2015-07-05.log

--- Log opened Sun Jul 05 00:00:01 2015
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards00:00
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards00:03
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has joined #bitcoin-wizards00:20
-!- p15x_ [~p15x@111.193.190.75] has joined #bitcoin-wizards00:22
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has quit [Quit: sparetire_]00:24
-!- p15x [~p15x@64.145.91.48] has quit [Ping timeout: 265 seconds]00:25
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 264 seconds]00:30
-!- erasmosp_ [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has quit [Remote host closed the connection]00:30
-!- sy5error [~sy5error@unaffiliated/sy5error] has quit [Remote host closed the connection]00:36
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]00:42
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 246 seconds]01:00
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards01:03
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards01:19
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards01:20
-!- drwin [~drwin@88-103-255-166.jes.cz] has joined #bitcoin-wizards01:23
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]01:28
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards01:52
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]01:59
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Remote host closed the connection]02:01
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards02:02
-!- arubi_ [~ese168@unaffiliated/arubi] has quit [Quit: Leaving]02:02
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards02:05
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has quit [Ping timeout: 264 seconds]02:20
-!- bosma is now known as superkai6402:25
-!- superkai64 is now known as bosma02:25
-!- wallet42 [~wallet42@185.4.41.147] has quit [Quit: Leaving.]02:28
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]02:42
-!- p15x_ [~p15x@111.193.190.75] has quit [Max SendQ exceeded]02:45
-!- p15x [~p15x@64.145.91.60] has joined #bitcoin-wizards02:46
-!- p15x_ [~p15x@64.145.91.75] has joined #bitcoin-wizards02:49
-!- p15x [~p15x@64.145.91.60] has quit [Ping timeout: 252 seconds]02:51
-!- justanotheruser [~Justan@unaffiliated/justanotheruser] has joined #bitcoin-wizards02:53
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards02:59
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds]03:01
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has quit []03:02
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has joined #bitcoin-wizards03:07
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards03:08
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has quit [Max SendQ exceeded]03:08
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has joined #bitcoin-wizards03:09
-!- bedeho2 is now known as bedeho03:10
CodeShark_So is the revocation mechanism you're referring to something else, gmaxwell?03:10
gmaxwellno thats it, it wasn't clear to me that you were aware of it.. the point being you can do lots of transfers and revocations without any transactions.03:11
gmaxwelljust one transaction to open at the beginning and one close the channel at the end.03:12
gmaxwell(well or two to close on a timeout close.)03:12
CodeShark_Right...the part that's still a little annoying is the need to watch the blockchain and act within a particular timeframe or lose your money03:13
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards03:14
CodeShark_that's probably the single greatest complication03:18
CodeShark_if we could find a way around this it would make the idea potentially much more viable03:23
CodeShark_I was pondering hypothetical schemes where it would be the noncooperating party responsible for this rather than the cooperative party03:29
CodeShark_But you ultimately run into the retroactive invalidation issue...03:30
-!- jtimon [~quassel@69.29.134.37.dynamic.jazztel.es] has joined #bitcoin-wizards03:32
CodeShark_so poon-dryja "solve" this...but only at the cost of forcing the cooperative party to actively fight this03:32
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat]03:36
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]03:38
nshi think there's a kind of conservation at play. you can't gain efficiency and maintain trustworthiness without requiring attention/vigilance03:47
CodeShark_Yes, that might in fact be the case03:47
nshit reduces ultimately to ordering relations, and if you want to have a stake in the correctness of ordering, then you have to be willing to act within the granularity of network time03:48
nshwhich is blocktime03:48
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards03:49
CodeShark_I guess the next best thing is delegating this task to others (potentially for a fee)03:50
nshoffering that option while maintaining the flexibility for people to invest their own resources rather than delegate trust is optimal afaic03:51
nshbut there is clearly some... ideological divergence of position in this respect03:51
-!- orperelman [~orperelma@bzq-109-67-207-175.red.bezeqint.net] has joined #bitcoin-wizards03:53
CodeShark_the purist trustless perspective would insist that everyone be forever vigilant. But in the real world people delegate this stuff all the time - it's why we have lawyers and representatives in government, etc...03:53
nshright03:55
nshthe issue isn't that we must avoid trust. the issue is that trust concretes and that authority tends towards corruption03:55
nshso allowing for the bypassing of actors that have successfully carved themselves an indelible niches that allows for rent-seeking behaviour [and worse] is nice03:56
nshit incentivizes new actors coming in and finding nominally-less-parasitical ways to interpose for the convenience of the hoi-polloi03:57
nsh*niche03:57
CodeShark_right - so having the option to represent yourself without bureaucracy and corrupt institutions is great. But in practical terms not everyone will necessarily be capable of doing it themselves03:58
nshbut it's nice to allow for competition in the space of intermediaries03:58
CodeShark_Right, absolutely03:58
nshwhich regular capitalism does better in principle than practice03:58
nshbecause of the accretion effect of power03:59
nshand the general brokenness of political systems03:59
nshbut that's another matter :)03:59
nshhow compact are proofs-of-space?04:01
nsh(cc amiller)04:01
CodeShark_It inevitably becomes political when we're talking either about rule changes or about dispute resolution where either the rules are unclear or we don't have all the facts.04:02
nshspacecoin doesn't give a proof-size that i can see04:03
-!- SDCDev [~quassel@unaffiliated/sdcdev] has quit [Read error: Connection reset by peer]04:03
nshCodeShark_, you can't squeeze the politics out, but you can approach it in a way that minimizes the worse parts of the miasma that tends to accompany politics :)04:04
-!- SDCDev [~quassel@unaffiliated/sdcdev] has joined #bitcoin-wizards04:04
-!- p15x_ [~p15x@64.145.91.75] has quit [Ping timeout: 265 seconds]04:07
-!- erasmospunk [~erasmospu@176.92.61.74] has joined #bitcoin-wizards04:08
CodeShark_It might still be possible to refocus the vigilance.  for instance if it were possible to have expiration with a sufficiently high level of granularity, rather than having to watch the blockchain and react, you'd instead only need to watch the counterparty04:09
-!- erasmosp_ [~erasmospu@179.43.156.98] has joined #bitcoin-wizards04:10
CodeShark_or at least you could reduce the number of outputs you're looking for04:11
* nsh nods04:11
-!- wallet42 [~wallet42@185.4.41.147] has joined #bitcoin-wizards04:12
-!- dEBRUYNE_ [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards04:12
-!- erasmospunk [~erasmospu@176.92.61.74] has quit [Ping timeout: 244 seconds]04:12
nshtromp_ / amiller / andytoshi / gmaxwell: is there a good high-level overview of proof-of-space algorithms and their security basis? friend is investigating namecoiny applications involving additional commitments to space-hard work in identifier claiming/updating txes04:13
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]04:25
-!- spinza [~spin@197.89.10.176] has quit [Ping timeout: 244 seconds]04:28
-!- p15x [~p15x@64.145.91.58] has joined #bitcoin-wizards04:56
-!- belcher [~belcher-s@unaffiliated/belcher] has joined #bitcoin-wizards05:04
-!- spinza [~spin@197.89.186.249] has joined #bitcoin-wizards05:21
-!- nullbyte [NSA@gateway/vpn/mullvad/x-kbszivkytihirbvx] has quit [Ping timeout: 255 seconds]05:39
-!- nullbyte [NSA@gateway/vpn/mullvad/x-qywjseuybrysyogn] has joined #bitcoin-wizards05:40
-!- nullbyte [NSA@gateway/vpn/mullvad/x-qywjseuybrysyogn] has quit [Ping timeout: 256 seconds]05:47
-!- merlincorey [merlin@nginx/adept/merlincorey] has quit [Ping timeout: 246 seconds]05:48
-!- nullbyte [NSA@gateway/vpn/mullvad/x-jwmakwkrtwvkcusv] has joined #bitcoin-wizards05:49
-!- jae [~jae@2601:645:c001:263a:a110:f114:b3e0:ba50] has joined #bitcoin-wizards05:54
-!- jae is now known as Guest1143405:55
-!- orperelman [~orperelma@bzq-109-67-207-175.red.bezeqint.net] has quit [Ping timeout: 244 seconds]05:55
-!- p15x [~p15x@64.145.91.58] has quit [Ping timeout: 264 seconds]05:59
-!- merlincorey [merlin@69.42.217.140] has joined #bitcoin-wizards06:00
-!- p15x [~p15x@64.145.91.74] has joined #bitcoin-wizards06:03
-!- merlincorey [merlin@69.42.217.140] has quit [Read error: No route to host]06:03
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards06:06
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Ping timeout: 252 seconds]06:10
-!- shesek [~shesek@77.125.92.26] has joined #bitcoin-wizards06:11
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds]06:24
-!- nullbyte [NSA@gateway/vpn/mullvad/x-jwmakwkrtwvkcusv] has quit [Ping timeout: 256 seconds]06:28
-!- nullbyte [NSA@gateway/vpn/mullvad/x-vndyeplqqslffzgl] has joined #bitcoin-wizards06:29
-!- akrmn [~akrmn@55-215-250-178.ftth.cust.kwaoo.net] has quit [Ping timeout: 276 seconds]06:37
-!- theymos [~theymos@unaffiliated/theymos] has quit [Ping timeout: 264 seconds]06:46
-!- theymos [~theymos@unaffiliated/theymos] has joined #bitcoin-wizards06:50
-!- CodeShark_ [~androirc@cpe-76-167-237-202.san.res.rr.com] has quit [Remote host closed the connection]06:55
-!- akrmn [~akrmn@55-215-250-178.ftth.cust.kwaoo.net] has joined #bitcoin-wizards06:59
-!- wallet42 [~wallet42@185.4.41.147] has quit [Quit: Leaving.]07:03
-!- Guest11434 [~jae@2601:645:c001:263a:a110:f114:b3e0:ba50] has quit [Remote host closed the connection]07:03
-!- bedeho [~bedeho@195.159.234.190] has quit [Quit: Nettalk6 - www.ntalk.de]07:05
-!- www [~v3@x5ce13e5c.dyn.telefonica.de] has joined #bitcoin-wizards07:07
-!- p15x_ [~p15x@114.244.152.170] has joined #bitcoin-wizards07:15
-!- p15x [~p15x@64.145.91.74] has quit [Ping timeout: 250 seconds]07:16
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards07:18
-!- shesek [~shesek@77.125.92.26] has quit [Ping timeout: 264 seconds]07:23
-!- shesek [~shesek@77.125.92.26] has joined #bitcoin-wizards07:38
-!- erasmospunk [~erasmospu@176.92.66.240] has joined #bitcoin-wizards07:38
-!- erasmosp_ [~erasmospu@179.43.156.98] has quit [Ping timeout: 252 seconds]07:38
-!- erasmospunk [~erasmospu@176.92.66.240] has quit [Read error: Connection reset by peer]07:39
-!- erasmospunk [~erasmospu@179.43.134.162] has joined #bitcoin-wizards07:39
-!- erasmospunk [~erasmospu@179.43.134.162] has quit [Remote host closed the connection]07:40
-!- asciilifeform [~asciilife@unaffiliated/asciilifeform] has left #bitcoin-wizards ["Leaving"]07:45
-!- bramc [~bram@99-75-88-206.lightspeed.sntcca.sbcglobal.net] has joined #bitcoin-wizards07:51
-!- www1 [~v3@f052068111.adsl.alicedsl.de] has joined #bitcoin-wizards07:52
-!- www [~v3@x5ce13e5c.dyn.telefonica.de] has quit [Ping timeout: 252 seconds]07:54
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards08:01
-!- mjerr [~mjerr@p578EAB34.dip0.t-ipconnect.de] has joined #bitcoin-wizards08:16
-!- p15x [~p15x@64.145.91.35] has joined #bitcoin-wizards08:21
-!- orperelman [~orperelma@bzq-109-67-207-175.red.bezeqint.net] has joined #bitcoin-wizards08:21
-!- c0rw|zZz is now known as c0rw1n08:23
-!- p15x_ [~p15x@114.244.152.170] has quit [Ping timeout: 264 seconds]08:23
-!- davi [~davi@gnu/davi] has quit [Remote host closed the connection]08:24
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-ahclurwxfedpywrn] has joined #bitcoin-wizards08:26
-!- merlincorey [merlin@69.42.217.140] has joined #bitcoin-wizards08:40
-!- CodeShark_ [~androirc@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards08:48
iddonsh: there's academic paper but it's unpublished yet, also proof-of-space cryptocurrency has costless simulation problem08:51
nshis this related to the cycle detection issue?08:56
nshi think some of the newer proposals are based on better assumptions. tromp_'s cuckoo cycles should not be trivially simulatable, nor reductions to pebbling08:57
-!- p15x_ [~p15x@64.145.91.19] has joined #bitcoin-wizards09:02
-!- p15x [~p15x@64.145.91.35] has quit [Ping timeout: 264 seconds]09:03
-!- Starduster [~sd@unaffiliated/starduster] has quit [Ping timeout: 256 seconds]09:10
iddonsh: are you talking about PoW that needs both intensive computations and large memory, or proof-of-space that rewards large storage space without need for CPU ?09:11
iddoi think that you meant the first, there's no costless simulation problem there09:12
nshwell, spacecoin is an example of the latter, and i can't see how you'd simulate it with lower cost than the storage required to do so honestly, except in exponential running time09:12
nshexponential running time is not low cost :)09:13
-!- tucenaber [~tucenaber@unaffiliated/tucenaber] has quit [Ping timeout: 256 seconds]09:17
iddothere's subtle argument that you can outcompete the honest chain if you start at genesis for example, if it's proof-of-space without checkpointing / timestamping to disallow old reorgs09:17
iddohmm i'm not up-to-date, i see that one academic team published spacecoin https://eprint.iacr.org/2015/52809:18
iddoi actually talked with one of the authors last year, the basic construction wasn't so good then (similar problems to ppc/nxt)09:18
* nsh nods09:22
amilleriddo, what problems?09:25
amilleriddo, also is the newest one subject to whatever you have in mind or not?09:26
iddoproblems where it's rational to work on forks that get created concurrently09:29
iddoseems like this paper tries to deal with it by using bonds09:29
nshgmax has a name for that problem, but it evades me temporarily09:31
iddoi.e., some scheme with deposits that incentive to work on one of the forks, not sure yet about it09:31
iddoamiller: the other paper that i had in mind relies on having honest core of miners who are aware of the current time, security breaks if this honest core doesn't exist09:32
iddonsh: nothing-at-stake ? actually it's amiller's name i think09:33
nshah yes09:34
nshand apologies for misattribution09:34
nshso yeah, some kind of fidelity is the usual go-to to prevent hedging across forks09:34
nshbut it seems to be difficult in practice09:34
nshi might be possible to use the block-randomness to instantiate problems across the large file in such a way that it has to be completely rewritten to work on a different fork09:35
nshthat way you have to linear cost in storage to each fork you want to prove stake across09:36
nshs/have to/have/09:36
iddowell there are relevant questions here, if there's fork because two miners created a competing next block, the lucky miner who can create the following block can do it on both forks or only on one?09:39
* nsh nods09:41
nshsome amount of reorg has to be assumed, so you can't be too punitive about it09:41
iddoin ppc it's in both, this variant is better for what it's worth, because it makes it less rational to work on forks due to the risk of divergence into many forks09:42
nshand that may adversely affect consensus convergence09:42
nshin ways that are difficult to anticipate theoretically :/09:42
iddo(by "both" i meant you can create the following block on both forks)09:42
iddonsh: i agree that the ideas of deposits where you may lose you bond are problematic, in fact if you try to look at it formally by considering the state of the system at genesis, it isn't clear how to initialize this process09:45
nshhmm09:46
nshhow do you mean, sorry?09:46
iddothe ethereum guys are trying to do this too, but not proof-of-space09:46
iddonsh: well, you need to post your bond, and this bond needs to be part of the ledger history so that it will be recognized... and then you're allowed to create a block... so it's cyclic reasoning, you need to have the next block and to create the next block ?09:48
-!- c0rw1n is now known as c0rw|away09:50
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has joined #bitcoin-wizards09:52
-!- p15x [~p15x@64.145.91.104] has joined #bitcoin-wizards09:56
-!- p15x_ [~p15x@64.145.91.19] has quit [Ping timeout: 250 seconds]09:56
-!- tucenaber [~tucenaber@unaffiliated/tucenaber] has joined #bitcoin-wizards09:58
-!- Starduster [~sd@unaffiliated/starduster] has joined #bitcoin-wizards09:58
-!- spinza [~spin@197.89.186.249] has quit [Excess Flood]09:59
-!- spinza [~spin@197.89.186.249] has joined #bitcoin-wizards10:08
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has joined #bitcoin-wizards10:10
-!- fanquake [~fanquake@unaffiliated/fanquake] has quit [Quit: Leaving.]10:13
-!- erasmospunk [~erasmospu@81.17.20.98] has joined #bitcoin-wizards10:23
-!- orperelman [~orperelma@bzq-109-67-207-175.red.bezeqint.net] has quit [Ping timeout: 246 seconds]10:31
-!- erasmospunk [~erasmospu@81.17.20.98] has quit [Remote host closed the connection]10:32
-!- erasmospunk [~erasmospu@81.17.20.98] has joined #bitcoin-wizards10:32
-!- www1 [~v3@f052068111.adsl.alicedsl.de] has quit [Ping timeout: 250 seconds]10:34
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has joined #bitcoin-wizards10:47
-!- www [~v3@f052068111.adsl.alicedsl.de] has joined #bitcoin-wizards10:50
-!- [d__d] [~d__d]@ec2-54-85-45-223.compute-1.amazonaws.com] has quit [Remote host closed the connection]10:50
-!- [d__d] [~d__d]@ec2-54-85-45-223.compute-1.amazonaws.com] has joined #bitcoin-wizards10:51
-!- dEBRUYNE_ is now known as dEBRUYNE10:58
-!- nullbyte [NSA@gateway/vpn/mullvad/x-vndyeplqqslffzgl] has quit [Read error: Connection reset by peer]11:09
-!- nullbyte [NSA@gateway/vpn/mullvad/x-ptctwbduhexdjqhz] has joined #bitcoin-wizards11:13
-!- p15x_ [~p15x@64.145.91.122] has joined #bitcoin-wizards11:14
-!- p15x [~p15x@64.145.91.104] has quit [Ping timeout: 252 seconds]11:16
-!- nullbyte [NSA@gateway/vpn/mullvad/x-ptctwbduhexdjqhz] has quit [Ping timeout: 264 seconds]11:23
-!- nullbyte [~NSA@193.138.219.233] has joined #bitcoin-wizards11:24
-!- nullbyte [~NSA@193.138.219.233] has quit [Ping timeout: 252 seconds]11:29
-!- p15x [~p15x@111.193.183.199] has joined #bitcoin-wizards11:30
-!- p15x [~p15x@111.193.183.199] has quit [Read error: Connection reset by peer]11:30
-!- nullbyte [NSA@gateway/vpn/mullvad/x-xwcwcizbjmqoyfrb] has joined #bitcoin-wizards11:31
-!- p15x_ [~p15x@64.145.91.122] has quit [Ping timeout: 255 seconds]11:32
-!- p15x [~p15x@64.145.91.49] has joined #bitcoin-wizards11:33
-!- jae_ [~jae@c-98-234-63-169.hsd1.ca.comcast.net] has joined #bitcoin-wizards11:34
-!- jae_ [~jae@c-98-234-63-169.hsd1.ca.comcast.net] has quit [Remote host closed the connection]11:38
-!- roconnor [~roconnor@e120-pool-d89a7a26.brdbnd.voicenetwork.ca] has joined #bitcoin-wizards11:39
-!- priidu [~priidu@unaffiliated/priidu] has joined #bitcoin-wizards11:43
nshiddo, thanks (sorry was afk)11:47
nshi'm not sure that's necessarily pathological. you can have garden-of-eden configurations in a stable decentralized system11:47
nshe.g. a game of life instance which has a terminating timeline in the backwards direction11:47
iddounique initial config? i don't really see the relevance of this analogy11:49
iddobasically you need to post bond at earlier block, it gets confirmed, and then you become eligible to be a miner, but this "earlier" block condition means you need to describe how to initialize this process11:51
-!- btcdrak [uid52049@gateway/web/irccloud.com/x-qlepkiskztklqxle] has quit [Quit: Connection closed for inactivity]11:51
iddofor example you can have protocol where first blocks after genesis are done with PoW only, that's one way to initialize i guess11:53
-!- mjerr [~mjerr@p578EAB34.dip0.t-ipconnect.de] has quit [Ping timeout: 248 seconds]11:53
nshright11:54
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards11:57
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has quit [Ping timeout: 265 seconds]12:07
iddoagain looking briefly at spacecoin, they seem to avoid rational forks by using much earlier block to control who can mine the current block, which introduces risk of collusion for double-spending attacks12:08
iddoit actually becomes less clear why proof-of-space is needed at all, given the bonds/challenges aspects of this12:12
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Quit: Quitte]12:18
-!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has joined #bitcoin-wizards12:18
-!- ryanxcharles [~ryan@2601:645:8202:4881:3030:39d0:1ef1:39e1] has quit [Ping timeout: 248 seconds]12:25
-!- priidu [~priidu@unaffiliated/priidu] has quit [Ping timeout: 276 seconds]12:31
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has quit [Quit: zoom zoom zoom]12:32
-!- wallet42 [~wallet42@60-227-202-46.pool.ukrtel.net] has joined #bitcoin-wizards12:33
-!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards12:34
-!- p15x_ [~p15x@64.145.91.71] has joined #bitcoin-wizards12:36
-!- vaalbara [~vaalbara@23.94.31.98] has joined #bitcoin-wizards12:36
-!- p15x [~p15x@64.145.91.49] has quit [Ping timeout: 248 seconds]12:37
-!- akrmn [~akrmn@55-215-250-178.ftth.cust.kwaoo.net] has quit [Quit: Leaving.]12:37
-!- akrmn [~akrmn@55-215-250-178.ftth.cust.kwaoo.net] has joined #bitcoin-wizards12:39
-!- wallet42 [~wallet42@60-227-202-46.pool.ukrtel.net] has quit [Quit: Leaving.]12:39
-!- akrmn [~akrmn@55-215-250-178.ftth.cust.kwaoo.net] has quit [Ping timeout: 246 seconds]12:43
-!- vaalbara [~vaalbara@23.94.31.98] has quit [Quit: Leaving]12:44
bramciddo, I have an idea for how to fix the re-mining from genesis block problem. It requires a little bit of bending the rules and a lot of careful engineering and some breaking open of the proof of space though, so I need to read though the construction in the spacecoin paper12:46
bramcUnfortunately the 'obvious' constructions have CPU/space tradeoffs12:46
-!- orperelman [~orperelma@bzq-109-67-207-175.red.bezeqint.net] has joined #bitcoin-wizards12:47
-!- vaalbara [~vaalbara@23.94.31.98] has joined #bitcoin-wizards12:47
-!- andytoshi [~andytoshi@wpsoftware.net] has quit [Ping timeout: 256 seconds]12:49
-!- scoria [~blaze@wpsoftware.net] has quit [Ping timeout: 244 seconds]12:49
-!- jae_ [~jae@204.14.159.153] has joined #bitcoin-wizards12:50
-!- Xh1pher [~Xh1pher@pD9E3A97A.dip0.t-ipconnect.de] has quit [Read error: Connection reset by peer]12:51
-!- akrmn [~akrmn@192.95.51.167] has joined #bitcoin-wizards12:57
-!- vaalbara [~vaalbara@23.94.31.98] has quit [Quit: Leaving]12:58
-!- kmels [~kmels@186.151.61.56] has joined #bitcoin-wizards12:59
-!- vaalbara [~vaalbara@23.94.31.98] has joined #bitcoin-wizards13:00
CodeShark_bramc: hopefully something other than checkpoints :p13:18
bramcCodeShark_ Not checkpoints! Well no more than regular Bitcoin has 'checkpoints' anyway.13:19
iddobramc: costless simulation is an inherent problem... you can see for example section 3 of my paper http://arxiv.org/abs/1406.569413:20
-!- prodatalab [~prodatala@2601:6c4:200:d4e0:516e:dd82:12cd:f300] has quit [Remote host closed the connection]13:22
-!- arubi_ [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards13:22
CodeShark_nice work, iddo :)13:23
iddothanks, but it keeps getting rejected by clueless academic people :)13:24
bramciddo, The trick is to throw in proofs of time13:25
bramcaka proofs of sequential work13:26
iddosequential work? that doesn't sound costless...13:26
bramciddo, You're in good company about having trouble getting published, most of the papers people in this channel find worth discussing have struggled to get publication13:27
bramcsequential work isn't costless, but it need only be done by the one fastest person in the whole network13:27
iddodo you need to re-adjust the difficulty of this work according to how fast the network is?13:29
-!- sy5error [~sy5error@unaffiliated/sy5error] has joined #bitcoin-wizards13:29
-!- UllrSkis [~UllrSkis@c-66-41-201-92.hsd1.mn.comcast.net] has quit [Ping timeout: 264 seconds]13:29
iddothen, an attacker can start from genesis with low difficulty for this work13:29
CodeShark_To be fair, bramc, lots of stuff being published in this space is less than superb...so you do have to know a thing or two about this stuff to recognize the gems13:30
iddoand if you say that the chain with greater cumulative difficulty wins, then it's just PoW based, no?13:30
bramciddo, Yes the speed of proof of time has to be part of the work difficulty reset13:30
amilleri spouted out in the SFdev talk that the cuckoo cycle paper went to Financial Crypto, but it was actually the Bitcoin Workshop (at financial crypto) so the level of review and recognition is much lower13:30
iddobramc: right, so if chain with greater difficulty wins, how is it different than ordinary PoW ?13:32
CodeShark_sounds like at best a hybrid13:32
bramciddo, the difficulty of the proof of space and the proof of time have to be combined for the cumulative difficulty13:32
amillerhybrids like that are complicated to think through :/13:32
bramcIt's different because everybody does their proof of space, then compares to see whose is best, then the proof of time is only done on the best one while everybody else chills out saving power.13:33
bramcamiller, I didn't say it isn't complicated!13:33
amillerhmm. the idea that you compare all the proofs-of-space to see who's best is exactly what's suggested in the spacecoin paper13:33
iddook so you rely on PoW to make it non-costless, so maybe you lose nice properties of proof-of-space claims to have13:33
amillerthat seems weird to me too though, since how do you know you're comparing against the correct set13:33
iddoone supposed nice property is that storage space is ASIC resistant, you cannot manufacture specialized hardware that outperform the common hardware for storage space ?13:35
bramciddo, I think you meant to say rely on proof of time to make it non-costless, and that is sort of true13:35
bramciddo, storage is completely and totally commodity, you can't make something which does it differently and better13:35
iddoyeah, i'm still not exactly sure whats the distinction between proof of time and PoW13:36
bramcAlso there's a meaningful economic argument why storage is different: It's already sitting out there depreciating in mass quantities13:36
-!- p15x [~p15x@64.145.91.47] has joined #bitcoin-wizards13:36
bramcA proof of time shows that a certain amount of time passed between thing A and thing B, it can be as simple as repeatedly hashing something with checkpoints along the way so it can be spot-checked13:37
-!- p15x_ [~p15x@64.145.91.71] has quit [Ping timeout: 246 seconds]13:37
phantomcircuitbramc, the economics are clearly different, whether they provide similar security with less waste isn't clear to me13:37
phantomcircuitclearly there's less waste in such a system13:37
phantomcircuitbut im not clear it provides the same economic incentives13:37
bramcphantomcircuit, Technically it's leveraging pre-existing waste13:37
iddobut you said that you require this proof to be more difficult if the network is faster13:37
bramcOh I didn't mean the latency on the network, I meant the speed of the fastest proof of time server13:38
phantomcircuit(no capital investment, possibly means less incentive, but maybe sunk cost fallacy)13:38
iddobramc: so if the network has 1000000 miners instead of 100 miners, it isn't more difficult to produce this proof of time ?13:39
-!- nullbyte [NSA@gateway/vpn/mullvad/x-xwcwcizbjmqoyfrb] has quit [Ping timeout: 246 seconds]13:39
bramcamiller, I'm not sure what your last question meant13:39
iddoif that's the case, why wouldn't an attacker be able to do costless simulation attack from genesis?13:40
bramciddo, The number of miners doesn't matter for the work factor on the proofs of time, it's the amount of space devoted to the proofs of space13:40
bramciddo, The system alternates between proofs of space and proofs of time, in pairs. The work factor on a pair is the product of the two of them.13:41
-!- nullbyte [NSA@gateway/vpn/mullvad/x-xeltozveaeklicty] has joined #bitcoin-wizards13:41
bramcPer what iddo was saying, it isn't a costless system, it's just picked winners beforehand so everybody but the one big winner can bow out13:41
bramcIt winds up having stochastic block times like regular Bitcoin: The better the proof of space, the shorter the proof of time.13:42
iddostill seems to me that an attacker can start from genesis and always pick himself, if he has fast way to create proof of time13:43
bramciddo, Nobody has a particularly faster proof of time than anybody else, and everybody who makes a faster proof of time can contribute to the proofs of time for the system as a whole to keep everybody else honest13:44
bramcBut yes in principle if you have, say, a tenth of the space but more than ten times as fast of a proof of time as anybody else then you can eventually catch up and overtake.13:44
-!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has quit [Ping timeout: 248 seconds]13:45
-!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has joined #bitcoin-wizards13:45
-!- andytoshi [~andytoshi@wpsoftware.net] has joined #bitcoin-wizards13:46
iddobramc: the nice propery of proof of space that we seek to have is that if you prove that your space was dedicated for the mining process i.e. wasn't being used for anything else, then you are more likely to get higher reward... this property gives efficient energy consumption unlike PoW13:46
-!- kmels [~kmels@186.151.61.56] has quit [Ping timeout: 256 seconds]13:46
bramciddo, Yes that's why I'm talking about proof of time instead of proof of work (which boils down primarily to power and electricity)13:47
iddoso if an attacker can start from genesis and claim that he dedicated plenty of storage space, he will presumably win13:47
-!- drwin [~drwin@88-103-255-166.jes.cz] has quit []13:47
bramciddo, right but the proofs of time slow you down, so you can always catch up, but by then everything else will have moved on13:48
iddo(if he can claim that he dedicated the space for long time period and nobody can say that that's false)13:48
-!- scoria [~blaze@wpsoftware.net] has joined #bitcoin-wizards13:48
iddobramc: so i don't really get what's this proof of time? how do you say that everyone can do it at same speed as anyone else?13:48
bramcYou have an ability to prove space/second, and that applies to your attempts to catch up from genesis13:48
iddohow?13:49
bramcA proof of time is something like: Start with the output of the last thing, encrypt it X times. That's the most trivial one. A big improvement is to include checkpoints along the way so checking it can be parallelized and spot checked13:50
-!- kmels [~kmels@186.151.61.56] has joined #bitcoin-wizards13:50
iddoencrypt it X times? what does that prove?13:51
bramcLet's say, for the sake of argument, that everybody's proof of times are done at the exact same rate13:51
bramcIt proves that an amount of time proportional to X was spent between the input and the output13:51
iddobut you can encrypt faster with faster hardware?13:51
iddowhy encrypt instead of hash?13:52
bramcHashing is really what you're doing, I just said encrypt on the theory than AES is what's already accelerated everywhere13:52
bramcYes, you can go faster with faster hardware, but that will probably hit about the same limit for everybody13:53
iddosha256 is accelerated on Bitcoin ASIC13:53
bramcAnd even if it doesn't the design of the network is made to screw everybody who's trying to get ahead that way13:53
bramcAES is accelerated on Intel :-P13:53
bramcThe proofs of time are completely canonical, and there's no direct incentive to run one yourself. There's more than enough indirect incentive because of the advantage it gives you on your own proofs of space13:54
iddoi fail to see the difference between proof of time and PoW13:55
bramcSo everybody takes the output of the last proof of time, runs their own proof of space on it, the best ones are published, and whoever's running a supercooled accelerated proof of time server does the proof of time on the best one13:56
bramcThat way only a handful of machines are burning power13:56
bramcWith PoW every machine is burning power the entire time13:57
iddowhat's the incentive to compute the proof of time ?13:57
bramcThe incentives are (a) to get a leg up on everybody else by having a proof of time server, and (b) to screw over the other assholes who are trying to do (a)13:58
bramchaving a *faster* proof of time server I mean13:58
iddoso if you can do proof of time faster than others, you get more rewards13:59
bramcRight, but everybody else is likely trying to keep you from doing that14:00
bramcIt only really helps you when there's a near-tie and you can win14:00
iddoi still fail to see the difference between this and PoW14:00
bramcWhen you've clearly lost this round you run your own proof of time server on the best thing published to the network14:01
iddoproof of time has to computed by someone, either you would want to get someone else to do it for you (and he would wish to be compensated for his effort), or you do it yourself... same as PoW, no?14:01
bramcThe difference is in the amount of power used. With proofs of time used properly only a handful of machines are running the proofs of time: The really fast, well optimized ones. All the other machines do their proofs of space and then sit around chilling14:02
bramcThe main cost of the proofs of time is getting your super fast machine set up. Their operating costs are very small compared to that14:02
amillerbramc, is it the case that the proof-of-time has no impact on the choice of block or transactions in a block?14:03
-!- andytoshi [~andytoshi@wpsoftware.net] has quit [Changing host]14:03
-!- andytoshi [~andytoshi@unaffiliated/andytoshi] has joined #bitcoin-wizards14:03
amillerlike, the guy who can do the fastest proofs-of-time gets no influence?14:03
bramcamiller, The proof of time is 100% canonical on the output of the proof of space14:03
iddook but i claim that everybody will do proof of time themselves, or pay for someone else to do this part of the job for them... so it's just like PoW14:03
bramcamiller, Yes that's a very important feature!14:03
bramciddo, Why would you do your own proof of time when your machine is slower?14:03
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has joined #bitcoin-wizards14:04
iddobramc: you buy faster machine so you can earn more rewards, or you pay someone who has faster machine than you14:04
amillerbramc, is there some marginal cost point where i'd be better off paying for faster proof-of-time instead of more storage?14:05
bramciddo, It only matters for the very few who are the absolute fastest. There's this mutually assured destruction which happens between the handful of players who actually put in the money to make faster proofs of time servers14:05
iddoas far as i can see, you just added PoW component, and try to claim that it won't lead less efficient enery usage, but i don't see why your claim is supposed to be true, it seems just like ordinary PoW14:06
-!- nullbyte [NSA@gateway/vpn/mullvad/x-xeltozveaeklicty] has quit [Read error: Connection reset by peer]14:07
iddos/lead/lead to14:07
bramcWhat winds up happening is that there's the fastest and second fastest proofs of time servers. The fastest one may be able to set up a racket where people can pay him to run their near-misses. The second fastest runs on the best thing they get because fuck that #1 guy14:07
amilleriddo, you're really missing how the Po(sequential)W component isn't meant to be competitive14:07
-!- erasmospunk [~erasmospu@81.17.20.98] has quit [Remote host closed the connection]14:08
bramcIn practice the differences in speed between optimized PoT servers are likely to be extremely small14:08
iddoamiller: if you has PoW function that it would the same amount of time for everyone to compute? sure if that function existed...14:08
amilleriddo proofs of sequential work are well known14:09
amilleriddo they'd be rejected as uninteresting if proposed as a bitcoin-replacement on their own, because they are not "progess free"14:09
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards14:09
bramcIt turns out sequential hashing with checkpoints is the best approach to the PoT, because it's canonical and spot checkable14:09
iddook you mean timelock puzzles that are difficulty to parallelize..14:10
amilleryes14:10
-!- nullbyte [NSA@gateway/vpn/mullvad/x-fqqncxcedorghawc] has joined #bitcoin-wizards14:10
bramciddo, Calling them 'timelock puzzles' makes it sound like there's interesting match involved. In this case the math is quite trivial, because there's no public key component14:11
bramcinteresting math I mean14:11
iddobut sequential isn't synonym to ASIC resistant ?14:12
bramcRegular timelock puzzles need an encoder to be able to create them quickly, these have no such requirement14:12
bramcSequential does not mean ASIC resistant!14:13
bramcIt mean non-parallelizable14:13
amillerbramc, by which you mean, ASICs might compute them much more cost/power efficiently, just not *faster*14:13
bramcAlthough, umm, some people who don't know what they're talking about might claim that sequentiality helps with ASIC resistance, which is wrong14:13
iddoalso non progress-free is a problem here too? winstead of sending it to a server, you start working on it locally and you win14:14
bramcamiller, ASICs might also compute them faster, it would be a completely different ASIC than one designed for efficiency14:15
bramcamiller, You of course try to make it ASIC resistant (hence my comment about using AES because of the good Intel acceleration already) but the important feature is sequentiality14:15
bramciddo, working on it locally doesn't save you anything more than the time for it to propagate across the network14:16
iddoyes so if you save propagation time then you win, everyting else being equal?14:16
iddoanyway i still don't see the point, either you pay some server to do this PoW for you, or you do it yourself, in either case someone has revenues/expenditures for doing PoW, just like Bitcoin14:17
bramcPropagation time is probably extremely small14:17
iddoyou can ask, why aren't there only say 10 Bitcoin CPU miners now, it will be more energy efficient than all these ASICS14:18
bramcNo with each block the best proofs of space are published and only the very best one is worked on. Everybody else doesn't waste their power14:18
iddomy argument is that everybody will or will not waste their power just like in Bitcoin, i don't see the difference14:19
amillerbramc, what happens if there is a #1 proof-of-space, and a #2 proof-of-space (the best two ones after all of them are compared), and only the proof-of-time for the #2 solution is published first14:20
bramcIn Bitcoin you don't know if a mining attempt will work in advance, hence lots of power spent on unsuccessful mining attempts14:20
bramcamiller, Then the #1 is SOL14:21
iddoif someone outcompetes you then he creates the next block? whats the difference?14:21
bramcamiller, #1 should have published faster :-)14:21
-!- davi [~davi@gnu/davi] has joined #bitcoin-wizards14:21
amillerbramc, that seems like a hazard14:21
bramcamiller, It isn't any different from orphan blocks in regular Bitcoin14:22
amillerwell there aren't many people computing proofs-of-time in yoru scenario so it would be easier to bribe them14:22
amillerand it *does* mean that they have significant influence after all14:22
bramcamiller, Yes that is a bit of a hazard14:23
bramcalthough they have to all cooperate to play those games, and there's no way for them to tell who's cheating if anybody is, and there's nothing stopping anybody else from jumping in14:23
iddoyou cannot just declare there aren't many people doing PoT because that's how you envision it.. i can say that i envision Bitcoin with 10 CPU miners but it doesn't make it so14:25
-!- erasmospunk [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has joined #bitcoin-wizards14:25
bramcI don't understand what you aren't getting here14:27
bramcAfter every round of PoS, everybody publishes theirs to the network, unless they've gotten a better one already. It rapidly becomes clear what the best PoS is14:27
bramcWhy would you run a PoT on a PoS which you know is going to finish late?14:28
-!- nullbyte [NSA@gateway/vpn/mullvad/x-fqqncxcedorghawc] has quit [Ping timeout: 265 seconds]14:28
iddoyou run PoT on the winning PoS, or let someone else do it for you, in both cases doing the PoT has a cost14:29
bramcEven if everybody's PoT is the exact same speed, and it's run on the winner, that's still done exactly once14:29
bramcEverybody else gets a heads up that their PoS is deficient and gives up early.14:30
-!- nullbyte [NSA@gateway/vpn/mullvad/x-rbesagxsuoimfuiq] has joined #bitcoin-wizards14:30
iddowhy wouldn't there be PoT race ?14:31
-!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has quit [Ping timeout: 246 seconds]14:34
bramcBecause a PoS outputs a somewhat stochastic quality metric, and if that quality is half as good the PoT takes twice as long14:34
bramcSo except on the margin where there's a near tie you know who's going to win in advance14:34
bramc(this is the part which I need to read through the spacecoin paper about. My simpler PoS technique has this property but it's busted)14:35
bramc(my PoS technique is busted I mean, not the property)14:35
iddobut it is required to produce the PoT on the highest quality PoS, so there will be a market for producing it, no?14:36
bramcNot sure what you mean. Any PoS needs a corresponding PoT for there to be a resulting block14:36
-!- nullbyte [NSA@gateway/vpn/mullvad/x-rbesagxsuoimfuiq] has quit [Ping timeout: 250 seconds]14:37
-!- nullbyte [NSA@gateway/vpn/mullvad/x-mhhahwkhgarbejwf] has joined #bitcoin-wizards14:39
iddoif i have an ability to produce the PoT in half the time that you can, is it a valuable ability?14:39
bramcThat depends on whether there's a yet even faster PoT server just sitting out on the network working on whatever it's sent14:40
iddofor the sake of example suppose it's only you and i14:40
bramcHaving the very fastest PoT server is potentially valuable because in case of near miss somebody can pay you to do their PoT14:41
-!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has joined #bitcoin-wizards14:41
bramcIf there are only two miners, and one has a PoT twice as fast as the other, then that effectively doubles their space14:41
bramcOr rather, has the equivalent effect of doubling their space14:41
iddosuppose that only one very high quality PoS was created, is it valuable to do the PoT on it faster rather than slower?14:42
bramcOver time a faster PoT will get factored into the work difficulty and not change the rate of mining rewards14:43
iddosuppose you produced the high quality PoS, and there are 10 PoT servers competing to generate the PoT for you, then the fastest among those 10 will get paid by you? because if you wait for slower server then you take the risk that other PoS might suddenly outcompete you?14:45
bramcThe idea is that there are PoT servers on the network which operate on the best PoS they can find, specifically because they want to undermine anybody else trying to get ahead based on a faster PoT server.14:46
bramcIt's a little dicey paying for PoT services, because there's no way to verify that they did the work themselves14:47
iddowhy do PoT servers do work if they don't get paid ?14:48
bramcBecause it's of very little marginal cost to them, and it keeps other PoT servers honest14:48
-!- Quanttek [~quassel@ip1f10af17.dynamic.kabel-deutschland.de] has quit [Ping timeout: 264 seconds]14:49
iddoyou rely on altruistic PoT servers for this system?14:49
bramcI thought about trying to create direct incentives for PoT servers, and everything was bad.14:49
bramcThere's some slight altruism from PoT servers14:50
-!- orperelman [~orperelma@bzq-109-67-207-175.red.bezeqint.net] has quit [Ping timeout: 276 seconds]14:50
iddoin what sense they aren't altruistic ?14:50
bramcWell, they might not be altruistic in that they can be paid directly14:51
bramcIt only takes one 'jerk' with a fast one to make it hard for the others to get a jump though.14:52
iddomandatory altruism is hard to enforce :) market may develop for this service14:53
bramcThere will likely be some market for it. That's an interesting detail14:53
bramcThankfully it doesn't require all that widespread of altruism. It also helps that clock times are all about the same.14:54
-!- ryanxcharles [~ryan@adsl-108-80-229-7.dsl.pltn13.sbcglobal.net] has joined #bitcoin-wizards14:54
iddoone extreme is just Bitcoin, many PoT servers competing for produce the proof and get paid for it14:55
iddoyou claim that this extreme wouldn't be the case14:55
iddowould be nice to see analysis given the precise properties here and what'd be the likely outcome14:56
-!- nullbyte [NSA@gateway/vpn/mullvad/x-mhhahwkhgarbejwf] has quit [Ping timeout: 248 seconds]14:57
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds]14:59
-!- nullbyte [NSA@gateway/vpn/mullvad/x-pttqsodjhtomxfwr] has joined #bitcoin-wizards14:59
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has quit [Max SendQ exceeded]15:00
bramcIf there are competing PoT servers then most of them will go out of business quickly due to being less fast15:01
-!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has quit [Read error: Connection reset by peer]15:03
-!- davi [~davi@gnu/davi] has quit [Ping timeout: 246 seconds]15:03
-!- dgenr8 [~dgenr8@unaffiliated/dgenr8] has joined #bitcoin-wizards15:03
gmaxwellbramc: bitcoin network split again if you didn't get enough fireworks on the 4th.15:06
iddoyes, it isn't lottery as with random-looking hash15:06
gmaxwellbramc: if you locad bc.i you'll see it listing height ast 363999 ... but thats a fork of invalid blocks starting with megabigpower.15:06
bramcgmaxwell, This is me sitting in my cave15:07
bramcBlowing up doesn't seem to have a negative effect on the price of bitcoin, I wonder if people even know15:08
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]15:08
iddoso transaction malleability cannot happen anymore with standard transactions, now that BIP 66 is deployed? or can still happen but less likely?15:09
Luke-Jrit can happen, and is not much less likely..15:09
Luke-JrBIP 66 doesn't really try to address malleability15:09
Luke-Jrthat was BIP 62, which needs a rewrite or something now15:09
iddooh :(15:09
iddowhat's the importance of BIP 66 then ?15:10
Luke-Jriddo: removing OpenSSL from the consensus-critical code (sortof)15:11
Luke-Jriddo: it should be a lot easier to prove libsecp256k1 is consensus-compatible now15:11
bramcThe price of bitcoin seems to be moving up based on stories claiming that greeks are using bitcoin15:11
gmaxwellIt does close down one avenue of malleability but thats a side effect.15:11
iddoi see15:11
-!- nullbyte [NSA@gateway/vpn/mullvad/x-pttqsodjhtomxfwr] has quit [Ping timeout: 244 seconds]15:13
bramcI think it's more about 'follow a real spec instead of being dependent on the quirks of one particular implementation'15:13
-!- ryanxcharles [~ryan@adsl-108-80-229-7.dsl.pltn13.sbcglobal.net] has quit [Ping timeout: 246 seconds]15:15
-!- nullbyte [~NSA@172-7-226-202.lightspeed.hstntx.sbcglobal.net] has joined #bitcoin-wizards15:15
amillerhere is our new preprint https://eprint.iacr.org/2015/675 Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts15:16
bramc*sigh* all the cryptocurrency news sites are declaring that greece voting no is a great thing for bitcoin, proving how valuable it is, and predicting its value will go up as a result. That misperception is probably causing a short-term bump, assuming it isn't just noise15:16
-!- nullbyte [~NSA@172-7-226-202.lightspeed.hstntx.sbcglobal.net] has quit [Ping timeout: 246 seconds]15:19
-!- nullbyte [~NSA@193.138.219.233] has joined #bitcoin-wizards15:21
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Remote host closed the connection]15:21
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards15:22
-!- shen_noe [~shen_noe@50.252.142.179] has joined #bitcoin-wizards15:25
-!- _whitelogger [whitelogge@fehu.whitequark.org] has quit [Ping timeout: 252 seconds]15:27
-!- ryanxcharles [~ryan@adsl-108-81-169-137.dsl.pltn13.sbcglobal.net] has joined #bitcoin-wizards15:28
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards15:28
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has quit [Remote host closed the connection]15:31
-!- nullbyte [~NSA@193.138.219.233] has quit [Read error: Connection reset by peer]15:32
-!- nullbyte [NSA@gateway/vpn/mullvad/x-zqsowkqazhclusjr] has joined #bitcoin-wizards15:33
-!- goregrind [~goregrind@unaffiliated/goregrind] has quit [Ping timeout: 264 seconds]15:35
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has quit [Ping timeout: 248 seconds]15:37
-!- nullbyte [NSA@gateway/vpn/mullvad/x-zqsowkqazhclusjr] has quit [Ping timeout: 252 seconds]15:39
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 276 seconds]15:39
gmaxwellso I tested a bunch of APIs and explorers during this fork event (which just ended with the valid chain overtaking and a 3 block reorg for spv clients)15:40
gmaxwellthe following services were not working:15:40
gmaxwell https://blockchain.info/block/000000000000000012dbd422d7bf1c4b55982c37b390d4613dcee00d31741c6a15:40
gmaxwell https://www.biteasy.com/blockchain/blocks/000000000000000012dbd422d7bf1c4b55982c37b390d4613dcee00d31741c6a15:40
gmaxwell http://blockexplorer.com/block/000000000000000006ecee94daaa034bbd026cad52a9d3c6a5b7972716e5d56615:40
gmaxwell http://blockchains.io/btc/block/000000000000000012DBD422D7BF1C4B55982C37B390D4613DCEE00D31741C6A15:40
gmaxwell http://webbtc.com/block/000000000000000012dbd422d7bf1c4b55982c37b390d4613dcee00d31741c6a15:40
gmaxwell http://blockstrap.com/en/api/?function=block&chain=btc&id=363999#demo15:40
gmaxwell https://bkchain.org/ connect error15:40
gmaxwell https://helloblock.io/ down15:40
gmaxwell https://tradeblock.com/blockchain/block/36399915:40
gmaxwellToshi seemed correct but weird it claimed 363999 blocks when the valid chain had 363998, but on inspection of the bad tip it reported it as "Height 1"15:41
-!- nullbyte [~NSA@193.138.219.233] has joined #bitcoin-wizards15:41
gmaxwellI was unable to figure out what chain several things were on, including electrum servers and block.io15:41
-!- _whitelogger [whitelogge@fehu.whitequark.org] has joined #bitcoin-wizards15:43
amillergmaxwell, from those links it seems like blockexplorer.com was actually OK?15:44
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat]15:45
gmaxwellamiller: hah, no. by okay means its actually stuck way back.15:45
amilleroh. i see, it literally thinks we're still on 35899915:46
gmaxwellit reports the tip as 35_8_99915:46
CodeShark_Ironic that a rule change calling for stricter structure formatting revealed the fact that apparently nobody gives a shit about proper structure formatting :p15:51
jouke:D15:52
-!- vaalbara [~vaalbara@23.94.31.98] has quit [Remote host closed the connection]15:53
amillerwe won't ever be able to click those links in the future and really figure out what's wrong15:53
amillerso the context that's necessary is, at the current or just prior to this time, all of those blocks are reported by the respective services as 'on the main chain'15:54
amillerit would be nice if the services, instead of just including blocks and whether or not they're currently "orphaned", also included whether they appeared to be invalid or valid15:55
CodeShark_And perhaps some source code and a debug log :p15:55
-!- goregrind [~goregrind@unaffiliated/goregrind] has joined #bitcoin-wizards15:56
-!- nullbyte [~NSA@193.138.219.233] has quit [Ping timeout: 248 seconds]15:57
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 256 seconds]15:57
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bkgdklvalylpjmpa] has joined #bitcoin-wizards15:59
-!- shen_noe [~shen_noe@50.252.142.179] has quit [Quit: quitquitquit]16:02
-!- Dr-G2 [~Dr-G@x4d08a093.dyn.telefonica.de] has quit [Ping timeout: 248 seconds]16:12
-!- Dr-G [~Dr-G@x4d08a093.dyn.telefonica.de] has joined #bitcoin-wizards16:16
-!- Dr-G [~Dr-G@x4d08a093.dyn.telefonica.de] has quit [Changing host]16:16
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards16:16
-!- SubCreative [~SubCreati@unaffiliated/cannacoin] has joined #bitcoin-wizards16:17
-!- nephyrin` [~neph@nemu.pointysoftware.net] has quit [Quit: ... besides, it was hot]16:20
-!- nephyrin [~neph@nemu.pointysoftware.net] has joined #bitcoin-wizards16:20
-!- dEBRUYNE [~dEBRUYNE@239-196-ftth.onsbrabantnet.nl] has quit [Ping timeout: 255 seconds]16:35
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bkgdklvalylpjmpa] has quit [Read error: Connection reset by peer]16:36
-!- nullbyte [~NSA@193.138.219.233] has joined #bitcoin-wizards16:40
-!- www [~v3@f052068111.adsl.alicedsl.de] has quit [Ping timeout: 256 seconds]17:10
-!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]17:19
-!- elastoma [~elastoma@162.248.160.175] has quit [Ping timeout: 246 seconds]17:21
-!- c0rw|away is now known as c0rw1n17:25
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has joined #bitcoin-wizards17:37
-!- jtimon [~quassel@69.29.134.37.dynamic.jazztel.es] has quit [Ping timeout: 252 seconds]17:37
-!- elastoma [~elastoma@162.248.160.175] has joined #bitcoin-wizards17:38
-!- ryanxcharles [~ryan@adsl-108-81-169-137.dsl.pltn13.sbcglobal.net] has quit [Ping timeout: 246 seconds]17:44
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has quit [Ping timeout: 256 seconds]17:45
-!- Tiraspol [~Tiraspol3@83.70.153.95.dyn.idknet.com] has joined #bitcoin-wizards17:45
-!- Tiraspol [~Tiraspol3@83.70.153.95.dyn.idknet.com] has quit [Changing host]17:45
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has joined #bitcoin-wizards17:45
-!- nullbyte [~NSA@193.138.219.233] has quit [Read error: Connection reset by peer]17:54
-!- nullbyte [NSA@gateway/vpn/mullvad/x-djmyiaeetmyfkfhk] has joined #bitcoin-wizards17:56
-!- wallet42 [~wallet42@185.4.41.147] has joined #bitcoin-wizards17:56
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has joined #bitcoin-wizards18:04
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has joined #bitcoin-wizards18:07
-!- belcher [~belcher-s@unaffiliated/belcher] has quit [Quit: Leaving]18:24
-!- andytoshi [~andytoshi@unaffiliated/andytoshi] has quit [Read error: Connection reset by peer]18:28
-!- andytoshi [~andytoshi@wpsoftware.net] has joined #bitcoin-wizards18:29
-!- nullbyte [NSA@gateway/vpn/mullvad/x-djmyiaeetmyfkfhk] has quit [Ping timeout: 246 seconds]18:39
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bahvuvixsywxqbrc] has joined #bitcoin-wizards18:41
-!- erasmospunk [~erasmospu@gateway/vpn/privateinternetaccess/erasmospunk] has quit [Remote host closed the connection]18:46
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has quit [Disconnected by services]18:50
-!- Dr-G2 [~Dr-G@x4d08a124.dyn.telefonica.de] has joined #bitcoin-wizards18:50
-!- PRab [~chatzilla@2601:40a:8000:8f9b:f8ad:e3a0:cee6:bf3a] has joined #bitcoin-wizards19:05
-!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has joined #bitcoin-wizards19:05
-!- wallet42 [~wallet42@185.4.41.147] has quit [Quit: Leaving.]19:09
-!- wallet42 [~wallet42@185.4.41.147] has joined #bitcoin-wizards19:09
-!- wallet42 [~wallet42@185.4.41.147] has quit [Client Quit]19:09
-!- c0rw1n is now known as c0rw|zZz19:12
-!- flower [~user@189.116.150.203.sta.inet.co.th] has quit [Quit: -]19:15
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-ahclurwxfedpywrn] has quit [Quit: Connection closed for inactivity]19:24
-!- p15x_ [~p15x@61.149.242.84] has joined #bitcoin-wizards19:37
-!- p15x [~p15x@64.145.91.47] has quit [Ping timeout: 248 seconds]19:38
-!- sergiohlb [~Sergio@unaffiliated/sergiohlb] has quit [Remote host closed the connection]19:39
-!- flower [~user@189.116.150.203.sta.inet.co.th] has joined #bitcoin-wizards19:43
-!- _whitelogger [whitelogge@fehu.whitequark.org] has quit [Read error: Connection reset by peer]19:46
-!- void_hero [~michael@c-98-224-165-72.hsd1.mi.comcast.net] has joined #bitcoin-wizards19:48
-!- _whitelogger_ [whitelogge@fehu.whitequark.org] has joined #bitcoin-wizards19:48
-!- shen_noe [~shen_noe@172.56.39.107] has joined #bitcoin-wizards19:52
-!- shen_noe [~shen_noe@172.56.39.107] has quit [Client Quit]19:52
-!- void_hero [~michael@c-98-224-165-72.hsd1.mi.comcast.net] has quit [Quit: Lost terminal]20:09
-!- akrmn1 [~akrmn@192.95.51.167] has joined #bitcoin-wizards20:22
-!- superobserver [~superobse@unaffiliated/superobserver] has joined #bitcoin-wizards20:23
-!- akrmn [~akrmn@192.95.51.167] has quit [Ping timeout: 264 seconds]20:23
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Ping timeout: 246 seconds]20:29
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards20:30
-!- __FranzKafka__ [~FranzKafk@unaffiliated/franzkafka] has joined #bitcoin-wizards20:30
-!- FranzKafka [~FranzKafk@unaffiliated/franzkafka] has quit [Ping timeout: 256 seconds]20:32
-!- shreyas__ [~shreyas@106.51.133.31] has joined #bitcoin-wizards20:43
-!- ryanxcharles [~ryan@c-67-169-47-156.hsd1.ca.comcast.net] has joined #bitcoin-wizards20:43
dgenr8GreenIsMyPepper: what is the bitcoin address referred to in the LN paper?  is it the multisig address funded in receiver's payment hub channel?20:52
-!- sadoshi [~Sadoshi@31.220.4.123] has joined #bitcoin-wizards21:14
-!- p15x [~p15x@64.145.91.78] has joined #bitcoin-wizards21:16
-!- p15x_ [~p15x@61.149.242.84] has quit [Ping timeout: 264 seconds]21:17
bramcOn the plus side, the likelihood of miners ever getting their shit together to censor particular utxos is seeming extremely unlikely21:20
bramcIn all seriousness, what implications does the current mess have on possible future 'lightly' backwards incompatible changes?21:21
bramcWe can also infer that miners don't have their shit together to introduce incompatible honey-pot transactions into the network or we'd be seeing a lot more forks.21:23
-!- shen_noe [~shen_noe@172.56.39.107] has joined #bitcoin-wizards21:28
-!- shen_noe [~shen_noe@172.56.39.107] has quit [Client Quit]21:28
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards21:32
leakypatbramc is demonstrated to me on how use of the system is reliant on having access to an up to date full node21:32
leakypatMiners do a specific thing and with out an up to date full node, can't be held to account21:33
CodeSharkthe problem is that they lied21:33
leakypatIt also shows they will take shortcuts regardless, if it gives them an advantage21:34
CodeSharkwe should have never gone to BIP66 95%21:34
leakypatFull nodes first?21:34
leakypatSo soft fork= hard fork?21:34
CodeSharkor rather, we should have...because I'm glad this came out now...and I think BIP66 is a good thing21:34
CodeSharkbut the soft fork process completely broke because miners vote for rules they don't even enforce21:34
CodeSharkit wasn't supposed to be a hard fork21:35
CodeSharklol21:35
leakypatWhat percentage of full nodes need to upgrade though ?21:35
CodeSharkit was a two phase transition21:35
leakypatBlockchain .info accounts for n% of wallets and are on 0.7.021:35
CodeSharka couple days ago we hit the second goal21:35
CodeSharkof 95%21:35
CodeSharkafter 95%, miners are supposed to reject v2 blocks21:36
CodeSharkbut the miners voted for the change even though they were not checking this at all21:36
dgenr8supporting v3 was easy.  1-byte change.21:36
* dgenr8 has updated his working thesis to "nobody really knows how LN is supposed to work"21:37
leakypatSo we should have waited until we have proof no miner has built a v2 block for n blocks ?21:37
CodeSharkthe rule was 950 of the last 1001, I believe21:37
CodeSharkv3 blocks21:37
leakypatBefore full nodes start rejecting v3?21:37
CodeSharkyes21:37
leakypatMakes sense21:37
leakypatRejecting v2 sorry21:38
-!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has quit [Quit: Leaving.]21:38
CodeSharkthe scary part is if they can't even enforce a one line if statement, how can we trust them to enforce anything at all :p21:38
leakypatI think he lesson is they should never be trusted21:38
leakypatThe21:38
CodeSharkthat's the way it was supposed to work - if wallets and explorer apps actually did proper validation it wouldn't be our problem21:39
CodeSharkit would be the dumb miners' problem21:39
CodeSharkbut wallets and explorer apps don't do proper validation either...because they trust miners to do it...derp21:40
leakypatQuite honestly not enough companies engage with core development21:40
leakypatOr follow it21:40
leakypatThey see it as an API they call21:40
bramctechnically bip66 is a hard fork, but it's a trivial fix of no feature consequence whatsoever21:42
leakypatThe problem is that there are companies like bc.i who probably can't upgrade their systems21:42
leakypatAnd could never be relied on too21:42
gmaxwellbramc: no it isn't. Go spin up 0.8 ... syncs the chain just fine. But BIP66 is in force. No hardfork.21:42
CodeSharkbramc: is it? there are transactions that are invalid before BIP66 that are now valid21:42
CodeShark?21:42
bramcer, well, maybe we need better vernacular. 'hard' fork means that older clients wouldn't accept it, which bip66 is clear of21:42
leakypatbackwards compatible is the definition I believe21:43
bramcSo I was wrong. What's the term for a change where older dumb miners might make invalid blocks?21:43
-!- mjerr [~mjerr@p578EAB34.dip0.t-ipconnect.de] has joined #bitcoin-wizards21:43
bramcThat's somewhere between hard fork and soft fork21:44
bramcI mean, it's a soft fork, but it's more like a pillow than butter21:44
leakypatA rough fork21:44
jcorganit's like semi-soft cheese21:44
leakypatA spork?21:44
bramcThere are a few more things in the pipeline which are also rough forks, and it's fairly likely that miners will learn from this one that they can fuck over other miners by introducing subtly invalid transactions into the network21:46
bramcSo the next one might be a lot rougher21:46
CodeSharkso what's the solution?21:48
CodeSharkI mean, I know what the long-term solution is21:48
CodeSharkwhat's the short term solution?21:48
-!- bedeho [~bedeho@195.159.234.190] has joined #bitcoin-wizards21:48
bramcUh...21:51
bramcI'm open to suggestions21:51
bramcDoing a soft fork where it's trivial to tell when old stuff is invalid seems about as easy as it gets21:51
CodeSharkwe should definitely place a moratorium on soft forks for the time being...that goes without saying :p21:52
jcorganname and shame (where possible)21:52
leakypatMiners first21:52
leakypatName and shame clean up etc21:52
CodeSharkminers are in a way easier to target because a few big pools are enough to sway consensus21:52
leakypatOnce proof exists that no invalid block has been built for n time21:52
CodeShark(which isn't necessarily such a good thing)21:52
leakypatThen nodes upgrade?21:52
CodeSharkbut the nodes that really should be validating are wallets, IMHO21:53
leakypatMajor companies get big warnings21:53
bramcMaybe spv changeover should be integrated and wallets should be able to defend themselves against busted services?21:53
leakypatWith lists confirming upgrades are done or not made public21:53
jcorganthough the constant pointing out of bc.i's incompetence doesn't seem to have made any difference21:53
leakypatBut with a hard deadline21:53
leakypatjcorgan: you can only do so much , one has to wonder what hey will do in a hard fork21:54
leakypatIf they are stuck on 0.7.021:54
bramcWhat you really want to do is burn the miners - make the ones who aren't doing it right *consistently* lose21:55
gmaxwellpresumably they wildly misestimate what work dealing with it will take and think they can just make a small patch.21:56
bramcLike, right now they only lose if they happen to build on an invalid block which somebody else made. If they had to proactively set a flag indicating that they'd upgraded that would get their attention21:56
bramcAlthough of course they might set the flag without fixing anything, but at least it would burn the ones who literally did nothing21:56
CodeSharkbramc: the solution ultimately needs to be economic...game theory21:57
CodeSharkbut...21:57
CodeSharkwe're far from that :p21:57
leakypatA lot of the block explorers probably use pre 0.10 because they expect the blocks to arrive in order21:58
CodeSharkif the game theory is right people will do what needs to be done by themselves21:58
CodeSharkbut...21:58
jcorganCodeShark: true, but sometimes the feedback loops have long delays21:58
-!- zooko [~user@c-67-190-6-198.hsd1.co.comcast.net] has joined #bitcoin-wizards21:58
bramcgmaxwell, Not sure what you mean, isn't support for the new thing a fairly trivial patch?21:58
jcorganfor miners, it seems the financial penalty of losing coinbase revenue after orphaning will at least put real pressure on them21:59
CodeSharkjcorgan: if it happened more often perhaps that would be true21:59
CodeSharkif it only happens once every few months many miners might still carry on with their current strategy22:00
bramcYeah the amount of financial burn they've gotten this time hasn't been all that much. If they had to put in a flag that would get them consistently orphaned22:00
bramcUnfortunately many of the miners who are causing problems also don't accept any transactions, so keeping bad transactions circulating for a while just to fuck with them wouldn't help22:00
bramcThat would be fun though - have full nodes circulate bad transactions for a few days after the changeover22:01
jcorganhmm22:01
CodeSharkideally this would happen more often...but only the nonvalidating miners would suffer22:02
bramcOr somebody could 'altruistically' connect directly to all the full nodes they could and send some out of date transactions22:02
-!- jae_ [~jae@204.14.159.153] has quit [Remote host closed the connection]22:02
bramcCodeShark, Remember that this isn't actually a good state of affairs, as much fun as enacting vengeance might be22:02
CodeSharkbramc: this isn't about vengeance - it's just economics :)22:02
jcorgannot vengeance, more like proactive antiseptic cleansing22:03
CodeSharkwe want those who aren't following the rules to be basically ignored by the rest of the network22:03
CodeSharkbut...lol22:04
jcorganwhat's to stop someone from doing it now?22:04
jcorganbtw, did anyone do a diff on the chain tips after the fork resolved?  were there any actual TXes affected?22:05
CodeSharkI don't have an old node running22:05
CodeSharkI'd have to grab the bad blocks from somewhere22:05
jcorgani think one of the bad blocks had ~1600 transactions22:05
-!- p15x [~p15x@64.145.91.78] has quit [Ping timeout: 256 seconds]22:05
bramcIt only takes one bad transaction to invalidate the whole thing22:06
bramcPresumably there were other forks which got orphaned fast so nobody noticed22:06
jcorganwhat i mean is, i'm hoping that the valid chain mined all those from their own mempool, so there were no actual TXes that got confirmed on the bad chain that didn't also get confirmed on the valid one22:07
bramcjcorgan, *shrug* shit happens22:07
bramcAlthough that is an interesting question. Presumably there had to be a confused wallet which issued the bad transaction in the first place22:08
CodeSharkcould have been mempool backlog, no?22:08
CodeSharkhow deep did the fork go?22:08
jcorganthis one was 3 blocks22:08
jcorganthe first one was 622:08
gmaxwellthis most recent event had a lot of transactions.22:08
bramcjcorgan, The one yesterday was 6 blocks22:09
CodeSharkwhich of the three blocks was the 1600 tx one?22:09
bramcHow smart are the wallets about the changeover?22:09
CodeSharknot very22:09
CodeSharkactually, not at all for the most part22:10
bramcWere wallets supposed to have all changed over a while ago to avoid problems?22:10
CodeSharkbut what's worse is that unless you run a full validator you still cannot invalidate a block22:10
gmaxwellof the three two had lots of transactions.22:10
CodeSharkthis was a special case, bramc, where the invalidation could have been done with headers only22:10
CodeSharkin general it's not possible22:10
bramcIt seems like it should be three step: 1) miners start accepting the new transaction type 2) wallets start defaulting to the new type 3) miners start orphaning the old type22:10
gmaxwellbramc: bitcoin core never saw these blocks, btcd never saw these blocks. Everything else did.22:10
bramcgmaxwell, That would seem to imply that they were propagating quite well22:11
-!- shesek [~shesek@77.125.92.26] has quit [Ping timeout: 246 seconds]22:11
gmaxwellthe blocks had 1142/2315/1599 transactions respectively.22:12
CodeSharkwow - that's quite a few22:12
jcorganthat's why i'm wondering what the actual TX diff was22:12
CodeSharkwhat were the block numbers?22:12
gmaxwellyea, I hoped someone would do that while I was out.22:12
jcorganme too :-)22:12
bramcfollowed by 4) regular full nodes stop distributing no-longer-valid transactions as part of the program to fuck with miners who haven't gotten with the program :-)22:12
gmaxwell363999' 363998' 363997'22:13
bramcgmaxwell, Any idea how many of the transactions were invalid?22:13
CodeSharkI would have if I had an older version node running - if anyone has the bad blocks I can do a diff22:13
gmaxwellbramc: almost certantly none of them.22:13
gmaxwellbramc: we haven't had a non-canonical signature at all in the chain for over three months.22:13
bramcgmaxwell, So, uh, what caused the invalidation?22:13
gmaxwelloh ha! I must be incorrect.22:14
CodeSharkbc.i still has the three blocks apparently...22:14
CodeSharkbut...22:14
CodeSharklol22:14
gmaxwellbramc: I thought 7' was v2, but its tagged v3..22:14
CodeSharkI don't really want to use that as my source for data22:14
gmaxwellbramc: so it must actually have an encoding violation.22:14
bramc(Bram Doesn't Do Ops, hence my not having any info on blocks to share)22:15
gmaxwellCodeShark: they don't have a way to fetch the raw block AFAIK.22:15
bramcgmaxwell, It would seem like a strange coincidence for a new violation to show up right when they become illegal, wouldn't it?22:15
CodeSharkgmaxwell: you can still grab the tx hashes22:15
gmaxwelloh sorry, I was looking at the wrong tab.22:15
gmaxwellbramc: 7' is just tagged with v2, thats the only invalidity.22:16
CodeSharkin the worst of cases you can just scrape the site :p22:16
bramcgmaxwell, Uh... there's only so much you can do to save people from themselves22:16
gmaxwellbramc: the whole scheme is _intended_ to cause some orphaning, to get the stragling hashpower to upgrade or give up.22:16
gmaxwellbramc: the reason that there have been no violations is because miners have been rejecting those transactions since 0.8. People actually still create them all the time, in rather large volume.22:17
bramcHere I am, foolishly offering suggestions on the assumption that this scale of bad couldn't have happened if reasonable measures were followed, but no, it was all done right to begin with22:17
gmaxwellThere are old versions of armory and bc.i's mobile wallet, for example, that pump them out.  But then they don't get mined, and people go change their software.22:17
bramcthat's... depressing22:18
bramcPeople still have this weird thing where they think end users get some advantage out of their software not being on autoupdate. It's nuts.22:19
-!- CodeShark_ [~androirc@cpe-76-167-237-202.san.res.rr.com] has quit [Read error: Connection reset by peer]22:19
gmaxwellbramc: yea, well we did have issues with the BIP16 deployment that we learned from.  E.g. we made sure in BIP66 to phase out the transactions in question years before; and completely eliminated them from the network long before... then phased in with a very high threshold...  I'm certantly interested in knowing what more we could do.22:19
-!- CodeShark_ [~androirc@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards22:19
gmaxwellI know a few things we could improve on-- e.g. we overly focused on miners and not enough of other bits of public infrastructure.22:19
CodeSharkso the three blocks are 3ae1223... 63f97f... and 12dbd4... ?22:20
bramcYes the public infrastructure clearly could use some help, but I for one am at a loss as to any major process improvements to be had22:20
bramcSet the 'lazy and incompetent' bit to false?22:21
jcorganCodeShark: i think 12db is the first valid one, could be wrong though22:21
gmaxwellCodeShark: yea, and thats a weird way to truncate the hashes, I use the trailing bytes! :)22:21
CodeSharkyeah, probably better to use the trailing bytes22:21
leakypatOk, so we knew that there were v2 blocks still being produced but had assurances from 95% that they wouldn't be built on ?22:21
bramcleakypat, Yes that's the crux of the problem, the orphaning would have had no problems if they hadn't been lying22:21
gmaxwellleakypat: right, the v2 block at 363997' is unsurprising and harmless.22:22
leakypatgmaxwell: so not much more you can do on the miners side then, public lists of infrastructure not upgrading/ incompatible22:22
bramcAlso, with regards to the transactions which got orphaned, I wonder how far back wallets go when noticing reorgs, and it might be good if somebody as a public service would collect those old orphan blocks and reintroduce their transactions (I think that was the conversation y'all were just having and I wasn't understanding)22:22
leakypatalthough hard to fully verify, public assurances from the main infra players that they have upgraded would at least focus them22:23
bramcDoes bitcoin core keep old transactions in a stale mempool and bring them back in the case of a reorg?22:23
gmaxwellleakypat: basically 95% means that 5% will be producing orphans which is only a small multiple worse than the levels that happen ordinarily due to latency, they'd be unlikely to manage a two block reorg (0.05^2), plus the 5% presumably would drop rapidly once the orphaning started.22:23
bramcYeah for it to get up to 6 means that something is busted22:24
gmaxwellbramc: every bitcoin node is a service which reintroduces transactions. They're returned to the mempool when disconnecting the old block.22:24
jcorganyeah, in part this only grabbed our attention because the first instance was two miners that made up 40% of hashrate22:24
bramcgmaxwell, Well gee, how am I supposed to offer suggestions in the midst of basic competence already being in place?22:24
gmaxwellbramc: so the only reason there should be transactions that fell out of the chain is because they were conflicted via double spending at the time they were initially mined.22:25
bramcNote to self: Don't make a new cryptocurrency without at least using the existing bitcoin codebase as a reference22:25
-!- shesek [~shesek@IGLD-84-229-153-73.inter.net.il] has joined #bitcoin-wizards22:25
jcorganso it went on 6 blocks before the system routed around it22:25
zookobramc: ;-)22:26
bramcIf we try to estimate how many miners are being 'bad', there needs to be separate estimates of how many miners are/were creating bad blocks vs. not doing their necessary validation22:27
zookoYeah, you core folks do impressive work.22:28
jcorganzooko: heh, i've staked my retirement on that fact :-)22:28
jcorganno pressure guys22:28
bramcIf we figure that it took a day for something bad to happen, and that 95% of new blocks were valid, that means... after 5 bad blocks got made, one of them got to 6. That seems highly implausible. If it were that bad it wouldn't have been able to self-heal at all22:29
gmaxwellbramc: its too little data to get a good esimate.22:29
gmaxwellbramc: well we can distinguish: non-upgraded blocks are v2, while lacking-validation-blocks are "v3".22:29
gmaxwelleach of these two incidents have been a v2 and then a run of v3.  There have also been a couple v2 orphans in the last two days that didn't get extended.22:30
bramcgmaxwell, Yes it's possible that the 6 was simply unlucky, but it seems likely that a fair number of miners kept making v2 blocks even after they voted for v322:30
gmaxwelle.g. there was one right before the run of 6.22:30
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: ZZZzzz…]22:30
gmaxwellbramc: yea, no, we know for a fact that it was on the order of half the hashpower mining without validating there.22:31
gmaxwellbut we also know that some of that have 'improved' their behavior.22:31
bramcgmaxwell, That's what I was afraid of.22:31
gmaxwellThough improved may only mean that they're also validating enough to reject v2 now. :)22:31
bramcIn which case that run of 6 could easily have gotten way, way longer22:31
gmaxwell(but perhaps not a v3 block with a invalid transaction in it)22:32
bramcgmaxwell, That should be easy enough to test - make a peer which connects to as many full nodes as it can and drips bad transactions to them22:32
gmaxwellbramc: yes, it only was as short as it was because: it was mining blocks at ~half rate (due to the other half of the network being on the other side), and because the major operators responsible for that were able to be prodded.22:32
leakypatSo we can't rely on miners to validate?22:32
leakypatThy would rather hope for the best and get a speed advantage22:33
gmaxwellbramc: not so useful; because even non-upgraded nodes will not mine invalid txn.22:33
bramcOh right, hmm22:33
gmaxwellI mean someone could burn ~25 bitcoin and intentionally create such a block.22:33
bramcIt's unlikely that anybody has enough mining power that it's worth them sabotaging everybody else22:34
leakypatBut also we can't reliably tell how many full nodes on the network have upgraded22:34
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bahvuvixsywxqbrc] has quit [Ping timeout: 248 seconds]22:34
gmaxwell4ish months ago there was a miner who was mining the invalid txn-- tracked him down, he was on current software but someone seems to have 'optimized' out all his signature validation. (he fixed it right away).22:34
gmaxwellso it's possible that there is another genius like that out there and flooding invalid txn will result in a block.22:35
jcorganseems like a useful prophylactic measure22:35
phantomcircuitleakypat, we should figure out a way to make it so miners on margin make more money by validating blocks than by not22:35
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 276 seconds]22:35
gmaxwellThen again, some kind soul on reddit (of the sort of typical kind souls on reddit) already accused Peter Todd and of having created an invalid transaction (even though there had been none) in order to make a point about blocksize... so uh.. yea, I'm not going to do it.22:35
bramchttp://www.thedailywtf.com/22:36
phantomcircuitwhich probably means they need to soft fork a massive drop in blocksize into place22:36
phantomcircuitwhich is maybe a bit circular...22:36
phantomcircuitfix the soft fork issues with a softfork22:36
phantomcircuitgoto 122:36
-!- nullbyte [NSA@gateway/vpn/mullvad/x-lfwqbtbciqsokmaa] has joined #bitcoin-wizards22:36
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has quit [Ping timeout: 276 seconds]22:36
leakypatI see, hence bramc suggestion of getting invalid transactions into the miners blocks?22:38
leakypatThey would have to check each one22:38
phantomcircuitleakypat, that probably wont work22:38
-!- arubi_ [~ese168@unaffiliated/arubi] has quit [Quit: Leaving]22:38
gmaxwellbramc: a possible argument is that perhaps we've done soft-forks too infrequently... leaving people poor at handling them.22:39
phantomcircuiti dont think any of the major miners are including transactions they haven't verified22:39
bramcgmaxwell, They might not be much better after this mess, nobody got burned all that bad22:40
zookogmaxwell: my trusted colleague Brian Warner recently said this to me. Something like: things that happen less often than every few weeks will fail when you try to make them happen.22:41
zookogmaxwell: on the topic of software/protocol upgrades.22:41
leakypatYeah, there is a monthly upgrade of the libraries where i work, regardless22:42
leakypatEveryone has to sync up22:42
leakypatWith sometimes useless calls with dependent parties, but never the less, the process works22:42
zooko*nod*22:42
gmaxwellI worry that there are already a lot of marginal participants; too much throughput will push them out-- that isn't a good way to be inclusive.22:42
zookoHm.22:43
zookoIsn't that sort of the opposite of what you were just saying?22:43
zookoIf "marginal" = "careless/inattentive/etc."22:43
leakypatSo there would be a monthly Bitcoin core release call of some kind22:43
leakypatSounds logistically a nightmare :/22:44
gmaxwellzooko: hm not quite, you can be resource strapped but still handle a big upgrade once a year.22:44
gmaxwellBut not be able to handle one once a month.22:44
zookoHm.22:45
leakypatYou would think the 700m vc funding could throw in a few coordination heads22:45
gmaxwelland sure it looks like marginal == inattentive; but thats only because we only see the failures.22:45
leakypat(By heads I mean head counts)22:46
bramcleakypat, You didn't think any of that VC funding would go towards making the ecosystem healthier, did you?22:46
leakypatbramc: my naïveté is bottomless22:46
bramcA true malleability fix might be dicier than this, because it causes some utxos to be spent which older full nodes don't realize are already spent22:48
gmaxwellsome of it has-- but really, who are you going to fund to do that?22:48
jcorgangee, if only there were an industry consortium around bitcoin that could take on these sorts of longer term thinking, ecosystem related issues, and be funded by lots of ecosystem participants as a way of helping ensure the "system" will support their own more narrower goals22:49
bramcgmaxwell, A fair number of the entities which aren't doing validation properly probably have investment22:49
bramcjcorgan, I'm sure one could scrounge up a few thieves and pedophiles to sit on the board of such an entitiy22:50
-!- roconnor [~roconnor@e120-pool-d89a7a26.brdbnd.voicenetwork.ca] has quit [Quit: Konversation terminated!]22:51
CodeSharkgmaxwell: I don't really have a good setup to do a diff on the transactions - but if you want me to I can scrape them22:52
CodeSharkI have the tx hashes in files22:53
jcorganin all seriousness, though, individual ecosystem particpants usually have too narrow a view to directly invest in "greater good" type things, but are often willing to set aside a portion of their investment capital to fund an organization that would focus exclusively on those type of things, as long as everyone else were putting money in the pot as well22:53
CodeSharkif you have a node with txindex you can easily see which ones got dropped22:54
CodeSharkunfortunately, I don't have such a node accessible atm22:54
jcorganbut bitcoin has never seen an organization that actually fulfills that role22:54
CodeSharkthe bitcoin foundation doesn't count? :p22:55
jcorganlol22:55
gmaxwellCodeShark: if you've got the tx hashes in the orphaned blocks, skipping the coinbase txn (for obvious reasons) give to me and I can quickly check which made it into the main chain.22:56
CodeSharkone of the blocks apparently is empty22:56
bramcSo it's fair to say that the 95% which voted were fairly consistent about producing new valid blocks on schedule, but roughly half of them (weighted by mining power) aren't/weren't doing validation properly22:57
CodeShark6053a7b0d5a2 appears to be empty22:57
-!- p15x [~p15x@123.118.83.203] has joined #bitcoin-wizards22:58
bramcIt's hard to see how to avoid the moral hazard here. Validating causes at least a little bit of latency, which costs something, and the ones who aren't validating hardly got burned.22:58
CodeSharkI can send you the other two minus the coinbase22:58
bramcOn the other hand, since headers-only validation could have handled this just fine, maybe that would be enough and should be what's emphasized in the future.22:58
gmaxwellCodeShark: gimme gimme22:58
CodeSharkok, sending an email...one sec22:58
gmaxwellbramc: nah, just lucky in this case. in the BIP-16 change there were actual invalid txn mined.22:59
leakypatI'm sure there are volunteers out there who would coordinate things- it's a core dev stakeholder coordinator role22:59
leakypatThey need to be able to understand stuff, but really good at bugging the crap out of people and tracking things22:59
jcorgansometimes volunteers emerge with the time/effort/willingness to do that22:59
gmaxwellleakypat: if things weren't coordinated here it was only because it wasn't thought of, I mean, we got 95% (lol) hashpower in three months onto this; there was significant effort coordinating with miners, but they didn't exactly volunteer "oh btw, we're not actually validating"23:00
bramcCore devs tend to not be so big on that whole 'talking to people' thing23:00
leakypatgmaxwell: I meant more doing regular calls with the big companies etc23:00
bramcgmaxwell, 'We're only 5% of all hashpower, us not validating hardly breaks anything'23:01
CodeSharkgmaxwell: sent23:01
leakypatdon't get me wrong , I think it is the companies themselves that should be being proactive23:03
gmaxwellI don't.  I mean, I don't think "should" matters.23:04
gmaxwellnothing good gets done by spending too much time worrying about should.23:04
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards23:05
jcorgana company might not invest $X directly in something that only has long term benefit, because it puts them at an immediate disadvantage to their competitors, but if if "everyone" were to invest $X in a common consortium type organization that look after those type of things, then they'd all benefit and not suffer relative to one another23:06
jcorganthe trick is in organizing the whole thing23:06
-!- nullbyte [NSA@gateway/vpn/mullvad/x-lfwqbtbciqsokmaa] has quit [Ping timeout: 248 seconds]23:13
CodeSharkbramc: headers-only validation would still miss 99.999% of problems :p23:14
-!- nullbyte [NSA@gateway/vpn/mullvad/x-bckktuvbyaqhppme] has joined #bitcoin-wizards23:15
CodeSharkthis was one of the very few exceptions where it would have actually sufficed23:15
-!- NewLiberty [~NewLibert@76-255-129-88.lightspeed.irvnca.sbcglobal.net] has joined #bitcoin-wizards23:15
CodeSharkuntil someone included a bad DER in a v3 block :p23:15
CodeSharkthe fundamental problem is quite simple - it's too costly to verify, it isn't sufficiently costly not to23:17
CodeSharkthat's really what it boils down to :)23:17
CodeSharkfix those things and as if by magic miners will miraculously stop doing this crap23:18
CodeSharkI still think that ultimately wallets are the most important validator nodes23:21
CodeSharkand ironically these are the nodes that are least likely to invest in full validation23:21
CodeSharkrelay nodes are also important - it would be better to err on the side of relaying invalid data than on not relaying valid data...and have the wallet nodes do final validation23:25
CodeSharkbut...it's a pipedream :p23:26
gmaxwellCodeShark: well there is a counter argument that relaying invalid data increases exposure for those behind you.23:29
CodeSharkgmaxwell: true...but we probably shouldn't be relying on that :)23:30
zookogmaxwell: +1 on 'down with "should"'23:31
gmaxwellsure sure, but its an argument against making it worse. The other is that its easy to open up DOS vectors that way.23:31
-!- zooko [~user@c-67-190-6-198.hsd1.co.comcast.net] has quit [Quit: goodnight folks]23:31
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards23:32
CodeSharkgmaxwell: ideally, relay nodes would also validate...and validate correctly. but wallets not validating correctly opens up even more attack vectors23:37
CodeSharkand from an incentives perspective, the wallet node operators stand to lose a lot more from improper validation23:39
bramcTechnically validating just creates a latency problem. You can accept new blocks immediately and start mining them, then invalidate in the background. But that requires some actual engineering23:39
bramcLike, an engineer might have to spend a few days or maybe even a few weeks getting it to work right.23:39
gmaxwellyea, a perfectly reasonable thing to do would be to start early but not relay until you've caught up the validation; but if you're getting it wrong the failure is silent.23:40
CodeSharkit's unenforceable, though23:41
CodeSharkthe only way to enforce it is economically23:41
bramcgmaxwell, Or if you want to be a jerk about it, relay immediately but validate in the background and throw out the bad one in favor of a good one if it gets invalidated23:42
CodeSharkmany miners probably would run something like that if it didn't eat into profits...but it's unenforceable...and I think it's safe to say that most miners will not do this customization correctly :p23:43
CodeSharkso it would have to come prepackaged23:44
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving]23:44
CodeSharkdid you finish compiling the double-spend list, gmaxwell/23:48
CodeShark?23:48
gmaxwellCodeShark: no, turned out I'd broken my w/ txindex nodes to observe the fireworks the other day, reindexing now. :(23:49
CodeSharkderp :p23:49
gmaxwellI can share the list with someone else if they have a txindex handy?23:50
-!- arubi_ [~ese168@unaffiliated/arubi] has joined #bitcoin-wizards23:50
-!- cornusammonis [~Cornus@pool-173-73-140-137.washdc.fios.verizon.net] has joined #bitcoin-wizards23:51
CodeSharkI used to always run a synched database with every single possible index you might find useful...but I stopped doing that a long time ago23:52
CodeSharkI even indexed tx inputs that were in the same set of transactions23:52
CodeSharkI'm considering revisiting that project...but I need a backend that is more efficient with insertions23:53
-!- cornus_ammonis [~Cornus@pool-173-73-140-137.washdc.fios.verizon.net] has quit [Ping timeout: 256 seconds]23:55
-!- CoinMuncher [~jannes@178.132.211.90] has joined #bitcoin-wizards23:55
CodeSharkit's really nice to be able to do queries like "grab me all the dependencies back n generations from this transaction"23:55
CodeSharkor "find whether input X connects to output Y via some chain"23:56
CodeSharklol23:56
-!- sy5error [~sy5error@unaffiliated/sy5error] has quit [Remote host closed the connection]23:56
-!- shen_noe [~shen_noe@172.56.39.107] has joined #bitcoin-wizards23:56
CodeSharkit would be nice to store even invalid stuff for analysis23:58
--- Log closed Mon Jul 06 00:00:02 2015

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!