sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
<gmaxwell>
belcher: you can request it over p2p with the getheaders call, but thats not exactly easy.
<gmaxwell>
you don't have abcore on your phone? :)
<psztorc>
phantomcircuit: damn.
<psztorc>
I feel that this is harder than it needs to be. Perhaps, if people liked namecoin more, the namecoin block explorer would have some conceptual info.
<psztorc>
About its Bitcoin parent. Oh well.
<gmaxwell>
a namecoin block explorer could show this in more detail... but usually block explorers work very hard to hide technical details.
<gmaxwell>
Psztorc: most namecoin blocks are not parented by an actual bitcoin block.
<gmaxwell>
Some are.
<moa>
abcore sounds like an infomercial product to get some ripped 6-packs going ... AbCore Pro is the paid version?
<gmaxwell>
hah
<gmaxwell>
moa: it's bitcoin core for android. :)
<psztorc>
Is it always the case that a namecoin block which does not have leading 0's always has a Bitcoin parent?
<phantomcircuit>
Psztorc, namecoin simply has a separate difficulty from bitcoin
nanasho has joined #bitcoin-wizards
<phantomcircuit>
Psztorc, interestingly namecoin can reorg without bitcoin reorg-ing
<mrkent_>
gmaxwell: best block explorer i've seen so far: http://www.yogh.io/
adlai has quit [Ping timeout: 248 seconds]
<psztorc>
^^ Now we're talkin'.
NewLiberty has quit [Ping timeout: 240 seconds]
<gmaxwell>
Psztorc: the two systems are independant-- e.g. namecoin never connects to the bitcoin network. Namecoin's rules are such that bitcoin 'lottery tickets' are also candidates for namecoin. Since they both happen to use the same metric for goodness (though thats not techincally required), a very good block will be an eligible solution for both chains-- but it might be orhpaned in one or the other ch
<gmaxwell>
ain, independantly. You could also have name coin blocks that wouldn't be valid bitcoin solutions (because namecoin has a lower difficulty); or in theory the other way around (though I don't think bitcoin's difficulty has ever been higher, though they've been close enough that around a retarget it might have happened)
<psztorc>
gmaxwell: my understanding was that Bitcoin need to have something inserted into a Bitcoin coinbase txin
zooko has quit [Ping timeout: 246 seconds]
<psztorc>
And that this thing uniquely identified a namecoin block.
licnep has joined #bitcoin-wizards
<psztorc>
And so they were thus not-independent.
<gmaxwell>
Psztorc: there doesn't need to be any bitcoin at all for namecoin to work-- e.g. bitcoin could be wiped off the face of the earth, the bitcoin network could completely jam up, all nodes could crash, whatever.. namecoin would keep working. Thats pretty independant.
<moa>
I never understood why the namecoin blockchain never gained more interest as a blockchain DB storage vehicle
<gmaxwell>
An analogy is something like, say there is a lottery where you write your chosen number on a card then submit it to be checked if there is a winner. Then someone comes along and says if you write in blue ink in the bottom right corner another number, then they'll also enter you in their seperate orthorgonal lottery if you submit a copy of your card to them too.
<psztorc>
gmaxwell: Don't take that as "mean". I'm only interested in the case where [1] there are no 'namecoin only' miners and [2] bitcoin is not wiped off the face of the earth.
<psztorc>
gmaxwell: Where do I find the blue ink!
<psztorc>
All I want is the blue ink so that I can put it in a screenshot.
<gmaxwell>
so when people attmept to mine namecoin they do proof of work with an 'extended header'which is structured like a valid bitcoin block, which has the hash of their namecoin block in it. Which is that [?] stuff you were seeing. lemme go find an example.
<bsm117532>
That was definitely one of the best from the conference. Another thing got a lot out of was the description of sha-3 competitions, and how we should bring something similar to crypto-ledgers.
Don_John has joined #bitcoin-wizards
<Taek>
I would be infavor of both a POW competition and a difficulty-adjustment-algorithm competition
paveljanik has joined #bitcoin-wizards
<Taek>
Actually, one thing I think we really need is better clock synchronization, ntp is unfortunately deficient
<fluffypony>
Taek: what's wrong with NTP?
<fluffypony>
asking genuinely, I have no idea
<gmaxwell>
it has absolutely no security
<fluffypony>
ah
<gmaxwell>
no resistance to byzantine fault; we've had several internet wide ntp-giving-wrong-time events in the last couple years.
<gmaxwell>
the people currently working on "securing ntp" are purely focused on it not being a dos vector / not being a remote code execution hole.
<fluffypony>
ah
dEBRUYNE has quit [Quit: Leaving]
<gmaxwell>
Taek: competitions don't make sense unless you can define requirements.
funkenstein_ has joined #bitcoin-wizards
<gmaxwell>
Taek: lots of altcoins have made "difficulty adjustment 'improvements'" which achieved their stated goal-- e.g. adapt faster to hashrate loss-- but then lost much of their security too.
dEBRUYNE has joined #bitcoin-wizards
<fluffypony>
I think altcoins are in a uniquely unenviable position
<fluffypony>
their hashrate is generally so low that attacking them is trivial for a motivated attacker
<fluffypony>
so fast retargets are kinda necessary
<funkenstein_>
hence 90% of new coins relying on PoS
<gmaxwell>
fluffypony: kinda putting lipstick on a pig.
<fluffypony>
funkenstein_: eugh.
<fluffypony>
gmaxwell: word
<fluffypony>
but at least it's a pretty shade of red
<gmaxwell>
But the whole design space of "broken algorithims that can be pretended are not broken for a slightly longer span of time; but which would harm security if ever used in a non-broken space" isn't one I think is too exciting. :P
<funkenstein_>
lol
belcher has joined #bitcoin-wizards
<gmaxwell>
I think PHC also showed contest not working so well in a place where the area wasn't super understood and with the parameters wide open... not that it wasn't useful, but that it didn't really emit a final construct.
<fluffypony>
so the solution is to have a contest for the best altcoin name
<kanzure>
how does ntp time things work? is it a certificate authority model?
<kanzure>
ok "NTPv3 symmetric key authentication scheme"
<gmaxwell>
kanzure: huh, no there is just no security at all. you point servers at other servers and they apply some basic bad ticker exclusion and drive the clock towards a pooled average of what remains. There is some cryptographic authentication speced, but basically no one uses it with public NTP.
<gmaxwell>
there are two kinds of crypto, the symmetric stuff (which I've seen ISPs use between routers), and some asymetric stuff which I've never seen evidence of anyone using anywhere.
<gmaxwell>
and in particular, even ignoring auth-- no NTP implementation can make promises like "you'll get the correct time if at least 2/3rds of your configured trusted servers are giving the correct time". .. and I suppose it's just as well they don't since the vast majority of ntp using hosts today are just configured by pointing them at NTP pool servers that anyone can join; and which people have joine
<gmaxwell>
d in the past for malicious host enumeration purposes.
<kanzure>
"correct time" is a hard thing to define anyway
<kanzure>
(and having a working time protocol would probably inadvertedly convince people to assume that syncronized time is possible)
laurentmt has joined #bitcoin-wizards
<kanzure>
*synchronized time
<gmaxwell>
you can rewrite my comment without the word correct. (your time will be consistent with a 2/3rd quourum if one exists)
RoboTeddy has joined #bitcoin-wizards
frankenmint has joined #bitcoin-wizards
<kanzure>
is 2/3rds time consensus like that, a desirable property that people should be working towards for ntp and ntp-like protocols? assuming, say, authentication being regularly used by its participants. and such.
<gmaxwell>
kanzure: also the vast majority of stratum 1 ntp servers are clocked straight off GPS; which itself is unauthenticated and easily spoofed by a local attacker (or made wrong by its operator)
phiche has joined #bitcoin-wizards
<gmaxwell>
kanzure: dunno. I think it would be an improvement.
<funkenstein_>
by monitoring a couple dozen blockchains you could make a decent clock
<kanzure>
oh what was the google blog post about this. they had an interesting post about how they did not-quite-ntp ntp things.
<kanzure>
"But this “repeated” second can be a problem. For example, what happens to write operations that happen during that second? Does email that comes in during that second get stored correctly? ... We saw some of our clustered systems stop accepting work on a small scale during the leap second in 2005, and while it didn’t affect the site or any of our data, we wanted to fix such issues once and for all."
RoboTeddy has quit [Ping timeout: 250 seconds]
<bsm117532>
I'm actually thinking of making a blogging series to critically review coin proposals.
<funkenstein_>
gmaxwell, why not?
<kanzure>
"The solution we came up with came to be known as the “leap smear.” We modified our internal NTP servers to gradually add a couple of milliseconds to every update, varying over a time window before the moment when the leap second actually happens. This meant that when it became time to add an extra second at midnight, our clocks had already taken this into account, by skewing the time over the course of the day. All of our servers ...
<kanzure>
... were then able to continue as normal with the new year, blissfully unaware that a leap second had just occurred. We plan to use this “leap smear” technique again in the future, when new leap seconds are announced by the IERS."
frankenmint has quit [Ping timeout: 244 seconds]
<funkenstein_>
i've been considering building the thing for a while so I would love to hear it wouldn't work :)
<gmaxwell>
funkenstein_: because correct time in any meaninful sense isn't an important objective for any of them. They're mostly all themselves timed off NTP too (many altcoins have a patch that integrates an NTP client, in fact).
Eris72 has joined #bitcoin-wizards
<funkenstein_>
ah ok, so if too many miners rely on their own insecure clocks, the thing would be broken on arrival
<gmaxwell>
kanzure: yea, and then google has some public time servers that yield their goofed time, so you can be up to a half second off with everything else in the day before and after a leap second.
<gmaxwell>
funkenstein_: part of the problem is that for no good reason (prices) computer hardware ships with gratitiously low quality clocks.
zooko has joined #bitcoin-wizards
roman__ has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
<gmaxwell>
So while you can get a 0.5ppm TCXO for like $2 or 0.2 ppm for $4 ... server motherboards have 50ppm non-temp compensated parts. ... so the time will end up gratitiously wrong unless you're actively conditioning it with ntp.
NewLiberty has joined #bitcoin-wizards
<funkenstein_>
anyway, in all its uselessness, my plan is to generate a list like "X miner said it was Y oclock a few seconds ago"
<funkenstein_>
and then come up with a nice smoothing / weighting function
<funkenstein_>
eventually giving estimated current universal time
murch has joined #bitcoin-wizards
<funkenstein_>
there are network latencies, etc.. it's probably harder than it sounds, and plus: nobody needs it :)
<funkenstein_>
but thanks for helping me talk it over