sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
gHEr has quit [Quit: Leaving]
windsok has joined #bitcoin-wizards
NewLiberty_ has joined #bitcoin-wizards
NewLiberty has quit [Ping timeout: 255 seconds]
GAit has quit [Read error: Connection reset by peer]
nikivi has quit [Quit: irc]
blackwraith has joined #bitcoin-wizards
rusty2 has quit [Ping timeout: 258 seconds]
sausage_factory has quit [Ping timeout: 245 seconds]
GAit has joined #bitcoin-wizards
q4_ has quit [Ping timeout: 240 seconds]
rusty2 has joined #bitcoin-wizards
rusty2 has quit [Ping timeout: 240 seconds]
rusty2 has joined #bitcoin-wizards
blackwraith has quit [Ping timeout: 240 seconds]
priidu has quit [Remote host closed the connection]
rusty2 has quit [Ping timeout: 260 seconds]
xissburg has quit [Quit: leaving]
xissburg has joined #bitcoin-wizards
Jerry4 has joined #bitcoin-wizards
Jerry4 has quit [Ping timeout: 245 seconds]
Ylbam has quit [Quit: Connection closed for inactivity]
Emcy_ has quit [Ping timeout: 245 seconds]
Noldorin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
Emcy has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy has quit [Changing host]
pro has quit [Quit: Leaving]
legogris has quit [Remote host closed the connection]
legogris has joined #bitcoin-wizards
nikivi has joined #bitcoin-wizards
InquilineKea has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
TheSeven has quit [Ping timeout: 240 seconds]
TheSeven has joined #bitcoin-wizards
nikivi has quit [Quit: irc]
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
reBrain has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Logicwax has quit [Ping timeout: 268 seconds]
Logicwax has joined #bitcoin-wizards
xissburg has quit [Quit: leaving]
xissburg has joined #bitcoin-wizards
Logicwax has quit [Read error: Connection reset by peer]
Logicwax has joined #bitcoin-wizards
Logicwax has quit [Remote host closed the connection]
Logicwax has joined #bitcoin-wizards
SillyJobe has quit [Quit: Leaving]
priidu has joined #bitcoin-wizards
NewLiberty_ has quit [Ping timeout: 255 seconds]
tunafizz has quit [Read error: Connection reset by peer]
priidu has quit [Client Quit]
tunafizz has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
kenshi84 has quit [Remote host closed the connection]
kenshi84 has joined #bitcoin-wizards
Elysus has joined #bitcoin-wizards
arubi has quit [Remote host closed the connection]
arubi has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
Logicwax has quit [Remote host closed the connection]
Logicwax has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
reBrain has quit [Read error: Connection reset by peer]
Logicwax has quit [Remote host closed the connection]
Logicwax has joined #bitcoin-wizards
Logicwax has quit [Read error: Connection reset by peer]
AnHry has joined #bitcoin-wizards
Elysus has quit [Quit: Leaving]
hmm has joined #bitcoin-wizards
hmm has quit [Client Quit]
Alopex has quit [Remote host closed the connection]
Logicwax has joined #bitcoin-wizards
Alopex has joined #bitcoin-wizards
Logicwax has quit [Remote host closed the connection]
Logicwax has joined #bitcoin-wizards
Davasny_ has joined #bitcoin-wizards
Davasny_ is now known as Davasny
LeMiner2 has joined #bitcoin-wizards
roconnor has quit [Ping timeout: 248 seconds]
LeMiner has quit [Ping timeout: 260 seconds]
LeMiner2 is now known as LeMiner
reBrain has joined #bitcoin-wizards
AnHry has quit [Read error: Connection reset by peer]
jtimon has joined #bitcoin-wizards
priidu has quit [Ping timeout: 240 seconds]
dnaleor has joined #bitcoin-wizards
InquilineKea has quit [Ping timeout: 240 seconds]
priidu has joined #bitcoin-wizards
kenshi84 has quit [Remote host closed the connection]
kenshi84 has joined #bitcoin-wizards
kenshi84_ has joined #bitcoin-wizards
reBrain has quit [Remote host closed the connection]
kenshi84 has quit [Ping timeout: 255 seconds]
InquilineKea has joined #bitcoin-wizards
NicolasDorier has quit [Quit: Connection closed for inactivity]
pavel_ has quit [Quit: Leaving]
paveljanik has joined #bitcoin-wizards
paveljanik has joined #bitcoin-wizards
paveljanik has quit [Changing host]
jtimon has quit [Remote host closed the connection]
AnHry has joined #bitcoin-wizards
q4 has joined #bitcoin-wizards
kenshi84_ has quit [Remote host closed the connection]
kenshi84 has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
AaronvanW has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
bachishaman has quit []
dabura667 has joined #bitcoin-wizards
ipwn has joined #bitcoin-wizards
ipwn is now known as adssda
Guyver2 has joined #bitcoin-wizards
sn0wmonster has quit [Quit: ¯\_(ツ)_/¯]
s4z has joined #bitcoin-wizards
sn0wmonster has joined #bitcoin-wizards
Sosumi has joined #bitcoin-wizards
s4z has quit [Quit: Leaving...]
AnHry has joined #bitcoin-wizards
<ananteris>
FREE MONEY!? please tell me more
jtimon has joined #bitcoin-wizards
oneeman has joined #bitcoin-wizards
dabura667 has quit [Quit: Connection closed for inactivity]
Noldorin has joined #bitcoin-wizards
roconnor has joined #bitcoin-wizards
adssda has quit [Quit: Leaving]
_whitelogger has joined #bitcoin-wizards
priidu has quit [Remote host closed the connection]
deadalnix has joined #bitcoin-wizards
<deadalnix>
Hi all. Is there a concrete proposal for Schnorr ta this stage ? A BIP or something ?
JHistone has joined #bitcoin-wizards
six__ has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
<andytosh1>
deadalnix: no. pieter, greg and i have a paper submitted to the bitcoin workshop at Financial Crypto 2017 that explores the pitfalls in this space and that will serve as design motivation
<deadalnix>
andytosh1, is there a draft somewhere or that's confidential in the meantime ?
<deadalnix>
the part I'm the most interested in is sig aggregation and what are the plans here
<six__>
Hello, i'm wondering what might cause a node to not have any outbound connections. 90 inbound but no outbound over the last 24hrs or so. Normally I see a fairly even spread between in/out.
<kanzure>
six__: wrong channel
<adam3us>
deadalnix schnorr aggregation and security proofs of method is part of that paper.
<adam3us>
sipa described it at his presentation at scaling bitcoin milan
<deadalnix>
adam3us, it cover multisig, but doesn't cover agregation accross inputs, or did I miss something ?
<adam3us>
the way it works is you have to delinearlize the combination of public keys to avoid adaptive malicious selection of public key to cancel others and avoid generalised birthday attack. so eg h=H(A||B||C), Q=H(h||A)*A+H(h||B)*B+H(h||C)*C and then the sig is made with Q as the pub key
<adam3us>
he might have run out of time to go into that detail ^
<adam3us>
above ensures that each pubkey affects the delinearisation so adaptive selection of pubkeys is prevented.
<adam3us>
the most obvious adaptive selection is multisig A,B,C where C=-B allowing A to steal the funds solo... or the whole class of related things so you cant screen for them.
six__ has quit [Ping timeout: 260 seconds]
<deadalnix>
In that scenario, the signed message is always the same. Is that possible to aggregate with different message ? There are some claims that one could tdo tx wide aggregation, which would require to aggregate signature with different messages.
<zmanian_>
As far as I know, you need pairing based signatures to aggregate sigs under different messages
<zmanian_>
I didn't think of committing to full set of keys in the PubKey, nice!
<zmanian_>
That's a really elegant construction
<deadalnix>
zmanian_, so somethign like bls
<deadalnix>
in there ( https://diyhpl.us/wiki/transcripts/scalingbitcoin/milan/schnorr-signatures/ ), quoting "This is something that Greg Maxwell came up with-- we can do aggregation over all signatures in a single transaction because this is the case where you're trying to protect against a situation where you don't know what's all the signers are in advance."
<deadalnix>
so that's inacurate ?
<adam3us>
you can use it across inputs, or across coinjoin. i suppose the message m signed could include serialisation of different messages
<deadalnix>
You'd have to ditch BIP143
oneeman has quit [Quit: Leaving]
reBrain has joined #bitcoin-wizards
CubicEarth has joined #bitcoin-wizards
<adam3us>
dont think it relates to segwit, that's just about whether the txid = H( sig, tx ) vs txid = H( pubkey, tx )
<adam3us>
this is just another sig format.
<adam3us>
that construction i typed above doesnt allow for not yet selected signers. i think sipa thinks it's not necessary because in order to sign in bitcoin there must be a commitment to the pub key (a p2sh address etc) already in the blockchain, so the signers have to be decided before the signature.
CubicEarth has quit [Remote host closed the connection]
<adam3us>
but if you wanted to decide signers on the fly i think you can, my version of the construction was Q=H(A)*A+H(A||B)*B+H(A||B||C)*C
CubicEarth has joined #bitcoin-wizards
<deadalnix>
adam3us, so that's possible to aggregate signature of different input with that scheme, because the message to sign will be different.
<adam3us>
ah maybe miscommunicating. the aggregated public key Q is either h=H(A||B||C), Q=H(h||A)*A+H(h||B)*B+H(h||C)*C or Q=H(A)*A+H(A||B)*B+H(A||B||C)*C
<adam3us>
and i give on there the example of the 2 of 2 case.
<adam3us>
so that second hash is the normal message signing hash. if one wanted to sign multiple different messages with parts of it, eg you'd have c=H(r,m1,m2,m3) or c=H(r,m) where m is a merkle tree of messages or whatever.
<adam3us>
the hashes in the pub key expansion are just delinearisation of the combined pub key. doing what I described in the bitcointalk post (Q=A+B) is vulnerable to adaptive pub key selection.
CubicEarth has quit [Remote host closed the connection]
<adam3us>
there's something implemented in libsecp256k1, if you want to check it out.
<adam3us>
deadalnix ^^
s4z has joined #bitcoin-wizards
<deadalnix>
adam3us, thanks, yes that's what I was looking for.
CubicEarth has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
kankles has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
CubicEarth has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
CubicEarth has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
CubicEarth has joined #bitcoin-wizards
AnxiousGarlic has joined #bitcoin-wizards
AnxiousGarlic has quit [Read error: Connection reset by peer]
AnxiousGarlic has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
CubicEarth has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
PRab has joined #bitcoin-wizards
CubicEarth has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
CubicEarth has joined #bitcoin-wizards
CubicEarth has quit [Remote host closed the connection]
AnHry has quit [Ping timeout: 240 seconds]
s4z has quit [Remote host closed the connection]
GAit has quit [Quit: WeeChat 1.0.1]
GAit has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
CubicEarth has joined #bitcoin-wizards
CubicEarth has quit [Ping timeout: 255 seconds]
Sosumi has quit [Quit: Bye]
irc88 has joined #bitcoin-wizards
reBrain has quit [Remote host closed the connection]
Guyver2 has quit [Remote host closed the connection]
kankles has quit [Ping timeout: 240 seconds]
AnHry has joined #bitcoin-wizards
kankles has joined #bitcoin-wizards
CubicEarth has joined #bitcoin-wizards
AnHry has quit [Quit: Konversation terminated!]
CubicEarth has quit [Ping timeout: 240 seconds]
InquilineKea has quit [Ping timeout: 240 seconds]
CubicEarth has joined #bitcoin-wizards
AaronvanW has quit [Quit: Ex-Chat]
InquilineKea has joined #bitcoin-wizards
mendacem has joined #bitcoin-wizards
trotski2000 has joined #bitcoin-wizards
InquilineKea has quit [Ping timeout: 240 seconds]
CubicEarth has quit [Remote host closed the connection]
<kanzure>
@adam3us, for coinbase txout hashcash one of the major problems is that as soon as you go "offline" you can't mine any more updates to your payment (e.g. if someone wants to spend their coin, the only way to do it is if you're online and you update the tx). so how about this: make a network of peers where you voluntarily mine other people's transactions in your weak PoW blocks, and then use ...
<kanzure>
...a set of peers big enough or diverse enough that some of them are always online. in exchange, you do the same for when they are offline. this is also verifiable.
<kanzure>
er, that was supposed to be in slack
maaku has joined #bitcoin-wizards
<kanzure>
all of these transactions are exclusively coinbase subsidy outputs (there could be other transactions in the block but that's irrelevant)
<PsychoticBoy>
zag het zojuist
<kanzure>
also, there would be a small backlog of transactions that you would send to peers once they come back online- to show them that some of their payments were re-spent by their rightful owners- simply to show an actual chain of transfer (as a miner, you are incentivized to do this because otherwise your peers will stop mining t[hings in your favor when you are offline) (if you don't show a set ...
<kanzure>
...of transactions showing the transfer, then for all you know, the other miners perverted your coinbase txout while you were offline)
<kanzure>
the expected value of a continuously mined weak PoW for some coinbas txout is a known quantity--- giving 100% of the subsidy as a transaction output can be calculated as somewhat-non-zero valuable, even if the PoW is hugely weak. the trick to figure out, though, is whether there is any value to weak PoW miners *stopping* further mining activity of some coinbase txout--- it's like receiving ...
<kanzure>
...a lottery ticket that you know is already bad :).
<kanzure>
i guess there's no way to differentiate between slow mining and stopped mining, you just have to set a maximum time window threshold between blocks, and cessation of mining is the same as cessation of payment...?
PRab has quit [Remote host closed the connection]
CubicEarth has joined #bitcoin-wizards
quietbeast has joined #bitcoin-wizards
CubicEarth has quit [Ping timeout: 255 seconds]
InquilineKea has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 255 seconds]
Aranjedeath has joined #bitcoin-wizards
quietbeast has quit [Ping timeout: 245 seconds]
InquilineKea has quit [Ping timeout: 240 seconds]
Davasny has quit [Remote host closed the connection]
<kanzure>
i guess that's mostly a sharechain, with 'spendable' shares
mendacem has quit [Quit: Leaving]
mendacem has joined #bitcoin-wizards
mendacem has quit [Remote host closed the connection]
Chris_Stewart_5 has joined #bitcoin-wizards
InquilineKea has joined #bitcoin-wizards
InquilineKea has quit [Ping timeout: 258 seconds]
cicerotully has joined #bitcoin-wizards
rusty2 has joined #bitcoin-wizards
windsok has quit [Ping timeout: 240 seconds]
JHistone has quit [Quit: Leaving]
Logicwax has quit [Read error: Connection reset by peer]