1 2011-11-10 00:00:05 <sebicas> <bitcoinaddress> is an address
2 2011-11-10 00:00:09 <sebicas> Not an account..
3 2011-11-10 00:00:13 <sebicas> Ok.. sorry..
4 2011-11-10 00:00:16 <doublec> sebicas: if you do "bitcoind getaccount address foo" then the returned address belongs to account "foo". Then "bitcoind getaccount <thataddress>" will return "foo" if you replace <thataddress> with the address returned earlier.
5 2011-11-10 00:00:48 <sebicas> Ok.. so now I have
6 2011-11-10 00:00:49 <sebicas> [bitcoin@ip-10-245-82-46 bin]$ ./bitcoind listaccounts
7 2011-11-10 00:00:49 <sebicas> {
8 2011-11-10 00:00:49 <sebicas> "" : 0.00000000,
9 2011-11-10 00:00:49 <sebicas> "default" : 0.00000000
10 2011-11-10 00:00:50 <sebicas> }
11 2011-11-10 00:01:11 <sebicas> This means there are 2 account... "" & "default"
12 2011-11-10 00:01:17 <doublec> yes
13 2011-11-10 00:01:34 <sebicas> How can I list the associated addresses for both accounts?
14 2011-11-10 00:02:32 <doublec> getaddressesbyaccount
15 2011-11-10 00:02:37 erle- has quit (Quit: erle-)
16 2011-11-10 00:02:41 <doublec> eg: bitcoind getaddressesbyaccount default
17 2011-11-10 00:02:46 <sebicas> Or ./bitcoind getaccountaddress ''
18 2011-11-10 00:03:00 <sebicas> Great!
19 2011-11-10 00:03:01 <doublec> sebicas: no, that returns a new address
20 2011-11-10 00:03:04 <sebicas> Got it.. thanks!
21 2011-11-10 00:03:59 erus` has quit (Remote host closed the connection)
22 2011-11-10 00:04:08 mizerydearia has quit (Ping timeout: 260 seconds)
23 2011-11-10 00:04:13 <sebicas> doublec: So how can I get the address for the account ''
24 2011-11-10 00:04:15 <sebicas> ?
25 2011-11-10 00:04:26 <doublec> What do you mean by "the address"
26 2011-11-10 00:04:31 <doublec> accounts can have multiple addresses
27 2011-11-10 00:04:40 <doublec> hence "getaddressesbyaccount" returns an array of addresses
28 2011-11-10 00:04:44 mizerydearia has joined
29 2011-11-10 00:04:55 <CFSworks> There's "getnewaddress" if you want to create a new address and assign it to the account.
30 2011-11-10 00:05:13 <CFSworks> There's also one that creates a new address, but reuses the last one if it hasn't received anything yet ...
31 2011-11-10 00:05:19 <doublec> that's getaccountaddress
32 2011-11-10 00:05:30 <CFSworks> Ah, right.
33 2011-11-10 00:05:51 <doublec> accounts are confusing - if you're new to bitcoin I suggest pretending they don't exist
34 2011-11-10 00:06:06 <doublec> until at some later point when you understand things better and then start using them
35 2011-11-10 00:06:48 <luke-jr> they're also not isolated in any way
36 2011-11-10 00:06:52 <luke-jr> it's merely accounting on your end
37 2011-11-10 00:07:07 <doublec> right
38 2011-11-10 00:07:18 <sebicas> I see.. thanks..
39 2011-11-10 00:07:23 <sebicas> Another question..
40 2011-11-10 00:07:23 Turingi has quit (Quit: Leaving)
41 2011-11-10 00:07:30 <sebicas> How I can use the params here..
42 2011-11-10 00:07:35 <sebicas> listreceivedbyaddress [minconf=1] [includeempty=false]
43 2011-11-10 00:07:49 <doublec> bitcoind listreceivedbyadress 1 false
44 2011-11-10 00:07:57 <sebicas> I like to use includeempty=true
45 2011-11-10 00:08:04 <doublec> bitcoind listreceivedbyaddress 1 true
46 2011-11-10 00:08:10 <CFSworks> sebicas: It tells you how many Bitcoins each of your addresses has received in total.
47 2011-11-10 00:08:23 amtal has joined
48 2011-11-10 00:08:50 <sebicas> Perfect..
49 2011-11-10 00:09:01 <sebicas> Can I delete an address once is created?
50 2011-11-10 00:09:05 <doublec> no
51 2011-11-10 00:09:26 <sebicas> Ok... thanks!
52 2011-11-10 00:09:50 <sebicas> I am working in a PHP Class to interact with the bitcoind daemon...
53 2011-11-10 00:09:59 <sebicas> Do you guys know one already?
54 2011-11-10 00:10:25 <CFSworks> They're out there... I don't use PHP myself, so I wouldn't be able to recommend one.
55 2011-11-10 00:10:39 <doublec> maybe https://code.google.com/p/bitcoin-php-simple/
56 2011-11-10 00:10:44 <luke-jr> sebicas: you probably need to understand Bitcoin a LOT better before you do that :P
57 2011-11-10 00:10:49 <doublec> found via a google search so no idea if it works
58 2011-11-10 00:11:00 <sebicas> jeje.. I know but I am a fast learner
59 2011-11-10 00:11:12 <luke-jr> sebicas: keep in mind it's bad practice to work with BTC as a value
60 2011-11-10 00:11:21 <luke-jr> always convert to/from an integer number of satoshis
61 2011-11-10 00:11:52 <sebicas> luke-jr: Thx for the tip.
62 2011-11-10 00:12:08 <luke-jr> the wiki has (or at least had?) PHP code for that
63 2011-11-10 00:12:35 <sebicas> Yes, I saw it..
64 2011-11-10 00:12:43 <sebicas> I think it can be improved..
65 2011-11-10 00:12:59 <luke-jr> don't optimize what doesn't need optimization :P
66 2011-11-10 00:13:41 <sebicas> Where is the code?
67 2011-11-10 00:13:46 <sebicas> Looks like empty https://code.google.com/p/bitcoin-php-simple/
68 2011-11-10 00:14:26 TheZimm has joined
69 2011-11-10 00:15:01 <CFSworks> You get it from Subversion, apparently: https://code.google.com/p/bitcoin-php-simple/source/checkout
70 2011-11-10 00:15:07 Beremat has joined
71 2011-11-10 00:15:17 <CFSworks> Oh wait, the repo is empty too.
72 2011-11-10 00:15:31 <doublec> perhaps it's a trick "the best way of using bitcoin from php is not to"
73 2011-11-10 00:15:59 <sebicas> Nop... it's empty
74 2011-11-10 00:16:01 <CFSworks> "PHP... You mean Python, right? The keys are all right next to each other."
75 2011-11-10 00:16:50 <sebicas> jeje... I hope I could write Python..
76 2011-11-10 00:16:57 <sebicas> But I am just a PHP Guy
77 2011-11-10 00:17:04 <sebicas> Like to learn it do..
78 2011-11-10 00:17:07 <denisx> sebicas: you said you are a fast learner
79 2011-11-10 00:17:13 <sebicas> Also getting into Ruby..
80 2011-11-10 00:17:20 <CFSworks> I've heard good things about Ruby.
81 2011-11-10 00:17:24 <CFSworks> Haven't actually tried it myself though.
82 2011-11-10 00:17:37 <sebicas> Yes, but also I am Lazy some times :P
83 2011-11-10 00:17:47 <sebicas> And stick with that I know..
84 2011-11-10 00:17:58 <CFSworks> I must admit that I'm a little wary of PHP these days...
85 2011-11-10 00:18:04 <CFSworks> I knew somebody who used it for everything.
86 2011-11-10 00:18:06 <CFSworks> And I mean everything.
87 2011-11-10 00:18:12 <CFSworks> He wrote Windows standalone GUI apps in PHP.
88 2011-11-10 00:18:18 <sebicas> Guaw.
89 2011-11-10 00:18:34 <cjdelisle> denisx: did you say you patched libevent2 into pushpool? jgarzik is here now and he wrote it so he might be interested in your patch.
90 2011-11-10 00:18:55 <denisx> jgarzik: are you?
91 2011-11-10 00:19:09 amtal has quit (Read error: Connection reset by peer)
92 2011-11-10 00:19:10 Turingi has joined
93 2011-11-10 00:19:10 Turingi has quit (Changing host)
94 2011-11-10 00:19:10 Turingi has joined
95 2011-11-10 00:19:11 <CFSworks> He was 50 minutes ago anyway...
96 2011-11-10 00:19:33 <denisx> cjdelisle: thing is, I kicked all the cli stuff out of pushpoold
97 2011-11-10 00:19:33 <sebicas> What you guys recommend me to learn... Ruby or Python?
98 2011-11-10 00:19:39 <denisx> sebicas: both
99 2011-11-10 00:19:51 <cjdelisle> sebicas: node.js
100 2011-11-10 00:19:54 <sebicas> Wich on first?
101 2011-11-10 00:19:55 <CFSworks> sebicas: I would recommend Python... But I'm a Python zealot, so don't take my word for it.
102 2011-11-10 00:20:05 <sebicas> :)
103 2011-11-10 00:20:18 copumpkin has quit (Ping timeout: 260 seconds)
104 2011-11-10 00:20:24 <sebicas> node.js is Java...
105 2011-11-10 00:20:24 <cjdelisle> if you like high proformance, node.js
106 2011-11-10 00:20:29 <sebicas> Not sure I like Java
107 2011-11-10 00:20:30 <CFSworks> JavaScript.
108 2011-11-10 00:20:33 <sebicas> Yes..
109 2011-11-10 00:20:40 <sebicas> Scripts in Java
110 2011-11-10 00:20:42 <sipa> cjdelisle: what do you want encryption in the protocol for?
111 2011-11-10 00:20:44 <cjdelisle> js != java
112 2011-11-10 00:20:46 <CFSworks> JavaScript is very different from Java.
113 2011-11-10 00:20:54 <sebicas> Why?
114 2011-11-10 00:20:59 <CFSworks> sipa: I believe I was the one talking about that... :)
115 2011-11-10 00:21:14 <sipa> CFSworks: indeed, you
116 2011-11-10 00:21:19 <sipa> i saw a c
117 2011-11-10 00:21:23 <CFSworks> lol
118 2011-11-10 00:21:33 <cjdelisle> CFSworks pointed out that it would get around goobermints passively detecting who sent a tx first
119 2011-11-10 00:21:36 <sebicas> Got is http://kb.mozillazine.org/Javascript_is_not_Java
120 2011-11-10 00:21:38 <sebicas> THz
121 2011-11-10 00:21:52 <sipa> and how would encryption between help for that?
122 2011-11-10 00:22:11 <CFSworks> cjdelisle: I was more concerned about people sitting across from me in a Starbucks watching my wifi traffic, but that too. :P
123 2011-11-10 00:23:00 <CFSworks> sipa: As long as the encryption offers forward secrecy, they can't decrypt it when they get their .cap files from all the ISPs who are in on their eavesdropping scheme.
124 2011-11-10 00:23:32 <sipa> it's true that for the lowest form of eavesdropping, it would increase anonymity
125 2011-11-10 00:23:51 <sipa> but i feel that if you need protection of your privacy, you need more anyway, and you should use tor
126 2011-11-10 00:23:53 gavinandresen has quit (Quit: gavinandresen)
127 2011-11-10 00:23:54 <CFSworks> Yeah, it's only good for passive protection.
128 2011-11-10 00:24:03 copumpkin has joined
129 2011-11-10 00:24:19 <cjdelisle> Passive is the most scary since they can pcap everything now and then later decide what they actually care about and/or write the tools to read it
130 2011-11-10 00:24:35 <CFSworks> It's a shame OE is not as simple as "Well let's add a flag to our socket to have it negotiate OE."
131 2011-11-10 00:24:42 <CFSworks> Because if that were the case, we should definitely go ahead and do it.
132 2011-11-10 00:25:15 <CFSworks> But implementing it has a big time/effort investment for somebody to fit it into the protocol and code up a patch.
133 2011-11-10 00:25:21 <cjdelisle> active a pita and they need to know who they really care about before they trap anything
134 2011-11-10 00:25:32 <CFSworks> The question is if it's worth it to thwart passive eavesdroppers.
135 2011-11-10 00:25:45 <cjdelisle> it is if you write the patch ;)
136 2011-11-10 00:26:19 <jgarzik> denisx: sure
137 2011-11-10 00:26:25 <CFSworks> Hey, I'd gladly write the patch, but I don't want to do it alone... I wouldn't be able to keep the code up to Bitcoin's style requirements on my own. :)
138 2011-11-10 00:26:45 <cjdelisle> I volunteer to read it and complain about codestyle
139 2011-11-10 00:26:57 <cjdelisle> I turn out to be rather good at complaining about codestyle
140 2011-11-10 00:26:58 <CFSworks> (And I think changing the protocol is something that would require a rather big community vote on...)
141 2011-11-10 00:27:12 <CFSworks> cjdelisle: Likewise, but that's assuming I know the codestyle to begin with.
142 2011-11-10 00:27:28 <cjdelisle> It's written down in a readme in the source
143 2011-11-10 00:27:37 Firefly007 has quit (Ping timeout: 252 seconds)
144 2011-11-10 00:27:51 <CFSworks> Well, I guess it's at least worth a ticket on Github then?
145 2011-11-10 00:27:54 <CFSworks> We can discuss it more in-depth there.
146 2011-11-10 00:28:01 <cjdelisle> I suppose
147 2011-11-10 00:28:11 Firefly007 has joined
148 2011-11-10 00:28:54 <denisx> jgarzik: but I removed all the cli stuff because I didn't need it
149 2011-11-10 00:29:10 <CFSworks> I think the real concern here is whether it's worth it to add additional complexity to the client and modify the protocol and do all this extra testing, just to defeat people who are eavesdropping on you passively.
150 2011-11-10 00:29:27 <cjdelisle> sebicas: if you learn node.js you will learn how to do things the *right* way first.
151 2011-11-10 00:29:39 <cjdelisle> java does it the wrong way
152 2011-11-10 00:29:44 <cjdelisle> apache same
153 2011-11-10 00:29:53 <CFSworks> Oh, what does Apache do wrong?
154 2011-11-10 00:29:55 <sebicas> Yes, noje.js was another one I wanted to learn
155 2011-11-10 00:30:10 <cjdelisle> apache spawns a thread for each request
156 2011-11-10 00:30:17 <CFSworks> Ah.
157 2011-11-10 00:30:21 <CFSworks> I guess it depends which MPM you use.
158 2011-11-10 00:30:21 <cjdelisle> which is why lighttpd is much faster
159 2011-11-10 00:30:46 <cjdelisle> but php is the same
160 2011-11-10 00:30:54 <cjdelisle> it uses thread pools to serve requests
161 2011-11-10 00:30:55 iocor has quit (Ping timeout: 248 seconds)
162 2011-11-10 00:30:57 <cjdelisle> wrong
163 2011-11-10 00:31:08 <CFSworks> I use mpm_itk, which launches a handler under a different user depending on what vhost is being served.
164 2011-11-10 00:31:13 <sipa> the worker MPM also uses a thread pool, no?
165 2011-11-10 00:31:20 <CFSworks> Granted, that's awful for performance...
166 2011-11-10 00:31:26 <CFSworks> But my machine doesn't see enough traffic for that to be a concern.
167 2011-11-10 00:31:37 <CFSworks> If lighttpd supports the same, I'd consider switching.
168 2011-11-10 00:32:07 <cjdelisle> node.js is distinguished in that it fosters the right way of thinkinf
169 2011-11-10 00:32:09 <cjdelisle> *thinking
170 2011-11-10 00:32:16 <CFSworks> Does it support virtual hosting?
171 2011-11-10 00:32:22 <cjdelisle> node?
172 2011-11-10 00:32:32 <cjdelisle> node is a programming language, not really a server
173 2011-11-10 00:32:36 <cjdelisle> so yes
174 2011-11-10 00:32:41 <CFSworks> Well JavaScript is the programming language...
175 2011-11-10 00:32:42 <cjdelisle> but you would have to write it
176 2011-11-10 00:32:50 <CFSworks> Ah.
177 2011-11-10 00:32:59 <CFSworks> But it still hosts port 80 itself (if you were to use it for web apps)
178 2011-11-10 00:33:02 <cjdelisle> unless someone wrote it for node but there are no libraries for node
179 2011-11-10 00:33:04 <sipa> if (hostname == "bla.com") { ... } else { ... }
180 2011-11-10 00:33:04 <CFSworks> So you can't exactly run it as non-root...
181 2011-11-10 00:33:06 <sipa> vhost!
182 2011-11-10 00:33:40 <sipa> how do you run node.js, btw?
183 2011-11-10 00:33:42 slush has joined
184 2011-11-10 00:33:50 <sipa> are there standalone javascript engines?
185 2011-11-10 00:33:58 <CFSworks> I believe it runs in v8.
186 2011-11-10 00:34:04 <cjdelisle> it includes v8 in the core
187 2011-11-10 00:34:14 <cjdelisle> apt-get install node-js
188 2011-11-10 00:34:17 <CFSworks> I'd really like to compare v8/node.js against PyPy/Twisted...
189 2011-11-10 00:34:20 <cjdelisle> node
190 2011-11-10 00:34:22 <CFSworks> Performance-wise, that is.
191 2011-11-10 00:34:29 <cjdelisle> then start messing around on the console
192 2011-11-10 00:35:02 <cjdelisle> performance is a strange beast
193 2011-11-10 00:35:10 <cjdelisle> java is "faster" than node.js
194 2011-11-10 00:35:23 <cjdelisle> but there is no way in the jdbc to support callbacks
195 2011-11-10 00:35:31 <cjdelisle> so db queries block
196 2011-11-10 00:35:39 <cjdelisle> so you need a thread pre request
197 2011-11-10 00:35:43 <cjdelisle> so it uses more ram
198 2011-11-10 00:35:45 <cjdelisle> so it's slow
199 2011-11-10 00:36:10 <CFSworks> I like Twisted in the Python world, but it tends to be a little bit RAM-heavy...
200 2011-11-10 00:36:57 <cjdelisle> yea, node is like twisted except js was designed that way, there was never any need to write an event lib.
201 2011-11-10 00:37:53 <sipa> isn't node itself the event lib? :)
202 2011-11-10 00:38:07 <CFSworks> Yeah, what exactly is node?
203 2011-11-10 00:38:38 <cjdelisle> node is like a bunch of js libraries and C/C++ bindings
204 2011-11-10 00:39:12 <cjdelisle> it has some event stuff but the real basis of event based code, callbacks, all that is in js already
205 2011-11-10 00:39:58 Kolky has quit (Quit: Bye bye!)
206 2011-11-10 00:39:59 <CFSworks> player.onDeath(function() {
207 2011-11-10 00:40:00 <CFSworks> ...
208 2011-11-10 00:40:01 <CFSworks> });
209 2011-11-10 00:40:04 <CFSworks> Like that, right?
210 2011-11-10 00:40:08 <cjdelisle> yeap
211 2011-11-10 00:40:23 <cjdelisle> if you write a js code with setTimeout(function() { console.log('hai'); }, 2000); node will not exit for 2 seconds
212 2011-11-10 00:40:26 <CFSworks> That's fun as long as you aren't nesting them so deep that it becomes a headache to track all the functions. :P
213 2011-11-10 00:40:37 <cjdelisle> so there's like an enter_event_look() call that you don't see
214 2011-11-10 00:41:00 <cjdelisle> *enter_event_loop
215 2011-11-10 00:42:26 <cjdelisle> Also node.js and event orianted C are very close so you can learn C from js pretty easily.
216 2011-11-10 00:42:52 eoss has joined
217 2011-11-10 00:42:52 eoss has quit (Changing host)
218 2011-11-10 00:42:52 eoss has joined
219 2011-11-10 00:43:05 btc_novice has left ()
220 2011-11-10 00:43:13 <CFSworks> How well does JavaScript sandbox?
221 2011-11-10 00:43:24 <CFSworks> The only thing I don't like about Python is that you absolutely cannot contain anything in a sandbox...
222 2011-11-10 00:43:29 <CFSworks> It will just break out (or crash the interpreter)
223 2011-11-10 00:43:46 <cjdelisle> haha
224 2011-11-10 00:43:52 <sipa> heh?
225 2011-11-10 00:43:57 <cjdelisle> about as good as chrome doesn't get owned
226 2011-11-10 00:44:26 <cjdelisle> that said, node provides apis to allow you to do nasty stuff
227 2011-11-10 00:44:39 mizerydearia has quit (Ping timeout: 255 seconds)
228 2011-11-10 00:44:45 <cjdelisle> you could sandbox it with some kernel schenanigans though
229 2011-11-10 00:44:57 <CFSworks> Can you safely run an untrusted script in your node program and keep the untrusted script from getting its hands on those nasty APIs?
230 2011-11-10 00:45:26 <cjdelisle> what would those nasty scripts supposed to be doing?
231 2011-11-10 00:45:40 <sipa> launching nukes
232 2011-11-10 00:45:45 <CFSworks> In other words... Is it possible to make a node.js MOO while keeping the server safe from takeover?
233 2011-11-10 00:46:08 <cjdelisle> I was thinking about setting up a testcase for ths
234 2011-11-10 00:46:12 <cjdelisle> *this
235 2011-11-10 00:46:16 <denisx> jgarzik: http://pastebin.com/MZtX5GFQ
236 2011-11-10 00:46:18 <CFSworks> Since MOO objects would obviously have to run inside a sandbox, kept away from things like "rm -rf /" (not that the server would be running as root, but still... ;))
237 2011-11-10 00:46:32 <denisx> I cannot make a clean diff because Iam running it on freebsd with some patches
238 2011-11-10 00:46:46 <denisx> jgarzik: but this is a very good start to port to libevent2
239 2011-11-10 00:46:57 <cjdelisle> if you use setrlim() to set the open file limit to 0, it's really really hard to convince the kernel to let you do much of anything
240 2011-11-10 00:47:26 <CFSworks> So, it's really not that much better than what you have with Python. :\
241 2011-11-10 00:48:09 <cjdelisle> if you can get the apis away from it, it would be safe
242 2011-11-10 00:48:19 <cjdelisle> it's just that you have to mod node to get rid of them
243 2011-11-10 00:48:29 <cjdelisle> actually
244 2011-11-10 00:48:30 gjs278 has quit (Remote host closed the connection)
245 2011-11-10 00:48:39 <cjdelisle> require = undefined;
246 2011-11-10 00:48:46 <cjdelisle> that might do it but I'm not sure
247 2011-11-10 00:48:50 <sebicas> As far as I understand the most import part of node.js is that it never close the conection with the client...
248 2011-11-10 00:48:56 <CFSworks> PyPy has its pypy-c-sandbox, which is an interpreter with no I/O functions at all (it's connected to a parent via pipe, and the parent dispatches I/O on its behalf)
249 2011-11-10 00:49:57 <cjdelisle> sebicas: node *can* never close the connection to the client (because it is capable of handling 10 bazillion concurrent tcp sockets) but that's not required
250 2011-11-10 00:50:12 freewil has quit (Quit: Leaving)
251 2011-11-10 00:50:24 <sipa> i don't see how those are related
252 2011-11-10 00:50:32 <CFSworks> ?
253 2011-11-10 00:51:07 <sipa> what has using persistent connections or not have to do with the scalability of the number of sockets?
254 2011-11-10 00:51:39 <cjdelisle> if you have persistent connections and you use an apache, your world will come crashing down around you
255 2011-11-10 00:51:45 <cjdelisle> oh
256 2011-11-10 00:52:02 <cjdelisle> I mean use websocket or something
257 2011-11-10 00:52:09 <cjdelisle> not just socket reuse
258 2011-11-10 00:52:29 <CFSworks> cjdelisle: So I take it you really like JavaScript... What's your take on Pyjamas?
259 2011-11-10 00:52:44 <cjdelisle> I don't really use python
260 2011-11-10 00:52:46 <cjdelisle> old lang
261 2011-11-10 00:52:53 <cjdelisle> slow version of perl
262 2011-11-10 00:53:16 <luke-jr> CFSworks: what about MOO?
263 2011-11-10 00:53:27 <CFSworks> Perl is faster than Python? Really?
264 2011-11-10 00:54:01 <cjdelisle> no idea
265 2011-11-10 00:54:06 <CFSworks> luke-jr, you mean the original LambdaMOO which had its own language?
266 2011-11-10 00:54:08 <cjdelisle> it "feels" faster
267 2011-11-10 00:54:23 <luke-jr> CFSworks: I'm asking what you mean.
268 2011-11-10 00:55:09 <CFSworks> I mean if I were to implement something like a MOO in node.js (running untrusted scripts on a trusted server, that must coexist with other untrusted scripts), what would the security look like?
269 2011-11-10 00:55:21 <luke-jr> why would you do that? :P
270 2011-11-10 00:55:49 <CFSworks> It's an example question to assess how well you can run many untrusted scripts in the same node.js instance.
271 2011-11-10 00:55:56 <luke-jr> :p
272 2011-11-10 00:56:08 <CFSworks> Without them stomping on each other or bringing down the node.js process itself.
273 2011-11-10 00:56:10 <luke-jr> to be as secure as MOO requires a different paradigm than most people are used to
274 2011-11-10 00:57:01 <cjdelisle> Without them stomping on each other <-- node isn't designed for that
275 2011-11-10 00:57:10 <cjdelisle> you would need seperate processes
276 2011-11-10 00:57:24 <cjdelisle> which is ok since IIRC most of it is shared libraries
277 2011-11-10 00:58:53 <CFSworks> I would think JS would be pretty good at implementing the object-capability model.
278 2011-11-10 00:59:07 <cjdelisle> indeed
279 2011-11-10 00:59:15 <cjdelisle> it is about as close as you can get
280 2011-11-10 00:59:34 <luke-jr> lol
281 2011-11-10 00:59:40 <cjdelisle> and I'm not totally sure but I think you might be able to delete your references to the apis
282 2011-11-10 00:59:41 <CFSworks> You can't really do that with Python... The untrusted script would just introspect any security function you had to grab the untrusted function directly. :P
283 2011-11-10 00:59:44 <luke-jr> cjdelisle: let me guess- you never used MOO
284 2011-11-10 00:59:51 <cjdelisle> correct
285 2011-11-10 00:59:54 <cjdelisle> or lisp
286 2011-11-10 01:00:08 <cjdelisle> I generally don't use esoteric languages
287 2011-11-10 01:00:33 <luke-jr> cjdelisle: MOO is capable of having many many untrusted programmers calling each others' functions securely
288 2011-11-10 01:00:38 <sipa> i would consider neither perl, js, php, python or list esoteric
289 2011-11-10 01:00:40 <CFSworks> I don't know if Lisp qualifies as 'esoteric'... Maybe 'antiquated' is better?
290 2011-11-10 01:01:21 <cjdelisle> luke-jr: if functions were true functions, that would be true of all languages
291 2011-11-10 01:01:37 <sipa> haskell!
292 2011-11-10 01:01:43 <luke-jr> cjdelisle: it would also make it pointless
293 2011-11-10 01:01:51 <CFSworks> cjdelisle, and by "true functions" you mean opaque, where programmers cannot simply rip locals out of them?
294 2011-11-10 01:02:09 <cjdelisle> by true functions I mean with no internal state
295 2011-11-10 01:02:16 <luke-jr> for example, if untrusted User A wants to call my function, my function can decide to use my privileges to do something User A can't do in his own code
296 2011-11-10 01:02:20 <sipa> pure functions == evaluation has no effect beyond its return value
297 2011-11-10 01:02:35 <CFSworks> luke-jr, a seamless transition of security contexts?
298 2011-11-10 01:03:16 <CFSworks> sipa, like Python 'lambda' functions, where it's just an expression with no variables?
299 2011-11-10 01:03:24 <sipa> yes
300 2011-11-10 01:03:28 <cjdelisle> it's often very nice to be able to modify your inputs in a function so I won't go so far as advocating for all functions being pure.
301 2011-11-10 01:03:29 <sipa> haskell has only those
302 2011-11-10 01:03:45 <CFSworks> Functional programming...
303 2011-11-10 01:03:50 <CFSworks> I'm sure the mathematicians in the crowd would love that.
304 2011-11-10 01:04:03 <cjdelisle> I have heard good things about haskell
305 2011-11-10 01:04:07 <CFSworks> Not for me, I'm afraid. :(
306 2011-11-10 01:04:18 <cjdelisle> it's too bad the rest of the world doesn't catch on :/
307 2011-11-10 01:05:17 <sipa> come to #haskell and play with lambdabot :)
308 2011-11-10 01:05:32 <luke-jr> CFSworks: everything runs set-programmer-permissions
309 2011-11-10 01:05:48 <luke-jr> CFSworks: so if UserX wrote the function, it runs with UserX's permissions no matter who calls it
310 2011-11-10 01:06:06 <CFSworks> Can UserX check what the caller's permissions were?
311 2011-11-10 01:06:35 <luke-jr> yes
312 2011-11-10 01:07:03 <luke-jr> and if UserX is privileged, he can set his own permissions to anything else for that context
313 2011-11-10 01:07:15 <luke-jr> ie, the common code: set_task_perms(caller_perms());
314 2011-11-10 01:07:19 <CFSworks> I think the only remaining challenge is figuring out how to avoid RAM exhaustion attacks...
315 2011-11-10 01:07:35 <CFSworks> What's to stop somebody from trying to store all of the Fibonacci sequence inside their objects? :P
316 2011-11-10 01:08:03 <sipa> you'd need per-user memory and cpu limits
317 2011-11-10 01:08:27 <CFSworks> sipa: And that's when I gave up trying to figure out how to make sandboxed Python. :(
318 2011-11-10 01:08:28 osmosis has joined
319 2011-11-10 01:09:10 <luke-jr> CFSworks: quota
320 2011-11-10 01:09:35 <luke-jr> CFSworks: also common: controls(caller_perms(), this) || raise(E_PERM);
321 2011-11-10 01:09:51 <luke-jr> in cases where someone other than the programmer could own the object/instance
322 2011-11-10 01:10:00 zeiris has joined
323 2011-11-10 01:10:04 <CFSworks> Ahh.
324 2011-11-10 01:11:36 <luke-jr> hmm
325 2011-11-10 01:12:01 * luke-jr wonders whose quota it counts against, if someone retains ownership of properties on child objects
326 2011-11-10 01:13:48 mizerydearia has joined
327 2011-11-10 01:14:12 denisx has quit (Quit: denisx)
328 2011-11-10 01:14:35 Snapman is now known as Snapman[afkers]
329 2011-11-10 01:19:08 mizerydearia has quit (Ping timeout: 260 seconds)
330 2011-11-10 01:20:10 Snapman[afkers] is now known as Snapman
331 2011-11-10 01:22:39 zeiris has quit (Ping timeout: 248 seconds)
332 2011-11-10 01:23:15 marf_away has quit (Ping timeout: 258 seconds)
333 2011-11-10 01:24:26 TheZimm has quit (Quit: Computer has gone to sleep.)
334 2011-11-10 01:25:21 crazy_imp has quit (Ping timeout: 245 seconds)
335 2011-11-10 01:25:53 mizerydearia has joined
336 2011-11-10 01:27:28 crazy_imp has joined
337 2011-11-10 01:31:11 denisx has joined
338 2011-11-10 01:34:36 ThomasV has quit (Ping timeout: 255 seconds)
339 2011-11-10 01:39:14 copumpkin has quit (Ping timeout: 276 seconds)
340 2011-11-10 01:40:03 <denisx> gna, jansson 2.x is also not API compatible to 1.x
341 2011-11-10 01:42:00 zeiris has joined
342 2011-11-10 01:42:03 wasabi2 has joined
343 2011-11-10 01:42:51 wasabi1 has quit (Ping timeout: 245 seconds)
344 2011-11-10 01:43:48 copumpkin has joined
345 2011-11-10 01:45:03 ThomasV has joined
346 2011-11-10 01:48:27 wolfspraul has joined
347 2011-11-10 01:55:48 noagendamarket has joined
348 2011-11-10 02:14:12 ThomasV has quit (Ping timeout: 255 seconds)
349 2011-11-10 02:18:56 ThomasV has joined
350 2011-11-10 02:23:00 shadders has quit (Quit: Leaving)
351 2011-11-10 02:27:58 shadders has joined
352 2011-11-10 02:29:13 copumpkin has quit (Quit: Computer has gone to sleep.)
353 2011-11-10 02:31:08 <denisx> so, I added a little zerocopy to pushpoold
354 2011-11-10 02:31:43 <gmaxwell> denisx: did you make it use the async apis for the databases or is the whole thing still blocking on database writes? :)
355 2011-11-10 02:32:13 <gmaxwell> At least when I ran oprofile on it a long time ago thats where it was spending basically all of its time.
356 2011-11-10 02:32:33 <denisx> gmaxwell: what database do you use?
357 2011-11-10 02:33:31 <gmaxwell> I was testing against mysql, but it was using the blocking api for both postgres and mysql before and I assume it still is.
358 2011-11-10 02:35:44 <denisx> I rarely see my db with any load at all
359 2011-11-10 02:35:48 <denisx> sometimes 0.5%
360 2011-11-10 02:36:27 Backburn has joined
361 2011-11-10 02:36:47 Raccoon` is now known as Raccoon
362 2011-11-10 02:37:12 <phantomcircuit> gmaxwell, what exactly does pushpoold do
363 2011-11-10 02:37:17 <phantomcircuit> i never bothered to investigate
364 2011-11-10 02:37:28 <phantomcircuit> it keeps track of who sends what shares right?
365 2011-11-10 02:37:41 <denisx> yes
366 2011-11-10 02:38:08 <gmaxwell> Right. and it's doing blocking requests to the db so if the db is busy at all, pushpool blocks on it and doesn't respond to connections.
367 2011-11-10 02:38:17 <denisx> client asks pushpoold for work, pushpool gets work from bitcoind
368 2011-11-10 02:38:25 <gmaxwell> So you do some select to figure out what users are owed what, .. and you're getting timeouts.
369 2011-11-10 02:38:44 <phantomcircuit> gmaxwell, that is
370 2011-11-10 02:38:46 <phantomcircuit> hilarious
371 2011-11-10 02:38:50 <phantomcircuit> i tried to compile it
372 2011-11-10 02:38:51 <denisx> client reports 'success' on a hash, pushpoold verifies that with bitcoind and adds that to the client account in the db
373 2011-11-10 02:38:57 <phantomcircuit> and just decided i didn't care
374 2011-11-10 02:39:05 <phantomcircuit> like a couple months ago ro something
375 2011-11-10 02:39:53 <CFSworks> denisx, wait, what? pushpoold verifies share hashes using bitcoind's RPC? :S
376 2011-11-10 02:40:14 <gmaxwell> CFSworks: it does a basic sanity check first internally, IIRC.
377 2011-11-10 02:40:25 Sorcy is now known as Ycros
378 2011-11-10 02:40:27 <denisx> yes, some checks first
379 2011-11-10 02:40:41 <phantomcircuit> there is absolutely no reason to check with bitcoind
380 2011-11-10 02:40:46 mizerydearia has quit (Ping timeout: 245 seconds)
381 2011-11-10 02:41:09 <phantomcircuit> you just verify that the block header is correct and that it matches a version you gave out previously to be worked on
382 2011-11-10 02:41:12 <denisx> ah, I mean for real blocks it checks bitcoind!
383 2011-11-10 02:41:16 <phantomcircuit> within x seconds
384 2011-11-10 02:41:24 <gmaxwell> phantomcircuit: what happens with I start giving you ntimes that are from the future which the network wouldn't accept?
385 2011-11-10 02:42:06 <phantomcircuit> restrict times to +- 5 minutes from a true time clock
386 2011-11-10 02:42:12 TheZimm has joined
387 2011-11-10 02:42:17 slush has quit (Quit: Leaving.)
388 2011-11-10 02:42:22 <gmaxwell> All the modern miners implement ntime rolling (presumably so they don't sit idle while pushpool is blocked on the database or bitcoind...)
389 2011-11-10 02:42:33 <phantomcircuit> ironic
390 2011-11-10 02:42:36 ThomasV has quit (Ping timeout: 258 seconds)
391 2011-11-10 02:43:06 <CFSworks> gmaxwell: Yeah... About that... >_>
392 2011-11-10 02:52:22 CFSworks is now known as CFSworks|eat
393 2011-11-10 02:54:12 ThomasV has joined
394 2011-11-10 02:54:34 copumpkin has joined
395 2011-11-10 02:54:40 copumpkin has quit (Changing host)
396 2011-11-10 02:54:40 copumpkin has joined
397 2011-11-10 02:55:28 Turingi has quit (Read error: Connection reset by peer)
398 2011-11-10 03:02:13 slush has joined
399 2011-11-10 03:07:27 freewil has joined
400 2011-11-10 03:07:27 freewil has quit (Changing host)
401 2011-11-10 03:07:28 freewil has joined
402 2011-11-10 03:09:39 Xunie has quit (Read error: Connection reset by peer)
403 2011-11-10 03:12:11 frozensquirrel has quit (Ping timeout: 276 seconds)
404 2011-11-10 03:13:04 mizerydearia has joined
405 2011-11-10 03:17:06 noagendamarket has quit (Quit: Leaving)
406 2011-11-10 03:19:27 b4epoche_ has joined
407 2011-11-10 03:25:37 btc_buddy has quit (Read error: Connection reset by peer)
408 2011-11-10 03:26:13 ThomasV has quit (Quit: Quitte)
409 2011-11-10 03:26:42 rcorreia has joined
410 2011-11-10 03:27:29 btc_buddy has joined
411 2011-11-10 03:27:37 rcorreia has quit (Read error: Connection reset by peer)
412 2011-11-10 03:29:19 rcorreia has joined
413 2011-11-10 03:29:48 frozensquirrel has joined
414 2011-11-10 03:30:08 alanp_ has quit (Ping timeout: 248 seconds)
415 2011-11-10 03:31:03 rcorreia has quit (Remote host closed the connection)
416 2011-11-10 03:31:20 ThomasV has joined
417 2011-11-10 03:32:20 btc_buddy has quit (Client Quit)
418 2011-11-10 03:32:30 rcorreia has joined
419 2011-11-10 03:37:23 ThomasV has quit (Quit: Quitte)
420 2011-11-10 03:40:43 mizerydearia has quit (Ping timeout: 252 seconds)
421 2011-11-10 03:42:07 mizerydearia has joined
422 2011-11-10 03:42:57 wasabi1 has joined
423 2011-11-10 03:44:45 wasabi2 has quit (Ping timeout: 240 seconds)
424 2011-11-10 03:46:57 denisx has quit (Quit: denisx)
425 2011-11-10 03:48:15 Firefly007 has quit (Read error: Operation timed out)
426 2011-11-10 03:59:52 boonies4u has joined
427 2011-11-10 04:01:02 boonies4u has left ()
428 2011-11-10 04:01:10 boonies4u has joined
429 2011-11-10 04:03:43 boonies4u has left ()
430 2011-11-10 04:06:27 wolfspraul has quit (Quit: leaving)
431 2011-11-10 04:08:19 CFSworks is now known as eat!~unspecifi@vps.cfsworks.com|CFSworks
432 2011-11-10 04:10:15 vorlov has joined
433 2011-11-10 04:12:34 [7] has quit (Disconnected by services)
434 2011-11-10 04:12:48 TheSeven has joined
435 2011-11-10 04:14:08 sneak has quit (Ping timeout: 260 seconds)
436 2011-11-10 04:17:40 sneak has joined
437 2011-11-10 04:17:41 sneak has quit (Changing host)
438 2011-11-10 04:17:41 sneak has joined
439 2011-11-10 04:21:59 imsaguy is now known as imsagod
440 2011-11-10 04:22:05 eoss has quit (Remote host closed the connection)
441 2011-11-10 04:24:57 t3a has joined
442 2011-11-10 04:30:13 vorlov has quit (Quit: vorlov)
443 2011-11-10 04:31:36 pickett has quit (Remote host closed the connection)
444 2011-11-10 04:34:34 Guest56151 is now known as MBs
445 2011-11-10 04:34:38 MBs is now known as MBS
446 2011-11-10 04:34:52 MBS has quit (Changing host)
447 2011-11-10 04:34:52 MBS has joined
448 2011-11-10 04:35:34 pickett has joined
449 2011-11-10 04:43:09 theymos has joined
450 2011-11-10 04:43:27 wasabi2 has joined
451 2011-11-10 04:45:49 wasabi1 has quit (Ping timeout: 260 seconds)
452 2011-11-10 04:47:49 RobinPKR_ has joined
453 2011-11-10 04:50:08 RobinPKR has quit (Ping timeout: 248 seconds)
454 2011-11-10 04:50:08 RobinPKR_ is now known as RobinPKR
455 2011-11-10 04:50:31 sebicas has left ()
456 2011-11-10 04:52:20 gjs278 has joined
457 2011-11-10 04:53:35 frozensquirrel has quit (Ping timeout: 276 seconds)
458 2011-11-10 05:08:50 frozensquirrel has joined
459 2011-11-10 05:15:15 SomeoneWeirdzzzz is now known as SomeoneWeird
460 2011-11-10 05:20:51 slush has quit (Ping timeout: 258 seconds)
461 2011-11-10 05:28:41 TheZimm has quit (Quit: Computer has gone to sleep.)
462 2011-11-10 05:37:05 TheZimm has joined
463 2011-11-10 05:37:11 TheZimm has quit (Client Quit)
464 2011-11-10 05:37:20 TheZimm has joined
465 2011-11-10 05:37:21 TheZimm has quit (Client Quit)
466 2011-11-10 05:39:13 Beremat has quit (Read error: Connection reset by peer)
467 2011-11-10 05:41:09 TheZimm has joined
468 2011-11-10 05:44:46 WakiMiko has joined
469 2011-11-10 05:46:09 RazielZ has joined
470 2011-11-10 05:48:12 WakiMiko_ has quit (Ping timeout: 276 seconds)
471 2011-11-10 05:56:58 alanp has joined
472 2011-11-10 05:57:03 Workbench has quit (Read error: Connection reset by peer)
473 2011-11-10 05:59:03 BurtyBB has quit (Ping timeout: 240 seconds)
474 2011-11-10 06:02:59 BurtyB has joined
475 2011-11-10 06:04:06 BurtyB has quit (Read error: Connection reset by peer)
476 2011-11-10 06:04:22 BurtyB has joined
477 2011-11-10 06:05:32 BurtyBB has joined
478 2011-11-10 06:09:39 BurtyB has quit (Ping timeout: 276 seconds)
479 2011-11-10 06:11:06 iz has quit (Read error: Operation timed out)
480 2011-11-10 06:11:19 wasabi2 has quit (Read error: Connection reset by peer)
481 2011-11-10 06:12:26 wasabi1 has joined
482 2011-11-10 06:14:24 iz has joined
483 2011-11-10 06:15:04 Ken`_ has joined
484 2011-11-10 06:16:21 Ken` has quit (Write error: Broken pipe)
485 2011-11-10 06:16:45 gjs278 has quit (Read error: Connection reset by peer)
486 2011-11-10 06:17:01 gjs278 has joined
487 2011-11-10 06:29:39 zeiris has quit (Ping timeout: 260 seconds)
488 2011-11-10 06:29:50 stalled has joined
489 2011-11-10 06:32:55 TheZimm has quit (Quit: Computer has gone to sleep.)
490 2011-11-10 06:33:23 BurtyB has joined
491 2011-11-10 06:34:22 BurtyB has quit (Read error: No route to host)
492 2011-11-10 06:34:38 BurtyB has joined
493 2011-11-10 06:34:50 BurtyBB has quit (Ping timeout: 258 seconds)
494 2011-11-10 06:36:50 zeiris has joined
495 2011-11-10 06:42:48 metaperl has joined
496 2011-11-10 06:47:49 wasabi1 has quit (Read error: Connection reset by peer)
497 2011-11-10 06:48:45 AStove has joined
498 2011-11-10 06:50:36 <Lolcust> Hello respected btc-dev channel residents! Recent(ish) discussion of fee regime brought me to drink... I mean, to think ~__^, about possible system for tweaking of fee regime by dev (so, this writeup does not imply "liberalizing" mandatory fee system) that would not involve updating the software just to change mandatory fee from X to Y... This is a quickie writeup I came up with:
499 2011-11-10 06:51:03 <Lolcust> http://pastie.org/private/1n0gtwzuynkcbnsb2g27ma
500 2011-11-10 06:51:42 <Lolcust> Let the ... civilized discussion and constructive criticism commence :)
501 2011-11-10 06:52:33 <theymos> It's bad for things to be centralized like that. One simple feature would fix everything: allow transactions to be canceled. Then there's no need for a mandatory fee at all.
502 2011-11-10 06:53:29 <justmoon> canceled by who? the sender?
503 2011-11-10 06:54:08 <justmoon> Lolcust: how do the developers know the "correct" fee to set?
504 2011-11-10 06:55:04 <theymos> Right. If the sender could cancel stuck payments, people would learn to sent transactions with proper fees. Maybe later some advanced proper-fee-detection features could be created.
505 2011-11-10 06:55:12 <gmaxwell> 'simple'
506 2011-11-10 06:55:16 <Lolcust> theymos well, I explicitly said that it does not attempt to decentralize mandatory fee management. Also, pardon my dimness, but how would transaction cancelation prevent spam issues that arise if mandatory fee is too low and some of the miners are willing to "let the spammer vampires in"
507 2011-11-10 06:55:55 <theymos> OK, it's not that simple. But it's simpler than trying to keep a correct mandatory fee.
508 2011-11-10 06:56:05 <Lolcust> justmoon exactly same way developers know the correct minimum mandatory fee now, when hardcoding it ^__~
509 2011-11-10 06:56:41 BurtyBB has joined
510 2011-11-10 06:56:49 <justmoon> Lolcust, right now only a default fee setting is hardcoded, and from I understand most people want to get rid of that in favor of a more dynamic solution
511 2011-11-10 06:56:51 <theymos> It's not a problem if miners accept bad transactions. Malicious miners can right now fill blocks with garbage.
512 2011-11-10 06:57:03 <Lolcust> theymos - current system (minimum mandatory fees are "guessed / estimated" by dev team and hardcoded) works
513 2011-11-10 06:57:05 BurtyB has quit (Ping timeout: 248 seconds)
514 2011-11-10 06:57:15 <Lolcust> Thus I see no reaon to liberalize it
515 2011-11-10 06:57:33 <justmoon> Lolcust, developers deciding the fee essentially is a form of central planning - it requires the central planners to have knowledge that only exists in the minds of the users and miners
516 2011-11-10 06:57:48 Dagger3 has quit (Ping timeout: 244 seconds)
517 2011-11-10 06:58:25 BurtyB2 has joined
518 2011-11-10 06:58:26 <justmoon> things like, how much are you willing to spend for the security you get from an extra TH/s in hashing power?
519 2011-11-10 06:58:35 <gmaxwell> theymos: okay, we probably agree there... though the built in fee pain is pretty long term. E.g. we have no need to change it now and probably won't the rest of the year.
520 2011-11-10 06:59:03 <Lolcust> justmoon central plannig sort of works in smaller economic systems (corporations and privately held companies are often like that ) and like I said, I am a centrist and I don't mind a touch of interventionism here and there
521 2011-11-10 06:59:25 Dagger3 has joined
522 2011-11-10 06:59:26 <justmoon> Lolcust, precisely, it works right, because Bitcoin is small
523 2011-11-10 06:59:30 <justmoon> right now*
524 2011-11-10 06:59:37 <gmaxwell> justmoon: the developers aren't deciding fees in any case. they're deciding a _minimum_ fee for realying, and it is no different from deciding the coefficients used in other anti-DOS behavior.
525 2011-11-10 06:59:44 <justmoon> gmaxwell, that's what I said
526 2011-11-10 06:59:51 <gmaxwell> (today and for the next several years)
527 2011-11-10 07:00:18 <Lolcust> gmaxwell my proposal only deals with Mandatory MINIMUM fee as well
528 2011-11-10 07:00:44 <metaperl> The `gen` option isnt copiously described here - https://en.bitcoin.it/wiki/Running_Bitcoin#Bitcoin.conf_Configuration_File ... does that mean that the daemon started up will attempt to mine for coins?
529 2011-11-10 07:00:55 <gmaxwell> Lolcust: oh, just saw it.
530 2011-11-10 07:01:34 BurtyBB has quit (Ping timeout: 240 seconds)
531 2011-11-10 07:01:35 <gmaxwell> Lolcust: if it has to be updated frequently then we've done something horribly wrong and it's no longer just a basic anti-ddos rate limiting thing. As evidence you're not suggesting using the same method for updating all the other DDOS limits.
532 2011-11-10 07:01:43 <Lolcust> justmoon , I strongly doubt that BTC will ever reach the scales at which "antispam" minimum fee being decided by the dev team can cause scaling issues. And if that happens, nothing prevents "deregulating" it then (and likely dying by spam)
533 2011-11-10 07:02:12 <Lolcust> gmaxwell I did leave a provision for using it for updating "other parameters:
534 2011-11-10 07:03:01 <Lolcust> It's just that updating software just to pop fee up/down (with the "right fee" being essentially a function of coin price at exchange) seems....clumsy
535 2011-11-10 07:03:30 <theymos> The network is already not homogeneous, and when more miners break from the recommended fee values (especially miners who demand higher fees), there will be problems. I think it will probably need to be solved in sooner than a year.
536 2011-11-10 07:03:42 zeiris has quit (Ping timeout: 245 seconds)
537 2011-11-10 07:04:04 <gmaxwell> It shouldn't be much of a function of the coin price at an exchange though.. because it should be so low that it should be able to move an order of magnitude in either direction without substantially burdening users or losing its effectiveness for anti-dos.
538 2011-11-10 07:04:43 <justmoon> Lolcust, personally I think there are ways that don't require a steering committee. but let's assume bitcoin goes with your proposal, wouldn't that mean its rules are now made by the developers? how would it differ from other currencies/settlement systems like Euro/SEPA?
539 2011-11-10 07:04:43 <Lolcust> gmaxwell , but the antispam effect stems, essentially, from attacker not being able to spam while paying the fee
540 2011-11-10 07:05:21 <gmaxwell> Lolcust: yes but it still works pretty well even if its quite small.
541 2011-11-10 07:05:49 <Lolcust> if coin price is high, even a tiny fee will stop the spammer, but if it is low, he can buy a fistful for cheap and spam on
542 2011-11-10 07:06:02 <Lolcust> current price is, in typical human terms, rather high
543 2011-11-10 07:06:09 num1 has quit (Ping timeout: 248 seconds)
544 2011-11-10 07:06:25 <gmaxwell> Lolcust: you can cut the fee by a factor of 100 and they can only send 100x more spam... vs if there is no fee, I can while true; do bitcoind sendtoaddress `bitcoind getnewaddress` ; done and send 1000000000000x spam.
545 2011-11-10 07:07:14 <gmaxwell> Lolcust: it's a fraction of a penny which is applied to a sub minority of transactions. How is that high in human terms? with USD you use lose more than our txn fee from rounding on prices. :)
546 2011-11-10 07:07:38 dvide has joined
547 2011-11-10 07:09:16 <Lolcust> gmaxwell what I meant in "high in human terms" is that "Oh I will spam and loose 100 BTC on sheer fees" would mean me loosing 300USD on fees, which is quite...discouraging. At a lower price, loosing 100, or even 1000 BTC on just being a dick to the network might not sound that gravely loosing a proposition
548 2011-11-10 07:09:30 <Lolcust> especially for "do it for the lulz" attacker
549 2011-11-10 07:11:12 <Lolcust> justmoon rules are already - and always - made by the developers. Min. tx fee specifically are being hardcoded right now. Since I am not economically fundamentallist, I don't mind that (even if it makes it slightly like euro ;-) ) and plenty of difference remains (decentralized transaction processing and emission, pseudonymity, easy transaction over TCP/IP, etc.)
550 2011-11-10 07:11:47 <theymos> It would be not terribly expensive to raise network-wide fees for a while, which is another reason I'd like to see the ability to cancel stuck transactions.
551 2011-11-10 07:12:03 <gmaxwell> Lolcust: if 1x your attack would not be problematic than making it 10x larger should also not be substantially problematic. Which is my core point. The anti-dos goal here is mostly to slow premature chain bloat, otherwise priority order is fine. .. The anti-anti-dos goal is more complicated because for that the minimum needs to be high enough to get txn processed in a timely fashion.
552 2011-11-10 07:12:52 <theymos> Lolcust: Miners won't follow rules that they don't like. Eligius already has very different fee rules than the default client.
553 2011-11-10 07:13:24 <gmaxwell> theymos: correction: the evidence suggests that most miners simply won't update their software. Actual preferences don't seem to matter much.
554 2011-11-10 07:13:41 <Lolcust> theymos that requires them to dislike the rules strongly enough to make a mod out of it. also, what gmaxwell said
555 2011-11-10 07:13:58 <gmaxwell> Luke is about the only person with more than a few hundred MH under his belt who actually expresses preferences in public, and we all know he's crazy. :)
556 2011-11-10 07:14:59 <Lolcust> gmaxwell, I do realize that it is probably a petty concern and unless btc crashes to 0.009 USD (or lower) current fee is more than enough to keep any significant chain bloat / tx dos attack at bay.
557 2011-11-10 07:15:23 <gmaxwell> okay, given that condition I agree with you, but if that were to happen I don't care that much
558 2011-11-10 07:15:43 <justmoon> Lolcust, is your proposal meant only for current fee concerns or would you use the same system once coin generation stops?
559 2011-11-10 07:15:47 <gmaxwell> if btc gets down to that either everyone will have given up for some bigger reason, or it will take a long time to get there, in which case we'd adapt.
560 2011-11-10 07:16:11 Sedra has quit (Remote host closed the connection)
561 2011-11-10 07:16:22 <gmaxwell> justmoon: don't assume generation stops. I mean it technically does right now, but that actual stopping point isn't important.
562 2011-11-10 07:16:37 <Lolcust> gmaxwell point was more or less "if one is managing minimum fees centrally (which is status quo) one can at least manage it more elegantly than via whole full-blown software update"
563 2011-11-10 07:16:37 <gmaxwell> The maximum amount of coins doesn't arise because generation stops.
564 2011-11-10 07:16:59 <gmaxwell> Lolcust: the inelegance is one of the reasons the central control is acceptable.
565 2011-11-10 07:17:10 <Lolcust> justmoon well, that actually depends on how price will behave when second subsidy cut hits
566 2011-11-10 07:17:14 <phantomcircuit> gmaxwell, personally i would like to see the tx relay rules changed
567 2011-11-10 07:17:28 <Lolcust> I expect the second to be far far more...bizzare than the first
568 2011-11-10 07:17:43 <gmaxwell> there were a couple fruitcakes a while back arguing that the developers were making it rich off the omg fees. (always great to see one show up with stuck transactions in their modified client a few weeks later)
569 2011-11-10 07:18:17 <Lolcust> gmaxwell so what ? You can't satisfy all the mad men on internets
570 2011-11-10 07:18:18 <gmaxwell> but it was lots easier to dismiss them because the client imposed fees are such a suckass form of central control. :)
571 2011-11-10 07:18:59 <gmaxwell> Lolcust: as described your system creates a serious centralized vulnerablity.
572 2011-11-10 07:19:17 <Lolcust> Well, if you don't like mandatory fees you can cut the "version-message updatable mandatory fee" just the same way you would cut out current one (but you'd need a miner to play along)
573 2011-11-10 07:19:26 <gmaxwell> I get the developer key, send ninjas to kill everyone else with it.. send out a fee update of 10000000 btc .. then bitcoin stops working for most users.
574 2011-11-10 07:19:41 <gmaxwell> yes, but the system is broken until you go and do that.
575 2011-11-10 07:20:12 <gmaxwell> and during that time I also circulate 'fixed' clients.. which contain a backdoor, and I snare lots of suckers.
576 2011-11-10 07:20:25 <Lolcust> I don't think it's any more broken than now. Now, if devs deem fee of X better and some people just don't update, you get worst of both worlds
577 2011-11-10 07:21:08 <Lolcust> Central-ish control is still there, but objectives it tried to achieve with raising / lowering antispam fee are not achieved because people are too lazy to update
578 2011-11-10 07:21:12 <gmaxwell> no, thats not at all the worst of both worlds.
579 2011-11-10 07:21:23 <Lolcust> So you get a "soup"
580 2011-11-10 07:21:30 <gmaxwell> There is no way to achieve that "one guy broke bitcoin today" with the current situation.
581 2011-11-10 07:21:44 Sedra has joined
582 2011-11-10 07:22:00 <gmaxwell> At _worst_ you can get "people who installed new clients today were unhappy and downgraded" or "stop! the new client breaks the network! don't upgrade!"
583 2011-11-10 07:22:14 <gmaxwell> This is also why bitcoin should _never_ have a simplistic autoupdater.
584 2011-11-10 07:22:52 <gmaxwell> (the system the tor folks proposed with time delays and vetos might be tolerable, but if then only if its opt-in)
585 2011-11-10 07:22:54 <rphlx> you can do an incremental rollout with an autoupdater
586 2011-11-10 07:23:23 shadders has quit (Remote host closed the connection)
587 2011-11-10 07:23:56 <Lolcust> gmaxwell well, given human update behavior (and sustained prevalence of oldtimer clients), I'd say that "old cruft" accumulation is far more likely to cause pains than "guy broke it" scenario
588 2011-11-10 07:23:59 <theymos> Yeah, I would be absolutely opposed to an autoupdator.
589 2011-11-10 07:24:05 <gmaxwell> Some folks related to the tor project proposed a system where updates are queued for a while after they are published, and any of the keys that can sign the release can also veto them to prevent their autoinstall)
590 2011-11-10 07:24:42 <theymos> I still don't like it. Too centralized. Tor itself is centralized, though, so it doesn't matter as much for them.
591 2011-11-10 07:24:49 <gmaxwell> Lolcust: it's not about likely. It's about the available failure modes. Central control abused to break things becomes an attractive attack vector when it's available.
592 2011-11-10 07:25:40 <Lolcust> gmaxwell then developer key used for binary signing is as attractive as the key that would be used to sign "fee updates" in my proposal
593 2011-11-10 07:25:57 <Lolcust> and given that majority of userbase uses binaries, just as destructive
594 2011-11-10 07:25:58 <gmaxwell> E.g. right now, even if you're willing to kill people there is basically no way for you to just go shut bitcoin off. With what you're proposing, it's simple: get in a plane, fly to wherever gavin (or theymos is), put a gun to their head and tell them to set the fee to 21m bitcoin.
595 2011-11-10 07:26:13 <gmaxwell> Lolcust: no, because there is no autoupdate.
596 2011-11-10 07:26:23 <gmaxwell> Also, 99.9999% of people don't check the signatures.
597 2011-11-10 07:26:51 <gmaxwell> Also, gavin's key is not connected to the pgp strongset, so it's unlikely that people who check signatures can actually verify the validity of _his_ signature.
598 2011-11-10 07:26:52 <theymos> And the weight of any signatures would be nullified if like 20 other trusted people signed that they were compromised.
599 2011-11-10 07:27:15 <gmaxwell> theymos: yea, right, thats the point of the queue-and-veto approach.
600 2011-11-10 07:27:58 <Lolcust> well, it becomes notably harder to tell the "poisoned" binaries from real thing if the signatures are okay, and other complexity (now we have to withdraw signatures) would start piling up.
601 2011-11-10 07:28:31 <gmaxwell> yes, but since no one checks it doesn't matter. :) And again, poisoned binaries are still only a slowly spreading problem.
602 2011-11-10 07:28:42 molecular has quit (Ping timeout: 245 seconds)
603 2011-11-10 07:28:51 <Lolcust> Methinks that if you already have to manage the anti-spam fee centrally (for now at least), then you can at least be efficient about it ;-)
604 2011-11-10 07:28:51 <gmaxwell> (though something that we should be strengthened against)
605 2011-11-10 07:29:16 molecular has joined
606 2011-11-10 07:29:23 <gmaxwell> Lolcust: in any case, I recommend you table your idea until its time to change the fee again. Right now its a solution looking for a problem. The next time the fee needs to be changed people might find the idea more attractive.
607 2011-11-10 07:29:41 abragin has joined
608 2011-11-10 07:29:43 abragin has quit (Changing host)
609 2011-11-10 07:29:43 abragin has joined
610 2011-11-10 07:30:05 <gmaxwell> regardless of what the minfee stuff does, we still do need a way to cancel transactions as theymos says. So if we get that the design of the minfee thing might change.
611 2011-11-10 07:30:52 shadders has joined
612 2011-11-10 07:31:12 <Lolcust> gmaxwell I was primarily looking for people to comment if it has grievous omissions of the technological kind (can't be done because *programmer issue No 22 ;-) ) not ideological kind (centralization is evil) (that's why I outright admited the central management thing in the begining)
613 2011-11-10 07:31:51 <gmaxwell> well he boom-network-dead is a security flaw which could be improved by technical means.
614 2011-11-10 07:33:25 <gmaxwell> (e.g. using quorum and veto, requring the update to get mined (a check and balance), or using a hashpower decision instead of developer signatures)
615 2011-11-10 07:33:52 RazielZ has quit (Ping timeout: 260 seconds)
616 2011-11-10 07:34:00 <Lolcust> Maybe an upper limit on fee being hardcoded (no point in setting minimum fee above 1 coin, even when BTC was pennyworth, smaller fees worked fine)
617 2011-11-10 07:34:43 <Lolcust> Hm, classic "51 hashpower" would be kind of neat as fee-update "canonizations" vector
618 2011-11-10 07:35:41 Habbie has quit (Quit: USN-1253-1)
619 2011-11-10 07:36:02 <Lolcust> Though methinks that having it mined, multi-signed and having a sane-ish hardcoded upper limit (we know for a fact that a fee well below 0.5 works even when price is dirt low) would be enough
620 2011-11-10 07:36:43 <Lolcust> veto seems rather pointless in a system with very fast update propagation (which is what is proposed)
621 2011-11-10 07:36:56 <Lolcust> anyway, as re: transaction cancelation
622 2011-11-10 07:36:58 <Lolcust> Canceling transactions by the sender before they get "mined", I assume ?
623 2011-11-10 07:37:33 <Lolcust> Can't we already do that with pywallet, more or less ?
624 2011-11-10 07:38:34 RazielZ has joined
625 2011-11-10 07:39:04 Habbie has joined
626 2011-11-10 07:42:35 metaperl has quit (Read error: Connection reset by peer)
627 2011-11-10 07:43:56 <justmoon> Lolcust, you can cancel it being rebroadcasted, but it can still be included by a miner who already has it
628 2011-11-10 07:44:38 <Lolcust> well, you wait reasonabl-ish time and -rescan. if it does not pop up, then it is successfully canceled ^__~
629 2011-11-10 07:44:40 metaperl has joined
630 2011-11-10 07:44:47 <justmoon> yes, if you wanted to resend it with a higher fee, you'd need to wait a bit for some of the network to forget about it
631 2011-11-10 07:45:07 <Lolcust> I find the idea of a saner cancelation process...interesting
632 2011-11-10 07:45:29 <Lolcust> Anywhere I can familiarize myself with relevant discussion ?
633 2011-11-10 07:45:31 <justmoon> the cancel message itself could be a DoS vector though - that's why there is none I believe
634 2011-11-10 07:46:05 <justmoon> or you could send a transaction with a reasonable, cancel it, send it again etc.
635 2011-11-10 07:46:11 <justmoon> reasonable fee*
636 2011-11-10 07:48:19 <theymos> When cancelling, Bitcoin should always send a conflicting transaction so no miner includes the old version and surprises you.
637 2011-11-10 07:51:40 <Lolcust> theymos couldn't I trivially spam the network with send/cancel cycles ? Also, what would happen if a cancel message arrives "too late" ?
638 2011-11-10 07:52:37 smtmnyz has quit (Ping timeout: 255 seconds)
639 2011-11-10 07:53:28 <theymos> You can only send cancellations after the network has forgotten about your old transaction or your new transaction will be rejected by everyone.
640 2011-11-10 07:54:52 <CFSworks> (Unless the node doing the cancellation happens to have enough hashing power behind it that it finds the next block.)
641 2011-11-10 07:55:45 underscor has quit (Ping timeout: 248 seconds)
642 2011-11-10 07:56:01 underscor has joined
643 2011-11-10 07:59:15 stalled has quit (Ping timeout: 252 seconds)
644 2011-11-10 08:01:46 <gmaxwell> theymos: what it should do is show a cancel pending... and keep showing it until the conflicting txn makes it through.
645 2011-11-10 08:02:49 <CFSworks> gmaxwell, "cancellation attempt pending" :)
646 2011-11-10 08:04:25 <theymos> gmaxwell: Yes. A special "increase fee" feature would also be nice to immediately replace the old transaction with one with increased fees.
647 2011-11-10 08:10:00 AStove has quit ()
648 2011-11-10 08:10:36 <Lolcust> theymos well, there was also that patch which allowed to "precook" transactions so that you can check what fees will be like... But I suspect it caused trouble (otherwise, why isn't it in main ;-) )...
649 2011-11-10 08:11:30 <gmaxwell> Lolcust: fees aren't determinstic.
650 2011-11-10 08:11:52 <gmaxwell> just getting a new input or an additional block landing on the chain will totally invalidate the results.
651 2011-11-10 08:12:08 <Lolcust> I am aware of that
652 2011-11-10 08:12:18 <gmaxwell> And sometimes they'll make the fees go _up_ because the selection doesn't minimize fees.
653 2011-11-10 08:15:18 jackmcbarn has quit (Ping timeout: 244 seconds)
654 2011-11-10 08:15:29 <Lolcust> well, that I know, still, being able to tell what fee will be for sending 200 BTC given current state of your wallet, and then either agreeing or declining, would be neat. https://github.com/TheBlueMatt/bitcoin/commit/5350a907a57b88bd86827c1f3e41b571cf130401 <- this was what I meant
655 2011-11-10 08:16:20 RazielZ has quit (Ping timeout: 252 seconds)
656 2011-11-10 08:16:25 <doublec> I'd like a way to send specifying the max fee I want to fail and if it fails it returns the fee it wanted. Then it can be repeated with the new max if needed.
657 2011-11-10 08:17:12 <doublec> or something like that -to make it easier for a merchant to pass the fee on
658 2011-11-10 08:17:19 <gmaxwell> doublec: that seems like a pretty simple request.
659 2011-11-10 08:17:42 <Lolcust> Oh, and gmaxwell , not to beat an old hypothetical horse, but it didn't cross my mind right away... being able to centrally set the minimum "antispam" fee size to "stupid_value" would not totally destroy the network, just significantly inconvenience it (I, for one, do my best to ensure that I always get away with fee of 0. Because I am greedy like that ^__^ _
660 2011-11-10 08:17:53 <doublec> I should probably write it myself and submit the patch :)
661 2011-11-10 08:19:26 jackmcbarn has joined
662 2011-11-10 08:21:07 RazielZ has joined
663 2011-11-10 08:21:26 <gmaxwell> Lolcust: part of any sane update would also need to say when they get required, not just the value.
664 2011-11-10 08:26:03 <phantomcircuit> so i find myself reading the bitcoin buildmerkleroot function
665 2011-11-10 08:26:05 osmosis has quit (Quit: Leaving)
666 2011-11-10 08:26:26 <phantomcircuit> and i can honestly say i have no idea how it's handling transaction lists of odd length
667 2011-11-10 08:27:03 iocor has joined
668 2011-11-10 08:27:17 <phantomcircuit> it's actually buildmerkletree btw
669 2011-11-10 08:27:53 <theymos> The last one is hashed twice.
670 2011-11-10 08:28:21 <phantomcircuit> im not so sure
671 2011-11-10 08:28:29 <phantomcircuit> it might promote them
672 2011-11-10 08:28:51 <phantomcircuit> if you have one transaction the transaction hash is the merkle root
673 2011-11-10 08:29:02 <phantomcircuit> which is actually wrong behaviour but whatever
674 2011-11-10 08:29:45 <justmoon> maybe this code is a bit clearer? https://github.com/bitcoinjs/node-bitcoin-p2p/blob/master/lib/schema/block.js#L122
675 2011-11-10 08:30:31 <phantomcircuit> https://privatepaste.com/1de0f73923
676 2011-11-10 08:30:44 <phantomcircuit> the mainline code is impressively obtuse
677 2011-11-10 08:31:09 <phantomcircuit> / This function is a direct translation of CBlock::BuildMerkleTree().
678 2011-11-10 08:31:14 <phantomcircuit> justmoon, not particularly :P
679 2011-11-10 08:31:37 <theymos> I'm pretty sure the last hash is hashed twice except when there's only one hash.
680 2011-11-10 08:32:51 <justmoon> theymos, correct the key line is: int i2 = std::min(i+1, nSize-1);
681 2011-11-10 08:33:24 <justmoon> i.e. for the second hash use the same hash again if there is no last hash (which would be the case for an uneven number of hashes)
682 2011-11-10 08:33:31 <CFSworks> Speaking of hashes... Does anybody know why Bitcoin uses SHA256(SHA256(...))?
683 2011-11-10 08:34:31 <justmoon> CFSworks, I only recall a discussion that it was a bad idea because all it does is reduce the total possible number of hashes
684 2011-11-10 08:35:24 <phantomcircuit> there is a specific class of attacks it prevents
685 2011-11-10 08:35:27 <CFSworks> Potentially. We're not sure if it does.
686 2011-11-10 08:35:34 <phantomcircuit> although it's the least likely class to actually be an issue
687 2011-11-10 08:37:03 <theymos> Satoshi never gave a straight answer about it. Probably he didn't think it through much. It doesn't do much harm, in any case.
688 2011-11-10 08:43:18 <Lolcust> gmaxwell hmmmm.... well, on one hand, updating the minimum fees does not seem that sensitive an issue for abscence of nHeight trick to do much (the network as of now is already nonhomogenous in terms of min antispam fee policy), on the other hand distributing (update timestamp + new min antispam value + nHeight at which it has to kick in) does not seem that hard compared to naive version
689 2011-11-10 08:44:24 <iddo> there's length extension attack on sha2, doing sha2(sha2()) prevents it
690 2011-11-10 08:45:18 <phantomcircuit> what iddo said
691 2011-11-10 08:47:24 <iddo> i wonder if the concern was that someone could replace old block in the chain with block that contains more transactions
692 2011-11-10 08:47:31 <iddo> seems far fetched
693 2011-11-10 08:49:02 zeiris has joined
694 2011-11-10 08:49:23 <phantomcircuit> there is something funny about this algorithm
695 2011-11-10 08:49:27 <phantomcircuit> i think it's wrong actually
696 2011-11-10 08:50:12 <phantomcircuit> ah
697 2011-11-10 08:50:23 <phantomcircuit> it doubles up on the last hash in odd length rows
698 2011-11-10 08:51:45 <phantomcircuit> http://codepad.org/xB3uSSAP
699 2011-11-10 08:51:48 <phantomcircuit> a nice visualization
700 2011-11-10 08:52:18 ThomasV has joined
701 2011-11-10 08:53:22 iocor has quit (Quit: Computer has gone to sleep.)
702 2011-11-10 08:53:24 <theymos> Here's an ASCII tree with the hash doubling: https://en.bitcoin.it/wiki/Dump_format#CBlock
703 2011-11-10 08:54:07 pickett has quit (Remote host closed the connection)
704 2011-11-10 08:54:16 <phantomcircuit> stuffing a tree into an array is a neat trick
705 2011-11-10 08:54:22 <phantomcircuit> but it leads to completely dense code
706 2011-11-10 08:59:14 metaperl has quit (Read error: Connection reset by peer)
707 2011-11-10 09:07:13 erus` has joined
708 2011-11-10 09:12:42 pickett has joined
709 2011-11-10 09:15:10 theymos has quit (Remote host closed the connection)
710 2011-11-10 09:20:39 larsivi has joined
711 2011-11-10 09:31:40 egecko_ has quit (Quit: ~ Trillian Astra - www.trillian.im ~)
712 2011-11-10 09:33:21 cuqa has quit (Ping timeout: 248 seconds)
713 2011-11-10 09:34:02 iocor has joined
714 2011-11-10 09:43:40 cuqa has joined
715 2011-11-10 09:47:40 Disposition has joined
716 2011-11-10 09:48:21 erus` has quit (Quit: ChatZilla 0.9.87 [Firefox 8.0/20111104165243])
717 2011-11-10 09:50:54 slush has joined
718 2011-11-10 09:58:25 Ken`_ has quit (Ping timeout: 260 seconds)
719 2011-11-10 09:58:33 erus` has joined
720 2011-11-10 10:01:22 iocor has quit (Quit: Computer has gone to sleep.)
721 2011-11-10 10:02:54 iocor has joined
722 2011-11-10 10:03:41 ThomasV has quit (Read error: Connection reset by peer)
723 2011-11-10 10:05:05 erle- has joined
724 2011-11-10 10:11:24 jackmcbarn has quit (Read error: Operation timed out)
725 2011-11-10 10:12:42 Diablo-D3 has joined
726 2011-11-10 10:13:05 jackmcbarn has joined
727 2011-11-10 10:14:03 iocor has quit (Quit: Computer has gone to sleep.)
728 2011-11-10 10:18:14 d4de has quit (Read error: Connection reset by peer)
729 2011-11-10 10:18:25 iocor has joined
730 2011-11-10 10:19:28 erus` has quit (Ping timeout: 240 seconds)
731 2011-11-10 10:21:00 E-sense has joined
732 2011-11-10 10:22:13 erus` has joined
733 2011-11-10 10:31:43 d4de has joined
734 2011-11-10 10:32:13 AAA_awright has quit (Read error: Connection reset by peer)
735 2011-11-10 10:34:38 CFSworks has quit ()
736 2011-11-10 10:40:23 RazielZ has quit ()
737 2011-11-10 10:42:45 glitch-mod has joined
738 2011-11-10 10:49:49 Ken` has joined
739 2011-11-10 10:51:18 marf_away has joined
740 2011-11-10 11:07:55 marf_away has quit (Quit: Nettalk6 - www.ntalk.de)
741 2011-11-10 11:10:19 gjs278 has quit (Remote host closed the connection)
742 2011-11-10 11:12:31 gjs278 has joined
743 2011-11-10 11:24:23 RazielZ has joined
744 2011-11-10 11:28:54 zeiris is now known as amtal
745 2011-11-10 11:33:18 slush has quit (Ping timeout: 245 seconds)
746 2011-11-10 11:34:02 ThomasV has joined
747 2011-11-10 11:34:41 Joric has joined
748 2011-11-10 11:34:42 Joric has quit (Changing host)
749 2011-11-10 11:34:42 Joric has joined
750 2011-11-10 11:54:15 pickett has quit (Remote host closed the connection)
751 2011-11-10 12:09:56 danbri has quit (Remote host closed the connection)
752 2011-11-10 12:10:00 iocor has quit (Quit: Textual IRC Client: http://www.textualapp.com/)
753 2011-11-10 12:12:22 iocor has joined
754 2011-11-10 12:19:31 pickett has joined
755 2011-11-10 12:24:01 iocor has quit (Quit: Computer has gone to sleep.)
756 2011-11-10 12:27:35 Beremat has joined
757 2011-11-10 12:29:24 Joric has quit (Ping timeout: 252 seconds)
758 2011-11-10 12:29:27 wolfspraul has joined
759 2011-11-10 12:29:46 wolfspraul has quit (Client Quit)
760 2011-11-10 12:30:12 wolfspraul has joined
761 2011-11-10 12:30:54 wolfspraul has quit (Read error: Connection reset by peer)
762 2011-11-10 12:31:13 wolfspraul has joined
763 2011-11-10 12:31:13 wolfspraul has quit (Client Quit)
764 2011-11-10 12:31:16 Beremat has quit (Read error: Connection reset by peer)
765 2011-11-10 12:31:26 wolfspraul has joined
766 2011-11-10 12:34:24 Joric has joined
767 2011-11-10 12:34:24 Joric has quit (Changing host)
768 2011-11-10 12:34:24 Joric has joined
769 2011-11-10 12:40:55 nathan7 has joined
770 2011-11-10 12:44:01 ThomasV has quit (Ping timeout: 260 seconds)
771 2011-11-10 12:45:35 rdponticelli_ has joined
772 2011-11-10 12:45:44 ThomasV has joined
773 2011-11-10 12:46:04 rdponticelli_ has quit (Client Quit)
774 2011-11-10 12:46:16 rdponticelli has quit (Ping timeout: 240 seconds)
775 2011-11-10 12:46:22 <nathan7> bc,gen 6000
776 2011-11-10 12:46:34 rdponticelli has joined
777 2011-11-10 12:46:37 <nathan7> Well damnit
778 2011-11-10 12:46:42 <nathan7> ;;bc,gen 6000
779 2011-11-10 12:46:44 <gribble> The expected generation output, at 6000 Khps, given current difficulty of 1203461.92638 , is 0.00501467487356 BTC per day and 0.000208944786398 BTC per hour.
780 2011-11-10 12:55:41 Joric has quit ()
781 2011-11-10 12:57:33 storrgie has joined
782 2011-11-10 12:58:00 iocor has joined
783 2011-11-10 12:59:07 Snapman is now known as Snapman[afkers]
784 2011-11-10 13:01:52 ThomasV has quit (Ping timeout: 252 seconds)
785 2011-11-10 13:03:43 Snapman[afkers] is now known as Snapman
786 2011-11-10 13:10:56 Nicksasa has quit (Ping timeout: 260 seconds)
787 2011-11-10 13:14:32 Nicksasa has joined
788 2011-11-10 13:15:20 cryptoxchange has joined
789 2011-11-10 13:15:21 cryptoxchange has quit (Changing host)
790 2011-11-10 13:15:21 cryptoxchange has joined
791 2011-11-10 13:21:39 <shadders> anyone know how I can dump blk0001.dat to a text file of hex?
792 2011-11-10 13:24:14 <sipa> it's just a binary concatenation of serialized blocks
793 2011-11-10 13:24:44 <shadders> I know I just want a hex char version of it
794 2011-11-10 13:25:04 <shadders> hexdump adds extra stuff...
795 2011-11-10 13:25:33 <sipa> not if you don't want it
796 2011-11-10 13:25:58 <shadders> man isn't very helpful...
797 2011-11-10 13:26:12 <shadders> man hexdump
798 2011-11-10 13:28:29 <cjdelisle> isn't blk0001 actually a database file?
799 2011-11-10 13:28:56 <sipa> no
800 2011-11-10 13:28:58 <sipa> hexdump -v -e '16/1 "%02X " "\n"' <~/.bitcoin/blk0001.dat
801 2011-11-10 13:29:00 <sipa> try that
802 2011-11-10 13:29:15 <sipa> cjdelisle: blkindex.dat is a database file
803 2011-11-10 13:29:21 <cjdelisle> hmm learn something everyday
804 2011-11-10 13:30:46 datagutt has joined
805 2011-11-10 13:31:35 <shadders> better... any way to get rid of the spaces and linefeeds?
806 2011-11-10 13:33:02 <sipa> hexdump -v -e '16/1 "%02X"' <~/.bitcoin/blk0001.dat
807 2011-11-10 13:33:46 <shadders> derp... thank sipa :)
808 2011-11-10 13:34:00 agricocb has quit (Quit: Leaving.)
809 2011-11-10 13:38:03 slush has joined
810 2011-11-10 13:44:10 diki has joined
811 2011-11-10 13:44:18 <diki> After a hard day of working
812 2011-11-10 13:44:53 <diki> i created a program which will monitor the temps, kill the miner if it gets too hot, wait a bit and check if the temps are normal to start it up again
813 2011-11-10 13:45:00 <diki> It has a few flaws, but it should work nicely
814 2011-11-10 13:45:17 <diki> The reason i am not using cgminer which has this feature is just preference
815 2011-11-10 13:48:26 diki is now known as someguy
816 2011-11-10 13:48:33 someguy is now known as fgdfgfg
817 2011-11-10 13:53:13 iocor has quit (Quit: Computer has gone to sleep.)
818 2011-11-10 13:57:52 smtmnyz has joined
819 2011-11-10 13:58:12 agricocb has joined
820 2011-11-10 14:01:59 ThomasV has joined
821 2011-11-10 14:05:21 b4epoche_ has quit (Quit: Computer has gone to sleep.)
822 2011-11-10 14:06:08 iocor has joined
823 2011-11-10 14:12:41 merde has quit (Ping timeout: 240 seconds)
824 2011-11-10 14:16:04 <Disposition> ThomasV: any luck with that bitcoinandroid app?
825 2011-11-10 14:16:34 <ThomasV> Disposition: I do not have the file you mentioned
826 2011-11-10 14:17:35 <ThomasV> Disposition: what I have is "/sdcard/Android/data/com.bitcoinandroid/files/prodnet.blockchain"
827 2011-11-10 14:17:40 <ThomasV> that's all
828 2011-11-10 14:18:09 <ThomasV> or is the file somewhere else?
829 2011-11-10 14:18:20 <Disposition> there's no folder named .android_secure?
830 2011-11-10 14:18:31 <ThomasV> at which path?
831 2011-11-10 14:18:37 <Disposition> /sdcard/
832 2011-11-10 14:18:52 <ThomasV> no, there's none
833 2011-11-10 14:19:10 <Disposition> weird, did you plugin your phone as a drive on linux with show hidden folders?
834 2011-11-10 14:19:15 <ThomasV> (and I do display hidden folders)
835 2011-11-10 14:19:26 <ThomasV> no, I did not plus it
836 2011-11-10 14:19:30 <ThomasV> *plug*
837 2011-11-10 14:19:33 TbbW has quit (Ping timeout: 256 seconds)
838 2011-11-10 14:19:52 <Disposition> odd, but file manager should able to see it too
839 2011-11-10 14:20:06 <Disposition> can you plug it in to check? ( i know it sounds stupid)
840 2011-11-10 14:20:38 <Disposition> since a lot of other app uses .android_secure too
841 2011-11-10 14:20:40 <Disposition> like gmail
842 2011-11-10 14:23:11 <ThomasV> I don't think I have a cable...
843 2011-11-10 14:24:35 <ThomasV> Disposition: oh yes I found it
844 2011-11-10 14:27:09 <Disposition> what is it named?
845 2011-11-10 14:27:12 <ThomasV> hmm, it's not mounting it
846 2011-11-10 14:27:16 <Disposition> oh also you gonna need a cable.
847 2011-11-10 14:27:23 <Disposition> ThomasV: yeah the apps is using it lol
848 2011-11-10 14:27:27 <ThomasV> yes I have the cable
849 2011-11-10 14:27:29 <Disposition> cool
850 2011-11-10 14:27:37 <Disposition> you also need the SDK
851 2011-11-10 14:27:40 <Disposition> or at least ADB
852 2011-11-10 14:27:40 <ThomasV> but my laptop does not see it
853 2011-11-10 14:27:56 <Disposition> why can't you just mount the sd card the normal way?
854 2011-11-10 14:27:57 <ThomasV> I tried to use the sdk yesterday (for electrum)
855 2011-11-10 14:28:12 <Disposition> you have an android client in the works? :)
856 2011-11-10 14:28:14 <ThomasV> but it wasnt working well
857 2011-11-10 14:28:42 <Disposition> mmm the only way I know how to pull wallets file out of the phone is through adb though
858 2011-11-10 14:28:47 <ThomasV> no, I have not, but Android apps can be written in python, so it would be straightforward
859 2011-11-10 14:29:36 <Disposition> cool, Yifu and I were looking into writing/updating bitcoin wallet by schildbash but yours is appealing as well, the whole thin client not need to download bkc thing
860 2011-11-10 14:29:48 <Disposition> anyhow you would need to do something like
861 2011-11-10 14:29:51 Workbench has joined
862 2011-11-10 14:30:32 <Disposition> adb pull /data/data/com.bitcoinandroind-1/files/prodnet.wallet
863 2011-11-10 14:30:44 <Disposition> the com.xxxxx might be different on your phone
864 2011-11-10 14:31:03 <Disposition> and the rest of the path is far as I can tell from reading the source
865 2011-11-10 14:31:05 <Disposition> lmk if it works
866 2011-11-10 14:32:24 GMP has joined
867 2011-11-10 14:37:17 localhost has quit (Remote host closed the connection)
868 2011-11-10 14:38:34 <CIA-89> poolserverj: shadders * 89dd7f3d4223 r224 / (5 files in 5 dirs):
869 2011-11-10 14:38:35 <CIA-89> poolserverj: add JsonRpcClientProvider interface so WorkMaker could access client from handler dynamically. Should fix nullpointerexception where client is set in WorkMaker before it's built.
870 2011-11-10 14:38:35 <CIA-89> poolserverj: make bitcoin p2p broadcasting optional
871 2011-11-10 14:38:35 <CIA-89> poolserverj: shadders * 871f6b243f9e r225 / (4 files in 3 dirs): make p2p broadcast optional.
872 2011-11-10 14:38:35 <CIA-89> poolserverj: shadders * fe8c37b1175b r226 /poolserverj-main/src/main/java/com/shadworld/poolserver/source/merged/JsonRpcMergeMiningLocalWorkMakerDaemonHandler.java: remove message about sent block never came back. It never will and it makes people think something is wrong
873 2011-11-10 14:39:47 slush has quit (Ping timeout: 252 seconds)
874 2011-11-10 14:40:11 storrgie has quit (Quit: Leaving)
875 2011-11-10 14:41:34 localhost has joined
876 2011-11-10 14:42:15 b4epoche_ has joined
877 2011-11-10 14:43:50 SomeoneWeird is now known as SomeoneWeirdzzzz
878 2011-11-10 14:45:25 <ThomasV> Disposition: I can mount it now
879 2011-11-10 14:46:07 <ThomasV> hmm, no, it sucks
880 2011-11-10 14:46:25 b4epoche_ has quit (Client Quit)
881 2011-11-10 14:46:25 <Disposition> huh?
882 2011-11-10 14:46:37 <ThomasV> it mounts it in .gvfs, and only photos are shown
883 2011-11-10 14:47:30 <ThomasV> it is mounted by gvfs-fuse-daemon
884 2011-11-10 14:47:50 <Disposition> wut? what distro are you on
885 2011-11-10 14:48:16 <ThomasV> ubuntu
886 2011-11-10 14:48:17 <Disposition> and why the hell
887 2011-11-10 14:48:31 <Disposition> can't just do a fdisk -l the mount /dev/sdx /mnt/
888 2011-11-10 14:48:31 <Disposition> ?
889 2011-11-10 14:48:35 <Disposition> then*
890 2011-11-10 14:49:00 <Disposition> i don't recall connecting android units to be such as pia
891 2011-11-10 14:49:39 <ThomasV> what do you want me to do with fdisk?
892 2011-11-10 14:52:42 <ThomasV> I don't get it. I unmounted it (using the icon menu), and it still shows up in /etc/mtab
893 2011-11-10 14:53:19 <ThomasV> oh it's a real pain
894 2011-11-10 14:55:47 larsivi has quit (Ping timeout: 260 seconds)
895 2011-11-10 14:58:08 <ThomasV> "Samsung uses itÂs own software to sync and update the phone called Kies. Kies is only available for Windows (naturally), not Mac or Linux. But you can still use the USB storage and USB tethering, you just have to enable USB debug mode."
896 2011-11-10 14:58:25 <ThomasV> from http://www.craig-russell.co.uk/samsung-galaxy-s2-usb-storage-and-tethering-with-ubuntu/
897 2011-11-10 14:58:31 <ThomasV> seems to be related
898 2011-11-10 15:08:02 marf_away has joined
899 2011-11-10 15:10:35 clr_ has joined
900 2011-11-10 15:12:42 <Disposition> yeah
901 2011-11-10 15:12:52 <Disposition> i ran into something like that with the nexus s frome a friend too
902 2011-11-10 15:12:56 <ThomasV> Disposition: I followed the instructions, and now I have /dev/sdb and /dev/sdc that show up when I plug the phone. I tried to mount them, but it does not recognize them. what should the filesystem be? (I tried vfat)
903 2011-11-10 15:12:58 <Disposition> you should be able to mount it regularly.
904 2011-11-10 15:13:13 <Disposition> open gpart and see
905 2011-11-10 15:13:18 <Disposition> you should mount the fat32 one
906 2011-11-10 15:13:30 <ThomasV> whats gpart?
907 2011-11-10 15:13:45 <Disposition> gparted*
908 2011-11-10 15:13:52 <Disposition> alt +f2 and type gparted
909 2011-11-10 15:13:53 glitch-mod has quit (Ping timeout: 240 seconds)
910 2011-11-10 15:15:03 btc_novice has joined
911 2011-11-10 15:17:08 <ThomasV> oh it works now
912 2011-11-10 15:18:22 storrgie has joined
913 2011-11-10 15:18:41 <ThomasV> Disposition: I could mount it. I confirm that the file you mention is not there
914 2011-11-10 15:19:33 <Disposition> com.xxx? or the whole .android_secure folder
915 2011-11-10 15:19:41 <ThomasV> the whole folder
916 2011-11-10 15:19:54 <ThomasV> there is no such folder
917 2011-11-10 15:19:55 <Disposition> what does the other folders include? we have Android in there?
918 2011-11-10 15:20:09 <ThomasV> yes there's Android, as I already told you
919 2011-11-10 15:20:36 <Disposition> that's gay
920 2011-11-10 15:20:41 <Disposition> still try
921 2011-11-10 15:20:50 <ThomasV> try what?
922 2011-11-10 15:20:52 Litt has quit (Read error: Connection reset by peer)
923 2011-11-10 15:21:01 <Disposition> adb pull /data/data/com.bitcoinandroid-1/files/prodnet.wallet
924 2011-11-10 15:21:15 merde has joined
925 2011-11-10 15:21:24 <Disposition> once you get adb reading your device
926 2011-11-10 15:23:35 HaltingState has quit (Ping timeout: 256 seconds)
927 2011-11-10 15:24:23 <ThomasV> Disposition: ok, I just need to learn how to use the sdk...
928 2011-11-10 15:24:46 <ThomasV> btw, how can I know what is my version of Android?
929 2011-11-10 15:26:07 <[eval]> in the home screen, hit the menu button, then tap "settings" and then "about phone"
930 2011-11-10 15:26:18 <[eval]> it'll have "android version" toward the bottom of the screen
931 2011-11-10 15:27:03 <ThomasV> oh I see it
932 2011-11-10 15:27:10 <ThomasV> version 2.3.3
933 2011-11-10 15:28:08 <Disposition> yeah, I unfortunately has to run off to work now, leave a message on the thread/pm if you run into anything else.
934 2011-11-10 15:29:51 <ThomasV> Disposition: but I do not have the file, so I guess it deleted it
935 2011-11-10 15:29:57 denisx has joined
936 2011-11-10 15:30:54 <Disposition> balls. what about adb pull /data/data/com.bitcoinandroid-1/files/prodnet.blockchain?
937 2011-11-10 15:31:08 gp5st has joined
938 2011-11-10 15:31:14 <ThomasV> Disposition: what is "adb pull" ?
939 2011-11-10 15:31:22 <Disposition> wait keychain
940 2011-11-10 15:31:28 <Disposition> adb pulls data from your phone
941 2011-11-10 15:31:32 copumpkin has quit (Quit: Computer has gone to sleep.)
942 2011-11-10 15:31:35 <Disposition> the command
943 2011-11-10 15:31:45 <ThomasV> is that a function provided by the sdk?
944 2011-11-10 15:31:48 <Disposition> ./adb pull
945 2011-11-10 15:31:55 <Disposition> adb is a exec provided by the SDK yes
946 2011-11-10 15:32:51 <Disposition> but yea if you can't find prodnet.keychain or prodnet.wallet in that path
947 2011-11-10 15:32:55 <Disposition> it might be problematic
948 2011-11-10 15:33:34 <ThomasV> Disposition: I started to download android 2.3.3. do I need to wait for it in order to use adb, or can I use it without android?
949 2011-11-10 15:33:39 <Disposition> I won't suggest reinstalling yet, I'm gonna see Yifu later this afternoon at OWS hopfully so I'll run it through it
950 2011-11-10 15:33:53 <Disposition> you should be able to use adb without the SDK really.
951 2011-11-10 15:34:00 <Disposition> it's a lower level function
952 2011-11-10 15:34:10 <ThomasV> k
953 2011-11-10 15:34:13 <[eval]> i think adb installs USB drivers
954 2011-11-10 15:34:18 marf_away has quit (Ping timeout: 258 seconds)
955 2011-11-10 15:34:24 <[eval]> or rather the SDK does... that are needed for adb to work properly
956 2011-11-10 15:34:25 <Disposition> usb drivers is a sperate package on the tools.
957 2011-11-10 15:34:26 <[eval]> depending on the phone
958 2011-11-10 15:34:31 <Disposition> under*
959 2011-11-10 15:34:54 <Disposition> anyhow, I'll look at it personally on the Nexus One later this afternoon with Yifu
960 2011-11-10 15:35:45 <ThomasV> Disposition: so I do adb pull with the math that I mounted, not with what you wrote above?
961 2011-11-10 15:35:49 <ThomasV> I guess
962 2011-11-10 15:36:06 <ThomasV> s/math/path
963 2011-11-10 15:38:44 gavinandresen has joined
964 2011-11-10 15:38:49 <sipa> adb pull/push do direct interaction with the device
965 2011-11-10 15:38:54 <sipa> you don't need to mount anything
966 2011-11-10 15:39:12 <sipa> the path you give on the command line is the path on the device
967 2011-11-10 15:39:22 <Disposition> ^
968 2011-11-10 15:39:31 <ThomasV> it says "no such file or directory"
969 2011-11-10 15:40:11 <ThomasV> oh sorry, did not read all sipa
970 2011-11-10 15:41:34 <Disposition> k ig2g
971 2011-11-10 15:41:38 <ThomasV> no, bur adb does not work at all, no matter how I call it
972 2011-11-10 15:41:51 <ThomasV> thanks, ttyl
973 2011-11-10 15:42:00 <CIA-89> bitcoin: Gavin Andresen master * r145b2d0 / (25 files in 7 dirs):
974 2011-11-10 15:42:00 <CIA-89> bitcoin: Merge pull request #608 from TheBlueMatt/debian-build
975 2011-11-10 15:42:00 <CIA-89> bitcoin: Debian build - http://git.io/KglsGw
976 2011-11-10 15:43:44 iocor has quit (Quit: Computer has gone to sleep.)
977 2011-11-10 15:43:58 <CIA-89> bitcoin: Gavin Andresen master * r5efee7d / doc/release-process.txt : Release process doc fixes - http://git.io/HyE7HA
978 2011-11-10 15:48:45 superman2016 has quit (Read error: Connection reset by peer)
979 2011-11-10 15:49:08 AliciaC has joined
980 2011-11-10 15:53:06 bodom has joined
981 2011-11-10 15:54:35 <luke-jr> wtf @ that
982 2011-11-10 15:55:00 <luke-jr> why does bitcoin-qt need a wrapper script for debian, to do something it looks like bitcoin-qt should be doing itself?
983 2011-11-10 15:55:29 <gavinandresen> "Just Because."
984 2011-11-10 15:55:35 <luke-jr> bad reason :p
985 2011-11-10 15:55:49 <luke-jr> if bitcoin-qt should configure it, bitcoin-qt should do it itself, on all platformsâ¦
986 2011-11-10 15:55:56 superman2016 has joined
987 2011-11-10 15:56:25 <b4epoche> So, I'm giving this bitcoin-based TEDx talk on Sunday⦠I'd like to thank people here for helping with ideas for it.
988 2011-11-10 15:56:26 <gavinandresen> ... Matt said (iirc) the original ppa creator did it that way, so it's just legacy...
989 2011-11-10 15:56:50 <luke-jr> so he's committing someone else's work under his own name? -.-
990 2011-11-10 15:56:59 pickett has quit (Remote host closed the connection)
991 2011-11-10 15:57:05 copumpkin has joined
992 2011-11-10 15:57:09 <gavinandresen> ... I don't know nuthin about ppas, but am pulling together the 0.5 rc4, and the debian pull isn't going to add any bugs, so I pulled it.
993 2011-11-10 15:57:23 groffer has quit (Ping timeout: 248 seconds)
994 2011-11-10 15:57:33 <b4epoche> anyone not want their name mentioned?
995 2011-11-10 15:57:46 p0s has joined
996 2011-11-10 15:57:55 devrandom has quit (Ping timeout: 248 seconds)
997 2011-11-10 15:57:56 <gavinandresen> luke-jr: iirc, the person who was doing the bitcoin ppa doohickey is MIA
998 2011-11-10 15:58:16 <luke-jr> gavinandresen: doesn't stop --author
999 2011-11-10 15:58:20 <gavinandresen> (but I probably don't recall correctly)
1000 2011-11-10 15:59:10 <gavinandresen> And the pull request would have been a better place to ask about all that.
1001 2011-11-10 15:59:28 <luke-jr> except I don't look at every little pull request
1002 2011-11-10 15:59:34 <gavinandresen> okey doke
1003 2011-11-10 15:59:35 <luke-jr> maybe those should be announced on IRC too :p
1004 2011-11-10 15:59:54 inlikeflynn has quit ()
1005 2011-11-10 15:59:58 <luke-jr> the license violation override is probably a concern to the Debian project FWIW
1006 2011-11-10 16:00:19 iocor has joined
1007 2011-11-10 16:00:22 <b4epoche> sipa = pieter?
1008 2011-11-10 16:01:05 <gavinandresen> luke-jr: contrib/debian/changelog looks clear on who did what
1009 2011-11-10 16:01:11 pickett has joined
1010 2011-11-10 16:01:13 egecko has joined
1011 2011-11-10 16:01:16 <gavinandresen> luke-jr: what license violation override?
1012 2011-11-10 16:01:16 inlikeflynn has joined
1013 2011-11-10 16:01:28 <luke-jr> + * Don't set rpcpassword for bitcoin-qt. <-- probably a bug
1014 2011-11-10 16:01:31 HaltingState has joined
1015 2011-11-10 16:01:31 HaltingState has quit (Changing host)
1016 2011-11-10 16:01:32 HaltingState has joined
1017 2011-11-10 16:01:32 <luke-jr> +bitcoind: possible-gpl-code-linked-with-openssl
1018 2011-11-10 16:01:47 inlikeflynn has quit (Changing host)
1019 2011-11-10 16:01:47 inlikeflynn has joined
1020 2011-11-10 16:02:01 <luke-jr> apparently Debian's Expat is GPL-infected, and somehow we link to both it and OpenSSL?
1021 2011-11-10 16:02:21 <gavinandresen> what is expat?
1022 2011-11-10 16:02:25 <luke-jr> some XML lib
1023 2011-11-10 16:02:31 BlueMatt has joined
1024 2011-11-10 16:02:40 <gavinandresen> mmm. Maybe Qt brings it in.
1025 2011-11-10 16:02:56 <luke-jr> maybe.
1026 2011-11-10 16:02:59 <gavinandresen> What's the licensing issue?
1027 2011-11-10 16:03:10 <luke-jr> OpenSSL isn't GPL-compatible
1028 2011-11-10 16:03:19 <gavinandresen> What's the OpenSSL license?
1029 2011-11-10 16:03:24 <gavinandresen> (I thought it was MIT)
1030 2011-11-10 16:03:41 <BlueMatt> arg, qt licensing is a pita...
1031 2011-11-10 16:03:48 <luke-jr> OpenSSL is dual licensed, both custom
1032 2011-11-10 16:03:51 <denisx> Apache-style licence
1033 2011-11-10 16:04:10 <luke-jr> BlueMatt: I see no reason bitcoin-qt shouldn't get a random rpcpassword by default
1034 2011-11-10 16:04:24 <BlueMatt> because it isnt a server by default?
1035 2011-11-10 16:04:28 <luke-jr> so? then it gets ignored
1036 2011-11-10 16:04:44 <luke-jr> example bitcoind has '4way', which is long gone
1037 2011-11-10 16:05:01 btc_novice has left ()
1038 2011-11-10 16:05:31 <sipa> b4epoche: yes
1039 2011-11-10 16:05:45 <luke-jr> manpage looks like it needs updating; in particular, getwork's part shouldn't list midstate/hash1 since they're deprecated
1040 2011-11-10 16:05:46 <gavinandresen> bitcoind still has a -4way switch? That aught to get removed....
1041 2011-11-10 16:05:57 <luke-jr> gavinandresen: I don't think so, but the example config in the Debian package does
1042 2011-11-10 16:06:10 <BlueMatt> well then it needs updated
1043 2011-11-10 16:06:13 <BlueMatt> its just out of date then
1044 2011-11-10 16:06:20 <luke-jr> contrib/debian/patches/1001_use_system_json-spirit.patch <-- fail
1045 2011-11-10 16:06:34 <gavinandresen> (speaking of which... anybody know of a good c++ static analysis for finding methods/members that look like they're never called?)
1046 2011-11-10 16:06:42 <gavinandresen> ... analysis tool....
1047 2011-11-10 16:06:44 <luke-jr> gavinandresen: please don't :P
1048 2011-11-10 16:06:54 <BlueMatt> luke-jr: its disabled by default because we modify json-spirit
1049 2011-11-10 16:07:02 <BlueMatt> (which we shouldnt really do...)
1050 2011-11-10 16:07:04 <luke-jr> gavinandresen: removing "unused stuff" has a tendency to break 3rd party patches/modules
1051 2011-11-10 16:07:39 <luke-jr> BlueMatt: I decided to stick to the embedded json-spirit for Gentoo only because json-spirit doesn't seem to support shared lib
1052 2011-11-10 16:07:40 <gavinandresen> luke-jr: But there cannot be bugs or security exploits in code that isn't there.
1053 2011-11-10 16:07:52 <BlueMatt> luke-jr: well thats retarded...
1054 2011-11-10 16:08:24 <AliciaC> bugs or security issues are also irrelevant if the code never runs <.<
1055 2011-11-10 16:08:48 <copumpkin> really?
1056 2011-11-10 16:08:56 <gavinandresen> AliciaC: Less code means less code to review if you're looking for security vulnerabilities. Which is a good thing
1057 2011-11-10 16:09:06 <AliciaC> you have a point there
1058 2011-11-10 16:09:07 <copumpkin> I guess that's a philosophical stance
1059 2011-11-10 16:09:46 <cjdelisle> +1 for less code
1060 2011-11-10 16:09:58 * BlueMatt agrees
1061 2011-11-10 16:10:21 <gavinandresen> ... so nobody has a good static analysis tool for finding unused methods in C++ applications? Anybody? Beuller?
1062 2011-11-10 16:10:46 * cjdelisle had a sed script for that at one point :)
1063 2011-11-10 16:11:00 <b4epoche> will clang++ do that?
1064 2011-11-10 16:11:10 <gavinandresen> sed sucks. awk rules. (.... I love starting pointless religious wars....)
1065 2011-11-10 16:11:18 <cjdelisle> :)
1066 2011-11-10 16:12:07 <imsaguy2> "I'm a Mac." "I'm a PC."
1067 2011-11-10 16:12:10 btc_novice has joined
1068 2011-11-10 16:12:27 E-sense has quit (Quit: System.exit(0);)
1069 2011-11-10 16:12:38 <BlueMatt> heh
1070 2011-11-10 16:12:50 <luke-jr> gavinandresen: sed and awk both suck. perl ftw.
1071 2011-11-10 16:12:53 <gavinandresen> Just for the record: Mac. Emacs. Little Endian.
1072 2011-11-10 16:13:01 <gavinandresen> Oh, and Python.
1073 2011-11-10 16:13:10 <luke-jr> Little endian is broken by design.
1074 2011-11-10 16:13:24 <gavinandresen> (lol, I knew one of those would get somebody to bite....)
1075 2011-11-10 16:13:25 <luke-jr> hopefully Apple will die now that Jobs is gone
1076 2011-11-10 16:13:56 <BlueMatt> gavinandresen: if you want a bite go with: Solaris, nano, little edian
1077 2011-11-10 16:14:02 <BlueMatt> oh, and perl
1078 2011-11-10 16:14:20 <gavinandresen> All righty, seriously, is there an issue with Expat/OpenSSL licensing that might actually cause a problem? We can't be the only Qt project that uses OpenSSL
1079 2011-11-10 16:15:55 <BlueMatt> http://people.gnome.org/~markmc/openssl-and-the-gpl.html
1080 2011-11-10 16:16:07 <luke-jr> gavinandresen: not for PPA, but for Debian maybe
1081 2011-11-10 16:16:26 Turingi has joined
1082 2011-11-10 16:16:26 <BlueMatt> not for either since they are dynamically linked, but for static release maybe
1083 2011-11-10 16:16:51 <gavinandresen> luke-jr: Cool. I don't think bitcoin should be part of the Official Debian Distribution until we hit version 1.0 anyway....
1084 2011-11-10 16:16:59 <BlueMatt> too late
1085 2011-11-10 16:17:34 <BlueMatt> also, there is an exception for os-shipped libraries to the problematic clause
1086 2011-11-10 16:17:47 <BlueMatt> so it specifically does not apply to debian packages
1087 2011-11-10 16:17:50 <BlueMatt> or ppa
1088 2011-11-10 16:17:57 <BlueMatt> static linked release binary...
1089 2011-11-10 16:18:00 <BlueMatt> not so sure
1090 2011-11-10 16:18:05 <luke-jr> BlueMatt: the law doesn't care *how* you link
1091 2011-11-10 16:18:19 <BlueMatt> if we arent shipping the library it does
1092 2011-11-10 16:18:31 <luke-jr> BlueMatt: Debian *is* shipping the library
1093 2011-11-10 16:18:42 <luke-jr> and I'm pretty sure the "OS exception" doesn't apply to the OS itself
1094 2011-11-10 16:18:44 <gmaxwell> Sounds like a problem for debian.
1095 2011-11-10 16:18:52 <luke-jr> that's what i said :p
1096 2011-11-10 16:18:57 <BlueMatt> the way I read it, its not a problem
1097 2011-11-10 16:19:01 <gmaxwell> Bitcoin is also not calling expat, no. So it just sounds like a linking accident, and not an actual issue.
1098 2011-11-10 16:19:18 <cjdelisle> also sounds like a case of "what re they going to do? sue?"
1099 2011-11-10 16:19:21 <gmaxwell> (at least not as far as I can tell)
1100 2011-11-10 16:19:22 <BlueMatt> luke-jr: actually read the exception
1101 2011-11-10 16:19:48 <gmaxwell> BlueMatt: I'm pretty sure you're off in space on that one. :)
1102 2011-11-10 16:19:54 <cjdelisle> 99% of all software license issues are all in your head
1103 2011-11-10 16:20:04 <BlueMatt> gmaxwell: has to be "major components of the os"
1104 2011-11-10 16:20:25 <BlueMatt> cjdelisle: its a legal issue, but yea neither openssl nor nokia are going to sue us
1105 2011-11-10 16:21:02 <gmaxwell> BlueMatt: it's the GPLed work who's license is being 'violated'. I can promise you don't moot the gpl by say "no no it's okay I put it in an OS"
1106 2011-11-10 16:21:13 <gmaxwell> (see readline as an example)
1107 2011-11-10 16:21:31 <gavinandresen> Danger would be somebody takes the code, repackages it into some commercial product, and then THEY get sued.
1108 2011-11-10 16:21:42 <BlueMatt> debian's actual policy: http://lists.debian.org/debian-legal/2002/10/msg00113.html
1109 2011-11-10 16:21:48 <gmaxwell> But its stupid. Just stop the idiot overlinking. If we're staticly linking then its just getting pulled in via the pkgconfig.
1110 2011-11-10 16:22:25 <BlueMatt> from that, yea its a problem on debian but it appears that the writer doesnt seem to think its a legal problem, just debain being careful
1111 2011-11-10 16:22:58 <BlueMatt> http://www.openssl.org/support/faq.html#LEGAL2
1112 2011-11-10 16:23:06 <BlueMatt> openssl pretty much says no its not an issue
1113 2011-11-10 16:23:31 <gmaxwell> Thats not what it says.
1114 2011-11-10 16:23:42 <BlueMatt> "On many systems including the major Linux and BSD distributions, yes"
1115 2011-11-10 16:24:01 <BlueMatt> so...no its not an issue, but debian takes the stance that it could be, so they wont allow it
1116 2011-11-10 16:24:01 <gmaxwell> BlueMatt: the exception doesn't apply to the OS distributor themselves.
1117 2011-11-10 16:25:21 <gmaxwell> (the point of the exception is to not create a pointless license violation, e.g. from linking libc on windowsâ but you don't enjoy the excemption if you're distributing both the GPLed work and the non-free work)
1118 2011-11-10 16:25:35 <gmaxwell> But this is a dumb tangent.
1119 2011-11-10 16:25:38 <cjdelisle> ^
1120 2011-11-10 16:25:39 ThomasV has quit (Ping timeout: 248 seconds)
1121 2011-11-10 16:25:52 <BlueMatt> yea, doesnt matter here
1122 2011-11-10 16:26:09 <BlueMatt> all we need to care about is whether or not we can distribute static binaries with openssl+qt linked in
1123 2011-11-10 16:26:09 <gmaxwell> Since, AFAIK, bitcoin is not using the library in question this is just a stupid linking accident.
1124 2011-11-10 16:26:48 <BlueMatt> what library is that?
1125 2011-11-10 16:26:58 <BlueMatt> I thought it was a openssl+qt issue
1126 2011-11-10 16:27:04 <luke-jr> expat
1127 2011-11-10 16:27:12 <luke-jr> Qt is LGPL, not GPL
1128 2011-11-10 16:27:20 <BlueMatt> m
1129 2011-11-10 16:27:25 <gmaxwell> Expat.
1130 2011-11-10 16:27:33 <gavinandresen> Expat is MIT
1131 2011-11-10 16:27:38 <BlueMatt> yes
1132 2011-11-10 16:27:38 <gavinandresen> (as far as I can tell... right?)
1133 2011-11-10 16:27:54 <gmaxwell> wtf. why are we having this discussion then?
1134 2011-11-10 16:27:55 <luke-jr> O.o
1135 2011-11-10 16:28:08 devrandom has joined
1136 2011-11-10 16:28:09 groffer has joined
1137 2011-11-10 16:28:12 <BlueMatt> what discussion are we having?
1138 2011-11-10 16:28:14 <luke-jr> ok, so I'm going with "the comment in BlueMatt's merge is totally bogus" now
1139 2011-11-10 16:28:24 * gmaxwell swirlies luke.
1140 2011-11-10 16:28:37 <luke-jr> https://github.com/bitcoin/bitcoin/commit/145b2d078e411ab0e49e70e5c6cd7ceca2f4e3c6#diff-7
1141 2011-11-10 16:28:47 * luke-jr notes it doesn't seem to be Qt-related, whatever it is
1142 2011-11-10 16:29:04 <BlueMatt> luke-jr: that is a OVERRIDE
1143 2011-11-10 16:29:19 <BlueMatt> ie lintian thinks its an issue, but it is being overriden
1144 2011-11-10 16:29:31 <luke-jr> why does lintian think it's an issue?
1145 2011-11-10 16:29:37 <luke-jr> that's the bigger questoin
1146 2011-11-10 16:29:42 <BlueMatt> because it looks for gpl linking against openssl
1147 2011-11-10 16:29:51 <luke-jr> â¦
1148 2011-11-10 16:29:52 <BlueMatt> I wasnt the person who added the override
1149 2011-11-10 16:29:56 <BlueMatt> jonas did
1150 2011-11-10 16:30:04 <luke-jr> I see your name as "Author"
1151 2011-11-10 16:30:17 <BlueMatt> on the commit, not the files
1152 2011-11-10 16:30:21 <luke-jr> same thing.
1153 2011-11-10 16:30:26 <BlueMatt> not even close
1154 2011-11-10 16:30:33 <luke-jr> if you didn't write it, set Author correct
1155 2011-11-10 16:30:57 <BlueMatt> ...
1156 2011-11-10 16:31:04 <gmaxwell> 08:15 <@BlueMatt> because it looks for gpl linking against openssl
1157 2011-11-10 16:31:24 <gmaxwell> but there appears to be no gpl linking against openssl
1158 2011-11-10 16:31:24 <sipa> why does it think expat in GPL
1159 2011-11-10 16:31:30 <luke-jr> I wonder if we'd get more info if we took out that override
1160 2011-11-10 16:31:31 <sipa> if it's MIT?
1161 2011-11-10 16:31:42 <BlueMatt> the issue is the debian package files are gpl so there is gpl references in the debian license description files
1162 2011-11-10 16:31:48 <BlueMatt> the code is mit
1163 2011-11-10 16:31:52 <BlueMatt> thus the override
1164 2011-11-10 16:32:14 <BlueMatt> (read the comments)
1165 2011-11-10 16:32:15 <luke-jr> no GPL in Debian's patch to expat
1166 2011-11-10 16:33:02 <luke-jr> no GPL mention in Debian's expat pkg info
1167 2011-11-10 16:33:21 <BlueMatt> specifically read the debian/copyright file which gives the copyright for each file in bitcoin's src tree
1168 2011-11-10 16:33:24 <luke-jr> the comment is bogus. someone should find out what the real problem it's overriding is
1169 2011-11-10 16:33:44 <BlueMatt> wtf are you talking about?
1170 2011-11-10 16:34:07 <BlueMatt> the problem: lintian sees gpl in debian/copyright and sees a link against openssl: complains
1171 2011-11-10 16:34:19 <BlueMatt> the reality: only the debian/ dir and some images are gpl so its not an issue
1172 2011-11-10 16:34:21 <BlueMatt> thus the override
1173 2011-11-10 16:34:33 <luke-jr> of course it's an issue
1174 2011-11-10 16:34:36 <luke-jr> why are any of those GPL?
1175 2011-11-10 16:34:37 <gmaxwell> oh, _we_ have the GPLed code? That should be removed.
1176 2011-11-10 16:34:56 <BlueMatt> we have gpl images and the debian manpage, etc are gpl
1177 2011-11-10 16:35:00 <luke-jr> why?
1178 2011-11-10 16:35:22 <luke-jr> arguably the manpage isn't a *real* issue, but icons could be
1179 2011-11-10 16:35:32 <BlueMatt> I was just about to ask about icons
1180 2011-11-10 16:35:34 <luke-jr> as well as the debian dir
1181 2011-11-10 16:35:39 <BlueMatt> those were added with bitcoin-qt
1182 2011-11-10 16:35:44 <BlueMatt> debian dir is build scripts
1183 2011-11-10 16:35:54 <BlueMatt> you can license those under whatever the hell you want, they arent part of bitcoin's src
1184 2011-11-10 16:36:01 <gmaxwell> It's all stupid. Find the author(s) and ask them to please relicense in common with bitcoin.
1185 2011-11-10 16:36:12 <BlueMatt> there are a ton of authors
1186 2011-11-10 16:36:19 <BlueMatt> (of images we use)
1187 2011-11-10 16:37:00 <gmaxwell> How do we know the images are GPLed?
1188 2011-11-10 16:37:04 <luke-jr> so find properly licensed images to replace them with
1189 2011-11-10 16:37:11 <BlueMatt> because the site they were originally found on says GPL
1190 2011-11-10 16:37:19 <BlueMatt> see: https://github.com/bitcoin/bitcoin/commit/145b2d078e411ab0e49e70e5c6cd7ceca2f4e3c6#diff-12
1191 2011-11-10 16:37:21 btc_novice1 has joined
1192 2011-11-10 16:37:25 <luke-jr> using GPL for images is IMO stupid, but still an issue
1193 2011-11-10 16:37:34 ThomasV has joined
1194 2011-11-10 16:37:36 <BlueMatt> not a choice anyone here made
1195 2011-11-10 16:37:42 <gmaxwell> Well, that needs to goâ unless we're planning on making bitcoin a GPLed package.
1196 2011-11-10 16:37:51 <luke-jr> plenty of other icons to choose from
1197 2011-11-10 16:37:53 <luke-jr> they can be replaced
1198 2011-11-10 16:37:58 <BlueMatt> then replace them
1199 2011-11-10 16:37:58 <luke-jr> gmaxwell: then OpenSSL has to go
1200 2011-11-10 16:38:02 <gmaxwell> also crap like
1201 2011-11-10 16:38:04 <gmaxwell> "+License: Freeware Non-commercial"
1202 2011-11-10 16:38:11 <luke-jr> â¼â¼!
1203 2011-11-10 16:38:22 btc_novice2 has joined
1204 2011-11-10 16:38:23 <BlueMatt> hey, Im not the one who merged bitcoin-qt
1205 2011-11-10 16:38:36 <BlueMatt> In fact, Ive brought the issue up before and people said its not an issue
1206 2011-11-10 16:38:40 <luke-jr> CC-BY-3 is GPL-incompatible too; not sure if it's an issue for OpenSSL or not
1207 2011-11-10 16:38:53 <sipa> what do you use from openssl?
1208 2011-11-10 16:38:58 <sipa> EC and AES?
1209 2011-11-10 16:38:59 <gmaxwell> no, the openssl license is just a bsd with advertising clause.
1210 2011-11-10 16:39:04 <luke-jr> sipa: ECDSA, AES, SHA256 I think
1211 2011-11-10 16:39:16 <cjdelisle> also base58
1212 2011-11-10 16:39:19 <gmaxwell> we have our own sha256 but we still use the openssl one.
1213 2011-11-10 16:39:25 <sipa> cjdelisle: base58 is custom bitcoin
1214 2011-11-10 16:39:25 <gmaxwell> cjdelisle: no, thats silly.
1215 2011-11-10 16:39:32 <luke-jr> in fact, I suspect CC-BY-3 is non-free
1216 2011-11-10 16:39:36 <luke-jr> let me review my notes
1217 2011-11-10 16:39:36 <sipa> it's not even the same base58 as flickr uses
1218 2011-11-10 16:39:37 <cjdelisle> read it
1219 2011-11-10 16:39:47 <cjdelisle> base58 pulls in openssl
1220 2011-11-10 16:39:54 <gmaxwell> luke-jr: who cares about by-3
1221 2011-11-10 16:39:56 <gmaxwell> +License: CC-BY-ND-3
1222 2011-11-10 16:40:01 <cjdelisle> try and compile it without openssl
1223 2011-11-10 16:40:08 <luke-jr> ugh
1224 2011-11-10 16:40:15 <sipa> cjdelisle: oh right, it uses openssl's bignum lib
1225 2011-11-10 16:40:19 <cjdelisle> yes
1226 2011-11-10 16:40:22 <BlueMatt> also: Ive said repeatedly that the about menu for bitcoin-qt needs changed to not violate the 20 licenses of images we use...
1227 2011-11-10 16:40:24 btc_novice has quit (Ping timeout: 240 seconds)
1228 2011-11-10 16:40:34 <luke-jr> gmaxwell: I think the NonCommercial is the worst part in there, since all Bitcoin is commercial
1229 2011-11-10 16:41:05 <gmaxwell> cjdelisle: just because of #include <openssl/bn.h> in bignum.h..
1230 2011-11-10 16:41:14 <luke-jr> PUB-DOM is an issue as well, since various jurisdictions don't recognize public domain
1231 2011-11-10 16:41:54 btc_novice1 has quit (Ping timeout: 260 seconds)
1232 2011-11-10 16:42:06 <cjdelisle> I don't see why license issues even matter, it's not like btc is closed source.
1233 2011-11-10 16:42:13 <gmaxwell> cjdelisle: ...
1234 2011-11-10 16:42:18 <edcba> lol
1235 2011-11-10 16:42:22 <BlueMatt> hahaha
1236 2011-11-10 16:42:23 <cjdelisle> who is going to sue and who would they sue?
1237 2011-11-10 16:42:29 <sipa> cjdelisle: you believe that open source means no license issues?
1238 2011-11-10 16:42:41 <BlueMatt> oss just means more license issues
1239 2011-11-10 16:42:42 <gmaxwell> cjdelisle: because any of the copyright holders can troll and create fud about these inconsequential license violations.
1240 2011-11-10 16:42:52 <luke-jr> so anyhow, what files are 'Expat' license even? :P
1241 2011-11-10 16:43:01 <cjdelisle> *cough* ecdsa
1242 2011-11-10 16:43:05 <cjdelisle> patents
1243 2011-11-10 16:43:16 <cjdelisle> if you are afraid of trolls then you have already Lost
1244 2011-11-10 16:43:33 <upb> yes
1245 2011-11-10 16:43:39 <gmaxwell> cjdelisle: Not so, http://tools.ietf.org/html/rfc6090
1246 2011-11-10 16:43:52 <gmaxwell> cjdelisle: there is no ambiguity on the patent situation with the ECC we use.
1247 2011-11-10 16:43:55 <gmaxwell> _none_
1248 2011-11-10 16:44:07 <edcba> especially in europe \o/
1249 2011-11-10 16:44:37 <gmaxwell> cjdelisle: and the licensing here isn't disputable. It's realâ if fucking stupid.
1250 2011-11-10 16:44:55 <cjdelisle> has anyone threatened to sue you?
1251 2011-11-10 16:45:31 <BlueMatt> cjdelisle: not relevant
1252 2011-11-10 16:45:47 <BlueMatt> cjdelisle: if bitcoin *does* get big, we dont want to have the issue appear then
1253 2011-11-10 16:46:22 <ThomasV> https://bitcointalk.org/index.php?topic=51474.0;topicseen wtf?
1254 2011-11-10 16:46:29 chrisb__ has joined
1255 2011-11-10 16:46:39 <gmaxwell> Moreover it may never be _us_ anyone threatens to sue. Presumably we've chosen the fairly liberal mit style license for a reasonâ equally we should avoid clouding it without a good reason.
1256 2011-11-10 16:47:40 <cjdelisle> this is like redhat neutering openssl because they are afraid of patents
1257 2011-11-10 16:47:57 <gmaxwell> No, it's not.
1258 2011-11-10 16:47:57 clr_ has quit (Ping timeout: 260 seconds)
1259 2011-11-10 16:48:00 <sipa> ThomasV: i think that's a real issue
1260 2011-11-10 16:48:17 <ThomasV> sipa: so it is true?
1261 2011-11-10 16:48:22 <BlueMatt> ThomasV: yep, looks quite possible, dont think theres really much of a way to fix it though
1262 2011-11-10 16:48:28 <sipa> i haven't tested it but it sounds reasonable
1263 2011-11-10 16:48:32 <sipa> bdb not overwriting enough data when encryption is done
1264 2011-11-10 16:48:38 <BlueMatt> except going back to the drawing board and creating new wallets, etc
1265 2011-11-10 16:48:48 <ThomasV> what is bdb?
1266 2011-11-10 16:48:59 <BlueMatt> the lib we use to write to wallet.dat
1267 2011-11-10 16:49:02 <BlueMatt> among other files
1268 2011-11-10 16:49:25 <ThomasV> oh it has a fixed size, and it writes chunks in that space?
1269 2011-11-10 16:49:29 <sipa> no
1270 2011-11-10 16:49:41 <BlueMatt> no, but it doesnt feel like overwriting old data...
1271 2011-11-10 16:49:43 <wumpus> only solution would be to use a different db backend for the private keys
1272 2011-11-10 16:49:59 <ThomasV> hmm
1273 2011-11-10 16:50:00 <gmaxwell> Thats not the only soluition.
1274 2011-11-10 16:50:07 <sipa> we *could*, after encryption, iterate the key/val pairs, write those to a new file, and then move+overwrite
1275 2011-11-10 16:50:09 <BlueMatt> anyone feel like digging through bdb's src to figure out if there is a way to ensure it overwrites stuff?
1276 2011-11-10 16:50:11 <wumpus> gmaxwell: then what do you propose?
1277 2011-11-10 16:50:13 <gmaxwell> Just provide a wallet washer that uses dbdump to rebuild the wallet.
1278 2011-11-10 16:50:14 * ThomasV feel like moving his coins immediately
1279 2011-11-10 16:50:16 <BlueMatt> ie if we replace will it overwrite?
1280 2011-11-10 16:50:29 <sipa> but the issue remains (though less seriously) at the disk level
1281 2011-11-10 16:50:43 <BlueMatt> and what can we do about that?
1282 2011-11-10 16:50:49 btc_novice2 has left ()
1283 2011-11-10 16:50:53 <sipa> i mean, a "ResilverWalletFile()" routine is pretty easy and safe to implement
1284 2011-11-10 16:50:53 <gmaxwell> BlueMatt: need wallets to be born encrypted for that.
1285 2011-11-10 16:50:56 <wumpus> at the disk level is arguably less serious
1286 2011-11-10 16:50:56 <cjdelisle> should be able to shred the file
1287 2011-11-10 16:51:02 btc_novice has joined
1288 2011-11-10 16:51:02 <BlueMatt> gmaxwell: exactly
1289 2011-11-10 16:51:23 <wumpus> now you can still steal the file... thats what wallet encryption was supposed to stop
1290 2011-11-10 16:51:31 <sipa> wumpus: agree, that is serious
1291 2011-11-10 16:51:46 <BlueMatt> yep, so whos gonna volunteer?
1292 2011-11-10 16:52:20 <BlueMatt> and silence
1293 2011-11-10 16:52:36 <wumpus> but yeah rebuilding the db when enabling wallet encryption could work too, it's already re-writing all the keys
1294 2011-11-10 16:52:42 <gmaxwell> BlueMatt: everyone is hard at work working on it! yep. yep.
1295 2011-11-10 16:52:58 <BlueMatt> gmaxwell: heh, thats always how it happens around here...
1296 2011-11-10 16:53:23 clr_ has joined
1297 2011-11-10 16:53:32 clr_ has quit (Remote host closed the connection)
1298 2011-11-10 16:53:47 <sipa> you could provide a ResilverFile() method in CDB in general
1299 2011-11-10 16:54:04 <sipa> that locks, iterates, rewrites, closes, moves, reopens, unlocks :)
1300 2011-11-10 16:54:12 * BlueMatt nominates gavinandresen, he does work full-time on btc
1301 2011-11-10 16:54:16 <BlueMatt> ;)
1302 2011-11-10 16:54:54 <cjdelisle> IMO create new, shred old with urandom, delete old, copy new would be the easiest thing to do.
1303 2011-11-10 16:55:12 <BlueMatt> easiest not the cleanest
1304 2011-11-10 16:55:37 <BlueMatt> check bdb src first and note the relevant files so that it can be checked on future bdb versions as well
1305 2011-11-10 16:55:41 <gmaxwell> cjdelisle: new will have unencrypted keys in it too.
1306 2011-11-10 16:55:48 <cjdelisle> there might be a flush()/compact()/etc trick with bdb but it certainly doesn't make any security guarantees since bdb is not a security app.
1307 2011-11-10 16:55:48 <wumpus> cleanest would be to use a database/file format that supports security in the first place... but yeah, does such a thing exist
1308 2011-11-10 16:56:05 <BlueMatt> bdb supports it
1309 2011-11-10 16:56:17 <BlueMatt> bdb supports aes encryption of the whole file
1310 2011-11-10 16:56:25 <wumpus> right, that sounds good
1311 2011-11-10 16:56:27 <cjdelisle> if bdb supports a secureCompact() then that makes sense to use
1312 2011-11-10 16:56:40 <cjdelisle> but just a compact() that happens to work is asking for trouble
1313 2011-11-10 16:57:36 <wumpus> and then split up the wallet in a private key and public key db file, and use encrypted settings for the private one
1314 2011-11-10 16:57:44 denisx has quit (Quit: denisx)
1315 2011-11-10 16:58:42 <gmaxwell> wumpus: and then they get out of sync because you can't do atomic operations across filesâ or because the user copied one and not the other.
1316 2011-11-10 16:59:12 <cjdelisle> if bdb supported seeking to a position in a file before opening it as a database then we could make a wallet2.0 which had the key at the beginning then the db following the key.
1317 2011-11-10 16:59:24 <wumpus> well in the private file you could store the public info as wel
1318 2011-11-10 16:59:54 <phantomcircuit> wumpus, it's impossible not to
1319 2011-11-10 16:59:58 <cjdelisle> then if you enable encryption, it's easy to shred the first 32 bytes of the file
1320 2011-11-10 17:00:23 <gmaxwell> 'easy'
1321 2011-11-10 17:00:36 <gmaxwell> cjdelisle: many file systems don't let you reliably overwrite anything.
1322 2011-11-10 17:00:44 clr_ has joined
1323 2011-11-10 17:00:48 <wumpus> I don think we should worry about the file system here
1324 2011-11-10 17:00:50 <cjdelisle> aka crypto is on all the time but usually the key is at the beginning of the wallet file.
1325 2011-11-10 17:00:54 <cjdelisle> indeed
1326 2011-11-10 17:00:56 <wumpus> the problem is that the file doesn't clean itselfup
1327 2011-11-10 17:01:11 <wumpus> file system is a wholly different problem
1328 2011-11-10 17:01:13 <gavinandresen> Hmmm. Seems to me safest/easiest is for an encrypted wallet to be 'born encrypted.'
1329 2011-11-10 17:01:20 <cjdelisle> if the user is using a flash drive, there is no way you can make them safe from an attack.
1330 2011-11-10 17:01:22 <gmaxwell> wumpus: well don't say " it's easy to shred".. it's easy to run compact too.
1331 2011-11-10 17:01:28 <sipa> gavinandresen: agree we need that functionality
1332 2011-11-10 17:01:36 <gavinandresen> So Encrypt Wallet would: Create new encrypted wallet. Send all coins to new address(es). Erase old wallet.
1333 2011-11-10 17:01:51 <wumpus> gmaxwell: yes, that's easy, if it guarantees that all the unused space is squashed it's enough
1334 2011-11-10 17:01:53 <sipa> people might want to keep using their old addresses
1335 2011-11-10 17:01:57 <gmaxwell> gavinandresen: I want to keep using my old addresses.
1336 2011-11-10 17:02:01 <BlueMatt> problem is you cant just erase old wallet, people need their old addrs
1337 2011-11-10 17:02:18 <sipa> if we have a "encrypt wallet" functionality, it should guarantee the file doesn't retain a trace of the unencrypted keys
1338 2011-11-10 17:02:18 <wumpus> if a compact solves our worries that'd be great
1339 2011-11-10 17:02:21 <gavinandresen> Ok, so import the old keypairs. But don't use them for new transactions
1340 2011-11-10 17:02:24 <cjdelisle> gmaxwell: the problem with a compact() function is it makes no guarantees at all, it's not mean for security so it could just as well decide that it's not worth the effort for the saved space and just do nothing.
1341 2011-11-10 17:02:24 <sipa> about the disk we can't do anything
1342 2011-11-10 17:02:38 <gavinandresen> (mark all the keys in the old keypool as used)
1343 2011-11-10 17:02:58 <gmaxwell> cjdelisle: fine. Then htere is the simple option of resilvering.
1344 2011-11-10 17:03:06 <sipa> gavinandresen: grave enough to break 0.5.0 release?
1345 2011-11-10 17:03:18 <gmaxwell> gavinandresen: yes, thats an improvement.
1346 2011-11-10 17:03:25 <luke-jr> gavinandresen: btw, while you were gone, we learned that the licensing issues are much more involved and affect Bitcoin-Qt itself, even without involving any dependenciesâ¦
1347 2011-11-10 17:03:34 <cjdelisle> I gather by resilver you mean replace, shred, delete, move...
1348 2011-11-10 17:03:58 <sipa> yes
1349 2011-11-10 17:04:07 <gmaxwell> cjdelisle: yes, lock, create a new one, copy the data.. fill with crap.. delete.. move.. unlock as was said above.
1350 2011-11-10 17:04:08 <luke-jr> gavinandresen: in particular, it's using stuff licensed "noncommercial use only", "no derived works", and GPL all at the same time
1351 2011-11-10 17:04:10 <sipa> resilvering is really not hard to implement - but i don't have the time right now
1352 2011-11-10 17:04:32 <wumpus> gavinandresen: you could do that, but also make sure that the non-encrypted keys are flushed from the file, that remains important
1353 2011-11-10 17:04:35 <CIA-89> bitcoin: Luke Dashjr * r843365393d70 gentoo/net-p2p/ (23 files in 3 dirs): net-p2p/{bitcoind,wxbitcoin,bitcoin-qt}: Update LICENSE to include everything :/
1354 2011-11-10 17:04:37 <CIA-89> bitcoin: Luke Dashjr * rb3eee5344040 gentoo/net-p2p/bitcoind/ (4 files): net-p2p/bitcoind: remove obsolete FIXME
1355 2011-11-10 17:04:54 <gavinandresen> wumpus: ??? what non-encrypted keys in what file???
1356 2011-11-10 17:04:57 <gmaxwell> cjdelisle: that plus gavin's proposed handling of the keypool. would be as close as we can probably get.
1357 2011-11-10 17:05:06 <BlueMatt> fuck it: lets require wallets stored on partitions in a format we control, or even better: every must have a smart card to use bitcoin
1358 2011-11-10 17:05:07 <gmaxwell> gavinandresen: :( https://bitcointalk.org/index.php?topic=51474.0;topicseen
1359 2011-11-10 17:05:07 <cjdelisle> /nod
1360 2011-11-10 17:05:12 <wumpus> gavinandresen: berkelydb keeps around old stuff
1361 2011-11-10 17:05:36 <wumpus> gavinandresen: that's the problem, not so much bitcoin itself
1362 2011-11-10 17:05:44 <gavinandresen> wumpus: right, I'm saying write wallet_enc.dat, delete wallet.dat, move wallet_enc.dat to wallet.dat ....
1363 2011-11-10 17:05:59 <wumpus> gavinandresen: yes, resilvering
1364 2011-11-10 17:06:09 <gavinandresen> (ideally, secure-delete wallet.dat-- could just be a write-random-before erase)
1365 2011-11-10 17:06:17 <sipa> gavinandresen: it could be a separate operation from the encryption process itself
1366 2011-11-10 17:06:28 <gavinandresen> (probably have to shut down all database operations and remove all the log files, too...)
1367 2011-11-10 17:06:29 <sipa> just iterate the keys in a file, dump them to a new one
1368 2011-11-10 17:06:49 <wumpus> sipa: yes, it is a separate operation, it needs ot be invoked by the encryption process of course
1369 2011-11-10 17:06:54 <sipa> wumpus: yes
1370 2011-11-10 17:07:03 <wumpus> I wonder if bdb has something built-in like this, we can't be the first...
1371 2011-11-10 17:07:12 clr_ has quit (Ping timeout: 260 seconds)
1372 2011-11-10 17:07:25 <luke-jr> can't we just write a wallet.db.new, and move it over the old file?
1373 2011-11-10 17:07:45 <sipa> luke-jr: exactly what we're discussing
1374 2011-11-10 17:07:47 <gmaxwell> luke-jr: thats what sipa was suggesting with 'resilvering'
1375 2011-11-10 17:07:50 <wumpus> yes
1376 2011-11-10 17:08:01 <sipa> but the problem with the log files remains
1377 2011-11-10 17:08:08 <sipa> slightly less bad than the wallet file issue
1378 2011-11-10 17:08:23 <luke-jr> sipa: that Debian patch BlueMatt just merged seems to delete log files on clean exit
1379 2011-11-10 17:08:24 <gmaxwell> sipa: we already clean up the logs on start, no? so clean up during resilver?
1380 2011-11-10 17:08:31 <sipa> gmaxwell: oh, good
1381 2011-11-10 17:08:33 erus` has quit (Remote host closed the connection)
1382 2011-11-10 17:08:34 <wumpus> luke-jr: it's only the icons that have different licenses, if that's a problem they can be easily replaced
1383 2011-11-10 17:08:46 <luke-jr> wumpus: yes, but someone still needs to do it
1384 2011-11-10 17:08:55 <sipa> then just some message box "please close and restart bitcoin now, to make sure all traces of your all keys are deleted from temporary files"
1385 2011-11-10 17:08:56 <BlueMatt> luke-jr: thats not a patch, thats a script
1386 2011-11-10 17:09:00 <sipa> ah
1387 2011-11-10 17:09:03 <BlueMatt> luke-jr: that starts bitcoin
1388 2011-11-10 17:09:13 <luke-jr> BlueMatt: irrelevant. the point is it can (and should?) be done
1389 2011-11-10 17:09:17 <sipa> well it should be part of bitcoin itself, no?
1390 2011-11-10 17:09:29 <BlueMatt> luke-jr: yep, I brought that up a few days ago
1391 2011-11-10 17:09:34 <BlueMatt> dont remember where...
1392 2011-11-10 17:09:37 <wumpus> luke-jr: feel free to do that, I don't have any artistic skills as such
1393 2011-11-10 17:09:40 <BlueMatt> think it might have been the pull req discussion
1394 2011-11-10 17:11:20 phedny has quit (Remote host closed the connection)
1395 2011-11-10 17:11:41 <wumpus> problem with log files? do we write private keys to log files?
1396 2011-11-10 17:11:52 <BlueMatt> because they are log files of a db
1397 2011-11-10 17:11:57 <BlueMatt> and we write privkeys to the db
1398 2011-11-10 17:12:20 <wumpus> right ... ouch
1399 2011-11-10 17:12:23 <gmaxwell> wumpus: these are transaction logs used to recover from unclean shutdown, not the kind of logs you're thinking of.
1400 2011-11-10 17:12:38 <wumpus> it's leaking on all sides
1401 2011-11-10 17:12:46 <gavinandresen> Unencrypted private keys left on disk IS a 0.5 release show-stopper, in my opinion
1402 2011-11-10 17:12:47 <BlueMatt> yep
1403 2011-11-10 17:12:52 <sipa> gavinandresen: agree
1404 2011-11-10 17:12:54 <gmaxwell> Well the logs already get cleaned up on start.
1405 2011-11-10 17:12:56 <BlueMatt> also the copyright stuff...
1406 2011-11-10 17:13:28 <cjdelisle> IMO best answer to the copyright stuff is to allow the json port to support a persistent connection and split the UI from the core.
1407 2011-11-10 17:13:28 <BlueMatt> we're probably a couple weeks away from a solution to the both of those...
1408 2011-11-10 17:13:36 <gmaxwell> Yea. I actually had an encrypted copy of my wallet on a less secure machine... with privkeys in it. :-/
1409 2011-11-10 17:13:37 <BlueMatt> cjdelisle: hahahaha
1410 2011-11-10 17:13:45 <gmaxwell> cjdelisle: ... just .. stop.
1411 2011-11-10 17:13:55 <gavinandresen> Copyright stuff is not a show-stopper, in my opinion. We're as open as we can possibly be, we are certainly abiding by the spirit of all the open source licenses if not the exact annoying legal letter
1412 2011-11-10 17:13:55 <wumpus> right...
1413 2011-11-10 17:14:02 <wumpus> gavinandresen: +1
1414 2011-11-10 17:14:10 <cjdelisle> agreed there
1415 2011-11-10 17:14:13 <BlueMatt> gavinandresen: and when mtgox gets sued?
1416 2011-11-10 17:14:19 <wumpus> we need to solve the encryption stuff, replacing icons can wait for another time...
1417 2011-11-10 17:14:25 <BlueMatt> or bitcoinconsultancy
1418 2011-11-10 17:14:26 <gmaxwell> gavinandresen: I think you missed the later discussion there.
1419 2011-11-10 17:14:45 <gmaxwell> gavinandresen: the icons have non-commercial use only licenses, non-derivs licenses, etc.
1420 2011-11-10 17:14:58 <wumpus> replace the icons with black squares for all I care
1421 2011-11-10 17:15:11 <gavinandresen> gmaxwell: okey doke. Mtgox isn't using bitcoin-qt....
1422 2011-11-10 17:15:15 <luke-jr> gavinandresen: as-is right now, Bitcoin-Qt is NOT free software, and CANNOT BE USED FOR COMMERCIAL PURPOSES
1423 2011-11-10 17:15:20 <BlueMatt> the original response I got on that was "meh, the code is mit, so just use bitcoind and you are fine"
1424 2011-11-10 17:15:26 <gmaxwell> gavinandresen: come on now.
1425 2011-11-10 17:15:58 <wumpus> yes the bitcoind code does not use the icons
1426 2011-11-10 17:16:02 <BlueMatt> but seriously, who gives a shit if bitcoin-qt's icons are free software or not?
1427 2011-11-10 17:16:22 <gmaxwell> In any case, you don't need to worry about it. Let people who care fix it.
1428 2011-11-10 17:16:23 <pickett> i'm sure there's people that do
1429 2011-11-10 17:16:30 <sipa> does using an icon in a program count as "deriving work" ?
1430 2011-11-10 17:16:39 <luke-jr> sipa: clearly
1431 2011-11-10 17:16:44 <gavinandresen> luke-jr: .... so don't use bitcoin-qt for commercial purposes. That seems like a README issue.
1432 2011-11-10 17:16:55 <gmaxwell> sipa: don't waste your time trying to have an argument.
1433 2011-11-10 17:17:04 <wumpus> you could replace just the non-commercial icons
1434 2011-11-10 17:17:11 <gmaxwell> gavinandresen: That seems like a PR disaster. BITCOIN THE CRYPTOCURRENCY YOU CAN'T USE FOR COMMERCE.
1435 2011-11-10 17:17:12 <BlueMatt> though the about dialog DOES need to be updated to mention the icons we use
1436 2011-11-10 17:17:13 <gavinandresen> wumpus: who is "you" ?
1437 2011-11-10 17:17:19 <wumpus> that's not so many is it? most are GPL (crystal icons sets and such)
1438 2011-11-10 17:17:24 <BlueMatt> or Im pretty sure we ARE violating the spirit of the licenses
1439 2011-11-10 17:17:27 gjs278 has quit (Remote host closed the connection)
1440 2011-11-10 17:17:27 <wumpus> gavinandresen: the people who care
1441 2011-11-10 17:17:29 <cjdelisle> this whole discussion sounds more like something I'd expect to hear in #eligius
1442 2011-11-10 17:17:54 jarpiain has quit (Ping timeout: 240 seconds)
1443 2011-11-10 17:18:08 <mod6> I don't want to sound like a troll guys, but does anyone know if this is a known issue? Found this posted on bitcoin board:
1444 2011-11-10 17:18:11 <gavinandresen> gmaxwell: there are no issues with bitcoind, which is what all the commercial sites are using
1445 2011-11-10 17:18:11 <mod6> https://bitcointalk.org/index.php?topic=51474.msg613354#msg613354
1446 2011-11-10 17:18:18 <luke-jr> gavinandresen: by definition, ANY use of bitcoin is commercialâ¦
1447 2011-11-10 17:18:19 <gmaxwell> It's stupid. Replace the improperly licensed files with ugly black boxes until someone who gives a sit fixes them right.
1448 2011-11-10 17:18:21 <BlueMatt> mod6: yes
1449 2011-11-10 17:18:44 <gmaxwell> luke-jr: the actual text of the nd clause is narrow enough that its probably fine, but that isn't the point
1450 2011-11-10 17:19:02 <wumpus> gmaxwell: sorry, i've already replaced your text with ugly black boxes :-)
1451 2011-11-10 17:19:05 ThomasV has quit (Ping timeout: 240 seconds)
1452 2011-11-10 17:19:16 <mod6> ok. thanks, BlueMatt.
1453 2011-11-10 17:19:17 <luke-jr> I like the black-boxes solution until fixed :P
1454 2011-11-10 17:19:29 <wumpus> I don't
1455 2011-11-10 17:19:39 <gmaxwell> gavinandresen: Yes. Thats true, it's also irrelevant because it's minutia. There really isn't any sense in opening up a FUD pathway for some incorrectly licensed icons.
1456 2011-11-10 17:19:42 <wumpus> it was supposed to show how idiotic this is
1457 2011-11-10 17:19:43 <gmaxwell> wumpus: best get drawing!
1458 2011-11-10 17:19:48 jarpiain has joined
1459 2011-11-10 17:20:16 jarpiain is now known as Guest99952
1460 2011-11-10 17:20:56 <sipa> what do you need icons for?
1461 2011-11-10 17:21:06 <wumpus> a lot of open source projects use those icons anyway ...
1462 2011-11-10 17:21:17 <sipa> where do they come from?
1463 2011-11-10 17:21:34 <gmaxwell> There are several different sources.
1464 2011-11-10 17:21:36 <wumpus> lgpl'ed icon sets and such
1465 2011-11-10 17:21:46 <BlueMatt> how about this: since 0.5 isnt gonna be released any time soon anyway, those who care fix it, and those who dont shut up?
1466 2011-11-10 17:22:03 <wumpus> then again, I put them in as placeholders in the first place.. .I do code not graphics
1467 2011-11-10 17:22:16 <wumpus> if you care about graphics hire a designer
1468 2011-11-10 17:22:27 <cjdelisle> BlueMatt++
1469 2011-11-10 17:22:42 <gavinandresen> BlueMatt: yes, can somebody start a "we need MIT license icon replacements" thread on the forums? I bet it'll be easy to find volunteers to help
1470 2011-11-10 17:23:21 <gmaxwell> gavinandresen++
1471 2011-11-10 17:23:27 * BlueMatt volunteers luke-jr since he cares so much
1472 2011-11-10 17:23:32 <sipa> is CC-BY-2.5 good?
1473 2011-11-10 17:23:51 eueueu has joined
1474 2011-11-10 17:23:53 <wumpus> I think it's hard to find artists that want to license their work under MIT
1475 2011-11-10 17:24:03 <wumpus> but you could try
1476 2011-11-10 17:24:17 Nesetalis has quit (Quit: <+shponka> how does one scissor with four people <+shponka> hypercube tribadism)
1477 2011-11-10 17:24:27 <wumpus> coders are really strange in that regard, giving their stuff away without expecting anything in return and such...
1478 2011-11-10 17:24:32 <gavinandresen> GPL is the issue, I believe. Any of the CC licenses are OK, although if there are 11 different artists the About box will have to get a lot bigger
1479 2011-11-10 17:25:03 <wumpus> just make it scrolling and note all the code contributors too :P
1480 2011-11-10 17:25:13 <wumpus> those are still more numerous
1481 2011-11-10 17:25:20 <sipa> http://www.famfamfam.com/lab/icons/silk/
1482 2011-11-10 17:25:32 <gavinandresen> .... like those license agreements we all always read....
1483 2011-11-10 17:25:42 <gmaxwell> gavinandresen: The free software incompatible cc licenses should probably be avoided here (NC / ND / Sampling+)
1484 2011-11-10 17:25:49 <wumpus> yeah it's just for the letter of the law, not to actually read
1485 2011-11-10 17:25:54 <gavinandresen> gmaxwell: right, I forgot about those
1486 2011-11-10 17:26:31 <sipa> wumpus: are those famfamfal silk icons suitable?
1487 2011-11-10 17:26:42 pickett has quit (Remote host closed the connection)
1488 2011-11-10 17:26:46 AStove has joined
1489 2011-11-10 17:27:13 <wumpus> sipa: for some, they don't have icons for all purposes we use them for
1490 2011-11-10 17:27:19 <sipa> ok
1491 2011-11-10 17:27:38 <BlueMatt> how about this: we license bitcoin as "use this under any license you feel like writing or using" and then we can use whatever the fuck we want?
1492 2011-11-10 17:27:45 pickett has joined
1493 2011-11-10 17:27:58 <gmaxwell> In order of preference: MIT (And other similar no-advertising BSD licenses), 'PUBLIC DOMAIN', CC-BY, LGPL, CC-BY-SA
1494 2011-11-10 17:28:07 <gmaxwell> BlueMatt: you're missing the problem.
1495 2011-11-10 17:28:10 * wumpus feels like he should simply have left out the assets attribution file
1496 2011-11-10 17:28:22 <BlueMatt> gmaxwell: it was kinda a joke...
1497 2011-11-10 17:28:33 <gmaxwell> BlueMatt: if we merge in some restrictively licensed crap then bitcoin's overall license is made messy by it.
1498 2011-11-10 17:28:36 <gmaxwell> Oh.
1499 2011-11-10 17:29:51 <wumpus> or maybe put the images in a special 'theme' repository and license it differently...
1500 2011-11-10 17:30:09 <BlueMatt> imho one of free software's main problems is a fundamental inability to compromize, thus you see forks or lack of movement. Either someone makes a decision and it alienates some people, or you are unwilling to do that and thus dont move anywhere
1501 2011-11-10 17:30:12 <luke-jr> some of these non-free icons are Copyright: Wladimir van der Laan
1502 2011-11-10 17:30:17 <luke-jr> think we can just get him to do MIT?
1503 2011-11-10 17:30:25 <wumpus> yes :p
1504 2011-11-10 17:30:43 <wumpus> they are really licensed under the 'I don't care' license
1505 2011-11-10 17:30:57 <luke-jr> BlueMatt: or for TBC, someone decides to alienate people for no gain whatsoever
1506 2011-11-10 17:31:24 <BlueMatt> well its still the same problem, they just have the opinion that their decision is a good one
1507 2011-11-10 17:31:33 <luke-jr> not really
1508 2011-11-10 17:31:38 <luke-jr> sometimes a decision has to be made
1509 2011-11-10 17:31:43 <luke-jr> supporting TBC better hurts nobody
1510 2011-11-10 17:32:16 * BlueMatt isnt gonna argue that particular decision yet again, but I would argue its still the same issue
1511 2011-11-10 17:32:21 <BlueMatt> a decision had to be made
1512 2011-11-10 17:32:46 <luke-jr> a decision to alienate people, or not alienate anymore
1513 2011-11-10 17:32:48 <luke-jr> anyone*
1514 2011-11-10 17:33:08 <gmaxwell> luke-jr: you know no decision is without compromises come now.
1515 2011-11-10 17:33:56 <gmaxwell> adding support for TBC to bitcoin would add additional code with additional (if small) bug risk and maintance costs... plus the risk that random users bump into it and confuse themselves, accidently send amounts they didn't intend etc.
1516 2011-11-10 17:34:03 <gmaxwell> These costs may be quite small but they're not zero.
1517 2011-11-10 17:34:33 <gmaxwell> And people need to weigh them against the benefit is is also quite small unless the person measuring them is .. you.
1518 2011-11-10 17:38:32 etotheipi_ has joined
1519 2011-11-10 17:39:01 caedes has joined
1520 2011-11-10 17:39:02 caedes has quit (Changing host)
1521 2011-11-10 17:39:02 caedes has joined
1522 2011-11-10 17:39:05 erus` has joined
1523 2011-11-10 17:41:47 PK has joined
1524 2011-11-10 17:43:56 AStove has quit ()
1525 2011-11-10 17:44:51 slush has joined
1526 2011-11-10 17:47:19 chrisb__ has quit (Quit: Ex-Chat)
1527 2011-11-10 17:47:59 etotheipi_ has quit (Quit: Page closed)
1528 2011-11-10 17:49:56 <Davincij15> Is there a way to keep track of a bitcoin even as it fractures?
1529 2011-11-10 17:51:05 <sipa> Davincij15: what do you want to keep track of?
1530 2011-11-10 17:51:39 <Diablo-D3> and what do you mean fracture?
1531 2011-11-10 17:52:04 <wumpus> you can always follow everything in the block chain but it branches out ofc
1532 2011-11-10 17:52:05 <Davincij15> sipa: Lets say I want to watch one coin and where it goes how it split up into fractions etc
1533 2011-11-10 17:52:42 <sipa> coins split and coins get merged
1534 2011-11-10 17:53:01 <gmaxwell> Davincij15: in not too long all of the circulating coin will have your coin as an ancestor.
1535 2011-11-10 17:53:36 <sipa> but you might be able to say "this coin here has 2.458737% of that older coin in it"
1536 2011-11-10 17:54:30 <Davincij15> I am wondering if you could have a closed system where only select group of bitcoins can be used.
1537 2011-11-10 17:55:59 <wumpus> afaik the only way to get a closed system is to start your own chain
1538 2011-11-10 17:56:07 <Davincij15> So basicly you would have a seprate bitcoind that only accepts a select group of bitcoins
1539 2011-11-10 17:56:37 <wumpus> that woudn't work, the recipient doesn't decide what to accept
1540 2011-11-10 17:57:04 <sipa> gavinandresen, BlueMatt, gmaxwell, wumpus: easiest way to implement resilvering seems to have a flag set when encrypting, and when that flag is present, the wallet is resilvered at shutdown
1541 2011-11-10 17:57:31 <Davincij15> wumpus: true but the genisis system would.
1542 2011-11-10 17:57:46 <sipa> that way, no concurrency issues
1543 2011-11-10 17:58:11 <wumpus> sipa: yes that'd make a lot of sense
1544 2011-11-10 17:58:51 <wumpus> sipa: combined with the popup box that asks the user to restart bitcoin
1545 2011-11-10 17:58:55 <gmaxwell> sipa: k, what about the existing encrypted wallets that need to be resilvered now?
1546 2011-11-10 17:59:03 <wumpus> it could also resilver at the next start
1547 2011-11-10 17:59:25 <sipa> maybe we could set a flag in the file "has been resilvered since encryption"
1548 2011-11-10 17:59:29 <wumpus> gmaxwell: reverse the condition... if the flag is not present, resilver at next start
1549 2011-11-10 17:59:39 <sipa> wumpus: exactly
1550 2011-11-10 18:00:05 etotheipi__ has joined
1551 2011-11-10 18:02:11 <etotheipi__> sorry, never used IRC before: am I alone in here?
1552 2011-11-10 18:02:16 <sipa> you're not
1553 2011-11-10 18:02:41 <etotheipi__> I wanted to join the discussion about the encryption issue
1554 2011-11-10 18:02:42 <wumpus> you are alone
1555 2011-11-10 18:02:48 <cocktopus> there are 295 people in here :D
1556 2011-11-10 18:03:01 <cocktopus> some of which are sleeping or otherwise occupied
1557 2011-11-10 18:03:02 <sipa> etotheipi__: the idea is to do a "resilvering" of the wallet.dat file
1558 2011-11-10 18:03:38 <sipa> etotheipi__: at shutdown or next startup, iterate all entries in the file, dump into a wallet.dat.new file, close the first one, shred it, and rename+overwrite
1559 2011-11-10 18:03:42 ThomasV has joined
1560 2011-11-10 18:04:08 <etotheipi__> I know that many filesystems avoid rewriting files to the same location, but is this true even for opening a file in "rw" mode and seeking to the byte location to overwrite it?
1561 2011-11-10 18:04:29 <sipa> etotheipi__: we can't prevent the disk to retain unencrypted bits of the former keys
1562 2011-11-10 18:04:44 <wumpus> the filesystem/disk is not the problem here
1563 2011-11-10 18:04:52 <sipa> well, it is, but it is far less serious
1564 2011-11-10 18:05:02 <wumpus> it's a completely different issue
1565 2011-11-10 18:05:11 <wumpus> an OS-level issue
1566 2011-11-10 18:05:18 <sipa> (which would be solved by having wallet.dat files be born encrypted)
1567 2011-11-10 18:05:27 <etotheipi__> well it is the problem if it's preventing us from manually blanking the private data
1568 2011-11-10 18:05:31 <gmaxwell> The resilvering will still improve that on some systems.
1569 2011-11-10 18:05:41 <sipa> improve; not solve
1570 2011-11-10 18:05:46 <wumpus> resilvering is needed to solve the db issue
1571 2011-11-10 18:06:06 <gmaxwell> And the ones it doesn't improve it onâ can only be solved via having the wallet be born encrypted.
1572 2011-11-10 18:06:23 imsaguy2 is now known as imsagod2
1573 2011-11-10 18:06:50 <wumpus> yes but the main threat is wallet.dat files being stolen
1574 2011-11-10 18:07:03 <gmaxwell> To do born encrypted... defer creating the wallet.dat until an address is requested. This also avoids the old backup problem, I think, because there would be nothing to backup.
1575 2011-11-10 18:07:22 <sipa> by the way, so far nobody has verified etotheipi__'s claim that keys linger, but it sounds very reasonable to me
1576 2011-11-10 18:07:28 <gmaxwell> Then if the user encrypts before hitting getaddress.. tada. born encrypted.
1577 2011-11-10 18:07:39 <etotheipi__> well I posted what you need to do to verify it
1578 2011-11-10 18:08:04 <etotheipi__> those three commands (the wget commands and python-exec) will verify it... assuming you trust me ;)
1579 2011-11-10 18:08:12 gp5st has left ()
1580 2011-11-10 18:08:13 imsagod2 is now known as imsaguy2
1581 2011-11-10 18:08:27 <etotheipi__> or I can tell you exactly how it's done
1582 2011-11-10 18:09:02 <wumpus> gmaxwell: the old backup problem can still happen, it's just postponed :)
1583 2011-11-10 18:09:36 <etotheipi__> search for 0x04 bytes, grab the next 64 and check if it's on the secp256k1 curve. If it is, you have a public key. Then, from the byte-location of the 0x04, look backwards 207 bytes, and 283 bytes
1584 2011-11-10 18:09:58 <CIA-89> bitcoin: various free_icons * r5a7321..8828da bitcoind-personal/ (169 files in 41 dirs): (66 commits)
1585 2011-11-10 18:10:10 <etotheipi__> i.e. grab bytes file[i-207:i-207+32] and file[i-283:i-283+32]
1586 2011-11-10 18:10:15 <gmaxwell> wumpus: the grouping of the words "old backup" was ambigious in my statement.
1587 2011-11-10 18:10:33 <etotheipi__> where i is the location of the 0x04 byte preceeding the public key
1588 2011-11-10 18:10:49 <gmaxwell> wumpus: let me restate: the problem we used to have where a user would start a new wallet, back it up, send some coins to it.. only to later find the backup was useless would not happen with this.
1589 2011-11-10 18:11:34 <wumpus> gmaxwell: ok, yes that's right, if there is no wallet.dat he can not make that mistake
1590 2011-11-10 18:11:47 <sipa> etotheipi__: you might be able to find even slightly more keys, if you first search for all (04 + 64 bytes) that are valid pubkeys, and then separately try each 32-byte sequence as a private key secret, checking whether it matches a pubkey you already found
1591 2011-11-10 18:11:50 <gmaxwell> wumpus: to fix that problem we switched to agressively generating the whole keypool at start... which has exacerbated the wallet leaks.
1592 2011-11-10 18:12:02 <wumpus> gmaxwell: yep...
1593 2011-11-10 18:12:04 <etotheipi__> sipa: I used to do that
1594 2011-11-10 18:12:15 <sipa> but that doesn't result in more matches?
1595 2011-11-10 18:12:17 Litt has joined
1596 2011-11-10 18:12:27 <sipa> as it would also find partially-overwrriten privkeys
1597 2011-11-10 18:12:52 <etotheipi__> I used to do that and observed the offsets of the private key from the public key
1598 2011-11-10 18:13:03 <etotheipi__> it seemed that most of them were 207 or 283 bytes
1599 2011-11-10 18:13:09 <etotheipi__> if not all
1600 2011-11-10 18:13:11 <sipa> seems very reasonable
1601 2011-11-10 18:13:28 <sipa> the privkeys stored by the old format uses 279-byte sequences that include the pubkey
1602 2011-11-10 18:13:37 <sipa> and the pubkey is used as key of the key-value pair as well
1603 2011-11-10 18:13:52 <fgdfgfg> ;;seen Xaphias
1604 2011-11-10 18:13:53 <gribble> I have not seen Xaphias.
1605 2011-11-10 18:13:54 <sipa> so you have a (pubkey,privkey-that-includes-pubkey) pair in the file
1606 2011-11-10 18:14:20 <gmaxwell> sipa: since we're obviously not running the compact call, I wonder how much smaller the bdb files would be if we did.
1607 2011-11-10 18:14:43 <wumpus> calling compact would be a good (but not perfectly secure) intermediate solution
1608 2011-11-10 18:15:19 BlueMatt has quit (Quit: Ex-Chat)
1609 2011-11-10 18:15:25 <wumpus> depending on how bdb does compacting
1610 2011-11-10 18:15:30 <etotheipi__> I'm curious, even if bsddb didn't have this ignore-but-dont-overwrite-deleted-data problem, couldn't this have been a problem anyway, just due to the filesystem?
1611 2011-11-10 18:16:02 <etotheipi__> if the keys were stored unencrypted at any point in time, how do we ever know we deleted them securely
1612 2011-11-10 18:16:08 <gmaxwell> etotheipi__: yes, it's a problem on the diskâ but that was a known limitation (IIRC its documented too) we're taking that as less severe as leaving the data in the file
1613 2011-11-10 18:16:12 <luke-jr> https://github.com/bitcoin/bitcoin/pull/631
1614 2011-11-10 18:16:13 <wumpus> yes, but it would protect against wallet.dat theft in that cast, which is what wallet encryption was implemented for
1615 2011-11-10 18:16:33 <etotheipi__> ahh, good point
1616 2011-11-10 18:16:44 <luke-jr> gavinandresen: ^
1617 2011-11-10 18:16:46 <wumpus> the memory or disk could still retain old data, but there's little you can do as userspace program
1618 2011-11-10 18:17:18 <sipa> etotheipi__: if someone has byte-level access to your filesystem's device, you're probably in trouble anyway
1619 2011-11-10 18:17:31 <wumpus> yeah...
1620 2011-11-10 18:17:32 <etotheipi__> agreed
1621 2011-11-10 18:17:34 <gmaxwell> I have a great example of how this exposed me.. I have a normally offline wallet ... that I put on an internet connected machine after encrypting.. because doing so made it easier to check the balance. My thought was that I was safe so long as I never provided the key on that machine.. doh!
1622 2011-11-10 18:17:46 <wumpus> they would probably just wait for you to enter the decryption key
1623 2011-11-10 18:17:53 <wumpus> instead of going forensic on your disk
1624 2011-11-10 18:18:01 <gmaxwell> I'd run the python script on it but I secure erased the media as soon as I saw the post. (doh2)
1625 2011-11-10 18:19:01 <etotheipi__> well someone must have such a wallet they can test on
1626 2011-11-10 18:19:15 <etotheipi__> as long as it was previously stored unencrypted, and then later became encrypted
1627 2011-11-10 18:19:44 <CIA-89> bitcoin: Luke Dashjr free_icons * r81dd7aa4c1d4 bitcoind-personal/ (4 files in 2 dirs): Replace icons with Nuvola (LGPL 2.1): some (but not all) GPL-licensed
1628 2011-11-10 18:20:13 <gavinandresen> I've got several unencrypted wallets, I can do some experimenting after lunch.
1629 2011-11-10 18:20:19 <wumpus> yes, we really need to test with such a wallet; for example, if compact gets rid of all the extraneous keys
1630 2011-11-10 18:20:53 <etotheipi__> if it's true that all private keys are stored with their public key counterparts, then my technique should find all of them
1631 2011-11-10 18:21:52 <etotheipi__> it actually seems to find thousands of public keys ... for some reason I think the file ends up with like 10 public keys for every transaction -- but only a few have the private keys with them
1632 2011-11-10 18:22:39 Nesetalis has joined
1633 2011-11-10 18:23:00 <wumpus> luke-jr: great
1634 2011-11-10 18:23:28 T_X has quit (Ping timeout: 244 seconds)
1635 2011-11-10 18:24:48 <wumpus> luke-jr: the animation is generated by spinning the refresh icon, so if you find an alternative icon that's suited for that we can simply do the same
1636 2011-11-10 18:25:45 <luke-jr> wumpus: no, it isn't. It's a MNG animation
1637 2011-11-10 18:26:00 <Davincij15> I know how!
1638 2011-11-10 18:26:13 <wumpus> luke-jr: I know, the python script to generate is it in scripts/qt ...
1639 2011-11-10 18:26:20 <Davincij15> take an existing chain and branch it from that point on.
1640 2011-11-10 18:26:35 <luke-jr> wumpus: oh, what res does it want for input?
1641 2011-11-10 18:28:26 <wumpus> 128x128... but we could use everything >32x32 I guess, needs some extra resolution beyond 16 as rotation loses quality
1642 2011-11-10 18:28:41 <luke-jr> Nuvola's view-refresh might work, but it wasn't designed for spinning
1643 2011-11-10 18:29:38 <wumpus> hehe
1644 2011-11-10 18:29:48 <Davincij15> Everyone's coins and wallet would be valid on the second chain from that point on and merged mining can keep it going.
1645 2011-11-10 18:30:59 <Davincij15> interesting and scary thought actually.
1646 2011-11-10 18:31:58 kykti has joined
1647 2011-11-10 18:45:52 <sipa> ok, i implemented resilvering
1648 2011-11-10 18:45:55 * sipa tests
1649 2011-11-10 18:47:07 <Eliel> Davincij15: who are you responding to?
1650 2011-11-10 18:47:49 <Eliel> Davincij15: you're of course correct, but I can't figure out who you're talking with :)
1651 2011-11-10 18:48:14 <etotheipi__> everyone who cares about fixing the wallet-not-really-encrypted problem
1652 2011-11-10 18:48:16 dlb76 has quit (Ping timeout: 244 seconds)
1653 2011-11-10 18:49:01 <sipa> Davincij15: we're not going to fork the block chain because of a client implementation issue
1654 2011-11-10 18:51:03 <etotheipi__> sipa, I can test it on my wallet.dat, which obviously has the problem
1655 2011-11-10 18:51:13 Kolky has joined
1656 2011-11-10 18:51:27 <etotheipi__> well, not if it requires compiling the client... I haven't done that before
1657 2011-11-10 18:51:34 <nanotube> so... anyone care to fill me in with a one-sentence summary of the "encryption problem" ?
1658 2011-11-10 18:51:54 <etotheipi__> https://bitcointalk.org/index.php?topic=51474.0
1659 2011-11-10 18:51:57 <Eliel> nanotube: bsddb doesn't actually reliably delete data from the file when overwritten.
1660 2011-11-10 18:52:02 <sipa> nanotube: bdb doesn't overwrite everything, so when encrypting a wallet, unencrypted private keys seem to remain in the wallet.dat file
1661 2011-11-10 18:52:21 <nanotube> ah ic. that's a problem indeed.
1662 2011-11-10 18:52:49 <ThomasV> nanotube: not all your keys are belong to encryption
1663 2011-11-10 18:54:39 dlb76 has joined
1664 2011-11-10 18:54:44 dlb76 has quit (Changing host)
1665 2011-11-10 18:54:44 dlb76 has joined
1666 2011-11-10 18:54:59 merde has quit (Ping timeout: 248 seconds)
1667 2011-11-10 18:55:28 KicStart42 has joined
1668 2011-11-10 18:56:07 T_X has joined
1669 2011-11-10 18:56:07 T_X has quit (Changing host)
1670 2011-11-10 18:56:07 T_X has joined
1671 2011-11-10 18:56:27 merde has joined
1672 2011-11-10 19:02:39 eastender has joined
1673 2011-11-10 19:04:26 agricocb has quit (Quit: Leaving.)
1674 2011-11-10 19:04:57 <Davincij15> Eliel: To the people that said it was not posible.
1675 2011-11-10 19:05:24 <luke-jr> LOL @ forking the block chain to fix a client storage issue
1676 2011-11-10 19:06:39 <Davincij15> sipa: I was not talking about a client storage issue I was thinking of diffrent ways to the bitcoin tech
1677 2011-11-10 19:07:12 <gavinandresen> Reproduced the encryption problem; 84 of 104 private keys left unencrypted in an 'encrypted' wallet.dat.
1678 2011-11-10 19:07:47 <gavinandresen> I'll see if just calling db->compact() fixes...
1679 2011-11-10 19:08:21 zapnap has joined
1680 2011-11-10 19:10:02 danbri has joined
1681 2011-11-10 19:11:23 <wumpus> gavinandresen: wow that's bad, it's great that someone discovered this
1682 2011-11-10 19:12:52 p0s has quit (Remote host closed the connection)
1683 2011-11-10 19:13:54 <Davincij15> wumpus: It's not a show stopper it's just a normal bug in a complex software product.
1684 2011-11-10 19:15:26 ThomasV has quit (Quit: Quitte)
1685 2011-11-10 19:15:42 <wumpus> yes, but it's still great that the guy reported it instead of abusing it
1686 2011-11-10 19:16:13 iocor has quit (Quit: Computer has gone to sleep.)
1687 2011-11-10 19:17:25 ThomasV has joined
1688 2011-11-10 19:19:08 <nanotube> ThomasV: heh
1689 2011-11-10 19:19:09 <sipa> gavinandresen: any luck with ->compact()?
1690 2011-11-10 19:19:16 iocor has joined
1691 2011-11-10 19:19:30 <gavinandresen> sipa: just about to test it
1692 2011-11-10 19:19:44 iocor has quit (Client Quit)
1693 2011-11-10 19:20:33 <luke-jr> Davincij15: I disagree. This is a major security hole.
1694 2011-11-10 19:20:47 <luke-jr> Davincij15: some people are making unencrypted backups in public
1695 2011-11-10 19:21:23 <Davincij15> luke-jr: I see your point.
1696 2011-11-10 19:21:24 <ThomasV> luke-jr: like me :-/
1697 2011-11-10 19:21:28 glitch-mod has joined
1698 2011-11-10 19:21:39 Detritus has joined
1699 2011-11-10 19:21:44 <nanotube> ThomasV: let that be a lesson - always go for layers. :)
1700 2011-11-10 19:22:05 <ThomasV> heh
1701 2011-11-10 19:22:27 <ThomasV> I used to encrypt my wallet before it had built in encryption
1702 2011-11-10 19:22:35 <gmaxwell> ThomasV: I don't believe you, where is this public backup?
1703 2011-11-10 19:22:36 <gmaxwell> ;)
1704 2011-11-10 19:22:57 <ThomasV> gmaxwell: it's not public, but it is stored at amazon s3
1705 2011-11-10 19:22:58 <gavinandresen> compact() is looking good....
1706 2011-11-10 19:22:59 <luke-jr> really, gavinandresen or someone should be putting out a security alert with instructions to create a new wallet and send all funds to it, and stop using affected addresses immediately
1707 2011-11-10 19:23:09 <gavinandresen> oops, spoke too soon
1708 2011-11-10 19:23:10 <luke-jr> isn't there some central security announcement service?
1709 2011-11-10 19:23:20 <gavinandresen> compact dropped number of private keys found to 7
1710 2011-11-10 19:23:27 <gmaxwell> luke-jr: thats not in proportion, â did we send out such an announcement when we introduced encryption?
1711 2011-11-10 19:23:36 <nanotube> gavinandresen: so still a crapshoot eh...
1712 2011-11-10 19:23:38 <gmaxwell> are we always sending them out because most users don't use it? :)
1713 2011-11-10 19:23:41 <luke-jr> gmaxwell: that's totally different
1714 2011-11-10 19:23:52 <luke-jr> gmaxwell: before, people knew it was unencrypted, and that backups had to be secure
1715 2011-11-10 19:24:09 <nanotube> gmaxwell: well, it probably would be a good idea to have an rss feed with important announcements or some such.
1716 2011-11-10 19:24:11 <luke-jr> gmaxwell: but encrypted wallets should be safe to distribute that way, or so people assumed
1717 2011-11-10 19:24:14 <wumpus> hm so even compaction doesn't get rid of everything
1718 2011-11-10 19:24:25 <sipa> i'm very close to having resilver work
1719 2011-11-10 19:24:35 <gmaxwell> luke-jr: I agree its different... but the announcement should just be that there is a leak and you're not impacted if you don't use crypto.
1720 2011-11-10 19:24:39 <luke-jr> sipa: be sure there's a way for users to manually activate it
1721 2011-11-10 19:24:49 <luke-jr> gmaxwell: sure, it should have details
1722 2011-11-10 19:25:03 <luke-jr> 1. this only affects users who distributed their encrypted wallet files
1723 2011-11-10 19:25:03 <gavinandresen> Might be a good time to use the alert system for people running 0.4
1724 2011-11-10 19:25:19 <luke-jr> 2. if so, assume your addresses are all compromised
1725 2011-11-10 19:25:19 <sipa> luke-jr: it will be activated automatically for everyone who didn't resilver since encrypting their wallets
1726 2011-11-10 19:25:31 <luke-jr> 3. do <this> immediately to get secure
1727 2011-11-10 19:25:57 <luke-jr> gavinandresen: yeah, write something up with details, then send a link
1728 2011-11-10 19:26:00 <gmaxwell> sipa: might want to make resilver run as part of backupwallet too? just create more compact backups?
1729 2011-11-10 19:26:03 <luke-jr> or can you send links? :/
1730 2011-11-10 19:26:17 <luke-jr> actually, IS backupwallet affected?
1731 2011-11-10 19:26:25 <luke-jr> if not, this suddenly becomes much less major
1732 2011-11-10 19:26:30 <gmaxwell> yea.. actually thats a good point.
1733 2011-11-10 19:26:30 <sipa> i suppose it is
1734 2011-11-10 19:26:38 <luke-jr> since people are already told to use backupwallet for everything
1735 2011-11-10 19:26:41 <gavinandresen> backupwallet just copies the wallet.dat file, if I recall
1736 2011-11-10 19:26:49 <luke-jr> gavinandresen: but copying wallet.dat *doesn't work*
1737 2011-11-10 19:26:57 <luke-jr> (if the client is running)
1738 2011-11-10 19:27:02 <gmaxwell> gavinandresen: thats going to confuse people... I don't think a majority of users are using wallet encryption.
1739 2011-11-10 19:27:08 <gavinandresen> luke-jr: it does if you close/flush the database... which is what the RPC call does
1740 2011-11-10 19:27:13 <gmaxwell> luke-jr: it flushes it
1741 2011-11-10 19:27:38 <wumpus> I don't think this warrants using the alert system
1742 2011-11-10 19:27:46 <wumpus> a message on the site would be good enough
1743 2011-11-10 19:28:00 <gmaxwell> We want to be careful that we don't scare people away from the encryption.
1744 2011-11-10 19:28:06 <gmaxwell> "Oh, I heard that was insecure" doh.
1745 2011-11-10 19:28:19 <wumpus> yeah... better to fix it first maybe
1746 2011-11-10 19:28:23 <wumpus> so we can give an upgrade path
1747 2011-11-10 19:28:41 <luke-jr> in addition to points 1,2,3: 0. do not make backups without external encryption
1748 2011-11-10 19:28:43 <wumpus> download this version and run it and you 're safe
1749 2011-11-10 19:29:19 <gmaxwell> luke-jr: thats always good advice for confidentality reasons.
1750 2011-11-10 19:30:56 <luke-jr> wumpus: not if you already did the backup
1751 2011-11-10 19:32:24 <luke-jr> 1. this only affects users who distributed their encrypted wallet files (so don't do it!) 2. if so, assume your addresses are all compromised 3. do <this> immediately to get secure 4. upgrade to 0.4.1 or newer to trust encryption again
1752 2011-11-10 19:32:27 <wumpus> luke-jr: indeed, if you used encrypted wallets to protect your backups you're kind of screwed
1753 2011-11-10 19:33:20 <wumpus> luke-jr: the only way to resolve that would be to send all coins to a new wallet
1754 2011-11-10 19:33:53 <gmaxwell> 'resolve that' .. to be clear, to resolve putting your backups on a public website.
1755 2011-11-10 19:34:00 <gmaxwell> if your wallet backups are just usb keys.. you're fine.
1756 2011-11-10 19:34:19 <wumpus> gmaxwell: yes I meant "as only way to protect your backups"
1757 2011-11-10 19:34:27 <Diablo-D3> Im still waiting for someone to make a dildo shaped usb key
1758 2011-11-10 19:34:35 <wumpus> if it's on an usb stick in a safe it's not an issue
1759 2011-11-10 19:35:02 <gavinandresen> Interesting.... modifying where I do the compact() makes a difference. Inside encrypt-wallet-transaction: 7 keys left. Inside AND after the txn->commit: 0
1760 2011-11-10 19:35:05 <wumpus> but if you uploaded it as an attachment to your gmail....
1761 2011-11-10 19:35:21 asherkin has quit (Remote host closed the connection)
1762 2011-11-10 19:35:26 <Diablo-D3> <fbi agent> argh, I found the perp's sex toy collection <other fbi agent> is there a usb key in there? <fbo agent> no, and Im going to go bleach my hands now
1763 2011-11-10 19:35:30 <luke-jr> gavinandresen: sounds reasonable; but I'd check to be sure it isn't coincidence
1764 2011-11-10 19:35:46 <sipa> gavinandresen: it may skip compaction of parts that are in use?
1765 2011-11-10 19:36:03 <gavinandresen> sipa: maybe. I'll try just outside-the-txn
1766 2011-11-10 19:36:52 <wumpus> gavinandresen: that's good... after the commit sounds like the most reasonable place to do it in any case, as all the dependencies on the removed data are gone
1767 2011-11-10 19:37:27 <imsaguy2> once it gets fixed/released, make sure the forum notification bar is updated ASAP
1768 2011-11-10 19:38:04 <sipa> maybe this is serious enough to do an emergency fix for 0.4, or are we close enough to 0.5?
1769 2011-11-10 19:38:14 <luke-jr> sipa: I'm maintaining 0.4 anyway
1770 2011-11-10 19:38:16 AAA_awright has joined
1771 2011-11-10 19:38:26 <luke-jr> so it's just a matter of getting someone to make binaries
1772 2011-11-10 19:38:40 <sipa> luke-jr: i know, but i doubt many users of 0.4 are aware of your 0.4 branch
1773 2011-11-10 19:38:59 <sipa> and if 0.5 doesn't get released soon enough, they'll keep using the old 0.4
1774 2011-11-10 19:39:35 <gmaxwell> sipa: we should fix 0.4 alsoâ just because people might get stuck on 0.4 for a bit due to bugs in bitcoin-qt that we're not yet aware of.
1775 2011-11-10 19:40:33 <luke-jr> sipa: or gavinandresen can make 0.4.1 a prominent part of the announcement
1776 2011-11-10 19:40:35 <gavinandresen> Ah, I think the answer is "re-run compact() until bdb tells you it cannot compact any more" (running just once, inside or outside txn, left 7 unencrypted private keys)
1777 2011-11-10 19:41:23 <luke-jr> gavinandresen: I think sipa's solution is safer, but yours might fit better in 0.4
1778 2011-11-10 19:41:32 larsivi has joined
1779 2011-11-10 19:41:33 <luke-jr> (as in, be less invasive of a change)
1780 2011-11-10 19:41:44 <gavinandresen> luke-jr: yup
1781 2011-11-10 19:42:04 asherkin has joined
1782 2011-11-10 19:42:14 <luke-jr> gavinandresen: I was planning to match 0.4.1 up with 0.5.0's release, but I guess we should just tag 0.4.1 as soon as this one is fixed
1783 2011-11-10 19:42:42 <gavinandresen> luke-jr: yup
1784 2011-11-10 19:43:36 imsaguy2 is now known as imsagodII
1785 2011-11-10 19:43:36 <luke-jr> gavinandresen: can you call a US number free of charge?
1786 2011-11-10 19:44:44 <luke-jr> actually, be faster if you just commit & tag 0.4.1 yourself
1787 2011-11-10 19:44:58 <luke-jr> just be sure to commit it on top of git://gitorious.org/+bitcoin-stable-developers/bitcoin/bitcoind-stable.git
1788 2011-11-10 19:45:01 <Davincij15> luke-jr, gavinadersen: GMail allows you to make free phone calls
1789 2011-11-10 19:45:03 <luke-jr> 0.4.x branch
1790 2011-11-10 19:45:18 <luke-jr> just in case I'm not here
1791 2011-11-10 19:45:27 <luke-jr> (not that I plan to go anywhere today)
1792 2011-11-10 19:46:00 <gavinandresen> luke-jr: sure, send me your phone number of skype id
1793 2011-11-10 19:47:07 <luke-jr> gavinandresen: if you want me to do the 0.4.x commit+tag, just ping me when it's ready
1794 2011-11-10 19:48:15 <luke-jr> if I'm not here, feel free to pull the latest 0.4.x branch, commit+tag yourself, and ping me to pull your branch thereof
1795 2011-11-10 19:48:29 <luke-jr> (or join Gitorious so I can add you as a pusher :P)
1796 2011-11-10 19:50:08 AAA_awright__ has joined
1797 2011-11-10 19:50:47 <etotheipi__> wow, I didn't even think of public backups... I assumed this problem would be isolated to the users' own HDDs
1798 2011-11-10 19:51:17 <gmaxwell> etotheipi__: well public backups were a bad idea previously, but people didn't expect to get robbed.
1799 2011-11-10 19:51:37 <etotheipi__> in the future, I'll email the dev list, first, before posting something like this -- sounds like this kind of problem is kept low-profile until a solution is implemented
1800 2011-11-10 19:51:53 <etotheipi__> *should be kept low-profile
1801 2011-11-10 19:51:55 <gmaxwell> etotheipi__: what percentage of ThomasV's wallet do I owe you?
1802 2011-11-10 19:52:02 <ThomasV> ?
1803 2011-11-10 19:52:03 <luke-jr> lol
1804 2011-11-10 19:52:06 <etotheipi__> haha
1805 2011-11-10 19:52:15 <etotheipi__> don't worry, I already took what I thought I was owed
1806 2011-11-10 19:52:21 <luke-jr> :D
1807 2011-11-10 19:52:23 <gmaxwell> haha
1808 2011-11-10 19:52:31 <ThomasV> gmaxwell: that's not funny. give me back my coins
1809 2011-11-10 19:52:53 <ThomasV> please
1810 2011-11-10 19:53:09 <gmaxwell> Okay your coins are back.
1811 2011-11-10 19:53:27 <sipa> bah, i hate bdb
1812 2011-11-10 19:53:37 AAA_awright has quit (Ping timeout: 240 seconds)
1813 2011-11-10 19:54:10 <ThomasV> gmaxwell: all of my 10000 btc?
1814 2011-11-10 19:54:12 AStove has joined
1815 2011-11-10 19:54:14 <sipa> sorry, it's not as easy as i though: you get weird issues if you try to dump to another file within the same db environnement, when flushing that env
1816 2011-11-10 19:54:32 <sipa> it tries to sync to a file that doesn't exist anymore
1817 2011-11-10 19:55:08 <sipa> and i'm not sure how to create a second db env within the same directory
1818 2011-11-10 19:55:48 <Eliel> it's reasonably simple to clean the empty space on a hdd partition, fill it to the brim with a large file and then delete it. Many people might find it helpful if it were documented somewhere.
1819 2011-11-10 19:55:51 <wumpus> can you close the environment before deleting the file?
1820 2011-11-10 19:55:54 <gmaxwell> sipa: openA] .. [openB copyA-B closeB closeA deleteA moveB-A open] ? e.g. close out everything before switching?
1821 2011-11-10 19:56:04 <wumpus> gmaxwell: exactly
1822 2011-11-10 19:56:35 <sipa> yes, that'd be possible
1823 2011-11-10 19:56:41 <sipa> but it would mean starting over :)
1824 2011-11-10 19:56:56 <gmaxwell> Eliel: thats not completely reliable due to spare sectors, sadly.
1825 2011-11-10 19:57:28 <wumpus> not completely reliable, but it would work mostly
1826 2011-11-10 19:58:00 <gmaxwell> Also not completely reliable due to the FS not letting you get to all the freespace. E.g. on linux systems 5% is usually reserved for root/anti-fragmentation room
1827 2011-11-10 19:58:04 <Eliel> gmaxwell: is that another way of saying, that it doesn't help against forensics experts but does work against anyone without physical access?
1828 2011-11-10 19:58:24 <gmaxwell> the exact tool used for this 'attack' would work for this.
1829 2011-11-10 19:58:33 <gmaxwell> oh I guess not with redirected sectors.
1830 2011-11-10 19:58:48 <Eliel> gmaxwell: yes, that 5% is why this should be done with root account.
1831 2011-11-10 19:58:51 <wumpus> Eliel: there will be a few blocks left uncleared, and those may still contain private keys
1832 2011-11-10 19:59:12 AAA_awright__ is now known as AAA_awright
1833 2011-11-10 19:59:27 <Eliel> wumpus: few blocks left? how come?
1834 2011-11-10 19:59:57 <gmaxwell> because the FSs can't always find all free space. for example. Or they got left behind in metadata blocks that aren't zereoed.
1835 2011-11-10 20:00:06 <wumpus> well there is no guarantee that the fs will give you everything
1836 2011-11-10 20:00:28 <gmaxwell> Alsoâ keys that made it into swap.
1837 2011-11-10 20:00:32 <wumpus> but it might be no problem.. the probability of the private keys being exactly in the un-overwritten blocks is pretty small
1838 2011-11-10 20:00:53 <makomk> I've had a publicly-available tool that recovers Bitcoin private keys in the same way for ages, incidentally, and I seem to recall mentioning this when someone *first* realised this problem with wallet encryption existed.
1839 2011-11-10 20:00:57 <gmaxwell> but its the same kind of issue as here: you thought it was more secure than it wasâ is the risk.
1840 2011-11-10 20:01:41 <gmaxwell> makomk: there wasn't any "*first* realised" for the old data left on _disk_. We knew about that from day zero and decided that solving it was out of scope.
1841 2011-11-10 20:01:51 osmosis has joined
1842 2011-11-10 20:02:06 <gmaxwell> the issue that caused drama today is keys being left in the wallet, not just randomly in freespace on the disk.
1843 2011-11-10 20:02:33 <makomk> gmaxwell: ISTR someone pointing out this issue with old unencrypted copies of public keys being left *in the wallet file* prior to wallet encryption being released.
1844 2011-11-10 20:02:57 <wumpus> makomk: that issue has never been reported before
1845 2011-11-10 20:03:07 <gmaxwell> makomk: I think your recollection is incorrect. Either that or we had a process screwup, because I think everyone here regards that as a showstopper.
1846 2011-11-10 20:03:14 <makomk> One of the developers in IRC, as I recall?
1847 2011-11-10 20:04:31 <wumpus> this channel is logged so it should be possible to find that back if it was in this channel...
1848 2011-11-10 20:05:43 <makomk> My memory *might* be incorrect.
1849 2011-11-10 20:07:28 <makomk> Yeah, doesn't look like anyone did spot it at the time. Weird.
1850 2011-11-10 20:14:59 <etotheipi__> we need a PR coordinator... I can see how declaring a crisis in order to get people to fix their wallets might cause panic in the BTC community about the "insecurity of the network"
1851 2011-11-10 20:16:02 <etotheipi__> I think the public response/alert should be handled carefully
1852 2011-11-10 20:16:20 <gavinandresen> away for a bit... still testing compact() solution to see if it is robust....
1853 2011-11-10 20:19:48 <etotheipi__> well I just removed the details of the problem from my forum post: plenty of people read it already, but we don't need to exacerbate the situation by leaving the exploit up there
1854 2011-11-10 20:25:01 eueueu has quit (Quit: Page closed)
1855 2011-11-10 20:25:11 <luke-jr> maybe remove the code that searches for them from wherever it is?
1856 2011-11-10 20:25:22 <luke-jr> (after giving me a copy)
1857 2011-11-10 20:26:21 XMPPwocky has joined
1858 2011-11-10 20:26:30 <XMPPwocky> have you guys ever considered comments?
1859 2011-11-10 20:27:20 <etotheipi__> oh, good point luke... I'll butcher that file on github... though it won't really be gone
1860 2011-11-10 20:28:12 <sipa> resilver works
1861 2011-11-10 20:28:38 <wumpus> sipa: sweet
1862 2011-11-10 20:29:18 <gavinandresen> good, because the compact() solution is NOT robust.
1863 2011-11-10 20:29:32 <gavinandresen> (5 private keys left on another of my wallets)
1864 2011-11-10 20:29:45 <XMPPwocky> is there any documentation for the source?
1865 2011-11-10 20:29:51 <etotheipi__> luke, if you give me your email I'll send you the script
1866 2011-11-10 20:30:11 <etotheipi__> nm, I found it from the mailing list
1867 2011-11-10 20:30:43 <wumpus> XMPPwocky: the wiki has a lot of documentation
1868 2011-11-10 20:32:47 <luke-jr> etotheipi__: you can remove the history too
1869 2011-11-10 20:32:55 <XMPPwocky> more on the actual workings of the source, for example: what function gets called when I find a TX involving me?
1870 2011-11-10 20:33:15 PK has quit ()
1871 2011-11-10 20:33:17 <luke-jr> XMPPwocky: please feel free to document
1872 2011-11-10 20:33:39 <XMPPwocky> luke-jr: yeah, I'm thinking of just breaking out gdb and tracing it out to try to see how it works
1873 2011-11-10 20:34:02 <etotheipi__> do I want to remove the history? the information is already out there (because I didn't realize how serious this was), I figured I'll just make it harder to find it
1874 2011-11-10 20:34:09 <etotheipi__> I'm not a fan of destroying my history
1875 2011-11-10 20:34:19 <wumpus> etotheipi__: I don't think it matters
1876 2011-11-10 20:34:33 <wumpus> people that want to dig into history to find it will find it in some way
1877 2011-11-10 20:35:06 <luke-jr> etotheipi__: obviously keep a local copy :P
1878 2011-11-10 20:35:24 <wumpus> you've already cleaned it enough so that casual lookers will overlook it
1879 2011-11-10 20:35:31 copumpkin has quit (Ping timeout: 260 seconds)
1880 2011-11-10 20:36:16 copumpkin has joined
1881 2011-11-10 20:37:12 <gavinandresen> XMPPwocky: https://bitcointalk.org/index.php?topic=41718.0
1882 2011-11-10 20:38:08 <XMPPwocky> gavinandresen: ah, nice
1883 2011-11-10 20:39:10 <XMPPwocky> i'm trying to get some Python bindings into bitcoind (not RPC, actual bindings w/ boost::python, so it's a bit easier to hack)
1884 2011-11-10 20:40:25 <wumpus> you might want to do some googling, I believe it's been tried before (though I don't know how succesful)
1885 2011-11-10 20:41:20 <XMPPwocky> all I see are RPC wrappers
1886 2011-11-10 20:41:51 Rav3nSw0rd has quit (Read error: Connection reset by peer)
1887 2011-11-10 20:42:12 erus` has quit (Read error: Connection reset by peer)
1888 2011-11-10 20:42:25 Rav3nSw0rd has joined
1889 2011-11-10 20:42:39 <phantomcircuit> XMPPwocky, #bitcoinconsultancy ask for genjix
1890 2011-11-10 20:42:40 <XMPPwocky> whereas this'd call the actual guts directly, which would be handy for testing/debugging
1891 2011-11-10 20:43:02 erus` has joined
1892 2011-11-10 20:43:55 <XMPPwocky> phantomcircuit: ah, I'll look at that
1893 2011-11-10 20:44:41 enquirer has joined
1894 2011-11-10 20:45:30 freewil has quit (Ping timeout: 240 seconds)
1895 2011-11-10 20:45:45 <sipa> gavinandresen, etotheipi__, others: please review and test: https://github.com/sipa/bitcoin/commit/9a885ba718295ccf66b1fd90212574159c927fe6
1896 2011-11-10 20:47:07 freewil has joined
1897 2011-11-10 20:48:18 justmoon has quit (Ping timeout: 240 seconds)
1898 2011-11-10 20:49:57 <etotheipi__> unfortunately, I've never compiled the client, I imagine it could take me a while to try this out
1899 2011-11-10 20:50:30 <gmaxwell> sipa: is the error handling in the resilver adequate?
1900 2011-11-10 20:50:41 justmoon has joined
1901 2011-11-10 20:50:46 <gmaxwell> sipa: e.g. if there is a read error will it end up still deleting the original wallet?
1902 2011-11-10 20:51:12 <sipa> gmaxwell: i'm still adding some sanity tests
1903 2011-11-10 20:51:43 <sipa> gmaxwell: if anything goes wrong in the copy loop, the remove/rename shouldn't happen
1904 2011-11-10 20:52:05 <gmaxwell> In that commit or your intentions?
1905 2011-11-10 20:52:14 <luke-jr> sipa: you're setting fIsResilvered to true, BEFORE completing itâ¦
1906 2011-11-10 20:52:24 danbri has quit (Ping timeout: 258 seconds)
1907 2011-11-10 20:52:26 <luke-jr> what if it crashes without closing the file even?
1908 2011-11-10 20:52:37 <Diablo-D3> gmaxwell: hey guess what!
1909 2011-11-10 20:52:42 <luke-jr> it should resilver *on the spot* :P
1910 2011-11-10 20:52:45 <Diablo-D3> gmaxwell: I have a functioning wavelet codec!
1911 2011-11-10 20:52:48 <sipa> luke-jr: it can't
1912 2011-11-10 20:53:05 <sipa> it needs to wait for all handles to the wallet.dat file to close
1913 2011-11-10 20:53:19 <luke-jr> well, then only the close code should be setting the flag
1914 2011-11-10 20:53:20 <sipa> but you're right, it should not set fIsResilvered before that succeeded
1915 2011-11-10 20:53:37 <luke-jr> ideally, it should try to get it closed ASAP
1916 2011-11-10 20:53:46 <luke-jr> wait
1917 2011-11-10 20:53:51 <luke-jr> why does it need to wait for handles to close?
1918 2011-11-10 20:53:56 <luke-jr> it's using a separate db anyway
1919 2011-11-10 20:54:00 <gmaxwell> sipa: also, if possible it would be best to zeroize the old file before deletion if possible.
1920 2011-11-10 20:54:18 <sipa> luke-jr: many things will go wrong it the handle is still open, bdb doesn't like it
1921 2011-11-10 20:54:24 <gmaxwell> (_most_ file systems are actually cooperative, even though we can't count on that)
1922 2011-11-10 20:54:26 <luke-jr> sipa: it's a separate handleâ¦
1923 2011-11-10 20:54:42 <sipa> luke-jr: no, bitcoin only uses a single bdb handle for all access to the same file
1924 2011-11-10 20:54:55 <sipa> and even if not, all handles to that file need to be closed, according to the bdb doc
1925 2011-11-10 20:54:56 <gavinandresen> gmaxwell: isn't trying to zeroize the file just a false sense of security-- journaled filesystems may keep copies, etc....
1926 2011-11-10 20:55:42 p0s has joined
1927 2011-11-10 20:55:44 <gmaxwell> gavinandresen: don't tell the user it does it.
1928 2011-11-10 20:56:03 datagutt has quit (Quit: Computer has gone to sleep.)
1929 2011-11-10 20:56:15 <gmaxwell> gavinandresen: I'm not suggesting making it an advertised feature. Users should be told that the process leaves old keying material on disk.
1930 2011-11-10 20:56:59 <luke-jr> sipa: but we're dealing with a SEPARATE file
1931 2011-11-10 20:57:19 <gmaxwell> But on most systems (ext3/4 with only metadata journaling, NTFS, etc) it will actually work. (assuming the file hasn't been copied, there was no media relocations, etc)
1932 2011-11-10 20:57:23 Firefly007 has joined
1933 2011-11-10 20:58:07 <luke-jr> it should be random, not 0 :p
1934 2011-11-10 20:58:10 <sipa> luke-jr: eventually i need to close the old one, remove that one, and move the new one in its place
1935 2011-11-10 20:58:16 <gmaxwell> It will not do as expected on btrfs, ext3/4 with data journaling enabled, varrious log structured file systems.
1936 2011-11-10 20:58:18 <sipa> luke-jr: that cannot happen if there are handles open to the old file
1937 2011-11-10 20:58:19 <luke-jr> sipa: true
1938 2011-11-10 20:58:22 danbri has joined
1939 2011-11-10 20:58:32 <luke-jr> sipa: no need to remove it first tho-- just move the new one over it
1940 2011-11-10 20:58:42 <sipa> i don't think bdb can do that
1941 2011-11-10 20:58:56 <sipa> (really, i lost count how many segfaults i've seen while testing)
1942 2011-11-10 20:59:14 eueuue has joined
1943 2011-11-10 20:59:18 <sipa> the only way seems to just use all bdb interfaces, including for moving and deleting of db files
1944 2011-11-10 21:01:10 <gmaxwell> yuck. move the old file to wallet.deleteme and delete it on startup shutdown while bdb isn't running?
1945 2011-11-10 21:02:17 <sipa> i don't see what's the problem with using bdb's functions, if they're there
1946 2011-11-10 21:03:24 <gmaxwell> sipa: only that it probably just unlinks the file.. which is an unfortunate missed chance to clean up a real FS leak on most filesystems, if not all.
1947 2011-11-10 21:03:25 Snapman is now known as Snapman[afkers]
1948 2011-11-10 21:03:44 <sipa> good point
1949 2011-11-10 21:03:48 <sipa> i'll just move it
1950 2011-11-10 21:08:43 Snapman[afkers] is now known as Snapman
1951 2011-11-10 21:14:08 <gavinandresen> sipa: EncryptWallet should call CloseDB() directly, shouldn't it? Otherwise you might encrypt, call walletbackup, and get unlucky if CloseDB() wasn't called in between.
1952 2011-11-10 21:14:31 <gmaxwell> wallet backup should perhas check resilver status?
1953 2011-11-10 21:15:00 <sipa> gavinandresen: CloseDB() cannot be called if there are open handles
1954 2011-11-10 21:15:06 <gmaxwell> refuse to backup a non-resilvered encrypted wallet.. or perhaps backup should use resilvering, but with the replacement step skipped?
1955 2011-11-10 21:15:14 <gavinandresen> I thought CloseDB() loops until all handles are closed....
1956 2011-11-10 21:15:45 <sipa> gavinandresen: DBFlush() loops over all handles that are closed
1957 2011-11-10 21:15:48 <gavinandresen> (goes to look at the code again)
1958 2011-11-10 21:15:54 <sipa> and calls CloseDB for those that are
1959 2011-11-10 21:16:26 <gavinandresen> Ah, no, I was remembering what BackupWallet does.
1960 2011-11-10 21:17:00 <gavinandresen> Actually, couldn't resilver do what BackupWallet does? wait until it can get exclusive access?
1961 2011-11-10 21:17:11 <sipa> it could, yes
1962 2011-11-10 21:17:28 <gavinandresen> Seems like that would be most foolproof.
1963 2011-11-10 21:17:56 larsivi has quit (Ping timeout: 248 seconds)
1964 2011-11-10 21:18:23 <sipa> well, i intended to just write it at the shutdown loop
1965 2011-11-10 21:18:31 <sipa> then noticed it could as well be done when closing the file
1966 2011-11-10 21:19:22 <gavinandresen> If we can, it seems to me it is much better if the new wallet is completely encrypted and the old one completely gone before the encryptwallet RPC call or GUI returns.
1967 2011-11-10 21:21:15 <gavinandresen> (also naming nit: is "resilver" really a term used? I never heard it before today... I'd prefer "rewrite")
1968 2011-11-10 21:22:05 RazielZ has quit (Quit: Leaving)
1969 2011-11-10 21:22:09 <gmaxwell> gavinandresen: its a old and commonly used term for low level formatting, probably other contexts too.
1970 2011-11-10 21:24:38 <sipa> i know the word from ZFS
1971 2011-11-10 21:25:54 <gavinandresen> gmaxwell: ... then we should definitely use 'rewrite', because we aren't actually low-level formatting....
1972 2011-11-10 21:26:18 agricocb has joined
1973 2011-11-10 21:28:05 <gmaxwell> I didn't mean to suggest that I actually had a preference about what a user-invisible function name is for some user invisible functionality.
1974 2011-11-10 21:29:07 <sipa> it's visible if they use "strings wallet.dat"
1975 2011-11-10 21:29:53 imsagod is now known as imsaguy
1976 2011-11-10 21:34:52 chrisb__ has joined
1977 2011-11-10 21:35:27 Fireball has joined
1978 2011-11-10 21:35:28 Fireball has quit (Changing host)
1979 2011-11-10 21:35:28 Fireball has joined
1980 2011-11-10 21:35:44 abragin has quit (Ping timeout: 258 seconds)
1981 2011-11-10 21:35:55 Fireball has quit (Read error: No route to host)
1982 2011-11-10 21:37:43 abragin has joined
1983 2011-11-10 21:38:25 Firefly007 has quit (Ping timeout: 240 seconds)
1984 2011-11-10 21:40:06 kykti has quit (Ping timeout: 265 seconds)
1985 2011-11-10 21:48:07 <sipa> gmaxwell, luke-jr, gavinandresen: new version: https://github.com/sipa/bitcoin/commit/b8b948375800328387d2c803707416601d82d963
1986 2011-11-10 21:48:58 <sipa> zeroing the file is for later
1987 2011-11-10 21:49:46 <CIA-89> bitcoin: Luke Dashjr free_icons * rd2e21a9d746b bitcoind-personal/doc/assets-attribution.txt: update doc/assets-attribution.txt
1988 2011-11-10 21:50:22 <gavinandresen> sipa: looks good on first glance. Add to the "for later" list: move all the keypool keys to the 'used' pile
1989 2011-11-10 21:50:39 <sipa> good idea; that's very easy
1990 2011-11-10 21:50:43 topace has quit (Ping timeout: 260 seconds)
1991 2011-11-10 21:51:08 <gmaxwell> Yea, thats so easy .. really ought to just do it. That would actually completely close the leak on brand new wallets.
1992 2011-11-10 21:51:30 <gmaxwell> e.g. open bitcoin... keypool fills.. encrypt.. kp is marked used.. getnewaddress -> address born encrypted.
1993 2011-11-10 21:52:11 <gmaxwell> sipa: you'll need to make sure that the encrypt process runs the keypool refill before the key is forgotten if it doesn't already.
1994 2011-11-10 21:52:13 <gavinandresen> I'm writing up the "it's broken, here's how to recover" document and invalidating the keypool makes that much easier, too (just send all bitcoins to yourself)
1995 2011-11-10 21:52:49 <gmaxwell> gavinandresen: take care not to cause people to not use encryption. at worse this is still not better than no encryption at all.
1996 2011-11-10 21:52:50 <sipa> gavinandresen: "before the key is forgotten" ?
1997 2011-11-10 21:53:16 <gmaxwell> sipa: IIRC encryptwallet doesn't leave the wallet unlocked.
1998 2011-11-10 21:53:30 <sipa> oh, right, indeed
1999 2011-11-10 21:55:10 <gavinandresen> gmaxwell: first draft of announcement text: https://gist.github.com/1356327
2000 2011-11-10 21:56:23 <sipa> btw: resilvering made my fresh wallet.dat made it go from 90kB to 45kB
2001 2011-11-10 21:56:52 amiller has quit (Ping timeout: 248 seconds)
2002 2011-11-10 21:57:22 <gavinandresen> ... yeah, I've stashed a change to call compact() in WalletBackup() so wallet backups are smaller, too....
2003 2011-11-10 21:57:30 <gmaxwell> sipa: I wonder if that would fix some of the other bdb bloat. (e.g. 70mbyte addr.dat)
2004 2011-11-10 21:57:48 <ThomasV> heh, this might cause an increase of activity
2005 2011-11-10 21:58:18 <gmaxwell> (this being resilvering or just compact() calls)
2006 2011-11-10 21:59:18 <gmaxwell> gavinandresen: seems fair enough.
2007 2011-11-10 22:01:11 <gavinandresen> Prediction: somebody with 0.01 bitcoins in their wallet complains about paying a fee to keep their encrypted 0.01 BTC safe from theft....
2008 2011-11-10 22:02:12 <sipa> Answer: don't worry, an attacker will also have to pay that fee :p
2009 2011-11-10 22:02:12 * helo looks at the 0.01 in his wallet and whistles
2010 2011-11-10 22:03:42 eastender has quit (Ping timeout: 260 seconds)
2011 2011-11-10 22:03:49 bodom has quit (Read error: Connection reset by peer)
2012 2011-11-10 22:05:31 Beremat has joined
2013 2011-11-10 22:09:54 abragin has quit ()
2014 2011-11-10 22:12:43 tower has quit (Quit: | ReactOS - The FOSS alternative to MS Windows! | http://www.reactos.org/ | join #ReactOS |)
2015 2011-11-10 22:14:50 zapnap has quit (Remote host closed the connection)
2016 2011-11-10 22:18:33 tower has joined
2017 2011-11-10 22:20:50 Titanium has quit ()
2018 2011-11-10 22:23:24 Kristal has quit (Ping timeout: 276 seconds)
2019 2011-11-10 22:31:18 eueuue has quit (Quit: Page closed)
2020 2011-11-10 22:38:07 Sedra- has joined
2021 2011-11-10 22:39:20 <ThomasV> who is piuk?
2022 2011-11-10 22:39:33 <ThomasV> I mean, is he on irc?
2023 2011-11-10 22:40:04 Sedra has quit (Ping timeout: 248 seconds)
2024 2011-11-10 22:42:55 eastender has joined
2025 2011-11-10 22:44:34 <nanotube> ;;seen piuk
2026 2011-11-10 22:44:34 <gribble> piuk was last seen in #bitcoin-dev 8 weeks, 3 days, 9 hours, 6 minutes, and 49 seconds ago: <piuk> ok, thanks, that should be clarified on the wiki page
2027 2011-11-10 22:44:41 <nanotube> heh, dunno if that's him, but maybe.
2028 2011-11-10 22:52:51 denisx has joined
2029 2011-11-10 22:54:59 agricocb has quit (Quit: Leaving.)
2030 2011-11-10 22:57:27 enquirer has quit (Quit: back soon)
2031 2011-11-10 22:59:54 eoss has joined
2032 2011-11-10 22:59:54 eoss has quit (Changing host)
2033 2011-11-10 22:59:54 eoss has joined
2034 2011-11-10 23:04:26 jackmcbarn has quit (Ping timeout: 240 seconds)
2035 2011-11-10 23:04:56 Beremat has quit (Read error: Connection reset by peer)
2036 2011-11-10 23:08:32 b4epoche_ has joined
2037 2011-11-10 23:08:48 AStove has quit ()
2038 2011-11-10 23:12:24 ThomasV has quit (Ping timeout: 260 seconds)
2039 2011-11-10 23:14:59 eastender has quit (Quit: Nettalk6 - www.ntalk.de)
2040 2011-11-10 23:18:17 Sedra has joined
2041 2011-11-10 23:19:12 agricocb has joined
2042 2011-11-10 23:19:25 gwillen has quit (Remote host closed the connection)
2043 2011-11-10 23:19:57 gwillen has joined
2044 2011-11-10 23:19:58 gwillen has quit (Changing host)
2045 2011-11-10 23:19:58 gwillen has joined
2046 2011-11-10 23:20:58 erle- has quit (Quit: erle-)
2047 2011-11-10 23:21:19 Sedra- has quit (Ping timeout: 256 seconds)
2048 2011-11-10 23:23:40 <Diablo-D3> gaming.icrontic.com/news/steam-user-database-compromised/
2049 2011-11-10 23:23:43 gjs278 has joined
2050 2011-11-10 23:28:54 <copumpkin> "While there is no evidence that passwords and credit card information have been compromised, with the state of encryption cracking, it should only be a matter of time (and horsepower). "
2051 2011-11-10 23:28:55 <copumpkin> wtf
2052 2011-11-10 23:29:03 <upb> lol
2053 2011-11-10 23:29:17 denisx has quit (Remote host closed the connection)
2054 2011-11-10 23:29:25 denisx has joined
2055 2011-11-10 23:29:26 <Diablo-D3> copumpkin: yes, diablominer can break credit cards too.
2056 2011-11-10 23:29:32 <copumpkin> oh sweet
2057 2011-11-10 23:29:41 <Diablo-D3> You idiot.
2058 2011-11-10 23:29:42 <copumpkin> Diablo-D3: so it can basically mine USD too
2059 2011-11-10 23:30:00 <Diablo-D3> IT CAN MINE FOR FISH.
2060 2011-11-10 23:30:06 <copumpkin> man, I'm gonna make plenty of money
2061 2011-11-10 23:30:08 <copumpkin> miney?
2062 2011-11-10 23:30:18 <Diablo-D3> fannels!
2063 2011-11-10 23:30:44 sacarlson has quit (Ping timeout: 248 seconds)
2064 2011-11-10 23:31:13 osmosis has quit (Quit: Leaving)
2065 2011-11-10 23:32:08 KicStart42 has left ()
2066 2011-11-10 23:33:29 rdponticelli has quit (Read error: Connection reset by peer)
2067 2011-11-10 23:39:56 wolfspraul has quit (Ping timeout: 255 seconds)
2068 2011-11-10 23:40:55 copumpkin is now known as shylock
2069 2011-11-10 23:40:58 p0s has quit (Remote host closed the connection)
2070 2011-11-10 23:41:05 shylock is now known as copumpkin
2071 2011-11-10 23:44:45 sacarlson has joined
2072 2011-11-10 23:53:04 marf_away has joined
2073 2011-11-10 23:53:23 iocor has joined
2074 2011-11-10 23:54:38 <D0han> 'encrypted credit card information'
2075 2011-11-10 23:54:47 <D0han> i wonder HOW it was encrypted
2076 2011-11-10 23:54:59 traviscj has joined
2077 2011-11-10 23:55:08 <D0han> like aes with password as key?
2078 2011-11-10 23:55:16 <D0han> rot13? ;d
2079 2011-11-10 23:57:31 amiller has joined