2016-09-15.log

--- Log opened Thu Sep 15 00:00:54 2016
-!- lmatteis [uid3300@gateway/web/irccloud.com/x-fqsggbchikpviuem] has quit [Read error: Connection reset by peer]00:08
-!- jl2012 [uid133844@gateway/web/irccloud.com/x-jcmiqzzflvizwaoe] has quit [Ping timeout: 265 seconds]00:08
-!- lmatteis [uid3300@gateway/web/irccloud.com/x-fpiwfuhqariyqfxs] has joined #bitcoin-wizards00:09
-!- jl2012 [uid133844@gateway/web/irccloud.com/x-itusvovcfdzicgvj] has joined #bitcoin-wizards00:10
-!- btcdrak [uid165369@gateway/web/irccloud.com/x-mpgyffmrauxeavgv] has joined #bitcoin-wizards00:15
-!- btcdrak [uid165369@gateway/web/irccloud.com/x-mpgyffmrauxeavgv] has quit [Client Quit]00:16
-!- btcdrak [uid165369@gateway/web/irccloud.com/x-upchjwuqyoijfnjx] has joined #bitcoin-wizards00:17
-!- 1JTAA9IUE [~hashtagg_@cpe-174-97-254-80.ma.res.rr.com] has quit [Ping timeout: 250 seconds]00:19
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards00:20
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards00:22
-!- cdecker [~cdecker@184.68.38.206] has joined #bitcoin-wizards00:24
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 240 seconds]00:39
-!- snthsnth [~snthsnth@c-98-207-208-241.hsd1.ca.comcast.net] has quit [Ping timeout: 265 seconds]00:42
-!- bildramer1 [~bildramer@2001:0:5ef5:79fd:492:1e20:a237:51b5] has quit [Ping timeout: 248 seconds]00:55
-!- bildramer [~bildramer@p5DC8AE4A.dip0.t-ipconnect.de] has joined #bitcoin-wizards00:57
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards01:03
-!- cdecker [~cdecker@184.68.38.206] has quit [Ping timeout: 240 seconds]01:10
-!- nanasho [~nanashi@host-188-174-248-58.customer.m-online.net] has joined #bitcoin-wizards01:34
nanashoHello mates01:34
-!- mol [~molly@unaffiliated/molly] has joined #bitcoin-wizards01:48
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Ping timeout: 240 seconds]01:55
-!- gielbier [~gielbier@unaffiliated/gielbier] has joined #bitcoin-wizards01:55
-!- skang404 [~skang404@27.6.192.89] has joined #bitcoin-wizards02:07
-!- skang404 [~skang404@27.6.192.89] has quit [Ping timeout: 265 seconds]02:14
-!- jannes [~jannes@178.132.211.90] has joined #bitcoin-wizards02:41
-!- skang404 [~skang404@223.176.171.112] has joined #bitcoin-wizards03:04
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards03:08
-!- skang404 [~skang404@223.176.171.112] has quit [Ping timeout: 240 seconds]03:11
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Quit: laurentmt]03:13
-!- edvorg [~edvorg@14.169.89.229] has joined #bitcoin-wizards03:20
-!- Emcy_ [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards03:26
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 276 seconds]03:33
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards03:53
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards03:57
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Client Quit]03:58
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 265 seconds]04:15
-!- hashtag [~hashtagg_@cpe-174-97-254-80.ma.res.rr.com] has joined #bitcoin-wizards04:26
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: Leaving]04:30
-!- skang404 [~skang404@223.176.171.112] has joined #bitcoin-wizards04:32
-!- skang404 [~skang404@223.176.171.112] has quit [Ping timeout: 265 seconds]04:40
-!- skang404 [~skang404@27.6.192.89] has joined #bitcoin-wizards04:45
-!- skang404 [~skang404@27.6.192.89] has quit [Ping timeout: 260 seconds]04:53
-!- skang404 [~skang404@27.6.192.89] has joined #bitcoin-wizards05:05
-!- Guest29379 is now known as starsoccer05:09
-!- Giszmo [~leo@pc-40-227-45-190.cm.vtr.net] has joined #bitcoin-wizards05:11
-!- skang404 [~skang404@27.6.192.89] has quit [Ping timeout: 244 seconds]05:11
-!- paveljanik [~paveljani@79.98.72.216] has joined #bitcoin-wizards05:12
-!- paveljanik [~paveljani@79.98.72.216] has quit [Changing host]05:12
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards05:12
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards05:21
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Client Quit]05:21
-!- Cloudflare [~Cloudflar@unaffiliated/cloudflare] has quit [Quit: Bye]05:24
-!- mryandao [~mryandaoI@unaffiliated/mryandao] has quit [Quit: do not disturb. look busy...]05:24
-!- mryandao [~mryandaoI@45.32.191.82] has joined #bitcoin-wizards05:26
-!- Cloudflare [~Cloudflar@unaffiliated/cloudflare] has joined #bitcoin-wizards05:26
-!- pro [~pro@unaffiliated/pro] has joined #bitcoin-wizards05:31
-!- skang404 [~skang404@27.6.192.89] has joined #bitcoin-wizards05:32
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has joined #bitcoin-wizards05:35
-!- skang404 [~skang404@27.6.192.89] has quit [Ping timeout: 265 seconds]05:39
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards05:39
-!- Noldorin [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards05:45
-!- mryandao [~mryandaoI@45.32.191.82] has quit [Quit: do not disturb. look busy...]05:49
-!- Cloudflare [~Cloudflar@unaffiliated/cloudflare] has quit [Quit: Bye]05:49
-!- mryandao [~mryandaoI@45.32.191.82] has joined #bitcoin-wizards05:50
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 240 seconds]05:51
-!- Cloudflare [~Cloudflar@unaffiliated/cloudflare] has joined #bitcoin-wizards05:51
-!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Ping timeout: 265 seconds]05:53
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has joined #bitcoin-wizards05:54
-!- nikivi [~nikivi@wlan-200025.nbw.tue.nl] has joined #bitcoin-wizards06:06
-!- Noldorin [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards06:19
-!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Remote host closed the connection]06:21
-!- Noldorin [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards06:24
-!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Read error: Connection reset by peer]06:28
-!- copumpkin [~copumpkin@haskell/developer/copumpkin] has joined #bitcoin-wizards06:32
-!- Noldorin_ [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards06:38
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Ping timeout: 244 seconds]06:41
-!- e_0 [~e0@cs10-dhcp10.bu.edu] has quit [Ping timeout: 240 seconds]06:42
-!- nikivi [~nikivi@wlan-200025.nbw.tue.nl] has quit [Quit: irc]06:43
-!- Noldorin_ [~noldorin@unaffiliated/noldorin] has quit [Ping timeout: 248 seconds]06:43
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards06:47
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Client Quit]06:47
-!- nikivi [~nikivi@wlan-200025.nbw.tue.nl] has joined #bitcoin-wizards06:49
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has joined #bitcoin-wizards06:49
-!- cjd [~user@2c0f:f930:2:12::] has quit [Ping timeout: 248 seconds]06:55
-!- Burrito [~Burrito@unaffiliated/burrito] has joined #bitcoin-wizards07:11
-!- nikivi [~nikivi@wlan-200025.nbw.tue.nl] has quit [Quit: irc]07:12
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards07:22
-!- edvorg [~edvorg@14.169.89.229] has quit [Ping timeout: 250 seconds]07:23
-!- cjd [~user@2c0f:f930:2:12::] has joined #bitcoin-wizards07:27
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Quit: laurentmt]07:27
kinlo±.07:44
-!- nanasho [~nanashi@host-188-174-248-58.customer.m-online.net] has quit [Remote host closed the connection]07:46
-!- Starduster [~guest@unaffiliated/starduster] has joined #bitcoin-wizards07:51
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 240 seconds]08:02
-!- e4xit_ [~e4xit@cpc92302-cmbg19-2-0-cust1369.5-4.cable.virginm.net] has joined #bitcoin-wizards08:14
-!- e4xit [~e4xit@cpc92302-cmbg19-2-0-cust1369.5-4.cable.virginm.net] has quit [Ping timeout: 255 seconds]08:16
-!- e4xit_ is now known as e4xit08:16
-!- Kelticfox [Kelticfox@freenode/corporate-sponsor/privateinternetaccess.com/kelticfox] has joined #bitcoin-wizards08:17
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has joined #bitcoin-wizards08:17
kanzure"compact spv proofs" http://popeller.io/index.php/2016/09/15/compact-spv-proofs/08:25
-!- Kelticfox [Kelticfox@freenode/corporate-sponsor/privateinternetaccess.com/kelticfox] has left #bitcoin-wizards []08:25
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards08:36
bsm117532Cool.  amiller was working on something similar with "proofs of proofs of work"08:37
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Client Quit]08:41
-!- MoALTz [~no@78-11-247-26.static.ip.netia.com.pl] has joined #bitcoin-wizards08:45
-!- Noldorin_ [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards08:49
-!- mountaingoat [~mountaing@unaffiliated/mountaingoat] has quit [Ping timeout: 265 seconds]08:52
-!- Emcy_ [~MC@unaffiliated/mc1984] has quit [Read error: Connection reset by peer]08:55
-!- Noldorin_ [~noldorin@unaffiliated/noldorin] has quit [Ping timeout: 265 seconds]08:55
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards09:06
-!- mountaingoat [~mountaing@gateway/vpn/privateinternetaccess/mountaingoat] has joined #bitcoin-wizards09:06
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Client Quit]09:08
amillerthe author of this post isn't aware of http://fc16.ifca.ai/bitcoin/papers/KLS16.pdf which solves that problem09:16
bsm117532You should make that comment on his blog. ;-)09:17
-!- Emcy [~MC@213.107.7.236] has joined #bitcoin-wizards09:29
-!- Emcy [~MC@213.107.7.236] has quit [Changing host]09:30
-!- Emcy [~MC@unaffiliated/mc1984] has joined #bitcoin-wizards09:30
kanzure"The bumpy road towards iPhone 5c NAND mirroring" http://arxiv.org/abs/1609.0432709:31
kabaumThanks. I'm looking at the paper right now.09:33
kabaumThanks kanzure for pointing me here09:33
kanzureyep...09:33
-!- Aranjedeath [~Aranjedea@unaffiliated/aranjedeath] has joined #bitcoin-wizards09:38
-!- laurentmt [~Thunderbi@80.215.234.166] has joined #bitcoin-wizards09:40
-!- laurentmt [~Thunderbi@80.215.234.166] has quit [Client Quit]09:40
kabaumI mean the http://fc16.ifca.ai/bitcoin/papers/KLS16.pd paper. Just to avoid misunderstanding.09:43
-!- Noldorin_ [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards09:47
-!- TheSeven [~quassel@rockbox/developer/TheSeven] has quit [Disconnected by services]09:51
-!- [7] [~quassel@rockbox/developer/TheSeven] has joined #bitcoin-wizards09:51
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards09:56
-!- Noldorin_ is now known as Noldorin09:57
-!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 276 seconds]10:01
andytoshinote that while the sidechains whitepaper claims "1024 blocks becomes expected 10" (and by extension 420k blocks becomes 19), in my simulations, 420k blocks usually compresses to ~300 blocks (with huge variance)10:03
andytoshii don't have a good idea of why this is the case, the compressed chain does have the expected log-sized "1, 200k, 300k, 350k, 375k, ..." shape10:04
-!- jannes [~jannes@178.132.211.90] has quit [Quit: Leaving]10:04
andytoshibut there are a lot of straggling non-skip blocks near the end10:05
andytoshiso i think there is something wrong with the expected-length argument in the sidechains paper (though it appears the asymptotics are correct)10:08
bsm117532The number of blocks having hash values less than a certain value is an "order statistic": https://en.wikipedia.org/wiki/Order_statistic10:14
bsm117532The probability distribution therof is a Beta distribution.10:14
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 250 seconds]10:20
maakuandytoshi are you using an optimal path finding algorithm?10:24
maakuI would expect that the optimal paths do not take maximal jumps10:24
-!- echonaut1 [~echonaut@46.101.192.134] has quit [Remote host closed the connection]10:26
-!- echonaut [~echonaut@46.101.192.134] has joined #bitcoin-wizards10:27
-!- Giszmo [~leo@pc-40-227-45-190.cm.vtr.net] has quit [Ping timeout: 265 seconds]10:37
-!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards10:42
-!- Giszmo [~leo@pc-40-227-45-190.cm.vtr.net] has joined #bitcoin-wizards10:56
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards11:11
-!- Sleepnbum [Sleepnbum@72.67.47.196] has joined #bitcoin-wizards11:26
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards11:41
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 260 seconds]11:59
-!- cdecker [~cdecker@184.68.47.6] has joined #bitcoin-wizards12:00
andytoshimaaku: ah, i am not12:00
andytoshifor mimblewimble i think i can't because i need a consensus-defined skiplist where old links don't change based on new blocks .. but i think even in my earlier 2waypeg sims i was using pretty dumb pathfinding schemes12:01
-!- cdecker [~cdecker@184.68.47.6] has quit [Ping timeout: 240 seconds]12:08
-!- cdecker [~cdecker@184.68.47.6] has joined #bitcoin-wizards12:10
maakuoptimal solutions involve dynamic programming, which is not crazy complex, but not something I'd want in consensus code either12:25
maakubut there might be an incremental algorithm which is better than a greedy path to genesis12:26
maakuin fact I thought that's what you were going to do?12:26
andytoshimaybe. i'm not convinced because i don't want the validity of old blocks (i.e. what backlinks must exist) to be changeable by new blocks12:26
maakuif you have a current best path, and you find a new block and use that to only skip back to blocks on the current best path, that's NOT the same as a greedy algorithm12:27
andytoshioh! you're right12:27
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has joined #bitcoin-wizards12:32
andytoshiso i have simulation code that does this, it is giving me the high-variance-but-usually-around-300 results12:32
andytoshiinterestingly this is the same as what a remember getting from a greedy algo..12:33
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards12:33
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]12:39
-!- cdecker [~cdecker@184.68.47.6] has quit [Ping timeout: 276 seconds]12:45
-!- laurentmt [~Thunderbi@176.158.157.202] has joined #bitcoin-wizards12:49
-!- laurentmt [~Thunderbi@176.158.157.202] has quit [Client Quit]12:52
petertoddso I wrote a module for OpenTimestamps that timestamps files within git trees in a privacy preserving way: https://github.com/opentimestamps/python-opentimestamps/blob/master/opentimestamps/core/git.py12:54
petertoddI'm interested in feedback/peer review!12:55
petertoddit's used by the opentimestamps client: https://github.com/opentimestamps/opentimestamps-client12:55
petertoddwhich I blogged about earlier today: https://petertodd.org/2016/opentimestamps-announcement12:55
-!- MoALTz [~no@78-11-247-26.static.ip.netia.com.pl] has quit [Quit: Leaving]12:57
bsm117532That'12:58
bsm117532That's awesome.  Now we just need to sign our commits using keys exposed on the blockchain.12:58
bsm117532I really want a git integration that signs with secp256k1 keys...12:58
maakubsm117532: have you looked at monotone?12:59
bsm117532The RCS software?12:59
petertoddbsm117532: so long as by "exposed" you don't mean your secret keys :P13:04
bsm117532A developer can indicate a key he's going to use to sign a commit by indicating a spent txid.13:04
petertoddbsm117532: IIRC GnuPG is added secp256k1 support, so that'll likely be possible13:05
petertoddbsm117532: well, so what exactly are you trying to prove there?13:05
sipapetertodd: woah!13:05
bsm117532I'm saying that bitcoin can prove the integrity of bitcoin core by having developers sign code (in addition to your timestamps) -- and those keys should be on the blockchain instead of some flawed CA or web of trust.13:06
sipayou're confusing things13:06
petertoddsipa: note that there's actually *two* ways of signing git commits in OTS - the thing I posted above re-hashes entire trees, which allows you to extract a timestamp for a single file without (hopefully!) revealing anything about other files in the repo, or the directory structure13:06
petertoddbsm117532: yeah, just putting keys on a blockchain doesn't by itself prove much13:06
sipabsm117532: the blockchain here is a transport mechanism, a simple (and highly inefficient) replacement for http13:07
sipabsm117532: the keys are at the level of a web of trust13:07
petertoddsipa: I build the rehashing support because I wanted to be able to apply it to my personal git repos for mail, company records, etc.13:07
bsm117532I know that's how it works now.13:07
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards13:08
bsm117532petertodd: One can indicate a txid, and arrange to maintain control of the first output of subsequent transactions, even in the face of key loss events.13:11
kanzurewhat? so you lose one key but not the other?13:12
kanzure"what is trust root"13:12
bsm117532The trust root is Bitcoin itself and it's PoW.13:12
petertoddbsm117532: rather than talking about txids - an implementation detail - you should talk about what kinds of proofs you think the system is giving you13:12
petertodde.g. does your scheme need a timestamp proof? an anti-replay mechanism? a proof-of-publication?13:13
maakubsm117532: yes, http://monotone.ca/13:14
bsm117532petertodd: The system gives me proofs that I haven't chosen to revoke my (code signing) key in the last ~10 minutes.13:17
-!- cdecker [~cdecker@184.68.47.6] has joined #bitcoin-wizards13:17
petertoddbsm117532: that's a design goal, not an explicit statement about what exact type of proofs will do that :)13:18
bsm117532petertodd: The blocks are the proofs.  I don't see what you're getting at...13:18
petertoddbsm117532: a block is a block - what *type* of proof is it exactly?13:18
petertoddbsm117532: what, specifically, is this preventing from happening?13:19
sipabsm117532: i generally dislike hacking bitcoin keys into reusable identities13:19
bsm117532It's preventing compromised keys from signing code via stealing root CA keys, or brute forcing collisions in a web of trust.13:20
bsm117532sipa: Why?  Because bitcoin was supposed to be more fungible than it actually is?13:20
sipabsm117532: because it's a problem that needs fixing outside of bitcoin13:20
sipaand it creates incentives to break fungibility for solving a problem that it wasn't intended to solve13:21
bsm117532sipa: fungibility is already irretrievably broken, regardless of intention.  :-(13:22
sipai disagree. it's not a boolea13:22
sipait took years, but wallets these days are actually no longer continuously reusing keys13:22
-!- JHistone [~JHistone@cpc104808-sgyl39-2-0-cust135.18-2.cable.virginm.net] has joined #bitcoin-wizards13:22
bsm117532I have a hard time seeing how bitcoin could evolve to true fungibility.  I think Zcash/Mimblewimble/BLS stuff will come along, with true fungibility.13:23
sipaif bitcoin's fungibility is irretrievably broken, then you should convince everyone here to abandon it13:23
bsm117532Or repurpose it ;-)13:23
bsm117532But if you have ideas to recover fungibility, I'd love to hear...13:24
sipaagain, it's not a boolean13:24
sipaso if you phrase it as "improve" rather than "recover", i'm willing to discuss that13:24
bsm117532Sure13:24
bsm117532Could bitcoin evolve to block-level signature aggregation?  I have a hard time seeing that.13:25
-!- vega4 [~JBouncer@static.88-198-5-245.clients.your-server.de] has quit [Read error: Connection reset by peer]13:25
sipai believe that's totally viable13:26
sipai have more difficulty how it could adopt CT or MW13:26
kanzurethat's one of the advantages of segwit upgrades13:26
sipa*seeing13:26
sipabut signature aggregation, sure13:26
bsm117532EErrr what I really mean there is block-level coinjoin, as seems to be possible with MW13:27
sipaOWAS does that13:27
sipaand i believe OWAS is softforkable, but it may be nontrivial13:27
kanzurei think signature aggregation can be done with restricting behavior on anyonecanspends13:27
kanzure(through a soft-fork, i mean...)13:28
sipai mean... everything is softforkable in the sense of "we define an extra part of block size (like segwit), and you can move coins there with a special anyonecanspend, and then move them back... but in that new region totally different consensus rules apply"13:28
bsm117532But as long as soft fork is the name of the game, the original, less-fungible txns will be present, and can be used to indicate keys that sign code.13:28
sipayou can softfork out the original tx type at some point :)13:29
kanzurebsm117532: over a very long timeframe i would expect to see various transaction types to become unsupported over time, as long as alternatives are supported13:29
bsm117532Bitcoin, seen as a keyserver is far superior to a CA or web of trust.  Maybe there should be a different blockchain for it...13:29
sipabsm117532: i completely disagree with that13:30
sipayou'd lose the economic incentive to secure the chain without transactions that support the exchange rate of the security-providing subsidy value13:30
* bsm117532 looks at the number of P2SH addresses...as evidence that old features will likely never be able to be soft-forked out...13:31
bsm117532sipa: I agree completely with your last statement.  But that brings us back to doing it on top of bitcoin itself...13:32
sipayes, i don't think there is another choice13:32
sipaso if you really believe that the fungibility issue is irrepairably broken, we should abandon bitcoin, and build something better13:33
sipabut i don't think that is the case13:33
bsm117532sipa: Well imagine huge coinjoins existing alongside old few in/out P2PKH txns.  I think we can have it both ways.13:34
sipaand we need a lot more time to research better technology, experiment with it, and then investigate whether it could be brough to bitcoin in some form, rather than needing to start over13:34
sipanot giving up prematurely13:34
sipaso if you'd like to see bitcoin as just a keyserver or an anchor, i think you're missing the point that its security depends on it being usable as a transactable currency13:35
bsm117532Not "just" a keyserver, but "also": since it contains an internal keyserver, essentially, why not use it to sign itself and ensure its own code integrity?13:37
sipai disagree that it contains a keyserver13:38
petertoddsipa: +113:38
bsm117532every spent txid reveals pubkeys.  That's the sense that it's a keyserver.13:38
sipait can't provide that function without reducing fungibility, making its security story even harder to argue for13:38
petertoddbsm117532: by that argument, testnet is a publishing platform for 80's musicians...13:39
bsm117532It can provide that functionality now, and until its fungibility is upgraded to make it impossible.13:39
sipabsm117532: those txids are not associated with an identity13:39
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]13:39
bsm117532All I have to do is indicate which txid...13:39
-!- aalex [~aalex@64.187.177.58] has quit [Ping timeout: 276 seconds]13:39
bsm117532and it becomes associated13:39
sipano, it does not prove your identityu13:40
-!- cdecker [~cdecker@184.68.47.6] has quit [Ping timeout: 265 seconds]13:40
petertoddsipa: and even if it did, you don't need a blockchain for that13:40
sipapetertodd: +113:40
sipayou can just reveal the key through whatever channel you'd use to reveal the txid13:41
petertoddbsm117532: you should read this: https://github.com/petertodd/ID2020DesignWorkshop/blob/6918aa3cae5c2fc75c94c9c4e19121ca52446606/topics-and-advance-readings/DexPredicatesForSmarterSigs.md13:42
petertoddbsm117532: I put a lot of thought a few months ago into how to use this tech for identity, and what I actually came up with out of that was it's remarkable how narrow the use-cases are for Bitcoin - timestamping is one of the few examples where Bitcoin clearly helps13:43
petertodd(hence why I (re)wrote opentimestamps!)13:43
kature: fungibility, miners can incentivize it. by demanding much higher fees for inputs with reused address.13:45
-!- aalex [~aalex@64.187.177.58] has joined #bitcoin-wizards13:47
bsm117532sipa: sure you can just reveal keys...but if I reveal a txid, I also have a built-in revocation and replacement mechanism that is protected by PoW.13:57
bsm117532vs. having your CRL endpoint DDoS'ed (or pgpkeys.mit.edu)13:57
bsm117532petertodd: timestamping, and key control.  (BTW sorry for hijacking the conversation, your code is cool and I'll look at it in more detail!)13:58
-!- Tenhi_ [~tenhi@static.177.80.201.138.clients.your-server.de] has joined #bitcoin-wizards14:06
sipabsm117532: you want revocability and protection on the link with identity14:10
sipaon the blockchain itself is only a key14:11
sipait can be anyone's14:11
-!- Tenhi_ [~tenhi@static.177.80.201.138.clients.your-server.de] has quit [K-Lined]14:16
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 244 seconds]14:25
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards14:44
-!- mappum [sid43795@gateway/web/irccloud.com/x-aylckcjxvpzvmyjs] has quit [Ping timeout: 250 seconds]14:45
-!- _whitelogger [~whitelogg@uruz.whitequark.org] has quit [Ping timeout: 250 seconds]14:45
-!- rodarmor [rodarmor@2600:3c01::f03c:91ff:fe61:6c68] has quit [Ping timeout: 250 seconds]14:45
-!- kumavis [sid13576@gateway/web/irccloud.com/x-bzzhnddussctxflo] has quit [Ping timeout: 250 seconds]14:45
-!- CryptoAi [sid28532@gateway/web/irccloud.com/x-ktpobrkpfhscyuqp] has quit [Ping timeout: 250 seconds]14:45
-!- nicolagreco [sid157154@gateway/web/irccloud.com/x-hngrrlaftnyyfhuc] has quit [Ping timeout: 250 seconds]14:45
-!- Lightsword [~Lightswor@2604:a880:1:20::1d3:9001] has quit [Ping timeout: 250 seconds]14:46
-!- baffo32 [baffo32@gateway/shell/layerbnc/x-mbaveuhxukufuoek] has quit [Ping timeout: 250 seconds]14:46
-!- jonasschnelli [~jonasschn@unaffiliated/jonasschnelli] has quit [Ping timeout: 250 seconds]14:46
-!- TD-Linux [~Thomas@about/essy/indecisive/TD-Linux] has quit [Ping timeout: 250 seconds]14:46
-!- sipa [~pw@unaffiliated/sipa1024] has quit [Ping timeout: 250 seconds]14:46
-!- PaulCapestany [~PaulCapes@2604:5500:17:2ea:8419:4777:d81c:45e] has quit [Ping timeout: 250 seconds]14:47
-!- wpalczynski [sid55851@gateway/web/irccloud.com/x-nqsxqiinvzyggsqs] has quit [Ping timeout: 250 seconds]14:47
-!- helo [~helo@unaffiliated/helo] has quit [Ping timeout: 250 seconds]14:47
-!- GreenIsMyPepper [~GreenIsMy@2605:6400:20:11aa:189e:28a5:52ed:8948] has quit [Ping timeout: 250 seconds]14:47
-!- gigq [~gigq@2602:302:d14c:51a0:3ac9:86ff:fe0e:683d] has quit [Ping timeout: 250 seconds]14:47
-!- PaulCape_ [~PaulCapes@2604:5500:17:2ea:e1e8:378f:29b1:e12d] has joined #bitcoin-wizards14:47
-!- _whitelogger [~whitelogg@uruz.whitequark.org] has joined #bitcoin-wizards14:48
-!- gigq [~gigq@2602:302:d14c:51a0:3ac9:86ff:fe0e:683d] has joined #bitcoin-wizards14:48
-!- sipa [~pw@2a02:348:86:3011::1] has joined #bitcoin-wizards14:48
-!- helo [~helo@unaffiliated/helo] has joined #bitcoin-wizards14:48
-!- mappum [sid43795@gateway/web/irccloud.com/x-ofdiarglswxvevsu] has joined #bitcoin-wizards14:50
-!- CryptoAi [sid28532@gateway/web/irccloud.com/x-iipsnqwlnbvkyslb] has joined #bitcoin-wizards14:50
-!- Lightsword [~Lightswor@107.170.253.193] has joined #bitcoin-wizards14:51
-!- TD-Linux [~Thomas@about/essy/indecisive/TD-Linux] has joined #bitcoin-wizards14:52
-!- rodarmor [rodarmor@2600:3c01::f03c:91ff:fe61:6c68] has joined #bitcoin-wizards14:52
-!- GreenIsMyPepper [~GreenIsMy@2605:6400:20:11aa:189e:28a5:52ed:8948] has joined #bitcoin-wizards14:52
-!- jonasschnelli [~jonasschn@2a01:4f8:200:7025::2] has joined #bitcoin-wizards14:53
-!- cdecker [~cdecker@184.68.47.6] has joined #bitcoin-wizards14:54
-!- aalex [~aalex@64.187.177.58] has quit [Quit: Connection reset by beer]14:55
-!- nicolagreco [uid157154@gateway/web/irccloud.com/x-wdejribvllugjhko] has joined #bitcoin-wizards14:55
-!- wpalczynski [sid55851@gateway/web/irccloud.com/x-rhlrallynindltyu] has joined #bitcoin-wizards14:56
-!- kumavis [sid13576@gateway/web/irccloud.com/x-mtiveusourzqyjvr] has joined #bitcoin-wizards14:57
-!- baffo32 [baffo32@gateway/shell/layerbnc/x-xeeyszsxgjeqphkd] has joined #bitcoin-wizards15:01
-!- cdecker [~cdecker@184.68.47.6] has quit [Ping timeout: 260 seconds]15:09
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards15:10
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has quit [Ping timeout: 276 seconds]15:14
-!- jnewbery [~jnewbery@67.251.193.154] has joined #bitcoin-wizards15:23
-!- cdecker [~cdecker@184.68.47.6] has joined #bitcoin-wizards15:28
-!- jnewbery [~jnewbery@67.251.193.154] has quit []15:30
bsm117532sipa: If I point you to a txid I control, it's not going to be "anyone's" -- It's going to be mine.15:31
bsm117532Bitcoin transactions can indicate revocation.15:32
bsm117532I'm going to control the first output, in a chain of transactions.  By following successive spends in the chain, an observer to whom I've given the starting txid can track my revocations, as well as pick up a new key that I intend to use.15:33
bsm117532This is a "self-sovereign" identity.  If you're familiar with uPort on Ethereum, essentially I've figured out how to do it in top of Bitcoin by maintaining control of the first output in a chain of txns.15:35
midnightmagicpetertodd: to ensure directory information except maximum depth isn't leaked, could one consider the filepath or directory path itself merklized into a balanced tree. it could be selectively revealed then right?15:58
midnightmagicor maybe you could mask out selective or randomly-size portions of the paths and consider the filepath as a single string not split on component boundaries..16:02
midnightmagichrm16:02
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 250 seconds]16:03
-!- JHistone [~JHistone@cpc104808-sgyl39-2-0-cust135.18-2.cable.virginm.net] has quit [Quit: Leaving]16:12
bsm117532petertodd: Very interesting (smart signatures).  I've outlined how to deploy a self-sovereign identity on Bitcoin, but there one is revealing a script that evaluated to true to spend the txn, and repurposing that script for a different use.  For simple scripts there's a logical extension (e.g. multi-sig).16:13
bsm117532You're saying one could deploy an entirely different "script" that lets an observer validate an off-chain interaction (e.g. code signing, or auth event).16:14
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has joined #bitcoin-wizards16:18
-!- Guyver2 [~Guyver2@guyver2.xs4all.nl] has quit [Read error: Connection reset by peer]16:19
-!- Sleepnbum [Sleepnbum@72.67.47.196] has quit [Ping timeout: 244 seconds]16:21
bsm117532petertodd: Why do you say that use cases are "narrow"?  Deploying your Dex scripts, and replacing them with new ones seems like a perfect use.  Knowing that a Dex script is still valid comes down to knowing that a particular UTXO is unspent.  (so, UTXO set commitments are immensely helpful)16:23
-!- copumpkin [~copumpkin@haskell/developer/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]16:23
bsm117532Timestamps from the blockchain bound a region of time when a particular key was valid (or Dex script could have been used to sign code).  So historical signatures can be verified.16:25
-!- Burrito [~Burrito@unaffiliated/burrito] has quit [Quit: Leaving]16:33
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]16:35
-!- adiabat [~adiabat@159.203.193.74] has quit [Remote host closed the connection]16:37
-!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 260 seconds]16:50
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 244 seconds]16:52
-!- superkuh [~superkuh@unaffiliated/superkuh] has quit [Ping timeout: 265 seconds]16:54
-!- cdecker [~cdecker@184.68.47.6] has quit [Ping timeout: 244 seconds]16:55
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards17:02
-!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards17:03
sipabsm117532: you can claim that a transaction is yours (and you can prove so by signing a message with the key), but that is no different than me sending you the key without any transaction, and signing a message with it. the only thing yhe blockchain does is prove that that key existed at a certain point in time, not whom it belongs to. and for the timestamping use case, we have better solutions that put them in a merkle tree instead of telling...17:07
-!- superkuh_ [~superkuh@unaffiliated/superkuh] has joined #bitcoin-wizards17:07
sipathe whole world about it.17:07
-!- superkuh_ is now known as superkuh17:08
-!- AaronvanW [~ewout@185pc230.sshunet.nl] has quit [Read error: Connection reset by peer]17:22
-!- neha [~narula@tbilisi.csail.mit.edu] has quit [Remote host closed the connection]17:26
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards17:31
-!- cdecker [~cdecker@184.68.47.6] has joined #bitcoin-wizards17:37
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 264 seconds]17:43
-!- harrymm [~wayne@104.222.140.120] has quit [Remote host closed the connection]17:55
-!- Ylbam [uid99779@gateway/web/irccloud.com/x-wmccdywsmlpiopbp] has quit [Quit: Connection closed for inactivity]17:56
-!- harrymm [~wayne@104.222.140.128] has joined #bitcoin-wizards17:58
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards17:58
-!- bsm117532- [~AndChat70@rrcs-50-74-107-234.nyc.biz.rr.com] has joined #bitcoin-wizards18:08
bsm117532-sipa: It is different because the transaction mechanism can provide key revocation and replacement. What you want to know is whether a given key is still valid, which corresponds to asking whether a given UTXO is unspent. If you hide key data in a Merkle tree, an observer couldn't see your revocation.18:10
sipayou can just ask them to sign a message again18:11
sipathen you also know the key is still valid18:11
-!- mountaingoat [~mountaing@gateway/vpn/privateinternetaccess/mountaingoat] has quit [Ping timeout: 265 seconds]18:14
sipaalso, the presense of a utxo does not mean they didn't lose the key18:15
-!- bsm117532- [~AndChat70@rrcs-50-74-107-234.nyc.biz.rr.com] has quit [Ping timeout: 272 seconds]18:17
kanzureand the lack of presence of utxo too18:20
-!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Quit: Textual IRC Client: www.textualapp.com]18:30
-!- Emcy [~MC@unaffiliated/mc1984] has quit [Ping timeout: 244 seconds]18:30
-!- Noldorin [~noldorin@unaffiliated/noldorin] has joined #bitcoin-wizards18:31
-!- mountaingoat [~mountaing@unaffiliated/mountaingoat] has joined #bitcoin-wizards18:32
-!- superkuh [~superkuh@unaffiliated/superkuh] has quit [Ping timeout: 264 seconds]18:36
bsm1175321An attacker can also "sign a message again".  That does not prove the key is still valid.  A balance at a UTXO is sitting at a *different* address than the hash of the pubkey previously revealed.  One can separate the revocation mechanism from normal key use.  (e.g. an offline key or pre-signed transaction)18:37
-!- dnaleor [~dnaleor@78-23-74-78.access.telenet.be] has quit [Ping timeout: 240 seconds]18:37
bsm1175321I think it's impossible to prove your key hasn't been copied...18:38
-!- superkuh [~superkuh@unaffiliated/superkuh] has joined #bitcoin-wizards18:48
sipai still don't understand what the blockchain offers here18:58
sipayou are already talking to the other party to know what the txid is18:59
sipajust ask then what their key is directly at that point18:59
sipayou don't know it is not copied, but the other party hurts itself only by doing so19:00
sipabut you do know it's live19:01
bsm1175321The blockchain offers fast, timestamped, irrevocable *revocations*, and continuity with the new key, once established.  Both the old and new key are known to be controlled by the same entity. *Without* a separate secure line of communication to that entity through the entire key loss process.19:06
-!- kekroment [~kekroment@cultofkek.com] has quit [Ping timeout: 265 seconds]19:07
sipayou need a secure line of communication anyway to establish identity of the key19:07
bsm1175321But you only need a secure line of communication once, not in perpetuity.19:08
bsm1175321Your model assumes a perpetual secure line of communication.  If we had that a lot of things would be easier...19:08
sipano, just once, to establish an identity key19:08
bsm1175321And the revocation, and the new key.19:09
sipaafterwards you sign/encrypt using that key19:09
-!- N0S4A2 [~weechat@24.35.69.143] has joined #bitcoin-wizards19:09
bsm1175321The attacker has that key now.  What next?19:09
sipayou're eaten by a grue19:09
bsm1175321hahaaa19:09
sipayou can't solve that problem19:09
bsm1175321I can.  Using UTXOs on a blockchain.19:10
sipaif i lose my key, i can't spend that utxo19:10
sipayou're using the blockchain as a publishing mechanism for revocation certificates19:10
sipai guess that works19:11
sipait's a use for proof of publication19:11
bsm1175321The key you lost corresponds to an *already* *spent* UTXO.  The next spend comes from a *different* key, held in a different location.19:11
sipabut it only works if you don't lose the key19:11
bsm1175321You can lose the key.19:11
sipai don't understand19:11
bsm1175321People will lose keys.  I assume it.19:11
bsm1175321I'm making a chain of transactions, using the most recently *spent* transaction (which reveals a pubkey) for authentication/code signing.19:12
sipaok, so there is a stronger key held more securely that can sign revocations19:12
sipawhat if you lose that one?19:12
bsm1175321Ok so you can do that, but you still have a problem of publishing the revocations.19:13
sipaagree19:13
bsm1175321CRL's generally exist at a HTTP endpoint that an attacker can DDoS.19:13
sipai disagree that a blockchain is the best solution for it19:13
sipabut i agree it's a use case for a block chain19:13
* bsm1175321 lets sipa think on it.19:13
bsm1175321I think it's a *perfect* use case for a non-fungible blockchain.  (but, let's improve fungibility too)19:14
sipaany use for proof of publication is vulnerable to censorship19:14
sipaand a non-fungible blockchain (in extresis) won't have valuable tokens, which means it can't provide security19:15
sipa*extremis19:15
bsm1175321Any financial system in which the counterparty can't be reliably identified is unusable.19:16
bsm1175321We need both.19:16
bsm1175321And proof-of-work is the best way to secure both.19:17
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 244 seconds]19:20
-!- cdecker [~cdecker@184.68.47.6] has quit [Ping timeout: 244 seconds]19:21
-!- aem [AEM@gateway/shell/elitebnc/x-ledhrzcewhohrera] has quit [Remote host closed the connection]19:32
-!- AEM [AEM@gateway/shell/elitebnc/x-eqpxnamdgnopxpzr] has joined #bitcoin-wizards19:36
-!- AEM is now known as aem19:38
-!- Noldorin [~noldorin@unaffiliated/noldorin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]19:44
-!- Alopex [~bitcoin@cyber.dealing.ninja] has quit [Remote host closed the connection]19:51
-!- Alopex [~bitcoin@cyber.dealing.ninja] has joined #bitcoin-wizards19:53
-!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 240 seconds]20:18
-!- pro [~pro@unaffiliated/pro] has quit [Quit: Leaving]20:19
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards20:26
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 248 seconds]20:33
-!- jron [~okok@ec2-54-161-129-226.compute-1.amazonaws.com] has quit [Ping timeout: 244 seconds]20:37
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has quit [Quit: Newyorkadam]20:41
-!- Chris_Stewart_5 [~Chris_Ste@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 244 seconds]20:43
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has joined #bitcoin-wizards20:50
-!- chjj [~chjj@unaffiliated/chjj] has joined #bitcoin-wizards21:00
-!- rusty [~rusty@pdpc/supporter/bronze/rusty] has quit [Ping timeout: 250 seconds]21:18
qpmtx:<Jeremy_Rand> bsm1175321: FYI Namecoin has been exploring the possibility of naming PGP key fingerprints (or similar public key material)21:47
bsm1175321Jeremy_Rand see also blockstack and onename on that topic.21:48
qpmtx:<Jeremy_Rand> bsm1175321: Yes, I'm aware of Blockstack.  Their work is, in my opinion, not particularly useful, because (among other things) their transaction validity isn't backed by PoW.21:49
bsm1175321I have no interest in naming.  Naming creates a market for things which can be remembered, transcribed through meat-space, and chiseled onto stone tablets.  A txid (or pubkey) is a perfect identifier, though not memorable.  But who cares?  I have software for that.21:50
qpmtx:<Jeremy_Rand> It's trivially easy to construct a transaction that looks just like a Blockstack transaction (it's a Bitcoin tx that has an OP_RETURN script), and there's no way to prove that my transaction is invalid without inspecting the entire Bitcoin chain21:51
bsm1175321I agree, and that's why my proposal (above) does not rely on OP_RETURN.21:51
bsm1175321There's a new security model here not only for fungible assets, but for non-fungible identities, and light clients can use it by tracking block headers (with the addition of UTXO set commitments)21:52
qpmtx:<Jeremy_Rand> bsm1175321: Namecoin's utility for things like this, IMO, is that you can have one key that owns the Namecoin name, and that key can sign new transactions that authorize new PGP keys or revoke existing ones21:53
qpmtx:<Jeremy_Rand> The ability to have a human meaningful name for that identity is cool too of course21:53
bsm1175321I'm punting on the human readable part.  There's a lot of utility to be found by abandoning it.  I have software for that.  Once that punt is accepted, Bitcoin as it stands is a powerful alternative.21:54
qpmtx:<Jeremy_Rand> Although gmaxwell's concerns about it being easy to construct near-colliding human-meaningful names are valid, and dealing with them is nontrivial21:54
bsm1175321That's easy to solve: stop transcribing identities through your head-meat.  It's not as good at it as my software.21:55
othehuman readability just introduces namesquatting21:55
bsm1175321Let markets develop elsewhere.  It doesn't belong in the protocol.21:55
qpmtx:<Jeremy_Rand> bsm1175321: well, if you don't have human-readable names, that does decrease usability for some use cases.  I agree totally that getting rid of human-readable names does result in more confidence in the system from a cryptographic standpoint.21:56
othethe sites who use that identity should deal with it themselves, mapping a pubkey to a username is no big deal21:56
bsm1175321Jeremy_Rand: put a directory server that translates long identifiers into human-readable names somewhere.  Put it in software.  Don't make me fuck with it.21:56
qpmtx:<Jeremy_Rand> othe: last I heard about 50% of ICANN names are squatted.  That's a significant number, but that also means that 50% of the names are nonsquatted, which isn't incredibly bad.21:57
bsm1175321That's (at least) a 50% probability that I'll mis-identify a counterparty in a transaction/interaction.  We can do better.21:58
qpmtx:<Jeremy_Rand> bsm1175321: well, then you've got a trusted party in the directory server, right?  Or are you proposing a different way of doing the mapping?21:58
bsm1175321Software identifies the counterparty, not my head-meat.  Not the name mapping.  Name-mapping is only for visual display and convenience, not authentication/authorization.21:59
qpmtx:<Jeremy_Rand> bsm1175321: I don't follow how you're inferring the risk of fraud from the fraction of squatted names21:59
bsm1175321Wait, did I seriously just buy something from amaz0n.com?21:59
qpmtx:<Jeremy_Rand> Have you ever mistyped amaz0n.com into your web browser?22:00
bsm1175321Or was it amazondot.com?  Or ama2on.com?  Fuck if my head-meat and font interpreter can tell.22:00
bsm1175321I clicked on an ad, as many unawares users do...22:00
othei mistyped ebay 2 minutes ago, entered ebaz as i am in nyc on a non german keyboard...happens all the time for me.22:00
qpmtx:<Jeremy_Rand> othe: interesting.  That said, I don't think it's accurate to infer 50% chance of fraud based on 50% squatted names as bsm1175321 suggested22:01
bsm1175321It even had a valid certificate from some craptacular authority in bazquuxistan.  It was green in my browser bar.  I didn't question it.22:01
otheqpm, if u have something like global unique human readable names... theres like 1mio people called adam smith prolly...it just wont work, every service provider has to do the mapping himself22:02
bsm1175321Jeremy_Rand doesn't matter, it's way too high.  Computers will NEVER tell you that all 32-bytes of A equal all 32-bytes of B unless they actually do.  Let software do the hard work of deciding that A (seller) = B (payment account)22:02
sipaqpm: i don't understand the interest in namecoin22:02
sipait's a very interesting problem, but a completely backwards solution22:02
qpmtx:<Jeremy_Rand> sipa: may I ask what you consider completely backwards?22:03
sipaeither it functions as a currency, and nobody will use it for name registration22:03
sipaor it functions as a nameservice, and its currency aspect will fail to protect against dos22:04
sipathere is no reason why the price for registration needs to be tied to the exchange rate22:04
qpmtx:<Jeremy_Rand> sipa: I'm not an economist, but if a nameservice blockchain has tokens that are worth 1 registration, then those tokens end up with an exchange rate roughly equivalent to the market value of being able to register a name22:05
qpmtx:<Jeremy_Rand> am I incorrect?22:05
sipayes, and there is no reason why that is tied to the capacity of the system22:05
sipayou have two parameters, the security of the system and the cost of registration22:07
sipain namecoin they are both defined by the exchange rate22:07
qpmtx:<Jeremy_Rand> btw, I definitely agree that it's unpleasant to have a naming system that has an exchange rate that isn't pegged to some price that's meaningful to humans (i.e. the price of NMC is relatively volatile)22:07
qpmtx:<Jeremy_Rand> sipa: if we consider a hypothetical Namecoin-like chain where name renewals require paying $10 USD per year to miners, and we assume a significant number of names (say, a small TLD's level), my guess is that that would confer a fairly large amount of security in terms of miner fees.  But I haven't chugged those numbers lately.22:09
bsm1175321By separating naming from authentication/authorization, the naming becomes purely a UI/UX feature.  I really don't care how many other assholes claim to be amaz0n.com, my software will never get it wrong after the first time I visit the real amazon.com.  My eyeballs will.22:11
qpmtx:<Jeremy_Rand> sipa: I'm curious if you would consider the problems you're describing to be improvable by using a Namecoin-like system that's a pegged sidechain using BTC to register names?22:12
sipai'm not sure22:14
bsm1175321FWIW I'm unconvinced that the naming component needs PoW protection.  The only reason namecoin thinks it needs protection is that names are actually being used, today, for *authentication*.  Which, is a dumb thing to do, really.22:15
sipai feel there is a fundamental problem between payinfg for security and exchange rates22:15
sipaa sidechain also has no more security than its fees/... whatever pay miners22:16
qpmtx:<Jeremy_Rand> hmm, so I just did some math, if you assume 10 million names in the system and $10 per year renewal, then you end up with 10,000,000 * 10 / 365 / 24 / 6 = 1902 USD in fees per block22:19
qpmtx:<Jeremy_Rand> that's not a lot of fees, unfortunately (compared to Bitcoin's chain, at least)22:19
sipathat means that for 20000$ i can probably have the chain reorged if i don't like that my competitor got a name instead of me22:20
qpmtx:<Jeremy_Rand> Yeah, that is indeed quite low :(22:21
bsm1175321There are many, many more financial participants than registered DNS names, and all of them don't want to end up paying the wrong person.22:22
qpmtx:<Jeremy_Rand> sipa: on the other hand, 10 million names might be a fairly low estimate depending on what use cases we're talking.  DNS has about 100 million users (plus 100 million squatted names), but if we consider identities, it's a lot more.  There are far more Internet users than websites.22:23
qpmtx:<Jeremy_Rand> Even so, I agree with you that fees and security are problematic with a low number of users.22:24
sipaand with a high number of users, you get scalability problems22:25
sipanamecoin scales even worse than bitcoin as you need go keep spent records22:25
qpmtx:<Jeremy_Rand> sipa: right, so based on back of napkin calculations I did a while back, if you had about 100 million names, you would end up with a block size of circa 3 to 4 MB22:25
sipabut you can't prunr22:26
sipablock size is only one side of scalability22:26
qpmtx:<Jeremy_Rand> sipa: I think it's possible to only keep the hashes of name values in permanent storage.  You could keep the expansions of the hashes in a separate data structure (sort of like SegWit), and nodes could throw out that data structure after a couple years since it's not consensus-critical22:27
sipautxo set size, block chain size, ... may much more easily become dominant for a namecoin like system22:27
sipamaybe22:27
sipabut what if a miner wants a name for themselves?22:28
-!- cdecker [~cdecker@184.68.38.206] has joined #bitcoin-wizards22:28
sipathey can censor attempts to register or renew that name22:28
qpmtx:<Jeremy_Rand> sipa: in terms of UTXO set size, Aaron Swartz's Nakanames proposal (which basically described something like Namecoin) included an estimate of the UTXO set size, it was around 16 GB for the DNS use case I believe22:28
* bsm1175321 continues to harp on disassociating names from identity...22:29
qpmtx:<Jeremy_Rand> sipa: how is that fundamentally different from a Bitcoin miner attempting to censor transactions from UTXO's they don't like?  In a naming system they could force it to expire rather than having to attack it forever,22:30
qpmtx:<Jeremy_Rand> but it's still difficult22:30
sipaqpm: bitcoin addresses are not identities22:30
sipaand you can't censor what you don't understand what it's for22:31
qpmtx:<Jeremy_Rand> sipa: Are you referring to the expected reward for pulling off such an attack, or are you saying something else?22:31
-!- Giszmo [~leo@pc-40-227-45-190.cm.vtr.net] has quit [Quit: Leaving.]22:31
sipano, miners just don't know what to censor22:31
qpmtx:<Jeremy_Rand> sipa: ah.  Right, to do the attack for Bitcoin you would need to know what UTXO's to target22:31
sipaassuming decent fungibility22:31
qpmtx:<Jeremy_Rand> sipa: my assumption is that in Bitcoin, even if miners did know what to censor, it would be difficult to actually perform the censorship, based on the difficulty of getting a majority of hashrate to attack the system.  If that assumption is wrong, then Bitcoin is likely to have trouble too at some point.22:33
-!- mintmoney [~whosed2@c-71-225-146-175.hsd1.pa.comcast.net] has joined #bitcoin-wizards22:33
mintmoneyHi everyone! We have built a google survey regarding a startup charity's name selection! We could use all the feedback that we can get & it's only 3 questions, so please take 1 minute: https://goo.gl/forms/tgUGKxdlKXUTHlLd222:33
-!- MoALTz [~no@78-11-247-26.static.ip.netia.com.pl] has joined #bitcoin-wizards22:33
-!- Newyorkadam [~Newyorkad@wikipedia/Newyorkadam] has joined #bitcoin-wizards22:34
midnightmagic:-/22:34
bsm1175321Hahaaa I name the Red Cr0ss.22:35
qpm* tx:Jeremy_Rand didn't know that "startup charity" was a term that was used22:36
-!- mode/#bitcoin-wizards [+o midnightmagic] by ChanServ22:37
-!- mode/#bitcoin-wizards [+b *!*@c-71-225-146-175.hsd1.pa.comcast.net] by midnightmagic22:38
-!- mintmoney was kicked from #bitcoin-wizards by midnightmagic [reasons]22:38
-!- mode/#bitcoin-wizards [-o midnightmagic] by midnightmagic22:38
bsm1175321Awwww, that troll was making my point for me...22:38
qpmtx:<Jeremy_Rand> So if you assume 100 million names (which is conceivable if identities are the use case, since there's billions of people in the world), you wind up with (I think) more miner fees per block than the current Bitcoin block subsidy22:40
qpmtx:<Jeremy_Rand> (roughly 30 BTC if my math is right)22:41
bsm1175321Identity needs to be tied to assets, in a very deep way.  Because my attempt to transfer 30M USD needs to be tied to my counterparty risk, which is, coincidentally... 30M USD.22:44
qpmtx:<Jeremy_Rand> sipa / bsm1175321: anyway thanks for the chat -- excellent points.  Gotta get some sleep now, I'd love to talk more about this sometime.22:48
bsm1175321likewise!22:49
-!- Ylbam [uid99779@gateway/web/irccloud.com/x-jtmmhoetlnprdfpq] has joined #bitcoin-wizards22:54
-!- Aranjedeath [~Aranjedea@unaffiliated/aranjedeath] has quit [Quit: Three sheets to the wind]22:56
-!- ThomasV [~ThomasV@unaffiliated/thomasv] has joined #bitcoin-wizards23:07
-!- paveljanik [~paveljani@unaffiliated/paveljanik] has quit [Quit: Leaving]23:11
-!- NewLiberty [~NewLibert@172.58.40.145] has joined #bitcoin-wizards23:12
-!- assder [d4555899@gateway/web/freenode/ip.212.85.88.153] has joined #bitcoin-wizards23:28
fluffyponyJeremy_Rand: just wait till "startup charities" start ICO'ing23:32
-!- copumpkin [~copumpkin@haskell/developer/copumpkin] has joined #bitcoin-wizards23:40
-!- copumpkin [~copumpkin@haskell/developer/copumpkin] has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]23:45
-!- jonasschnelli [~jonasschn@2a01:4f8:200:7025::2] has quit [Changing host]23:49
-!- jonasschnelli [~jonasschn@unaffiliated/jonasschnelli] has joined #bitcoin-wizards23:49
--- Log closed Fri Sep 16 00:00:55 2016

Generated by irclog2html.py 2.15.0.dev0 by Marius Gedminas - find it at mg.pov.lt!