| 00:18:24 | Eliel_: | hmmh... I just realized that a 51% attacker who orphans other miners' blocks can be made to prove he's doing so (at least if he includes other people's transactions). Basically, when a miner finds a block, he can simultaneously create a transaction that has a stealth reference to the block and broadcast it. If someone else then orphans his block with a block that nevertheless includes the transaction, he can then broadcast a secret code that co |
| 00:20:39 | kazcw: | putting into a transaction a blinded reference to a block in the other chain just proves the other chain existed when the attacker mined their block, not that the attacker -knew about- the other chain's existence |
| 00:21:16 | Eliel_: | I don't think that's a very important distinction. |
| 00:24:24 | kazcw: | what could be done in response to a proof-of-competing-chain? |
| 00:26:36 | Eliel_: | one option is to orphan the attackers block and treat the prior block as the real one. |
| 00:26:44 | Eliel_: | although |
| 00:26:54 | Eliel_: | that opens another attack |
| 00:27:02 | Eliel_: | so perhaps that's too heavy |
| 00:31:30 | Eliel_: | any transactions confirmed in the orphaned block could be considered confirmed though. I don't think that's abuseable. |
| 00:33:33 | Eliel_: | the biggest trouble is probably that the transaction only does Proof of Existence, not Proof of Publication. |
| 01:57:45 | super3: | oh looks like i wasn't paying attention at the best time |
| 01:58:35 | jps_: | jps_ is now known as jps |
| 01:59:46 | super3: | well my solution currently is to have node A challenge node B |
| 02:00:06 | super3: | node a publishes the merkle root of its hash challenges |
| 02:00:17 | super3: | via blockchain or some other public source |
| 02:01:36 | super3: | node a can pay node b for correct hash challenges, via microtransactions |
| 02:02:23 | super3: | if there is a failed challenge or dispute the blockchain has enough information to mediate |
| 02:03:03 | super3: | as per gmaxwell's spec node a is an "autonomous agent" via a decentralized and distributed application we call Metadisk |
| 02:33:50 | asoltys_: | asoltys_ is now known as asoltys |
| 04:22:47 | justanotheruser: | Why couldn't nothing at stake be fixed by allowing users to mine with old stake? Then their old stake would be profitable and they would have something at stake. |
| 04:23:09 | justanotheruser: | They wouldn't necessarily have currency at stake, but they would have potential profits at stake. |
| 04:38:29 | kanzure_: | justanotheruser: double spending |
| 04:39:18 | justanotheruser: | kanzure_: how does that allow double spending? |
| 04:40:02 | kanzure_: | each chain ends up with different payments |
| 04:40:32 | justanotheruser: | kanzure_: why are there multiple chains now? |
| 04:41:09 | kanzure_: | nothing at stake refers to the lack of incentives to maintain only a single chain |
| 04:42:45 | justanotheruser: | yes, but there is something at stake if you can use old outputs to profit |
| 04:42:57 | justanotheruser: | at least as far as I can understand right now |
| 04:52:16 | justanotheruser: | Owning old stake seems like it would be equivalent to owning mining gear. One problem is that old stake profitability approaches zero as the chain grows. As that old stake profitablitiy approaches zero, you will probably end up selling that stake and someone will be able to use that to make a fork from that point. |
| 05:00:43 | phantomcircuit: | The average time to generate a block at 0.3 Mhps, given difficulty of 17336316978.5, is 7870375 years, 37 weeks, 4 days, 8 hours, 21 minutes, and 28 seconds |
| 05:00:54 | phantomcircuit: | i guess i need to copy someone elses cpu mining code... |
| 05:01:04 | phantomcircuit: | er |
| 05:01:18 | phantomcircuit: | ;;gentime 0.3 1 |
| 05:01:18 | phantomcircuit: | The average time to generate a block at 0.3 Mhps, given difficulty of 1.0, is 3 hours, 58 minutes, and 36 seconds |
| 05:01:21 | phantomcircuit: | well maybe not |
| 15:40:32 | jgarzik: | jgarzik is now known as home_jg |
| 17:50:24 | Guyver2: | Guyver2 has left #bitcoin-wizards |
| 18:12:20 | rodarmor: | rodarmor has left #bitcoin-wizards |
| 18:36:37 | gmaxwell: | gmaxwell is now known as Guest36970 |
| 20:23:11 | Guest36970: | Guest36970 is now known as gmaxwell |
| 20:48:00 | Dizzle__: | Dizzle__ is now known as Dizzle |