<nsh>
are there inherently homomorphisms of the DLP on curves over fields of composite order to a DLPs on a higher-dimensional curves in subfields, for which there do not exist analogous homomorphisms when the order is prime?
<nsh>
i guess i want to have some intuition of how the primality removes the [accessible] structure of the field that facilitates computation of the DLP
<nsh>
without needing to go into the full analytical geometry, which might be too much to ask
jhogan42 has quit [Remote host closed the connection]
jhogan42 has joined #bitcoin-wizards
<gmaxwell>
The really really handwave understanding for basically all fast DLP solving is that you're fundimentally trying to find the period of a cyclic function. If the period is very long this is hard.
<gmaxwell>
If you're able to break it up so there are many subcycles and measure their period then you can solve it quickly.
<gmaxwell>
Or if you're able to find constraints such that only one period can meet the constraints; you can go that way.
d1ggy_ has joined #bitcoin-wizards
blackwraith has quit [Ping timeout: 256 seconds]
mkarrer has joined #bitcoin-wizards
DougieBot5000 has joined #bitcoin-wizards
Relos1 has quit [Ping timeout: 272 seconds]
d1ggy has quit [Ping timeout: 244 seconds]
belcher has quit [Quit: Leaving]
zooko has quit [Remote host closed the connection]
* nsh
nods
<Eliel>
hmh, that's a delightfully simple way of explaining why it's hard.
<nsh>
so you're still using ECC operations to find cycles via rho-pollard, but you're able to find shorter cycles because of the existence of a hyperelliptic curve over a subfield
hulkhogan_ has quit [Read error: Connection reset by peer]
<nsh>
(or the existence of a homomorphism from the elliptic curve to the hyperelliptic curve)
hulkhogan_ has joined #bitcoin-wizards
hulkhogan_ has joined #bitcoin-wizards
<nsh>
and subfields don't exist for curves defined over fields of prime order. but there are other kinds of structure that give constraints on possible cycles
delitzer_ has quit [Quit: delitzer_]
<gmaxwell>
Right. Like some curves there exist techniques to find little segments that cross over a small set of common points; and the you can solve a system of linear equations to find the cycle which is common to the segments.
<gmaxwell>
(but this depends on being able efficiently find segments; and for the system of linear equations that results to be tractable; e.g. for it to have special structure)
* nsh
nods
hulkhogan_ has quit [Read error: Connection reset by peer]
<nsh>
and weil descent allows for use of index calculus on the hyperelliptic curve, because its jacobian has some property of 'smoothness' that is lacking in the elliptic curve
hulkhogan_ has joined #bitcoin-wizards
hulkhogan_ has joined #bitcoin-wizards
hulkhogan_ has joined #bitcoin-wizards
<gmaxwell>
yea, it's the ability to compose a factorbase.
<nsh>
so points on the hyperelliptic curve can be factors into prime divisor points
<gmaxwell>
one way to look at it is that conventional curves don't have 'prime' members.
<nsh>
*factored
<nsh>
right
<gmaxwell>
it should be noted that the weil descent itself isn't harmful; its that you end up on an insecure group that is fatal. Pairing crypto is all based on that transformation leaving you on a secure group.
* nsh
nods
<gmaxwell>
It should be noted that thats only one kind of possible computable isomorphism; every curve exists in a class of isomorphic curves of equivilent order; but computing the transfer is not usually computationally efficient.
<nsh>
but the group is always of lower order for the higher-genus/degree side of the pairing, just not necessarily degenerate order
* nsh
nods
justanotheruser has quit [Ping timeout: 255 seconds]
delitzer has joined #bitcoin-wizards
jtimon has joined #bitcoin-wizards
NewLiberty__ has quit [Ping timeout: 265 seconds]
bramc has joined #bitcoin-wizards
<bramc>
Hey everybody
HostFat has quit [Ping timeout: 256 seconds]
<gmaxwell>
bramc: hi!
<bramc>
Hey gmaxwell. Sorry I haven't been on, I've been buried in work stuff.
<tromp>
hi Bram
jtimon has quit [Ping timeout: 245 seconds]
<bramc>
Hey John
<bramc>
I'm looking at the recent postings from gavin and mhearn. Their reasoning... doesn't make sense
<tromp>
i haven't followed the block size increase discussion much...
<gmaxwell>
bramc: Yea... it's been uh pretty busy for me.
<bramc>
It seems to boil down to saying that we can't have transaction fees because wallets can't handle them
<gmaxwell>
bramc: there is a thread on bitcoin-development af of this afternoon.
c-cex-yuriy has joined #bitcoin-wizards
<tromp>
wallets will adapt to whatever the miners impose, no?!
<gmaxwell>
tromp: if not, they wouldn't be very usable as wallets.
<gmaxwell>
bramc: there is more going on than that; but I think a lot of it really reduces to dismissing the tradeoffs and incentive concerns with larger sizes; once you've dismissed then then arbritarily large sizes seem to be an obvious win.
<bramc>
He's also badly misrepresenting what lightning network is, but I'll give him a pass on that because the good paper isn't ready yet.
<gmaxwell>
But thats usually the case in engineering; I want to make this bridge as cheap as possible! oh wait, it will collapse and kill everyone? oops.
<bramc>
I'm thinking of writing a blog post about how the blockchain needs real transaction fees, and arguing for the opposite view, that the transaction rate should be intermittently clamped down on artificially while we don't have to, specifically to force the damn wallets to get fixed.
<bramc>
This is an argument I've heard several core developers make, at least in person.
<bramc>
On an unrelated topic, I have an interesting question: Can you play chess using the blockchain?
<gmaxwell>
An interesting point is that we hit the default soft limit-- just enforced by purely local node policy-- hard in 2012 to early 2013 due to some gambling site that did every (often few-penny-ish value) bet as two transactions. The response was an urgent upping of the softcaps (which was the proximal trigger for that network fork in early 2013); after the softcaps were increased, ... wallets still
<gmaxwell>
didn't fix their behavior.
<gmaxwell>
(and that user went away for unclear reasons; recovering most of the space that they were gobbling up)
<gmaxwell>
bramc: I have a protocol that works for games matching a set of criteria-- assuming smarter smart contracts; it includes chess, but only if you don't play by standard rules that time limit moves.
<gmaxwell>
The criteria is basically that there can be no secret randomness. E.g. no shuffled deck of cards unless its done once at the front and is entirely public.
<bramc>
gmaxwell, Yeah I'm thinking it's okay to declare a draw at a fixed number of moves and have time clocks where you get a dozen generations per move or so
<gmaxwell>
It's also pretty efficient, if no one cheats nothing goes into the blockchain, and normally a cheat only puts two moves into the chain.
<gmaxwell>
oh other criteria for my protocol: game must be turned based with a determinstic turn order based on the rules and prior state.
<bramc>
gmaxwell, gin rummy is another interesting question
<gmaxwell>
Basically the idea is that you make a transacript of the game, each player taking terms adding a move and signing the transcript. At the end, if the players disagree about payment you show the network the last two moves and it checks their validity based on the rules and awards the winner.
mrkent has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
<bramc>
gmaxwell, I would say that wallets which die when there start being real transaction fees get what they deserve
<gmaxwell>
So the thing I'm suggesting works for chess, checkers, go, connect-k, othello, diplomacy, .. many modern board games (e.g. seven wonders). Some are more interesting than others, due to the inability to have a short time limit.
<bramc>
gmaxwell, That sounds a lot more efficient than what I was thinking, which basically involves dumping the moves themselves into the blockchain encoded in what utxos are available. Might need some mutability fixes.
<gmaxwell>
(you deal with someone abandoning the game by allowing you to post a partial transcript; and then the other player has to continue it or after a timelimit they default and you get the coins)
<bramc>
Yeah everybody has to post timelocked forfeits as part of their move in case they don't make their next move
<bramc>
I'd like to point out that it wouldn't be hard for somebody who knew what they were doing to rebuild satoshi dice using a simplified version of the oakland lottery protocol
<gmaxwell>
yea, in my model there is only a pair of transactions normally, e.g. escrow in, pay out.. if someone goes up responsive it's escrow in, abort-request, and then either the game continues-- potentially with every move in the blockchain if the other player is a jerk-- or you timeout.
<bramc>
It should be possible to make it so that only the last move or two is in the blockchain, even if somebody behaves badly, at least that's what my intuition says now
<gmaxwell>
It's even possible to set it up so you can sell your set in a game in progress; so you could have something like someone who buys games stuck in timeout and just machine plays them till the end. :)
<gmaxwell>
bramc: yea, its just the problem if someone basically always tried to run out the limit, they can force one movepair per "claim that the other guy is unresponsive". Otherwise it's only a single movepair or zero (if both parties agree at the end to shake hands and transfer funds to their mutual consent)
<gmaxwell>
e.g. you let 2 of 2 decide the outcome regardless of the rules.
<bramc>
I'm not entirely following, but I'll wait until you do a complete writeup to grok it fully :-)
<gmaxwell>
so rational players should basically never result in any moves showing up on the chain; the smart contract just backstops to create an incentive for good behavior.
<gmaxwell>
I have one I can send you that should be more or less readable.
<bramc>
If there's a url for it I can put it in my list of things I need to read through
<gmaxwell>
my todo list has publishing it somewhere public. :)
<gmaxwell>
bramc: in any case; if you feel like posting something on the blocksize thing it might add some thoughfulness; I think a lot of the general public is just unaware that there is actually a tradeoff; having an 'outside view' but from someone whos actually faced these questions would be good.
<bramc>
I have more than 20k views on quora each of the last two days. If anybody's wondering why I don't do regular blogging more often, that's why.
<bramc>
gmaxwell, I've been partially dragging my feet on it because I'm unsure of the presentation I'd like to do. Maybe I'll structure it rationalist style with a list of all arguments for, against, counters, and counter-counters
<bramc>
Oh great, the spread in bitcoin prices on different exchanges has widened again. Isn't that lovely.
justanotheruser has joined #bitcoin-wizards
<bramc>
Come to think of it, my third party pays idea could help a lot with broken wallets
Dr-G2 has joined #bitcoin-wizards
Dr-G has quit [Disconnected by services]
Cory has quit [Ping timeout: 264 seconds]
face_ has quit [Ping timeout: 264 seconds]
face_ has joined #bitcoin-wizards
mpmcsweeney has joined #bitcoin-wizards
<bramc>
gmaxwell, You didn't answer my question about gin rummy
Cory has joined #bitcoin-wizards
<bramc>
The shared permutation of shuffling makes things a bit interesting
<hulkhogan_>
rofl, +1 gmaxwell
<gmaxwell>
I don't know the rules anymore. My protocol doesn't let you do anything random during the game. You can shuffle upfront so long as the deck is not secret. There are ways to achieve other things of course... but they require more complex protocols.
mpmcsweeney has quit [Ping timeout: 240 seconds]
<bramc>
gin rummy just requires a shuffle up front, I think. Maybe there are more shuffles later, I don't remember.
<nsh>
i was musing the other night that UTXOs can be bound to operations on a set of conflict-free replicated data types, which should allow for playing arbitrary games where rules are prepared in advance in terms of multisigs on allowed operations over the data structures
<nsh>
maybe worth trying to construct tic-tac-toe this way
<jgarzik>
I still want to see a theoretical model for on-chain poker
<bramc>
jgarzik, heads up hold'em is easily covered by gmaxwell's criteria. Multiplayer not so much
<bramc>
That's probably by far the best application of the whole thing, actually.
<jgarzik>
yep :)
<bramc>
A head's up hold em app with enforced money transfer and no trusted third party would pass my eye roll test
<bramc>
Of course somebody might write an automated player for it
<bramc>
But that would be awesome :-)
bsm117532 has joined #bitcoin-wizards
<bramc>
I'm writing notes on structuring the whole thing as a set of claims and rebuttals. This is an interesting approach.
<tromp>
decentralized court?
<bramc>
tromp, are you referring to a game called Court or making some other point?
<tromp>
i'm referring to your claims and rebuttals on a blockchain
<tromp>
sounds like the players are taking each other to decentralized court over the game
<bramc>
Oh these are claims and rebuttals in a blog post, not on a block chain. They're about the blockchain though, specifically about the advisability/need for a raise in the block size limit
<gmaxwell>
jgarzik: anything that needs a secret shuffle needs ... an unfortunately expensive zk proof for the fidelity of the shuffle.
<gmaxwell>
e.g. talking about 80 MBytes of data kind of stuff... though that never goes on the network.
<gmaxwell>
(perhaps there is some better way; but I dunno it; I've not tried too hard for poker; I think it would be more interesting to build easier things first)
<amiller>
jgarzik, i swear im working on exactly that kind of thing
<amiller>
it requires generic zk proofs which are pretty usable these days... i think 80mb of data on the blockchain is very pessimistic
<bramc>
gmaxwell, I think it's okay for 80 megabytes to be exchanged between the two people as long as the only thing to hit the blockchain is small
<jgarzik>
yeah all that doesn't need to go on the network (DHT!:))
<gmaxwell>
I just said _not_ on the blockchain. :)
<jgarzik>
indeed
<amiller>
uh sorry well anyway the point if those zk proofs aren't that much
<gmaxwell>
It's more MPC than generic ZK... you need to create a cooperatively encrypted and shuffled deck.
<gmaxwell>
e.g. one way to go about this is that you encrypt a deck with additively encryption; N times and permute, commit to all, then reveal the decryption of all but one (chosen by the other players); N must be large to make cheating infeasable. Then the other player reencrypts and reshuffles and does the same. (and so on for more than two) at the end you get a deck which is encrypted by each of the pl
<gmaxwell>
ayers, and shuffled. then you can decrypt each card in any order. The communication can be cut down with the tree structured seed stuff; but it's cpu costly regardless.
<gmaxwell>
Important deliverables are the deck is valid, no one knows the whole deck, the cards can be decrypted only with all players cooperation, and can be decrypted in any order (so you can let only a single player learn the value (last to decrypt).
<bramc>
The case of a cooperatively shuffled deck can be handled relatively easily. I commit to a shuffle, then you commit to a shuffle. Whenever we want to do a reveal, first you reveal what your pre-card was, then I reveal what my pre-card of the pre-card was
<bramc>
And we can simplify things by making a cheat - that is, a repeat, result in a forfeit
<bramc>
That post facto forfeit technique should vastly simplify everything, makes it so don't need a 'real' permutation
<gmaxwell>
bramc: indeed, including a final move where you reveal any unplayed cards... but I didn't/dont see a way to simply do that unless the players have seperate decks.
<bramc>
especially for heads up hold'em, which has a very limited number of reveals
<gmaxwell>
Ah I see you're stacking the permutations.
<bramc>
gmaxwell, No such final move necessary, we just set up a precommitment where we each agree to a forfeit if the other player can demonstrate a collision in our pre-cards
<bramc>
So our shuffles are then a precommited set of 52 numbers, each from 0 to 51
<gmaxwell>
you make a deck, to draw a card you ask me for my next commited value; I use my commited secret permutation to tell you an index. and you draw that one.
<bramc>
exactly
mpmcsweeney has joined #bitcoin-wizards
<gmaxwell>
but I can't draw from your deck-- we cannot share a deck where my draws block your draws of a particular card; with the other player not learning it.
<bramc>
In this case the commited 'permutation' is a map though, and its being a permutation is enforced later
<bramc>
no we're sharing a deck but it was shuffled first by me then by you
<bramc>
so it takes two steps for each card reveal
<gmaxwell>
I'm not seeing it, but it's been a long day; it's obvious to me how it works one sided.
<bramc>
Somewhat off topic for bitcoin: It turns out that reverse pynchon gate is totally possible, using a clever trick I should have figured out ten years ago: http://arxiv.org/abs/1503.06115
<gmaxwell>
e.g. I want to make my first draw, you show me a commitment that my first draw should be card 5 in mine. Great. now I can have that card secretly; and prove it to you as required.
<gmaxwell>
You don't learn it.
<gmaxwell>
Say I draw card 1 that way.
mpmcsweeney has quit [Ping timeout: 272 seconds]
<bramc>
I think oakland lottery style precommitments should fix that
<bramc>
and I suspect the lightning extension makes everything a lot simpler
<gmaxwell>
Now you want to draw, so that I don't learn your card other than it can't be card 1 because thats not in the deck.
<gmaxwell>
you ask for the first permutation in my set, I prove its 12. ... now you look at your 12th card. and it happens to be card 1.
<gmaxwell>
So now we have the same card (but don't know it)
<gmaxwell>
So what part did I misunderstand?
<bramc>
There's a series of steps which have to happen in a particular order, it winds up being the same as making moves. We know based on the rules of the game that card 1 needs to be revealed, so I reveal the pre-card of 1 is 9 from your shuffle
<bramc>
You then reveal the pre-card from 9 in your shuffle is card 51, so we now play with the king of whatever as that card
<bramc>
next we need to reveal card 2. Let's say I cheated and my pre-card for 2 is also 9. You can now use that collision to claim a win.
<bramc>
Likewise, if I reveal that the pre-card of 2 is 16, and then you reveal the pre-card of 16 is 51, I can claim a win by collision
<gmaxwell>
okay, yes, I believe this can work if your draws are not secret once drawn.
<gmaxwell>
But for games where you draw from a shared deck into a private hand, I don't see it.
<bramc>
Right, heads-up hold'em is particularly easy that way
<gmaxwell>
whew.
<gmaxwell>
(I'm whewing my addled brain)
<bramc>
Thankfully heads-up hold'em is also the most interesting game to implement from a what people would like to play standpoint
<bramc>
And I think even if you complain that it's a solved game, even heads up pot limit, even with the only options being fold, call, limit raise, or pot raise, is very much an unsolved game.
jrayhawk has joined #bitcoin-wizards
<bramc>
I've finished my notes on a blog post about increasing the block chain size limit. It's a doozy. 33 lines of summaries of arguments, all needing to be fleshed out quite a bit.
<petertodd>
bramc: cool! looking forward to it
<bramc>
petertodd, Sorry for punching down at you by the way, I meant that to be a snark on this channel, not a post to reddit
<petertodd>
bramc: no worries, that was just trolls being trolls
<petertodd>
bramc: honestly I feel worse for you getting out of context exposure like that
<bramc>
petertodd, Can't blame the people on reddit for not reading the original post. It was two whole lines of comments on irc. That's way too much.
<bramc>
Although, yeah, that was far, far, from the first time something I've said has blown up because I was a little too glib with it. Other times have hit newspapers.
NkWsy has joined #bitcoin-wizards
jrayhawk has quit [Quit: irssi sure hates me]
blazes816 has joined #bitcoin-wizards
tcrypt has quit [Ping timeout: 244 seconds]
blazes816 has quit [Ping timeout: 244 seconds]
[7] has quit [Disconnected by services]
TheSeven has joined #bitcoin-wizards
NewLiberty has joined #bitcoin-wizards
NkWsy has quit [Remote host closed the connection]
NkWsy has joined #bitcoin-wizards
NkWsy has quit [Remote host closed the connection]
p15x has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
StephenM347 has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
droark has quit [Quit: ZZZzzz…]
p15x has joined #bitcoin-wizards
delitzer has quit [Ping timeout: 240 seconds]
p15x has quit [Remote host closed the connection]
p15x has joined #bitcoin-wizards
<kanzure>
"any transaction can include this subtransaction, fees accumulate, and then at the end of each block period, the best combination of the most fees wins inclusion into the next block-like object"
wallet42 has quit [Quit: Leaving.]
wallet42 has joined #bitcoin-wizards
wallet42 has quit [Client Quit]
p15x has quit [Read error: Connection reset by peer]
p15x has joined #bitcoin-wizards
fanquake has joined #bitcoin-wizards
delitzer has joined #bitcoin-wizards
hudon has joined #bitcoin-wizards
NkWsy has quit [Ping timeout: 255 seconds]
NkWsy has joined #bitcoin-wizards
p15x has quit [Ping timeout: 256 seconds]
p15x has joined #bitcoin-wizards
theymos has joined #bitcoin-wizards
b_lumenkraft has joined #bitcoin-wizards
kmels has joined #bitcoin-wizards
<theymos>
Reddit's understanding of the block size issue is so very, very wrong... Supporting the max block size increase is a reasonable position, but people on Reddit keep making the stupidest arguments and even *downvoting* people like luke-jr who actually know what they're talking about. Very disappointing.
<kanzure>
ah so you are still capable of experiencing disappointment about reddit
<kanzure>
theymos: i'm curious what you think about a position supporting a decrease in max block size?
<theymos>
IMO this is mostly an unavoidable issue with the way that Reddit works, but I wonder if there's any way I (as a /r/Bitcoin moderator) could improve this without enacting massive censorship...
<kanzure>
permaban people who demonstrate wrong reasoning
<kanzure>
or, who consistently demonstrate wrong reasoning
<theymos>
That's too much censorship IMO.
<kanzure>
heh!
<kanzure>
what about forced user flair
<theymos>
That might be something to consider. Maybe it'd help to flair people who know what they're talking about. Redditors like to upvote colorful people...
<Luke-Jr>
de-modding certain troublemakers and scamcoin promoters might help… I feel this conversation is off-topic for wizards, however..
<kanzure>
it probably is off-topic
<theymos>
kanzure: Decreasing the max block size might be a reasonable argument, depending on your goals and your idea of how the network looks right now IMO.
<theymos>
Sorry for being off-topic.
<kanzure>
decreasing max block size would be an extra kick in the pants for incentive to work on things like lightning netwrk
<kanzure>
er, i mean lightning network
<theymos>
Sure. But IMO it's not really necessary. People are already getting worried about the block size issue, even though there's not actually any tx backlog. And there probably will be some backlog (of spam, at least) in the near future.
hashtag has joined #bitcoin-wizards
<Luke-Jr>
/j ##reddit-bitcoin
<theymos>
And it seems that 1 MB is a fairly comfortable size for most people.
<gmaxwell>
theymos: it's frustrating; the level of misunderstanding is so great that moving the needle is hard; whats needed is careful understanding of the tradeoffs. People are now totally polarized as 20MB NOW vs never increase; and even when people explain that their positions are more subtle, they get attacked as "never increase" (though none of the tech people hold that position). "Great, never ima
<gmaxwell>
gined I'd become a strawman."
<kanzure>
as a professional strawman i've always known my purpose is to burn alive
<Luke-Jr>
lol
<gmaxwell>
theymos: every voting like thing seems to go that way; -- that was why I was whining about voting features on the BCT wishlist. :( echochamber ho!
arubi has quit [Ping timeout: 245 seconds]
<gmaxwell>
theymos: dunno if you saw me mention it; but I suspect that if I had a mind wipe and tried to reason based on network behavior I think I might conclude that currently the size needs to be decreased. :( Though I continue (foolishly?) to believe that the latest or next batch of bitcoin core scalablity improvements will be enough to stop the bleeding.
<kanzure>
hooray see that folks gmaxwell has endorsed the decrease max block size position, time for me to go public with a hard fork
HostFat has joined #bitcoin-wizards
lclc has quit [Ping timeout: 256 seconds]
* Luke-Jr
wonders if someone were to push a branch with such a hardfork, how long it would take reddit to publish it
<theymos>
gmaxwell: Yeah, Reddit has a terrible groupthink problem. And the worst part is that people usually don't realize this. So people often post really good posts, and their arguments are apparently "defeated" by anonymous downvotes, strengthening the groupthink position even more. (Global) voting won't be added to BCT for just this reason.
<theymos>
gmaxwell: I can see the point of wanting to decrease the max block size -- decentralization is clearly becoming worse over time. But I think that the decline in full nodes will eventually reverse if the max block size remains steady because the "demand" of running a full node remains the same, but it'll become easier over time due to software and hardware improvements, as you mention.
kmels has quit [Ping timeout: 272 seconds]
frankenm_ has quit [Remote host closed the connection]
<hulkhogan_>
im not sure the running commentary is really helping- i think reddit is more swayed by arguments on pretty blogs than their own commenting platform, something to think about maybe
<kanzure>
oh that's easy, there's no reason for people to use bitcoin if they don't require it. so changing bitcoin into federated paypal is totally pointless if it's just to get more users.
<gmaxwell>
theymos: We still have quite a few usability and scaling improvements up our sleeves; so I do think we'll catch up if things stablize.
<Luke-Jr>
kanzure: he'll argue the "providers" are decentralised enough to trust, blah blah
p15x has quit [Ping timeout: 276 seconds]
<gmaxwell>
hulkhogan_: yea, reddit disrespects people who actually talk; while people who create distance and hardly comment are treated as heros.
<kanzure>
Luke-Jr: decentralization is not about trust
<Luke-Jr>
kanzure: /I/ know that :p
<gmaxwell>
(not just a reddit problem)
<hulkhogan_>
i think jgarzik is on to something
<hulkhogan_>
he was compiling some research today
<hulkhogan_>
im hopeful of that
<hulkhogan_>
(no comment on reddit, very controversial..)
<deego>
redditors are, by and large, like the average l33t ubuntu user. They don't understand the technicalities of the kernel. But, they understand smart people are in charge, and this shit is open source. They mistakenly believed, hitherto, that these smart people had a consensus, and therefore, were all happy about the 20MB increase.
<kanzure>
perhaps you andn i have a different definition of l33t
StephenM347 has quit []
Mably has quit [Ping timeout: 272 seconds]
<hulkhogan_>
you know what though
<hulkhogan_>
it might be worthwhile to compile the top comments of gmaxwell,sipa et al into a pretty blog and repost it on reddit
<hulkhogan_>
that would be nice
paperbot has quit [Remote host closed the connection]
<hulkhogan_>
im not a very good compiler or i would nominate myself for the task..
hudon has quit [Ping timeout: 246 seconds]
<gmaxwell>
well for most things we do have a consensus before reddit ever hears about it.
<gmaxwell>
In this case the bitcoin-dev thread was started two days after.
<gmaxwell>
er bitcoin-development
<hulkhogan_>
yea
<hulkhogan_>
this was a outlier case
<kanzure>
unfortunately the bitcoin developer form of consensus, while highly reliable and extremely precise, happens to be a form of subtle internet-routed telepathy
<hulkhogan_>
lolz
<hulkhogan_>
i dont know, its picking up steam and some kind of measured response seems needed to deal with this reddit issue
<kanzure>
it's not a reddit issue
<hulkhogan_>
maybe i'm (probably) wrong in my perception there
<hulkhogan_>
but it is starting to get picked up by media a bt
damethos has joined #bitcoin-wizards
<kanzure>
if there is a root cause then the root cause is not reddit
* kanzure
sleeps
<hulkhogan_>
+1
<pollux-bts>
imho /r/bitcoin had its eternal september moment in 11/2013
<gmaxwell>
pollux-bts: I dunno at least they no longer downvote 90% of my posts into the dirt.
<gmaxwell>
(they used to do that pretty reliably; since they'd say something factually incorrect in the promotion of bitcoin and I'd give a "well not quite so..." and BAM)
<pollux-bts>
i think you gained some notoreity among hodl'ers in that time
<gmaxwell>
It's a bit annoying; we don't have to fib to support Bitcoin; Bitcoin is awesome; it's awesome even though its not perfect or that we don't have all the answers. And misleading people about it about it just makes it worse.
p15x has joined #bitcoin-wizards
arubi has joined #bitcoin-wizards
<petertodd>
gmaxwell: as you said to me when I was just getting into this space "the blockchain is fucking magical" (I may be misquoting you slightly...)
<gmaxwell>
hah
<bramc>
"I'm going to locally increase the max block size my node accepts to 20mb tomorrow! I'm a real bitcoin developer now! All you old bitcoin developers are jealous! Look how big my dick is!"
<bramc>
Saying that there isn't consensus among bitcoin core developers is putting it mildly. There's overwhelming opinion that increasing the limit is a bad idea, with gavin and mike hearn being the only two objectors
p15x has joined #bitcoin-wizards
<petertodd>
bramc: yup, and among the research community as well
<petertodd>
bramc: we've probably got more consensus on this than we do on whether or not proof-of-stake works, and by a long shot
Guyver2 has joined #bitcoin-wizards
<bramc>
Mike Hearn is also big on zeroconf for some reason. He has some strange ideas
<bramc>
Gavin's proposal of immediately jumping to 20mb is rather extreme in its specifics as well
<bramc>
petertodd, proof-of-stake 'works', in the sense that an appropriately designed proof of stake system can avoid falling apart if a single party clearly controls the whole thing
<bramc>
Whether it's possible to do better than that with proof-of-stake is a matter of substantial controversy
<petertodd>
bramc: heh, yeah, I figure in practice it may work even better than proof-of-work if access to hashing hardware gets restricted and/or 51% attacks become common
<petertodd>
bramc: but that's *heavily* leaning on social assumptions, and ugly ones
<bramc>
petertodd, Making a decentralized system succeed by masking the fact that it's actually a centralized system isn't a great victory
<theymos>
(Off-topic: Some Bitcoin experts now have flair on /r/Bitcoin. Maybe this will improve the situation there somewhat.)
<petertodd>
theymos: thanks!
<petertodd>
bramc: agreed
NkWsy has quit [Remote host closed the connection]
Mably has joined #bitcoin-wizards
<bramc>
Back on more important discussions: My trick for doing shuffling doesn't quite work for hold 'em, because it doesn't work for hole cards. Probably the simplest thing would be to support a slightly bastardized version where there can be collisions in the hole cards so flushes are slightly more likely, straights are slightly less likely, and five of a kinds can happen. You can also simplify the discovery of cards by having
<bramc>
them be collaboratively selected one at a time from the remaining cards
<pollux-bts>
bramc: block production in Bitcoin doesn't seem to be terribly well decentralized based on the number of block producers https://blockchain.info/pools
hashtag has quit [Ping timeout: 244 seconds]
<bramc>
pollux-bts, right but they don't have a permanent lock on things like can happen in proof of steak systems, where someone might invisibly and permanently own the whole cow
<bramc>
not to say that that isn't a problem
<bramc>
Nonoutsourcability is a great idea. Of course, not only has noone on reddit heard of nonoutsourcability, there's a very real conspiracy to not let the paper even be formally published.
<pollux-bts>
PoW to produce votes for a round of block production could act as an energy saving mechanism i suppose
<bramc>
pollux-bts, no idea what you mean there. PoW and energy saving don't generally go together
hktud0 has quit [Read error: Connection reset by peer]
<pollux-bts>
miners could hash for the right to produce % of blocks in round robin style in intervals. just a random thought.
hashtag has joined #bitcoin-wizards
hktud0 has joined #bitcoin-wizards
<pollux-bts>
i guess though it could still be 'gamed'
priidu has joined #bitcoin-wizards
damethos has quit [Quit: Bye]
<bramc>
pollux-bts, those tricks basically always lose to grinding attacks, which turn everything back into PoW
<bramc>
unless you're very, very, careful, the limiting factor of any miner will always be electricity used
<bramc>
Oh, well it's good that it's been fairly well received on reddit. It still hasn't been able to be published though
<bramc>
fluffypony, although I'd call that 'didn't receive the usual level of uninformed vitriol' rather than 'well received'. My comment about people on reddit for the most part having no idea what it is still stands.
<fluffypony>
Reddit is a breeding ground for groupthink
<fluffypony>
"this meme is upvoted therefore it is funny"
<bramc>
On slashdot you can change the values of different kinds of upvotes. I found that changing 'funny' from +1 to -5 did wonders for the quality of conversation
<bramc>
although at this point I haven't read any slashdot conversation in literally years
<bramc>
Since the torch of being the internet's sponge has been passed on to reddit.
<fluffypony>
phantomcircuit: he means the little flair icon next to his nick on Reddit, took me a few minutes to figure it out too :)
Mably has joined #bitcoin-wizards
Mably is now known as Guest14172
Guest14172 has quit [Client Quit]
<phantomcircuit>
oh
<phantomcircuit>
fluffypony, ha
<oleganza>
gmaxwell: do you mind question about scaling bitcoin using sidechains? I tried to see if we can distribute transactions among hierarchy of sidechains where each additional layer has less hashrate and separate miners (therefore no one needs to validate all transactions in the world), and obviously less valuable transactions (down to "latte payments" on the lowest levels).
<sipa>
oleganza: sounds more like tree chains to me
<oleganza>
However, it looks rather insecure. Because of SPV-only verification (which allows scaling by not looking into txs) allows someone with enough hashrate to not simply double-spend, but actually confiscate coins from lower level into a higher level.
<oleganza>
sipa: is treechain a special case of a sidechain?
<sipa>
no
<sipa>
they are unrelated except by name
Transisto has joined #bitcoin-wizards
<oleganza>
ok, will check them
cluckj has quit [Read error: Connection reset by peer]
bramc has quit [Quit: Leaving]
Mably_ has joined #bitcoin-wizards
<sipa>
sidechains are not directly a means for improving scalability... they offer a means to experiment with new technology without first building a new currency from scratch
cluckj has joined #bitcoin-wizards
gsdgdfs has quit [Ping timeout: 245 seconds]
dgenr8 has quit [Ping timeout: 272 seconds]
<oleganza>
sipa: yeah, my second thought was that merge-mined sidechain with experimental currency competes for miners' resources. When there are enough of them, then there's no problem but if Bitcoin txs become constrained, there might be not spare CPU/bandwidth left for experimental chains.
_test_ has joined #bitcoin-wizards
_test_ has quit [Client Quit]
<oleganza>
and not sufficiently merged-mined sidechain is vulnerable. But for experimental stuff it might be okay.
<gmaxwell>
oleganza: I'm skeptical; for applying 2wp decenteralized sidechains for that issue... the issue with that approach is that .. oh there you go. There are probably small scaling advantages that can come from hitting a couple different tradeoffs (e.g. giving more room for certian truly low value/risk things). The better way that sidechains may help with scaling is creating a venue to test the depl
<gmaxwell>
oyment of technology like fraud proofs which improve scaling.
<gmaxwell>
oleganza: there is an approach to launch mined sidechains to prevent the low hashpower insecurity; you make the chain with low hashpower basically switch to a federated signed block system; basically the failure mode is centeralized instead of directly insecure.
shen_noe has joined #bitcoin-wizards
sparetire has quit [Quit: sparetire]
dgenr8 has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
arubi has quit [Quit: Leaving]
Quanttek has joined #bitcoin-wizards
Transisto has quit [Ping timeout: 272 seconds]
frankenm_ has joined #bitcoin-wizards
Adlai has quit [Ping timeout: 240 seconds]
Mably_ is now known as Mably
arubi_ has joined #bitcoin-wizards
NewLiberty_ has quit [Read error: Connection reset by peer]
NewLiberty_ has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
Quanttek has quit [Ping timeout: 256 seconds]
fanquake has quit [Quit: Leaving.]
moa has joined #bitcoin-wizards
Relos1 has joined #bitcoin-wizards
Adlai has joined #bitcoin-wizards
frankenm_ has quit [Remote host closed the connection]
frankenmint has joined #bitcoin-wizards
dc17523be3 has quit [Ping timeout: 244 seconds]
dc17523be3 has joined #bitcoin-wizards
Adlai has quit [Ping timeout: 252 seconds]
Adlai has joined #bitcoin-wizards
gill3s has joined #bitcoin-wizards
Logicwax has quit [Ping timeout: 240 seconds]
terpo has joined #bitcoin-wizards
hashtag has quit [Ping timeout: 244 seconds]
Adlai has quit [Ping timeout: 264 seconds]
fabianfabian has joined #bitcoin-wizards
CoinMuncher has joined #bitcoin-wizards
Logicwax has joined #bitcoin-wizards
fabianfabian has quit [Quit: why]
llllllllll has joined #bitcoin-wizards
jtimon has joined #bitcoin-wizards
Adlai has joined #bitcoin-wizards
dEBRUYNE_ has joined #bitcoin-wizards
shen_noe has quit [Quit: -a- Connection Timed Out]
shen_noe has joined #bitcoin-wizards
dEBRUYNE has quit [Ping timeout: 272 seconds]
Adlai has quit [Ping timeout: 250 seconds]
jhogan42 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
Adlai has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
DougieBot5000 has quit [Quit: Leaving]
Adlai has quit [Ping timeout: 256 seconds]
oleganza has joined #bitcoin-wizards
bsm117532 has joined #bitcoin-wizards
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
Adlai has joined #bitcoin-wizards
gill3s has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
frankenmint has left #bitcoin-wizards [#bitcoin-wizards]
Adlai has quit [Ping timeout: 264 seconds]
p15 has quit [Max SendQ exceeded]
[1]LeMiner has joined #bitcoin-wizards
p15 has joined #bitcoin-wizards
LeMiner has quit [Disconnected by services]
[1]LeMiner is now known as LeMiner
LeMiner has quit [Changing host]
LeMiner has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
orperelman has joined #bitcoin-wizards
delitzer has quit [Quit: delitzer]
damethos has joined #bitcoin-wizards
damethos has quit [Client Quit]
damethos has joined #bitcoin-wizards
paveljanik has quit [Quit: Leaving]
antgreen has joined #bitcoin-wizards
antgreen has quit [Remote host closed the connection]
delitzer_ has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
paveljanik has quit [Remote host closed the connection]
moa has quit [Quit: Leaving.]
Adlai has joined #bitcoin-wizards
SDCDev has joined #bitcoin-wizards
GAit has quit [Read error: Connection reset by peer]
GAit has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
fanquake has joined #bitcoin-wizards
SDCDev has quit [Ping timeout: 246 seconds]
instagibbs has joined #bitcoin-wizards
Adlai has quit [Ping timeout: 245 seconds]
uydxhc has joined #bitcoin-wizards
gill3s has joined #bitcoin-wizards
Adlai has joined #bitcoin-wizards
Adlai has quit [Ping timeout: 240 seconds]
Adlai has joined #bitcoin-wizards
frankenm_ has joined #bitcoin-wizards
droark has joined #bitcoin-wizards
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
hearn has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
hearn has quit [Client Quit]
<instagibbs>
Luke-Jr: That link you posted "I'm too tired" is actually quite indicative of the joe-redditor public vs people who have thought about the issues. They are ready and willing to anoint a small class of people who can actually validate the blockchain, as long as their SPV wallets don't freak out and break.
<instagibbs>
They've already given up their vote, so you have to extrapolate to some dire future that they can't imagine because they haven't sat and thought about why it probably isn't ok.
Quanttek has joined #bitcoin-wizards
<instagibbs>
Pointing to Paypal and asking why it isn't the internet money is a starting point maybe.
prodatalab_ has joined #bitcoin-wizards
Adlai has quit [Quit: Insufficient entropy for sufficient reason]
arubi_ has quit [Quit: Leaving]
prodatalab has quit [Ping timeout: 265 seconds]
shen_noe has quit [Quit: AndroidIrc Disconnecting]
orperelman has quit [Ping timeout: 255 seconds]
SDCDev has joined #bitcoin-wizards
arubi_ has joined #bitcoin-wizards
instagibbs has quit [Quit: Page closed]
Guyver2 has quit [Ping timeout: 264 seconds]
ozanyurt has joined #bitcoin-wizards
hashtag has joined #bitcoin-wizards
p15 has quit [Max SendQ exceeded]
p15 has joined #bitcoin-wizards
zooko has joined #bitcoin-wizards
p15 has quit [Max SendQ exceeded]
delitzer_ has quit [Quit: delitzer_]
<jgarzik>
The "side chains" terminology bugs me (even though I recognize the horse has already left the barn, there)
p15 has joined #bitcoin-wizards
delitzer has joined #bitcoin-wizards
<jgarzik>
gmaxwell, maybe Side Chains(tm) doesn't help with scaling. side chains (uncapitalized) do. It is far better to put all-the-MSFT-trades on (a) a side chain, rather than (b) an alt-chain disconnected from bitcoin or (c) bitcoin main chain.
<jgarzik>
by side chains (uncapitalized) I include merged mining, chaindb, and any other chain tech (factom?) that stores anchors in the main chain.
instagibbs has joined #bitcoin-wizards
[1]LeMiner has joined #bitcoin-wizards
LeMiner has quit [Disconnected by services]
[1]LeMiner is now known as LeMiner
LeMiner has quit [Changing host]
LeMiner has joined #bitcoin-wizards
<instagibbs>
What's your reasoning with that jeff? I don't see any scaling advantage with merge-mining alts vs Side Chains(TM) (Assuming that's what you meant)
Guest90218 has quit [Quit: No Ping reply in 180 seconds.]
maaku has joined #bitcoin-wizards
maaku is now known as Guest20852
<jgarzik>
instagibbs, gmaxwell was brushing away possibly scaling advantages to a main chain+Side Chains system. I argue there -are- scaling advantages with side chains (a set which includes Side Chains).
<instagibbs>
Are you calling namecoin a side chain? I forget what your definition was :P
hearn has joined #bitcoin-wizards
[1]LeMiner has joined #bitcoin-wizards
LeMiner has quit [Disconnected by services]
[1]LeMiner is now known as LeMiner
LeMiner has quit [Changing host]
LeMiner has joined #bitcoin-wizards
<jgarzik>
instagibbs, correct
<jgarzik>
instagibbs, my definition of side chain is any chain linked to the bitcoin main chain, borrowing the main chain's hash security in some way.
<jgarzik>
that sweeping definition includes Side Chains, merged mined, chaindb and similar efforts.
prodatalab_ has quit [Ping timeout: 246 seconds]
<instagibbs>
they all "scale" in certain ways, you just have to reason about centralization pressures. Which is what we really mean naturally.
<instagibbs>
but largely agreed
<jgarzik>
instagibbs, the larger content is addressing projects that want to put all-the-worlds-stock-trades on the main chain. Addressing those folks, not gmaxwell, I contend side chains are a solution that the main chain is not.
zooko` has joined #bitcoin-wizards
droark has quit [Ping timeout: 240 seconds]
<jgarzik>
That's scaling comparison being made
zooko has quit [Ping timeout: 256 seconds]
<jgarzik>
Part of the block size debate context is about whether or not we are encouraging people to build on top of bitcoin & blockchain for their projects. Will businesses and individuals see a scaling limit and simply not bother with bitcoin at all? That is the big existential question surrounding block size. Some of those projects are storing non-currency data such as stock trades.
<jgarzik>
Not theory - for a while, Overstock.com was looking to use Counterparty -- an on-main-chain tech -- to handle settlement of their stock trades.
<jgarzik>
Simple raw numbers were beyond the blockchain capacity, for that app alone
zooko` has quit [Remote host closed the connection]
<instagibbs>
Understood. Merge-mined coins give mining centralization pressure, which was mostly my question about what you meant.
<instagibbs>
Questions of security wins aside, Factom/etc sound fine.
<jgarzik>
I sum it all up as the "internet of chains" Predicting a world where bitcoin is the root of a forest of chains of all shapes, sizes & technologies
<jgarzik>
Economics of security incentivize the root to be bitcoin
justanotheruser has quit [Ping timeout: 244 seconds]
<instagibbs>
*2 years later* oh shit everyone is on a 0.5 second blocktime merge-mined sidechain *it all burns down* (joking.... mostly)
uydxhc has quit [Ping timeout: 256 seconds]
antgreen has joined #bitcoin-wizards
justanotheruser has joined #bitcoin-wizards
fanquake has quit [Quit: Leaving.]
uydxhc has joined #bitcoin-wizards
bsm117532 has quit [Quit: Leaving.]
delitzer has quit [Quit: delitzer]
p15 has quit [Max SendQ exceeded]
p15 has joined #bitcoin-wizards
<kanzure>
jgarzik: it's not just "hash security" that sidechains borrow, but also a sort of security enforced by physical bitcoin currency scarcity as well
StephenM347 has joined #bitcoin-wizards
<kanzure>
i have been wondering about what sort of response to give those who argue that even with payment channels that there could only be a finite number of payment channels because transaction inclusion scarcity
<jgarzik>
kanzure, nod
<kanzure>
ultimately i think transaction inclusion could be shifted around between multiple payment channels or hubs
<jgarzik>
("nod" RE first sentence)
<kanzure>
if you imagine a super-constrained blockchain that only does 10 transactions per block, clearly there can at most be 10 different payment hubs getting their transaction included there... hmm.
<kanzure>
i'm p. sure i'm forgetting a reason why this is not a problem
uydxhc has quit [Quit: Leaving]
uydxhc has joined #bitcoin-wizards
<instagibbs>
um, you mean only 5(?) channels could be set up/closed per block
<StephenM347>
kanzure: I believe each hub-spoke pair needs to open their payment channel and close it with a real transaction on the blockchain
<kanzure>
perhaps everyone will just find incentives for merging groups of transactions together, and the transaction fees will compete on the network. so how long can someone jam the network by paying extremely high fees to prevent other hub-aggregate transactions from happening?
<kanzure>
StephenM347: i'm assuming that we can work around that with clever moon math :grin:
<instagibbs>
With the payment channel paradigm you can start talking about "number of entities served" rather than discrete financial transactions. You still have an upper-limite(sans moonmath)
<kanzure>
i would like to eventually see realistic proposals for how to summarize millions, billions and then trillions of daily transactions. clearly we can't have a million payment channels per block.
<kanzure>
or rather, i mean, we can't have a million traditional payment channels per block
justanotheruser has quit [Ping timeout: 256 seconds]
uydxhc has quit [Quit: Leaving]
uydxhc has joined #bitcoin-wizards
justanotheruser has joined #bitcoin-wizards
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
hearn has joined #bitcoin-wizards
terpo has quit []
shen_noe has joined #bitcoin-wizards
instagibbs has quit [Quit: Page closed]
uydxhc has quit [Quit: Leaving]
shen_noe has left #bitcoin-wizards [#bitcoin-wizards]
LeMiner has quit [Read error: Connection reset by peer]
LeMiner has joined #bitcoin-wizards
wallet421 has joined #bitcoin-wizards
wallet421 has joined #bitcoin-wizards
wallet42 has quit [Killed (hobana.freenode.net (Nickname regained by services))]
wallet421 is now known as wallet42
mpmcsweeney has joined #bitcoin-wizards
mpmcsweeney has quit [Client Quit]
lclc has joined #bitcoin-wizards
gielbier has quit [Ping timeout: 252 seconds]
NewLiberty has joined #bitcoin-wizards
* fluffypony
can't keep up with the mails
oleganza has quit [Ping timeout: 240 seconds]
NewLiberty_ has quit [Ping timeout: 255 seconds]
<kanzure>
"please email me directly because i can't keep up with sources x, y, and z".. well, then i doubt redirecting the firehose into your mailbox will increase your personal capacity either.
<fluffypony>
lol
<fluffypony>
I liked Dave Hudson's way of positioning it in knowns vs. unknowns
frankenm_ has quit [Remote host closed the connection]
frankenmint has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
lclc has quit [Ping timeout: 276 seconds]
NkWsy has quit [Remote host closed the connection]
oleganza has quit [Ping timeout: 272 seconds]
d1ggy has joined #bitcoin-wizards
<Luke-Jr>
jgarzik: I was trying to encourage "daughter chains" months ago
d1ggy_ has quit [Ping timeout: 240 seconds]
antanst has joined #bitcoin-wizards
binaryatrocity has quit [Quit: No Ping reply in 180 seconds.]
binaryatrocity has joined #bitcoin-wizards
<jgarzik>
Luke-Jr, hmmm, maybe child-chain is a decent term, indeed
wallet421 has joined #bitcoin-wizards
wallet421 has quit [Changing host]
wallet421 has joined #bitcoin-wizards
wallet42 has quit [Killed (orwell.freenode.net (Nickname regained by services))]
<jgarzik>
parent-child relationships are familiar with computer science, and seem to apply here
<zooko>
I always wondered what determined which one was on top.
<zooko>
When I heard about parent and child chains.
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
<Luke-Jr>
zooko: the one tokens are coming from
delitzer_ has joined #bitcoin-wizards
<kanzure>
that is a good answer
<jgarzik>
the root of security
<jgarzik>
not token-based
<petertodd>
zooko: I prefer comrad-chains and party-member-chains myself, but I am a dirty commie
<jgarzik>
bitcoin can be secured to secure MyAppCoinToken. If the security is borrowed from the main chain, bitcoin is the parent and MyAppCoin is the child.
<jgarzik>
*can be used to
c-cex-yuriy has joined #bitcoin-wizards
<zooko>
Luke-Jr: but tokens can come from both chains and go to the other.
<zooko>
jgarzik: --^
<zooko>
jgarzik: likewise, it seems to me that the two security guarantees are different, perhaps complementary, and probably incomparable, not that one is obviously the parent and the other the child.
<zooko>
No big deal, it doesn't matter much to me what we call them.
Emcy_ has quit [Ping timeout: 264 seconds]
adam3us has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
<jgarzik>
zooko, you can create a circular relationship, yes
<jgarzik>
zooko, that structure does not appear when using bitcoin as the root chain
<zooko>
Huh. I've been pondering using some side-chains technology, and in my mind one blockchain is neither the sole source of tokens nor the sole source of security.
<zooko>
So I would find it weird to call that one the "parent", but whatever.
delitzer_ has quit [Quit: delitzer_]
<zooko>
We can at least agree that it is older. ;-)
<zooko>
Anyway, I'm not currently moving ahead with that side-chains work, so it is moot.
<zooko>
Gotta run!
<jgarzik>
zooko, Without the bitcoin main chain, you don't have security
<zooko>
jgarzik: you don't know anything about this putative other chain, right? So you're just asserting that the bitcoin main chain is the only possible thing that has security?
<jgarzik>
zooko, no
<jgarzik>
zooko, I'm asserting it has the strongest security, versus other existing technologies
<zooko>
Okay.
<jgarzik>
security is additive [usually...]
<zooko>
My only objection to the terminology of "parent and child" is that people may have different opinions about which chain has the most or best kind of security.
<zooko>
If we just use symmetric terminology, then we can keep the terminology separate from those opinions.
<jgarzik>
I arbitrarily declare the terminology works for me ;p
<zooko>
:-)
<zooko>
Gotta run!
<zooko>
Cheerse.
zooko has quit [Quit: ERC Version 5.3 (IRC client for Emacs)]
<sipa>
azariah: no, that is just scajar multiplication; you need group multiplication
xenog has quit [Quit: Leaving.]
<Luke-Jr>
someone raised the point that we could go ahead with the scheduled 20 MB hardfork today, and decide next January what lower limit to softfork it to; I think this isn't a terrible idea; others' thoughts?
SDCDev has quit [Ping timeout: 240 seconds]
felipelalli has joined #bitcoin-wizards
<sipa>
except you need miner cooperation for a softfork
<sipa>
specifically, only a majority of them
<Luke-Jr>
sipa: only partly. if the softfork is 2 months before the scheduled hardfork, lots of nodes will have upgraded to ~0.13 before miners could exploit it
adam3us1 has joined #bitcoin-wizards
adam3us has quit [Ping timeout: 256 seconds]
adam3us has joined #bitcoin-wizards
adam3us1 has quit [Ping timeout: 264 seconds]
gill3s has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<deego>
Don't most drastic proposals go through BIPs and the ensuing peer review? Was there a BIP created for the proposed block size increase?
<deego>
gavinandresen: ^^
Relos1 has quit [Ping timeout: 250 seconds]
<azariah>
sipa: ah cool, so secp256k1_ecmult ? if so, what secp256k1_context_t would make sense for usage in generating secret in ECDH?
Relos1 has joined #bitcoin-wizards
<jgarzik>
deego, in general yes
<gavinandresen>
deego: best process for BIP is: write code, convince yourself it works. Get consensus, let other people run/examine your code. THEN formalize it in a BIP, do a pull request, etc...
<jgarzik>
deego, however the technical aspects of the change are pretty simple, and a BIP would take two seconds to write
<deego>
ah
Relos1 is now known as Relos
<jgarzik>
deego, the "IETF way" prefers code first
<sipa>
azariah: rtfm
<sipa>
azariah: however, ecmult is not constant time, and has no side channel attack protections
<deego>
thanks
<Luke-Jr>
gavinandresen: well, [part of] the point of BIPs is peer review; so don't put it off until you'd be disappointed if people suggest changes..
<sipa>
azariah: so it would not be the best choice for ECDH, where the passed in scalar is secret
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
<deego>
yeah, wanting to ask what Luke-Jr said. Wouldn't a BIP and ensuing peer discussion be a proper forum than this public popularity contest?
<deego>
.. among redditors and people like me who don't understand any of this.
frankenmint has left #bitcoin-wizards [#bitcoin-wizards]
kmels has joined #bitcoin-wizards
blackwraith has joined #bitcoin-wizards
<azariah>
sipa: ok, that's good to know. couldn't find manual / docs in the repo, is some available elsewhere?
Mably has joined #bitcoin-wizards
<theymos>
Luke-Jr: How would a softfork block size decrease work? If you're just trusting that miners won't build off of too-large blocks, then that's basically letting miners do whatever they want. If nodes ignore the too-big block, then that's a hard fork. If they accept it locally but refuse to relay it, then I think this breaks global convergence to a single chain.
<deego>
(I get it that the /mechanics of the change/ is rather trivial, like jgarzik said.)
priidu has quit [Ping timeout: 240 seconds]
orperelman has joined #bitcoin-wizards
<sipa>
azariah: all comments about usafe are in secp256k1.h
<gavinandresen>
deego: peer review is happening now on the bitcoin-development list, same place a BIP would be discussed.
<deego>
gavinandresen: ah, glad to hear that.
blackwraith has quit [Ping timeout: 240 seconds]
<Luke-Jr>
theymos: the same way any softfork works: nodes update making the rules more strict, and as long as >50% of miners are included in this, the old clients will converge as the now-invalid blocks are found stale
tcrypt has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
hulkhogan_ has quit [Ping timeout: 244 seconds]
hulkhogan_ has joined #bitcoin-wizards
hulkhogan_ has quit [Changing host]
hulkhogan_ has joined #bitcoin-wizards
hulkhogan_ has joined #bitcoin-wizards
<theymos>
Luke-Jr: So would that softfork down to a lower size become permanent rule after it's enforced by miners? Bring it to 20 MB, see if this significantly increases spam, and reduce it if necessary?
nuke1989 has joined #bitcoin-wizards
<Luke-Jr>
theymos: well, to be effective, the reduction needs to occur before the increase takes effect
nubbins` has quit [Quit: Quit]
<Luke-Jr>
but it would mean we could make the final decision ~2 months before the change, rather than 1 year out
<theymos>
Oh, I see.
adam3us has quit [Quit: Leaving.]
arubi_ has joined #bitcoin-wizards
<theymos>
Seems like a good option to keep in mind.
bitstein has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
<azariah>
sipa: cool, thanks for the help!
jeremyrubin has quit [Remote host closed the connection]
adam3us has joined #bitcoin-wizards
shen_noe has joined #bitcoin-wizards
wallet42 has quit [Ping timeout: 240 seconds]
shen_noe has quit [Client Quit]
wallet42 has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
p15 has quit [Max SendQ exceeded]
dc17523be3 has quit [Ping timeout: 240 seconds]
p15 has joined #bitcoin-wizards
dc17523be3 has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
jeremyrubin has joined #bitcoin-wizards
NkWsy has quit [Ping timeout: 272 seconds]
uydxhc has joined #bitcoin-wizards
rusty has quit [Ping timeout: 265 seconds]
priidu has quit [Ping timeout: 245 seconds]
CoinMuncher has quit [Quit: Leaving.]
rusty has joined #bitcoin-wizards
gill3s has joined #bitcoin-wizards
adam3us has quit [Quit: Leaving.]
rusty has quit [Ping timeout: 250 seconds]
dignork- is now known as dignork
ThomasV has joined #bitcoin-wizards
uydxhc has quit [Quit: Leaving]
melvster has quit [Remote host closed the connection]
frankenm_ has joined #bitcoin-wizards
GGuyZ has joined #bitcoin-wizards
melvster has joined #bitcoin-wizards
erasmospunk has joined #bitcoin-wizards
frankenm_ has left #bitcoin-wizards [#bitcoin-wizards]
NewLiberty_ has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 256 seconds]
orperelman has quit [Ping timeout: 276 seconds]
orperelman has joined #bitcoin-wizards
NkWsy has joined #bitcoin-wizards
damethos has quit [Quit: Bye]
binaryFate has joined #bitcoin-wizards
gill3s has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
GGuyZ has quit [Read error: Connection reset by peer]
GGuyZ has joined #bitcoin-wizards
ghtdak has joined #bitcoin-wizards
uydxhc has joined #bitcoin-wizards
ghtdak has left #bitcoin-wizards [#bitcoin-wizards]
Starduster_ has joined #bitcoin-wizards
Starduster has quit [Ping timeout: 240 seconds]
<amiller>
does anyone know if there have been any altcoins that "schismd"?
Starduster has joined #bitcoin-wizards
<amiller>
as in, didn't death spiral, didn't just have someone make a clone of their code, but actually split into two separate networks where people who originally had coins now each have a coin on each of the separate views
blackwraith has joined #bitcoin-wizards
orperelman has quit [Ping timeout: 245 seconds]
Starduster_ has quit [Ping timeout: 240 seconds]
<kanzure>
does testnet1, testnet2 and testnet3 count?
<amiller>
hm
<amiller>
if that's the best example, then maybe
<amiller>
i wonder if you can have a coin that can merge mine forks of itself
priidu has quit [Ping timeout: 276 seconds]
ryanxcharles has joined #bitcoin-wizards
wallet42 has quit [Ping timeout: 256 seconds]
hashtag has quit [Ping timeout: 240 seconds]
Adlai has joined #bitcoin-wizards
sausage_factory has joined #bitcoin-wizards
sausage_factory has quit [Max SendQ exceeded]
blackwraith has quit [Ping timeout: 246 seconds]
dansmith_btc has quit [Remote host closed the connection]
jeremyrubin has quit [Remote host closed the connection]
dansmith_btc has joined #bitcoin-wizards
hashtag has joined #bitcoin-wizards
justanotheruser has quit [Ping timeout: 255 seconds]
hashtag has quit [Max SendQ exceeded]
hashtag has joined #bitcoin-wizards
hashtag has quit [Max SendQ exceeded]
hashtag has joined #bitcoin-wizards
zooko has joined #bitcoin-wizards
jhogan42 has joined #bitcoin-wizards
<Luke-Jr>
amiller: if you could do that, wouldn't you introduce the nothing-at-stake problem somewhat (despite it being PoW)?
<amiller>
yes i think so
NewLiberty has joined #bitcoin-wizards
<jgarzik>
amiller, can't think of any examples. the "keep 50 BTC forever" fork lasted a few days
NewLiberty_ has quit [Ping timeout: 265 seconds]
Yoghurt1114 has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 244 seconds]
justanotheruser has joined #bitcoin-wizards
sparetire has joined #bitcoin-wizards
<stonecoldpat>
amiller: ive been having a similar thought recently - but more to do with the future of bitcoin and countries trying to regulate it - so countries enforce their own fork of the blockchain - so 2, 3 or 10 are running parallel
jtimon has quit [Ping timeout: 250 seconds]
jojo_ has joined #bitcoin-wizards
<stonecoldpat>
so if u lived in country A and wanted to visit country B, would u need to purchase coins from their fork before visiting - although as a disclaimer these are merely thoughts i have on the train
Jaamg has joined #bitcoin-wizards
prodatalab has joined #bitcoin-wizards
gielbier has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
hashtagg has joined #bitcoin-wizards
hashtag_ has quit [Ping timeout: 244 seconds]
zooko has quit [Remote host closed the connection]
jojo_ has quit [Quit: Page closed]
priidu has joined #bitcoin-wizards
skullum has joined #bitcoin-wizards
Yoghurt1114 has quit [Ping timeout: 272 seconds]
rusty has quit [Ping timeout: 246 seconds]
ThomasV has joined #bitcoin-wizards
oleganza has quit [Ping timeout: 245 seconds]
uydxhc has quit [Quit: Leaving]
zooko has joined #bitcoin-wizards
uydxhc has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
belcher has joined #bitcoin-wizards
belcher has joined #bitcoin-wizards
Mably has quit [Read error: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac]
Mably has joined #bitcoin-wizards
xabbix_ has joined #bitcoin-wizards
xabbix_ has quit [Remote host closed the connection]
yoleaux has quit [Remote host closed the connection]
yoleaux has joined #bitcoin-wizards
SDCDev has joined #bitcoin-wizards
ozanyurt has quit [Ping timeout: 244 seconds]
uydxhc has quit [Quit: Leaving]
sickpig has joined #bitcoin-wizards
LeMiner has quit [Read error: Connection reset by peer]
LeMiner has joined #bitcoin-wizards
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
Starduster has quit []
erasmospunk has quit [Remote host closed the connection]
Starduster has joined #bitcoin-wizards
oleganza has quit [Ping timeout: 276 seconds]
hearn has joined #bitcoin-wizards
shen_noe has joined #bitcoin-wizards
ozanyurt has joined #bitcoin-wizards
oleganza has joined #bitcoin-wizards
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]