00:22:43maaku:maaku is now known as Guest38225
02:56:58justanot1eruser:justanot1eruser is now known as justanotheruser-
03:50:57zooko:tromp_*: Could you get the Cuckoo PoW paper published in an academic venue, please? ☺
08:05:18weber.freenode.net:topic is: This channel is not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged at http://download.wpsoftware.net/bitcoin/wizards/. For questions about the logs talk to andytoshi.
08:05:18weber.freenode.net:Users on #bitcoin-wizards: andy-logbot davidlatapie justanotheruser eslbaer Graet Iriez HM berndj-blackout TheSeven Hunger- Transisto Dr-G fanquake spinza digitalmagus wiretapped maaku_ zenojis Ken` pen o3u bobke [\\\] moa realazthat kinlo waxwing andytoshi michagogo nanotube Keefe SomeoneWeird pajarillo espes___ melvster wallet42 jchp_ tromp_ irc88 quackgyver_ mr_burdell Aquent putler p15 roconnor ericp4 HaltingState Alanius Starduster_ DougieBot5000 Starsoccer pigeons
08:05:18weber.freenode.net:Users on #bitcoin-wizards: forrestv smofi Eliel nkuttler so Emcy wizkid057 EasyAt DoctorBTC grandmaster2 CodeShark Mikalv Gnosis phedny tacotime drawingthesun edulix gmaxwell LarsLarsen wumpus LaptopZZ Krellan__ epscy Guest54659 nsh Pan0ram1x Luke-Jr zling__ CryptOprah eizh__ OneFixt justusranvier ryan-c [Derek] iddo Dyaheon- super3 a5m0 samson_ grubles pi07r jbenet roasbeef Sangheili gavinandresen nickler BigBitz Muis artifexd Anduck gribble copumpkin dgenr8 TD-Linux
08:05:18weber.freenode.net:Users on #bitcoin-wizards: jgarzik phantomcircuit jcorgan abc56889 optimator UukGoblin otoburb midnightmagic mmozeiko harrow weex Adohgg amiller rs0 @sipa trn Logicwax catcow petertodd throughnothing gwillen sl01 dansmith_btc warren asoltys zibbo_ BlueMatt lianj BrainOverfl0w crescendo kanzure lechuga_ cfields smooth bbrittain Apocalyptic comboy helo K1773R jaromil poggy aynstein burcin danneu tromp__ mhanne @ChanServ
09:48:56execut3:execut3 is now known as shesek
11:33:21dsnrk:I've long been curious on the makeup of transactions in the network. part of that has been trying to work out just how people are using Bitcoin, so as to make better assumptions about how much of a role various clients forms will have in the future.
11:33:57dsnrk:to that end, I've collected some fun stats. in the last 1328 blocks there have been 552784 transactions. 236497 (42%) were made by a blockchain.info web wallet, according to their own published information. the information is a little noisy because it includes some outside sources, but it's certainly a good idea of how the network is being used. at worst it's an upper bound.
11:35:14gmaxwell:how hard would it be to recomputed that in terms of coin value moved?
11:35:28sipa:coin transferred, or coin moved?
11:35:38gmaxwell:transfered is hard. :)
11:35:54gmaxwell:mostly I'm curious if that number is being inflated by dust transactions.
11:37:06dsnrk:I can do that, let me throw together a tool to count the outputs.
11:40:59BigBitz:how are you attaching the addresses to blockchain.info wallets, dsnrk?
11:41:13hearn:42%?
11:41:18hearn:that sounds remarkably high
11:41:24BigBitz:Yeah - that's why I asked.
11:41:27BigBitz:42% sounds very high.
11:41:48hearn:i mean it's a popular wallet but there are a lot of transactions being made by exchanges and dice sites and the like
11:42:20BigBitz:popular enough to hold nearly 50% of the last 550K transactions though?!
11:43:04dsnrk:BigBitz: in this case I am filtering transactions they self-report as sent using their pushtx service. almost 40% of a given blocks transactions don't use a change address, so that's hardly an insane figure to my mind.
11:43:39hearn:this tx reports as being relayed by b.i but it uses a change address: https://blockchain.info/tx/b5432ce4ba08f5e14c0fefbe274bca6919f5430ba7bf5180aa516d2c85c3d4d3
11:43:47BigBitz:using their pushtx services does not mean they are blockchain.info wallets though. Don't blockchain.info allow the user of that?
11:43:58hearn:still, interesting analysis
11:44:46dsnrk:I thought it was a fair assumption to make that the majority of transactions through it would be bc.i wallets. if nothing else, it can be taken as an upper bound.
11:45:20BigBitz:Fair comment.
11:46:12hearn:they need more competition :)
11:46:16dsnrk:hearn: there's an option hidden away in their interface to use change addresses, but it's not the default most people use. I think you picked that one right though, I don't believe there's a reason for a bc.i wallet to use a fee of 0.00022333.
11:46:54BigBitz:but hearn they have Anton. The all knowing.
12:03:18dsnrk:gmaxwell: sipa: sorry, still have no idea what I'm doing with gnuplot. here's a dodgy graph of the outputs. really of 200 blocks, not 1000. https://i.imgur.com/r4vxDCg.png
12:16:53dsnrk:wait. I screwed that up.
12:27:44dsnrk:https://i.imgur.com/ll8163B.png
12:28:37dsnrk:gmaxwell: ^
12:34:55hearn:dsnrk: i'm colour blind. what does the graph say in english?
12:36:21dsnrk:blockchain.info transactions are pretty dusty, but probably less than the rest of the network in my small sample size.
12:38:25dsnrk:I think I need to learn gnuplot better before I try this next time. I don't think my graph is showing the data properly.
14:22:09petertodd:dsnrk: bc.i eallet lets you set fees, so 22333 may very well be a user set fee
14:36:43dsnrk:petertodd: possible. do you think many users would change the fee? I find it hard to make assumptions about user behaviour when it's not something I would ever be thinking about myself.
14:41:29fanquake:fanquake has left #bitcoin-wizards
18:48:28tromp__:trying to get my severe doubts on Nxt's notion of POS answered at https://nxtforum.org/index.php?topic=4515.0 ...
18:50:36gmaxwell:tromp__: with that description you also get the fun that DSA signatures have an inherently (pseudo)random input which must be private.
18:51:59zooko:A really good challenging blog post from @ofnumbers: “What we have today is not Bitcoin but Bitcoin In Name Only”—http://letstalkbitcoin.com/blog/post/bino
18:55:14petertodd:dsnrk: who knows?
19:01:45amiller:the folks at princeton CITP and I just finished recording a bunch of lectures for a bitcoin research MOOC
19:01:54amiller:we included some stuff about sidechains and embedded consensus
19:02:35amiller:not a bitcoin research MOOC, it's a course for computer science undergraduates especially and covers all of basics and technical stuff and some research
19:02:46tacotime:amiller, free online?
19:02:51amiller:it'll be free online
19:02:55amiller:it's being edited right now
19:02:57tacotime:nice :)
19:04:02amiller:we're going to have to do one of those things where we make sure everyone's original forum posts are cited properly in the corresponding liner notes etc, anyway i guess my point was i imagine lots of people here will be interested to look at these and point out if we got any parts of someone's pet topic wrong
19:04:44amiller:i feel like my parts anyway ended up steering biasedly towards showing off my own research stuff, just because i have more experience presenting it
19:04:52amiller:we'll see when it's edited and released
19:06:18gmaxwell:corollary 386: it's not wrong until its on the internet.
19:06:24wallet42:wallet42 is now known as Guest1100
19:06:24wallet421:wallet421 is now known as wallet42
19:06:27zooko:amiller: way to go!
19:07:23nsh:amiller, \o/
19:29:47moa:zooko`: good catch that article
19:30:10amiller:i increasingly like @ofnumbers' stuff
19:30:37amiller:on the other hand i feel like i can never figure out what to do with his insights
19:44:09tromp__:what "book" is he referring to in " Yet as copiously shown throughout the book, it is not anti-fragile "
19:44:58amiller:tromp_, he's published a pdf and book
19:45:22amiller:http://www.amazon.com/Great-Chain-Numbers-Contracts-Management-ebook/dp/B00IRUBMXO/
19:50:11tromp__:btw, i did some silly calculation of how much dram is needed in cuckoo to match bitcoin's current hashrate
19:50:45tromp__:taking 1 sha256 as equivalent to about 8 siphash24
19:51:26tromp__:i concluded you need about a 250000 times the 2013 global DRAM supply:)
19:52:16amiller:ha.
19:52:44amiller:i'm still really curious how you'd formalize the memory hardness.
19:52:56amiller:i'm familiar now with basically only one proof strategy, called "peblling" for this sort of thing
19:52:59amiller:pebbling*
19:53:13tromp__:it's based on each siphash24 leading to a memory-bank activate, which takes about 50ns
19:54:07tromp__:well; i implemented what i believe to be a pretty good time-memory trade-off
19:54:10amiller:pebbling is where you assume you either "store" an intermediate result or "recompute it", you represent all the steps of computation as nodes in a dag, and you place either a "compute" pebble or a "store" pebble on each one
19:54:18tromp__:it's tomato_miner.h in my repository
19:54:42tromp__:the latest version of my white paper summarizes its tradeoffs
19:55:21tromp__:amiller: that is appropriate for a class of PoWs that fill memory with random hash output
19:55:31tromp__:not so appropriate for cuckoo
19:55:38amiller:right
19:55:53amiller:that's why i have no other idea how to even proceed with a proof!
19:56:21zooko`:There's a thing that's bothering me about cuckoo, which is that it uses siphash.
19:56:23nsh_:anyone going to crypto14 santa barbera?
19:56:29tromp__:pls read about tomato_miner.h and see if you agree that may be the best possible approach for saving memory
19:56:32zooko`:If we need some kind of strong PRF-style property from that, then it should use blake2.
19:56:55zooko`:If we don't need any strength at all, just a non-crypto PRNG, then we should use, I dunno, whatever the efficient non-crypto PRNG is nowadays.
19:57:04tromp__:murmur3?
19:57:06zooko`:but, I'm busy playing minecraft with my sons now, so biab. :-)
19:57:09zooko`:Yeah, something like that.
19:57:51tromp__:trying murmu3 is certainly a worthwhile experiment
19:57:57tromp__:which i should try
19:58:35tromp__:i'm more likely to go from siphash to murmur3 than to blake:(
19:58:45amiller:tromp_, i definitely agree it "may" be the best possible approach for saving memory but i don't trust my intuition the slightest bit yet for this which is why i'm trying to figure out how a proof would go
19:59:10amiller:especially since i don't want to prematurely rule out a seemingly reasonable class of machines, like parallel/local ram
19:59:11tromp__:i don't see how a proof could possibly go
19:59:28tromp__:there's a near limitless range of possible graph algorithms
19:59:42tromp__:resource llower bounds are in general extremely hard
19:59:45amiller:i can't even figure out how to state the theorem
19:59:49amiller:without having a clear model to use
20:00:01amiller:maybe it's obvious that i should use a default model like PRAM but i really don't think that address ASICs
20:01:18tromp__:that's why i gave up on proofs and went straight to bounties:)
20:01:56moa:sounds like modern economics
20:37:38gmaxwell:proshares did several rounds of bounties and then had their cruddy novel pow totally blown up on the network.
20:40:36tromp__:that very pow is still used in Protoshares though?!
20:40:54nsh_:the efficacy of bounties as a means of obtaining bounties is thankfully independent of their efficacy as a means of ensuring security
21:00:00zooko```:zooko``` is now known as zooko
23:01:52wfbarks:Bitcoin is for sure antifragile
23:05:30gmaxwell:You mean precisely the opposite of that?
23:18:09LarsLarsen:LarsLarsen has left #bitcoin-wizards