--- Log opened Thu May 21 00:00:29 2020
00:09 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has quit [Ping timeout: 252 seconds]
00:10 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has joined #joinmarket
00:58 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has quit [Ping timeout: 260 seconds]
00:59 -!- jonatack [~jon@37.170.253.61] has joined #joinmarket
01:53 -!- jonatack_ [~jon@37.167.18.204] has joined #joinmarket
01:57 -!- jonatack [~jon@37.170.253.61] has quit [Ping timeout: 256 seconds]
02:02 -!- jonatack_ [~jon@37.167.18.204] has quit [Quit: jonatack_]
02:02 -!- jonatack [~jon@37.167.18.204] has joined #joinmarket
02:54 -!- sosthene [~sosthene@gateway/tor-sasl/sosthene] has quit [Remote host closed the connection]
03:03 -!- Alda63Bednar [~Alda63Bed@static.57.1.216.95.clients.your-server.de] has joined #joinmarket
03:04 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has quit [Remote host closed the connection]
03:04 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has joined #joinmarket
03:58 -!- Evanito [~Evanito@cpe-76-87-174-228.socal.res.rr.com] has quit [Read error: Connection reset by peer]
04:09 -!- sosthene [~sosthene@gateway/tor-sasl/sosthene] has joined #joinmarket
04:16 -!- sosthene [~sosthene@gateway/tor-sasl/sosthene] has quit [Quit: leaving]
04:19 -!- sosthene [~sosthene@gateway/tor-sasl/sosthene] has joined #joinmarket
04:53 -!- belcher [~belcher@unaffiliated/belcher] has joined #joinmarket
05:35 < belcher> thoughts on this as a privacy technique that regular wallets could do: for every transaction there's a small probability that the change address will be reused
05:35 < belcher> a strong heuristic is that if there's a two-output transaction and one output address is reused, then that is the payment address
05:36 < belcher> that heuristic is pretty easy to break by doing what i said above, and it doesnt need any cooperation to do, wallets could just adopt it on their own
05:36 < belcher> id suggest 0.5% probability and only if the two address types are the same
05:39 < belcher> the downside is that the reused address now leaks more information, and id guess in practice real-life reused addresses (like exchange deposit addresses) have been reused hundreds of time rather than just once or twice
05:42 < waxwing> yeah. i get the thinking, my intuition though is that as you say above, the upside isn't worth the downside, ironically blockchain analysis is probably too dumb for us to benefit from :) do you think they actually have payment output identification heuristics based on address reuse?
05:42 < waxwing> also even if they do, clustering will tend to wrap it into existing wallet anyway?
05:42 < belcher> walletexplorer.com did it, if there was a reused address they could use it to find the change addresses
05:42 < waxwing> complicated, like all these things, but apart from the general "clusterfuck wallet" concept, it might not be worth it.
05:42 < waxwing> i see.
05:43 < belcher> the point of this address reuse is that the analyst might put the sender and receiver wallet into the same cluster
05:43 < waxwing> yes, i see.
05:43 < waxwing> if they actually do use the reused address/payment heuristic then it kinda makes sense.
05:44 < waxwing> but given the desire to design wallets around not doing this, it could be a bit of a pain.
05:44 < waxwing> a lot of people kind of bake it into their conceptual architecture
06:47 < waxwing> belcher, logic issue i think? or did i misunderstand: sendpayment (and other spend scripts) auto freeze the locked coins on first sync, so you can't manually unfreeze them in wallet-tool freeze as they just get re-frozen?
06:47 < waxwing> pertaining to the change in this commit: https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/544/commits/3a131a166ce55066648c62f56e2ff2357a54d29b
06:48 < belcher> they only get refrozen if their locktime is in the future
06:48 < waxwing> oh no, duh, i'm wrong
06:48 < waxwing> yeah just saw :)
06:49 < waxwing> yes it's kinda nicely elegant. i was looking at the path of "what does the program spit out if i try to spend locked coins".
06:49 < waxwing> in a way it would be better UX if it actually said "sorry they're locked", but since it says LOCKED in the wallet-tool display that's fine.
07:15 -!- MaxSan [~four@185.156.175.171] has joined #joinmarket
07:56 < waxwing> i've been absolutely deep in all this dev work so basically haven't looked at mainnet JM pit at all recently, i realise it's a forlorn hope but, has anybody addressed the "nick signature verification failure" issue at all?
07:56 < waxwing> or has it somehow resolved itself?
07:57 < waxwing> just in case it helps i'll repeat again that i *think* that is an issue we solved in the past for another server: they have a NETWORK name that is inconsistent between their Tor HS and their clearnet, and on the clearnet you're getting a signature failure because the message includes the "server name" (which is the NETWORK value) and it isn't matching.
08:03 < belcher> ill spend some time on it
08:03 < belcher> right, network name seems to be different between clearnet and onion, thats annoying
08:03 < waxwing> belcher, i'm dumb but i can't really remember what are the arguments for using a bip39 extension (it's called "passphrase" in BIP, right?)
08:04 < belcher> two-factor authentication for your paper backup
08:05 < waxwing> hmm i see it's used as a salt
08:05 < waxwing> that kinda makes sense
08:05 < waxwing> another angle of defence against bruteforce
08:05 < belcher> also apparently some hww devices have flaws and the only safe way to use them is to use an extension (trezor i think?) but i dont own a hww so not sure
08:05 < waxwing> i've never been keen on making things too complicated personally, but i understand others can see it differently
08:06 < belcher> waxwing i see it more that if someone else finds your backup of 12-words they cant steal the money without also knowing the passphrase
08:06 < waxwing> yeah but that argument in itself isn't too convincing, since it leads to infinite regress
08:06 < belcher> and the passphrase can be relatively simple because the threat model only involves an adversary who might be a nosy flatmate
08:08 < belcher> do you mean the problem of where do you store the passphrase? just store in your head
08:08 < belcher> your nosy flatmate wont have access to a cluster for bruteforcing, or even know what that is
08:13 < belcher> note how its a pretty big difference with gold coins or cash, if your nosy flatmate finds those they can just steal them
08:26 -!- Alda63Bednar [~Alda63Bed@static.57.1.216.95.clients.your-server.de] has quit [Ping timeout: 260 seconds]
08:33 -!- fiatjaf [~fiatjaf@2804:7f2:2a81:6c39:ea40:f2ff:fe85:d2dc] has quit [Ping timeout: 240 seconds]
08:35 -!- fiatjaf [~fiatjaf@2804:7f2:2a81:6c39:ea40:f2ff:fe85:d2dc] has joined #joinmarket
08:38 -!- mr_burdell [~mr_burdel@unaffiliated/mr-burdell/x-7609603] has quit [Ping timeout: 252 seconds]
08:41 -!- mr_burdell [~mr_burdel@unaffiliated/mr-burdell/x-7609603] has joined #joinmarket
08:58 -!- ghost43 [~daer@gateway/tor-sasl/daer] has joined #joinmarket
09:04 -!- Evanito [~Evanito@cpe-76-87-174-228.socal.res.rr.com] has joined #joinmarket
10:26 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has quit [Remote host closed the connection]
11:05 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has joined #joinmarket
11:44 < kristapsk> waxwing, what is that potential security vulnerability thing that shows when you open jm-cs github in your browser?
11:59 -!- ghost43 [~daer@gateway/tor-sasl/daer] has quit [Remote host closed the connection]
12:01 -!- ghost43 [~daer@gateway/tor-sasl/daer] has joined #joinmarket
12:10 < belcher> waxwing i just logged into hackint with clearnet and onion and both times the server message says "NETWORK=hackint"
12:11 < belcher> so maybe it fixed itself? are we sure that it did used to be inconsistent
12:17 -!- jonatack_ [~jon@184.75.221.203] has joined #joinmarket
12:18 -!- jonatack [~jon@37.167.18.204] has quit [Ping timeout: 256 seconds]
12:23 -!- jonatack_ [~jon@184.75.221.203] has quit [Quit: jonatack_]
12:24 -!- MaxSan [~four@185.156.175.171] has quit [Ping timeout: 256 seconds]
12:24 -!- jonatack [~jon@2a01:e0a:53c:a200:bb54:3be5:c3d0:9ce5] has joined #joinmarket
12:32 -!- AnitaNine [7c7a9430@gateway/web/cgi-irc/kiwiirc.com/ip.124.122.148.48] has joined #joinmarket
12:35 -!- AnitaNine [7c7a9430@gateway/web/cgi-irc/kiwiirc.com/ip.124.122.148.48] has quit [Client Quit]
12:45 -!- MaxSan [~four@185.156.175.171] has joined #joinmarket
12:52 -!- MaxSan [~four@185.156.175.171] has quit [Ping timeout: 265 seconds]
12:53 -!- MaxSan [~four@185.156.175.171] has joined #joinmarket
12:59 -!- MaxSan [~four@185.156.175.171] has quit [Ping timeout: 260 seconds]
13:10 < HackRelay> [hackint-irc/AlexCato] a few years ago, it indeed was. But I cant recall which network (could have been Agora or Cyberguerilla). Also just the first char was different (capitalized on one of TOR/clearnet, lower case on the other)
13:11 < HackRelay> [hackint-irc/AlexCato] maybe now the problem isnt hackint but DarkScience?
13:12 < HackRelay> [hackint-irc/AlexCato] ^ belcher
13:14 < belcher> trying darkscience
13:15 < belcher> yep thats it, clearnet "NETWORK=darkscience" onion "NETWORK=DarkScience"
13:15 < belcher> perhaps we could move to taking the network name out of the config file rather than the server message?
13:15 < belcher> another slightly hacky solution is to do `network = network.lower()`
13:16 < belcher> wait a minute, if we did lower() that most makers who connect via the onion would need to update, because "DarkScience".lower() != "DarkScience"
13:19 < belcher> i think the best solution is to have another field in the config file for network name, and for darkscience we make it "DarkScience" which means the existing makers dont need to update, only clearnet users do (and they already see errors so most likely will update anyway)
13:19 < belcher> id rather not try ideas like network.lower() because we cant rule out that one day a network will be totally different between clearnet and tor
13:25 < HackRelay> [hackint-irc/AlexCato] belcher] another slightly hacky solution is to do `network = network.lower()` <-- i thought about this approach when i mad ethe first char fix back then, but came to the same conclusion: that requires EVERYONE to upgrade to the newest version, probably a no-go
13:26 < belcher> i was thinking, another option is to have the network nonce be taken from the channel topic of #joinmarket-pit, we can pretty much guarantee that it will be the same for a given network.... however then i realized it could be problematic if we lose access to channel ops like what happened with agora
13:27 < HackRelay> [hackint-irc/AlexCato] though maybe that is something to do when there's an urgent fix at some point in the future, so that everybody needs to upgrade anyways?
13:28 < belcher> any thoughts on the adding a new field in the config file? `network = DarkScience`, then nobody needs to upgrade unless its not working for them
13:29 < HackRelay> [hackint-irc/AlexCato] config field: i think that's a good idea for now; don't really like it, as it exposes something to the user that he's not supposed to change ever. Kinda not what a config item should be used for
13:30 < HackRelay> [hackint-irc/AlexCato] another idea: maybe DarkScience isnt even aware of this and could re-config their IRC to change this on their end
13:30 < HackRelay> [hackint-irc/AlexCato] though that will not solve any future problems of this kind
13:31 < belcher> i think the most that users ever do around the irc config is comment and uncomment clearnet vs tor
13:32 < belcher> i could take the opportunity to actually remove the irc details from the config file and put it into its own separate file, then in the config file all that's left is `tor = true/false`
13:32 < belcher> then irc details would go into another file (called perhaps irc.cfg) and if it ever changes then users just download a new version of the file and replace their old one with it
13:33 < HackRelay> [hackint-irc/AlexCato] that sounds good!
13:36 < belcher> i think ill do that then
13:46 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has quit [Remote host closed the connection]
13:46 < waxwing> i was in the munich call so didn't follow convo (will try to read it carefully) but: did you look at what i did last time to fix the same issue with a different network?
13:47 < waxwing> i feel like maybe i did the lower() thing but i may have inadvertently caused the "need to update" issue. i actually don't remember.
13:48 < HackRelay> [hackint-irc/AlexCato] last time we just changed the first char of the network with .lower()
13:48 < HackRelay> [hackint-irc/AlexCato] because at the part of the code where it needed fixing, the length of the network's name was not determinable any more, iirc
13:49 < HackRelay> [hackint-irc/AlexCato] it was some kind of strange concatenation of different variables into one string
13:49 < HackRelay> [hackint-irc/AlexCato] so that fixed agora/cyberguerilla, or whichever network had the problem, but DarkScience capitalizes more than the first char :/
13:49 < HackRelay> [hackint-irc/AlexCato] i'm currently on darkscience trying to find out if that config differenc eon their side is intentional and if it maybe can be changed
13:52 -!- kristapsk [~KK@gateway/tor-sasl/kristapsk] has joined #joinmarket
13:53 < waxwing> kristapsk, oh damn i wasn't supposed to show that :) but fortunately it's not serious *today*. it's a vuln in twisted.web but we don't use that.
13:53 < waxwing> we will use it after 536 though. just need to upgrade to 20.* of twisted iirc
13:53 < belcher> AlexCato if you run /info on both clearnet and tor you see there are different messages
13:53 < belcher> so most likely its a different server listening on clearnet and tor, and they just have slightly different configurations for `network`
13:54 < HackRelay> [hackint-irc/AlexCato] yes, thats my assumption that it would be easy for them to change
14:05 < kristapsk> waxwing, how can I get my browser to show the same thing? (IT security is kinda part of my non-Bitcoin dayjob everyday actually)
14:07 < belcher> AlexCato, when you say you're on darkscience, do you mean you're in some support / oper channel? if so which one
14:08 < HackRelay> [hackint-irc/AlexCato] I just assumed #darkscience, but so far no response
14:09 < waxwing> kristapsk, good Q, i think it's only owner by default. i was just being lazy, i think there is a setting.
14:10 < belcher> well iv joined #darkscience as well
14:10 < belcher> long term we should fix it properly, but if we can fix it just by asking darkscience for now that would be great
14:14 < kristapsk> waxwing, I think we should address #193 sooner or later and potential security updates then will became kind of a problem 
14:35 -!- slivera [~slivera@116.206.228.204] has joined #joinmarket
14:56 < kristapsk> waxwing, listened to the parts of the video, I think I still have a problem of talking too much, but, apart from that, I think it was a cool live event
15:05 -!- waxwing [~waxwing@unaffiliated/waxwing] has quit [Ping timeout: 246 seconds]
15:09 -!- asymptotically [~asymptoti@gateway/tor-sasl/asymptotically] has quit [Quit: Leaving]
15:11 -!- waxwing [~waxwing@193.29.57.116] has joined #joinmarket
15:17 -!- waxwing [~waxwing@193.29.57.116] has quit [Changing host]
15:17 -!- waxwing [~waxwing@unaffiliated/waxwing] has joined #joinmarket
15:18 < waxwing> kristapsk, i don't think you talked too much at all
15:18 < waxwing> yeah it was very decent really
16:16 -!- xochon [~user@gateway/tor-sasl/xochon] has joined #joinmarket
17:26 -!- HackRelay [~jmrelayha@p5de4a509.dip0.t-ipconnect.de] has quit [Ping timeout: 264 seconds]
17:26 -!- DSRelBot [~DSRelBot@p5de4a509.dip0.t-ipconnect.de] has quit [Ping timeout: 265 seconds]
17:37 -!- HackRelay [~jmrelayha@p5de4a436.dip0.t-ipconnect.de] has joined #joinmarket
17:38 -!- DSRelBot [~DSRelBot@p5de4a436.dip0.t-ipconnect.de] has joined #joinmarket
18:38 -!- technonerd [~techno@gateway/tor-sasl/technonerd] has quit [Ping timeout: 240 seconds]
18:40 -!- technonerd [~techno@gateway/tor-sasl/technonerd] has joined #joinmarket
20:02 -!- asoltys [~root@s207-81-214-2.bc.hsia.telus.net] has joined #joinmarket
20:17 -!- MaxSan [~four@185.156.175.171] has joined #joinmarket
23:54 -!- Evanito [~Evanito@cpe-76-87-174-228.socal.res.rr.com] has quit [Remote host closed the connection]
23:54 -!- Evanito [~Evanito@cpe-76-87-174-228.socal.res.rr.com] has joined #joinmarket
--- Log closed Fri May 22 00:00:28 2020