sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
Noldorin has quit [Remote host closed the connection]
dnaleor has quit [Quit: Leaving]
dnaleor has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
uiuc-slack2 has quit [Remote host closed the connection]
uiuc-slack has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 240 seconds]
Dyaheon has quit [Ping timeout: 240 seconds]
Dyaheon has joined #bitcoin-wizards
BashCo has quit [Read error: Connection reset by peer]
BashCo has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 240 seconds]
CheckDavid has quit [Quit: Connection closed for inactivity]
chjj has quit [Ping timeout: 246 seconds]
intcat has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
dnaleor has joined #bitcoin-wizards
wasi has quit [Remote host closed the connection]
brianthehoffman has quit [Quit: brianthehoffman]
wasi has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 246 seconds]
arowser has quit [Quit: No Ping reply in 180 seconds.]
chjj has joined #bitcoin-wizards
dnaleor has quit [Remote host closed the connection]
arowser has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
dabura667 has joined #bitcoin-wizards
chjj has quit [Ping timeout: 258 seconds]
rmwb has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 260 seconds]
<Taek>
betawaffle: depends on how far back the checkpoint is, and what the process is for generating the checkpoint
<Taek>
ah crap was reading backlog, sorry
<betawaffle>
Taek: no worries
<betawaffle>
i know what you're talking about
<Taek>
was your question answered well or do you want me to continue?
<betawaffle>
i'll take what you've got
sausage_factory has quit [Ping timeout: 260 seconds]
thrmo has quit [Quit: Waiting for .007]
<Taek>
There are a few problems with checkpoints, but if you address them all carefully I think it'd be perfectly safe to introduce checkpoints into Bitcoin
<Taek>
One of the big issues is that you are erasing history. When you create a checkpoint, the purpose is usually to eliminate a huge part of the chain and a part of IBD
<Taek>
you can't reorg backwards past the checkpoint
<betawaffle>
like the UTXO set, how can you get it from a trusted source
<Taek>
well, like you mentioned, the Genesis block and the bitcoin-core code itself is also technically fully trusted
<betawaffle>
nobody likes the IBD
<betawaffle>
luckily the genesis block doesn't need a UTXO set
<Taek>
so, you can solve the trust issue by putting the historic blockchain into the build process, and actually working from the code+history to build the checkpoint when you build the bitcoin-core binary
<betawaffle>
it's empty ;)
<betawaffle>
but you can't ship 10 Gigs with core
<Taek>
then you can hash the utxo set, (probably with a Merkle tree), and you trust the hash absolutely, just the same as you trust the bitcoin-core binary absolutely
<Taek>
but the build process fully verifies the hash
<betawaffle>
ahh, and download it from somewhere
<Taek>
yeah
<Taek>
and you just check it matches your hashes
<betawaffle>
clever
<Taek>
For developers and for people who prefer to build everything from source using the gitian process, this checkpointing process actually provides no shortcuts, b/c you still need the full history
<Taek>
but for people who are comfortable just downloading a signed binary, they can safely skip IBD using the same trust model they are already using
<kanzure>
when's the secp256k1 paper happening, sipa
<kanzure>
or a reference doc of some kind
<sipa>
that paper introduces GLS254-based ECMH, which has pretty much all the things we need... except it a complicated and odd construction specifically designed for this purpose
<kanzure>
excuse me, i mean libsecp256k1 of course.
<sipa>
kanzure: eh, some time...
<kanzure>
fair enough
rmwb has quit [Ping timeout: 255 seconds]
<betawaffle>
sounds good, thanks!
<Taek>
sipa: that stuff looks great. honestly had not considered that it might be possible to efficiently compute the utxo hash as you go
<Taek>
That opens up a lot of possibilities
<sipa>
depends what you consider efficient :)
<sipa>
the GLs254 stuff is crazy, and hands multiple million updates per second
<sipa>
but the rest is orders of magnitude slow
<sipa>
*er
<Taek>
The blockchain already doesn't move faster than tens of thousands of updates per second, right? So if you can do 100k or so, it shouldn't be a huge performance impact overall I would think
dnaleor has joined #bitcoin-wizards
dnaleor has quit [Remote host closed the connection]
<sipa>
Taek: there are 3 metrics that matter (a) how much overhead does it add to IBD (b) how much overhead does it add to validation at the tip with pre-validated mempool txn (c) how much does it cost to compute based off a UTXO set
<sipa>
there are almost a billion inputs+outputs in the bitcoin chain IIRC, so 100000 ops/s still means 3 hours of extra CPU time
<Taek>
ah yeah, I was thinking O(100 million), but that's closer to the transaction count than the input/output count
<sipa>
on the other hand, the ECMH stuff means you can precompute the combined effect of a whole transactions, and apply it in O(nothing) time
<sipa>
which is great of keeping up at the tip
<sipa>
you can do that with MuHash too, but requires 768 bytes of storage per tx
<Taek>
per output in the utxo set you mean?
<Taek>
that's pretty nasty either way
<sipa>
no, per tx in the mempool
<Taek>
oh. That's not too bad then
gnusha has joined #bitcoin-wizards
kexkey_ has joined #bitcoin-wizards
kexkey has quit [Ping timeout: 240 seconds]
<sipa>
3072 bits = 384 bytes
<sipa>
however, modular inverse is slow, so you have to store it as numerator / denominator
<sipa>
and only apply the inverse once when you actually need the hash
kexkey_ is now known as kexkey
gnusha has quit [Quit: leaving]
gnusha has joined #bitcoin-wizards
pro has quit [Quit: Leaving]
gnusha has quit [Quit: leaving]
gnusha has joined #bitcoin-wizards
gnusha has quit [Client Quit]
gnusha has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
<gmaxwell>
Taek: it's not terrible but otoh, median transaction size is only about 250 bytes itself.
<sipa>
a lot more in memory, though
<gmaxwell>
Taek: so even considering overheads it more than muhash based would half mempool depth for a gven usage.
<gmaxwell>
given*
<sipa>
my average mempool tx is 7000 bytes in memory or so, though
<sipa>
but that's biased because larger txn tend to linger longer
<gmaxwell>
GLS254 stuff really doesn't excite me, I have no interest in diving down characteristic 2 ECC crypto rabbit hole.
<gmaxwell>
sipa: there was a big flood of large very low feerate txn last weekend.
davec has quit [Ping timeout: 276 seconds]
davec has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 258 seconds]
str4d has joined #bitcoin-wizards
chjj has quit [Ping timeout: 276 seconds]
legogris has quit [Remote host closed the connection]
BashCo has quit [Read error: Connection reset by peer]
legogris has joined #bitcoin-wizards
BashCo has joined #bitcoin-wizards
_whitelogger_ has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
Dyaheon has quit [Ping timeout: 240 seconds]
Dyaheon has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 258 seconds]
[7] has quit [Disconnected by services]
TheSeven has joined #bitcoin-wizards
adiabat has quit [Quit: WeeChat 1.4]
jouke has quit [Remote host closed the connection]
adiabat has joined #bitcoin-wizards
jouke has joined #bitcoin-wizards
jouke has joined #bitcoin-wizards
jouke has quit [Changing host]
Intensity has quit [Ping timeout: 258 seconds]
Intensity has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 240 seconds]
Dyaheon has quit [Ping timeout: 260 seconds]
Dyaheon has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
Cory has quit [Ping timeout: 240 seconds]
kexkey has quit [Ping timeout: 248 seconds]
rmwb has joined #bitcoin-wizards
LeMiner has quit [Read error: Connection reset by peer]
d9b4bef9 has quit [Remote host closed the connection]
coredump_ has quit [Ping timeout: 246 seconds]
Cory has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 246 seconds]
AaronvanW has joined #bitcoin-wizards
Aaronvan_ has joined #bitcoin-wizards
BashCo has quit [Read error: Connection reset by peer]
BashCo has joined #bitcoin-wizards
CheckDavid has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 260 seconds]
daszorz has joined #bitcoin-wizards
Guest11189 has quit [Read error: Connection reset by peer]
mr_burdell has joined #bitcoin-wizards
mr_burdell has joined #bitcoin-wizards
mr_burdell has quit [Changing host]
arubi has quit [Ping timeout: 248 seconds]
dEBRUYNE has quit [Ping timeout: 258 seconds]
brand0 has quit [Ping timeout: 240 seconds]
Fistful_of_Coins has quit [Ping timeout: 260 seconds]
str4d has joined #bitcoin-wizards
arubi has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
brand0 has joined #bitcoin-wizards
Fistful_of_Coins has joined #bitcoin-wizards
JackH has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
daszorz has quit [Ping timeout: 240 seconds]
daszorz has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 240 seconds]
daszorz has quit [Read error: Connection reset by peer]
daszorz has joined #bitcoin-wizards
coinsmurf has quit [Read error: Connection reset by peer]
coinsmurf has joined #bitcoin-wizards
dabura667 has quit [Remote host closed the connection]
coinsmurf has quit [Read error: Connection reset by peer]
coinsmurf has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
coinsmurf has quit [Read error: Connection reset by peer]
coinsmurf has joined #bitcoin-wizards
tiagotrs_ has joined #bitcoin-wizards
tiagotrs_ has quit [Quit: leaving]
rmwb has quit [Ping timeout: 276 seconds]
AaronvanW has joined #bitcoin-wizards
kenshi84_ has joined #bitcoin-wizards
kenshi84 has quit [Ping timeout: 240 seconds]
Aaronvan_ has quit [Ping timeout: 268 seconds]
Guyver2 has joined #bitcoin-wizards
pro has joined #bitcoin-wizards
coinsmurf has quit [Read error: Connection reset by peer]
d9b4bef9 has joined #bitcoin-wizards
JackH has quit [Ping timeout: 240 seconds]
JackH has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
BashCo has quit [Read error: Connection reset by peer]
BashCo has joined #bitcoin-wizards
CheckDavid has quit [Quit: Connection closed for inactivity]
rmwb has quit [Ping timeout: 258 seconds]
Belkaar has quit [Ping timeout: 240 seconds]
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
CheckDavid has joined #bitcoin-wizards
<Eliel>
might someone have a list of known smart contracts, that were borked by malleability. It's rather boring to only have payment channels (and LN by extension) to show as an example.
<waxwing>
Eliel: i think the generalisation is wherever you need to prepare a signed refund before doing the funding. well, good Q though, what are other cases.
<waxwing>
the recent paper about Loaded vs Roger hard fork bet had a really good illustration.
internetfr has joined #bitcoin-wizards
<waxwing>
on that same topic, andytoshi i think i forgot to tell you that you were right all along about that coinswap setup i was doing, even though i somehow managed to convince you otherwise :)
<Eliel>
waxwing: do you have a link to the paper?
<waxwing>
further on that topic, the long writeup i did here https://joinmarket.me/blog/blog/coinswaps/ notes how an atomic swap that doesn't care about privacy doesn't need to worry about malleability, but one that does does
Chris_Stewart_5 has quit [Ping timeout: 248 seconds]
madacol_ has quit [Ping timeout: 260 seconds]
madacol_ has joined #bitcoin-wizards
<andytoshi>
waxwing: was i? you convinced me otherwise by using CLTV in place of traditional locktimes everywhere
<waxwing>
andytoshi: yeah but i had a total derp-style fail there :) the CLTV stuff is great, so that say a standard atomic swap works, but when you're trying to "override" a hash locked + cltv output with a p2sh, used as backout, you need to sign the latter upfront, bring the malleability issue in.
<waxwing>
that's what i meant about "care about privacy or not" above
anon616 has left #bitcoin-wizards [#bitcoin-wizards]
<waxwing>
sorry the reference to 'p2sh' there is not relevant, ignore that. just override with some standard output.
<andytoshi>
yeah, i got it, i'm thinking through this
anon616 has joined #bitcoin-wizards
<waxwing>
kanzure: that does look cool eh, i note they used gradient descent, wonder if they used simulated annealing.
<andytoshi>
i thought the strategy was that the first transaction gets confirmed before anything else happens (and its outputs have a CLTV clause that make this safe), so it can't be malleated
<waxwing>
yeah that was my thinking error - you need to prepare the signed backout in advance of doing that.
<waxwing>
so if that pay-in gets malleated, the signed backout is useless
<waxwing>
(since it refers to pay-in)
<waxwing>
hmm no i'm thinking of simplex not gradient descent, whatever it does look fun :)
<andytoshi>
why? the outputs of the pay-in have a CLTV clause that lets the original spender get it back, and they can sign long after the fact
<waxwing>
ok, it sounds like you're thinking of a different design there, where the pay-ins have custom redeems.
<waxwing>
i was trying to build a swap with pay-in and payout standard txs (p2sh actually)
<yoleaux>
"In programming language theory and proof theory, the Curry–Howard correspondence (also known as the Curry–Howard isomorphism or equivalence, or the proofs-as-programs and propositions- or formulae-as-types interpretation) is the direct relationship between computer programs and mathematical proofs." — https://en.wikipedia.org/wiki/Curry-Howard_Correspondence
daszorz2 has quit [Read error: Connection reset by peer]
BashCo has quit [Read error: Connection reset by peer]
BashCo has joined #bitcoin-wizards
wasi has quit [Quit: Leaving]
Aaronvan_ has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 246 seconds]
spinza has quit [Ping timeout: 240 seconds]
<Taek>
I would be very interested in a list of cryptocurrency zero-days that led to thefts >$100k, if anyone knows of such a thing or something similar
dnaleor has quit [Quit: Leaving]
dnaleor has joined #bitcoin-wizards
spinza has joined #bitcoin-wizards
madacol_ has quit [Ping timeout: 260 seconds]
rmwb has joined #bitcoin-wizards
Dyaheon has quit [Ping timeout: 276 seconds]
Dyaheon has joined #bitcoin-wizards
madacol_ has joined #bitcoin-wizards
kanzure has quit [Remote host closed the connection]
MaxSan has joined #bitcoin-wizards
kanzure has joined #bitcoin-wizards
_Iriez has joined #bitcoin-wizards
kanzure is now known as 07EABCRRW
spinza has quit [Ping timeout: 260 seconds]
Iriez has quit [Quit: changing servers]
kanzure has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
07EABCRRW has quit [Client Quit]
kanzure has quit [Client Quit]
kanzure has joined #bitcoin-wizards
madacol_ has quit [Ping timeout: 240 seconds]
spinza has joined #bitcoin-wizards
madacol_ has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 240 seconds]
Murch has joined #bitcoin-wizards
tucenaber has quit [Ping timeout: 240 seconds]
coinsmurf has joined #bitcoin-wizards
tucenaber has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
<EarlyGrey>
hi kanzure, there was a rumor earlier about how if there is a hard fork that options wouldnt work. can you add anything to put that rumor to bed?
<kanzure>
wrong channel?
<EarlyGrey>
you cant answer?
<kanzure>
i think it's rude to flood -wizards with this. let's not.
<EarlyGrey>
where may i ask?
<EarlyGrey>
im banned everywhere
<kanzure>
how about PM.
<EarlyGrey>
why not on the public record?
<EarlyGrey>
its not as if this channel is overflowing with messages
<EarlyGrey>
so you wont answer the question publicly only in PM?
<EarlyGrey>
ok
<kanzure>
-wizards is the wrong place, and you have lost the privilege to participate in other channels. so, send me a PM is about your only option if you're truly banned everywhere else.
<EarlyGrey>
shall i relay it to my friends on #bitcoin and you can answer there?
<EarlyGrey>
im not asking for that much, just an answer to question that involves you!
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
<EarlyGrey>
not answering just opens yourself to wild speculation that its true.
EarlyGrey was kicked from #bitcoin-wizards by kanzure [EarlyGrey]
eck has quit [Quit: poop]
eck has joined #bitcoin-wizards
oleksiyp has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
oleksiyp has quit [Quit: No Ping reply in 180 seconds.]
oleksiyp has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
dnaleor has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
dnaleor_ has joined #bitcoin-wizards
dnaleor has quit [Read error: Connection reset by peer]
rmwb has quit [Ping timeout: 240 seconds]
dnaleor_ has quit [Ping timeout: 240 seconds]
dnaleor has joined #bitcoin-wizards
blackwraith has joined #bitcoin-wizards
oleksiyp has quit [Ping timeout: 255 seconds]
chjj has quit [Ping timeout: 255 seconds]
Guyver2 has quit [Ping timeout: 260 seconds]
chjj has joined #bitcoin-wizards
hukkinj1 has quit [Ping timeout: 240 seconds]
hukkinj1 has joined #bitcoin-wizards
dnaleor has quit [Ping timeout: 255 seconds]
chjj has quit [Ping timeout: 255 seconds]
prime has joined #bitcoin-wizards
prime is now known as Guest6662
Guest6662 is now known as prime__
chjj has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
jannes has quit [Quit: Leaving]
dnaleor has joined #bitcoin-wizards
<stevenroose>
#censorship! rbtc Ver kingdom bitmain agenda troll troll
* nsh
frowns
<nsh>
not here, please :)
cbeams has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
BashCo has quit [Read error: Connection reset by peer]
rmwb has quit [Ping timeout: 258 seconds]
BashCo has joined #bitcoin-wizards
thrmo has quit [Read error: Connection reset by peer]
smk has joined #bitcoin-wizards
cbeams has joined #bitcoin-wizards
chjj has quit [Ping timeout: 246 seconds]
smk has quit [Ping timeout: 268 seconds]
<betawaffle>
oh shit, what happened here
TD-Linux has quit [Ping timeout: 260 seconds]
TD-Linux has joined #bitcoin-wizards
ItsFibonacci has joined #bitcoin-wizards
<ItsFibonacci>
Is there a moderator on I can speak with
<ItsFibonacci>
I have an important suggestion for the community but I'd like to make the suggestion with the nick Fibonacci so you know it's me. No troll this is legit