sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
rusty has joined #bitcoin-wizards
elichai2 has quit [Quit: Connection closed for inactivity]
TheoStorm_ has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 245 seconds]
DarkNetizen has joined #bitcoin-wizards
AaronvanW has quit [Remote host closed the connection]
shesek has joined #bitcoin-wizards
shesek has quit [Changing host]
shesek has joined #bitcoin-wizards
tromp has joined #bitcoin-wizards
Zenton has quit [Ping timeout: 246 seconds]
tromp has quit [Ping timeout: 244 seconds]
TheoStorm_ has quit [Quit: Leaving]
TheoStorm has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 252 seconds]
mn3monic has joined #bitcoin-wizards
lagadonian has quit [Quit: Page closed]
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 246 seconds]
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
pinheadmz has quit [Quit: pinheadmz]
pinheadmz has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 250 seconds]
fkinglag has quit [Remote host closed the connection]
fkinglag has joined #bitcoin-wizards
mn3monic has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 240 seconds]
mn3monic has quit [Ping timeout: 252 seconds]
mn3monic has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
booyah has quit [Read error: Connection reset by peer]
AaronvanW has quit [Ping timeout: 250 seconds]
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
DeanGuss has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
TheoStorm has quit [Quit: Leaving]
mn3monic has quit [Ping timeout: 252 seconds]
mn3monic has joined #bitcoin-wizards
tromp has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
tromp has quit [Ping timeout: 240 seconds]
mn3monic has quit [Ping timeout: 250 seconds]
AaronvanW has quit [Ping timeout: 246 seconds]
mn3monic has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 252 seconds]
mn3monic has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
DarkNetizen has quit [Ping timeout: 245 seconds]
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
mn3monic has quit [Changing host]
mn3monic has joined #bitcoin-wizards
pinheadmz has quit [Quit: pinheadmz]
tromp has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 252 seconds]
pinheadmz has joined #bitcoin-wizards
tromp has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
mn3monic has quit [Ping timeout: 250 seconds]
mn3monic has joined #bitcoin-wizards
mn3monic has quit [Changing host]
mn3monic has joined #bitcoin-wizards
Belkaar has quit [Ping timeout: 245 seconds]
mn3monic has quit [Ping timeout: 250 seconds]
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
mn3monic has joined #bitcoin-wizards
spinza has quit [Quit: Coyote finally caught up with me...]
<adiabat>
(a way to make derivable R points which was still secure would be very useful but doesn't seem possible)
jaromil has quit [Ping timeout: 246 seconds]
jaromil has joined #bitcoin-wizards
jaromil has quit [Changing host]
jaromil has joined #bitcoin-wizards
Zenton has quit [Ping timeout: 250 seconds]
ddustin has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
ddustin has quit []
rusty has joined #bitcoin-wizards
ddustin has joined #bitcoin-wizards
ddustin has quit [Read error: Connection reset by peer]
ddustin has joined #bitcoin-wizards
ddustin has quit [Remote host closed the connection]
ddustin has joined #bitcoin-wizards
ddustin has quit [Read error: Connection reset by peer]
ddustin has joined #bitcoin-wizards
ddustin has quit [Read error: Connection reset by peer]
ddustin has joined #bitcoin-wizards
rusty has left #bitcoin-wizards [#bitcoin-wizards]
jtimon has quit [Ping timeout: 245 seconds]
pinheadmz has quit [Quit: pinheadmz]
DeanGuss has quit [Ping timeout: 256 seconds]
pinheadmz has joined #bitcoin-wizards
drexl has quit [Quit: drexl]
<adam3us>
adiabat: problem with (publicly) derivable R points is you get related k values which are insecure
root2 has joined #bitcoin-wizards
jtimon has joined #bitcoin-wizards
root2 has quit [Quit: WeeChat 1.9.1]
Guest76566 has joined #bitcoin-wizards
pinheadmz has quit [Quit: pinheadmz]
Guest76566 is now known as qianbi
trotski2000 has quit [Quit: Connection closed for inactivity]
DarkNetizen has joined #bitcoin-wizards
<adiabat>
adam3us: agreed; some way to give a "seed" or "generator" which would allow people to compute R points that were not linearly related
<adiabat>
but that the person providing the "seed" would still know the k values... would be cool! But doesn't seem there's any way to do so.
<adiabat>
in the regular discrete log curves; with pairing curves seems possible (mentioned by andytoshi above)
<adiabat>
so in practice you just say "here's a whole bunch of R's that I know all the k's for", which is OK for smallish numbers of R's.
qianbi is now known as jkjk
jkjk is now known as zj
zj is now known as create_seed
enemabandit has quit [Ping timeout: 268 seconds]
pinheadmz has joined #bitcoin-wizards
create_seed is now known as jasonzhouu
<gmaxwell>
adiabat: if by "okay" you mean "in practice results in dangerously fragile systems", yes. :)
<gmaxwell>
having to manage the state so that you don't reuse isn't easy. E.g. what happens if you get a power cut instantly after signing.. you need to not reuse the nonce.
<gmaxwell>
it probably possible to build real systems that are safe that do that... but there is a lot that can go wrong.
tiagotrs has quit [Ping timeout: 244 seconds]
<mappum_>
gmaxwell: that's ok because it's already a constraint for this flavor of proof-of-stake, e.g. 2 different signatures for the same blockheight are considered proof of punishable fraud
Zenton has joined #bitcoin-wizards
<gmaxwell>
Must be nice to live in a world without need for backups or power outages, where all software is bug free, and where randomly losing funds is okay. :)
spinza has quit [Quit: Coyote finally caught up with me...]
<mappum_>
those things always pose a risk, but it seems negligible with a combination of write-ahead-logs before signing, and checking the state of the network (e.g. if my machine went down right after signing at height H, then came back up and saw signatures from the other signatories at H+n, I have no need to sign at H again)
shesek has quit [Ping timeout: 246 seconds]
Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]
Murch has quit [Quit: Snoozing.]
Murch has joined #bitcoin-wizards
<adiabat>
doesn't sipa have some wonderfully complex method to prove non-reuse of nonces for signing...? :)
<so>
laurentmt has joined #bitcoin-wizards
<sipa>
adiabat: working on it :)
spinza has joined #bitcoin-wizards
elichai2 has quit [Quit: Connection closed for inactivity]
laurentmt has quit [Ping timeout: 245 seconds]
dgenr8 has joined #bitcoin-wizards
michaels_ has quit [Remote host closed the connection]
Murch has quit [Quit: Snoozing.]
shesek has joined #bitcoin-wizards
shesek has quit [Changing host]
shesek has joined #bitcoin-wizards
sipa has quit [Quit: leaving]
jimpo_ has joined #bitcoin-wizards
x-warrior_ has joined #bitcoin-wizards
emzy_ has joined #bitcoin-wizards
helo_ has joined #bitcoin-wizards
comboy_ has joined #bitcoin-wizards
asok_ has joined #bitcoin-wizards
robogoat_ has joined #bitcoin-wizards
rotarydialer_ has joined #bitcoin-wizards
jonasschnelli_ has joined #bitcoin-wizards
afk|dbarrett has joined #bitcoin-wizards
spinza has quit [Quit: Coyote finally caught up with me...]