sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
abpa has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
davec has joined #bitcoin-wizards
oleganza has quit [Quit: oleganza]
[1]keebler has joined #bitcoin-wizards
rmwb has quit [Remote host closed the connection]
rmwb has joined #bitcoin-wizards
keebler has quit [Ping timeout: 240 seconds]
[1]keebler is now known as keebler
boing has joined #bitcoin-wizards
dodomojo has joined #bitcoin-wizards
rmwb has quit []
dodomojo has quit [Ping timeout: 240 seconds]
Ylbam has quit [Quit: Connection closed for inactivity]
Noldorin has quit [Ping timeout: 264 seconds]
igno_peverell has quit [Ping timeout: 240 seconds]
rmwb has joined #bitcoin-wizards
rmwb_ has joined #bitcoin-wizards
rmwb has quit [Read error: Connection reset by peer]
abpa has joined #bitcoin-wizards
jannes has quit [Quit: Leaving]
dodomojo has joined #bitcoin-wizards
lmatteis has quit [Quit: Connection closed for inactivity]
dodomojo has quit [Ping timeout: 246 seconds]
c0rw1n has quit [Ping timeout: 264 seconds]
nanotube has quit [Ping timeout: 240 seconds]
rmwb has joined #bitcoin-wizards
nejon has quit [Ping timeout: 240 seconds]
sipa has quit [Ping timeout: 240 seconds]
rmwb_ has quit [Ping timeout: 240 seconds]
sipa has joined #bitcoin-wizards
jrayhawk_ has quit [Remote host closed the connection]
<musalbas>
Question: why hasn't Satoshi's original blockchain pruning proposal in bitcoin.pdf, of stubbing of branches in the tree of spent transactions, been implemented?
<musalbas>
Instead of deleting entire blocks and just keeping a list of UTXOs?
<musalbas>
Is there no advantages of the original method, compared to the current method?
kristofferR has joined #bitcoin-wizards
<musalbas>
If the original pruning solution is implemented, it seems to me that nodes can be safely bootstrapped with a pruned blockchain, with the worse case, a malicious person can give them a pruned blockchain with deleted UTXOs, which would create a hard fork
rmwb has joined #bitcoin-wizards
Sosumi has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
<musalbas>
(or, create a chain of Bitcoin with more proof-of-work that contains bad transactions..)
<andytoshi>
musalbas: ...that's why, it would reduce the double-spend security to SPV
<musalbas>
Oh, so in theory there would be no difference in the security model with SPV?
<musalbas>
Maybe one advantage could be that it would at least allow nodes to fully verify blocks going forward, and then prune them
<musalbas>
and the double-spend security would be reduced to SPV, but at least you can't be tricked into thinking money is created out of thin air
<andytoshi>
double-spending is creating money out of thin air
<andytoshi>
and you get this pruning benefit with the existing pruning scheme
<musalbas>
but you can't bootstrap new nodes using pruned data from the existing pruning scheme as safely (using just a UTXO list), as they can't verify PoW, etc
<andytoshi>
old PoW without old data doesn't prove anything
<andytoshi>
and selectively-pruned old data isn't useful either
<musalbas>
well SPV nodes validate old PoW without old data, so i don't see why not
oleganza has joined #bitcoin-wizards
<musalbas>
i suppose it would be like SPV security for historic transactions, but full security going forward.. in exchange for faster bootstrapping
<musalbas>
which i don't know if is useful
<andytoshi>
it's not full security going forward because you're taking the utxoset on faith
<andytoshi>
it's SPV the whole way
<musalbas>
true so if the utxoset is wrong and some miner builds on top of a malicious pruned blockchain with a block containing a double spent tx, then the people using that malicious pruned blockchain are now in their own hard forked network
<musalbas>
maybe there's a way for a pruned blockchain with a bad utxo set to 'self-repair', using full blocks that it now verifies going forward after bootstrapping
<musalbas>
(as a malicious pruned blockchain can only delete utxos in the set)
MaxSan has joined #bitcoin-wizards
MaxSan has quit [Read error: Connection reset by peer]
rmwb has quit [Ping timeout: 240 seconds]
mol has joined #bitcoin-wizards
moli_ has quit [Ping timeout: 240 seconds]
CheckDavid has quit [Quit: Connection closed for inactivity]
talmai has joined #bitcoin-wizards
JackH has quit [Remote host closed the connection]
BashCo has quit [Remote host closed the connection]
BashCo has joined #bitcoin-wizards
licnep has joined #bitcoin-wizards
BashCo has quit [Ping timeout: 240 seconds]
laurentmt has joined #bitcoin-wizards
Guest65827 has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
BashCo has joined #bitcoin-wizards
gmaxwell has joined #bitcoin-wizards
<gmaxwell>
amiller: https://arxiv.org/pdf/1703.08761 I see you're thanked in this, I urge you, when talking to researchers writing about parts of bitcoin please urge them to drop a note to the people who created the parts they're writing about.
MoALTz has quit [Quit: Leaving]
<gmaxwell>
amiller: its an interesting paper, but it's unfortunate that it misunderstood the behavior of the system in an important way.
<gmaxwell>
"A key reason that
<gmaxwell>
in all directions at roughly the same rate. This symmetry
<gmaxwell>
trickle both propagate content over the underlying graph
<gmaxwell>
metry of current spreading protocols. That is, diffusion and
<gmaxwell>
deanonymization is currently possible is because of the sym-
<gmaxwell>
enables powerful centrality-based attacks. Thus, a natural
<gmaxwell>
solution is to break the symmetry of diffusion and trickle.
TheSeven has quit [Ping timeout: 258 seconds]
<gmaxwell>
Understanding how to break symmetry without hurting per-
<gmaxwell>
formance is of both theoretical and practical interest."
TheSeven has joined #bitcoin-wizards
<gmaxwell>
--- but it is _not_ symmetrical, the outbound links have half the lambda (twice the rate) of the inbound links; which almost impacts their eavesdroppers, since unless I've misunderstood how they've defined eavesdroppers, they are always inbound connections.
<gmaxwell>
it also mischaracterizes trickle prior to that change, -- "trickle" didn't trickle, it just immediately sent out transactions with minimal reordering.
<amiller>
thanks, i'll pass that on
<amiller>
i don't think eavesdroppers in their model are inherently only inbound or outbound, i'm pretty sure it could be either
rmwb has quit [Ping timeout: 256 seconds]
Noldorin has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
<gmaxwell>
amiller: yes, I suppose it could-- though it's much less effective for outbound, since you can only sample a portion of the potential victims that way.
<amiller>
i didn't know about the half-lambda thing, that's interesting
MaxSan has joined #bitcoin-wizards
<gmaxwell>
also the old trickle stuff was basically doing nothing before it was removed.. most of the time transactions came out immediately and in the same order they came in (and always if an attacker wanted them to)
<gmaxwell>
amiller: there are a number of proposed enhancements (E.g. syncronizing peers in common netgroups, lowering the delay for tor peers, raising the delay for peers that seldom tell us of transactions we'd already learned of elsewhere but not told them yet-- but without a good framework for analizing the effects of such changes it's hard to make them a priority.
<gmaxwell>
(and I don't think this mechenism itself will ever yield actually high levels of privacy)
anon616 has left #bitcoin-wizards [#bitcoin-wizards]
anon616 has joined #bitcoin-wizards
JackH has joined #bitcoin-wizards
Fibonacci has joined #bitcoin-wizards
<Fibonacci>
hey
Fibonacci is now known as goldenangle
goldenangle is now known as fibonacci
fibonacci is now known as goldenangle
goldenangle has quit [Changing host]
goldenangle has joined #bitcoin-wizards
mol has quit [Read error: Connection reset by peer]
JHistone has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
CubicEarthh has joined #bitcoin-wizards
goldenangle is now known as Fibonacci
Fibonacci has quit [Quit: Leaving]
berndj has quit [Ping timeout: 240 seconds]
berndj has joined #bitcoin-wizards
smk has joined #bitcoin-wizards
talmai has quit [Quit: mining]
smk_ has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
smk has quit [Ping timeout: 260 seconds]
smk_ is now known as smk
rusty has quit [Ping timeout: 264 seconds]
CubicEarthh has quit [Remote host closed the connection]
CubicEarthh has joined #bitcoin-wizards
abpa has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
rmwb has quit [Ping timeout: 258 seconds]
smk has quit [Ping timeout: 260 seconds]
JHistone has quit [Ping timeout: 260 seconds]
Sosumi has quit [Quit: Bye]
rusty has joined #bitcoin-wizards
afk11 has quit [Ping timeout: 240 seconds]
CocoBTC has joined #bitcoin-wizards
afk11 has joined #bitcoin-wizards
CubicEarthh has quit [Remote host closed the connection]
lmatteis has quit [Quit: Connection closed for inactivity]
rusty has quit [Ping timeout: 268 seconds]
CubicEarthh has joined #bitcoin-wizards
JHistone has joined #bitcoin-wizards
cucumbers is now known as raccoon
cyphase has quit [Ping timeout: 258 seconds]
cyphase has joined #bitcoin-wizards
Guest50389 is now known as Dav2
CubicEar_ has joined #bitcoin-wizards
CubicEarthh has quit [Ping timeout: 260 seconds]
lmatteis has joined #bitcoin-wizards
itsme_ has joined #bitcoin-wizards
rusty has joined #bitcoin-wizards
rusty has quit [Ping timeout: 260 seconds]
rmwb has joined #bitcoin-wizards
CubicEar_ has quit [Remote host closed the connection]
uiuc-slack has quit [Remote host closed the connection]
uiuc-slack has joined #bitcoin-wizards
moli_ has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 256 seconds]
afk11 has quit [Ping timeout: 240 seconds]
afk11 has joined #bitcoin-wizards
CocoBTC has quit [Quit: Leaving]
chjj has quit [Ping timeout: 268 seconds]
CubicEar_ has joined #bitcoin-wizards
chjj has joined #bitcoin-wizards
CubicEar_ has quit [Read error: Connection reset by peer]
CubicEarthh has joined #bitcoin-wizards
skeuomorf has joined #bitcoin-wizards
andytoshi has quit [Ping timeout: 258 seconds]
shockoo has quit [Read error: Connection reset by peer]
andytoshi has joined #bitcoin-wizards
jannes has quit [Quit: Leaving]
str4d has quit [Ping timeout: 268 seconds]
dnaleor has quit [Quit: Leaving]
chjj has quit [Ping timeout: 240 seconds]
dnaleor has joined #bitcoin-wizards
tromp has joined #bitcoin-wizards
CubicEarthh has quit [Remote host closed the connection]
CubicEarthh has joined #bitcoin-wizards
AaronvanW has quit []
Guyver2 has quit [Quit: :)]
Dav2 has quit [Remote host closed the connection]
andytoshi has quit [Changing host]
andytoshi has joined #bitcoin-wizards
rmwb has joined #bitcoin-wizards
fletom has quit [Ping timeout: 264 seconds]
chjj has joined #bitcoin-wizards
fletom has joined #bitcoin-wizards
skeuomorf has quit [Read error: Connection reset by peer]
CubicEar_ has joined #bitcoin-wizards
CubicEarthh has quit [Ping timeout: 256 seconds]
rusty has joined #bitcoin-wizards
rmwb has quit [Ping timeout: 256 seconds]
chjj has quit [Ping timeout: 268 seconds]
NewLiberty has quit [Ping timeout: 246 seconds]
NewLiberty has joined #bitcoin-wizards
JHistone has quit [Ping timeout: 260 seconds]
chjj has joined #bitcoin-wizards
keebler has joined #bitcoin-wizards
thrmo_ has joined #bitcoin-wizards
thrmo has quit [Killed (barjavel.freenode.net (Nickname regained by services))]
thrmo_ is now known as thrmo
tromp has quit [Remote host closed the connection]
rmwb has joined #bitcoin-wizards
<stevenroose>
Does it make sense to only broadcast your own transactions to outbound peers? Since they have a lower likelihood of being a sniffer?
<sipa>
but it gives a very obvious test for those who are inbound peers
<sipa>
eh, outbounds peers
<sipa>
just connect back to you using a different IP, and if you only announce on the connection to them, it's clear it's a transaction from your
<stevenroose>
sipa, hmm yeah that makes a lot of sense :D
<stevenroose>
hmm
<gmaxwell>
it's important that nothing in your network behavior depends on it being yours or not.
<stevenroose>
Well, you could see "you being the first to send them that tx" being a part of your behavior. More perception maybe than 'programmed' behavior
<bsm1175321>
You know...a mixing network could be used to enhance privacy...by using onion routing and timing delays, a server responding to a request doesn't know who it's for, and the local node you're connected to couldn't know what you queried.
<sipa>
bsm1175321: we already have random timing delays
<gmaxwell>
sure and we support and encourage just running behind tor which goes a long way towards this.
<sipa>
and you can run as a tor hidden service
* bsm1175321
should do that...
<stevenroose>
bsm1175321, yeah small random delays for every peer on every relay might be an idea
<sipa>
stevenroose: ... that's what we're doing
<stevenroose>
oh
<sipa>
well s/we/bitcoin core/
<sipa>
i shouldn't generalize to all software
<stevenroose>
I was looking if it would be possible to do outbound relay only in btcd
<stevenroose>
Let me check if they do random delays
<gmaxwell>
they copied the bitcoin core behavior prior to the current behavior.
<bsm1175321>
How much analysis has gone into that random delay? I mean, traffic analysis can still work, depending on the delay and existence of other traffic...
<sipa>
bsm1175321: the delays are poisson distributed
<gmaxwell>
and significantly higher than the arrival rate of transactions.
<sipa>
bsm1175321: so with N connections, you get N times higher temporal accuracy
<gmaxwell>
The prior behavior provided ~no privacy at all.
<bsm1175321>
sipa is it adaptive at all or does it use fixed Poisson parameters?
<gmaxwell>
we know the (significant) independance is a problem.