c-cex-yuriy has quit [Quit: Connection closed for inactivity]
prodatalab_ has joined #bitcoin-wizards
prodatalab_ has quit [Quit: Konversation terminated!]
prodatalab__ has joined #bitcoin-wizards
jouke has quit [Ping timeout: 245 seconds]
nemild has joined #bitcoin-wizards
priidu has quit [Ping timeout: 246 seconds]
chmod755 has quit [Quit: Leaving]
rusty has joined #bitcoin-wizards
nessence_ has quit [Remote host closed the connection]
nessence_ has joined #bitcoin-wizards
darwin_ has quit [Read error: No route to host]
jouke has joined #bitcoin-wizards
darwin_ has joined #bitcoin-wizards
nessence_ has quit [Ping timeout: 265 seconds]
prodatalab has joined #bitcoin-wizards
prodatalab__ has quit [Ping timeout: 256 seconds]
ThinThread has joined #bitcoin-wizards
<ThinThread>
can i make a relay program that listens to public channel like twitter hashtag for covert control messages that adversary who siezes machine relay program running cannot determine controller?
<ThinThread>
i was thinking i could multiply each tweet by cipher text with homomorphic encryption
<ThinThread>
dont really see how to impelement the desired functionality as matrix multiplies but maybe is possible
someguy has joined #bitcoin-wizards
alephbet has joined #bitcoin-wizards
llllllllll has quit [Ping timeout: 244 seconds]
shen_noe has joined #bitcoin-wizards
nwilcox has quit [Ping timeout: 240 seconds]
NewLiberty has quit [Ping timeout: 265 seconds]
snakesandbarrels has joined #bitcoin-wizards
metamarc has quit [Ping timeout: 265 seconds]
n0n0_ has quit [Ping timeout: 264 seconds]
prodatalab has quit [Read error: No route to host]
prodatalab has joined #bitcoin-wizards
cypher__ has joined #bitcoin-wizards
belcher has quit [Quit: Leaving]
snakesandbarrels has quit [Ping timeout: 272 seconds]
snakesandbarrels has quit [Ping timeout: 240 seconds]
metamarc has quit [Ping timeout: 245 seconds]
Dr-G has joined #bitcoin-wizards
Dr-G2 has quit [Ping timeout: 276 seconds]
p15 has joined #bitcoin-wizards
cypher__ has quit [Ping timeout: 245 seconds]
<gmaxwell>
ThinThread: you want a wet paper code.
<gmaxwell>
though temporal sequencing, if visible to the attacker can break the privacy.
<gmaxwell>
but if you assume that the attacker can't tell what order messages were authored in, then you can make it so that it's undecidable which message conveyed the secret message, even if there is only a small amount of malleability.
goregrind has quit [Read error: Connection reset by peer]
zooko has joined #bitcoin-wizards
zooko has quit [Remote host closed the connection]
AlexStraunoff has quit [Ping timeout: 252 seconds]
RoboTeddy has quit [Remote host closed the connection]
koshii has joined #bitcoin-wizards
jtimon has joined #bitcoin-wizards
rubensayshi has joined #bitcoin-wizards
c-cex-yuriy has joined #bitcoin-wizards
antanst has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
NewLiberty has joined #bitcoin-wizards
fanquake1 has joined #bitcoin-wizards
kgk has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
fanquake has quit [Ping timeout: 255 seconds]
kgk has joined #bitcoin-wizards
SDCDev has quit [Ping timeout: 252 seconds]
SDCDev has joined #bitcoin-wizards
ebfull has joined #bitcoin-wizards
moa has quit [Ping timeout: 264 seconds]
justanotheruser is now known as justanotherusr
SDCDev has quit [Ping timeout: 252 seconds]
SDCDev has joined #bitcoin-wizards
Tiraspol has quit [Ping timeout: 245 seconds]
Tiraspol has joined #bitcoin-wizards
n0n0_ has joined #bitcoin-wizards
sparetire_ has quit [Quit: sparetire_]
triazo has quit [Ping timeout: 252 seconds]
airbreather has joined #bitcoin-wizards
fanquake1 has quit [Ping timeout: 264 seconds]
PaulCapestany has quit [Read error: Connection reset by peer]
fanquake has joined #bitcoin-wizards
darwin_ has quit [Remote host closed the connection]
darwin_ has joined #bitcoin-wizards
cadenadelabloque has joined #bitcoin-wizards
<cadenadelabloque>
I've been doing some reading up on zero knowledge contingent payments, computational complexity theory, PSPACE(interactive proof systems), secure multiparty computations, and bitcoin contracts in general and I'm in need of some help from someone with working knowledge of them.
<cadenadelabloque>
From what I can tell, gmaxwell (who proposed CoinSwap) is likely to not only understand these concepts but have actually written code for them, but I can't seem to find any examples or samples online anywhere from him or anyone else, only theories and discussions.
kgk has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
[d__d] has quit [Remote host closed the connection]
<cadenadelabloque>
I've got a job offer for anyone who has experience in these areas and can write some "simple" code to allow a trustless agreement to pay based on user supplied data or random input.
[d__d] has joined #bitcoin-wizards
<midnightmagic>
.. not really topical..
<cadenadelabloque>
Ideally what I want is some code that allows 2 or more parties to perform rock-scissors-paper and force the loser's funds to the winner, cryptographically.
<cadenadelabloque>
According to this whitepaper (http://eprint.iacr.org/2013/784.pdf), it's already been done to a degree, I just don't understand how it was done.
<cadenadelabloque>
I gather it's done using hashes of choices and some OP_CODE that incorporates a multiparty transaction of sorts(?), but to put that into a code that can be generated on the fly is beyon my pay grade.
<cadenadelabloque>
Rather, I'd prefer paying someone whos pay grade it is not beyond so that it doesn't take me 20 years to accomplish it! :)
<midnightmagic>
cadenadelabloque: Consider making job offers in a place like #bitcoin-otc or one of the bitcoin job boards.
Guyver2 has joined #bitcoin-wizards
<cadenadelabloque>
I was actually referred here because of the specific needs. I'm pretty sure if anyone can do it, it'll be someone here.
<cadenadelabloque>
I was also under the impression #bitcoin-otc was mostly for traders. I'll check it out.
Mably has quit [Ping timeout: 246 seconds]
Cory has quit [Ping timeout: 265 seconds]
moa has joined #bitcoin-wizards
Cory has joined #bitcoin-wizards
<nsh>
amiller, thanks!
Mably has joined #bitcoin-wizards
catlasshrugged has quit [Read error: Connection reset by peer]
catlasshrugged has joined #bitcoin-wizards
cadenadelabloque has quit [Ping timeout: 246 seconds]
damethos has quit [Remote host closed the connection]
damethos has joined #bitcoin-wizards
antanst has left #bitcoin-wizards [#bitcoin-wizards]
prodatalab has joined #bitcoin-wizards
shesek has quit [Ping timeout: 240 seconds]
airbreather has quit [Remote host closed the connection]
chmod755 has joined #bitcoin-wizards
shesek has joined #bitcoin-wizards
ThomasV has quit [Quit: Quitte]
adam3us has joined #bitcoin-wizards
www has quit [Ping timeout: 244 seconds]
moa has quit [Quit: Leaving.]
adam3us has quit [Quit: Leaving.]
Quanttek has joined #bitcoin-wizards
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
nessence has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 246 seconds]
pollux-bts has joined #bitcoin-wizards
gill3s has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
eudoxia has joined #bitcoin-wizards
Mably_ has joined #bitcoin-wizards
Mably has quit [Ping timeout: 246 seconds]
Relos has joined #bitcoin-wizards
yoleaux has quit [Quit: dpk made me do it!]
yoleaux has joined #bitcoin-wizards
Mably_ is now known as Mably
LeMiner has quit [Read error: Connection reset by peer]
fanquake has quit [Ping timeout: 276 seconds]
AaronvanW has joined #bitcoin-wizards
zwick has joined #bitcoin-wizards
fanquake has joined #bitcoin-wizards
p15_ has quit [Ping timeout: 245 seconds]
fanquake has quit [Client Quit]
p15 has joined #bitcoin-wizards
orperelman has joined #bitcoin-wizards
p15_ has joined #bitcoin-wizards
gill3s has joined #bitcoin-wizards
p15 has quit [Ping timeout: 256 seconds]
Adlai has quit [Ping timeout: 245 seconds]
<JackH>
!seen hearn
<gribble>
hearn was last seen in #bitcoin-wizards 22 hours, 36 minutes, and 50 seconds ago: <hearn> yeah, i'm getting rather tired of it myself.
Adlai has joined #bitcoin-wizards
davi has joined #bitcoin-wizards
LeMiner has joined #bitcoin-wizards
orperelman has quit [Ping timeout: 276 seconds]
priidu has quit [Ping timeout: 244 seconds]
priidu has joined #bitcoin-wizards
nwilcox has joined #bitcoin-wizards
damethos has quit [Quit: Bye]
damethos has joined #bitcoin-wizards
damethos has quit [Client Quit]
jtrag has joined #bitcoin-wizards
orperelman has joined #bitcoin-wizards
Zooko-phone has joined #bitcoin-wizards
DougieBot5000 has joined #bitcoin-wizards
* nsh
is somewhat surprised by how seriously amiller's advisor appears to be taking ethereum
triazo has joined #bitcoin-wizards
temujin has joined #bitcoin-wizards
<ThinThread>
ah damn didnt see if anyone answered my question yesterday
<nsh>
<gmaxwell> ThinThread: you want a wet paper code.
<nsh>
<gmaxwell> though temporal sequencing, if visible to the attacker can break the privacy.
<nsh>
<gmaxwell> but if you assume that the attacker can't tell what order messages were authored in, then you can make it so that it's undecidable which message conveyed the secret message, even if there is only a small amount of malleability.
<fluffypony>
nsh: sometimes clever people don't realise they're being duped if there's enough technical hand-waving
nubbins` has joined #bitcoin-wizards
<nsh>
mebbes
<ThinThread>
thanks nsh!
<nsh>
np
<nickler>
nsh: "They have real cryptographers in their board: Koblitz and Merkle." - Nicolas Courtois
<nsh>
my position is that it's all grist for the mill, and even if it doesn't work out as currently envisioned, there will be useful results
<nsh>
so i don't demean any of it, i just have theoretical reservations
nubbins` has quit [Client Quit]
Zooko-phone has quit [Ping timeout: 256 seconds]
zooko has joined #bitcoin-wizards
damethos has joined #bitcoin-wizards
nubbins` has joined #bitcoin-wizards
lnsybrd has joined #bitcoin-wizards
nubbins` has quit [Quit: Quit]
zooko has quit [Read error: Connection reset by peer]
prodatalab has quit [Read error: No route to host]
prodatalab_ has joined #bitcoin-wizards
jtrag has joined #bitcoin-wizards
<nwilcox>
nsh: Just my guess, but amiller's advisor's research interests include programming language security, so the PL interface to Ethereum is probably attractive to experiment with.
* nsh
nods
SDCDev has quit [Ping timeout: 265 seconds]
nessence has quit [Read error: Connection reset by peer]
kmels has joined #bitcoin-wizards
<ThinThread>
gmaxwell; nice @ wet paper codes. yeah temporal sequencing is a problem. i was thinking that the trigger when multiplied by ciphertext could put it into a countdown state, where each successive tweets multiplication would only advance countdown towards ciphertext assuming trigger value
<ThinThread>
but dunno how you can actually do that. i dont see any results about how you can make a turing machine with matrix multiplies or anything close
_biO_ has quit [Remote host closed the connection]
zooko has joined #bitcoin-wizards
Burrito has joined #bitcoin-wizards
eudoxia_ has joined #bitcoin-wizards
StephenM347 has joined #bitcoin-wizards
eudoxia has quit [Read error: Connection reset by peer]
<nsh>
'blinkered' is pretty common as an adjective in the UK to refer to that sort of narrow-minded headlong rushing confidence
p15_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<nsh>
or politics, as it's colloquially termed
jtrag has joined #bitcoin-wizards
<gmaxwell>
It was familar to me too. :)
damethos has quit [Ping timeout: 264 seconds]
<nsh>
(aye, didn't mean to suggest exclusively, just can't talk for other anglolands)
<nsh>
(due to not having stayed in any extensively)
<gmaxwell>
cadenadelabloque: The ZKCP protocol was my 'invention' too. It's not actually been put into production yet; though as the page now reflects the science is ready for it.
prodatalab has joined #bitcoin-wizards
<fluffypony>
nsh: well South Africa still retains its colony tattoo :-P
zooko has quit [Ping timeout: 252 seconds]
<gmaxwell>
cadenadelabloque: I've also seperately described an efficient protocol that is not ZK for fair contracts for certian kinds of games (e.g. determinstic ordered turn games without secret state); but not fully implemented it yet; though I hope to do so somewhat soon.
gill3s has joined #bitcoin-wizards
<nsh>
gmaxwell, neat. one of the videos from simons institute i posted yesterday (and some pdfs by the same folk) was quite similar sounding. secure computing through an ideal refund-with-penalty multisig timeloack predicate and complex n-party protocols composed from 2-party stateless protocols
<yoleaux>
How to use Bitcoin to Enhance Secure Computation - YouTube
<nsh>
(uses SNARKS for some constructions, and something about currently-disabled bitcoin opcodes, or a slightly vague 'miners do it for increased fees' alternative which may be more dubious)
<nsh>
sorry, claim-or-refund is what they call their primitive
<yoleaux>
"UPPAAL is an integrated tool environment for modeling, validation and verification of real-time systems modeled as networks of timed automata, extended with data types (bounded integers, arrays etc.)." — https://en.wikipedia.org/wiki/Uppaal_Model_Checker
wallet42 has quit [Quit: Leaving.]
bramc has joined #bitcoin-wizards
<bramc>
What have gavin and mhearn said about bip100?
<gmaxwell>
nsh: yea, it's a somewhat obvious approach once you think about it, thus my quotes around invented.
* nsh
nods
<kanzure>
what if someone writes a patch that rejects blocks iwth the other version number in it
<kanzure>
i guess that's just an early fork
<kanzure>
but it's better than a delayed hard-fork
<nsh>
what if everybody writes their own consensus-breaking fork proposal and we all dance around a bonfire and throw them all in
<nsh>
and then be done with it
<kanzure>
i don't know what bonfires have to do with it
<nsh>
they make things go away
<nsh>
when used appropriately
<kanzure>
writing and deploying a patch to stop a contentious hard-fork would be pretty helpful i think
<nsh>
also there's some sort of reference to fighting fire with fire :)
<kanzure>
well if nobody relays the new version number then there's no last-minute game of chicken regarding a hard-fork
<kanzure>
(during the "grace period")
<nsh>
it's arguably as bad as the threat it intends to mitigate
<kanzure>
could you attempt to make that argument please
<nsh>
because obviously gavin and mike would NACK such a version lock-up update, if they were asked, and to do it anyway is just as much an abandonment of process as the unilateral fork proposal (threat)
<nsh>
retrospective cynicism is sometimes appropriate. speculative cynicism is usually bad
<bramc>
gmaxwell, Has anybody figured out the issues of needing a trusted setup for ZK?
<kanzure>
yes, well you will never see the peanut gallery telling you "we are proceeding with it anyway" (actually they have, oops!)
<bramc>
kanzure, nsh I'm not sure what you're saying
<kanzure>
so in the context of a hostile contentious hard-fork, rolling out something faster to protect the system from multi-chains seems prudent. the companies that they convince will operate the patch that has the grace period, and everyone else will reject their version number blocks in the mean time anyway.
<nsh>
kanzure is suggesting that an update is released that preempts and prevents a nonconsensus hard-fork attempt
<gmaxwell>
bramc: for SNAKRS? there are other candidate constructions outside of the CRS model, though they'll be less efficient (larger proofs, like tens of kb). And AFAIK haven't yet been build but people are working on it.
<kanzure>
nsh: right, something that breaks down the scheduling of the hard-fork patch's "activation" (it's already activated, of course, the moment it goes in)
<nsh>
which is a very conservative/protectionist move and will be taken as badly as you can imagine anything being taken
<bramc>
There's already something which 'prevents' a nonconsensus hard-fork update. It's called the bitcoin codebase :-P
<kanzure>
however, i am not advocating for this solution, just contemplating or speculating its possibility
<nsh>
and will not help us achieve a consensus process for adding headroom in blocksize
<kanzure>
bramc: can you explain how it does that?
<nsh>
unless consensus-by-virtue-of-alienation counts, which it shouldn't
<bramc>
kanzure, the bitcoin codebase rejects hard forks. That's why they're called hard forks.
<kanzure>
bramc: specifically the context here is someone has said "i have convinced companies to run my patch, i'm doing this anyway, see you later"
<kanzure>
bramc: yes, well not everyone runs that code base
<bramc>
kanzure, Has Gavin said that in so many words?
<kanzure>
!!!
<gribble>
Error: "!!" is not a valid command.
<nsh>
bramc, the current position seems to be that they will make BIP proposal, with working code, and give some time for it to be evaluated, but reserve the right afterwads to go ahead unilaterally
<nsh>
there was an attempt to soften this position yesterday but it didn't seem to get anywhere
<bramc>
We need to start explaining to journalists what a clusterfuck a hard fork is. There *will* be two chains, they *will* both survive, and both wallets and exchanges *will* need to start treating them as sort of two separate currencies.
<nsh>
can we hardfork dogecoin for didactic purposes?
<nsh>
people would probably get upset
<kanzure>
there have been some other hard-forks in the past, like elielcoin or something? that's a recent one.
<bramc>
It's funny the conspiracy theories which don't exist. We don't believe that openssl was created to sneak security problems into things. We don't believe that Applied Cryptography was written to get people to design insecure protocols. And we don't believe that Gavin is trying to tank bitcoin
<kanzure>
er there's also the other g man
<kanzure>
wait, that's ambiguous
<bramc>
Although there's so much obvious evidence for all these things. They only require one conspirator, and if that conspirator was really conspirating they sure did a shitty job of covering their tracks.
<kanzure>
(it's not just gavin; and the other one doesn't have a g in his name, so that doesn't work. oops.)
<gmaxwell>
The prior on "dumb shit happens" is so amazingly high that its hard to give any other theory credibility.
<kanzure>
yeah, i think that "oops" is still a reasonable explanation, although not the only possible explanation
jposner has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
<bramc>
Can anyone think of a case of a bdfl getting kicked out?
<kanzure>
nsh: so your argument is that we should relay blocks that are communicating support for a hard-fork that has a high likelihood of fragmenting the network. why?
<kanzure>
bramc: we don't have a bdfl
<bramc>
kanzure, The media portrays gavin as the bdfl
<kanzure>
the media also portrays bitcoin as anonymous
<bramc>
I didn't say they're right.
<bramc>
If there is a fork between big-bitcoin and little-bitcoin, is there a way of crafting transactions so they'll get accepted by one but not the other?
<maaku>
bramc: we never had a bdfl
wallet42 has joined #bitcoin-wizards
<maaku>
bramc: sure, double spend
<maaku>
bramc: generate a transaction >1MB in size
<bramc>
maaku, the frequency with which double spend works depends on whether the two networks manage to separate completely or there's a transactions bridge between them
<maaku>
bramc: a >1MB transaction won't bridge
<gmaxwell>
bramc: you can also derrive your transaction out of coinbase outputs made post-fork.
<bramc>
maaku, Let's assume that a >1mb transaction is unacceptable generally
<kanzure>
crafting transactions out of two blockchains only solves parts of the problem; ther'es also ledger reconciliation issues to be aware of, incompatible software, fragmentation of the business ecosystem, etc.
<bramc>
gmaxwell, There's a chance that transactions will usually be applied to both, even if they don't mean to.
<bramc>
kanzure, the inevitable result of a hard fork is two separate cryptocurrencies both called bitcoin
<ajweiss>
no bdfl, more like a central committee of cryptophile programmers who shepherd and lead the cryptoproleteriat in building the one true ledger state
<kanzure>
ajweiss: that's a misrepresentation of what's going on
<ajweiss>
it's a joke.
<kanzure>
don't those have to be funny
<bramc>
Is there anything in mhearn's patch besides changing a constant?
<kanzure>
bramc: there's a "grace period" after blocks with the version number show up
<nwilcox>
bramc: If there is a hard fork, and no way for users to differentiate the units on different forks, seems bad for users.
<kanzure>
there's a long list of problems that arise
<nwilcox>
-but that's just one of many problems.
<nsh>
bramc, mike isn't making a patch, as i understand it, gavin is, and presumably it's more complex than that as he's still in testing phase
<nsh>
and intends to draft a BIP
<kanzure>
(see the link)
<morcos>
one of the issues i've been wondering about is what will the legal implications be for companies holding bitcoin balances for users, they will probably have to support both forks
<nsh>
morcos, feel free to wonder about that in depth, in a public blog post
<nsh>
:)
<zooko>
nwilcox: this is the genesis of Ian Grigg's notion of the Ricardian Contract, I think.
<fluffypony>
nsh: on medium
* nsh
smiles
<zooko>
nwilcox: Sorry if I was dismissive earlier, but actually now that I'm less grumpy, your idea of using the earliest unique block id as the fork id is excellent!
<fluffypony>
because that's the best forum for it
<bramc>
Forks are a Bad Thing
<ThinThread>
can i spent my bitcoin twice on each branch of fork?
<kanzure>
not always
<morcos>
and once on each branch might be easier
<nsh>
not even once on each branch, except in some circumstances :)
<ThinThread>
so are bitcoin forks basically like stock splits
<maaku>
what? no
<maaku>
they are nothing like stock splits
<bramc>
Gavin is really sounding out of control. His approach to dealing with the rancor against his proposed hard fork is to make the limit go up exponentially in perpetuity? Yeah, great way to get people on your side.
<gwillen>
ThinThread: there's not a clean separateion of the two sides. Some transactions will go through on one side only, some will go through on both.
<ThinThread>
ah i see
<gwillen>
ThinThread: initially coins will be "in sync" on both sides, but as transactions fail to clear on both sides (e.g. because you mix in some coins generated after the form), they will fall "out of sync"
<bramc>
ThinThread, Yes each coin basically splits in two, but it isn't clear how easy it might be to actually get your coins to separate, hence my earlier question about getting accepted on either side
<gwillen>
so you'll have a mixture of coins on one side, the other, or both, depending on where they came from
<gmaxwell>
zooko: there is an old proposal of mine that transactions should be able to 'checkpoint' what chains their fees are payable in.
<nwilcox>
ThinThread: Imagine every user and exchange and miner was clear which fork a txn "belonged" to. Then you could treat the two forks as two currencies.
<kanzure>
gmaxwell: yes that would help, although of course a fork could ignore those rules, heh
<nwilcox>
They'll probably be currencies which are in catastrophic economic collapse, though...
<gmaxwell>
zooko: which was intended to address the problem that your transaction pays the honest network and a forking attacker equally. (assuming it can be mined in both)
<kanzure>
it is wrong to think about two currencies really; there's no way that will be a stable result of this
<bramc>
oh, here's a thought: Once the two chains get slightly out of sync on time, you can use timelock and malleability
<gmaxwell>
kanzure: yes, it wasn't a tool intended against hardforks, just against reorg attacks.
<kanzure>
i mean yes that will technically exist for a few minutes or hours or something
<zooko>
gmaxwell: neat!
<gwillen>
in principle, if all the software were designed to treat coins carefully with regard to which chain recognizes them, you could have two currencies
wallet42 has quit [Quit: Leaving.]
<gwillen>
in practice it's not and you will have a big fucking mess
<nwilcox>
ThinThread: However, without code changes: people won't be clear on forks and (some) txns can be replayed between forks.
<zooko>
gmaxwell: will add that to my big book of maybes.
<kanzure>
zooko: it's mentioned on the wiki
<bramc>
gwillen, inevitably it would get there eventually, but yeah big fucking mess for a long time
jgarzik has quit [Quit: Leaving]
<gwillen>
bramc: I expect one or both of them would die before then
<nwilcox>
kanzure: Yes, I agree that the two currenies ideas is very unlikely.
<kanzure>
and also there might be more than two blockchain forks during this time
<kanzure>
because perhaps the network is not well-connected
<gwillen>
also, one of the sides would presuambly be limping along with negligible hashpower
<gwillen>
which would make it extremely prone to attacks
<kanzure>
e.g. the topology of the network after the hard-fork could be such that different forks start happening for hours in different segments of the network
<bramc>
gwillen, It's extremely difficult for either of them to completely die once they have any momentum, and people will hang onto whatever coins they have as long as they're worth *something*
<kanzure>
e.g. especially if nodes start dropping connections due to non-rule-following
<bramc>
gwillen, The hashpower of each side will be directly proportional to their rewards
<bramc>
Also notably, there's no proposal to allow merge-mining. Gavin seemed confused when I suggested it.
<gwillen>
bramc: rewards as denominated in external currency, though. So whichever side has more valuable coins will get more hashpower, but probably whichever side has more hashpower will get more valuable coins
<bramc>
kanzure, There's likely to be two separate networks due to dropping for non-rule-following
<kanzure>
or more than 2
wallet42 has joined #bitcoin-wizards
<bramc>
gwillen, Its not like one side wins over the other. They each get hashpower proportional to their value.
<kanzure>
why would it be proportional to anything? why not "proportional to the hashrate that was pointed at that chain and rule set"?
<gwillen>
kanzure: if both sides' generated coins are trading at independent values, people will mine them proportional to the values they trade at
<gwillen>
for optimum reward
wallet42 has quit [Client Quit]
<bramc>
kanzure, for any altcoin its hashpower will wind up being about proportional to its rewards, because that's the point at which ROI of doing more goes negative
<gwillen>
I expect we will not end up with both sides trading at stable independent values though
<bramc>
It seems likely, of course, that the value of both forks would tank rapidly.
<gwillen>
yeah
antanst has joined #bitcoin-wizards
<ajweiss>
depends on what the exchanges do
<ThinThread>
are bitcoin forks the only way to see what the consensus really is? ie whose fork has most miners
<kanzure>
"most miners" is not the way to decide anything
<kanzure>
the absolute number of miners is non-detectable in this system anyway
<ThinThread>
well theres no good way to decide anything
<jposner>
"most difficulty"
<ThinThread>
the supreme court is crap
<bramc>
ThinThread, For multiple forks on the same chain, which happen all the time, the rule is that greater work total wins. For hard forks, they're different chains, and there's no way any of them can kill off the other
nwilcox has quit [Ping timeout: 256 seconds]
<kanzure>
nsh: so your argument is that we should relay blocks that are communicating support for a hard-fork that has a high likelihood of fragmenting the network. why?
<kanzure>
nsh: you might be right, but i would need your elaboration
<jposner>
bramc, but even with a hard fork, there will only be 1 chain with the most work
rusty has joined #bitcoin-wizards
nwilcox has joined #bitcoin-wizards
<kanzure>
jposner: it's most work plus validity
<bramc>
jposner, That won't result in the other dieing though
<kanzure>
one of them will not be valid according to various rules
<fluffypony>
jposner: for valid blocks yes, but that's also "eventually"
<jposner>
bramc, no it won't kill the others, just as bitcoin hasn't killed alts
<fluffypony>
which could take hours or days or weeks to resolve if the split is quite fine
<gwillen>
13:14:34 < ThinThread> well theres no good way to decide anything
<kanzure>
proof-of-work
<gwillen>
ThinThread: you have identified the fundamental problem inherent in organizing humans together for a common task ;-)
<bramc>
There's something about the miners in china having met and 'decided' on 8mb, presumably as a 'compromise', does anybody have a source for this?
<zooko>
gmaxwell, kanzure: could you give me a link to the documentation of the idea of transactions being required to include the hash of a recent block?
<kanzure>
bramc: started with a few emails on bitcoin-development; then there was some statement posted to reddit; then there was some news article.
<gwillen>
ThinThread: the choices are "democracy", "dictatorship", and "shrug, let's see what happens", and we're currently working our way through the third one
<bramc>
fluffypony, Is there a transation? I don't speak or read chinese
<ajweiss>
woah cool chinese stamps!
<jposner>
one cpu, one vote
<kanzure>
gwillen: that's not right; there are far more options than that. and it's wrong to describe this as "let's see what happens"... bitcoin.pdf basically describes this as "the only way to know is to see all the transactions and run the rules". spv is mentioned, sure, but that's different.
<fluffypony>
jposner: what do you do about virtual CPUs, then?
<kanzure>
jposner: it's nothing about cpus or votes
rusty has left #bitcoin-wizards [#bitcoin-wizards]
<gwillen>
kanzure: sorry, I'm being a little bit glib
<gwillen>
kanzure: and I'm not really talking about how bitcoin itself decides things, but rather about how we as a community make meta-decisions about bitcoin
blazes816 has joined #bitcoin-wizards
<kanzure>
"high orphan rate leading to hard forks down the road".. oh i guess they mean if they hard-fork it to a lower max size. well, whatever. that's true.
<kanzure>
but reorgs are not hard forks
<gwillen>
kanzure: historically the answer seems to have been 'consensus', but now we're having to answer questions like "what is consensus" and "consensus of who"
<kanzure>
gwillen: that's still the wrong representation of this; the way that bitcoin works is that everyone is personally responsible for validating the rules. it's not a consensus. it's a matter of correctness.
<jposner>
fluffypony, it's just a way of describing proof-of-work from the white paper
<kanzure>
jposner: it's a poor (and wrong) description
<fluffypony>
^^
<jposner>
glad you guys are smarter than satoshi
<bramc>
It's fair at this point to say that Gavin's gone rogue. He's preemptively going to vendors and presenting himself as the voice of sanity and reasonableness when he's in a tiny minority of those who are technically informed.
<bramc>
jposner, I don't know what you're trying to say, but knock it off with the attitude
Quanttek has joined #bitcoin-wizards
tcrypt has quit [Ping timeout: 276 seconds]
<kanzure>
jposner: that's an argument from authority, and that sort of breaks bitcoin (if you wanted authority, go use a centralized design)
darwin_ has quit [Remote host closed the connection]
<ThinThread>
TIL gavin is gmaxwell
<ThinThread>
im building dossiers
<fluffypony>
jposner: if you asked me to design a massively distributed system 5 years ago I would say things and conclude things that *would* be wrong in the face of data and hindsight
<bramc>
ThinThread, Yeah it's ironic because Gavin is supposed to be the diplomatic one who gets everybody to play nice and he's doing the exact opposite.
darwin_ has joined #bitcoin-wizards
dEBRUYNE_ has quit [Ping timeout: 272 seconds]
rusty has joined #bitcoin-wizards
nwilcox has quit [Ping timeout: 252 seconds]
<jposner>
I simply think it takes some hubris to call Satoshi's description of proof-of-work
<fluffypony>
to believe that Satoshi Nakamoto was somehow perfectly able to foresee every eventuality, every possibility, every change, is naïve at best
<kanzure>
and is disproven by the existence of soft-forks
<ThinThread>
did Gavin short bitcoin on bitfinex or something?
<ThinThread>
im trying to figure out how to trade this
<zooko>
gmaxwell: thanks.
<fluffypony>
jposner: you're misquoting him, you're making the same mistake the CryptoNote authors made
<fluffypony>
he does say "Proof-of-work is essentially one-CPU-one-vote"
<fluffypony>
but the following sentence explains
<gmaxwell>
jposner: If you'd like to talk about hubris, I suggest that you start with thinking you can fradulently claim that someone supported something they didn't support, in a discussion they are not a part of (as far as you know).
<fluffypony>
"The majority decision is represented by the longest chain, which has the greatest proof-of-work effort invested in it."
<ThinThread>
its hard to rollout technology improvements without interrupting outstanding demands of customers
nwilcox has joined #bitcoin-wizards
<kanzure>
what is wrong with hubris, again? especially in a no-authority system design?
<fluffypony>
clearly that represents "majority processing power", not literally "one-CPU-one-vote"
<kanzure>
fluffypony: and even that is unclear and ambiguous; he naturally means "the longest valid chain, which has the"
<fluffypony>
100%
<gmaxwell>
jposner: while it's impossible to say for sure what someone who hasn't entered into the discussion would say; I can easily point to where I've made the same arguments and clarify what I meant. But thats all I can do, I don't speak for anyone but myself.
<ThinThread>
any link to manifestos for both sides of the issue?
<fluffypony>
manifestos? on what, a blog post?
<ThinThread>
better yet summarized in few sentences
<kanzure>
the issue of contentious hard-forks?
<ThinThread>
hm yeah.
<ThinThread>
i guess the blocksize dispute is secondary to that
<ThinThread>
so most people are like hey dont fork stay in this together, and someone else is like no we really need this improvement were forking
<ThinThread>
i guess this day was inevitable, birds leaving nest etc
gmaxwell has left #bitcoin-wizards [#bitcoin-wizards]
n0n0_ has quit [Ping timeout: 255 seconds]
<jposner>
gmaxwell, I'm not trying to claim what Satoshi would say, I was simply trying to reference his statement from the white paper that "Proof-of-work is essentially one-CPU-one-vote."
<bramc>
ThinThread, No there's nothing inevitable about what's going on now, it's completely self-inflicted and ridiculous, with the overwhelming majority of people in the know being adamantly against it.
<jposner>
gmaxwell, there are admittedly many ways to interpret that statement
<ThinThread>
go i wish satoshi would release a signed message of guidance
<kanzure>
yes the first way to interpret it is by reading the next sentence
zooko has left #bitcoin-wizards ["must concentrate"]
jtrag has quit [Read error: Connection reset by peer]