00:08:42nsh__:nsh__ is now known as nsh
00:27:29petertodd:adam3us: a commitment *is* a publication if you are unable to commit to two different things
00:27:45nsh_:nsh_ is now known as nsh
00:29:24petertodd:adam3us: e.g. if my protocol says I must publish some digest in the blockchain to prove I'm giving you the same ledger as everyone else gets then to be useful the digest must be published with a signature from me so you can distinguish it from other fake digests. that is very much a publication of some data, just the minimum possible
00:34:43petertodd:adam3us: like I was saying before, proof-of-publication doesn't have to imply timestamping, but I know of no practical way to do it without, and anyway, you can trivially extend such a system with ordering guarantees by including the hash of previous publications in your publication
01:19:36andytoshi:i'm not sure that "commitment == publication" is a good way to think, consider a blackhat who publishes a commitment to some exploit, then waits for the flaw to be fixed before publishing the full code
01:20:02andytoshi:thus proving he knew the exploit but not releasing it into the wild while it is still dangerous
01:20:42justanot1eruser:Do any devs here think that Myriad, which is an altcoin, has an advantage because it has 5 hashing algorithms to choose from?
01:21:19justanot1eruser:I need a quote apparently... Them->"There is a reason a Bitcoin security expert got with a bunch of guys and thought a multi-PoW solution is the best we can think of so far for securing a blockchain." Me->"Many Bitcoin coredevs are security experts and disagree. We should talk about why people hold an opinion rather than the fact that they hold those opinions.
01:21:28justanot1eruser:Them->"Also, show me where they disagree. I showed you a security expert who agrees with multi-PoWs. Please give me sources.
01:21:43andytoshi:i'll throw my no on the pile, i'm not really a dev tho
01:22:07justanot1eruser:andytoshi: I don't think I can use you since I've already cited you and your paper a few times :P
01:23:06petertodd:andytoshi: you're overthinking it: my point is that if *all* you did was publish a hash, it's not a commitment at all
01:23:59andytoshi:petertodd: oh, i see
01:24:23petertodd:justanot1eruser: oh, re: asics? that gets to gmaxwell's obversations re: joule hard PoW for me
01:25:04andytoshi:justanot1eruser: it's inconsistent with history that a single hash function is quickly catastrophically broken so that it's unusable for PoW
01:25:49andytoshi:if it's weakened, the diff will spike, boo hoo. then a hardfork can be planned for several years/months to replace the hash
01:25:54justanot1eruser:petertodd: is that in the devmail archive?
01:26:07petertodd:justanot1eruser: -wizards archive
01:27:19petertodd:justanot1eruser: anyway, the most useful thing to point out is that none of us are ASIC designers, so WTF do we know about PoW? (well, I did a few years being an analog electronics designer, and I can tell you you know a lot less than you think you do :P
01:27:36andytoshi:...so my feeling would be that if altcoin developers are even thinking about this they do not have their priorities straight
01:31:18justanot1eruser:Okay thanks
01:37:36Quanttek:I'm not an ASIC dev, but I know a bit about them: At an ASIC the algrithm is in the hardware inclueded in a deep way. You can't change anything on the ASIC, like memory, without making it useless. There are FPGAs, who can adapt to changes, but they have a much lower hashrate (around 1000x times). Following this multi-alg coins are strong in the term, that, if one alg gets controlled by ASICs...
01:37:37Quanttek:...you can use the other algs, BUT the algs have to be chosen carefully so that not all algs get ASIC-miners. And of course the algorithm for targeting diffciulty should be chosen god, otherwise even an alg,controlled by asics would be more attractive than an alg controlled by CPU-miners
01:55:58Luke-Jr:Quanttek: this is the wrong channel for stupid ideas that don't apply to Bitcoin
01:56:22Luke-Jr:err, I guess Bitcoin-application is less relevant here, but still - stupid ideas ☺
01:58:07Quanttek:Luke-Jr I was just answering justant1eruser's question. Didn't know, It wasn't related to the topic of this chat. I'm fairly new to this irc
01:59:12Luke-Jr:ah, missed that context..
02:00:17Quanttek:It's ok. I should have used his name to make it clear
02:00:31Luke-Jr:wonder what justanotheruser was referring to there
02:01:41Quanttek:https://bitcointalk.org/index.php?topic=483515.0 this altcoin and it's approach to resist asics with using multiple algos
02:02:47Luke-Jr:ok, so yet another scamcoin
02:04:06Luke-Jr:maybe useful for testing things though <.<
02:04:21Quanttek:kind of, but atleast it's neither premined nor is it is just another scrypt coin
02:11:34andytoshi:Quanttek: some worthwhile prereading is https://download.wpsoftware.net/bitcoin/asic-faq.pdf; generally this channel is research-level discussion and all participants are familiar with ASICs on such a high level. what petertodd meant is that none of us are professional hardware designers so we can't say exactly how hash function properties will affect circuit characteristics
02:12:37Quanttek:ahh. thanks. Sorry for that. I'm new to this channel and in the last years I was just a passive lurker
02:43:05c0rw1n:c0rw1n is now known as c0rw|sleep
03:50:26gmaxwell:It's also bogus to say "an asic can do only one thing"— cpus, gpus, and fpgas are all asics too. They are asics which implement a universal computer (or circuit, in the case of fpgas)... but they are asics none the less.
03:52:13petertodd:gmaxwell: didn't you say that new scrypt design was microcoded too?
05:04:42gmaxwell:wtf is wrong with people? http://www.reddit.com/r/Bitcoin/comments/2465wj/request_to_immediately_kick_gmaxwell_from_the/
05:06:43justanotheruser:gmaxwell: at least everyone is on your side
05:06:56gmaxwell:This idiot is posting all over reddit telling people to delete their blk files. I responded pointing out that it will crash, and does crash for me, and will fail to work correctly and will screw things up for peers even when it doesn't crash, and the guy has gone on a crazy warpath.
05:07:20gmaxwell:I ... have no freeking clue why he'd make a big deal about this.
05:07:50justanotheruser:SR left over some loons in the bitcoin community
05:08:44petertodd:gmaxwell: I don't have that problem, from which I deduce that you don't troll enough
05:14:24gmaxwell:Well I don't mind it, it's just kinda screwed up and weird!
05:16:40Luke-Jr:gmaxwell: the irony is, these "full nodes" are probably more harmful to the network than helpful
05:19:11gmaxwell:Yes, I pointed this out before... that to the extent that they stay running they probably jam other peers somewhat.
05:20:05gmaxwell:If I weren't worried that people would actually run this way I never would have responded to this guy other than the first response. He's clearly either unhinged or trolling (or both).
05:21:38Luke-Jr:gmaxwell: that being said, why does it crash? O.o
05:22:23Krellan:Code in that reddit looks fine to me
05:22:31Krellan:Unless I'm missing something
05:23:12gmaxwell:Sure. And that is not all of bitcoin. There is code that assumes that block lookups cannot fail (or doesn't catch the exception).
05:23:37gmaxwell:The p2p protocol also _cannot_ handle this, and it will jam up a peer that is attempting to fetch blocks.
05:23:40Luke-Jr:I'm not sure I'd classify not-catching as a crash.. but I guess it kinda is
05:23:55Luke-Jr:if it ever results in a NULL deref though, there might be cause for concern
05:24:07petertodd:gmaxwell: um, if it can't handle that, then the p2p protocol is broken in terms of DoS attacks...
05:24:13Luke-Jr:petertodd: it is
05:24:22gmaxwell:petertodd: yes it is, this is what the headers sync stuff is supposted to fix.
05:24:38gmaxwell:But of course, you're just totally fucked when even your 'honest' peers are DOS attacking you. :)
05:24:52petertodd:gmaxwell: ok, so by jam what's the point where it gives up and blacklists the peer?
05:25:06Luke-Jr:gmaxwell: unfortunately, half the responses are dumber: "Not having all blocks means you CAN NOT verify all transactions, because you might not even have the referenced transactions stored."
05:25:15petertodd:gmaxwell: big difference between one peer jamming you and all of them
05:25:18shesek:gmaxwell, to me it looks like he's just trolling
05:25:32shesek:not even worth paying attention to... you're taking this too seriously :)
05:25:53gmaxwell:hm? I'm not taking it seriously— as I said above, I don't mind. Just kind of bizarre!
05:26:59gmaxwell:petertodd: Sure. It's currently handled poorly (but not fatally) when even one does. You'll switch peers eventually. But it basically results in a multiminute delay per peer that does it. Not so great with some guy putting up 'helpful' articles on reddit telling everyone to do this. :P
05:27:19gmaxwell:Though perhaps that was his goal and he was unhappy I thwarted it. :)
05:27:33petertodd:gmaxwell: ok, that's not great, but not as bad as you were making it sound
05:28:24gmaxwell:petertodd: Depends on how many peers you get doing it to you and what your tolerance for delays is. :) e.g. some people notice it stop and then go delete their blocks directory. :-/
05:28:25shesek:without the sensationalist title and calling you an ignorant, I might have thought that he really cares about his crippled node thingy... but it seems like he's just trying to stir up some drama
05:29:16gmaxwell:shesek: he had posted a "hey everyone do this" ... "PSA: If you want to run a "full" node but don't have much disk space" was the title, and— of course, I responded there and said please don't.
06:08:43[BNC]dansmith:[BNC]dansmith is now known as dansmith_btc
06:46:02stqism:join #bitcoin-otc
10:24:04fanquake:fanquake has left #bitcoin-wizards
11:55:19wallet421:wallet421 is now known as wallet42
12:00:01nsh_:nsh_ is now known as nsh
13:22:32c0rw|sleep:c0rw|sleep is now known as c0rw1n
14:37:32maaku_:maaku_ is now known as maaku
16:56:13ryan-c:Is there a summary of the pros/cons of BIP0012 vs BIP0016 vs BIP0017 anywhere?
17:10:45phantomcircuit:gmaxwell, lol what a moron
17:22:33Luke-Jr:ryan-c: why? BIP 12 and 17 are dead
17:37:39aynstein:aynstein is now known as oops
17:38:03oops:oops is now known as odarn
17:55:34ryan-c:Luke-Jr: I'm pondering possible designs for Namecoin transactions which specify two addresses, one with full control, and one with only the ability to change the data associated with the name.
17:56:40ryan-c:Luke-Jr: It would be good to support multisig addresses with that, but the way BIP 16 works seems messy for that use case.
17:57:34Luke-Jr:ryan-c: this sounds like a topic for #namecoin? :p
17:57:57ryan-c:Luke-Jr: Would you be interested in discussing it there?
17:58:21ryan-c:I did manage to find what I wanted as to why BIP 16 ended up getting chosen over BIP 12 and BIP 17
17:59:04Luke-Jr:that more or less came down to "Gavin had more pull with the miners" :x
18:11:33maaku:ryan-c: covenants also cover that use case
18:12:03ryan-c:maaku: yes, they would.
18:16:13maaku:it's a shame we went down the route of template transaction tyeps :\
18:17:19sipa:maaku: hmm?
18:17:41maaku:sipa: responding to bip 16 vs bip 17
18:17:44FOSS_Fundraiser:Due to popular demand, freenode is having to expand its bandwidth allocation on affiliated servers and this is putting strain on our operations. Please help us keep freenode running smooth and support FOSS projects with a small Bitcoin donation to our wallet: 1691YfRr7hPS2WUug8NuRHmH9j64RrkMRa
18:28:20boy_wanders:boy_wanders has left #bitcoin-wizards
18:30:44Luke-Jr:that's a scam btw
18:32:16sipa:the k-line suggested that already :)
18:34:43Luke-Jr:yes, but not everyone might notice that. :P
18:40:42andytoshi:the first time i saw one i thought it was real, they are quite well written :(
18:41:07tromp_:fortunately there's no txs to that address
18:41:08andytoshi:not that i donated, luckily it was for doge and it just pissed me off
18:41:21Luke-Jr:once upon a time it was along the lines of "You have new server mail! To read it, type /server newmail"
18:41:30Luke-Jr:andytoshi: lol
18:42:35phantomcircuit:Luke-Jr, those are a lot funnier
18:43:15gmaxwell:"You have been invited to a party! To join, type /part"
18:45:45zooko:Heh heh.
20:16:19zooko`:zooko` is now known as zooko
20:26:34sipa:interesting theory
20:28:18justanot1eruser:Since ethereum may do something similar to UTXO querys for mining (the current PoW in the whitepaper executes previous contracts in the last 20 blocks), couldn't nodes just be the miners themselves?
20:29:09justanot1eruser:This is regarding a comment a while back saying nodes don't have very good incentives because miners are paid for their contract execution
20:29:49sipa:it still won't be profitable for everyone to mine
20:30:07sipa:bitcoin started out as miners == nodes
20:30:14sipa:as the only miner was builtin in bitcoind
20:30:35gmaxwell:what that whitepaper describes also doesn't obviously make you execute anyhting, you can just grind the generator function until the fuzzed script terminates right away.
20:31:54justanot1eruser:sipa: sure, they will have ASICs, but these ASICs should be able to run nodes effeciently
20:32:29justanot1eruser:gmaxwell: is it not possible to make it correctly so it isn't grindable?
20:33:16gmaxwell:Maybe? what they suggested had no hint of avoiding that. It isn't obvious to me how, I believe that is in and of itself as hard a problem as the whole pow problem.
20:34:05justanot1eruser:gmaxwell: what is the PoW problem?
20:34:24justanot1eruser:You mean in general the problem that hashcash solved?
22:14:35zzyzx:zzyzx is now known as roidster
22:15:05roidster:roidster is now known as Guest2790
22:31:55jcluck:jcluck is now known as cluckj
22:42:49kinlo_:kinlo_ is now known as kinlo
23:30:16Guest2790:Guest2790 is now known as roidster