wumpus changed the topic of #bitcoin-wizards to: This channel is is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
rusty has joined #bitcoin-wizards
p15 has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 246 seconds]
* Adlai
floats a hypothesis: the only way blocksize can increase (noncoercively) is for a miner with sufficient profit margins to willingly produce larger-than-consensus orphans as an unfakable vote
<Adlai>
this is only +EV when the transaction backlog pushes fees to the point where a couple dozen orphans are worth the future payoff from raising the consensus size limit
<phantomcircuit>
Adlai, that's sort of like the suggestion for flexcap
<rusty>
Adlai: that would seem to have the classic logjam properties that I do the work, we all benefit.
<phantomcircuit>
which is, to produce a larger block you need to commit to producing a block with a lower target (ie harder to produce)
jtimon has quit [Ping timeout: 256 seconds]
<Adlai>
phantomcircuit: oh, i like that one
<phantomcircuit>
if you do that you can produce a larger block than the current limit
<phantomcircuit>
that part is actually really easy to implement
<Adlai>
implement, sure. mine on it with hard-earned hardware? let's wait and see...
<phantomcircuit>
but then you want to do things like have the limit be the average of the previous 2016 blocks or something so that they dont have to always do that
<phantomcircuit>
which gets expensive rapidly
hazirafel has joined #bitcoin-wizards
<Adlai>
... why? why not let game theory develop a practical counterpart?
<phantomcircuit>
Adlai, you cant do a linear trade off otherwise someone with 1% of the mining power sets their target 1000x and waits to get lucky with a block that crashes the entire network
<Adlai>
phantomcircuit: who cares if one miner gets "lucky"?
* Adlai
wants to see a retargetwindow'sworth of orphaned blocks before raising his defaults
AaronvanW has joined #bitcoin-wizards
<hazirafel>
novv\\\\\\\bb
<hazirafel>
sorry.
<hazirafel>
vv
<hazirafel>
lol
<Adlai>
welcome to #b-w.
<hazirafel>
yay for everyone
* Adlai
appends his jacktheripper db
Dizzle has quit [Quit: leaving for a bit]
<hazirafel>
don't kill me for being a bear price concerened bitcoiner . who's gonna pay for shit?
snthsnth has quit [Ping timeout: 265 seconds]
belcher has quit [Quit: Leaving]
dEBRUYNE has quit [Ping timeout: 246 seconds]
veleiro has joined #bitcoin-wizards
zooko has joined #bitcoin-wizards
<dgenr8>
kang_: satoshi's design is that bitcoin becomes more valuable to offset the gradual lost subsidy.
<dgenr8>
kang_: the main way to help it become more valuable is to help it be more widely used
<rusty>
dgenr8: no, his suggestion in the original whitepaper was that fees offset subsidy.
<rusty>
dgenr8: otherwise the subsidy wouldn't go to zero.
<veleiro>
who cares what satoshi thinks, think for yourself! do you want a global payments system, or do you want an uncensorable currency?
<veleiro>
what takes place over everything else?
<c0rw1n>
uncensorable global payment currency system ?
<veleiro>
c0rw1n: haha, but you have to ask yourself, which of those are you willing to give up in place of the other?
<c0rw1n>
if it's uncensorable nothing prevents it from being global
<c0rw1n>
so that takes precedence
<rusty>
veleiro: the expectations of users are important, and so it's worth correcting misinterpretations when that's involved.
<veleiro>
rusty: what misinterpretations do you mean?
<rusty>
veleiro: dgenr8's comment I was replying to, which you were indirectly replying to.
snthsnth has joined #bitcoin-wizards
p15 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
arubi has quit [Ping timeout: 240 seconds]
jaekwon has quit [Remote host closed the connection]
arubi has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 252 seconds]
GGuyZ has quit [Quit: GGuyZ]
zooko has quit [Ping timeout: 246 seconds]
sparetire_ has quit [Quit: sparetire_]
Dr-G has joined #bitcoin-wizards
p15 has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 246 seconds]
TheDarkLord has joined #bitcoin-wizards
Dr-G2 has quit [Ping timeout: 250 seconds]
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
<livegnik>
I assume this has probably been discussed. Can anyone here provide me with a link / some thoughts on it?
<Adlai>
livegnik: what kind of pathetic excuse for a solution is that
snthsnth has joined #bitcoin-wizards
<Adlai>
i mean, what kind of pathetic attempt at appeal to authoritarianist excuse for a solution is that
<livegnik>
I don't know, you tell me.
<Adlai>
ok, here's a rough tough off-the-cuff attempt: the economic supermajority of bitcoin ownership has implicitly asserted its acceptance of 1mb-blocksize-bitcoin-economics, and it would violate that social contract to implement the offhand sillyness espoused in that link
<livegnik>
I was thinking that maybe it could be combined with some sort of a curve that gradually grows along with Moore's law, but I'm not much of a coder and couldn't get my question answered elsewhere, therefore I'm coming to you with this.
<Adlai>
"coming to you" would be /msg, this is coming to an entire irc channel. try #bitcoin or pm.
<livegnik>
Ah. The consensus regarding the social contract. Thank you.
Quanttek has quit [Ping timeout: 255 seconds]
K1NGREX has quit [Remote host closed the connection]
veleiro has quit [Read error: Connection reset by peer]
veleiro has joined #bitcoin-wizards
King_Rex has joined #bitcoin-wizards
p15_ has joined #bitcoin-wizards
p15 has quit [Ping timeout: 244 seconds]
King_Rex has quit [Remote host closed the connection]
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
c0rw1n is now known as c0rw|zZz
<dgenr8>
rusty: no worries there. today's fees are already more than the subsidy will be in 2040, with another hundred years to go
jaekwon has quit [Remote host closed the connection]
<kanzure>
Adlai: i think you can make arguments much stronger than those about "social contracts"
<Adlai>
go on
<kanzure>
well, quite trivially, that moore's law is not a law
<kanzure>
no need to resort to social contract handwavium
vmatekol_ has quit [Ping timeout: 245 seconds]
[7] has quit [Disconnected by services]
TheSeven has joined #bitcoin-wizards
* Adlai
mutters something about the "social 'contract'"
TheDarkLord has joined #bitcoin-wizards
TheDarkLord has quit [Ping timeout: 246 seconds]
<moa>
'social contract' conjures up imagery of 'socially contracted ...." malaise of one type or another
luke-jr_ has joined #bitcoin-wizards
Luke-Jr has quit [Ping timeout: 244 seconds]
luke-jr_ is now known as Luke-Jr
GGuyZ has joined #bitcoin-wizards
spinza has quit [Ping timeout: 265 seconds]
BitName has quit [Ping timeout: 255 seconds]
spinza has joined #bitcoin-wizards
p15x has quit [Max SendQ exceeded]
p15x has joined #bitcoin-wizards
GGuyZ has quit [Quit: GGuyZ]
kisspunch has quit [Ping timeout: 244 seconds]
kisspunch has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
TheDarkLord has joined #bitcoin-wizards
TheDarkLord has quit [Ping timeout: 265 seconds]
NLNico has quit [Ping timeout: 264 seconds]
TheDarkLord has joined #bitcoin-wizards
TheDarkLord has quit [Remote host closed the connection]
NLNico has joined #bitcoin-wizards
mjerr has joined #bitcoin-wizards
xabbix has quit [Ping timeout: 256 seconds]
p15_ has quit [Ping timeout: 250 seconds]
ThomasV has quit [Ping timeout: 244 seconds]
Casper- has joined #bitcoin-wizards
DougieBot5000 has quit [Quit: Leaving]
p15 has joined #bitcoin-wizards
kang_ has joined #bitcoin-wizards
GAit has joined #bitcoin-wizards
rusty has quit [Ping timeout: 240 seconds]
veleiro has quit [Ping timeout: 260 seconds]
veleiro has joined #bitcoin-wizards
kang_ has quit [Remote host closed the connection]
bedeho has quit [Ping timeout: 245 seconds]
MarketingGuru has joined #bitcoin-wizards
TheDarkLord has joined #bitcoin-wizards
TheDarkLord has quit [Ping timeout: 256 seconds]
paci has quit [Quit: Leaving]
rustyn has joined #bitcoin-wizards
Mably has joined #bitcoin-wizards
paci has joined #bitcoin-wizards
TheDarkLord has joined #bitcoin-wizards
kang_ has joined #bitcoin-wizards
drwin has quit []
drwin has joined #bitcoin-wizards
TheDarkLord has quit [Ping timeout: 260 seconds]
isis has joined #bitcoin-wizards
jtimon has joined #bitcoin-wizards
User has joined #bitcoin-wizards
User is now known as Guest69792
gill3s has joined #bitcoin-wizards
Guest69792 is now known as BitName
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 246 seconds]
AaronvanW has joined #bitcoin-wizards
melvster1 has quit [Ping timeout: 244 seconds]
kang_ has quit [Remote host closed the connection]
Dr-G2 has joined #bitcoin-wizards
Dr-G has quit [Disconnected by services]
King_Rex has joined #bitcoin-wizards
tripleslash_l has joined #bitcoin-wizards
melvster1 has joined #bitcoin-wizards
MarketingGuru has quit [Read error: Connection reset by peer]
drwin has quit [Ping timeout: 240 seconds]
drwin has joined #bitcoin-wizards
isis has quit [Ping timeout: 240 seconds]
tripleslash has quit [Ping timeout: 240 seconds]
AaronvanW has quit [Remote host closed the connection]
isis has joined #bitcoin-wizards
King_Rex has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
sparetire_ has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
jtimon has quit [Ping timeout: 260 seconds]
TheDarkLord has joined #bitcoin-wizards
TheDarkLord has quit [Ping timeout: 255 seconds]
bildramer has quit [Quit: Chi mai dell'Erebo fra le caligini, sull'orme d'Ercole e di Piritoo conduce il pié?]
dEBRUYNE has joined #bitcoin-wizards
Quanttek has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
bildramer has joined #bitcoin-wizards
c0rw|zZz is now known as c0rw1n
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
GGuyZ has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
chester` has quit []
TheDarkLord has joined #bitcoin-wizards
<fluffypony>
moa: socially contracted diseases?
<fluffypony>
:-P
<fluffypony>
kanzure: I agree re: Moore's non-law, but I also think that there's a lack of understanding that the limit is influenced more by Internet bandwidth limitations and monthly bandwidth caps than by disk space
<fluffypony>
and since there has been a regression in parts of the USA, for instance, where bandwidth caps are "suddenly" a thing, I don't think it can be argued that everyone will magically have unlimited bandwidth all over the world in the next N years
TheDarkLord has quit [Remote host closed the connection]
ThomasV has quit [Ping timeout: 244 seconds]
GGuyZ has quit [Quit: GGuyZ]
<wumpus>
fluffypony: 100% agree. Even if moore's law would hold indefinitely for, say, CPU speeds (which is unlikely), there is no worldwide exponential law of bandwidth increase. Geographical concerns are notoriously ugly.
<fluffypony>
I think all the people that don't understand that should come stay with me in South Africa for a month, they'll go back with a changed mind
NLNico has quit [Ping timeout: 260 seconds]
<moa>
it would be great if bandwidth could be incentivised like a sha256(sha256()) such that people would develop whole new ASICs and fab ines to improve
<moa>
.... but alas.
NLNico has joined #bitcoin-wizards
<phantomcircuit>
fluffypony, bandwidth, cpu time, memory, memory bandwidth, hdd space, hdd access times
<phantomcircuit>
all limit total size in various ways
<c0rw1n>
fluffypony: Google is kinda Doing Something About That isn't it
dEBRUYNE has quit [Ping timeout: 246 seconds]
<fluffypony>
phantomcircuit: yeah, but as far as I've ascertained, bandwidth is the biggest limiter atm
<fluffypony>
c0rw1n: well so is Facebook with their big flying wing thing, but neither of those will have any major deployment / impact in the next while
<fluffypony>
and I'm not convinced that they won't heavily restrict data access with them
<c0rw1n>
lol. of course they won't, that would be completely counterproductive to what they're doing
<fluffypony>
yup
King_Rex has joined #bitcoin-wizards
<fluffypony>
but hey, if we can have a Facebook Messaging gossip layer...
<c0rw1n>
if it was like ebay or amzn, they would have an incentive to restrict data to each other; FB ont he other hand, /wants to know which other sites everyone's visiting/
<c0rw1n>
and google is a search engine, so restricting access is diametrically opposed to its basic functionality
<phantomcircuit>
btw you two are disagreeing
<fluffypony>
yes
<fluffypony>
c0rw1n: I'm saying they *will* restrict it
<fluffypony>
either in terms of capacity or fair usage or something
<fluffypony>
not necessarily in terms of "what you can access"
c0rw1n_ has joined #bitcoin-wizards
copumpkin has joined #bitcoin-wizards
StormDev has joined #bitcoin-wizards
c0rw1n has quit [Ping timeout: 246 seconds]
<c0rw1n_>
( sorry, shitty wifi hub temporarily died )
c0rw1n_ is now known as c0rw1n
<fluffypony>
np
<StormDev>
guys where I can find a channel about bitcoin related applications development?
<fluffypony>
StormDev: #bitcoin or #bitcoin-dev should both be able to help with integration questions
<StormDev>
ty Wizard
<phantomcircuit>
fluffypony, lol
<phantomcircuit>
<c0rw1n_> ( sorry, shitty wifi hub temporarily died )
<phantomcircuit>
lol
<fluffypony>
oh the irony!
<c0rw1n>
bah, that specific fail wouldn't be solved by switching isps (even to google), it's in my home network
Casper- has quit [Ping timeout: 245 seconds]
moa has quit [Quit: Leaving.]
Casper- has joined #bitcoin-wizards
Johnny-- has joined #bitcoin-wizards
kang_ has joined #bitcoin-wizards
Casper- has quit [Read error: Connection reset by peer]
Johnny-- has quit [Client Quit]
StormDev has quit [Read error: Connection reset by peer]
StormDev has joined #bitcoin-wizards
Casper- has joined #bitcoin-wizards
eudoxia has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
tripleslash_l is now known as [\\\]
hearn_ has joined #bitcoin-wizards
hearn has quit [Ping timeout: 244 seconds]
hearn_ has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
kang_ has quit [Ping timeout: 246 seconds]
Casper- has quit [Quit: Casper-]
veleiro has quit [Remote host closed the connection]
kang_ has joined #bitcoin-wizards
GGuyZ has joined #bitcoin-wizards
TheDarkLord has joined #bitcoin-wizards
hearn has joined #bitcoin-wizards
TheDarkLord has quit [Ping timeout: 252 seconds]
kang_ has quit [Ping timeout: 246 seconds]
[\\\] has quit [Remote host closed the connection]
kang_ has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
kang_ has quit [Ping timeout: 246 seconds]
p15x has quit [Max SendQ exceeded]
hearn has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
GAit has quit [Read error: Connection reset by peer]
p15x has joined #bitcoin-wizards
GAit has joined #bitcoin-wizards
dEBRUYNE has quit [Ping timeout: 255 seconds]
PaulCapestany has quit [Quit: .]
afk11 has joined #bitcoin-wizards
PaulCapestany has joined #bitcoin-wizards
Huxy- has joined #bitcoin-wizards
b_lumenkraft has joined #bitcoin-wizards
Quanttek has quit [Ping timeout: 264 seconds]
greedfilter has joined #bitcoin-wizards
StormDev has quit [Read error: Connection reset by peer]
dEBRUYNE has joined #bitcoin-wizards
StormDev has joined #bitcoin-wizards
TheDarkLord has joined #bitcoin-wizards
Casper- has joined #bitcoin-wizards
TheDarkLord has quit [Remote host closed the connection]
ThomasV has quit [Ping timeout: 264 seconds]
p15x_ has joined #bitcoin-wizards
p15_ has joined #bitcoin-wizards
p15x has quit [Ping timeout: 250 seconds]
p15 has quit [Ping timeout: 256 seconds]
DougieBot5000 has joined #bitcoin-wizards
NLNico has quit [Ping timeout: 246 seconds]
rubensayshi has joined #bitcoin-wizards
Antitrust has joined #bitcoin-wizards
eudoxia has quit [Read error: Connection reset by peer]
eudoxia_ has joined #bitcoin-wizards
eudoxia_ has quit [Remote host closed the connection]
<fluffypony>
"This is a guest post by Ray Patterson" - would love to know who that is, but meh
<ryan-c>
fluffypony: yeah, wtf
<fluffypony>
still a reasonable overview for those interested in alternative proof systems, hey lmatteis maybe you'll enjoy a reading
<fluffypony>
ryan-c: I can't tell if he's throwing a tantrum or what
<lmatteis>
fluffypony: thanks i'll have a look!
<ryan-c>
speaking of brainwallets
<ryan-c>
I added warpwallet support to brainflayer (have not released it, don't ask me to) and actually found one with a couple dollars in it. Just enough that I can't tell whether someone put it there as bait or thought it was actually secure.
<gmaxwell>
bleh.
gill3s has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<gmaxwell>
yea, see.
<gmaxwell>
fluffypony: more fake names?
<fluffypony>
gmaxwell: definitely
<fluffypony>
can't find a relevant Ray Patterson
<gmaxwell>
Af FC15 andytoshi changed his badge to say "Nicolas Von Saberhagen II"
<gmaxwell>
:P
<fluffypony>
hah hah awesome
<gmaxwell>
ryan-c: Brainwallets are unsafe at any speed, pretty much. :(
<fluffypony>
ryan-c: read an interesting article the other day that REALLY highlighted (to me) just how crappy human entropy is
<fluffypony>
let me get you linkage
<ryan-c>
gmaxwell: Yeah. Diceware keeps the crackers at bay, but then the user is more likely to forget...
<gmaxwell>
yea, there is a nice paper by the author of the really good markov stuff in jtr that talks about how key memorability and key predictability are linked.
<gmaxwell>
also a lot of people just don't get what value the dice provide. "I can be random". "spatula spatula spatula"
<gwillen>
gmaxwell: which is to keep some of the entropy on disk, but not too much to search through, so that as long as you have the file, you can open the wallet in 1-5 seconds, but without it your search time is, say, 24 hours
<zooko>
gwillen: do tell.
<zooko>
fluffypony: I disagree with the "suprising" in that headline.
<gmaxwell>
andytoshi: hah were you carrying thta with you? I have about 0.5 cubic feet of speaker badges in a box. :)
<zooko>
gwillen: neat.
<gwillen>
so you get the benefit of "if you lose the file you don't lose the coins" but you are protected from having your password cracked (at relatively low entropy) by people who don't have it
<gmaxwell>
I keep thinking someday I'll make a really big badge out of other badges.
<zooko>
gwillen: thanks for sharing that idea.
<ryan-c>
andytoshi: i was expecting a chaos camp badge
<andytoshi>
gmaxwell: :P it's in a box with things like foreign bus passes etc "souvenirs"
<gmaxwell>
gwillen: I proposed that for bitcoin core in 2011.
<gwillen>
zooko: I thought it was neat too, I think I saw someone toss it out in a reddit comment and I wish I'd recorded who
<zooko>
lol
<gwillen>
gmaxwell: oh, neat.
<Adlai>
humans are as bad at generating entropy as they are good at mnemonic pegging
<gmaxwell>
Two stage, KDF, e.g. a 100ms one for runtime and a multi minute one if you lose the runtime data.
<ryan-c>
gmaxwell: link? I had the same idea independently.
<ryan-c>
gmaxwell: it's a great idea
<gwillen>
gmaxwell: *nods*
<gmaxwell>
I think it's intutive enough.
<andytoshi>
now that i look, there are a bunch of badges in there..
<gmaxwell>
but even multiple minute kdf doesn't really make "brainwallets" actually safe.
<ryan-c>
I should take a photo of my wall of hacker con badges
<CodeShark>
perhaps with clever steganography brainwallets can be made practical
<ryan-c>
gmaxwell: you can dramatically reduce the passphrase entropy requirements, though
<CodeShark>
i.e. remember the URLs to 10 different arbitrary files
<gwillen>
one thing that's sticky about it is that you need the work factor difference to be REALLY BIG
GGuyZ has quit [Quit: GGuyZ]
<gwillen>
a single added word to a passphrase gives you 12+ bits of additional entropy
<gwillen>
which would of course require a factor of 4096+ in added work to compete with
<fluffypony>
CodeShark: that's not a brainwallet
<fluffypony>
if I give a user 13 words that's a mnemonic
<Adlai>
'phrasewallet'
<fluffypony>
if a users gives me 13 words that's a brainwallet and I guarantee their decision will be shitty
<gmaxwell>
ryan-c: I did tell you that I have a scheme for information theoretically secure threshold delegation. E.g. where the hardend value of your key is something you can only compute with the aid of a threshold of of oracles, but the oracles learn nothing about your key through their participation?
<ryan-c>
I generally say a kdf can add about 20 bits of effective entropy, but if you're willing to have a partial loss case that involves the better part of the day brute forcing some random component to recover from you could maybe get as high as 32 bits added
<CodeShark>
well, right - it's not technically a brainwallet in the sense that the data the user needs to remember is insufficient...you also need files on a network
<fluffypony>
CodeShark: no you don't
<gmaxwell>
(as a compliment to adam's scheme for information theoretically secure delegatable computational hardening)
<ryan-c>
gmaxwell: no, but it doesn't surprise me that such a thing exists.
<fluffypony>
CodeShark: you literally just need those 13 words
<gwillen>
ryan-c: that seems pretty reasonable -- I think you can squeeze a bit more out, but that's pretty close to the limit
<gmaxwell>
ryan-c: it was really hard to come up with, in fact. :) it requires pairing crypto. :)
<fluffypony>
CodeShark: the difference is ONLY in the source of entropy
<CodeShark>
yes, I'm well aware of how that works, fluffypony
<ryan-c>
i actually wrote a file encryption program that does threshold crypto
<ryan-c>
gmaxwell: pairing crypto is pretty cool
<ryan-c>
gmaxwell: I think we previously spoke about using BLS to make a something that's essentially a hash algorithm that proves the generator has some plaintext that results in that value.
<gmaxwell>
right the cryptographic p2sh^2 stuff.
<fluffypony>
CodeShark: you literally just said that it's "not technically a brainwallet" because you "also need files on a network", which is completely incorrect. using a 1626 word wordlist you can generate a 128-bit key with 12 words + a checksum word for good measure.
<gmaxwell>
ryan-c: hope you audited it, two years ago I went through things on github that claimed to be shamir secret sharing and most of them weren't, I wrote to authors and got many of them taken down. :))
<fluffypony>
ryan-c: I'm un-pleasantly surprised at the rare use of SSSS in Bitcoin
<fluffypony>
sad
<ryan-c>
gmaxwell: I looked at the code, it seemed reasonable. It was libgfshare.
<gmaxwell>
okay that one was okay IIRC.
<ryan-c>
gmaxwell: I have an unreleased varient of libgfshare that uses 16 bit symbols instead of 8 bit
<gmaxwell>
fluffypony: I am very plesently surprised.
<gmaxwell>
Most of the time SSS provides only pretextual security against the kind of threat models we normally deal with.
<gmaxwell>
There are quite a few businesses where if you talk about their security process they brag about using SSS and then fall all overthemselves when you ask a probing question about what that actually protects.
<fluffypony>
I like it for storing my seed in multiple locations, and being able to handle "my stuff burnt in a fire" with multiple locations going
<fluffypony>
but yeah
<fluffypony>
I take your point
<TD-Linux>
oh neat, warpwallet uses scrypt, which there are already GPU accelerated versions of! thanks litecoin!
<ryan-c>
gmaxwell: my program was motivated by "hit by a bus" type stuff
<ryan-c>
TD-Linux: No, there aren't.
<ryan-c>
TD-Linux: All scrypt is not equal.
zooko has quit [Ping timeout: 272 seconds]
<gmaxwell>
fluffypony: sure though in that case you can usually achieve _nearly_ the same security using just copies and a memorized simple passphrase. The marginal improvement of the SSS is usually pretty moderate, esp relative to the ritual complexity.
<ryan-c>
TD-Linux: the scrypt parametrization used by warpwallet requires 2048 times as much memory (256MiB) as the what's used in litecoin.
<ryan-c>
gmaxwell: what were people actually using sss for?
<gmaxwell>
well all scrypt has a effective (in ternms of area*time) time memory tradeoffs; but the litecoin parameters are especially bad (probably not by chance-- considering this was pointed out immediately to the person who came up with them)
<ryan-c>
I used it at a previous job to protect the private key for the internal CA
<gmaxwell>
ryan-c: using to protect bitcoin private keys (instead of multisig)
<ryan-c>
gmaxwell: multisig is pretty much a strictly better solution than SSS for bitcoin keys.
<ryan-c>
it's always better if possible
<ryan-c>
i think
<TD-Linux>
yeah, the litecoin ones can fit inside of a modern texture cache
<gmaxwell>
ryan-c: in your kind of case it perhaps better than _nothing_ but .. right strictly inferior to multisig.
<gmaxwell>
(well better than nothing assuming a certant reasonable threat topology.)
GGuyZ has joined #bitcoin-wizards
<gmaxwell>
ryan-c: amusingly RSA can be securely thresholded without a heroic effort. No one bothers. :(
<ryan-c>
gmaxwell: my use case for sss is so that if i die suddenly it will be possible to decrypt my disks and publish anything interesting and non-sensitive
<gmaxwell>
yea, not saying its not useful. Just saying that.. in bitcoin I'm glad to not see more of it, since it's almost always used in lieu of multisig, or where the threat model really is the single person or device that would see the combined data.
<ryan-c>
gmaxwell: I am actually aware of the RSA stuff and would be interested getting an implementation written. I don't think I can do it myself, but I'd throw money at it.
<gmaxwell>
Also it's frequently incorrectly implemented. (also strangly people seem to make their own instead of using libgfshare)
<gmaxwell>
ryan-c: I can send you an implementation, do you like java?
<ryan-c>
gmaxwell: Does anyone *like* java?
<ryan-c>
gmaxwell: I can *read* java. :-P
<gmaxwell>
I like other people to use java.
<fluffypony>
yes
<fluffypony>
that one guy that worked at Reddit
<ryan-c>
gmaxwell: rather than c? sure.
<fluffypony>
oh that was JavaScript, nm
<gmaxwell>
Java is a fantastic language if you have an army of medocre programmers.
<gmaxwell>
Not perfect, but it removes many foot guns and methods for writing 'clever code' than no one else can maintain.
<midnightmagic>
+1
<ryan-c>
gmaxwell: We compromised at work on using groovy with static typing enable wherever possible.
<ryan-c>
also, typescript is great
<gmaxwell>
Wumps is the worlds most active typescript programmer according to github. :P
<ryan-c>
gmaxwell: anyway, yes, please send me that java impl. I'll maybe port it to python.
<ryan-c>
gmaxwell: is this the impl from the guy who wrote the paper about it?
<gmaxwell>
yes.
<ryan-c>
gmaxwell: I asked him for it but he didn't respond. :-(
<gmaxwell>
What is your interest in it?
<ryan-c>
gmaxwell: I wanted to see if it'd be feasible to use it to sign DNSSEC zones.
<gmaxwell>
oh interesting.
chmod755 has left #bitcoin-wizards ["Ex-Chat"]
<ryan-c>
gmaxwell: It got me interested as a potential way of doing a legacy export of data from a decentralized naming system that had better resistance to data tampering, but it would be useful generally.
<ryan-c>
gmaxwell: also possibly the creation of "meta CAs"
<ryan-c>
gmaxwell: you could have a meta CA composed of CAs in several different countries, for example.
ThomasV has quit [Ping timeout: 245 seconds]
Guyver2_ has quit [Quit: :)]
<kanzure>
export from a decentralized system, not to?
nwilcox has quit [Ping timeout: 252 seconds]
rusty has quit [Ping timeout: 255 seconds]
DougieBot5000 has quit [Quit: Leaving]
user7779_ has joined #bitcoin-wizards
c0rw|away is now known as c0rw1n
user7779_ has quit [Client Quit]
user7779078 has quit [Ping timeout: 260 seconds]
Dizzle_ has quit [Remote host closed the connection]
<ryan-c>
kanzure: from
maaku_ is now known as maaku
Mably has quit [Ping timeout: 255 seconds]
nwilcox has joined #bitcoin-wizards
nwilcox has quit [Ping timeout: 246 seconds]
nwilcox has joined #bitcoin-wizards
nwilcox has quit [Ping timeout: 245 seconds]
nwilcox has joined #bitcoin-wizards
nwilcox has quit [Ping timeout: 250 seconds]
nwilcox has joined #bitcoin-wizards
Meeh has quit [Read error: Connection reset by peer]
Meeh has joined #bitcoin-wizards
greedfilter has quit [Quit: Leaving]
lemonpepper24 has quit [Ping timeout: 240 seconds]
nwilcox has quit [Ping timeout: 250 seconds]
jaekwon has quit [Remote host closed the connection]