1 2014-12-25 00:00:45 cbeams has joined
  2 2014-12-25 00:03:07 Dizzle has quit (Remote host closed the connection)
  3 2014-12-25 00:07:12 <tsutsu> gmaxwell: if you don’t lose that state in the first place, it’d be fine, though—not likely in C, but I’d imagine you’d be able to pull it off in e.g. an erlang bitcoind
  4 2014-12-25 00:07:54 <gmaxwell> tsutsu: that defeats the purpose of restarting
  5 2014-12-25 00:08:13 <tsutsu> gmaxwell: we’re talking about loading a new bitcoind executable (upgrading), not restarting
  6 2014-12-25 00:08:15 <gmaxwell> we absolutely would not accept changes that created pressure against changing state in the software.
  7 2014-12-25 00:09:21 <gmaxwell> tsutsu: yes, but there will never be an upgrade which doesn't add or change fields; nor would we accept the complexity of trying to migrate them, or the matrix testing burden of all possible paths in all possible states that might leave the daemon in a latent network fork creating corrupted state.
  8 2014-12-25 00:10:07 <gmaxwell> (Having worked before on commercial products that did live updates like that, I'm comfortable in saying that no one who hasn't already done it has any idea how hard it is)
  9 2014-12-25 00:10:16 cbeams has quit (Ping timeout: 264 seconds)
 10 2014-12-25 00:12:00 <gmaxwell> in any case, bitcoin is not a telephone switch or a DFZ internet router; so I was asking for the motivation before you decided to try debating me on the technical minutia.
 11 2014-12-25 00:12:15 <tsutsu> gmaxwell: eh, that’s just due to the way bitcoind is currently implemented, as the implicit instantiation of a rules engine at a point in time—it could (not easily, but could) be refactored into something that keeps multiple rules engines going against an event stream, and then an upgrade just adds a rules engine. it’s how e.g. server-side mediation of starcraft ii matches works
 12 2014-12-25 00:12:40 <sipa> i have no idea how hard it would be, bit it seems near impossible (how do you even map old datastructures to new ones, if they can have changed; at least you need implicit serialization of every piece of data, but even then - just what state is used changes from version to version)
 13 2014-12-25 00:13:30 Namworld has joined
 14 2014-12-25 00:13:41 <tsutsu> in other words, the client keeps talking the old protocol to the old peers, and starts talking the new protocol to the new peers, and offers to protocol upgrade to the old peers if there is such a command in the protocol, which the other peers accept if they themselves have already upgraded and are just waiting on you
 15 2014-12-25 00:14:01 vmatekole has joined
 16 2014-12-25 00:14:15 <gmaxwell> sipa: there are a couple different approaches, all are pretty awful. For example you can have evert state object know how to deseralize and seralize itself into a backwards/forward compatible object.
 17 2014-12-25 00:14:35 <sipa> gmaxwell: even then... just which pieces of data are kept changes
 18 2014-12-25 00:14:48 <gmaxwell> sipa: Or you can log all messages that cause state transaitions and replay. them.
 19 2014-12-25 00:15:01 <gmaxwell> sipa: yep. and you need to handle missing data on any newly introduced fields.
 20 2014-12-25 00:15:25 <sipa> tsutsu: are you now talking about software updates, or protocol changes?
 21 2014-12-25 00:15:40 <sipa> but the latter is pretty much how it already works: clients negotiate the latest version they both know
 22 2014-12-25 00:16:45 <gmaxwell> tsutsu: again, none of this makes any sense for bitcoind, you're not stating a motivation. Just because something can (with great effort and overhead) be done, doesn't mean it should be done.
 23 2014-12-25 00:18:12 <tsutsu> gmaxwell: I never said it *should* be done, I said it would solve the specific problem of enabling seamless in-place upgrades without losing long-lived connections—obviously this isn’t a necessary part of the bitcoin protocol as it stands
 24 2014-12-25 00:18:35 <gmaxwell> tsutsu: what _problem_?
 25 2014-12-25 00:19:04 <sipa> the problem seems to be "upgrades reset connections"; it's a very minor inconvenience at most
 26 2014-12-25 00:19:08 <gmaxwell> Thats not a problem. A problem is a stament like  "I'm running this software and it ends up on an incorrect chain, and people use that to rip me off and I lose money"
 27 2014-12-25 00:19:31 <sipa> the only thing for which long-lived connections mattered was synchronization up to 0.9.x, as resets tended to confuse the process
 28 2014-12-25 00:19:33 <gmaxwell> or "Foo happens and then I need to wait 20 minutes before it's safe to swim, and I like swimming."
 29 2014-12-25 00:20:15 <tsutsu> eh, I guess my mind is full of a related-but-not-quite problem to proof-of-work (proof-of-generational-survival-within-consensus-group)
 30 2014-12-25 00:20:52 <tsutsu> for which it is a real problem
 31 2014-12-25 00:21:39 Apexseals has quit ()
 32 2014-12-25 00:23:02 nelisky has joined
 33 2014-12-25 00:23:34 LightRider has joined
 34 2014-12-25 00:32:02 nelisky has quit (Quit: nelisky)
 35 2014-12-25 00:32:05 <Luke-Jr> tsutsu: FWIW, preserving state is easier in C than most languages (at least on non-Windows)
 36 2014-12-25 00:33:05 <sipa> irssi does it
 37 2014-12-25 00:33:28 <gmaxwell> Luke-Jr: the reason he mentioned erlang is because there are specific facilities for non-stop system upgrades in the language and runtime.
 38 2014-12-25 00:33:35 <gmaxwell> (doesn't mean it's not a suicide wish...)
 39 2014-12-25 00:33:45 nelisky has joined
 40 2014-12-25 00:33:48 <ers35> My use case is to quickly test networking related changes without having to wait for peers to reconnect.
 41 2014-12-25 00:34:26 <Luke-Jr> ers35: you know, you can use -addnode for outbound connections..
 42 2014-12-25 00:34:51 <gmaxwell> ers35: such as?
 43 2014-12-25 00:34:52 jtimon has quit (Ping timeout: 264 seconds)
 44 2014-12-25 00:35:09 <sipa> there's even an RPC for addnode afaik
 45 2014-12-25 00:35:09 <gmaxwell> (what kinds of changes are you interested in testing where this is a concern?)
 46 2014-12-25 00:36:42 stevedekorte has joined
 47 2014-12-25 00:37:54 tlrobinson has quit (Quit: tlrobinson)
 48 2014-12-25 00:39:45 <ers35> If my node has amassed many inbound connections and I am benchmarking or stress testing the networking code, I can swap out different versions and compare them. However, perhaps a dedicated testing environment on testnet with connections I control make more sense.
 49 2014-12-25 00:40:04 <sipa> sounds like it, yes :)
 50 2014-12-25 00:41:25 tlrobinson has joined
 51 2014-12-25 00:42:36 Jokosh has quit (Remote host closed the connection)
 52 2014-12-25 00:42:38 tlrobinson has quit (Client Quit)
 53 2014-12-25 00:43:13 <gmaxwell> hard to do any kind of benchmarking without a controlled enviroment. :)
 54 2014-12-25 00:49:54 JackH has quit (Ping timeout: 240 seconds)
 55 2014-12-25 00:55:08 contrapumpkin has quit (Ping timeout: 240 seconds)
 56 2014-12-25 00:56:54 GM0127 has joined
 57 2014-12-25 01:02:10 GM0127 has quit (Quit: Leaving)
 58 2014-12-25 01:04:00 Dizzle has joined
 59 2014-12-25 01:08:26 Dizzle has quit (Ping timeout: 252 seconds)
 60 2014-12-25 01:16:42 arubi has joined
 61 2014-12-25 01:17:11 tlrobinson has joined
 62 2014-12-25 01:17:29 aburan28 has joined
 63 2014-12-25 01:17:56 aburan28 has quit (Client Quit)
 64 2014-12-25 01:18:11 aburan28 has joined
 65 2014-12-25 01:24:00 arubi has quit (Quit: Leaving)
 66 2014-12-25 01:24:07 arubi_ has joined
 67 2014-12-25 01:27:08 moleccc has joined
 68 2014-12-25 01:28:14 arubi_ is now known as arubi
 69 2014-12-25 01:30:04 molec has quit (Ping timeout: 252 seconds)
 70 2014-12-25 01:34:12 Namworld has quit (Ping timeout: 256 seconds)
 71 2014-12-25 01:34:12 saracen has quit (Read error: Connection reset by peer)
 72 2014-12-25 01:34:32 saracen has joined
 73 2014-12-25 01:39:54 Blackreign has quit ()
 74 2014-12-25 01:41:01 Cryo has joined
 75 2014-12-25 01:49:49 t7 has joined
 76 2014-12-25 01:59:24 shesek has quit (Ping timeout: 252 seconds)
 77 2014-12-25 02:02:00 t7 has quit (Remote host closed the connection)
 78 2014-12-25 02:05:02 bedeho has joined
 79 2014-12-25 02:15:35 <gmaxwell> uhh
 80 2014-12-25 02:17:18 <gmaxwell> so I have a transaction in my mempool that has hundreds of inputs, each with a signature... getblocktemplate on one of my 0.10rc test nodes is reporting             "sigops" : 1
 81 2014-12-25 02:17:40 <sipa> uh-oh
 82 2014-12-25 02:17:42 <gmaxwell> is there some strange alternative meaning of sigops that I'm not aware of or is something busted?
 83 2014-12-25 02:18:03 Raziel has quit (Ping timeout: 258 seconds)
 84 2014-12-25 02:22:15 <sipa> no, and i don't see how it could fail
 85 2014-12-25 02:22:25 <sipa> it iterates over all inputs
 86 2014-12-25 02:22:41 <gmaxwell> I don't see it either. Want a copy of the transaction? It's too low prior to relay well so you don't likely have it.
 87 2014-12-25 02:25:05 Quanttek has quit (Ping timeout: 250 seconds)
 88 2014-12-25 02:26:28 bedeho has quit (Ping timeout: 264 seconds)
 89 2014-12-25 02:28:44 <gmaxwell> seems consistently wrong on this node. I don't see how, but I'm absolutely sure that its wrong.
 90 2014-12-25 02:28:46 <sipa> i have one too
 91 2014-12-25 02:29:03 <sipa> 2d128b14a7d46e670aa115c264c86a12cc5094c0e8e1b62e6048c538ed163cb2
 92 2014-12-25 02:29:21 <sipa> wait
 93 2014-12-25 02:29:34 <sipa> we don't count sigops in inputs, only in outputs and redeemscripts
 94 2014-12-25 02:30:13 <gmaxwell> oh.
 95 2014-12-25 02:31:11 <gmaxwell> well nevermind then.
 96 2014-12-25 02:33:08 Dr-G2 has joined
 97 2014-12-25 02:34:27 stevedekorte has quit (Quit: stevedekorte)
 98 2014-12-25 02:36:16 Dr-G3 has quit (Ping timeout: 250 seconds)
 99 2014-12-25 02:36:23 <phantomcircuit> sipa, what's the logic behind that?
100 2014-12-25 02:36:51 <sipa> iirc, it was just easier in pre-0.8 validation logic, because the sigop count was checked before actually fetching inputs
101 2014-12-25 02:37:24 <sipa> for p2sh, they're tested at spending time, and non-p2sh is pretty limited due to standardness rules
102 2014-12-25 02:37:34 <sipa> ... but changing this is a softfork
103 2014-12-25 02:38:47 <gmaxwell> It's just pure braindamage, ignoring p2sh, it checks precisely everything that doesn't matter. I knew it included a bunch of things that didn't matter, I think I either didn't know or had forgotten that it also excluded the one thing that mattered.
104 2014-12-25 02:39:42 <sipa> specifially, it includes coinbase inputs
105 2014-12-25 02:39:52 <sipa> well, it counts inputs + outputs, but inputs typically don't contains sigops
106 2014-12-25 02:40:32 <gmaxwell> in the case of a coinbase the input isn't even an input, and a checksig there would never get executed, which is kinda loopy but at least consistent.
107 2014-12-25 02:41:19 <gmaxwell> outputs are pointless to count because they aren't run and may not even be runnable ever.   What counts is scriptSigs (which usually don't have any) and scriptPubkeys that are being spent.
108 2014-12-25 02:43:04 <petertodd> gmaxwell: heh, that's my goto example when people suggest we need more ability to do static analysis on scripts in Bitcoin - tried that and wounded up with something truly braindamaged
109 2014-12-25 02:43:12 <petertodd> *wound up
110 2014-12-25 02:43:20 swappermall has joined
111 2014-12-25 02:44:25 <petertodd> note how my "accept any sequence of pushdata's in op-return outputs" has to be phrased as pushdata's only, rather than opcodes, due to scriptPubKeys having their sigops counted: https://github.com/bitcoin/bitcoin/pull/5079
112 2014-12-25 02:45:08 <petertodd> right now we allow the bizzare scriptPubKey: OP_RETURN OP_CHECKMULTISIG due to a bug, which is 20 sigops for only 11 bytes marginal cost
113 2014-12-25 02:45:57 <gmaxwell> petertodd: yea, sure I knew about the stupid txout scriptubkey counting, which is annoying and dumb, and makes for fun examples of weird effects.
114 2014-12-25 02:46:08 aburan28 has quit (Ping timeout: 244 seconds)
115 2014-12-25 02:47:34 <gmaxwell> searching around I don't think anyone previously knew or expressed the view that the sigops limit was totally pointless.
116 2014-12-25 02:47:57 Apexseals has joined
117 2014-12-25 02:49:05 <petertodd> personally I wonder if it's really worth it, given that resources needed to do any of the sigop-counted operations aren't that much unlike the resources needed to process that byte when you take into account networking overheads
118 2014-12-25 02:49:35 <sipa> well we are limited to 20 sigops per...
119 2014-12-25 02:49:41 <sipa> byte?
120 2014-12-25 02:49:46 <petertodd> sipa: exactly
121 2014-12-25 02:49:52 <sipa> that's still painful
122 2014-12-25 02:50:00 <gmaxwell> petertodd: well it's not worth it at all because its completely ineffectual in any case.
123 2014-12-25 02:50:26 <petertodd> gmaxwell: I'm assuming a decent sigops design BTW
124 2014-12-25 02:50:42 <sipa> that means 5 kilobyte per second with libsecp256k1 on a modern CPU...
125 2014-12-25 02:51:07 <petertodd> sipa: ?
126 2014-12-25 02:51:21 <sipa> 5kb of checkmultisig = 100k sigops
127 2014-12-25 02:51:36 <sipa> wait, that's counted sigops, not executed
128 2014-12-25 02:51:50 <gmaxwell> petertodd: say your signature verification operations take 1ms (true on slow cpus), that means a limitation of 1000 verifies per second.  Now you can 2dup and get close to one true sigup per two bytes.
129 2014-12-25 02:51:54 <sipa> to execute them you need at least some inputs, and 1-of-20
130 2014-12-25 02:52:08 BCB has quit (Ping timeout: 246 seconds)
131 2014-12-25 02:52:26 <gmaxwell> so that would suggest then a bandwidth equivlence of 2000 bytes per second. I think that most hosts have more than 2kb/s in bandwidth.
132 2014-12-25 02:53:01 <sipa> it's not hard to add an extra standardness rule that does accurate sigop counting
133 2014-12-25 02:53:02 Dizzle has joined
134 2014-12-25 02:53:14 <gmaxwell> yea, so I don't agree that users would hit bandwidth limits before cpu ones, alas.
135 2014-12-25 02:54:28 <gmaxwell> okay, that pattern would need drops, so it would be three bytes actually, still 3KB/s is not much bandwidth.
136 2014-12-25 02:55:03 <petertodd> gmaxwell: oh, I thought sig verification was more like 0.1ms on a slow cpu... didn't know it was that bad
137 2014-12-25 02:55:33 <gmaxwell> now on a state of the art cpu with fastest ecdsa code we have, it would still only be on the order of 1.6mbit/sec.
138 2014-12-25 02:55:51 <petertodd> which on 1MB blocks isn't bad at all
139 2014-12-25 02:55:52 <sipa> openssl takes 600us on my reference system (2.6 Ghz modern i7)
140 2014-12-25 02:56:15 <sipa> libsecp256k1 is now close to 70us iirc
141 2014-12-25 02:56:23 <sipa> (with endomorphism and gmp)
142 2014-12-25 02:56:31 <petertodd> sipa: yeah, that might be where I was remembering 100us
143 2014-12-25 02:57:24 Dizzle has quit (Ping timeout: 240 seconds)
144 2014-12-25 02:57:47 <petertodd> sigops might also be better done as a per-script limit, so we don't have the relatively complex optimization problem at the block creation level
145 2014-12-25 02:57:48 <sipa> but on x86 it's much more
146 2014-12-25 02:58:17 <gmaxwell> petertodd: it certantly is annoying to have per block limits when you want to do fractional verification.
147 2014-12-25 02:58:48 <gmaxwell> petertodd: but unless you can get away with making the limit very low (e.g. 20) I'm not sure that it doesn't make sense to pool it.
148 2014-12-25 02:59:03 <gmaxwell> E.g. if someone were thinking about having other expensive operations that have a cost other than their size.
149 2014-12-25 02:59:06 <petertodd> note how you could soft-fork a change to make the limit be per-script by just ensuring you were just under the average
150 2014-12-25 02:59:55 <sipa> at least make it a limit below MAX_SIGOPS_PER_BLOCK / MAX_BLOCK_SIZE * transaction_byte_size
151 2014-12-25 03:00:02 <petertodd> sipa: exactly
152 2014-12-25 03:00:08 <gmaxwell> probably in terms of sane network rules the best thing would be to have a single per block limit, that is some metric that includes all 'costs' for a transaction.
153 2014-12-25 03:00:29 <petertodd> IIRC that's basically ethereums idea
154 2014-12-25 03:01:18 <sipa> let's just switch to schnorr sigs, and merge all signatures of a transaction into one
155 2014-12-25 03:01:22 <gmaxwell> since you really really do at least want a size-like limit. and once you're taking one annoying global limit, you might as well get all the costs in it.
156 2014-12-25 03:01:23 <sipa> Fixed that for you.
157 2014-12-25 03:01:45 <sipa> sorry, all signatures of an input; not all signers necessarily trust eachother
158 2014-12-25 03:02:08 <gmaxwell> sipa: you can still coinjoin single witness per transaction.
159 2014-12-25 03:02:16 <gmaxwell> (thats why multisignature works)
160 2014-12-25 03:02:32 benrcole has quit (Quit: Leaving.)
161 2014-12-25 03:02:34 <petertodd> sipa: reminds me, can schnorr sigs after the fact prove who signed? (I mean, optionally?)
162 2014-12-25 03:02:38 <gmaxwell> what you can't do is join things with different scripthash flags.
163 2014-12-25 03:03:04 <petertodd> sipa: in talking to businesses about multisig something that keeps coming up is people really want accountability as to *what* keys signed something
164 2014-12-25 03:03:29 <sipa> if everyone reveals their key, i guess
165 2014-12-25 03:03:37 <sipa> petertodd: note that it can only do m-of-m
166 2014-12-25 03:03:42 <petertodd> sipa: right, which isn't good enough
167 2014-12-25 03:03:55 <petertodd> sipa: oh, then m-of-m is fine - everyone must have signed :)
168 2014-12-25 03:03:58 <sipa> yes
169 2014-12-25 03:04:02 <petertodd> sipa: only m-of-n is interesting there
170 2014-12-25 03:04:28 <gmaxwell> petertodd: we came up with a way of making m of n efficiently out of m of m.
171 2014-12-25 03:04:33 <sipa> petertodd: an idea for a script 2.0 is have opcodes that just "push" which pubkeys should have signed, but have the signature itself separately
172 2014-12-25 03:04:38 <gmaxwell> and yes, you'd know who signed.
173 2014-12-25 03:04:57 <petertodd> gmaxwell: oh neat
174 2014-12-25 03:04:59 <gmaxwell> it doesn't save the transaction from revealing the pubkeys that were involved.
175 2014-12-25 03:05:18 <sipa> but it only costs one sig space, and one verification
176 2014-12-25 03:05:34 <petertodd> sipa: right, so it's basically pushing to a global signature register?
177 2014-12-25 03:05:42 <sipa> petertodd: pubkey register
178 2014-12-25 03:05:47 <petertodd> sipa: right
179 2014-12-25 03:05:53 <sipa> the signature is verified afterwards with the resulting pubkey
180 2014-12-25 03:06:04 <sipa> and yes, it needs one register per sighash flag
181 2014-12-25 03:06:17 <sipa> or per message being signed, rather
182 2014-12-25 03:06:18 <gmaxwell> basically the txn computes the effective m of m pubkey for the active signers on the fly (or reveals it in a hash tree),  and then it has only one signature. (or at least only one signature per unique message being signed, flags would cause you to need more)
183 2014-12-25 03:06:22 <petertodd> sipa: you mean, per message
184 2014-12-25 03:06:26 <sipa> yup
185 2014-12-25 03:06:44 <petertodd> sipa: which could be interesting, as being able to sign arbitrary messages keeps coming up over and over again...
186 2014-12-25 03:06:55 <sipa> note that you can still do for example a (100-of-100 OR 1-of-2), and merge the whole 100-of-100 into a 1-of-1
187 2014-12-25 03:07:27 <sipa> so the optimization can be inside the script level or outside of it
188 2014-12-25 03:07:34 Burrito has quit (Quit: Leaving)
189 2014-12-25 03:08:06 <petertodd> gmaxwell: makes sense - the revealing is *not* zero-knowledge from the point of view of what's in blockchain data correct?
190 2014-12-25 03:09:06 <gmaxwell> petertodd: yea, the blockchain learns who the signers are in this case.   (though there is an interactive protocol with interactive to do m of n schnorr which is actually ZK about who signed)
191 2014-12-25 03:09:14 <gmaxwell> er with interactive setup.
192 2014-12-25 03:09:38 <gmaxwell> what pieter and I are talking about has no setup and only one-pass signing instead of a multi-round interaction.
193 2014-12-25 03:10:15 <sipa> but larger data size (though nearly constant verification cost)
194 2014-12-25 03:10:21 <petertodd> gmaxwell: good - again, businesses are worried that in the event of a hack they won't be able to know for sure which keys were compromised - boring anti-privacy auditing requirement :)
195 2014-12-25 03:10:57 <sipa> btw, does ed25519 allow any such constructs?
196 2014-12-25 03:11:03 <gmaxwell> petertodd: sure sure. I can give you non-zk which is log() scaling on pubkeys, and O(1) on the signature itself and you know exactly what set of keys signed.
197 2014-12-25 03:11:17 <sipa> i guess schnorr over the ed25519 curve would work
198 2014-12-25 03:11:23 <gmaxwell> sipa: not unless you strip out the determinstic nonce and privkey high bit set requirement.
199 2014-12-25 03:11:28 <gmaxwell> right, the curve is fine.
200 2014-12-25 03:11:30 <gmaxwell> The rest is not.
201 2014-12-25 03:12:15 Tiraspol has quit (Ping timeout: 245 seconds)
202 2014-12-25 03:12:20 <gmaxwell> the curve having a cofactor might compromise the ZKness of the ZK approaches if someone intentionally generated a key in a different subgroup, I'd have to contemplate that.
203 2014-12-25 03:12:41 <sipa> when using 32-bit code, libsecp256k1 here takes 483us per verification at best
204 2014-12-25 03:13:05 <sipa> (still better than ~1200us for OpenSSL)
205 2014-12-25 03:18:41 Tiraspol has joined
206 2014-12-25 03:18:41 Tiraspol has quit (Changing host)
207 2014-12-25 03:18:41 Tiraspol has joined
208 2014-12-25 03:22:32 <phantomcircuit> wat
209 2014-12-25 03:22:37 <phantomcircuit> ghash had an orphan block
210 2014-12-25 03:22:42 <petertodd> ha
211 2014-12-25 03:25:36 hashtag_ has quit (Ping timeout: 244 seconds)
212 2014-12-25 03:27:49 belcher has quit (Quit: Leaving)
213 2014-12-25 03:36:29 aburan28 has joined
214 2014-12-25 03:38:14 Aquent has quit (Ping timeout: 250 seconds)
215 2014-12-25 03:44:54 Aquent has joined
216 2014-12-25 03:50:36 NewLiberty has joined
217 2014-12-25 03:57:46 <brand0> lelz @ ghash
218 2014-12-25 04:01:48 clarinet has joined
219 2014-12-25 04:03:44 Dizzle has joined
220 2014-12-25 04:07:58 Dizzle has quit (Ping timeout: 244 seconds)
221 2014-12-25 04:09:50 kadoban has quit (Ping timeout: 244 seconds)
222 2014-12-25 04:18:51 antizionist__ has quit (Quit: Connection closed for inactivity)
223 2014-12-25 04:24:10 aburan28 has quit (Ping timeout: 258 seconds)
224 2014-12-25 04:24:10 dgenr8 has quit (Ping timeout: 258 seconds)
225 2014-12-25 04:24:51 dgenr8 has joined
226 2014-12-25 04:30:18 TheSeven has quit (Ping timeout: 272 seconds)
227 2014-12-25 04:31:39 TheSeven has joined
228 2014-12-25 04:31:41 DigiByteDev has joined
229 2014-12-25 04:33:19 hanti is now known as HANTI
230 2014-12-25 04:45:36 berndj has quit (Quit: ZNC - http://znc.in)
231 2014-12-25 04:49:50 Guest89624 has joined
232 2014-12-25 04:52:37 Dizzle has joined
233 2014-12-25 04:56:11 copumpkin has joined
234 2014-12-25 04:58:46 Guest89624 has quit (Quit: ZNC - http://znc.in)
235 2014-12-25 05:10:24 ericmuyser has quit (Remote host closed the connection)
236 2014-12-25 05:11:00 hashtagg has quit (Ping timeout: 244 seconds)
237 2014-12-25 05:12:43 hashtag_ has joined
238 2014-12-25 05:15:55 bit2017 has joined
239 2014-12-25 05:16:38 Guest57566 has quit (Read error: Connection reset by peer)
240 2014-12-25 05:19:57 shifter has joined
241 2014-12-25 05:20:02 shifter is now known as Guest19372
242 2014-12-25 05:36:18 Guest19372 has quit (Read error: Connection reset by peer)
243 2014-12-25 05:41:11 contrapumpkin has joined
244 2014-12-25 05:44:23 copumpkin has quit (Ping timeout: 245 seconds)
245 2014-12-25 05:45:17 coiner has quit (Ping timeout: 250 seconds)
246 2014-12-25 05:45:38 bit2017 has quit (Ping timeout: 245 seconds)
247 2014-12-25 05:56:33 Bwild has quit (Ping timeout: 250 seconds)
248 2014-12-25 05:57:39 helo has quit (Ping timeout: 264 seconds)
249 2014-12-25 05:57:41 _W_ has quit (Ping timeout: 256 seconds)
250 2014-12-25 05:57:50 waxwing has quit (Ping timeout: 255 seconds)
251 2014-12-25 05:58:17 nsh_ has quit (Ping timeout: 255 seconds)
252 2014-12-25 05:59:04 helo has joined
253 2014-12-25 05:59:19 waxwing has joined
254 2014-12-25 05:59:28 _W_ has joined
255 2014-12-25 05:59:57 nsh_ has joined
256 2014-12-25 06:00:12 LightRider has quit (Remote host closed the connection)
257 2014-12-25 06:00:31 Aido_ has joined
258 2014-12-25 06:01:30 simondlr has joined
259 2014-12-25 06:03:23 Aido has quit (Ping timeout: 240 seconds)
260 2014-12-25 06:06:03 simondlr has quit (Ping timeout: 245 seconds)
261 2014-12-25 06:06:52 Lexa has quit (Ping timeout: 250 seconds)
262 2014-12-25 06:07:33 phoenix52 has joined
263 2014-12-25 06:07:48 wangchun has quit (Ping timeout: 240 seconds)
264 2014-12-25 06:08:46 wangchun has joined
265 2014-12-25 06:10:43 _yoy_ has quit (Ping timeout: 256 seconds)
266 2014-12-25 06:11:48 Lexa has joined
267 2014-12-25 06:23:41 _yoy_ has joined
268 2014-12-25 06:25:44 waxwing has quit (Ping timeout: 255 seconds)
269 2014-12-25 06:29:56 waxwing has joined
270 2014-12-25 06:30:13 bedeho has joined
271 2014-12-25 06:34:16 <Diablo-D3> Merry Christmas
272 2014-12-25 06:34:28 <bedeho> merry xmas
273 2014-12-25 06:36:58 NewLiberty has quit (Ping timeout: 252 seconds)
274 2014-12-25 06:37:03 cbeams has joined
275 2014-12-25 06:39:14 waxwing has quit (Ping timeout: 255 seconds)
276 2014-12-25 06:42:38 waxwing has joined
277 2014-12-25 06:43:19 DougieBot5000_ has joined
278 2014-12-25 06:43:47 clarinet has quit (Ping timeout: 240 seconds)
279 2014-12-25 06:46:07 DougieBot5000 has quit (Ping timeout: 240 seconds)
280 2014-12-25 06:47:27 clarinet has joined
281 2014-12-25 06:52:58 bit2017 has joined
282 2014-12-25 06:53:03 coiner has joined
283 2014-12-25 06:56:00 simondlr has joined
284 2014-12-25 06:58:27 <Luke-Jr> github down?
285 2014-12-25 06:58:52 <phantomcircuit> Luke-Jr, nope
286 2014-12-25 06:58:52 <cbeams> Luke-Jr: not for me.
287 2014-12-25 06:58:58 <Luke-Jr> hmm (Merry Xmas)
288 2014-12-25 06:59:07 <phantomcircuit> im waiting for someone to ddos them and remember to take down status.github.com also
289 2014-12-25 06:59:18 <phantomcircuit> it's strange that nobody ever does
290 2014-12-25 07:00:03 <phantomcircuit> oh i see it's ec2
291 2014-12-25 07:00:05 <phantomcircuit> that's amusing
292 2014-12-25 07:00:25 simondlr has quit (Ping timeout: 252 seconds)
293 2014-12-25 07:00:44 <Luke-Jr> well, I can't seem to reach github.com :x
294 2014-12-25 07:12:32 wallet42 has quit (Quit: Leaving.)
295 2014-12-25 07:13:52 simondlr has joined
296 2014-12-25 07:18:37 cbeams has quit (Remote host closed the connection)
297 2014-12-25 07:19:12 cbeams has joined
298 2014-12-25 07:20:43 Dizzle has quit (Quit: Leaving...)
299 2014-12-25 07:22:10 GM0127 has joined
300 2014-12-25 07:23:23 cbeams has quit (Ping timeout: 240 seconds)
301 2014-12-25 07:23:55 Lightsword has joined
302 2014-12-25 07:25:15 DigiByteDev has left ()
303 2014-12-25 07:28:16 GM0127 has quit (Read error: Connection reset by peer)
304 2014-12-25 07:30:36 cbeams has joined
305 2014-12-25 07:31:16 O01eg has quit (Quit: O01eg)
306 2014-12-25 07:32:47 b_lumenkraft has joined
307 2014-12-25 07:35:21 cbeams has quit (Remote host closed the connection)
308 2014-12-25 07:41:23 <wumpus> works fine here
309 2014-12-25 07:42:46 stevedekorte has joined
310 2014-12-25 07:44:09 stevedekorte has quit (Client Quit)
311 2014-12-25 07:46:24 Diablo-D3 has quit (Ping timeout: 245 seconds)
312 2014-12-25 07:47:17 Diablo-D3 has joined
313 2014-12-25 07:47:51 wangchun has quit (Ping timeout: 244 seconds)
314 2014-12-25 07:48:43 wangchun has joined
315 2014-12-25 07:52:53 wangchun has quit (Ping timeout: 240 seconds)
316 2014-12-25 07:53:16 Lightsword has quit (Ping timeout: 256 seconds)
317 2014-12-25 07:54:08 wangchun has joined
318 2014-12-25 07:54:15 GM0127 has joined
319 2014-12-25 07:57:26 Lightsword has joined
320 2014-12-25 08:06:32 wrabbit has quit (Ping timeout: 250 seconds)
321 2014-12-25 08:08:26 <Luke-Jr> wtf is with CC-BY-3.0 section 4c?
322 2014-12-25 08:08:47 Lightsword has quit (Ping timeout: 240 seconds)
323 2014-12-25 08:09:49 Lightsword has joined
324 2014-12-25 08:10:50 one_zero has quit ()
325 2014-12-25 08:18:41 <gmaxwell> Luke-Jr: what about it? -by-3.0 is crappy in a number of ways but 4c is just a preserve attribution requirement.
326 2014-12-25 08:20:02 <Luke-Jr> gmaxwell: "You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation."
327 2014-12-25 08:20:22 <gmaxwell> oh they're using unported and not US.
328 2014-12-25 08:20:28 <gmaxwell> yea... it's problematic.
329 2014-12-25 08:20:32 <Luke-Jr> for example, this could be used to prohibit altcoins the author finds offensive
330 2014-12-25 08:22:56 <gmaxwell> yea, I dunno what to say. I argued agressively against it but CC published it like that anyways. Kat fixed it in cc-by-sa-4.0.
331 2014-12-25 08:23:15 <Luke-Jr> I think we need to find another icon. That one doesn't look particularly unique.
332 2014-12-25 08:24:10 <gmaxwell> so go find one.
333 2014-12-25 08:25:47 Lightsword has quit (Ping timeout: 240 seconds)
334 2014-12-25 08:25:58 Lightsword has joined
335 2014-12-25 08:26:20 <gmaxwell> Luke-Jr: we should probably do some gui overhaul and as a part of it pay some graphic artist to do all new icons. ... but not right now.
336 2014-12-25 08:26:38 <Luke-Jr> gmaxwell: actually.. we just did :o
337 2014-12-25 08:26:45 <gmaxwell> oh we did?
338 2014-12-25 08:26:54 <Luke-Jr> yeah, a bunch of monocolour icons got merged in master
339 2014-12-25 08:27:05 <Luke-Jr> so maybe the guy who did those can make one for this too
340 2014-12-25 08:27:32 <gmaxwell> kinda concerning that I missed that, I intentionally don't pay much attention to the gui stuff, but that rings no bells for me at all.
341 2014-12-25 08:27:50 <Luke-Jr> lol, by the same guy with this PR
342 2014-12-25 08:27:58 <Luke-Jr> (jonasschnelli)
343 2014-12-25 08:28:00 <Luke-Jr> gmaxwell: https://github.com/bitcoin/bitcoin/pull/5219
344 2014-12-25 08:31:04 ArthurNumbanumba has joined
345 2014-12-25 08:37:31 <gmaxwell> cool.
346 2014-12-25 08:40:04 lclc_bnc is now known as lclc
347 2014-12-25 08:41:20 Apexseals has quit ()
348 2014-12-25 08:41:24 paveljanik has joined
349 2014-12-25 08:46:26 <wumpus> gmaxwell: if you don't follow it it doesn't really make much sense to comment on it...
350 2014-12-25 08:47:04 Apexseals has joined
351 2014-12-25 08:48:58 cbeams has joined
352 2014-12-25 08:48:58 cbeams has quit (Changing host)
353 2014-12-25 08:48:58 cbeams has joined
354 2014-12-25 08:50:04 Lightsword has quit (Quit: Lightsword)
355 2014-12-25 08:50:05 <gmaxwell> wumpus: How could I know that it wasn't something I cared about unless I saw it?
356 2014-12-25 08:52:46 simondlr has quit (Remote host closed the connection)
357 2014-12-25 08:53:16 <wumpus> gmaxwell: well you say you intentionally pay no attention to it. Which is perfectly fine by itself, but then you say what has to happen without following all the work actually happening that looks a bit strange :)
358 2014-12-25 08:53:22 Lightsword has joined
359 2014-12-25 08:53:46 <gmaxwell> wumpus: huh?
360 2014-12-25 08:53:53 <gmaxwell> I did no such thing.
361 2014-12-25 08:53:58 <wumpus> <gmaxwell> Luke-Jr: we should probably do some gui overhaul and as a part of it pay some graphic artist to do all new icons. ... but not right now.
362 2014-12-25 08:54:39 <wumpus> anyhow, just looked a bit weird, you're welcome to pay more attention to the GUI project in any case
363 2014-12-25 08:56:33 <gmaxwell> I don't pay attention to it in part because it's not really usable for me. :( (I don't run bitcoin on the system I use as an xterminal)
364 2014-12-25 08:56:51 <gmaxwell> I do know that we e.g. never got finished patches from tcatm's very nice looking rework work. Happy to hear that someone was working on icons that I missed though!
365 2014-12-25 08:56:55 * Luke-Jr notes X11 is network-transparent :P
366 2014-12-25 08:57:11 <wumpus> what would make it usable for you then?
367 2014-12-25 08:57:52 * Luke-Jr guesses being able to attach the GUI to a remote wallet ;)
368 2014-12-25 08:57:57 <wumpus> it's intentionally using a library that should be very portable
369 2014-12-25 08:58:11 <gmaxwell> wumpus: being able to remote the gui from the daemon would do so.  The problem with tunneling it over X is that its very slow and fragile, any bump and it knocks my daemon out and I'm waiting for it to sync when I want to go use it.
370 2014-12-25 08:58:29 <gmaxwell> (and also uses insane bandwidth if I'm not at home and care about the bandwidth)
371 2014-12-25 08:58:46 <wumpus> ok...
372 2014-12-25 08:58:51 <Luke-Jr> wumpus: besides splitting wallet from core, splitting GUI from wallet is good for security (locked-down wallet server)
373 2014-12-25 08:59:17 <wumpus> Luke-Jr: I intended to do that long time ago, but I have no time for such things anymore
374 2014-12-25 08:59:23 <Luke-Jr> :<
375 2014-12-25 08:59:31 <Luke-Jr> (same here, actually)
376 2014-12-25 08:59:36 tarantillo_ has quit (Remote host closed the connection)
377 2014-12-25 08:59:41 <gmaxwell> I'll see what I can do. :)
378 2014-12-25 08:59:56 tarantillo_ has joined
379 2014-12-25 09:00:03 <Luke-Jr> who remembers https://en.bitcoin.it/wiki/Wallet_protocol ? :P
380 2014-12-25 09:00:19 <wumpus> unfortunately it's much harder to do know than back then when I created that 
381 2014-12-25 09:00:24 <wumpus> s/know/now
382 2014-12-25 09:00:53 <wumpus> when I write bitcoin-qt it had hardly any core code in it, by design, later on it seeped into everything
383 2014-12-25 09:01:35 <gmaxwell> Can someone give me a mempool transplant from a publically accessible node that is up >24 hours and running a standard fee policy?
384 2014-12-25 09:01:38 <gmaxwell> ./bitcoin-cli getrawmempool | grep '"' | cut -d'"' -f2   | xargs -n1 ./bitcoin-cli getrawtransaction | xz -c > mempool.xz
385 2014-12-25 09:01:55 <Luke-Jr> jonasschnelli: are you here now, or just GitHub?
386 2014-12-25 09:02:08 <wumpus> gmaxwell: sure
387 2014-12-25 09:02:14 <gmaxwell> wumpus: thanks.
388 2014-12-25 09:02:22 <Luke-Jr> gmaxwell: you know there's a mempool p2p command for that… :P
389 2014-12-25 09:02:38 <gmaxwell> I know but I can't tell how long a random p2p node has been up.
390 2014-12-25 09:02:46 fusselwurm has joined
391 2014-12-25 09:02:48 <Luke-Jr> I just send it to every peer :P
392 2014-12-25 09:02:50 <gmaxwell> I'd also have to write a fair bit of software instead of a shell one liner.
393 2014-12-25 09:04:30 <wumpus> https://download.visucore.com/bitcoin/mempool.xz
394 2014-12-25 09:09:07 wangchun has quit (Ping timeout: 240 seconds)
395 2014-12-25 09:09:34 <wumpus> Luke-Jr: the problem has always been that you can't do everything that the UI does through RPC, although no one ever bothered to make a list of what what be needed
396 2014-12-25 09:09:41 phoenix52 has quit (Ping timeout: 244 seconds)
397 2014-12-25 09:10:30 <wumpus> Luke-Jr: ie, a more efficient, incremental way of transaction list synchronization would be needed
398 2014-12-25 09:11:02 <wumpus> Luke-Jr: (not just adding some fields, that'd be easy)
399 2014-12-25 09:11:03 phoenix53 has joined
400 2014-12-25 09:11:04 <Luke-Jr> wumpus: yes. I had a rather nice hack for Spesmilo, but it was definitely still a hack
401 2014-12-25 09:11:18 wangchun has joined
402 2014-12-25 09:11:21 Applicat_ has joined
403 2014-12-25 09:13:57 <wumpus> Luke-Jr: right, there's no way to ask 'have there been new wallet transactions since my last poll at timestamp XYZ'
404 2014-12-25 09:14:03 <wumpus> Luke-Jr: the new wallet should have a protocol for that
405 2014-12-25 09:14:59 Application has quit (Ping timeout: 252 seconds)
406 2014-12-25 09:15:20 <wumpus> Luke-Jr: yes I vaguely remember that wiki page
407 2014-12-25 09:15:49 Applicat_ has quit (Ping timeout: 255 seconds)
408 2014-12-25 09:16:27 Application has joined
409 2014-12-25 09:19:24 kromtar has quit (Quit: bye bye.)
410 2014-12-25 09:32:23 simondlr has joined
411 2014-12-25 09:37:15 simondlr has quit (Ping timeout: 264 seconds)
412 2014-12-25 09:39:02 cbeams has quit (Remote host closed the connection)
413 2014-12-25 09:42:59 moarrr has joined
414 2014-12-25 09:43:04 moarrr has quit (Excess Flood)
415 2014-12-25 09:43:13 lorenzoasr has joined
416 2014-12-25 09:43:22 moarrr has joined
417 2014-12-25 09:43:22 moarrr is now known as Guest43776
418 2014-12-25 09:43:27 Guest43776 has quit (Excess Flood)
419 2014-12-25 09:43:45 Guest43776 has joined
420 2014-12-25 09:44:25 Guest43776 is now known as DMA
421 2014-12-25 09:44:52 lclc is now known as lclc_bnc
422 2014-12-25 09:45:05 DMA is now known as Guest26930
423 2014-12-25 09:46:22 Guest26930 is now known as DanMA
424 2014-12-25 09:46:43 DanMA is now known as moarrrDMA
425 2014-12-25 10:03:47 _yoy_ has quit (Ping timeout: 240 seconds)
426 2014-12-25 10:04:07 aburan28 has joined
427 2014-12-25 10:07:19 _yoy_ has joined
428 2014-12-25 10:08:10 pooler has quit (Ping timeout: 265 seconds)
429 2014-12-25 10:09:03 aburan28 has quit (Ping timeout: 264 seconds)
430 2014-12-25 10:10:51 simondlr has joined
431 2014-12-25 10:56:03 Profreid has joined
432 2014-12-25 10:58:10 NewLiberty has joined
433 2014-12-25 11:01:45 fusselwurm has quit (Remote host closed the connection)
434 2014-12-25 11:07:31 lclc_bnc is now known as lclc
435 2014-12-25 11:08:36 JackH has joined
436 2014-12-25 11:08:47 cbeams has joined
437 2014-12-25 11:09:17 grandmaster2 has joined
438 2014-12-25 11:13:54 samson_ has quit (Read error: Connection reset by peer)
439 2014-12-25 11:15:31 samson_ has joined
440 2014-12-25 11:20:10 jtimon has joined
441 2014-12-25 11:24:14 pooler has joined
442 2014-12-25 11:24:14 pooler has quit (Changing host)
443 2014-12-25 11:24:14 pooler has joined
444 2014-12-25 11:28:32 fanquake has joined
445 2014-12-25 11:29:46 ArthurNumbanumba has quit (Ping timeout: 250 seconds)
446 2014-12-25 11:30:25 saracen_ has joined
447 2014-12-25 11:31:10 hashtagg_ has joined
448 2014-12-25 11:32:44 saracen has quit (Ping timeout: 265 seconds)
449 2014-12-25 11:37:17 pooler has quit (Ping timeout: 245 seconds)
450 2014-12-25 11:42:11 ArthurNumbanumba has joined
451 2014-12-25 11:49:58 won9 has quit (Quit: won9)
452 2014-12-25 11:50:52 CheckDavid has joined
453 2014-12-25 11:51:32 moarrrDMA has quit (Quit: Daniel Michael Abraham [@Croydon @London @UK] (T: dmabraham.com [-] The Best Ever [=] M: +447957 082648 [-] DOB: 05/12/1985))
454 2014-12-25 11:55:21 wuwujo has joined
455 2014-12-25 11:57:21 wuwujo has quit (Client Quit)
456 2014-12-25 12:00:06 neozaru has joined
457 2014-12-25 12:23:58 ItSANgo has quit (Quit: Leaving...)
458 2014-12-25 12:31:24 jtimon has quit (Ping timeout: 245 seconds)
459 2014-12-25 12:34:16 Quanttek has joined
460 2014-12-25 12:38:11 Lightsword has quit (Quit: Lightsword)
461 2014-12-25 12:40:01 cbeams has quit (Remote host closed the connection)
462 2014-12-25 12:40:36 cbeams has joined
463 2014-12-25 12:44:52 cbeams has quit (Ping timeout: 240 seconds)
464 2014-12-25 12:45:32 cbeams has joined
465 2014-12-25 12:48:57 ItSANgo has joined
466 2014-12-25 12:51:02 Diablo-D3 has quit (Quit: This computer has gone to sleep)
467 2014-12-25 12:53:20 belcher has joined
468 2014-12-25 12:53:20 belcher has quit (Changing host)
469 2014-12-25 12:53:20 belcher has joined
470 2014-12-25 12:54:31 vmatekole has quit ()
471 2014-12-25 12:58:52 ge0_ has quit (Quit: Connection closed for inactivity)
472 2014-12-25 13:06:12 chmod755 has joined
473 2014-12-25 13:07:43 cbeams has quit (Remote host closed the connection)
474 2014-12-25 13:10:09 HANTI is now known as hanti
475 2014-12-25 13:14:26 cbeams has joined
476 2014-12-25 13:14:43 cbeams has quit (Changing host)
477 2014-12-25 13:14:43 cbeams has joined
478 2014-12-25 13:15:12 Emcy has quit (Ping timeout: 255 seconds)
479 2014-12-25 13:17:14 Emcy has joined
480 2014-12-25 13:22:09 cbeams has quit (Remote host closed the connection)
481 2014-12-25 13:22:59 cbeams has joined
482 2014-12-25 13:27:00 swulf--__ has quit (Read error: Connection reset by peer)
483 2014-12-25 13:27:14 cbeams has quit (Ping timeout: 252 seconds)
484 2014-12-25 13:31:12 Profreid has quit (Quit: Profreid)
485 2014-12-25 13:35:23 antizionist__ has joined
486 2014-12-25 13:39:11 wrabbit has joined
487 2014-12-25 13:41:59 <michagogo> Erm
488 2014-12-25 13:42:06 <michagogo> Why is the new debug window icon a speech bubble?
489 2014-12-25 13:43:57 wallet42 has joined
490 2014-12-25 13:46:15 <wumpus> because speech bubbles signify chat boxes, and in the RPC console you can chat with the core
491 2014-12-25 13:46:35 <michagogo> erm
492 2014-12-25 13:46:43 <wumpus> (honestly I have no idea why jonasschnelli chose a speech bubble, I suppose that's open for discussion)
493 2014-12-25 13:46:44 <michagogo> IMHO the terminal makes more sense for that
494 2014-12-25 13:46:55 <michagogo> And the debug window is a lot more than the RPC console, too...
495 2014-12-25 13:47:07 <michagogo> (especially now in 0.10/master)
496 2014-12-25 13:47:26 <michagogo> (and there may even be more enhancements by the time we reach 0.11)
497 2014-12-25 13:47:59 <wumpus> the new icons in master are experimental, you can propose something else, but be sure to use the same style
498 2014-12-25 13:48:26 * michagogo is even worse at graphic design than he is at good writing
499 2014-12-25 13:48:31 <wumpus> (eh I mean you can propose something else for specific icons)
500 2014-12-25 13:49:01 <wumpus> same here.
501 2014-12-25 13:49:15 <michagogo> Eh? You're not bad at writing
502 2014-12-25 13:49:29 <michagogo> (from what I've seen, anyway)
503 2014-12-25 13:49:41 <wumpus> not *that* bad, but I'm not native english
504 2014-12-25 13:55:09 simondlr has quit (Remote host closed the connection)
505 2014-12-25 13:55:14 Raziel has joined
506 2014-12-25 13:57:13 Tjopper1 has joined
507 2014-12-25 13:57:38 Tjopper has quit (Ping timeout: 264 seconds)
508 2014-12-25 13:59:19 simondlr has joined
509 2014-12-25 14:00:11 Profreid has joined
510 2014-12-25 14:03:39 simondlr has quit (Ping timeout: 244 seconds)
511 2014-12-25 14:12:10 <firelegend> michagogo:Same, I can't even draw a circle correctly.
512 2014-12-25 14:18:22 cbeams has joined
513 2014-12-25 14:21:53 chmod755 has quit (Quit: Leaving)
514 2014-12-25 14:32:53 simondlr has joined
515 2014-12-25 14:33:13 xabbix__ has joined
516 2014-12-25 14:33:14 hmsimha has quit (Ping timeout: 252 seconds)
517 2014-12-25 14:34:27 xabbix has quit (Ping timeout: 256 seconds)
518 2014-12-25 14:36:40 gotoalberto has joined
519 2014-12-25 14:37:13 simondlr has quit (Ping timeout: 245 seconds)
520 2014-12-25 14:39:31 <wumpus> gmaxwell: btw, re: reconnectable X programs that work over laggy connections, xpra (xpra.org) is very useful for that
521 2014-12-25 14:44:20 cbeams has quit (Remote host closed the connection)
522 2014-12-25 14:48:15 cbeams has joined
523 2014-12-25 14:48:15 cbeams has quit (Remote host closed the connection)
524 2014-12-25 14:48:31 cbeams has joined
525 2014-12-25 14:50:43 Burrito has joined
526 2014-12-25 14:52:04 cbeams has quit (Remote host closed the connection)
527 2014-12-25 14:55:02 gotoalberto has quit (Quit: Bye)
528 2014-12-25 14:56:44 gotoalberto has joined
529 2014-12-25 15:03:50 cbeams has joined
530 2014-12-25 15:03:50 cbeams has quit (Changing host)
531 2014-12-25 15:03:50 cbeams has joined
532 2014-12-25 15:04:45 Lexa has quit (Remote host closed the connection)
533 2014-12-25 15:05:17 Lexa has joined
534 2014-12-25 15:07:20 bit2017 has quit (Ping timeout: 265 seconds)
535 2014-12-25 15:07:49 coiner has quit (Ping timeout: 265 seconds)
536 2014-12-25 15:12:30 cbeams has quit (Remote host closed the connection)
537 2014-12-25 15:13:05 cbeams has joined
538 2014-12-25 15:13:16 ThomasV has joined
539 2014-12-25 15:13:34 Tjopper1 has quit (Read error: Connection reset by peer)
540 2014-12-25 15:14:16 CheckDavid has quit (Quit: Connection closed for inactivity)
541 2014-12-25 15:17:58 cbeams has quit (Ping timeout: 265 seconds)
542 2014-12-25 15:24:06 jprichardson has joined
543 2014-12-25 15:26:10 contrapumpkin is now known as copumpkin
544 2014-12-25 15:27:07 simondlr has joined
545 2014-12-25 15:31:54 simondlr has quit (Ping timeout: 252 seconds)
546 2014-12-25 15:33:08 coiner has joined
547 2014-12-25 15:33:13 bit2017 has joined
548 2014-12-25 15:36:50 cornfeedhobo is now known as bitcoinsanta
549 2014-12-25 15:38:38 gotoalberto has quit (Quit: Bye)
550 2014-12-25 15:38:58 gotoalberto has joined
551 2014-12-25 15:39:58 bedeho has quit (Ping timeout: 252 seconds)
552 2014-12-25 15:40:39 jtimon has joined
553 2014-12-25 15:45:59 felipelalli has joined
554 2014-12-25 15:46:24 GM0127 has quit (Quit: Leaving)
555 2014-12-25 15:47:05 gotoalberto has quit (Quit: Bye)
556 2014-12-25 15:48:06 gotoalberto has joined
557 2014-12-25 15:48:56 cbeams has joined
558 2014-12-25 15:48:56 cbeams has quit (Changing host)
559 2014-12-25 15:48:56 cbeams has joined
560 2014-12-25 15:49:22 ThomasV has quit (Ping timeout: 244 seconds)
561 2014-12-25 15:50:41 Techguy305 has joined
562 2014-12-25 15:51:29 pooler has joined
563 2014-12-25 15:52:15 cbeams has quit (Remote host closed the connection)
564 2014-12-25 15:54:30 hashtagg_ has quit (Ping timeout: 255 seconds)
565 2014-12-25 16:00:48 felipelalli has quit (Ping timeout: 255 seconds)
566 2014-12-25 16:04:50 hashtagg_ has joined
567 2014-12-25 16:05:57 Tjopper has joined
568 2014-12-25 16:11:59 lclc is now known as lclc_bnc
569 2014-12-25 16:11:59 grandmaster2 has quit (Remote host closed the connection)
570 2014-12-25 16:17:05 gotoalberto has quit (Quit: (null))
571 2014-12-25 16:19:29 ThomasV has joined
572 2014-12-25 16:20:06 Starduster has quit ()
573 2014-12-25 16:21:24 simondlr has joined
574 2014-12-25 16:22:25 PaulCapestany has quit (Ping timeout: 244 seconds)
575 2014-12-25 16:23:55 PaulCapestany has joined
576 2014-12-25 16:25:45 simondlr has quit (Ping timeout: 240 seconds)
577 2014-12-25 16:25:46 davec has quit (Read error: Connection reset by peer)
578 2014-12-25 16:25:48 hashtagg_ has quit (Ping timeout: 252 seconds)
579 2014-12-25 16:27:13 davec has joined
580 2014-12-25 16:28:24 Elglobo has quit ()
581 2014-12-25 16:29:50 hashtagg_ has joined
582 2014-12-25 16:34:21 felipelalli has joined
583 2014-12-25 16:37:04 O01eg has joined
584 2014-12-25 16:37:10 belcher has quit (Read error: Connection reset by peer)
585 2014-12-25 16:42:46 hashtagg_ has quit (Ping timeout: 240 seconds)
586 2014-12-25 16:44:35 Bwild has joined
587 2014-12-25 16:47:58 belcher has joined
588 2014-12-25 16:48:51 Techguy305 has quit (Remote host closed the connection)
589 2014-12-25 16:49:03 PaulCapestany has quit ()
590 2014-12-25 16:50:17 PaulCapestany has joined
591 2014-12-25 16:52:06 PaulCapestany has quit (Client Quit)
592 2014-12-25 16:52:23 ThomasV has quit (Ping timeout: 244 seconds)
593 2014-12-25 16:53:47 PaulCapestany has joined
594 2014-12-25 16:54:12 PaulCapestany has quit (Client Quit)
595 2014-12-25 16:56:26 Profreid has quit (Quit: Profreid)
596 2014-12-25 16:56:32 PaulCapestany has joined
597 2014-12-25 16:57:03 hashtagg_ has joined
598 2014-12-25 17:01:21 s0br has joined
599 2014-12-25 17:02:08 <s0br> i haven't seen any documentation on if we can mine new bitcoins to a multisig address? from my basic understanding it should be fine?
600 2014-12-25 17:02:25 <s0br> i just want to make sure before i go changing configs
601 2014-12-25 17:02:49 hashtagg_ has quit (Ping timeout: 252 seconds)
602 2014-12-25 17:04:03 Elglobo has joined
603 2014-12-25 17:05:12 jprichardson has quit (Ping timeout: 272 seconds)
604 2014-12-25 17:05:26 Guest35685 has quit (Ping timeout: 264 seconds)
605 2014-12-25 17:06:19 Profreid has joined
606 2014-12-25 17:08:54 <maaku> s0br: #bitcoin, and yes there is nothing in the protocol which limits what script you can use
607 2014-12-25 17:09:01 <maaku> your pool / mining software would have to support it though
608 2014-12-25 17:10:40 neozaru has quit (Ping timeout: 244 seconds)
609 2014-12-25 17:10:51 <s0br> great
610 2014-12-25 17:11:58 Pan0ram1x has joined
611 2014-12-25 17:12:13 Pan0ram1x is now known as Guest18195
612 2014-12-25 17:12:20 kromtar has joined
613 2014-12-25 17:15:38 simondlr has joined
614 2014-12-25 17:16:51 davec has quit (Read error: Connection reset by peer)
615 2014-12-25 17:17:35 davec has joined
616 2014-12-25 17:19:05 hashtagg_ has joined
617 2014-12-25 17:20:18 simondlr has quit (Ping timeout: 250 seconds)
618 2014-12-25 17:23:35 hashtagg_ has quit (Ping timeout: 244 seconds)
619 2014-12-25 17:25:31 nelisky has quit (Quit: nelisky)
620 2014-12-25 17:32:36 t7 has joined
621 2014-12-25 17:35:32 Dizzle has joined
622 2014-12-25 17:37:12 xabbix has joined
623 2014-12-25 17:37:21 xabbix has quit (Changing host)
624 2014-12-25 17:37:21 xabbix has joined
625 2014-12-25 17:40:03 xabbix__ has quit (Ping timeout: 265 seconds)
626 2014-12-25 17:40:15 paveljanik has quit (Quit: Leaving)
627 2014-12-25 17:40:36 paveljanik has joined
628 2014-12-25 17:45:32 TheSeven has quit (Read error: Connection reset by peer)
629 2014-12-25 17:51:34 Profreid_ has joined
630 2014-12-25 17:51:40 Profreid_ has quit (Client Quit)
631 2014-12-25 17:53:45 Profreid has quit (Ping timeout: 255 seconds)
632 2014-12-25 17:58:03 n0n0 has joined
633 2014-12-25 18:05:55 prodatalab has quit (Quit: Konversation terminated!)
634 2014-12-25 18:07:39 Profreid has joined
635 2014-12-25 18:08:15 prodatalab has joined
636 2014-12-25 18:09:55 simondlr has joined
637 2014-12-25 18:11:32 Zarutian has joined
638 2014-12-25 18:12:23 nelisky has joined
639 2014-12-25 18:13:57 jtimon has quit (Ping timeout: 252 seconds)
640 2014-12-25 18:13:59 aburan28 has joined
641 2014-12-25 18:14:22 simondlr has quit (Ping timeout: 265 seconds)
642 2014-12-25 18:14:50 jtimon has joined
643 2014-12-25 18:16:12 owowo is now known as gribblle
644 2014-12-25 18:16:47 gribblle is now known as owowo
645 2014-12-25 18:20:17 n0n0 has quit (Read error: Connection reset by peer)
646 2014-12-25 18:29:33 shesek has joined
647 2014-12-25 18:34:07 kikikk has joined
648 2014-12-25 18:34:15 kikikk has quit (Client Quit)
649 2014-12-25 18:36:32 aburan28 has quit (Quit: Leaving)
650 2014-12-25 18:36:41 aburan28 has joined
651 2014-12-25 18:43:35 baileys has joined
652 2014-12-25 18:45:54 baileys has quit (Remote host closed the connection)
653 2014-12-25 19:01:05 Starduster has joined
654 2014-12-25 19:04:01 simondlr has joined
655 2014-12-25 19:05:48 ericmuyser has joined
656 2014-12-25 19:07:56 moarrr has joined
657 2014-12-25 19:08:16 simondlr has quit (Ping timeout: 244 seconds)
658 2014-12-25 19:08:44 dgenr8 has quit (Quit: Leaving)
659 2014-12-25 19:12:53 karc has quit (Ping timeout: 250 seconds)
660 2014-12-25 19:15:32 felipelalli has quit (Remote host closed the connection)
661 2014-12-25 19:15:50 felipelalli has joined
662 2014-12-25 19:19:34 atgreen has joined
663 2014-12-25 19:26:56 jprichardson has joined
664 2014-12-25 19:30:30 neozaru has joined
665 2014-12-25 19:31:10 sol__ has quit (Quit: Leaving)
666 2014-12-25 19:31:34 karc has joined
667 2014-12-25 19:34:02 jtimon has quit (Ping timeout: 272 seconds)
668 2014-12-25 19:35:43 nelisky has quit (Read error: Connection reset by peer)
669 2014-12-25 19:39:36 benrcole has joined
670 2014-12-25 19:40:17 NewLiberty has quit (Ping timeout: 258 seconds)
671 2014-12-25 19:40:59 nelisky has joined
672 2014-12-25 19:41:21 kadoban has joined
673 2014-12-25 19:45:47 benrcole has quit (Quit: Leaving.)
674 2014-12-25 19:51:46 aburan28 has quit (Ping timeout: 272 seconds)
675 2014-12-25 19:56:10 Clown has joined
676 2014-12-25 19:56:10 Clown has quit (Changing host)
677 2014-12-25 19:56:10 Clown has joined
678 2014-12-25 19:56:10  is now known as Clown|!~clown@unaffiliated/clown/x-0272709|Guest44192
679 2014-12-25 19:56:10 Guest44192 has quit (Killed (sendak.freenode.net (Nickname regained by services)))
680 2014-12-25 19:56:10 Clown is now known as |Clown|
681 2014-12-25 19:56:50 nelisky has quit (Ping timeout: 272 seconds)
682 2014-12-25 19:58:26 simondlr has joined
683 2014-12-25 19:58:54 pooler has quit (Read error: Connection reset by peer)
684 2014-12-25 20:03:02 simondlr has quit (Ping timeout: 245 seconds)
685 2014-12-25 20:04:02 Lightsword has joined
686 2014-12-25 20:08:04 erasmospunk has joined
687 2014-12-25 20:13:02 aburan28 has joined
688 2014-12-25 20:15:09 pooler has joined
689 2014-12-25 20:17:05 nelisky has joined
690 2014-12-25 20:25:36 wiz has quit (Read error: Connection reset by peer)
691 2014-12-25 20:26:49 wiz has joined
692 2014-12-25 20:27:19 shesek has quit (Ping timeout: 244 seconds)
693 2014-12-25 20:28:19 hanti is now known as HANTI
694 2014-12-25 20:28:27 ArthurNumbanumba has quit (Ping timeout: 245 seconds)
695 2014-12-25 20:29:24 hashtagg_ has joined
696 2014-12-25 20:32:30 wiz_ has joined
697 2014-12-25 20:34:50 wiz has quit (Ping timeout: 255 seconds)
698 2014-12-25 20:35:14 wiz has joined
699 2014-12-25 20:35:28 jprichardson has quit (Read error: Connection reset by peer)
700 2014-12-25 20:36:23 Lightsword_ has joined
701 2014-12-25 20:36:47 wiz_ has quit (Ping timeout: 245 seconds)
702 2014-12-25 20:36:48 wiz is now known as wiz_
703 2014-12-25 20:37:05 Lightsword_ has quit (Client Quit)
704 2014-12-25 20:38:02 Lightsword has quit (Ping timeout: 245 seconds)
705 2014-12-25 20:38:59 DigiByteDev has joined
706 2014-12-25 20:40:05 kadoban has quit (Ping timeout: 258 seconds)
707 2014-12-25 20:41:35 zatix has joined
708 2014-12-25 20:41:48 shesek has joined
709 2014-12-25 20:46:54 DigiByteDev has left ()
710 2014-12-25 20:47:31 jprichardson has joined
711 2014-12-25 20:48:27 felipelalli has quit (Ping timeout: 245 seconds)
712 2014-12-25 20:49:51 kadoban has joined
713 2014-12-25 20:59:19 ericmuyser has quit (Remote host closed the connection)
714 2014-12-25 20:59:32 <shesek> is there any advantage to using bip32's chain codes when the extended master public key is meant to be public?
715 2014-12-25 20:59:50 <shesek> (rather than just deriving from a master public key, without using a chain code)
716 2014-12-25 21:00:48 <shesek> it appears to me like the only reason chain codes were added is as an additional layer of security, which is moot if the master public key its meant to be public and allow third parties to derive keys from it
717 2014-12-25 21:04:20 kadoban has quit (Ping timeout: 245 seconds)
718 2014-12-25 21:04:36 <phantomcircuit> shesek, s/its/is/ ?
719 2014-12-25 21:04:41 Dizzle has quit (Quit: Leaving...)
720 2014-12-25 21:05:32 kadoban has joined
721 2014-12-25 21:05:59 <shesek> phantomcircuit, yep, sorry
722 2014-12-25 21:06:40 <phantomcircuit> shesek, something about the math i believe
723 2014-12-25 21:06:41 zatix has quit (Quit: Page closed)
724 2014-12-25 21:06:46 <phantomcircuit> see hardened keys
725 2014-12-25 21:06:51 _yoy_ has quit (Quit: Leaving...)
726 2014-12-25 21:08:41 <shesek> phantomcircuit, something about the math? :O
727 2014-12-25 21:09:08 _yoy_ has joined
728 2014-12-25 21:09:19 n0n0 has joined
729 2014-12-25 21:09:34 <phantomcircuit> shesek, *hand waving*
730 2014-12-25 21:09:42 kadoban has quit (Ping timeout: 245 seconds)
731 2014-12-25 21:10:07 <phantomcircuit> oh right
732 2014-12-25 21:10:26 <phantomcircuit> shesek, because this way you have a tree of keypairs
733 2014-12-25 21:10:28 <phantomcircuit> not a chain
734 2014-12-25 21:10:33 <phantomcircuit> which is better
735 2014-12-25 21:10:45 hashtagg_ has quit (Ping timeout: 258 seconds)
736 2014-12-25 21:11:11 hashtagg_ has joined
737 2014-12-25 21:11:30 <shesek> phantomcircuit, the derivation index makes it so you have a tree
738 2014-12-25 21:11:54 <shesek> as it worked with the original type-2 deterministic wallets
739 2014-12-25 21:13:29 Techguy305 has joined
740 2014-12-25 21:13:29 <gmaxwell> shesek: what do you mean "without using chain codes" ?
741 2014-12-25 21:16:17 moarrr has quit ()
742 2014-12-25 21:20:25 <sipa> shesek: the chain code is not meant to be public!
743 2014-12-25 21:21:12 <sipa> without a private key, nobody can steal your coins, but you can lose privacy
744 2014-12-25 21:21:31 daybyter has joined
745 2014-12-25 21:21:51 <sipa> making your public key + chain code public gives you pretty much the same privacy as just reusing the same key...
746 2014-12-25 21:23:59 daybyter has quit (Excess Flood)
747 2014-12-25 21:27:18 Bwild has quit (Ping timeout: 250 seconds)
748 2014-12-25 21:28:50 <phantomcircuit> sipa, i think people were expecting to be able to give away the extended public key to preserve privacy between the two parties
749 2014-12-25 21:28:57 <phantomcircuit> ie not public but public-ish
750 2014-12-25 21:34:20 jprichardson has quit (Read error: Connection reset by peer)
751 2014-12-25 21:35:21 phoenix53 has quit (Quit: phoenix53)
752 2014-12-25 21:42:07 <jcorgan> if you create an extended public key per 'customer' and only it to them, then only they can link all the created individual keys together
753 2014-12-25 21:42:14 <jcorgan> *only give
754 2014-12-25 21:46:46 Bwild has joined
755 2014-12-25 21:52:21 Adlai has quit (Ping timeout: 250 seconds)
756 2014-12-25 21:52:30 Adlai` has joined
757 2014-12-25 21:56:09 lclc_bnc is now known as lclc
758 2014-12-25 21:56:50 lclc is now known as lclc_bnc
759 2014-12-25 21:57:44 <sipa> yes, so you can give it to them if you want that key to be only used by them
760 2014-12-25 21:59:37 Emzy has joined
761 2014-12-25 22:00:50 <sipa> at which point there is also no privacy problem
762 2014-12-25 22:02:07 Grouver has joined
763 2014-12-25 22:02:56 Grouver has quit (Client Quit)
764 2014-12-25 22:04:26 <jcorgan> only a coordination issue on which subkey to use.  but that should be handled by a wallet that keeps track of that.
765 2014-12-25 22:04:32 ericmuyser has joined
766 2014-12-25 22:07:06 hashtagg_ has quit (Ping timeout: 258 seconds)
767 2014-12-25 22:09:31 Dizzle has joined
768 2014-12-25 22:11:33 hashtagg_ has joined
769 2014-12-25 22:13:20 one_zero has joined
770 2014-12-25 22:13:55 rnvk has joined
771 2014-12-25 22:14:35 <shesek> gmaxwell, basically, just doing regular derivation from a master public key with some index (pubkey+G*index)
772 2014-12-25 22:15:18 <shesek> sipa, not really - in my specific case, the deterioration index itself is considered a secret (its not incremental, its an hash of some information only known to the involved parties)
773 2014-12-25 22:15:37 <shesek> blah, autofix fail - s/deterioration/derivation
774 2014-12-25 22:16:41 <shesek> what I'm doing is kinda similar to how stealth addresses are meant to work
775 2014-12-25 22:17:10 buZz_ has joined
776 2014-12-25 22:17:27 buZz has quit (Read error: Connection reset by peer)
777 2014-12-25 22:19:14 NewLiberty has joined
778 2014-12-25 22:21:44 <gmaxwell> shesek: I'd be somewhat concerned about signing things with a simple linear relationship.
779 2014-12-25 22:21:49 buZz_ has quit (Ping timeout: 252 seconds)
780 2014-12-25 22:22:06 buZz has joined
781 2014-12-25 22:22:30 buZz is now known as Guest19535
782 2014-12-25 22:22:42 erasmospunk has quit (Remote host closed the connection)
783 2014-12-25 22:23:06 <gmaxwell> (or, in particular a potentially attacker controlled simple linear relationship)
784 2014-12-25 22:23:06 Guest19535 is now known as buZz
785 2014-12-25 22:24:03 aburan28 has quit (Ping timeout: 250 seconds)
786 2014-12-25 22:24:14 <shesek> gmaxwell, its not really different with BIP32, though. even with the chain code, its just getting hashed along with some other data to arrive at the final derivation index
787 2014-12-25 22:25:16 <shesek> with bip32, its basically pubkey+G*hmac(pubkey||index, chaincode)
788 2014-12-25 22:25:25 <gmaxwell> shesek:  Yes, I know how it works.
789 2014-12-25 22:25:26 <gmaxwell> ...
790 2014-12-25 22:26:03 <shesek> yeah, of course you do, haha :)
791 2014-12-25 22:26:08 <shesek> I'm just not sure what you meant exactly
792 2014-12-25 22:26:18 <shesek> would you be concerned about using bip32 in general?
793 2014-12-25 22:26:42 <gmaxwell> shesek: That is not "not really different", with a free index an attacker could freely query key plus 1,2,4,8,16, etc. to collect signatures directed and adaptive linear relationships.
794 2014-12-25 22:27:06 <gmaxwell> If this were the nonce it would immediately compromise the security of the signatures, though it's not symmetric.
795 2014-12-25 22:28:01 jprichardson has joined
796 2014-12-25 22:29:23 <gmaxwell> shesek: BIP32 hardened derviation, nah. BIP32 public? I'd only use it where the only option were something less secure. (e.g. leave keys on server, don't use multisig).  It is novel cryptography. We have no proof that it doesn't result in a reduction in security. We've studied it moderately well at this point, however. Some of the tor project folks were working on a proof (in the context of schnorr s
797 2014-12-25 22:29:29 <gmaxwell> ignatures, not ecdsa; but even that would be a help)
798 2014-12-25 22:31:16 <gmaxwell> Part of the reason the HMAC is in there is because of an abundance of caution; if there is some weakness that does arise out of attacker controlled linear relationships between keys the hmac likely makes it impratical to exploit.
799 2014-12-25 22:32:52 <shesek> well, not if he knows the chain code. and if he doesn't, then he can't derive keys and control the relationship between them anyway
800 2014-12-25 22:33:47 <gmaxwell> right if someone doesn't know the chain code and the hmac is in place, then the keys are indistinguishable from random up to a hardness assumption about related hmac values.
801 2014-12-25 22:34:40 <shesek> what if the index is a hash of some private information that can't be known to an attacker? wouldn't you get the exact same security properties then?
802 2014-12-25 22:34:41 <gmaxwell> if they do know the chain code then the key relations will at least not follow any tidy linear relationship, and chosing a particular relationship has exponential complexity (or really just isn't possible because of the limited index size)
803 2014-12-25 22:34:43 Brad_1121 has joined
804 2014-12-25 22:34:43 Brad_1121 has quit (Client Quit)
805 2014-12-25 22:35:09 <gmaxwell> shesek: thats BIP32 then, with an attacker unknown chaincode.
806 2014-12-25 22:35:57 <shesek> and btw, what about stealth addresses? they seem to be extremely vulnerable according to what you say
807 2014-12-25 22:36:52 <gmaxwell> shesek: no the stealth address construction is also hash mediated.
808 2014-12-25 22:37:18 <gmaxwell> It's P1 + G*H(P2*n)
809 2014-12-25 22:38:25 <gmaxwell> though I have pretty big mixed feelings about stealth addresses; though not related to security.
810 2014-12-25 22:39:01 paveljanik has quit (Ping timeout: 264 seconds)
811 2014-12-25 22:39:51 <shesek> basically, I'm currently using non-bip32 key derivation for to figure out the keys for the other parties in a multi-signature, so that it won't have to be interactive (its for Bitrated v2, meant to allow buyers to make payments immediately, without waiting for the other parties to provide a public key and without reusing public keys)
812 2014-12-25 22:41:10 <gmaxwell> okay so you want your 'index' to just be some other parties pubkeys.
813 2014-12-25 22:41:13 <shesek> which is basically pubkey+G*H(trade_data), where trade_data contains some information only known to the involved parties
814 2014-12-25 22:41:31 <shesek> I was thinking that its probably a good idea to switch over to standard bip32 rather than using my own implementation... but it seems like bip32 doesn't really fit my use case
815 2014-12-25 22:41:59 <shesek> the index is a unique trade identifier unknown to third parties
816 2014-12-25 22:41:59 <gmaxwell> You should be using a pay to contract.
817 2014-12-25 22:42:14 <shesek> pay to contract?
818 2014-12-25 22:42:31 <gmaxwell> which is pubkey+G*HMAC(key=pubkey,data=data)
819 2014-12-25 22:43:25 <gmaxwell> Which is provably binding, e.g. the resulting key is a computationally unforgable hash of the trade data.
820 2014-12-25 22:44:01 <gmaxwell> (thats not so for the pubkey+G*H(trade_data) construction.)
821 2014-12-25 22:44:48 <gmaxwell> You'll probably also want to have some constraint on the data e.g. begins with 'Bitrated2' or something to prevent emulation by other things using a similar construction.
822 2014-12-25 22:45:12 <gmaxwell> shesek: see also https://github.com/Blockstream/contracthashtool
823 2014-12-25 22:46:54 <shesek> yeah, that's probably a good idea. I'm putting "bitrated-..." as a salter for my KDF (for key stretching), I'll do it there too
824 2014-12-25 22:47:54 <gmaxwell> hopefully your KDF isn't just a brainwallet?
825 2014-12-25 22:49:24 Adlai` is now known as adlai
826 2014-12-25 22:49:34 <shesek> no; its scrypt (N=16, r=8, p=1) over a password I'm generating for the user (154 bits of entropy)
827 2014-12-25 22:50:30 <shesek> (that's to arrive at the main public key for the user, used for authentication and authorizing operations; that key is then scrypted again with a user-provided password to arrive at the master key I'm using for the multisig itself)
828 2014-12-25 22:50:40 n0n0 has quit (Read error: Connection reset by peer)
829 2014-12-25 22:51:31 <gmaxwell> key point being "over a password I'm generating" good. :)
830 2014-12-25 22:52:03 jprichar_ has joined
831 2014-12-25 22:52:05 <shesek> hmm, so, would you use bip32 or just work with plain derivation instead?
832 2014-12-25 22:52:20 jprichardson has quit (Ping timeout: 240 seconds)
833 2014-12-25 22:52:28 <shesek> I could use H(trade_data) as a one time "chain code" for each derivation... isn't exactly the way bip32 is meant to work, but... it could work
834 2014-12-25 22:52:58 <shesek> alternatively, I could use a known public chain code (or just use none at all, which is pretty much the same I believe?) and use H(trade_data) as the index
835 2014-12-25 22:53:52 <shesek> though, then my H(trade_data) is going to get trimmed to 2^31 bits
836 2014-12-25 22:54:23 <gmaxwell> Well, BIP32 used that way is a valid pay to contract construction.
837 2014-12-25 22:54:35 <gmaxwell> "that way" meaning as the chain code.
838 2014-12-25 22:55:14 <gmaxwell> just use index 0. (or the first one where the derrivation doesn't fail)
839 2014-12-25 22:55:30 <gmaxwell> You'd also gain some basic compatiblity with BIP32 software that way.
840 2014-12-25 22:55:55 <gmaxwell> e.g. have a fighting chance of getting some hardware signer like btcchip working with it.
841 2014-12-25 22:55:57 nsh_ has quit (Ping timeout: 245 seconds)
842 2014-12-25 22:56:34 <shesek> well, it would probably require importing multiple different extended master keys (each with a different chain code) for each regular key
843 2014-12-25 22:56:59 <gmaxwell> yes, I think btcchip is fine with this. e.g. when you ask it to sign you give it the chain code and index.
844 2014-12-25 22:57:21 <shesek> ah, really? that's good
845 2014-12-25 22:57:45 <gmaxwell> I haven't spent much time with it, but thats my recollection.
846 2014-12-25 22:57:47 <shesek> well, I'll go with that, then. BIP32, one-time unique chain codes, index 0
847 2014-12-25 22:58:09 <shesek> thanks for the help, greg. much appreciated!
848 2014-12-25 22:58:29 <gmaxwell> that also gives you the good strong binding property. So you can prove to a third party what the contract was later, if needed.
849 2014-12-25 22:58:33 <gmaxwell> No problem.
850 2014-12-25 22:58:54 <shesek> gmaxwell, yep
851 2014-12-25 22:59:40 <shesek> I also have the users sign the contract, but the contract being hashed into the derivation index as a way to prove what was the contract is also something I had in mind
852 2014-12-25 23:00:31 <gmaxwell> yea, it's just important that the pubkey be in the hash if you're going to do that. or otherwise someone can engage in funny business.
853 2014-12-25 23:03:46 <gmaxwell> shesek: so if you might want to reveal contracts in a dispute I have another construction that you might want to consider using, perhaps in a later version.   It lets you hash a document such that you can reveal only some byte ranges and still check the hash.  E.g. I could show someone else the signed (or pay-to-contract) committed contract but blot out the delivery address.
854 2014-12-25 23:04:23 lclc_bnc is now known as lclc
855 2014-12-25 23:05:11 hearn has joined
856 2014-12-25 23:05:33 gonedrk has joined
857 2014-12-25 23:06:47 <shesek> gmaxwell, my trade data is a JSON object (lets say, `{product:<string>, price: <int>, address: <string>}`). I was actually thinking of first hashing each field (`{product:H(<string>), price: H(<int>), ...}`), then hash that whole thing, to arrive at something that provides a similar functionality to what you described
858 2014-12-25 23:07:23 <gmaxwell> shesek: well take care, if some of the fields have low entropy you can guess and check them.
859 2014-12-25 23:07:36 Techguy305 has quit (Quit: KVIrc 4.2.0 Equilibrium http://www.kvirc.net/)
860 2014-12-25 23:07:37 <shesek> yep, I thought about that too
861 2014-12-25 23:07:53 <shesek> was thinking of adding some nonce for that
862 2014-12-25 23:08:28 <gmaxwell> my structure takes it to the logical conclusion, and avoids having extreme inefficiency from sending lots of nonces.
863 2014-12-25 23:08:55 hmsimha has joined
864 2014-12-25 23:09:19 <shesek> sounds great. I would love to learn more about that construction. do you have a writeup somewhere?
865 2014-12-25 23:09:55 b_lumenkraft has quit (Quit: b_lumenkraft)
866 2014-12-25 23:10:18 <gmaxwell> First notion, let me introduce to you the concept of a tree structured CSPRNG. Silly example, SHA512, put a 256 bit secret in, get a 512 bit derrived secret out, which you take as two 256 bit secrets. So it's an expander.
867 2014-12-25 23:10:45 <gmaxwell> Now take your message, hash it linearly like normal, we'll use this as our master nonce secret.
868 2014-12-25 23:11:32 <gmaxwell> using that master nonce secret, recursively apply the tree-CSPRNG to get yourself a 256 bit secret for every byte in the message. Like building a merkel tree, but backwards.
869 2014-12-25 23:12:27 <gmaxwell> Now build up a hash tree over the byte, nonce pair.   Root of the tree is your hash.
870 2014-12-25 23:13:41 <gmaxwell> To reveal a segment of bytes to a party, find the highest set of nodes in the secret key that cover only the data you want to reveal, and give them them along with the revealed data.
871 2014-12-25 23:13:51 <gmaxwell> and the off-path hashes for the non-revealed data.
872 2014-12-25 23:14:20 <shesek> sorry, I have to run off - be back later
873 2014-12-25 23:14:22 <gmaxwell> and now they can verify agreement. Worst case amount of overhead is O(log2(bytes))
874 2014-12-25 23:14:25 <gmaxwell> K ttyl.
875 2014-12-25 23:15:55 Diablo-D3 has joined
876 2014-12-25 23:19:41 alferz has quit (K-Lined)
877 2014-12-25 23:31:54 hearn has quit (Quit: Textual IRC Client: www.textualapp.com)
878 2014-12-25 23:32:34 benrcole has joined
879 2014-12-25 23:34:33 Blackreign has joined
880 2014-12-25 23:34:46 Blackreign has quit (Changing host)
881 2014-12-25 23:34:46 Blackreign has joined
882 2014-12-25 23:35:00 Dizzle has quit (Quit: Leaving...)
883 2014-12-25 23:44:56 won9 has joined
884 2014-12-25 23:48:26 Elglobo has quit (Read error: Connection reset by peer)
885 2014-12-25 23:51:45 Elglobo has joined
886 2014-12-25 23:52:30 JackH has quit (Ping timeout: 258 seconds)
887 2014-12-25 23:55:05 Bwild has quit (Ping timeout: 255 seconds)
888 2014-12-25 23:55:24 felipelalli has joined
889 2014-12-25 23:55:57 Elglobonoob has joined
890 2014-12-25 23:57:50 Starduster_ has joined