| 03:20:09 | justanotheruser: | justanotheruser has left #bitcoin-wizards |
| 19:53:40 | card.freenode.net: | topic is: "Bitcoin research, hardfork wishlist, ideas for the future - see also: https://en.bitcoin.it/wiki/Hardfork_Wishlist https://en.bitcoin.it/wiki/User:Gmaxwell/alt_ideas. This channel is logged at http://download.wpsoftware.net/bitcoin/wizards/. For questions about the logs talk to andytoshi." |
| 19:53:40 | card.freenode.net: | Users on #bitcoin-wizards: andytoshi-logbot nomailing orperelman Shibe_tabsa mappum c0rw1n adam3us TD Emcy andytoshi rdymac nsokl_ _ingsoc go1111111 DougieBot5000 jtimon tromp phrackage Ursium_ Guest63294 roidster hnz RoboTedd_ nOgAnOo johnsoft OneFixt Graet firepacket perrier imsaguy qwertyoruiop comboy gavinandresen EasyAt pajarillo UukGoblin poeticlobster Alanius espes__ Luke-Jr tromp__ Muis nanotube salsa__ salsa_ salsa ioi CodeShark ghtdak sl01 rs0_ crescend1 |
| 19:53:40 | card.freenode.net: | Users on #bitcoin-wizards: Fistful_of_Coins spinza MoALTz maaku forrestv edulix kinlo typex K1773R BlueMatt crucif0rm Krellan aksyn bobke iddo Sangheili midnightmagic tt_away realazthat gribble gmaxwell wumpus wrabbit grazs warren otoburb zacm epscy licnep tucenaber Mikalv wangbus a5m0 harrow hno heakins lianj optimator @ChanServ sipa helo Ryan52 azariah4 phantomcircuit amiller pigeons petertodd jrmithdobbs jron asoltys poggy Sorcier_FXK ryan-c ageis cfields jgarzik |
| 19:53:40 | card.freenode.net: | Users on #bitcoin-wizards: michagogo|cloud |
| 19:53:53 | andytoshi: | systemd says irc-logger was running continuously since Sun 2014-01-19 09:39:07 PST <.< |
| 20:25:48 | tromp: | i put a new version of my cuckoo cycle paper on https://github.com/tromp/cuckoo that discusses parallelizability |
| 20:41:26 | tt_away: | tt_away is now known as tacotime |
| 20:41:30 | tacotime: | tacotime is now known as tacotime_ |
| 20:52:30 | amiller: | i'm frustrated, i found a bunch of errors in this line of work i've been following closely and trying to build off of |
| 20:52:45 | amiller: | in the "universally composable" security framework / network model |
| 20:52:58 | amiller: | i'm trying to submit a paper in like a week |
| 20:53:12 | amiller: | basically the best thing for me to do is to just inherit all of those errors for now. |
| 20:53:35 | amiller: | since the whole thing is unrelated to the main points i'm trying to make |
| 20:53:59 | amiller: | |
| 20:54:55 | midnightmagic: | :-( |
| 20:57:39 | gmaxwell: | Theoretical work that isn't sound, say it aint so! |
| 21:12:14 | amiller: | theory tends to be neither sound nor practical, but can be broad/expansive and is relatively efficient to work on |
| 21:12:43 | amiller: | practical implementations tend to be neither generic nor sound |
| 21:13:20 | amiller: | and formal methods coq-stroking exercises are sound but neither practically useful nor generic |
| 21:13:37 | maaku: | amiller: but practical implementations to tend to work ;) |
| 21:13:55 | amiller: | mostly :) |
| 21:15:46 | jtimon: | tromp the very term "non-parallelizable pow" seems contradictory to me |
| 21:16:01 | jtimon: | oh, he's gone... |
| 21:16:51 | jtimon: | if two miners can try to solve the same block in parallel, how can't the same miner do the same? |
| 21:17:10 | jtimon: | how can't a single miner do the same? |
| 21:17:44 | jtimon: | well, I'll tell him to find another term another time... |
| 21:18:17 | tromp__: | i'm back |
| 21:18:59 | tromp__: | different miners will work on difference instances, i.e. different cuckoo graphs |
| 21:19:17 | jtimon: | so what you really mean by "non-parallelizable pow"? is non-parallelizable using a given architecture, no? |
| 21:19:19 | tromp__: | i want a single instance to be hard to parallellize |
| 21:20:12 | jtimon: | hard to parallelize in current GPUs and x86 archs? |
| 21:20:38 | tromp__: | yes, because they limit how many random accesses you can make to main memory in parallel |
| 21:20:42 | gmaxwell: | andytoshi: I'm reading LWN and "Hey, the same thing happened to andytosh...ahh" |
| 21:21:29 | jtimon: | tromp__ what's the point? |
| 21:21:34 | tromp__: | and because path conflicts will reduce the prob. of finding a ccyle |
| 21:22:10 | tromp__: | the point of what? |
| 21:22:45 | jtimon: | the point of "hard to parallelize in current GPUs and x86 archs pow" |
| 21:23:20 | sipa: | sc? rs? ch? |
| 21:24:29 | tromp__: | because being able to have many simultaneous random accesses to main memory is generally useful |
| 21:24:52 | jtimon: | for bitcoin? |
| 21:25:10 | tromp__: | for general computation |
| 21:25:27 | jtimon: | in other words...what's the problem you see in SHA256 that you're trying to solve with cucko? |
| 21:26:04 | tromp__: | it promotes custom hardware that it not generally useful |
| 21:26:19 | tromp__: | and centralizes mining power |
| 21:26:20 | maaku: | tromp__: no matter how much you try, dedicated hardware will still be faster/more-'hash'-per-watt by some factor |
| 21:26:29 | jtimon: | and cucko-ASICs will be generally useful? |
| 21:26:32 | maaku: | and our experience shows that it will not be long until someone makes an asic |
| 21:26:38 | maaku: | that is not general-purpose |
| 21:27:07 | tromp__: | fast parallal RAM access is more generally useful yes |
| 21:27:34 | jtimon: | tromp__ with or without RAM, it's still specialized hardware |
| 21:28:14 | jtimon: | ASIC != general purpose computer |
| 21:28:59 | tromp__: | cheap better memory interconnects will be commoditizeed |
| 21:29:26 | tromp__: | your intel CPU and your memory chips are also ASICs |
| 21:29:50 | tromp__: | but because they're general purpose they are commoditized |
| 21:29:53 | jtimon: | no, they're general purpose |
| 21:30:08 | jtimon: | asic = application specific |
| 21:30:25 | andytoshi: | gmaxwell: :P i wondered if you'd catch that. (thx for checking the key for me!) |
| 21:30:27 | tromp__: | here's the thing |
| 21:31:00 | tromp__: | to optimize cuckoo, you have to optimize a more general thing: namely parallel random memory access |
| 21:31:27 | jtimon: | cool, but I'm still not able to run emacs on my old cucko-ASIC |
| 21:31:27 | tromp__: | it's still all about memory |
| 21:31:32 | maaku: | tromp__: no, they will just put all the memory and custom circuits on a single die, because that's the most efficient thing to do |
| 21:31:44 | maaku: | you won't get any commoditization of general purpose hardware |
| 21:31:51 | tromp__: | rather than building an asic full of specific computational steps |
| 21:32:39 | jtimon: | so your goal is for asic manufacturers to research random memory access? |
| 21:32:50 | tromp__: | that doesn't work for random memory access, maaku |
| 21:33:51 | maaku: | tromp__: it absolutely does. an integrated system-on-chip would always be more efficient than having external interconnects |
| 21:34:16 | jtimon: | I still don't understand the goal, and it's sad for me to see so many smart people dedicated to something I consider a complete waste of time |
| 21:34:21 | tromp__: | pls explain how you'd implement pointer chasing on a die |
| 21:34:23 | maaku: | and because of heat dissapation and power issues, it may even end up having asic vs. gpu/cpu be an even *larger* performance jump than sha256 |
| 21:35:04 | tromp__: | the goal is a pow constrained by memory latency |
| 21:35:16 | jtimon: | but why? |
| 21:35:17 | maaku: | tromp__: the same way you do on a cpu, but put the cpu + memory on the same die |
| 21:35:35 | maaku: | so, no need for an interconnect (except at the gate level inside the chip) |
| 21:36:01 | jtimon: | why do you think that "pow constrained by memory latency" is any better than SHA256? |
| 21:36:21 | jtimon: | you have to think is somehow better if you're spending on time on it |
| 21:36:47 | jtimon: | s/on/your |
| 21:37:32 | tromp__: | because commoditized hardware gets optimized partly for low latency |
| 21:37:59 | jtimon: | how would bitcoin be better by replacing SHA256 ASICs with cucko ASICs ? |
| 21:38:38 | jtimon: | "[I'm missing a claim here] because commoditized hardware gets optimized partly for low latency" |
| 21:38:43 | tromp__: | i expect cukoo asics will be way harder to develop |
| 21:38:53 | tromp__: | way harder than scrypt ones |
| 21:39:17 | jtimon: | tromp__ harder to develop mean less companies doing it, no? how does that help centralization? |
| 21:39:56 | tromp__: | i think you overerestimate the feasibility of putting many GB of memory with embedded cpus on a die |
| 21:40:18 | jtimon: | no, I believe that making a cucko ASIC will be harder |
| 21:40:31 | tromp__: | i think commoditzed hardware will remain competitive |
| 21:40:39 | jtimon: | I just don't see the point of making pow ASICs hard to develop |
| 21:41:08 | jtimon: | you want GPU mining to be competitive with ASIC mining? |
| 21:41:37 | tromp__: | sure |
| 21:41:42 | jtimon: | because there's many companies building sha256 asics but only two making GPUs? |
| 21:42:11 | tromp__: | no, because it |
| 21:42:16 | tromp__: | 's commodotized |
| 21:43:03 | jtimon: | "it's commodotized" it's starting to sound like "mongodb is web-scale" like if that was something inherently good or something |
| 21:43:31 | jtimon: | I'm confused |
| 21:44:30 | jtimon: | you prefer only two companies, namely ATI and nVidia producing most of the mining equipment "because it's commodotized" |
| 21:44:35 | jtimon: | ? |
| 21:45:10 | tromp__: | because everyone can easily buy a pc that can mine competitively |
| 21:45:16 | jtimon: | even if GPUs could be competitive with ASICs at all, I don't see the point |
| 21:45:48 | tromp__: | mining is no fun if you need to invest tons of capital preordering asics that will quickly become obsolete |
| 21:45:48 | jtimon: | tromp__ buying sha256 is now relatively easy and will only become easier |
| 21:46:12 | maaku: | tromp__: mining isn't about having fun... |
| 21:46:32 | jtimon: | at some point asics will stop "getting obsolete" so fast |
| 21:46:33 | tromp__: | i don't want to have the asic vs commodity hardware discussion right now |
| 21:47:09 | maaku: | tromp__: it'd be great if you could have a pow function that really did benefit from general hardware |
| 21:47:16 | maaku: | but that's rather impossible |
| 21:47:28 | tromp__: | there are many peopl who want a pow for which asic advantage over commodity hardware is mimimized |
| 21:47:44 | jtimon: | ad populum |
| 21:48:14 | maaku: | tromp__: minimizing the asic advantage makes the situation worse off! |
| 21:48:15 | tromp__: | and for them, cuckoo seems like the best option |
| 21:48:56 | grazs: | so the best PoW algorithm would be cryptographically secure, cheap to produce, easy to replicate, hard to improve, add additional value (like curing cancer), distributed as evenly as possible, hard to deanonymize the result and be cheap to verify? |
| 21:49:02 | jtimon: | and I still wonder why would they want such a thing |
| 21:49:08 | maaku: | either make general hardware *exactly equal* to custom hardware (impossible in practice), or make the asic advantage *as great as possible* |
| 21:49:26 | gmaxwell: | jtimon: maximum return from botnets, of course. :P |
| 21:49:52 | jtimon: | grazs add additional value (aka curecoin) is very different, I'm all for that |
| 21:50:09 | sipa: | curecoin? |
| 21:50:15 | maaku: | grazs: not to mention progress-free, and all the other things I'm too distracted to think of which PoW requires |
| 21:50:44 | jtimon: | sipa there was a group collecting bounties and distributing them to people folding@home |
| 21:50:59 | sipa: | ok |
| 21:50:59 | grazs: | maaku: yes, think I included that with 'hard to improve' |
| 21:52:01 | tromp__: | anyway, thx for the "feedback"; i'm gonna have alittle break now |
| 21:52:05 | tromp__: | afk |
| 21:52:47 | jtimon: | btw I actually liked charlee's intervention |
| 21:53:05 | sipa: | ? |
| 21:53:11 | maaku: | jtimon: well additional value is only good so long as it can't be monetized... |
| 21:53:35 | jtimon: | there were some stupid arguments I expected |
| 21:54:37 | jtimon: | and it was funny how he started to answer the question "What was your motivation for creating litecoin? When I created litecoin there was already other alternatives, but those were created by other people." |
| 21:55:15 | jtimon: | but overall good, I don't really think he went too technical, he even explained colored coins |
| 21:55:24 | grazs: | spoken like a tru playa |
| 21:56:04 | jtimon: | maaku would seti pow be monetizable? |
| 21:56:14 | grazs: | no |
| 21:56:44 | grazs: | seti isn't a pow, it's just work |
| 21:57:12 | jtimon: | yes, I mean an hypothetical seti-based pow |
| 21:58:14 | jtimon: | not that SETI is the more useful thin for humanity in the world, but still better than hash collisions or prime numbers I think |
| 21:58:38 | maaku: | jtimon: someone could pay money per work unit completed, as a way of 'donating' to the seti project |
| 21:58:38 | grazs: | results held random until you send seticoins to the coming coinbase |
| 21:58:44 | grazs: | held ransom* |
| 21:59:36 | maaku: | more generally, if it was a general BOINC proof-of-work, it's easy to see how you could setup monetizable tasks |
| 21:59:40 | jtimon: | maaku, yes, I think that's simpler and I would like the foundation to do that |
| 22:00:18 | jtimon: | maaku, you said it yourself, they have to be hard-to-monetize tasks |
| 22:00:30 | maaku: | well, if/when freimarkets is completed it's a rather simple matter to issue assets based on the BOINC point system |
| 22:00:33 | jtimon: | no, general BOINC |
| 22:00:56 | jtimon: | maaku, yes I remember that plan |
| 22:01:32 | jtimon: | and gamers could make money with their GPUs again! everybody happy |
| 22:04:15 | jtimon: | btw, on the hearings, it is curious how so many people think that the blockchain's "main advantage" are somehow "cheap transactions", completely ignoring the big subsidies we have |
| 22:05:13 | gmaxwell: | jtimon: yea, "so you're telling me that your _global broadcast medium_'s value is that it's cheap?" |
| 22:06:18 | jtimon: | off-chain credit transactions will always be cheaper, this is just trustless |
| 22:06:41 | jtimon: | although irreversible actually makes transactions cheaper |
| 22:06:56 | jtimon: | an fees non-proportional |
| 22:08:26 | jtimon: | s/an/and |
| 22:16:34 | grazs: | jtimon: what are these subsidies? |
| 22:18:08 | sipa: | grazs: mining subsidy |
| 22:18:24 | sipa: | grazs: our preset inflation that basically pays for the system's security |
| 22:19:29 | grazs: | sipa: ah, oh yes ofc |
| 22:21:27 | maaku: | you know, just $127,500 per hour |
| 22:21:29 | maaku: | nothing big |
| 22:45:26 | andytoshi: | who can be said to have invented POW? was it adam or hal? |
| 22:46:23 | andytoshi: | i don't mean that to be an exhastive list; english 'or' is ambiguous that way.. |
| 22:47:07 | gmaxwell: | andytoshi: https://en.wikipedia.org/wiki/Hashcash |
| 22:50:21 | gmaxwell: | Am I the only person in here who ever used Hal's RPOW system? |
| 22:50:28 | gmaxwell: | I wonder if I can find some tokens from it. |
| 22:51:01 | tromp__: | this related work predates hashcash by 5 years: http://en.wikipedia.org/wiki/Memory_bound_function#Using_memory_bound_functions_to_prevent_spam |
| 22:52:43 | maaku: | it's not a proof of work though |
| 22:54:05 | maaku: | dwork and naor didn't have asymmetric validation times, which is the important innovation, I think |
| 23:05:21 | jron: | gmaxwell: I downloaded the source yesterday and assumed I was the only one who ever did that :P |
| 23:07:50 | gmaxwell: | jron: oh well it's long since dead as far as I know... or is hal's server back up again. |
| 23:07:53 | gmaxwell: | ? |
| 23:08:15 | gmaxwell: | I downloaded it and used it and talked to hal about it some back when it was new... had suggested some improvements and he tried to talk me into making a GUI for it. :) |
| 23:10:08 | jron: | I was just got an urge to check it out after reading a story about him and his wife. I never compiled it\executed it. |
| 23:12:45 | tacotime_: | tacotime_ is now known as tt_away |
| 23:13:04 | midnightmagic: | tromp__: Adam Back has a very nuanced understanding of the origin of POW-like mechanisms/concepts and their history, including an extremely detailed response to an edit I made on the bitcoin.it wiki where I was wrecking Steve Gibson's video explanation of bitcoin. It's very fascinating if you can ever corner him somewhere. |
| 23:13:35 | gmaxwell: | you mean like in here where he talks almost every day? |
| 23:13:42 | midnightmagic: | oh is that him? |
| 23:13:47 | gmaxwell: | hahah |
| 23:13:51 | midnightmagic: | jesus |
| 23:13:51 | gmaxwell: | Yes. |
| 23:13:54 | jron: | hehe. |
| 23:14:22 | midnightmagic: | Well how am I supposed to know these nicknames, I live in the frozen north *grumble grumble* |
| 23:14:36 | midnightmagic: | Sorry Adam. |
| 23:14:39 | gmaxwell: | there are certantly differences in the requirements for anti-spam applications and consensus POW. |
| 23:14:53 | gmaxwell: | e.g. progress freeness is probably not really important for anti-spam. |
| 23:14:56 | jron: | midnightmagic: you might enjoy the interview he recently did on letstalkbitcoin. |
| 23:15:11 | midnightmagic: | ah yes I believe I will. He was very generous with his time in his emails with me. |
| 23:16:45 | midnightmagic: | aaargh produced by antonopoulos |
| 23:17:07 | jron: | midnightmagic: it was still enjoyable =) |
| 23:17:26 | tromp__: | midnightmagic: i would love to have adam's feedback on cuckoo cycle |
| 23:17:57 | midnightmagic: | :) |
| 23:19:13 | gmaxwell: | oh apparently BFL's 28nm stuff has a test chip running now. |
| 23:57:16 | jtimon: | antonopolous was that guy that got himself filmed having dinner, drinking wine and talking about bitcoin in a restaurant? |
| 23:57:32 | jron: | jtimon: yes |
| 23:57:36 | jtimon: | I didn't watched the whole video but that was kind of odd |