sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
ruby32 has joined #bitcoin-wizards
Noldorin has quit [Read error: Connection reset by peer]
Noldorin has joined #bitcoin-wizards
pr0t3us has quit [Ping timeout: 240 seconds]
ruby32 has quit [Read error: Connection reset by peer]
Noldorin has quit [Read error: Connection reset by peer]
pr0t3us has joined #bitcoin-wizards
pr0t3us has quit [Remote host closed the connection]
pr0t3us has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
hashtag_ has quit [Ping timeout: 252 seconds]
raedah has quit [Remote host closed the connection]
raedah has joined #bitcoin-wizards
King_Rex has quit [Remote host closed the connection]
frankenmint has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
blackwraith has quit [Ping timeout: 260 seconds]
Alopex has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
gigq_ has quit [Ping timeout: 276 seconds]
gigq has joined #bitcoin-wizards
MaxSan_ has quit [Ping timeout: 250 seconds]
pr0t3us has quit [Quit: Leaving]
KinkyCryptoCpl69 has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 260 seconds]
KinkyCryptoCpl69 has quit [Client Quit]
pr0t3us has joined #bitcoin-wizards
pro has quit [Quit: Leaving]
N0S4A2 has quit [Quit: WeeChat 1.5]
frankenmint has quit [Remote host closed the connection]
pr0t3us has quit [Quit: Leaving]
frankenmint has joined #bitcoin-wizards
frankenmint has quit [Remote host closed the connection]
PaulCape_ has joined #bitcoin-wizards
PaulCape_ has quit [Client Quit]
PaulCape_ has joined #bitcoin-wizards
PaulCapestany has quit [Ping timeout: 244 seconds]
frankenmint has joined #bitcoin-wizards
PaulCape_ has quit [Quit: .]
PaulCapestany has joined #bitcoin-wizards
<bsm1175321>
test
<bsm1175321>
I suspect luke-jr has banned me from #bitcoin-dev. I cannot regain my nick bsm117532 anymore, regardless of the channel. If any ops are on, please undo this. Luke-jr if it's not you, I sincerely apologize, I don't understand why I can't regain my nick. (how do I see which channels have quieted or banned me? -- the only ones I've been in are this one and #bitcoin-dev)
<luke-jr>
usually when the nick change fails, the server tells you why
<luke-jr>
check your status window
<luke-jr>
and if you're banned somewhere, the place to discuss it is #bitcoin-bans
<bsm1175321>
hmmm don't have a status window.
<bsm1175321>
using pidgin...any clues?
frankenmint has quit [Remote host closed the connection]
bsm1175321 has quit [Quit: Leaving.]
bsm117532 has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 240 seconds]
ghtdak has quit [Ping timeout: 276 seconds]
ghtdak has joined #bitcoin-wizards
frankenmint has joined #bitcoin-wizards
Newyorkadam has quit [Ping timeout: 252 seconds]
PRab has quit [Ping timeout: 258 seconds]
gigq has quit [Ping timeout: 260 seconds]
gigq has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
frankenmint has quit []
frankenmint has joined #bitcoin-wizards
frankenmint has quit [Client Quit]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
PRab has joined #bitcoin-wizards
frankenmint has joined #bitcoin-wizards
SireWolf has quit [Ping timeout: 240 seconds]
gigq has quit [Ping timeout: 250 seconds]
gigq has joined #bitcoin-wizards
hashtag_ has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 260 seconds]
Giszmo has quit [Remote host closed the connection]
execute has quit [Ping timeout: 244 seconds]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
ManfredMacx has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
hashtag_ has quit [Read error: Connection reset by peer]
jtimon has quit [Ping timeout: 244 seconds]
frankenmint has quit []
Guyver2 has joined #bitcoin-wizards
frankenmint has joined #bitcoin-wizards
dEBRUYNE has quit [Quit: Leaving]
murch has joined #bitcoin-wizards
Guyver2 has quit [Quit: :)]
mn3monic has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
chmod755 has joined #bitcoin-wizards
dEBRUYNE_ has joined #bitcoin-wizards
dEBRUYNE has quit [Ping timeout: 240 seconds]
ThomasV has quit [Ping timeout: 240 seconds]
dEBRUYNE_ has quit [Ping timeout: 240 seconds]
ThomasV has joined #bitcoin-wizards
nabu has joined #bitcoin-wizards
nuke1989 has quit [Remote host closed the connection]
nabu has quit [Ping timeout: 244 seconds]
nabu has joined #bitcoin-wizards
nabu has quit [Ping timeout: 272 seconds]
nabu has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
MaxSan_ has joined #bitcoin-wizards
MaxSan_1 has joined #bitcoin-wizards
MaxSan_ has quit [Ping timeout: 246 seconds]
pro has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 276 seconds]
laurentmt has quit [Client Quit]
jtimon has joined #bitcoin-wizards
PRab has quit [Quit: ChatZilla 0.9.92 [Firefox 46.0.1/20160502172042]]
nabu has quit [Ping timeout: 260 seconds]
priidu has quit [Ping timeout: 258 seconds]
<waxwing>
as if there wasn't enough to read on the topic :) .. jonas nick just linked this one: http://eprint.iacr.org/2016/575
<kanzure>
"TumbleBit: An Untrusted Tumbler for Bitcoin-Compatible Anonymous Payments"
othe has quit [Remote host closed the connection]
fluffypony has quit [Remote host closed the connection]
grubles has quit [Ping timeout: 240 seconds]
MaxSan_1 has quit [Quit: Leaving.]
<phantomcircuit>
waxwing, i think i would be more interested in a description of the ideal system
<phantomcircuit>
(ie what properties do we even want in such a system)
Burrito has joined #bitcoin-wizards
<kanzure>
section 4.2 seems to be meat of it.
<kanzure>
and then combines that with an ecash voucher scheme
<kanzure>
(page 6)
dnaleor has quit [Quit: Leaving]
dnaleor has joined #bitcoin-wizards
<kanzure>
using signature verification instead of script
<waxwing>
phantomcircuit: good call i think. i'm still reading the interesting tricks in coinshuffle++ but .. hmm, how about "a technique that allows a bitcoin transaction to made as easy as currently made, but which obfuscates history sufficiently to increase fungibility meaningfully". wow that was vague :)
ThomasV has joined #bitcoin-wizards
bit2017 has joined #bitcoin-wizards
<phantomcircuit>
waxwing, and now you see the problem :P
<waxwing>
sure, but on reflection, vagueness isn't such a big deal. the biggest problem i see with such a definition is that no *current* protocol, coinjoin or otherwise, achieves "to be made as easy as current bitcoin transactions are made" (should also add "with same trustlessness")
AaronvanW has quit [Ping timeout: 276 seconds]
<waxwing>
without the trustlessness part, mixers/tumblers could be argued to be close to that goal.
dnaleor has quit [Quit: Leaving]
dnaleor has joined #bitcoin-wizards
Chris_Stewart_5 has joined #bitcoin-wizards
Starduster has quit [Read error: Connection reset by peer]
<Taek>
have you seen the braid work? I think that braids can allow for arbitrarily small blocks, eliminating the need for optimizations like weak blocks or thin blocks
<Peter_R_>
I read the Popov paper, but I haven't seen Bob's yet. Does he have something finished?
<Taek>
Oh, that one. I... do not agree with using Monte-Carlo to determine whether or not a transaction is valid. Seems abusable
ManfredMacx has quit [Ping timeout: 272 seconds]
<Taek>
Peter_R_: if someone were to try and attack the network by releasing a bunch of multi-spend txns to different parts of the world, would it destory thin blocks ability to propagate efficiently?
<Taek>
nodes would have significant conflicts
<Peter_R_>
Not sure I'm following. What does the "multi-spend" matter?
<Taek>
nodes don't accept or relay conflicting transactions
mkarrer has quit []
<Taek>
so, if my block is 80% transactions that you saw as double spends, you aren't going to have any of those 80%
<Taek>
slowing propagation
<instagibbs>
any sort of thin blocks technique requires mempool consistency for efficiency, yes
<Peter_R_>
Oh I see what you mean. Yes, the performance of Xthin relies on mempools being "fairly" in sync.
<instagibbs>
i mean, if you dont have the data, you literally have no choice but to get it sent
<Taek>
I believe that requirement opens up a significant DoS vector
<Taek>
especially if miner's start doing more selfish mining
<Taek>
weak blocks have a stronger resistance to that type of manipulation, since putting something in the mempool requires work
<instagibbs>
miners can slow down block propagation of their blocks easily
<instagibbs>
by selectively releasing slowly
<instagibbs>
or not sending it at all
<instagibbs>
:/
<Peter_R_>
Don't know. I'd have to wrap my head around the underlying math and try to model this.
<Taek>
instagibbs: but once it's out they can't control how fast it gets propagated. If they are doing mempool manipulation though, they can ensure that propagation is slow even beyond their own slow announcement
<Peter_R_>
Personally, I'd like to see Xthin AND something like subchains (weak blocks):
<Peter_R_>
Taek, I just finished your article on Jute. What I don't understand is how you know with reasonable certainty that your transaction has been confirmed. Couldn't their always be a more advanced thread that will cancel your TX with a double spend?
<instagibbs>
I don't think it's solvable in Bitcoin* :P
<Peter_R_>
Not saying this is bad...just trying to understand how long you have to wait
<Taek>
Peter_R_: it's actually got the same exact security guarantee as Bitcoin
<Taek>
which is, the blocks might be orphaned/reorged, but after a certain depth you have a good idea that it's unlikely
<instagibbs>
oh yeah I read the Jute thing, breaking spv, heh. Good luck :)
<Peter_R_>
Right, but have you figured out how the math works? What the probabilities of a TX being dropped after 2 sec, 20 seconds, 200 seoonds?
<Taek>
There's a property of Jute which means that any thread reorging your transaction must have more work in it than the amount of work confirming your transaction
<Peter_R_>
I understood that part.
<Peter_R_>
It is very cool stuff!
<Taek>
It depends on how much blocks are lagging on average. If blocks are lagging by 10 seconds you're going to get a different number than if they are lagging by 100 seconds
<Taek>
but, there's a cliff at 10 minutes iirc, so once you are 10 minutes confirmed + some change, you've got extremely high certainty
<Taek>
barring some miner with the ability to temporarily double their hashrate (by overclocking or something similar)
Tiraspol has quit [Remote host closed the connection]
<Taek>
instagibbs: I don't think SPV is that valuable
<Peter_R_>
That's what I'd expect. I'd like to understand the math behind that better though.
Tiraspol has joined #bitcoin-wizards
<Peter_R_>
Is Jute much different from Bob's Braids?
<instagibbs>
Taek, me neither, but Bitcoin kind of has it as a permanent social contract
<instagibbs>
Peter_R_, it allows conflicting txns, braids doesnt
<Peter_R_>
OK thanks
<Taek>
There are a lot of things in common, but Bob's Braids achieve consistency through cohort analysis, which is different from Jute's method of turning a dag into a linked list
<Taek>
I would propose the dag->LL process as the most innovative thing about Jute
<Peter_R_>
Gotcha
<Taek>
instagibbs: you could bring SPV back by having miners commit to Merkle trees of transactions that are 30 mintues confirmed or something like that
<katu>
Taek: does the cohort scheme allow for spv, or its the same deal as jute?
<Taek>
katu: naive Jute breaks SPV because it allows conflicting transactions to appear in the POW chain
<katu>
yeah
<Taek>
Bob's Braids (now known as BB) does not allow conflicting blocks iirc, therefore SPV is preserved
<katu>
well, another thing how useful spv really is at that point
<katu>
assuming both schemes produce frequent runs of uber-short blocks
<Taek>
SPV would have to adjust to ignore anything with fewer than X confirmations, which isn't so bad
<Taek>
I'm pretty sure both schemes would have a security resolution faster than 10 minutes
<katu>
was thinking more in terms block headers
<katu>
there will be far more of thistory with sub-second blocks
<Taek>
suggests that you can determine how much work is in a chain without having all of the headers
<Taek>
I think it's as good as log(n), which is pretty significant
<Taek>
that said, I still think it's a much better security model to just point at a node you trust, whether it's a full node in your house, one at your local university, or one run by a corporation you trust
Peter_R_ has quit [Quit: Page closed]
<Taek>
hmm. Maybe I take that back
<katu>
yeah, i'm still waiting for big wave of eclipse attack heists on exchanges to really start :)
<katu>
matter of time till someone dumps the nxt or blackcoin PoC, same as with same r sigs :/
dEBRUYNE has quit [Quit: Leaving]
calibre720 has quit [Ping timeout: 244 seconds]
<Taek>
Eclipse attacks can be somewhat defended against by having an awareness of the amount of work being produced suddenly dropping
Giszmo has quit [Quit: Leaving.]
<Taek>
I also read the other day that long confirmations are less secure than short confirmations, which completely makes sense but hadn't occurred to me before
<Taek>
if you get 3 confirmations in 2 hours, it means an attacker had 2 hours to build up a competing chain
<Taek>
otoh, if those three confirmations happen in 20 minutes, the attacker only had 20 minutes to build up a competing chain
<Taek>
And I'll propose that as another advantage of braids: you have a much higher resolution on the amount of work happening
<katu>
Taek: yeah, its not *that* bad as with PoS chains, where history can be remade fairly easily
Ylbam has quit [Quit: Connection closed for inactivity]
<katu>
still, not entirely convinced spv client can scan just the chain from random tip up to some checkpoint without ever having to step through genesis
calibre720 has joined #bitcoin-wizards
King_Rex has quit [Remote host closed the connection]
<Taek>
The orphan rate is something that a miner could manipulate by intentionally being slow
<bsm117532>
Yes, but I think that's actually desirable.
<bsm117532>
e.g. running over an anonymizing network like Tor.
<Taek>
hmm true
<Taek>
I think the more worrysome attack would be a miner hiding orphans to make the network seem faster
<bsm117532>
So there's a balance, miners can push the effective block time up or down, to satisfy other considerations.
<Taek>
as long as the slowest 5% can't be iteratively pushed off the network
<bsm117532>
Taek: I haven't specified the consensus rules yet for accepting beads, but there's going to be a hard cutoff after which a bead would be accepted. (slow beads push you to the right of the curve and exponentially increase cohort size -- and are a DoS attack)
<bsm117532>
However there's no other advantage to withholding beads (selfish mining doesn't work). So I doubt anyone would do it.
<bsm117532>
e.g. if your bead's timestamp is older than the median of cohort bead time (minus 4*$a$ or something) then your bead gets discarded.
<katu>
bsm117532: its a robustness sacrifice, but as long people can conditionally disable that in times of emergency, its maybe ok
<bsm117532>
That is your bead was delayed by more than 4 times the measured network latency.
<katu>
why would chain do that = large reorg due to buggy code
<bsm117532>
katu: I don't understand your comment
<katu>
bsm117532: you simply dont allow "older" blocks, which is typically a large reorg actually
<bsm117532>
Yes, I've been thinking about an alternate algorithm in that case, which would be used to heal/merge network splits.
<katu>
if you do that, large reorgs cant happen, partially defeating the whole point of even having a blockchain
<bsm117532>
It's just that it hurts the cohort algorithm, which is necessarily O(N_C^2) in the size of the cohort N_C.
<katu>
bsm117532: i think detecting extraordinary circumstances (ie the competing branch being reorged into is actually close height or something) might work, or even simple rate limiting it
<bsm117532>
So in the case of a network split, you analyze the two sides separately as seperate cohorts, and specify a different algorithm to merge the split.
<katu>
honestly i have no idea how your proposal works as the cohort systems strikes me as more complex than canonically valid txes, im only vaguely familiar even with jute tho
<katu>
bsm117532: also, please describe state block consensus rules state machine, you lay it out its just one or two simple rules added, i get the impression its far more than that in the end.
Starduster_ has joined #bitcoin-wizards
calibre720 has quit [Ping timeout: 246 seconds]
<bsm117532>
Cohort is just a definition of "block" that can determined solely from the graph structure, when the rate of bead publication is faster than the network "size". The definition of "cohort" involves no additional assumptions.
andytoshi has quit [Read error: Connection reset by peer]
<bsm117532>
In Jute or Iota or Sompolimpsky's inclusive blockchain, extra rules are needed to determine a total ordering from a non-synchronous tx publication. And those rules can be gamed.
andytoshi has joined #bitcoin-wizards
Starduster has quit [Ping timeout: 240 seconds]
vyvojar has joined #bitcoin-wizards
<bsm117532>
katu: still working on the set of consensus rules.
calibre720 has joined #bitcoin-wizards
<bsm117532>
There are a lot of options
JHistone has joined #bitcoin-wizards
calibre720 has quit [Ping timeout: 264 seconds]
ThomasV has joined #bitcoin-wizards
calibre720 has joined #bitcoin-wizards
chjj has quit [Ping timeout: 244 seconds]
Church- is now known as The-King
The-King is now known as Jesus_Christ
MoALTz has quit [Quit: Leaving]
Jesus_Christ is now known as Church-
chmod755 has quit [Quit: Ex-Chat]
murch has quit [Quit: Leaving.]
calibre720 has quit [Ping timeout: 260 seconds]
Ylbam has joined #bitcoin-wizards
JHistone has quit [Quit: Leaving]
roman__ has quit [Read error: Connection reset by peer]
calibre720 has joined #bitcoin-wizards
roman__ has joined #bitcoin-wizards
SireWolf has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
justanot1eruser has joined #bitcoin-wizards
calibre720 has quit [Ping timeout: 264 seconds]
justanotheruser has quit [Ping timeout: 244 seconds]
bit2017 has joined #bitcoin-wizards
justme has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
nuke1989 has joined #bitcoin-wizards
blackwraith has joined #bitcoin-wizards
priidu has quit [Ping timeout: 276 seconds]
blackwraith has quit [Quit: Leaving]
roman__ has quit [Read error: Connection reset by peer]
roman__ has joined #bitcoin-wizards
droark has joined #bitcoin-wizards
justme has quit [Quit: justme]
priidu has joined #bitcoin-wizards
roman__ has quit [Remote host closed the connection]
GAit has joined #bitcoin-wizards
GAit has quit [Client Quit]
NewLiberty has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
justanot1eruser has quit [Ping timeout: 240 seconds]
gigq has quit [Ping timeout: 272 seconds]
gigq has joined #bitcoin-wizards
justanotheruser has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
[7] has quit [Ping timeout: 250 seconds]
TheSeven has joined #bitcoin-wizards
Aranjedeath has joined #bitcoin-wizards
King_Rex has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 272 seconds]
jarret has joined #bitcoin-wizards
justme has joined #bitcoin-wizards
justme has quit [Client Quit]
justme has joined #bitcoin-wizards
akoko has quit [Ping timeout: 260 seconds]
akoko has joined #bitcoin-wizards
copumpkin has joined #bitcoin-wizards
King_Rex has quit [Remote host closed the connection]