--- Day changed Tue Jul 12 2016
00:13 -!- lnostdal_ [~lnostdal@205-203-11.connect.netcom.no] has quit [Read error: Connection reset by peer]
00:15 < waxwing> raedah: thanks, looks interesting
00:16 < raedah> there is an implementation here but unfortunately its out of date, https://github.com/kwonalbert/riffle
00:45 -!- lnostdal_ [~lnostdal@205-203-11.connect.netcom.no] has joined #joinmarket
01:34 -!- fqtw__ [~me@x4d0b9b93.dyn.telefonica.de] has joined #joinmarket
01:37 -!- fqtw_ [~me@x4d0b9b93.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
01:50 -!- fqtw__ [~me@x4d0b9b93.dyn.telefonica.de] has quit [Ping timeout: 252 seconds]
02:12 -!- mkarrer [~mkarrer@241.red-83-47-85.dynamicip.rima-tde.net] has joined #joinmarket
02:12 -!- mkarrer [~mkarrer@241.red-83-47-85.dynamicip.rima-tde.net] has quit [Read error: Connection reset by peer]
02:12 -!- mkarrer [~mkarrer@241.red-83-47-85.dynamicip.rima-tde.net] has joined #joinmarket
02:48 < belcher_> waxwing: !ioauth shouldnt involve cjpub to allow patientsendpayment, instead one of the maker's pubkeys
02:49 -!- moli [~molly@unaffiliated/molly] has quit [Ping timeout: 246 seconds]
02:56 -!- proslogion [~proslogio@2.127.106.111] has joined #joinmarket
02:57 -!- mkarrer [~mkarrer@241.red-83-47-85.dynamicip.rima-tde.net] has quit [Ping timeout: 276 seconds]
03:00 -!- moli [~molly@unaffiliated/molly] has joined #joinmarket
03:02 -!- mkarrer [~mkarrer@190.red-81-35-195.dynamicip.rima-tde.net] has joined #joinmarket
03:09 -!- mkarrer [~mkarrer@190.red-81-35-195.dynamicip.rima-tde.net] has quit []
03:11 < waxwing> belcher_: the cjpub there is the pubkey for the maker's coinjoin address
03:12 -!- mkarrer [~mkarrer@190.red-81-35-195.dynamicip.rima-tde.net] has joined #joinmarket
03:13 < fluffypony> https://coinlab.com/blog/post/coinjoin/
03:13 < waxwing> are you saying like, use a different pubkey for the auth compared to the pubkey/address used for the coinjoin address?
03:13 < fluffypony> just in case anyone missed it
03:13 < waxwing> fluffypony: yeah was going to post it, forgot. a bit shallow imo.
03:14 < fluffypony> I feel like there's going to be a "wow" moment once they hit part 8 of the series
03:14 < fluffypony> :-P
03:14 < waxwing> well he's switching the light on so i guess so.
03:15 < waxwing> to be clear i don't mean to say it's rubbish when i say "shallow", it's of interest to people who haven't looked into it before; i just think the anti-coinjoin case it makes is oversimplified
03:17 < waxwing> belcher_: if that's what you meant, then i think i understand. but, should look again at patientsendpayment, it's been a while.
03:55 -!- Giszmo [~leo@80.31.9.48] has joined #joinmarket
04:00 < waxwing> heads up: https://news.bitcoin.com/shapeshift-hack-funds-move/
04:02 < waxwing> those stock pictures of hackers, it's like they're deliberately trying to make them funny...
04:02 < gmaxwell> wait, didn't Bitcoin CEO edit the ledger to return the funds?!
04:04 < waxwing> concrete question: have exchanges ever blacklisted coins for exchange on their platforms?
04:04 < waxwing> small irony is that shapeshift was probably widely used for obfuscation
04:04 < waxwing> whether it was a good platform for that usecase is another Q of course
04:05 -!- arubi [~ese168@unaffiliated/arubi] has quit [Quit: Leaving]
04:05 < gmaxwell> not even a question, there was an RSS feed of all the in-out pairs!
04:06 -!- arubi [~ese168@unaffiliated/arubi] has joined #joinmarket
04:06 < waxwing> oh yes, i forgot, voorhees actually answered me on reddit and told me the transactions were public
04:06 < waxwing> which is, well, interesting
04:07 < gmaxwell> most users didn't know that though.
04:07 < waxwing> does anyone have a link to the shapeshift coins? doesn't seem to be one in the article
04:07 -!- Giszmo [~leo@80.31.9.48] has quit [Quit: Leaving.]
04:08 < waxwing> oh it's there at the top, my bad
04:09 < waxwing> huh, i actually looked at that last week, i see no joinmarket joins at all
04:10 < waxwing> just looks like a few simple peels, no?
04:10 < waxwing> https://blockchain.info/address/1LchKFYxkugq3EPMoJJp5cvUyTyPMu1qBR
04:11 -!- Giszmo [~leo@80.31.9.48] has joined #joinmarket
04:20 -!- Giszmo [~leo@80.31.9.48] has quit [Quit: Leaving.]
04:33 < belcher_> waxwing: the maker sending cj_pub means the maker must know the coinjoin output pubkey, and it must be a p2pkh
04:33 < belcher_> it means that patientsendpayment cant work
04:33 < belcher_> reminder https://github.com/JoinMarket-Org/joinmarket/issues/88
04:33 < waxwing> oh yes, i get it
04:34 < waxwing> will update gist.
04:35 -!- moli [~molly@unaffiliated/molly] has quit [Ping timeout: 250 seconds]
04:35 < waxwing> i'm gonna keep adding comments to the 171 thread, even though it'll end up being rambling, it's easier to have all the conversation in one place i think
04:35 < waxwing> i'll do a couple of cleanup commits and then do that change.
04:36 < belcher_> waxwing: concrete question: have exchanges ever blacklisted coins for exchange on their platforms? <--- mtgox's stolen coins from 2011-12 were blacklisted on other exchanges once i hear
04:36 < waxwing> ok, interesting. guess that was the bitcoinica thing
04:36 < belcher_> yes
04:37 < waxwing> or should i say the "amir posted the keys on github" thing :)
04:37 < waxwing> of course, the coins were all retrieved .. right? :)
04:38 < belcher_> idk
04:40 < belcher_> thieves like the shapeshift guy always seem to combine all their coins into one address, a big fat 315btc UTXO for easy following
04:42 < waxwing> probably just barely knows how to use a wallet. let alone joinmarket...
04:43 < belcher_> yes, theres no coinjoins coming from the shapeshift thief address
04:43 < waxwing> yep, looked at it last week. zero JM joins there. conceivably the "forensic team" referred to have other information, but if it's just that 315 coins then the article is simply wrong.
04:44 < belcher_> i thought the way i suggested in my gist should work fairly well, "Worked example for tumbler replacement"
04:46 < belcher_> right so this Oden CoinLab is another spy startup
04:57 -!- arubi [~ese168@unaffiliated/arubi] has quit [Quit: Leaving]
04:57 -!- arubi [~ese168@unaffiliated/arubi] has joined #joinmarket
04:57 < belcher_> according to walletexplorer, the shapeshift stolen funds were all peeled into the same closure
04:59 < belcher_> which is some kind of service im guessing, first closure use from 19/6/2016, which has about 13k transactions
04:59 < belcher_> maybe the shapeshift hacker did in fact piggyback off of someone else's hot wallet
05:04 < belcher_> anyone got a link to the shapeshift rss transaction feed ?
05:06 -!- HeySteve [~Lizard__W@169-1-125-197.ip.afrihost.co.za] has joined #joinmarket
05:06 -!- HeySteve [~Lizard__W@169-1-125-197.ip.afrihost.co.za] has quit [Changing host]
05:06 -!- HeySteve [~Lizard__W@unaffiliated/heysteve] has joined #joinmarket
05:08 < waxwing> yeah i dont' see it either, but i remember being told that before too
05:09 < waxwing> belcher_: how do you figure out what you said about the closures?
05:09 < waxwing> i see 129a4 and one big out to 7a79 and 0004 (only 1 coin)
05:10 < waxwing> just more or less what i saw on bci; a few peels and done
05:10 < waxwing> oh the 0004 i see
05:10 < waxwing> the peels are going into that. hmm, somewhat suboptimal...
05:31 < proslogion> waxwing: i think any blacklisting is gonna be a huge PITA, consider how you can just send your coins out to 1 million different addresses, some maybe yours some maybe not, and some may belong to people who simply do not pay attention to whether their total bitcoin 'balance' changes
05:32 < waxwing> yes i can't see it actually *working*, was just curious how far anyone had ever gone in attempting it.
05:34 < proslogion> so i would say it's not even realistic for ETH, and why they are so gung-ho over the HF
05:34 < waxwing> i remember noises about it after certain high profile "hacks", but never more than a few loud voices that were more or less ignored. it's not practical; notice how important in the DAO case is the fact of the lock-up period.
05:34 < waxwing> it's a combination of factors, but clearly the lockup period was a necessary condition.
05:35 < waxwing> might happen in future with timelocks on bitcoin, but ecosystem is so diverse now it would have to be a quite extraordinary event to even hear loud voices i guess...
05:36 -!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 252 seconds]
05:37 < proslogion> consider what happened with Bitcoin, I would expect the independent implementations of EVM to be not able to reproduce the behaviours of others
05:50 -!- arubi [~ese168@unaffiliated/arubi] has joined #joinmarket
06:15 -!- arubi [~ese168@unaffiliated/arubi] has quit [Quit: Leaving]
06:16 -!- arubi [~ese168@unaffiliated/arubi] has joined #joinmarket
06:37 < waxwing> belcher_: i seem to have it working now, with the maker just using the first utxo in his spending set for an authorising key; it wasn't too painful of an edit. (so yeah as discussed in 88 !ioauth utxolist auth_pub cj_addr change_addr). presumably other logic could be added for a different kind of authorising key, using the same protocol message.
07:26 -!- moli [~molly@unaffiliated/molly] has joined #joinmarket
07:31 -!- moli [~molly@unaffiliated/molly] has quit [Ping timeout: 244 seconds]
07:32 -!- moli [~molly@unaffiliated/molly] has joined #joinmarket
07:35 -!- p15 [~p15@157.91.145.64.unassigned.bringover.net] has quit [Ping timeout: 240 seconds]
09:02 < belcher_> waxwing: i saw it, looks great thanks
09:04 < belcher_> i think another useful quick edit to the protocol is #537 which would make it possible for hardware wallets to be yield generators
09:05 < waxwing> i remember reading that and i remember not fully understanding it
09:05 < belcher_> it just means prepending "Bitcoin Signed Message:\n" to the auth pubkey before signing, the same protocol as signing messages with a bitcoin keypair
09:05 < waxwing> oh you mean signing that part
09:05 < belcher_> it means hardware wallet can sign anything given to it with no danger that its coins will get stolen
09:05 < waxwing> hmm, but we have to sign other stuff too right. or are you saying that's alright, because that's a transaction
09:06 < belcher_> the idea is the hardware wallet can check that the coinjoin transaction results in its balance going up, and it will only sign if that happens
09:07 < belcher_> you can pass the entire transaction as hex that becomes the inputs, the hardware wallet can hash it and check what the bitcoin value of the UTXOs is
09:07 < waxwing> well but hardware wallets have to sign transactions where that's not true right? spending transactions
09:08 < belcher_> yield generators dont make spending transactions i think
09:08 < waxwing> oh so we're thinking maker side here only
09:08 < belcher_> if someone wants to spend i guess they cant manually press OK on the hardware, it doesnt have to be automatic
09:08 < belcher_> yes, for yield generators only
09:08 < waxwing> i see, i didn't even know hardware wallets had that kind of thing - automated signing for increase in balance. that's a nice feature.
09:08 < belcher_> automatically i mean, so someone can leave it switched on all the time
09:09 < belcher_> it doesnt exist yet afaik, but one of the manufacturers PM'd me on reddit saying they'd do it
09:09 < waxwing> we might even convince proslogion :)
09:10 < waxwing> well the first part, the "Bitcoin Signed Message:\n" is trivial so i can just do that 
09:11 < belcher_> helpful links here https://github.com/JoinMarket-Org/joinmarket/issues/537#issuecomment-232089171 it seems pybitcointools already does it
09:11 < waxwing> i'll go double check what the Bitcoin Core standard is
09:11 < waxwing> oh ok you did it thanks
09:12 < belcher_> im about to edit it to add this link, the definition to strMessageMagic https://github.com/bitcoin/bitcoin/blob/042c323922fce00a1cd0d955a0c8b8bfa80e4045/src/main.cpp#L120
09:12 < waxwing> right i was just going to look for strmessagemagic, thanks
09:12 < belcher_> note that CHashWriter << (the left shift operator) adds the length of the string
09:13 < belcher_> so "\x18Bitcoin Signed Message:\n" starts with \x18 because the length of the rest is 0x18
09:13 < belcher_> well probably the simpliest thing is to use ecdsa_sign() and ecdsa_verify() from pybitcointools (although they are badly named, shouldnt it be bitcoin_address_sign/verify ?)
09:14 < waxwing> well there's a *raw* version of each
09:14 < belcher_> yeah
09:14 < waxwing> but doesn't matter, will just be editing locally
09:14 < waxwing> the plastic surgery performed is pretty severe in any case :)
09:15 < belcher_> also, all this breaks if we ever use op_schnorr instead of ecdsa, but that would be a new offer type i guess
09:15 < proslogion> i would caution against the fee issue
09:16 < waxwing> proslogion: in what scenario? for the auto-signing you're checking increase in balance so no problem right
09:17 < proslogion> i am just making marks and remarks
09:17 < proslogion> however now you said that
09:17 < proslogion> there is a difference between increase in balance and increase in balance by the right amount
09:18 < waxwing> yeah i appreciate your education on the matter some time ago, proper cold-walleting is not simple
09:18 < belcher_> checking the balance goes up is to guard against the online full node + yield generator being compromised and them stealing the hardware wallet coins
09:20 < proslogion> hardware wallet seems to be a successful business model for storing bitcoins
09:20 < proslogion> instead of, say, the Armory one
09:21 < belcher_> anyone here own one ?
09:21 < proslogion> i think plenty does
09:21 < waxwing> i don't ... but i could be convinced, it's a decent solution really
09:22 < belcher_> a common principle with investing is to keep costs low, for that hardware wallets cant compete with paper wallets or electrum multisig wallets on multiple machines
09:22 < waxwing> i always gravitate to software rather than hardware solutions, maybe it's just a personal quirk
09:22 < belcher_> but if you want to actually use your coins day to day (and not carry around many computers like multisig would need), they could be quite good
09:23 < waxwing> yes exactly, i'm more drawn to the convenience model than the security model
09:23 < waxwing> like, medium sized amounts, active use: hardware wallet seems like a good idea.
09:24 < belcher_> hardware wallets are a bit of a black box, if theres an odd break i wouldnt know what to do, then again people who are not programmers must feel this way about software wallets
09:24 < proslogion> the course of events that took place was that HW wallets were intended to make sense for personal users, but wounded up making sense for everyone
09:24 < proslogion> a tailored security model is of course better in theory, but in RL everyone just converge to something "good enough"
09:27 < belcher_> but yes iv always disagree with people who recommend HW wallets straight away to newb users, like "oh welcome to bitcoin, apart from buying some $10 worth of coins to play around with, why not also get this $99 piece of specialised hardware)
09:28 < waxwing> i could imagine a certain class of newb for which that might not be a bad suggestion
09:28 < waxwing> e.g.: windows user, but wants to get a fairly large amount
09:29 < belcher_> if they're newb but also very serious about owning lots of coins
09:29 < belcher_> for that case an electrum multisig wallet could work too if they have more than one machine
09:30 < waxwing> yes, also isn't there some service that allows you to get a 2 of 3 with a trusted provider or something
09:30 < belcher_> yep
09:30 < belcher_> i once heard thomasv say he plans to make electrum work on android, your wallet could be sync'd on both and you use both to sign off a tx, plus theres a paper backup of the third key 
09:30 < waxwing> yeah i think he's been working on that for a while
09:31 < belcher_> i was thinking about a logo for joinmarket, how about an invisible hand ?
09:32 < waxwing> heh
09:32 < waxwing> i've made a sketch of that for you, here it is: 
09:32 < proslogion> i normally recommend three things, Green Address, putting your coins on a separate USB drive, and a HW wallet
09:32 < belcher_> http://i.huffpost.com/gen/1403246/images/o-HAND-STENCIL-facebook.jpg <-- the hand is the empty space in the ink splatter
09:36 < belcher_> anyway im going afk now
09:56 < waxwing> https://www.reddit.com/r/Bitcoin/comments/4sbpes/i_think_its_time_to_sticky_post_a_secure_your/d58dkop
09:58 < waxwing> lol https://www.reddit.com/r/Bitcoin/comments/4sbpes/i_think_its_time_to_sticky_post_a_secure_your/d58dzyz?context=10000
09:59 < fluffypony> lol
10:25 -!- fqtw [~me@x5d806d10.dyn.telefonica.de] has joined #joinmarket
12:30 -!- fqtw_ [~me@x5d8015d9.dyn.telefonica.de] has joined #joinmarket
12:33 -!- fqtw [~me@x5d806d10.dyn.telefonica.de] has quit [Ping timeout: 250 seconds]
13:02 -!- fqtw__ [~me@x5d8078d2.dyn.telefonica.de] has joined #joinmarket
13:05 -!- fqtw_ [~me@x5d8015d9.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
13:12 -!- joesmoe [~joesmoe@76.73.113.203] has quit [Ping timeout: 252 seconds]
13:27 -!- belcher [~user@unaffiliated/belcher] has joined #joinmarket
14:15 -!- gielbier [~giel____@unaffiliated/gielbier] has quit [Read error: Connection reset by peer]
15:03 -!- HeySteve [~Lizard__W@unaffiliated/heysteve] has quit [Ping timeout: 258 seconds]
15:40 -!- fqtw__ [~me@x5d8078d2.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
15:41 -!- arubi [~ese168@unaffiliated/arubi] has quit [Ping timeout: 258 seconds]
15:55 -!- arubi [~ese168@unaffiliated/arubi] has joined #joinmarket
16:41 -!- fqtw [~me@x5d8019f6.dyn.telefonica.de] has joined #joinmarket
16:43 -!- Cory [~C@unaffiliated/cory] has quit [Ping timeout: 264 seconds]
16:47 < belcher> writing a test for bitcoinqt integration seems to be very hard, even when you start bitcoind with -walletbroadcast=0 it still seems to mine the non-coinjoin tx
16:47 < gmaxwell> hm. if it is mining wallet created transactions with walletbroadcast=0 something is broken.
16:48 < gmaxwell> walletbroadcast=0 should keep the txn from going into the mempool.
16:49 < belcher> i use sendtoaddress to trigger it
16:49 < belcher> added more debug prints now so lets see what happens
16:50 < gmaxwell> re logo, it could be like the original stop hand logo we used on wikipedia (but without the stopsign) https://upload.wikimedia.org/wikipedia/commons/archive/f/ff/20050422225950%21Stop_hand.png
16:51 < belcher> and with no black outline, so its invisible rather than just a white hand, i wonder if it looks more invisible if you add grey streaks like a ghost
16:51 < gmaxwell> did you notice the odd thing about that hand?
16:52 < belcher> six fingers?
16:52 < gmaxwell> hah
16:52 < gmaxwell> I think it fits in that its like a coinjoin, extra parts. But subtle. :)
16:52 < belcher> accident? or some weird worship of symmetry?
16:52 < gmaxwell> Just a joke.
16:52 < belcher> hehe
16:52 < gmaxwell> It was up for years before a reader noticed.
16:53 < gmaxwell> eventually someone with no sense of humor fixed it.
16:53 < belcher> aw
16:53 -!- raedah [~x@172.58.40.9] has left #joinmarket ["WeeChat 1.5"]
16:53 < belcher> ok so debug lines say the coinjoin creation never actually finished.. something is up here
16:53 < gmaxwell> yea, so looking at the wallet code, I don't see how it could send up in the mempool if walletbroadcast was off.
16:53 < gmaxwell> er end not send.
16:54 < gmaxwell> so its an interesting bug if thats actually happening.
16:54 < gmaxwell> (and also a privacy bug, since you can tell when a transaction is in someones mempool, unfortunately.. though we're working on fixing that)
16:56 < belcher> so walletbroadcast=0 should result in it not finding any tx at all, rather than finding the non-coinjoin
16:56 < belcher> the test uses listsinceblock and gettransaction for finding the tx
16:57 < belcher> however... if the coinjoin never finished then generate was never called, so the tx wouldnt have been mined
16:58 < belcher> ill add a printout for how many confirmations the tx has..
17:03 < belcher> ok found one problem, the yield generators dont have any regtest coins for some reason
17:05 < gmaxwell> maturity issue?
17:05 < belcher> shouldnt be, it generates 101 blocks
17:06 -!- Cory [~C@unaffiliated/cory] has joined #joinmarket
17:15 < belcher> alright something weird is happening but ill work on it tomorrow, goodnight
17:15 -!- belcher [~user@unaffiliated/belcher] has quit [Quit: Leaving]
17:36 -!- Cory [~C@unaffiliated/cory] has quit [Ping timeout: 244 seconds]
17:39 -!- fqtw_ [~me@x5d80321b.dyn.telefonica.de] has joined #joinmarket
17:40 -!- luke-jr [~luke-jr@unaffiliated/luke-jr] has quit [Ping timeout: 276 seconds]
17:42 -!- fqtw [~me@x5d8019f6.dyn.telefonica.de] has quit [Ping timeout: 244 seconds]
18:44 -!- fqtw_ [~me@x5d80321b.dyn.telefonica.de] has quit [Read error: Connection reset by peer]
18:45 -!- fqtw_ [~me@x5d803be9.dyn.telefonica.de] has joined #joinmarket
19:07 -!- proslogion [~proslogio@2.127.106.111] has quit [Ping timeout: 258 seconds]
19:39 -!- Cory [~C@unaffiliated/cory] has joined #joinmarket
20:03 -!- fqtw [~me@x5d8078fc.dyn.telefonica.de] has joined #joinmarket
20:05 -!- fqtw_ [~me@x5d803be9.dyn.telefonica.de] has quit [Ping timeout: 250 seconds]
20:24 -!- p15 [~p15@153.91.145.64.unassigned.bringover.net] has joined #joinmarket
21:12 -!- fqtw_ [~me@x5d804050.dyn.telefonica.de] has joined #joinmarket
21:14 -!- fqtw [~me@x5d8078fc.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
21:32 -!- fqtw [~me@x5d80327d.dyn.telefonica.de] has joined #joinmarket
21:35 -!- fqtw_ [~me@x5d804050.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
22:18 -!- fqtw_ [~me@x4d0b9e02.dyn.telefonica.de] has joined #joinmarket
22:21 -!- fqtw [~me@x5d80327d.dyn.telefonica.de] has quit [Ping timeout: 252 seconds]
22:33 -!- fqtw [~me@x4d0b93a6.dyn.telefonica.de] has joined #joinmarket
22:35 -!- fqtw_ [~me@x4d0b9e02.dyn.telefonica.de] has quit [Ping timeout: 246 seconds]
22:48 -!- fqtw_ [~me@x5d804ad3.dyn.telefonica.de] has joined #joinmarket
22:50 -!- fqtw [~me@x4d0b93a6.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
23:21 -!- fqtw [~me@x5d807853.dyn.telefonica.de] has joined #joinmarket
23:24 -!- fqtw_ [~me@x5d804ad3.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
23:28 -!- fqtw_ [~me@x5d801c70.dyn.telefonica.de] has joined #joinmarket
23:30 -!- fqtw [~me@x5d807853.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]
23:37 -!- fqtw [~me@x5d801526.dyn.telefonica.de] has joined #joinmarket
23:39 -!- fqtw_ [~me@x5d801c70.dyn.telefonica.de] has quit [Ping timeout: 244 seconds]
23:51 -!- fqtw_ [~me@x5d8037f8.dyn.telefonica.de] has joined #joinmarket
23:53 -!- fqtw [~me@x5d801526.dyn.telefonica.de] has quit [Ping timeout: 240 seconds]