sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
AaronvanW has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 248 seconds]
RubenSomsen has quit [Quit: Connection closed for inactivity]
d9b4bef9 has quit [Remote host closed the connection]
tromp has joined #bitcoin-wizards
Belkaar has quit [Ping timeout: 260 seconds]
tromp has quit [Ping timeout: 240 seconds]
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
Murch has quit [Quit: Snoozing.]
huseby has quit [Ping timeout: 276 seconds]
<kanzure>
i like the trick about encryption with the transaction and txid etc
<kanzure>
and partial tx construction from different pieces of knowledge
<kanzure>
or using the transaction as a private key
tromp has joined #bitcoin-wizards
_whitelogger has joined #bitcoin-wizards
huseby has joined #bitcoin-wizards
son0p has quit [Quit: leaving]
veleiro has joined #bitcoin-wizards
RubenSomsen has joined #bitcoin-wizards
<aj>
waxwing: yes, NUMS G2. P-s*G2 = A + H(..)*G, so as long as you know the private key for "A" and can calculate the hash, you can do the signature, and as long as you know P,s,G2 you can verify the signature
<aj>
waxwing: you have to provide three things, "s" the redeemScript, which might be "HASH160 <something> OP_EQUALVERIFY" eg to force you to provide a hash preimage, you have to provide the witness for s (ie, the preimage), and you have to provide a signature for the scriptPubkey P-s*G2, but P = A+s*G2+H(A+s*G2,Q)*G, so P-s*G2 = A+H(A+s*G2,Q)*G which you can sign with
veleiro` has joined #bitcoin-wizards
veleiro has quit [Ping timeout: 260 seconds]
tromp has joined #bitcoin-wizards
tromp has quit [Ping timeout: 244 seconds]
d9b4bef9 has joined #bitcoin-wizards
veleiro` has quit [Ping timeout: 264 seconds]
TheoStorm has quit [Ping timeout: 260 seconds]
tromp has joined #bitcoin-wizards
tromp has quit [Ping timeout: 240 seconds]
TheoStorm has joined #bitcoin-wizards
Krellan has joined #bitcoin-wizards
JackH has quit [Ping timeout: 264 seconds]
TheoStorm has quit [Ping timeout: 264 seconds]
Belkaar has quit [Ping timeout: 260 seconds]
Belkaar has joined #bitcoin-wizards
Belkaar is now known as Guest92225
TheoStorm has joined #bitcoin-wizards
tromp has joined #bitcoin-wizards
tromp has quit [Ping timeout: 240 seconds]
bitdex has quit [Ping timeout: 250 seconds]
Belkaar_ has joined #bitcoin-wizards
Guest92225 has quit [Ping timeout: 244 seconds]
TheoStorm has quit [Ping timeout: 240 seconds]
tromp has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
<waxwing>
aj, ah thanks, some kind of mental block there, i was reading P - sG2 and forgetting that P included sG2 so it cancels.
<waxwing>
so you did mean " a signature *on* the key..."
Krellan has quit [Read error: Connection reset by peer]
Krellan has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 240 seconds]
Krellan has quit [Ping timeout: 240 seconds]
Krellan has joined #bitcoin-wizards
midnightmagic has quit [Quit: quit]
TheoStorm has joined #bitcoin-wizards
midnightmagic has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 240 seconds]
robogoat has quit [Ping timeout: 244 seconds]
robogoat has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 240 seconds]
TheoStorm has joined #bitcoin-wizards
SopaXorzTaker has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 240 seconds]
thrmo has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
adlai has joined #bitcoin-wizards
adlai has left #bitcoin-wizards [#bitcoin-wizards]
adlai has joined #bitcoin-wizards
Aaronvan_ has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 260 seconds]
TheoStorm has quit [Ping timeout: 260 seconds]
TheoStorm has joined #bitcoin-wizards
CheckDavid has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 260 seconds]
TheoStorm has joined #bitcoin-wizards
Nightwolf has quit [Read error: Connection reset by peer]
Nightwolf has joined #bitcoin-wizards
Krellan has quit [Read error: Connection reset by peer]
veleiro` has joined #bitcoin-wizards
Krellan has joined #bitcoin-wizards
Aaronvan_ has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 240 seconds]
Guyver2 has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 244 seconds]
Krellan has quit [Ping timeout: 240 seconds]
veleiro` has quit [Ping timeout: 264 seconds]
TheoStorm has joined #bitcoin-wizards
Krellan has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
SopaXorzTaker has quit [Ping timeout: 240 seconds]
AaronvanW has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
SopaXorzTaker has joined #bitcoin-wizards
SopaXT has joined #bitcoin-wizards
SopaXorzTaker has quit [Ping timeout: 244 seconds]
CheckDavid has quit [Quit: Connection closed for inactivity]
SopaXT is now known as SopaXorzTaker
TheoStorm has quit [Ping timeout: 244 seconds]
TheoStorm has joined #bitcoin-wizards
AaronvanW has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 260 seconds]
thrmo has quit [Ping timeout: 260 seconds]
thrmo has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 260 seconds]
TheoStorm has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
Krellan has quit [Read error: Connection reset by peer]
Krellan has joined #bitcoin-wizards
Krellan has quit [Ping timeout: 240 seconds]
Krellan has joined #bitcoin-wizards
RubenSomsen has quit [Quit: Connection closed for inactivity]
ruby32 has joined #bitcoin-wizards
<ruby32>
Hi all, looking at the Trezor code on github, I'm confused why the secp256k1 curve constants are written in base30 instead of using the "usual" base32 values?
<ruby32>
I found a comment here explaining something about base30, but it doesn't make sense why they'd do this, considering bignum256 can already store up to 288 bits
<ruby32>
My best guess is that by using base30, for 270 bit ints, they'd be better off operating on 9 base30 ints than on "8 and change" base32 ints, ostensibly to reduce errors. However, it doesn't seem like that makes much sense
TheoStorm has quit [Ping timeout: 256 seconds]
RubenSomsen has joined #bitcoin-wizards
vicenteH has quit [Read error: Connection reset by peer]
<gmaxwell>
waxwing: I saw a different writeup on that previously (perhaps the one roasbeef linked) but I couldn't understand what it was attempting to provide over a blind signature.
tromp has joined #bitcoin-wizards
<waxwing>
right, that's my current Q about it, what's the compare-and-contrast vs a blind schnorr sig
<waxwing>
i mean it does use a schnorr sig kinda, because you have to provide a dleq proof. not sure if that matters, though.
<gmaxwell>
it just seemed a lot more complex,
<waxwing>
roasbeef, thx
<waxwing>
gmaxwell, i don't know, seems like one round of interaction to sign and one to redeem. but i don't know the blind schnorr sig well enough (nor these chaumian token type schemes generally) to really have any sense of it.
deusexbeer has quit [Ping timeout: 240 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
SopaXorzTaker has quit [Remote host closed the connection]
TheoStorm has quit [Ping timeout: 260 seconds]
TheoStorm has joined #bitcoin-wizards
Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]
Krellan has quit [Read error: Connection reset by peer]
Krellan has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 260 seconds]
ruby32 has quit [Remote host closed the connection]
<nickler>
waxwing: it looks like you can't prove to a third party that you have a token because they'd need to evaluate `F_x(y)` which only server can
<nickler>
also, it doesn't support attributes which vanilla blind schnorr sigs don't do either
Krellan has quit [Ping timeout: 265 seconds]
<waxwing>
re: not provable to 3rd party, yeah, just a usage token for a service at the server. so yeah not like a signature. i don't know about attributes in this context. i should probably look at your slides again.
Krellan has joined #bitcoin-wizards
grubles has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
<nickler>
attributes would be something like amount or asset type in the ecash context and you'd want to be able to prove these attributes to a third party. This is f.e. possible with Brands credentials http://www.credentica.com/overview.pdf
grubles has quit [Quit: Leaving]
tromp has quit [Remote host closed the connection]
deusexbeer has joined #bitcoin-wizards
tromp has joined #bitcoin-wizards
grubles has joined #bitcoin-wizards
tromp has quit [Ping timeout: 240 seconds]
Giszmo has quit [Ping timeout: 244 seconds]
tromp has joined #bitcoin-wizards
son0p has joined #bitcoin-wizards
Giszmo has joined #bitcoin-wizards
tromp has quit [Ping timeout: 240 seconds]
son0p has quit [Quit: leaving]
son0p has joined #bitcoin-wizards
son0p has quit [Read error: Connection reset by peer]
Krellan has quit [Read error: Connection reset by peer]
Krellan has joined #bitcoin-wizards
AaronvanW has quit [Remote host closed the connection]