#bitcoin-wizards on 2020-01-11 — irc logs at freenode.irclog.whitequark.org

2015-10-30 00:53 sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja

00:00 dfj1 has quit []

00:02 Chris_Stewart_5 has quit [Ping timeout: 265 seconds]

00:22 Giszmo has quit [Remote host closed the connection]

00:39 belcher has quit [Quit: Leaving]

00:45 jsfan has joined #bitcoin-wizards

00:46 andytoshi has quit [Ping timeout: 260 seconds]

00:55 shush has joined #bitcoin-wizards

01:00 shush has quit [Ping timeout: 260 seconds]

01:02 meshcollider has joined #bitcoin-wizards

01:03 AbramAdelmo has quit [Read error: Connection reset by peer]

01:04 AbramAdelmo has joined #bitcoin-wizards

01:06 rotarydialer has quit [Ping timeout: 250 seconds]

01:07 jcv has quit [Ping timeout: 250 seconds]

01:07 jcv has joined #bitcoin-wizards

01:07 rotarydialer has joined #bitcoin-wizards

01:13 AbramAdelmo has quit [Remote host closed the connection]

01:13 AbramAdelmo has joined #bitcoin-wizards

01:15 AbramAdelmo has quit [Remote host closed the connection]

01:19 uiuc-slack has quit [Remote host closed the connection]

01:19 uiuc-slack has joined #bitcoin-wizards

01:48 andytoshi has joined #bitcoin-wizards

01:48 andytoshi has quit [Changing host]

01:48 andytoshi has joined #bitcoin-wizards

01:57 AbramAdelmo has joined #bitcoin-wizards

02:19 marcoagner has quit [Ping timeout: 260 seconds]

02:33 mryandao has quit [Ping timeout: 240 seconds]

02:33 Belkaar has quit [Ping timeout: 258 seconds]

02:33 Belkaar has joined #bitcoin-wizards

02:33 Belkaar has quit [Changing host]

02:37 mryandao has joined #bitcoin-wizards

02:39 AaronvanW has quit [Remote host closed the connection]

02:57 TheoStorm has quit [Quit: Leaving]

03:00 jsfan has quit []

03:01 pinheadmz has quit [Quit: pinheadmz]

03:09 shesek has quit [Read error: Connection reset by peer]

03:09 shesek has joined #bitcoin-wizards

03:09 shesek has quit [Changing host]

03:09 shesek has joined #bitcoin-wizards

03:20 shush has joined #bitcoin-wizards

03:31 shush has quit [Remote host closed the connection]

03:31 shush has joined #bitcoin-wizards

03:41 shush has quit [Ping timeout: 260 seconds]

03:45 dmlloyd_laptop has joined #bitcoin-wizards

03:55 davispuh has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]

04:14 AaronvanW has joined #bitcoin-wizards

04:29 ddustin has joined #bitcoin-wizards

04:33 ddustin_ has joined #bitcoin-wizards

04:36 ddustin has quit [Ping timeout: 260 seconds]

04:48 AaronvanW has quit [Ping timeout: 268 seconds]

04:51 CryptoDavid has quit [Quit: Connection closed for inactivity]

05:13 ddustin_ has quit [Read error: Connection reset by peer]

05:13 ddustin has joined #bitcoin-wizards

05:16 slivera has joined #bitcoin-wizards

05:21 AbramAdelmo has quit [Ping timeout: 260 seconds]

05:22 AbramAdelmo has joined #bitcoin-wizards

05:46 AbramAdelmo has quit [Ping timeout: 260 seconds]

05:48 AbramAdelmo has joined #bitcoin-wizards

05:48 AbramAdelmo_ has joined #bitcoin-wizards

05:49 AbramAdelmo has quit [Read error: Connection reset by peer]

05:49 AbramAdelmo has joined #bitcoin-wizards

05:52 AbramAdelmo_ has quit [Read error: Connection reset by peer]

05:56 ddustin has quit [Remote host closed the connection]

05:56 ddustin has joined #bitcoin-wizards

06:00 dmlloyd_laptop has quit []

06:01 ddustin has quit [Ping timeout: 248 seconds]

06:04 ryan-c has quit [Quit: znc]

06:04 ryan-c has joined #bitcoin-wizards

06:04 kayront has quit [Quit: ZNC 1.7.5 - https://znc.in]

06:04 kayront has joined #bitcoin-wizards

06:05 kayront is now known as Guest28262

06:17 brycec1 has joined #bitcoin-wizards

06:18 shush has joined #bitcoin-wizards

06:22 shush has quit [Ping timeout: 260 seconds]

06:27 Hunger- has quit [Ping timeout: 250 seconds]

06:31 Apocalyptic has quit [Ping timeout: 248 seconds]

06:31 Apocalyptic_ has joined #bitcoin-wizards

06:31 Apocalyptic_ is now known as Apocalyptic

06:44 Hunger- has joined #bitcoin-wizards

06:45 AaronvanW has joined #bitcoin-wizards

07:17 AaronvanW has quit [Ping timeout: 265 seconds]

07:23 beta-orbiter has joined #bitcoin-wizards

07:23 beta-orbiter has left #bitcoin-wizards [#bitcoin-wizards]

07:23 beta-orbiter has joined #bitcoin-wizards

07:23 Hari_Seldon has left #bitcoin-wizards [#bitcoin-wizards]

08:35 shesek has quit [Read error: Connection reset by peer]

08:35 shesek has joined #bitcoin-wizards

08:35 shesek has quit [Changing host]

08:35 shesek has joined #bitcoin-wizards

08:42 midnight has quit [Ping timeout: 264 seconds]

08:54 pinheadmz has joined #bitcoin-wizards

08:57 ddustin has joined #bitcoin-wizards

09:00 brycec1 has quit []

09:02 ddustin has quit [Ping timeout: 260 seconds]

09:14 pinheadmz has quit [Quit: pinheadmz]

09:15 AaronvanW has joined #bitcoin-wizards

09:17 unfo- has joined #bitcoin-wizards

09:33 beta-orbiter has quit [Remote host closed the connection]

09:33 beta-orbiter has joined #bitcoin-wizards

09:34 beta-orbiter has quit [Client Quit]

09:36 imawhale has joined #bitcoin-wizards

09:36 shush has joined #bitcoin-wizards

09:37 imawhale has left #bitcoin-wizards [#bitcoin-wizards]

09:41 shush has quit [Ping timeout: 248 seconds]

09:56 <dr-orlovsky> Sorry for a possible stupid question, but am I right that if we have 256-bit amounts, we can do Pedersen commitments w/o any range proofs & risking to have an inflation?

09:56 <dr-orlovsky> *possibly

10:03 shush has joined #bitcoin-wizards

10:08 shush has quit [Ping timeout: 260 seconds]

10:09 shush has joined #bitcoin-wizards

10:14 shush has quit [Ping timeout: 248 seconds]

10:19 shush has joined #bitcoin-wizards

10:23 shush has quit [Ping timeout: 260 seconds]

10:30 shush has joined #bitcoin-wizards

10:32 AaronvanW has quit [Ping timeout: 258 seconds]

10:37 shush has quit [Ping timeout: 260 seconds]

10:42 shush has joined #bitcoin-wizards

10:47 shush has quit [Ping timeout: 248 seconds]

10:50 murray_ is now known as murrayn

10:50 murrayn has quit [Changing host]

10:50 murrayn has joined #bitcoin-wizards

11:00 shush has joined #bitcoin-wizards

11:08 <fluffypony> dr-orlovsky: how would you do commitments without range proofs and still prevent inflation?

11:11 <dr-orlovsky> Range proofs are required to demonstrate that the given value does not "overflow", i.e. it is not greater that the maximum allowed total supply, which, in case of bitcoin, is 64-bit. So range proofs used to verify that the amount behind the commitment is less than 64-bit value. If our amount are 256 bits, one can not construct a Pedersen commitment that will "overflow", so I assume range proofs are not needed in this case

11:12 jonatack has quit [Ping timeout: 260 seconds]

11:15 <dr-orlovsky> I.e. if I'd like to show that a+b (inputs) - (x+y) (outputs) = 0, and a, b, x, y are 64-bit values, and use Pedersen commitments (which result in 256 bit values), I will convert a,b,x,y each into 256-bit integer (before constructing a commitment) and attach a range proofs that each of them is not greater than 2^64. If the original a,b,x,y are 256-bit integer, no reason to prove that they are <2^256

11:16 marcoagner has joined #bitcoin-wizards

11:37 AaronvanW has joined #bitcoin-wizards

11:40 Kiminuo has joined #bitcoin-wizards

11:45 belcher has joined #bitcoin-wizards

12:00 unfo- has quit []

12:03 TheoStorm has joined #bitcoin-wizards

12:04 shush has quit [Ping timeout: 260 seconds]

12:11 shush has joined #bitcoin-wizards

12:13 slivera has quit [Quit: Leaving]

12:13 Guyver2 has joined #bitcoin-wizards

12:15 shush has quit [Ping timeout: 260 seconds]

12:17 MTecknology1 has joined #bitcoin-wizards

12:17 shush has joined #bitcoin-wizards

12:21 shush has quit [Ping timeout: 248 seconds]

12:22 Chris_Stewart_5 has joined #bitcoin-wizards

12:23 shush has joined #bitcoin-wizards

12:28 shush has quit [Ping timeout: 260 seconds]

12:29 Krellan__ has joined #bitcoin-wizards

12:29 Krellan_ has quit [Read error: Connection reset by peer]

12:31 Krellan_ has joined #bitcoin-wizards

12:33 shush has joined #bitcoin-wizards

12:34 AbramAdelmo has quit [Remote host closed the connection]

12:34 AbramAdelmo has joined #bitcoin-wizards

12:35 Krellan__ has quit [Ping timeout: 260 seconds]

12:40 _whitelogger has joined #bitcoin-wizards

12:40 AbramAdelmo has quit [Remote host closed the connection]

12:42 shush has quit [Ping timeout: 260 seconds]

12:51 joncoe has joined #bitcoin-wizards

12:51 shush has joined #bitcoin-wizards

12:53 AbramAdelmo has joined #bitcoin-wizards

12:54 AbramAdelmo_ has joined #bitcoin-wizards

12:56 shush has quit [Ping timeout: 248 seconds]

12:56 imawhale has joined #bitcoin-wizards

12:58 AbramAdelmo has quit [Ping timeout: 260 seconds]

13:02 shush has joined #bitcoin-wizards

13:06 shush has quit [Ping timeout: 260 seconds]

13:09 shush has joined #bitcoin-wizards

13:17 amptwo has joined #bitcoin-wizards

13:19 shush has quit [Ping timeout: 248 seconds]

13:27 TheoStorm has quit [Remote host closed the connection]

13:30 shush has joined #bitcoin-wizards

13:35 shush has quit [Ping timeout: 260 seconds]

13:35 Kiminuo has quit [Ping timeout: 265 seconds]

13:38 shush has joined #bitcoin-wizards

13:38 Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]

13:42 shush has quit [Ping timeout: 245 seconds]

13:43 shush has joined #bitcoin-wizards

13:48 shush has quit [Ping timeout: 260 seconds]

13:56 Chris_Stewart_5 has quit [Ping timeout: 240 seconds]

14:03 shush has joined #bitcoin-wizards

14:09 shush has quit [Ping timeout: 268 seconds]

14:20 amptwo has quit [Ping timeout: 268 seconds]

14:21 Chris_Stewart_5 has joined #bitcoin-wizards

14:31 AbramAdelmo_ has quit [Remote host closed the connection]

14:47 amptwo has joined #bitcoin-wizards

14:48 imawhale has quit [Ping timeout: 260 seconds]

14:51 davispuh has joined #bitcoin-wizards

15:00 MTecknology1 has quit []

15:06 davispuh has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]

15:06 AbramAdelmo has joined #bitcoin-wizards

15:08 davispuh has joined #bitcoin-wizards

15:17 sirkitree has joined #bitcoin-wizards

15:32 TheoStorm has joined #bitcoin-wizards

15:47 CryptoDavid has joined #bitcoin-wizards

15:55 TheoStorm has quit [Remote host closed the connection]

16:03 Chris_Stewart_5 has quit [Ping timeout: 268 seconds]

16:19 amptwo has quit [Ping timeout: 265 seconds]

16:26 Chris_Stewart_5 has joined #bitcoin-wizards

16:27 <tromp_> then you can trivially transfer a 1 sat input into two outputs of 2 sat and r-1 sats, where r is secp256k1 order, and spend forever from latter output

16:28 <tromp_> ignoring overflow doesn't mean you eliminated it

16:29 <tromp_> 256 bit amounts simply make it impossible to detect overflow with rangeproofs

16:29 brianhoffman_ has joined #bitcoin-wizards

16:30 Guyver2 has joined #bitcoin-wizards

16:31 brianhoffman has quit [Ping timeout: 260 seconds]

16:31 brianhoffman_ is now known as brianhoffman

16:49 Belkaar has quit [Ping timeout: 258 seconds]

16:50 Belkaar has joined #bitcoin-wizards

16:50 Belkaar has quit [Changing host]

16:50 Belkaar has joined #bitcoin-wizards

16:52 morcos has quit [Remote host closed the connection]

16:52 morcos has joined #bitcoin-wizards

16:53 AbramAdelmo has quit [Read error: Connection reset by peer]

16:53 AbramAdelmo has joined #bitcoin-wizards

17:01 pinheadmz has joined #bitcoin-wizards

17:09 <waxwing> who invented modular arithmetic anyway? that was a mistake.

17:14 mauz555 has joined #bitcoin-wizards

17:15 joncoe has quit [Quit: Konversation terminated!]

17:15 markus-k has quit [Ping timeout: 240 seconds]

17:15 markus-k has joined #bitcoin-wizards

17:29 Chris_Stewart_5 has quit [Ping timeout: 258 seconds]

17:33 bitdex has joined #bitcoin-wizards

17:36 pinheadmz has quit [Quit: pinheadmz]

17:38 mauz555 has quit []

17:49 Chris_Stewart_5 has joined #bitcoin-wizards

17:51 Kiminuo has joined #bitcoin-wizards

18:00 sirkitree has quit []

18:01 setpill has joined #bitcoin-wizards

18:05 shush has joined #bitcoin-wizards

18:10 shush has quit [Ping timeout: 260 seconds]

18:17 Laat has joined #bitcoin-wizards

18:17 ryan-c` has joined #bitcoin-wizards

18:18 ryan-c has quit [Read error: Connection reset by peer]

18:18 ryan-c` is now known as ryan-c

18:23 pinheadmz has joined #bitcoin-wizards

18:33 setpill has quit [Quit: o/]

18:35 tynes_ has joined #bitcoin-wizards

18:36 tynes has quit [Ping timeout: 268 seconds]

18:40 jeremyrubin has quit [Ping timeout: 268 seconds]

18:47 victorSN has quit [Ping timeout: 240 seconds]

18:48 victorSN has joined #bitcoin-wizards

18:49 Chris_Stewart_5 has quit [Ping timeout: 240 seconds]

18:53 victorSN6 has joined #bitcoin-wizards

18:54 sipa has quit [Ping timeout: 240 seconds]

18:57 victorSN has quit [Client Quit]

18:57 victorSN6 is now known as victorSN

19:00 dr-orlovsky has quit [Ping timeout: 240 seconds]

19:01 <bsm1175321> gmaxwell, andytoshi: FWIW, the last time I worked with Shamir shares, I did also build a consensus system. Each device (share) had to be online, able to verify commitments to shares, change share epochs (redistribution), etc.

19:01 sipa has joined #bitcoin-wizards

19:01 <bsm1175321> Obviously, each share being online and adding a consensus system is a pretty serious design consideration.

19:02 dr-orlovsky has joined #bitcoin-wizards

19:02 Chris_Stewart_5 has joined #bitcoin-wizards

19:02 <bsm1175321> But, if shareholders are capable of verifying each other, it solves a lot of problems...but it does imply a consensus system.

19:05 <bsm1175321> <aside> Thursday's BitDevsNYC had a presenter claiming a "novel MPC multi-signature scheme" showing no details, with andytoshi and sipa in the audience... I could barely hold it together knowing the hard work those guys and others are putting into it, and the challenges...

19:10 pinheadmz has quit [Quit: pinheadmz]

19:19 brianhoffman_ has joined #bitcoin-wizards

19:20 x-warrior_ has joined #bitcoin-wizards

19:20 bitdex has quit [Ping timeout: 240 seconds]

19:21 kayront has joined #bitcoin-wizards

19:21 victorSN has quit [Quit: Ping timeout (120 seconds)]

19:21 brianhoffman has quit [Read error: Connection reset by peer]

19:21 Guest28262 has quit [Read error: Connection reset by peer]

19:21 x-warrior has quit [Quit: ZNC 1.7.x-git-847-5132ea98 - https://znc.in]

19:21 brianhoffman_ is now known as brianhoffman

19:21 kayront is now known as Guest40148

19:22 GAit has quit [Ping timeout: 265 seconds]

19:22 bitdex has joined #bitcoin-wizards

19:23 rh0nj has quit [Ping timeout: 240 seconds]

19:29 tromp has joined #bitcoin-wizards

19:32 tromp_ has quit [Ping timeout: 252 seconds]

19:49 GAit has joined #bitcoin-wizards

20:00 <dr-orlovsky> tromp: yep, thanks for a sample case. But wouldn't 256-bits allow smaller range proofs, i.e. we need just to prove that for instance that a single (highest) bit is zero

20:01 <sipa> dr-orlovsky: unfortunately no

20:01 <sipa> in order to prove something about the top bit, you need to make a bit decompositiom first

20:02 <sipa> and it's the bit decomposition that is expensive, counterintuitively

20:02 Chris_Stewart_5 has quit [Ping timeout: 260 seconds]

20:04 <dr-orlovsky> oh, I see. Ok, how many 256-bit numbers are there that are > p (i.e. Secp256k1/G order)? I assume not a lot, about 2^-127 of all possible values. So we may just "know" P=G*x and K=H*x for all x>p and exclude them at the program level

20:05 <dr-orlovsky> 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1 dots * 2, i.e. ~2^33

20:05 <dr-orlovsky> something like a 8 GB * 32 bytes = 256GB of data to exclude

20:06 <dr-orlovsky> quite a lot, but not _unrealistically_ a lot, as for static data....

20:11 lukedashjr has joined #bitcoin-wizards

20:12 luke-jr has quit [Ping timeout: 268 seconds]

20:15 davispuh has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]

20:16 lukedashjr is now known as luke-jr

20:25 bitcoin-wizards1 has joined #bitcoin-wizards

20:27 davispuh has joined #bitcoin-wizards

20:32 real_or_random has quit [Ping timeout: 260 seconds]

20:33 bitcoin-wizards1 has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]

20:38 real_or_random has joined #bitcoin-wizards

20:45 AbramAdelmo has quit [Remote host closed the connection]

20:46 AbramAdelmo has joined #bitcoin-wizards

21:00 Laat has quit []

21:05 AbramAdelmo has quit [Remote host closed the connection]

21:16 mackr has joined #bitcoin-wizards

21:17 <sipa> dr-orlovsky: you can't just exclude numbers above p

21:17 <sipa> that does not prevent overflow

21:18 Belkaar has quit [Quit: bye]

21:18 <dr-orlovsky> so no hope to get rid of probabilistic zk and high range proof size :(

21:20 <sipa> if you have at most say 2^16 inputs/outputs in a tx, you can e.g. limit each to (p/2^16)

21:20 <sipa> that will prevent overflow

21:20 <sipa> but that requires a proof for 224 bits each

21:21 <sipa> so you're better off limiting further in the proof

21:21 Belkaar has joined #bitcoin-wizards

21:21 Belkaar has quit [Changing host]

21:21 Belkaar has joined #bitcoin-wizards

21:21 <sipa> as 52-bit proofs are cheaper than 224-bit ones

21:33 brianhoffman_ has joined #bitcoin-wizards

21:34 brianhoffman has quit [Ping timeout: 268 seconds]

21:34 brianhoffman_ is now known as brianhoffman

21:39 AbramAdelmo has joined #bitcoin-wizards

21:40 <dr-orlovsky> sipa: thanks for explaining!

21:40 cdecker has joined #bitcoin-wizards

21:42 davispuh has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]

21:44 brianhoffman has quit [Quit: brianhoffman]

21:45 davispuh has joined #bitcoin-wizards

21:57 Kiminuo has quit [Ping timeout: 268 seconds]

21:59 Hunger- has quit [Ping timeout: 250 seconds]

22:07 imawhale has joined #bitcoin-wizards

22:08 Hunger- has joined #bitcoin-wizards

22:08 Jackielove4u has quit [Quit: Connection closed for inactivity]

22:09 brianhoffman has joined #bitcoin-wizards

22:11 slivera has joined #bitcoin-wizards

22:16 _whitelogger has joined #bitcoin-wizards

22:24 jonatack has joined #bitcoin-wizards

22:26 <tromp> you can limit rangeproofs to 48 bit, as 2^48 satoshi is over 13.4 % of all 21M bitcoin, but that doesn't save much space over 64 bit rangeproofs.

22:26 victorSN has joined #bitcoin-wizards

22:35 Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]

22:41 shush has quit [Remote host closed the connection]

22:41 shush has joined #bitcoin-wizards

22:44 shush has quit [Remote host closed the connection]

22:45 shush has joined #bitcoin-wizards

22:50 shush has quit [Ping timeout: 260 seconds]

22:53 AaronvanW has quit []

22:56 shush has joined #bitcoin-wizards

23:03 shush has quit [Ping timeout: 260 seconds]

23:06 shush has joined #bitcoin-wizards

23:10 shush has quit [Ping timeout: 260 seconds]

23:26 bitcoin-wizards1 has joined #bitcoin-wizards

23:28 bitcoin-wizards1 has quit [Client Quit]

23:36 midnightmagic has joined #bitcoin-wizards

23:42 cdecker has quit [Quit: ZNC - http://znc.in]

23:43 cdecker has joined #bitcoin-wizards

23:43 luke-jr has quit [Ping timeout: 265 seconds]

23:44 luke-jr has joined #bitcoin-wizards