00:00:33zooko:I love this channel.
00:00:50gmaxwell:We do, but where there were fewer alternate monies, so if you have seperate gold and put rougly equal monetary premiums on it it still works out.
00:01:22gmaxwell:smooth: in any case, I'm not trying to strongly argue that it can't work; only that its really not clear to me that it can/should/would.
00:05:54Eliel:This negating other faction's coins thing has a reasonably close analog. We call it trade sanctions. Only, with cryptocurrencies, it requires quite a bit more power to actually do that.
00:06:30moa:quantum entangled (superluminal) comms. for instellar peace and prosperity?
00:07:38smooth:double spend = decoherence?
00:12:52moa:http://www.isciencetimes.com/articles/6986/20140324/scientists-demonstrate-three-way-quantum-communication-light-speed.htm ~10,000xC in a 3-way comms, they claim
01:26:04moa:ha http://phys.org/news/2014-06-theorists-globally-networked-entangled-atomic.html#nRlv entangled networked time-stamp server?
01:37:27gmaxwell:moa: article says nothing but buzzwords.
01:38:05moa:yeah popular mechanics for fizzists :)
02:04:00frankenmint:does anyone here keep a blog of their personal developments on bitcoin software? I'm really looking for a blog from someone who wrote bitcoin mining software - I'm curious to know how they went about doing it - creating something to work in tandem with software that had since not existed before that. I know of artforz but I don't know if he had a blog or if there was a good bitcointalk thread where he went into detail o
02:15:22rusty:OK, does anyone understand the lightning network paper? I just tried to parse it again, and failed.
02:16:11Luke-Jr:I've not heard anyone say they understand it in its entirety so far AFAIK
02:18:45rusty:Luke-Jr: Whoever wrote it was brilliant. I'm just not sure if they're actually a brilliant troll...
02:20:09gmaxwell:rusty: He's not trolling (though I think he does have at least a little trolling streak!). Communicating complex ideas is hard.
02:20:43kanzure:to make communication easier, let's use greek symbols to make our math illegible
02:21:48rusty:gmaxwell: It feels like a random description of select parts of each component, and you need to understand each component to understand the whole.
02:23:42moa:it's a stetch but i'm glad to see someone having a crack at working out the details ... or finding the holes
03:20:20c0rw1n:c0rw1n is now known as c0rw|sleep
04:59:53frankenmint:frankenmint has left #bitcoin-wizards
05:40:21MegaDork:MegaDork has left #bitcoin-wizards
07:37:53fluffypony:rusty: I think there are bits that are "in his head" and not on paper, but that will be expressed in the code
07:44:18rusty:fluffypony: possibly, but how annoying!
07:45:29rusty:I mean, why not just write "I have a truly marvelous demonstration of this proposition which this margin is too narrow to contain."
07:46:07gmaxwell:Nah, I don't think so. It's just difficult work to express things clearly.
07:48:26fluffypony:rusty: it's actually markedly better than the CryptoNote whitepaper, which has an entire section explaining why they created a new PoW algorithm, and then another section with a couple of bullet points on it, but then you're just supposed to extrapolate the actual algorithm from there
07:54:26rusty:fluffypony: the difference is that I *care* about the contents of this one right now!
07:54:37smooth:fluffypony: and then you could look at the code except that it was obfuscated!
08:05:19rajaniemi.freenode.net:topic is: This channel is not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
08:05:19rajaniemi.freenode.net:Users on #bitcoin-wizards: andy-logbot cbeams zooko helo wiz lechuga_ a5m0_ catlasshrugged_ jaekwon wallet42 koshii_ hktud0 Dwaddle b_lumenkraft p15 [7] luigi11111 isis p15x PaulCapestany waxwing Dr-G2 sadoshi d1ggy dc17523be3 rusty tromp DougieBot5000 bosma nanotube Tiraspol spinza zwischenzug2 x98gvyn cluckj dgenr8 moa irc88 nubbins` Pan0ram1x coiner yoleaux OneFixt LeMiner Starduster realcr arubi_ alferz PRab thrasher` Burrito gmaxwell andytoshi hashtag_ berndj
08:05:19rajaniemi.freenode.net:Users on #bitcoin-wizards: grandmaster gavinandresen adam3us dignork shesek AdrianG antgreen aakselrod maraoz_ JonTitor s1w livegnik optimator fluffypony Meeh cursive dansmith_btc morcos guruvan BananaLotus maaku bedeho heath roasbeef_ eordano_ devrandom amiller_ Fistful_of_Coins dardasaba jonasschnelli comboy_ tromp_ HM Visheate_ crescendo jgarzik_ SubCreative stonecoldpat nuke_ DoctorBTC Emcy afdudley satwo_ EasyAt binaryatrocity GAit kyuupichan ahmed_
08:05:19rajaniemi.freenode.net:Users on #bitcoin-wizards: betarigs_admin amincd espes__ pigeons otoburb eric jessepollak luigiafk sneak airbreather Adlai sipa warptangent c0rw|sleep lmacken face gribble ryan-c mkarrer_ melvster phedny so nuke1989 rustyn adams_ Transisto bliljerk101 Luke-Jr STRML nsh Logicwax harrow` huseby GreenIsMyPepper forrestv luny Xzibit17 hguux__ michagogo yrashk mariorz deepcore ajweiss pollux-bts null sl01 kefkius SwedFTP larraboj midnightmagic lnovy Iriez Apocalyptic
08:05:19rajaniemi.freenode.net:Users on #bitcoin-wizards: jcorgan [d__d] NikolaiToryzin petertodd kanzure catcow Muis cfields Zouppen coryfields_ cryptowest_ kinlo wizkid057 wumpus phantomcircuit BlueMatt jaromil @gwillen dasource fenn nickler Alanius sdaftuar Hunger- runeks null_radix epscy starsoccer Taek smooth artifexd kumavis Krellan platinuum Oizopower Keefe mappum jbenet gnusha warren Graet Eliel veox indolering K1773R TD-Linux leakypat CryptOprah Anduck d9b4bef9 mr_burdell NeatBasis davout
08:05:19rajaniemi.freenode.net:Users on #bitcoin-wizards: brand0 @ChanServ throughnothing btc___ BrainOverfl0w MRL-Relay azariah
10:16:06rusty:Shit, I think I'm starting to understand it. Amazing what an hour of quiet, a glass of red, and copious notes will do.
13:28:09adam3us:so do or do not PoS blocks commit to the transactions in them? if yes there is ample grinding opportunity in creating and/or permuting transactions. if no whats going on? winning stakeholder selected deterministically and signs any block they like?
13:37:08instagibbs:I think those are called "TaPoS" variants, which is pretty common now.
13:39:18adam3us:Ta=? vitalik claims NxT's PoS has limited grindable entropy source, and the only way i can see that could be the case is if the winner is unrelated to the transactions in the blocks.
13:39:41gmaxwell:it also helps if you don't understand cryptography.
13:40:54instagibbs:Transaction as*
13:42:33fluffypony:lol gmaxwell
13:44:45nubbins`:any of you wizards familar with BuildRoot?
13:58:29adam3us:kind of seems like in that case life is fully deterministic, however clearly dependent on accounts or ownership stake etc. so if you once win you would then have precomputed for your stakes to win all future stakes ever (compute as far ahead as you can terminating on a block you win) and repeat
13:59:06adam3us:(precompute which coin fractions to spend to yourself permuted in the blocks you sign such that those ownerships win in a sequence)
14:10:31adam3us:or more simply, it still devolves to slow verify PoW. hmm some kind of repeating pattern there indicative of a fundamental issue? add complexity and indirection and underlying story persists, just with more complexity?
14:11:34kanzure:"but people are running hte network without all that PoW mining"
14:11:49kanzure:(obviously the answer is "only because they are running inefficient clients")
14:51:13adam3us:so the neucoin paper talks about "long range" attacks, (where you precompute to gain advantage in the future) and their proposed defence was to make the determination of which coin ownership wins to depend on 100s of prior blocks.
14:53:09adam3us:i am thinking so its less obvious which coins to permute to win in the future. however i dont really think it changes the picture that a rational miner would optimise to win himself by grinding the permutations of paying himself to change stakes until he gets one that wins.
15:47:05dgenr8:tromp: referencing the bitcoin chain would be an actual defeat (not just moral) since the "wasteful" pow still has to exist, and how will it, if everybody is using POScoin?
16:06:43c0rw|sleep:c0rw|sleep is now known as c0rw1n
17:04:31satwo_:satwo_ is now known as satwo
17:13:23adam3us:hmm more Nxt stuff "When an account is accessed by a secret passphrase for the very first time, it is not secured by a public key. When the first outgoing transaction from an account is made, the 256-bit public key derived from the passphrase is stored on the blockchain, and this secures the account.
17:13:29adam3us:The address space for public keys (2256) is larger than the address space for account numbers (264), so there is no one-to-one mapping of passphrases to account numbers and collisions are possible.
17:13:32adam3us:These collisions are detected and prevented in the following way: once a specific passphrase is used to access an account, and that account is secured by a 256-bit public key, no other public-private key pair is permitted to access that account number."
17:13:52adam3us:so does that mean if i can make a 64-bit collision before a buyer gets of NxT spends it i can take it?
17:15:23adam3us:(seems like the effects of reducing bitcoins address from 160-bits to 64…; and saying first pubkey to show up takes ownership of that address (for first use, and if reused))
17:19:25Taek:they do warn you if you try sending money to an account that hasn't registered yet
17:19:35Taek:but I think you are correct
17:26:11amiller_:"long range attacks" are the new "nothing at stake".
17:26:44amiller_:every "punishing" scheme is basically directed at fixing that
17:27:17amiller_:so we need a different catch phrase for the problem that the punishing schemes keep facing
17:33:29andytoshi:amiller_: "clocktime is not blocktime" i think works, it implies there is not a distinction between "long-range" and "short-range" to offline or new participants
17:34:10amiller_:where does nlocktime fit into this
17:35:35afdudley:the bitcoin network tracks real time?
17:36:01afdudley:huh... there is no way to game that?
17:36:55adam3us:andytoshi: well there is that. i guess PoS fails period with that. hence vitalik's ask a friend (weak subjectivity) the ongoing cost of which is people will be forever scamming new entrants
17:37:45adam3us:afdudley: we are on a PoS attack binge right now, so this is alt-coin consensus security critiquing
17:37:57afdudley:why not just limit the duration of the PoS network.
17:38:07andytoshi:afdudley: tho the answer is (very weakly) yes and yes, for difficulty change calculations
17:38:27afdudley:I noticed. I am strongly in favor of byzantine fault tolerant consensus systems that are not based on PoW.
17:38:45andytoshi:but those are not distributed..
17:39:06afdudley:well, that is the issue. I think most of the PoS papers are completely missing the point.
17:39:24andytoshi:afdudley: have you read https://download.wpsoftware.net/bitcoin/pos.pdf ? it is the context of this discussion?
17:39:27adam3us:afdudley: non-PoW distributed consensus could be interesting/useful if anyone could make it work. so its sort of instructive (slightly) to break the latest PoS variants
17:39:53afdudley:andytoshi: I did read it, I thought it was missing the point.
17:39:59afdudley:I really like tendrmint.
17:40:16adam3us:afdudley: i dont know how tendermint PoS or whatever works.
17:40:30afdudley:I also think "100% PoS" is an insanely bad idea.
17:40:32andytoshi:tendermint has a different trust model than bitcoin, it requires trust when coming online initially and after any long off-time
17:40:51afdudley:andytoshi: yeah, i think that's answer.
17:41:08kanzure:adam3us: what did you think about the scheme (also proposed by gmaxwell) regarding a specific hashable name of bitcoin rules that might also include the original block. so that newcomers into the network would be better able to confirm that they are on the right blockchain and consensus history and rules etc.
17:41:52adam3us:afdudley: if 100% PoS is a bad idea, does that imply you and tendermint admit you need PoW, and then in which case why not stick to the simpler and stronger 100% PoW?
17:42:22afdudley:I think tendermint with PoW backed stake is the answer.
17:42:38afdudley:adam3us: CAP requirements, is the short answer.
17:42:58kanzure:i think that if people want to use obscure consensus with PoS where the controlling nodes are not obvious, they should work on a more obfuscated scheme that is focused on obfuscation, rather than focusing on staking or whatever
17:43:03afdudley:I want to be have proof of publication for actions that happen faster than block confirmation times.
17:43:20instagibbs:Again we're back to "phone a friend" which is same as Ethereum, etc. Either you get to use PoW to find the true chain, or you don't. The gradients in between just make stake grinding harder, closer to PoW
17:43:32fluffypony:kanzure: they can call it Proof of Obfuscation
17:43:37fluffypony:* fluffypony chuckles
17:44:16kanzure:all these "long-range" "attacks" are really just "you poorly understood the centralization you were imposing on the network, so you should just be more specific about the centralization that you want to employ"
17:44:27adam3us:afdudley: what does CAP stand for "CAP requirements"
17:44:47afdudley:adam3us: http://en.wikipedia.org/wiki/CAP_theorem
17:45:12afdudley:fluffypony: do you have a link to paper that uses that term? Ideally a paper more than 10 years old...
17:45:33adam3us:afdudley: maybe you're proposing modifying tendermint but the paper abstract says "We propose a solution to the blockchain consensus problem that does not require mining by adapting an existing solution to the Byzantine Generals Problem." ie no PoW?
17:45:42fluffypony:afdudley: I was making a joke based on the acronym
17:45:53afdudley:fluffypony: ah. funny.
17:46:09nsh:* nsh wonders which existing solution to ByzGenProb, possibly enough to read the paper
17:46:23adam3us:afdudley: and if you use conventional BGP algos they assume registered identities, and so are vulnerable to sybil attack, which is the problem bitcoin uses PoW to avoid
17:46:25afdudley:adam3us: yeah, I disagree there, but I think there are a lot of main insights from that paper that other people have missed. The DLS paper in particular.
17:47:09nsh:oh, DLS...
17:47:11afdudley:adam3us: it's a question of scope, who to trust when and for how long?
17:47:15fluffypony:first time I've read about CAP, thanks for the reference afdudley
17:47:34nsh:partial synchrony is one of the things PoW provides...
17:47:44afdudley:fluffypony: n/p it's super important but the community talks around it a lot. the way btc handles the P is really confusing.
17:47:47nsh:i will bet one or more hats this is a non-starter, but i have a lot of hats
17:48:18justanotheruser:Regarding phone-a-friend consensus: The problem is that a bad actor can trivially create a blockchain in PoS, feed it to you, and trick you into thinking that is the blockchain everyone else is using. In PoW, the genesis block can be forged so you aren't on the blockchain everyone else is using. In PoW, you can at least determine that there is a higher-work valid blockchain, while in PoS all other blockchains including ...
17:48:24justanotheruser:... "higher-stake" blockchains don't matter.
17:48:30kanzure:afdudley: if you are okay with trust models then there are many extremely efficient solutions
17:49:10afdudley:afdudley: hmm. again it's a question of scope. I trust some entities for some things and not others...
17:49:21afdudley:sometimes i want to pay for PoW, sometimes I don't.
17:49:32fluffypony:afdudley: speaking to yourself is the first sign of madness...:)
17:49:37adam3us:afdudley: bank accounting & fiat?
17:49:44afdudley:lol... oops.
17:49:55afdudley:that was for kanzure
17:50:14afdudley:adam3us: I am more interested in general computation problems. banking is pretty boring, no?
17:50:24nsh:depends whose money you're banking
17:50:43adam3us:kanzure: i may have forgotten or understood it under a different name/description re gmaxwell & others hash/name of blockchain history
17:50:45justanotheruser:afdudley: are you jack, jaekwon or neither
17:50:54kanzure:justanotheruser: be nice
17:51:00adam3us:kanzure: remind what's it about?
17:51:05afdudley:justanotheruser: none of them.
17:51:17justanotheruser:kanzure: what?
17:51:25kanzure:adam3us: outsiders getting introduced to bitcoin have problems orienting; sometimes they just end up picking an altcoin with an alternate history because they have no idea how to check.
17:51:28justanotheruser:aren't they the others working on his currency?
17:51:37afdudley:I am interested in provably fair gaming[sic] but have been interested in it since before the term was coined.
17:51:42kanzure:adam3us: so various solutions related to that, where you can independently take a hash of the rules and then verify you are talking to the correct network or something
17:53:08afdudley:since before bitcoin actually...
17:53:14kanzure:anyway, it's not directly related to the problem of convincing stakers that staking is problematic
17:53:53afdudley:justanotheruser: I am not particularly interested in currencies.
17:54:33fluffypony:afdudley: isn't provably fair gaming as simple as publishing the system state with history for a period of time, as well as the small snippet of code used to determine game values based on system state + whatever (user hash, dice roll) ?
17:54:36justanotheruser:my mistake, I thought you implied you were working on tendermint
17:54:43fluffypony:or am I oversimplifying it in my head
17:55:05afdudley:fluffypony: that's the gist of it.
17:58:32afdudley:fluffypony: there are a lot of implementation details :D
17:59:41afdudley:is there a link to this phone-a-friend consensus?
18:00:01kanzure:.g vitalik buterin weak subjectivity
18:01:10Taek:that returns the first google result for the term?
18:03:30afdudley:kanzure: sigh, BFT pre-dates PoS...
18:04:09kanzure:byzantine fault tolerance? what about it?
18:04:48kanzure:i don't think i claimed that fault tolerance has not been studied, in fact here are some papers i have been eyebrowing http://diyhpl.us/~bryan/papers2/incentives/
18:04:48afdudley:vitalik says neo-BFT is just PoS. but I find that reduction confusing, to say the least.
18:05:20kanzure:ah i see. yeah, the linked content is not that great, i was just answering someone's question regarding phone-a-friend
18:05:27kanzure:*not great at all
18:06:21fluffypony:afdudley: he says a lot of confusing things that don't make sense...
18:06:44gielbier:afdudley, writing an article about provable fair atm.
18:07:21afdudley:gielbier: Well, I filed a patent on it before the bitcoin paper was published, so i have a lot of opinions on it :D
18:08:51gielbier:provable fair wasn't bitcoin thb, i think bitlotto.com was the first implementation. Bitzino coined it, because they were using generated clientseed instead of the txid as client seed.
18:09:54afdudley:right, my point is I was thinking of it before blockchains were a thing.
18:18:09afdudley:fluffypony: I think ethereum has a lot of strengths.
18:18:39fluffypony:afdudley: http://archive.org/stream/EtherealVerses/Ethereal_Verses
18:19:35adam3us:afdudley: ethereum's design skips around a lot over time. i think you could more classify it as a bucket of the current ideas people are exploring or have published papers on.
18:21:16afdudley:adam3us: I think that is the major strength :D
18:21:23afdudley:that and the tons of code :D
18:21:53adam3us:afdudley: hmm not so much. you need robustness and simplicity f(as much as one can which is not super simple) or consensus security.
18:22:45afdudley:adam3us: have you been running ethereum?
18:22:56adam3us:afdudley: nope.
18:23:42afdudley:adam3us: It has problems, I don't think theoretical security is one of them.
18:24:23fluffypony:afdudley: I'm of the opinion that layering complexity doesn't solve underlying flaws
18:24:41afdudley:fluffypony: orthogonal to what i am talking about, but i completely agree.
18:25:08afdudley:I don't think ethereum adds complexity. it has a much larger scope than bitcoin.
18:25:25fluffypony:well with Ethereum (and again this is just a personal opinion) I've noticed that they deal with problems by layering complexity
18:25:30adam3us:afdudley: "dont think ethereum adds complexity" LOL :)
18:25:57adam3us:afdudley: name a recent cryptocurrency related idea that ethereum doesnt include or didnt try and then abandon
18:26:10fluffypony:adam3us: ring signatures :-P
18:26:19afdudley:adam3us: can you link me to something with the same features that is less complex?
18:26:59adam3us:afdudley: ghost protocol: check; pos: check; asic resistant PoW x5 (check); turing complete scripting: check; cached optimized abstract vm stuff: check
18:27:20adam3us:afdudley: bitcoin?
18:27:50afdudley:adam3us: i don't disagree with that list enough to argue about it. :D
18:28:08afdudley:adam3us: bitcoin has a ghost protocol?
18:28:10adam3us:afdudley: i mean seriously: if someone wanted to be constructive, how about helping move bitcoin forward. its not like there isnt a wishlist
18:28:41adam3us:afdudley: no but ghost protocol is a dubious tradeoff. i thought of it before they published and rejected as complex and not worth it
18:28:47afdudley:adam3us: because I have no stake in bitcoin and it doesn't have the technical features I need to build what I want.
18:29:11adam3us:afdudley: so work to make bitcoin extensible… thats constructive thing to do IMO
18:29:57afdudley:adam3us: As far as I can tell, that's not good for the network and against the wishes of a significant stake of the core devs.
18:30:12afdudley:otherwise, they would have added a ghost protocol to btc themselves :D
18:30:13Taek:It's possible that you want to make tradeoffs which are different from the tradeoffs that Bitcoin has chosen
18:30:28afdudley:Taek: yes, exactly.
18:30:52gielbier:if I can add a thing to the list. endianness
18:34:17kanzure:do you believe the core devs just have totally arbitrary wishes
18:34:28adam3us:afdudley: its somewhat possible to make different choices simultaneously.. sidechains/integrated sidechains. thats what i meant about extensibility
18:34:42kanzure:or do you think they have possibly put some thought into their opinions, and understand how broken things would be if they just change endianness
18:35:11adam3us:afdudley: the main thing is that opting into using a feature should not affect other peoples security, however i think that is achievable.
18:35:44MRL-Relay:[tacotime] did i stumble into another conversation about a newcomer fixing bitcoin?
18:35:46adam3us:people looked at ghost protocol and weren't as convinced as the authors about its value
18:36:27adam3us:tacotime/MRL-Relay (hmm anyway to have tacotime without MRL-relay?) nah we're having a PoS breaking binge
18:36:39MRL-Relay:[tacotime] the GHOST protocol makes the academic fault of making tons of assumptions about network behaviour that are unrealistic and thus the whole thing ends up sorta not related to usefulness
18:36:43Taek:tacotime: we're more quarrelling about the value of working on an altcoin
18:37:09MRL-Relay:[tacotime] adam3us: tell freenode to enable tor connections.
18:37:13MRL-Relay:[tacotime] Taek: ah.
18:38:11afdudley:kanzure: no, i think the core devs are fine, i wasn't being critical of their choices, just that they weren't mine.
18:38:24afdudley:different use cases.
18:38:25MRL-Relay:[tacotime] adam3us: oh, there is an onion now. maybe i'll come back to freenode.
18:39:22kanzure:afdudley: so to be clear, you would want to make breaking/hardfork change smore hastily? i am simply trying to understand your motivations here.
18:40:22afdudley:kanzure: my motivation is having cryptographically secure games. ethereum (warts and all) gets me closer to that end than bitcoin does. they are extremely different projects...
18:40:46kanzure:perhaps you can do that without cryptocurrency too
18:40:58afdudley:i don't consider ethereum a cryptocurrency.
18:41:04afdudley:which is my point.
18:41:07adam3us:afdudley: you dont need a blockchain for secure games. a server can do it (without having to trust the server)
18:41:09MRL-Relay:[tacotime] afdudely: ehm. i'm not sure ethereum makes that much better; the contracts are known to be notoriously insecure.
18:41:41afdudley:adam3us: agreed, that's what my patent is about. but i couldn't find anyone that would fund that. which i admit is mostly my fault... has nothing to do with btc.
18:41:59kanzure:then why would you claim you want to make changes that the core devs don't
18:42:02kanzure:seems totally unrelated to me
18:42:05MRL-Relay:[tacotime] afdudely: you could always just make your game operate on the bitcoin blockchain with as an overlay network e.g. counterparty.
18:42:25afdudley:it's just really interesting to me that there are so many arguments against really bad PoS systems, and no real discussion about actually viable modes, which are dramatically different from BTC.
18:42:32MRL-Relay:[tacotime] bitcoin works great as a consensus timestamping system for chunks of data, even if luke-jr will yell at you for doing it.
18:42:55afdudley:Tacotime: i hate when people yell at me :D I rather they support me :D
18:43:09Luke-Jr:tacotime: eh, I don't yell about that. just a little at doing it inefficiently.
18:43:10adam3us:afdudley: there has been a lot of discussion over time, however none of them have stood the test of time.
18:43:16afdudley:kanzure: I want fast confirmation times.
18:43:23kanzure:sounds like you don't even want a blockchain
18:43:29adam3us:afdudley: in fact most last about 5mins and result in chortles about how confused the proposer was.
18:43:32kanzure:i am really lost in this conversation at this point
18:43:41MRL-Relay:[tacotime] afdudely: it's because PoS suffers from a fundamental flaw that is not yet completely elucidated mathematically but i would argue will be soon.
18:44:42afdudley:adam3us: I think nearly all of the PoS papers have the model horribly wrong. they should be looking at existing consensus systems as the basis, not bitcoin.
18:45:03Taek:afdudley: have you seen tendermint?
18:45:06afdudley:bitcoin is really impressive, but it's also very... monolithic. we can't just drop in PoS in place of PoW.
18:45:06MRL-Relay:[tacotime] afdudely: i mean think about the economics of it. in a system where scarcity is based not upon your hash rate but upon your number of coins, at best you can achieve a system that is always 100% forkable by the person or entity with a lot of coins.
18:45:11afdudley:Taek: yeah, I am a fan.
18:45:15adam3us:afdudley: well its not like stellar & ripple lasted well either.
18:45:46kanzure:er, the lack of non-blockchain consensus systems is not entirely because of an absence of theory, it's because nobody has any incentive or interest in them
18:45:49afdudley:tacotime: I don't think 100% PoS makes a lot of sense in a byzantine environment.
18:45:58afdudley:rather I think it's a horrible idea :D
18:46:07adam3us:afdudley: maybe we can break it for you, in a bit; but we're breaking NxT and Neucoin at the moment
18:46:09afdudley:kanzure: +1
18:46:29kanzure:afdudley: you are extremely confusing. how can you reconcile your insistence on changing bitcoin with your apparent agreement with me >:(
18:46:38afdudley:adam3us: as far as I can tell ripple is fine. but I am sure you follow more closely than I do.
18:46:41MRL-Relay:[tacotime] afdudely: um. why not just checkpoint your own non-pow blockchain with a single private key, in that case?
18:46:51MRL-Relay:[tacotime] afdudely: see: freimarkets
18:46:56afdudley:kanzure: I have no interest in changing bitcoin, sorry if i was confusing about that.
18:47:15kanzure:but you have a blockchain
18:47:22afdudley:tacotime: that's an option on the table.
18:47:47adam3us:afdudley: not really. but stellar was a fork of ripple. it accidentally broke. that ripple did not was because it was locked down trustlines and thereby centralised enough not to accidentally break
18:47:57afdudley:kanzure: blockchains are good for somethings, not for everything.
18:48:08MRL-Relay:[tacotime] then you get to be your own timestamping and data server, and it works fine as long as no one else has your private key.
18:48:23dEBRUYNE_:dEBRUYNE_ is now known as dEBRUYNE
18:48:43afdudley:tacotime: without getting into the details of my systems, yeah, that sounds right.
18:49:35MRL-Relay:[tacotime] with distributed systems security often often seems proportional to simplicity in their operation.
18:49:46afdudley:tacotime: +1
18:50:11afdudley:as an operator, I strongly agree :D
18:50:44MRL-Relay:[tacotime] http://diyhpl.us/wiki/transcripts/mit-bitcoin-expo-2015/andrew-miller/
18:51:15afdudley:yeah, i have met Dr. Shi.
18:51:17MRL-Relay:[tacotime] that's a good argument against using ethereum for anything game related. students couldn't even design extremely simple games that worked the way they should in ethereum scripting.
18:51:28afdudley:and amiller_ is in the channel :D
18:51:55afdudley:tacotime: that's okay. :D I have some help :D
18:53:13adam3us:kanzure: so backing up a bit i think one thing that helps bitcoin users vs PoS users get on the right chain is a loose understanding of what the current difficulty is in bits. people could know that and it cant be forged or lied about (or is easy to disprove and distinguish which is the better source from multiple sources) via longest chain rules.
18:54:08adam3us:afdudley: also up a bit, I think P partitioning is helped because bitcoin could/should broadcast enough shares (smaller PoWs just below target) to indicate network hashrate, so then you'll notice by hashrate drop off if you are partitioned.
18:54:54amiller_:MRL-Relay, tacotime, that's not really fair.... the students didn't design anything else "securely" either in java or whatever too, and the biggest challenge of the class was the lack of clear documentation... here's a github repo and some blogposts from vitalik to get you started, go!
18:55:13afdudley:adam3us: again, as an operator, that is really depressing to hear.
18:55:15adam3us:kanzure: so there is something objective about which is the right chain.
18:55:50afdudley:adam3us: my solution is to bond with all the other members of a network and don't trust entties you aren't bonded with.
18:56:03hearn:amiller_: very interesting study that confirmed my intuitions about ethereum
18:56:04adam3us:afdudley: in the absence of synchronous networking its good to get an unforgeable indication of partitioning
18:56:08MRL-Relay:[tacotime] amiller: that's true... but this is money we're handling. and people can't even write bitcoin p2pkh scripts correctly, let alone smart contracts. the moment someone loses a chunk of money due to a contract bug in ethereum is the moment they stop using ethereum.
18:56:09afdudley:I am writing a proposal up now, but it's very ethereum specific.
18:57:11amiller_:hearn, okay well i'm sure we were very persuasive, but i want to make it clear that the intended message is "you should be very excited and fund lots of future work in better ethereum tools" rather than "pfft ethereum is unusable"
18:57:54amiller_:e.g., it's still easier than bitcoin script
18:57:58afdudley:it is.
18:58:08afdudley:significantly, but i didn't want to bring it up :D
18:58:09adam3us:amiller_: i think people should work on bitcoin extensions.
18:58:27afdudley:adam3us: if you have stake in btc, that makes a lot of sense.
18:58:32afdudley:i don't have any.
18:58:34amiller_:adam3us, sure thats a fair point of view, but definitely for independent reasons of this!
18:58:40hearn:amiller_: well, is it though? i remember reading the paper on doing multi party lotteries in bitcoin
18:58:41kanzure:stake is not a good reason -_-
18:58:44kanzure:there are other possible reasons
18:58:53adam3us:one way to look at (complexity risk) it is bitcoin scripts are crypto signature variants. not everyone is qualified to modify signature schemes
18:59:07hearn:amiller_: the scripts were complicated and i recall vitalik using that as an argument as to why ethereum is better. but the contracts were complex because the paper considered all the different edge cases and things that could go wrong.
18:59:11amiller_:hearn, yeah that's some researchers who literally won best paper award for doing that, not undergrad students doing a surprise final project :)
18:59:21MRL-Relay:[tacotime] adam3us: and ethereum turns that into python scripting. :)
18:59:32adam3us:afdudley: when i started in bitcion i also had no stake. i thought about hey people seem tknow who i am, i could start an alt coin… for 5 seconds .. then i though wait no thats evil and destructive. i have ethical problems with it.
19:00:02hearn:amiller_: and all this is ignoring the elephant in the room - actually shipping production apps that use contracts is 95% fairly boring UI work. and that's gonna be the same in bitcoin and ethereum
19:00:04hearn:or similar, at least
19:00:09afdudley:I don't think of ethereum as an alt-coin. I think of it as a stopgap until FHE platforms are available.
19:00:11adam3us:afdudley: its nothing to do with stake. its to do with technology scam-copy to the detriment of the field.
19:00:17hearn:so we'll have to see if the gap between them is as big as the hype suggests, when all that stuff is taken into account
19:00:46amiller_:hearn, that's admittedly true too.... im kind of biased towards the fun/cute parts but yeah that's improtant
19:01:07hearn:i have a vague plan to evolve Lighthouse into a general smart contracts wallet platform over the next 12 months
19:01:19hearn:with a kind of app store where you can install sandboxed apps that use bitcoin in interesting ways
19:01:21adam3us:afdudley: if you're stake oriented - bitcoin is pretty low priced at present as far as that goes.
19:01:21afdudley:hearn: those are good points.
19:01:38MRL-Relay:[tacotime] the other thing is that you can port the ethereum scripting onto bitcoin's network topology, as illustrated by counterparty's implementation.
19:02:05hearn:basically, to try and handle the 80% general padding stuff that surrounds a usable product like shipping on multiple platforms, having reliable P2P connectivity, etc. and then app devs can just focus on the core contract and a bit of UI stuff, but the rest is handled for them.
19:02:31adam3us:afdudley: snarks (which we do have, though rather crypto-new) are the analog of execute to verify. not FHE which is further out in practical efficiency
19:02:37hearn:if we get to the point where the next lowest hanging fruit is a compiler for Script, then i'll be a happy man
19:02:57kanzure:i think there are many motivations behind bitcoin developers other than stake
19:04:58afdudley:kanzure: agreed, I'm not in here trying to talk shit. I am just saying starting from zero, ethereum looked and still looks like a better dev platform for me.
19:05:35adam3us:kanzure: yep. i think the societal potential of smart-contracts is inter-related with bitcoin, probably inseparably due to network-effect, and the destructive outcome of the alternative (scam-clone over takes original leads to game theory collapse to digital tulip mania IMO, loses credibility as store of value).
19:06:17adam3us:afdudley: wait until its live and the "oops we changed our mind" translates into a issuance reset.
19:06:30afdudley:adam3us: that makes sense, i just don't see it as an either-or, and again, ethereum isn't really a coin in the sense of other alt-coins.
19:06:32nsh:stored value is overrated
19:06:41afdudley:adam3us: there are plans for that.
19:06:42nsh:there are worse things imaginable than a collapse of confidence in bitcoin :)
19:07:01adam3us:afdudley: yeah i saw somewhere - i think they plan like 4 or 5 hard-fork flag days. hard to even comment on that.
19:07:02nsh:only the dialectic matters
19:07:12nsh:ultimately. everything else is vanity
19:07:35afdudley:adam3us: I think it's good for people not to think of Ether as gold or even BTC.
19:07:38adam3us:nsh: collapse of bitcoin if that takes out cryptocurrency with it; thats a sad day indeed.
19:08:02adam3us:afdudley: should they think of it as crypto fuel or gas :D
19:08:15afdudley:adam3us: yep :D
19:08:43adam3us:afdudley: i dont know what that means. seems like marketing speak.
19:08:58nsh:adam3us, rome has been sacked more than once :)
19:09:12kanzure:nsh: i don't know what point you are trying to make
19:09:13nsh:the conceptual utility is not contingent on economic valuation
19:09:27afdudley:adam3us: ...maybe they just wanted people to understand that Ether is not a currency or a commodity...
19:09:28nsh:kanzure, that maths does not require widespread faith
19:09:39kanzure:nsh: the topic is "whether developers should be developing on bitcoin", and your argument is something about stored value not existing?
19:09:41nsh:and can be elaborated in its absence, modulo economic constraints on time and attention
19:09:59nsh:i was not contributing to any prior discussion. sorry
19:10:34nsh:just musing on the practicality of pursuing ideas without 'utility'
19:10:35afdudley:nsh: lol, it's cool since I agree :D
19:10:41adam3us:afdudley: not selling it for $15m might've helped.
19:10:53afdudley:adam3us: well... that was the issue :D
19:11:51hearn:amiller_: btw a full list of the student projects would be cool.
19:12:14nsh:(obviously on a less philosophical level, i believe developers should act to preserve the trust and confidence in bitcoin as a store of value, and any collapse in this confidence would be -- in the short term, at least -- a set-back in possible advancement of economics and thereby human civilization)
19:12:16hearn:amiller_: i.e. what logic they actually tried to implement, in detail. it'd be interesting to look at how easy it'd be to implement with bitcoin, or bitcoin+a network of oracles.
19:12:36nsh:(it's just that on a philosophical level, i'm not 100% convinced that human civilization is going anywhere these days)
19:13:06kanzure:nsh: what?? that makes even less sense. human civilization is not a crystal, and we're not at heat death yet.
19:13:28nsh:i'm not sure i follow
19:13:30kanzure:so can't not go anywhere
19:13:50nsh:oh, that's shorthand for "maybe we suck"
19:14:06nsh:or longhand, i guess
19:14:21nsh:but this is out of scope. sorry for interjecting
19:16:55afdudley:adam3us: I would be really interested in your thoughts on tendermint when you get around to it. It has issues, but it's the only PoS system i've seen that make sense. I don't think weak subjectivity matters. Trust is simply bound by time.
19:17:31nsh:and time is really difficult to measure in a distributed system, without proof of work...
19:17:41afdudley:that's fair.
19:18:19afdudley:nsh: what about vector clocks?
19:18:53nsh:good question. don't know
19:18:54Taek:afdudley: afaik tendermint doesn't have a good solution to signers that sell stake and then go back and create alternate histories
19:19:03adam3us:afdudley: like i said above i think the problem with weak subjectivity is there is no objectively correct answer other than who's yelling loudest about which is the one true chain with PoS
19:19:15kanzure:.wik vector clock
19:19:15yoleaux:"Vector clocks is an algorithm for generating a partial ordering of events in a distributed system and detecting causality violations. Just as in Lamport timestamps, interprocess messages contain the state of the sending process's logical clock." — http://en.wikipedia.org/wiki/Vector_clock
19:19:27kanzure:oh right
19:19:27adam3us:afdudley: so you'll have a continuous stream of scams where new users lose their money to it.
19:19:54afdudley:Taek: Agreed.
19:20:13afdudley:adam3us: Agreed.
19:20:53nsh:(this is apropos http://web.stanford.edu/class/cs240/readings/lamport.pdf )
19:21:18afdudley:nsh: yes, it's a famous paper.
19:22:17afdudley:from the guy who wrote paxos.
19:22:22adam3us:nsh: i suspect lamport clocks could be caused to go backwards for the purposes of attacking consensus. its more about honest players detecting accidental causality violations in optimistic parallel discrete event simtulation
19:22:30nsh:* nsh nods
19:22:53nsh:with bitcoin blocks we allow a lottery to concrete a partial and relative ordering into a canonical ordering. i suspect the strength of this is in some way dependent on the independence of the lottery from other factors. the least dependent lottery is pure PoW
19:23:05nsh:but this is very abstract thinking and probably i know nothing
19:24:51afdudley:it's still not clear to me where the 'voting' happens in btc.
19:25:38afdudley:so I have a difficult time comparing it to other consensus systems.
19:25:40Taek:afdudley: uhh, a 'block' is a vote. Simply having enough POW means you get to vote on which chain to extend
19:26:04afdudley:Taek: then what are confirmations?
19:26:14sipa:afdudley: votes on top of a transaction
19:26:34afdudley:i read the block a proposed history and the confirmations as votes in support of that history.
19:26:47adam3us:afdudley: seriously? you seemed to know a fair bit about ethereum, ghost protocol etc. are we into semantics?
19:26:57nsh:(you can think of the mining of a valid block as a the selection of a fiat-objective plane of simultaneity [actually a ~10m thick slice] from any of the possible subjective ones, thereby defining a new orthogonal axis of time and incentivizing the alignment of other players therealong)
19:27:17afdudley:adam3us: it is mostly semantic, yes. but it eventually matters.
19:27:42sipa:afdudley: yes, a block chain is a proposed history; its cummulative proof of work is the number of 'votes'
19:27:47afdudley:nsh: that sounds way more complex than a 'vote'
19:28:02sipa:nsh: lol
19:28:13sipa:you should go into marketing
19:28:16adam3us:afdudley: on the semantics side another way to look at it is the dmms. a kind of multi-party signature where after 6 signers participate you consider it signature
19:28:17nsh:* nsh smiles
19:28:22afdudley:sipa: thanks.
19:28:49afdudley:I used to work in advertising, that had way too many big words in it :D
19:28:55nsh:i think sipa was feint-praising my waffles, but feel free to take it
19:29:15sipa:well, if we're talking details: it is not the number of blocks, but their expected amount of work that counts
19:29:18sipa:as vote
19:29:35afdudley:and that's what i mean by confusing :D
19:30:38afdudley:to caculate the actual proof behind a given transaction in btc, is way more complex than "a tally of votes".
19:31:04sipa:the number of blocks is an incredibly good approximation
19:31:08sipa:for small numbers
19:31:21sipa:for the consensus logic, the accurate count is used
19:31:34nsh:(statistically accurate)
19:31:42adam3us:sipa: maybe could look at the highest work chain as a tie-breaker because generally we know the target, so overshooting is statistical accident not really more expected work.
19:31:44sipa:but for transactions, where you only need it for risk analysis, just the number of confirmation is fine
19:32:00sipa:adam3us: ?
19:32:09sipa:parse error
19:32:31nsh:no need to break any tie if there's a simple measurable
19:32:47nsh:and the total [expected] work is simply and measurable
19:32:50sipa:adam3us: ah; i think you misunderstand
19:32:55sipa:adam3us: bitcoin does that
19:33:11afdudley:I think the confusion between what sipa was talking about and what stake/votes really are is why all the PoS papers are bad...
19:33:25adam3us:sipa: well you were saying about the most expected work. actually that only makes a difference long range where someone makes eg a long fake low difficulty chain. so then i retract that i think
19:33:33sipa:the 'work' of a block is defined as 2^256 / (target + 1)
19:33:42sipa:and the total work in a chain is compared
19:34:23adam3us:sipa: yes. (I was thinking of the higher number of 0-bit collisions found with lower and lower probability used as part of compact spv proofs)
19:35:02nsh:i wonder what would be different if the work took into account the size of the mempool for a block, or the number of signature and hash verifications. probably not much except spurious complexity
19:35:15adam3us:sipa: in hashcash version 0, you'd get credit for the extra work, in hashcash version 1, the target was included in the hash and the test was the difficulty must be met, but the work was the hashed difficulty
19:35:34smooth:adam3us: i dont agree with the claimed game theory collapse of cryptocurrency. the argument is only valid if the scam-clone is actually identical to the original
19:35:44sipa:adam3us: yes, the _target_ is used, not the actual hash value
19:35:59sipa:adam3us: otherwise you introduce very high variance, with very low probability
19:36:10sipa:like hashcash v1
19:36:11adam3us:sipa: yes. temporary confusion, relating to longest hash-chain wins. thats consistent with hash = target.
19:36:44adam3us:smooth: but there's always a shinier new idea. why would it not happen again.
19:37:00smooth:adam3us: consider the hypthetical where ltc replaced btc. we might hyethesize that 2.5 minute block times are optimal and ltc can't be replaced
19:37:58nsh:s/hypothetical/counterfactual/ :)
19:38:02adam3us:smooth: yes but thats not the optimal parameter, or bitcoins is good enough. the difference is marginal and if it actually mattered bitcoin could probably soft-fork it.
19:38:11smooth:nsh: agree
19:38:39smooth:adam3us: that is not a sounds argument, just an opinion, and by the time bitcoin decided it was important, it would have lost
19:38:48adam3us:smooth: anyway with all due disrespect to the litecoiners, if ltc overtook bitcoin, i think thats the end game probably.
19:39:25adam3us:smooth: warren expresses that as co-opetition. litecoin provides feature competition to chase bitcoin innovation along, like amd chasing intel or something.
19:39:41smooth:adam3us: again, opinion, and I think ltc is stupid personally, but i think my argument is more logically sound
19:40:41smooth:adam3us: anyway, im just pointing out that the game theory collapse argument as typically stated is incomplete
19:41:00adam3us:smooth: i think bitcoin is evolving within the constraints and social contract. if ltc overtook btc, it would have exactly the same constraints and not be able to evolve faster without trading off security/fork risk the same as bitcoin. its advantage if any is low market cap.
19:41:31nsh:* nsh nods
19:41:45smooth:adam3us: i dont want to argue about ltc, that was just a vehicle for makign the points that A replacing B does not imply that B will be replaced if A /= B
19:41:52adam3us:smooth: i think you can agree its hardly confidence inspiring of crypto currency period if a clone-coin (or a kitchen-sink coin) overtakes bitcoin.
19:42:10smooth:adam3us: as an opinion sure
19:43:03adam3us:smooth: i am not sure you're going to get a math / formal logic proof out of it. economics and currency and social and psycjological phenomena.
19:43:45smooth:adam3us: okay but then making a game theory argument is kind of a political tool
19:44:32adam3us:smooth: i think we have some intuition of economic effects.
19:44:52smooth:adam3us: yes, roughly 10 billion of those
19:45:12adam3us:smooth: macroeconomic ones.
19:46:49smooth:adam3us: i was saying different 10 billion (perhaps slightly) different intuitions, anyway i dont really want to argue the conclusion, i just think the reasoning is weaker than often presented, and glosses over the subjective notion of what is an "important" difference (betw A and B)
19:47:30smooth:adam3us: id agree that if you believe the difference is small then the collapse is a reasonable conclusion
20:00:15afdudley:smooth: game theory is a political tool :D
20:04:17nsh:(once you say political, tool is implied ;)
20:04:50fluffypony:just read the Neucoin whitepaper...PoW is political! long live PoS!
20:05:20afdudley:PoS is just a funny name for voting, so I'm guessing that's at least as political :D
20:05:29fluffypony:* fluffypony forks Timekoin and creates a PoS version
20:12:42adam3us:afdudley: well i guess i dont see anything new in any of the coins that hasnt previously been explored in bitcoin and either added to a wishlist or rejected as a bad idea; and nothing i think that couldnt be added via some mechanism or other (soft-fork/sidechain etc). so then i think its exactly about the new currency. (the crypto fuel is the main point)
20:14:21ik_:ik_ has left #bitcoin-wizards
20:14:24afdudley:adam3us: I assume you're a developer?
20:14:32adam3us:fluffypony: so in your neucoin readings did it once mention how blocks are created specifically. (if they are TaPos .. ie signed by the winning block owners private key, vs commit to the transactions in the block)
20:14:51adam3us:afdudley: i have been known to write code at times :)
20:15:04afdudley:adam3us: adding it to the wishlist is not the same thing as active development.
20:15:37afdudley:I see the argumenets for staying on btc, i think they are sound, but btc is not an idea platform for experimentation in the style of ethereum.
20:15:53afdudley:I think counterparty is actually a good example of this.
20:16:04fluffypony:afdudley: there's no problem with experimentation if it is posited as such
20:16:26fluffypony:if you're pushing it as a "Bitcoin Killer" (tm) then you're going to have a Bad Time (tm)
20:16:36adam3us:afdudley: its not exactly positioned as experimentation when you collect $15m on the premise that its going to displace bitcoin.
20:16:41fluffypony:(not you personally, I mean in general)
20:16:46adam3us:fluffypony: precisely.
20:17:25afdudley:adam3us: because I wasn't in the btc space, i wasn't exposed to that argument. I think they could make the experimental nature of the project more clear.
20:17:49fluffypony:for eg. they could collect money for research grants
20:18:14afdudley:fluffypony: I think that has happened. :D
20:18:44fluffypony:they've just sold it as "profit"
20:19:10adam3us:afdudley: furthermore if in some alternate universe bitcoin was incrementally modifiable and composable for free innovation my suspicion is most of these people wouldnt be involved and a small few would be working on extending bitcoin. say use tcp as an analogy. its all about the profit motive.
20:19:36fluffypony:that's why Darkcoin / Dash has *any* following whatsoever
20:19:44fluffypony:it's clearly technically unsound and fundamentally flawed
20:19:54fluffypony:but it's driven by people who want to "ROI"
20:20:13fluffypony:the profit motive is a blessing and a curse...but mostly a curse
20:21:10adam3us:fluffypony: i guess someone would have to make a PoW miner (grinding stake) for the biggest 5 PoS coins to illustrate the point. i think they dont care maybe or cant see the arguments without running code maybe. or maybe the authors are already PoW mining as their disguised premine. (suspicions that happened before)
20:22:48afdudley:adam3us: that's an interesting argument. This would be the place to suggest that bitcoin move in that direction :D
20:22:50fluffypony:so I have a problem with this, adam3us - why should I personally spend time I *REALLY* don't have to prove that something is broken, when actually the onus is on them to prove it works?
20:23:06afdudley:fluffypony: you shouldn't be doing that.
20:23:12afdudley:why are you doing that?
20:23:14fluffypony:I'm not
20:23:26fluffypony:except that's what they posit
20:23:29adam3us:fluffypony: yep. thats the status quo. they claim its secure in the absence of a break. and people who could break dont have the motivation
20:23:48afdudley:ah, i see what you guys are talking about...
20:24:00afdudley:this is why I don't follow alt-coins at all...
20:24:12fluffypony:afdudley: for shits and giggles...https://bitcointalk.org/index.php?topic=1001642.0
20:24:28fluffypony:I quit that thread twice, second time for good
20:24:44fluffypony:firstly because they rely on "probabilities"
20:25:07fluffypony:but mostly because it doesn't matter what I say, they insist I "prove" it
20:25:32fluffypony:they're the anti-vaccers of the altcoin world, with every-PoS-coin-ever directly behind them
20:27:13afdudley:Yeah, the SNR on bitcoin talk is problematic for me.
20:27:49fluffypony:which is directly linked to the profit motive
20:28:19fluffypony:because most (most) FOSS projects don't have forums that become the very hive of scum and villany
20:29:21afdudley:fluffypony: ...bitcoin is an extremely case, but yeah.
20:29:41fluffypony:* fluffypony ends rant
20:37:09midnightmagic:fluffypony: It's is an extremely old argument/rhetoric tactic. "Prove it doesn't work." It's a shift of work under the guise of evidence-based argumentation. If you aren't willing to do the work, thinks the biased-but-convincing-itself-it-is-not mind, then you're full of it. Everyone uses it. Religions, scammers, altcoins. They all do. "Oh, you're just doing an appeal to authority," they insist when you show them the logic.
20:37:15midnightmagic:"Show me a working example." And if you do actually code an exploit, they attack you for years afterwards for "killing their experiment," or "hacking," or "acting in bad faith." "No fair, you're a bad man." And then they code something briefly up which avoids the attack through a technicality and when you refuse to write a whole new exploit, "Hah! I defeated him! The altcoin is secure, see? I'm a genius. Now give me all your
20:37:21midnightmagic:money because secretly I'm running an exploit I wrote myself."
20:37:50fluffypony:yeah that's the fundamental problem with it
20:38:01fluffypony:you spend weeks coding a proof-of-concpet
20:38:14fluffypony:and then they add a layer of obfuscation and call it a day
20:38:34fluffypony:without actually fixing the underlying problems
20:40:55smooth:midnightmagic: after they put a band aid on they claim to be even stronger, so by playing that game you just help their marketing
20:42:14fluffypony:Tested by FluffyPony (tm)
21:09:57adam3us:actually i wouldnt be surprised if there are people PoW mining these things - either the authors, or people who try to make money from mining new coins with self-optimised mining using GPU/FPGAs. apparently there are people doing that on the PoW variant side (x11/x13 etc)
21:11:08adam3us:problem is they dont talk about it, so it doesnt help the state of people claimed security while really actually weak.
21:23:02fluffypony:adam3us: if you had a way of surreptitiously attacking a cryptocurrency that had even $1000/month in volume would you talk about it?
21:23:37fluffypony:I meant that hypothetically, not for you specifically
22:30:36arubi_:arubi_ is now known as arubi