00:30:25yorick_:yorick_ is now known as yorick
00:32:27Guest58032:Guest58032 is now known as s1w
00:53:46davispuh:davispuh is now known as [
00:54:16[:[ is now known as Guest13585
00:56:30Guest13585:Guest13585 is now known as davispuh
01:47:28zooko`:zooko` is now known as zooko
02:36:02afdudley0:afdudley0 is now known as afdudley
02:41:47zooko`:zooko` is now known as zooko
07:54:37wallet421:wallet421 is now known as wallet42
07:58:17blackwraith:blackwraith is now known as priidu
08:05:15kornbluth.freenode.net:topic is: This channel is not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
08:05:15kornbluth.freenode.net:Users on #bitcoin-wizards: andy-logbot cbeams c0rw1n grandmaster hashtag_ damethos priidu Mably hktud0 dgenr8 nivah RoboTedd_ iugfhvybu dEBRUYNE xapp b_lumenkraft Cory Firescar96 jhogan42 Crowley2k phaeni cornusammonis p15x NewLiberty zooko` TheSeven unlord_ adam3us p15 Alanius nessence Dr-G2 brand0 Tjopper1 Pan0ram1x ryanxcharles moa d1ggy_ poggy ajweiss nuke1989 Zouppen Krellan stonecoldpat phedny so LeMiner aakselrod|2 Guest4827 warren s1w lechuga__ devrando1
08:05:15kornbluth.freenode.net:Users on #bitcoin-wizards: EasyAt_ yorick afdudley fenn_ mm_0 Taek lnovy melvster cluckj jtimon sparetire PRab justanotheruser [d__d] dc17523be3 arubi cdecker gielbier jmaurice leakypat Tiraspol Starduster Emcy sipa SDCDev platinuum koshii MoALTz luny jgarzik isis PaulCapestany smooth sneak SubCreative Madars shesek sadoshi hulkhogan42o tromp_ throughnothing_ amiller harrigan_ sparetire_ rustyn gmaxwell ak maaku waxwing Xzibit17 adams_ forrestv Transisto richardus
08:05:15kornbluth.freenode.net:Users on #bitcoin-wizards: adlai Fistful_of_coins airbreather go1111111 prodatalab kanzure spinza maraoz morcos sdaftuar andytoshi helo Iriez copumpkin bedeho Guest96151 face Kwelstr nsh GAit cfields_ wumpus mappum btc___ jbenet NeatBasisW dasource btcdrak CodeShark dardasaba ebfull mkarrer_ tjader luigi1111w binaryatrocity bliljerk101 jonasschnelli merlincorey [ace] eric a5m0 nephyrin null_radix crescendo Sqt mikolalysenko sturles GreenIsMyPepper harrow vonzipper
08:05:15kornbluth.freenode.net:Users on #bitcoin-wizards: berndj manan19 comboy realcr jaromil catlasshrugged_ Apocalyptic cryptowest_ runeks__ Graet Eliel veox indolering Keefe petertodd jcorgan larraboj ryan-c jessepollak gribble tromp mr_burdell gnusha d9b4bef9 starsoccer weex SwedFTP Hunger- lmacken Luke-Jr yrashk artifexd kumavis otoburb huseby midnightmagic BlueMatt TD-Linux mariorz hguux___ wizkid057 Anduck kyuupichan Logicwax phantomcircuit luigi1111 nanotube yoleaux gavinandresen dignork
08:05:15kornbluth.freenode.net:Users on #bitcoin-wizards: AdrianG livegnik optimator fluffypony Meeh cursive dansmith_btc heath roasbeef_ espes__ pigeons warptangent STRML michagogo null sl01 catcow Muis coryfields_ kinlo gwillen nickler epscy Oizopower CryptOprah davout @ChanServ azariah MRL-Relay BrainOverfl0w
08:10:52fluffypony:awwww they stopped questions just before I got to ask mine, and then the Chainalysis dude bailed right after his speech
08:11:15fluffypony:he spoke about how Bitcoin is Sybil resistant (lol)
08:22:01justanotheruser:bitcoin is sybil resistant?
08:22:09justanotheruser:or maybe I don't know the context
08:26:48fluffypony:justanotheruser: he was doing an introduction to Bitcoin
08:27:42fluffypony:the funniest thing was how he spoke about some of Satoshi's design decisions, eg. "fees were only thought to be added late in 2007" or some such
08:28:16fluffypony:and he kept slipping back to saying "we", like "we didn't want to open it up to Sybil attacks"
08:28:42fluffypony:like when him and Satoshi were sitting around the table in the kitchen, trying to decide on a cool name for their product
08:29:51Eliel:fluffypony: what were you going to ask?
08:30:55fluffypony:Eliel: during the Q&A he kept talking about how Chainalysis is helping regulators, and regulators/businesses must just "come talk to them", which made me REALLY want to ask him if they plan on continuing to Sybil attack the network by running nodes that don't relay transactions and aggressively reconnect when banned
09:02:04mm_:is this related to iacr by anyway?
09:07:41maaku:pigeons: and that repository is not offline....
09:18:11fluffypony:mm_: which bit?
09:19:20mm_:I need research fund in this field
09:19:34mm_:what should I do
09:20:26fluffypony:which field?
09:27:08nsh:* nsh blinks
09:28:23fluffypony:"Eventually, I believe Dash will position itself as a direct competitor to Bitcoin. In the meantime, Bitcoin enjoys a monopoly more or less on the space, which is unhealthy. For example, if the only crypto-currency in use is Bitcoin and it has an issue, the entire crypto-economy would be affected, burning the vast majority of it’s users. However, if there are 5 or 10 crypto-currencies in common use, it will reduce the systemic
09:28:23fluffypony:risk on the sector as a whole and make it safer for everyone."
09:28:55fluffypony:I think we need to apply that logic to TCP/IP and HTTP
09:29:08fluffypony:* fluffypony invents DashTCP
09:35:51wumpus:the lure of fragmentation :)
09:36:22fluffypony:wumpus: but imagine! Every ISP could have 5 or 10 different edge routers to support the different protocols
09:36:49fluffypony:consumer routers would only support 1 protocol, and would rely on the ISP to translate it into that 1 protocol
09:36:57fluffypony:what a great world they imagine!
09:37:15wumpus:anyhow, the systemic risk argument only makes sense for completely difernt systems, not derivations like darkcoin. And we already have another system: the old fashioned banks.
09:42:15wumpus: bitcoin is sybil resistant? <- it has a level of sybil resistance. Essentially as everyone does their own verification, the system only requires one honest node. But it is not entirely invulnerable, e.g. extreme sybil attacks can be used to isolate nodes
09:45:14sipa:it also gives you a means to measure whether you're seeing the same as everyone else (by measuring the hashrate)
09:45:52fluffypony:which is a far superior consensus system to "receive this from as many peers as possible, and then hope that the majority of them are honest"
09:46:04wumpus:e.g. systems based on voting and majorities are much more sensitive to sybil attacks
09:46:06wumpus:right fluffypony
09:46:08fluffypony:which is how, I think, a lot of "developers" imagine consensus
09:46:36wumpus:sipa: good point
13:01:17fenn_:fenn_ is now known as fenn
13:22:56stonecoldpat:Hi - to anyone who had interest in the paper I posted a few days ago about AKE. The technique described is sound and works fine (to best of our knowledge of course). However, Greg did point out an edge case - sighash_single has an implementation bug that allows someone to sign the message '1' in a transaction and this would allow an adversary to produce a signature that would enable
13:22:56stonecoldpat:relay attacks. Thankfully, This implementation bug is detectable (since your signing the number '1' and not the transaction inputs/outputs/script!). Ive already thanked him for pointing this out to me and i'll be updating the paper to include that bug (and as a safety-measure for the future - to be explicit about what needs to be signed for the technique to work).
13:28:49adlai:stonecoldpat: relay/replay?
13:31:30sipa:was about to say the same
13:38:38stonecoldpat:It would have been a relay attack (or at least thats what I would call it). In the sense that Alice has (r_{a},s_{a}), Bob has (r_{b}, s_{b}) and Mallory using the implementation bug could produce (r_{a},s_{m}) and (r_{b},s_{m}) - then he could initiate a conversation with Alice and Bob - sending messages back and forth. He cannot read the messages, but any messages he receives from
13:38:38stonecoldpat:Bob he can pass to Alice, and vice versa.
13:38:51aakselrod|2:aakselrod|2 is now known as aakselrod
13:39:08adlai:* adlai would call that a Mallory-in-the-Middle
13:39:16stonecoldpat:Without the implementation bug that should not be possible
13:39:22stonecoldpat:haha mallory in the middle then :)
13:40:18stonecoldpat:with the bug, he can produce any (r,s) and he knows he will sign the message "1" - so can just use the key recovery technique to get a public key that will match up with it
14:55:50c0rw1n:c0rw1n is now known as c0rw|away
15:05:02NewLiberty:NewLiberty is now known as NewLiberty_afk-1
15:15:48NewLiberty_afk-1:NewLiberty_afk-1 is now known as NewLiberty
16:04:10andytoshi:gmaxwell: see the `Use` section of the README on https://github.com/apoelstra/halfsleep :} it's usable now at least for trivial projects
16:40:16devrando1:devrando1 is now known as devrandom
16:55:39mm_0:mm_0 is now known as mm_1
17:07:28mm_1:mm_1 is now known as mm_0
17:08:51mm_0:mm_0 is now known as mm_1
17:12:21mm_1:mm_1 is now known as mm_0
18:15:18adlai:this is COOL, to the point of shouting... although maybe the readme should say that it's a test-testing methodology :P
18:30:53andytoshi:hehe, thx :) yeah, the README should generally be much longer and have some more motivation; i need to work on functionality more before i do that tho (like, it doesn't work on member functions, only global ones; and it should be combining the unit tests for mutated functionality since i only need /one/ to fail because of the mutation, not all of them)
18:34:04andytoshi:..and it should allow users to register new mutators, etc, though i'm not sure how cleanly i can make that possible
18:57:10zooko`:zooko` is now known as zooko
20:10:00zooko`:zooko` is now known as zooko
20:44:52Taek:oh jk that's not in golang anyway
22:00:43c0rw|away:c0rw|away is now known as c0rw1n