jgarzik has quit [Read error: Connection reset by peer]
jgarzik has joined #bitcoin-wizards
jgarzik has joined #bitcoin-wizards
Mably has joined #bitcoin-wizards
jgarzik has quit [Read error: Connection reset by peer]
jgarzik has joined #bitcoin-wizards
jgarzik has quit [Read error: Connection reset by peer]
jgarzik has joined #bitcoin-wizards
Mably has quit [Ping timeout: 272 seconds]
dEBRUYNE has quit [Ping timeout: 240 seconds]
d1ggy_ has joined #bitcoin-wizards
d1ggy has quit [Ping timeout: 244 seconds]
jhogan42 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
gielbier has quit [Ping timeout: 240 seconds]
gielbier has joined #bitcoin-wizards
user7779078 has joined #bitcoin-wizards
hulkhogan_ has quit [Quit: leaving]
hulkhogan has joined #bitcoin-wizards
hulkhogan has quit [Changing host]
hulkhogan has joined #bitcoin-wizards
hulkhogan has quit [Changing host]
hulkhogan has joined #bitcoin-wizards
hulkhogan is now known as Guest20729
Guest20729 is now known as hulkhogan_
<amiller>
my favorite research project these days is trying to figure out how to model bitcoin and smart contracts using the "universal composability" framework
<amiller>
there's a really pleasing kind of abstract structure of using this framework, that's basically independent of the actual details of the "cryptography"
user7779078 has quit [Remote host closed the connection]
<amiller>
by "details of the cryptography", i mean things like elliptic curves, rsa groups, lattices, all the algebra and construction of things from hard math problems
<amiller>
in a nutshell, this framework is about giving "specifications" for your cryptocurrency protocols in a simple and useful way
<amiller>
and by useful i really mean "composable"... essentially this says that the "specification" serves a dual purpose, it acts as a reference for understanding what the protocol is supposed to do, like it should be easy to look at the specification and figure out just what it assumed, just what information is available to attackers, etc.
<amiller>
the second purpose of the "specification" is to act like an api interface, it describes how you can use protocols (and crypto gadgets like signatures, encryptions) to build something else
Burrito has quit [Quit: Leaving]
<amiller>
here's the main Universal Composability framework paper by the way https://eprint.iacr.org/2000/067 if anyone's following along!
<amiller>
but it's kind of dense and inscrutable, a bit like trying to read the ethereum yellowpaper without sunglasses
<amiller>
one of the things i want to show is that F_Bitcoin can be realized from F_BulletinBoard... these are two specifications, i can actually just program them. F_BulletinBoard is basically a model of everything we like about the general data propagation and sequencing that bitcoin gives.. it's basically a model of proof-of-publication. F_Bitcoin is basically that, plus, a transaction graph
<amiller>
it should be really clear how to prove things about embedded consensus then too, and smart contract programming... anything built on top of a blockchain
<amiller>
ideally id be able to prove things about how to *realize* a blockchain from economic assumptions, or proof of stake, or anything else... i'm interested in that but not sure how to do it. But before that, the real inspiration for starting with this framework is that it should be good for using newfangled crypto primitives *easily* and *correctly*.
<amiller>
SNARKs, ring signatures, hashlock time delay things
<amiller>
multiparty computing
<amiller>
because at least in the crypto world, this security framework is considered the gold standard, so there are UC definitions proven for most/many of them.
<gmaxwell>
I'm not convinced that the UC framework is useful. It may just be that its too too inscrutable for me.
<gmaxwell>
E.g. do the properties it allows you to reason about may to security criteria that matter, or help lay bare assumptions that ought to be considered? I looked before because I ran into some UC papers and couldn't make much sense of it. ... Are there any examples where someone went back and used that framework to show a known broken thing to be broken?
ryanxcharles has joined #bitcoin-wizards
<amiller>
iddo and ranjit came very close to using it in their bitcoin lottery paper
<amiller>
they used essentially the characteristic parts of that framework but with some simplifications
<amiller>
well, the motivation for it is that there are a lot of interactive protocols that are actually unsafe when they are run concurrently
<amiller>
this really just generalizes simulator proofs which are for sure the best way to define zero knowledge
Dr-G2 has joined #bitcoin-wizards
Dr-G has quit [Disconnected by services]
<amiller>
it could be used to show that a protocol isn't vulnerable to replay attacks
<amiller>
there is lots of related work on showing how to other things we'd want to model neatly fit in, like some basic rationality assumptions and things like forward secrecy
<amiller>
the most bewildering thing about it to me is how much "trusted setup" seems inherently interwoven in the whole approach though
<amiller>
there are these transformations that are weird because they involve making a protocol "safer" against attacks by building more stuff into the trusted setup
<amiller>
after all, the trusted-setup basically requires you anyway to do some kind of a multi party computation, and hope that at least one of them erases their ram afterwards.
<amiller>
so, why not have them generate some keypairs and stuff while they're at it, then delete those/
<amiller>
im trying to figure out how to articulate this... there's a really clever transformation that involves using signatures and encryption using keys that were destroyed in the trusted setup anyway
<amiller>
like, you publish a snark proof along with an encryption of your secrets to a keypair that was destroyed in the fire hundreds of years ago
<amiller>
to a less more religious person it would seem like a kind of prayer!
<amiller>
or, you build in a little clause that says you can spend these coins if you're the rightful owner *or* if you know satoshi's public key, which was destroyed in the fire
<amiller>
s/satoshi's public key/satoshi's private key/
<amiller>
you can combine these things to have sort of a more secure snark.
<amiller>
but i can't really explain what an *attack* would look like if you don't do these things
<amiller>
it seems a little mad, make a protocol more secure against attacks tomorrow by making it fail even more catastrophically if the setup goes wrong
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
copumpkin has joined #bitcoin-wizards
copumpkin has quit [Ping timeout: 250 seconds]
TheSeven has quit [Disconnected by services]
[7] has joined #bitcoin-wizards
gielbier has quit [Ping timeout: 256 seconds]
hashtag_ has quit [Ping timeout: 256 seconds]
delitzer has quit [Quit: delitzer]
Sqt has quit [Ping timeout: 240 seconds]
user7779078 has joined #bitcoin-wizards
AlexStraunoff has joined #bitcoin-wizards
AlexStraunoff is now known as Sqt
[7] has quit [Disconnected by services]
TheSeven has joined #bitcoin-wizards
user7779078 has quit [Read error: Connection reset by peer]
user7779078 has joined #bitcoin-wizards
shesek has quit [Ping timeout: 256 seconds]
grandmaster has quit [Quit: quit]
grandmaster has joined #bitcoin-wizards
shesek has joined #bitcoin-wizards
fanquake1 has quit [Read error: Connection reset by peer]
fanquake has joined #bitcoin-wizards
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
b_lumenkraft has joined #bitcoin-wizards
jhogan42 has joined #bitcoin-wizards
rustyn has quit [Ping timeout: 264 seconds]
arubi_ has quit [Ping timeout: 244 seconds]
rustyn_ has joined #bitcoin-wizards
user7779078 has quit [Remote host closed the connection]
jhogan42 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
p15 has quit [Ping timeout: 276 seconds]
p15 has joined #bitcoin-wizards
arubi_ has joined #bitcoin-wizards
livegnik has quit [Remote host closed the connection]
tlt has quit [Ping timeout: 256 seconds]
Mably has joined #bitcoin-wizards
p15 has quit [Max SendQ exceeded]
p15 has joined #bitcoin-wizards
kmels has quit [Ping timeout: 265 seconds]
orperelman has joined #bitcoin-wizards
sparetire has quit [Quit: sparetire]
HostFat has quit [Ping timeout: 264 seconds]
p15 has quit [Max SendQ exceeded]
p15 has joined #bitcoin-wizards
Mably has quit [Ping timeout: 264 seconds]
jeremyrubin has quit [Remote host closed the connection]
p15 has quit [Max SendQ exceeded]
p15 has joined #bitcoin-wizards
damethos has quit [Remote host closed the connection]
damethos has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
wallet42 has quit [Quit: Leaving.]
wallet42 has joined #bitcoin-wizards
fanquake1 has joined #bitcoin-wizards
fanquake has quit [Ping timeout: 276 seconds]
jeremyrubin has joined #bitcoin-wizards
mm_0 is now known as mm_1
DougieBot5000 has quit [Read error: Connection reset by peer]
DougieBot5000 has joined #bitcoin-wizards
waxwing has quit [Disconnected by services]
waxwing has joined #bitcoin-wizards
gielbier has joined #bitcoin-wizards
Mably has joined #bitcoin-wizards
orperelman has quit [Ping timeout: 272 seconds]
orperelman has joined #bitcoin-wizards
rustyn_ is now known as rustyn
nuke1989 has joined #bitcoin-wizards
tlt has joined #bitcoin-wizards
erasmospunk has joined #bitcoin-wizards
b_lumenkraft has quit [Quit: b_lumenkraft]
orperelman has quit [Ping timeout: 272 seconds]
erasmospunk has quit [Remote host closed the connection]
jeremyrubin has quit [Remote host closed the connection]
sadoshi has quit [Remote host closed the connection]
sadoshi has joined #bitcoin-wizards
<nsh>
amiller, how does this transformation add security to the snark by encrypting secrets against a public key for which the corresponding private key is destroyed during trusted setup?
antgreen` has joined #bitcoin-wizards
antgreen has quit [Ping timeout: 264 seconds]
hashtag has joined #bitcoin-wizards
hashtagg has quit [Ping timeout: 272 seconds]
b_lumenkraft has joined #bitcoin-wizards
<Eliel>
hmmh... the setup phase sounds like it might benefit from the multiparty signature algorithm that allows different parties to produce a signature without revealing their private keys to each other.
ttttemp has joined #bitcoin-wizards
melvster1 has quit [Remote host closed the connection]
damethos has quit [Ping timeout: 255 seconds]
<nsh>
is there any good particular system / context in which to learn about conflict-free replicated data types?
Guyver2 has joined #bitcoin-wizards
antgreen` has quit [Ping timeout: 256 seconds]
<nsh>
a blockchain (sidechain) can be used to bootstrap a distributed system of authenticated conflict-free replicated data types, as coin independent-spendabilitiy and fungibility gives commutativity to operations bound to unspent transaction outputs, and idempotence is assured by double-spend resistance
<nsh>
so mining must effect a semilattice join on the monotonically-increasing global blockchain partial-order state of transactions
jeremyrubin has joined #bitcoin-wizards
gielbier has quit [Read error: No route to host]
fanquake1 has quit [Quit: Leaving.]
<nsh>
actually, it would seem bitcoin exists as a continuous operation-based CRDT for SPV-nodes and above, scaffolded by a periodic [blocktime] state-based CRDT replicated by full nodes and above and updated by miners semilatice-joining a view of the gossip network (operation-based CRDT) at a poisson period in statistical proportion to their hashpower contribution
<nsh>
where the hashpower contribution itself maintains the partial-ordering of the blockchain state
<nsh>
sorry, maintains the monotonicity, and thus partial-ordering of the blockchain state
<nsh>
(i guess strictly it's monotonically increasing because the merkel tree depth increases, which is not directly related to hashing difficulty)
antanst has joined #bitcoin-wizards
<nsh>
*merkle
<nsh>
it would be interesting to compare the blockchain disk representation to the lower-bounds for state-based CRDT complexity
erasmospunk has joined #bitcoin-wizards
<Adlai>
is bitcoin's blockchain a merkle tree, or just a list?
delitzer has joined #bitcoin-wizards
* Adlai
isn't sure in which situations you'd only consider the longest chain, as opposed to all computed blocks, losing forks included
erasmosp_ has joined #bitcoin-wizards
erasmospunk has quit [Ping timeout: 250 seconds]
Relos has quit [Ping timeout: 255 seconds]
<nsh>
it's the 'longest' chain only
<nsh>
but long is defined in terms of sum of work
<nsh>
a chain with fewer blocks but at higher total difficulty is thus longer than a chain of more blocks at lower difficulty
wallet42 has quit [Ping timeout: 245 seconds]
<Adlai>
anybody can suggest updates to the CRDT, but *somebody* must pay a computational cost (ie, the PoW) to generate a valid update message; the computational cost is compensated with the freedom to adjust the database in your favor, within a limit that you believe other nodes will find tolerable
justanotheruser has quit [Ping timeout: 264 seconds]
justanotheruser has joined #bitcoin-wizards
wallet42 has joined #bitcoin-wizards
Relos has joined #bitcoin-wizards
* nsh
nods
hashtag_ has joined #bitcoin-wizards
justanotheruser has quit [Ping timeout: 256 seconds]
justanotheruser has joined #bitcoin-wizards
delitzer has quit [Quit: delitzer]
user7779078 has joined #bitcoin-wizards
ir2ivps5 has joined #bitcoin-wizards
hashtag has quit [Ping timeout: 255 seconds]
hashtag has joined #bitcoin-wizards
antgreen has joined #bitcoin-wizards
c0rw1n is now known as c0rw|away
NkWsy has joined #bitcoin-wizards
NkWsy has quit [Remote host closed the connection]
droark has joined #bitcoin-wizards
nuke1989 has quit [Ping timeout: 246 seconds]
nuke1989 has joined #bitcoin-wizards
c-cex-yuriy has joined #bitcoin-wizards
user7779078 has quit [Remote host closed the connection]
gabridome has quit [Quit: gabridome]
damethos has joined #bitcoin-wizards
damethos has quit [Ping timeout: 256 seconds]
mm_1 is now known as mm_0
melvster1 has joined #bitcoin-wizards
arubi_ has quit [Quit: Leaving]
Burrito has joined #bitcoin-wizards
melvster1 has quit [Ping timeout: 272 seconds]
orperelman has joined #bitcoin-wizards
ttttemp_ has joined #bitcoin-wizards
ttttemp_ has quit [Remote host closed the connection]
NkWsy has joined #bitcoin-wizards
ttttemp_ has joined #bitcoin-wizards
ttttemp_ has quit [Remote host closed the connection]
copumpkin has joined #bitcoin-wizards
lclc has joined #bitcoin-wizards
ttttemp has quit [Remote host closed the connection]
jhogan42 has joined #bitcoin-wizards
melvster1 has joined #bitcoin-wizards
melvster1 has quit [Ping timeout: 250 seconds]
ttttemp has joined #bitcoin-wizards
NkWsy has quit [Remote host closed the connection]
user7779078 has joined #bitcoin-wizards
arubi_ has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
jhogan42 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
user7779078 has quit [Remote host closed the connection]
NkWsy has quit [Remote host closed the connection]
HM has quit [Ping timeout: 276 seconds]
tlt has quit [Remote host closed the connection]
HM has joined #bitcoin-wizards
lclc has quit [Quit: Konversation terminated!]
NkWsy has joined #bitcoin-wizards
erasmosp_ has quit [Remote host closed the connection]
lclc has joined #bitcoin-wizards
contrapumpkin has joined #bitcoin-wizards
NkWsy has quit [Ping timeout: 255 seconds]
copumpkin has quit [Ping timeout: 246 seconds]
damethos has joined #bitcoin-wizards
lclc has quit [Ping timeout: 264 seconds]
contrapumpkin is now known as copumpkin
HostFat has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
bsm117532 has joined #bitcoin-wizards
gielbier has joined #bitcoin-wizards
damethos has quit [Quit: Bye]
damethos has joined #bitcoin-wizards
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
user7779078 has joined #bitcoin-wizards
b_lumenkraft has quit [Quit: b_lumenkraft]
mm_0 is now known as mm_1
user7779078 has quit [Read error: Connection reset by peer]
user7779_ has joined #bitcoin-wizards
user7779_ has quit [Client Quit]
justanotheruser has quit [Ping timeout: 240 seconds]
justanotheruser has joined #bitcoin-wizards
frankenmint has joined #bitcoin-wizards
erasmospunk has joined #bitcoin-wizards
contrapumpkin has joined #bitcoin-wizards
copumpkin has quit [Ping timeout: 250 seconds]
contrapumpkin is now known as copumpkin
erasmospunk has quit [Ping timeout: 264 seconds]
koshii has quit [Ping timeout: 245 seconds]
koshii has joined #bitcoin-wizards
Mably has quit [Ping timeout: 256 seconds]
p15 has quit [Max SendQ exceeded]
p15 has joined #bitcoin-wizards
hashtagg_ has joined #bitcoin-wizards
hashtag_ has quit [Ping timeout: 272 seconds]
sparetire has joined #bitcoin-wizards
Mably has joined #bitcoin-wizards
RoboTeddy has quit [Remote host closed the connection]
b_lumenkraft has joined #bitcoin-wizards
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
elastoma has quit [Ping timeout: 245 seconds]
elastoma has joined #bitcoin-wizards
Mably has quit [Ping timeout: 244 seconds]
c-cex-yuriy has joined #bitcoin-wizards
Mably has joined #bitcoin-wizards
wallet42 has quit [Ping timeout: 252 seconds]
jhogan42 has joined #bitcoin-wizards
hashtag_ has joined #bitcoin-wizards
wallet42 has joined #bitcoin-wizards
hashtag has quit [Ping timeout: 244 seconds]
lclc has joined #bitcoin-wizards
delitzer has joined #bitcoin-wizards
antanst has quit [Quit: Leaving.]
hashtag has joined #bitcoin-wizards
orperelman has quit [Ping timeout: 246 seconds]
hashtagg_ has quit [Ping timeout: 272 seconds]
lclc has quit [Ping timeout: 244 seconds]
melvster1 has joined #bitcoin-wizards
wyager has joined #bitcoin-wizards
<Eliel>
Adlai: the blockchain is a list of merkle trees.
<Eliel>
every block has one
<Adlai>
*merkle list of merkle trees
<Eliel>
no, just a linked list of merkle trees.
<Adlai>
it's not a regular linked list, it uses partial preimage collision hashpointers
wyager has quit [Quit: wyager]
<luny>
would there be any use for an alt coin that would reward people for running full bitcoin nodes by paying them in that alt coin? i.e. "help bitcoin by running full nodes, and get paid in alt coin"
<frankenmint>
why must it be an alt-coin to pay them
<frankenmint>
?
<luny>
dunno, who would reward the bitcoin nodes in bitcoin?
<sipa>
there is no reason to pay people to run a bitcoin node
<sipa>
people should *use* a node
<Adlai>
luny: some people have already tried, and realized that "reward bitcoin nodes in bitcoin" is vulnerable to sybil attack in a way that "obtain bitcoin coinsensus" isn't
<sipa>
preferably a full node they control themselves
<sipa>
well, full nodes help the network a bit... lightweight clients and bootstrapping other nodes
<luny>
Adlai, do you mean that people would pretend running a node when in fact they aren't, and hence getting more rewards than they deserve?
<frankenmint>
paying for it to run simply for it to run isn't a proper solution
<sipa>
but for the security of the system, what matters is how many people independently *use* a node
<sipa>
whether that is 1 or 1000 is irrelevant
<Adlai>
luny: I can't dig up the link at the moment, and maybe better that it's so, but somebody published a bitnodes fraud script shortly after the program was announced
<sipa>
luny: using a node is a reward on itself, namely you get the security of verifying that nodoby in the network is cheating, without needing to trust anyone for it
<luny>
yes, good points.. thanks a lot
<Adlai>
luny: for an example of a similar (yet differently motivated) attack on the network, google chainalysis
orperelman has joined #bitcoin-wizards
NkWsy has quit [Remote host closed the connection]
NkWsy has joined #bitcoin-wizards
damethos has quit [Quit: Bye]
NkWsy has quit [Ping timeout: 264 seconds]
RoboTeddy has joined #bitcoin-wizards
wallet42 has quit [Quit: Leaving.]
wallet42 has joined #bitcoin-wizards
Guyver2 has quit [Remote host closed the connection]
RoboTeddy has quit [Ping timeout: 256 seconds]
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
b_lumenkraft has quit [Quit: b_lumenkraft]
b_lumenkraft has joined #bitcoin-wizards
b_lumenkraft has quit [Client Quit]
NkWsy has joined #bitcoin-wizards
Mably has quit [Ping timeout: 264 seconds]
frankenmint has quit [Remote host closed the connection]
Mably has joined #bitcoin-wizards
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
mm_1 is now known as mm_0
NkWsy has quit [Remote host closed the connection]
wallet42 has quit [Quit: Leaving.]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
DougieBot5000 has quit [Quit: Leaving]
orperelman has quit [Ping timeout: 272 seconds]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
jhogan42 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
wallet42 has quit [Client Quit]
DougieBot5000 has joined #bitcoin-wizards
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
jhogan42 has joined #bitcoin-wizards
waxwing has quit [Ping timeout: 264 seconds]
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
unlord_ has quit [Ping timeout: 244 seconds]
wallet42 has quit [Quit: Leaving.]
RoboTeddy has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
orperelman has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 244 seconds]
frankenmint has joined #bitcoin-wizards
waxwing has joined #bitcoin-wizards
frankenmint has quit [Ping timeout: 245 seconds]
NkWsy has quit [Remote host closed the connection]
NkWsy has joined #bitcoin-wizards
wallet42 has joined #bitcoin-wizards
dEBRUYNE has quit [Ping timeout: 255 seconds]
NkWsy has quit [Remote host closed the connection]
wallet42 has quit [Client Quit]
yorick has quit [Ping timeout: 272 seconds]
yorick has joined #bitcoin-wizards
yorick has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
devrandom has quit [Quit: leaving]
NkWsy has quit [Remote host closed the connection]