2015-06-27.log

--- Log opened Sat Jun 27 00:00:53 2015
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has joined #bitcoin-wizards		00:07
-!- mjerr [~mjerr@p578EAB34.dip0.t-ipconnect.de] has joined #bitcoin-wizards		00:31
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Quit: Quitte]		00:35
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]		00:43
-!- MatrixBridge [matrixirc@gateway/shell/matrix.org/x-shjplorkvygbyidv] has quit [Remote host closed the connection]		00:47
-!- MatrixBridge [matrixirc@gateway/shell/matrix.org/x-yeyjybbksbqjeoki] has joined #bitcoin-wizards		00:47
-!- bosma [~bosma@S01067cb21bda6531.vc.shawcable.net] has quit [Ping timeout: 248 seconds]		00:51
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards		01:01
-!- andy-logbot [~bitcoin--@wpsoftware.net] has quit [Remote host closed the connection]		01:03
-!- andy-logbot [~bitcoin--@wpsoftware.net] has joined #bitcoin-wizards		01:03
* andy-logbot is logging		01:03
-!- shen_noe [~shen_noe@wired042.math.utah.edu] has joined #bitcoin-wizards		01:04
-!- shen_noe [~shen_noe@wired042.math.utah.edu] has quit [Client Quit]		01:05
akrmn	lol ya the topic is confusing	01:12
-!- AaronvanW [~ewout@D979E961.cm-3-2d.dynamic.ziggo.nl] has joined #bitcoin-wizards		01:16
-!- AaronvanW [~ewout@D979E961.cm-3-2d.dynamic.ziggo.nl] has quit [Changing host]		01:16
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards		01:16
-!- mode/#bitcoin-wizards [+o wumpus] by ChanServ		01:21
-!- wumpus changed the topic of #bitcoin-wizards to: This channel is is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development \| http://bitcoin.ninja/ \| This channel is logged. \| For logs and more information, visit http://bitcoin.ninja		01:22
-!- shen_noe [~shen_noe@wired042.math.utah.edu] has joined #bitcoin-wizards		01:22
-!- mode/#bitcoin-wizards [-o wumpus] by ChanServ		01:22
prosodyContext	Logbot, meet Matrix.org. MatrixBridge is now live, so we have federated, decentralized, persistent logs, a better audit trail to match our blockchain. =))	01:23
prosodyContext	Freenode bridge*	01:23
-!- shen_noe [~shen_noe@wired042.math.utah.edu] has quit [Client Quit]		01:24
-!- b_lumenkraft [~b_lumenkr@unaffiliated/b-lumenkraft/x-4457406] has joined #bitcoin-wizards		01:25
-!- dEBRUYNE [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards		01:25
-!- b_lumenkraft [~b_lumenkr@unaffiliated/b-lumenkraft/x-4457406] has quit [Quit: b_lumenkraft]		01:31
-!- spinza [~spin@197.83.246.196] has quit [Excess Flood]		01:31
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Ping timeout: 246 seconds]		01:32
-!- spinza [~spin@197.83.246.196] has joined #bitcoin-wizards		01:33
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		01:33
-!- Aquentin [~Aquentin@unaffiliated/aquentin] has joined #bitcoin-wizards		01:34
-!- NewLiberty_ [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has joined #bitcoin-wizards		01:34
-!- NewLiberty [~NewLibert@2602:304:cff8:1580:95c8:933e:4f9f:ac63] has quit [Ping timeout: 248 seconds]		01:37
-!- zopac [~resellerp@77.234.43.138] has joined #bitcoin-wizards		01:47
-!- p15 [~p15@182.50.108.9] has joined #bitcoin-wizards		01:47
* zopac anyone one wanna trade pm me		01:47
-!- shen_noe [~shen_noe@wired042.math.utah.edu] has joined #bitcoin-wizards		01:52
akrmn	wrong channel for trading	01:58
zopac	what channel trading	01:58
akrmn	#bitcoin-otc	01:59
-!- mode/#bitcoin-wizards [+o wumpus] by ChanServ		02:03
-!- mode/#bitcoin-wizards [+b !@77.234.43.138] by wumpus		02:03
-!- zopac was kicked from #bitcoin-wizards by wumpus [Kindergarten is elsewhere!]		02:03
-!- mode/#bitcoin-wizards [-o wumpus] by ChanServ		02:03
-!- p15 [~p15@182.50.108.9] has quit [Ping timeout: 248 seconds]		02:11
-!- luny` is now known as luny		02:17
-!- jtimon [~quassel@69.29.134.37.dynamic.jazztel.es] has joined #bitcoin-wizards		02:17
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		02:22
-!- shen_noe [~shen_noe@wired042.math.utah.edu] has quit [Quit: Leaving]		02:30
fluffypony	prosodyContext: that's very cool - if I understand it correctly it uses WebRTC to move data around, and then everyone just keeps a copy of the data in case the homeserver goes down?	02:31
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds]		02:37
-!- giel_ is now known as gielbier		02:43
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards		02:43
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		02:45
-!- erasmospunk [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has joined #bitcoin-wizards		02:47
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has quit [Quit: sparetire_]		02:47
prosodyContext	Xactly fluffypony	02:52
prosodyContext	OpenWebRTC to be exact...	02:52
-!- drwin [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards		02:53
fluffypony	very nice	02:53
fluffypony	where can we find the MatrixBridge logs online btw?	02:54
-!- dc17523be3 [~unknown@193.138.219.233] has quit [Ping timeout: 264 seconds]		02:57
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards		03:03
-!- gielbier [~giel@095-096-099-140.static.chello.nl] has quit [Ping timeout: 246 seconds]		03:07
-!- drwin [~drwin@88-103-255-166.jes.cz] has quit [Read error: Connection reset by peer]		03:09
-!- drwin [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards		03:11
-!- spinza [~spin@197.83.246.196] has quit [Excess Flood]		03:23
-!- gielbier [~giel@f142219.upc-f.chello.nl] has joined #bitcoin-wizards		03:26
-!- spinza [~spin@197.83.246.196] has joined #bitcoin-wizards		03:28
-!- p15 [~p15@182.50.108.77] has joined #bitcoin-wizards		03:34
-!- dEBRUYNE [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has quit [Ping timeout: 246 seconds]		03:38
-!- dEBRUYNE [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards		03:44
-!- p15 [~p15@182.50.108.77] has quit [Ping timeout: 272 seconds]		03:45
-!- nessence_ [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has joined #bitcoin-wizards		03:46
-!- nessence [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has quit [Ping timeout: 248 seconds]		03:48
-!- erasmosp_ [~erasmospu@176.92.61.74] has joined #bitcoin-wizards		03:51
-!- erasmospunk [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has quit [Ping timeout: 265 seconds]		03:53
-!- spinza [~spin@197.83.246.196] has quit [Ping timeout: 256 seconds]		03:55
-!- erasmosp_ [~erasmospu@176.92.61.74] has quit [Ping timeout: 265 seconds]		03:55
-!- spinza [~spin@197.83.246.196] has joined #bitcoin-wizards		03:57
-!- SDCDev [~quassel@unaffiliated/sdcdev] has joined #bitcoin-wizards		03:58
-!- dc17523be3 [unknown@gateway/vpn/mullvad/x-tcixvsoiwmeehuts] has joined #bitcoin-wizards		04:02
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards		04:10
-!- MoALTz_ [~no@78.11.179.104] has joined #bitcoin-wizards		04:12
-!- MoALTz [~no@78.11.179.104] has quit [Ping timeout: 256 seconds]		04:15
-!- M-_mis [mistake__m@gateway/shell/matrix.org/x-mywutvpmtakghecb] has joined #bitcoin-wizards		04:23
M-_mis	fluffypony (IRC): Well you neeed to get an account right now. 0.9.2 is current beta, v1 will bring public facing logs. They've been throttling themselves to avoid running into problems from going too fast?	04:23
fluffypony	ah cool	04:24
M-_mis	If you install your own Synapse homeserver you get all the logs right away...	04:24
fluffypony	100%	04:24
-!- dEBRUYNE [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has quit [Ping timeout: 255 seconds]		04:25
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]		04:36
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 252 seconds]		04:40
-!- p15 [~p15@114.248.214.14] has joined #bitcoin-wizards		04:54
-!- shen_noe [~shen_noe@172.56.39.60] has joined #bitcoin-wizards		04:56
-!- p15_ [~p15@64.145.91.68] has joined #bitcoin-wizards		05:04
-!- BigBitz [~BigBitz@unaffiliated/bigbitz] has joined #bitcoin-wizards		05:05
-!- p15 [~p15@114.248.214.14] has quit [Ping timeout: 255 seconds]		05:05
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		05:06
-!- MoALTz_ [~no@78.11.179.104] has quit [Quit: Leaving]		05:08
-!- p15_ [~p15@64.145.91.68] has quit [Ping timeout: 252 seconds]		05:10
-!- jtimon [~quassel@69.29.134.37.dynamic.jazztel.es] has quit [Ping timeout: 264 seconds]		05:13
-!- p15 [~p15@198.50.160.97.static-ca.cryptolayer.com] has joined #bitcoin-wizards		05:14
-!- p15 [~p15@198.50.160.97.static-ca.cryptolayer.com] has quit [Ping timeout: 264 seconds]		05:24
-!- p15 [~p15@198.50.160.97.static-ca.cryptolayer.com] has joined #bitcoin-wizards		05:27
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		05:32
-!- c0rw\|zZz is now known as c0rw\|timetravel		05:36
-!- c0rw\|timetravel is now known as c0rw1n		05:38
-!- drwin [~drwin@88-103-255-166.jes.cz] has quit [Read error: Connection reset by peer]		05:38
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]		05:41
-!- drwin [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards		05:41
-!- p15 [~p15@198.50.160.97.static-ca.cryptolayer.com] has quit [Ping timeout: 250 seconds]		05:49
-!- p15 [~p15@114.243.157.242] has joined #bitcoin-wizards		05:52
-!- p15_ [~p15@198.50.160.97.static-ca.cryptolayer.com] has joined #bitcoin-wizards		06:00
-!- p15 [~p15@114.243.157.242] has quit [Ping timeout: 255 seconds]		06:01
-!- p15_ [~p15@198.50.160.97.static-ca.cryptolayer.com] has quit [Max SendQ exceeded]		06:05
-!- p15 [~p15@114.243.154.221] has joined #bitcoin-wizards		06:12
-!- p15 [~p15@114.243.154.221] has quit [Client Quit]		06:15
-!- p15 [~p15@114.243.154.221] has joined #bitcoin-wizards		06:16
-!- www1 [~v3@f052166172.adsl.alicedsl.de] has quit [Ping timeout: 248 seconds]		06:27
-!- www [~v3@f052166172.adsl.alicedsl.de] has joined #bitcoin-wizards		06:40
-!- p15 [~p15@114.243.154.221] has quit [Ping timeout: 246 seconds]		06:42
-!- p15 [~p15@124.64.99.182] has joined #bitcoin-wizards		06:44
-!- p15_ [~p15@64.145.91.68] has joined #bitcoin-wizards		06:51
-!- p15 [~p15@124.64.99.182] has quit [Ping timeout: 276 seconds]		06:53
-!- p15 [~p15@114.244.157.230] has joined #bitcoin-wizards		06:57
-!- p15_ [~p15@64.145.91.68] has quit [Ping timeout: 248 seconds]		06:58
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]		06:58
-!- jaekwon [~jae@c-98-234-63-169.hsd1.ca.comcast.net] has joined #bitcoin-wizards		07:23
-!- p15 [~p15@114.244.157.230] has quit [Ping timeout: 264 seconds]		07:24
-!- jaekwon [~jae@c-98-234-63-169.hsd1.ca.comcast.net] has quit [Remote host closed the connection]		07:32
-!- jaekwon [~jae@2601:645:c001:263a:4d79:868b:8819:9c18] has joined #bitcoin-wizards		07:33
-!- btcdrak [uid52049@gateway/web/irccloud.com/x-nabfjrkamedlfrit] has quit [Quit: Connection closed for inactivity]		07:41
-!- c0rw1n_ [~c0rw1n@92.74-67-87.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards		07:44
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		07:44
-!- dEBRUYNE_ [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards		07:46
-!- c0rw1n [~c0rw1n@92.74-67-87.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 256 seconds]		07:47
-!- c0rw1n_ is now known as c0rw1n		07:47
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 244 seconds]		07:48
-!- Xh1pher [~Xh1pher@pD9E3A97A.dip0.t-ipconnect.de] has quit [Quit: Xh1pher]		08:03
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has quit [Ping timeout: 252 seconds]		08:04
-!- jaekwon [~jae@2601:645:c001:263a:4d79:868b:8819:9c18] has quit [Remote host closed the connection]		08:05
-!- jaekwon [~jae@2601:645:c001:263a:9420:5e0a:5979:ff3b] has joined #bitcoin-wizards		08:09
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards		08:11
-!- gill3s [~gill3s@pat35-3-82-245-143-153.fbx.proxad.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]		08:17
-!- jaekwon [~jae@2601:645:c001:263a:9420:5e0a:5979:ff3b] has quit [Remote host closed the connection]		08:18
-!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards		08:28
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]		08:31
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards		08:31
-!- shen_noe [~shen_noe@172.56.39.60] has quit [Quit: Leaving]		08:34
-!- Xh1pher [~Xh1pher@pD9E3A97A.dip0.t-ipconnect.de] has joined #bitcoin-wizards		08:37
-!- c0rw1n_ [~c0rw1n@92.74-67-87.adsl-dyn.isp.belgacom.be] has joined #bitcoin-wizards		08:39
-!- c0rw1n [~c0rw1n@92.74-67-87.adsl-dyn.isp.belgacom.be] has quit [Ping timeout: 248 seconds]		08:42
-!- c0rw1n_ is now known as c0rw1n		08:43
-!- zooko [~user@c-73-217-16-2.hsd1.co.comcast.net] has joined #bitcoin-wizards		08:53
-!- zooko [~user@c-73-217-16-2.hsd1.co.comcast.net] has quit [Ping timeout: 255 seconds]		09:05
-!- gill3s [~gill3s@pat35-3-82-245-143-153.fbx.proxad.net] has joined #bitcoin-wizards		09:24
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		09:28
-!- jaekwon [~jae@2601:645:c001:263a:e5f4:cdf5:ec7e:4529] has joined #bitcoin-wizards		09:28
-!- cosmo [~james@unaffiliated/cosmo] has joined #bitcoin-wizards		09:30
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has quit [Remote host closed the connection]		09:32
-!- bosma [~bosma@S01067cb21bda6531.vc.shawcable.net] has joined #bitcoin-wizards		09:36
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards		09:38
-!- www1 [~v3@x5ce1bf95.dyn.telefonica.de] has joined #bitcoin-wizards		09:44
-!- www [~v3@f052166172.adsl.alicedsl.de] has quit [Ping timeout: 265 seconds]		09:46
-!- belcher [~belcher-s@unaffiliated/belcher] has joined #bitcoin-wizards		09:52
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		10:17
-!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has joined #bitcoin-wizards		10:18
-!- nessence [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has joined #bitcoin-wizards		10:19
-!- nessence_ [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has quit [Ping timeout: 276 seconds]		10:22
-!- SwedFTP [~SwedFTP@unaffiliated/swedftp] has quit [Ping timeout: 248 seconds]		10:29
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds]		10:42
-!- nessence_ [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has joined #bitcoin-wizards		10:44
-!- nessence [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has quit [Ping timeout: 246 seconds]		10:44
-!- nessence [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has joined #bitcoin-wizards		10:54
-!- nessence_ [~alexl@c-68-51-194-2.hsd1.mi.comcast.net] has quit [Ping timeout: 250 seconds]		10:55
-!- laurentmt [~chatzilla@89-93-129-41.hfc.dyn.abo.bbox.fr] has joined #bitcoin-wizards		11:01
-!- jaekwon [~jae@2601:645:c001:263a:e5f4:cdf5:ec7e:4529] has quit [Remote host closed the connection]		11:03
-!- jaekwon [~jae@2601:645:c001:263a:8d02:77cf:56ad:fc82] has joined #bitcoin-wizards		11:05
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 256 seconds]		11:05
-!- bi_fa_fu [~E@65.113.88.100] has joined #bitcoin-wizards		11:16
-!- jaekwon [~jae@2601:645:c001:263a:8d02:77cf:56ad:fc82] has quit [Remote host closed the connection]		11:19
-!- belcher [~belcher-s@unaffiliated/belcher] has quit [Quit: Leaving]		11:21
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 255 seconds]		11:38
-!- drwin [~drwin@88-103-255-166.jes.cz] has quit [Read error: Connection reset by peer]		11:42
-!- drwin [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards		11:43
-!- laurentmt [~chatzilla@89-93-129-41.hfc.dyn.abo.bbox.fr] has quit [Quit: ChatZilla 0.9.91.1 [Firefox 38.0.5/20150525141253]]		11:43
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		11:45
-!- JackH [~Jack@host-80-43-142-154.as13285.net] has joined #bitcoin-wizards		11:47
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds]		11:56
-!- SwedFTP [~SwedFTP@unaffiliated/swedftp] has joined #bitcoin-wizards		12:02
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards		12:08
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards		12:14
-!- btcdrak [uid52049@gateway/web/irccloud.com/x-ofupgucuyetqhqgd] has joined #bitcoin-wizards		12:14
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Quit: Leaving]		12:15
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards		12:16
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]		12:17
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		12:20
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		12:28
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]		12:34
-!- Guest68586 is now known as mr_burdell		12:41
-!- mr_burdell is now known as Guest87353		12:41
-!- jmcn_ [~jamie@2.24.158.21] has joined #bitcoin-wizards		13:00
-!- jmcn [~jamie@2.24.158.87] has quit [Ping timeout: 276 seconds]		13:03
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has quit [Read error: Connection reset by peer]		13:06
-!- GAit [~lnahum@2-230-161-158.ip202.fastwebnet.it] has joined #bitcoin-wizards		13:09
-!- dEBRUYNE_ [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has quit [Ping timeout: 248 seconds]		13:09
-!- mjerr [~mjerr@p578EAB34.dip0.t-ipconnect.de] has quit [Ping timeout: 248 seconds]		13:42
-!- kmels [~kmels@186.151.61.184] has joined #bitcoin-wizards		13:46
-!- drwin_ [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards		13:51
-!- drwin [~drwin@88-103-255-166.jes.cz] has quit [Read error: No route to host]		13:51
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Remote host closed the connection]		14:04
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards		14:10
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		14:10
-!- damethos [~damethos@unaffiliated/damethos] has quit [Client Quit]		14:11
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards		14:11
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards		14:11
-!- PaulCapestany [~PaulCapes@204.28.124.82] has quit [Quit: .]		14:18
-!- PaulCapestany [~PaulCapes@204.28.124.82] has joined #bitcoin-wizards		14:19
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has joined #bitcoin-wizards		14:30
-!- spinza [~spin@197.83.246.196] has quit [Excess Flood]		14:33
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has joined #bitcoin-wizards		14:33
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has quit [Read error: Connection timed out]		14:34
-!- spinza [~spin@197.83.246.196] has joined #bitcoin-wizards		14:38
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has joined #bitcoin-wizards		14:40
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye]		14:56
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has quit [Read error: Connection timed out]		14:56
-!- SubCreative [~SubCreati@2601:601:400:1f04:9125:1736:b549:ab2e] has joined #bitcoin-wizards		14:58
-!- SubCreative [~SubCreati@2601:601:400:1f04:9125:1736:b549:ab2e] has quit [Changing host]		14:58
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has joined #bitcoin-wizards		14:58
-!- Xh1pher [~Xh1pher@pD9E3A97A.dip0.t-ipconnect.de] has quit [Read error: Connection reset by peer]		15:04
-!- drwin_ [~drwin@88-103-255-166.jes.cz] has quit []		15:04
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 256 seconds]		15:05
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has quit [Read error: Connection timed out]		15:25
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has joined #bitcoin-wizards		15:26
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards		15:33
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 256 seconds]		15:35
-!- dEBRUYNE_ [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards		15:58
-!- eudoxia [~eudoxia@r186-54-146-25.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards		16:10
-!- prodatalab [~prodatala@2601:6c4:200:d4e0:1e4:702:bd2d:1f6] has joined #bitcoin-wizards		16:13
-!- jtimon [~quassel@69.29.134.37.dynamic.jazztel.es] has joined #bitcoin-wizards		16:18
-!- shen_noe [~shen_noe@173-165-135-246-utah.hfc.comcastbusiness.net] has joined #bitcoin-wizards		16:40
-!- midnightmadness [~tom@d154-5-183-203.bchsia.telus.net] has joined #bitcoin-wizards		16:52
shen_noe	had a (possibly bad) idea for a modification of Confidential Transactions to cryptonote which could use some feedback:	16:57
shen_noe	In original CT we have: If the author of a transaction takes care in picking their blinding	16:58
shen_noe	factors so that they add up correctly, then the network can still verify	16:58
shen_noe	the transaction by checking that its commitments add up to zero:	16:58
shen_noe	what if we change this to check that the blinding factors don't add exactly to zero, but rather the sum of inputs and outputs commitments leaves zG	16:58
shen_noe	so sum of input commitments - output commitments is a commitment to zero	16:59
shen_noe	secret key only known to the sender	16:59
shen_noe	now, take a ring signature over C_1, ..., C_s, ..., C_n where C_i are possible input commitments taken ad-hoc from blockchain	16:59
shen_noe	C_s being the one belonging to signature	16:59
shen_noe	actually a ring sig over C_1 - outputs, ..., C_s - outputs, ..., C_n - outputs	17:00
shen_noe	so sender can prove that 1/n of these is a commitment to zero	17:00
shen_noe	(the LLW ring sig's are nice for this purpose)	17:00
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 276 seconds]		17:01
shen_noe	after this, proceed as in normal CT (proving outputs are commitments to positive values), using boromean sigs if that helps,, etc	17:01
shen_noe	thoughts?	17:02
shen_noe	*C_s being the one belonging to the "signer"	17:04
andytoshi	shen_noe: i'm not quite sure what you gain here .. you need that every `inputs - outputs` is zero, so proving that 1/n of them are seems like it'd just be wasteful	17:12
MRL-Relay	[shen] andytoshi, I want to prove that 1/n of inputs - outputs is a commitment to zero	17:13
MRL-Relay	[shen] to not reveal which input index belongs to me	17:13
andytoshi	oh, i see 1/n of inputs	17:13
andytoshi	i guess, you are combining this with monero's usual ringsigs..	17:15
shen_noe	yeah, or the LLW that you guys used (which are more efficient)	17:15
andytoshi	and what it gets you is that you can ring-sign with arbitrary input sets, and not care about their sizes	17:15
shen_noe	and hide amounts better than currentlyy	17:15
-!- hashtag [~hashtag@cpe-69-23-213-3.ma.res.rr.com] has quit [Ping timeout: 246 seconds]		17:15
andytoshi	yeah, the exact scheme is not so important, what i'm trying to get is the high-level .. you have (a) a ringsignature over several inputs which proves you own one of them, (b) a "ring-CT proof" that one of these inputs is the right size	17:16
shen_noe	yeah	17:17
andytoshi	so, you need to link these two signatures somehow to make sure the input you're spending and the input whose value you're using are the same one	17:17
andytoshi	but i'd guess this is easy once you write out the algebra	17:17
andytoshi	but off the top of my head i'm not certain how	17:17
andytoshi	or maybe the original ring signature is not important actually..	17:18
shen_noe	so you need to link the two sigs: I think you can include all the original C_in's so a verifier can recreate the original sig themselves	17:19
shen_noe	(maybe?)	17:19
andytoshi	you use the delta from 0 in the `input - outputs` as your verification key	17:19
shen_noe	yeah	17:19
andytoshi	then if you are able to prove that `input - outputs == 0` this also proves you own the input	17:19
andytoshi	(i think)	17:19
shen_noe	so in language of CT paper, (x+z)G + aH = y1G + b1H + y2G + b2H	17:19
shen_noe	where x+z = y1+y2	17:20
shen_noe	and a = b1+b2	17:20
andytoshi	yeah	17:20
shen_noe	then z is sk	17:20
andytoshi	yeah	17:20
-!- gielbier [~giel@f142219.upc-f.chello.nl] has quit [Ping timeout: 256 seconds]		17:20
andytoshi	so, let's think how this would work for a one-input-one-output tx, with a ringsize of one	17:22
andytoshi	so there is no ring sig magic here, i'm just trying to figure out when/how the pubkey is determined	17:23
-!- gielbier [~giel@f142219.upc-f.chello.nl] has joined #bitcoin-wizards		17:23
andytoshi	with the current CT setup you've got something like an output value of `rG + vH` where r is secret and v is the hidden value	17:23
shen_noe	ok, so above equation I guess becomes (x+z)G + aH = xG + aH	17:23
andytoshi	yeah, sure, let's use your notatin	17:24
andytoshi	the output is (x + z)G + aH? z is the key, a is the value, what is x?	17:24
shen_noe	x + z = y is constructed as an equation of blinding factors	17:25
shen_noe	oh no y	17:25
andytoshi	ok i think you don't need both x and z	17:25
andytoshi	oh, no, you do, cuz you have to reveal zG at some point here	17:26
andytoshi	which if z was the only blinding factor, would reveal a	17:26
andytoshi	so my question is: what is the output? a value commitment (x + z)G + aH as well as a verification key zG?	17:27
shen_noe	output is yeah, yG + aH, where a is the sent amount, y is blinding factor	17:28
andytoshi	kk gotcha	17:28
shen_noe	so let's see (x + z)G + aH - yG + aH = zG	17:28
shen_noe	if z = y	17:29
shen_noe	and presumably you know log_G zG	17:29
andytoshi	if x = y you mean	17:29
shen_noe	since you made it	17:29
shen_noe	yes	17:29
shen_noe	(sorry been up late)	17:29
andytoshi	np	17:29
shen_noe	so if x = y, then (x + z)G + aH - yG - aH = zG	17:30
shen_noe	now, you know log_G zG, so you can sign make a signaturre from the above difference	17:30
andytoshi	yeah, understood	17:31
andytoshi	can you remind me what normally happens? basically z = 0 in that case	17:31
shen_noe	normally, z = 0, so it's more like xG + aH - yG - aH = 0 if x = y	17:31
andytoshi	oh, never mind, i'm being silly	17:31
shen_noe	the network verfies it's actually "is" zero	17:32
shen_noe	rather than commitment to zero	17:32
andytoshi	i was like "how do you prove you know the input" but that's not the commitment-proof's job in the original system	17:32
shen_noe	sure	17:32
shen_noe	:P	17:32
andytoshi	kk so now i need to think for a few mins about if you can game this somehow .. i guess not if zG is in the output and can't be changed	17:33
shen_noe	greatly appreciated	17:33
andytoshi	ok, so i think i can choose {z, zG} then spend any output like this by taking the input point and adding zG to it to get my output point	17:34
-!- dEBRUYNE_ [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has quit [Read error: Connection reset by peer]		17:34
andytoshi	so i don't actually know x or a in this case	17:34
shen_noe	hmm, let's see how that would work	17:35
shen_noe	so C_in is chosen arbitrarilyy	17:35
shen_noe	you don't know C_in = xG + aH (you don't know x or a)	17:35
shen_noe	so zG + C_in - C_out = zG if C_in = C_out	17:36
andytoshi	(i'll let you work thru this, meanwhile i think i have a fix, tho it's a little bigger than a single sig)	17:36
shen_noe	is that what you mean?	17:36
andytoshi	yes	17:36
shen_noe	so basically you can send funds back to their outputs?	17:36
shen_noe	I mean inputs	17:36
andytoshi	hmmm, maybe that's all this wolud do..	17:37
shen_noe	it still might cause a problem somehow	17:37
andytoshi	is zG part of the output that's being spent? or is the idea is it's only computed as C_in - C_out?	17:38
shen_noe	so I'm thinking the input you know is xG + aH, then you decompose x into x = z + y	17:39
shen_noe	and then use y = sum outputs blinding factors	17:39
shen_noe	and z is sk	17:39
andytoshi	understood	17:40
andytoshi	my question is whether z is forced by the output that you're spending	17:40
andytoshi	i think the answer should be yes	17:41
andytoshi	like, what i'm saying is the output will be {C_in, zG}	17:41
shen_noe	it seems like it's forced not by output, but by the blinding factors you pick	17:41
andytoshi	ok, so the output is only C_in?	17:41
shen_noe	yeah C_in is something you've received from previous transaction	17:42
andytoshi	then i can choose C_in from an arbitary output, choose z randomly, and produce a tx whose output is C_out = C_in + zG	17:42
andytoshi	now i know z and can sign anything with it	17:42
andytoshi	i think putting zG in the output fixes this	17:43
shen_noe	lets see	17:43
shen_noe	C_in = xG + aH, C_out = xG + aH + zG	17:43
shen_noe	then C_in - C_out = -zG	17:43
andytoshi	..right, and then i know -z and can sign for that	17:44
shen_noe	so you can find z, then you can send funds to C_in + zG	17:44
shen_noe	let's see	17:45
shen_noe	what about the range proof in this case?	17:45
andytoshi	there should've been a range proof attached to C_in right?	17:45
andytoshi	i just copy that	17:45
shen_noe	now it's a range proof for C_in + zG though	17:45
andytoshi	oh hmm	17:45
shen_noe	does it still work the same?	17:46
shen_noe	(this is extremely helpful btw thx)	17:46
andytoshi	one sec i gotta find the rangeproof writeup to remind myself	17:46
shen_noe	same	17:46
andytoshi	it's about:blank	17:47
andytoshi	lol https://people.xiph.org/~greg/confidential_values.txt	17:47
shen_noe	so it looks something like C_in + z_G == C_1 + C_2 + ... + C_5	17:48
shen_noe	where C_i represent proofs of the binary coefficients of C_in + z_G	17:49
shen_noe	so C_1 proves that first binary coefficient of C_in + z_G is 0 or 1	17:49
andytoshi	yeah, so actually what you do is add zG to one of the C_i's	17:50
shen_noe	so to prove C_1 you have to know either log_G (C_in + z_G) or log_G (C_in + zG - H)	17:50
andytoshi	yup	17:50
andytoshi	so if i have a signature for xG on m, can i mar this into a sig for (x + z)G on m, knowing only z?	17:51
andytoshi	(x is just an arbitrary secret value, it doesn't correspond to anything we've mentioned so far)	17:51
shen_noe	hrm	17:52
andytoshi	one sec,gotta do this on paper..	17:52
shen_noe	yeah	17:52
andytoshi	yeah you totally can for schnorr sigs	17:52
shen_noe	using homomorphic prop?	17:53
andytoshi	yeah, s -> s + zH(m\|\|r), r -> r	17:53
andytoshi	if s = k + xH(m\|\|r) this gives you s' = k + (x + z)H(m\|\|r)	17:53
shen_noe	so that would be like signing with x + z, without knowing x, and only knowing xG	17:54
andytoshi	right	17:54
andytoshi	being unable to do this is -not- a standard security property that i'm aware of, i doubt it holds for any standard sig system	17:54
shen_noe	so how do you sign with (x + z) without knowing (x + z) ?	17:55
andytoshi	oh, wait, i was assuming you had a signature on x	17:55
andytoshi	but obviously you don't, not on your new transaction..	17:55
shen_noe	hrm	17:55
andytoshi	i'm beginning to think this is ok	17:56
shen_noe	my super-caffeinated brain which slept 2 hours thinks its ok	17:56
shen_noe	but that's not usually enough to actually "be" ok	17:56
shen_noe	as my advisor has shown me numerous times	17:57
andytoshi	i do think this is gonna be a bear to argue correctness for	17:57
andytoshi	yeah lol	17:57
andytoshi	ok, my next attack is, maybe you know (x + z) but not x or z..	17:58
andytoshi	i think you can't do this because x is gonna be different for each bit of the range-proof in the output	17:58
shen_noe	yeah, as long as output is not 1H	17:59
shen_noe	also, to show commitmment to zero, you have to know z?	17:59
andytoshi	yeah	17:59
andytoshi	ok, so, you ringsign with (C_i, C_i - H) to proof either 0 or 1, and there are always multiple random C_i's	18:00
andytoshi	-but- i think we can attack this only marring one of them, you do C_1 -> C_1 + zG say	18:01
shen_noe	ok	18:01
andytoshi	now, the remaining C_i's have unchanged so you can keep their part of the rangeproof	18:01
andytoshi	and you set things up so that you know the DL of (C_1 + zG) even tho i don't know z or the DL of C_1	18:02
andytoshi	now you can reproduce that part of the rangeproof	18:02
andytoshi	-but- i think you're screwed now because you have to produce a signature with z on top of this right?	18:02
shen_noe	yeah, at the end you need to sign with z	18:03
andytoshi	ok, i think this is safe actually	18:03
shen_noe	to prove inputs - ouputs = commitment to zero	18:03
andytoshi	cuz you always have to sign with (a) z and (b) z + r, where r is some randomness from the input's rangeproof	18:03
andytoshi	you don't know r unless you own the output, so you can't do both unless you own the output	18:04
shen_noe	..yes	18:05
shen_noe	I think that's right	18:05
andytoshi	oh, but now have we broken the value proofs?	18:06
andytoshi	like, can you go spending with outputs > inputs?	18:06
andytoshi	(i think) the answers is no, as long as nobody knows the DL of your generators	18:07
shen_noe	I was hoping the value proofs were pretty much the same as in CT	18:07
shen_noe	so.. I think outputs = inputs is guaranteed by commitment to zero of the original summation	18:08
-!- gmaxwell [greg@wikimedia/KatWalsh/x-0001] has joined #bitcoin-wizards		18:08
shen_noe	and then value proofs are just to prove C_out has aH with a in the right range	18:09
andytoshi	i think you're right	18:10
shen_noe	gmaxwell invented ct also: so I was thinking of modifying the summation equation (In1 + In2 + In3 + plaintext_input_amount*H...) -	18:11
shen_noe	(Out1 + Out2 + Out3 + ... fees*H) == 0.	18:11
shen_noe	to be instead a commitment to zero	18:12
shen_noe	now take a ring sig over (C_1 - \sum outputs, ..., C_s - \sum outputs, ..., C_n - \sum outputs)	18:12
shen_noe	where s is secret index	18:13
-!- zooko [~user@2602:306:ccd3:2710:fc20:c4dc:4dcf:4186] has joined #bitcoin-wizards		18:13
andytoshi	shen_noe: i think 100% of CT was gmaxwell and adam3us, i had nothing to do with it	18:13
shen_noe	ahh i see I saw your name on the boromean paper	18:13
gmaxwell	shen_noe: adam proposed in his original thread that showing knowedlge of the discrete log of the blinding factor as a replacement for the normal signature (so long as you don't mind losing all the useful script properties)	18:13
andytoshi	yeah, i wrote the paper but all i invented was the time travel stuff	18:13
andytoshi	which was purely an explanatory device	18:13
shen_noe	gmaxwell, ahh nice	18:13
shen_noe	I've just seen your writeup of it actually	18:14
gmaxwell	shen_noe: but if I send you coins I also know your blinding factors, so the send is not a payment (as I can claw the funds back) unless we use an interactive proptocol to have you generate the blinded coins.	18:14
gmaxwell	(and their range proofs, etc)	18:15
andytoshi	oh, i see it now, yeah, you can't hide z from the payee without interaction .. dammit	18:15
shen_noe	oh i see... hmm yes sender would know the receivers blinding factors obviously	18:15
gmaxwell	so it didn't really seem like a big gain, also since the rangeproofs can often be omitted.	18:15
andytoshi	well, the gain was really for monero, so you could ringsign over inputs of varying values	18:16
shen_noe	the reason I was considering this, is if you modify for CryptoNote, then you need someway tto hide the input index	18:16
shen_noe	yeah	18:16
gmaxwell	Adam actually had a proposal to for a ringsig version, but I'm not sure if it was complete or correct.	18:17
shen_noe	would love to see that.. hmm	18:17
shen_noe	do you remember how many steps in the interactive protocol?	18:17
gmaxwell	I think the ringsig is not very exciting though since coninjoin works so will with the CT approach... and the ringsig has other costs.	18:17
-!- hashtag [~hashtag@cpe-69-23-213-3.ma.res.rr.com] has joined #bitcoin-wizards		18:18
shen_noe	i.e. most sigma protocols (3 steps) can be made non-interactive	18:18
andytoshi	shen_noe: it won't be a sigma protocol, here both parties need knowledge of secret data	18:18
gmaxwell	shen_noe: it requires interaction because the reciever needs to have a secret.	18:18
shen_noe	yeah, it was more of a thought exercise, since the size with ring sigs included makes it fairly large	18:18
shen_noe	I see, so something like receiver passing you their blinding factor	18:19
-!- zooko [~user@2602:306:ccd3:2710:fc20:c4dc:4dcf:4186] has quit [Ping timeout: 248 seconds]		18:20
gmaxwell	shen_noe: they can't do that or you can spend their coins. Rather the reciever has to create two outputs and their range proofs and tell you their blinding factor sum and value sum.	18:20
shen_noe	I wonder if you could "key-image" outputs	18:20
-!- jtimon [~quassel@69.29.134.37.dynamic.jazztel.es] has quit [Ping timeout: 264 seconds]		18:20
shen_noe	and then since change-addresses are one-time keys...	18:20
-!- eudoxia [~eudoxia@r186-54-146-25.dialup.adsl.anteldata.net.uy] has quit [Quit: Leaving]		18:20
gmaxwell	then you can create a transaction which includes their outputs where only you know the discrete log of the sum of the blinding factors.	18:20
andytoshi	shen_noe: yeah, the LWW paper has a really generic way of making key images, you just have another generator H, then the key image of xG is xH, and you provide a proof-of-equal-discrete-logs	18:20
andytoshi	or ring-proof-of-equal-discrete-logs or whatever	18:21
shen_noe	andytoshi, I'll have to read that more carefully	18:22
gmaxwell	(but then you get into problems where you have to prohibit spending those two coins in the same transaction and other stupidity.)	18:22
shen_noe	so.. maybe it would work, with some caveats on how you spend coins..	18:23
CodeShark	are many of the insights in partially homomorphic crypto using the discrete log problem applicable to lattice-based crypto?	18:23
gmaxwell	and interaction on send.	18:23
shen_noe	like all oupts are otk's by force, and can be spent once	18:24
andytoshi	CodeShark: i don't -think- so	18:24
-!- jgarzik_ [~jgarzik@104-178-201-106.lightspeed.tukrga.sbcglobal.net] has joined #bitcoin-wizards		18:25
andytoshi	CodeShark: lattice crypto is about having a secret basis in which matrices can be efficiently manipulated in sorta ad-hoc ways, i'm not aware of something similar to this "have two generators so given aG + bH nobody can know its discrete log"	18:25
gmaxwell	shen_noe: double spending is not an issue there; the problem is the symmetry of the reciever and the senders knoweldge. It can be broken, with a cost, but the benefit is pretty small.	18:26
CodeShark	my understanding (which admittedly isn't as good as I would like) is that lattice based homomorphic encryption is based on ideals	18:26
-!- jgarzik_ [~jgarzik@104-178-201-106.lightspeed.tukrga.sbcglobal.net] has quit [Client Quit]		18:26
CodeShark	as in ideals of rings	18:27
shen_noe	gmaxwell, right, I was momentarily confused - so makes the transaction with the coins first wins	18:27
CodeShark	but I really need to read up more :p	18:27
andytoshi	CodeShark: oh, i'm only dimly aware of that side of the literature	18:27
andytoshi	if you have any intuitions they probably trump mine	18:27
-!- gmaxwell [greg@wikimedia/KatWalsh/x-0001] has left #bitcoin-wizards []		18:28
* CodeShark pulls out his old algebraic geometry texts :)		18:28
-!- midnightmadness [~tom@d154-5-183-203.bchsia.telus.net] has quit [Remote host closed the connection]		18:32
shen_noe	so maybe it would need a "coins" received function where receiver scans blockchain and when they find their coins, send it to a new address.. I'm not sure what that implies	18:32
shen_noe	andytoshi thx for feedback	18:33
andytoshi	np shen_noe	18:33
andytoshi	but i think now the complexity is not worth it	18:33
andytoshi	interaction is pretty much a dealbreaker	18:33
shen_noe	yeah: there is a much simpler method (but not as good) which already works in monero actually	18:33
shen_noe	just split up your amount into like n = n_1 + n_2 + ... + n_m	18:34
shen_noe	and the cardinality of possiblities is 2^m	18:34
shen_noe	(since one-time keys for change addresses and receive addresses)	18:35
shen_noe	although I think you could get away with not full interaction: receiver only interacts by scanning blockchain and "accepting" their transaction	18:36
shen_noe	by sending it to a new address they control	18:36
shen_noe	with new blinding factors	18:37
andytoshi	i see what you're saying, yeah, that works	18:37
shen_noe	so it's open to chargebacks until the receiver decides they want it	18:37
andytoshi	i think	18:37
shen_noe	and (unless other problems) it costs an additional transaction fee	18:38
shen_noe	in any case, gotta run	18:39
-!- shen_noe [~shen_noe@173-165-135-246-utah.hfc.comcastbusiness.net] has quit [Quit: quitquitquit]		18:39
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds]		18:44
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has quit [Disconnected by services]		18:55
-!- Dr-G2 [~Dr-G@x4d08da17.dyn.telefonica.de] has joined #bitcoin-wizards		18:55
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards		19:24
-!- OneFixt [~OneFixt@unaffiliated/onefixt] has quit [Remote host closed the connection]		19:28
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has joined #bitcoin-wizards		19:28
-!- OneFixt [~OneFixt@unaffiliated/onefixt] has joined #bitcoin-wizards		19:29
-!- M-_mis [mistake__m@gateway/shell/matrix.org/x-mywutvpmtakghecb] has quit [Remote host closed the connection]		19:50
-!- MatrixBridge [matrixirc@gateway/shell/matrix.org/x-yeyjybbksbqjeoki] has quit [Remote host closed the connection]		19:50
-!- MatrixBridge [matrixirc@gateway/shell/matrix.org/x-ppbdqbcrjapyujex] has joined #bitcoin-wizards		19:54
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 246 seconds]		19:55
-!- MatrixBridge is now known as 5EXABJ6GG		19:55
-!- MatrixBridge [matrixirc@gateway/shell/matrix.org/x-gngdpbityeshsnky] has joined #bitcoin-wizards		19:55
-!- MatrixBridge [matrixirc@gateway/shell/matrix.org/x-gngdpbityeshsnky] has quit [Remote host closed the connection]		19:55
-!- prodatalab [~prodatala@2601:6c4:200:d4e0:1e4:702:bd2d:1f6] has quit [Ping timeout: 248 seconds]		20:03
-!- hashtag [~hashtag@cpe-69-23-213-3.ma.res.rr.com] has quit [Ping timeout: 244 seconds]		20:07
-!- thrasher` [~thrasher@unaffiliated/thrasher/x-7291870] has quit [Ping timeout: 255 seconds]		20:16
-!- thrasher` [~thrasher@ec2-54-66-203-250.ap-southeast-2.compute.amazonaws.com] has joined #bitcoin-wizards		20:19
-!- getplank [~getplank@cpe-74-71-180-161.nyc.res.rr.com] has joined #bitcoin-wizards		20:23
-!- getplank [~getplank@cpe-74-71-180-161.nyc.res.rr.com] has quit [Client Quit]		20:27
-!- getplank [~getplank@cpe-74-71-180-161.nyc.res.rr.com] has joined #bitcoin-wizards		20:32
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services]		20:35
-!- [7] [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards		20:35
-!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has quit [Quit: Leaving.]		20:42
-!- amiller [~socrates1@unaffiliated/socrates1024] has quit [Excess Flood]		20:45
-!- p15 [~p15@93.186.169.199] has joined #bitcoin-wizards		20:46
-!- Guest30532 [~socrates1@li175-104.members.linode.com] has joined #bitcoin-wizards		20:46
-!- getplank [~getplank@cpe-74-71-180-161.nyc.res.rr.com] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]		21:07
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has joined #bitcoin-wizards		21:10
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		21:10
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 252 seconds]		21:26
-!- Zooko-phone [~androirc@c-73-202-109-21.hsd1.ca.comcast.net] has joined #bitcoin-wizards		21:30
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving]		21:41
-!- p15_ [~p15@93.186.169.212] has joined #bitcoin-wizards		21:54
-!- p15 [~p15@93.186.169.199] has quit [Ping timeout: 250 seconds]		21:55
-!- getplank [~getplank@cpe-74-71-180-161.nyc.res.rr.com] has joined #bitcoin-wizards		21:57
-!- getplank [~getplank@cpe-74-71-180-161.nyc.res.rr.com] has quit [Client Quit]		22:01
-!- hashtag [~hashtag@cpe-69-23-213-3.ma.res.rr.com] has joined #bitcoin-wizards		22:03
-!- hashtag [~hashtag@cpe-69-23-213-3.ma.res.rr.com] has quit [Ping timeout: 248 seconds]		22:07
-!- MrTratta [~MrTratta@2-228-102-98.ip191.fastwebnet.it] has quit [Ping timeout: 272 seconds]		22:11
-!- prodatalab [~prodatala@2601:6c4:200:d4e0:49e:59fd:b28a:eafa] has joined #bitcoin-wizards		22:14
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has quit [Quit: This computer has gone to sleep]		22:29
-!- gmaxwell [greg@wikimedia/KatWalsh/x-0001] has joined #bitcoin-wizards		22:36
gmaxwell	https://github.com/scipr-lab/libsnark/commits/master < got code for sha256 15 days ago	22:36
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards		22:37
-!- arubi_ [~ese168@unaffiliated/arubi] has quit [Quit: Leaving]		22:42
-!- cosmo [~james@unaffiliated/cosmo] has quit [Ping timeout: 252 seconds]		22:49
-!- bi_fa_fu [~E@65.113.88.100] has quit []		22:51
CodeShark	so you can compress many levels of sha256 into a single proof whose size does not depend on the number of levels in a tree?	22:51
CodeShark	oh very cool	22:54
-!- Xh1pher [~Xh1pher@pD9E3A97A.dip0.t-ipconnect.de] has joined #bitcoin-wizards		22:54
CodeShark	so it's an optimized "gadget" within an NP-complete language	22:55
Luke-Jr	hm! is it possible, I wonder, to design a PoW that must be performed in a SNARK? <.<	22:56
-!- d1ggy [~d1ggy@p20030057E7177926B5D367921D5726A6.dip0.t-ipconnect.de] has joined #bitcoin-wizards		22:56
CodeShark	creating the proof is expensive - but in principle verification could be made much simpler than just brute force hashing	22:57
CodeShark	that's why the NP-complete part :p	22:58
-!- d1ggy_ [~d1ggy@p20030057E71779409885E2CF83005408.dip0.t-ipconnect.de] has quit [Ping timeout: 256 seconds]		22:59
Luke-Jr	right, I'm wondering this as a way to prevent block withholding on even p2pool	22:59
CodeShark	substitute "in practice" for "in principle" :)	22:59
gmaxwell	Luke-Jr: you've asked this before. The answer is no.	22:59
-!- Guest30532 [~socrates1@li175-104.members.linode.com] has quit [Changing host]		22:59
-!- Guest30532 [~socrates1@unaffiliated/socrates1024] has joined #bitcoin-wizards		22:59
-!- Guest30532 is now known as amiller		22:59
Luke-Jr	:\|	23:00
gmaxwell	CodeShark: yes, you can, so long as you're willing to take on a whole host of new strong cryptographic assumptions; and a long (like 30 seconds to minutes) proving time. And verification that runs on the order of 200 proofs per second.	23:01
-!- p15x [~p15x@123.118.89.114] has joined #bitcoin-wizards		23:01
CodeShark	it's based on paired crypto?	23:02
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 248 seconds]		23:02
gmaxwell	_pairing_ crypto; though it has many more assuptions than just the hardness of discrete logs in bilinar groups and the normal stuff for most pairing crypto.	23:02
CodeShark	pairing crypto, yes. that's what I meant :)	23:03
gmaxwell	(I'm not dissing the approach I think it's just important to keep in mind Magic's Price)	23:04
CodeShark	are the other assumptions largely surrounding statistical vs. computational zero knowledge?	23:04
gmaxwell	no, absolutely not.	23:04
CodeShark	so all these approaches don't assume anything more than computional zk, right?	23:05
gmaxwell	(well the non-falsifyable one is)	23:05
CodeShark	or specifically, this library	23:05
gmaxwell	CodeShark: the ZK in this is perfect. The soundness is computational.	23:05
CodeShark	ok, got it	23:05
gmaxwell	No succinect proof system for genral NP can have better than computational security in any case (owing to a counting argument).	23:05
gmaxwell	(er better than computational security for soundness)	23:06
CodeShark	right...	23:06
gmaxwell	but I'm not talking just about the hardness, I mean there are new strong assumptions; e.g. that certant functions cannot be efficiently computed; for which no proof currently exists that reduces them to an existing prior known strong assumption. (like the hardness of the computational discrete log problem in a bilinear group). They sound plausable and fortunately its an interesting enough area t	23:07
gmaxwell	hat people are actually working on breaking them and such.	23:07
CodeShark	so what are the other big assumptions with bilinear group stuff?	23:08
CodeShark	besides difficulty of discrete log, of course	23:08
CodeShark	oh, hmm	23:11
CodeShark	nvm, I was late on the keyboard :p	23:11
gmaxwell	The papers go over them, though unless you're a current postdoc in that subfield you'll probably (like me) mostly just shrug at them. :)	23:13
-!- www1 [~v3@x5ce1bf95.dyn.telefonica.de] has quit [Ping timeout: 244 seconds]		23:14
CodeShark	this whole zkSNARK thing does seem too good to be true...so yeah, there's a price for that magic	23:16
gmaxwell	CodeShark: one of them is that it has trusted setup.	23:16
CodeShark	is there no known way around that still?	23:16
gmaxwell	There are proposals to potentially use multiparty computation for it, so the trusted setup gets some threshold security.	23:17
-!- mjerr [~mjerr@p578EAB34.dip0.t-ipconnect.de] has joined #bitcoin-wizards		23:17
gmaxwell	People are also working on other schemes for NP proofs with a totally different cryptographic basis which won't have that problem; but their proofs will be less efficient.	23:18
CodeShark	less efficient for the prover? the verifier? or both?	23:18
gmaxwell	Less space efficient. They may well be faster to verify.	23:19
-!- p15_ [~p15@93.186.169.212] has quit [Ping timeout: 255 seconds]		23:20
CodeShark	by totally different cryptographic basis you're referring to something other than bilinear crypto or pairing crypto?	23:20
gmaxwell	right	23:21
-!- p15x [~p15x@123.118.89.114] has quit [Ping timeout: 264 seconds]		23:21
-!- drwin [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards		23:22
CodeShark	but still using discrete log? or LWE or something else?	23:22
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards		23:22
-!- p15x [~p15x@123.118.90.213] has joined #bitcoin-wizards		23:26
gmaxwell	No; likely using using just random oracle assumptions.	23:26
gmaxwell	PCP theorem plus fiat shamir tell us that at least in principle there are efficient computationally sound, statstically private proof systems for NP; that have no strong assumptions except the RO used for the fiat shamir. Though making them pratical is hard.	23:27
gmaxwell	(as the most direct routes require you to e.g. build a hashtree over a set of bits with substantially more entries than atoms in the universe)	23:28
gmaxwell	andytoshi: do you see any obvious way to do an _efficient_ proof of polysig equivilence. E.g. say there is a set of keys for a polysig, and some unknown permutation, and I want to prove to you that a given polysig series corresponds to that set without revealing the permutation?	23:41
-!- spinza [~spin@197.83.246.196] has quit [Excess Flood]		23:41
-!- spinza [~spin@197.83.246.196] has joined #bitcoin-wizards		23:41
-!- p15x [~p15x@123.118.90.213] has quit [Ping timeout: 252 seconds]		23:48
-!- p15x [~p15x@111.193.176.183] has joined #bitcoin-wizards		23:48
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]		23:53
-!- arubi_ [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards		23:58
--- Log closed Sun Jun 28 00:00:54 2015

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!