1 2011-09-22 01:51:58 <gmaxwell> k9quaint: normally you'd expect to prove e.g. that functions always return (and, in fact, that they return values in the expected ranges)
  2 2011-09-22 01:53:40 <k9quaint> it is an algorithm designed to generate IRC irony until the heat death of the universe, I think it succeeds at that ;)
  3 2011-09-22 01:54:34 <gmaxwell> k9quaint: then you'd have to explicity state that in the code.
  4 2011-09-22 01:55:41 <doublec> proving irony could be tough
  5 2011-09-22 01:55:44 <k9quaint> why don't we bet some solidcoin on the outcome ;)
  6 2011-09-22 01:55:56 <k9quaint> why settle for only one level of irony?
  7 2011-09-22 03:04:00 <TuxBlackEdo> can gavin sign my fxa890-gd70?
  8 2011-09-22 04:46:05 <CIA-101> libbitcoin: genjix * re7eb154743cb / (6 files in 3 dirs): Mark checked blocks as verified.
  9 2011-09-22 04:54:01 <luke-jr> ;;bc,stats
 10 2011-09-22 04:54:03 <gribble> Current Blocks: 146401 | Current Difficulty: 1755425.3203287 | Next Difficulty At Block: 147167 | Next Difficulty In: 766 blocks | Next Difficulty In About: 5 days, 10 hours, 51 minutes, and 30 seconds | Next Difficulty Estimate: 1714242.93962468 | Estimated Percent Change: -2.34600584981
 11 2011-09-22 05:47:30 <npx> hey guys, i realize this might seem a little silly, but is there some sort of test/scaffold environment that can be used to develop bitcoin apps?
 12 2011-09-22 05:47:45 <npx> nevermind
 13 2011-09-22 06:02:19 <AnnihilaT> hmmm
 14 2011-09-22 06:02:30 <AnnihilaT> did the block chain get spammed or something ?
 15 2011-09-22 06:02:55 <AnnihilaT> seems like ~/.bitcoin/ suddenly has grown alot
 16 2011-09-22 06:02:59 <AnnihilaT> over the last day or two
 17 2011-09-22 06:03:23 <luke-jr> AnnihilaT: too many spam-friendly pools ;p
 18 2011-09-22 06:03:40 <luke-jr> they need to adopt stricter fee requirements
 19 2011-09-22 06:06:56 <AnnihilaT> guess that includes me
 20 2011-09-22 06:06:59 <AnnihilaT> :D
 21 2011-09-22 06:07:12 <AnnihilaT> is that a modification to the daemon src ?
 22 2011-09-22 06:07:25 <AnnihilaT> i really havent looked into that yet
 23 2011-09-22 06:07:33 <AnnihilaT> it might be time to do so
 24 2011-09-22 06:09:12 <sipa> i hope to start some discussion soon about making the fee policy more flexible
 25 2011-09-22 06:10:05 <gjs278> yeah my .bitcoin folder is getting huge now
 26 2011-09-22 06:10:16 <sipa> that's inevitable, i'm afraid
 27 2011-09-22 06:10:21 <AnnihilaT> but currently if you want to change your own policy it needs to be hardcoded ?
 28 2011-09-22 06:10:27 <sipa> yes
 29 2011-09-22 06:10:33 <AnnihilaT> which file ?
 30 2011-09-22 06:11:00 <AnnihilaT> does myuch need changed or just a var somewhere?
 31 2011-09-22 06:11:12 <AnnihilaT> some int ?
 32 2011-09-22 06:11:34 <sipa> depends what you want to change
 33 2011-09-22 06:11:50 <AnnihilaT> i seem to have picked up an extra 1GB tho in the last 2 days
 34 2011-09-22 06:11:51 <sipa> but i wouldn't encourage you to do so without consulting others
 35 2011-09-22 06:11:57 <sipa> wait, what?
 36 2011-09-22 06:12:16 <sipa> which files are how large for you?
 37 2011-09-22 06:12:46 <shadders> extraNonce is part of the main client now isn't it?
 38 2011-09-22 06:12:56 <sipa> it has always been
 39 2011-09-22 06:13:04 <shadders> methinks namecoin is missing it...
 40 2011-09-22 06:13:09 <sipa> i doubt that
 41 2011-09-22 06:13:10 <AnnihilaT> oh wait
 42 2011-09-22 06:13:16 <AnnihilaT> mught have been exageration
 43 2011-09-22 06:13:18 <AnnihilaT> but
 44 2011-09-22 06:13:19 <AnnihilaT> looks
 45 2011-09-22 06:13:22 <AnnihilaT> -s
 46 2011-09-22 06:13:35 <AnnihilaT> # du -hsc .bitcoin/
 47 2011-09-22 06:13:41 <shadders> I'm seeing a ton of duplicate works from a namecoind
 48 2011-09-22 06:13:44 <sipa> how much of that is in database ?
 49 2011-09-22 06:13:48 <sipa> shadders: ?
 50 2011-09-22 06:13:49 <AnnihilaT> quite sure it was half that
 51 2011-09-22 06:13:53 <AnnihilaT> yesterday
 52 2011-09-22 06:13:55 <AnnihilaT> db is
 53 2011-09-22 06:14:03 <AnnihilaT> 393M ./database
 54 2011-09-22 06:14:13 <AnnihilaT> 595M ./blk0001.dat
 55 2011-09-22 06:14:32 <AnnihilaT> looks normal ?
 56 2011-09-22 06:14:36 <sipa> yes
 57 2011-09-22 06:14:39 <shadders> not mine... someone using psj... I just got some logs from them at one point they have a duplicate rate over 90%.... That can't happen with extranonce
 58 2011-09-22 06:15:08 <sipa> ah, don't know anything about namecoin's tweaks
 59 2011-09-22 06:16:21 <shadders> I remember an older version of bitcoind was doing that as well when I first started building psj... might have been the windows version, 0.3.22 or 23...
 60 2011-09-22 06:16:44 <sipa> what is psj?
 61 2011-09-22 06:16:55 <shadders> poolserverj... pushpool alternative
 62 2011-09-22 06:16:57 <AnnihilaT> poolserverj
 63 2011-09-22 06:17:00 <sipa> ah, i see
 64 2011-09-22 06:17:01 <AnnihilaT> java
 65 2011-09-22 06:17:06 <sipa> i assumed so :)
 66 2011-09-22 06:17:35 <sipa> there was a bug in bitcoind that caused duplicate work, up until recently, iirc
 67 2011-09-22 06:17:43 <sipa> but not to that extent
 68 2011-09-22 06:17:47 <sipa> afaik
 69 2011-09-22 06:17:54 <AnnihilaT> dupe work ?
 70 2011-09-22 06:18:10 <AnnihilaT> as in giving out identical work to getwork() calls?
 71 2011-09-22 06:18:12 <shadders> it varied.. sometimes you'd get near all unique sometimes incredibly high dupe rates...
 72 2011-09-22 06:18:55 <shadders> hmmm... whatever patch fixed it mustn't have made it into namecoin then... It behaving the same way I remember bitcoin used...
 73 2011-09-22 06:19:11 <AnnihilaT> how recently was this sipa?
 74 2011-09-22 06:19:23 <AnnihilaT> bug exists in 0.3.24 ?
 75 2011-09-22 06:20:14 <sipa> yes
 76 2011-09-22 06:20:30 <AnnihilaT> hmm
 77 2011-09-22 06:20:41 <sipa> let me have a look
 78 2011-09-22 06:24:25 <npx> 1.3g?
 79 2011-09-22 06:24:29 <npx> [alex@amnesiac ~]$ du -sh .bitcoin/
 80 2011-09-22 06:25:25 <sipa> if your bitcoind has been running for longer, the db log files may be larger
 81 2011-09-22 06:26:07 <npx> this installation is ~8hrs old, it was 2+g by the time i got to 140,000 blocks
 82 2011-09-22 06:26:23 <sipa> ah, if it has been downloading a lot, then too
 83 2011-09-22 06:26:34 <sipa> if you restart it, it'll clean up the logs
 84 2011-09-22 06:26:43 <sipa> ... it should do so periodically anyway
 85 2011-09-22 06:27:53 <npx> it's really no problem on my end, just shared because i thought it might be interesting to some of you
 86 2011-09-22 06:28:09 <npx> restarted and it's 860M now
 87 2011-09-22 06:28:36 <sipa> yes, we're aware of the problem
 88 2011-09-22 06:28:48 <sipa> i noticed it myself too
 89 2011-09-22 08:30:06 <Joric> just tried bitcoinj, network discovery is weird
 90 2011-09-22 08:31:10 <Joric> looks like 90% of clients are firewalled why they even post their ip
 91 2011-09-22 08:32:40 <Joric> maybe it's worth to add port checking via stun or something
 92 2011-09-22 08:35:09 <Joric> ~45% refused ~45% timed out, bootstrapping is terribly slow
 93 2011-09-22 08:35:57 <sipa> doesn't it use DNS seeding?
 94 2011-09-22 08:36:08 <Joric> it does
 95 2011-09-22 08:36:23 <Joric> 39 peers from dns, 2850 from irc
 96 2011-09-22 08:37:14 <Graet> shadders   ^^
 97 2011-09-22 08:37:18 <Joric> dunno why 39
 98 2011-09-22 08:37:52 <Joric> probably it's hardcoded
 99 2011-09-22 08:37:53 <shadders> huh?
100 2011-09-22 08:38:14 <Graet> oops
101 2011-09-22 08:38:36 <Graet> boicoind not poolserv soz
102 2011-09-22 08:39:08 <shadders> defaultHosts = new String[] {
103 2011-09-22 08:39:09 <shadders> "dnsseed.bluematt.me",      // Auto generated
104 2011-09-22 08:39:20 <shadders> dns seed hosts bitcoinj uses
105 2011-09-22 08:39:48 <shadders> yes there's an awful lot of non-listening hosts in IRC... The trouble is they are listening but don't know they're firewalled...
106 2011-09-22 08:39:52 <Joric> looks like it's one round, 13 hosts from each seed
107 2011-09-22 08:41:00 <shadders> there's also 40 * 8 default hosts which are hard coded...
108 2011-09-22 08:41:18 <shadders> but probably only used if IRC is down and not enough from dns
109 2011-09-22 08:41:52 <shadders> Joric: the same thing happens with bitcoind... it's just invisible...
110 2011-09-22 08:42:41 <shadders> once it gets one good connection the addr exchanges provid a much more reliable list
111 2011-09-22 08:43:34 <Joric> there are stun servers exactly for that
112 2011-09-22 08:43:40 <Joric> i wrote a stun client once http://pastebin.com/ew3kbbbE
113 2011-09-22 08:43:59 <Joric> of course there are reference implementations
114 2011-09-22 08:44:42 <Joric> though it would make the network slightly even more centralized than now :)
115 2011-09-22 08:46:20 <Joric> if clients would use stun server to determine type of nat and publish their ip only if they are able to listen it would make bootstrapping a lot faster
116 2011-09-22 08:46:38 <shadders> I'm build a hub node proxy that sits in front of a daemon and handles thousands of connections... should improve things... it advertises itself like a cheap hooker
117 2011-09-22 08:49:07 <Joric> do clients send a list of 'good nodes' to each other ? i don't quite remember
118 2011-09-22 08:50:45 <Joric> don't like what i see in logs, got 2850 peers from irc discovery, can't connect to anyone
119 2011-09-22 08:55:23 <Joric> each takes a one second timeout
120 2011-09-22 09:18:17 <acrophobia_> hello. i was just discussing on #bitcoin a possible attack vector for zero-confirm transactions, they suggested i inquire here
121 2011-09-22 09:19:21 <acrophobia_> basically, if you have a mining pool owning (say) 5% of the network, does that mean you can actually divert 5% of all zero-confirm transaction back to yourself?
122 2011-09-22 09:20:00 <acrophobia_> so like suppose (as the owner of the pool), i go to some shop, buy my t-shirt (accepted with zero-confirm) then instruct my pool to ignore this transaction and instead deliver the coins to a 2nd account
123 2011-09-22 09:20:20 <cacheson> acrophobia_: yes, you'd have a 5% chance of succeeding
124 2011-09-22 09:20:55 <acrophobia_> now i think this attack can be done i parallel..i could have all my friends do the same thing. if they go out to the shops to buy something, then if they use my (hypothetical) specialized client that connects to my dark pool, they have a 5% chance of getting the product for free
125 2011-09-22 09:21:16 <cacheson> yep
126 2011-09-22 09:21:36 <cacheson> but 5% of the network is a big investment for facilitating petty theft
127 2011-09-22 09:21:57 <cacheson> it's up to merchants to decide if the risk is worth accepting zero-confirmation transactions
128 2011-09-22 09:22:29 <acrophobia_> cacheson: perhaps. but remember that could just be an alternative revenue source for a pool. they already make money from mining, this just gives them extra profits
129 2011-09-22 09:23:51 <cacheson> acrophobia_: at 5% of the network, you're making 360 BTC per day
130 2011-09-22 09:24:03 <cacheson> stealing a few shirts is a drop in the bucket
131 2011-09-22 09:24:21 <acrophobia_> cacheson: the catch is that if the pool actually ploughs the proceeds from the "discount scheme" back into their mining, then you get a feedback loop. bigger discounts => bigger pool => bigger discounts
132 2011-09-22 09:24:44 <cacheson> um, no
133 2011-09-22 09:25:06 <acrophobia_> no?
134 2011-09-22 09:25:23 <cacheson> especially considering that it'd be obvious that the pool is doing the double-spends
135 2011-09-22 09:26:14 <acrophobia_> how would it be obvious? (not saying it isn't, just wondering how you could tell and what you could do about it)
136 2011-09-22 09:27:08 <sipa> huh, you can't forge transactions
137 2011-09-22 09:27:11 <cacheson> the merchant would have an invalid signed transaction from the thief that conflicts with the transaction that was actually accepted by the pool
138 2011-09-22 09:27:13 <sipa> even with 100% of the network power
139 2011-09-22 09:27:19 <sipa> or am i missing something?
140 2011-09-22 09:27:27 <cacheson> sipa: not about forging
141 2011-09-22 09:27:48 <cacheson> sipa: acrophobia_ is talking about attacks on merchants that accept zero-confirmation transactions
142 2011-09-22 09:27:51 <acrophobia_> cacheson: re: the "drop in the ocean" issue, this is very much dependent on bitcoin reward rate. in a couple of years time (we all hope) there will be far more transactions going through than bitcoins being mined.
143 2011-09-22 09:30:51 <acrophobia_> cacheson: hm, but how would you know which is the correct transaction? perhaps the blockchain police (if there was one) could try to weed out blocks within which there is a transaction that clashes with a tx *outside* the blockchain, but that seems quite complicated to me
144 2011-09-22 09:31:46 <ThomasV> don't move, this is the blockchain police
145 2011-09-22 09:31:56 <cacheson> acrophobia_: the thief is the only one that could have made the transactions
146 2011-09-22 09:31:57 <acrophobia_> ThomasV: ha
147 2011-09-22 09:32:16 <ThomasV> put your hands up and gimme all your money
148 2011-09-22 09:32:22 <cacheson> acrophobia_: it's obvious that it's a double-spend
149 2011-09-22 09:32:45 <cacheson> acrophobia_: so if a certain pool shows a pattern of accepting lots of such transactions, well, there you go
150 2011-09-22 09:33:04 <acrophobia_> cacheson: ok, i agree it's obvious (i mean it could be made obvious with some updated software). but what can be done to prevent it?
151 2011-09-22 09:33:31 <cacheson> acrophobia_: you don't prevent it with software
152 2011-09-22 09:33:46 <acrophobia_> cacheson: are pools 'identified' as such? what if it's more of a botnet style architecture?
153 2011-09-22 09:35:51 <acrophobia_> cacheson: yeah, that's what i'm thinking. i don't think there's really a software solution to this. i contend that merchants should be heavily dissuaded from accepting ZCT, given its potentially malign effects on the network
154 2011-09-22 09:36:29 <cacheson> acrophobia_: it doesn't have bad effects on the network, just possibly on said merchants
155 2011-09-22 09:36:38 <cacheson> acrophobia_: whether they want to accept the risk is up to them
156 2011-09-22 09:37:08 <cacheson> I don't think the economics of the attack work out any better than regular shoplifting
157 2011-09-22 09:37:55 <acrophobia_> cacheson: yes the direct problem of lost earnings is a problem for the merchant. but if this kind of scam becomes popular, which it will if bitcoin becomes popular, then these discount pools will just grow and grow due to the feedback loop
158 2011-09-22 09:38:37 <cacheson> there's no feedback to speak of
159 2011-09-22 09:38:42 <acrophobia_> cacheson: the economics of shoplifting are based on the probability of being caught. here you can't really get caught (presumably the hacked client would only allow a redirect *after* the person has left the building)
160 2011-09-22 09:38:52 <cacheson> if you want to shoplift, you can do it without investing thousands of dollars on computer hardware
161 2011-09-22 09:39:25 <acrophobia_> cacheson: no, here the shoiplifter doesn't spend thousands on hardware, he just downloads the hacked client onto his android
162 2011-09-22 09:39:28 <sipa> merchants should eventually not be dealing with the blockchain itself
163 2011-09-22 09:40:05 <cacheson> acrophobia_: in order to participate in your theoretical rogue mining pool, they need to contribute hash power
164 2011-09-22 09:40:10 <sipa> they'll use a payment processor which provides them with insurance against double-spends or other failures of the block chain
165 2011-09-22 09:41:41 <epscy> sipa: you argue that is speculative
166 2011-09-22 09:41:44 <acrophobia_> cacheson: the shoplifters wouldn't participate in mining themselves, they would just do the shoplifting. they wouldn't have to know anything about GPUs or hashrate, they'd just dl the client as an app and go shopping. in fact, they might not even *know* they were shoplifting if the app represented itself as real.
167 2011-09-22 09:42:23 <cacheson> acrophobia_: then why would the pool bother facilitating this attack for them?
168 2011-09-22 09:43:33 <acrophobia_> cacheson: because the pool would take half of the profits (or whatever percentage makes sense, i'm not a crime-lord so i don't know what the payment structure is for this kind of thing ;) )
169 2011-09-22 09:43:47 <cacheson> acrophobia_: clearly
170 2011-09-22 09:44:02 <acrophobia_> cacheson: touch??
171 2011-09-22 09:49:00 <b4epoche_> there are clearly issues with POS bitcoin transactions that need to be fleshed out...
172 2011-09-22 09:50:01 <b4epoche_> basically, I see bitcoin as making it very easy 'pass bad checks'
173 2011-09-22 09:50:10 <Graet> +1 sipa lmao
174 2011-09-22 09:50:32 <sipa> b4epoche_: true
175 2011-09-22 09:50:44 <b4epoche_> yea, I actually do double takes when others write "POS"
176 2011-09-22 09:51:22 <cacheson> b4epoche_: while it's *technically possible*, it's definitely not very easy if the merchant is doing things right on their end
177 2011-09-22 09:51:57 <b4epoche_> yea, but merchants are usually trying their best to make shopping convenient
178 2011-09-22 09:52:41 <acrophobia_> think about the big picture. lets say bitcoin has the ambition to be used in 0.1% of transactions. in uk, vat is ???83bn / year, so from a total revenue of ???415bn, shop sales contribute ???200bn / year. 0.1% of that is ???200m per year. lets say 5% of these transactions are using the scam client (the state of the world today!) and the pool owner has 5% of the global hashrate. that's then a profit of around ???1M per year
179 2011-09-22 09:52:46 <b4epoche_> waiting 10 minutes for a confirm is not shopper friendly (and nobody start with the alternate blockchain with faster confirms)
180 2011-09-22 09:53:28 <cacheson> b4epoche_: I mean that the point of sale system that they use needs to properly monitor the network for conflicting transactions being broadcast
181 2011-09-22 09:53:30 <b4epoche_> acrophobia_:  you sure you don't need 5% of 5%
182 2011-09-22 09:53:38 <acrophobia_> acrophobia_: and remember this would be a second income source for the pool owner. he's already getting paid to mine
183 2011-09-22 09:53:48 <JFK911> i think the world would be a better place if everyone had to wait 10 minutes to spend money
184 2011-09-22 09:54:04 <JFK911> an hour would be better
185 2011-09-22 09:54:10 <acrophobia_> b4epoche_: yes, i did 5% of 5% (just didn't mention it). but do check that i didn't miss anything in my approxicalc
186 2011-09-22 09:55:07 <b4epoche_> 0.5M pounds
187 2011-09-22 09:56:21 <acrophobia_> ok. so based on these number, the scam pool gets ???500k per year to build his rig even bigger. and of course as he gets bigger, his revenue increases as it's now "10% of 5%" rather than "5% of 5%"
188 2011-09-22 09:56:48 <b4epoche_> what might happen is that when a customer comes in a merchant starts checking their balance
189 2011-09-22 09:56:54 <acrophobia_> so the scam pool is growing at an exponential rate - eventually it will dominate
190 2011-09-22 09:57:12 <b4epoche_> and no one will accept bitcoin
191 2011-09-22 09:57:21 <acrophobia_> exactly
192 2011-09-22 09:57:23 <b4epoche_> at time of purchase
193 2011-09-22 09:57:38 <cacheson> acrophobia_: at 5% of the network, you're pulling in 131400 BTC per year