1 2011-10-24 00:23:27 <CIA-101> bitcoinj: miron@google.com * r247 /trunk/src/com/google/bitcoin/core/Utils.java: Remove stray line causing a compile error on Java 5
2 2011-10-24 00:24:08 <CIA-101> bitcoinj: miron@google.com * r248 /trunk/ (2 files in 2 dirs): Fix PeerGroup.setMaxConnections for values less than 4. Resolve issue 97
3 2011-10-24 00:50:18 <CIA-101> bitcoin: phantomcircuit * rb2e64d41d664 bitcoin-alt/ (bitcoin.py bitcoin/storage/postgres.py): use prepared statements cache whether block is in db or not
4 2011-10-24 01:00:19 <CIA-101> bitcoin: phantomcircuit * re855606c57c0 bitcoin-alt/ (bitcoin.py bitcoin/peer.py): reduce polling time on epoll and implement getblocks throttling
5 2011-10-24 01:10:22 <CIA-101> bitcoin: phantomcircuit * rfe5de2f43f99 bitcoin-alt/ (bitcoin.py bitcoin/peer.py): remove peer.state
6 2011-10-24 02:39:40 <CIA-101> bitcoinj: miron@google.com * r249 /trunk/tests/com/google/bitcoin/core/MockNetworkConnection.java: Fix another Java-6ism
7 2011-10-24 02:42:18 <FellowTraveler> Hi all.
8 2011-10-24 02:55:20 <CIA-101> bitcoin: phantomcircuit * r3e10ebf13824 bitcoin-alt/ (5 files in 4 dirs): add a bunch of print statements as well as improve handling of genesis block
9 2011-10-24 07:14:29 <gjs278> ;;bc,stats
10 2011-10-24 07:14:33 <gjs278> ;;bc,mtgox
11 2011-10-24 07:14:34 <gribble> Current Blocks: 150426 | Current Difficulty: 1468195.4272208 | Next Difficulty At Block: 151199 | Next Difficulty In: 773 blocks | Next Difficulty In About: 6 days, 14 hours, 27 minutes, and 54 seconds | Next Difficulty Estimate: 1229642.69241006 | Estimated Percent Change: -16.24802328
12 2011-10-24 07:14:35 <gribble> {"ticker":{"high":3.2,"low":2.85,"avg":3.078362842,"vwap":3.047698006,"vol":47623,"last_all":2.90768,"last_local":2.90768,"last":2.90768,"buy":2.8811,"sell":2.90561}}
13 2011-10-24 07:57:15 <ageis> EXCEPTION: 22DbRunRecoveryException on debian... whats the fix?
14 2011-10-24 08:00:27 <CIA-101> bitcoin: phantomcircuit * r7bbb33bff103 bitcoin-alt/ (bitcoin/storage/postgres.py postgresql.sql): remove caching of have_* calls (not useful for most cases)
15 2011-10-24 08:00:29 <CIA-101> bitcoin: phantomcircuit * r9136a2a90630 bitcoin-alt/bitcoin/storage/postgres.py: missed reference to self.transaction_hashes
16 2011-10-24 08:03:07 <ageis> nvm, deleting database in /home/.bitcoin fixed
17 2011-10-24 08:05:04 <ageis> looks like a freq issue with debian or debian-based systems
18 2011-10-24 09:33:04 <cande> is it easy to implement a double spending warning for 0 confirm transaction into a bitcoin client?
19 2011-10-24 09:42:26 <terrytibbs> cande: You'd have to be connected to well established nodes in different parts of the world.
20 2011-10-24 09:43:17 <terrytibbs> "[Transaction Radar] is to build a tool that can detect some attempts at double-spending." - http://www.transactionradar.com/
21 2011-10-24 09:43:37 <terrytibbs> I screwed that quote up, but yeah, you get the point.
22 2011-10-24 09:44:23 <cande> can i spend 5 btc on a coffey, and the same 5 btc to myself, and since I put the timestamp in myself, i put in a earlier timestamp for my transaction, but release that one later
23 2011-10-24 09:44:25 <epscy> oh interesting
24 2011-10-24 09:44:32 <epscy> terrytibbs: how does that work?
25 2011-10-24 09:45:08 <terrytibbs> Poll their API with the txid of the transaction, and it will return the estimated network propagation.
26 2011-10-24 09:45:17 <terrytibbs> Be warned, though.
27 2011-10-24 09:45:25 <edcba> cande: double spending can work if nodes don't wait for confirmation(s)
28 2011-10-24 09:45:48 <terrytibbs> If they use a static set of nodes, and someone finds out where they're at, they can specifically target those nodes during the attack
29 2011-10-24 09:46:44 <cande> hm
30 2011-10-24 09:46:49 <edcba> anyway if you can report double spent coins you may mark some coins less trustworthy than others
31 2011-10-24 09:47:09 <edcba> and then for those wait confirmations
32 2011-10-24 09:47:14 <epscy> edcba: yeah that is what we are discussing in #bitcoin
33 2011-10-24 09:47:46 <edcba> would be interesting to be able to taint coins
34 2011-10-24 09:47:54 <epscy> Etlase seems to think bitcoin nodes should broadcast the second invalid spend as a notification to other nodes
35 2011-10-24 09:48:09 <edcba> indeed
36 2011-10-24 09:48:24 <epscy> i suspect that could be abused, but i am not sure how
37 2011-10-24 09:48:34 <edcba> bandwidth
38 2011-10-24 09:48:36 <edcba> as always
39 2011-10-24 09:49:02 <lfm> cande transactions dont have timestamps till they are confirmed in a block
40 2011-10-24 09:49:21 <cande> lfm, ah
41 2011-10-24 09:49:56 <cande> lfm, but they have a time here: http://bitcoincharts.com/bitcoin/
42 2011-10-24 09:50:29 <lfm> Thats prolly just the time that that node received it
43 2011-10-24 09:51:11 <dikidera> Wow...this was the first time in a dream i ever said ...i am disappoint
44 2011-10-24 09:51:57 <cande> so if a node recevices a double spending, which will it choose to put into a block?
45 2011-10-24 09:52:01 <tcatm> cande: yes, it's the time when it was received
46 2011-10-24 09:52:19 <epscy> cande: the first it sees probably
47 2011-10-24 09:52:26 <cande> ah :)
48 2011-10-24 09:52:27 <lfm> cande Id expect the first one it sees
49 2011-10-24 09:52:28 <cande> perfect
50 2011-10-24 09:52:28 <epscy> but technically speaking it is up tot he miner
51 2011-10-24 09:52:40 <lfm> epscy yup
52 2011-10-24 09:52:48 <cande> this is good
53 2011-10-24 09:53:14 <lfm> and different nodes might see different txn fist
54 2011-10-24 09:53:20 <cande> yes..
55 2011-10-24 09:53:45 <lfm> but of course eventually only one will be confirmed
56 2011-10-24 09:53:49 <cande> yes,
57 2011-10-24 09:54:04 <cande> but then we are already warned, hopfully
58 2011-10-24 09:54:46 <cande> i'm examining the use of 0 confirm transactions
59 2011-10-24 09:55:02 <dikidera> the website bitcoinservice is vulnerable to double spending
60 2011-10-24 09:55:27 <cande> co.uk ?
61 2011-10-24 09:55:29 <lfm> cande you cant rely on them. you may never see the txn which gets mined till you get the block
62 2011-10-24 09:55:30 <dikidera> yts
63 2011-10-24 09:55:32 <dikidera> *yes
64 2011-10-24 09:55:55 <dikidera> Cause this one time i sent some money to buy a product, the account was credited instantly...
65 2011-10-24 09:56:01 <epscy> cande: yeah there isn't really a warning at the moment
66 2011-10-24 09:56:40 <epscy> the miners could do it, but if a miner says a sender is bad then you have to take their word for it
67 2011-10-24 09:56:56 <lfm> cande: even the miners may only see one of the txn
68 2011-10-24 09:57:38 <cande> but how likely is it that only one txn is seen?
69 2011-10-24 09:58:37 <lfm> If a node detects a "bad" txn like trying to dbl spend, it might never pass it along to other nodes. It would only pass one of em along
70 2011-10-24 09:59:04 <cande> mhm
71 2011-10-24 09:59:33 <cande> and how does the nodes judge a txn
72 2011-10-24 10:01:16 <lfm> prolly best to read the white paper for the ways txn get checked
73 2011-10-24 10:02:29 <cande> ok
74 2011-10-24 10:02:30 <cande> thx
75 2011-10-24 10:44:32 <CIA-101> bitcoinj: hearn@google.com * r250 /trunk/src/com/google/bitcoin/core/PeerGroup.java: Don't inform the API user of peer disconnects or select a new download peer when a PeerGroup is being terminated. Fixes issue 95.
76 2011-10-24 10:55:22 <cande> how is this transfer possible? it has the same block as input, twice? http://bitcoincharts.com/bitcoin/#79818af1819de84fe60b5dae0f07707b1af6972b52a328968690f3110cd9621c
77 2011-10-24 10:57:58 <edcba> hmm
78 2011-10-24 11:00:42 <edcba> maybe a bug somewhere
79 2011-10-24 11:03:12 <edcba> but i don't think you can cheat bitcoin client as easily
80 2011-10-24 11:05:02 <cande> ok :)
81 2011-10-24 11:05:04 <sipa> cande: it's not valid
82 2011-10-24 11:06:10 <cjdelisl1> yea, it's not confirmed and it never will (should) be
83 2011-10-24 11:06:42 <cande> a form of double spending failed attack?
84 2011-10-24 11:07:03 <cjdelisl1> it's not actually a double spend attack
85 2011-10-24 11:07:34 <cjdelisl1> Or I suppose it technically is but it's not the kind that has a chance of actually working ;)
86 2011-10-24 11:07:51 <cande> but why is it still there?
87 2011-10-24 11:07:59 <cande> is obviously fake
88 2011-10-24 11:07:59 <cjdelisl1> it's not in a block
89 2011-10-24 11:08:07 <cjdelisl1> and it never will be
90 2011-10-24 11:08:23 <cande> but it is a 0 confirm transaction, right?
91 2011-10-24 11:08:30 <cjdelisl1> yea
92 2011-10-24 11:08:54 <cjdelisl1> 0 confirms --> "I have money, promise!"
93 2011-10-24 11:09:22 <cjdelisl1> 1 confirms --> Miner saying: "Yes he actually has the money."
94 2011-10-24 11:10:00 <cande> but there are some checks for making a 0 confirm transaction?
95 2011-10-24 11:10:16 <cande> it has to be redistributed throughout the nodes
96 2011-10-24 11:10:21 <cjdelisl1> But in my understanding, even if someone mined a block with that tx, the client would still just drop the tx on the floor and even worse, the money that was used in it would be gone forever.
97 2011-10-24 11:10:40 <cande> hm
98 2011-10-24 11:13:10 <cande> another one, just like it: http://bitcoincharts.com/bitcoin/#82cfebdbd7452214abbfafe440603f675a60ee05be3fde2893f5e6f98a8673e7
99 2011-10-24 11:13:33 <cande> maybe someone was trying to do some funny shit
100 2011-10-24 11:14:25 <cjdelisl1> yeap
101 2011-10-24 11:17:43 <dikidera> Hmm
102 2011-10-24 11:17:54 <dikidera> So..anyone encountered the 10bit h264 profile?
103 2011-10-24 11:18:11 <cande> qwhat is that?
104 2011-10-24 11:18:38 <dikidera> a new h264 profile that uses 10 bits(color depth) to represent a color in a single pixel
105 2011-10-24 11:19:21 <cjdelisl1> 1024 colors
106 2011-10-24 11:19:23 <cjdelisl1> hmm
107 2011-10-24 11:20:14 <dikidera> Most h264 encoders of anime already switched to it, so i think soon in the Scene as well
108 2011-10-24 11:20:21 <cande> ah
109 2011-10-24 11:20:33 <cande> cool
110 2011-10-24 11:21:07 <cjdelisl1> haha sounds like mkv
111 2011-10-24 11:21:21 <dikidera> and what is wrong with mkv?
112 2011-10-24 11:21:31 <dikidera> Its a container for multiple sources
113 2011-10-24 11:21:37 <dikidera> evne the scene uses it
114 2011-10-24 11:21:39 <dikidera> *even
115 2011-10-24 11:21:50 <cjdelisl1> noone in the real world uses it because mp4 is fine but The Scene uses it to troll everyone
116 2011-10-24 11:22:00 <dikidera> ...right
117 2011-10-24 11:22:17 <Eliel> dikidera: yep, I've seen many 10bit h264 files already.
118 2011-10-24 11:22:19 <epscy> i have heard of 10 bit h264
119 2011-10-24 11:22:34 <epscy> higher quality with smaller filesize apparently
120 2011-10-24 11:22:43 <epscy> sounds like witchcraft to me
121 2011-10-24 11:23:14 <Eliel> cjdelisl1: mkv sure has lots of users for not being used in the "real world" :P
122 2011-10-24 11:23:46 <cjdelisl1> same with perl
123 2011-10-24 11:23:52 <dikidera> epscy:if only we were not trolled by some with the size of 404mb for 23mb of video...
124 2011-10-24 11:23:58 <cjdelisl1> ooo and lisp
125 2011-10-24 11:24:03 <dikidera> Or the size over 500 megs...
126 2011-10-24 11:24:11 <edcba> 10bits instead of ?
127 2011-10-24 11:24:15 <dikidera> 8?
128 2011-10-24 11:24:27 <Eliel> cjdelisl1: so, you're saying mkv is inferior in some way to, say mp4?
129 2011-10-24 11:25:42 <cjdelisl1> idk enough to say.. at the very least it's just nonstandard
130 2011-10-24 11:25:45 <cjdelisl1> like .rar
131 2011-10-24 11:26:00 <epscy> rar non standard lol
132 2011-10-24 11:26:08 <epscy> i see more rars than zips these days
133 2011-10-24 11:26:16 <cjdelisl1> 7z has higher compression and is open source and all that
134 2011-10-24 11:26:33 <cjdelisl1> but rar wins because the scene likes it
135 2011-10-24 11:28:20 <edcba> higher compression means nothing
136 2011-10-24 11:28:29 <cjdelisl1> indeed
137 2011-10-24 11:28:44 <edcba> we could have even higher but we would wait a lot to get it
138 2011-10-24 11:29:24 <cjdelisl1> being written by a Russian guy means everything, clearly.
139 2011-10-24 11:29:38 <cjdelisl1> otherwise people wouldn't use rar anymore
140 2011-10-24 11:29:40 <Eliel> cjdelisl1: rar got established, so now it takes considerable effort to dislodge it
141 2011-10-24 11:29:50 <cjdelisl1> /nod
142 2011-10-24 11:30:34 <Eliel> mkv may not be an official standard but of the video files I see, barely any are anything else.
143 2011-10-24 11:30:46 <Eliel> so it's become a de facto standard
144 2011-10-24 11:30:54 <cjdelisl1> yeap
145 2011-10-24 11:30:56 <cjdelisl1> therefor
146 2011-10-24 11:31:00 <cjdelisl1> mkv is paypal
147 2011-10-24 11:31:22 <Eliel> it's a huge improvement over .avi format anyway :)
148 2011-10-24 11:31:37 <cjdelisl1> I wouldn't know
149 2011-10-24 11:31:50 <[Tycho]> .avi is the best format for video :)
150 2011-10-24 11:31:51 <cjdelisl1> I just know that anything I feed to mencoder comes out desynced
151 2011-10-24 11:31:53 <Eliel> people didn't move to using mkv just for fun you know :P
152 2011-10-24 11:32:03 <[Tycho]> mkv should be forgotten :)
153 2011-10-24 11:32:18 <dikidera> how so?
154 2011-10-24 11:32:21 <cjdelisl1> people didn't move to using mkv just for fun you know :P <-- actually I beg to differ
155 2011-10-24 11:32:24 <dikidera> its called matroska
156 2011-10-24 11:32:25 <Eliel> avi is terribly restricted format.
157 2011-10-24 11:32:30 <dikidera> which is a russian word, why would you hate it?
158 2011-10-24 11:32:44 <cjdelisl1> IMO it's more or less like Tonal system.
159 2011-10-24 11:33:02 <Eliel> it can't even sync sound unless it's encoded with a constant bitrate codec
160 2011-10-24 11:33:11 <dikidera> I dont know of other containers that you can cram inside fonts and the like
161 2011-10-24 11:33:26 <dikidera> Eliel:lol
162 2011-10-24 11:33:32 <dikidera> That is a problem with your rig,codecs
163 2011-10-24 11:33:47 <edcba> mkv allows multiple subs !
164 2011-10-24 11:33:50 <cjdelisl1> ahh that explains why mencoder is a heap of garbage
165 2011-10-24 11:34:10 <dikidera> edcba:and not limited to that
166 2011-10-24 11:34:25 <dikidera> multiple video sources(not really used), multiple audio sources, fonts,
167 2011-10-24 11:34:27 <edcba> yes but having too much is not really an avantage
168 2011-10-24 11:34:31 <dikidera> subtitles streams
169 2011-10-24 11:36:10 <cjdelisl1> if I want to transcode some vids without them desyncing, what program do you recommend?
170 2011-10-24 11:36:14 <cjdelisl1> ffmpeg?
171 2011-10-24 11:37:00 <dikidera> Dunno what you would use
172 2011-10-24 11:37:06 <edcba> yes what is every ppl using ?
173 2011-10-24 11:37:16 <dikidera> i use VirtualDub with AVISynth frameserver and the DirectShowSource with constant fps
174 2011-10-24 11:37:22 <edcba> hmm
175 2011-10-24 11:37:36 <dikidera> megui sucks...
176 2011-10-24 11:37:46 <epscy> errr, thats windows stuff
177 2011-10-24 11:37:48 <dikidera> for the sole reason it crashes on files larger than 2 gigabytes
178 2011-10-24 11:38:28 <dikidera> VirtualDub is opensource
179 2011-10-24 11:38:32 <dikidera> you can port it to linux
180 2011-10-24 11:38:40 <cjdelisl1> uhno
181 2011-10-24 11:38:49 <cjdelisl1> I've used m(player|encoder) since forever becasuse it was the first software that could play dvds
182 2011-10-24 11:39:21 <Eliel> I can't recall the last time I had a problem with audio sync going wonky with mencoder. It did use to do it but it's been a really long time since I saw that happen last.
183 2011-10-24 11:39:34 <dikidera> In any case, virtualdub has changed the world..
184 2011-10-24 11:39:36 <Eliel> but... this is kind of an offtopic for this channel :)
185 2011-10-24 11:39:53 <dikidera> Eliel:sure the channel does have bitcoin in it, but its still dev
186 2011-10-24 11:40:03 <Eliel> cjdelisl1: perhaps you need to get a new version :)
187 2011-10-24 11:40:57 <gmaxwell> can the video talk go someplace else?
188 2011-10-24 11:41:17 <gmaxwell> I'm trying to find the txn people were talking about in the scrollback.
189 2011-10-24 11:41:26 <gmaxwell> cande: Can you point me to one? the prior links don't work.
190 2011-10-24 11:41:34 <dikidera> what txn?
191 2011-10-24 11:41:51 <Eliel> http://bitcoincharts.com/bitcoin/#82cfebdbd7452214abbfafe440603f675a60ee05be3fde2893f5e6f98a8673e7 this one?
192 2011-10-24 11:42:03 <Eliel> or this? http://bitcoincharts.com/bitcoin/#79818af1819de84fe60b5dae0f07707b1af6972b52a328968690f3110cd9621c
193 2011-10-24 11:42:33 <gmaxwell> Eliel: those references don't work for me. Do they actually work for you?
194 2011-10-24 11:42:50 <cande> they are gone
195 2011-10-24 11:43:26 <cande> but i have a cached copy
196 2011-10-24 11:43:26 <Eliel> gmaxwell: they don't now. They did half an hour ago though
197 2011-10-24 11:43:43 <gmaxwell> In any case, I can't see them so I can't make an specific comment about them... but _all_ bitcoin nodes will instantly drop an invalid txn. You won't even see them as 0-confirms.
198 2011-10-24 11:43:49 <gmaxwell> cande: can you send me a picture?
199 2011-10-24 11:43:57 <gmaxwell> (or better- pastebin the text?
200 2011-10-24 11:43:58 <gmaxwell> )
201 2011-10-24 11:44:02 <cande> pastbit :(
202 2011-10-24 11:44:03 <cande> :)
203 2011-10-24 11:44:56 <gmaxwell> So either we're misunderstanding them or the node that backs up that page has been hacked to allow everything and someone is playing games. :)
204 2011-10-24 11:45:02 <cande> http://pastebin.com/RjKStfm1
205 2011-10-24 11:45:29 <gmaxwell> Ha!
206 2011-10-24 11:45:36 <gmaxwell> sure enough, that sure looks like what you said.
207 2011-10-24 11:45:44 <cande> i have another one with 50 + 50 btc just like it
208 2011-10-24 11:46:38 <cande> what do you make out of it?
209 2011-10-24 11:47:28 <cande> http://pastebin.com/RNN52vGJ
210 2011-10-24 11:49:28 <gmaxwell> I can only guess that there is some broken piece of software generating a transaction, and the monitoring node has had its filtering logic castrated enough to display those.
211 2011-10-24 11:50:31 <sipa> it was only in 0.4.0 that a check for double spending within the same tx was implemented
212 2011-10-24 11:50:32 <gmaxwell> gavinandresen: You see those pastbin links? bitcoincharts.com was showing transactions which used the same input twice.
213 2011-10-24 11:50:43 <sipa> obviously they never confirm
214 2011-10-24 11:50:53 <sipa> but before that, they could end up in transaction pools
215 2011-10-24 11:50:54 <gmaxwell> sipa: oh 0_o the coin selection could pick the same input twice?
216 2011-10-24 11:50:59 <sipa> no
217 2011-10-24 11:51:07 <gmaxwell> oh you mean the forwarding logic.
218 2011-10-24 11:51:23 <sipa> indeed
219 2011-10-24 11:51:39 <sipa> so if that site is using an older bitcoind, it could show them
220 2011-10-24 11:52:13 <gmaxwell> man, I wonder if you could use that to attack things with old nodes that accepted zero confirm transactions? :(
221 2011-10-24 11:52:34 <gmaxwell> txn with 2x the funds that you actually have, which will never confirm.
222 2011-10-24 11:52:46 <gmaxwell> and they don't even get saved on disk anywhere.
223 2011-10-24 11:53:20 <gavinandresen> moral to the story: don't accept 0- or 1-conf transactions unless they're small value or from a 'green address' you trust
224 2011-10-24 11:54:03 <cjdelisl1> it's known that things which accept 0confirms are probelmatic since there are plenty of transactions which old nodes will accept and new ones will drop.
225 2011-10-24 11:55:02 <cande> so to improve security with 0confirms you need a good node and client software?
226 2011-10-24 11:55:50 <gmaxwell> sure, 0 confirm transactions have risks, but the expectation is that they still have a chance of surviving without some serious effort by the attacker. Thats pretty lame that nodes would show txn without a chance.
227 2011-10-24 11:56:09 <sipa> 0 confirm transaction = when you trust the payer not to double spend
228 2011-10-24 11:56:15 <sipa> period
229 2011-10-24 11:56:29 <cande> like buying coffey or lunch at your restaurant
230 2011-10-24 11:56:37 <cande> ?
231 2011-10-24 11:56:49 <sipa> or when it's a payment from a friend
232 2011-10-24 11:57:39 <cande> mm
233 2011-10-24 11:59:49 <cjdelisl1> if you want to accept 0conf tx, for heaven's sake park a bot in -watch and see if at least luke's stuff thinks it's good.
234 2011-10-24 12:01:32 <gmaxwell> cjdelisl1: but thats the point I was making even if you were doing that you'd get exploited by these transactions unless you'd fixed this bug yourself.
235 2011-10-24 12:02:04 <gmaxwell> since I expect luke's node had the same bug for accepting into the memory pool at some point.
236 2011-10-24 12:02:28 <gmaxwell> Oh well, at least its fixed.
237 2011-10-24 12:02:59 <cande> luke's node?
238 2011-10-24 12:03:28 <sipa> gmaxwell: even with this fix, you can construct two transactions that spend eachother :)
239 2011-10-24 12:03:38 <sipa> wait, nvm
240 2011-10-24 12:04:28 <gmaxwell> The inputs are part of the tx id.. so I dunno how you'd make a klein txn. :)
241 2011-10-24 12:05:05 <gavinandresen> lets see, if you could break double-SHA256 and then force....
242 2011-10-24 12:05:13 <gavinandresen> (KIDDING! )
243 2011-10-24 12:05:21 <cjdelisl1> We can assume pretty safely that the big mining pools will keep their stuff up to date so for 0conf transactions, -watch should give you a good indication of whether the network will honer a tx.
244 2011-10-24 12:06:29 <cjdelisl1> but then I don't have a lot of sympathy for people who accept 0conf then refuse to keep any of their software up to date.
245 2011-10-24 12:06:34 <gmaxwell> cjdelisl1: nothing would have mined these txn, fortunately, just not reject them upfront.
246 2011-10-24 12:06:54 <gmaxwell> And I would be surprised to learn that, e.g. deepbit had updated.
247 2011-10-24 12:07:49 <gmaxwell> cjdelisl1: Well, I have sympathy for everyone that gets screwed. At the same time, this kind of risk is what being an early user of bitcoin is about.
248 2011-10-24 12:09:10 <gmaxwell> In any case, this probably makes mybitcoin's claims about getting screwed by double spends more plausable. esp with the fact that people have pointed out their shopping cart acted on zero confirm txn.
249 2011-10-24 12:10:09 <cjdelisl1> MBC is why I know about that issue
250 2011-10-24 12:10:29 <cjdelisl1> but they had no interest in publishing the logs therefor they are crooks
251 2011-10-24 12:20:47 <CIA-101> libbitcoin: genjix * r9ad51588261b /src/storage/postgresql/ (postgresql_blockchain.cpp postgresql_blockchain.hpp): block cache circular_buffer -> std::vector
252 2011-10-24 12:20:49 <CIA-101> libbitcoin: genjix * rfd44588cb12b / (3 files in 2 dirs): channel_id same as version nonce (random number)
253 2011-10-24 12:21:37 <cande> ok, thanx for the input bitcoin brothers!
254 2011-10-24 13:53:32 <CIA-101> bitcoinj: hearn@google.com * r251 /trunk/src/com/google/bitcoin/core/TCPNetworkConnection.java: Add units to the TCPNetworkConnection connectTimeout[Msec] parameter.
255 2011-10-24 13:54:29 <CIA-101> bitcoinj: hearn@google.com * r252 /trunk/src/com/google/bitcoin/core/PeerGroup.java:
256 2011-10-24 13:54:55 <CIA-101> bitcoinj: hearn@google.com * r253 /trunk/src/com/google/bitcoin/examples/PrintPeers.java: Dump out versions and chain heights in PrintPeers.
257 2011-10-24 15:28:17 <BlueMatt> for those wanting to run gitian in a vm: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=823e396558e509b7c3225cd76806f3d6643ff5f8
258 2011-10-24 15:29:02 <BlueMatt> note that it requires the use of kvm-based virtualization on the host hardware with specific parameters to the kernel mod running on the host so its not yet possible under eg a hosted vps
259 2011-10-24 15:29:18 <BlueMatt> but it is possible if you need to run ubuntu in a vm on top of another linux distro that uses kvm
260 2011-10-24 15:29:23 <BlueMatt> eg luke-jr|otg
261 2011-10-24 15:29:36 <BlueMatt> (also requires linux-kernel-3.1)
262 2011-10-24 16:13:05 <diki> Is the 0.5 client going one step forward and two steps back?
263 2011-10-24 16:13:19 <diki> Rather its the same with 0.4
264 2011-10-24 16:13:31 <diki> All we got is a progress bar with percent
265 2011-10-24 16:13:43 <diki> thats worse than not knowing how many blocks i have atm and how many are left
266 2011-10-24 16:13:56 <wumpus> hover the mouse above the tooltip it will show detailed info
267 2011-10-24 16:14:05 <wumpus> above the progress bar I mean
268 2011-10-24 16:14:23 <tcatm> some network statistics below the wallet summary would be neat
269 2011-10-24 16:14:29 <diki> ^^
270 2011-10-24 16:14:36 <Ycros> submit a patch
271 2011-10-24 16:14:38 <Ycros> :P
272 2011-10-24 16:14:39 <wumpus> yes, it would be neat
273 2011-10-24 16:14:41 <diki> tcatm are you the creater of the 4way algo?
274 2011-10-24 16:14:45 <diki> *creator
275 2011-10-24 16:14:48 <wumpus> a pony would also ne neat :-)
276 2011-10-24 16:15:42 <wumpus> Ycros: that's the spirit
277 2011-10-24 16:16:45 <wumpus> but please don't fill up the summary page with arcane network statistics, it is supposed to be newbie friendly :)
278 2011-10-24 16:16:49 <tcatm> diki: I merely put some pieces together and made them work for mining
279 2011-10-24 16:19:09 <tcatm> they could be newbie friendly. blockcount with numbers, number of connections with a short comment (you are not connected; you are well connected; ...)
280 2011-10-24 16:19:53 <wumpus> number of connections is ok with me, block count is scary
281 2011-10-24 16:20:02 <wumpus> people hate big numbers unless it's their $$$
282 2011-10-24 16:22:54 <wumpus> maybe convert them to dates somehow or something people understand intuitively...
283 2011-10-24 16:23:39 <Ycros> I don't think showing block numbers adds value for most
284 2011-10-24 16:24:01 <Ycros> perhaps there could be an "advanced mode" or somesuch that shows stuff like that
285 2011-10-24 16:24:04 <wumpus> I don't think so either, what people want to know is whether they are 'synchronized' or not, and if they're out of date by how much
286 2011-10-24 16:24:13 <wumpus> yeah advanced mode would be cool
287 2011-10-24 16:25:52 <Ycros> simply because, many users of bitcoin are still technical users
288 2011-10-24 16:25:56 <wumpus> anyway, you can view the block number in the tooltip, that's usually enough for troubleshooting
289 2011-10-24 16:25:57 <Ycros> they might want to see stuff like that
290 2011-10-24 16:27:55 <wumpus> then again, technical users usually like cli interfaces to do their advanced stuff
291 2011-10-24 16:28:17 <wumpus> maybe add a secret 'bitcoin console' :p
292 2011-10-24 16:28:28 <CIA-101> bitcoin: Wladimir J. van der Laan * r5c92622 / (bitcoin-qt.pro src/qt/bitcoin.cpp src/qt/bitcoin.qrc):
293 2011-10-24 16:28:29 <CIA-101> bitcoin: take precedence, but the fallback is on the base language if no
294 2011-10-24 16:28:30 <CIA-101> bitcoin: territory-specific translation exists. - http://git.io/6Xz1bA
295 2011-10-24 16:28:31 <CIA-101> bitcoin: Merge pull request #591 from laanwj/translation_lookup_logic
296 2011-10-24 16:29:36 <CIA-101> bitcoin: Gavin Andresen * rd760b5c / src/makefile.unix :
297 2011-10-24 16:30:02 <CIA-101> bitcoin: Gavin Andresen * rf9f289a / doc/build-osx.txt :
298 2011-10-24 16:30:05 <wumpus> did the merge window open :o
299 2011-10-24 16:30:30 <tcatm> we don't have merge windows ;)
300 2011-10-24 16:30:45 <gavinandresen> no, just pulling for 0.5 rc2
301 2011-10-24 16:30:51 <wumpus> ok
302 2011-10-24 16:31:57 <gavinandresen> ... speaking of which: anybody know if there has been progress on the gitian builds?
303 2011-10-24 16:32:45 <wumpus> I tried this weekend, but did not make any progress as such, I was first confused that an AWS was needed for gitian, but it seems you cannot use that
304 2011-10-24 16:34:16 <diki> gavinandresen:have you ever met in person the mysterious satoshi?
305 2011-10-24 16:34:40 <jgarzik> tcatm: sure we do... we don't merge new features during -rc, making the merge window !rc
306 2011-10-24 16:36:04 <diki> tcatm:ah, then can you tell me how the nonce is increased? i looked at cgminer's 4way and the only mention of nonce was in the doubleblocksha256 function
307 2011-10-24 16:36:24 <wumpus> still trying though..
308 2011-10-24 16:36:26 <tcatm> diki: nonce++ :)
309 2011-10-24 16:36:59 <diki> tcatm:the only thing i see is "nonce = _mm_add_epi32(preNonce, _mm_set1_epi32(k));"
310 2011-10-24 16:37:21 <diki> where k is either 4,8,16 or 32
311 2011-10-24 16:38:01 <tcatm> then someone changed the code ;)
312 2011-10-24 16:38:03 <diki> to be honest its jgarzik who would know
313 2011-10-24 16:40:08 <tcatm> k is 0, 4, 8, 12, ..., preNonce is (3,2,1,0)
314 2011-10-24 16:40:35 <tcatm> so it's more like nonce+=4
315 2011-10-24 16:40:47 <diki> so how does it check from 1 to 2^32?
316 2011-10-24 16:41:00 <diki> no, i still dont know how its increased
317 2011-10-24 16:41:06 <BlueMatt> gavinandresen: not really, I havent had too much time, and no one has bothered to take a look at what I did...
318 2011-10-24 16:41:09 <diki> all i see is it starting all over from the beginning
319 2011-10-24 16:41:45 <gavinandresen> BlueMatt: thanks for doing all you did.
320 2011-10-24 16:42:24 <BlueMatt> I didnt do much, its not even deterministic yet...though I am trying to work on that part
321 2011-10-24 16:42:38 <wumpus> BlueMatt: I did take a look at it
322 2011-10-24 16:42:45 <gavinandresen> BlueMatt: is devrandom around to help?
323 2011-10-24 16:42:47 <BlueMatt> its the odd build failures that I have no idea how to solve and need more eyes on...
324 2011-10-24 16:43:06 <BlueMatt> gavinandresen: its not devrandom, its someone with considerable g++ experience that is needed...
325 2011-10-24 16:43:21 <BlueMatt> wumpus: true, but that doesnt mean it got close enough for me to fix it...
326 2011-10-24 16:43:44 <wumpus> it's just that the gitian stuff is .. non-standard, so it takes me some time to get it running and understand it
327 2011-10-24 16:43:49 <BlueMatt> gavinandresen: well either that or a fresh set of eyes willing to dig through a lot of docs and output...
328 2011-10-24 16:44:17 <BlueMatt> gitian is not that bad at all...https://gist.github.com/806265
329 2011-10-24 16:44:28 <BlueMatt> (thats very out of date, but it gives the idea...)
330 2011-10-24 16:44:31 <wumpus> I'm not saying it is bad :)
331 2011-10-24 16:45:14 <wumpus> I mean it's not perl scripts glued together with cobwebs
332 2011-10-24 16:46:25 <BlueMatt> I dont ever touch the scripts, theyve always worked fine for me...
333 2011-10-24 16:50:25 <gavinandresen> BlueMatt: so I'm following doc/release-process.txt... and it doesn't tell me which inputs to wget.
334 2011-10-24 16:50:45 <BlueMatt> m, yea it kinda assumes youve got those...let me go look
335 2011-10-24 16:52:01 <BlueMatt> you will need miniupnpc-1.6.tar.gz, qt-everywhere-opensource-src-4.7.4.tar.gz, openssl-1.0.0d.tar.gz, db-4.8.30.NC.tar.gz
336 2011-10-24 16:52:31 <BlueMatt> and boost_1_47_0.tar.bz2
337 2011-10-24 16:52:41 <BlueMatt> sorry I dont have links, but google should turn them up pretty quick
338 2011-10-24 16:53:11 <wumpus> E: Failed getting release file http://127.0.0.1:3142/archive.ubuntu.com/ubuntu/dists/lucid/Release
339 2011-10-24 16:53:23 <BlueMatt> do you have apt-cacher(-ng) installed?
340 2011-10-24 16:53:32 <BlueMatt> (and running)
341 2011-10-24 16:53:49 <gavinandresen> (apt-cacher didn't work for me, I had to use cacher-ng)
342 2011-10-24 16:54:06 <wumpus> tried to... Starting Apt-Cacher: apt-cacher (not enabled in /etc/default/apt-cacher) .. seems I missed the error message :)
343 2011-10-24 16:54:09 <BlueMatt> same here, though -ng sometimes freaks out on me and has to be restarted
344 2011-10-24 16:57:56 <wumpus> with -ng it seems to work
345 2011-10-24 16:58:02 <BlueMatt> oh and make sure to build boost + qt first and copy the zip from build/out to inputs/ before trying to build bitcoin-win32
346 2011-10-24 16:59:50 <gavinandresen> BlueMatt: to clarify: you've been unable to cross-compile a bitcoin-qt.exe that runs, regardless of the gitian stuff ?
347 2011-10-24 17:00:34 <BlueMatt> correct
348 2011-10-24 17:00:40 <BlueMatt> though Ive only ever tried it on lucid
349 2011-10-24 17:01:19 <BlueMatt> though others have had success on other platforms
350 2011-10-24 17:01:58 <BlueMatt> no, Ive actually tried it on 11.04 (natty) as well as 10.04 LTS lucid (what gitian runs on)
351 2011-10-24 17:03:48 <gavinandresen> BlueMatt: I'm downloading dependencies and will do the Linux gitian build thing. What platform(s) did "others" manage to get a working cross-compile going on? Or who are those others so I can just ask them?
352 2011-10-24 17:05:45 <wumpus> luke-jr said he was able to do it on gentoo, without gitian
353 2011-10-24 17:06:19 <BlueMatt> thats all I know, though I thought I remember someone else saying something about getting it working though I cant recall who
354 2011-10-24 17:07:48 <gavinandresen> BlueMatt: thanks again. Does gitian work with any arbitrary linux as the child VM, or is it debian-specific? I'm trying to decide whether to spend any time trying to get gitian win32 builds going, or just launch a Windows AWS instance and build there.
355 2011-10-24 17:08:04 <BlueMatt> debian-specific
356 2011-10-24 17:08:23 <BlueMatt> actually ubuntu-specific for now, but it could be ported to work on debian
357 2011-10-24 17:08:24 <gavinandresen> ok, I'll spin up an AWS instance and get a windows build working there.
358 2011-10-24 17:08:33 <BlueMatt> probably best for now
359 2011-10-24 17:09:45 <gavinandresen> BlueMatt: one more thing: were the gitian linux builds not reproducible, or just the win32 ones?
360 2011-10-24 17:10:18 <BlueMatt> just win32
361 2011-10-24 17:10:28 <BlueMatt> linux ones are working as they should (after my pull req)
362 2011-10-24 17:10:29 <gavinandresen> cool, thanks
363 2011-10-24 17:10:45 <BlueMatt> (though youll have to cherry-pick)
364 2011-10-24 17:12:24 <gavinandresen> I'm starting with a tree that is your pull request, I plan on getting that working, then updating all the docs to reflect 0.5 release reality (e.g. remove the gitian-build-win32-stuff unless somebody figures it out in the next 24 hours or so), then committing everything and tagging it rc2.
365 2011-10-24 17:13:15 <gavinandresen> Expect to hear hair-pulling and gnashing-of-teeth from me over the next day or two. I'll probably be extra grumpy, too.
366 2011-10-24 17:13:18 <BlueMatt> Im sure its simple to fix once you figure it out, I just dont have time to go disassembling code and digging through gcc docs...
367 2011-10-24 17:13:25 <gavinandresen> BlueMatt:
368 2011-10-24 17:13:34 <gavinandresen> BlueMatt: it is always simple when you know how!
369 2011-10-24 17:13:51 <BlueMatt> well that is true
370 2011-10-24 17:15:12 <gavinandresen> BlueMatt: any reason to stay at openssl-1.0.0d instead of 1.0.0e ?
371 2011-10-24 17:15:26 <BlueMatt> e wasnt out when the scripts were written
372 2011-10-24 17:15:44 <BlueMatt> would have to be tested for determinism, but feel free to update it
373 2011-10-24 17:16:36 <gavinandresen> Will do...
374 2011-10-24 17:19:39 <Matt_von_Mises> I have some technicallish queries& about the third party signing thing -> https://bitcointalk.org/index.php?topic=49689.0
375 2011-10-24 17:20:15 <Matt_von_Mises> A person said you could program bitcoin so that clients only need to check two signatures before a date before the second key becomes invalid.
376 2011-10-24 17:21:06 <Matt_von_Mises> But can this work? Can the client validate the bitcoins on the block chain so it knows if it needs to check both signatures or not?
377 2011-10-24 17:21:45 <Matt_von_Mises> I'm confused but my main question is: Is the key expiry thing compatible with current bitcoin clients?
378 2011-10-24 17:23:07 <Ycros> validation-wise, yes
379 2011-10-24 17:23:38 <Ycros> the key part, is that bitcoin uses a small scripting language for transactions
380 2011-10-24 17:23:44 <Ycros> so you can come up with alternate schemes
381 2011-10-24 17:24:01 <Ycros> and as long as they fit within that language, then they'll be able to be validated by any existing bitcoin client
382 2011-10-24 17:25:41 <BlueMatt> gavinandresen: the openssl build is only on win32
383 2011-10-24 17:25:57 <BlueMatt> gavinandresen: linux just uses the ubuntu version
384 2011-10-24 17:26:39 <Matt_von_Mises> But you surely can't just program the transaction to do no validation at all?
385 2011-10-24 17:26:41 <gavinandresen> BlueMatt: ok... so what do I need to wget to build the linux version?
386 2011-10-24 17:27:32 <Matt_von_Mises> If you program into the transaction what keys to check, then you could do one transaction where the third party key is checked and another where it isn't, no?
387 2011-10-24 17:27:36 <BlueMatt> gavinandresen: just miniupnpc-1.6.tar.gz
388 2011-10-24 17:27:48 <gavinandresen> BlueMatt: cool, thanks.
389 2011-10-24 17:28:12 <Matt_von_Mises> So you need to know who has ownership of the coins before, to know what keys to check?
390 2011-10-24 17:28:35 <Ycros> Matt_von_Mises: all that bitcoin does, is makes sure that the script returns "true" when the transactions are connected to older transactions
391 2011-10-24 17:28:46 <Matt_von_Mises> A sends coins to B, then B sends coins to C. C needs to check B owns the coins, no?
392 2011-10-24 17:29:12 <Matt_von_Mises> B could use D to sign the coins but the key is only checked until a certain date
393 2011-10-24 17:29:13 <Ukto> damn.. Uncaught BitcoinClientException: [0]: Didn't receive 200 OK from remote server. (HTTP/1.1 500 Internal Server Error) am I missing something, or can the bitcoind actually report back insufficient funds+txn to place transaction?
394 2011-10-24 17:29:23 <Matt_von_Mises> After the date the bitcoins are not signed by D
395 2011-10-24 17:29:25 <Ukto> rather then a random friggen error
396 2011-10-24 17:29:26 <Ycros> Matt_von_Mises: https://en.bitcoin.it/wiki/Script might help
397 2011-10-24 17:29:37 <Matt_von_Mises> But surely C needs to know the bitcoins are from C and D and not jsut C?
398 2011-10-24 17:30:23 <Matt_von_Mises> No I mean B and D and not just B
399 2011-10-24 17:30:30 <Matt_von_Mises> I probably confused you all
400 2011-10-24 17:31:30 <Ukto> so.. RPC'd sendfrom() I got (HTTP/1.1 500 Internal Server Error)
401 2011-10-24 17:31:38 <Ukto> in debug.log, there is no mention
402 2011-10-24 17:31:47 <Matt_von_Mises> When A sends to B (consumer) and D (third party verifier) in a joint wallet, the block chain records the public keys for B and D, no?
403 2011-10-24 17:31:58 <Matt_von_Mises> Can you make D's public key expire?
404 2011-10-24 17:32:18 <Matt_von_Mises> Or do you need to always validate the bitcoins from both B and D?
405 2011-10-24 17:33:24 <Ycros> there is some sort of expiration strategy you can implement, I'm not sure on the details
406 2011-10-24 17:33:39 <Ycros> Matt_von_Mises: https://en.bitcoin.it/wiki/Contracts
407 2011-10-24 17:39:08 <Matt_von_Mises> I don't understand how you make a private key for a bitcoin wallet just expire from that. I guess I'll just take your word for it that is works
408 2011-10-24 17:42:08 <wumpus> huh, it built a amd64 image instead of i386, and bin/make-base-vm refuses to accept --arch=i386
409 2011-10-24 17:42:10 <Ycros> Matt_von_Mises: look for the stuff about locktime in the page I linked to
410 2011-10-24 17:42:46 <wumpus> hm, -a i386 works
411 2011-10-24 17:47:21 <Matt_von_Mises> Trying to understand it. GOing right over my head. :D
412 2011-10-24 17:49:18 <Matt_von_Mises> So you can create transactions for bitcoins that you don't even have...
413 2011-10-24 17:49:26 <Matt_von_Mises> No idea what locktime means
414 2011-10-24 17:49:44 <gavinandresen> Ukto: bitcoin follows the JSON-over-HTTP error reporting standard, so errors are HTTP 500, 400, or 404.
415 2011-10-24 17:50:20 <Matt_von_Mises> Lock time is when the transaction is completed?
416 2011-10-24 17:50:38 <gavinandresen> ... with details of the response in the JSON object's 'error' entry. What json wrapper are you using?
417 2011-10-24 17:53:56 <Matt_von_Mises> So it means a transaction that is pre-signed by the third party and ready to go after a certain date means the comsumer can claim the bitcoins back after the period?
418 2011-10-24 17:54:24 <Matt_von_Mises> THe lock time is basically a transaction that becomes valid in the future?
419 2011-10-24 17:55:49 <Matt_von_Mises> So the bitcoins get sent to the wallet that requires two signiates but the third party creates a transaction is signs and leaves the user to sign (to transfer the bitcoins back) but is only valid after a certain amount of time.
420 2011-10-24 18:04:20 <AlexWaters> anyone have an ETA for the gitian windows build?
421 2011-10-24 18:05:02 <AlexWaters> i have 5-10 pulls I want to test, but am putting it on hold until I can do it right =/
422 2011-10-24 18:05:53 <AlexWaters> any help with https://github.com/bitcoin/bitcoin/pull/587 would be very appreciated
423 2011-10-24 18:06:08 <wumpus> dunno, I'm currently getting kernel segfaults trying to get gitian (kvm) to work
424 2011-10-24 18:07:14 <BlueMatt> AlexWaters: <gavinandresen> I'm starting with a tree that is your pull request, I plan on getting that working, then updating all the docs to reflect 0.5 release reality (e.g. remove the gitian-build-win32-stuff unless somebody figures it out in the next 24 hours or so), then committing everything and tagging it rc2.
425 2011-10-24 18:08:39 <AlexWaters> BlueMatt: so we are scrapping gitian? how can we make windows executables for new Bitcoin users?
426 2011-10-24 18:08:53 <gavinandresen> AlexWaters: I'll compile in an AWS instance
427 2011-10-24 18:09:00 <BlueMatt> AlexWaters: no, just putting it on hold until it works, you can always coompile from windows
428 2011-10-24 18:09:15 <BlueMatt> well, Id like to keep gitian alive, it would be really nice to do updates via that...
429 2011-10-24 18:09:26 <gavinandresen> AlexWaters: ... and then make that instance public so if people don't trust me they can boot it up and poke at it themselves
430 2011-10-24 18:10:03 <gavinandresen> So: gitian for Linux, AWS for Windows (and you just have to trust somebody if you want to run Mac builds)
431 2011-10-24 18:10:11 <AlexWaters> gavinandresen: ok cool. I'm just looking for a way to compile pull requests so that I can play with them in windows. So far my windows QT build efforts have been unsuccessful
432 2011-10-24 18:10:26 <wumpus> I don't think we're scrapping gitian
433 2011-10-24 18:10:32 <wumpus> it just takes some trouble to get it to work
434 2011-10-24 18:10:53 <wumpus> but I think it's too early to give it up completely
435 2011-10-24 18:11:22 <BlueMatt> agreed
436 2011-10-24 18:11:36 <terrytibbs> How are the nodes' IP addresses encoded when joining IRC during bootstrapping?
437 2011-10-24 18:12:59 <Matt_von_Mises> Did I figure it out right? https://bitcointalk.org/index.php?topic=49689.msg591611#msg591611
438 2011-10-24 18:22:25 <Matt_von_Mises> Is there any asymmetric crytography algorithm that can create two private keys for one public key?
439 2011-10-24 18:22:53 <Matt_von_Mises> THat requires two private keys to encrypt data that is decrypted with the public key?
440 2011-10-24 18:23:56 <iddo> just xor the private key with random data?
441 2011-10-24 18:24:02 <iddo> or do secret sharing?
442 2011-10-24 18:26:07 <Matt_von_Mises> Well more specifically for bitcoin's ECDSA can you produce two private keys that are kept secret from each other that has one public key?
443 2011-10-24 18:27:00 <cjdelisl1> Matt_von_Mises: the private key is a number which when multiplied by a constant gives you the public key
444 2011-10-24 18:27:29 <cjdelisl1> if the constant was 3 and the public key was 30, how many numbers are there that make 30 when multiplied by 3?
445 2011-10-24 18:27:31 <Matt_von_Mises> I'm sure I heard from someone that the current bitcoin clients can only send coins to wallets that have one public key behind it but these escrow service's have two for two signatures.
446 2011-10-24 18:27:59 <Matt_von_Mises> cjdelisl1: Are then you can do this private = public/constant
447 2011-10-24 18:28:05 <Matt_von_Mises> Bad for security.
448 2011-10-24 18:28:22 <Matt_von_Mises> Remove "Are"
449 2011-10-24 18:28:37 <cjdelisl1> it's division of numbers that are so ridiculously large that the division is impractical
450 2011-10-24 18:28:50 <cjdelisl1> and they're not actually numbers, they are points, but that's not important
451 2011-10-24 18:29:21 <Matt_von_Mises> I'm not a cryptography expert
452 2011-10-24 18:29:39 <Matt_von_Mises> So ECDSA uses basic arithmetic?...
453 2011-10-24 18:29:48 <Matt_von_Mises> Multiplying and dividing?
454 2011-10-24 18:29:56 <gmaxwell> It uses basic arithmetic over special fields.
455 2011-10-24 18:30:23 <Matt_von_Mises> Is dividing really that so much harder than multiplication for particular numbers?
456 2011-10-24 18:30:29 <gmaxwell> Which is like basic arithmetic, if you're a mathematician. ;) (and unlike, otherwise!)
457 2011-10-24 18:31:23 <Matt_von_Mises> So that an algorithm that takes a fraction of a second to generate keys with multiplications takes millions of years to reverse with division?
458 2011-10-24 18:31:47 <cjdelisl1> no
459 2011-10-24 18:31:56 <cjdelisl1> making up keys takes a few seconds
460 2011-10-24 18:31:56 <Matt_von_Mises> THen what?
461 2011-10-24 18:32:06 <gmaxwell> No, it takes a fraction of a second. ;)
462 2011-10-24 18:32:07 <cjdelisl1> sometimes quite a while
463 2011-10-24 18:32:08 <Matt_von_Mises> DEpends
464 2011-10-24 18:32:12 <cjdelisl1> oh right
465 2011-10-24 18:32:13 <Matt_von_Mises> Are we using a super computer here?
466 2011-10-24 18:32:16 <Matt_von_Mises> :P
467 2011-10-24 18:32:36 <Matt_von_Mises> I heard ECDSA is faster
468 2011-10-24 18:32:37 <gmaxwell> And it's eponentation and the logarithmic, not multiplication and division.
469 2011-10-24 18:32:41 <casascius> the simple way I understand fields is that you're doing arithmetic, but everything you do, you divide it by something and only keep the remainder, and throw away the something. the part you threw away makes it impractical to do the operation backwards.
470 2011-10-24 18:32:53 <gmaxwell> And yes, it really is so. In particular it's because we're doing this over a finite field.
471 2011-10-24 18:32:56 <copumpkin> fields are more general than that
472 2011-10-24 18:33:03 <Matt_von_Mises> THanks gmaxwell, I though the division/multiplication didn't add up.
473 2011-10-24 18:33:15 <Matt_von_Mises> THat could be seen as a joke
474 2011-10-24 18:33:37 <cjdelisl1> RSA uses exponentiation, ECDSA uses point multiplcation
475 2011-10-24 18:33:42 <gmaxwell> Matt_von_Mises: the key point is that its over a finite field, not the operations (after all, exponentation is just repeated multiplcation and the log is just its inverse)
476 2011-10-24 18:34:20 <Matt_von_Mises> Anywaaaay, I do not care for cryptography inner workings. As long as it produces secure keys, it doesn't matter.
477 2011-10-24 18:34:46 <Matt_von_Mises> I can see how logarithms could take longer than exponentiation.
478 2011-10-24 18:35:00 <copumpkin> just a tad
479 2011-10-24 18:35:02 <gmaxwell> (and casascius hit the core of it of course it actually is easy to reverse unless a number of criteria are met in addition to doing the operations over a finite field)
480 2011-10-24 18:35:02 <Matt_von_Mises> I'm not a mathematician or computer scientist genius.
481 2011-10-24 18:35:25 <copumpkin> you can raise to an exponent really quickly
482 2011-10-24 18:35:31 <Matt_von_Mises> RSA uses primate number stuff, right?
483 2011-10-24 18:35:34 <Matt_von_Mises> prime
484 2011-10-24 18:35:37 <cjdelisl1> The disturbing thing about cryptography is that it's security depends on the fact that we don't understand certain operations well enough to reverse them easily algrbraicly.
485 2011-10-24 18:35:45 <copumpkin> in fact, you can use that modular arithmetic trickiness to compute the low X digits of graham's number in no time at all
486 2011-10-24 18:36:15 <copumpkin> where graham's number is usually considered the largest number ever described by man
487 2011-10-24 18:36:21 <Matt_von_Mises> RSA uses the prime factorisation difficulty problem to the advantage, I heard somewhere
488 2011-10-24 18:36:39 <Matt_von_Mises> Maybe that was something else
489 2011-10-24 18:36:40 <casascius> the comforthing thing about cryptography is when something gets broken, it usually gets broken in stages: a limited-application crack here, a more useful crack there... things don't typically go from believed secure to blown wide open overnight
490 2011-10-24 18:37:01 <cjdelisl1> ^/nod
491 2011-10-24 18:37:06 <Matt_von_Mises> Sure I did hear that if you could make a really fast prime factorisation algorithm, you could crack cryptography faster.
492 2011-10-24 18:37:21 <gmaxwell> Matt_von_Mises: this has been done.
493 2011-10-24 18:37:25 <copumpkin> crack certain kinds of it
494 2011-10-24 18:37:25 <Matt_von_Mises> I'm sure it was about RSA
495 2011-10-24 18:37:34 <gmaxwell> The modern factoring stuff is _way_ faster than what we knew how to do 100 years ago.
496 2011-10-24 18:37:53 <Matt_von_Mises> 100 years ago did we have advanced computer technology?
497 2011-10-24 18:37:58 <copumpkin> we had math
498 2011-10-24 18:38:19 <gmaxwell> Not just math, but basically everything we use for this stuff.
499 2011-10-24 18:38:22 <Matt_von_Mises> Mathetics no doubt had to grow with computer science?
500 2011-10-24 18:38:27 <Matt_von_Mises> Mathematics.
501 2011-10-24 18:38:35 <cjdelisl1> yea, we had almost everything we have now, it's just that the machines can crunch numbers faster
502 2011-10-24 18:38:46 <Matt_von_Mises> Also you can't run algorithms very fast on paper.
503 2011-10-24 18:38:55 <gmaxwell> E.g. Gauss invented the FFT in ~1800.
504 2011-10-24 18:38:56 <copumpkin> we didn't have most of the factorization algorithms we use today
505 2011-10-24 18:39:26 <Matt_von_Mises> But I'm right in saying RSA is based on that stuff, yes?
506 2011-10-24 18:39:30 <gmaxwell> copumpkin: we had sieve algorithims, but not the general number field sieve.
507 2011-10-24 18:39:30 <Matt_von_Mises> Anyone know?
508 2011-10-24 18:39:36 <gmaxwell> Based on what stuff?
509 2011-10-24 18:39:43 <Matt_von_Mises> Primes.
510 2011-10-24 18:39:51 <Matt_von_Mises> And can be cracked with factorisation.
511 2011-10-24 18:39:52 <copumpkin> Matt_von_Mises: its difficulty stems from the believed difficulty of factorizing, yeah
512 2011-10-24 18:39:53 <gmaxwell> Sure.
513 2011-10-24 18:40:02 <copumpkin> other algorithms rely on the difficulty of discrete logs
514 2011-10-24 18:40:09 <copumpkin> factoring?
515 2011-10-24 18:40:13 <gmaxwell> Just like ECC can be cracked with logarithms.
516 2011-10-24 18:40:25 <Matt_von_Mises> What was my original question?
517 2011-10-24 18:40:38 <copumpkin> lamport signatures can be cracked with neither of those!
518 2011-10-24 18:40:40 <Matt_von_Mises> Oh yes, if you could make two private keys for one public
519 2011-10-24 18:40:50 <cjdelisl1> I find that everything asymetric comes down to finding the intersection between 2 discrete periodic functions
520 2011-10-24 18:40:53 <copumpkin> there are more esoteric schemes that allow groupiness
521 2011-10-24 18:40:56 <Matt_von_Mises> I'm sure someone will invent an algorithm that can do that someday if not already.
522 2011-10-24 18:40:58 <copumpkin> but the common ones don't allow that
523 2011-10-24 18:41:11 <copumpkin> Matt_von_Mises: there's group and ring signatures
524 2011-10-24 18:41:20 <copumpkin> which allow certain groups of people to sign something and anyone to verify them
525 2011-10-24 18:41:25 <gmaxwell> <3 lamport signatures.
526 2011-10-24 18:41:44 <rjk2> is it possible to have a hash that reverses itself (a la rot13)?
527 2011-10-24 18:41:47 <copumpkin> in a group signature, there's a group master who can issue signing keys
528 2011-10-24 18:41:48 <Matt_von_Mises> Signitures that require all signitures to be valid for a single public key?
529 2011-10-24 18:41:50 <gmaxwell> Lamport signatures are the only asymetric crypto you can explain to a complete idiot and have them really understand it and trust it for the right reasons. :)
530 2011-10-24 18:42:00 <copumpkin> and you can't tell which member of the group signed something
531 2011-10-24 18:42:02 <Matt_von_Mises> All signitures to be used in encryption I mean
532 2011-10-24 18:42:03 <gmaxwell> rjk2: You just named one. ;)
533 2011-10-24 18:42:04 <copumpkin> just that some member of the group signed it
534 2011-10-24 18:42:18 <copumpkin> except the group manager can deanonymize the signatures if he chooses to
535 2011-10-24 18:42:21 <rjk2> i know i mean like rsa or sha256 or whatever
536 2011-10-24 18:42:27 <Matt_von_Mises> But nothing that is compatible with bitcoin, I take it?
537 2011-10-24 18:42:34 <gmaxwell> rjk2: we'd consider it secure if so.
538 2011-10-24 18:42:41 <copumpkin> well, how would you like to apply it to bitcoin?
539 2011-10-24 18:42:42 <helo> rjk2: the length of the hash would always have to be the same as the length of the data
540 2011-10-24 18:42:42 <rjk2> right i see
541 2011-10-24 18:42:43 <gmaxwell> er insecure!
542 2011-10-24 18:42:54 <rjk2> lol k
543 2011-10-24 18:43:00 <Matt_von_Mises> For the escrow services, two private keys but one public key
544 2011-10-24 18:43:02 <cjdelisl1> rjk2: there is an inverse of sha256, we just don't know it
545 2011-10-24 18:43:03 <copumpkin> http://crypto.stanford.edu/pbc/sig/
546 2011-10-24 18:43:20 <copumpkin> cjdelisl1: there can be no inverse :P
547 2011-10-24 18:43:23 <helo> cjdelisl1: is there? it destroys some information...
548 2011-10-24 18:43:32 <cjdelisl1> for 1 round it doesn't
549 2011-10-24 18:43:54 <cjdelisl1> or no, nvm
550 2011-10-24 18:43:56 <gmaxwell> Matt_von_Mises: I didn't catch what you were asking, but you can have escrow signatures just by requring multiple signatures.
551 2011-10-24 18:44:06 <gmaxwell> Matt_von_Mises: and we already have support for this in the bitcoin system.
552 2011-10-24 18:44:16 <helo> that would be infinite compression :)
553 2011-10-24 18:44:23 <cjdelisl1> you could find the inverse if only <=256 bits of input are given and the rest are constant
554 2011-10-24 18:44:23 <Matt_von_Mises> But the current client cannot send to wallets that have two signitures apparently& this is correct?
555 2011-10-24 18:44:52 <Matt_von_Mises> Only wallets that have one public key?
556 2011-10-24 18:45:06 <copumpkin> cjdelisl1: you're assuming the function is injective?
557 2011-10-24 18:45:21 <gmaxwell> Matt_von_Mises: Yes though it's just a client/ui limitation. (well, and we need to specify a new address type used to share multisig addresses)
558 2011-10-24 18:45:26 <cjdelisl1> copumpkin: right you are
559 2011-10-24 18:45:41 <copumpkin> I could conceivably have two short messages (under 256 bits) that hash to the same value
560 2011-10-24 18:45:41 <Matt_von_Mises> THat is what I meant, so the limitation is with backwards compatibility with the client.
561 2011-10-24 18:45:54 <gmaxwell> Matt_von_Mises: but the network can already process and validate multisig transactions, and there are existing patches to add the client support to generate them.
562 2011-10-24 18:45:55 <copumpkin> don't hold your breath trying to find them though
563 2011-10-24 18:46:12 <cjdelisl1> but I believe that to be a safe assumption since it would damage collision resistance
564 2011-10-24 18:46:15 <copumpkin> we could definitely have a right inverse
565 2011-10-24 18:46:21 <Matt_von_Mises> I'm sure it wont be a problem is people keep up-to-date
566 2011-10-24 18:46:22 <gmaxwell> Matt_von_Mises: backwards compatible with what though? since the network already supports them only the people that want to use them would have to upgrade.
567 2011-10-24 18:46:33 <gmaxwell> Well, people don't but they should. :)
568 2011-10-24 18:46:39 <Matt_von_Mises> But there will be a period where some people can't send coins to people because they don't have the up-to-date software
569 2011-10-24 18:47:03 <Matt_von_Mises> To people with the two-key wallets
570 2011-10-24 18:47:45 <gmaxwell> Matt_von_Mises: presumably you'd also have single key addresses, and perhaps some automation to automatically move single key coins to multikey identities when you get them.
571 2011-10-24 18:48:23 <Matt_von_Mises> Yes, that would require two transactions though, wouldn't it?
572 2011-10-24 18:50:24 <Matt_von_Mises> THese new wallet addresses will need a new brand so people don't get confused.
573 2011-10-24 18:50:30 <Matt_von_Mises> Bitcoin Plus
574 2011-10-24 18:50:55 <iddo> i think just transaction output with 2-of-2 ?
575 2011-10-24 18:51:51 <Matt_von_Mises> Yes but the current client isn't compatible. It would send coins into the dark reaches of cyberspace, never to be seen again.
576 2011-10-24 18:53:25 <iddo> yeah client would need to be updated, but there's already protocol support for CHECKMULTISIG opcode with n-of-m checking
577 2011-10-24 18:54:50 <iddo> all the old miners will handle it correctly i think?
578 2011-10-24 19:03:21 <gmaxwell> iddo: yes.
579 2011-10-24 19:03:30 <gmaxwell> not just miners every node validates the blockchain.
580 2011-10-24 19:03:36 <gmaxwell> The client isn't just a client, you know. :)
581 2011-10-24 19:03:52 <gmaxwell> 13:51 < Matt_von_Mises> Yes but the current client isn't compatible. It would send coins into the dark reaches of cyberspace, never to be seen again.
582 2011-10-24 19:03:56 <gmaxwell> !!
583 2011-10-24 19:04:03 <gmaxwell> Jesus, don't fud things that don't even exist. :)
584 2011-10-24 19:04:09 <Matt_von_Mises> It wouldn't?
585 2011-10-24 19:04:28 <gmaxwell> It wouldn't.
586 2011-10-24 19:04:39 <Matt_von_Mises> If you send to an invalid address, don't the bitcoins vanish?
587 2011-10-24 19:04:43 <gmaxwell> No.
588 2011-10-24 19:04:51 <gmaxwell> The invalid address is just rejected.
589 2011-10-24 19:04:53 <Matt_von_Mises> Who told me that one?
590 2011-10-24 19:05:10 <gmaxwell> You can construct addresses that have no owners, but the addresses have special form.
591 2011-10-24 19:05:27 <gmaxwell> E.g. all bitcoin addresses right now begin with a 1 and have a 32-bit check value which must be correct.
592 2011-10-24 19:05:35 <Matt_von_Mises> When you create a wallet, how is the first address created broadcast to all nodes?
593 2011-10-24 19:05:41 <Matt_von_Mises> So they know valid addresses?
594 2011-10-24 19:05:48 <gmaxwell> The new addresses for multisigs would begin with another digit and wouldn't pass the same check scheme.
595 2011-10-24 19:06:04 <gmaxwell> Matt_von_Mises: no, you can tell if an address is valid or not simply syntatically.
596 2011-10-24 19:06:07 <Matt_von_Mises> Ah, so it has some checking code in it.
597 2011-10-24 19:06:16 <gmaxwell> An address with more data is obviously invalid and would just be rejected. :)
598 2011-10-24 19:07:21 <gmaxwell> If you generate a random string with a 1 at the beginning and of the right length then there is a one in four billion chance that its "valid", and if you send coins to it, they'll be unrecoverable.
599 2011-10-24 19:07:45 <gmaxwell> But the new addresses wouldn't begin with a 1, wouldn't be the same length, and wouldn't have the same check scheme. So its all good. :)
600 2011-10-24 19:08:09 <gmaxwell> Fortunately all these things were forseen as part of the design. All hail Satoshi Nakamoto.
601 2011-10-24 19:09:02 <Matt_von_Mises> Just a shame Satoshi had to program it in C++.
602 2011-10-24 19:09:21 <Matt_von_Mises> Wouldn't the addresses be hashed to the same length?
603 2011-10-24 19:09:26 <rjk2> a shame?
604 2011-10-24 19:09:27 <Matt_von_Mises> An address with more data?
605 2011-10-24 19:09:46 <Matt_von_Mises> I might be able to finally figure out bitcoin if it was in C and not C++
606 2011-10-24 19:10:11 <gmaxwell> Matt_von_Mises: depends on how we implement it. We could do it so it was the same length or not.
607 2011-10-24 19:10:12 <Matt_von_Mises> And if it was clear and used standard C as much as possible.
608 2011-10-24 19:10:39 <gmaxwell> Matt_von_Mises: it would be a LOT larger in C. I'm a C die hard myself, and I pretty much hate C++ but I still think the right decision was made here.
609 2011-10-24 19:10:56 <gmaxwell> There is a lot of wheel reinventing that would be required in C which is helpfully avoided by using c++ w/ boost.
610 2011-10-24 19:11:03 <Matt_von_Mises> What about portability?
611 2011-10-24 19:11:17 <Matt_von_Mises> More devices support C than C++ right?
612 2011-10-24 19:11:25 <gmaxwell> Matt_von_Mises: hell, it's pretty much completely unportable already due to code that would be identical in C.
613 2011-10-24 19:11:26 <Matt_von_Mises> C is more popular (apparently)
614 2011-10-24 19:11:46 <copumpkin> it wouldn't really work on embedded devices anyway now
615 2011-10-24 19:11:53 <copumpkin> and all larger devices support both
616 2011-10-24 19:12:12 <gmaxwell> (all the block hashing code has endianness assumptions, but thats all basic C functionality there)
617 2011-10-24 19:12:18 <Matt_von_Mises> I guess embedded devices are too slow?
618 2011-10-24 19:12:41 <gmaxwell> You want a lite client for embedded devices and the official client is a full bitcoin node, not a lite client.
619 2011-10-24 19:13:02 <Matt_von_Mises> Embedded devices could run a C version fine?
620 2011-10-24 19:13:10 <gmaxwell> Matt_von_Mises: speed is less of an issue than storage right now. Full clients need the full blockchain, or at least a pruned version of it.
621 2011-10-24 19:13:12 <Matt_von_Mises> A lite C version
622 2011-10-24 19:13:47 <Matt_von_Mises> Cars have embedded mobile phones. Embedded bitcoin wallets for cars!
623 2011-10-24 19:13:57 <Matt_von_Mises> Make your posh car worth even more.
624 2011-10-24 19:14:19 <Matt_von_Mises> & with the password included
625 2011-10-24 19:24:09 <jrmithdobbs> gmaxwell: it works ok
626 2011-10-24 19:24:17 <cande> Matt_von_Mises, just drive throug the road tolls and pay with bitcoins instantly
627 2011-10-24 19:24:43 <jrmithdobbs> cande: ya i'm not waiting an 10-20 min at a toll booth for txns to confirm, sorry
628 2011-10-24 19:24:50 <cande> haha
629 2011-10-24 19:25:02 <cande> they will just have to trust your 0confirm transaction
630 2011-10-24 19:25:39 <cande> they have your car plate if you try to double spend them
631 2011-10-24 19:25:46 <CIA-101> libbitcoin: genjix * r0442ffb86a03 / (4 files in 2 dirs): Storage modules use references not inheritance for sharing modules.
632 2011-10-24 19:25:54 <gavinandresen> cande: was about to say the same thing...
633 2011-10-24 19:27:04 <cande> gavinandresen, :)
634 2011-10-24 19:29:22 <cande> gavinandresen, you have any tip for how to make 0confirm transactions more secure?
635 2011-10-24 19:30:22 <jrmithdobbs> cande: actually, that's a good point, i guess that'd actually be a good use case for 0 conf txns
636 2011-10-24 19:30:26 <gavinandresen> How big a transaction? From who? For real goods or virtual goods?
637 2011-10-24 19:30:34 <jrmithdobbs> gavinandresen: see toll example
638 2011-10-24 19:30:47 <Matt_von_Mises> cande: "Matt_von_Mises, just drive throug the road tolls and pay with bitcoins instantly" That would be nice.
639 2011-10-24 19:31:08 <gavinandresen> Do you know anything about the user's identity? Could you sue them if they double-spend?
640 2011-10-24 19:31:09 <jrmithdobbs> cande: that's the first good example of 0 conf txns i've seen, in fact
641 2011-10-24 19:31:24 <jrmithdobbs> gavinandresen: obv. they have toll cameras and shit
642 2011-10-24 19:31:32 <jrmithdobbs> so they have your license plate
643 2011-10-24 19:31:33 <Matt_von_Mises> WE were talking about this a little while ago...
644 2011-10-24 19:31:41 <Matt_von_Mises> The third party verification.
645 2011-10-24 19:31:47 <gavinandresen> jrmithdobbs: yes, tolls would be an excellent place to accept 0-conf txns
646 2011-10-24 19:31:55 <Matt_von_Mises> Or maybe you assumed I wasn't refering to that
647 2011-10-24 19:32:14 <jrmithdobbs> gavinandresen: ya just commenting that it's the first time it's been brought up where I don't think the use case is completely contrived nonsense ;p
648 2011-10-24 19:32:17 <Matt_von_Mises> Send the coins with double signiture
649 2011-10-24 19:32:25 <Matt_von_Mises> Might take a few extra seconds
650 2011-10-24 19:32:27 <jrmithdobbs> gavinandresen: and could actually work
651 2011-10-24 19:32:37 <cande> gavinandresen, for real goods in a coffey shop
652 2011-10-24 19:33:23 <gavinandresen> cande: coffee shop should use a bitcoin payment processing service that figures out how to minimize danger of double-spends
653 2011-10-24 19:33:39 <cande> mm yes
654 2011-10-24 19:33:54 <cande> gavinandresen, do they exist ?
655 2011-10-24 19:33:54 <gavinandresen> (e.g. by being well-connected to the network and waiting... oh, 3 seconds... to see if there is a double-spend attempt).
656 2011-10-24 19:34:24 <gavinandresen> Not yet, as far as I know. Chicken-and-egg problem to creating one....
657 2011-10-24 19:34:57 <cande> well, maybe i have to do that
658 2011-10-24 19:35:09 <Matt_von_Mises> Take photos of customers.
659 2011-10-24 19:35:18 <gmaxwell> IIRC there is a restaurant in NYC that takes BTC.
660 2011-10-24 19:35:23 <Matt_von_Mises> And record each one
661 2011-10-24 19:35:29 <Matt_von_Mises> Not a good idea that one
662 2011-10-24 19:35:53 <cande> you have to finish your coffey and say goodbye before you leave :)
663 2011-10-24 19:36:21 <gmaxwell> There are lots of things you can do. For one, espeically right now, you could just eat the risk. The extra traffic you can get from people interested in the novelty would pay for the pretty unlikely case of small losses.
664 2011-10-24 19:36:39 <cande> yes,
665 2011-10-24 19:37:01 <cande> that is what shops already do today with shoplifters
666 2011-10-24 19:37:30 <cande> calculated risks
667 2011-10-24 19:37:33 <gmaxwell> They could probably also find people with lots of BTC to buy their risk super cheap, especially if they take basic security measures.
668 2011-10-24 19:41:30 <Matt_von_Mises> THere is the chargeback on debit/credit cards also