sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
<bsm1175321>
So if one used a form of sequential PoW, with a fixed target, it would basically take everyone (and anyone) the same amount of time to compute it. (up to factors of ~0.5-2 due to hardware differences) Such a thing is really not a lottery at all, so requires an incentive mechanism of a very different nature.
rustyn has quit [Read error: Connection reset by peer]
rustyn has joined #bitcoin-wizards
[Derek] has quit [Ping timeout: 264 seconds]
voxelot has quit [Ping timeout: 260 seconds]
[Derek] has joined #bitcoin-wizards
[Derek] is now known as Guest28763
rusty has joined #bitcoin-wizards
belcher has joined #bitcoin-wizards
RoboTeddy has joined #bitcoin-wizards
NewLiberty has quit [Read error: Connection reset by peer]
RoboTeddy has quit [Ping timeout: 252 seconds]
c-cex-yuriy has quit [Quit: Connection closed for inactivity]
e0 has joined #bitcoin-wizards
bramc has joined #bitcoin-wizards
<bramc>
Hey everybody. I'm writing a draft for a BIP for transaction expiration times. It's turning into another freaking essay.
wasi has quit [Quit: Leaving]
bliljerk101 has quit [Ping timeout: 268 seconds]
bliljerk101 has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 268 seconds]
ThomasV_ has joined #bitcoin-wizards
<bramc>
As per usual there's more technical meat than expected. I'm getting fairly deep into suggested future extensions to SPV
dnaleor has quit [Quit: Leaving]
<belcher>
bramc do they include exposing estimatefee to spv wallets ?
ThomasV has quit [Ping timeout: 268 seconds]
Ylbam has quit [Quit: Connection closed for inactivity]
dnaleor has joined #bitcoin-wizards
<bramc>
belcher: I'm not dealing with fee estimation issues here. The SPV extensions are for tracing ancestors.
RoboTeddy has joined #bitcoin-wizards
voxelot has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 244 seconds]
rusty has left #bitcoin-wizards [#bitcoin-wizards]
blackwraith has quit [Ping timeout: 276 seconds]
molz has quit [Ping timeout: 244 seconds]
mol11111 has joined #bitcoin-wizards
mol11111 is now known as moli
Eris72 has joined #bitcoin-wizards
<bramc>
You know, rbf transactions have a high potential to break their descendants in a reorg as well.
roconnor has joined #bitcoin-wizards
TheSeven has quit [Ping timeout: 250 seconds]
TheSeven has joined #bitcoin-wizards
wallet42 has quit [Ping timeout: 240 seconds]
supasonic has quit [Ping timeout: 252 seconds]
supasonic has joined #bitcoin-wizards
belcher has quit [Quit: Leaving]
RoboTeddy has joined #bitcoin-wizards
rustyn has quit [Read error: Connection reset by peer]
RoboTeddy has quit [Ping timeout: 240 seconds]
rustyn has joined #bitcoin-wizards
c0rw1n is now known as c0rw|zZz
CubicEarth has joined #bitcoin-wizards
CubicEar_ has quit [Ping timeout: 244 seconds]
jaekwon has quit [Remote host closed the connection]
crossing-styx has joined #bitcoin-wizards
c-cex-yuriy has joined #bitcoin-wizards
<Taek>
bramc: you are including considerations like reorgs? If a reorg occurs, a transaction may suddenly become illegal, meaning that all children are illegal too, accidentally invalidating a whole chain of txns
<Taek>
for that reason, generally OP_BLOCKHEIGHT has been avoided
<bramc>
Taek: Yes I have extensive commentary on that, that's part of why it's basically a full-length essay
rusty has joined #bitcoin-wizards
dEBRUYNE has quit [Quit: Leaving]
<bramc>
I've got a first draft almost finished (well, the amount I'm going to get finished anyhow, there's no spec in it yet). Should get the last bit done tomorrow. Anybody who'd like me to email it to them when it's done message me.
Giszmo has quit [Quit: Leaving.]
RoboTeddy has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 260 seconds]
jaekwon has joined #bitcoin-wizards
johnwhitton has quit [Quit: johnwhitton]
johnwhitton has joined #bitcoin-wizards
<amiller_>
bramc, I think you're right about the PoS construction being amortizable ("malleable"). Hopefully i'm missing something stupid
<bramc>
amiller_: Your mail describes exactly what I was thinking.
<amiller_>
fwiw i'll explain why malleable is the wrong phrase here
<amiller_>
in crypto malleable usually decribes some advantage the attacker gets after seeing honest proofs/responses
<amiller_>
here the problem is something a dishonest prover can do using just his own resources
johnwhitton has quit [Client Quit]
<gmaxwell>
I would say, "it is not a strong signature of work" or "it is not a determinstic signature of work"
<bramc>
Yeah I did an okay job of explaining that in my mail to you which was a bit lucky because I only really articulated that subtlety even to myself as I was typing it.
<amiller_>
"unique" or "canonical" maybe? "unique signature" is a commonly used property
<amiller_>
BLS and RSA are both unique signature schemes, but even "deterministic" DSA is not
<bramc>
I still don't know how to bust the simple approach. Something involving rainbow tables and I assume meeting in the middle.
<amiller_>
bramc, i should have thought about that before, we worked through exactly the same problem with the proof of sequential work paper, like you said
<amiller_>
i think "non-amortizable" is the best term to use
<bramc>
repeated hashing with checkpoints is the clumsy, awful way of fixing the problem in mahmoud's construction. I figured out a much prettier approach but it has the same problem
<amiller_>
http://eprints.qut.edu.au/40036/6/40036-full-revised.pdf for example this is a paper about definitions of proofs-of-work that rags on some existing definitions for not talking about amortization "proofs of amortized difficulty"
<gmaxwell>
amiller_: it's incorrect to call DSA that, it should be called derandomized. But right unique is the word we want there.
<amiller_>
i see
<bramc>
I've been using the term 'canonical', also 'quickly verifiable'
<bramc>
although 'canonical' doesn't really make sense for proofs of space. It does for spow.
<bramc>
The advantage of spow is that even if an attacker cheats they still have to spend most of the time. The requirements that it be canonical and quickly verifiable are much more onerous.
<bramc>
Krystoff's comments about how my 'fixed' proofs of space approach is busted actually gives me some hope, but it's at the point where I really, really, need to understand how to bust the simple approach to be sure and noone seems forthcoming with an explanation.
<amiller_>
bramc work on a positive proof, or offer a bounty for a negative counterexample :p
<bramc>
Not sure what you mean. Supposedly it's a fairly textbook algorithm but I'm not sure what it's called and it's highly nontrivial (as in, I've spent some time on it and can't find it)
<bramc>
Krystoff was nice enough to mention that the time and space are both n^(2/3) a hint which doesn't really give it away.
<bramc>
Maybe that should be CPU and space
rusty has quit [Excess Flood]
rusty has joined #bitcoin-wizards
MoALTz has quit [Ping timeout: 244 seconds]
wallet42 has joined #bitcoin-wizards
RoboTeddy has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 252 seconds]
<bramc>
Apparently asking about nontrivial algorithms is a really bad way to troll
Eris72 has quit [Ping timeout: 250 seconds]
_rht has joined #bitcoin-wizards
ThomasV_ has quit [Quit: Quitte]
Jeremy_Rand_2 has quit [Read error: Connection reset by peer]
Jeremy_Rand_2 has joined #bitcoin-wizards
CubicEar_ has joined #bitcoin-wizards
CubicEa__ has joined #bitcoin-wizards
CubicEarth has quit [Ping timeout: 244 seconds]
CubicEar_ has quit [Ping timeout: 260 seconds]
RoboTeddy has joined #bitcoin-wizards
AusteritySucks has quit [Ping timeout: 244 seconds]
ThomasV has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 240 seconds]
davec has quit [Read error: Connection reset by peer]
jaekwon has quit [Remote host closed the connection]
davec has joined #bitcoin-wizards
AusteritySucks has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 248 seconds]
rustyn has quit [Read error: Connection reset by peer]
<Taek>
I think that the above idea has a lot of potential, and I would appreciate it if some more experienced people could ACK or NACK the concepts
<Taek>
I think the idea has the potential to eliminate a substantial amount of centralization pressure, and also suffers far less from selfish mining attacks than anything else that's available
gigq has quit [Ping timeout: 268 seconds]
gigq has joined #bitcoin-wizards
NewLiberty has joined #bitcoin-wizards
<bramc>
Taek: That should be an extreme version of braids where you've limited the block size to only allow a single transaction. There will still be incentive for mining alone even if there are no 'real' transactions to be had, and it will make the transaction history a bit bigger due to having so much more headers overhead
NewLiberty has quit [Client Quit]
<bramc>
Taek: The big problem with decentralizing PoW is that some people have access to cheaper power. That's causing the centralization more than the hardware is.
paveljanik has quit [Quit: Leaving]
nuke1989 has quit [Remote host closed the connection]
Krellan has joined #bitcoin-wizards
bramc has quit [Quit: Page closed]
RoboTeddy has joined #bitcoin-wizards
phiche has joined #bitcoin-wizards
ShadeS has quit [Ping timeout: 244 seconds]
RoboTeddy has quit [Ping timeout: 252 seconds]
NewLiberty has joined #bitcoin-wizards
CubicEa__ has quit []
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
rusty has quit [Ping timeout: 276 seconds]
ThomasV has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 250 seconds]
phiche has quit [Quit: Leaving.]
DougieBot5000 has quit [Quit: Leaving]
Ylbam has joined #bitcoin-wizards
phiche has joined #bitcoin-wizards
proslogion has joined #bitcoin-wizards
crossing-styx has quit [Ping timeout: 248 seconds]
PaulCapestany has quit [Quit: .]
melvster has quit [Read error: Connection reset by peer]
melvster has joined #bitcoin-wizards
jaekwon has quit [Remote host closed the connection]
RoboTeddy has joined #bitcoin-wizards
PaulCapestany has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 260 seconds]
jannes has joined #bitcoin-wizards
JackH has quit [Ping timeout: 264 seconds]
Don_John has quit [Read error: Connection reset by peer]
JackH has joined #bitcoin-wizards
jaekwon has joined #bitcoin-wizards
RoboTeddy has joined #bitcoin-wizards
CrazyTruthYakDDS has quit [Quit: Connection closed for inactivity]
jaekwon has quit [Ping timeout: 250 seconds]
RoboTeddy has quit [Ping timeout: 240 seconds]
ThomasV has quit [Ping timeout: 240 seconds]
<gmaxwell>
Taek: I haven't loaded the url; but generall TX POW idea have previously had horiffic problems with progress.
<gmaxwell>
e.g. the single party with the most POW would win every time.
roconnor has quit [Ping timeout: 240 seconds]
MoALTz has joined #bitcoin-wizards
fkhan_ has quit [Ping timeout: 240 seconds]
supasonic has quit [Ping timeout: 246 seconds]
RoboTeddy has joined #bitcoin-wizards
melvster has quit [Ping timeout: 268 seconds]
fkhan_ has joined #bitcoin-wizards
RoboTeddy has quit [Ping timeout: 248 seconds]
rusty has joined #bitcoin-wizards
melvster has joined #bitcoin-wizards
rusty has quit [Ping timeout: 268 seconds]
<Taek>
gmaxwell: I don't think that's the case here. Miners build multiple branches of txns, and then are allowed merge them by pointing to multiple parents. During a merge, the full POW of both branches is counted, which means heavily merged branches will be able to keep up.
bliljerk101 has quit [Ping timeout: 240 seconds]
AaronvanW has joined #bitcoin-wizards
jtimon has quit [Ping timeout: 244 seconds]
bliljerk101 has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
jaekwon has joined #bitcoin-wizards
RoboTeddy has joined #bitcoin-wizards
jaekwon has quit [Ping timeout: 240 seconds]
RoboTeddy has quit [Ping timeout: 252 seconds]
NewLiberty has joined #bitcoin-wizards
NewLiberty_ has joined #bitcoin-wizards
melvster has quit [Ping timeout: 240 seconds]
ThomasV has joined #bitcoin-wizards
melvster has joined #bitcoin-wizards
andytoshi has quit [Ping timeout: 240 seconds]
NewLiberty_ has quit [Ping timeout: 250 seconds]
NewLiberty has quit [Ping timeout: 250 seconds]
paveljanik has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 240 seconds]
RoboTeddy has joined #bitcoin-wizards
proslogion has quit [Ping timeout: 248 seconds]
RoboTeddy has quit [Ping timeout: 268 seconds]
<amiller_>
bramc, ahh the response from spacemint is really good... they do deal with that attack, by requiring a commitment to all the space put in the blockchain in advance
<amiller_>
and only one commitment allowed per 'seed' public key
<amiller_>
hmmm..... if that fixes the amortizing problem for space proofs, is there a way to do something similar for how we want to use proof-of-sequential-work?
p15x has quit [Ping timeout: 260 seconds]
Guyver2 has joined #bitcoin-wizards
_rht has quit [Quit: Connection closed for inactivity]
<Taek>
amiller_: can you link to the spacemint response?