00:03:17rdponticelli:rdponticelli has left #bitcoin-wizards
00:57:59HM:HM is now known as HM2
01:26:12irc.freenode.net:Disconnected from irc.freenode.net (Connection reset by peer)
01:42:58asimov.freenode.net:topic is: This channel is not about Bitcoin today | "Bitcoin research, hardfork wishlist, ideas for the future - see also: https://en.bitcoin.it/wiki/Hardfork_Wishlist https://en.bitcoin.it/wiki/User:Gmaxwell/alt_ideas. This channel is logged at http://download.wpsoftware.net/bitcoin/wizards/. For questions about the logs talk to andytoshi."
01:42:58asimov.freenode.net:Users on #bitcoin-wizards: andytoshi-logbot tromp___ rdymac sipa situation blumenkraft Luke-Jr mr_burdell antephialtic [\\\] jtimon MoALTz Krellan_ lnovy postpre TheSeven roidster artifexd jrmithdobbs adam3us waxwing Burrito NuKidOnTheBlock tacotime justusranvier Dyaheon kinlo helo Guest87860 Manfred_Karrer mappum Emcy EasyAt pajarillo UukGoblin c0rw1n_ p11 michagogo|cloud CodeShark harrow spinza c--O-O gavinandresen e4xit koval cajg shinybro nOgAnOo stonecoldpat
01:42:58asimov.freenode.net:Users on #bitcoin-wizards: airbreather area flammit Snowleaksange jgarzik lechuga_ samson_ HM2 sl01 just[dead] larslarsen ageis shadders Ademan Muis ebfull poggy iddo trn Sorcier_FXK Hunger- ryan-c d34th keus tromp__ dogeplops emsid [-krypto-] Krellan dansmith_btc nikitab weex lianj nanotube Sangheili asoltys warren imsaguy jcorgan copumpkin BlueMatt kaptah wumpus zacm gribble gmaxwell so crucif0rm petertodd heakins @ChanServ comboy Ryan52 hno mmozeiko Alanius
01:42:58asimov.freenode.net:Users on #bitcoin-wizards: tucenaber rs0 a5m0 azariah4 pigeons forrestv amiller matrixfox realazthat epscy roasbeef Anduck phantomcircuit jron digitalmagus8 espes__ perrier_ Graet otoburb Fistful_of_Coins kanzure Edulix nezZario Logicwax bobke ewust sbp maaku optimator_ midnightmagic grzs mikalv cfields
02:52:21amiller:i'm really glad i wrote my authenticated data structure paper so that i can feel justified in skipping massive details in writing this stuff up
02:58:13amiller:i have a sketch of a writeup here: https://docs.google.com/document/d/12xl5eRtoE0uISUX188jnmGSb-bwG4yXByRBbdr2r97A/edit
02:58:57amiller:it includes a security definition and pseudocode but i haven't finished the probability analysis, i think i've set it up so it's a straight shot though
04:09:43just[dead]:just[dead] is now known as justanotheruser
04:51:27[BNC]dansmith:[BNC]dansmith is now known as dansmith_btc
04:58:37maaku:amiller: "Hash-Value Highway" prefers poetic meaning over reiteration
04:59:21amiller:yeah, hash value highway is a way better name :x
06:28:29kaptah:kaptah is now known as Guest62255
08:14:49justanotheruser:Sorry if this is the wrong place to ask, but is Quarks PoW good for hashcash since it is somewhat more difficult to ASIC it, and (I assume) an ASIC would only be marginally more effecient?
08:16:29gmaxwell:jesus not at all, an asic would be considerably more efficient, it would just have moderately higher NRE.
08:18:09gmaxwell:justanotheruser: sha256 asics are primarily power density limited, packing around a bunch of distinct circuits should get nice density and— of course— power consumption.
08:18:24gmaxwell:The need to design efficient circuits for several functions might make a monopoly more likely.
12:48:43adam3us:btw bytecoin people answered my email... the ring sig is implemented in the coin bytecoin.org... not sure why they have no bct mentions under "cryptonote"
13:35:54jgarzik:adam3us, I presume bytecoin.org != ByteCoin, the early forum denizen
13:44:50adam3us:jgarzik: i dont know. i asked them, not got 2nd reply yet. the crypto seems sane. it uses stealth address also (which people say bytecoin invented). the ring signature between coins of same amount is interesting, and they can still prevent double spend despite the sender ambiguity that creates.
13:46:13adam3us:jgarzik: its using ec schnorr (EdDSA) also they simplified the smart-contract a lot, maybe to avoid linking via contract. i didnt understand what remains possible in their stripped down contract language.
13:47:58jgarzik:(not directly related, but thought about it, reading bytecoin.org) It would be nice if there was some good academic study about block times versus orphans, as a blockchain scales up to higher transaction volumes.
13:48:20jgarzik:I see all these alt-coins with smaller block time, seemingly with zero thought beyond "it's faster than bitcoin, and I'm impatient!"
13:49:09jgarzik:off-the-cuff numbers in the past seem to indicate 60-120 seconds is the bare minimum to avoid staggering orphan rates at higher TX rates, but hey... it's an alt-coin. Let them shoot themselves in the foot, I guess.
13:50:14Guest62255:Guest62255 is now known as kaptah
13:50:42adam3us:jgarzik: the paper also mentions a different PoW, however the paper section is incomplete. i guess one could look at the code :/
13:51:27jgarzik:Yeah, I gathered as much from the summary in the upper-left corner of bytecoin.org.
13:51:48jgarzik:ByteCoin was a pretty smart fellow, so it's worth keeping on the radar
13:55:07adam3us:jgarzik: ring sig on a same-valued coin set is kind of interesting and a new idea afaik. but then everyone has to aim to keep their change in similar valued amounts or there wont be any coins to mix with. eg you'd have to do like physical cash keep units in same power 2 denominations or something
13:55:55jgarzik:adam3us, indeed -- though TBH I was thinking that storing coins in predictable denominations was a good idea, for another project I had in mind
13:56:36jgarzik:adam3us, This $project would take its inputs (deposits), periodically defrag them into buckets, where each bucket only contains coins of a single value (==1, ==5, etc.)
13:57:32jgarzik:adam3us, highly specific amounts inevitably act as sentinels, making tracking easier. Converging on commonly used values helped one hide in the noise, increasing privacy.
13:57:37jgarzik:I hope.
13:57:59jgarzik:"highly specific" meaning "coffee for 0.123132113" rather than "0.1"
14:00:10adam3us:jgarzik: it does reduce linking slightly. but it has a cost - to store your coins in those power2 amounts takes space. unfortunatey the homomorphicaly encrypted coins get big 1kB per value due to the range proof. otherwise one could do that and lose the value sentinel issue. but unencrypted values are also 8bytes. so they're 128x bigger. i wonder how many 8byte (64bit) values you have to use incuding change rebalancing for typical bit
14:01:08adam3us:jgarzik: of course there is already space taken by change amounts arising from use; but rebalancing your coins may take some new work (eg split $2 into 2x $1 or swap).
15:09:53Luke-Jr:we were going to switch bitcoin to display base phi, right?
15:15:47gavinandresen_:Luke-Jr: not until next phi-day
15:16:20jgarzik:April 1 fast approaches... time to merge that tonal patch
15:26:11Luke-Jr:I think I need to rebase it first
15:26:30Luke-Jr:once the comma separaters get merged
16:16:02phantomcircuit:heh who generated the contributors list for 0.9 ?
16:16:05phantomcircuit:im listed twice
16:16:47michagogo|cloud:phantomcircuit: Yeah, cfields is there twice too, both as his name and as theuni
16:17:00michagogo|cloud:I think it's taken from git log or something
16:17:17michagogo|cloud:I was in there twice too, as Micha and Michagogo
16:17:59wumpus:if you don't want to be listed twice use consistent git credentials
16:19:20phantomcircuit:wumpus, so much effort
16:20:45Luke-Jr:phantomcircuit: alternatively, use a slightly different email every time, then someone is bound to notice..
16:20:46wumpus:(alternatively you could have signalled it before tagging final and I'd have manually removed the duplicate)
16:21:04Luke-Jr:wumpus: cfields/theuni dupe was definitely reported before final :P
16:21:22wumpus:Luke-Jr: not in a way that doesn't get lost...
16:22:10wumpus:in any case if this is really such a big deal to anyone I'm happy to make you 'contributors list maintainer' for next release
16:25:10jgarzik:wumpus, +1 hah
16:27:38michagogo|cloud:18:20:46 (alternatively you could have signalled it before tagging final and I'd have manually removed the duplicate) <-- like I did
16:27:56michagogo|cloud:hence the "was"
16:28:35wumpus:yesyes it's ok...
16:29:03michagogo|cloud:Luke-Jr: maybe set your email address to, say, address+1@gmail.com and set up a commit hook to increment the number each time? :P
16:30:47wumpus:you can feel so much more important with your name in the list zillions of times
16:48:24phantomcircuit:wumpus, hehe
18:51:18justanotheruser:gmaxwell: In that case, is hashcash pretty much not able to be made safe?
18:52:44maaku:justanotheruser: safe against what? ASIC-friendliness makes hashcash safer
18:52:49maaku:for bitcoin's use case at least
18:55:21justanotheruser:maaku: DoS prevention
18:56:41Luke-Jr:justanotheruser: how do you figure?
18:56:55justanotheruser:Luke-Jr: because someone with an ASIC can spam easily
18:57:06Luke-Jr:justanotheruser: only if your proof-of-work is too low
18:57:08justanotheruser:Or even a GPU in some cases
18:57:47Dyaheon:spam what exactly?
18:57:49justanotheruser:Luke-Jr: Well if it's so high that it protects against ASICs then those with GPUs will need to wait days before sending a message
18:59:13justanotheruser:Dyaheon: perhaps email spam or any spam of that type. In my mind I'm thinking of Bitmessage
18:59:26Dyaheon:ah right
19:05:23Luke-Jr:justanotheruser: so have an ASIC
19:07:51justanotheruser:Luke-Jr: heh, spending hundreds of dollars to email people
19:08:12Luke-Jr:justanotheruser: they'll get cheaper
19:08:46justanotheruser:Luke-Jr: I don't think that's the best solution
19:08:52justanotheruser:PoS probably is
19:11:37Luke-Jr:justanotheruser: chips currently have a HUGE markup because of bitcoin
19:12:45justanotheruser:Luke-Jr: So maybe competition will make it work
19:13:06justanotheruser:I still think PoS might be better, it is just tougher to implement and has some problems itself
19:13:30Luke-Jr:PoS doesn't even make sense here
19:13:40Luke-Jr:unless you just mean buying an email "stamp"
19:14:28justanotheruser:Luke-Jr: Why not? You could have a certain coin/day (as opposed to coin days)
19:14:59Luke-Jr:I'll just use the same coin(s) for every email I spam!
19:15:00justanotheruser:If your stake expires, make a tx
19:15:46justanotheruser:Luke-Jr: That is one of the problems, you'll somehow have to make the stake dwindle
19:15:49phantomcircuit:justanotheruser, a very simple pow would work to largely eliminate spam
19:15:52phantomcircuit:but nobody uses it
19:16:01justanotheruser:phantomcircuit: bitmessage uses it
19:16:05justanotheruser:and they got attacked by a GPU
19:16:13phantomcircuit:nobody uses it on the email provider side
19:16:46phantomcircuit:justanotheruser, the idea is that you pay someone else to do the pow for you
19:16:49justanotheruser:phantomcircuit: nope. Maybe because for it to work in the long term, everyone would need to buy email ASICs
19:17:05justanotheruser:phantomcircuit: Oh I see
19:17:12phantomcircuit:which could be done on a sliding scale
19:17:22phantomcircuit:spammers would pay 0.000000001 usd per email
19:17:29phantomcircuit:for a harder pow
19:17:37phantomcircuit:legitimate people would pay 0.01 usd per email
19:18:02justanotheruser:I think psychologically, people don't want to pay for email.
19:18:11phantomcircuit:it's much cleaner if instead of a pow you're actually exchanging money but that's hard to do at micro transaction scales
19:18:20justanotheruser:I think it doesn't really matter to them, but they still don't want to do it
19:18:38phantomcircuit:justanotheruser, i cant honestly imagine there is anybody who will care about paying a tiny tiny fee for "priority" email
19:20:00justanotheruser:phantomcircuit: I can. In the beginning at least, those requiring you to pay to email them would probably be called assholes by those that didn't understand it
19:21:32phantomcircuit:justanotheruser, that's not how it works
19:21:50phantomcircuit:you simply include whether the email included a payment in the spam heuristics
19:22:34justanotheruser:phantomcircuit: So people would assume their emails weren't flagged as spam and by default not include a payment?
19:23:06phantomcircuit:except for people who wanted to almost guarantee their email was delivered
19:23:18phantomcircuit:which i bet is a much larger % of people than you'd think
19:24:22justanotheruser:phantomcircuit: I agree hashcash would help, not sure to what extent though
19:26:02helo:* helo gets maybe 5 spam per year
19:26:31Luke-Jr:* Luke-Jr wonders how many legit emails helo misses per year
19:26:32helo:and my email address has been all over the net for ~10 years
19:27:20justanotheruser:All my spam is from places I have an account on
19:27:53helo:i've never noticed anything important in my spam folder, at least. gmail's spam detection is pretty good.
19:30:03helo:looks like it catches about 10 spam per day
19:31:21phantomcircuit:10 o.o
19:31:24phantomcircuit:i get like
19:31:33phantomcircuit:800 spam emails per day
19:47:09jcorgan:i just realized i've had one email address for 20 years
19:49:36Luke-Jr:I'm only at 9 years :x
19:59:24nsh_:nsh_ is now known as nsh
20:06:10midnightmagic:* midnightmagic checks.
20:06:41midnightmagic:boo, only 15 years here.
20:36:25spin123456:spin123456 is now known as spinza
20:41:07realazthat:realazthat is now known as rudeasthat
20:43:30rudeasthat:rudeasthat is now known as realazthat