1 2012-04-29 00:00:01 <gmaxwell> (I'm -connect=a57qr3ydpnyntf5k.onion:8333 )
2 2012-04-29 00:03:39 <sipa> gmaxwell: that's dnsseed-via-proxy
3 2012-04-29 00:03:56 <gmaxwell> Yea, it should probably be turned off when using connect, enh?
4 2012-04-29 00:04:15 <sipa> good point
5 2012-04-29 00:04:20 <gmaxwell> (also when DNSseed is disabled perhaps)
6 2012-04-29 00:04:41 <sipa> with -nodnsseed you won't see that
7 2012-04-29 00:07:31 <gmaxwell> I guess we'll do the right thing, at least when that is fixed... though I expect some users will accidentally turn off DNSseed when they really want it.
8 2012-04-29 00:07:50 <gmaxwell> (thinking 'on I don't want DNS leaks')
9 2012-04-29 00:07:57 <gmaxwell> s/on/oh/
10 2012-04-29 00:29:37 <seco> hahaha Points Of Interest on btclook.com: Like "todays headlines from the blockchain": 2 thefts, and new intersting tx with 11ins and 2outs.STOP. Now see one with 102ins but just a total of 0.638BTC :D
11 2012-04-29 00:30:02 <seco> tomorrow you will see great surprise: just visit us again :)
12 2012-04-29 00:31:31 <seco> cool site
13 2012-04-29 00:31:35 <Joric> i wonder how many thefts were yesterday :)
14 2012-04-29 00:32:41 <Joric> seco, where's that can't find those Points Of Interest
15 2012-04-29 00:33:12 <seco> http://www.btclook.com/#/nada on the middle column at the top
16 2012-04-29 00:33:51 <Joric> ah, got it :)
17 2012-04-29 00:34:29 <da2ce7> and windows c++ coders can help in #opentransactions with a few questions about vc90
18 2012-04-29 00:34:30 <da2ce7> *any
19 2012-04-29 00:35:17 <seco> i enjoy those "The thief?" public addresses like http://www.btclook.com/#/addr/176LRX4WRWD5LWDMbhr94ptb2MW9varCZP :)
20 2012-04-29 00:35:36 <gmaxwell> on what basis is it calling some txn theft?
21 2012-04-29 00:35:59 <seco> if mtgox would add push some information about thefts to them, it would make a good bitcoin-policy out of the site
22 2012-04-29 00:36:34 <seco> every trader could check after acceptance of payment and could detect stolen coins!
23 2012-04-29 00:37:37 <gmaxwell> and every theif could check and then move around coins until they pass the detection.
24 2012-04-29 00:37:43 <seco> gmaxwell: i have no clue, but i guess its many small tx to the address, and same frequency of moving them out
25 2012-04-29 00:37:44 <Joric> every coin will be eventually tainted to some extent
26 2012-04-29 00:37:58 <gmaxwell> Joric: which is fine.
27 2012-04-29 00:38:00 <Joric> i don't like that bitcoin aids feature
28 2012-04-29 00:38:46 <gmaxwell> I think it's ironic that the only person I know for a fact who has stolen coins is the one who reliably whines most about people catching coin theives.
29 2012-04-29 00:39:52 <Diablo-D3> and the person who whines most about botnets is the guy with the biggest one
30 2012-04-29 00:40:02 <seco> hehe
31 2012-04-29 00:40:09 <gmaxwell> Luke doesn't whine about botnets.
32 2012-04-29 00:40:10 <Joric> i hate botnets too! :)
33 2012-04-29 00:40:29 <Diablo-D3> gmaxwell: he wines about people bitching he keeps them online
34 2012-04-29 00:40:29 <gmaxwell> The professional spammer whines about botnets.
35 2012-04-29 00:40:31 <Diablo-D3> so they must be all his
36 2012-04-29 00:40:32 <seco> oh yes we all do, until there is some distributed method which solves problems for us :D
37 2012-04-29 00:41:42 <gmaxwell> http://blockexplorer.com/tx/1c19389b0461f0901d8eace260764691926a5636c74bd8a3cc68db08dbbeb80a < what an odd txn.
38 2012-04-29 00:42:07 <gmaxwell> why do they have so many randomly sized pay to pubkey inputs.
39 2012-04-29 00:44:12 <gmaxwell> luke-jr: is that a txn by you?
40 2012-04-29 00:44:40 <luke-jr> gmaxwell: not afaik
41 2012-04-29 00:44:42 <seco> lol half of the outputs are under 0.1btc and unclaimed; but the big ones over 1.6k are moving forward :D
42 2012-04-29 00:46:56 <seco> oh wait the mass of these bubbles just crashed *cough*
43 2012-04-29 00:47:40 <Joric> http://brainwallet.org/#transactions <- hope eventually it'll become a full blown transaction editor
44 2012-04-29 00:48:51 <gmaxwell> luke-jr: I think you've been robbed if that wasn't yours.
45 2012-04-29 00:49:06 <gmaxwell> luke-jr: all those pay to pubkey inputs are the single pubkey payment in eligius blocks.
46 2012-04-29 00:59:09 <luke-jr> gmaxwell: oh, those are just inputs
47 2012-04-29 00:59:15 <luke-jr> outputs look like normal sendmany
48 2012-04-29 00:59:38 <luke-jr> 2011-07-05 was a long time ago
49 2012-04-29 04:33:29 <paulo_> i just tried coding merkle signatures
50 2012-04-29 04:34:05 <paulo_> signatures are 24kb, which are too big
51 2012-04-29 04:35:22 <paulo_> *lamport signatures
52 2012-04-29 04:41:29 <gmaxwell> You can compress them by arranging them in trees. You only have to disclose hash vales as deep as the trees differ.
53 2012-04-29 04:41:39 <gmaxwell> Doesn't help that much but it's something.
54 2012-04-29 04:52:36 <paulo_> gmaxwell: i don't fully understand how hash trees help. Can you explain it further?
55 2012-04-29 04:52:58 <paulo_> Instead, i publish another compressed public key for the next message.
56 2012-04-29 04:53:25 <paulo_> by compressed public key i mean a hash of the real public key.
57 2012-04-29 04:54:26 <paulo_> I just publish the real public key along with the signature
58 2012-04-29 04:54:31 <paulo_> as described here: https://en.wikipedia.org/wiki/Lamport_signature#Short_public_key
59 2012-04-29 04:55:45 <gmaxwell> paulo_: say you have 512 hashes for a 256 bit signing. You arrange them in a binary tree along the 0 or 1 values. This way when the data being signed is contigiously 1/0 you only send the upper levels of the tree (along with the relevant secret preimages)
60 2012-04-29 04:59:24 <paulo_> gmaxwell: I don't really understand.
61 2012-04-29 05:03:18 <gmaxwell> paulo_: for every value in the signature you need to transmit the secret preimage for the value being signed signing.
62 2012-04-29 05:03:47 <gmaxwell> You also need to send the hashes for the values opposite bits, so that the public key can be computed for comparison.
63 2012-04-29 05:04:39 <paulo_> gmaxwell: i understand, thanks.
64 2012-04-29 05:05:09 <gmaxwell> You can reduce the number of hashes you need to send for the public key side by arranging the hashes into a binary hash tree, and sending higher levels of the tree when the bits take on the same values. I don't know how to put it more siply without drawing pictures.
65 2012-04-29 05:07:42 <gmaxwell> paulo_: for 512 bit hashes, a lamport signature should only be 8192 bytes. even without the fancy compression I described.
66 2012-04-29 05:07:55 <gmaxwell> (512 bits * 512 bits * 2)
67 2012-04-29 05:38:10 <paulo_> i've reduced the signature to 16kb
68 2012-04-29 05:38:19 <paulo_> 512 * 256 bits
69 2012-04-29 05:41:57 <gmaxwell> paulo_: thats right. (ignore my 8192 above, I'm obviously up way past my bedtime)
70 2012-04-29 05:42:55 <gmaxwell> paulo_: you can make it smaller still, but not consistently� by doing the tree compression of the public values the 16kb can be the worst case. But yes, lamport signatures are enormous... thats why bitcoin doesn't use them today.
71 2012-04-29 05:43:39 <gmaxwell> (and sadly, none of the 'post quantum' signature schemes are space efficient)
72 2012-04-29 05:47:44 <gmaxwell> The bestcase for the tree compressed signatures is 8224 bytes, e.g. for the astronomically unlikely signing all 0/1s cases. (e.g. you'd send the 32 secrets, and then the single hash of the whole 0 or 1 side public tree root, which you'd hash with the hash of the tree you calculate from the secrets to get the public key.)
73 2012-04-29 05:52:54 <paulo_> gmaxwell: I was actually thinking of the same concept (the compression). I just thought yours always compresses.
74 2012-04-29 06:23:23 <paulo_> gmaxwell: I understand how the hash tree works now, thanks.
75 2012-04-29 06:30:20 <paulo_> gmaxwell: if I get have this right, I can compress if bits are the same contigously in the powers of 2?
76 2012-04-29 06:30:55 <paulo_> for example, I can compress 11 and 110 into one hash, and 1111 into one hash?
77 2012-04-29 07:52:14 <Diablo-D3> remember to vote everyone: https://bitcointalk.org/index.php?topic=78052.0
78 2012-04-29 09:30:08 <gribble> New news from bitcoinrss: laanwj opened pull request 1163 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/1163>
79 2012-04-29 09:35:26 <gribble> New news from bitcoinrss: laanwj reopened pull request 1139 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/1139>
80 2012-04-29 10:27:33 <Joric> http://abe.john-edwin-tobey.org/ is down
81 2012-04-29 10:27:59 <Joric> are there any other blockexplorers besides bbe and bci?
82 2012-04-29 10:31:09 <Joric> the 'mirror' from wiki http://109.123.116.245 doesn't work either
83 2012-04-29 10:33:04 <riush> Joric: bitcoin.interesthings.de is my experimental one
84 2012-04-29 10:37:14 <Joric> riush, i'm looking for /q/mytransactions or something similar trying to make a reliable transaction builder
85 2012-04-29 10:37:30 <Joric> just found out blockexplorer doesn't include coinbase into a list transactions http://blockexplorer.com/q/mytransactions/12c6DSiU4Rq3P4ZxziKxzrL5LmMBrzjrJX kindof risky, 50 btc off
86 2012-04-29 10:38:13 <riush> Joric: /addres/<addr>
87 2012-04-29 10:38:23 <riush> or just search for it (but that sometimes doesn't work)
88 2012-04-29 10:38:33 <riush> address*
89 2012-04-29 12:11:52 <paulo_> i think i've overcomplicated the lamport signature program...
90 2012-04-29 12:12:26 <sipa> can it send e-mail?
91 2012-04-29 12:12:32 <paulo_> lol
92 2012-04-29 12:12:38 <sipa> if not: no
93 2012-04-29 12:17:11 <paulo_> maybe i'm just too lazy to finish it
94 2012-04-29 13:30:37 <genjix> 177660 contains a BIP 16 tx :)
95 2012-04-29 16:15:31 <gmaxwell> sipa: so I successfully* bootstrapped a node over your onion address.
96 2012-04-29 16:16:02 <gmaxwell> (*) successful subject to the fact that bitcoin is currently broken and hangs at block 177791.
97 2012-04-29 16:16:35 <gmaxwell> oh, it's not hung.. it's just syncing very slowly now.
98 2012-04-29 16:17:25 <gmaxwell> weird.
99 2012-04-29 16:17:26 <gmaxwell> 04/29/12 18:06:24 SetBestChain: new best=00000000000005f83ade height=177791 work=307944356672549527872
100 2012-04-29 16:17:42 <gmaxwell> 04/29/12 18:15:30 askfor block 00000000000006b60552 0
101 2012-04-29 16:17:43 <gmaxwell> 04/29/12 18:15:30 sending getdata: block 00000000000006b60552
102 2012-04-29 16:40:46 <midnightmagic> bootstrap from scratch?
103 2012-04-29 16:40:58 <midnightmagic> if so, gmaxwell, how long did it take?
104 2012-04-29 17:03:33 <paulo_> bitcoin is broken?
105 2012-04-29 17:03:52 <[Tycho]> Why do you think so ?
106 2012-04-29 17:05:19 <paulo_> i was scrolling up
107 2012-04-29 17:10:16 <graingert> gmaxwell: broken?
108 2012-04-29 17:16:25 <BTCTrader> does anyone know Adrianne Jeffries email?
109 2012-04-29 17:16:34 <BTCTrader> oh nm
110 2012-04-29 17:20:56 <sipa> hmm, i was running without -logtimestamps, so i can't tell how long it took
111 2012-04-29 17:23:21 <gribble> New news from bitcoinrss: rebroad opened issue 1164 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/issues/1164>
112 2012-04-29 17:35:26 <paulo_> weirdly, google doesn't return existing implementations of lamport
113 2012-04-29 18:01:06 <gmaxwell> paulo_ a basic lamport implementation is so trivial I can see why people wouldn't bother.
114 2012-04-29 18:01:38 <gmaxwell> paulo_: the tree compressed lamport afaik only exists in my mind (and yours now), I wasn't able to find any citations for it� though its a pretty obvious optimization.
115 2012-04-29 18:05:08 <paulo_> gmaxwell: and a very dirty tree compressed code soon.
116 2012-04-29 18:13:50 <gmaxwell> sipa: I have a log of it with logtimestamps.
117 2012-04-29 18:14:05 <gmaxwell> paulo_> bitcoin is broken?
118 2012-04-29 18:14:16 <gmaxwell> and it's not broken I was just being stupid because I just woke up. :)
119 2012-04-29 18:16:08 <gmaxwell> 04/29/12 05:01:47 SetBestChain: new best=00000000000007cb13f5 height=177700 work=307354727434804372082
120 2012-04-29 18:16:22 <gmaxwell> 04/29/12 02:01:08 SetBestChain: new best=00000000839a8e6886ab height=1 work=8590065666
121 2012-04-29 18:16:54 <gmaxwell> (this is just on my laptop which is rather slow� an old 1.6ghz L7500)
122 2012-04-29 18:17:58 <gmaxwell> I think three hours to fully sync up over hidden service� which has 7 hops instead of the normal 3� doesn't sound bad at all.
123 2012-04-29 18:19:08 <paulo_> i've done the signing part, the checking part is hard.
124 2012-04-29 18:20:40 <gmaxwell> paulo_: yea, you have to rebuild the same tree just from the signed data in order to know what hashes you're recieving.
125 2012-04-29 18:21:31 <paulo_> gmaxwell: exactly, it's kinda hard to code it.
126 2012-04-29 18:21:37 <paulo_> oh well, it's time for me to sleep
127 2012-04-29 18:25:12 <gmaxwell> I also had a thought that you actually code reduce it further by coding quadnary (radix 4) units instead of bits. E.g. you group pairs of bits to get 0,1,2,3 values. Then you only need to disclose one secret value per two bits instead of one secret value per bits.
128 2012-04-29 18:25:52 <gmaxwell> This might compress better because the secret values don't get any tree gain. But I don't remember if I did the math to figure out of the 4 way branching reduced the average case compression enough to completely offset the gain.
129 2012-04-29 18:26:35 <gmaxwell> (the best case would obviously be a lot better thought). Maybe I did because IIRC I did figure out that higher radix made it worse.
130 2012-04-29 20:06:00 <Diapolo> BlueMatt: Another try, are you on?
131 2012-04-29 20:11:32 <gribble> New news from bitcoinrss: Diapolo opened issue 1165 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/issues/1165>
132 2012-04-29 20:47:23 <jgarzik> cute. Someone is figuring out who minted each block: http://blockorigin.pfoe.be/
133 2012-04-29 20:47:34 <jgarzik> it's nice to have that data aggregated
134 2012-04-29 21:08:15 <kinlo> :)
135 2012-04-29 21:08:32 <sipa> gmaxwell: also, it's from a laptop over wifi on my side
136 2012-04-29 21:17:43 <gribble> New news from bitcoinrss: Diapolo opened pull request 1166 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/1166>
137 2012-04-29 23:59:20 <sneak> can someone direct me to info about the security/network harm issues with pre 0.6.0?