--- Day changed Fri Nov 08 2019 00:27 -!- b10c [~Thunderbi@2001:16b8:2ef4:3000:cc07:78de:5a5d:4009] has joined ##taproot-bip-review 02:23 -!- orfeas [81d75b21@dhcp-91-033.inf.ed.ac.uk] has joined ##taproot-bip-review 02:36 -!- orfeas [81d75b21@dhcp-91-033.inf.ed.ac.uk] has quit [Remote host closed the connection] 02:49 -!- afk11 [~afk11@gateway/tor-sasl/afk11] has quit [Remote host closed the connection] 02:50 -!- afk11 [~afk11@gateway/tor-sasl/afk11] has joined ##taproot-bip-review 03:24 -!- nick_freeman [~nick_free@92.116.154.108] has joined ##taproot-bip-review 03:34 -!- andytoshi [~apoelstra@unaffiliated/andytoshi] has quit [Read error: Connection reset by peer] 03:52 -!- Chris_Stewart_5 [~chris@unaffiliated/chris-stewart-5/x-3612383] has joined ##taproot-bip-review 03:54 -!- HighOnBtc [~Admin@86.121.55.235] has joined ##taproot-bip-review 03:58 -!- orfeas [81d75b21@dhcp-91-033.inf.ed.ac.uk] has joined ##taproot-bip-review 03:59 -!- yaslama [~yaslama@bzq-218-78-150.red.bezeqint.net] has quit [Quit: yaslama] 03:59 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has joined ##taproot-bip-review 04:05 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has quit [Quit: Sleep mode] 04:08 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has joined ##taproot-bip-review 04:45 -!- Chris_Stewart_5 [~chris@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 246 seconds] 04:47 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has joined ##taproot-bip-review 04:53 -!- nick_freeman [~nick_free@92.116.154.108] has quit [Remote host closed the connection] 04:55 -!- Chris_Stewart_5 [~chris@unaffiliated/chris-stewart-5/x-3612383] has joined ##taproot-bip-review 05:00 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has quit [Quit: Sleep mode] 05:01 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has joined ##taproot-bip-review 05:13 -!- pinheadmz [~matthewzi@184.75.212.188] has joined ##taproot-bip-review 05:31 -!- pinheadmz [~matthewzi@184.75.212.188] has quit [Quit: pinheadmz] 05:37 -!- jenseven [~jenseven@64.177.189.109.customer.cdi.no] has joined ##taproot-bip-review 05:43 -!- eltneg [29be1ea3@41.190.30.163] has joined ##taproot-bip-review 05:44 -!- jenseven [~jenseven@64.177.189.109.customer.cdi.no] has quit [Ping timeout: 250 seconds] 05:49 -!- eltneg [29be1ea3@41.190.30.163] has quit [Remote host closed the connection] 06:12 -!- jenseven [~jenseven@64.177.189.109.customer.cdi.no] has joined ##taproot-bip-review 06:29 -!- jenseven [~jenseven@64.177.189.109.customer.cdi.no] has quit [Ping timeout: 265 seconds] 06:31 < waxwing> aj, (or whoever), i'm curious why you went taproot-tapscript-schnorr in the curriculum thing, since some details (not just encoding but things like size tradeoffs, functionality, maybe security arguments, and even tagged hashes) depend on knowing the latter. 06:34 < waxwing> apologies if this is a repeat, got a disconnect: 06:34 < waxwing> aj, (or whoever), i'm curious why you went taproot-tapscript-schnorr in the curriculum thing, since some details (not just encoding but things like size tradeoffs, functionality, maybe security arguments, and even tagged hashes) depend on knowing the latter. 06:50 < harding> Nitpick: didn't tagged hashes originate with taproot, even though they've since been applied to bip-schnorr? 06:52 < instagibbs> I mean I referred back to bip-schnorr for specific details but I didn't read the whole bip 06:58 < waxwing> well tagged hash is defined in the Schnorr BIP (albeit it's trivial), but just things like: evaluating the cost (in vbytes) of v1 utxos depends on knowing simple things like how the bip-schnorr signature encoding works. 06:58 < waxwing> as well as I guess a lot of other, not simple, things :) 06:58 < instagibbs> :) 07:00 -!- nick_freeman [~nick_free@92.116.154.108] has joined ##taproot-bip-review 07:08 < waxwing> i guess an interesting CCQ (concept-check-question, common idea in teaching) for those studying the BIPs is, to what extent does taproot interact with Schnorr? Does it strictly depend on it? If so, why, and if not, what is the advantage of combining them? 07:38 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has quit [Quit: My computer has gone to sleep.] 08:18 <@aj> waxwing: originally had it as schnorr/taproot/tapscript, but thought the taproot bit motivated things better and wasn't quite as technical to start things off as schnorr 08:36 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has quit [Quit: Sleep mode] 08:43 -!- orfeas [81d75b21@dhcp-91-033.inf.ed.ac.uk] has quit [Remote host closed the connection] 08:44 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has joined ##taproot-bip-review 08:51 -!- jonatack [~jon@2a01:e35:8aba:8220:6627:dad:d967:649d] has quit [Ping timeout: 276 seconds] 08:52 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has joined ##taproot-bip-review 09:08 -!- andytoshi [~apoelstra@wpsoftware.net] has joined ##taproot-bip-review 09:08 -!- andytoshi [~apoelstra@wpsoftware.net] has quit [Changing host] 09:08 -!- andytoshi [~apoelstra@unaffiliated/andytoshi] has joined ##taproot-bip-review 09:12 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has quit [Quit: My computer has gone to sleep.] 09:41 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has joined ##taproot-bip-review 10:08 -!- b10c [~Thunderbi@2001:16b8:2ef4:3000:cc07:78de:5a5d:4009] has quit [Remote host closed the connection] 10:26 -!- b10c [~Thunderbi@2001:16b8:2ef4:3000:28da:8b3c:4dd5:3c6f] has joined ##taproot-bip-review 10:41 -!- b10c [~Thunderbi@2001:16b8:2ef4:3000:28da:8b3c:4dd5:3c6f] has quit [Quit: b10c] 10:47 -!- b10c [~Thunderbi@2001:16b8:2ef4:3000:28da:8b3c:4dd5:3c6f] has joined ##taproot-bip-review 10:55 -!- jonatack [~jon@2a01:e35:8aba:8220:6627:dad:d967:649d] has joined ##taproot-bip-review 11:29 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has quit [Quit: Sleep mode] 11:35 -!- nick_freeman [~nick_free@92.116.154.108] has quit [Remote host closed the connection] 11:43 -!- b10c [~Thunderbi@2001:16b8:2ef4:3000:28da:8b3c:4dd5:3c6f] has quit [Ping timeout: 250 seconds] 11:46 -!- nick_freeman [~nick_free@2001:16b8:300b:2800:680e:df36:b08d:2546] has joined ##taproot-bip-review 11:51 -!- nick_freeman [~nick_free@2001:16b8:300b:2800:680e:df36:b08d:2546] has quit [Ping timeout: 264 seconds] 12:18 -!- pinheadmz [~matthewzi@pool-100-33-69-78.nycmny.fios.verizon.net] has joined ##taproot-bip-review 12:24 -!- nick_freeman [~nick_free@2001:16b8:300b:2800:680e:df36:b08d:2546] has joined ##taproot-bip-review 12:34 -!- andytoshi [~apoelstra@unaffiliated/andytoshi] has quit [Read error: Connection reset by peer] 12:37 -!- pinheadmz [~matthewzi@pool-100-33-69-78.nycmny.fios.verizon.net] has quit [Quit: pinheadmz] 12:51 -!- nick_fre_ [~nick_free@2001:16b8:300b:2800:1dfc:8a70:1adc:23a1] has joined ##taproot-bip-review 12:51 -!- nick_freeman [~nick_free@2001:16b8:300b:2800:680e:df36:b08d:2546] has quit [Ping timeout: 264 seconds] 12:53 -!- andytoshi [~apoelstra@unaffiliated/andytoshi] has joined ##taproot-bip-review 13:37 -!- pinheadmz [~matthewzi@23.226.129.174] has joined ##taproot-bip-review 14:00 -!- pinheadmz [~matthewzi@23.226.129.174] has quit [Quit: pinheadmz] 14:02 -!- pinheadmz [~matthewzi@23.226.129.174] has joined ##taproot-bip-review 14:10 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has quit [Quit: My computer has gone to sleep.] 14:11 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has joined ##taproot-bip-review 14:17 -!- Chris_Stewart_5 [~chris@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 240 seconds] 14:19 -!- pinheadmz [~matthewzi@23.226.129.174] has quit [Quit: pinheadmz] 14:47 -!- pinheadmz [~matthewzi@pool-100-33-69-78.nycmny.fios.verizon.net] has joined ##taproot-bip-review 14:50 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has quit [Quit: My computer has gone to sleep.] 14:56 -!- pinheadmz [~matthewzi@pool-100-33-69-78.nycmny.fios.verizon.net] has quit [Quit: pinheadmz] 14:59 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has joined ##taproot-bip-review 15:00 -!- stacie [~stacie@c-24-60-139-217.hsd1.ma.comcast.net] has quit [Client Quit] 15:06 -!- Chris_Stewart_5 [~chris@unaffiliated/chris-stewart-5/x-3612383] has joined ##taproot-bip-review 15:11 -!- Chris_Stewart_5 [~chris@unaffiliated/chris-stewart-5/x-3612383] has quit [Ping timeout: 268 seconds] 16:47 -!- pinheadmz [~matthewzi@pool-100-33-69-78.nycmny.fios.verizon.net] has joined ##taproot-bip-review 18:15 -!- HighOnBtc [~Admin@86.121.55.235] has quit [Ping timeout: 265 seconds] 18:29 -!- nick_freeman [~nick_free@92.116.183.15] has joined ##taproot-bip-review 18:32 -!- nick_fre_ [~nick_free@2001:16b8:300b:2800:1dfc:8a70:1adc:23a1] has quit [Ping timeout: 250 seconds] 19:51 -!- nick_freeman [~nick_free@92.116.183.15] has quit [Remote host closed the connection] 20:01 -!- mryandao [~mryandao@gateway/tor-sasl/mryandao] has joined ##taproot-bip-review 21:16 -!- andytoshi [~apoelstra@unaffiliated/andytoshi] has quit [Ping timeout: 276 seconds] 21:45 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has joined ##taproot-bip-review 22:00 -!- michaelfolkson [~textual@2a00:23c5:be04:e501:e8f4:48b5:f75a:b75f] has quit [Quit: Sleep mode] 22:13 < raj_149> paraphrasing from Bip-Schnorr: implicite Y coordinate are not reduction in security if they are thought of from number of "curve operation to get priv key" perspective, as getting the right Y is just an negation operation in field element. 22:13 < raj_149> But this necessarily reduces the total space of valid pubkeys into half. Does that have any security consequences for DLP? 22:13 < raj_149> let me know if my question is not clear enough. 22:30 < sipa> raj_149: no, it does.not reduce security at all, not even 1 bit 22:30 < sipa> https://medium.com/blockstream/reducing-bitcoin-transaction-sizes-with-x-only-pubkeys-f86476af05d7 22:31 < sipa> raj_149: the intuition is that the fact that negation of public keys is so cheap to compute, will *already* reduce security... even for full public keys with y coordinate 22:59 < raj_149> Okay, thanks for the reference. 23:04 < sipa> raj_149: another way to look at it (which is in the bip draft, i think) is this: imagime you had an algorithm X that given an x-only pubkey computed its discrete logarithm 23:05 < sipa> you can write an algorithm Y that breaks the DL for full pubkeys, by simply giving it to X, and then depending on whether the sign is right, either return its result directly or negate ot 23:06 < sipa> so Y is not slower than X 23:12 < raj_149> That does make sense. 23:12 < raj_149> In another words, the total privkey space is unchanged. 23:12 < raj_149> So assuming DLP is hard, its gonna take same effort to scour privkey for pubkeys with/without the tie breaker. Will that be a valid arguement? 23:13 < sipa> raj_149: no, the privkey space is halved 23:13 < sipa> but it's removing a half that already didn't add any security 23:18 -!- r251d [~r251d@162-196-59-192.lightspeed.irvnca.sbcglobal.net] has quit [Ping timeout: 240 seconds] 23:19 < raj_149> Oh right. privkeys are negated depending on the y of pubkeys. 23:19 < raj_149> What do you mean by "didn't add security"? 23:19 < raj_149> Isn't the computational hardness depends on the total size of the haystack in which your have to hit the niddle? If you have smaller haystack then it becomes easier to find the niddle. 23:21 < sipa> raj_149: the most efficient DLP solver algorithms scale with the square root of largest prime factor of the group size divided by the size of the efficiently computable endomorphism on the group 23:21 < sipa> negating a group element is an efficiently computable endomorphism 23:28 < raj_149> I guess i need to study more on DLP. It felt counterintuitive at first glance. 23:29 < raj_149> Thanks for clarifying. Is the any reference i can study up on this topic?? 23:34 < sipa> start with pollard's rho for discrete logarithms