sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
kjetilho1 has quit []
pinheadmz has quit [Ping timeout: 240 seconds]
dfreedm has joined #bitcoin-wizards
Ox207fffff has quit [Read error: Connection reset by peer]
Ox207fffff has joined #bitcoin-wizards
Ox207fffff has quit [Ping timeout: 240 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
pinheadmz has joined #bitcoin-wizards
pinheadmz has quit [Client Quit]
pinheadmz has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 268 seconds]
Belkaar_ has quit [Ping timeout: 240 seconds]
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
queip has quit [Ping timeout: 250 seconds]
Belkaar has quit [Ping timeout: 250 seconds]
queip has joined #bitcoin-wizards
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
rusty has quit [Quit: Leaving.]
davterra has quit [Remote host closed the connection]
pinheadmz_ has joined #bitcoin-wizards
pinheadmz has quit [Read error: Connection reset by peer]
pinheadmz_ is now known as pinheadmz
AaronvanW has quit [Ping timeout: 240 seconds]
DeanGuss has quit [Ping timeout: 260 seconds]
pinheadmz has quit [Quit: pinheadmz]
pinheadmz has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
DeanGuss has joined #bitcoin-wizards
nick_freeman has joined #bitcoin-wizards
nick_fre_ has quit [Ping timeout: 245 seconds]
dfreedm has quit []
captjakk has joined #bitcoin-wizards
fimp has joined #bitcoin-wizards
nick_freeman has quit [Remote host closed the connection]
tromp has joined #bitcoin-wizards
tromp has quit [Ping timeout: 246 seconds]
nick_freeman has joined #bitcoin-wizards
nick_freeman has quit [Ping timeout: 250 seconds]
AaronvanW has joined #bitcoin-wizards
DeanGuss has quit [Ping timeout: 260 seconds]
AaronvanW has quit [Ping timeout: 265 seconds]
tromp has joined #bitcoin-wizards
tromp has quit [Ping timeout: 246 seconds]
tochka4 has quit [Remote host closed the connection]
tochka4 has joined #bitcoin-wizards
tochka4 has quit [Remote host closed the connection]
fimp has quit [Remote host closed the connection]
nick_freeman has joined #bitcoin-wizards
tromp has joined #bitcoin-wizards
nick_freeman has quit [Ping timeout: 245 seconds]
tromp has quit [Ping timeout: 246 seconds]
rusty has quit [Quit: Leaving.]
AIM has joined #bitcoin-wizards
jonatack has quit [Quit: jonatack]
marcoagner has joined #bitcoin-wizards
queip_ has joined #bitcoin-wizards
queip has quit [Ping timeout: 268 seconds]
queip_ is now known as queip
AaronvanW has joined #bitcoin-wizards
tochka4 has joined #bitcoin-wizards
nick_freeman has joined #bitcoin-wizards
nick_freeman has quit [Ping timeout: 250 seconds]
tromp has joined #bitcoin-wizards
AIM has quit [Ping timeout: 240 seconds]
jungly has quit [Remote host closed the connection]
jungly has joined #bitcoin-wizards
queip has quit [Ping timeout: 268 seconds]
queip has joined #bitcoin-wizards
ddustin has quit [Remote host closed the connection]
AaronvanW has quit [Ping timeout: 240 seconds]
queip_ has joined #bitcoin-wizards
queip has quit [Ping timeout: 240 seconds]
queip_ is now known as queip
AaronvanW has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
CjS77 has quit [Quit: Leaving]
Blackwolfsa has quit [Quit: Leaving]
Hansie has quit [Quit: Leaving]
stanimal6 has quit [Quit: Leaving]
simian_za has quit [Quit: Leaving]
neonknight64 has quit [Quit: Leaving]
Hansie has joined #bitcoin-wizards
json_ has joined #bitcoin-wizards
Blackwolfsa has joined #bitcoin-wizards
CjS77 has joined #bitcoin-wizards
neonknight64 has joined #bitcoin-wizards
stanimal6 has joined #bitcoin-wizards
simian_za has joined #bitcoin-wizards
jrayhawk has quit [Quit: migration]
ddustin has joined #bitcoin-wizards
toresbe1 has joined #bitcoin-wizards
queip_ has joined #bitcoin-wizards
queip has quit [Ping timeout: 250 seconds]
queip_ is now known as queip
jrayhawk has joined #bitcoin-wizards
queip_ has joined #bitcoin-wizards
queip has quit [Ping timeout: 268 seconds]
queip_ is now known as queip
TheoStorm has joined #bitcoin-wizards
Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]
capitalisnn has quit [Quit: Free ZNC ~ Powered by LunarBNC: https://LunarBNC.net]
nick_freeman has joined #bitcoin-wizards
nick_freeman has quit [Ping timeout: 250 seconds]
capitalisnn has joined #bitcoin-wizards
capitalisnn has quit [Client Quit]
snthsnth has quit [Remote host closed the connection]
queip has quit [Ping timeout: 245 seconds]
queip_ has joined #bitcoin-wizards
queip_ is now known as queip
tochka4 has quit [Remote host closed the connection]
ddustin has quit [Ping timeout: 250 seconds]
tochka4 has joined #bitcoin-wizards
tochka4 has quit [Remote host closed the connection]
AaronvanW has quit [Ping timeout: 246 seconds]
tochka4 has joined #bitcoin-wizards
capitalisnn has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
toresbe1 has quit []
queip_ has joined #bitcoin-wizards
queip has quit [Ping timeout: 240 seconds]
queip_ is now known as queip
corelax1 has joined #bitcoin-wizards
queip has quit [Ping timeout: 276 seconds]
queip_ has joined #bitcoin-wizards
queip_ is now known as queip
tochka4 has quit [Remote host closed the connection]
queip has quit [Quit: bye, freenode]
queip has joined #bitcoin-wizards
nick_freeman has joined #bitcoin-wizards
nick_freeman has quit [Ping timeout: 252 seconds]
ddustin has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
nick_freeman has joined #bitcoin-wizards
Deinogalerix21 has joined #bitcoin-wizards
TheoStorm has quit [Quit: Leaving]
setpill has joined #bitcoin-wizards
Deinogalerix21 has quit [Quit: WeeChat 2.6]
Chris_Stewart_5 has quit [Ping timeout: 268 seconds]
laptop_ has quit [Remote host closed the connection]
laptop_ has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
TheoStorm has quit [Remote host closed the connection]
queip has quit [Ping timeout: 250 seconds]
corelax1 has quit []
queip has joined #bitcoin-wizards
Giszmo has joined #bitcoin-wizards
queip has quit [Ping timeout: 246 seconds]
queip has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 250 seconds]
hcchien has joined #bitcoin-wizards
pinheadmz_ has joined #bitcoin-wizards
pinheadmz has quit [Ping timeout: 240 seconds]
pinheadmz_ is now known as pinheadmz
Aaronvan_ has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 240 seconds]
Aaronvan_ is now known as AaronvanW
ddustin has quit [Ping timeout: 245 seconds]
<kanzure>
win 172
<kanzure>
no
queip has quit [Ping timeout: 240 seconds]
davterra has joined #bitcoin-wizards
queip has joined #bitcoin-wizards
justanotheruser has quit [Ping timeout: 240 seconds]
sipa has quit [Remote host closed the connection]
sipa has joined #bitcoin-wizards
CryptoDavid has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
mdunnio has joined #bitcoin-wizards
ddustin has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
justanotheruser has joined #bitcoin-wizards
mdunnio has quit [Remote host closed the connection]
hcchien has quit []
mdunnio has joined #bitcoin-wizards
c9sloud has joined #bitcoin-wizards
TheoStorm has quit [Quit: Leaving]
justanotheruser has quit [Ping timeout: 246 seconds]
justanotheruser has joined #bitcoin-wizards
rh0nj has quit [Remote host closed the connection]
rh0nj has joined #bitcoin-wizards
justanotheruser has quit [Ping timeout: 276 seconds]
justanotheruser has joined #bitcoin-wizards
ddustin has quit [Remote host closed the connection]
ddustin has joined #bitcoin-wizards
CryptoDavid has quit [Quit: Connection closed for inactivity]
mdunnio has quit [Remote host closed the connection]
tochka4 has joined #bitcoin-wizards
tochka4_ has joined #bitcoin-wizards
tochka4 has quit [Ping timeout: 265 seconds]
justanotheruser has quit [Ping timeout: 246 seconds]
mdunnio has joined #bitcoin-wizards
bsm1175321 has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 250 seconds]
mdunnio has quit [Remote host closed the connection]
mdunnio has joined #bitcoin-wizards
gribble has quit [Remote host closed the connection]
gribble has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
c9sloud has quit []
setpill has quit [Quit: o/]
DeanGuss has joined #bitcoin-wizards
mdunnio has quit [Remote host closed the connection]
mdunnio has joined #bitcoin-wizards
xchg has joined #bitcoin-wizards
mdunnio has quit [Remote host closed the connection]
mdunnio has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
CryptoDavid has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
TheoStorm has quit [Remote host closed the connection]
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
Deinogalerix21 has joined #bitcoin-wizards
laptop_ has quit [Ping timeout: 252 seconds]
mdunnio has quit [Remote host closed the connection]
Chris_Stewart_5 has joined #bitcoin-wizards
Deinogalerix21 has quit [Quit: WeeChat 2.6]
mdunnio has joined #bitcoin-wizards
TheoStorm has joined #bitcoin-wizards
tochka4 has joined #bitcoin-wizards
tochka4_ has quit [Read error: No route to host]
TheoStorm has quit [Remote host closed the connection]
tochka4_ has joined #bitcoin-wizards
tochka4 has quit [Ping timeout: 250 seconds]
mdunnio has quit [Remote host closed the connection]
pinheadmz has quit [Quit: pinheadmz]
pinheadmz has joined #bitcoin-wizards
pinheadmz has quit [Client Quit]
pinheadmz has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
mdunnio has joined #bitcoin-wizards
tochka4_ has quit [Read error: No route to host]
tochka4 has joined #bitcoin-wizards
mdunnio has quit [Ping timeout: 268 seconds]
pinheadmz_ has joined #bitcoin-wizards
pinheadmz has quit [Ping timeout: 276 seconds]
pinheadmz_ is now known as pinheadmz
rusty has quit [Quit: Leaving.]
pinheadmz has quit [Quit: pinheadmz]
mdunnio has joined #bitcoin-wizards
laptop_ has joined #bitcoin-wizards
mdunnio has quit [Remote host closed the connection]
mdunnio has joined #bitcoin-wizards
tochka4 has quit [Read error: Connection reset by peer]
tochka4 has joined #bitcoin-wizards
mdunnio has quit [Remote host closed the connection]
TheoStorm has joined #bitcoin-wizards
xchg has quit []
TheoStorm_ has joined #bitcoin-wizards
TheoStorm has quit [Ping timeout: 250 seconds]
mdunnio has joined #bitcoin-wizards
andytoshi has quit [Ping timeout: 240 seconds]
josef641 has joined #bitcoin-wizards
marcoagner has quit [Ping timeout: 240 seconds]
pinheadmz has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
tochka4 has quit [Remote host closed the connection]
tochka4 has joined #bitcoin-wizards
Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]
mdunnio has quit [Remote host closed the connection]
DeanGuss has quit [Ping timeout: 260 seconds]
tochka4 has quit [Remote host closed the connection]
pinheadmz has quit [Quit: pinheadmz]
pinheadmz has joined #bitcoin-wizards
tochka4 has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
mdunnio has joined #bitcoin-wizards
mdunnio has quit [Remote host closed the connection]
tochka4 has quit [Remote host closed the connection]
andytoshi has joined #bitcoin-wizards
andytoshi has quit [Changing host]
andytoshi has joined #bitcoin-wizards
tromp has quit [Remote host closed the connection]
Emcy has quit [Remote host closed the connection]
TheoStorm_ has quit [Quit: Leaving]
Emcy has joined #bitcoin-wizards
<sanket1729>
waxwing_, I know the intuition to prove it. But still did not find time to write things down. Basically, in an observable RO model we have access to queries made to the RO.
<sanket1729>
Let Q be a taproot key of the form Q = P' + H(P' || S') for which we would like to find a collision. Imagine this is already on the blockchain
<sanket1729>
We make subsequent queries to the observable RO of the form of P_i, which would output H(P_i || S''). The output of these should be indistinguishable from Random functions.
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
<sanket1729>
Now, we want to make the output this random function equal to a specific value (Q - P_i) which we have already committed. Note that the observable is coming in handy over here because we can use P_i in proof here.
<sipa>
What property are you trying to prove?
<sipa>
Taproot being secure probably needs a whole bunch of properies.
<sanket1729>
And the probability that the output of this random function is same to the one value(Q - P_i) is negligble
<sanket1729>
sipa: That once a taproot Q = P + H(P || S') is committed to the blockchain, It cannot be spent by any another combination apart from P, S'
<sipa>
What if the private key to P is part of S?
<sipa>
I think proving that the taproot function is a sound commitment is a very useful thing to prove, but it's not exactly the same as unforgeability of spends (which is much harder to model)
<sanket1729>
You would still have to spend it via either P or S. And not some other P' and S2
<sanket1729>
Yup, I am ignoring the information from script predicates.
<sipa>
I was talking to real_or_random about this earlier, and I think it's useful to have a model where you treat the script as a commitment to a set of lists of public keys (including the empty list which would be trivially spendable).
<sipa>
And take into account that the internal public key may be repeated in the script.
<sipa>
And that the script may be empty.
tromp has joined #bitcoin-wizards
<sipa>
And you try to prove unforgeability even when the attacker has access to an oracle that produces signatures for other paths than the one he has to forge.
<sipa>
This ignores the fact that scripts can impose additional conditions, but it's easy to argue those don't interact with security.
<sipa>
While it's somewhat harder to argue that Schnorr signatures being present inside the script don't interact with the internal pubkey.
<sanket1729>
I think if we model it that way it is possible to prove something. Meaning, all scripts would have all spending condition which rely on pubkey
DeanGuss has joined #bitcoin-wizards
tromp has quit [Ping timeout: 240 seconds]
<sipa>
There are also privacy properties that may be useful; i.e. showing that f(P,s) = P + H(P||s)*G is a hiding commitment if P is a freshly generated key.