1 2017-03-03 01:07:56 0|bitcoin-git|[13bitcoin] 15instagibbs opened pull request #9906: Disallow copy constructor CReserveKeys (06master...06noreservecopy) 02https://github.com/bitcoin/bitcoin/pull/9906 2 2017-03-03 03:48:20 0|bitcoin-git|[13bitcoin] 15TheOnlyAymes opened pull request #9907: 0.14 (06master...060.14) 02https://github.com/bitcoin/bitcoin/pull/9907 3 2017-03-03 03:49:05 0|bitcoin-git|[13bitcoin] 15TheOnlyAymes closed pull request #9907: 0.14 (06master...060.14) 02https://github.com/bitcoin/bitcoin/pull/9907 4 2017-03-03 06:17:10 0|bitcoin-git|13bitcoin/06master 146485466 15Wladimir J. van der Laan: test: Report InitBlockIndex result... 5 2017-03-03 06:17:10 0|bitcoin-git|[13bitcoin] 15laanwj pushed 2 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/f7ec7cfd38b5...58861ad91b49 6 2017-03-03 06:17:11 0|bitcoin-git|13bitcoin/06master 1458861ad 15Wladimir J. van der Laan: Merge #9904: test: Fail if InitBlockIndex fails... 7 2017-03-03 06:17:28 0|bitcoin-git|[13bitcoin] 15laanwj closed pull request #9904: test: Fail if InitBlockIndex fails (06master...062017_03_test_check_blkindex_result) 02https://github.com/bitcoin/bitcoin/pull/9904 8 2017-03-03 09:29:21 0|wumpus|jeremyrubin: well cloudabi executables are marked with a special "OS/ABI" type, so it's easy to identify them as such. Also it's recommended to use cloudabi-run to run them, which should not launch native executables 9 2017-03-03 09:30:14 0|gmaxwell|wumpus: nice blog post btw. 10 2017-03-03 09:30:56 0|wumpus|but yes it'd make sense to add a check to whatever processes submitted executables that it's really the right kind of executable 11 2017-03-03 09:30:58 0|wumpus|gmaxwell: thanks :) 12 2017-03-03 09:31:31 0|gmaxwell|wumpus: how is the kernel security for it implemented? assuming you're using its special libc and whatnot, does it just use seccomp mode 1 on Linux? 13 2017-03-03 09:33:43 0|gmaxwell|ah, it's the Capsicum stuff. 14 2017-03-03 09:33:53 0|wumpus|gmaxwell: the preferred approach is to have it run on top of capsicum, this is what is used on freebsd at least. There's also an emulator, which may use seccomp, not sure. 15 2017-03-03 09:36:44 0|gmaxwell|it's a little sad that dns requests have to be external, since libc vulnerablities in dns handling is one of the things that bothers me more about our common attack surface. E.g. DNSseeds start returning a glibc dns 0day. 16 2017-03-03 09:37:27 0|wumpus|well it could be implemented differently 17 2017-03-03 09:37:50 0|wumpus|you could have something that passes in a ready-to-go UDP file descriptor for communicating to your preferred DNS server 18 2017-03-03 09:38:01 0|gmaxwell|oh. hm yea, it's true. 19 2017-03-03 09:38:05 0|wumpus|then use an internal DNS implementation 20 2017-03-03 09:38:27 0|gmaxwell|or even a mini dns resolver process that just uses a non-sandboxed udp shim. 21 2017-03-03 09:38:29 0|wumpus|(e.g. libevent's) 22 2017-03-03 09:39:23 0|wumpus|exactly 23 2017-03-03 09:40:47 0|wumpus|my initial usecase will be to have all outgoing network traffic go through tor, so it won't be doing any DNS lookups locally at all, only at the exit nodes I guess 24 2017-03-03 09:41:34 0|gmaxwell|wumpus: for mlock, would it be possible for an external process to create an anonymous mmap, mlock it, then pass the descriptor over a unix domain socket to the sandboxed process? 25 2017-03-03 09:41:49 0|wumpus|gmaxwell: yes, that's possible 26 2017-03-03 09:42:20 0|jonasschnelli|What I once started is to use sipas crawler (bitcoin-seeder) and fill everything into a db, then use that db from djbdns (which is still one of the best dnsd IMO). 27 2017-03-03 09:42:21 0|wumpus|gmaxwell: it's a bit scary though as the external process will be able to keep a reference, and have all your key data :) 28 2017-03-03 09:42:49 0|gmaxwell|yes, though it could presumably also ptrace your process. and hopefully it wouldn't keep a reference. :) 29 2017-03-03 09:43:31 0|wumpus|ideally we'd not want to store any key data in the process at all; e.g. interface to yet another module for that, which could be hw 30 2017-03-03 09:44:18 0|gmaxwell|yea, indeed, should just be a signer process that has an interface like a hardware wallet. Sometimes it's an actual hardware wallet, other times it's a sandboxed process, SGX module, or whatnot. 31 2017-03-03 09:44:31 0|wumpus|right 32 2017-03-03 09:45:07 0|wumpus|jonasschnelli: to make a DNS server that can only look up bitcoind hosts? 33 2017-03-03 09:45:40 0|wumpus|jonasschnelli: oh I get it, of course, you want to run an alternative DNS server as DNS seeder 34 2017-03-03 09:45:47 0|jonasschnelli|wumpus: yes. 35 2017-03-03 09:45:56 0|jonasschnelli|The crawler is great,... but not the dnsd part 36 2017-03-03 09:46:05 0|gmaxwell|well we do use dns for things other than introduction. 37 2017-03-03 09:46:35 0|wumpus|do we? 38 2017-03-03 09:46:54 0|gmaxwell|sure, things like addnode can use it. 39 2017-03-03 09:47:08 0|gmaxwell|and it's not a bad idea there simply because ... IPs change. 40 2017-03-03 09:47:13 0|jonasschnelli|isn't that pure IPv4/v6? 41 2017-03-03 09:47:20 0|jonasschnelli|we could or we can? 42 2017-03-03 09:47:39 0|nemgun|Hello guys 43 2017-03-03 09:48:19 0|wumpus|it's possible to pass some of the connect-to command line options (proxy, tor, etc) as hostnames.... but meh, there's no use for that in cloudabi because it won't be able to connect to those anyway. The right wya to do that would be to pass in a fd to a pipe or such... 44 2017-03-03 09:49:15 0|wumpus|as for RPC you can do the lookups at the client side 45 2017-03-03 09:49:35 0|gmaxwell|wumpus: ah, well I thought it would eventually be good to be able to support the complete feature set (except for some antiquated features like the notify interfaces which might be better done another way). 46 2017-03-03 09:50:40 0|wumpus|well my goal with this experiment would be to make something better, sometimes that means making decisions to drop some functionality or do it some other way 47 2017-03-03 09:51:37 0|wumpus|it'd be possible to emulate the complete old feature set on top of the sandbox, but that's not very interesting 48 2017-03-03 09:55:03 0|wumpus|anyhow if addnode stores a name and does periodic DNS lookups, to track IP changes over time, there's something to be said that bitcoind needs to be able to initiate DNS lookups 49 2017-03-03 09:57:21 0|gmaxwell|it does (well it will relookup again on a reconnect, e.g. after a disconnect under the old name...) 50 2017-03-03 09:57:24 0|wumpus|simplest would be to use the "RESOLVE" [F0] SOCKS5 extension for that. This means the actual lookup can be done from another process (which could be sandboxed too) 51 2017-03-03 09:58:28 0|wumpus|this also means that if the DNS resolver process is compromised, bitcoind itself isn't 52 2017-03-03 10:02:51 0|wumpus|there's a bit of a bootstrapping problem here, ideally there would be a command 'instantiate a graph of cloudabi processes and connect them such and such' 53 2017-03-03 10:07:01 0|wumpus|btw verify-commits.sh is broken again 54 2017-03-03 10:08:47 0|wumpus|looks like it croaks on MarcoFalke's key 55 2017-03-03 10:09:05 0|jonasschnelli|hmm... 56 2017-03-03 10:33:04 0|bitcoin-git|[13bitcoin] 15ryanofsky opened pull request #9908: Define 7200 second timestamp window constant (06master...06pr/timewin) 02https://github.com/bitcoin/bitcoin/pull/9908 57 2017-03-03 11:26:08 0|bitcoin-git|[13bitcoin] 15ryanofsky opened pull request #9909: Add FindEarliestAtLeast test for edge cases (06master...06pr/faltest) 02https://github.com/bitcoin/bitcoin/pull/9909 58 2017-03-03 12:16:41 0|paveljanik|when running with -blocksonly, do we want to load and dump the memory pool? 59 2017-03-03 12:20:12 0|bitcoin-git|[13bitcoin] 15ian-kelling opened pull request #9910: Docs: correct and elaborate -rpcbind doc (06master...06docs-rpcbind) 02https://github.com/bitcoin/bitcoin/pull/9910 60 2017-03-03 12:37:45 0|wumpus|paveljanik: does it hurt to do so? if not, better not to couple those options 61 2017-03-03 12:39:12 0|bitcoin-git|[13bitcoin] 15laanwj pushed 10 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/58861ad91b49...eb281842b7df 62 2017-03-03 12:39:13 0|bitcoin-git|13bitcoin/06master 14d77ad6d 15Luke Dashjr: RPC: Do all wallet access through new GetWalletForJSONRPCRequest 63 2017-03-03 12:39:13 0|bitcoin-git|13bitcoin/06master 14eca550f 15Luke Dashjr: RPC/Wallet: Pass CWallet as pointer to helper functions 64 2017-03-03 12:39:14 0|bitcoin-git|13bitcoin/06master 142e518e3 15Luke Dashjr: Move nWalletUnlockTime to CWallet::nRelockTime, and name timed task unique per CWallet 65 2017-03-03 12:39:20 0|bitcoin-git|[13bitcoin] 15laanwj closed pull request #8775: RPC refactoring: Access wallet using new GetWalletForJSONRPCRequest (06master...06multiwallet_prefactor_rpc) 02https://github.com/bitcoin/bitcoin/pull/8775 66 2017-03-03 13:05:06 0|paveljanik|wumpus, dumping is fast, but loading is very slow and CPU consuming. And it consumes memory if there was a large mempool.dat. But I do not care enough ;-) 67 2017-03-03 13:06:05 0|wumpus|I think there should be an option to bypass mempool loading/writing. And possibly it could parameter-interact with disable-blocks mode, as long as it's clearly documented. 68 2017-03-03 13:06:24 0|wumpus|or maybe an option to disable the mempool completely? I don't know. 69 2017-03-03 13:07:07 0|wumpus|I don't care enough either. It seems optimizing for something that is an incedigly rare edge case 70 2017-03-03 13:07:52 0|wumpus|if you want to optimize actual bottlenecks, please pick my sha256 or crc32 optimization experiment :-) 71 2017-03-03 13:12:46 0|paveljanik|Well, I'll first optimise my blocksonly gateway to the world ;-) 72 2017-03-03 13:13:05 0|wumpus|both optimizations that I mention are very relevant to validating blocks, too 73 2017-03-03 13:13:29 0|paveljanik|do you have the PR numbers? ;-) 74 2017-03-03 13:14:27 0|wumpus|no PRs yet,but you can find the branches linked in the README here: https://github.com/laanwj/bitcoin 75 2017-03-03 13:29:06 0|paveljanik|how do you satisfy multiarchitecture/multiOS with yasm? 76 2017-03-03 13:38:00 0|wumpus|dunno? 77 2017-03-03 13:38:29 0|wumpus|is yasm platform specific? 78 2017-03-03 13:39:35 0|wumpus|as for architectures, use a general interface, and compile on the assembly appropriate for the architecture. For specific instruction sets it makes sense to do run-time detection. 79 2017-03-03 13:42:37 0|wumpus|on x86 you can use the CPUID instruction for that (see for example the SDL2 implementation: https://github.com/spurious/SDL-mirror/blob/master/src/cpuinfo/SDL_cpuinfo.c), on ARM it's somewhat more difficult as the instruction to detect what instruction sets are available is privileged. So applications resort to OS-specific parsing of /dev/cpuinfo, or just trying out the instructions and catching SIGILL 80 2017-03-03 13:43:17 0|wumpus|openssl, most notably, uses the latter approach, which is why you'lll always have to skip a SIGILL when running bitcoind in gdb on ARM 81 2017-03-03 13:57:25 0|bitcoin-git|13bitcoin/06master 1490a1d9a 15Ian Kelling: Docs: add details to -rpcclienttimeout doc 82 2017-03-03 13:57:25 0|bitcoin-git|[13bitcoin] 15laanwj pushed 2 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/eb281842b7df...ba80a684cfef 83 2017-03-03 13:57:26 0|bitcoin-git|13bitcoin/06master 14ba80a68 15Wladimir J. van der Laan: Merge #9903: Docs: add details to -rpcclienttimeout doc... 84 2017-03-03 13:57:46 0|bitcoin-git|[13bitcoin] 15laanwj closed pull request #9903: Docs: add details to -rpcclienttimeout doc (06master...06docs-client-timeout) 02https://github.com/bitcoin/bitcoin/pull/9903 85 2017-03-03 14:27:39 0|jonasschnelli|What's the plan in how we solve the current travis problem in master? 86 2017-03-03 14:27:45 0|jonasschnelli|Anyone working on that? 87 2017-03-03 14:28:49 0|wumpus|I suppose you mean https://github.com/bitcoin/bitcoin/pull/9880#issuecomment-283959063 ? 88 2017-03-03 14:28:54 0|wumpus|I don't really know how to solve it 89 2017-03-03 14:29:24 0|wumpus|do we need to add a new key somewhere? 90 2017-03-03 14:29:45 0|wumpus|would prefer to leave it up to BlueMatt 91 2017-03-03 14:41:23 0|jonasschnelli|wumpus: https://github.com/bitcoin/bitcoin/issues/9898 isn't solved yet. right? 92 2017-03-03 14:42:32 0|jonasschnelli|Ah. But right, the issue on master is verify-commits. 93 2017-03-03 14:42:42 0|jonasschnelli|I though it was the travis OSX issue 94 2017-03-03 14:43:05 0|wumpus|oh I had forgot about that one 95 2017-03-03 14:43:18 0|wumpus|seems it went away out of itself though? pulls are passing 96 2017-03-03 14:43:30 0|wumpus|it's just master, where verify-commits is run, where things fail 97 2017-03-03 14:44:07 0|jonasschnelli|Okay. I'm happy 9898 is gone... 98 2017-03-03 14:49:27 0|bitcoin-git|13bitcoin/06master 149de90bb 15Pavel JanÃÂk: Do not shadow variables (gcc set) 99 2017-03-03 14:49:27 0|bitcoin-git|[13bitcoin] 15laanwj pushed 3 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/ba80a684cfef...75d012e8c7d0 100 2017-03-03 14:49:28 0|bitcoin-git|13bitcoin/06master 1475d012e 15Wladimir J. van der Laan: Merge #8808: Do not shadow variables (gcc set)... 101 2017-03-03 14:49:28 0|bitcoin-git|13bitcoin/06master 14ad1ae7a 15Pavel JanÃÂk: Check and enable -Wshadow by default. 102 2017-03-03 14:57:58 0|jonasschnelli|I think it would be great if #9294 could get a review from on of the bip32 authors (ping sipa, gmaxwell) 103 2017-03-03 14:58:02 0|gribble|https://github.com/bitcoin/bitcoin/issues/9294 | Use internal HD chain for change outputs (hd split) by jonasschnelli ÃÂ· Pull Request #9294 ÃÂ· bitcoin/bitcoin ÃÂ· GitHub 104 2017-03-03 15:09:16 0|bitcoin-git|13bitcoin/06master 1409fe346 15Russell Yanofsky: Avoid -Wshadow warnings in wallet_tests... 105 2017-03-03 15:09:16 0|bitcoin-git|[13bitcoin] 15laanwj pushed 2 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/75d012e8c7d0...67c5cc19178d 106 2017-03-03 15:09:17 0|bitcoin-git|13bitcoin/06master 1467c5cc1 15Wladimir J. van der Laan: Merge #9828: Avoid -Wshadow warnings in wallet_tests... 107 2017-03-03 15:09:36 0|bitcoin-git|[13bitcoin] 15laanwj closed pull request #9828: Avoid -Wshadow warnings in wallet_tests (06master...06pr/multishadow) 02https://github.com/bitcoin/bitcoin/pull/9828 108 2017-03-03 15:22:46 0|bitcoin-git|[13bitcoin] 15laanwj pushed 2 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/67c5cc19178d...90cb2a218e58 109 2017-03-03 15:22:47 0|bitcoin-git|13bitcoin/06master 14f36bdf0 15Johnathan Corgan: Enable host lookups for -proxy and -onion parameters... 110 2017-03-03 15:22:48 0|bitcoin-git|13bitcoin/06master 1490cb2a2 15Wladimir J. van der Laan: Merge #9774: Enable host lookups for -proxy and -onion parameters... 111 2017-03-03 15:23:08 0|bitcoin-git|[13bitcoin] 15laanwj closed pull request #9774: Enable host lookups for -proxy and -onion parameters (06master...06hostname-lookups) 02https://github.com/bitcoin/bitcoin/pull/9774 112 2017-03-03 15:49:00 0|bitcoin-git|[13bitcoin] 15jonasschnelli closed pull request #8764: [Wallet] get rid of pwalletMain, add simple CWallets infrastructure (06master...062016/09/wallet_pointer) 02https://github.com/bitcoin/bitcoin/pull/8764 113 2017-03-03 16:23:10 0|bitcoin-git|13bitcoin/06master 14e5b449c 15Ian Kelling: Docs: correct and elaborate -rpcbind doc... 114 2017-03-03 16:23:10 0|bitcoin-git|[13bitcoin] 15laanwj pushed 2 new commits to 06master: 02https://github.com/bitcoin/bitcoin/compare/90cb2a218e58...53c300fb525a 115 2017-03-03 16:23:11 0|bitcoin-git|13bitcoin/06master 1453c300f 15Wladimir J. van der Laan: Merge #9910: Docs: correct and elaborate -rpcbind doc... 116 2017-03-03 16:23:35 0|bitcoin-git|[13bitcoin] 15laanwj closed pull request #9910: Docs: correct and elaborate -rpcbind doc (06master...06docs-rpcbind) 02https://github.com/bitcoin/bitcoin/pull/9910 117 2017-03-03 17:38:00 0|bitcoin-git|[13bitcoin] 15paveljanik opened pull request #9911: WIP: Wshadow: gcc 4.8.5 fixes (06master...0620170303_Wshadow_streams) 02https://github.com/bitcoin/bitcoin/pull/9911 118 2017-03-03 18:49:21 0|bitcoin-git|[13bitcoin] 15sdaftuar opened pull request #9912: Optimize GetWitnessHash() for non-segwit transactions (06master...062017-03-optimize-witness-hash) 02https://github.com/bitcoin/bitcoin/pull/9912 119 2017-03-03 23:42:03 0|gmaxwell|What are the barriers on getting SSE2 SHA2 in use? The speedup for initial sync should be far from trivial now. 120 2017-03-03 23:42:16 0|gmaxwell|(plus lowering latency of everything else we do) 121 2017-03-03 23:43:06 0|sipa|what is the speedup factor? 122 2017-03-03 23:49:43 0|luke-jr|why not SSE4 or AVX? 123 2017-03-03 23:51:31 0|gmaxwell|If I'm not misremembering SSE2 was 95% of the speedup of SSE4 and AVX was not faster on the hardware we tested (and in fact AVX was slower on AMD). But just replace SSE2 in my comment with whatever made sense. 124 2017-03-03 23:51:56 0|gmaxwell|sipa: before jonasschnelli benchmarked IBD with the change and it was 5% faster. IIRC... but now with assume valid a MUCH larger percentage of the time is in hashing. 125 2017-03-03 23:53:13 0|gmaxwell|So "more than 5%", though I don't know how much more. It will only grow after your UTXO changes. 126 2017-03-03 23:54:56 0|sipa|does it need parallel hashing?