sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
Newyorkadam has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
<sipa>
bsm117532: you can claim that a transaction is yours (and you can prove so by signing a message with the key), but that is no different than me sending you the key without any transaction, and signing a message with it. the only thing yhe blockchain does is prove that that key existed at a certain point in time, not whom it belongs to. and for the timestamping use case, we have better solutions that put them in a merkle tree instead of telling...
superkuh_ has joined #bitcoin-wizards
<sipa>
the whole world about it.
superkuh_ is now known as superkuh
AaronvanW has quit [Read error: Connection reset by peer]
neha has quit [Remote host closed the connection]
rusty has joined #bitcoin-wizards
cdecker has joined #bitcoin-wizards
rusty has quit [Ping timeout: 264 seconds]
harrymm has quit [Remote host closed the connection]
Ylbam has quit [Quit: Connection closed for inactivity]
harrymm has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
bsm117532- has joined #bitcoin-wizards
<bsm117532->
sipa: It is different because the transaction mechanism can provide key revocation and replacement. What you want to know is whether a given key is still valid, which corresponds to asking whether a given UTXO is unspent. If you hide key data in a Merkle tree, an observer couldn't see your revocation.
<sipa>
you can just ask them to sign a message again
<sipa>
then you also know the key is still valid
mountaingoat has quit [Ping timeout: 265 seconds]
<sipa>
also, the presense of a utxo does not mean they didn't lose the key
<bsm1175321>
An attacker can also "sign a message again". That does not prove the key is still valid. A balance at a UTXO is sitting at a *different* address than the hash of the pubkey previously revealed. One can separate the revocation mechanism from normal key use. (e.g. an offline key or pre-signed transaction)
dnaleor has quit [Ping timeout: 240 seconds]
<bsm1175321>
I think it's impossible to prove your key hasn't been copied...
superkuh has joined #bitcoin-wizards
<sipa>
i still don't understand what the blockchain offers here
<sipa>
you are already talking to the other party to know what the txid is
<sipa>
just ask then what their key is directly at that point
<sipa>
you don't know it is not copied, but the other party hurts itself only by doing so
<sipa>
but you do know it's live
<bsm1175321>
The blockchain offers fast, timestamped, irrevocable *revocations*, and continuity with the new key, once established. Both the old and new key are known to be controlled by the same entity. *Without* a separate secure line of communication to that entity through the entire key loss process.
kekroment has quit [Ping timeout: 265 seconds]
<sipa>
you need a secure line of communication anyway to establish identity of the key
<bsm1175321>
But you only need a secure line of communication once, not in perpetuity.
<bsm1175321>
Your model assumes a perpetual secure line of communication. If we had that a lot of things would be easier...
<sipa>
no, just once, to establish an identity key
<bsm1175321>
And the revocation, and the new key.
<sipa>
afterwards you sign/encrypt using that key
N0S4A2 has joined #bitcoin-wizards
<bsm1175321>
The attacker has that key now. What next?
<sipa>
you're eaten by a grue
<bsm1175321>
hahaaa
<sipa>
you can't solve that problem
<bsm1175321>
I can. Using UTXOs on a blockchain.
<sipa>
if i lose my key, i can't spend that utxo
<sipa>
you're using the blockchain as a publishing mechanism for revocation certificates
<sipa>
i guess that works
<sipa>
it's a use for proof of publication
<bsm1175321>
The key you lost corresponds to an *already* *spent* UTXO. The next spend comes from a *different* key, held in a different location.
<sipa>
but it only works if you don't lose the key
<bsm1175321>
You can lose the key.
<sipa>
i don't understand
<bsm1175321>
People will lose keys. I assume it.
<bsm1175321>
I'm making a chain of transactions, using the most recently *spent* transaction (which reveals a pubkey) for authentication/code signing.
<sipa>
ok, so there is a stronger key held more securely that can sign revocations
<sipa>
what if you lose that one?
<bsm1175321>
Ok so you can do that, but you still have a problem of publishing the revocations.
<sipa>
agree
<bsm1175321>
CRL's generally exist at a HTTP endpoint that an attacker can DDoS.
<sipa>
i disagree that a blockchain is the best solution for it
<sipa>
but i agree it's a use case for a block chain
* bsm1175321
lets sipa think on it.
<bsm1175321>
I think it's a *perfect* use case for a non-fungible blockchain. (but, let's improve fungibility too)
<sipa>
any use for proof of publication is vulnerable to censorship
<sipa>
and a non-fungible blockchain (in extresis) won't have valuable tokens, which means it can't provide security
<sipa>
*extremis
<bsm1175321>
Any financial system in which the counterparty can't be reliably identified is unusable.
<bsm1175321>
We need both.
<bsm1175321>
And proof-of-work is the best way to secure both.
rusty has quit [Ping timeout: 244 seconds]
cdecker has quit [Ping timeout: 244 seconds]
aem has quit [Remote host closed the connection]
aem has joined #bitcoin-wizards
aem is now known as aem
Noldorin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
chjj has quit [Ping timeout: 240 seconds]
pro has quit [Quit: Leaving]
rusty has joined #bitcoin-wizards
rusty has quit [Ping timeout: 248 seconds]
jron has quit [Ping timeout: 244 seconds]
Newyorkadam has quit [Quit: Newyorkadam]
Chris_Stewart_5 has quit [Ping timeout: 244 seconds]
rusty has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
rusty has quit [Ping timeout: 250 seconds]
<qpm>
tx:<Jeremy_Rand> bsm1175321: FYI Namecoin has been exploring the possibility of naming PGP key fingerprints (or similar public key material)
<bsm1175321>
Jeremy_Rand see also blockstack and onename on that topic.
<qpm>
tx:<Jeremy_Rand> bsm1175321: Yes, I'm aware of Blockstack. Their work is, in my opinion, not particularly useful, because (among other things) their transaction validity isn't backed by PoW.
<bsm1175321>
I have no interest in naming. Naming creates a market for things which can be remembered, transcribed through meat-space, and chiseled onto stone tablets. A txid (or pubkey) is a perfect identifier, though not memorable. But who cares? I have software for that.
<qpm>
tx:<Jeremy_Rand> It's trivially easy to construct a transaction that looks just like a Blockstack transaction (it's a Bitcoin tx that has an OP_RETURN script), and there's no way to prove that my transaction is invalid without inspecting the entire Bitcoin chain
<bsm1175321>
I agree, and that's why my proposal (above) does not rely on OP_RETURN.
<bsm1175321>
There's a new security model here not only for fungible assets, but for non-fungible identities, and light clients can use it by tracking block headers (with the addition of UTXO set commitments)
<qpm>
tx:<Jeremy_Rand> bsm1175321: Namecoin's utility for things like this, IMO, is that you can have one key that owns the Namecoin name, and that key can sign new transactions that authorize new PGP keys or revoke existing ones
<qpm>
tx:<Jeremy_Rand> The ability to have a human meaningful name for that identity is cool too of course
<bsm1175321>
I'm punting on the human readable part. There's a lot of utility to be found by abandoning it. I have software for that. Once that punt is accepted, Bitcoin as it stands is a powerful alternative.
<qpm>
tx:<Jeremy_Rand> Although gmaxwell's concerns about it being easy to construct near-colliding human-meaningful names are valid, and dealing with them is nontrivial
<bsm1175321>
That's easy to solve: stop transcribing identities through your head-meat. It's not as good at it as my software.
<othe>
human readability just introduces namesquatting
<bsm1175321>
Let markets develop elsewhere. It doesn't belong in the protocol.
<qpm>
tx:<Jeremy_Rand> bsm1175321: well, if you don't have human-readable names, that does decrease usability for some use cases. I agree totally that getting rid of human-readable names does result in more confidence in the system from a cryptographic standpoint.
<othe>
the sites who use that identity should deal with it themselves, mapping a pubkey to a username is no big deal
<bsm1175321>
Jeremy_Rand: put a directory server that translates long identifiers into human-readable names somewhere. Put it in software. Don't make me fuck with it.
<qpm>
tx:<Jeremy_Rand> othe: last I heard about 50% of ICANN names are squatted. That's a significant number, but that also means that 50% of the names are nonsquatted, which isn't incredibly bad.
<bsm1175321>
That's (at least) a 50% probability that I'll mis-identify a counterparty in a transaction/interaction. We can do better.
<qpm>
tx:<Jeremy_Rand> bsm1175321: well, then you've got a trusted party in the directory server, right? Or are you proposing a different way of doing the mapping?
<bsm1175321>
Software identifies the counterparty, not my head-meat. Not the name mapping. Name-mapping is only for visual display and convenience, not authentication/authorization.
<qpm>
tx:<Jeremy_Rand> bsm1175321: I don't follow how you're inferring the risk of fraud from the fraction of squatted names
<bsm1175321>
Wait, did I seriously just buy something from amaz0n.com?
<qpm>
tx:<Jeremy_Rand> Have you ever mistyped amaz0n.com into your web browser?
<bsm1175321>
Or was it amazondot.com? Or ama2on.com? Fuck if my head-meat and font interpreter can tell.
<bsm1175321>
I clicked on an ad, as many unawares users do...
<othe>
i mistyped ebay 2 minutes ago, entered ebaz as i am in nyc on a non german keyboard...happens all the time for me.
<qpm>
tx:<Jeremy_Rand> othe: interesting. That said, I don't think it's accurate to infer 50% chance of fraud based on 50% squatted names as bsm1175321 suggested
<bsm1175321>
It even had a valid certificate from some craptacular authority in bazquuxistan. It was green in my browser bar. I didn't question it.
<othe>
qpm, if u have something like global unique human readable names... theres like 1mio people called adam smith prolly...it just wont work, every service provider has to do the mapping himself
<bsm1175321>
Jeremy_Rand doesn't matter, it's way too high. Computers will NEVER tell you that all 32-bytes of A equal all 32-bytes of B unless they actually do. Let software do the hard work of deciding that A (seller) = B (payment account)
<sipa>
qpm: i don't understand the interest in namecoin
<sipa>
it's a very interesting problem, but a completely backwards solution
<qpm>
tx:<Jeremy_Rand> sipa: may I ask what you consider completely backwards?
<sipa>
either it functions as a currency, and nobody will use it for name registration
<sipa>
or it functions as a nameservice, and its currency aspect will fail to protect against dos
<sipa>
there is no reason why the price for registration needs to be tied to the exchange rate
<qpm>
tx:<Jeremy_Rand> sipa: I'm not an economist, but if a nameservice blockchain has tokens that are worth 1 registration, then those tokens end up with an exchange rate roughly equivalent to the market value of being able to register a name
<qpm>
tx:<Jeremy_Rand> am I incorrect?
<sipa>
yes, and there is no reason why that is tied to the capacity of the system
<sipa>
you have two parameters, the security of the system and the cost of registration
<sipa>
in namecoin they are both defined by the exchange rate
<qpm>
tx:<Jeremy_Rand> btw, I definitely agree that it's unpleasant to have a naming system that has an exchange rate that isn't pegged to some price that's meaningful to humans (i.e. the price of NMC is relatively volatile)
<qpm>
tx:<Jeremy_Rand> sipa: if we consider a hypothetical Namecoin-like chain where name renewals require paying $10 USD per year to miners, and we assume a significant number of names (say, a small TLD's level), my guess is that that would confer a fairly large amount of security in terms of miner fees. But I haven't chugged those numbers lately.
<bsm1175321>
By separating naming from authentication/authorization, the naming becomes purely a UI/UX feature. I really don't care how many other assholes claim to be amaz0n.com, my software will never get it wrong after the first time I visit the real amazon.com. My eyeballs will.
<qpm>
tx:<Jeremy_Rand> sipa: I'm curious if you would consider the problems you're describing to be improvable by using a Namecoin-like system that's a pegged sidechain using BTC to register names?
<sipa>
i'm not sure
<bsm1175321>
FWIW I'm unconvinced that the naming component needs PoW protection. The only reason namecoin thinks it needs protection is that names are actually being used, today, for *authentication*. Which, is a dumb thing to do, really.
<sipa>
i feel there is a fundamental problem between payinfg for security and exchange rates
<sipa>
a sidechain also has no more security than its fees/... whatever pay miners
<qpm>
tx:<Jeremy_Rand> hmm, so I just did some math, if you assume 10 million names in the system and $10 per year renewal, then you end up with 10,000,000 * 10 / 365 / 24 / 6 = 1902 USD in fees per block
<qpm>
tx:<Jeremy_Rand> that's not a lot of fees, unfortunately (compared to Bitcoin's chain, at least)
<sipa>
that means that for 20000$ i can probably have the chain reorged if i don't like that my competitor got a name instead of me
<qpm>
tx:<Jeremy_Rand> Yeah, that is indeed quite low :(
<bsm1175321>
There are many, many more financial participants than registered DNS names, and all of them don't want to end up paying the wrong person.
<qpm>
tx:<Jeremy_Rand> sipa: on the other hand, 10 million names might be a fairly low estimate depending on what use cases we're talking. DNS has about 100 million users (plus 100 million squatted names), but if we consider identities, it's a lot more. There are far more Internet users than websites.
<qpm>
tx:<Jeremy_Rand> Even so, I agree with you that fees and security are problematic with a low number of users.
<sipa>
and with a high number of users, you get scalability problems
<sipa>
namecoin scales even worse than bitcoin as you need go keep spent records
<qpm>
tx:<Jeremy_Rand> sipa: right, so based on back of napkin calculations I did a while back, if you had about 100 million names, you would end up with a block size of circa 3 to 4 MB
<sipa>
but you can't prunr
<sipa>
block size is only one side of scalability
<qpm>
tx:<Jeremy_Rand> sipa: I think it's possible to only keep the hashes of name values in permanent storage. You could keep the expansions of the hashes in a separate data structure (sort of like SegWit), and nodes could throw out that data structure after a couple years since it's not consensus-critical
<sipa>
utxo set size, block chain size, ... may much more easily become dominant for a namecoin like system
<sipa>
maybe
<sipa>
but what if a miner wants a name for themselves?
cdecker has joined #bitcoin-wizards
<sipa>
they can censor attempts to register or renew that name
<qpm>
tx:<Jeremy_Rand> sipa: in terms of UTXO set size, Aaron Swartz's Nakanames proposal (which basically described something like Namecoin) included an estimate of the UTXO set size, it was around 16 GB for the DNS use case I believe
* bsm1175321
continues to harp on disassociating names from identity...
<qpm>
tx:<Jeremy_Rand> sipa: how is that fundamentally different from a Bitcoin miner attempting to censor transactions from UTXO's they don't like? In a naming system they could force it to expire rather than having to attack it forever,
<qpm>
tx:<Jeremy_Rand> but it's still difficult
<sipa>
qpm: bitcoin addresses are not identities
<sipa>
and you can't censor what you don't understand what it's for
<qpm>
tx:<Jeremy_Rand> sipa: Are you referring to the expected reward for pulling off such an attack, or are you saying something else?
Giszmo has quit [Quit: Leaving.]
<sipa>
no, miners just don't know what to censor
<qpm>
tx:<Jeremy_Rand> sipa: ah. Right, to do the attack for Bitcoin you would need to know what UTXO's to target
<sipa>
assuming decent fungibility
<qpm>
tx:<Jeremy_Rand> sipa: my assumption is that in Bitcoin, even if miners did know what to censor, it would be difficult to actually perform the censorship, based on the difficulty of getting a majority of hashrate to attack the system. If that assumption is wrong, then Bitcoin is likely to have trouble too at some point.
mintmoney has joined #bitcoin-wizards
<mintmoney>
Hi everyone! We have built a google survey regarding a startup charity's name selection! We could use all the feedback that we can get & it's only 3 questions, so please take 1 minute: https://goo.gl/forms/tgUGKxdlKXUTHlLd2
MoALTz has joined #bitcoin-wizards
Newyorkadam has joined #bitcoin-wizards
<midnightmagic>
:-/
<bsm1175321>
Hahaaa I name the Red Cr0ss.
<qpm>
* tx:Jeremy_Rand didn't know that "startup charity" was a term that was used
mintmoney was banned on #bitcoin-wizards by midnightmagic [*!*@c-71-225-146-175.hsd1.pa.comcast.net]
mintmoney was kicked from #bitcoin-wizards by midnightmagic [reasons]
<bsm1175321>
Awwww, that troll was making my point for me...
<qpm>
tx:<Jeremy_Rand> So if you assume 100 million names (which is conceivable if identities are the use case, since there's billions of people in the world), you wind up with (I think) more miner fees per block than the current Bitcoin block subsidy
<qpm>
tx:<Jeremy_Rand> (roughly 30 BTC if my math is right)
<bsm1175321>
Identity needs to be tied to assets, in a very deep way. Because my attempt to transfer 30M USD needs to be tied to my counterparty risk, which is, coincidentally... 30M USD.
<qpm>
tx:<Jeremy_Rand> sipa / bsm1175321: anyway thanks for the chat -- excellent points. Gotta get some sleep now, I'd love to talk more about this sometime.
<bsm1175321>
likewise!
Ylbam has joined #bitcoin-wizards
Aranjedeath has quit [Quit: Three sheets to the wind]
ThomasV has joined #bitcoin-wizards
paveljanik has quit [Quit: Leaving]
NewLiberty has joined #bitcoin-wizards
assder has joined #bitcoin-wizards
<fluffypony>
Jeremy_Rand: just wait till "startup charities" start ICO'ing
copumpkin has joined #bitcoin-wizards
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
jonasschnelli has quit [Changing host]
jonasschnelli has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 240 seconds]
dnaleor has joined #bitcoin-wizards
rubensayshi has joined #bitcoin-wizards
dnaleor has quit [Client Quit]
danrobinson has joined #bitcoin-wizards
cdecker has quit [Ping timeout: 255 seconds]
spinza has quit [Ping timeout: 240 seconds]
Guyver2 has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
Newyorkadam has quit [Quit: Newyorkadam]
danrobinson has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<Taek>
[01:21:16] <sipa> that means that for 20000$ i can probably have the chain reorged if i don't like that my competitor got a name instead of me
<Taek>
That almost seems to solve your problem for you though
<Taek>
what if you made it so that instead of paying to register, you dumped work in to the chain
<Taek>
and, you could steal a competing name by dumping more work
<Taek>
of course, that means that the amount of work going into the chain is probably going to be unstable, which is also not great for security
<Taek>
but you've more or less removed the currency, because work becomes the currency
jannes has joined #bitcoin-wizards
<Taek>
I've been thinking about a pie-in-the-sky alternate method for doing naming
<Taek>
which would be based on a huge WoT framework
<Taek>
the nice thing about WoT is that it can be relative
<Taek>
so that my DNS might actually look different than someone else's DNS, but that's cool because 'coin.com' might mean something different to me than what it might mean to someone who collects physical coins
<Taek>
and it means that things like bitcoin.com and bitcoin.org are no longer owned by a single person
<Taek>
rather the collective decides which website gets the honor of owning bitcoin.com, and if they do unpopular things they can lose the title
<Taek>
This is more useful I think though with respect to copyright
<Taek>
You can have this sort of decentralized aribtration for deciding how to split ownership on a video where one person covers a song that another person wrote
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Changing host]
AaronvanW has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Guyver2 has quit [Quit: :)]
NewLiberty has quit [Ping timeout: 244 seconds]
vega4 has joined #bitcoin-wizards
murch has joined #bitcoin-wizards
NewLiberty has joined #bitcoin-wizards
NewLiberty_ has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 265 seconds]
pro has joined #bitcoin-wizards
cannedprimates has joined #bitcoin-wizards
<kabaum>
amiller: Re compact SPV proofs. Discussing http://popeller.io/index.php/2016/09/15/compact-spv-proofs/ above, you said that paper http://fc16.ifca.ai/bitcoin/papers/KLS16.pdf "solves this problem". What problem are you refering to? Are you referring to the problem of reducing the success probability of fake proofs using early lucky blocks? The security parameter, m, in the paper is essentially what "limiting the maximum skip size"
<kabaum>
does in the sidechains paper. It also seems like the paper assumes all proofs start in the genesis block, while SPV proofs in the sidechains paper originates from the block containing the SPV-locked output, or did I misunderstand that.
pro has quit [Ping timeout: 265 seconds]
pro has joined #bitcoin-wizards
pro has quit [Remote host closed the connection]
pro has joined #bitcoin-wizards
e4xit_ has joined #bitcoin-wizards
e4xit has quit [Ping timeout: 260 seconds]
e4xit_ is now known as e4xit
spinza has joined #bitcoin-wizards
alferz has quit [Ping timeout: 264 seconds]
NewLiberty_ has quit [Ping timeout: 240 seconds]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
assder has quit [Ping timeout: 240 seconds]
assder has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
spinza has quit [Ping timeout: 244 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
jnewbery has joined #bitcoin-wizards
paveljanik has quit [Quit: This computer has gone to sleep]
paveljanik has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
paveljanik has quit [Changing host]
spinza has joined #bitcoin-wizards
PaulCape_ has quit [Quit: .]
skang404 has joined #bitcoin-wizards
mrkent has joined #bitcoin-wizards
skang404 has quit [Ping timeout: 250 seconds]
skang404 has joined #bitcoin-wizards
skang404 has quit [Ping timeout: 265 seconds]
Guyver2 has joined #bitcoin-wizards
Guyver2_ has joined #bitcoin-wizards
assder has quit [Ping timeout: 240 seconds]
Newyorkadam has joined #bitcoin-wizards
Giszmo has joined #bitcoin-wizards
Noldorin has joined #bitcoin-wizards
paveljanik has quit [Quit: Leaving]
jnewbery has quit [Remote host closed the connection]
jnewbery has joined #bitcoin-wizards
jnewbery has quit [Ping timeout: 250 seconds]
rubensayshi has quit [Ping timeout: 255 seconds]
nikivi has joined #bitcoin-wizards
rubensayshi has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
rusty has quit [Ping timeout: 240 seconds]
Newyorkadam has quit [Quit: Newyorkadam]
droark has joined #bitcoin-wizards
rubensayshi has quit [Remote host closed the connection]
jnewbery has joined #bitcoin-wizards
Newyorkadam has joined #bitcoin-wizards
Newyorkadam has quit [Client Quit]
jnewbery has quit [Remote host closed the connection]
Newyorkadam has joined #bitcoin-wizards
coins123 has quit []
Newyorkadam has quit [Ping timeout: 272 seconds]
rusty has joined #bitcoin-wizards
c0rw1n has quit [Quit: Leaving]
Aranjedeath has joined #bitcoin-wizards
rusty is now known as rtopic
rtopic is now known as rusty
mrkent has quit []
nikivi has quit [Quit: zzz]
rusty has quit [Ping timeout: 248 seconds]
nikivi has joined #bitcoin-wizards
jnewbery has joined #bitcoin-wizards
chjj has quit [Ping timeout: 240 seconds]
[7] has quit [Ping timeout: 250 seconds]
TheSeven has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
danrobinson has joined #bitcoin-wizards
jnewbery has quit [Remote host closed the connection]
Alopex has quit [Remote host closed the connection]
danrobinson has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Alopex has joined #bitcoin-wizards
mrkent has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
jnewbery has joined #bitcoin-wizards
cdecker has joined #bitcoin-wizards
mrkent has quit []
nikivi has quit [Quit: irc]
JackH has quit [Quit: Leaving]
chjj has joined #bitcoin-wizards
rusty has quit [Quit: Leaving.]
rusty has joined #bitcoin-wizards
cdecker has quit [Ping timeout: 265 seconds]
jnewbery has quit [Remote host closed the connection]
jnewbery has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
rusty has quit [Ping timeout: 240 seconds]
Alopex has quit [Remote host closed the connection]
<kanzure>
rusty: "credit may be fundamentally more convenient than cash". er, maybe, but you still end up with consensus problems in credit networks i think.
<rusty>
kanzure: sure, but it also implies people don't want bitcoin per-se, so I just acknowledged that contribution and left it there.
<kanzure>
oh, not something to do with actual design of credit system
<kanzure>
well that's boring
<cjd>
does that mean like credit *cards* are convenient (hint: they are)
<cjd>
or does it mean borrowing is convenient?
<cjd>
or does it mean that having money in a system where if it's stolen you can make a bunch of phone calls and get it charged back - possibly causing a loss to the bank - is convenient ?
<kanzure>
yea apparently it was a "oh credit cards might be convenient" comment (which is fine-- just off-topic ish) rather than a comment about credit
<cjd>
because I agree with 1 and 3 and a little bit 2 but only under certain conditions
<kanzure>
i think you end up with weird risk assessment issues and information asymmetries where not all data is available to make a good decision
<kanzure>
and weird risk reconciliation model issues
<cjd>
for #3 ?
<cjd>
yeah I guess
<cjd>
I live in Paris and here the state has a parallel system to the anglosphere and part of that system is that they really want to know where you spend money - so they built a parallel system to VISA and each card supports both systems and inside of this parallel system the cost of executing a transaction is close to 0 - so everyone uses credit cards everywhere
<cjd>
but another part of the system is that they don't lend you money you can't afford to pay back, predatory banks just don't exist here
<kanzure>
all transactions are replicated to both systems?
<cjd>
no, if you use a french card in a french card reader, the transaction is settled in france
Davasny has joined #bitcoin-wizards
<cjd>
so the state gets to watch you and the cost of the transaction is like < 0.20
<cjd>
you can negotiate transaction fees so it's not clear what they cost but at the grocery store the limit for using a card is 1 euro
Ylbam has joined #bitcoin-wizards
<kanzure>
re: sub-satoshi payments, i think it might be possible to round up and round down to the nearest satoshi, and have both parties to a payment channel agree to only close the channel once the state reflects the current sub-satoshi balance (which is not presently consensus-enforced).
<kanzure>
when someone closes a channel prematurely with the wrong balance (such as through the normal course of a payment channel), you would no longer open a channel in the future because they stole a satoshi from you [note this assumes that you are not doing anonymous payment channels....]
nikivi has quit [Quit: irc]
Emcy_ has joined #bitcoin-wizards
Emcy has quit [Ping timeout: 248 seconds]
Guyver2_ has quit [Ping timeout: 240 seconds]
Guyver2 has quit [Ping timeout: 240 seconds]
<katu>
credit vs cash, keynesian vs austrian
<katu>
i dont see any merit issues on protocol level, but economically the differences are huge
jnewbery has quit [Remote host closed the connection]
<rusty>
kanzure: currently tiny outputs are eliminated from txs and given to fees. You can't really penalize someone for unilateral close though.
<kanzure>
yes my penalization was outside the transaction system there
<kanzure>
but also, if tiny outputs are eliminated, that is also problematic :)
<kanzure>
doesn't need to be a tiny output i suppose, just a tiny change in an output
<kanzure>
it could be a soft-fork rule where that tiny difference in amounts between the two outputs would have to reflect some rules and data attached to the transaction beyond the output amounts.
<kanzure>
er, nevermind.
<kanzure>
yeah i must have slipped into colored coin land there.
danrobinson has joined #bitcoin-wizards
danrobinson has quit [Client Quit]
chjj has quit [Ping timeout: 272 seconds]
Guyver2 has joined #bitcoin-wizards
Guest39367 has quit [Ping timeout: 250 seconds]
coup_de_shitlord has joined #bitcoin-wizards
coup_de_shitlord is now known as Guest9139
NewLiberty has quit [Read error: Connection timed out]
GreenIsMyPepper has quit [Ping timeout: 248 seconds]
gigq has quit [Ping timeout: 248 seconds]
crowleyman has joined #bitcoin-wizards
davec has quit [Read error: Connection reset by peer]
davec has joined #bitcoin-wizards
GreenIsMyPepper has joined #bitcoin-wizards
gigq has joined #bitcoin-wizards
cdecker has quit [Ping timeout: 272 seconds]
jnewbery has joined #bitcoin-wizards
crowleyman has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
rusty has quit [Ping timeout: 265 seconds]
belcher has quit [Ping timeout: 265 seconds]
chjj has joined #bitcoin-wizards
OxADADA has quit [Ping timeout: 265 seconds]
belcher has joined #bitcoin-wizards
Newyorkadam has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 260 seconds]
NewLiberty has joined #bitcoin-wizards
cyphase has joined #bitcoin-wizards
Burrito has quit [Quit: i make the sleepings]
Newyorkadam has quit [Quit: Newyorkadam]
GreenIsMyPepper has quit [Ping timeout: 255 seconds]
Guest9139 has quit [Ping timeout: 248 seconds]
<petertodd>
midnightmagic: file path isn't a concern here, as the scheme never hashes it in a way that can be discovered without bruteforcing all contents of the tree; that's what the "all-or-nothing" transform is about
espes has quit [Ping timeout: 240 seconds]
huseby has quit [Ping timeout: 250 seconds]
playat has quit [Ping timeout: 250 seconds]
coup_de_shitlord has joined #bitcoin-wizards
<midnightmagic>
petertodd: I was thinking more about selective revelation of data like the filepath..?
coup_de_shitlord is now known as Guest83945
GreenIsMyPepper has joined #bitcoin-wizards
<midnightmagic>
or at least the option, I guess.
<midnightmagic>
perhaps I need to actually read more instead of assuming.
MoALTz has quit [Quit: Leaving]
<petertodd>
midnightmagic: I'm not trying to achive relevation of anything; that's too complex, better leave it to git instead
<petertodd>
I just want to be able to extract a timestmap for the contents of a file
<midnightmagic>
I was reading the comments in one of your source files and I noticed you made mention of directory information leakage.
<petertodd>
yes, by that I mean the structure of the directory trees
<petertodd>
guessing the names of files shouldn't be any easier than guessing their contents
cdecker has joined #bitcoin-wizards
<petertodd>
hmm, actually, come to think of it that's incorrect: no guessing the names of files should be impossible, as I don't hash them anywhere in the scheme
<petertodd>
(git trees have a well-defined ordering already)
espes has joined #bitcoin-wizards
chjj has quit [Ping timeout: 255 seconds]
NewLiberty_ has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 244 seconds]
NewLiberty_ is now known as NewLiberty
Davasny has quit [Remote host closed the connection]
cdecker has quit [Ping timeout: 276 seconds]
copumpkin has joined #bitcoin-wizards
playat has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
huseby has joined #bitcoin-wizards
jnewbery has quit []
belcher has quit [Remote host closed the connection]
droark has quit [Ping timeout: 250 seconds]
Guyver2 has quit [Quit: :)]
bsm117532 has quit [Quit: Leaving.]
bsm117532 has joined #bitcoin-wizards
cdecker has joined #bitcoin-wizards
rusty has quit [Ping timeout: 240 seconds]
cdecker has quit [Ping timeout: 255 seconds]
Alopex has quit [Remote host closed the connection]