sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
nonaTure has quit [Quit: Leaving.]
erasmospunk has quit [Remote host closed the connection]
roxtrongo has joined #bitcoin-wizards
Lightsword has quit [Quit: Lightsword]
darmou has quit [Ping timeout: 272 seconds]
roxtrongo has quit [Ping timeout: 264 seconds]
dEBRUYNE__ has quit [Ping timeout: 255 seconds]
jcluck has joined #bitcoin-wizards
cluckj has quit [Ping timeout: 255 seconds]
cluckj has joined #bitcoin-wizards
Jeremy_Rand_ has quit [Ping timeout: 276 seconds]
jcluck has quit [Ping timeout: 276 seconds]
Lightsword has joined #bitcoin-wizards
belcher has quit [Quit: Leaving]
zooko has quit [Ping timeout: 276 seconds]
bramc has quit [Quit: This computer has gone to sleep]
Quanttek has quit [Ping timeout: 260 seconds]
DougieBot5000 has joined #bitcoin-wizards
Yoghur114 has quit [Remote host closed the connection]
<yoleaux>
New GI alg looks like a tour-de-force: a divide-and-conquer with many tough cases, arising from a std "individualization" on polylog nodes (@rrwilliams)
<Cyndre>
amiller_ lmao, I think thats what I need - and I believe that as difficulty gets higher building solvable blocks will get easier
<amiller_>
Cyndre, easier? that doesn't sound right
<Madars>
yeah, by requiring more variables to be 0 you are further constraining the problem (but not overconstraining it), so it becomes harder.
<tromp>
the easiest will be finding a pre-image for all zeros, since that's the most constrained
<Cyndre>
amiller_ from what I am thinking its a flaw involving the sha256 where certain parts of the block influence the output hash more then others
<amiller_>
oh, easier relatively speaking you mean
<Cyndre>
yes
p15 has joined #bitcoin-wizards
<Cyndre>
I haven't done huge data anaylsis yet, just playing with a few solved block and watching my poor 80 Mh/s
ratbaneb_ has joined #bitcoin-wizards
RubenS_ has joined #bitcoin-wizards
tulip has joined #bitcoin-wizards
<Cyndre>
I am noticing something wierd where either their is many solutions that meet a difficulty or none
ratbanebo has quit [Ping timeout: 252 seconds]
<gmaxwell>
What you are looking at has been extensively studied by others. Anything you observe is more likely to be your own mistake than an actual interesting property.
<Cyndre>
gmaxwell: with certain get works I will find 3 or 4 solutions at lower difficulty before being handed new work, at which point I wont find any solutions for 20 minutes, then 3 or 4 in the same work load in less then 50 seconds (pool mining with a lower difficulty)
<gmaxwell>
other people have traced the execution of sha2 on this problem extensively looking for things like early distinguishers for short solutions and not found any useful simple biases, even in many many billions of candidates.-- including using FPGA powered searches.
<gmaxwell>
Cyndre: yes, but the same is expected from a random function.
rusty has quit [Ping timeout: 250 seconds]
<gmaxwell>
You must consider any evidence against the null hypothesis,... turns out that intution is very bad with randomness.
<Cyndre>
gmaxwell: random function would say that all work loads are most likely to have same amount of solution possibilitys
<Cyndre>
gmaxwell: not 5 solutions in 50 seconds, then 20 minutes wihtout finding any
<gmaxwell>
...
<sipa>
Cyndre: what difficulty?
<sipa>
Cyndre: and hashrate?
<Cyndre>
51 from slush's pool and 80 Mh/s
<tulip>
that's going to be an effect of how mining software works.
<Cyndre>
and it repeatedly happens like that
<gmaxwell>
Cyndre: actually from a uniformly random function you would expect to find many "too soon", go look at what the exponential distrubtion looks like. Also, take care if you're using pools. Some pools send 'test work' to new miners to check to see if you can return solutions at all.
<sipa>
Cyndre: you would expect one solution per 45 minutes that way
<sipa>
and what gmaxwell says
<Cyndre>
I will find 2 or 3 share solutions more often then I will just find 1
<sipa>
Cyndre: that's completely expected
<tulip>
Cyndre: slush's pool alters the difficulty of the work given dynamically.
<Cyndre>
yes
<gmaxwell>
(and they can't just send one test because some hardware doesn't try all nonces, so they have to use multiple probes)
<Cyndre>
watched it for 4 days
<sipa>
Cyndre: use proper hypothesis testing, and report back (not "I've been watching numbers, and I have an impresion")
<sipa>
and first make sure you're talking about consistant difficulty in the first place
<gmaxwell>
also, please extract actual candidte inputs, don't yet yourself get tripped up by pre-verfied constructed shares from mining pools.
<Cyndre>
I didn't that link has a solved block on it - change a few data points and you get no solutions
<sipa>
Cyndre: so?
<Cyndre>
and that solved block has many solutions at many difficulty levels
<sipa>
quote from the text:
<gmaxwell>
by definition it has a solution at every difficulty level at or below its target...
<sipa>
I should point out that I cheated by starting with a block that could be successfully mined.
<Cyndre>
yes
tulip has quit []
<sipa>
please, go study probability distributions
<Cyndre>
but its the 20 other solutions with 3 to 13 leading zeros
<Cyndre>
should not exist
<gmaxwell>
On what basis do you make that claim?
<Cyndre>
the fact that your only changing the nonce and finding that many different solutions in a solved block means that data in that block is *more solvable* then other blocks
tulip has joined #bitcoin-wizards
<sipa>
Cyndre: it's perfectly expected that some ranges will result in more solutions than others; the number of solutions is approximately normally distributed
<gmaxwell>
Thats an error in statistical reasoning.
<Cyndre>
its a mathmatical formula that determines the solvability of the block, there should be a pattern
<sipa>
Cyndre: no, it's basic randomness
<Cyndre>
sipa: no its not, its reproducable
<gmaxwell>
A perfectly random function with no predictable pattern will exhibit the properties you're describing right now.
<sipa>
Cyndre: then do a hypothesis test and report back
<Cyndre>
not on 200 blocks
<sipa>
Cyndre: not "it looks different to me"
<gmaxwell>
(I am not saying that there isn't structure to sha256, obviously there is, or even saying you don't have useful access to the structure (though you almost certantly don't) --- only that what you're describing would also be true for a truely random function with no useful structure at all-- the claims your making need a proper hypothesis test, not a casual observation. Beyond being the basic stan
<gmaxwell>
dard for science for such claims; many other people have looked and it is exceptionally unlikely that your casusal observation would catch something that evaded everyone else)
<gmaxwell>
seriously, you're going to argue with me like that?
<Cyndre>
you attacked me like I haven't looked at it all
<Cyndre>
33 steps have been broken already
<sipa>
Cyndre: gmaxwell is not saying that you're not looking. he's saying that instead of looking, you should be calculating the chance that what you are seeing is unusual
<gmaxwell>
I'm not attacking you-- I dunno anything about you. But the claims you are making are not good science. Checking a couple cases and then saying you see a pattern without even analyizing what the base rate would be means you aren't doing the absolute minimum required to actually know if you know something or not.
<Cyndre>
sipa: just came in to ask if anyone was working on it, got the sat solver which is way cooler - just don't want to waste my time writting a bunch of software if its been done
<sipa>
Cyndre: sha256 with 33 steps is broken for collision search. that means that for 34 steps *no* correlations are known.
<Cyndre>
yes, but I don't think sha256 is broken, I think the implementation in this case is predictable
<gmaxwell>
Cyndre: rather than trying to discourage you, I'm trying to get you thinking down the path of the things you need to do to actually make progress (if there is progress to be made!).
<sipa>
Cyndre: if what you are saying it is true, SHA256 is by every definition broken
<sipa>
Cyndre: if the result is in the slightest way distinguishable from a random function, it would be considered cryptographically broken
<gmaxwell>
sipa: well technically its distinguishable by anyone with a copy of the circuit. :P
<sipa>
gmaxwell: you know what i mean :)
<gmaxwell>
hehe
<Cyndre>
I suck at probability math - what are the odds that you would find at least 20 solutions with 4 or more preceding zeros from changing the nonce from 1 to 4,294,967,295
wallet42 has joined #bitcoin-wizards
<sipa>
Cyndre: zeroes in what base?
<gmaxwell>
given that there is one soution with a boatload of zeros- so you should probably reduce that 20 to 19 in your question.
<Cyndre>
16 sipa
<sipa>
Cyndre: so that means the first 16 bits of those solutions are 0? which means every attempt has a 1 in 2^16 chance of matching your criteria
<sipa>
are you sure you don't mean 8 zeroes? 4 zeroes would occur much more frequently
<Cyndre>
I need more anaylsis - the cgminer doesn't output enough data to show it, but I shouldn't be finding 4 solutions at difficulty x in 50 seconds (time it takes me to try all on my gpu) and then nothing for 20 minutes
<sipa>
are you sure those are on the same difficulty?
<Cyndre>
yes
<Cyndre>
cgminer outputs a difficulty change
<Cyndre>
3.7.2
<Cyndre>
and using cgwatcher to watch get work requests
matsjj_ has quit [Remote host closed the connection]
jgarzik has quit [Quit: This computer has gone to sleep]
mjerr has quit [Ping timeout: 240 seconds]
jgarzik has joined #bitcoin-wizards
jgarzik has quit [Remote host closed the connection]
Jeremy_Rand_ has joined #bitcoin-wizards
Jeremy_Rand_ is now known as Jeremy_Rand
Jeremy_Rand has quit [Client Quit]
Jeremy_Rand has joined #bitcoin-wizards
dEBRUYNE has quit [Read error: Connection reset by peer]
ThomasV has joined #bitcoin-wizards
roxtrongo has joined #bitcoin-wizards
jgarzik has joined #bitcoin-wizards
jgarzik has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
uniken510 has quit [Remote host closed the connection]
uniken510 has joined #bitcoin-wizards
uniken510 has quit [Remote host closed the connection]
Quanttek has quit [Remote host closed the connection]
uniken510 has joined #bitcoin-wizards
archobserver has quit [Ping timeout: 240 seconds]
Quanttek has joined #bitcoin-wizards
soiled has quit [Quit: Leaving]
wallet42 has quit [Quit: Leaving.]
archobserver has joined #bitcoin-wizards
Dizzle has joined #bitcoin-wizards
damethos has joined #bitcoin-wizards
Quanttek has quit [Read error: Connection reset by peer]
Emcy has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy has quit [Client Quit]
Quanttek has joined #bitcoin-wizards
pozitrono has quit [Ping timeout: 240 seconds]
nonaTure has quit [Quit: Leaving.]
jgarzik has quit [Quit: This computer has gone to sleep]
philco has joined #bitcoin-wizards
philco has quit []
bramc has quit [Quit: This computer has gone to sleep]
wallet42 has joined #bitcoin-wizards
shesek has quit [Ping timeout: 272 seconds]
Yoghur114 has quit [Quit: Konversation terminated!]
bramc has joined #bitcoin-wizards
<kanzure>
someone mentioned that adam3us had a mental arithmetic method for either ECDSA or RSA or something crypto.. does anyone remember where this was mentioned, or who said this? or links.
Yoghur114 has joined #bitcoin-wizards
roxtrongo has quit [Remote host closed the connection]
Jeremy_Rand has quit [Ping timeout: 240 seconds]
wallet42 has quit [Quit: Leaving.]
Yoghur114 has quit [Remote host closed the connection]
Yoghur114 has joined #bitcoin-wizards
Quanttek has quit [Remote host closed the connection]
ThomasV has quit [Ping timeout: 255 seconds]
gribble has quit [Read error: Connection reset by peer]
gielbier has joined #bitcoin-wizards
Quanttek has joined #bitcoin-wizards
giel__ has quit [Ping timeout: 265 seconds]
wallet42 has joined #bitcoin-wizards
gielbier has quit [Ping timeout: 240 seconds]
gribble has joined #bitcoin-wizards
Quanttek has quit [Remote host closed the connection]
gielbier has joined #bitcoin-wizards
afk11 has quit [Read error: Connection reset by peer]
Newyorkadam has joined #bitcoin-wizards
Guyver2 has quit [Quit: :)]
matsjj has joined #bitcoin-wizards
matsjj has quit [Ping timeout: 240 seconds]
King_Rex has quit [Quit: Leaving...]
Lightsword_ has joined #bitcoin-wizards
Lightsword has quit [Read error: Connection reset by peer]
Lightsword_ is now known as Lightsword
AaronvanW has joined #bitcoin-wizards
Newyorkadam has quit [Quit: Newyorkadam]
roxtrongo has joined #bitcoin-wizards
roxtrong_ has joined #bitcoin-wizards
roxtrongo has quit [Ping timeout: 240 seconds]
wallet42 has quit [Ping timeout: 255 seconds]
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
giel__ has joined #bitcoin-wizards
gielbier has quit [Ping timeout: 246 seconds]
damethos has quit [Quit: Bye]
AaronvanW has quit [Ping timeout: 246 seconds]
Dizzle has quit [Quit: Leaving...]
uniken510 has left #bitcoin-wizards ["Parted"]
kmels has quit [Ping timeout: 255 seconds]
bramc has quit [Quit: This computer has gone to sleep]
roxtrong_ has quit [Remote host closed the connection]