--- Log opened Mon Aug 31 00:00:56 2015 | ||
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 00:01 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 00:12 | |
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has left #bitcoin-wizards [] | 00:27 | |
-!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has quit [Ping timeout: 255 seconds] | 00:39 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 00:46 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 00:46 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 260 seconds] | 01:11 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] | 01:18 | |
-!- rubensayshi [~ruben@91.206.81.13] has joined #bitcoin-wizards | 01:24 | |
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards | 01:26 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [] | 01:27 | |
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has joined #bitcoin-wizards | 01:29 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 01:40 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 01:41 | |
-!- jtimon_ [~quassel@m952736d0.tmodns.net] has quit [Ping timeout: 265 seconds] | 01:50 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 01:53 | |
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards | 01:54 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 02:01 | |
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds] | 02:03 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 02:04 | |
-!- tripleslash [~triplesla@unaffiliated/imsaguy] has quit [Read error: Connection reset by peer] | 02:04 | |
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 240 seconds] | 02:07 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 02:11 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 02:12 | |
-!- AaronvanW [~ewout@x55b28c0b.dyn.telefonica.de] has joined #bitcoin-wizards | 02:19 | |
-!- AaronvanW [~ewout@x55b28c0b.dyn.telefonica.de] has quit [Changing host] | 02:19 | |
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has joined #bitcoin-wizards | 02:19 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 02:27 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 02:28 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards | 02:35 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 02:40 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 02:41 | |
-!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-hakyrusrtonjdhmz] has joined #bitcoin-wizards | 02:44 | |
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 255 seconds] | 02:59 | |
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards | 03:00 | |
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards | 03:01 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 03:07 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 03:08 | |
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.] | 03:12 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 255 seconds] | 03:23 | |
-!- mkarrer [~mkarrer@165.Red-83-55-152.dynamicIP.rima-tde.net] has joined #bitcoin-wizards | 03:27 | |
-!- mkarrer [~mkarrer@165.Red-83-55-152.dynamicIP.rima-tde.net] has quit [Client Quit] | 03:28 | |
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards | 03:30 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 255 seconds] | 03:37 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 03:47 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 03:48 | |
-!- hazirafel [~ufoinc@31.154.92.14] has joined #bitcoin-wizards | 03:57 | |
-!- hazirafel [~ufoinc@31.154.92.14] has quit [Remote host closed the connection] | 04:09 | |
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)] | 04:19 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 04:29 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards | 04:30 | |
-!- belcher [~user@unaffiliated/belcher] has joined #bitcoin-wizards | 04:31 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 04:33 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 04:34 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 04:35 | |
-!- hearn [~mike@185.25.95.132] has quit [Ping timeout: 252 seconds] | 04:38 | |
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards | 04:38 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards | 04:39 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 04:40 | |
-!- King_Rex [~King_Rex@2600:1005:b11e:8cac:59f7:71ea:d6b9:5cef] has joined #bitcoin-wizards | 04:42 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 04:42 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 04:45 | |
-!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 04:49 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 04:49 | |
-!- ratbanebo [~ratbanebo@2a02:1812:1515:2400:5ce6:3db6:c647:da28] has joined #bitcoin-wizards | 04:50 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 04:52 | |
-!- c0rw|zZz is now known as c0rw1n | 04:54 | |
-!- Huxy [~Huxy@cpe-104-32-148-17.socal.res.rr.com] has joined #bitcoin-wizards | 04:55 | |
-!- Huxy- [~Huxy@cpe-104-32-148-17.socal.res.rr.com] has quit [Ping timeout: 265 seconds] | 04:57 | |
-!- dc17523be3 [~unknown@cpe-66-68-54-206.austin.res.rr.com] has quit [Ping timeout: 244 seconds] | 05:07 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 05:11 | |
-!- dc17523be3 [~unknown@cpe-66-68-54-206.austin.res.rr.com] has joined #bitcoin-wizards | 05:13 | |
-!- smooth is now known as yGyG | 05:23 | |
-!- yGyG is now known as smooth | 05:24 | |
-!- hazirafel [~ufoinc@bzq-79-180-174-43.red.bezeqint.net] has joined #bitcoin-wizards | 05:25 | |
-!- p15x [~p15x@114.248.217.53] has quit [Max SendQ exceeded] | 05:31 | |
-!- p15x [~p15x@114.248.217.53] has joined #bitcoin-wizards | 05:33 | |
-!- p15x [~p15x@114.248.217.53] has quit [Max SendQ exceeded] | 05:37 | |
-!- p15x [~p15x@114.248.217.53] has joined #bitcoin-wizards | 05:38 | |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards | 05:39 | |
-!- p15_ [~p15@209.234.248.40] has joined #bitcoin-wizards | 05:42 | |
-!- p15x [~p15x@114.248.217.53] has quit [Ping timeout: 246 seconds] | 05:43 | |
-!- p15 [~p15@209.234.248.23] has quit [Ping timeout: 260 seconds] | 05:43 | |
-!- hearn [~mike@185.25.95.132] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] | 05:43 | |
-!- p15x [~p15x@64.145.91.75] has joined #bitcoin-wizards | 05:44 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [] | 05:48 | |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] | 05:49 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 246 seconds] | 05:52 | |
-!- hazirafel [~ufoinc@bzq-79-180-174-43.red.bezeqint.net] has quit [Quit: Leaving] | 05:57 | |
-!- hearn [~mike@185.25.95.132] has joined #bitcoin-wizards | 05:57 | |
-!- adam3us [~Adium@207.237.185.203] has quit [Quit: Leaving.] | 06:02 | |
-!- p15x_ [~p15x@64.145.91.83] has joined #bitcoin-wizards | 06:02 | |
-!- p15x [~p15x@64.145.91.75] has quit [Ping timeout: 250 seconds] | 06:04 | |
-!- adam3us [~Adium@207.237.185.203] has joined #bitcoin-wizards | 06:06 | |
-!- adam3us [~Adium@207.237.185.203] has quit [Client Quit] | 06:08 | |
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye] | 06:13 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 268 seconds] | 06:15 | |
-!- kang_ [67efe9ed@gateway/web/freenode/ip.103.239.233.237] has joined #bitcoin-wizards | 06:17 | |
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards | 06:18 | |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards | 06:20 | |
-!- smooth is now known as muneromooo | 06:22 | |
-!- muneromooo is now known as smooth | 06:23 | |
-!- smooth is now known as sm00th | 06:23 | |
-!- sm00th is now known as fIuffypony | 06:25 | |
-!- alferz [~alferz@unaffiliated/alfer] has quit [Ping timeout: 244 seconds] | 06:25 | |
-!- fIuffypony is now known as TheRealFluffypon | 06:26 | |
-!- TheRealFluffypon is now known as smooth | 06:26 | |
-!- jgarzik [~jgarzik@unaffiliated/jgarzik] has joined #bitcoin-wizards | 06:27 | |
-!- Jaamg [jhpiloma@gateway/shell/tkk.fi/x-muebzezsiflyjowe] has quit [Remote host closed the connection] | 06:28 | |
-!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-hakyrusrtonjdhmz] has quit [Quit: Connection closed for inactivity] | 06:29 | |
-!- alferz [~alferz@c-174-50-153-223.hsd1.ca.comcast.net] has joined #bitcoin-wizards | 06:32 | |
-!- alferz [~alferz@c-174-50-153-223.hsd1.ca.comcast.net] has quit [Changing host] | 06:32 | |
-!- alferz [~alferz@unaffiliated/alfer] has joined #bitcoin-wizards | 06:32 | |
-!- smooth is now known as Tank | 06:36 | |
-!- Tank is now known as Guest22470 | 06:36 | |
-!- alferz [~alferz@unaffiliated/alfer] has quit [Ping timeout: 244 seconds] | 06:36 | |
-!- Guest22470 is now known as smooth | 06:36 | |
-!- Populus [Populus@unaffiliated/populus] has joined #bitcoin-wizards | 06:38 | |
-!- Populus [Populus@unaffiliated/populus] has quit [Changing host] | 06:38 | |
-!- Populus [Populus@gateway/vpn/mullvad/x-rhjwgcptwadehyev] has joined #bitcoin-wizards | 06:38 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 06:42 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards | 06:43 | |
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-pccpiecsetvojxqg] has joined #bitcoin-wizards | 06:43 | |
-!- ratbaneb_ [~ratbanebo@78-23-10-185.access.telenet.be] has joined #bitcoin-wizards | 06:48 | |
-!- ratbanebo [~ratbanebo@2a02:1812:1515:2400:5ce6:3db6:c647:da28] has quit [Ping timeout: 256 seconds] | 06:51 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 06:52 | |
-!- afk11 [~afk11@unaffiliated/afk11] has joined #bitcoin-wizards | 06:56 | |
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards | 06:58 | |
-!- Populus [Populus@gateway/vpn/mullvad/x-rhjwgcptwadehyev] has quit [Read error: Connection reset by peer] | 07:05 | |
kanzure | "Oblivious substring search with updates" https://eprint.iacr.org/2015/722.pdf | 07:05 |
---|---|---|
nsh | oblivious updates? | 07:15 |
-!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards | 07:15 | |
-!- Populus [~Populus@unaffiliated/populus] has joined #bitcoin-wizards | 07:16 | |
-!- hazirafel [~ufoinc@91.135.102.164] has joined #bitcoin-wizards | 07:17 | |
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards | 07:18 | |
-!- bigreddmachine [~bigreddma@c-67-176-94-89.hsd1.co.comcast.net] has joined #bitcoin-wizards | 07:18 | |
-!- bigreddmachine [~bigreddma@c-67-176-94-89.hsd1.co.comcast.net] has quit [] | 07:23 | |
-!- paci [~paci@host41-233-static.58-79-b.business.telecomitalia.it] has quit [Quit: Leaving] | 07:23 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Ping timeout: 246 seconds] | 07:26 | |
-!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has quit [Quit: Leaving] | 07:27 | |
-!- p15x [~p15x@111.193.191.229] has joined #bitcoin-wizards | 07:27 | |
-!- p15x_ [~p15x@64.145.91.83] has quit [Ping timeout: 265 seconds] | 07:29 | |
-!- RH311ish [~RH311ish@65.78.60.74] has quit [Ping timeout: 246 seconds] | 07:31 | |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Ping timeout: 264 seconds] | 07:32 | |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards | 07:32 | |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Ping timeout: 244 seconds] | 07:39 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 07:39 | |
-!- dEBRUYNE [~dEBRUYNE@ww010103.uvt.nl] has joined #bitcoin-wizards | 07:43 | |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards | 07:46 | |
kanzure | "snarkfront is a C++ embedded domain specific language (EDSL) over the underlying snarklib template library" https://github.com/jancarlsson/snarkfront | 07:50 |
-!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has joined #bitcoin-wizards | 07:54 | |
-!- hazirafel [~ufoinc@91.135.102.164] has quit [Remote host closed the connection] | 07:54 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 246 seconds] | 08:03 | |
kanzure | andytoshi: do you know these guys? http://www.pepper-project.org/ | 08:04 |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat] | 08:05 | |
-!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards | 08:05 | |
btcdrak | http://arxiv.org/abs/1402.2269 | 08:05 |
-!- nwilcox [~nwilcox@74-95-207-205-SFBA.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 08:09 | |
nsh | (snarkfront sounds like an extremist sect from Wonderland) | 08:11 |
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards | 08:15 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [Remote host closed the connection] | 08:22 | |
andytoshi | kanzure: andrew blumberg is the only name i recognize; he does topology so i've never talked to him | 08:24 |
andytoshi | the others i don't know at all | 08:24 |
andytoshi | i was unaware that UT was involved with this project. very interesting | 08:24 |
-!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Remote host closed the connection] | 08:26 | |
-!- dEBRUYNE [~dEBRUYNE@ww010103.uvt.nl] has quit [Ping timeout: 244 seconds] | 08:26 | |
-!- c0rw1n is now known as c0rw|away | 08:27 | |
-!- rodarmor [~rodarmor@static-100-38-11-146.nycmny.fios.verizon.net] has quit [Quit: leaving] | 08:28 | |
kanzure | andytoshi: perhaps you should stalk them | 08:30 |
kanzure | "Merklized abstract syntax trees" http://css.csail.mit.edu/6.858/2014/projects/jlrubin-mnaik-nityas.pdf | 08:31 |
andytoshi | kanzure: i don't know nearly enough about academic verifiable computing lingo to stalk them usefully | 08:44 |
kanzure | i mean go meet them :P | 08:44 |
kanzure | "merkle hash trees for distributed audit logs" http://www.enseignement.polytechnique.fr/informatique/INF441/projets/merkle/merkle.pdf | 08:45 |
-!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has joined #bitcoin-wizards | 08:46 | |
-!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has quit [Remote host closed the connection] | 08:46 | |
-!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has joined #bitcoin-wizards | 08:46 | |
nwilcox | Because the blockchain provides consensus, it can be used to resolve collisions in a less-than-collision-resistant hash function. | 08:50 |
andytoshi | kanzure: i'll try to bug blumberg one of these days | 08:50 |
nwilcox | So would it be possible to replace pubkey / script hashes with a shorter bit string, provided we require anyone who needs to verify those hashes must also maintain context from the blockchain history? | 08:51 |
-!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has joined #bitcoin-wizards | 08:51 | |
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Remote host closed the connection] | 08:51 | |
andytoshi | kanzure: it's interesting that blumberg's high-level interests align so closely with my own, given that he does everything topologically (which i have zero interest in) | 08:52 |
nwilcox | This could be both a scaling and a usability hack. (Not sure what proportion of storage/bandwidth is hashes, so not sure how much it helps with that.) | 08:52 |
andytoshi | nwilcox: sure, if we could expect everyone to "maintain context" blockheaders themselves would suffice | 08:53 |
andytoshi | in that example the context for a transaction would be (a) the whole transaction, (b) its merkle path in the block to the hash in the header, (c) the same for all its inputs and so on | 08:53 |
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards | 08:54 | |
andytoshi | welll, actually, scratch that, i think this does not provide useful protection against double-spends unless everyone stores every transaction (and that's where we're at now) | 08:55 |
nwilcox | andytoshi: If k txouts pay to pubkey hash H, this currently uses k*H*hash_size bytes in aggregate for all of those txns, right? | 08:55 |
andytoshi | nwilcox: yes | 08:55 |
nwilcox | -and to verify a transaction "locally" (without double spend protection), a non-full-node can check hashes and signatures. | 08:56 |
zooko | nwilcox: but, those can be coalesced by the controller of the private key. | 08:56 |
andytoshi | ..but given that the pubkeyhash is (on a UI level) a label for the txouts, i'd expect k to be one in most cases | 08:56 |
zooko | If he wants. Not that he pays the scaling costs of not doing so. | 08:56 |
nwilcox | I'm confused a bit. If my wallet sends your wallet BTC in two separate transactions, doesn't it repeat your pubkey hash twice on the wire? | 08:57 |
andytoshi | nwilcox: no, if you send two transactions you need to spend (at least) two different txouts | 08:57 |
nwilcox | -and whenever any full node verifies blocks containing either of those two txns, they download the same hash twice. | 08:58 |
nwilcox | andytoshi: Two txouts to the same pubkey hash. | 08:58 |
kanzure | what's a "bucket merkle tree"? http://pastebin.com/ynQgBLJ5 | 08:58 |
andytoshi | nwilcox: i'm telling you that's rare (and for privacy reasons we'd prefer it never happen) | 08:58 |
andytoshi | and no, they would not download the same hash twice; verifiers would have both txouts cached | 08:59 |
andytoshi | and the two transactions would refer to different txouts, which would have different (txhash, vout) identifiers | 08:59 |
nwilcox | andytoshi: First, let's set aside privacy. I'm willing to concede this isn't useful if it requires sacrificing privacy, but I want to explore it with that simplification. | 09:01 |
nwilcox | Next, when you say "two txns would refer to different txouts", you are refering to their txins, right? I'm focused on the scriptPubKey in the txouts. | 09:01 |
nwilcox | If (privacy be-damned), two transactions make payments to the same pubkey, the contain txouts which repeat the pubkey's hash, correct? | 09:02 |
andytoshi | yes | 09:02 |
nwilcox | s/the contain/they contain/g | 09:02 |
nwilcox | Ok, so if we sacrifice (in addition to privacy!) the ability for nodes to verify signatures "locally", then can't we only include a smaller number of bits on the wire and rely on the blockchain to resolve hash collisions? | 09:03 |
nwilcox | There are those two crucial sacrifices, and even then I'm not sure if this helps scalability at all. | 09:04 |
zooko | nwilcox: I'm trying to suggest something which I think has the same effect. | 09:04 |
nwilcox | resolving collisions eg: "Take sha256(msg) then truncate it to 64 bits. If that's already present in my contextual state, then take the sha256(sha256(msg)) and check again, etc.. | 09:04 |
nwilcox | zooko: What is that? | 09:05 |
zooko | nwilcox: the recipient can *spend* those two utxos. | 09:05 |
zooko | Then there are no longer 2, but only 1, utxo. | 09:05 |
nwilcox | zooko: Ah, okay. I'm focused on the bandwidth of transactions. That would involve repeating the pubkey hash twice for the initial two transactions, plus another transaction. | 09:05 |
nwilcox | Maybe utxo size in any given block is more important than serialization size of transactions. | 09:06 |
zooko | Ah, I was focused on the size of the utxo set, which is a different measure. | 09:06 |
nwilcox | Hrm... maybe I should learn about which measures represent the important scaling bottleneck. | 09:06 |
zooko | *nod* | 09:07 |
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 09:07 | |
nwilcox | Changing block size is one way to address txn/time by changing bandwidth. | 09:07 |
nwilcox | Shrinking txn serialization size is another way to raise txn/time *without* changing bandwidth. | 09:07 |
-!- adam3us [~Adium@172.56.5.56] has joined #bitcoin-wizards | 09:07 | |
nwilcox | My intuition is that utxo set size isn't a bottleneck for scaling txn/time. | 09:08 |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards | 09:09 | |
nwilcox | Actually, this hack may help with all hashes, regardless of their reuse, and therefore it may not impact bitcoin privacy at all. | 09:09 |
nwilcox | It still requires a fundamental change which sacrifices local transaction verification. | 09:10 |
nwilcox | -and it might not work when multiple transactions refer to different hashes whose shortened version collides within the same block. | 09:10 |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has quit [Remote host closed the connection] | 09:12 | |
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-pccpiecsetvojxqg] has quit [Quit: Connection closed for inactivity] | 09:12 | |
-!- adam3us [~Adium@172.56.5.56] has quit [Ping timeout: 255 seconds] | 09:12 | |
nwilcox | Hm... Actually the whole idea may be incoherent. In order to resolve collisions, a rule would say "the first colliding input, x_0, gets to 'claim' that output, and the next colliding input, x_1, has to be further processed." | 09:12 |
nwilcox | But the input x_0 (eg a pubkey) is typically not known to the blockchain when txos refer to it initially. | 09:13 |
zooko | Doesn't sound like a promising approach since, as you say, it requires a disruptive change which sacrifices a widely-used feature. | 09:13 |
nwilcox | I'm not sure how widely used local transaction verification is used... | 09:14 |
nwilcox | Safest to assume some important userbase for any feature of unknown usage. | 09:15 |
-!- adam3us [~Adium@172.56.23.25] has joined #bitcoin-wizards | 09:16 | |
-!- damethos [~damethos@unaffiliated/damethos] has quit [Quit: Bye] | 09:21 | |
-!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 09:25 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards | 09:32 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 09:32 | |
-!- adam3us [~Adium@172.56.23.25] has quit [Ping timeout: 246 seconds] | 09:36 | |
-!- hearn_ [~mike@46.140.0.218] has joined #bitcoin-wizards | 09:38 | |
-!- Emcy_ [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards | 09:41 | |
-!- hearn [~mike@185.25.95.132] has quit [Ping timeout: 246 seconds] | 09:41 | |
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 240 seconds] | 09:43 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 09:52 | |
-!- hearn_ [~mike@46.140.0.218] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] | 09:52 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 09:53 | |
-!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Remote host closed the connection] | 09:54 | |
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Remote host closed the connection] | 09:55 | |
-!- jtimon [~quassel@md42736d0.tmodns.net] has joined #bitcoin-wizards | 09:57 | |
-!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards | 10:00 | |
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Read error: Connection reset by peer] | 10:00 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 10:03 | |
-!- nwilcox [~nwilcox@74-95-207-205-SFBA.hfc.comcastbusiness.net] has quit [Ping timeout: 264 seconds] | 10:08 | |
-!- kmels [~kmels@186.64.110.122] has joined #bitcoin-wizards | 10:09 | |
-!- Jaamg [jhpiloma@gateway/shell/tkk.fi/x-okyjhhkitmbubkij] has joined #bitcoin-wizards | 10:11 | |
-!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 250 seconds] | 10:11 | |
-!- kang_ [67efe9ed@gateway/web/freenode/ip.103.239.233.237] has quit [Quit: Page closed] | 10:13 | |
-!- jaekwon [~jaekwon@2601:645:c001:263a:f84d:ce68:245c:ea16] has quit [Remote host closed the connection] | 10:20 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 10:21 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Client Quit] | 10:21 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 10:23 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Read error: Connection reset by peer] | 10:23 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards | 10:23 | |
-!- jaekwon [~jaekwon@2601:645:c001:263a:69a5:68e6:e538:5eb3] has joined #bitcoin-wizards | 10:23 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] | 10:26 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 10:26 | |
-!- jaekwon [~jaekwon@2601:645:c001:263a:69a5:68e6:e538:5eb3] has quit [Remote host closed the connection] | 10:27 | |
-!- nwilcox [~nwilcox@50-0-142-211.dsl.dynamic.fusionbroadband.com] has joined #bitcoin-wizards | 10:31 | |
-!- Anarcho [Anarcho@unaffiliated/anarcho] has quit [] | 10:34 | |
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Ping timeout: 250 seconds] | 10:45 | |
-!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has joined #bitcoin-wizards | 11:02 | |
kanzure | oh for proof-of-treachery your supernode could really be a 1-of-10000 "at least 1 honest node" protocol of some kind. but they could still coerce everyone to change the fraud proof handling stuff because the costs of setting up an alternative set of supernodes is very high. maybe you could steal back their fees/income and give it to the one honest node as a result. | 11:10 |
-!- adam3us [~Adium@172.56.18.132] has joined #bitcoin-wizards | 11:11 | |
-!- hearn [~mike@84-75-197-78.dclient.hispeed.ch] has left #bitcoin-wizards ["Textual IRC Client: www.textualapp.com"] | 11:12 | |
-!- rubensayshi [~ruben@91.206.81.13] has quit [Remote host closed the connection] | 11:13 | |
-!- jtimon [~quassel@md42736d0.tmodns.net] has quit [Ping timeout: 264 seconds] | 11:16 | |
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 11:17 | |
gmaxwell | The attacker could just paritition you from the 1-of-. All the fraud proof oriented approaches are very censorship vulnerable :(. The biggest weakness there, and I can't even say its purely additive, because of the supernode cost issues. | 11:18 |
-!- nwilcox [~nwilcox@50-0-142-211.dsl.dynamic.fusionbroadband.com] has quit [Quit: leaving] | 11:18 | |
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has joined #bitcoin-wizards | 11:19 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards | 11:19 | |
kanzure | contigency plans for what to do about extremely costly supernodes would be a nice thing to have, like maybe instead of degradation of transactions/sec you can get degradation of some other property as you bootstrap again below that supernode costliness threshold. | 11:31 |
-!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards | 11:34 | |
kanzure | wait how does the partioning work? i was thinking of a 1-of-10,000 multisig party. | 11:34 |
gmaxwell | 08:54 < nwilcox> So would it be possible to replace pubkey / script hashes with a shorter bit string, provided we require anyone who needs to verify those hashes must also maintain context from the blockchain history? | 11:34 |
gmaxwell | You can, yes, of course you're exposed to attack under reorg and by miners; and-- you end up with forever growing random access data to deal with. | 11:34 |
-!- BigBitz [~bigbitz@unaffiliated/bigbitz] has quit [Quit: This should never appear!] | 11:35 | |
gmaxwell | kanzure: your security assumption is that at least 1 of 1000 is honest. Right? That means up to 999 are dishonest. A dishonest party signs, and a sybil attack prevents communication from the honest party. | 11:36 |
gmaxwell | So you get a no-fraud signature, and you're denied access to the wait-theres-fraud signature. | 11:36 |
kanzure | m-of-m but yes i see your point for 1-of-m (which is obvious) | 11:37 |
gmaxwell | now, if you said 1000-of-1000 you'd have it, but there is an obvious reliablity issue there. | 11:37 |
kanzure | i was referring to 1-of-m as in 1 has to be honest, but you're right that when saying x-of-y it's usually talking about the threshold to be considered valid, whoops | 11:38 |
gmaxwell | You could relax e.g. to a 990 of 1000 to have some redundancy, and perhaps thats more reasonable. | 11:38 |
kanzure | also you have backlog in pm to review | 11:38 |
gmaxwell | okay makes more sense. | 11:38 |
kanzure | but yeah the other issues you have brought up are also troubling | 11:38 |
kanzure | once you have a sufficiently high supernode cost, there's really no hope for rebooting the network | 11:39 |
kanzure | but this might be true for all possible systems :-) | 11:40 |
-!- smk [9e557647@gateway/web/freenode/ip.158.85.118.71] has joined #bitcoin-wizards | 11:42 | |
-!- gill3s [~gill3s@pat35-3-82-245-143-153.fbx.proxad.net] has joined #bitcoin-wizards | 11:43 | |
-!- zooko [~user@c-73-14-172-248.hsd1.co.comcast.net] has quit [Ping timeout: 244 seconds] | 11:44 | |
-!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards | 11:48 | |
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has quit [Read error: Connection reset by peer] | 11:49 | |
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has joined #bitcoin-wizards | 11:51 | |
-!- Dizzle_ [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards | 11:55 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Disconnected by services] | 11:55 | |
-!- Dizzle_ is now known as Dizzle | 11:55 | |
-!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 11:56 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Read error: Connection reset by peer] | 12:01 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards | 12:01 | |
-!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Ping timeout: 264 seconds] | 12:01 | |
-!- hazirafel [~ufoinc@31.154.92.14] has joined #bitcoin-wizards | 12:03 | |
-!- eudoxia_ [~eudoxia@r167-57-95-52.dialup.adsl.anteldata.net.uy] has joined #bitcoin-wizards | 12:11 | |
-!- eudoxia_ [~eudoxia@r167-57-95-52.dialup.adsl.anteldata.net.uy] has quit [Remote host closed the connection] | 12:11 | |
gmaxwell | https://twitter.com/ChristopherA/status/638425326528233472 | 12:14 |
gmaxwell | We've been building some interest outside of the bitcoin ecosystem on script-as-a-digital-signature-system | 12:14 |
gmaxwell | I wish we were further along with script replacement stuff. :( | 12:14 |
-!- eudoxia [~eudoxia@r167-56-47-234.dialup.adsl.anteldata.net.uy] has quit [Ping timeout: 250 seconds] | 12:15 | |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards | 12:15 | |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Ping timeout: 240 seconds] | 12:16 | |
-!- nwilcox [~nwilcox@24.130.26.146] has joined #bitcoin-wizards | 12:17 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 12:18 | |
aj | gmaxwell: "script replacement stuff" ? more info pls? :) | 12:18 |
gmaxwell | aj: There are several lines of long term development related to an improved replacement for Bitcoin script incorporating several of the powerful observations we've made in the last couple years. | 12:19 |
aj | gmaxwell: are there threads / white papers / ... about it that i could read? | 12:20 |
gmaxwell | scattered, and no awesome overviews right now. | 12:20 |
gmaxwell | The most important being the fundimenal difference between computation and verification. For example, division is expensive to perform. But if I asked you to verify a transcript of a program that divided you could still do so even if you were unable to divide yourself: You can take the answer and _multiply_ (which is cheap) and then check that the result agreed with the inputs. Turns out that | 12:21 |
gmaxwell | this thinking has deep implications. | 12:21 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 12:22 | |
aj | gmaxwell: sounds like verifying a proof versus constructing one, too | 12:22 |
kanzure | .tw https://twitter.com/ChristopherA/status/638425326528233472 | 12:22 |
yoleaux | Och, A cannae finde nae tweet | 12:22 |
nsh | 'Imagine a cert that embeds its own validation & revocation scripts, using a language like #Bitcoin transaction code. Interested? @pwuille?' | 12:23 |
gmaxwell | One way this thinking applies is what P2SH does-- the program comes with the signature, and the pubkey only commits to it. This can be applied recursively in a powerful way. Imagine your program as a tree that branches for every OR condition. Now build a hashtree over the program code. When you spend, you need only reveal the segments you actually executed, not the whole program. | 12:23 |
gmaxwell | We call that MAST: merkelized abstract syntax tree. | 12:23 |
kanzure | isn't this the MAST/MTUT thing. | 12:23 |
kanzure | yes ok. | 12:23 |
kanzure | also i think the spelling needs to be figured out because i saw merklized abstract syntax tree and merkleized and merkelized when i was reading most -wizards logs recently | 12:24 |
gmaxwell | I misspell all the things. | 12:24 |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has joined #bitcoin-wizards | 12:24 | |
kanzure | here is an okay conversation about that particular mast concept: http://diyhpl.us/~bryan/papers2/bitcoin/wizards/2014-01-15.txt | 12:24 |
aj | kanzure: "merkled" ? "merky" (murky) ? :) | 12:25 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 12:25 | |
gmaxwell | At an extreme you can get some incredible compression for two party contracts; e.g. make your script {2 of 2 multisig} OR {complex contract}. And so long as everyone cooperates, the network never sees the complex contract. | 12:25 |
kanzure | aj: no :-) | 12:25 |
nsh | (it's merkleized or Merkle-ized [s#z#s# as appropriate]) | 12:25 |
aj | kanzure: aww come on, it's perfect! it's murky because you never see the whole thing! | 12:26 |
gmaxwell | Another thing we've learned, is that any sensible multi-condition authorization scheme at the top level is a monotone boolean function. For example, it is not sensible to have a policy which says Alice && Bob && !Carol since carol could always just choose not to sign (or have her signature stripped). | 12:26 |
nsh | (which neatly corresponds to the kind of access structures you can achieve with certain types of group signature) | 12:27 |
nsh | (not that this does bitcoin any good, directly) | 12:27 |
gmaxwell | Monotone boolean functions are those functions that can be constructed exclusively with AND and OR gates (or, equally, with threshold gates). They have a useful property that they are trivally composable. E.g. you can take an AND or an OR of two sensible policies and you get a sensible policy, or you can put a sensible policy as any leaf in another sensible policy and get another one. | 12:28 |
gmaxwell | They also have the property that you can sign 'your part' of a monotone function without understanding any of the rest. E.g. they're cumulative. | 12:28 |
kanzure | also here are some other times that merkleized abstract syntax trees have come up: https://bitcointalk.org/index.php?topic=369605.0 and https://bitcointalk.org/index.php?topic=255145.msg2757327#msg2757327 and https://bitcointalk.org/index.php?topic=253385.0 and http://diyhpl.us/~bryan/papers2/bitcoin/wizards/2014-01-15.txt and | 12:29 |
kanzure | whoops last and is a fake | 12:29 |
nsh | cf. https://github.com/JeremyRubin/MAST/blob/master/paper/paper.pdf | 12:30 |
gmaxwell | So there has been a fair amount of discussion talking about the space of monotone functions, efficient encodings for them, etc. As it seems like it would be sensible for any future script to have a monotone decison tree as a first class construct. | 12:30 |
* nsh nods | 12:31 | |
gmaxwell | There are other assorted bits of thinking which are relevant, e.g. we now know how to make any such system very soft-fork friendly. | 12:31 |
gmaxwell | OTOH, soft-fork-friendlyness has bad effects when script is used outside of a consensus system. | 12:32 |
gmaxwell | https://github.com/ElementsProject/elements/pull/49 < see comments there. | 12:32 |
gmaxwell | or at least potentially bad effects. | 12:33 |
gmaxwell | Part of the importance of handling it specifically. | 12:33 |
kanzure | would a sighash type fix this | 12:33 |
gmaxwell | kanzure: what I had proposed previously is that at the top level you have a monotone tree and at each leaf there is a condition and each condition begins with a rule specifier. An application could choose how it handles unknown specifiers. In a consensus system, you'd assume an unknown specifier is a soft-fork and silently accept. | 12:35 |
-!- smk [9e557647@gateway/web/freenode/ip.158.85.118.71] has left #bitcoin-wizards [] | 12:35 | |
gmaxwell | In other contexts you'd assume it was a future feature and you'd reject with a notice that the signature couldn't be understood. | 12:35 |
nsh | hmm | 12:36 |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 12:37 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 12:37 | |
kanzure | there was also a "P3SH" suggestion regarding merklized abstract syntax trees or OP_PARTIAL_MAST or OP_MAST or something: https://bitcointalk.org/index.php?topic=1106586.msg11773568#msg11773568 | 12:38 |
kanzure | OP_MAST_EVAL was https://bitcointalk.org/index.php?topic=255145.msg2757327#msg2757327 | 12:38 |
kanzure | OP_PARTIAL_MERKLE_ROOT was https://bitcointalk.org/index.php?topic=175639.0 | 12:39 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 12:39 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 12:40 | |
-!- sumah [~sum4h@50.248.81.66] has quit [Quit: Leaving] | 12:40 | |
kanzure | "This system would allow new opcodes to be added in a cleaner fashion. Nodes which don't understand the opcodes would just accept the script." | 12:42 |
-!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-icpehkfkhgxxhlxn] has joined #bitcoin-wizards | 12:42 | |
-!- drwin [~drwin@out-nat-33.jes.cz] has quit [] | 12:44 | |
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards | 12:45 | |
-!- fabianfabian [~fabianfab@5ED15F42.cm-7-2b.dynamic.ziggo.nl] has joined #bitcoin-wizards | 12:49 | |
-!- nullbyte [NSA@gateway/vpn/mullvad/x-pfwdhvcuaquketbq] has joined #bitcoin-wizards | 12:53 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 12:57 | |
-!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has quit [Read error: Connection timed out] | 12:58 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 13:01 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 13:04 | |
-!- drwin [~drwin@out-nat-33.jes.cz] has joined #bitcoin-wizards | 13:07 | |
-!- fabianfabian [~fabianfab@5ED15F42.cm-7-2b.dynamic.ziggo.nl] has quit [Read error: Connection reset by peer] | 13:09 | |
-!- droark [~droark@209-6-53-207.c3-0.smr-ubr1.sbo-smr.ma.cable.rcn.com] has quit [Quit: Later.] | 13:10 | |
-!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Remote host closed the connection] | 13:12 | |
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has joined #bitcoin-wizards | 13:13 | |
-!- zooko [~user@2601:281:8301:e87f:b8d1:78a1:ef0c:d34] has joined #bitcoin-wizards | 13:14 | |
-!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has joined #bitcoin-wizards | 13:19 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 13:21 | |
-!- gavinandresen [~gavin@unaffiliated/gavinandresen] has joined #bitcoin-wizards | 13:22 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 13:22 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 13:28 | |
-!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has joined #bitcoin-wizards | 13:32 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 13:35 | |
-!- adam3us [~Adium@172.56.18.132] has quit [Quit: Leaving.] | 13:36 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 13:38 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 13:38 | |
-!- digitalmagus [~digitalma@unaffiliated/digitalmagus] has quit [Ping timeout: 264 seconds] | 13:39 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 13:40 | |
-!- ginah [~nahnah@50.248.81.66] has joined #bitcoin-wizards | 13:42 | |
-!- nwilcox [~nwilcox@24.130.26.146] has quit [Quit: leaving] | 13:43 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 13:45 | |
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…] | 13:45 | |
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has quit [Ping timeout: 252 seconds] | 13:50 | |
-!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has joined #bitcoin-wizards | 13:52 | |
-!- Tiraspol [~Tiraspol3@unaffiliated/tiraspol] has joined #bitcoin-wizards | 13:53 | |
andytoshi | gmaxwell: great summary of "new script" thinking, i haven't seen all that written out at once before | 13:56 |
-!- roxtrongo [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 13:57 | |
-!- roxtrongo [~roxtrongo@179.8.168.101] has quit [Remote host closed the connection] | 13:57 | |
-!- gill3s [~gill3s@pat35-3-82-245-143-153.fbx.proxad.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 13:58 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 13:58 | |
-!- SwedFTP [~SwedFTP@unaffiliated/swedftp] has quit [Ping timeout: 260 seconds] | 13:59 | |
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards | 13:59 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 14:00 | |
-!- drwin [~drwin@out-nat-33.jes.cz] has quit [Ping timeout: 240 seconds] | 14:00 | |
-!- copumpkin [~copumpkin@unaffiliated/copumpkin] has joined #bitcoin-wizards | 14:01 | |
-!- SwedFTP [~SwedFTP@unaffiliated/swedftp] has joined #bitcoin-wizards | 14:02 | |
-!- AnoAnon [~AnoAnon@197.39.234.135] has joined #bitcoin-wizards | 14:02 | |
-!- AnoAnon [~AnoAnon@197.39.234.135] has quit [Max SendQ exceeded] | 14:02 | |
b-itcoinssg | What is the reasoning behind duplicating a leaf of an odd number merkle tree, instead of using the odd number leaf as a separate branch to build the merkle tree? | 14:03 |
gmaxwell | Your question is unclear to me. | 14:04 |
gmaxwell | The duplication bitcoin does is bad and creates a vulnerability, a second preimage attack. Something just needs to be padded there. Ideally it would be accomplished by something outside of the domain of the input. | 14:05 |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has quit [Quit: Ex-Chat] | 14:06 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 14:09 | |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 14:09 | |
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has quit [Remote host closed the connection] | 14:09 | |
-!- melvster [~melvster@ip-86-49-18-198.net.upcbroadband.cz] has joined #bitcoin-wizards | 14:10 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 268 seconds] | 14:12 | |
gmaxwell | On the subject of the index of bitcoin ideas stuff... there is now enough material gathered that sorting through it is hard. I'm thinking about ranking criteria which we could use to sort the stuff. Implemented? Widely deployed? Well-defined/described? Feasable? Useful? what other largely orthorgonal characteristics could we use to rank the sorts of raw ideas that have poured out of our ext | 14:13 |
gmaxwell | ended community? | 14:13 |
-!- drwin [~drwin@out-nat-33.jes.cz] has joined #bitcoin-wizards | 14:16 | |
kanzure | use nasa technology readiness levels http://esto.nasa.gov/files/trl_definitions.pdf | 14:18 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 14:19 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 14:20 | |
gmaxwell | very nice. | 14:21 |
gmaxwell | Feasability is a bit orthorgonal though, e.g. there are ideas which I'm pretty sure actually don't work... but they are still interesting because they pose a problem which might be worth solving. | 14:22 |
gmaxwell | Or like all these proposals to fix value under signature with hardforks. I think thats boneheaded. :) but it only takes a few seconds of thought to go "oh yea, you can do the same thing with a softfork". | 14:23 |
gmaxwell | (well not just a hardfork but a total halt-all-transactions flag-day) | 14:23 |
gmaxwell | Really need better language than hard/soft forks, e.g. distinguishing details like must-upgrade-all-systems-at-once which traditionally had meant hardfork, but right now the recent blocksize stuff has made people think of hardforks incorrectly because the BIP101 proposed hardfork is a very unusual one. | 14:24 |
-!- nwilcox [~nwilcox@c-73-202-109-21.hsd1.ca.comcast.net] has joined #bitcoin-wizards | 14:25 | |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] | 14:25 | |
-!- user7779078 [~user77790@2a00:c98:2020:a003:21::2e] has joined #bitcoin-wizards | 14:26 | |
kanzure | perhaps it should be judged by idea bus factor | 14:28 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 14:30 | |
zooko | gmaxwell: +1 The terminology of "hard/soft fork" is a big impediment to my own thinking and to others I try to communicate with. | 14:31 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 14:31 | |
gmaxwell | zooko: its an improvement over not having that distinction at all... but the terms arose organically, and without any real intent. | 14:32 |
gmaxwell | Hard fork was created to distinguish ordinary network forking from an unrecoverable difference in rules. | 14:32 |
gmaxwell | And then soft fork came about later to distinguish the changes that were only one-way hard-forks. | 14:33 |
kanzure | hmm i wonder if there's any cryptography stuff in the soviet patent system http://patentdb.su/ | 14:33 |
tromp_ | hi, zooko | 14:35 |
-!- ASTP001 [~ASTP001@50-78-139-78-static.hfc.comcastbusiness.net] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] | 14:35 | |
zooko | Hiya tromp! | 14:37 |
tromp_ | how's zerocash implementation coming along? | 14:38 |
zooko | We're finally making forward progress! Also, apparently the way publicity works, I have to avoid talking about it in forums where other people, especially journalists, could hear, if I want to get lots of publicity later from other journalists. :-/ | 14:38 |
zooko | I'm still working out that part. | 14:38 |
zooko | But fuck it, I'm going to answer your question right now and hopefully not regret it. | 14:39 |
zooko | So, we got cash in the bank, allowing us to hire another engineer, and so stop worrying about starving to death, and since then (which is quite recent), | 14:39 |
zooko | we're doing a bunch of boring engineering work like build system, unit tests, etc. | 14:39 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 14:39 | |
zooko | My current priority is figuring out how to navigate this publicity stuff so that we can be all out in the open from there forward. | 14:40 |
zooko | Thanks for asking! | 14:40 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 14:40 | |
tromp_ | i ask because a while ago, you mentioned a possible testnet launch in august | 14:41 |
zooko | :-( My calendar has an old faded scratch on it that says "Launch Test Net" on | 14:41 |
zooko | Mon Aug 31. :-( | 14:42 |
tromp_ | of course i know such ETAs just mean " guaranteed not to happen before ..." | 14:42 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 14:42 | |
zooko | We don't ... Heh heh heh. | 14:42 |
zooko | I think the actual software is *almost* actually runnable for that purpose, but I'm blocked on my confusion about how to do PR. | 14:42 |
zooko | I also tried to hire a PR expert to help me with that, and then I was blocked on my confusion about how to hire PR experts. | 14:42 |
zooko | So I gave up on that and went back to working on it myself. | 14:42 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 14:43 | |
zooko | "it" -> arranging PR, talking to journalists, etc. | 14:43 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 14:43 | |
tromp_ | btw, i recently got access to a beefy nVidia GPU card and completed my cuda miner for Cuckoo Cycle | 14:44 |
zooko | Oh, interesting! | 14:44 |
zooko | Are any altcoins deploying Cuckoo PoW yet? | 14:44 |
tromp_ | turns out performance matches a 4-core hyperthreaded Core i7 | 14:44 |
zooko | Cool data point! | 14:45 |
MRL-Relay | [othe] on what card model tromp? | 14:45 |
tromp_ | GTX 980 | 14:45 |
tromp_ | optimum #threads was 512 | 14:45 |
MRL-Relay | [othe] pretty much like cryptonight | 14:45 |
zooko | What' | 14:45 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 14:45 | |
zooko | s cryptonight? | 14:45 |
tromp_ | no, still not deployed, zooko | 14:45 |
MRL-Relay | [othe] zooko, the pow used in monero | 14:46 |
tromp_ | perhaps more interesting, the GPU only spends 15% of runtime computing | 14:46 |
* zooko looks at https://en.wikipedia.org/wiki/CryptoNote#Egalitarian_proof_of_work | 14:46 | |
tromp_ | tromp the rest being waiting for global memory accesses | 14:46 |
MRL-Relay | [othe] its better documented in the source https://github.com/monero-project/bitmonero/blob/master/src/crypto/slow-hash.c | 14:47 |
zooko | tromp: *nod* | 14:47 |
zooko | Thanks, othe. | 14:47 |
MRL-Relay | [othe] i guess that gives you a good hash/watt ratio for gpus | 14:47 |
tromp_ | which means i don't have to worry too much about not having optimized the computational aspects:) | 14:47 |
zooko | tromp: *nod* | 14:48 |
zooko | Nice commenting. | 14:49 |
tromp_ | what is performance advantage of GTX 980 over i7 with cryptonight, othe? | 14:49 |
zooko | In https://github.com/monero-project/bitmonero/blob/master/src/crypto/slow-hash.c | 14:49 |
MRL-Relay | [othe] the hash to watt ratio is around 2x better than for a cpu | 14:49 |
MRL-Relay | [othe] for AMD cards, nvidia cards are slower | 14:50 |
tromp_ | no, in absolute terms, disregarding watts | 14:50 |
MRL-Relay | [othe] due to some slower memory it seems | 14:50 |
MRL-Relay | [othe] hash to watt is the only thing that counts | 14:50 |
MRL-Relay | [othe] a highend amd card does 2x the speed of an i7 | 14:50 |
gmaxwell | I think the monero stuff is a regretfully bad example of POW stuff, in particular, the performance is so horriffic that its almost always a smoking out DOS attack. :( Also, a lot of the design seemed to have been motivated by an effort to unethically obfscuate it. (old history, sure, but its baggage on the design) | 14:50 |
gmaxwell | s/smoking out/smoking hot/ | 14:51 |
tromp_ | i have no idea how much power the GTX980 uses when running cuckoo | 14:51 |
gmaxwell | I have no clue about current GPUs, but I know on older ones memory was a lot of the power usage. I significantly improved my bitcoin farm's H/j by downclocking the memory to the point that the cards would crash if a display was attached. :) | 14:53 |
tromp_ | presumably the core i7 is at least twice as efficient in hash/watt | 14:53 |
smooth | gmaxwell: The performance isn't really that bad. Before it was properly optimized it was something like one second per hash which is obviously terrible. But now at <20ms/hash on one core, it's not. If you are going to get banned by sending bad hashes and you have to rely on botnets all over the place you will have trouble connecting fast enough to max out CPU | 14:56 |
zooko | Interesting data points! Thanks gmaxwell and smooth. | 14:57 |
tromp_ | zooko, are you still going with catena for pow? | 14:57 |
zooko | No, probably the Password Hashing Competition's winner, which is a (variant of) Argon2. | 14:58 |
gmaxwell | smooth: for example, the privacy of the system is critically dependant on hiding yourself from network observers.. so you'd want to run over tor... but the banning as a fix to dealing with garbage doesn't work without expensive 'identities' for peers. :( | 14:58 |
zooko | There's one open question in my mind about efficiency of verification, which I *think* can be fixed with a Merkle Tree and the verifier verifying a subset of the proofs... | 14:58 |
zooko | But I'm not sure, hence the "open question" part... | 14:59 |
tromp_ | you'll also have the challenge of needing to provide optimized gpu argon2 miners for a "fair" launch | 14:59 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 15:00 | |
smooth | gmaxwell: i doubt that DoS is fixable without some kind of identities. If you dont get hit with CPU burning you will still get your network connection flooded. | 15:00 |
-!- Quanttek [~quassel@2a02:8108:73f:f6e4:e23f:49ff:fe47:9364] has quit [Ping timeout: 256 seconds] | 15:00 | |
gmaxwell | smooth: I say this not to be negative about monero, it's a problem for bitcoin too... but just much worse for monero since the native POW is so costly to verify. Also, doesn't the 20ms number need hardware AES support? | 15:00 |
gmaxwell | smooth: on networks like tor you can use POW to prevent network flooding too. | 15:00 |
zooko | tromp: Hm. | 15:00 |
smooth | gmaxwell: yes with hardware AES, but even without its is much better than before, around 100ms i think. | 15:01 |
MRL-Relay | [othe] "fair" launch can only be archived when you emission the coins on some kind of better curve, like a few months dont emission a lot of coins at all, else some chinese gpu farm will just grab them all anyway and i doubt thats more "fair" | 15:01 |
gmaxwell | smooth: okay the number in my mind (which I thought was the unoptimized case) was 7 hashes per second. | 15:01 |
smooth | and increasingly little hardware lacks AES hardware | 15:01 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 15:01 | |
gmaxwell | smooth: it's off by default in virtually every motherboard I've touched because of psycho export restriction cargo culting! :( | 15:01 |
zooko | gmaxwell: haha! really!? | 15:02 |
zooko | Wow. | 15:02 |
smooth | gmaxwell: interesting, i haven't seen that (turned off by default). i did notice the BIOS option showing up though | 15:02 |
gmaxwell | Just informal expirence, but at least both supermicro and asus (I think?) ship with it off by default in the bios. | 15:02 |
MRL-Relay | [othe] not for consumer boards? | 15:02 |
gmaxwell | Just got a MB-X10DA-I-O-P that shipped with it off. | 15:03 |
MRL-Relay | [othe] i run a bunch of asus boards, tho the ones sold in europe where are less weird crypto laws. all of them have aesni on by default | 15:03 |
-!- Dizzle [~Dizzle@104-6-36-162.lightspeed.austtx.sbcglobal.net] has quit [Quit: Leaving...] | 15:03 | |
gmaxwell | (a dual 2011v3 board) | 15:03 |
smooth | i agree with what othe said about launch. slowly ramp up the rewards over some time period that is reasnoable for people to deploy and optimize | 15:03 |
tromp_ | zooko, have you considered using multiple pows, like myriad? | 15:03 |
MRL-Relay | [othe] multiple pow sound more like adding multiple points of failure | 15:04 |
zooko | tromp: we have. | 15:04 |
zooko | tromp: Myriad-like things went into the bucket of potentially good ideas that we don't have enough teeth to chew. | 15:04 |
zooko | That's a big bucket. | 15:04 |
tromp_ | othe: it's not. when a system is secured by 50% pow1 and 50% pow2, it cannot be attacked by just getting tons of pow1 hashing power | 15:05 |
zooko | othe: there's a proposal for multi-PoW, named Myriad, which makes it so it only goes south if they *all* fail. | 15:05 |
zooko | It's a really neat idea. | 15:05 |
tromp_ | the simplest attack wld be to duplicate both the existing pow1 and pow2 hashing power | 15:05 |
MRL-Relay | [othe] because botnets care about that? | 15:05 |
zooko | smooth: Hm. Interesting. | 15:05 |
smooth | zooko: i think i first heard it from gmaxwell, to be fair | 15:06 |
MRL-Relay | [othe] if you dont want your coin attacked use something were its *easy* to get a asic miner out, prolly sth like blake if u dont want to use sha | 15:06 |
zooko | smooth: I think it is safe to assume that all interesting novel cryptocurrency ideas were earlier proposed by gmaxwell. | 15:06 |
smooth | zooko: haha, nice | 15:06 |
smooth | tromp_: 50/50 you can still be attacked fairly easily right, maybe 3-4 is better | 15:08 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 15:08 | |
tromp_ | othe: except asic hashing power tends to get centralized, chinese gov can twist arm of serval of largest mining operations | 15:08 |
smooth | tbh so far we've seen all hashing power get fairly centralized | 15:09 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 15:09 | |
zooko | smooth: including XMR? | 15:09 |
smooth | zooko: well its hard to say, maybe its all one big botnet right? | 15:09 |
zooko | What's the distribution of LTC mining like? | 15:09 |
tromp_ | smooth: i think 2 is optimal. make one pow compute bound, and one memory bound | 15:10 |
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 265 seconds] | 15:10 | |
tromp_ | smooth with 3 or 4 attacker can ignore 1 or 2 | 15:10 |
smooth | in theory (in practice hard to say): cpu->botnets, gpu->big GPU farms, ASIC->manufactuers | 15:10 |
tromp_ | sorry, i mean ignore just 1 | 15:11 |
smooth | tromp_: but im thinking with 2 if you crack one hard then you get that, plus a small fraction of the other one and you're there | 15:11 |
zooko | smooth: what are the most valuable examples of CPU-oriented PoW coins? | 15:11 |
smooth | zooko: im pretty sure monero is the most valuable one | 15:11 |
-!- trippysalmon [rob@2001:984:6466:0:acb0:1d6:1cb1:2149] has quit [Ping timeout: 250 seconds] | 15:11 | |
zooko | Looking at http://coinmarketcap.com/ ... I don't know which ones have CPU-oriented PoW. | 15:11 |
zooko | I know Ethereum has GPU-oriented. | 15:11 |
tromp_ | smooth: even if cracking means getting 4 times the existing hash power, yhou still need a significant fraction of the other | 15:12 |
smooth | if you think its really CPU oriented, which is kind of hard to say. could be GPUs or ... | 15:12 |
zooko | smooth: and is Monero mined by Botnets? | 15:12 |
zooko | According to http://coinmarketcap.com/ it has a market cap of only $4M. | 15:12 |
smooth | zooko: who knows really, its sort of the nature of mining that unless you have big public or semi-public operations like BTC its not transparent | 15:12 |
zooko | smooth: okay, thanks. | 15:13 |
smooth | zooko: filter non-mineable, monero is #9. bytecoin is phony, the rest are clearly not CPU | 15:14 |
-!- kmels [~kmels@186.64.110.122] has quit [Ping timeout: 252 seconds] | 15:14 | |
smooth | all above it ar esha, scrypt, x11 | 15:14 |
gmaxwell | tromp_: doesn't sound like an unreasonable intution there--- the "dozen functions" stuff to me mostly sounds like "we're going to shove costs into ASIC design NRE, thus assuring there is no competative market for mining hardware" | 15:14 |
smooth | also bytecoin has essentially no mining either | 15:14 |
tromp_ | coin magi is claimed to be gpu resistant. but i've also seen ppl claim it has private gpu miners | 15:15 |
smooth | magi has $26K market cap... | 15:15 |
tromp_ | the cuckoo cycle gpu code is embaressingly simple; basically two 10 line routines | 15:16 |
-!- c0rw|away is now known as c0rw1n | 15:16 | |
smooth | tromp_: haven't many of the mining "breakthroughs" like going GPu or ASIC or whaever been more tha 4x jumps? | 15:16 |
tromp_ | i'm a strong believer in avoiding complexity | 15:16 |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] | 15:17 | |
smooth | it would imagine a good protection of multi would be one getting REALLY cracked | 15:17 |
smooth | or algorithmic improvements for that matter, not just hardware | 15:17 |
gmaxwell | I still think an under evaluated concern is how much advantage is actually needed to screw things up. | 15:18 |
gmaxwell | In the limit, mining runs at break even, small advantages are huge differences in profit. It may well be the case that a 10% efficiency difference (or whatever) pushes everyone less efficient out. | 15:19 |
smooth | maybe none :( | 15:19 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 15:19 | |
gmaxwell | And so all these things that hope to prevent 10x-100x differences from specialized hardware are actually inadequate. | 15:19 |
smooth | i mean none inherent in the algorithm. in the real world someone always has an advantage, which is not really encouraging | 15:19 |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 15:20 | |
gmaxwell | right but do people have massively unequal access to advantage? | 15:20 |
gmaxwell | some kinds of advantage are useful... e.g. free power that doesn't scale. | 15:20 |
tromp_ | gmaxwell: another extreme is millions of ppl willing to mine at a loss as in a lottery, makling commercial mining impossible | 15:21 |
gmaxwell | locations that need the waste heat anyways, but again, there is only so much low grade heat anyone needs. | 15:21 |
smooth | maybe we can say that someone always has a scalable advantage. i dont know if that is true, but it seems it very well might be | 15:21 |
tromp_ | which is more likely if e.g. phones can mine overnight with moderate efficiency | 15:22 |
-!- davec [~davec@cpe-24-243-251-52.hot.res.rr.com] has quit [Read error: Connection reset by peer] | 15:22 | |
gmaxwell | tromp_: yea, surprisingly (to me) that hasn't worked _at all_ in bitcoin. It's extremely frustrating, several times I've seen people in one breath talk about mining at the biggest possible pool for low variance and the next they talk about spending their mining income at a negative expectation gambling 'dice' site. | 15:22 |
gmaxwell | smooth: there are disadvantages of scale too. Esp in heat removal... optimal heat removal efficiency wants the lowest density possible. | 15:23 |
smooth | someone even tried to sell a "lottery machine" miner. went nowhere | 15:23 |
tromp_ | gmaxwell wonderful example of completely irrational behaviour | 15:23 |
smooth | gmaxwell: yes but what im saying is that if you assing to each actor a number indicating the degree of useful scalability (after netting out waste heat, etc.) it is not clear that someone isn't the absolute winner | 15:23 |
smooth | *assign to | 15:24 |
kanzure | hmm in treechains i really like the "parent blockchain sets the difficulty" because this fixes a lot of child chain difficulty retargeting attacks caused by large quantities of pow hashrate showing up and leaving | 15:24 |
gmaxwell | smooth: yes, someone is the 'winner' but some of the things I mention have upper limits.. many people have access to 'free' power (e.g. power paid for as part of a flat agreement), but can only draw a kilowatt or two. | 15:24 |
kanzure | ( looking at http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2014-March/004797.html ) | 15:25 |
-!- kmels [~kmels@186.64.110.122] has joined #bitcoin-wizards | 15:25 | |
smooth | gmaxwell: just saying it doesn't seem to have worked out that way. suggesting a model for maybe why not | 15:25 |
smooth | but also true the game is not over by any means | 15:25 |
gmaxwell | smooth: ah. Well in bitcoin space, because access to hardware has trumped energy cost at every point in time people were actually excited about getting involved. I don't think more is required than that. | 15:26 |
kanzure | does anyone have -wizards logs from 2014-03-01 to 2014-10-01? | 15:26 |
gmaxwell | I can point to several forum threads where people are calling me unkind names when I suggest energy efficiency as even a consideration! | 15:26 |
kanzure | gmaxwell: bah just wait until they start calling you a bioterrorist. i get that one a lot. | 15:26 |
kanzure | i was going to look up treechain stuff in -wizards logs but i am missing multiple months in my log archive :-( | 15:27 |
-!- davec [~davec@cpe-24-243-251-52.hot.res.rr.com] has joined #bitcoin-wizards | 15:28 | |
kanzure | hmm wait no that doesn't help with difficulty retargeting attacks on child chains.... something at n levels deep is 2^(n - c) more vulnerable to a somewhat successful miner from level (parent - c) | 15:32 |
kanzure | i guess you could just have 2^n more child blocks at those levels to make up for this -___- | 15:32 |
kanzure | er more child chains | 15:32 |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards | 15:34 | |
-!- hazirafel [~ufoinc@31.154.92.14] has quit [Ping timeout: 264 seconds] | 15:34 | |
kanzure | ((this makes it so that on average the likelihood of a large-enough attacker selecting any particular child treechain to attack is very low)) (but why didn't this hold for pow altcoin altchains in the past?) | 15:34 |
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Quit: :)] | 15:34 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 265 seconds] | 15:35 | |
smooth | kanzure: maybe im misunderstanding your point but how is it not true. most altcoins have not been attacked | 15:35 |
gmaxwell | ryanc's defcon presentation is up: https://www.reddit.com/r/Bitcoin/comments/3j55qo/xpost_def_con_23_ryan_castellucci_cracking/ | 15:36 |
smooth | there is certainly a degree of "why even bother to attack this one when there are 1000 other ones just like it" | 15:36 |
gmaxwell | One of the many reasons why 'it hasn't broken yet!' is nearly useless. | 15:37 |
gmaxwell | (also: when things do break the cryptocurrency industry doesn't tend to learn from the break) | 15:37 |
kanzure | why would miner fees be enough to convince someone to mine at the << 2 difficulty child treechain but not the << 1 difficulty child treechain | 15:38 |
-!- user7779078 [~user77790@2a00:c98:2020:a003:21::2e] has quit [Remote host closed the connection] | 15:38 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 15:40 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 15:41 | |
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has joined #bitcoin-wizards | 15:45 | |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 15:47 | |
zooko | tromp: how much memory does your high-end GPU have? | 15:50 |
kanzure | "By the way, I had some more replies to my original mailing list post. Some people think that what I am doing can be achieved with bigger block sizes and with SPV nodes, but this is not true. One of the main advantages of this tree structure of subchains is that you can constrain your wallet to just one path of subchains, so you can download all the full blocks on each of these chains and be sure that you have the status of all the ... | 15:50 |
kanzure | ... UTXOs corresponding to your wallet. In simpler words, it lets you be sure of your balance in a scalable (O(log n)) way. Same with the balance of others you wish to track (such as your government representatives). I read a bit about so-called "UTXO commitments" but I don't think they are as reliable and decentralized as this method, since you still need supernodes to feed you the merkle-tree proofs. Can someone answer this?" | 15:50 |
kanzure | from https://bitcointalk.org/index.php?topic=1083345.0 | 15:50 |
kanzure | "Actually, my scheme described above does not need merge-mined chains. As I mentioned, parent chains would get fees from child chain miners to put the hashes in, and (not sure if I said this) the fees can be in the form of outputs that are registered as spendable on the child chains only, so this would give the parent chain miners an incentive to be careful and validate as much as possible the transactions of the child chains." | 15:51 |
kanzure | "Still, in principle it would be a small matter for someone to lease and concentrate hashpower on one among thousands of chains and launch a 51% attack. So I also like your idea of a hierarchy of sidechains where lower chains handle smaller transactions, thus there is less incentive to waste time on a double-spending attack on a chain limited to micropayments." | 15:51 |
kanzure | hmmm i don't think anti-dos works like that :-) transaction value does not determine whether someone wants to ddos you | 15:52 |
kanzure | also it's not just double-spending that you have to defend against | 15:52 |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 272 seconds] | 15:52 | |
-!- ratbaneb_ [~ratbanebo@78-23-10-185.access.telenet.be] has quit [] | 15:59 | |
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has quit [Quit: Leaving] | 16:01 | |
-!- chmod755 [~chmod755@unaffiliated/chmod755] has joined #bitcoin-wizards | 16:04 | |
zooko | tromp: according to newegg (e.g. http://www.newegg.com/Product/Product.aspx?Item=N82E16814133611) it costs about $650 and has 6 GB RAM. | 16:06 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 16:06 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 16:08 | |
-!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-icpehkfkhgxxhlxn] has quit [Quit: Connection closed for inactivity] | 16:08 | |
-!- nwilcox [~nwilcox@c-73-202-109-21.hsd1.ca.comcast.net] has quit [Quit: leaving] | 16:09 | |
-!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has joined #bitcoin-wizards | 16:11 | |
* Luke-Jr ponders if there's any way to use idle GPU RAM for his system RAM :P | 16:13 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 16:14 | |
gmaxwell | GPU swap. :P | 16:14 |
zooko | Heh heh. | 16:20 |
aj | gmaxwell: "<gmaxwell> so it would be nice if I could throw that into a theorm prover and ask it "is there any way to satisify this script that doesn't provide sixX or sigY"" -- has there been any progress on that in the past couple years? | 16:20 |
zooko | tromp: what parameters of Cuckoo were you testing? | 16:20 |
gmaxwell | aj: Not really, though -- well so if the top level of the script is a montone function its _very_ easy to answer that question. | 16:20 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 16:21 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 16:22 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 264 seconds] | 16:24 | |
tromp_ | zooko i tried size 2^28 | 16:24 |
-!- afk11 [~afk11@unaffiliated/afk11] has quit [Remote host closed the connection] | 16:24 | |
tromp_ | the GPU only does the edge trimming; the cycle detection (which takes less than 2% of runtime) is still on cpu | 16:25 |
tromp_ | size 2^30 is roughly 4 times slower as expected | 16:25 |
zooko | So how much of the GPU's 6 GB of RAM did it use for the edge trimming? | 16:26 |
-!- c0rw1n is now known as c0rw|zZz | 16:27 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 16:29 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 16:30 | |
tromp_ | Using 16MB edge and 32MB node memory. | 16:32 |
tromp_ | in case of size 2^28 | 16:32 |
smooth | gmaxwell> GPU swap <= instructions! http://www.gentoo-wiki.info/TIP_Use_memory_on_video_card_as_swap#Preparing_the_kernel | 16:34 |
tromp_ | for size 2^32, that's of course Using 256MB edge and 512MB node memory. | 16:34 |
-!- jaekwon [~jaekwon@75-101-96-71.dsl.static.fusionbroadband.com] has quit [Remote host closed the connection] | 16:36 | |
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-ccbdrxfwnbtysgrm] has joined #bitcoin-wizards | 16:37 | |
-!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards | 16:38 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 16:40 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 16:41 | |
tromp_ | afk for dinner | 16:41 |
-!- DougieBot5000 [~DougieBot@unaffiliated/dougiebot5000] has joined #bitcoin-wizards | 16:41 | |
-!- nullbyte [NSA@gateway/vpn/mullvad/x-pfwdhvcuaquketbq] has quit [Read error: Connection reset by peer] | 16:50 | |
-!- adam3us [~Adium@172.56.19.127] has joined #bitcoin-wizards | 16:54 | |
kanzure | but really- my request for -wizards logs was genuine. early 2014 stuff is missing. and i don't know when the channel was actually started. i have some 2013 logs but not before. | 17:02 |
kanzure | whoops i mean mid 2014 stuff is missing | 17:02 |
zooko | tromp: so | 17:02 |
gmaxwell | andytoshi: ^ | 17:03 |
zooko | tromp: was the benchmark which rated your GTX 980 as about as good as an i7, was that running 8 parallel instances of Cuckoo on the GTX 980? | 17:03 |
kanzure | ah correction: i do have all 2014 logs, but not pre-2013 logs. | 17:03 |
kanzure | gmaxwell: it was andytoshi's logs from 2013 that i have. | 17:03 |
gmaxwell | oh well then you have the start | 17:03 |
gmaxwell | before then -wizards was #bitcoin-dev and private messages between myself and petertodd. | 17:03 |
kanzure | this is like scraping the bottom of a nice cream bowl | 17:03 |
kanzure | hm okay.. | 17:04 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 17:04 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 17:05 | |
-!- mengine [~mengine@251.92-221-142.customer.lyse.net] has quit [Ping timeout: 265 seconds] | 17:05 | |
-!- kmels [~kmels@186.64.110.122] has quit [Ping timeout: 244 seconds] | 17:07 | |
andytoshi | early 2014 i think i was not involved with bitcoin heavily, sorry | 17:08 |
andytoshi | but petertodd gave me some logs that i thought covered that era.. | 17:09 |
kanzure | yeah i was mistaken, sorry about that | 17:09 |
-!- jaekwon [~jaekwon@75.101.96.71] has joined #bitcoin-wizards | 17:09 | |
andytoshi | apparently not, just january | 17:09 |
andytoshi | oh, sorry, never mind, i was not reading all the scrollback | 17:10 |
kanzure | i have your logs 2013 to 2014-03-12, then i have my own logs from 2014-02-23 to now, and i had a logbot starting around 2014-10-19 and that's why i thought i was missing 2014-03-12 to 2014-10-19 | 17:10 |
andytoshi | excellent | 17:10 |
kanzure | log reading is going as planned | 17:10 |
kanzure | i definitely don't have old #bitcoin-dev logs... mine only go back to 2013-03-11 (surprise surprise). | 17:11 |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 17:11 | |
kanzure | i might have to limit the irc log reading to "interesting sections" defined by bursts of messages in a time period, because reading a 105 MB irc log file is not so easy. | 17:12 |
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving] | 17:15 | |
Luke-Jr | mine probably go back to 2011 Jan | 17:16 |
kanzure | i'll figure out a way to read ~50 million words of logs if you hand them over? | 17:16 |
Luke-Jr | do I have to? :P | 17:17 |
gmaxwell | careful that your IRC client doesn't log PMs in random channels. | 17:17 |
Luke-Jr | gmaxwell: it does :< | 17:17 |
Luke-Jr | only ones I send though | 17:17 |
Luke-Jr | (eg, via /msg) | 17:17 |
gmaxwell | right. | 17:17 |
gmaxwell | irssi does | 17:17 |
gmaxwell | sipa: that failure is because benchsign does not re-increase the buffer size in the loop. | 17:20 |
-!- zooko [~user@2601:281:8301:e87f:b8d1:78a1:ef0c:d34] has quit [Ping timeout: 246 seconds] | 17:20 | |
gmaxwell | this is something of an API footgun-- a downside of an inout argument-- that maybe we should call out... | 17:21 |
gmaxwell | an adequate fix is | 17:21 |
gmaxwell | - int siglen = 74; for (i = 0; i < 20000; i++) { | 17:21 |
gmaxwell | + int siglen = 74; | 17:21 |
gmaxwell | oh well assuming my irc client hadn't butchered that. :) | 17:21 |
gmaxwell | damnit wrong channel | 17:21 |
-!- AaronvanW [~ewout@unaffiliated/aaronvanw] has quit [Ping timeout: 246 seconds] | 17:25 | |
-!- mengine [~mengine@251.92-221-142.customer.lyse.net] has joined #bitcoin-wizards | 17:36 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 17:39 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 17:40 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 17:41 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 17:44 | |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 17:48 | |
kanzure | "A working implementation of fully homomorphic encryption" http://eurocrypt2010rump.cr.yp.to/9854ad3cab48983f7c2c5a2258e27717.pdf | 17:52 |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 240 seconds] | 17:52 | |
-!- alpalp [6836eb1c@gateway/web/cgi-irc/kiwiirc.com/ip.104.54.235.28] has joined #bitcoin-wizards | 17:55 | |
-!- stonecoldpat1 [~a9380004@janus-nat-128-240-225-56.ncl.ac.uk] has joined #bitcoin-wizards | 17:57 | |
-!- stonecoldpat [~a9380004@janus-nat-128-240-225-56.ncl.ac.uk] has quit [Ping timeout: 252 seconds] | 17:58 | |
-!- huseby [~huseby@unaffiliated/huseby] has quit [Ping timeout: 252 seconds] | 17:59 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards | 18:02 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 18:03 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 18:05 | |
-!- huseby [~huseby@unaffiliated/huseby] has joined #bitcoin-wizards | 18:06 | |
-!- adam3us [~Adium@172.56.19.127] has quit [Quit: Leaving.] | 18:07 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 18:21 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 18:22 | |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has left #bitcoin-wizards [] | 18:31 | |
-!- Dr-G [~Dr-G@x4d08d842.dyn.telefonica.de] has joined #bitcoin-wizards | 18:33 | |
-!- Dr-G [~Dr-G@x4d08d842.dyn.telefonica.de] has quit [Changing host] | 18:33 | |
-!- Dr-G [~Dr-G@unaffiliated/dr-g] has joined #bitcoin-wizards | 18:33 | |
-!- sparetire_ [~sparetire@unaffiliated/sparetire] has quit [Quit: sparetire_] | 18:33 | |
-!- airbreather [~airbreath@d149-67-99-43.nap.wideopenwest.com] has quit [Remote host closed the connection] | 18:36 | |
-!- Dr-G2 [~Dr-G@xd9bf72fc.dyn.telefonica.de] has quit [Ping timeout: 246 seconds] | 18:36 | |
-!- jaekwon [~jaekwon@75.101.96.71] has quit [Remote host closed the connection] | 18:38 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 18:40 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 18:42 | |
-!- King_Rex [~King_Rex@2600:1005:b11e:8cac:59f7:71ea:d6b9:5cef] has quit [Remote host closed the connection] | 18:46 | |
-!- King_Rex [~King_Rex@185.sub-70-193-67.myvzw.com] has joined #bitcoin-wizards | 18:47 | |
-!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has joined #bitcoin-wizards | 18:47 | |
-!- King_Rex [~King_Rex@185.sub-70-193-67.myvzw.com] has quit [Ping timeout: 246 seconds] | 18:51 | |
-!- belcher [~user@unaffiliated/belcher] has quit [Quit: Leaving] | 18:54 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 18:56 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 18:57 | |
-!- veleiro [~veleiro@fsf/member/veleiro] has quit [Read error: Connection reset by peer] | 19:01 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 19:02 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 19:03 | |
-!- tripleslash [~\\\@unaffiliated/imsaguy] has joined #bitcoin-wizards | 19:05 | |
-!- veleiro [~veleiro@fsf/member/veleiro] has joined #bitcoin-wizards | 19:05 | |
kanzure | in this proposal, transactions are automatically forced into sidechains or other chains https://bitcointalk.org/index.php?topic=12348.0 | 19:09 |
smooth | kanzure: interesting find | 19:11 |
smooth | I dont think this is correct really: "So to verify that a given transaction is valid, you'd have to have access to all the block chains" | 19:11 |
smooth | with a tree structure you could restrict transactions to only span one level up or down | 19:12 |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 19:13 | |
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards | 19:14 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 19:14 | |
gmaxwell | that post doesn't seem very useful to me? it looks like its saying they can never merge again if there is more than 1MB of data off to the side?! | 19:15 |
-!- btcdrak [uid52049@gateway/web/irccloud.com/x-ivmwjyzzmbarleix] has quit [Quit: Connection closed for inactivity] | 19:17 | |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 19:24 | |
-!- starsoccer [~starsocce@unaffiliated/starsoccer] has quit [Ping timeout: 244 seconds] | 19:24 | |
-!- starsoccer [~starsocce@ns372404.ip-94-23-252.eu] has joined #bitcoin-wizards | 19:26 | |
-!- starsoccer is now known as Guest99747 | 19:26 | |
-!- Guest99747 [~starsocce@ns372404.ip-94-23-252.eu] has quit [Changing host] | 19:27 | |
-!- Guest99747 [~starsocce@unaffiliated/starsoccer] has joined #bitcoin-wizards | 19:27 | |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 264 seconds] | 19:28 | |
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 260 seconds] | 19:32 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 19:39 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 19:42 | |
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Ping timeout: 244 seconds] | 19:46 | |
smooth | gmaxwell: i think by merge it means that one new block would have two parents, allowed if the sum the sizes of both parent chains was <1 MB for 1000 blocks | 19:51 |
smooth | maybe that means average or something, hard to say, and probably never thought out | 19:52 |
gmaxwell | not sure how to grade proposals like that on our list. Like.. I'm not sure what it means well enough to say anything about it. | 19:54 |
ryan-c | if anyone wants to see it, my defcon talk about breaking brainwallets is up on youtube https://youtu.be/foil0hzl4Pg | 19:59 |
gmaxwell | ryan-c you're about 5 hours behind me. :) | 20:00 |
ryan-c | gmaxwell: did you already post the link? | 20:01 |
gmaxwell | 15:39 < gmaxwell> ryanc's defcon presentation is up: https://www.reddit.com/r/Bitcoin/comments/3j55qo/xpost_def_con_23_ryan_castellucci_cracking/ | 20:02 |
ryan-c | ah, that did not match my grep | 20:02 |
-!- p15_ [~p15@209.234.248.40] has quit [Quit: Textual IRC Client: www.textualapp.com] | 20:03 | |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] | 20:05 | |
-!- CodeShark_ [~CodeShark@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 240 seconds] | 20:08 | |
-!- p15 [~p15@209.234.248.32] has joined #bitcoin-wizards | 20:11 | |
-!- p15 [~p15@209.234.248.32] has quit [Client Quit] | 20:11 | |
-!- p15 [~p15@32.248.234.209.client.dyn.strong-ap1.bringover.net] has joined #bitcoin-wizards | 20:12 | |
-!- Giszmo [~leo@pc-185-201-214-201.cm.vtr.net] has quit [Quit: Leaving.] | 20:15 | |
-!- [7] [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services] | 20:18 | |
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards | 20:18 | |
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has joined #bitcoin-wizards | 20:21 | |
-!- c-cex-yuriy [uid76808@gateway/web/irccloud.com/x-ccbdrxfwnbtysgrm] has quit [Quit: Connection closed for inactivity] | 20:22 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 20:37 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 20:38 | |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has joined #bitcoin-wizards | 20:38 | |
-!- Populus [~Populus@unaffiliated/populus] has quit [Remote host closed the connection] | 20:38 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 20:41 | |
-!- PRab [~chatzilla@2601:40a:8000:8f9b:99a5:26ec:a97e:cce5] has quit [Read error: Connection reset by peer] | 20:43 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 20:43 | |
kanzure | is there any chance of probabilistic payments + payment channels working? | 20:43 |
-!- PRab [~chatzilla@2601:40a:8000:8f9b:99a5:26ec:a97e:cce5] has joined #bitcoin-wizards | 20:44 | |
kanzure | also: | 20:44 |
kanzure | 20:32 <@gmaxwell> I argue a specific commitment structure where miners, armed with a succinct ZKP for NP statements, create blocks which provide only an update to the UTXO set, and a constant size proof that the new utxo set was an authorized modification according to some unspecified number of undisclosed transactions. | 20:44 |
kanzure | 20:33 <@gmaxwell> It's lovely, except for the current infeasability of running ECDSA verification in the prover unless we don't mind 12 hour blocks. :) | 20:44 |
kanzure | with payment channels already setup i don't think i'd mind 12 hour blocks | 20:44 |
kanzure | plus someone convinced rusty that channel setup can be (trustlessly) "subsidized" by hubs for users waiting to get utxos | 20:44 |
kanzure | also i think there was a proposal made somewhere "recently" about large multisig pools (using fancypants signature schemes) being onboarded on to lightning network, without causing utxo bloat? i don't know where i saw that. | 20:50 |
rusty | kanzure: hmm, I didn't see that... | 20:50 |
kanzure | well that's troubling, i was about to blame you for that one too | 20:50 |
kanzure | maybe aj | 20:51 |
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 256 seconds] | 20:54 | |
-!- CodeShark [~androirc@cpe-76-167-237-202.san.res.rr.com] has quit [Ping timeout: 250 seconds] | 20:55 | |
aj | it was not me, perhaps the one armed man? | 20:55 |
-!- dignork [~dignork@unaffiliated/dignork] has quit [Ping timeout: 244 seconds] | 20:56 | |
-!- larraboj [kax@heizenberg.ds.karen.hj.se] has quit [Ping timeout: 244 seconds] | 20:56 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 20:57 | |
-!- dignork [~dignork@unaffiliated/dignork] has joined #bitcoin-wizards | 20:58 | |
-!- larraboj [kax@heizenberg.ds.karen.hj.se] has joined #bitcoin-wizards | 20:58 | |
-!- shesek [~shesek@77.125.95.25] has joined #bitcoin-wizards | 20:59 | |
-!- shesek [~shesek@77.125.95.25] has quit [Read error: Connection reset by peer] | 20:59 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] | 21:01 | |
-!- p15_ [~p15@5.248.234.209.client.dyn.strong-ap1.bringover.net] has joined #bitcoin-wizards | 21:03 | |
-!- p15 [~p15@32.248.234.209.client.dyn.strong-ap1.bringover.net] has quit [Ping timeout: 244 seconds] | 21:04 | |
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards | 21:11 | |
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 256 seconds] | 21:15 | |
-!- moa [~kiwigb@opentransactions/dev/moa] has quit [Quit: Leaving.] | 21:16 | |
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards | 21:21 | |
kanzure | etotheipi proposal about a merkle tree based on addresses and unspents: https://bitcointalk.org/index.php?topic=52859.msg885838#msg885838 | 21:21 |
kanzure | but doesn't help with mining limits... | 21:22 |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has joined #bitcoin-wizards | 21:24 | |
gmaxwell | yea, the address stuff is just a huge additional cost and an incentivization for address reuse. | 21:25 |
-!- moa [~kiwigb@opentransactions/dev/moa] has joined #bitcoin-wizards | 21:25 | |
-!- roxtrong_ [~roxtrongo@179.8.168.101] has quit [Ping timeout: 268 seconds] | 21:29 | |
kanzure | "Sub-linear Zero-Knowledge Argument for Correctness of a Shuffle" https://bitcointalk.org/index.php?topic=96029.0 | 21:30 |
ryan-c | Can anyone come up with a good reason for me to not post the passwords for the brainwallets that were mass-created at the end of August 2013? | 21:34 |
kanzure | sergio lerner's mavepay paper https://bitslog.files.wordpress.com/2012/04/mavepay1.pdf | 21:35 |
ryan-c | (they are all empty and have trivial passwords) | 21:36 |
moa | ryan-c: bandwidth limitations? | 21:44 |
ryan-c | moa: Heh. It's only about half a meg compressed even with the addresses listed. | 21:45 |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 21:48 | |
kanzure | does anyone have "Asymmetric Co-Dependant Cipherblock Sidechain.pdf" from https://bitcointalk.org/index.php?topic=93848.0 ? | 21:48 |
ryan-c | eh, i'm just gonna post it | 21:53 |
gmaxwell | buzzwords.pdf | 21:53 |
-!- frankenmint [~frankenmi@71-222-57-192.ptld.qwest.net] has joined #bitcoin-wizards | 21:54 | |
ryan-c | lol | 21:54 |
ryan-c | https://rya.nc/aug_2013_brainwallets.txt | 21:58 |
ryan-c | hmm, someone has this channel piped to slack | 21:59 |
gmaxwell | ryan-c: is the Slack http fetcher still heatbleed vulnerable? | 22:08 |
ryan-c | gmaxwell: I don't know, but if it is that would be funny. | 22:09 |
ryan-c | I'll have to pcap a handshake for it at some point. | 22:09 |
-!- CodeShark [~androirc@108-90-230-162.lightspeed.sndgca.sbcglobal.net] has joined #bitcoin-wizards | 22:10 | |
ryan-c | gmaxwell: the other question is how well it does certificate verification :p | 22:10 |
gmaxwell | most things don't. | 22:11 |
gmaxwell | embedded https libraries are terrible about that. | 22:11 |
gmaxwell | http://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html | 22:11 |
ryan-c | After having done a few security evaluations, I assume https libs fuck up cert validation until they pass a test suite of shady certs | 22:12 |
ryan-c | and non-http protocols using tls are even worse... | 22:13 |
ryan-c | I found that $VENDOR who sells popular software for intranet wikis, ticketing, source control, etc had LDAPS support (which would be used for active directory in an enterprise environment) that didn't validate the server certificates. | 22:14 |
ryan-c | another vendor had a server management system (that ran as root) that would connect to a master config server and pull stuff down and execute it as root | 22:15 |
ryan-c | not only did it not validated https certificates, but if you blocked port 443 in the firewall it would fall back to using plain http with no additional integrity protection | 22:16 |
ryan-c | also it was written in perl and was obfuscated by encoding the sourcecode as whitespace | 22:16 |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has joined #bitcoin-wizards | 22:22 | |
gmaxwell | there have been a couple bitcoin webwallets that used websockets for all their communications and either didn't use the https version or would silently fall back if the https failed. :) not limited to custom non-browser apps. | 22:27 |
ryan-c | gmaxwell: wut? was there some time period where unencrypted websockets were allowed from https pages? | 22:28 |
gmaxwell | oh yea, I think only FF23 started to actually block that. | 22:31 |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 246 seconds] | 22:32 | |
-!- dEBRUYNE [~dEBRUYNE@56-197-ftth.onsbrabantnet.nl] has quit [Ping timeout: 244 seconds] | 22:36 | |
ryan-c | in retrospect, http javascript from https pages should never have been allowed | 22:37 |
gmaxwell | but advertisements! | 22:37 |
gmaxwell | would just be another reason to not deploy https at all. :( | 22:37 |
gmaxwell | now, ... https that looked entirely like HTTP and didn't display the lock icon, on any kind of mixed content would have been a boon. | 22:38 |
ryan-c | ad industry will probably be 99% https within a year | 22:38 |
ryan-c | yeah, it's a pity unauthenticated opportunistic crypto never really happened | 22:40 |
gmaxwell | I tried unsucessfully for a while to get firefox to artifically delay http loading so that it was never faster than https. Unsurprisingly this was not a popular idea. :) | 22:40 |
-!- kmels [~kmels@184.62.151.186.static.intelnet.net.gt] has quit [Ping timeout: 246 seconds] | 22:41 | |
ryan-c | heh | 22:42 |
ryan-c | chrome will, in some cases which i have not yet bothered to find the constraints of, predictively establish https sessions to servers | 22:44 |
ryan-c | it'll do the tcp connection and handshake, then sit there waiting to make the http request | 22:45 |
-!- GGuyZ [~GGuyZ@216-15-123-91.c3-0.sbo-ubr1.sbo.ma.cable.rcn.com] has quit [Quit: GGuyZ] | 22:47 | |
-!- b-itcoinssg [uid41629@gateway/web/irccloud.com/x-hxpokmcvmwyssggi] has joined #bitcoin-wizards | 22:50 | |
-!- Mably [~Mably@unaffiliated/mably] has joined #bitcoin-wizards | 22:55 | |
b-itcoinssg | gmaxwell: thanks 4 replying, let me clarify, why not use the strategy of building an unbalanced tree as prescribed below rather than the existing protocol? And if this is a better strategy, would it be a soft fork or a hard fork if implemented http://web.archive.org/web/20080316033726/http://www.open-content.net/specs/draft-jchapweske-thex-02.html | 23:02 |
-!- p15_ [~p15@5.248.234.209.client.dyn.strong-ap1.bringover.net] has quit [Ping timeout: 260 seconds] | 23:07 | |
-!- Mably [~Mably@unaffiliated/mably] has quit [Ping timeout: 240 seconds] | 23:10 | |
-!- p15 [~p15@111.193.191.229] has joined #bitcoin-wizards | 23:16 | |
-!- damethos [~damethos@unaffiliated/damethos] has joined #bitcoin-wizards | 23:21 | |
-!- badmofo [~badmofo@unaffiliated/badmofo] has joined #bitcoin-wizards | 23:22 | |
-!- p15_ [~p15@123.118.88.244] has joined #bitcoin-wizards | 23:24 | |
-!- p15x [~p15x@111.193.191.229] has quit [Ping timeout: 265 seconds] | 23:24 | |
-!- p15 [~p15@111.193.191.229] has quit [Ping timeout: 250 seconds] | 23:25 | |
-!- p15_ [~p15@123.118.88.244] has quit [Max SendQ exceeded] | 23:27 | |
-!- p15 [~p15@209.234.248.26] has joined #bitcoin-wizards | 23:28 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 23:29 | |
-!- p15x [~p15x@123.118.88.244] has joined #bitcoin-wizards | 23:32 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam] | 23:39 | |
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has quit [Ping timeout: 264 seconds] | 23:40 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 23:40 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Client Quit] | 23:40 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards | 23:41 | |
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Client Quit] | 23:41 | |
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards | 23:43 | |
Eliel | gmaxwell: You don't happen to have a blog or some kind of a feed where you make a record of all the ideas you've come up with? | 23:44 |
-!- btcdrak [uid52049@gateway/web/irccloud.com/x-kjoryacxoksdlykg] has joined #bitcoin-wizards | 23:46 | |
gmaxwell | Eliel: No. I don't like blogs. :) | 23:48 |
Eliel | a shame, if you had one, it'd be a treasure trove. | 23:50 |
-!- bedeho [~bedeho@50-202-37-133-static.hfc.comcastbusiness.net] has joined #bitcoin-wizards | 23:56 | |
-!- jeremias [~jeremias@kangasbros.fi] has joined #bitcoin-wizards | 23:58 | |
--- Log closed Tue Sep 01 00:00:57 2015 |
Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!