sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
Yitzhak has quit [Quit: Leaving]
chjj has quit [Ping timeout: 264 seconds]
davec has quit [Read error: Connection reset by peer]
davec has joined #bitcoin-wizards
Burrito has quit [Quit: Leaving]
chjj has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
aalex has quit [Ping timeout: 272 seconds]
oleganza has quit [Quit: oleganza]
aalex has joined #bitcoin-wizards
pro has quit [Quit: Leaving]
nooblord has joined #bitcoin-wizards
musalbas has quit [Ping timeout: 250 seconds]
oleganza has joined #bitcoin-wizards
pro has joined #bitcoin-wizards
aalex has quit [Ping timeout: 244 seconds]
aalex has joined #bitcoin-wizards
CrazyTruthYakDDS has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
snthsnth has quit [Ping timeout: 244 seconds]
DigiByteDev has joined #bitcoin-wizards
pro has quit [Quit: Leaving]
snthsnth has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 272 seconds]
chjj has quit [Ping timeout: 264 seconds]
snthsnth has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
aalex has quit [Ping timeout: 264 seconds]
aalex has joined #bitcoin-wizards
luke-jr has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Dizzle has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
tromp has quit []
alferz has quit [Ping timeout: 264 seconds]
alferz has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
alferz has quit [Ping timeout: 264 seconds]
alferz has joined #bitcoin-wizards
legogris has quit [Remote host closed the connection]
legogris has joined #bitcoin-wizards
cryptocrypt has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Giszmo has quit [Quit: Leaving.]
ThomasV has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 272 seconds]
nooblord has quit [Quit: Leaving]
snthsnth has joined #bitcoin-wizards
cryptocrypt has quit [Quit: Lost terminal]
TheSeven has quit [Disconnected by services]
[7] has joined #bitcoin-wizards
Guest51949 has quit [Ping timeout: 240 seconds]
cyphase has quit [Ping timeout: 272 seconds]
e4xit_ has joined #bitcoin-wizards
cyphase has joined #bitcoin-wizards
e4xit has quit [Ping timeout: 240 seconds]
e4xit_ is now known as e4xit
ThomasV has quit [Ping timeout: 264 seconds]
snthsnth has quit [Ping timeout: 272 seconds]
snthsnth has joined #bitcoin-wizards
CrazyTruthYakDDS has quit [Quit: Connection closed for inactivity]
mrkent has quit []
DigiByteDev has quit [Quit: DigiByteDev]
DigiByteDev has joined #bitcoin-wizards
DigiByteDev has quit [Client Quit]
NewLiberty has quit [Ping timeout: 272 seconds]
jtimon has quit [Ping timeout: 264 seconds]
cyphase has quit [Ping timeout: 244 seconds]
gabridome has joined #bitcoin-wizards
Dizzle has quit [Remote host closed the connection]
cyphase has joined #bitcoin-wizards
gabridome has quit [Ping timeout: 244 seconds]
gabridome has joined #bitcoin-wizards
wizkid057 has quit [Ping timeout: 268 seconds]
Dizzle has joined #bitcoin-wizards
metric has joined #bitcoin-wizards
metric is now known as Guest33834
Ylbam has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 244 seconds]
wizkid057 has joined #bitcoin-wizards
snthsnth has joined #bitcoin-wizards
DigiByteDev has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 244 seconds]
RedEmerald has quit [Ping timeout: 264 seconds]
snthsnth has joined #bitcoin-wizards
aalex has quit [Ping timeout: 272 seconds]
aalex has joined #bitcoin-wizards
gabridome has quit [Quit: gabridome]
gabridome has joined #bitcoin-wizards
wizkid057 has quit [Ping timeout: 268 seconds]
gabridome has quit [Quit: gabridome]
snthsnth has quit [Ping timeout: 264 seconds]
wizkid057 has joined #bitcoin-wizards
snthsnth has joined #bitcoin-wizards
luke-jr has quit [Quit: ZNC - http://znc.sourceforge.net]
luke-jr has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 244 seconds]
execute has joined #bitcoin-wizards
baxt has joined #bitcoin-wizards
luke-jr has quit [Ping timeout: 272 seconds]
luke-jr has joined #bitcoin-wizards
RedEmerald has joined #bitcoin-wizards
baxt has left #bitcoin-wizards ["Be back later..."]
DigiByteDev has quit [Quit: DigiByteDev]
jannes has joined #bitcoin-wizards
RedEmerald has quit [Quit: ZNC - 1.6.0 - http://znc.in]
RedEmerald has joined #bitcoin-wizards
e4xit has quit [Ping timeout: 244 seconds]
Dizzle has quit [Quit: Leaving...]
xissburg has quit [Read error: Network is unreachable]
ThomasV has quit [Ping timeout: 272 seconds]
DigiByteDev has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
baxt has joined #bitcoin-wizards
baxt has left #bitcoin-wizards [#bitcoin-wizards]
aalex has quit [Ping timeout: 264 seconds]
ThomasV has quit [Ping timeout: 244 seconds]
aalex has joined #bitcoin-wizards
alferz has quit [Ping timeout: 264 seconds]
baxt has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
pro has joined #bitcoin-wizards
baxt has quit [Ping timeout: 272 seconds]
DigiByteDev has quit [Quit: DigiByteDev]
NewLiberty has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 272 seconds]
e4xit has joined #bitcoin-wizards
Emcy_ has quit [Read error: Connection reset by peer]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
xissburg has joined #bitcoin-wizards
davec has quit [Read error: Connection reset by peer]
davec has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 276 seconds]
baxt has joined #bitcoin-wizards
baxt has left #bitcoin-wizards [#bitcoin-wizards]
atgreen has quit [Ping timeout: 244 seconds]
_rht has joined #bitcoin-wizards
nikivi has joined #bitcoin-wizards
nikivi has quit [Remote host closed the connection]
NewLiberty has joined #bitcoin-wizards
jouke has quit [Quit: leaving]
chjj has quit [Ping timeout: 264 seconds]
jnewbery has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
atgreen has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 272 seconds]
<waxwing> e0: the puzzle-solver redeem transactions broadcast by the tumbler would have 15 preimages each of size 16 bytes (lamba_1=128), is that right?
<waxwing> i'm trying to find it on the blockchain but can't get the numbers right, e.g. i think this is one: https://blockchain.info/tx/5d6370925491430a5872315fa8ceb2051c7dfd684458efc17bab7866cde576fc
<waxwing> i seem to be wrong one way or another :)
jl2012_ is now known as jl2012
Giszmo has joined #bitcoin-wizards
Yitzhak has joined #bitcoin-wizards
arowser has quit [Quit: No Ping reply in 180 seconds.]
arowser has joined #bitcoin-wizards
Commandroid has joined #bitcoin-wizards
Yitzhak has quit [Client Quit]
Commandroid has quit [Remote host closed the connection]
Commandroid has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
ruby32 has joined #bitcoin-wizards
nikivi has joined #bitcoin-wizards
ruby32 has quit [Ping timeout: 244 seconds]
Commandroid has quit [Quit: Leaving]
Commandroid has joined #bitcoin-wizards
Commandroid has quit [Client Quit]
Chris_Stewart_5 has joined #bitcoin-wizards
nikivi has quit [Read error: Connection reset by peer]
huseby has quit [Ping timeout: 272 seconds]
huseby has joined #bitcoin-wizards
nikivi has joined #bitcoin-wizards
nikivi has quit [Client Quit]
alferz has joined #bitcoin-wizards
<nicolagreco> Question about multisig and malleability: If I send a transaction to an address of (myKey, h(some data)) - with the aim to store extra data on the chain, can someone intercept this request, change it to (myKey, h(fakedata)) ?
<Taek> nicolagreco: not if your signature covers the data.
<Taek> transaction malleability primarily refers to the fact that given some data and a valid signature, you can create an alternate valid signature on the same data. This changes the transaction id, which causese problems for anyone who uses transaction ids
alferz has quit [Ping timeout: 264 seconds]
edvorg has joined #bitcoin-wizards
alferz has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 272 seconds]
edvorg has quit [Remote host closed the connection]
cyphase has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
cyphase has quit [Max SendQ exceeded]
cyphase has joined #bitcoin-wizards
<andytoshi> nicolagreco: it would be better to send the data to myKey + h(some data, myPublicKey) since this will take no extra blockchain space, will work with standard transactions, and has better privacy properties
jtimon has joined #bitcoin-wizards
<Taek> katu, andytoshi: finally got a jute draft that I'm happy with.
<Taek> gist.github.com/Taek42/3e4f029261b5719e4587fe4972fb904a
Chris_Stewart_5 has quit [Ping timeout: 264 seconds]
<Taek> The most interesting part is 'The Jute Ordering Algorithm', most of the stuff after that I just kinda puked out
<Taek> I think the most useful advancement was deciding to confirm DAG edges instead of DAG nodes.
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
pro has quit [Quit: Leaving]
mrkent has joined #bitcoin-wizards
pro has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
edvorg has joined #bitcoin-wizards
jnewbery has quit [Remote host closed the connection]
droark has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 264 seconds]
jnewbery has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
edvorg has quit [Ping timeout: 264 seconds]
BashCo has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 244 seconds]
cyphase has joined #bitcoin-wizards
Commandroid has joined #bitcoin-wizards
Commandroid has quit [Client Quit]
NewLiberty_ has joined #bitcoin-wizards
<andytoshi> Taek: nit: under 'High Variance Mining Rewards', the number of blocks found is poisson
<andytoshi> (the time to find blocks is exponential)
NewLiberty has quit [Ping timeout: 244 seconds]
nikivi has joined #bitcoin-wizards
nikivi has quit [Client Quit]
nikivi has joined #bitcoin-wizards
nikivi has quit [Client Quit]
<andytoshi> Taek: i'm a bit confused about this algorithm for voting .. i set `parent` to the genesis block then look at the votes on all edges from parent to its children
<andytoshi> so an edge from A to B means B commits to A
<andytoshi> now, it seems like to get these vote counts i need to recurse? the algorithm as written seems to suggest that i know them already
NewLiberty_ is now known as NewLiberty
Chris_Stewart_5 has quit [Ping timeout: 264 seconds]
ThomasV has joined #bitcoin-wizards
Commandroid has joined #bitcoin-wizards
shesek has quit [Read error: Connection reset by peer]
Commandroid has quit [Client Quit]
<andytoshi> ok, i think i understand the merge algo actually, well enough at least that i can make my own examples..
<andytoshi> will votes eventually be weighted by difficulty?
<andytoshi> i'm a little nervous about this "don't allow merges after enough work", this has the feel to me like "don't allow reorgs after too long" which leads to permanent forks. but it's different, of course, because merges are committed to by tips, so if somebody tried to do this there wouldn't be any partition who thought it was legitimate..
snthsnth has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 264 seconds]
<waxwing> e0: or anyone else that knows about tumblebit, i'm having trouble understanding step 2 of the puzzle promise protocol on pg13; the real transactions seem to have a random (rho_i) appended before hashing, but this doesn't seem to make sense (no point signing a real tx with a random pad). when i look at the poc code, it seems like there is no such pad (and randomness is achieved through the receiving address being random, which i think makes sense
<waxwing> ).
<andytoshi> i think in the paper it is not assumed that transactions have secret random data in them
<waxwing> andytoshi: yes, i agree, just step 2 in that protocol (and the footnote to the table/figure) it talks specifically about appending random padding to CashoutTFormat
<waxwing> whole thing makes sense to me apart from that bit.
<andytoshi> waxwing: if the tx does not contain secret data not known to the tumbler, then the tumbler could in principle distinguish the real commitments from the fake ones
<andytoshi> that was my understanding when i read the paper
<andytoshi> what's in the code sounds like an optimization based on the fact that the transaction output is already a random pad
Commandroid has joined #bitcoin-wizards
<waxwing> andytoshi: ok that makes sense to me, except it isn't optional, you couldn't random-pad the real one(s) because then T would be ecdsa signing something useless. or did i miss something.
<andytoshi> waxwing: the ECDSA signature is totally separate from the blind signature that the tumbler gives
<andytoshi> at the point when the tumbler makes an ECDSA signature, it has the real tx
<nicolagreco> andytoshi: would that not pollute utxo ? when you use +, you mean concatenation or addition?
<andytoshi> nicolagreco: i mean addition
<andytoshi> nicolagreco: i should have added *G to the thing i added, i was being ambiguous because i wasn't sure if myKey was public or private
<waxwing> andytoshi: i'm talking about step 5 in the puzzle promise. there it ecdsa signs the hash of all the reals and all the fakes.
Commandroid has quit [Client Quit]
Commandroid has joined #bitcoin-wizards
Commandroid is now known as Guest14072
Guest14072 has quit [Client Quit]
Guest14072 has joined #bitcoin-wizards
Guest14072 has quit [Remote host closed the connection]
<waxwing> the fakes have random pads, and according to step 2 (although the term. isn't that clear), it seems to be saying the reals also have random rho_i. (it signs the "beta_i" values which are the ht_i and ft_i)
Guest23412434 has joined #bitcoin-wizards
Guest23412434 is now known as commandroid
<bsm117532> Taek: Are these "votes" equivalent to evaluating the highest work?
snthsnth has joined #bitcoin-wizards
NewLiberty_ has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 244 seconds]
<andytoshi> waxwing: yeah, you're right
<andytoshi> but note that every real challenge needs to have different randomness in it
<andytoshi> so i think the paper is just weirdly written, it should say something like "T_cash^i = CashOutFormat(p_i)" and explain that CashOutFormat() takes randomness and produces the signaturehash of a transaction outputting to some address owned by B
<andytoshi> cuz even "the unsigned portion of a transaction" is not right, it has to be the signature hash
<andytoshi> (i seem to remember getting stuck on this point too, though i don't remembre how i resolved it)
jps has joined #bitcoin-wizards
<Taek> andytoshi: all votes are weighted by difficulty, yeah. Not allowing merges after enough work is actually poorly defined, I think you'd want to outright use the same 'max gap' rule from before. But this time the threshold is set very high
jps has quit [Quit: jps]
<Taek> I think you could set it at something more like 24 hours, but already '2000' means that in the past 3 hours, more than 2000 blocks have ignored you
<andytoshi> sure
<Taek> And those 2000 blocks all have enough work to be ordered under you.
<andytoshi> well if the goal is to avoid orphan risk from slow propagation, this is fine
<Taek> the only reason I have it is because you can't have blocks building off of the genesis block 5 years later
<Taek> the line needs to be drawn somewhere, and preferably inside of the most recent difficulty adjustment
<andytoshi> yeah, absolutely
<andytoshi> i had a similar problem with MW, i just had to eat it (since near the tip i'm using satoshi consensus, this is not so bad)
<Taek> bsm117532: the 'votes' help you figure out which cohort to add to the dag next, but the highest work is measured by counting the total number of decendents of the tip block
<Taek> So I would say that they are different, though 'votes' are sort of like confirmations. They are weaker though because you don't end up confirming every route in the DAG, only a single route
<Taek> After the network has converged, every single block will vote for the same route past wherever the convergence point was, so in the long term it does end up being as strong as Bitcoin confirmations
<Taek> it's just that the security is delayed until the convergence starts
<bsm117532> Let's say some miner keeps mining blocks with their only parent as the genesis block. Will they get merged?
<Taek> only if their gap height never exceeds 2000, which means some block from the main chain would have to be merging them in. So, no they won't get merged
<bsm117532> Ok so you're putting in an arbitrary cutoff that disallows forks longer than a certain length?
<Taek> Essentially, yes. Though it's a very large cutoff, b/c you don't want any reasonable situation where an attacker could get that many blocks in a row and start orphaning honest blocks
<bsm117532> I had kind of decided to allow merging of all such blocks. But it turns everything into one giant cohort. That's not in itself a problem but complicates making references to chain state.
<Taek> 2000 blocks (at a 5 second block time) is a huge threshold to hit if you have minority hashrate
<bsm117532> I'm more concerned about healing network forks, and I don't want to have to guess how long it will take to restore connectivity...
<Taek> like a partition?
<bsm117532> yes
<Taek> if there's a partition that lasts multiple hours, one side is going to win and cause a bunch of orphans on the other side. To me that seems like a pretty reasonable failure mode though.
<bsm117532> I'd allow the merge, but double-spends would be decided in favor of the majority hashpower fork of course. This is more along the lines of the "inclusive" blockchains -- keep all blocks regardless of content.
<Taek> you run into a problem where someone can continually mine a torrent of blocks by using a parent from a time where the difficulty is 1% the current difficulty. Then you run into network throughput problems
<bsm117532> That would be a dumb difficulty targeting algorithm...
oleganza has quit [Quit: oleganza]
<Taek> ?
<Taek> it's how Bitcoin currently works
jtimon has quit [Ping timeout: 264 seconds]
<bsm117532> I'd also say Bitcoin's retargeting is "dumb" ;-)
<bsm117532> As many altcoins discovered...
<Taek> The difficulty is going to be approximately tracking the product of a coin's growth and moore's law
<bsm117532> Taek: did you describe a difficulty targeting algorithm in your doc?
<Taek> regardless of how you are doing difficulty adjustment, if you mine on a block from some weeks ago, it's likely going to have an appreciably lower difficulty.
chjj has quit [Ping timeout: 264 seconds]
droark has quit [Quit: ZZZzzz…]
<Taek> I just kind of handwaved over that part. Naively you could just set the retarget to every 2 weeks, (every 241,920 blocks) and then just keep the same algo as Bitcoin
<Taek> I came up with a new difficulty adjustment algorithm that lets you update ~every block without introducing the tailspins that usually occur
<Taek> but ultimately I don't think it's necessary and want to keep things simple
<bsm117532> I've been working on a window-based retargeting. The retarget, like blocks are a synchronous event and the system can't tolerate two at once. So it makes sense to take into account the fundamental asynchronicity of the network -- which means that at any given time there's a range of difficulty targets that could be acceptible.
<Taek> If I was to make another coin, I'd use a difficulty adjustment algorithm that updated as frequently as possible. Just need to mix in some extra-algebra to prevent volatility
<bsm117532> Yeah my retargeting is continuous. So the acceptable window moves with time and is updated with each block.
chjj has joined #bitcoin-wizards
edvorg has joined #bitcoin-wizards
<waxwing> andytoshi: agreed, yeah, sorry for sidetracking you :) probably it was just unclear-ness in the way it's written.
chjj has quit [Ping timeout: 244 seconds]
priidu has quit [Ping timeout: 272 seconds]
btcdrak has quit [Quit: Connection closed for inactivity]
atgreen has quit [Read error: Connection reset by peer]
ThomasV has quit [Ping timeout: 264 seconds]
jtimon has joined #bitcoin-wizards
atgreen has joined #bitcoin-wizards
commandroid has quit [Read error: Connection reset by peer]
chjj has joined #bitcoin-wizards
atgreen has quit [Read error: Connection reset by peer]
oleganza has joined #bitcoin-wizards
btcdrak has joined #bitcoin-wizards
BashCo has quit [Remote host closed the connection]
BashCo has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 264 seconds]
snthsnth has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
Topogetcyrpto has joined #bitcoin-wizards
jnewbery has quit []
shesek has joined #bitcoin-wizards
Guyver2 has quit [Read error: Connection reset by peer]
atgreen has joined #bitcoin-wizards
Topogetcyrpto has quit [Ping timeout: 272 seconds]
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Changing host]
AaronvanW has joined #bitcoin-wizards
Topogetcyrpto has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 272 seconds]