2718 [~gf2718@2a02:a03f:65fc:3900:dccd:9da4:8d59:68ec] has joined #bitcoin-wizards
13:28 -!- gf2718 [~gf2718@2a02:a03f:65fc:3900:dccd:9da4:8d59:68ec] has quit [Ping timeout: 246 seconds]
13:51 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
14:02 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
14:14 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
17:03 -!- BUSY [~BUSY@user/busy] has quit [Quit: Leaving]
17:04 -!- BUSY [~BUSY@user/busy] has joined #bitcoin-wizards
17:26 -!- deusexbeer [~deusexbee@188.170.74.127] has quit [Ping timeout: 255 seconds]
17:27 -!- deusexbeer [~deusexbee@178.178.247.34] has joined #bitcoin-wizards
17:42 -!- jonatack [~jonatack@user/jonatack] has quit [Read error: Connection reset by peer]
17:43 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
18:08 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 246 seconds]
18:10 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
18:18 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 252 seconds]
18:32 -!- greypw14 [~greypw@user/greypw] has joined #bitcoin-wizards
18:32 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
18:34 -!- greypw1 [~greypw@user/greypw] has quit [Ping timeout: 260 seconds]
18:34 -!- greypw14 is now known as greypw1
18:34 -!- deusexbeer [~deusexbee@178.178.247.34] has quit [Ping timeout: 252 seconds]
18:34 -!- deusexbeer [~deusexbee@188.170.86.158] has joined #bitcoin-wizards
18:51 -!- Cory31 [~Cory31@user/pasha] has quit [Quit: Client closed]
18:51 -!- Cory31 [~Cory31@user/pasha] has joined #bitcoin-wizards
19:09 < jeremyrubin> I was thinking you could use easy_hash_160 on the bytewise side and sha1 (or ripemd160) on the big script side
19:10 -!- Cory31 [~Cory31@user/pasha] has quit [Quit: Client closed]
19:10 -!- Cory31 [~Cory31@user/pasha] has joined #bitcoin-wizards
19:10 < jeremyrubin> but i think it doesn't actually really work since the formalism is exploiting collisions against d, which should be satisfied when s1 and s2 are actually colliding d?
19:12 < jeremyrubin> i'm not sure i exactly see how it would save you a bit
19:31 -!- andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has joined #bitcoin-wizards
19:32 -!- jonasschnelli_ [~jonasschn@2a01:4f9:3081:504d::2] has quit [Ping timeout: 248 seconds]
19:34 -!- _andrewtoth_ [~andrewtot@gateway/tor-sasl/andrewtoth] has quit [Ping timeout: 260 seconds]
19:44 -!- jonasschnelli [~jonasschn@bitcoinsrv3.jonasschnelli.ch] has joined #bitcoin-wizards
20:14 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
21:31 -!- jonatack [~jonatack@user/jonatack] has quit [Ping timeout: 246 seconds]
21:33 -!- jonatack [~jonatack@user/jonatack] has joined #bitcoin-wizards
22:01 -!- emcy__ [~emcy@85.255.234.197] has quit [Remote host closed the connection]
22:01 -!- mcey [~emcy@85.255.234.197] has joined #bitcoin-wizards
23:06 -!- solocshaw [~Thunderbi@c-73-255-91-223.hsd1.tx.comcast.net] has quit [Quit: solocshaw]
23:26 -!- itsarjn_ [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
23:29 -!- itsarjn [~itsarjn@user/itsarjn] has quit [Ping timeout: 255 seconds]
23:36 -!- twistedline [~bitcoin@185.193.125.44] has quit [Remote host closed the connection]
23:38 -!- twistedline [~bitcoin@185.193.125.44] has joined #bitcoin-wizards
23:43 -!- itsarjn [~itsarjn@user/itsarjn] has joined #bitcoin-wizards
23:44 -!- josie [~josibake@suhail.uberspace.de] has quit [Quit: ZNC 1.8.2 - https://znc.in]
23:45 -!- josie [~josibake@suhail.uberspace.de] has joined #bitcoin-wizards
23:46 -!- itsarjn_ [~itsarjn@user/itsarjn] has quit [Ping timeout: 252 seconds]
23:56 -!- tromp [~textual@92-110-219-57.cable.dynamic.v4.ziggo.nl] has joined #bitcoin-wizards
--- Log closed Thu Nov 28 00:00:02 2024