08:05:14cameron.freenode.net:topic is: This channel is not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
08:05:14cameron.freenode.net:Users on #bitcoin-wizards: andy-logbot AaronvanW gielbier Mably n0n0_ adam3us hktud0 antanst p15x gill3s spinza mjerr darwin_ shen_noe BitName priidu rht__ Tebbo p15_ wallet42 sadoshi [7] jgarzik frankenmint Dr-G andytoshi Giszmo ebfull www badmofo d1ggy_ hulkhogan_ MoALTz_ jmcn_ justanotherusr sparetire_ tucenaber maaku jcorgan _whitelogger c0rw|zZz sparetire Tiraspol goregrind Starduster bosma OneFixt sundance heath robogoat bsm117532 helo CodeShark copumpkin
08:05:14cameron.freenode.net:Users on #bitcoin-wizards: devrandom dc17523be3 rustyn K1773R melvster mkarrer ttttemp Relos cryptowest_ PRab @gmaxwell gwillen jrayhawk dgenr8 waxwing lclc koshii Logicwax STRML kyuupichan catlasshrugged akstunt600 kanzure midnightmagic @Luke-Jr Iriez hashtag LeMiner fenn MrTratta bliljerk101 gnusha bedeho wizkid057 SubCreative akrmn mariorz mikolalysenko Meeh Krellan ajweiss Cory so cornusammonis s1w elastoma poggy PaulCapestany lnovy HM jouke dansmith_btc hayek tromp
08:05:14cameron.freenode.net:Users on #bitcoin-wizards: catcow btcdrak Xzibit17 prosodyContext vonzipper adams__ michagogo dasource yrashk CryptoGoon mappum CryptOprah artifexd Muis runeks kumavis platinuum jbenet phantomcircuit Madars yorick mm_1 tromp_ sneak amiller fluffypony livegnik mountaingoat a5m0 Apocalyptic triazo wiz wumpus EasyAt Alanius iddo forrestv theymos Taek AlexStraunoff luny null_radix smooth lmatteis narwh4l thrasher` otoburb Keefe weex pigeons sturles nephyrin [d__d] rasengan
08:05:14cameron.freenode.net:Users on #bitcoin-wizards: berndj harrow qawap mengine superobserver stonecoldpat davout jessepollak huseby espes GreenIsMyPepper veox yoleaux comboy stevenroose kinlo gavinandresen nickler cdecker ggreer isis harrigan scoria brand0 larraboj nsh jonasschnelli leakypat epscy lmacken cfields coryfields azariah warptangent TD-Linux crescend1 Zouppen binaryatrocity BananaLotus optimator Eliel mr_burdell throughnothing_ Fistful_of_Coins Jaamg xabbix dignork petertodd
08:05:14cameron.freenode.net:Users on #bitcoin-wizards: richardus afdudley SwedFTP guruvan nanotube warren sdaftuar eric roasbeef morcos merlincorey [ace] jaromil Graet indolering ryan-c gribble d9b4bef9 starsoccer BlueMatt Anduck AdrianG BrainOverfl0w @ChanServ
08:25:44antanst:antanst has left #bitcoin-wizards
10:13:37bosma:bosma is now known as FakOlly
10:17:55FakOlly:FakOlly is now known as TEAMJON
11:57:59c0rw|zZz:c0rw|zZz is now known as c0rw1n
13:34:02kanzure:someone suggests designing a hash function that uses a local lookup table to make the hash constrained by memory-bandwidth. he claims that this prevents asics (which i doubt.. why can't i make high-memory-bandwidth asics?) (plus i'm not convinced that's desirable).
13:35:30narwh4l:kanzure: has he not heard of the hash functions that rely on memory bandwidth?
13:35:38narwh4l:kanzure: prevent asics? lol
13:36:36kanzure:well, i certainly haven't looked at memory-bandwidth-constrained hash functions yet
13:37:03gmaxwell:kanzure: see descussions of the bcrypt like sboxes in yescrypt... but the argument is kinda weak.
15:10:07StephenM347:Does BIP62 cover addition of OP_NOPs into the scriptSig?
15:10:55StephenM347:I suppose this counts as a 'non-push operation'
15:28:47wumpus:StephenM347: yes
15:34:31wumpus:only direct pushes, OP_PUSHDATAn, OP_n are considered push opcodes, see CScript::IsPushOnly
15:38:48StephenM347:wumpus: Just double checking, thanks
16:41:13lnsybrd_:lnsybrd_ is now known as lnsybrd
17:17:32MoALTz_:MoALTz_ is now known as MoALTz
17:35:13jae:jae is now known as Guest32593
17:51:20zooko`:zooko` is now known as zooko
18:35:36jae:jae is now known as Guest88601
19:09:28kanzure:petertodd: can you show me "recursive snarks" stuff if any exists?
19:11:03amiller:kanzure, do you want papers?
19:11:11amiller:http://eprint.iacr.org/2012/095 Recursive Composition and Bootstrapping for SNARKs and Proof-Carrying Data
19:11:34amiller:this one lays out the basic theory for it but not necessarily practical
19:11:59amiller:https://eprint.iacr.org/2014/976 Geppetto: Versatile Verifiable Computation
19:12:24amiller:this does *one layer* of snark composition... it has an inner snark and an outer snark... its practical and efficient but no code is released yet (the author is nice and will probably release it soon)
19:12:57amiller:https://eprint.iacr.org/2014/595 Scalable Zero Knowledge via Cycles of Elliptic Curves
19:14:41kanzure:i will always take papers
19:15:02amiller:this one finds parameters for arbitrary recursive composition.... it's about finding two related elliptic curves, such that you can run the snark algorithm for B in the exponent of curve A, and vice versa.... the concrete performance is a lot worse than geppetto but you can do as many layers as yo uawnt
19:16:22amiller:i have heard that there is recursive composition as per the 2014/595 paper already implemented in libsnark, but I can't see it. maybe it's not released yet.
19:16:56kanzure:unrelated, but have you looked at sequential abbreviated signatures before?
19:18:30kanzure:oh strange; for some reason i was not aware that libsnark has active development.
19:19:14kanzure:(just fetched their latest commits)
19:23:31amiller:yeah, libsnark is definitely under active development
19:24:05Luke-Jr:* Luke-Jr wonders how long until there's a sandbox that can just execute snarks <.<
19:24:25amiller:Luke-Jr, ive been working on that actually
19:30:47jae:jae is now known as Guest18856
20:08:14TEAMVARYSTYRION:TEAMVARYSTYRION is now known as bosnia
20:50:51jae:jae is now known as Guest75477
21:26:16theymos:weex, maaku: BitcoinJ only connects to nodes returned by the DNS seeds, so if you ensure that all of the DNS seeds return trustworthy peers on the right side of the fork, this'll protect most SPV wallets.
21:28:05jae:jae is now known as Guest33440
21:29:53phantomcircuit:theymos, that's hilariously the same security model as a bunch of the PoS things
21:30:05phantomcircuit:"if the first node you hear about is trustworthy then you're securE!"
21:30:22phantomcircuit:i assume you're not seriously proposing that as a valid security model :)
21:34:05theymos:phantomcircuit: It's not good, but that's what BitcoinJ actually does now. So it's an option until that's fixed.
21:34:35theymos:Fixing it is more difficult than it looks at first because SPV clients have less ability to detect bad peers.
21:35:28phantomcircuit:theymos, i've actually been arguing recently that there basically shouldn't be any SPV nodes as they exist today
21:35:55theymos:What do you propose as an alternative?
21:36:45phantomcircuit:theymos, start with a pure spv node and then upgrade the security of the installation overtime
21:37:01phantomcircuit:first spv checks
21:37:27phantomcircuit:then sanity check all blocks
21:37:48phantomcircuit:saving only the hash of the last blocks you checked
21:38:16phantomcircuit:congrats you've now managed to significantly improve security without storing much of anything
21:38:46phantomcircuit:the key is to note that running most of the sanity checks like maximum blocksize are independent of each other
21:40:30theymos:That's a good idea. Probably miners should commit to that sort of "sanity" stuff by including it in their coinbase transaction or something. Then lightweight clients don't have to download as much data.
21:42:49alferzz:alferzz is now known as alferz
22:03:04bosnia:bosnia is now known as MAKOHYPE
22:20:04jae:jae is now known as Guest7319
22:20:41c0rw1n:c0rw1n is now known as c0rw|zZz
23:16:39ghtdak:ghtdak has left #bitcoin-wizards