sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
murch has quit [Remote host closed the connection]
McFloyd has quit [Ping timeout: 250 seconds]
c0rw1n has joined #bitcoin-wizards
weeeeeew_ has quit [Ping timeout: 250 seconds]
weeeeeew has joined #bitcoin-wizards
TheV01d has quit [Ping timeout: 245 seconds]
draynium has quit [Ping timeout: 256 seconds]
mryandao is now known as yandao_sockpuppe
TheV01d has joined #bitcoin-wizards
yandao_sockpuppe is now known as mryandao
draynium has joined #bitcoin-wizards
davec has quit [Read error: Connection reset by peer]
skyraider has quit [Quit: Connection closed for inactivity]
davec has joined #bitcoin-wizards
nikivi has joined #bitcoin-wizards
CrazyLoaf has joined #bitcoin-wizards
nikivi has quit [Quit: irc]
LeMiner has quit [Ping timeout: 260 seconds]
shangzhou has joined #bitcoin-wizards
PRab_ has joined #bitcoin-wizards
PRab has quit [Ping timeout: 260 seconds]
PRab_ is now known as PRab
LeMiner has joined #bitcoin-wizards
jl2012 has joined #bitcoin-wizards
Burrito has quit [Quit: Leaving]
Meeh_ has quit [Quit: No Ping reply in 180 seconds.]
<nicolagreco>
What are the state of the art practices for private key management?
<nicolagreco>
(I am mainly interested in the ones that take into account replication)
Meeh has joined #bitcoin-wizards
<nicolagreco>
(A la Shamir secret sharing)
dnaleor has quit [Quit: Leaving]
Meeh has quit [Quit: No Ping reply in 180 seconds.]
Meeh has joined #bitcoin-wizards
x_ has joined #bitcoin-wizards
heretolearn has quit [Quit: Connection closed for inactivity]
aalex has quit [Ping timeout: 252 seconds]
Tenhi_ has quit [Ping timeout: 256 seconds]
aalex has joined #bitcoin-wizards
Tenhi_ has joined #bitcoin-wizards
VaeVictis has quit [Ping timeout: 260 seconds]
aalex has quit [Ping timeout: 260 seconds]
aalex has joined #bitcoin-wizards
pro has quit [Quit: Leaving]
Ylbam_ has quit [Quit: Connection closed for inactivity]
shangzhou has quit [Quit: Connection closed for inactivity]
veleiro has joined #bitcoin-wizards
aalex has quit [Ping timeout: 276 seconds]
legogris has quit [Remote host closed the connection]
legogris has joined #bitcoin-wizards
veleiro has quit [Ping timeout: 245 seconds]
aalex has joined #bitcoin-wizards
nooblord has quit [Quit: Leaving]
aalex has quit [Ping timeout: 245 seconds]
veleiro has joined #bitcoin-wizards
aalex has joined #bitcoin-wizards
plorph has joined #bitcoin-wizards
veleiro has quit [Ping timeout: 250 seconds]
bedeho has quit [Read error: Connection reset by peer]
ThomasV has joined #bitcoin-wizards
DigiByteDev has joined #bitcoin-wizards
andytoshi has quit [Read error: Connection reset by peer]
andytoshi has joined #bitcoin-wizards
DigiByteDev has quit [Client Quit]
gielbier has quit [Ping timeout: 276 seconds]
veleiro has joined #bitcoin-wizards
TheSeven has quit [Ping timeout: 260 seconds]
[7] has joined #bitcoin-wizards
Giszmo has quit [Quit: Leaving.]
TheV01d has quit [Quit: Leaving]
ZenEntropy has joined #bitcoin-wizards
DigiByteDev has joined #bitcoin-wizards
chjj has quit [Ping timeout: 276 seconds]
ZenEntropy has left #bitcoin-wizards ["WeeChat 1.5"]
NewLiberty has quit [Ping timeout: 245 seconds]
DigiByteDev has quit [Quit: DigiByteDev]
ThomasV has quit [Ping timeout: 252 seconds]
DigiByteDev has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
DigiByteDev has quit [Ping timeout: 250 seconds]
DigiByteDev has joined #bitcoin-wizards
DigiByteDev has quit [Client Quit]
DigiByteDev has joined #bitcoin-wizards
aalex has quit [Ping timeout: 256 seconds]
superkuh has quit [Quit: the neuronal action potential is an electrical manipulation of reversible abrupt phase changes in the lipid bilayer]
aalex has joined #bitcoin-wizards
DigiByteDev has quit [Ping timeout: 265 seconds]
DigiByteDev has joined #bitcoin-wizards
Cory has quit [Read error: Connection reset by peer]
Aranjedeath has quit [Quit: Three sheets to the wind]
BashCo has quit [Remote host closed the connection]
DigiByteDev has quit [Quit: DigiByteDev]
veleiro has quit [Ping timeout: 260 seconds]
WungFu has quit [Ping timeout: 276 seconds]
harrymm has quit [Ping timeout: 252 seconds]
BashCo has joined #bitcoin-wizards
DigiByteDev has joined #bitcoin-wizards
DigiByteDev has quit [Ping timeout: 245 seconds]
DigiByteDev has joined #bitcoin-wizards
harrymm has joined #bitcoin-wizards
harrymm has quit [Ping timeout: 276 seconds]
harrymm has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
nickler has quit [Ping timeout: 260 seconds]
nickler has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
dnaleor has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
aalex has quit [Ping timeout: 245 seconds]
AaronvanW has quit [Remote host closed the connection]
aalex has joined #bitcoin-wizards
jannes has joined #bitcoin-wizards
mountaingoat has quit [Ping timeout: 250 seconds]
DigiByteDev has quit [Ping timeout: 250 seconds]
DigiByteDev has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
AaronvanW has quit [Changing host]
AaronvanW has joined #bitcoin-wizards
DigiByteDev has quit [Client Quit]
dnaleor has quit [Quit: Leaving]
mountaingoat has joined #bitcoin-wizards
thokon00 has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
harrymm has quit [Ping timeout: 244 seconds]
harrymm has joined #bitcoin-wizards
bildramer has quit [Ping timeout: 245 seconds]
mountaingoat has quit [Ping timeout: 265 seconds]
lmatteis has joined #bitcoin-wizards
DigiByteDev has joined #bitcoin-wizards
mountaingoat has joined #bitcoin-wizards
McFloyd has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
McFloyd has quit []
laurentmt has quit [Client Quit]
TommyBguud has joined #bitcoin-wizards
mkarrer has joined #bitcoin-wizards
mkarrer_ has quit [Ping timeout: 252 seconds]
aalex has quit [Ping timeout: 245 seconds]
DigiByteDev has left #bitcoin-wizards [#bitcoin-wizards]
DigiByteDev has joined #bitcoin-wizards
aalex has joined #bitcoin-wizards
Topogetcyrpto has joined #bitcoin-wizards
aalex has quit [Ping timeout: 260 seconds]
aalex has joined #bitcoin-wizards
WungFu has quit [Ping timeout: 260 seconds]
aalex has quit [Ping timeout: 260 seconds]
aalex has joined #bitcoin-wizards
Ylbam_ has joined #bitcoin-wizards
n8wachT has joined #bitcoin-wizards
NewLiberty has joined #bitcoin-wizards
aalex has quit [Max SendQ exceeded]
aalex has joined #bitcoin-wizards
DigiByteDev has quit [Quit: DigiByteDev]
Topogetcyrpto has quit [Ping timeout: 256 seconds]
c0rw1n has quit [Quit: Leaving]
Topogetcyrpto has joined #bitcoin-wizards
Cory has joined #bitcoin-wizards
n8wachT has quit [Quit: ☆ ¸ ★ . • ○ ° ★ http://n8cht.space ★° :. . • ☾ ☆ ¸ ´Impressive Star Fox. Now watch out for enemies in the asteroid field!´]
amgadpasha has quit [Remote host closed the connection]
lmatteis has quit [Quit: Connection closed for inactivity]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
pro has joined #bitcoin-wizards
aalex has quit [Ping timeout: 250 seconds]
aalex has joined #bitcoin-wizards
draynium_ has joined #bitcoin-wizards
pro has quit [*.net *.split]
Guyver2 has quit [*.net *.split]
Tenhi_ has quit [*.net *.split]
draynium has quit [*.net *.split]
roasbeef has quit [*.net *.split]
plorph has quit [Quit: Page closed]
Topogetcyrpto_ has joined #bitcoin-wizards
Topogetcyrpto has quit [Ping timeout: 256 seconds]
<bsm1175321>
Blockchain-Free Cryptocurrencies. A Rational Framework for Truly Decentralised Fast Transactions
harrymm has quit [Ping timeout: 256 seconds]
ipwn has quit [Quit: Leaving]
WungFu has quit [Ping timeout: 250 seconds]
<kanzure>
they are doing an accumulative proof-of-work thing, i think
harrymm has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
<bsm1175321>
How does that work? I've been wanting for such an algorithm...
funkenstein_ has joined #bitcoin-wizards
harrymm has quit [Ping timeout: 256 seconds]
harrymm has joined #bitcoin-wizards
harrymm has quit [Ping timeout: 244 seconds]
WungFu has quit [Quit: Leaving]
moa has joined #bitcoin-wizards
moa has quit [Changing host]
moa has joined #bitcoin-wizards
harrymm has joined #bitcoin-wizards
<uiuc-slack1>
<amiller> What is accumulative proof of work
<uiuc-slack1>
<amiller> Is it like progress/sequential proof of work rather than memoryless proof of work
<uiuc-slack1>
<amiller> Is a chain of proof of work solutions like in Bitcoin not accumulative?
<bsm1175321>
e.g. two PoW hashes can be combined into a single PoW hash with double the difficulty.
<Taek>
amiller: what's the context?
<uiuc-slack1>
<amiller> That is how a chain of Bitcoin solutions work right
<bsm1175321>
Yes, but you have to have the whole chain.
<uiuc-slack1>
<amiller> You add up the difficulty for each of the solutions in the chain
<Taek>
it's only accumulative if a block commits to a target
<uiuc-slack1>
<amiller> Oh so this it is about making pow verification more efficient?
<bsm1175321>
IOW imagine there was a single PoW hash that respresented the accumulated work of the entire chain.
atgreen has joined #bitcoin-wizards
<Taek>
nvm I withdraw, I'm not certain what the context is
<uiuc-slack1>
<amiller> Seems like just an efficiency improvement goal, not a new primitive
<bsm1175321>
Taek: you may want to take a look at the paper I posted -- they have a blockless, transaction DAG.
* adlai
got the impression, from a quick skim, that it's a 1-tx-per-block DAG, and the whole "no blocks, no chain" is just noise
<adlai>
there are plenty of other ideas there which unfortunately don't get the same emphasis as the "no blocks" business
<Taek>
Oh nice, I will read it
<musalbas>
"instead of grouping individual transactions into
<musalbas>
for other previous transactions, in a graph-like rather than chain-like structure"
<musalbas>
“verified” blocks strung into a blockchain, transactions themselves are responsible for vouching
<Taek>
"Select the maximum-height or tallest well-formed transaction not yet classi ed, and classify it as valid as well as all of its ancestors"
<Taek>
I haven't read the whole paper yet but this is an easily exploitable method of choosing valid transactions
<Taek>
It's the method Jute used to use, and it's broken
<Taek>
An attacker can sit out, mine txns that reference other transactions, but never broadcast them
<Taek>
They get this secret parasite chain that's got a much higher height than the public chain
<Taek>
and then release it to execute double spends
e0 has quit [Ping timeout: 260 seconds]
<bsm1175321>
Doesn't look like they made that mistake: "For a transaction x, Height(x) is the total proof-of-work difficulty expended by all the ancestors of x."
<Taek>
It's the same mistake
<bsm1175321>
(p.15)
<Taek>
The same strategy will still work
<Taek>
because, you are including the public transactions, which means you get their work tallied in your height. But you also get the work of your private transactions
<Taek>
so if you mine 10 transactions, you are premanently 10 txns ahead of the public chain, because you've got those 10 plus the whole public chain
<Taek>
The sorting method I described in Milan has much stronger security properties with a simple, intuitive proof for why it's secure.
funkenstein_ has quit [Ping timeout: 256 seconds]
<bsm1175321>
Maybe you're right, they're doing something bizarre in sec 2.3 that is not simply summing work.
<bsm1175321>
Their claim at the beginning of that section is wrong. Summing work is not a computational difficulty...
<bsm1175321>
Sure it's O(n) but you don't have to ever re-do the computation.
<bsm1175321>
I think dumping aggregation of txs into blocks is a bad idea too -- consensus is defined by the existence of graph cuts (cohorts). If the tx rate is roughly higher than 1 per (size of network in seconds), graph cuts are exponentially unlikely. You have to restrict the block rate or the system never comes to consensus.
<bsm1175321>
Iota seems to be making that mistake too.
funkenstein_ has joined #bitcoin-wizards
funkenstein_ is now known as Guest7617
Guest7617 has quit [Client Quit]
ZenEntropy has quit [Ping timeout: 260 seconds]
<Taek>
Iota determines whether or not a transaction is valid by running a Monte-Carlo simulation
<bsm1175321>
Or so they claim. It's vaporware.
<Taek>
I'm just pointing that out as a very terrible way to attempt consensus. The results of each simulation are going to be different, it's probabilistic!
<Taek>
if two people don't get the same results when analyzing the validity of a transaction they'll get a fork
<bsm1175321>
Taek: I agree. I don't think Iota makes any sense at all, and I spent quite a bit of time trying to make sense of their word salads and no code. :-/
<bsm1175321>
Taek have you made any more progress on Jute since Milan?
TommyBguud has quit [Ping timeout: 244 seconds]
atgreen has quit [Ping timeout: 250 seconds]
priidu has quit [Ping timeout: 268 seconds]
atgreen has joined #bitcoin-wizards
<Taek>
Had to catch up on some other work
<Taek>
Hopefully progress in November though
<bsm1175321>
I just saw an announcement for Sia 1.0.3. Congrats ;-)
<bsm1175321>
I've got a little physics paper to write this weekend. But hopefully progress in November.
atgreen has quit [Ping timeout: 268 seconds]
brguy has joined #bitcoin-wizards
moa has quit [Ping timeout: 250 seconds]
moa has joined #bitcoin-wizards
moa has quit [Client Quit]
chjj has quit [Ping timeout: 260 seconds]
NewLiberty has quit [Ping timeout: 260 seconds]
<Taek>
amiller: sorry for the confusion earlier
<Taek>
by 'collaborative', the paper means that it's okay to have multiple POW solutions to a single parent block
<Taek>
e.g., blocks are allowed to have multiple parents
<Taek>
those multiple parents can "collaboratively" solve the puzzles to some common ancestor
<uiuc-slack1>
<amiller> Like ghost?
<Taek>
yeah I believe so
<Taek>
yes
<Taek>
for some reason the paper requires each transaction to have exactly two parents
<Taek>
adlai: you are correct this paper is really about blocks that have a single transaction and multiple parents, not about discarding blocks altogether
nikivi has joined #bitcoin-wizards
<bsm117532>
I don't see the point of having two parents. Sometimes the second parent is redundant (you're forced to name another ancestor as the second parent) and sometimes you need more than 2 parents (when there are unmerged chain tips).
DigiByteDev has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
NewLiberty has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
DigiByteDev has quit [Quit: DigiByteDev]
<Taek>
ok
WungFu has quit [Remote host closed the connection]
<Taek>
With the construction of this paper, it's not only easy to double spend, I believe it's also easy to engage in selfish mining that's more successful than what you can achieve in Bitcoin
<Taek>
because, multiple invalid transactions are not allowed
TommyBguud has joined #bitcoin-wizards
<Taek>
To orphan your competitors, first build up a private chain that includes all of the transactions in the public chain plus all of the transactions in the private chain
<Taek>
do not introduce any conflicts yet
<Taek>
at some point your private chain will have significantly more work in it than the public chain
<Taek>
that's when you can introduce a conflict - mine a conflict to one of the newer transactions
<Taek>
the whole public chain will be confirming the newer transaction
<Taek>
but you will have a bunch of extra work in your private chain
<Taek>
after some amount of time, designed to maximize the amount of work wasted by the public chain, you release your whole private chain
<Taek>
your secret conflict will have a higher height than its public competitor
<Taek>
every block that confirmed the public competitor is now invalid, and is in a chain with less work than the chain with the most work
<Taek>
This attack can be executed with any amount of hashpower
<Taek>
!
nikivi has quit [Quit: irc]
<musalbas>
wouldn't you need to retroactively insert the new transactions in your private chain, destroying all the proof-of-work you had
<Taek>
you can plan ahead
<Taek>
so the first transaction of my private chain is the one I will eventually double spend
<Taek>
since it's private none of the public chain realizes it exists
<Taek>
then once I've put a bunch of work on top of it, I can release the conflict to the public chain
<Taek>
the most recent transaction in the private chain can include the entire public chain up until the point where my conflict is accepted
<musalbas>
I don't see how you'd be able to 'tally the proof of work from others' into your private chain, because that PoW is on a chain building on top of the first transaction
<Taek>
hold on I'll try to draw a graph
<Taek>
eta 8 minutes
<musalbas>
i would feel a bit guilty if you had to draw a graph just for me
<Taek>
it's a little thrown together, but you can see the general concept
<Taek>
A minority hashrate miner is able to throw away one block to cause 3 orphans in the competiton
<Taek>
But, really the minority hashrate miner doesn't even need to throw away a block, merely announcing the transaction and having someone else mine it (since there are no public conflicts) is enough
<Taek>
so basically zero-risk, virtually guaranteed successful double spend attempts that have the bonus of driving up the orphan rates of your competitors
<Taek>
bad stuff
<Taek>
(Is there somewhere I can post this criticism?)