1 2011-11-09 00:06:01 <eueueue> Hi, what means "Not yet redeemed" here: http://blockexplorer.com/tx/695b68d04e4d5715c5ed7fb12555a29743e7caade518da3d002e75708e66fe56#o1
2 2011-11-09 00:06:52 <eueueue> I use a bitcoin app for android, based on bitcoinj and this kind of message appear and I can't spend the btc
3 2011-11-09 00:07:46 <eueueue> here too: http://blockexplorer.com/tx/f0924234408f91111366fdbc413225b083173502397fb09512d08160bae4da6d#o0
4 2011-11-09 00:10:07 <graingert> it has yet to be spent
5 2011-11-09 00:10:37 <eueueue> didn't understand
6 2011-11-09 00:10:48 <graingert> you know bitcoin
7 2011-11-09 00:11:01 <eueueue> i'm newbie
8 2011-11-09 00:11:05 <graingert> IC
9 2011-11-09 00:11:14 <graingert> bitcoin can be spent
10 2011-11-09 00:11:24 <graingert> the output you have linked to
11 2011-11-09 00:11:29 <graingert> has yet to be spent
12 2011-11-09 00:11:39 <eueueue> how to fix this situation?
13 2011-11-09 00:11:48 <graingert> spend it
14 2011-11-09 00:11:49 <eueueue> maybe is an app bug?
15 2011-11-09 00:11:59 <graingert> it's not
16 2011-11-09 00:12:12 <eueueue> http://code.google.com/p/bitcoin-wallet/issues/detail?id=57
17 2011-11-09 00:12:55 <graingert> okay go to #bitcoin
18 2011-11-09 00:13:04 <graingert> but you probably don't have all the blocks
19 2011-11-09 00:13:44 <eueueue> hum
20 2011-11-09 00:13:54 <eueueue> why go to #bitcoin
21 2011-11-09 00:14:01 <graingert> because this is not the place for it
22 2011-11-09 00:14:20 <eueueue> but ok, will let the dev answer the bug report
23 2011-11-09 00:14:31 <graingert> it's not a bug
24 2011-11-09 00:14:46 <eueueue> that report was not mine
25 2011-11-09 00:14:59 <eueueue> I just have the same problem
26 2011-11-09 00:15:03 <graingert> oh
27 2011-11-09 00:15:06 <eueueue> I rested the blockchain
28 2011-11-09 00:15:09 <graingert> you probably both have the same problem
29 2011-11-09 00:15:10 <eueueue> and transactions
30 2011-11-09 00:15:24 <eueueue> reseted
31 2011-11-09 00:15:32 <graingert> reseted?
32 2011-11-09 00:15:37 <eueueue> yes
33 2011-11-09 00:15:43 <eueueue> on android app
34 2011-11-09 00:15:47 <graingert> !google reseted
35 2011-11-09 00:15:48 <gribble> reseted's Channel - YouTube: <http://www.youtube.com/user/reseted>; Youtube channel views got reseted! - YouTube Help: <http://www.google.com/support/forum/p/youtube/thread?tid=783b4b6f597e75a1&hl=en>; I reseted my laptop but...? - Yahoo! Answers: <http://answers.yahoo.com/question/index?qid=20111005175114AAlNkVZ>
36 2011-11-09 00:16:08 <eueueue> but did fix the problem
37 2011-11-09 00:16:13 <eueueue> didn't
38 2011-11-09 00:16:17 <graingert> reset
39 2011-11-09 00:16:31 <eueueue> sorry for my english
40 2011-11-09 00:16:32 <graingert> reset is the past tense of the verb reset
41 2011-11-09 00:16:58 <eueueue> ha ok, so no ed
42 2011-11-09 00:17:21 <eueueue> on the end
43 2011-11-09 00:17:21 <graingert> I don't quite know what your issue is
44 2011-11-09 00:17:31 <eueueue> ok
45 2011-11-09 00:17:34 <graingert> can you not send bitcoin? has a transaction not confirmed
46 2011-11-09 00:17:59 <eueueue> I can't send and it's waiting for confirmation
47 2011-11-09 00:18:30 <graingert> where can't you send to?
48 2011-11-09 00:19:27 <eueueue> any address
49 2011-11-09 00:19:37 <eueueue> but ok
50 2011-11-09 00:19:48 <eueueue> will see tomorrow what will be the answer
51 2011-11-09 00:19:59 <graingert> this is a transaction that goes to me: http://blockexplorer.com/tx/86758c98b01d736bb96cf1b93df222f0d97305b5bc9ce771b984993ee9def7ca#o1
52 2011-11-09 00:20:09 <graingert> see it is "Not yet redeemed"
53 2011-11-09 00:20:17 <graingert> that just means I have yet to spend it
54 2011-11-09 00:20:34 <eueueue> it's nor fee?
55 2011-11-09 00:20:39 <eueueue> not
56 2011-11-09 00:20:39 <graingert> WTF
57 2011-11-09 00:20:55 <eueueue> what means wtf
58 2011-11-09 00:20:56 <graingert> no it's not fee
59 2011-11-09 00:21:11 <graingert> how many blocks have you got?
60 2011-11-09 00:21:39 <eueueue> on android app doesn't appear this info
61 2011-11-09 00:21:44 <eueueue> just say 100%
62 2011-11-09 00:21:54 <eueueue> maybe is an app bug
63 2011-11-09 00:22:00 <eueueue> lets wait
64 2011-11-09 00:23:26 <graingert> probably not got enough blocks
65 2011-11-09 00:23:36 <eueueue> hum
66 2011-11-09 00:23:40 <eueueue> can be
67 2011-11-09 00:55:47 <CIA-89> libbitcoin: genjix * r02788edcf2b0 /src/transaction.cpp: foo%2 -> foo % 2 as per style guide.
68 2011-11-09 04:03:48 <greatlight> hi
69 2011-11-09 04:04:18 <greatlight> Can anyone point me to someone who dev. sharepount
70 2011-11-09 04:09:39 <CIA-89> poolserverj: shadders * 8258c2c059b7 r213 /poolserverj-main/src/main/java/com/shadworld/poolserver/ (2 files in 2 dirs): fix nullpointer on unknown work
71 2011-11-09 05:15:22 <CIA-89> poolserverj: shadders * e6abd1f01663 r214 /poolserverj-main/src/main/java/com/shadworld/poolserver/PoolServer.java: fix: not registering aux daemon http credentials with sharedClient
72 2011-11-09 05:34:52 <ThomasV> gmaxwell: https://gitorious.org/electrum/electrum/blobs/master/client/mnemonic.py#line1839
73 2011-11-09 05:35:36 <ThomasV> do you think it is safe?
74 2011-11-09 05:45:06 <ThomasV> !later gmaxwell https://gitorious.org/electrum/electrum/blobs/master/client/mnemonic.py#line1839 <-- safe against claim 3?
75 2011-11-09 05:45:07 <gribble> Error: The "Later" plugin is loaded, but there is no command named "gmaxwell" in it. Try "list Later" to see the commands in the "Later" plugin.
76 2011-11-09 05:46:56 <gribble> The operation succeeded.
77 2011-11-09 05:46:56 <ThomasV> !later tell gmaxwell https://gitorious.org/electrum/electrum/blobs/master/client/mnemonic.py#line1839 <-- safe against claim 3?
78 2011-11-09 06:39:46 <CIA-89> bitcoin: Wladimir J. van der Laan master * r90b5aad / (7 files):
79 2011-11-09 06:40:38 <CIA-89> bitcoin: Wladimir J. van der Laan master * r3c0baa6 / doc/translation_process.md :
80 2011-11-09 06:46:34 <pierce1> hey, does anyone have a paypal account who can help me test something in pm real quick?
81 2011-11-09 06:48:02 <pierce> I can pay a few coins for your assistance :-D
82 2011-11-09 06:50:16 <CIA-89> bitcoin: phantomcircuit * r9ee38e52266a bitcoin-alt/postgresql.sql: make compatible with 8.x
83 2011-11-09 07:00:18 <CIA-89> bitcoin: phantomcircuit * r0b5e33a790ff bitcoin-alt/ (bitcoin.py bitcoin/peer.py bitcoin/storage/postgres.py): changes missed
84 2011-11-09 07:00:20 <CIA-89> bitcoin: phantomcircuit * rbe1ec0a5521f bitcoin-alt/bitcoin.py: connect to real peers
85 2011-11-09 09:21:11 <Eliel> hmm... an idea for private key import/export. Have the import/export format contain an indicator that says whether or not the keys were removed from the wallet after export.
86 2011-11-09 09:21:38 <Eliel> and of course, export function would give an option to remove the keys on export and set the flag.
87 2011-11-09 09:33:28 <CIA-89> poolserverj: shadders * 7b4477d6d107 r216 /poolserverj-main/ (2 files in 2 dirs):
88 2011-11-09 09:33:29 <CIA-89> poolserverj: shadders * a05dc5968670 r217 /poolserverj-main/ (3 files in 3 dirs):
89 2011-11-09 09:33:30 <CIA-89> poolserverj: 13 - nonce TEXT or VARCHAR(8) - nonce in hex
90 2011-11-09 09:33:57 <CIA-89> poolserverj: Jim Nelin <jim@jine.se * 69b970632b61 r219 /poolserverj-main/src/main/java/com/shadworld/poolserver/servlet/AbstractJsonRpcServlet.java: Fixed Server-header (lower- to uppercase) and changed formatting to standard Server-header.
91 2011-11-09 10:08:48 <UukGoblin> someone made some bitcoin-moving visualization some time ago, haven't they?
92 2011-11-09 10:09:01 <UukGoblin> like, something to visualize how the money was being moved over time
93 2011-11-09 10:09:04 <UukGoblin> in 3d or something
94 2011-11-09 10:11:18 <Lolcust> UukGoblin I think I saw a 2d real time visualization, not 3d
95 2011-11-09 10:11:23 <UukGoblin> ok
96 2011-11-09 10:11:29 <UukGoblin> I'm not sure how many Ds it had
97 2011-11-09 10:11:32 <UukGoblin> just looking for a URL
98 2011-11-09 10:46:29 <ThomasV> is the dev of bitcoinandroid on this channel?
99 2011-11-09 11:31:03 <Edward_Black> UukGoblin , were you looking for this one http://www.bitcoinmonitor.com/ ?
100 2011-11-09 11:55:50 <CIA-89> libbitcoin: genjix * r3d8aa33f6e44 / (5 files in 4 dirs): No need for return error_code in dialect when it throws exceptions.
101 2011-11-09 12:00:51 <DrHaribo> How many destinations is it safe to use in a single RPC sendmany call to bitcoind?
102 2011-11-09 12:03:00 <tcatm> DrHaribo: There's not hard limit but it should throw an error when it's too many
103 2011-11-09 12:04:06 <DrHaribo> Thanks. Guess I can just try out some big numbers. :P
104 2011-11-09 12:04:17 <DrHaribo> Does the fee increase with the size of the transaction?
105 2011-11-09 12:09:46 <Diablo-D3> OVER NINE THOUSAND
106 2011-11-09 12:09:55 <Diablo-D3> DrHaribo: yes.
107 2011-11-09 12:10:11 <DrHaribo> :)
108 2011-11-09 12:10:25 <Diablo-D3> but you have to consider its probably the same if you had sent many anyhow.
109 2011-11-09 12:11:25 <DrHaribo> So, smart way to send payments from a pool... 9000 payouts in one transaction, or split in multiple transactions?
110 2011-11-09 12:11:41 <DrHaribo> As long as the minimum fees are small, I guess it doesn't really matter.
111 2011-11-09 12:12:06 <Diablo-D3> it doesnt seem to matter
112 2011-11-09 12:35:54 <CIA-89> libbitcoin: genjix * re35ef77c8e08 / (7 files in 5 dirs): seperate function for creating message headers.
113 2011-11-09 12:38:07 <UukGoblin> Edward_Black, hm, perhaps
114 2011-11-09 12:38:14 <UukGoblin> thanks
115 2011-11-09 12:40:30 <UukGoblin> hm, I was kinda hoping to see what happened with the early blocks' worth of coins
116 2011-11-09 12:56:08 <shadders> Diablo-D3: do you do the hashrate updates in the pools forum? If so what src data you use the calculate them?
117 2011-11-09 13:20:02 <Diablo-D3> shadders: yes, I dont.
118 2011-11-09 13:20:06 <Diablo-D3> in that order.
119 2011-11-09 13:23:59 <shadders> where you get the numbers from then?
120 2011-11-09 13:24:36 <Diablo-D3> the websites directly
121 2011-11-09 13:55:16 <CIA-89> bitcoin: Luke Dashjr * r797afec0d59f gentoo/net-p2p/ (4 files in 2 dirs): net-p2p/bitcoind and net-p2p/bitcoin-qt: 0.5.0_rc3
122 2011-11-09 13:59:36 <Diablo-D3> http://www.darkhorse.com/Blog/686/dark-horse-vs-dr-mcninja-vs-saxton-hale
123 2011-11-09 14:05:17 <CIA-89> bitcoin: Luke Dashjr * rb1fd38621bb8 gentoo/net-p2p/bitcoind/ (Manifest bitcoind-0.4.1_rc2.ebuild): net-p2p/bitcoind-0.4.1_rc2
124 2011-11-09 14:20:03 <yebyen> hey bitcoins
125 2011-11-09 14:22:17 <smart1985> i want to sell http://btc-play.com Casino suite plz whisp me by intressted
126 2011-11-09 14:22:33 <yebyen> you are selling a casino suite?
127 2011-11-09 14:22:35 <smart1985> or skype smart9990
128 2011-11-09 14:22:36 <yebyen> what's it written in
129 2011-11-09 14:23:12 <yebyen> do you have craps
130 2011-11-09 14:25:21 <smart1985> rouelette 3D , 2x BlackJack , 5 Slots and this evening a 50 to 50 game
131 2011-11-09 14:25:48 <smart1985> no i dont have crap but i havent much time
132 2011-11-09 14:26:03 <smart1985> for all
133 2011-11-09 14:35:36 <graingert> smart1985: this would be spam in #bitcoin
134 2011-11-09 14:35:40 <graingert> let alone #bitcoin-dev
135 2011-11-09 14:36:00 <graingert> did you post to #bitcoin-* ?
136 2011-11-09 14:36:17 <graingert> nanotube: ^
137 2011-11-09 14:37:03 <smart1985> one post is = spam ?
138 2011-11-09 14:37:22 <sipa> well, at least it is off-topic
139 2011-11-09 14:37:42 <graingert> one email is spam
140 2011-11-09 14:38:32 <cjdelisle> heh if you were in my chan, my spam filter would have busted you
141 2011-11-09 14:38:48 <luke-jr> smart1985: you got the gamblign licenses?
142 2011-11-09 14:39:27 <graingert> luke-jr: I thought the bitcoin client included a free gambling license?
143 2011-11-09 14:39:31 <smart1985> for what ? the casino doesnt need a license in germany
144 2011-11-09 14:40:01 <cjdelisle> trick question since gambling is a sin and thus no legitiment licensing agencies issue gambling licenses.
145 2011-11-09 14:40:09 <smart1985> for chancing btc to money you need one
146 2011-11-09 14:40:36 <sipa> speculation is not gambling
147 2011-11-09 14:40:37 <smart1985> this isnt correct for all nation
148 2011-11-09 14:41:13 <sipa> but all this is irrelevant
149 2011-11-09 14:41:24 <sipa> post it in the market section on the forum or something, not here
150 2011-11-09 14:43:17 <smart1985> why not here ? bitcoin Developer or ? and i sell a dev i think thats right to sell them here but interfere i break up
151 2011-11-09 14:46:12 <graingert> try #bitcoin-de
152 2011-11-09 14:56:27 <cjdelisle> try #hardware they love bitcoin
153 2011-11-09 14:58:32 <graingert> lul
154 2011-11-09 14:58:52 <graingert> I'm not even sure why
155 2011-11-09 15:00:08 <SomeoneWeird> rofl
156 2011-11-09 15:00:09 <SomeoneWeird> "???NO IDIOTS ALLOWED! ESPECIALLY BITCOIN MINERS! For bitcoin, join #retards"
157 2011-11-09 15:05:04 <gmaxwell> I suspect anyone who would write "NO IDIOTS ALLOWED" in the topic really doesn't get IRC.
158 2011-11-09 15:05:23 <gmaxwell> - because the kind of idiots that you can _tell_ to go away are never the problematic ones. ;)
159 2011-11-09 15:05:56 <graingert> the best guess I have heard is that they are all nvidia fanbois
160 2011-11-09 15:08:31 <graingert> they don't seem to be overly AMD/nvidia either way
161 2011-11-09 15:08:43 <graingert> although they totally think I need it for mining
162 2011-11-09 15:08:52 <graingert> what can you do with sha256 that isn't mining?
163 2011-11-09 15:09:12 <[eval]> brute-forcing passwords
164 2011-11-09 15:09:23 <[eval]> (for places that use sha-256)
165 2011-11-09 15:09:36 <sipa> and you have access to the hashed database
166 2011-11-09 15:09:42 <[eval]> yes
167 2011-11-09 15:10:01 <graingert> it's like they can smell the metalic zing of bitcoin on my fingers
168 2011-11-09 15:10:12 <graingert> also note that I'm in #bitcoin as well :p
169 2011-11-09 15:11:14 <[eval]> you can also search for vanity addresses using sha256 and ripemd160 combined!
170 2011-11-09 16:13:59 <eueueue> Hi, anyone can reproduce this problem: https://github.com/bitcoin/bitcoin/issues/628
171 2011-11-09 16:14:07 <eueueue> I reported the bug now
172 2011-11-09 16:14:18 <eueueue> on Debian wheezy 64
173 2011-11-09 16:14:38 <eueueue> It's just me or happens with you?
174 2011-11-09 16:14:45 <eueueue> too
175 2011-11-09 16:16:09 <sipa> lots of bitcoin-qt issues all of a sudden
176 2011-11-09 16:17:18 <eueueue> can you reproduce the bug sipa?
177 2011-11-09 16:17:31 <sipa> too busy now
178 2011-11-09 16:17:52 <eueueue> ok
179 2011-11-09 17:20:19 <CIA-89> bitcoin: Luke Dashjr * r44392a101742 gentoo/net-p2p/bitcoin-qt/ (Manifest bitcoin-qt-0.5.0_rc1.ebuild): net-p2p/bitcoin-qt-0.5.0_rc1: pruned
180 2011-11-09 19:35:49 <CIA-89> libbitcoin: genjix * rc4e736adbcc0 / (3 files in 3 dirs): Fix some silly warnings.
181 2011-11-09 21:05:15 <CIA-89> bitcoin: Kamil Domanski * rd3b16c24cfa2 gentoo/net-p2p/bitcoin-qt/ (Manifest bitcoin-qt-0.5.0_rc3.ebuild): net-p2p/bitcoin-qt-0.5.0_rc3: warn about removed language support
182 2011-11-09 21:10:03 <CIA-89> poolserverj: shadders * a00ec5184b95 r222 /poolserverj-main/ (5 files in 4 dirs): add optional 'hash' column to share logging
183 2011-11-09 21:35:43 <CIA-89> poolserverj: shadders * 118a81ad59a2 r223 /poolserverj-main/ (3 files in 3 dirs):
184 2011-11-09 21:51:08 <CFSworks> How do the core developers feel about giving opportunistic encryption to the protocol?
185 2011-11-09 21:51:25 <cjdelisle> to what end?
186 2011-11-09 21:51:44 <CFSworks> Keep spies who are watching your connection from figuring out which transactions are yours.
187 2011-11-09 21:52:36 <cjdelisle> I'm not entirely up on it but I don't think packet sniffing is the way that's done
188 2011-11-09 21:52:51 <helo> that's one way it's done, surely
189 2011-11-09 21:52:54 <cjdelisle> I think it's done by setting up a fuckton of bunk nodes
190 2011-11-09 21:53:43 <CFSworks> Sure, but the nodes would have to make sure to have either 100% of your connections, or be peered with all of your other peers...
191 2011-11-09 21:53:51 <CFSworks> Actually the latter is hard because it randomizes transaction relay time, yes?
192 2011-11-09 21:54:04 <cjdelisle> not 100% of your connection
193 2011-11-09 21:54:11 <cjdelisle> just a few connections to everyone
194 2011-11-09 21:54:28 <cjdelisle> then when you see a tx, you can determine who said it first
195 2011-11-09 21:54:34 <cjdelisle> with pretty good accuracy
196 2011-11-09 21:54:49 <CFSworks> Although...
197 2011-11-09 21:55:02 <CFSworks> If Alice and Bob are peered, and Eve is peered to both, and Eve receives a transaction from Bob...
198 2011-11-09 21:55:17 <CFSworks> She doesn't know if it was originally from Alice, but Alice delayed transmission to Eve, or originally from Bob.
199 2011-11-09 21:55:32 <cjdelisle> yea, that's done already to a point
200 2011-11-09 21:55:49 <CFSworks> (I recall seeing something in the code about randomizing a delay to transmit transactions to each peer...)
201 2011-11-09 22:08:10 <cjdelisle> well I suppose then there is a reasonable argument to be made for enciphering the tcp connections
202 2011-11-09 22:09:27 <CFSworks> Yeah, I think it's a cool idea... The question is if someone wants to spend the time and effort getting Diffie-Hellman up and running in the protocol, and making it backwards-compatible.
203 2011-11-09 22:10:02 <cjdelisle> is MiTM a concern worth trying to work around?
204 2011-11-09 22:10:03 <CFSworks> It's a lot of effort to do little more than armor it against passive eavesdroppers.
205 2011-11-09 22:10:18 <CFSworks> And I don't think OE cares about MiTM.
206 2011-11-09 22:10:29 <cjdelisle> /nod
207 2011-11-09 22:10:36 <CFSworks> OE works perfectly against passive eavesdroppers...
208 2011-11-09 22:10:45 <CFSworks> But an active eavesdropper can simply disrupt the OE handshake and force it back to unencrypted.
209 2011-11-09 22:10:50 <CFSworks> Let alone a barrage of MiTM they can try.
210 2011-11-09 22:10:52 <cjdelisle> passive evesdropping is a more dangerous attack since you can store everything then decide later what you care about
211 2011-11-09 22:11:07 <CFSworks> Yeah, and the nice thing about active eavesdropping is you can detect it.
212 2011-11-09 22:11:15 <cjdelisle> /nod
213 2011-11-09 22:11:17 <CFSworks> If you happen to have packet logs from both ends of the connection or something like that...
214 2011-11-09 22:12:44 <cjdelisle> take a look at curve25519poly1305xsalsa20
215 2011-11-09 22:14:15 <CFSworks> cjdelisle: This is a cryptographic system? Geez.
216 2011-11-09 22:14:17 <cjdelisle> You would need to add a new kind of message for keyx, and you could decide whether to try the keyx by info in the version packet
217 2011-11-09 22:14:24 <CFSworks> Professions with long words:
218 2011-11-09 22:14:29 <CFSworks> 1. Chemists.
219 2011-11-09 22:14:33 <CFSworks> 2. Cryptographers.
220 2011-11-09 22:14:51 <cjdelisle> it's written by (the legendary) djb
221 2011-11-09 22:14:55 <jgarzik> Antidisestablishmentarianists
222 2011-11-09 22:15:40 <CFSworks> jgarzik: Stop! I have hippopotomonstrosesquippedaliophobia. :(
223 2011-11-09 22:16:48 <helo> mmmm salsa...
224 2011-11-09 22:17:43 <cjdelisle> It's interesting but I think rewriting the net.cpp as event based instead of "polling thread" is probably higher priority.
225 2011-11-09 22:19:08 <CFSworks> ...it isn't event-based?
226 2011-11-09 22:19:26 <CFSworks> What kind of polling is it, anyway?
227 2011-11-09 22:19:39 <CFSworks> Lots of 0-timeout socket polls?
228 2011-11-09 22:22:10 <cjdelisle> it just checks each socket like a few times a second
229 2011-11-09 22:25:03 <CFSworks> ...ouch. Yeah, that's probably higher-priority. :)
230 2011-11-09 22:38:45 <sebicas> Hello... I just installed the bit coin server in a Small AWS Instance...
231 2011-11-09 22:39:04 <sebicas> It took 24 hours to download the full block chain...
232 2011-11-09 22:39:19 <sebicas> With 100% CPU the whole time...
233 2011-11-09 22:39:31 <sebicas> Now it finished..
234 2011-11-09 22:39:37 <sebicas> And CPU is nornal..
235 2011-11-09 22:40:01 <sebicas> I have a question..
236 2011-11-09 22:40:06 <sebicas> When I run "./bitcoind getaccount"
237 2011-11-09 22:40:16 <sebicas> I get error: {"code":-1,"message":"getaccount <bitcoinaddress>\nReturns the account associated with the given address."}
238 2011-11-09 22:40:31 <sebicas> Any idea how can I access the default acount?
239 2011-11-09 22:40:35 <luke-jr> ''
240 2011-11-09 22:40:43 <luke-jr> except
241 2011-11-09 22:40:50 <doublec> getaccount returns the account associated with an address
242 2011-11-09 22:40:52 <luke-jr> it doesn't take an account as a param
243 2011-11-09 22:40:55 <sebicas> With '' I get error: {"code":-5,"message":"Invalid bitcoin address"}
244 2011-11-09 22:41:20 <sebicas> Try also ""
245 2011-11-09 22:41:22 <doublec> what are you actually trying to do?
246 2011-11-09 22:41:32 <doublec> the default account is ""
247 2011-11-09 22:41:36 <doublec> so no need to 'get it'
248 2011-11-09 22:41:41 <luke-jr> sebicas: that's because it doesn't take an account as param
249 2011-11-09 22:42:15 <sebicas> getaccount
250 2011-11-09 22:42:33 <luke-jr> my point exactly
251 2011-11-09 22:43:39 <sebicas> Ahh ok..
252 2011-11-09 22:43:51 <sebicas> So getaccount kind of loads the account..
253 2011-11-09 22:44:12 <luke-jr> &
254 2011-11-09 22:44:21 <sebicas> ./bitcoind listaccounts
255 2011-11-09 22:44:25 <doublec> no, it tells you what account an address is associated with
256 2011-11-09 22:44:25 <sebicas> Show me:
257 2011-11-09 22:44:28 <sebicas> {
258 2011-11-09 22:44:29 <sebicas> }
259 2011-11-09 22:44:45 <luke-jr> sebicas: do you know English?
260 2011-11-09 22:45:03 <sebicas> Not my main languaje
261 2011-11-09 22:45:44 <sebicas> Ahh ok..
262 2011-11-09 22:45:47 <sebicas> Got you..
263 2011-11-09 22:45:57 <sebicas> <bitcoinaddress> is an address
264 2011-11-09 22:46:01 <sebicas> Not an account..
265 2011-11-09 22:46:05 <sebicas> Ok.. sorry..
266 2011-11-09 22:46:08 <doublec> sebicas: if you do "bitcoind getaccount address foo" then the returned address belongs to account "foo". Then "bitcoind getaccount <thataddress>" will return "foo" if you replace <thataddress> with the address returned earlier.
267 2011-11-09 22:46:40 <sebicas> Ok.. so now I have
268 2011-11-09 22:46:41 <sebicas> [bitcoin@ip-10-245-82-46 bin]$ ./bitcoind listaccounts
269 2011-11-09 22:46:42 <sebicas> }
270 2011-11-09 22:47:03 <sebicas> This means there are 2 account... "" & "default"
271 2011-11-09 22:47:09 <doublec> yes
272 2011-11-09 22:47:27 <sebicas> How can I list the associated addresses for both accounts?
273 2011-11-09 22:48:25 <doublec> getaddressesbyaccount
274 2011-11-09 22:48:33 <doublec> eg: bitcoind getaddressesbyaccount default
275 2011-11-09 22:48:38 <sebicas> Or ./bitcoind getaccountaddress ''
276 2011-11-09 22:48:52 <sebicas> Great!
277 2011-11-09 22:48:53 <doublec> sebicas: no, that returns a new address
278 2011-11-09 22:48:56 <sebicas> Got it.. thanks!
279 2011-11-09 22:50:05 <sebicas> doublec: So how can I get the address for the account ''
280 2011-11-09 22:50:07 <sebicas> ?
281 2011-11-09 22:50:19 <doublec> What do you mean by "the address"
282 2011-11-09 22:50:23 <doublec> accounts can have multiple addresses
283 2011-11-09 22:50:32 <doublec> hence "getaddressesbyaccount" returns an array of addresses
284 2011-11-09 22:50:47 <CFSworks> There's "getnewaddress" if you want to create a new address and assign it to the account.
285 2011-11-09 22:51:05 <CFSworks> There's also one that creates a new address, but reuses the last one if it hasn't received anything yet ...
286 2011-11-09 22:51:11 <doublec> that's getaccountaddress
287 2011-11-09 22:51:22 <CFSworks> Ah, right.
288 2011-11-09 22:51:44 <doublec> accounts are confusing - if you're new to bitcoin I suggest pretending they don't exist
289 2011-11-09 22:51:58 <doublec> until at some later point when you understand things better and then start using them
290 2011-11-09 22:52:40 <luke-jr> they're also not isolated in any way
291 2011-11-09 22:52:44 <luke-jr> it's merely accounting on your end
292 2011-11-09 22:52:59 <doublec> right
293 2011-11-09 22:53:11 <sebicas> I see.. thanks..
294 2011-11-09 22:53:15 <sebicas> Another question..
295 2011-11-09 22:53:22 <sebicas> How I can use the params here..
296 2011-11-09 22:53:27 <sebicas> listreceivedbyaddress
297 2011-11-09 22:53:41 <doublec> bitcoind listreceivedbyadress 1 false
298 2011-11-09 22:53:49 <sebicas> I like to use includeempty=true
299 2011-11-09 22:53:56 <doublec> bitcoind listreceivedbyaddress 1 true
300 2011-11-09 22:54:02 <CFSworks> sebicas: It tells you how many Bitcoins each of your addresses has received in total.
301 2011-11-09 22:54:42 <sebicas> Perfect..
302 2011-11-09 22:54:53 <sebicas> Can I delete an address once is created?
303 2011-11-09 22:54:57 <doublec> no
304 2011-11-09 22:55:18 <sebicas> Ok... thanks!
305 2011-11-09 22:55:42 <sebicas> I am working in a PHP Class to interact with the bitcoind daemon...
306 2011-11-09 22:55:51 <sebicas> Do you guys know one already?
307 2011-11-09 22:56:17 <CFSworks> They're out there... I don't use PHP myself, so I wouldn't be able to recommend one.
308 2011-11-09 22:56:32 <doublec> maybe https://code.google.com/p/bitcoin-php-simple/
309 2011-11-09 22:56:36 <luke-jr> sebicas: you probably need to understand Bitcoin a LOT better before you do that :P
310 2011-11-09 22:56:41 <doublec> found via a google search so no idea if it works
311 2011-11-09 22:56:52 <sebicas> jeje.. I know but I am a fast learner
312 2011-11-09 22:57:04 <luke-jr> sebicas: keep in mind it's bad practice to work with BTC as a value
313 2011-11-09 22:57:13 <luke-jr> always convert to/from an integer number of satoshis
314 2011-11-09 22:57:44 <sebicas> luke-jr: Thx for the tip.
315 2011-11-09 22:58:00 <luke-jr> the wiki has (or at least had?) PHP code for that
316 2011-11-09 22:58:27 <sebicas> Yes, I saw it..
317 2011-11-09 22:58:35 <sebicas> I think it can be improved..
318 2011-11-09 22:58:51 <luke-jr> don't optimize what doesn't need optimization :P
319 2011-11-09 22:59:33 <sebicas> Where is the code?
320 2011-11-09 22:59:38 <sebicas> Looks like empty https://code.google.com/p/bitcoin-php-simple/
321 2011-11-09 23:00:53 <CFSworks> You get it from Subversion, apparently: https://code.google.com/p/bitcoin-php-simple/source/checkout
322 2011-11-09 23:01:09 <CFSworks> Oh wait, the repo is empty too.
323 2011-11-09 23:01:23 <doublec> perhaps it's a trick "the best way of using bitcoin from php is not to"
324 2011-11-09 23:01:50 <sebicas> Nop... it's empty
325 2011-11-09 23:01:53 <CFSworks> "PHP... You mean Python, right? The keys are all right next to each other."
326 2011-11-09 23:02:42 <sebicas> jeje... I hope I could write Python..
327 2011-11-09 23:02:49 <sebicas> But I am just a PHP Guy
328 2011-11-09 23:02:56 <sebicas> Like to learn it do..
329 2011-11-09 23:02:59 <denisx> sebicas: you said you are a fast learner
330 2011-11-09 23:03:05 <sebicas> Also getting into Ruby..
331 2011-11-09 23:03:12 <CFSworks> I've heard good things about Ruby.
332 2011-11-09 23:03:16 <CFSworks> Haven't actually tried it myself though.
333 2011-11-09 23:03:29 <sebicas> Yes, but also I am Lazy some times :P
334 2011-11-09 23:03:39 <sebicas> And stick with that I know..
335 2011-11-09 23:03:50 <CFSworks> I must admit that I'm a little wary of PHP these days...
336 2011-11-09 23:03:56 <CFSworks> I knew somebody who used it for everything.
337 2011-11-09 23:03:58 <CFSworks> And I mean everything.
338 2011-11-09 23:04:04 <CFSworks> He wrote Windows standalone GUI apps in PHP.
339 2011-11-09 23:04:10 <sebicas> Guaw.
340 2011-11-09 23:04:26 <cjdelisle> denisx: did you say you patched libevent2 into pushpool? jgarzik is here now and he wrote it so he might be interested in your patch.
341 2011-11-09 23:04:47 <denisx> jgarzik: are you?
342 2011-11-09 23:05:03 <CFSworks> He was 50 minutes ago anyway...
343 2011-11-09 23:05:25 <denisx> cjdelisle: thing is, I kicked all the cli stuff out of pushpoold
344 2011-11-09 23:05:25 <sebicas> What you guys recommend me to learn... Ruby or Python?
345 2011-11-09 23:05:31 <denisx> sebicas: both
346 2011-11-09 23:05:43 <cjdelisle> sebicas: node.js
347 2011-11-09 23:05:46 <sebicas> Wich on first?
348 2011-11-09 23:05:47 <CFSworks> sebicas: I would recommend Python... But I'm a Python zealot, so don't take my word for it.
349 2011-11-09 23:05:57 <sebicas> :)
350 2011-11-09 23:06:16 <cjdelisle> if you like high proformance, node.js
351 2011-11-09 23:06:16 <sebicas> node.js is Java...
352 2011-11-09 23:06:21 <sebicas> Not sure I like Java
353 2011-11-09 23:06:22 <CFSworks> JavaScript.
354 2011-11-09 23:06:25 <sebicas> Yes..
355 2011-11-09 23:06:32 <sebicas> Scripts in Java
356 2011-11-09 23:06:34 <sipa> cjdelisle: what do you want encryption in the protocol for?
357 2011-11-09 23:06:36 <cjdelisle> js != java
358 2011-11-09 23:06:38 <CFSworks> JavaScript is very different from Java.
359 2011-11-09 23:06:46 <sebicas> Why?
360 2011-11-09 23:06:51 <CFSworks> sipa: I believe I was the one talking about that... :)
361 2011-11-09 23:07:06 <sipa> CFSworks: indeed, you
362 2011-11-09 23:07:11 <sipa> i saw a c
363 2011-11-09 23:07:15 <CFSworks> lol
364 2011-11-09 23:07:25 <cjdelisle> CFSworks pointed out that it would get around goobermints passively detecting who sent a tx first
365 2011-11-09 23:07:28 <sebicas> Got is http://kb.mozillazine.org/Javascript_is_not_Java
366 2011-11-09 23:07:30 <sebicas> THz
367 2011-11-09 23:07:44 <sipa> and how would encryption between help for that?
368 2011-11-09 23:08:03 <CFSworks> cjdelisle: I was more concerned about people sitting across from me in a Starbucks watching my wifi traffic, but that too. :P
369 2011-11-09 23:08:52 <CFSworks> sipa: As long as the encryption offers forward secrecy, they can't decrypt it when they get their .cap files from all the ISPs who are in on their eavesdropping scheme.
370 2011-11-09 23:09:24 <sipa> it's true that for the lowest form of eavesdropping, it would increase anonymity
371 2011-11-09 23:09:43 <sipa> but i feel that if you need protection of your privacy, you need more anyway, and you should use tor
372 2011-11-09 23:09:46 <CFSworks> Yeah, it's only good for passive protection.
373 2011-11-09 23:10:11 <cjdelisle> Passive is the most scary since they can pcap everything now and then later decide what they actually care about and/or write the tools to read it
374 2011-11-09 23:10:27 <CFSworks> It's a shame OE is not as simple as "Well let's add a flag to our socket to have it negotiate OE."
375 2011-11-09 23:10:34 <CFSworks> Because if that were the case, we should definitely go ahead and do it.
376 2011-11-09 23:11:07 <CFSworks> But implementing it has a big time/effort investment for somebody to fit it into the protocol and code up a patch.
377 2011-11-09 23:11:13 <cjdelisle> active a pita and they need to know who they really care about before they trap anything
378 2011-11-09 23:11:24 <CFSworks> The question is if it's worth it to thwart passive eavesdroppers.
379 2011-11-09 23:11:37 <cjdelisle> it is if you write the patch ;)
380 2011-11-09 23:12:11 <jgarzik> denisx: sure
381 2011-11-09 23:12:17 <CFSworks> Hey, I'd gladly write the patch, but I don't want to do it alone... I wouldn't be able to keep the code up to Bitcoin's style requirements on my own. :)
382 2011-11-09 23:12:37 <cjdelisle> I volunteer to read it and complain about codestyle
383 2011-11-09 23:12:49 <cjdelisle> I turn out to be rather good at complaining about codestyle
384 2011-11-09 23:12:50 <CFSworks> (And I think changing the protocol is something that would require a rather big community vote on...)
385 2011-11-09 23:13:04 <CFSworks> cjdelisle: Likewise, but that's assuming I know the codestyle to begin with.
386 2011-11-09 23:13:20 <cjdelisle> It's written down in a readme in the source
387 2011-11-09 23:13:43 <CFSworks> Well, I guess it's at least worth a ticket on Github then?
388 2011-11-09 23:13:46 <CFSworks> We can discuss it more in-depth there.
389 2011-11-09 23:13:53 <cjdelisle> I suppose
390 2011-11-09 23:14:46 <denisx> jgarzik: but I removed all the cli stuff because I didn't need it
391 2011-11-09 23:15:02 <CFSworks> I think the real concern here is whether it's worth it to add additional complexity to the client and modify the protocol and do all this extra testing, just to defeat people who are eavesdropping on you passively.
392 2011-11-09 23:15:19 <cjdelisle> sebicas: if you learn node.js you will learn how to do things the *right* way first.
393 2011-11-09 23:15:31 <cjdelisle> java does it the wrong way
394 2011-11-09 23:15:36 <cjdelisle> apache same
395 2011-11-09 23:15:45 <CFSworks> Oh, what does Apache do wrong?
396 2011-11-09 23:15:47 <sebicas> Yes, noje.js was another one I wanted to learn
397 2011-11-09 23:16:02 <cjdelisle> apache spawns a thread for each request
398 2011-11-09 23:16:09 <CFSworks> Ah.
399 2011-11-09 23:16:13 <CFSworks> I guess it depends which MPM you use.
400 2011-11-09 23:16:13 <cjdelisle> which is why lighttpd is much faster
401 2011-11-09 23:16:38 <cjdelisle> but php is the same
402 2011-11-09 23:16:46 <cjdelisle> it uses thread pools to serve requests
403 2011-11-09 23:16:49 <cjdelisle> wrong
404 2011-11-09 23:17:00 <CFSworks> I use mpm_itk, which launches a handler under a different user depending on what vhost is being served.
405 2011-11-09 23:17:05 <sipa> the worker MPM also uses a thread pool, no?
406 2011-11-09 23:17:12 <CFSworks> Granted, that's awful for performance...
407 2011-11-09 23:17:18 <CFSworks> But my machine doesn't see enough traffic for that to be a concern.
408 2011-11-09 23:17:29 <CFSworks> If lighttpd supports the same, I'd consider switching.
409 2011-11-09 23:17:59 <cjdelisle> node.js is distinguished in that it fosters the right way of thinkinf
410 2011-11-09 23:18:01 <cjdelisle> *thinking
411 2011-11-09 23:18:08 <CFSworks> Does it support virtual hosting?
412 2011-11-09 23:18:14 <cjdelisle> node?
413 2011-11-09 23:18:24 <cjdelisle> node is a programming language, not really a server
414 2011-11-09 23:18:28 <cjdelisle> so yes
415 2011-11-09 23:18:33 <CFSworks> Well JavaScript is the programming language...
416 2011-11-09 23:18:34 <cjdelisle> but you would have to write it
417 2011-11-09 23:18:42 <CFSworks> Ah.
418 2011-11-09 23:18:50 <CFSworks> But it still hosts port 80 itself (if you were to use it for web apps)
419 2011-11-09 23:18:54 <cjdelisle> unless someone wrote it for node but there are no libraries for node
420 2011-11-09 23:18:56 <CFSworks> So you can't exactly run it as non-root...
421 2011-11-09 23:18:56 <sipa> if (hostname == "bla.com") { ... } else { ... }
422 2011-11-09 23:18:58 <sipa> vhost!
423 2011-11-09 23:19:32 <sipa> how do you run node.js, btw?
424 2011-11-09 23:19:42 <sipa> are there standalone javascript engines?
425 2011-11-09 23:19:50 <CFSworks> I believe it runs in v8.
426 2011-11-09 23:19:56 <cjdelisle> it includes v8 in the core
427 2011-11-09 23:20:15 <cjdelisle> apt-get install node-js
428 2011-11-09 23:20:16 <CFSworks> I'd really like to compare v8/node.js against PyPy/Twisted...
429 2011-11-09 23:20:16 <cjdelisle> node
430 2011-11-09 23:20:21 <cjdelisle> then start messing around on the console
431 2011-11-09 23:20:54 <cjdelisle> performance is a strange beast
432 2011-11-09 23:21:02 <cjdelisle> java is "faster" than node.js
433 2011-11-09 23:21:14 <cjdelisle> but there is no way in the jdbc to support callbacks
434 2011-11-09 23:21:23 <cjdelisle> so db queries block
435 2011-11-09 23:21:31 <cjdelisle> so you need a thread pre request
436 2011-11-09 23:21:35 <cjdelisle> so it uses more ram
437 2011-11-09 23:21:37 <cjdelisle> so it's slow
438 2011-11-09 23:22:02 <CFSworks> I like Twisted in the Python world, but it tends to be a little bit RAM-heavy...
439 2011-11-09 23:22:49 <cjdelisle> yea, node is like twisted except js was designed that way, there was never any need to write an event lib.
440 2011-11-09 23:23:45 <sipa> isn't node itself the event lib? :)
441 2011-11-09 23:23:59 <CFSworks> Yeah, what exactly is node?
442 2011-11-09 23:24:30 <cjdelisle> node is like a bunch of js libraries and C/C++ bindings
443 2011-11-09 23:25:04 <cjdelisle> it has some event stuff but the real basis of event based code, callbacks, all that is in js already
444 2011-11-09 23:25:51 <CFSworks> player.onDeath(function() {
445 2011-11-09 23:25:52 <CFSworks> ...
446 2011-11-09 23:25:53 <CFSworks> });
447 2011-11-09 23:25:56 <CFSworks> Like that, right?
448 2011-11-09 23:25:59 <cjdelisle> yeap
449 2011-11-09 23:26:15 <cjdelisle> if you write a js code with setTimeout(function() { console.log('hai'); }, 2000); node will not exit for 2 seconds
450 2011-11-09 23:26:18 <CFSworks> That's fun as long as you aren't nesting them so deep that it becomes a headache to track all the functions. :P
451 2011-11-09 23:26:29 <cjdelisle> so there's like an enter_event_look() call that you don't see
452 2011-11-09 23:26:52 <cjdelisle> *enter_event_loop
453 2011-11-09 23:28:18 <cjdelisle> Also node.js and event orianted C are very close so you can learn C from js pretty easily.
454 2011-11-09 23:29:05 <CFSworks> How well does JavaScript sandbox?
455 2011-11-09 23:29:16 <CFSworks> The only thing I don't like about Python is that you absolutely cannot contain anything in a sandbox...
456 2011-11-09 23:29:21 <CFSworks> It will just break out (or crash the interpreter)
457 2011-11-09 23:29:38 <cjdelisle> haha
458 2011-11-09 23:29:44 <sipa> heh?
459 2011-11-09 23:29:49 <cjdelisle> about as good as chrome doesn't get owned
460 2011-11-09 23:30:18 <cjdelisle> that said, node provides apis to allow you to do nasty stuff
461 2011-11-09 23:30:37 <cjdelisle> you could sandbox it with some kernel schenanigans though
462 2011-11-09 23:30:49 <CFSworks> Can you safely run an untrusted script in your node program and keep the untrusted script from getting its hands on those nasty APIs?
463 2011-11-09 23:31:18 <cjdelisle> what would those nasty scripts supposed to be doing?
464 2011-11-09 23:31:32 <sipa> launching nukes
465 2011-11-09 23:31:37 <CFSworks> In other words... Is it possible to make a node.js MOO while keeping the server safe from takeover?
466 2011-11-09 23:32:00 <cjdelisle> I was thinking about setting up a testcase for ths
467 2011-11-09 23:32:04 <cjdelisle> *this
468 2011-11-09 23:32:08 <denisx> jgarzik: http://pastebin.com/MZtX5GFQ
469 2011-11-09 23:32:10 <CFSworks> Since MOO objects would obviously have to run inside a sandbox, kept away from things like "rm -rf /" (not that the server would be running as root, but still... ;))
470 2011-11-09 23:32:24 <denisx> I cannot make a clean diff because Iam running it on freebsd with some patches
471 2011-11-09 23:32:38 <denisx> jgarzik: but this is a very good start to port to libevent2
472 2011-11-09 23:32:49 <cjdelisle> if you use setrlim() to set the open file limit to 0, it's really really hard to convince the kernel to let you do much of anything
473 2011-11-09 23:33:18 <CFSworks> So, it's really not that much better than what you have with Python. :\n2116294
474 2011-11-09 23:34:11 <cjdelisle> it's just that you have to mod node to get rid of them
475 2011-11-09 23:34:21 <cjdelisle> actually
476 2011-11-09 23:34:31 <cjdelisle> require = undefined;
477 2011-11-09 23:34:38 <cjdelisle> that might do it but I'm not sure
478 2011-11-09 23:34:41 <sebicas> As far as I understand the most import part of node.js is that it never close the conection with the client...
479 2011-11-09 23:34:48 <CFSworks> PyPy has its pypy-c-sandbox, which is an interpreter with no I/O functions at all (it's connected to a parent via pipe, and the parent dispatches I/O on its behalf)
480 2011-11-09 23:35:49 <cjdelisle> sebicas: node *can* never close the connection to the client (because it is capable of handling 10 bazillion concurrent tcp sockets) but that's not required
481 2011-11-09 23:36:16 <sipa> i don't see how those are related
482 2011-11-09 23:36:24 <CFSworks> ?
483 2011-11-09 23:36:59 <sipa> what has using persistent connections or not have to do with the scalability of the number of sockets?
484 2011-11-09 23:37:31 <cjdelisle> if you have persistent connections and you use an apache, your world will come crashing down around you
485 2011-11-09 23:37:37 <cjdelisle> oh
486 2011-11-09 23:37:54 <cjdelisle> I mean use websocket or something
487 2011-11-09 23:38:00 <cjdelisle> not just socket reuse
488 2011-11-09 23:38:21 <CFSworks> cjdelisle: So I take it you really like JavaScript... What's your take on Pyjamas?
489 2011-11-09 23:38:35 <cjdelisle> I don't really use python
490 2011-11-09 23:38:38 <cjdelisle> old lang
491 2011-11-09 23:38:45 <cjdelisle> slow version of perl
492 2011-11-09 23:39:08 <luke-jr> CFSworks: what about MOO?
493 2011-11-09 23:39:19 <CFSworks> Perl is faster than Python? Really?
494 2011-11-09 23:39:53 <cjdelisle> no idea
495 2011-11-09 23:39:58 <CFSworks> luke-jr, you mean the original LambdaMOO which had its own language?
496 2011-11-09 23:40:00 <cjdelisle> it "feels" faster
497 2011-11-09 23:40:15 <luke-jr> CFSworks: I'm asking what you mean.
498 2011-11-09 23:41:01 <CFSworks> I mean if I were to implement something like a MOO in node.js (running untrusted scripts on a trusted server, that must coexist with other untrusted scripts), what would the security look like?
499 2011-11-09 23:41:13 <luke-jr> why would you do that? :P
500 2011-11-09 23:41:41 <CFSworks> It's an example question to assess how well you can run many untrusted scripts in the same node.js instance.
501 2011-11-09 23:41:48 <luke-jr> :p
502 2011-11-09 23:41:59 <CFSworks> Without them stomping on each other or bringing down the node.js process itself.
503 2011-11-09 23:42:02 <luke-jr> to be as secure as MOO requires a different paradigm than most people are used to
504 2011-11-09 23:42:53 <cjdelisle> Without them stomping on each other <-- node isn't designed for that
505 2011-11-09 23:43:02 <cjdelisle> you would need seperate processes
506 2011-11-09 23:43:16 <cjdelisle> which is ok since IIRC most of it is shared libraries
507 2011-11-09 23:44:44 <CFSworks> I would think JS would be pretty good at implementing the object-capability model.
508 2011-11-09 23:44:59 <cjdelisle> indeed
509 2011-11-09 23:45:07 <cjdelisle> it is about as close as you can get
510 2011-11-09 23:45:26 <luke-jr> lol
511 2011-11-09 23:45:32 <CFSworks> You can't really do that with Python... The untrusted script would just introspect any security function you had to grab the untrusted function directly. :P
512 2011-11-09 23:45:32 <cjdelisle> and I'm not totally sure but I think you might be able to delete your references to the apis
513 2011-11-09 23:45:36 <luke-jr> cjdelisle: let me guess- you never used MOO
514 2011-11-09 23:45:42 <cjdelisle> correct
515 2011-11-09 23:45:45 <cjdelisle> or lisp
516 2011-11-09 23:46:00 <cjdelisle> I generally don't use esoteric languages
517 2011-11-09 23:46:25 <luke-jr> cjdelisle: MOO is capable of having many many untrusted programmers calling each others' functions securely
518 2011-11-09 23:46:30 <sipa> i would consider neither perl, js, php, python or list esoteric
519 2011-11-09 23:46:32 <CFSworks> I don't know if Lisp qualifies as 'esoteric'... Maybe 'antiquated' is better?
520 2011-11-09 23:47:13 <cjdelisle> luke-jr: if functions were true functions, that would be true of all languages
521 2011-11-09 23:47:28 <sipa> haskell!
522 2011-11-09 23:47:34 <luke-jr> cjdelisle: it would also make it pointless
523 2011-11-09 23:47:43 <CFSworks> cjdelisle, and by "true functions" you mean opaque, where programmers cannot simply rip locals out of them?
524 2011-11-09 23:48:01 <cjdelisle> by true functions I mean with no internal state
525 2011-11-09 23:48:08 <luke-jr> for example, if untrusted User A wants to call my function, my function can decide to use my privileges to do something User A can't do in his own code
526 2011-11-09 23:48:12 <sipa> pure functions == evaluation has no effect beyond its return value
527 2011-11-09 23:48:27 <CFSworks> luke-jr, a seamless transition of security contexts?
528 2011-11-09 23:49:07 <CFSworks> sipa, like Python 'lambda' functions, where it's just an expression with no variables?
529 2011-11-09 23:49:16 <sipa> yes
530 2011-11-09 23:49:20 <cjdelisle> it's often very nice to be able to modify your inputs in a function so I won't go so far as advocating for all functions being pure.
531 2011-11-09 23:49:21 <sipa> haskell has only those
532 2011-11-09 23:49:37 <CFSworks> Functional programming...
533 2011-11-09 23:49:42 <CFSworks> I'm sure the mathematicians in the crowd would love that.
534 2011-11-09 23:49:55 <cjdelisle> I have heard good things about haskell
535 2011-11-09 23:49:59 <CFSworks> Not for me, I'm afraid. :(
536 2011-11-09 23:50:10 <cjdelisle> it's too bad the rest of the world doesn't catch on :/
537 2011-11-09 23:51:09 <sipa> come to #haskell and play with lambdabot :)
538 2011-11-09 23:51:24 <luke-jr> CFSworks: everything runs set-programmer-permissions
539 2011-11-09 23:51:40 <luke-jr> CFSworks: so if UserX wrote the function, it runs with UserX's permissions no matter who calls it
540 2011-11-09 23:51:58 <CFSworks> Can UserX check what the caller's permissions were?
541 2011-11-09 23:52:27 <luke-jr> yes
542 2011-11-09 23:52:55 <luke-jr> and if UserX is privileged, he can set his own permissions to anything else for that context
543 2011-11-09 23:53:06 <luke-jr> ie, the common code: set_task_perms(caller_perms());
544 2011-11-09 23:53:11 <CFSworks> I think the only remaining challenge is figuring out how to avoid RAM exhaustion attacks...
545 2011-11-09 23:53:27 <CFSworks> What's to stop somebody from trying to store all of the Fibonacci sequence inside their objects? :P
546 2011-11-09 23:53:55 <sipa> you'd need per-user memory and cpu limits
547 2011-11-09 23:54:19 <CFSworks> sipa: And that's when I gave up trying to figure out how to make sandboxed Python. :(
548 2011-11-09 23:55:02 <luke-jr> CFSworks: quota
549 2011-11-09 23:55:27 <luke-jr> CFSworks: also common: controls(caller_perms(), this) || raise(E_PERM);
550 2011-11-09 23:55:42 <luke-jr> in cases where someone other than the programmer could own the object/instance
551 2011-11-09 23:55:56 <CFSworks> Ahh.
552 2011-11-09 23:57:28 <luke-jr> hmm