sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
JHistone has quit [Quit: Leaving]
sausage_factory has quit [Ping timeout: 240 seconds]
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
pero has joined #bitcoin-wizards
Aranjedeath has quit [Quit: Three sheets to the wind]
Burrito has quit [Quit: Leaving]
pero has quit [Quit: Leaving]
pero has joined #bitcoin-wizards
<fluffypony>
oh wow - smartpool adds an Ethereum dependency ?
<fluffypony>
I didn't get that far into the paper, was excited about potential p2pool improvements
* fluffypony
will just stick to p2pool
handlex has joined #bitcoin-wizards
handlex has quit [Client Quit]
wizkid057 is now known as wk
wk is now known as wizkid057
Aranjedeath has joined #bitcoin-wizards
abpa has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
pero0 has joined #bitcoin-wizards
pero has quit [Ping timeout: 240 seconds]
pero0 has quit [Quit: Leaving]
pero0 has joined #bitcoin-wizards
pero0 is now known as pero
dnaleor has quit [Quit: Leaving]
AlineGomes has quit [Quit: Connection closed for inactivity]
dkings has quit [Read error: Connection reset by peer]
dkings has joined #bitcoin-wizards
pero has quit [Quit: Leaving]
pero has joined #bitcoin-wizards
abpa has joined #bitcoin-wizards
abpa has quit [Client Quit]
NewLiberty has quit [Ping timeout: 255 seconds]
Ylbam has quit [Quit: Connection closed for inactivity]
fibonacci has quit [Quit: Connection closed for inactivity]
pro has quit [Quit: Leaving]
windsok has quit [Ping timeout: 240 seconds]
gigq has quit [Quit: leaving]
gigq has joined #bitcoin-wizards
chjj has quit [Ping timeout: 245 seconds]
windsok has joined #bitcoin-wizards
dkings has quit [Remote host closed the connection]
NewLiberty has joined #bitcoin-wizards
Dizzle has joined #bitcoin-wizards
windsok has quit [Ping timeout: 240 seconds]
chjj has joined #bitcoin-wizards
windsok has joined #bitcoin-wizards
legogris has quit [Remote host closed the connection]
legogris has joined #bitcoin-wizards
draynium has quit [Read error: Connection reset by peer]
gigq has quit [Quit: leaving]
gigq has joined #bitcoin-wizards
[7] has quit [Ping timeout: 258 seconds]
TheSeven has joined #bitcoin-wizards
AaronvanW has quit []
kenshi84 has quit [Quit: Leaving...]
_whitelogger has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
kenshi84 has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
fibonacci has joined #bitcoin-wizards
cfields has quit [Read error: Connection reset by peer]
coryfields has quit [Ping timeout: 245 seconds]
coryfields has joined #bitcoin-wizards
cfields has joined #bitcoin-wizards
Alopex has quit [Remote host closed the connection]
Alopex has joined #bitcoin-wizards
aalex has joined #bitcoin-wizards
Yogh has quit [Ping timeout: 255 seconds]
aalex has quit [Ping timeout: 245 seconds]
Yogh has joined #bitcoin-wizards
coryfields has quit [Ping timeout: 245 seconds]
cfields has quit [Ping timeout: 245 seconds]
coryfields has joined #bitcoin-wizards
cfields has joined #bitcoin-wizards
moli_ has quit [Read error: Connection reset by peer]
moli_ has joined #bitcoin-wizards
moli_ has quit [Client Quit]
moli_ has joined #bitcoin-wizards
Auxon has joined #bitcoin-wizards
Davasny has joined #bitcoin-wizards
Dizzle has quit [Remote host closed the connection]
Dizzle has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
NewLiberty has quit [Read error: Connection reset by peer]
blackwraith has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
blackwraith has quit [Ping timeout: 248 seconds]
fibonacci has quit [Quit: Connection closed for inactivity]
d9b4bef9 has quit [Remote host closed the connection]
d9b4bef9 has joined #bitcoin-wizards
jtimon has quit [Ping timeout: 240 seconds]
fibonacci has joined #bitcoin-wizards
CubicEarth has quit []
dnaleor has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
str4d has joined #bitcoin-wizards
Auxon has quit [Quit: Page closed]
dkings has joined #bitcoin-wizards
dkings has quit [Remote host closed the connection]
dkings has joined #bitcoin-wizards
Uglux has joined #bitcoin-wizards
Uglux has joined #bitcoin-wizards
Uglux has quit [Changing host]
priidu has quit [Ping timeout: 256 seconds]
str4d has quit [Ping timeout: 255 seconds]
AaronvanW has joined #bitcoin-wizards
afk11 has joined #bitcoin-wizards
Alina-malina has quit [Ping timeout: 258 seconds]
Alina-malina has joined #bitcoin-wizards
Alina-malina has quit [Ping timeout: 255 seconds]
Guyver2 has quit [Quit: :)]
Alina-malina has joined #bitcoin-wizards
fibonacci has quit [Quit: Connection closed for inactivity]
pro has joined #bitcoin-wizards
Alina-malina has quit [Changing host]
Alina-malina has joined #bitcoin-wizards
dkings has quit [Remote host closed the connection]
draynium has joined #bitcoin-wizards
BCBot_ has quit [Remote host closed the connection]
BCBot has joined #bitcoin-wizards
afk11 has quit [Ping timeout: 255 seconds]
afk11 has joined #bitcoin-wizards
dkings has joined #bitcoin-wizards
JayDugger has quit [Ping timeout: 240 seconds]
dkings has quit [Ping timeout: 264 seconds]
blackwraith has joined #bitcoin-wizards
priidu has joined #bitcoin-wizards
Sosumi has joined #bitcoin-wizards
dkings has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
dkings has quit [Ping timeout: 260 seconds]
bitcoin-wizards8 has joined #bitcoin-wizards
dkings has joined #bitcoin-wizards
bitcoin-wizards8 has quit [Client Quit]
copumpkin has joined #bitcoin-wizards
kenshi84_ has joined #bitcoin-wizards
kenshi84 has quit [Ping timeout: 255 seconds]
copumpkin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
copumpkin has joined #bitcoin-wizards
contrapumpkin has joined #bitcoin-wizards
WungFu has joined #bitcoin-wizards
aalex has joined #bitcoin-wizards
copumpkin has quit [Ping timeout: 260 seconds]
sausage_factory has joined #bitcoin-wizards
aalex has quit [Ping timeout: 276 seconds]
blackwraith has quit [Ping timeout: 255 seconds]
cdecker has quit [Remote host closed the connection]
<frib>
i thought it "hit two birds with one stone" ?
pero0 has joined #bitcoin-wizards
pero0 has quit [Client Quit]
pero has quit [Ping timeout: 256 seconds]
pero0 has joined #bitcoin-wizards
JackH has quit [Remote host closed the connection]
pero0 is now known as pero
<gmaxwell>
bsm1175321: that isn't correct.
<gmaxwell>
MW eliminates the need for any node to store most historical data, and eliminates the need to transfer it in syncing.
<bsm1175321>
Good point.
<sipa>
bsm1175321: its fungibility/privacy is similar (and perhaps a bit better due to simpler coinjojn) than CT
<sipa>
and conpared to CT, it is a massive scaling improvement
<sipa>
compared to bitcoin as it exists today, it's also a scalability improvement in asymptotics, but with a terrible constant factor
Emcy_ has joined #bitcoin-wizards
Emcy_ has quit [Changing host]
Emcy_ has joined #bitcoin-wizards
<bsm1175321>
Yes...I've explained Monero/RingCT to a few people this week...(they use CT). The scalability implications are scary. 10x worse AFAICT. MW is better.
<gmaxwell>
...
<gmaxwell>
Monero's scalability problems have nothing to do with CT.
<bsm1175321>
Monero tx sizes are 10x larger now, because of the range proofs, no?
<gmaxwell>
MW is a massive scalablity improvement over _bitcoin_.
<bsm1175321>
gmaxwell: I'm referring only to range proofs, not your Elements Alpha CT implementation...
<sipa>
CT is something like a 20x size increase for bitcoin transaction sizes
<pero>
there are rangeproof optimizations available to monero
Emcy has quit [Ping timeout: 256 seconds]
<sipa>
compared to CT however, MW is a massive improvemt
Emcy has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy has quit [Changing host]
Yogh has quit [Ping timeout: 240 seconds]
<gmaxwell>
bsm1175321: you're missing the point though. MW (esp with the syncing signatures) makes it possible to fetch only the UTXO set and ignore the history.
Yogh has joined #bitcoin-wizards
<gmaxwell>
You can actually seperate out the CT part of MW and just leave it off and have the scalablity improvement without any range proofs.
<gmaxwell>
though that would be silly because the value privacy is important.
<bsm1175321>
I thought they were "sinking signatures". :-P
<gmaxwell>
Monero's bad scalablity comes from the fact that you cannot really prune... the set of spendable coins never decreases (well in theory you can do a closure analysis to remove some of it, but thats pretty limited because hopefully the closure is all of the coins).
Emcy_ has quit [Ping timeout: 264 seconds]
<gmaxwell>
CT's scalability alone is the same as bitcoin just different by a constant factor (somewhat larger transactions)-- and under /handwave handwave/ assumptions about tech progressions, any constant factor change is just equal to some number of months of tech development.
<gmaxwell>
MW eliminates the need to handle history while having the same security properties as bitcoin (though losing a lot of flexiblity and making the DL assumption much more important).
<bsm1175321>
Guys are there any plans yet for MW in testnet/sidechain? Will it be added to Elements Alpha, or something else?
Davasny has quit [Remote host closed the connection]
<amiller>
is there a current best writeup about MW
<amiller>
i don't remember how it compresses history without introducing extra assumption, i.e. having UTXO commitments also allows forgetting all the history, but only if you are willing to trust SPV security which is an extra assumption, and i think MW is similar
<gmaxwell>
amiller: no, MW is not spv security except exactly as bitcoin is (basically whomever the coins awarded to when they're generated inherently only has SPV security)
<gmaxwell>
amiller: MW's UTXO set has a special property where the sum of the generated coins commitments equals the sum of the utxo commitments. So to create a candidate utxo set you must know a sequence of private keys that connect the generations to the utxo set.
<gmaxwell>
e.g. with a commited utxo set some miners could just randomly steal unspent coins from the earlier history that they're extending. With MW they could not do that.
<gmaxwell>
amiller: andrew's writeup for scaling bitcoin is the best one I think.
<amiller>
there's a narrow set of assumptions under which a miner could do that attack against UTXO-commitment-coin right?
<amiller>
e.g. that can only happen if there's a short duration during which most of the miners go to sleep, bad miners are in charge for a few dozen blocks, and then when the rest of the miners come back online they don't sync all the history, but just do an SPV update right
<gmaxwell>
amiller: dunno about narrow, a miner could exploit you with a fake utxo set if they had the most hashpower that you could see. E.g. they've partitioned you, OR they (temporarily) have most of the hashpower.
<amiller>
ok, in that attack model, if i mined the coinbase transaction from a very old block, could I not just revert all the transactions that depended on that transaction and take them back, essentially double-spending my old coinbase transaction?
<gmaxwell>
amiller: the key point is that the bitcoin white paper doesn't just flat argue that alturistic parties have most of the hashpower it argues that its economically rational to use your hashpower to cooperate... probably the weakest point of the whitepaper, in any case. So the observation there is that if you can steal effectively arbritary amounts of bitcoin, not just what you could double spend,
<gmaxwell>
the economics of defection are much more attractive.
<gmaxwell>
amiller: no, because of the additional r values added by transactions (which without the sinking signatures optimization makes MW still be O(1) in transactions, though the constant factors are good.. 32 bytes per transaction.)
<amiller>
ok. i still dont have a clear view of what exactly the MW verifier checks, especially when syncing, maybe i can infer it from the grin implementation tho
dkings has quit []
<kanzure>
er, read the section "Block verification" in the second talk (november)
<amiller>
the arugment specifically is that the "Partial Verification" here is just as good as full verification, or at least better than SPV verification with UTXO-commitments, right?
<frib>
kanzure, thank you! i see this: Q: if I have a million transactions per second... A: Mimblewimble will not help you with this."
<gmaxwell>
It doesn't help that the grin stuff doesn't implement syncing signatures.
<kanzure>
frib: well, you could do something like a payment channel if you wanted that, but in general you are not going to get a million transactions/sec with any decentralized consensus protocol
<frib>
so basically MW apparently resolves on-disk scalability but not real-time scalability