sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
pinheadmz has quit [Quit: pinheadmz]
spinza has quit [Quit: Coyote finally caught up with me...]
forrestv has joined #bitcoin-wizards
<nsh>
our three secret weapons are timestamping, proof-of-publication, networks with reasonable gossip diffusion time
<sipa>
with some vaguely defined economic incentives sprinkled over it all
<nsh>
our four secret weapons are timestamping, proof-of-publication, networks with reasonable gossip diffusion time, economic incentives to follow a PoW lottery resulting in a consensuable chain-tip resulting an an external economically-incentivised shared state of future timestamped provable publication
<nsh>
our five secret weapons are....
<nsh>
nah but that mainly covers it
<nsh>
*in an
spinza has joined #bitcoin-wizards
pinheadmz has joined #bitcoin-wizards
Belkaar has quit [Read error: Connection reset by peer]
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
TheoStorm has quit [Quit: Leaving]
khs9ne has quit [Ping timeout: 246 seconds]
khs9ne has joined #bitcoin-wizards
Krellan has quit [Remote host closed the connection]
ccdle12 has joined #bitcoin-wizards
ccdle12 has quit [Read error: Connection reset by peer]
ccdle12 has joined #bitcoin-wizards
_whitelogger has joined #bitcoin-wizards
ccdle12 has quit [Read error: Connection reset by peer]
ccdle12 has joined #bitcoin-wizards
_Sam-- has quit [Ping timeout: 250 seconds]
Krellan has joined #bitcoin-wizards
Krellan has quit [Ping timeout: 246 seconds]
Krellan has joined #bitcoin-wizards
bildramer has joined #bitcoin-wizards
bildramer1 has quit [Ping timeout: 258 seconds]
Krellan has quit [Ping timeout: 250 seconds]
CubicEarth has joined #bitcoin-wizards
ccdle12 has quit [Remote host closed the connection]
rusty has quit [Quit: Leaving.]
droark has quit [Read error: Connection reset by peer]
tromp has quit [Remote host closed the connection]
tromp has joined #bitcoin-wizards
ghost43 has quit [Ping timeout: 256 seconds]
ghost43 has joined #bitcoin-wizards
Krellan has joined #bitcoin-wizards
setpill has joined #bitcoin-wizards
Krellan has quit [Ping timeout: 250 seconds]
guido_ has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
dionyziz has joined #bitcoin-wizards
<dionyziz>
Why does HMACing the public key K give a public key K' which corresponds to a private key k' which is the HMAC of the private key k for (k, K) from secp256k1? Specifically, why do non-hardened keys obey the relation N(CKDpriv((kpar, cpar), i)) = CKDpub(N(kpar, cpar), i) as documented in BIP0032?
spinza has quit [Quit: Coyote finally caught up with me...]
spinza has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
<waxwing>
dionyziz, child private key is a tweak of parent private key using half of the HMAC output, interpreted as a 256 bit int; for non-hardened that HMAC is only dependent on public information.
<waxwing>
so if you have like x_child = I_L + x_par then clearly it carries over that pubkey_child = I_L G + pubkey_parent
Aaronvan_ is now known as AaronvanW
elichai2 has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 246 seconds]
spinza has quit [Quit: Coyote finally caught up with me...]
<musalbas>
yes i think it's possible to reduce the point of the chain to ordering messages and publication (but i'd say it's actually "message completeness" - knowing that you have the complete set of messages that need to be ordered)
Chris_Stewart_5 has joined #bitcoin-wizards
<musalbas>
the consensus set that orders messages doesn't need to verify the validity of the messages, you can do all that client-side if you wanted to in theory. e.g. you can all double-spending on chain but have a client-side rule that says double-spends don't impact the state
<musalbas>
it's questionable how useful that would be, but I think if you figure out a correct incentive structure to prevent spam, it could be interesting. i'm experimenting with that here: https://github.com/musalbas/lazyledger-prototype
<musalbas>
(particularly, if you use 2D erasure code + sampling-based data availability and reduce block validity to data availability, you can have 'full nodes' that need to download less than O(block_size) data to fully validate blocks)
<nsh>
some validation is always required, even if it's just a checking a hash commitment :)
spinza has joined #bitcoin-wizards
<musalbas>
" e.g. you can all double-spending on chain" -> that should say " e.g. you can allow double-spending on chain"
<musalbas>
nsh: well if the only block validity rule is that all the data in that block is available because all data is allowed including double spending, you just need to check that the messages are available
<musalbas>
(all the data in that block is available = proof-of-publication)
<nsh>
there's no concept of even single spending unless keys are validated :)
<nsh>
or authorisation by some other proxy
<nsh>
so i don't know. sounds like usenet but i should try and figure out what you mean a bit more precisely
<musalbas>
I have paper draft that I can send you, it might make more sense
<nsh>
what is the test of validity for a message?
<nsh>
kk
<musalbas>
kind of hard to explain tbh because it needs a fundemental detachment of what people even mean by a full node and a client :)
<nsh>
sounds good :)
<musalbas>
sent it to your gmail
<nsh>
ty
khs9ne has quit [Ping timeout: 246 seconds]
<musalbas>
the key idea is that the blockchain can have multiple "applications" (e.g. smart contracts) that can be in parallel with each other
<musalbas>
and you're only using the blockchain as a verifiable log to order messages... kind of like Trillian or certificate transparency
<musalbas>
then clients of that verifiable log can download the messages that are specifically related to their applications, and execute them according to their own internal state machine for that application
<musalbas>
the people that are publishing the new block headers for the log do not have to actually care about what messages are being included in the log... their job is just to add stuff to the log
* nsh
nods - still seems you need to some a reduced byzantine problem to consensuate the ordering, which would require PoW afaict
<nsh>
to *solve
<nsh>
(or trusted nodes)
<nsh>
(or e.g. Paxos etc.
<nsh>
)
<musalbas>
yeah you can use whatever sybil-resistance mechanism / consenus protocol you like, including PoW + longest chain rule
<nsh>
ok
<waxwing>
the log has to be expensive to update (in a identity-less system, so doesn't apply to e.g. google CT). i guess 'you have to be identified' counts as expensive, but in a kind of broken way.
<waxwing>
PKI is kinda broken, but not broken enough that we don't use it because we have nothing less broken for that use-case. i guess.
* nsh
nods
<musalbas>
bitcoin is a log that is expensive to update :)
<musalbas>
i'm always been very critical of CT
<musalbas>
they should've pegged treeheads onto something like Bitcoin
<musalbas>
instead, you have a situation where chrome's inclusion policy requires all certs to be logged in at least google's log server
<musalbas>
so google can retroactively censor any website from using SSL in chromium
<musalbas>
because you can't allow any arbitrary log servers because it wouldn't be sybil resistant
<nsh>
shame cjd isn't here atm
<nsh>
a lot of these problems are encountered when making DHT-based overlay networks
<waxwing>
musalbas, maybe they can contact garzik, i heard he has some ideas about this ;)
shesek has quit [Ping timeout: 245 seconds]
Chris_Stewart_5 has quit [Ping timeout: 244 seconds]
* nsh
smiles
guido__ has joined #bitcoin-wizards
guido_ has quit [Read error: Connection reset by peer]
<dionyziz>
waxwing: thanks, I get it now
<instagibbs>
"client side validation" has been around since mastercoin or maybe earlier :)
schmidty has quit []
schmidty has joined #bitcoin-wizards
schmidty has joined #bitcoin-wizards
schmidty has quit [Changing host]
Krellan has joined #bitcoin-wizards
Krellan has quit [Ping timeout: 250 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
Tralfaz has joined #bitcoin-wizards
tombusby has quit [Remote host closed the connection]
tombusby has joined #bitcoin-wizards
Livestradamus has quit [Quit: Livestradamus]
Livestradamus has joined #bitcoin-wizards
morcos has quit [Remote host closed the connection]
morcos has joined #bitcoin-wizards
guido__ has quit [Quit: Leaving]
d_t has quit [Ping timeout: 245 seconds]
setpill has quit [Quit: o/]
Chris_Stewart_5 has quit [Ping timeout: 244 seconds]
elichai2 has quit [Quit: Connection closed for inactivity]
Chris_Stewart_5 has joined #bitcoin-wizards
shesek has joined #bitcoin-wizards
shesek has quit [Changing host]
shesek has joined #bitcoin-wizards
rjected has joined #bitcoin-wizards
rjected has quit [Client Quit]
DeanGuss has quit [Remote host closed the connection]
grzs has quit [Read error: Connection reset by peer]
DeanGuss has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Read error: Connection reset by peer]
sipa has quit [Ping timeout: 256 seconds]
sipa has joined #bitcoin-wizards
Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]
nanotube has quit [Ping timeout: 260 seconds]
bitcoin-wizards2 has joined #bitcoin-wizards
bitcoin-wizards0 has joined #bitcoin-wizards
bitcoin-wizards2 has quit [Ping timeout: 256 seconds]
bitcoin-wizards0 has quit [Ping timeout: 256 seconds]
DeanGuss has quit [Ping timeout: 256 seconds]
sipa has quit [Ping timeout: 256 seconds]
sipa has joined #bitcoin-wizards
stoner19 has joined #bitcoin-wizards
CubicEarth has quit [Ping timeout: 244 seconds]
tromp has quit [Remote host closed the connection]
rusty has joined #bitcoin-wizards
CubicEarth has joined #bitcoin-wizards
spinza has quit [Quit: Coyote finally caught up with me...]