00:45:17amiller:gmaxwell hasn't returned, i still feel bad
00:47:08sipa:;;seen gmaxwell
00:47:08gribble:gmaxwell was last seen in #bitcoin-wizards 22 hours, 1 minute, and 47 seconds ago: No offense on my part here.
00:50:15dsnrk:amiller: just don't talk about PoW next time, it really has been discussed to death.
00:51:31amiller:i feel bad but not bad enough to categorically say i'm not going to talk about something.
01:18:23justanotheruser:justanotheruser is now known as yandere
01:19:09yandere:yandere is now known as justanotheruser
01:20:26andytoshi:i wouldn't worry about it, he's probably just tired
01:20:53andytoshi:i like your PoW stuff amiller, the tiring stuff is the usual "no PoS really works you stoopid cabal" rambling
01:22:56sipa:the (no, (pos really works) you stoopid) cabal
01:23:05andytoshi:oh, sorry :P
01:23:11sipa:or the ((no pos really works) you stoopid) cabal
01:23:27sipa:?
01:23:32andytoshi:(no, (pos really works), you (stupid cabal))
01:23:40andytoshi:i mean (no, (pos really works), (you stupid cabal))
01:23:46sipa:ah!
01:24:11sipa:see, even LISP is superior to english
01:24:32andytoshi:amiller: i think there exists a solid foundation on which we can put the incentive structure of bitcoin's PoW (which explains the pool centralization and perhaps offers a way out) and the impression i get is you're closer than anyone to finding that
01:24:38andytoshi:sipa: lol
03:13:03maaku:someone who is an op here really should change to topic -- no discussion of alternatives to bitcoin's PoW is allowed
03:33:34maaku:maaku is now known as Guest43257
03:36:52Guest43257:Guest43257 has left #bitcoin-wizards
09:36:30wallet42:wallet42 is now known as Guest46964
09:36:30wallet421:wallet421 is now known as wallet42
13:06:15samson2:samson2 is now known as samson_
13:58:30maaku:maaku is now known as Guest85358
16:08:57tacotime:Okay so, crypto question
16:09:50tacotime:for ec key generation, bytecoin&friends use a reduce from 512-bits to 256-bits during generation
16:09:54tacotime:https://github.com/amjuarez/bytecoin/blob/296ae46ed8f8f6e5f986f978febad302e3df231a/src/crypto/crypto-ops.c
16:10:01Guest85358:Guest85358 is now known as maaku
16:10:03tacotime:L1609 is the reducing function
16:10:07tacotime:Q: Why?
16:12:42tacotime:see also their random_scalar function, L53 https://github.com/amjuarez/bytecoin/blob/296ae46ed8f8f6e5f986f978febad302e3df231a/src/crypto/crypto.cpp
16:13:10tacotime:which is fed to ge_scalarmult_base(&point, &sec);, then ge_p3_tobytes(&pub, &point);
16:19:53andytoshi:where is that called? if you are reducing a hash function you can just truncate it..
16:20:57tacotime:it's called from L56 in crypto.cpp, which is called by L65 in crypto.cpp
16:21:05tacotime:(generate_keys)
16:22:41tacotime:kinda looks like the random function is doing that
16:22:46tacotime:https://github.com/amjuarez/bytecoin/blob/296ae46ed8f8f6e5f986f978febad302e3df231a/src/crypto/random.c
16:22:48tacotime:L90
16:29:32andytoshi:yeah, that looks really suspicious. generate_random_bytes() followed by reduce() where reduce() is a quagmire of bitshifts and shit?
16:29:52tacotime:yes.
16:29:58tacotime:that's what i thought.
16:33:03andytoshi:i can't for the life of me figure out what this coin is trying to be. that looks like a standard backdoor, the PoW stuff is typical alt idiocy, the ring signature stuff is cool an innovative..
16:33:14tacotime:oh.
16:34:14tewinget:the ring signature stuff reminds me of dining cryptographers
16:34:16tacotime:so the point of that function is modulus scaling?
16:34:27tacotime:the reduce?
16:35:03tacotime:as implied by the comment above it..
16:35:28andytoshi:well, nominally it is to reduce 64bytes of randomness to 32bytes. it does this over 230 lines of code. i don't -know- that it's a backdoor. ...but...
16:35:30tewinget:so I just got here and didn't see the full context of this discussion in this channel, pardon if I repeat something. I was telling tacotime that generating a 64-byte random and calling that reduce function on it is equivalent to generating a 32-byte random. does that seem right?
16:35:57andytoshi:tewinget: with a good RNG, generating 64 bytes and chopping off 32 is equivalent to generating 32 bytes
16:36:25andytoshi:and if you have a bad RNG and you need to do something more precise, then you didn't have 64 random bytes in the first place
16:36:33andytoshi:and i doubt you'll get 32
16:36:50tewinget:exactly what I was saying
16:38:16tacotime:perhaps the referenced paper explains it
16:38:23tewinget:it doesn't seem back-doory to me though, but I'd have to take a closer look
16:38:30tacotime:Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. High-speed high-security signatures. J. Cryptographic Engineering, 2(2):77–89, 2012.
16:38:35tewinget:tacotime, I didn't see anything in the paper about it
16:38:43tewinget:err, maybe not that paper
16:38:51andytoshi:tewinget: deliberately obfuscated random number generation seems back-doory
16:39:21tewinget:well, I think that function was written to be used for something else, and someone thought to use it there for some reason
16:39:59tewinget:err, nope, not called anywhere else. Now I'm incredibly confused.
16:40:33tewinget:I haven't done much crypto, and not for a while, so your input is much valued. Thanks, andytoshi.
16:41:55tacotime:We're having some crypto academics peer review the ByteCoin paper, let me pass this to them and see what they think.
16:44:41maaku:why would a reduction of random bytes be anything other than XOR?
16:44:55maaku:230 lines of code is very suspicious
16:47:27tewinget:hell, a simple AND with 0xFFF... would do it, assuming you trust the RNG
16:47:29tacotime:Perhaps it has something to do with generating high performance curves (as implied by that reference), but I'm not entirely sure.
16:48:15petertodd:tacotime: high performance for the attacker...
16:48:18tacotime:If not a backdoor. :P
16:48:18tewinget:but tacotime, the keyspace should still end up being 32 bytes, so *theoretically* 2^32 wallets could be created (though getting anywhere near that has obvious negative implications)
16:48:21tacotime:hahaha.
16:48:24adam3us:btw speaking of which crypto note is using schnorr rather than dsa and i just came across this page where Bernstein roasts DSA in favour of schnorr. nice quotes from Rivest warning DSA is semi-backdoored by being fragile. http://blog.cr.yp.to/20140323-ecdsa.html
16:49:22adam3us:EdDSA = Ed25519 = Schnorr on an edwards curve… confusing terminology by DJB imo. EdDSA sounds a lot like DSA.
16:49:53tacotime:The EC is cryptonote needs to be *fast* because you're scanning every incoming tx to see if you can drive privkeys from pubkeys, as stealth addressing is mandatory.
16:50:53tacotime:Ed25519 specifies using SHA512 for H as well.
16:51:03adam3us:what is it actually computing roughly? (this rng output reduction).
16:51:42tacotime:adam3us, see comments on L1597-1607 https://github.com/amjuarez/bytecoin/blob/296ae46ed8f8f6e5f986f978febad302e3df231a/src/crypto/crypto-ops.c
16:54:26tacotime:s/drive/derive
16:54:47tacotime:i guess you're deriving it from the tx_extra stuff too..
16:56:04tewinget:it's AND-ing each chunk it reads in with 2^21 - 1, so for every 4 bytes it reads in it's automatically losing 11 bits of entropy...unless I'm missing something?
16:56:31tewinget:that may be fine though, it might work out to 256 bits total.
16:57:41tacotime:...
16:57:50tacotime:this is from the Ed25519 reference code.
16:58:01tacotime:https://github.com/nightcracker/ed25519/blob/master/src/sc.c
16:59:51tacotime:floodyberry uses it in his reference implementation too: https://github.com/floodyberry/ed25519-donna/
16:59:52tacotime:hrm
17:00:02andytoshi:lol, that's right, i knew i recognized those function names..
17:00:09andytoshi:why would he do that?
17:01:11andytoshi:uhh, actually, i don't see it in my copy of ed25519 code...one sec
17:06:27andytoshi:ok, i found it, supercop-20140529/crypto_sign/ed25519/ref10/sc_reduce.c ... there is no function called random_nonce() but it is always called immediately after sha512
17:06:53andytoshi:so there has been some refactoring done but maybe nothing else. not that that explains the crazy reduction code..
17:09:08andytoshi:oh, it is reduction mod 2^252 + 27742317777372353535851937790883648493 implemented entirely in bitshifts. ok, i guess
17:18:32justanotheruser:Is there anywhere I can find a cryptonote whitepaper?
17:18:43adam3us:justanotheruser: cryptonote.org
17:18:52tacotime:https://cryptonote.org/whitepaper.pdf
17:18:53tacotime:yeah
17:19:08justanotheruser:thanks, I was looking on the bytecoin website :P
17:22:34adam3us:justanotheruser: yeah the bytecoin geniuses named their coin bytecoin even tho cryptonote already used the name for their publicly announced and used altcoin > 1 year earlier. plus for added fun there was the user bytecoin who predates both and is unclear if he is related to crypto note or not
17:42:00jtimon:I haven't looked at chapter 4 in depth, but seems the most interesting one, no comments on chapter 5...
17:42:24petertodd:adam3us: I should release an altcoin called "bitcoin"
17:42:57tacotime:yeah ch 5 is a little silly in the grander assumptions it makes
17:43:16tewinget:petertodd, no, call it satoshicoin
17:43:18tacotime:and 6.2.3 is wacky
17:43:53Luke-Jr:petertodd: there is already such a scamcoin :x
17:44:22Luke-Jr:http://bitcoinscrypt.org/
17:44:34petertodd:figures...
17:44:36jtimon:I thought it was bitecoin with a tiny "e"
18:11:26qwertyoruiop:how much does it take for a tx without fees to go thru?
18:11:59justanotheruser:qwertyoruiop: it depends how long it takes for a miner to include it. #bitcoin
18:12:08qwertyoruiop:errr sorry, wrong channel
18:12:41qwertyoruiop:justanotheruser: i know that, i was just asking how much it takes on average
18:12:58qwertyoruiop:either way- wrong chan, i had my irc client minimized and i'm in so many bitcoin channels i clicked the wrong one
19:54:32justanotheruser:petertodd: Have you released your safecoin writeup?
19:55:32petertodd:justanotheruser: not yet - spent most of yesterday advising on a more general writeup on why app coins have value actually
19:56:10justanotheruser:petertodd: sounds like a conspiracy
19:56:10petertodd:of course, note I said advising - my advice was that some app coins have value, others don't :)
19:56:49justanotheruser:petertodd: what appcoins have value? Namecoin?
19:57:13petertodd:heh, actually that's one I'd argue potentially doesn't
19:57:50petertodd:zerocash yes
19:57:57justanotheruser:petertodd: did you releasethe writeup?
19:58:02justanotheruser:oh advising
19:58:06petertodd:it's not my writeup
19:58:14justanotheruser:is it maidsafes?
19:58:32petertodd:nope
19:58:40petertodd:multiple players
20:00:10justanotheruser:bbl, thanks for your help and making libbitcoin petertodd
20:00:46petertodd:all the credit for that goes to genjix, not me. I stick to pretty python code :)
20:27:33helo_:helo_ is now known as helo
20:30:39justanot1eruser:justanot1eruser is now known as justanotheruser
20:50:36FRCJoe_:FRCJoe_ is now known as FRCJoe
21:05:58adam3us:petertodd: did you see daniel krawisz article on app coins http://nakamotoinstitute.org/mempool/appcoins-are-fraudulent/ relatedly his even more awesome http://themisescircle.org/blog/2014/03/14/the-coming-demise-of-the-altcoins/ "the coming demise of altcoins (and what you can do to hasten it)"
21:06:38petertodd:adam3us: that's exactly the article they're replying to
21:07:53adam3us:petertodd: but its awesome and correct :) you are on the wrong side of this argument if you're lumped with helping maidsafe concoct some reason for existence argument for safecoins IMO :P
21:08:40petertodd:adam3us: like I said, some appcoins make sense - e.g. zerocash - others don't
21:08:44tewinget:tewinget has left #bitcoin-wizards
21:09:15petertodd:there are solid technical reasons for needing appcoins to implement many features bitcoin doesn't have, otoh they are probably a poor way to pay your dev team in most cases
21:09:25maaku:petertodd: o_O there's no reason you can't zerocash bitcoins
21:09:26adam3us:petertodd: not to mention the blatant investment conflict from the same investor who held a lot of msc persuading them to offer a steep msc discount, that then all backfired leaving suckers holding msc and giving people a way to dump languishing msc!
21:10:14petertodd:maaku: like I said, featurs bitcoin doesn't support. part of my advice to said clients was the disclaimer that ethereum, particularly some advanced zk-SNARK-using scheme, could make all app coins obsolete
21:10:19adam3us:petertodd: my conclusion after musing about this for some time is that if the value is in the source only, its not logically defensible as anyone can fork the source and detach the premine
21:10:45maaku:petertodd: side chains are possible today, e.g. OT's voting pools
21:10:55maaku:there isn't a dependency here on new features
21:11:10adam3us:petertodd: but ethereum is itself an appcoin. just tied to the app of "turing complete"
21:11:19maaku:that's just required for the whizbang trustless 2-way pegging
21:11:32petertodd:that's a social consensus thing - in many applications transaction costs are related to # of users, and if your social consensus that "the premine sucked!" is strong, then yes, users can switch. that doesn't necessarily happen
21:11:50petertodd:adam3us: indeed it is, it's an appcoin to replace all appcoins. a perfectly good idea if implemented well
21:12:35adam3us:petertodd: but it suffers the same fate. already there was aethereum. next someone will fork it onto a sidechain or create a coingen for it.
21:12:44maaku:... or we can just add a turing-complete / total-functional language to bitcoin in a soft-fork change
21:12:51maaku:or to a side chain
21:13:18petertodd:adam3us: again, social consensus and network effects can matter. whether or not they do in your particular case depends on a lot of factors
21:14:03petertodd:maaku: keep in mind my audience for my advice was comprised of people who've long ago been convinced that sidechains aren't and will never be secure
21:14:06adam3us:maaku: i prefer that. i think there is only room for one digital scarcity. i think definitionally there can only exist one durable digital scarcity.
21:15:17adam3us:petertodd: we know from proof of existence that "will never be secure" is not technically correct by argument ad-snarkium
21:15:46petertodd:a more insightful response re: scarcity would be to point out the velocity of money re: appcoins, e.g. think what zerocash will look like...
21:16:11maaku:petertodd: see this is where we diverge. i stop giving advice to people who don't or won't listen to it :P
21:16:37petertodd:adam3us: you know, the irony of all this is that the more said people see the hatred some aspects of the bitcoin community have for app coins, the *less* their convinced any merge-mined sidechain thing could ever be secure...
21:17:10petertodd:maaku: I'm not sure we differ there...
21:17:11adam3us:petertodd: there was some stuff wrapped up in "definitionally only one durable". if hypothetically the bitcoin network effect were overcome, and some alt overtook it, the likelihood is people lose confidence in durability (value store) of digital scarcity, for fear that the same thing will happen again
21:19:00petertodd:I'm very unconvinced by that argument frankly, people believe all sorts of crazy things, and bitcoin doesn't even need long term durability/value store to be valuable in the short term
21:19:02adam3us:frankly it seems pretty clear that almost all of the appcoin is about make-money-fast pump & dump and is not necessary. hence 200 alts.
21:20:18adam3us:petertodd: there's a nice cartoonized video about the history of fiat money creation in france with the economist John Law that shows what happens when confidence is lost in scarcity.
21:20:23petertodd:like I said, they probably aren't a good way to pay your dev team in most cases. but that's also not to say tech using appcoins is inherently bad either - zerocash absolutely requires it to be implemented securely
21:21:30adam3us:petertodd: i dont think the universe owes random devs a get rich quick attached to each random/dud what-if idea, that doesnt even hang together technically in most cases.
21:22:29adam3us:petertodd: ie we have angel investors, vcs, kickstarter etc and the market is pretty hot right now for bitcoin. if said people cant interest investors then maybe they're not investable and they're just (illegally) abusing unqualified investors.
21:23:52adam3us:petertodd: i think zerocash would be more useful btc denominated. when you said consensus you mean like msc and floating zerocash?
21:24:41petertodd:adam3us: meh, still doesn't change the fact that technically you simply can't do certain things on bitcoin, a zerocash built as an embedded consensus system needs to be implemented as a coin, either un-pegged, or at worth, one-way-pegged
21:24:45petertodd:*worst
21:26:05adam3us:9min history of fiat/John Law in cartoon form. quite amusing https://www.youtube.com/watch?v=ADv5-Pen1L4
21:27:59adam3us:i am not even saying the app coin characteristics that make sense. even those would be more useful in btc so why feed them ideas.
21:28:27maaku:an "appcoin" that is not directly redeemable for a service is a strange idea imho
21:28:41maaku:marketing spin on top of the standard alt pump-dump play
21:29:19adam3us:maaku: my thoughts exactly :) seemingly daniel krawitz too.
21:30:55adam3us:maaku: also as the service is typically peer to peer, the resources are coming from peers, who are expected to tolerate donating their resources to create pump & dump exit for the appcoin author.
21:33:44maaku:externalized cost ftw!
21:34:02phantomcircuit:adam3us, plenty of silly people trying to latch onto the pump part for that
21:34:50adam3us:maaku: in the case of maidsafe zooko who is on here sometimes already has a running system for several years called tahoe LAFS decentralized file store with properly designed crypto. the maidsafe guys are acting like they're patent pending 8 years or research. it already exists. its already deployed. zooko didnt need an appcoin to do it!
21:36:29petertodd:phantomcircuit: the problem is you then get people who think that coins are always inherently bad, which isn't true either
21:43:14maaku:there are an infinte potentially viable coins backed by good or services. there are a very, very small number of viable coins backed by nothin -- basically the set of those whose economic models are not overlappingg
21:43:31maaku:features don't enter into it at all imho, because those are easily portable (either by moving features or moving coins)
21:46:26adam3us:i liked wences casere's take on alt coins. (the xapo founder) i didnt watch his presentation until video after the conf: https://www.youtube.com/watch?v=r1lqqNU3fQs at some point he says he revised his view and now considers them to be dead end. bitcoin network effect is too strong. he had some stats to back it up.
22:07:55Luke-Jr:adam3us: too strong to fight ideaology-based altcoins?
22:08:15Luke-Jr:eg, Freicoin's demurrage that has attracted those turned off by Bitcoin's "deflation"
22:08:36justanotheruser:justanotheruser is now known as nikkuts
22:09:43maaku:Luke-Jr: freicoin is design not to disrupt/overlap with bitcoin's econmic use
22:09:45adam3us:Luke-Jr: i heard jtimon & maaku give an interesting argument that freicoin does not compete as much because of its intentional engineered bias for use as a transaction currency rather than a store of value
22:09:51Luke-Jr:maaku: exactly my point
22:10:15Luke-Jr:that's why I'm saying network effect *shouldn't* hurt Freicoin
22:10:35sipa:I think it does.
22:10:44adam3us:Luke-Jr: yes so you are right to the extent their argument works, it is the exception so far. its hard to say because its an economic experiment what the outcome is
22:10:47maaku:Luke-Jr: yes, correct
22:11:19sipa:Presumably you have those who care about the gold-mine-ness of Bitcoin, you have those who care about the economic properties of Freicoin, and you have a large group that doesn't care (myself included).
22:11:31sipa:The last group will be attracted by network effect.
22:11:34Luke-Jr:sipa: true
22:11:41Luke-Jr:but not enough to kill Freicoin entirely, I think?
22:11:42adam3us:sipa: the dont cares are swayed by network effect.
22:11:53sipa:Luke-Jr: maybe
22:12:46maaku:sipa: those who don't care use what they have available to them, and frictionless infrastructure makes network effect less important there (as a merchant you'll take any coin as long as its market is liquid)
22:12:58adam3us:sipa: i think maybe the interesting thing is it competes on one dimension: transactional value, but not so much on another storage. so its both competing and not competing.
22:13:11sipa:right
22:13:20maaku:that's how I qualified my statement above: for non-backed digital scarcity, there's no room for overlapping use cases. but i do think there is a clean separation between frc and btc (by design of course)
22:15:32Luke-Jr:maaku: btw is 1 FRC == 1 unit since you added a decimal type? or is there still a 1e8 division?
22:17:20maaku:answered on #freicoin
22:19:15adam3us:i do think frc has a struggle to overcome the network effect even for the transactional part, because as btc came first, frc has no functional benefit. it has an interesting economic argument relating to interest costs, but its a system level argument which is hard to persuade individuals to unilaterally commit to.
22:20:44maaku:adam3us: availability of bitcoin on the frc chain will help here, as you'd be able to take any asset as payment, with an atomic conversion to bitcoin (or whatever your preferred asset is)
22:20:52adam3us:the idea of a pegged side-chain with freicoin demurrage is an interesting addition to the picture as it removes forex fluctation risk
22:20:57maaku:that's what we've been working towards for a year, as you know
22:22:46adam3us:maaku: yes. so freimarkets with btc via escrow agent / voting pool, and more lately pegging. but i mean if that were first to market then there is a feature advantage. but if someone were to fork it or have comparable functionality but without demurrage.
22:23:36adam3us:maaku: because while then those two systems are on even ground as network effect for that part is not there yet, presumably the btc network effect still influences
22:26:04adam3us:maaku: but i think your point before pegging there was no other mechanism that tried to be neutral (not tied to a storage value pump alt) that could function other than this and color coin (and the not so generalizable 1-way peg)
22:32:38maaku:adam3us: well only frc is demurraged, and you are free to just use the pegged bitcoins
22:32:57maaku:but people will have frc to spend, because of the perpetual subsidy...
22:33:08maaku:but we can take this to #freicoin
22:33:41jtimon:I don't buy adam3us argument about digital scarcity: "there can only be one because if it failed, no one would trust digital scarcity again" (replace "digital scarcity" with "paper" and think how easy it is to repeat experiments)
22:34:05maaku:but yes, i see btc and frc as non-overlapping use cases, and the only two such pairings I know of
22:34:09maaku:there might be others though
22:34:41maaku:jtimon: meh, it's pretty accurate if you look at commercial paper currencies
22:34:52maaku:fiat only works because of the state pressure
22:35:05sipa:i think "silly alts" do hurt, but not in that way (and also not by diluting limited supply)... just by making noise and confusing people :)
22:35:06adam3us:jtimon: my argument is that unlike physical things there is nothing behind PoW. so a PoW with param set A is fundamentally identical in its content to a Pow with param set B.
22:36:11adam3us:jtimon: maybe bottled air or something. air is air. difficulty adjust is the air must be at higher pressure. if someone makes a green bottle and a blue bottle etc and it turns into tulip mania suddently bottled air is meaningless and the concept risks collapse like the tulip mania in holland
22:36:14maaku:i side with sipa on that point, but the alt-IPO phenomenon is taking money away from better projects :(
22:36:24jtimon:I agree on that, I just don't see any danger in being replaced by say, ether, if it turned out to be a superior model
22:37:17maaku:jtimon: the most persuasive argument i've heard is that we need speculation to bootstrap, but if an alt replaces btc people will be afraid to speculate
22:37:18jtimon:and of course I agree they are not a good funding mechanism
22:37:45adam3us:jtimon: firstly its grossly greedy to contemplate. secondly why would ether not be displaced by snarkcoin. its clearly superior and more secure and more flexible. and repeat. how are people supposed to trade and do finance in a stream of short lived collapsing bubbles. that affects confidence. maybe critically but certainly not good
22:38:02nikkuts:nikkuts is now known as justanotheruser
22:38:42jtimon:I think you need very little speculation, what you need most is merchants to make the currency useful as a medium of exchange, that's where shitty alts hurt other alts most (not bitcoin because it already has the network effect)
22:39:06adam3us:in other news Eric Voorhees got let of lightly and fined $50k by the SEC for securities violations relating to alt-IPOs.
22:39:49jtimon:adam3us why do you assume they are "short lived"? why would that be necessarily fatal for cryptocurrencies?
22:40:49sipa:Voorhees looks surprisingly dutch to me, but it doesn't mean anything
22:40:58jtimon:I doubt it will happen many times, I even doubt it will happen even once in terms of the basic model and codebase
22:41:49jtimon:I think starting from scratch is ethereum's fatal flaw, not its strongest point
22:42:35sipa:it's what makes it much more interesting as an experiment at least
22:42:38jtimon:like ripple.com's, why nobody has forked ripple.com or even a pow version of it?
22:43:25Luke-Jr:Ripple isn't *that* interesting
22:44:50maaku:jtimon: if you need billion-dollar investments before Xcoin "takes off", then Xcoin needs billions of dollars of speculative investment
22:45:07jtimon:think it's a flawed design, inputs and outputs are not a mistake in bitcoin
22:46:25jtimon:you just need a market that is big enough for the users and merchants conversion needs
22:47:55jtimon:even with a tiny market like freicoin's you could use it for small purchases if merchants had a proper payment processor
22:56:32bitcoinzes:Hello wizards
22:57:13justanotheruser:not a wizard yet, but hellp bitcoinzes
22:57:18justanotheruser:*hello
22:57:44bitcoinzes:I missed the digital scarcity convo for the most part it seems
22:58:23justanotheruser:http://download.wpsoftware.net/bitcoin/wizards/
22:59:28bitcoinzes:you really are a wizard
22:59:30adam3us:Luke-Jr: speaking of ripple, they got a slap in the face when a board member resigned & wrote a rant about why he quit http://www.cryptocoinsnews.com/news/ripple-board-member-jesse-powell-resigns-wake-founder-sell/2014/05/24 McCaleb said he was dumping a huge number of btc and dropped the price just before that.
22:59:56justanotheruser:bitcoinzes: It's in the topic
23:00:13bitcoinzes:thanks for the heads up
23:00:51bitcoinzes:If you watched adams talk in israel regarding anonimity and the differnt approaches to in in different coins, he pretty much technically craps on ripple in the q and a
23:01:11bitcoinzes:because if you can get a judgjment or injunction against ripple
23:01:17bitcoinzes:the network goes down apparently
23:01:23bitcoinzes:if I understood it correctly
23:01:34bitcoinzes:It was at 1 hour 5 minutes I believe
23:01:35adam3us:bitcoinzes: you did, this is the same adam :)
23:01:51bitcoinzes:I hoped so, was good meeting you in amsterdam
23:02:18bitcoinzes:Here is my take on digital scarcity
23:02:38bitcoinzes:The value of a currency compared to other currencies is greater the greater liquidity it has
23:02:50bitcoinzes:that is why every 100 years we have a single dominant "reserve" currency
23:03:07bitcoinzes:as such, whever we can have a single digital currency acquire mass, it is better for the entire ecosystem
23:03:26bitcoinzes:because that single "reserve" currency will be much easier interfaced with by other competing and smaller currencies
23:04:09bitcoinzes:point 2. It is obvoius that competing currencies can and will exist, as all currencies only server as an aid to track the human emotion of "owe" how
23:04:10adam3us:gmaxwell wrote a more detailed list of pointy questions that got some response from Joel Katz (ripple crypto guy) on the bitcointalk forum somewhere. it seemed reading from that that they aspire to be decentralized but they have not worked out how to do it. to my way of thinking that is because that is what bitcoin mining is for.
23:04:42bitcoinzes:its from this basis of intherant human tit for tat "owing" that currencies are able to function
23:05:45bitcoinzes:Because of this, multiple currencies can and shoul dbe supported, to tailor to the different communication needs of the participants
23:05:47maaku:bitcoinzes: i suggest reading the logs. this isn't what the discussion was about
23:05:57orperelman:Somebody termed it as a "centralised decentralisation"
23:05:59dgenr8:I find the justifications for having included XRP very disingenuous
23:06:08bitcoinzes:that was me :)
23:06:10orperelman:haha!
23:06:14orperelman:Good quote
23:06:16bitcoinzes:thanks
23:06:21bitcoinzes:i probably read it somewhere though
23:06:32bitcoinzes:we were both in the appcion chat
23:06:40orperelman:yeps
23:06:47bitcoinzes:shalom
23:08:16bitcoinzes:yeah I see tons of stuff in the logs here I'd love to comment on
23:08:42bitcoinzes:I thought wences talk in amsterdam was amazing as well
23:08:53bitcoinzes:changed how i looked at money
23:09:49bitcoinzes:is there something we can learn from the 5 years we've been working, i.e. perhaps more alts don't matter.
23:10:08bitcoinzes:is there something we can learn from the 5 years we've been working, i.e. perhaps more alts don't matter.?
23:10:11adam3us:i think there is something digital tulip like so that while the digital tulip is able to maintain long term value it is extremely useful functionally. but if the digital tulip bubble pops completely and is displaced by a tulip2 maybe thats a long term problem that maybe hard to recover from because it sets a confidence affecting precedent.
23:10:25bitcoinzes:i.e if litecoin is 10 pecent of bitcoin and has been for a couple years, doesnt' seem to be taking away too much dev power from btc
23:11:16adam3us:bitcoinzes: i think wences argument is that is artificial. he had stats to show the combined transactional value/volume of alts is insignificant and losing further to bitcoin network effect.
23:11:27bitcoinzes:I think that the giant billion dollar tulips have come and gone multiple times in regular securities
23:11:56bitcoinzes:So while a 0 value would hurt all of our digital initiatives, I believe it would continue onward, as commerce does when normal companies fail
23:12:01bitcoinzes:look at the electric car
23:12:03adam3us:they have. and the century duration reserve currency cycles also (often fiat with limited backing)
23:12:06bitcoinzes:sucked hard before tesla
23:12:33bitcoinzes:I think I have a non techincal social answer as to why their must be alt coins
23:12:49bitcoinzes:this is from andreas anton..
23:12:58bitcoinzes:at some point btc dev will stop like tcp dev
23:13:04adam3us:bitcoinzes: to enrich alt coin authors ;) why else 200 param-tweak alts
23:13:05bitcoinzes:its jus ttoo embedded in places that cant change
23:13:08bitcoinzes:its in silicon
23:13:18bitcoinzes:so in 4-5 years that is where we will be
23:13:30bitcoinzes:and when that hits, its all alts from there on out
23:13:54bitcoinzes:I can't think of a reason why the tcp/ip analogy fails if this is the underlying protocol of "financial" value
23:14:16bitcoinzes:and thus, in 5 years, its all alts jus tlike you use http over tcp, you don't try to change tcp
23:14:26bitcoinzes:and if you do, you get ipv6, wihch has been what around for 10 years
23:14:40bitcoinzes:so fix what you can before your 5 years are up
23:14:44BigTimeCoin:So anyway - there is a big difference between alt coins and app coins
23:14:54bitcoinzes:not really
23:15:03BigTimeCoin:good thanks for your opinion that i am wrong
23:15:20bitcoinzes:i mean, you could make the case either way, i.e. how much different is a merge mined copy of bitcoin as an alt
23:15:30bitcoinzes:or litecoin from btc, 10 percent diff?
23:15:38BigTimeCoin:so anyway - app coins provide useful functionality by providing a way to spend the token back into the app to do something useful
23:15:45bitcoinzes:I think there's another very important point here
23:16:00bitcoinzes:which is, why shouldn't developers be rewarded financially from the fruits of their labors
23:16:06bitcoinzes:and in btc as a dev, you can't get a share of the pie
23:16:11bitcoinzes:because no one will give it to you
23:16:12BigTimeCoin:Whereas alt coins are simply copies of bitcoin with a modified proof of work function and other static variables
23:16:16bitcoinzes:because the bootstarpping is done
23:16:30bitcoinzes:that is why i believe you see all the inovation everywhere except btc more or less
23:16:31adam3us:bitcoinzes: i dont think the universe owes developers a pump & dump free lunch.
23:16:44bitcoinzes:because if you have a great idea, you can get 10 percent of what its worth instead of 0 percent
23:16:58bitcoinzes:I dno't think the devs deserve pump and dump free lunch either
23:17:15bitcoinzes:I own 0 alts
23:17:21bitcoinzes:I see them launch and dump every time
23:17:31BigTimeCoin:Bitcoin can be viewed as an app coin if you see the people mining bitcoin, then using the bitcoin to buy mining equipment, thus distributing it to mining equipment manufacturers and speculators.
23:17:40bitcoinzes:I think if we want to keep innovation in the btc ecosystem and push liquidity here, we need to hold on to smart devs
23:17:41adam3us:bitcoinzes: but bitcoin succeeded because millions of man hours of technical innovation was focused collaboratively for free without intellectual property types of rent extraction
23:17:50maaku:bitcoinzes: so make a company around whatever you are doing, and charge money for a service, and issue shares of that company to yourself
23:17:51bitcoinzes:bitcoin would be 4x where it is now if all the alts focused here instead of there
23:18:10maaku:don't go extracting rent from your entire user base via an underhanded distribution mechanism
23:18:44adam3us:maaku: thats a novel idea :D charge for delivering useful services. work for a living. probably the alt people are after a free lunch at the expense of the loser of the zero sum pyramid
23:19:10bitcoinzes:lets get a consensus chain going. I think btc has network effect, does its job well enough, and is in lots of silicon as is. I think btc has minimum innovation due to not paying enough devlopers to develop.
23:19:29sipa:development is not the bottleneck
23:19:34sipa:review is
23:19:39bitcoinzes:I think that enhancing liquidity in a single digital scarcity helps compete against all other currencies, and I think solving the developers is useful
23:19:50bitcoinzes:can you explain
23:19:54bitcoinzes:sipa
23:20:12bitcoinzes:do developers do the reveiwing or soeone else?
23:20:13bitcoinzes:I'm that stupid
23:20:43sipa:bitcoinzes: #bitcoin-dev
23:22:22bitcoinzes:tried to join it, said i'm banned
23:22:29bitcoinzes:im' on webchat with random username
23:22:31bitcoinzes:anyway
23:22:53bitcoinzes:anyway
23:22:57bitcoinzes:can someone explain to me how review differs from development
23:23:09sipa:yes, but it's off topic here
23:23:09bitcoinzes:shit keyboard too, i'm in a rough computing envronment here
23:23:17bitcoinzes:hey, i just want to be of service,
23:23:34bitcoinzes:hardfork wishlist got ya
23:23:36bitcoinzes:i will shut up onw
23:24:44maaku:bitcoinzes: we need competent people on github.com/bitcoin/bitcoin/pulls reviewing & testing code
23:25:27bitcoinzes:If sidechains or treechains doesn't get implemented, I think the risk that another literally technically superior solution comes along is enhanced because it forces innovators into alts instead of core
23:25:58bitcoinzes:*coreish
23:26:40bitcoinzes:Is that the only way to get the transactions per a second up as well, or sharding the blockchain
23:27:03sipa:that's what treechains does: sharding the chain
23:27:06adam3us:bitcoinzes: well for now bitcoin is technically quite extensible so most useful things could be implemented into bitcoin itself if there were enough motive
23:27:48bitcoinzes:consenus will ge tharder and harder to reach the larger the network gets (consensus of stakeholders, miners, bitpay, wallets, etc, at one point it will be nearly impossible)
23:27:52bitcoinzes:ipv4
23:28:08bitcoinzes:so that job is the easiest today it will ever get
23:28:11adam3us:jgarzik seemed to disagree with that claim.
23:28:32sipa:bitcoinzes: except it needs designing, implementing, testing, and _convincing_ people
23:28:33bitcoinzes:so that job is the easiest today it will ever get?
23:28:46bitcoinzes:what is "it"
23:28:46sipa:the last part may get harder over time
23:28:53sipa:whatever hardfork proposal
23:28:56bitcoinzes:got ya
23:29:07sipa:but the rest does get easier, as understanding grows
23:29:13adam3us:there is some scope for two tiers of devices. spv ones can get by in ipv4 compatiibility mode while the world moves to ipv6
23:29:17sipa:and probably funding for research too
23:29:19bitcoinzes:I think it is safe to say tha tthe complexity will grow,and editing more and more complex systems is harder and harder
23:29:26sipa:yes
23:29:53bitcoinzes:so did the world decide on treechain vs altchain or are we waiting on whitepapers still
23:30:04adam3us:would be fun to hard fork refactor to rationalize
23:30:08bitcoinzes:lol@world, likely more just this chatroom
23:30:18bitcoinzes:I'm Richard by the way
23:30:36jgarzik:altcoins exist, but are insecure. side chains and tree chains exist on paper only, AFAIK.
23:31:11sipa:i hate how people name those in one sentence as if they are competitors
23:31:29sipa:one is scheme for allowing variation in the security/scalability tradeoff
23:31:31jgarzik:it is impossible to project "$foo will get harder over time" because you do not know the human network surrounding the elements
23:31:32adam3us:yup. and tree chains are a proto-idea petertodd can clarify but i think from what i understood its not fully concrete
23:31:48sipa:the other is a mechanism for introducing new rules / coins in a graceful way
23:32:33sipa:but yes, both only exist on paper
23:32:37adam3us:sipa: yes. i think petertodd was seeing a useful overlap in that the most obvious way to get tree chains deployed hypothetically would be … side-chains
23:33:30maaku:bitcoinzes: side chains are doable today. no one is stopping you from making one. it's only the fancy SPV-safe 2-way peg that requries changes
23:34:14bitcoinzes:can you and peter do a voice call and work together on an idea adam? I think you 2 are the only guys with viable solutions to keep inovation in btc coreish
23:34:39bitcoinzes:voice kicks ass for me :)
23:35:37bitcoinzes:am I right in guessing that one of those 2 solutions needs to be implemented to get more transaction sper a second and experimentation in chaintech while holding btc digital scarcity
23:36:32sipa:one intends to give higher transactions/second, the other allows new chain technology to interoperate (but does not directly improve scalability if the same security is maintained)
23:36:54bitcoinzes:i see that you are entirely right
23:36:58bitcoinzes:thanks for clarifying that
23:37:29bitcoinzes:so it doesn't sound like they're even binary, you can do both if you see value in both, right?
23:37:39sipa:perhaps
23:37:54sipa:but i do see them as orthogonal if anything, yes
23:38:29maaku:they solve an overlapping set of problems in orthogonal ways
23:38:43bitcoinzes:you guys with your big words :)
23:38:44maaku:but not 100% overlapping, on either side
23:39:21bitcoinzes:I think the other major issue is anonimity, innovation, tps, and anonimity in varying order to your value system
23:39:55bitcoinzes:rather I think those are my top 3, in order of: inno, anon, tps
23:40:57bitcoinzes:I checked out: https://en.bitcoin.it/wiki/Hardfork_Wishlist
23:42:12bitcoinzes:apparently the trezor has some issue where it sucks mor than it needs to because values aren't trasmitted when signing a transaction (i'm misremembering this from adams talk as well I think.) I see no issue with similar language to that in this list
23:42:28bitcoinzes:ahh because it might not be a hardfork?
23:42:44andytoshi:what does trezor have to do with consensus?
23:42:48bitcoinzes:nope its there
23:42:53bitcoinzes:Add new signature hashtype to include value of TxOut being spent, in the hash to be signed. Doing this would remove the requirement that offline signing devices be sent all supporting transactions with the transaction-to-be-signed, just to confirm the transaction fee.
23:42:55bitcoinzes:I missed it
23:43:04andytoshi:ah
23:43:15bitcoinzes:thank god i didn't have to find it in the video
23:44:04bitcoinzes:thank god i didn't have to find it in the video/
23:44:11bitcoinzes:I see nothing here in the wiki about anonimity?
23:44:18bitcoinzes:sorry for this shit webclient doublepasting
23:44:27maaku:bitcoinzes: probably because bitcoin is not and not supposed to be anonymous
23:44:33maaku:this is probably better for #bitcoin
23:45:03bitcoinzes:I think the guy with 1 million bitcoins was pretyt serious about it being anonymous for him
23:45:06sipa:anonimity and privacy are very different things
23:45:14bitcoinzes:would seem odd if we didn't extend the courtesy to everyone else
23:45:35adam3us:bitcoinzes: the bitcoin white paper has a section on privacy.
23:45:36sipa:privacy should be a goal; anonimity is an extreme form of privacy that in bitcoin like systems would have tremendous cost
23:46:13bitcoinzes:in his talk at stanford and amsterdam
23:46:21bitcoinzes:previous core lead dev said anonimity was great
23:46:30adam3us:bitcoinzes: some of the privacy ideas can be built without protocol changes. eg coinjoin, coinswap, stealth addresses, not reusing addresses
23:46:38maaku:bitcoinzes: there are technical reasons why bitcoin cannot be anonymous without massive changes in the way it works (e.g. zerocash)
23:46:47maaku:this is really a #bitcoin topic, don't get yourself banned here too
23:48:22bitcoinzes:So guys, as a non developer I'm trying to bring the maximum value I can
23:48:34bitcoinzes:by making sure everything is on the wishlist that I can think of
23:48:55andytoshi:bitcoinzes: the enthusiasm is great, but this is a low-volume research channel. most of the regulars here try to read every single line of scroll-back so we try to keep things on-topic
23:48:58sipa:it's nothing authoritative
23:49:09bitcoinzes:alright, im' out
23:49:10sipa:it's just a list of what certain people thought was nice
23:49:12bitcoinzes:hope i helped
23:49:13andytoshi:bitcoinzes: generally the discussion here is much more concrete
23:49:18bitcoinzes:bitcoinzes has left #bitcoin-wizards
23:50:13adam3us:sipa: the talk bitcoinzes is mentioned was my attempt to argue that zerocash level anonymity is a useful building block that can improve fungibility while still having identity at payment layer
23:50:56maaku:didn't mean to scare him away
23:54:39adam3us:sipa: its a bit long but if you get bored https://www.youtube.com/watch?v=3dAdI3Gzodo&feature=youtu.be
23:56:25maaku:bitcoinzes, in case you check the logs: i meant take the topic of "why is it difficult to make bitcoin anonymous" to #bitcoin, not "please go away". you are welcome here so long as we keep to implementation & research issues