wumpus changed the topic of #bitcoin-wizards to: This channel is is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
CodeShark has joined #bitcoin-wizards
maraoz has quit [Ping timeout: 246 seconds]
kmels has joined #bitcoin-wizards
Yoghur114 has quit [Remote host closed the connection]
jinglebellz has joined #bitcoin-wizards
prom3th3us has quit [Ping timeout: 255 seconds]
smk has joined #bitcoin-wizards
snthsnth has joined #bitcoin-wizards
lnovy has quit [Ping timeout: 268 seconds]
lnovy has joined #bitcoin-wizards
hazirafel has quit [Quit: Leaving]
user7779078 has joined #bitcoin-wizards
<nsh> amiller, or gmaxwell or someone: remind me why index calculus is not useful to attack ECC again
<nsh> was it to do with smoothness
<nsh> .t
<yoleaux> Tue, 29 Sep 2015 00:47:17 UTC
qawap has quit [Quit: No Ping reply in 180 seconds.]
<nsh> .title
<yoleaux> nsh: Sorry, that command (.title) crashed.
<nsh> right there's no notion of prime factorisation in the field so you can't rely on the density of small factors
<nsh> is that vaguely on track?
qawap has joined #bitcoin-wizards
qawap has quit [Changing host]
qawap has joined #bitcoin-wizards
<nsh> .wik Unique factorisation domain
<yoleaux> "In mathematics, a unique factorization domain (UFD) is a commutative ring in which every non-zero non-unit element can be written as a product of prime elements (or irreducible elements), uniquely up to order and units, analogous to the fundamental theorem of arithmetic for the integers." — https://en.wikipedia.org/wiki/Unique_factorisation_domain
<nsh> except it's not proven that particular nor general ECs lack a UFD, just strongly suspected, right?
<nsh> but there is
<nsh> .wik Stark Heenger theorem
<yoleaux> "In number theory, a branch of mathematics, the Stark–Heegner theorem states precisely which quadratic imaginary number fields admit unique factorisation in their ring of integers. It solves a special case of Gauss's class number problem of determining the number of imaginary quadratic fields that have a given fixed class number." — https://en.wikipedia.org/wiki/Stark%E2%80%93Heegner_theorem
<nsh> the curves used in ECC do not admit complex multiplication as a rule?
<nsh> and all this relates to cyclotomic fields somehow
Ylbam has quit [Quit: Connection closed for inactivity]
<nsh> there's no way i'm going to understand enough mathematics without acquiring kanzure-level brainhalation faculties or concocting some more efficient way of receiving concepts than verbally
<nsh> :/
shen_noe2 has quit [Quit: quitquitquit]
whaack has joined #bitcoin-wizards
whaack is now known as Guest46491
Guest46491 has quit [Client Quit]
alferz has joined #bitcoin-wizards
user7779_ has joined #bitcoin-wizards
user7779078 has quit [Ping timeout: 246 seconds]
Starduster_ has joined #bitcoin-wizards
alferz has quit [Ping timeout: 244 seconds]
Starduster has quit [Ping timeout: 240 seconds]
maaku has quit [Remote host closed the connection]
snthsnth has quit [Ping timeout: 240 seconds]
maaku has joined #bitcoin-wizards
maaku is now known as Guest56346
Guest56346 is now known as maaku
snthsnth has joined #bitcoin-wizards
user7779_ has quit []
antgreen has joined #bitcoin-wizards
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<andytoshi> shen: the comment on bct about my breaking CCT does not refer to the current way i think it's broken :)
<andytoshi> but i have an unread email from the author and don't want to say more til i've read that
roxtrongo has joined #bitcoin-wizards
chri_____ has quit [Remote host closed the connection]
orik has joined #bitcoin-wizards
chri_____ has joined #bitcoin-wizards
roxtrongo has quit [Ping timeout: 268 seconds]
chri_____ has quit [Ping timeout: 240 seconds]
tlrobinson has joined #bitcoin-wizards
tlrobinson has quit [Quit: tlrobinson]
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
Dr-G has quit [Disconnected by services]
Dr-G2 has joined #bitcoin-wizards
roxtrongo has joined #bitcoin-wizards
shen_noe has joined #bitcoin-wizards
chri_____ has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 250 seconds]
<MRL-Relay> [shen] andytoshi, I see - I would be interested in more compact CT, so it would be nice if there was a fix although I'm not overly hopeful
shen_noe has quit [Quit: quitquitquit]
orik has joined #bitcoin-wizards
orik has quit [Client Quit]
chri_____ has quit [Ping timeout: 246 seconds]
c0rw1n is now known as c0rw|zZz
TheSeven has quit [Disconnected by services]
[7] has joined #bitcoin-wizards
jinglebellz has quit [Remote host closed the connection]
ThomasV has joined #bitcoin-wizards
csggggg8 has quit [Ping timeout: 264 seconds]
grau has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
dstadulis has joined #bitcoin-wizards
grau has quit [Remote host closed the connection]
dstadulis has quit [Client Quit]
grau has joined #bitcoin-wizards
tbmit has joined #bitcoin-wizards
Starduster_ is now known as Starduster
orik has joined #bitcoin-wizards
tbmit has quit [Ping timeout: 260 seconds]
zooko has joined #bitcoin-wizards
snthsnth has joined #bitcoin-wizards
orik has quit [Client Quit]
ThomasV has quit [Ping timeout: 250 seconds]
tlrobinson has joined #bitcoin-wizards
orik has joined #bitcoin-wizards
jinglebellz has joined #bitcoin-wizards
zooko has quit [Ping timeout: 250 seconds]
certee7 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
jinglebellz has quit [Remote host closed the connection]
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
certee7 has joined #bitcoin-wizards
tlrobinson has quit [Quit: tlrobinson]
certee7 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
certee7 has joined #bitcoin-wizards
certee7 has quit [Client Quit]
jinglebellz has joined #bitcoin-wizards
grau has quit [Remote host closed the connection]
mjerr has joined #bitcoin-wizards
matsjj_ has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
snthsnth has quit [Ping timeout: 250 seconds]
grau has joined #bitcoin-wizards
face has quit [Ping timeout: 246 seconds]
grau has quit [Remote host closed the connection]
DougieBot5000 has quit [Quit: Leaving]
priidu has joined #bitcoin-wizards
chri_____ has joined #bitcoin-wizards
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
chri_____ has quit [Remote host closed the connection]
kmels has quit [Ping timeout: 250 seconds]
jinglebellz has quit [Remote host closed the connection]
damethos has joined #bitcoin-wizards
kmels has joined #bitcoin-wizards
grau has joined #bitcoin-wizards
chri_____ has joined #bitcoin-wizards
orik has joined #bitcoin-wizards
bramc has quit [Quit: This computer has gone to sleep]
jinglebellz has joined #bitcoin-wizards
chri_____ has quit [Remote host closed the connection]
rusty has quit [Ping timeout: 260 seconds]
chri_____ has joined #bitcoin-wizards
moa has joined #bitcoin-wizards
grau has quit [Remote host closed the connection]
grau has joined #bitcoin-wizards
FNinTak has joined #bitcoin-wizards
jinglebellz has quit [Remote host closed the connection]
dEBRUYNE has joined #bitcoin-wizards
JackH has joined #bitcoin-wizards
chri_____ has quit [Remote host closed the connection]
chri_____ has joined #bitcoin-wizards
lnovy has quit [Quit: Got root?]
chri_____ has quit [Ping timeout: 256 seconds]
FNinTak has left #bitcoin-wizards [#bitcoin-wizards]
ThomasV has joined #bitcoin-wizards
nsh has quit [Excess Flood]
nsh has joined #bitcoin-wizards
CodeShark_ has quit [Remote host closed the connection]
nsh has quit [Excess Flood]
rusty has joined #bitcoin-wizards
Giszmo has quit [Quit: Leaving.]
nsh has joined #bitcoin-wizards
<nsh> yoleaux!
<yoleaux> nsh!
<Alanius> index calculus works by trying to factorize random group elements into powers of primitive elements which are part of the factor base
<Alanius> for integers, it is possible to create a reasonably small factor base that can still factorize random integers with reasonable probability
<Alanius> the factor base will consist of the smallest primes
<Alanius> for example, 2 is more likely to divide random integers than 5, and 5 is more likely to divide them than 17
<Alanius> index calculus fails for elliptic curves because there is no such natural set of factors to start from
jinglebellz has joined #bitcoin-wizards
jinglebellz has quit [Ping timeout: 260 seconds]
* nsh nods
<nsh> i'm just not sure this is actually proven
<nsh> and there may be very subtle ways that you could constrain point generation such that you'd restrict to a subset of points have an isomorphism to a field with a unique factorisation domain
<nsh> this could be masked with blinding i'd imagine to be intractable to detect without access to the generator biasing blinding privkey
<nsh> except by seeing a enough points to observe a significant deviation from uniformity
<nsh> and that could be disguised as an artefact of some or other seemingly benign implementation detail underhandedly
<nsh> .wik Heegner module
<yoleaux> "In mathematics, a Heegner point is a point on a modular curve that is the image of a quadratic imaginary point of the upper half-plane. They were defined by Bryan Birch and named after Kurt Heegner, who used similar ideas to prove Gauss's conjecture on imaginary quadratic fields of class number one." — https://en.wikipedia.org/wiki/Heegner_point
grau has quit [Remote host closed the connection]
chri_____ has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 264 seconds]
grau has joined #bitcoin-wizards
chri_____ has quit [Ping timeout: 246 seconds]
melvster has quit [Ping timeout: 268 seconds]
Guyver2 has joined #bitcoin-wizards
midnightmagic has quit [Ping timeout: 240 seconds]
midnightmagic has joined #bitcoin-wizards
crowleyman has joined #bitcoin-wizards
melvster has joined #bitcoin-wizards
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
orik has joined #bitcoin-wizards
rusty has quit [Ping timeout: 240 seconds]
Guyver2 has quit [Ping timeout: 264 seconds]
antgreen has quit [Remote host closed the connection]
antgreen` has joined #bitcoin-wizards
crowleyman has quit [Read error: Connection reset by peer]
grau has quit [Remote host closed the connection]
melvster has quit [Ping timeout: 265 seconds]
melvster has joined #bitcoin-wizards
grau has joined #bitcoin-wizards
agorist000 has quit [Read error: Connection reset by peer]
agorist000 has joined #bitcoin-wizards
agorist000 has joined #bitcoin-wizards
melvster has quit [Ping timeout: 260 seconds]
Guyver2 has joined #bitcoin-wizards
melvster has joined #bitcoin-wizards
yang_ is now known as yang
trippysalmon`aw has joined #bitcoin-wizards
jinglebellz has joined #bitcoin-wizards
trippysalmon has quit [Ping timeout: 272 seconds]
jinglebellz has quit [Remote host closed the connection]
nsh has quit [Excess Flood]
chri_____ has joined #bitcoin-wizards
nsh has joined #bitcoin-wizards
chri_____ has quit [Ping timeout: 272 seconds]
dEBRUYNE has quit [Ping timeout: 246 seconds]
AaronvanW has joined #bitcoin-wizards
melvster has quit [Ping timeout: 246 seconds]
antgreen` has quit [Ping timeout: 256 seconds]
hazirafel has joined #bitcoin-wizards
melvster has joined #bitcoin-wizards
antgreen` has joined #bitcoin-wizards
antgreen` is now known as antgreen
kmels has quit [Ping timeout: 246 seconds]
roxtrong_ has joined #bitcoin-wizards
roxtrongo has quit [Ping timeout: 250 seconds]
davec has quit [Read error: Connection reset by peer]
davec has joined #bitcoin-wizards
mjerr has quit []
Quanttek has joined #bitcoin-wizards
chris___ has joined #bitcoin-wizards
chris___ has quit [Ping timeout: 264 seconds]
roxtrong_ has quit [Remote host closed the connection]
dgenr8 has quit [Quit: Leaving]
dgenr8 has joined #bitcoin-wizards
eudoxia has joined #bitcoin-wizards
dgenr8 has quit [Ping timeout: 246 seconds]
ASTP001 has joined #bitcoin-wizards
Burrito has joined #bitcoin-wizards
dgenr8 has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
<kanzure> bsm117532: any thoughts about big-one.txt cleanup and organization?
<nsh> link?
kmels has joined #bitcoin-wizards
<nsh> .wik Analytic rank
<yoleaux> "In mathematics, an elliptic curve (EC) is a plane algebraic curve defined by an equation of the form" — https://en.wikipedia.org/wiki/Elliptic_curve
damethos has quit [Quit: Bye]
bsm1175321 has joined #bitcoin-wizards
<nsh> (RANKS OF ELLIPTIC CURVES)
<fluffypony> nsh: I think your caps lock is stuck :-P
<nsh> blame donald knuth
<nsh> no, he's got enough on his conscience already
<nsh> half the people who think they understand computering are the result of him casting pearls before swine
<maaku> newb SNARK questions -- in presently considered schemes, is there benefit to having a small register file in a tinyram-like architecture? or does it matter?
nwilcox has quit [Ping timeout: 244 seconds]
DougieBot5000 has joined #bitcoin-wizards
bedeho has quit [Ping timeout: 272 seconds]
dEBRUYNE has quit [Ping timeout: 255 seconds]
bramc has joined #bitcoin-wizards
sparetire_ has joined #bitcoin-wizards
ratbanebo has joined #bitcoin-wizards
damethos has joined #bitcoin-wizards
nullbyte has joined #bitcoin-wizards
damethos has quit [Client Quit]
nwilcox has joined #bitcoin-wizards
damethos has joined #bitcoin-wizards
psztorc has joined #bitcoin-wizards
chris___ has joined #bitcoin-wizards
ratbaneb_ has joined #bitcoin-wizards
ratbanebo has quit [Ping timeout: 256 seconds]
ratbanebo has joined #bitcoin-wizards
chris___ has quit [Ping timeout: 256 seconds]
bramc has quit [Quit: This computer has gone to sleep]
ratbaneb_ has quit [Ping timeout: 256 seconds]
<nsh> ty
bsm1175321 is now known as bsm115732
ratbanebo has quit [Ping timeout: 252 seconds]
zooko has joined #bitcoin-wizards
zooko` has joined #bitcoin-wizards
grau has quit [Remote host closed the connection]
zooko has quit [Ping timeout: 272 seconds]
ratbanebo has joined #bitcoin-wizards
grau has joined #bitcoin-wizards
eudoxia_ has joined #bitcoin-wizards
eudoxia_ has quit [Remote host closed the connection]
eudoxia has quit [Read error: Connection reset by peer]
trippysalmon`aw has quit [Read error: Connection reset by peer]
ASTP001 has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
ASTP001 has joined #bitcoin-wizards
zooko`` has joined #bitcoin-wizards
ASTP001 has quit [Client Quit]
zooko` has quit [Ping timeout: 240 seconds]
zooko`` has quit [Remote host closed the connection]
zooko has joined #bitcoin-wizards
JackH has quit [Ping timeout: 250 seconds]
maraoz has joined #bitcoin-wizards
matsjj_ has quit [Remote host closed the connection]
King_Rex has joined #bitcoin-wizards
matsjj has joined #bitcoin-wizards
antgreen has quit [Ping timeout: 260 seconds]
jinglebellz has joined #bitcoin-wizards
matsjj has quit [Ping timeout: 246 seconds]
Giszmo has joined #bitcoin-wizards
CodeShark_ has joined #bitcoin-wizards
CodeShark has quit [Ping timeout: 250 seconds]
the`doctor has joined #bitcoin-wizards
Tiraspol has quit []
jinglebellz has quit [Remote host closed the connection]
chri_____ has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
<bsm115732> Does anyone have a list of successful, attempted, or theoretical attacks that have occurred against bitcoins and altcoins? (The latter is of more interest as there are more attacks -- but has anyone documented them?)
Tiraspol has joined #bitcoin-wizards
Tiraspol has quit [Client Quit]
Tiraspol has joined #bitcoin-wizards
MoALTz has joined #bitcoin-wizards
dtmit_ has joined #bitcoin-wizards
chri_____ has quit [Ping timeout: 272 seconds]
priidu has quit [Ping timeout: 265 seconds]
<kanzure> bsm117532: see earlier request today from me re: big-one.mdwn, curious if you have any update etc.
zooko has quit [Remote host closed the connection]
ASTP001 has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
zooko has joined #bitcoin-wizards
chris___ has joined #bitcoin-wizards
grau has quit []
prom3th3us has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
cryptowest has quit [Ping timeout: 246 seconds]
nwilcox has quit [Ping timeout: 255 seconds]
cryptowest has joined #bitcoin-wizards
jinglebellz has joined #bitcoin-wizards
ratbaneb_ has joined #bitcoin-wizards
ratbanebo has quit [Ping timeout: 240 seconds]
ratbaneb_ has quit [Client Quit]
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
shen_noe has joined #bitcoin-wizards
nullbyte has quit [Quit: leaving]
<bsm115732> kanzure: We're ready to set up a wiki, and debating which one to use and which wiki software to use.
<bsm115732> I have almost no opinion on the software, because it's easy to set up, we're just going to apt-get something.
<bsm115732> I wonder if we could find a self-described non-coder type person who would be willing to collate your list and make some wiki stubs. I'm going to ask around.
<bsm115732> The contenders seem to be https://ikiwiki.info/ and https://www.mediawiki.org/ . The former because you requested something based on git.
<bsm115732> Mediawiki is a behemoth but can be apt-get installed.
<kanzure> piny can also be apt-get installed, which includes ikiwiki http://piny.be/
<kanzure> anyway, i don't understand what wiki software has to do with it; i think the previous topic was something about a way to organize the info better or reprocess it.
gielbier has quit [Read error: Connection reset by peer]
<bsm115732> Well, putting it on a wiki is the proposed way to reorganize it.
<kanzure> huh? it is on a wiki.
notj has joined #bitcoin-wizards
<bsm115732> Ok, I guess that's technically "on a wiki" ;-)
gielbier has joined #bitcoin-wizards
gielbier has quit [Changing host]
gielbier has joined #bitcoin-wizards
<bsm115732> kanzure, what's your idea for better organize or reprocess it?
<bsm115732> I'm hosting a meetup tomorrow and will ask for volunteers for this task...
<kanzure> i had none; jgarzik tricked me into publishing it early, and then you mentioned a few days ago that you would sit and think about it..
<bsm115732> hehee
bramc has joined #bitcoin-wizards
<bsm115732> Like you, I don't actually want to reorganize it myself. But I'd like to see it done.
bramc has quit [Client Quit]
<kanzure> i'm fine with doing it myself, i just don't have the universe's secret rule book for ultimate preservation of signal over noise
<bsm115732> This community has a good number of non-coding folks who want to contribute. I'll see who I can find.
<bsm115732> Even with wikis, signal:noise is a problem.
damethos has quit [Quit: Bye]
<bsm115732> kanzure I think your time is better spent elsewhere. I'll let you know Thurs if I find someone to take this up.
<kanzure> sounds interesting
damethos has joined #bitcoin-wizards
<jgarzik> kanzure, #Crowd
<bsm115732> FYI we're going to live-stream this meeting (about the MIT Enigma project) tomorrow, if anyone here wants to attend virtually: http://www.meetup.com/BitDevsNYC/events/225374509/
notj has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<bsm115732> I'll post instructions tomorrow and put it on the meetup page, once we get it all figured out.
<bsm115732> I also made a new IRC channel #bitdevsnyc for discussion/questions remotely.
<bsm115732> 7pm EDT tomorrow...
roxtrongo has joined #bitcoin-wizards
CodeShark_ is now known as CodeShark
dtmit_ has quit [Ping timeout: 265 seconds]
roasbeef has quit [Ping timeout: 260 seconds]
roasbeef_ has joined #bitcoin-wizards
priidu has quit [Ping timeout: 252 seconds]
zooko has quit [Ping timeout: 252 seconds]
orik has joined #bitcoin-wizards
bedeho has joined #bitcoin-wizards
kmels has quit [Ping timeout: 240 seconds]
notj has joined #bitcoin-wizards
bektar has joined #bitcoin-wizards
roxtrong_ has joined #bitcoin-wizards
bektar has quit [Client Quit]
roxtrongo has quit [Ping timeout: 272 seconds]
<Taek> bsm115732, kanzure, jgarzik: tonight at 8pm a handful of MIT students are meeting with me to get started on putting all the information into more accessible places. We're starting simple, creating a bitcoin.ninja style website with some 'start here or here or here' links that will help you find rabbit holes related to cryptocurrency research
<Taek> 8pm EST
<jgarzik> +1
<Taek> we'll publish whatever we get finished tonight and then we can iterate on the design. I personally don't like wikis because it's often hard to find stuff you don't know that you don't know
<bsm115732> Taek great! We purchased bitcoinwizards.org and will donate it to the cause.
<Taek> oh sweet, if you've got a git repo we can PR to, we will do so
<bsm115732> Taek if you're willing to do some work, tell me what software you want and we'll set it up for you. ikiwiki?
<Taek> plan html/css/js? :P
<bsm115732> That's a hard knock life...
<Taek> I never said it would be pretty
<bsm115732> Hehee
notj has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<bsm115732> Well ikiwiki is git-hosted, if that's what you're looking for. Mediawiki will probably attract wider contributors.
nivah has joined #bitcoin-wizards
<kanzure> ikiwiki has online web editor
<kanzure> anyway; all of this is trivial details. i don't see any proposal regarding actual categorization method or indexing method (bips-style? or something else? etc. gmaxwell suggested tag-weighted ordering of some kind)
notj has joined #bitcoin-wizards
<amiller> Taek, sounds so cool
<Taek> kanzure: current plan is pretty basic, create pages related to specific topics. Pages have the sections: 'overview (explaining the concept and current state-of-art, supposed to be maximum signal) - high signal links - low signal links - unsorted links'
<Taek> the pages I hope get tackled tonight are 'types of forks (explaing soft vs hard fork, and all the variations of each)', 'utxo commitments (though none of us are really qualified to tackle it so the overview might be sparse)', and 'miner fee proposals'. Basically just want to see how it turns out
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
chris___ has quit [Remote host closed the connection]
ASTP001_ has joined #bitcoin-wizards
Newyorkadam has joined #bitcoin-wizards
ASTP001 has quit [Read error: Connection reset by peer]
Newyorkadam has quit [Client Quit]
roasbeef_ is now known as roasbeef
roxtrong_ has quit [Remote host closed the connection]
<kanzure> "types of forks" just link to bip99
chris___ has joined #bitcoin-wizards
damethos has quit [Quit: Bye]
orik has joined #bitcoin-wizards
jcorgan has left #bitcoin-wizards [#bitcoin-wizards]
jinglebellz has quit [Remote host closed the connection]
justanotheruser has quit [Read error: Connection reset by peer]
CodeShark has quit [Remote host closed the connection]
CodeShark has joined #bitcoin-wizards
kgreenek has joined #bitcoin-wizards
justanotheruser has joined #bitcoin-wizards
orik has quit [Client Quit]
kmels has joined #bitcoin-wizards
bramc has joined #bitcoin-wizards
<instagibbs> Taek: looking forward to the txo commitment stuff. It's scattered on logs pretty much. (Will it cover stxo vs utxo vs ???)
<Taek> instagibbs: first round is likely to be pretty sparse and have mostly the obvious stuff. But hopefully will be an improvement to everything that exists now
Starduster has quit [Read error: Connection reset by peer]
Emcy has quit [Read error: Connection reset by peer]
<instagibbs> in one are is enough for now :) I've lurked on something like 20 conversations on the topic and I always come away feeling like I know less about state of the art
<instagibbs> area*
Emcy has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Starduster has joined #bitcoin-wizards
Starduster has quit [Read error: Connection reset by peer]
ne1l has joined #bitcoin-wizards
ne1l has quit [Read error: Connection reset by peer]
notj has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
rusty has joined #bitcoin-wizards
psztorc has quit [Ping timeout: 246 seconds]
afk11 has joined #bitcoin-wizards
matsjj has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
matsjj has quit [Ping timeout: 250 seconds]
c0rw|zZz has quit [Ping timeout: 246 seconds]
nwilcox has joined #bitcoin-wizards
rusty has quit [Ping timeout: 246 seconds]
hazirafel has quit [Quit: Leaving]
rusty has joined #bitcoin-wizards
bramc has quit [Quit: This computer has gone to sleep]
<bsm115732> Taek, kanzure: I'm going to put up an ikiwiki on http://bitcoinwizards.org tomorrow morning. It uses git and markdown, so Taek if you want to make some notes in that format tonight, you can easily upload it tomorrow.
<bsm115732> (and if you want to request a different setup, speak now or forever hold your peace...)
nwilcox has quit [Ping timeout: 265 seconds]
nickler has quit [Ping timeout: 246 seconds]
nickler has joined #bitcoin-wizards
<kanzure> .title
<yoleaux> Cryptology ePrint Archive: Report 2015/946
<kanzure> "Asymmetric proof-of-work based on the Generalized Birthday problem"
Starduster has joined #bitcoin-wizards
chris___ has quit [Remote host closed the connection]
chris___ has joined #bitcoin-wizards
damethos has joined #bitcoin-wizards
nwilcox has joined #bitcoin-wizards
snthsnth has joined #bitcoin-wizards
bramc has joined #bitcoin-wizards
adam3us has joined #bitcoin-wizards
<tromp__> the authors would be advised to read the cuckoo cycle paper they cite, rather than the year-old obsolete version they find easier to criticize
ThomasV has joined #bitcoin-wizards
<tromp__> still looking forward to reading how their approach compares
orik has joined #bitcoin-wizards
Guyver2 has quit [Quit: :)]
snthsnth has quit [Ping timeout: 264 seconds]
<amiller> i can't figure out the comments about proofs-of-space
<amiller> like why is the stack of superconcetnrators supposed to be slow
<amiller> and is it really the case that computational penalties only kick in after a factor of 30 reduction? is that reduction "for free"? i'd like to know more...
Dizzle has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 252 seconds]
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
shesek has quit [Ping timeout: 265 seconds]
belcher_ has joined #bitcoin-wizards
GAit has joined #bitcoin-wizards
ASTP001_ has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
damethos has quit [Quit: Bye]
kmels has quit [Ping timeout: 240 seconds]
jinglebellz has joined #bitcoin-wizards
AaronvanW has quit [Remote host closed the connection]
shesek has joined #bitcoin-wizards
orik has joined #bitcoin-wizards
c-cex-yuriy has joined #bitcoin-wizards
GAit has quit [Quit: Leaving.]
moa has quit [Quit: Leaving.]
arubi has quit [Quit: Leaving]
arubi has joined #bitcoin-wizards
kmels has joined #bitcoin-wizards
<jrayhawk> bsm115732: gitit uses an ikiwiki-ish data model with a more mediawiki-like syntax
<jrayhawk> fossil also has a DVCS wiki system
<bsm115732> I'm aware of gitit. I don't particularly like MediaWiki's overly-complex syntax. We can also install a MediaWiki if that's what people want...
spinza has quit [Excess Flood]
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<gmaxwell> maaku: since you didn't get a tinyram answer. Yes, there is a benefit for keeping the register file fairly small.
orik has joined #bitcoin-wizards
<gmaxwell> maaku: Imagine the circuit implementing the ALU, it needs to have a routing network to connect the register being used to the ALU
<gmaxwell> maaku: the more registers, the bigger this routing network.
<gmaxwell> maaku: someone who has actually seen the tinyram implementation (and not just read the papers) would be needed to talk more concretely about how increased register size increases the circuit size.
c0rw|zZz has joined #bitcoin-wizards
<jrayhawk> If you have specific objections to kanzure's wiki, it's possible to address those in situ
<gmaxwell> maaku: I suspect that at least in the non-recursive version of the SNARK papers the tradeoff does tend to favor more registers generally.
<jrayhawk> Especially regarding namespacing and history.
<kanzure> Madars: ping (there are some tinyram questions that you might know things about)
<gmaxwell> maaku: because every additional LOAD you do in a non-recursive snark will replicate the whole circuit for the cpu, so if one more register makes the circuit size per cycle some log(registers+1)-log(registers) amount bigger, you probably don't have to save many additional cycles to pay for the cost of the bigger register file.
spinza has joined #bitcoin-wizards
<gmaxwell> maaku: that benefit falls away once the register file is so big that it only saves cycles rarely. Though I'm somewhat guessing.
<bsm115732> jrayhawk: I'm also happy to point bitcoinwizards.org to kanzure's wiki.
<gmaxwell> For the recursive snark I would expect the tradeoff to be different, because additional cycles have a purely linear additional cost; rather than the polylog cost for additional cycles in the non-recursive snark.
<jrayhawk> That'd work, though I assume it'd be desirable to git-filter-branch off all the bitcoin-specific content and shove it in its own repository.
<bsm115732> Or start a new wiki. ;-)
GAit has joined #bitcoin-wizards
<kanzure> problem was "figure out good strategy for indexing bitcoin wizardry and technology inventions" not "fiddle with infrastructure". infrastructure skillz/execution is by no means lacking in this community.
<bsm115732> Personally, I keep a lot of my own mental notes in a wiki (TiddlyWiki) that is private, though I've used publicly accessible wikis for this before. I'd want to keep my stuff to myself... kanzure do you want to keep all this on your wiki?
<jrayhawk> I dunno, I feel sorry for someone doing Ikiwiki from scratch.
<gmaxwell> nsh: wrt your comments about UFD, so yes, the recent attacks on characteristic 2 curves effectively find a way to create something that is morlally equivilent for a factor base.
jinglebellz has quit [Remote host closed the connection]
<gmaxwell> nsh: a think to keep in mind is that even if a UFD cannot exist for a curve (keep in mind that our curves are over a field, not over its quadratic extension) that that doesn't imply that something morally equivilent enough for index calculus cannot exist.
<gmaxwell> nsh: and WRT your earlier constraint about constraining private keys. What you're saying is true, but its trivally true in ways simpler than you might expect-- e.g. if your private key is constrained to a small range then I can just search the range to find a discrete log!
<gmaxwell> as an aside, it's best to not learn anything about number theory if you want to retain any confidence in using asymettric cryptography. :)
rusty has quit [Ping timeout: 260 seconds]
<jrayhawk> I've set up 216.151.3.186 to do things with Host: bitcoinwizards.org and www.bitcoinwizards.org
kkpn has joined #bitcoin-wizards
kgreenek has quit [Read error: Connection reset by peer]
kkpn has quit [Client Quit]
<maaku> gmaxwell: so to paraphrase (to make sure I understand it correctly), with non-recursive snark more registers is probably better, so long as that means fewer instructions executed
<maaku> for recursive snark, the larger gains are in reducing the circuit size, so assuming fewer registers == smaller circuit, that would be preferable
<maaku> gmaxwell: that helps. i was trying to justify a non-standard 16-register variant vs the full 32-register cpu
bramc has quit [Quit: This computer has gone to sleep]
Dizzle has quit [Quit: Leaving...]
<gmaxwell> maaku: I think so. circuit_size == log(registers); prover work = poly_log(circuit_size * cycles) (e.g. linear * log(n)) for recursive snark, prover work = c*poly_log(circuit_size)*cycles
<maaku> hrm.. ok. hard to generalize about that
<gmaxwell> maaku: in terms of SNARK compatiblity, I'd probably worry about instruction fanout-- as the same kind of muxing blowup exists for instructions) than register cost, but I'm guessing.
<bsm115732> jrayhawk or clone https://github.com/mcelrath/bitcoinwizards.wiki.git and help fill it with *.md files ;-)
shen_noe has quit [Quit: Leaving]
shen_noe has joined #bitcoin-wizards
<gmaxwell> maaku: the intution is a little complicated because for GGPR12 snarks the circuit is an arithemetic circuit, so "what is expensive" is not 1:1 what is expensive with binary logic.
<maaku> gmaxwell: right well the architecture I'm looking at (RISC-V) is specifically constructed to avoid such ISA-derived complexity
<maaku> it's just they've standardized on a 32-register file, but there is an obscure 16-register variant ... so are snark gains worth not using the standard compiler target? tough call
shen_noe2 has joined #bitcoin-wizards
shen_noe2 has quit [Client Quit]
shen_noe2 has joined #bitcoin-wizards
<amiller> maaku, my opinion is that using a compiler to arithmetic circuits is almost always better than using an instruction set, unless you have some very specific needs
<amiller> maaku, im curious what application you have in mind
shen_noe has quit [Ping timeout: 244 seconds]
shen_noe2 has quit [Client Quit]
shen_noe has joined #bitcoin-wizards
Yoghur114 has joined #bitcoin-wizards
<maaku> amiller: I have no specific application for SNARKs in mind, rather I am investigating a standardized VM that is simple enough to put in consensus code
<gmaxwell> amiller: I am not mark but I can answer easily--- because of the insane setup costs (e.g. dealing with the CRS insecurity) for a snark, having a universal circuit available is very attractive.
<amiller> i see
<maaku> and it would just be a crying shame if some aspect of the architecture made it difficult to do efficient zk-SNARK proofs of execution
<amiller> yeah, doing the setup once and for all is a nice reason
<gmaxwell> If we're thinking about varrious standarized VMs for smart contracty things, making it also snark friendly would be nice.
<gmaxwell> Or at least subsettable to snark friendlyness.
<gmaxwell> maaku: so thats a point, so long as the instruction set can be subset that might be good enough. E.g. don't use registers x-y.
<maaku> gmaxwell: hrmm. that is an interesting point. restricting the register file is a soft-fork change
<gmaxwell> kinda makes me wonder why tinyram wasn't just dont that way in the first place.
<amiller> i don't have a lot of insight into tinyram's design or what the conseuqences would have been of other architectures
<amiller> i think stack machine would make sense too
<maaku> amiller: heresy!
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<maaku> I'm also have strong preferences for stack machines, but it's hard to make them compiler targetable :(
<amiller> https://github.com/pepper-project/tinyram this was posted here before but i didn't notice it
<maaku> e.g. for running bitcoin within it
<kanzure> wasn't moxie selected for its simplicity?
prom3th3us has quit [Quit: prom3th3us]
<amiller> maaku, suppose more registers was cheap, would it be possible to benefit from a much larger number of registers?
<kanzure> maaku: simple cpu design is pretty easy to jump into, hopefully you wont stop at RISC stuff.
<amiller> iirc the sorting phase basically depends on the program counter when the registers were written to, so the number of registers doesn't matter directly
<kanzure> there's probably some silly 4-bit designs on opencores
<kanzure> definitely a bunch of RISC things.
<maaku> kanzure: I believe RISC-V to be a better alternative to moxie for both mundane reasons (it's better supported with a vibrant community) and technical (instruction encoding for RISC-V is better organized for minimal implementations, more thought into expansion spaces)
adam3us has quit [Quit: Leaving.]
<maaku> i don't think anything has been 'selected' yet :P
<maaku> kanzure: http://riscv.org/
rusty has joined #bitcoin-wizards
<kanzure> also fun stuff on github like https://github.com/cliffordwolf/picorv32 (yes that's right i'm linking to a cliffowrdwolf repo, and yes i'm a huge hypocrite for this)
GAit has quit [Quit: Leaving.]
<maaku> amiller: in principle, yes, RISC-V justifies the choice of 32 registers based on real world data (e.g. compiling the linux kernel) showing fewer instructions generated
orik has joined #bitcoin-wizards
<maaku> but is 10% fewer instructions worth 15% larger circuits? sounds like a tossup depending on the SNARK technology used
<maaku> kanzure: look closer, that's RISC-V ;)
<nsh> gmaxwell, thanks for your comments earlier!
<amiller> maaku, i wouldn't be surprised if you could have thousands of registers for free
DougieBot5000 has quit [Quit: Leaving]
<maaku> amiller: well there's not much reason to have more then 32, in terms of compiler targetability, and gmaxwell made the astute observation that it would be okay for a circuit to cover a subset of the ISA, so problem solved :)
<amiller> this paper has a lot of discussion about Buffet's rationale for optimizing tinyram http://www.pepper-project.org/buffet-ndss15.pdf
<maaku> amiller: thanks, will read
<kanzure> also more generally the pepper project people did a snarks lecture here https://www.youtube.com/watch?v=Z4jzA6ts2j4
<amiller> the michael walfish guy is legendary, they basically just implemented their own open source tinyram since scipr-lab didn't get around to releasing it
<kanzure> (video is michael walfish)
bsm115732 has quit [Ping timeout: 250 seconds]
<wumpus> would the distinction 'register' versus 'ram' even make sense for something like SNARK? Normally this is a practical distinction because of process/closeness to the ALU, but if it's all just state bits, spillage to the stack is just as bad as registers, or not?
<gmaxwell> amiller: stack machines are hard for compilers to target in general, and there are AFAIK no mature production grade compilers from C to a stack machine.
<amiller> gmaxwell, ah
<wumpus> java? *ducks*
<gmaxwell> (JVM excepted but JVM is .. weird)
rusty has quit [Ping timeout: 272 seconds]
<gmaxwell> lol I delayed in sending that message for several minutes not knowing exactly what to say about java and then sent it anyways; ... glad I could count on wumpus to call me out. :)
<amiller> maaku, ah this paper explicitly describes a distinction between bctv tinyram 16 registers and theirs 32 registers
<gmaxwell> wumpus: actually it does make sense in that every instruction can read from the register file, but only load/store touch ram.
<maaku> though if someone wants to make a forth backend for gcc/llvm, it'd be pretty dang awesome..
<maaku> wumpus: as gmaxwell alludes, the context is load/store architectures
<kanzure> there might be a jvm backend for llvm
<maaku> otherwise it might not make much sense
<wumpus> gmaxwell: right, then it's a useful distinction
<gmaxwell> wumpus: basically, closeness also applies. "ram" is far because you need a lot of work to check agreement with it. What tinyram had to do this was very clever in fact.
c0rw|zZz is now known as c0rw1n
jinglebellz has joined #bitcoin-wizards
<gmaxwell> (basically the program writes a transcript of all the ram accessesses, verifies consistency with the accesses as it runs, then verifies a sorting of the list, to make sure that the ram accesses are all consistent with each other.
maraoz has quit [Ping timeout: 244 seconds]
<gmaxwell> andytoshi: some of the people on this paper at university of texas: 15:34 < amiller> this paper has a lot of discussion about Buffet's rationale for optimizing tinyram http://www.pepper-project.org/buffet-ndss15.pdf
<kanzure> yes yes, i've been trying to get him to meet them
<kanzure> something about not liking the cs department people
blackwraith has joined #bitcoin-wizards
<amiller> one of them is math, andrew j blumberg anyway
<kanzure> yes an algebraic topology person
<amiller> maybe that's andytoshi's advisor
priidu has quit [Ping timeout: 256 seconds]
<gmaxwell> oh this paper also describes the memory consistency stuff; looks more readable than the SNARKS from C paper.
<kanzure> not his advisor
jinglebellz has quit [Ping timeout: 240 seconds]
<amiller> gmaxwell, what is the effective difference between RAM and registers at all, given that consistency check approach? also i'm not sure what you meant, saying that closeness has an impact
<kanzure> as reminder there are things here, http://diyhpl.us/~bryan/papers2/bitcoin/snarks/
<amiller> oh, wait, the circuit actually *loops over the entire register file*, see Figure 2
<gmaxwell> amiller: the cost is increasing the size of the memory agreement sorting network and memory transcript.
<gmaxwell> amiller: the prover key has upper bounds on the number of executions and memory operations. If every instruction is also three memory operations (e.g. because there are no registers) then the memory consistency parts is MUCH bigger.
<gmaxwell> But I should probably read that paper you linked to before saying anymore. My views here are only slightly informed.
maraoz has joined #bitcoin-wizards
<gmaxwell> Oh their generalization is nice. Tinyram just becomes an interperter compiled by their system.
<kanzure> "also qualifies as a regular expression engine" (not really)
<gmaxwell> man, I wonder when people working on this space are going to give up on this idea of computation outsourcing. You could make this stuff a million fold faster and no one is going to use it to delegate computation from their smartphone to the cloud. :)
<nsh> any audio/video talks on tinyram?
<nsh> alternatively, any pdf screenreaders that aren't awful?
bramc has joined #bitcoin-wizards
<kanzure> i think this mentions tinyram but i haven't watched entirely yet https://www.youtube.com/watch?v=Z4jzA6ts2j4
Quanttek has quit [Read error: Connection reset by peer]
<nsh> oh, nice ty
bramc has quit [Quit: This computer has gone to sleep]
jinglebellz has joined #bitcoin-wizards
psztorc has joined #bitcoin-wizards
DougieBot5000 has joined #bitcoin-wizards
orik has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
orik has joined #bitcoin-wizards
afk11 has quit [Ping timeout: 255 seconds]
jinglebe_ has joined #bitcoin-wizards
sausage_factory has joined #bitcoin-wizards
nwilcox_ has joined #bitcoin-wizards
nwilcox has quit [Ping timeout: 246 seconds]
jinglebellz has quit [Ping timeout: 246 seconds]
blackwraith has quit [Ping timeout: 246 seconds]
Anduck has quit [Ping timeout: 246 seconds]
K1773R has quit [Ping timeout: 246 seconds]
xeon-enouf has quit [Ping timeout: 246 seconds]
jaromil has quit [Ping timeout: 246 seconds]
Anduck has joined #bitcoin-wizards
jaromil has joined #bitcoin-wizards
LeMiner2 has joined #bitcoin-wizards
binaryFateCloud has quit [Ping timeout: 246 seconds]
kmels has quit [Ping timeout: 255 seconds]
LeMiner has quit [Ping timeout: 246 seconds]
xeon-enouf has joined #bitcoin-wizards
K1773R has joined #bitcoin-wizards
jinglebe_ has quit [Remote host closed the connection]
chris___ has quit [Remote host closed the connection]
<kanzure> walfish is very difficult to transcribe