sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
WungFu has quit [Ping timeout: 276 seconds]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Giszmo has quit [Ping timeout: 250 seconds]
cyphase has quit [Ping timeout: 265 seconds]
cyphase has joined #bitcoin-wizards
chjj_ has joined #bitcoin-wizards
chjj_ has quit [Client Quit]
chjj has quit [Quit: null]
chjj has joined #bitcoin-wizards
ale______ has joined #bitcoin-wizards
<ale______> @gmaxwell is it possible to create a provably unspendable xpub?
<nsh> to what end?
<petertodd> kanzure: never did review darkleaks IIRC
Mazz_ has quit [Ping timeout: 258 seconds]
Mazz_ has joined #bitcoin-wizards
proslogion has quit [Ping timeout: 265 seconds]
<ale______> @nsh want to create an m of n multisig address where it's only possible that m - 1 xprvs exist
JackH has quit [Ping timeout: 252 seconds]
blackwraith has quit [Ping timeout: 250 seconds]
HostFat_ has joined #bitcoin-wizards
HostFat has quit [Ping timeout: 244 seconds]
Ylbam has quit [Quit: Connection closed for inactivity]
<nsh> why not just use a non xpub key for the unspendable one?
Samdney has quit [Ping timeout: 258 seconds]
GAit has quit [Quit: Leaving.]
mdavid613 has quit [Quit: Leaving.]
GAit has joined #bitcoin-wizards
GAit has quit [Client Quit]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 244 seconds]
<andytoshi> ale______: yes, use a compressed pubkey with 0 or 5 as the x-coordinate, for example. but i suspect that whatever problem you're solving with this can be solved more efficiently
cyphase has joined #bitcoin-wizards
<ale______> andytoshi: Thanks. Can you point me to any literature on why this works? How do you think it could be solved more efficiently?
<andytoshi> ale______: what are you doing?
<ale______> andytoshi: I'm making a multi-sig address that much be m of n, so it requires n xpubs. I want to ensure that there will only be m - 1 xprvs I ever need to worry about securing. I cannot make it (m - 1) of (n - 1), because the system I'm using requires n xpubs.
<ale______> andytoshi: s/much/must
<andytoshi> ok, well the more efficient thing is to fix the underlying system :)
<andytoshi> but the reason this works is that for any x value, there are at most two elliptic curve points with said x-value. but for some x-values, there are no such points. this falls out of the definiton of the elliptic curve that bitcoin uses (y^2 = x^3 + 7 mod 2^256 - 2^32 - 977 or something)
<andytoshi> 5 is such an x-value. so you can encode a "pubkey with x-value 5" which will be encoded correctly, but not correspond to any point
<andytoshi> the bitcoin script interpreter does check pubkey encoding (under some circumstances, i'm unsure about during blockchain verification) and will reject the whole script outright if one is badly encoded
<andytoshi> but it -won't- if an invalid point is correctly encoded
NewLiberty has joined #bitcoin-wizards
NewLiberty has quit [Remote host closed the connection]
<ale______> andytoshi: excellent, thank you so much. I will play around with the secp256k1 curve equation until I'm convinced. Then figure out how to properly encode it.
pro has quit [Quit: Leaving]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
ale______ has quit [Remote host closed the connection]
bildramer has quit [Ping timeout: 240 seconds]
Samdney has joined #bitcoin-wizards
bildramer has joined #bitcoin-wizards
Samdney has quit [Ping timeout: 258 seconds]
Alopex has quit [Remote host closed the connection]
zooko has quit [Ping timeout: 252 seconds]
Alopex has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 258 seconds]
cyphase has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 258 seconds]
ale______ has joined #bitcoin-wizards
ale______ has quit [Ping timeout: 240 seconds]
ale______ has joined #bitcoin-wizards
ale______ has quit [Ping timeout: 250 seconds]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
asynk has quit [Read error: Connection reset by peer]
asynk has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
alex___ has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
<alex___> andytoshi: what should I put for the y-value if I choose an x-value of 5? I need to encode the public key with 0x04 + 32-bit big-endian x value + 32-bit big-endian y-value.
Alopex has joined #bitcoin-wizards
<gmaxwell> alex___: anything you want, but ... what the heck are you doing where you're required to use a certian number of keys and they must be uncompressed?!
<alex___> I'm using BitGo's API which only makes 2 of 3 multisig addresses. I want to create a wallet, and the function I'm using requires 3 keypairs to be passed in.
<alex___> I only care about 2 of the keypairs (one which a customer which generate client-side, the other I generate on my own server), so this 3rd keypair is really just a liability.
<alex___> If I or the customer were to generate the 3rd keypair ourselves and then were to be compromised, the attacker could then sign their own transactions.
<alex___> So I want this 3rd key to have no private key (i.e. provably unspendable) so that an attacker could only spend from the address if both I and the customer were to be compromised.
<alex___> If there's a better way to approach this, I'd love to know!
oleganza has quit [Quit: oleganza]
oleganza has joined #bitcoin-wizards
oleganza has quit [Client Quit]
<gmaxwell> I'm going to guess that their API will validate the keys, so you won't be able to do that.
<gmaxwell> so first, you should probably ask them to support 2 of 2. At least ask. :)
<gmaxwell> If you're going to work around it this way, you can generate a nothing up my sleeve pubkey... for which a private key exists but no one knows it.
alex___ has quit [Remote host closed the connection]
<mryandao> oh he left :(
<gmaxwell> yes, thats why I stopped talking.
alex___ has joined #bitcoin-wizards
<alex___> gmaxwell: OK thanks for the suggestions (and sorry, I didn't know bitcoin-wizards wasn't for short-term development. I'll move to bitcoin-dev)
<mryandao> if i'm doing something related to atomic coin swaps, would this be the right channel to share my thoughts?
<mryandao> or should i move to #bitcoin-dev too?
wangchun has quit [Quit: leaving]
wangchun has joined #bitcoin-wizards
HostFat_ has quit [Ping timeout: 244 seconds]
alex___ has quit [Remote host closed the connection]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 265 seconds]
BashCo has quit [Remote host closed the connection]
alex___ has joined #bitcoin-wizards
alex___ has quit [Remote host closed the connection]
markus-k has joined #bitcoin-wizards
alex___ has joined #bitcoin-wizards
ale______ has joined #bitcoin-wizards
bildramer has quit [Ping timeout: 250 seconds]
alex___ has quit [Ping timeout: 252 seconds]
BashCo has joined #bitcoin-wizards
markus-k has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
BashCo_ has joined #bitcoin-wizards
alex___ has joined #bitcoin-wizards
ale______ has quit [Ping timeout: 252 seconds]
bildramer has joined #bitcoin-wizards
BashCo has quit [Ping timeout: 260 seconds]
rubensayshi has joined #bitcoin-wizards
alex___ has quit [Ping timeout: 258 seconds]
bildramer has quit [Ping timeout: 258 seconds]
alex___ has joined #bitcoin-wizards
alex___ has quit [Read error: Connection reset by peer]
alex___ has joined #bitcoin-wizards
bildramer has joined #bitcoin-wizards
alex___ has quit [Ping timeout: 240 seconds]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
dnaleor has quit [Ping timeout: 276 seconds]
ThomasV has joined #bitcoin-wizards
JackH has joined #bitcoin-wizards
belcher has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
ratoder has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 276 seconds]
chjj has quit [Ping timeout: 244 seconds]
Giszmo has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 258 seconds]
BlueMatt has quit [Ping timeout: 276 seconds]
BlueMatt has joined #bitcoin-wizards
paveljanik has quit [Quit: Leaving]
molz has quit [Ping timeout: 258 seconds]
ThomasV has joined #bitcoin-wizards
rubensayshi has quit [Remote host closed the connection]
proslogion has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
<wallet42> math question: How do I calculate the "80%" range of a repeated poisson process? E.g. if I have a block mean time of 600. There is a "80%" chance that I will find between 5-7 blocks in 10*mean seconds.
pro has joined #bitcoin-wizards
<sipa> the CDF for a poisson distribution is f(x) = exp(-l) * sum(l^i / i!, i=0..x)
<sipa> so the chance that you have less than or equal to x blocks in 10*600 seconds is exp(-10) * sum(10^i / i!, i=0..x)
Transisto2 has quit [Ping timeout: 252 seconds]
<wallet42> http://www.wolframalpha.com/input/?i=exp(-10)*sum(10%5Ei+%2F+i!,+i%3D1..12). So .79 chance of finding between 1 and 12 blocks in an hour?
<wallet42> thank you sipa :-)
<sipa> http://www.wolframalpha.com/input/?i=P(1+%3C%3D+X+%3C%3D+12)+with+X+~+Poisson(lambda%3D10)
<sipa> easier ^
<wallet42> beautiful
<sipa> i'll admit that i'm surprised that wolfram understood my query on the first try
<wallet42> WA is awesome
ThomasV has quit [Ping timeout: 260 seconds]
<wallet42> in python do I use random.expovariate(1)*600 to get a random blocktime?
<sipa> or random.expovariate(1/600.0)
<wallet42> (y)
<wallet42> correction: an hour is obviously 6*mean. the answer is thus there is a ~80% chance that there will be between 3-8 blocks in an hour.
<sipa> assuming the hashrate and difficulty are aligned
<sipa> which is almost never the case
<sipa> and worse, we don't know how misaligned it is :)
<wallet42> sure. it's theoretical
<wallet42> also block found != block height +1 because of orphans
<sipa> not relevant
<sipa> the difficulty adjust based on the number of blocks that make it into the chain
<sipa> so if your numbers are for how many blocks are added to the chain (rather than the number of blocks found overall), your formula is correct
<wallet42> you're right
alex___ has joined #bitcoin-wizards
alex___ has quit [Ping timeout: 240 seconds]
ThomasV has joined #bitcoin-wizards
alex___ has joined #bitcoin-wizards
ale______ has joined #bitcoin-wizards
alex___ has quit [Ping timeout: 244 seconds]
ale______ has quit [Ping timeout: 244 seconds]
alex___ has joined #bitcoin-wizards
alex___ has quit [Ping timeout: 258 seconds]
HostFat_ has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
Guyver2 has quit [Ping timeout: 252 seconds]
murch has joined #bitcoin-wizards
WungFu has quit [Ping timeout: 250 seconds]
InsidiousPoet has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
moli has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
tripleslash has quit [Ping timeout: 260 seconds]
tripleslash has joined #bitcoin-wizards
Samdney has joined #bitcoin-wizards
atgreen has quit [Ping timeout: 250 seconds]
Ylbam has joined #bitcoin-wizards
ruby32 has joined #bitcoin-wizards
murch has quit [Quit: Leaving.]
edvorg has joined #bitcoin-wizards
Samdney has quit [Quit: Verlassend]
_r0ach_ has quit []
WungFu has quit [Remote host closed the connection]
ThomasV has quit [Ping timeout: 240 seconds]
Davasny has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
zooko has joined #bitcoin-wizards
atgreen has joined #bitcoin-wizards
MoALTz has joined #bitcoin-wizards
Guyver2 has quit [Quit: :)]
Guyver2 has joined #bitcoin-wizards
r0ach has joined #bitcoin-wizards
BashCo_ has quit [Remote host closed the connection]
HostFat_ has quit [Read error: Connection reset by peer]
Guyver2 has quit [Quit: :)]
johntramp has quit [Ping timeout: 252 seconds]
bildramer has quit [Ping timeout: 276 seconds]
Guyver2 has joined #bitcoin-wizards
bildramer has joined #bitcoin-wizards
Guyver2 has quit [Client Quit]
<tromp_> what percentage of bitcoin is in txo with fully known public key (ie. at risk of quantum breakthrough) ?
BashCo has joined #bitcoin-wizards
byteflame has joined #bitcoin-wizards
ale______ has joined #bitcoin-wizards
iwilcox has quit [Remote host closed the connection]
<sipa> tromp_: i don't have numbers, but i exoect very little
<sipa> *expect
ale______ has quit [Ping timeout: 250 seconds]
<cjd> that's a neat question
<tromp_> i expect less than 10% but more than a few %
NewLiberty has joined #bitcoin-wizards
NewLiberty_ has quit [Ping timeout: 244 seconds]
<proslogion> all of them if we go full mimblewimble
<cjd> that's an annoying feature of MW
mdavid613 has joined #bitcoin-wizards
johntramp has joined #bitcoin-wizards
iwilcox has joined #bitcoin-wizards
Mazz_ has quit [Ping timeout: 240 seconds]
qpm has quit [Ping timeout: 250 seconds]
Mazz_ has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
NewLiberty_ has joined #bitcoin-wizards
Starduster_ has joined #bitcoin-wizards
zooko has quit [Ping timeout: 250 seconds]
Noldorin has joined #bitcoin-wizards
Starduster has quit [Ping timeout: 240 seconds]
NewLiberty has quit [Ping timeout: 250 seconds]
r0ach has quit [Ping timeout: 244 seconds]
Mazz_ has quit [Ping timeout: 264 seconds]
r0ach has joined #bitcoin-wizards
markus-k has joined #bitcoin-wizards
Mazz_ has joined #bitcoin-wizards
ale______ has joined #bitcoin-wizards
mdavid613 has quit [Quit: Leaving.]
ale______ has quit [Read error: Connection reset by peer]
ale______ has joined #bitcoin-wizards
Yogh has quit [Ping timeout: 276 seconds]
Yogh has joined #bitcoin-wizards
belcher has quit [Read error: Connection reset by peer]
Guest21946 has joined #bitcoin-wizards
mdavid613 has joined #bitcoin-wizards
Mazz_ has quit [Ping timeout: 265 seconds]
laurentmt has joined #bitcoin-wizards
Mazz_ has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 244 seconds]
cyphase has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
Samdney has joined #bitcoin-wizards
zooko has joined #bitcoin-wizards
mdavid613 has quit [Quit: Leaving.]
mdavid613 has joined #bitcoin-wizards
<bsm117532> A quick skim of this book, it seems these authors may be making a very common error by assuming entropy is extensive (scales linearly with the number of particles). In Quantum Mechanics this is manifestly false, but virtually every textbook I know of makes this mistake. I wonder if Quantum Information Theory as a field is making this mistake in general...
<bsm117532> The key phrase is "mixing entropy" -- it's an additional non-extensive entropy term that is ignored in classical statistical mechanics (even though virtually all statistical mechanics texts are talking about quantum particles).
<bsm117532> See also the Gibbs Paradox...
brg444 has joined #bitcoin-wizards
zooko has quit [Ping timeout: 260 seconds]
jl2012 has quit [Ping timeout: 260 seconds]
Ylbam has quit [Ping timeout: 260 seconds]
Ylbam has joined #bitcoin-wizards
lmatteis has quit [Ping timeout: 258 seconds]
mdavid613 has quit [Quit: Leaving.]
lmatteis has joined #bitcoin-wizards
<r0ach> bob: kinda off-topic, but since you're already talking about physics, what's your take on global EROEI trends in relation to being able to do the upkeep on a world reserve currency crypto via PoW for like 100 years? Is it a showstopper for PoW?
Guest21946 has quit [Quit: Leaving]
<r0ach> I don't really see a cryptocurrency being able to beat a physical object in market cap. I think that would be an irrational market, but the question remains...
jl2012 has joined #bitcoin-wizards
<r0ach> (i.e. gold or petro dollar or helium3 dollar or whatever)
<bsm117532> r0ach: PoW is a bearer bond. It will be worth exactly as much as the PoW used to create it. It's not a showstopper, unless hashrate starts decreasing, and more than half the "high-water mark" of hashrate disappears. At that point, in order to continue, the consensus algorithm must be divorced from PoW.
<bsm117532> One thing I'd like to see in general is a PBFT or Honey Badger like network that accepts PoW hashes, divorcing consensus from PoW.
Ylbam has quit [Quit: Connection closed for inactivity]
<r0ach> well, not quite the answer I was looking for, and your answer seemed kinda sunk cost fallacy to me heh
mdavid613 has joined #bitcoin-wizards
byteflame has quit [Ping timeout: 276 seconds]
<bsm117532> Heh what do you mean?
<r0ach> as in, I'm more in the Gavin boat on that department, that Bitcoin doesn't have lots of value because we burned up a bunch of money mining it.
<waxwing> "It will be worth exactly as much as the PoW used to create it." <-- *maybe* exactly as much as the PoW that would be needed to create a new equal amount, but not that.
laurentmt has joined #bitcoin-wizards
<bsm117532> r0ach, waxwing PoW is a price floor. Insert your own reason the price might be higher...
<waxwing> sure but that would be PoW today; not when it was created :) admittedly that's kind of a silly distinction assuming non-fungibility between old and new, so no matter.
<bsm117532> Yeah PoW hardware and electricity expenditure is a function of time, then it gets folded through the coin allocation schedule. It's clear after both of those functions, coins created at different times involved different amounts of real-world expenditure.
<r0ach> or inefficient market participants get taken to the cleaners and all remaining contestants are below 0 price per coin, then they dump causing big miners to stop mining, giving you no price floor at all...
<bsm117532> That sounds like an "inefficient markets" assumption.
<sipa> bsm117532: by "PoW is a price floor", you mean "exchange_rate >= emergy_and_hardware_cost_expended_per_block / subsidy_and_fee_per_block" ?
<bsm117532> yes.
<sipa> if so, i agree, but there are many variables in that equation :)
e0_ has joined #bitcoin-wizards
<bsm117532> Sure ;-)
<waxwing> yeah and can only be a long run equilibrium too. almost too feedback-y to be a useful concept.
<bsm117532> Well if you remove PoW, there is absolutely no tie to real-world assets. The marginal cost of a database row is zero. So all other inputs are wishes on unicorns dancing on rainbows.
<gmaxwell> bsm117532: your promoting a discredited econmic theory. If I buy the hope diamond, smash it to pieces, and pay the pope to urinate on the result. ... is the resulting produce highly valuable, owing to its very expensive construction and rarity? No.
<brg444> yeah that all seems kind of backward to me too..
<gmaxwell> bsm117532: POW has no fixed amount (beyond difficulty 1)-- the system difficulty will simply adapt to whatever the offered load is.
<gmaxwell> So it _cannot_ prop up the price.
<waxwing> PoW doesn't give value *intrinsically*, but indirectly - by the effect it has on consensus.
<bsm117532> PoW has zero value, but it does have a cost.
<bsm117532> gmaxwell: your example also has zero value but nonzero cost.
<bsm117532> Sometimes I use the phrase "economic tie" rather than "price floor" for this concept -- the tie is to cost, not value.
<gmaxwell> it also has effectively zero _fixed_ cost. Almost all the cost comes externally from competition to drive difficulty up.
<sipa> historically that effect eas very visible
<sipa> in GPU days there was a clear causal effect between exchange rate and hash rate
<sipa> in that direction; not the opposite one
<sipa> so i'd rather say that exchange rate is an upper bound on pow
<sipa> rather than pow an lower bound on exchange rate
<proslogion> remember lots of capitals flow into mining to acquire bitcoins at lower than market price
<gmaxwell> what sipa said.
<proslogion> but perhaps even today
<proslogion> we know that some very big miners hodl the majority of the coins they mined
<bsm117532> I argue it's a floor, sipa argues it's a ceiling...we're both right from the perspective of different market participants. The net result is a correlation, causality is hard to prove.
priidu has joined #bitcoin-wizards
<gmaxwell> bsm117532: please, thats bullshit.
<gmaxwell> the operation of the system is transparent, saying that pow costs hold up the price just makes no logical sense, because there is no real minimum to pow costs. effectively miners are bidding to make blocks (with randomization).
blackwraith has joined #bitcoin-wizards
<gmaxwell> And historically the temporal direction of the relationship was very clear. With price rises leading to predictable hashrate increases after a delay.
priidu has quit [Ping timeout: 252 seconds]
<bsm117532> gmaxwell you're claiming that miners would prefer to sell at a loss than hold in the hopes of a profit. That's bullshit. Most are holding. But let's be civil?
<bsm117532> Insert a latency function in both directions...miners aren't going to hold forever, and there's a time lag in bringing new hardware online.
r0ach has quit [Read error: Connection reset by peer]
<gmaxwell> bsm117532: No I am not claiming that. I am claiming that the less profitable miners turn off their hashpower, and the difficulty goes down.
r0ach has joined #bitcoin-wizards
<bsm117532> at least until they find cheaper power and ship their mining rigs...
<bsm117532> This is probably not relevant right now, since die shrink & tweak has dominated hashrate increases in ASICs so far.
<gmaxwell> (the supply of newly mined coins is also very small relative to the market volumes.)
<bsm117532> There is a lot of speculation, that's true.
Sleepnbum has joined #bitcoin-wizards
r0ach has quit [Read error: Connection reset by peer]
<bsm117532> All I'm really saying is that without PoW, it's 100% speculation.
blackwraith has quit [Read error: Connection reset by peer]
<gmaxwell> ::sigh::
<gmaxwell> Then you are saying that its 100% speculation then.
<bsm117532> Only if you're saying PoW has zero cost?
blackwraith has joined #bitcoin-wizards
<gmaxwell> Effectively, it has a almost zero fixed cost. All the price for POW comes out of miners bidding up the difficulty.
shesek has quit [Ping timeout: 244 seconds]
mdavid613 has quit [Quit: Leaving.]
execut3 has quit [Ping timeout: 240 seconds]
<bsm117532> But if miners are a small fraction of the market volumes, they'd be unable to do that. You contradict yourself.
<gmaxwell> ...
<cjd> hey gmax, thanks for bringing to light the VitalikMiner project on reddit
Mazz_ has quit [Ping timeout: 265 seconds]
<gmaxwell> cjd: I'd just assumed everyone knew about that, the same related to it was so obnoxious.
<gmaxwell> s/same/spam/
<gmaxwell> bsm117532: What the heck does bitcoin market volumes have anything to do with what I just said?
<cjd> I can tell you that people who I talked to didn't know until now :)
<cjd> I didn't follow any of this stuff since 2012ish
<proslogion> the most interesting thing is: I trust that V was well aware Quantum mining is BS
<gmaxwell> proslogion: I don't.
<proslogion> you have to take several leaps of faith to start believing it...
Mazz_ has joined #bitcoin-wizards
<proslogion> not just one
Guyver2 has joined #bitcoin-wizards
<cjd> I'm going to give him the benefit of the doubt on that one but I think there are some "institutional investors" who are absolutely livid to find out that ETH is basically a very advanced version of the good ol' 2012 era altcoin
<bsm117532> gmaxwell: If miners "bid up" I take that to mean they're pushing prices up by selling bitcoin at ever-higher prices. Did I misunderstand you? They also push up the difficulty, but the increase in difficulty is directly proportional to their new capital expenditures.
<gmaxwell> bsm117532: miners burn energy to try to get the 1800 btc produced per day, the more energy the put in, the more they get, and the more the difficulty goes up. If they desire the coins less, say because the price they can sell them for falls, less profitable miners find it no longer worth running, they turn off, and the difficulty falls.
<gmaxwell> bsm117532: _no_
<proslogion> https://bitcointalk.org/index.php?topic=325800.0 this is the talk he gave at around the same time period
<cjd> yes, that has already been passed along
ale______ has quit [Remote host closed the connection]
<bsm117532> gmaxwell: I agree with you.
<gmaxwell> proslogion: I think people believe he has a lot more background an expirence than he does because he was a journalist that wrote about other people's activities. I don't doubt that he thought it was ~possible~ that 'simulated quantum miner' would work.
<bsm117532> gmaxwell: It sounds like you're describing exactly the same thing as me. I'm unsure why we're disagreeing.
<gmaxwell> bsm117532: so this cannot constutute a floor. Say, due to market effects, traders bring prices down 5 fold, this would make many miners unprofitable. They're pause or discontinue operations (As it would be just cheaper to buy bitcoins on the open market than to mine), those miners do that, the difficulty falls, some turn back on, and a new equlibrium is reached.
<proslogion> gmaxwell: you could check out the slides of his another talk in Israel above
<gmaxwell> And we've watched this process play out many times.
<proslogion> it begs my belief to think that he didn't grasp that the single thing making Grover's algorithm more efficient on a QC than classical computers is the entanglement
r0ach has joined #bitcoin-wizards
<bsm117532> gmaxwell: agreed. I usually say "floor" because so many people balk at the idea that the correlation is as strong as you describe. But in fact I think it is.
Mazz_ has quit [Ping timeout: 258 seconds]
<gmaxwell> bsm117532: the only reason it's not 1:1 coupled like that is because of the the initial investment in hardware is a 'constant' in that formula. You don't buy hardware unless you're going to be N fold profitable, in order to recoup that investment, and so once you have it, price would have to fall (/difficulty rise) quite a bit before you'll turn it off.
<bsm117532> gmaxwell: yes. My only minor disagreement is that "less profitable" miners don't turn of their equipment, *un*profitable miners turn off their equipment.
<gmaxwell> this is also why I was quite insistant that the huge hashrate loss at the halving psztorc was predicting in here wouldn't happen.
<bsm117532> It's already priced in...
<gmaxwell> bsm117532: actually, we know that less profitable miners turn off. I don't fully understand why.
<bsm117532> What's their definition of "less"?
Mazz_ has joined #bitcoin-wizards
<bsm117532> I mean, maybe power is more expensive at certain times of the day in certain jurisdictions?
<gmaxwell> bsm117532: if you mean the bitcoin price is elevated on account of it, no-- doesn't really follow, newly mined coins are small compared to market volume. If you mean that miners declined to build lower return facilities ('pricing it in on the hashrate side'), then yes.
<bsm117532> While the halving was priced in, I wouldn't design a new coin with that "feature". Halving someone's revenue won't always go over well...
alfas has joined #bitcoin-wizards
<bsm117532> gmaxwell: yes, priced in on the hashrate side.
<gmaxwell> There are benefits to the structure in bitcoin that most people do not understand.
<gmaxwell> bsm117532: e.g. I know of many miners turning off when they're getting $2 out for every $1 in, part of this is related to risk preference. It's still a risky $2. Part is related to fixed costs.
<bsm117532> I've been fooling with an alternative allocation schedule that is continuous. There's a window of reward that could be accepted by the network rules. This window is directly related to the network "size" in seconds, and the orphan rate.
<bsm117532> Fact of the matter is that the halving is a synchronous event, as are blocks. So both have to be slow, because the network is actually asynchronous...
<gmaxwell> I think also some of it is related to the kinds of people that end up mining, because of the high risk and other factors it attracts parties that are dreaming of outsized returns. Once it's merely profitable, it isn't an attractive business to many of the people who were attracted to gamble on it in the begging, but I'm getting further into speculation there.
<alfas> In oil, the large companies are willing to let their rigs mine at a loss, because the investment was so large. Its not economical to turn them of.
<alfas> At least thats what i gather.
<bsm117532> Certainly. I wonder if that means a shift in mining participants, as the market becomes more efficient...
<gmaxwell> the halving structure encourages forward investment in infrastructure, it's also simple to implement and avoids creating weird incentives where if you fail to mine _this_ block, you're stuck with the boobie prize of a less paying later block.
<bsm117532> alfas: I was kind of assuming that was happening in Bitcoin. gmaxwell says otherwise. Interesting.
<brg444> bsm117532: Sure, people were willing to gamble and order from butterfly lab back then, not so anymore :P
<gmaxwell> bsm117532: we haven't seen that shift because of the continual introduction of new hardware.
<gmaxwell> alfas: bitcoin mining can be turned on and off at an instant, and the income is highly predictable (and to the extent it changes, you can simply go quiet until it does).
<gmaxwell> alfas: once hardware is in hand, you put power in, get bitcoins out. If the same spent on power in will buy bitcoins at the market cheaper, you can do that (assuming you even want the bitcoins-- many miners sell immediately)
<gmaxwell> an oil rig will keep operating because you _may_ hit more oil, because you have sold futures on that oil in any case, and because you cannot economically 'pause it' to wait for better conditions (you're still stuck paying tremendous personell costs)... nor will conditions improve just by waiting.
<brg444> gmaxwell: would you say that the idea some would be willing to mine at slight loss to acquire "fungible" coins is folklore?
<gmaxwell> and because of hardware improvent lifecycles, no one has been deploying a large amount of hashpower without an plan for immediate cost recovery.
Davasny_ has joined #bitcoin-wizards
<gmaxwell> brg444: There is truth to it, but it is more limited than you think. Pools destroy that fungibility. (in fact, some pools have been taking that benefit for themselves-- paying users with well circulated coins)
<bsm117532> gmaxwell: that's not really true. An oil producer could buy oil on the open market if it's price was low enough. This dynamic is independent of the commodity...
<gmaxwell> The transactional costs for making those deals are rather high.
<gmaxwell> bsm117532: oil is not perfectly fungible, however, due to delivery conditions.
Davasny has quit [Ping timeout: 265 seconds]
<gmaxwell> And the point I made is that continued operation is required to have any hope of furture recouping.
<gmaxwell> There is also a different meaning 'at a loss' being used there. "At a loss relative to some cost model which includes the price of money" vs "at a loss relative to marginal operating expenses"
<gmaxwell> the only reason to keep operating in the latter case, is because continued operation may result in improved returns in the future. This doesn't apply to bitcoin mining. You don't have to keep mining in order to find out that mining returns have improved.
mdavid613 has joined #bitcoin-wizards
brg444 has quit [Quit: Page closed]
ale______ has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
Mazz_ has quit [Ping timeout: 260 seconds]
Mazz_ has joined #bitcoin-wizards
alfas has quit [Quit: yahoo]
AusteritySucks has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
mkarrer has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
Ylbam has joined #bitcoin-wizards
ruby32 has quit []
shesek has joined #bitcoin-wizards
execut3 has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 252 seconds]
cyphase has quit [Ping timeout: 276 seconds]
ale______ has quit [Remote host closed the connection]
ale______ has joined #bitcoin-wizards
superkuh has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
cyphase has joined #bitcoin-wizards
Transisto2 has joined #bitcoin-wizards
murch has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
hashtag_ has joined #bitcoin-wizards
whphhg has quit [Quit: Leaving]
whphhg has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
DougieBot5000 has quit [Read error: Connection reset by peer]
ale______ has quit [Read error: Connection reset by peer]
DougieBot5000 has joined #bitcoin-wizards
ale______ has joined #bitcoin-wizards
atgreen has quit [Ping timeout: 252 seconds]
ThomasV has quit [Ping timeout: 258 seconds]
NewLiberty_ has quit [Read error: Connection reset by peer]
NewLiberty_ has joined #bitcoin-wizards
Brokenrecord has joined #bitcoin-wizards
<Brokenrecord> i'm getting a warning on bitcoin.org what's going on?
Davasny_ has quit [Remote host closed the connection]
chjj has joined #bitcoin-wizards
<Brokenrecord> yes...
<Brokenrecord> i already downloaded core wallet but i how do i check i haven't been hacked?
<bsm1175321> wut. I'm seriously curious what information leads to that warning...
<sipa> Brokenrecord: the warning is about the upcoming 0.13 version, which is not released yet
<sipa> though being careful is always important of course
<sipa> like verifying the GPG signatures, as mentioned on that page
<midnightmagic> :-o
<Brokenrecord> i'm trying to figure out how to verify
<sipa> i have no information about information that lead to that warning, btw
Giszmo has quit [Quit: Leaving.]
<kanzure> this does not seem to be from a pull request
<sipa> it is not
<gmaxwell> We really should have a better update procedure.
brg444 has joined #bitcoin-wizards
<kanzure> was this discussed on the security mailing list at all?
<sipa> 00:45:20 < sipa> i have no information about information that lead to that warning, btw
<kanzure> actually nevermind, that list is re: bitcoin core, not bitcoin.org, i think
<sipa> well bitcoin.org (according to its owner) is a private website
<kanzure> i suggest #bitcoin or something instead of this channel for this issue
Brokenrecord has quit [Quit: Page closed]
oleganza has joined #bitcoin-wizards
FNinTak has joined #bitcoin-wizards
ruby32 has joined #bitcoin-wizards
<FNinTak> gmaxwell: one factor that would keep hashrate inflated even as price drops is electricity contracts for large miners
<FNinTak> They buy electricity in chunks of ~6 months and so normally cannot turn hardware off in response to price movements
<gmaxwell> yes, though there is a well eastablished history of mining operations just disappearing out from under their electrical contracts.
<ruby32> is there some overview of the features to be added in 0.13?
<FNinTak> Also, while I agree that halving provides certainty re: reward on investment, I don't know if that justifies such a long timespan between adjustments
<FNinTak> i.e. would a half-year adjustment cycle be too short? Alternatively, what if the curve became smoother towards the tail?
<sipa> ruby32: also, #bitcoin
<ruby32> sipa: thank you, and i'm sorry :o
<FNinTak> On a similar thread, is there an incentive to have a (relatively) slow diff. adjustment algorithm to disincentivize forks?
<FNinTak> Re: Part of why ETC fork has survived is because of the ETH diff. adjustment algo. being very fast
MoALTz has quit [Quit: Leaving]
MrHodl has joined #bitcoin-wizards
FNinTak has quit [Ping timeout: 250 seconds]
<gmaxwell> FNinTak: thats not really true, because go-ethereum being broken they immediately had to make a consensus change to reject the headers of the longer chain. They could have just as easily reset the difficulty at the same time.
FNinTak has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
<FNinTak> you mean etc resetting difficulty or eth?
<FNinTak> either way, resetting the difficulty could still cause problems if it's not known what hashrate to expect on the fork
Firescar96 has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
<Firescar96> >thats not really true, because go-ethereum being broken
<Firescar96> plz, tell me more
<kanzure> "Redactable blockchain or Rewriting history in bitcoin and friends" https://eprint.iacr.org/2016/757.pdf
Guyver2 has quit [Quit: :)]
proslogion has quit [Ping timeout: 258 seconds]
btcdrak has quit [Quit: Connection closed for inactivity]
<nsh> what are they proposing to do with chameleon hashes sans the verbosity?
dnaleor has quit [Quit: Leaving]
<nsh> hem
dnaleor has joined #bitcoin-wizards
edvorg has quit [Ping timeout: 260 seconds]
Sleepnbum has quit [Ping timeout: 265 seconds]