  1 2012-05-03 00:46:34 <etotheipi_> anyone here who helped with BIP 21 (the URL spec) have comments about "label=" vs "message="
  2 2012-05-03 00:47:37 <etotheipi_> and more directly, I want to know if "message=" is saved with the wallet in Bitcoin-Qt
  3 2012-05-03 00:50:07 <etotheipi_> and even more directly, could you consider storing "address labels" and "transaction comments/labels" separately
  4 2012-05-03 00:50:48 <Joric> sipa, do you have a reference implementation of BIP32? 'Hierarchical Deterministic Wallets'
  5 2012-05-03 00:50:54 <etotheipi_> I'm seeing tremendous value in using the "label" field to identify the owner of the address that would show up in your address book... and using the "message" field for the merchant to put order information
  6 2012-05-03 00:51:15 <etotheipi_> but I'm not sure that Bitcoin-Qt save the message data
  7 2012-05-03 00:51:29 <etotheipi_> Joric: I've got a reference implementation :)
  8 2012-05-03 00:52:02 <etotheipi_> I'm actually developing my new wallet format too soon... I got it implemented and tested, but sipa hasn't even finished the spec yet...
  9 2012-05-03 00:52:16 <Joric> etotheipi_, didn't know armory wallets are hierarchical
 10 2012-05-03 00:52:18 <etotheipi_> I can't finalize it until I know that it will be compatible with the final
 11 2012-05-03 00:52:24 <etotheipi_> Joric: they're not
 12 2012-05-03 00:52:29 <etotheipi_> they're only deterministic
 13 2012-05-03 00:52:59 <etotheipi_> but I have a bunch of reasons I needed to start over with a completely new wallet version, and sipa's HD wallets are pretty smooth
 14 2012-05-03 00:53:23 <etotheipi_> so I decided to switch to their [future] algorithm, which then will be compatible with Bitcoin-Qt wallets, too
 15 2012-05-03 00:53:26 <Joric> can't wait to make a js version of it )
 16 2012-05-03 00:53:42 <etotheipi_> Joric: well no matter what, you need to implement HMAC-SHA512
 17 2012-05-03 00:53:49 <etotheipi_> so you could get started implementing and unit-testing that
 18 2012-05-03 00:55:56 <Joric> looks like it's already implemented http://jssha.sourceforge.net
 19 2012-05-03 00:56:42 <etotheipi_> I put up test vectors for the ChildKeyDerive() function at:  https://gist.github.com/2513316
 20 2012-05-03 00:56:51 <etotheipi_> but they still need to be confirmed by SIPA
 21 2012-05-03 00:57:11 <etotheipi_> wait, nm... we're possibly changing it slightly, so those test vectors will be invalid
 22 2012-05-03 07:02:41 <Diapolo> hi there, can someone plese send me some testnet coins to n1BZTYSkrdLW1LEmYppjGs5g1zVwmC8fAs as I would like to test an address list code-fix for the Qt client
 23 2012-05-03 07:04:43 <t7> what is opencl used for apart from hashing ?
 24 2012-05-03 07:06:32 <Diapolo> for Bitcoin or in general?
 25 2012-05-03 07:06:39 <t7> in general
 26 2012-05-03 07:07:22 <Diapolo> Simulations, physics, economics, atom-stuff and all related calculations e.g.
 27 2012-05-03 07:07:37 <Diapolo> is's a general purpos computing language
 28 2012-05-03 07:07:39 <Diapolo> +e
 29 2012-05-03 07:08:54 <t7> yeah but branches are really slow arnt they?
 30 2012-05-03 07:12:13 <t7> (so its not really general purpose )
 31 2012-05-03 07:16:22 <fiddur> Diapolo: sure; sent 500
 32 2012-05-03 07:31:28 <Diapolo> fiddur: thanks that helps me a lot :)
 33 2012-05-03 07:31:58 <Diapolo> t7: branching got a lot better with GCN
 34 2012-05-03 07:33:25 <gribble> New news from bitcoinrss: Diapolo opened pull request 1188 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/1188>
 35 2012-05-03 07:35:21 <Diapolo> fiddur: can you also hand me an testnet addr I can sent coins to for testing :)?
 36 2012-05-03 07:35:50 <fiddur> Diapolo: sure:        mrksAVqV5Kywjky9BBaMVty95hXyaQaiJE
 37 2012-05-03 07:36:39 <fiddur> hmm, anyone else bothered by the fact that "Copy to clipboard" puts the address in secondary clipboard in X, so that pasting with middle click doesn't work? :)
 38 2012-05-03 07:40:59 <Diapolo> fiddur: thanks well if that's a clear bug / glitch I would suggest you report it on github
 39 2012-05-03 07:48:12 <sipa__> fiddur: do you know of any program where a copy to clipboard puts it in the primary?
 40 2012-05-03 07:48:51 <sipa__> the primary clipboard is really just delayed drag and drop
 41 2012-05-03 07:49:14 <fiddur> sipa__: Normally you have the option of marking the text, and thus having it in primary clipboard directly.  In the address-list, you cant mark the address...
 42 2012-05-03 07:50:54 <fiddur> But no, it's not a clear bug, just an inkonvenience depending on how you're used to work.
 43 2012-05-03 07:55:38 <t7> :t let fix f = f (fix f) in fix
 44 2012-05-03 07:55:43 <t7> woops
 45 2012-05-03 08:06:12 <Ken`_> fixpoint operator
 46 2012-05-03 08:38:02 <denisx> anybody has an idea why my version of block 177788 were not accepted even it was found 5 minutes earlier than the accepted 177788 block?
 47 2012-05-03 08:38:09 <denisx> http://blockchain.info/block-height/177788
 48 2012-05-03 08:38:56 <sipa> which one is yours?
 49 2012-05-03 08:39:15 <denisx> 0x00000000000006d883941598b21319df4d8eb555dfd7f5913a283a360b87b9a8
 50 2012-05-03 08:40:16 <denisx> it is my first invalid block (some coding accidents not included ;)
 51 2012-05-03 08:40:22 <denisx> so expected I lost a time race
 52 2012-05-03 08:40:26 <denisx> but not in 5min
 53 2012-05-03 08:41:13 <drizztbsd> denisx: are you developing a miner? :)
 54 2012-05-03 08:41:25 <denisx> drizztbsd: no
 55 2012-05-03 08:42:03 <denisx> I operate a small pool and make changes to pushpoold
 56 2012-05-03 08:50:12 <denisx> there is also one orphan before mine nearly 6 minutes apart
 57 2012-05-03 09:47:23 <finway> Hey, devs
 58 2012-05-03 09:47:45 <finway> Did you noticed satoshidice.com recently made a lot of transactions ?
 59 2012-05-03 09:48:07 <finway> Addresses start with 1dice
 60 2012-05-03 09:48:22 <finway> It's so popular
 61 2012-05-03 09:49:35 <finway> They made 200 transactions per hour
 62 2012-05-03 09:50:12 <finway> That's one half of the volume of the network.
 63 2012-05-03 09:51:09 <Diablo-D3> by tx count yeah
 64 2012-05-03 09:51:11 <Diablo-D3> but not my money
 65 2012-05-03 09:52:00 <Joric> Transactions per day back to July '11 level http://blockchain.info/charts/n-transactions?timespan=360days&showDataPoints=false&daysAverageString=7
 66 2012-05-03 09:54:26 <finway> Since P2SH was implemented, when will MERKREE TREE PRUNING be implented ?
 67 2012-05-03 09:54:42 <finway> I think we'll hit scalability problem earlier.
 68 2012-05-03 09:55:11 <finway> Do someone have pullrequest for that ?
 69 2012-05-03 09:55:23 <finway> SPV mode
 70 2012-05-03 09:55:46 <sipa> merkle tree pruning and SPV mode are not the same thing
 71 2012-05-03 09:55:54 <sipa> and SPV mode is already implemented by BitcoinJ
 72 2012-05-03 09:55:58 <finway> oh
 73 2012-05-03 09:56:05 <Joric> i don't like their stats it's full of LOSE didn't they check it themselves
 74 2012-05-03 09:56:25 <sipa> and merkle tree pruning... unsure whether it will ever be very useful
 75 2012-05-03 09:56:57 <finway> someone are betting 126.x_times_level
 76 2012-05-03 09:57:08 <paulo_> won't using merkle tree pruning mean that at some point everyone will lose previous transactions?
 77 2012-05-03 09:57:17 <sipa> i've already implemented a proof of concept that does it, but it is extremely slow (it wasn't intended to be fast either), and results in an approximately 50% smaller block datbase
 78 2012-05-03 09:57:32 <sipa> paulo_: you obviously only prune old & spent transactions
 79 2012-05-03 09:57:35 <sipa> and not your own
 80 2012-05-03 09:57:55 <paulo_> ah, makes sense. Why isn't it implemented?
 81 2012-05-03 09:58:24 <sipa> because not implementing it is 1) far easier 2) not everyone can prune anyway in the current protocol
 82 2012-05-03 09:58:38 <sipa> pruned nodes can do full validation, but cannot provide the blockchain to new nodes
 83 2012-05-03 10:00:02 <finway> So, pruned nodes need to download full blockchain from full nodes, then prune , and work alone ?
 84 2012-05-03 10:00:34 <finway> That dosen't sound useful...
 85 2012-05-03 10:01:23 <sipa> if disk space is the problem, it may be useful
 86 2012-05-03 10:01:36 <sipa> but i doubt disk space will be the limiting factor for full nodes in the future
 87 2012-05-03 10:01:41 <finway> yeah, now it's far from there.
 88 2012-05-03 10:02:00 <finway> It's the time to build a full node.
 89 2012-05-03 10:02:15 <etotheipi__> well it's still useful if you have a way for nodes to share the results of pruning
 90 2012-05-03 10:03:36 <etotheipi__> just like blockheaders which are supposed to be consistent, and provide a map of what blocks there are, there could be messages implemented to allow nodes to download the pruned blockchain in pieces and verify individual pieces, verify against headers, and still confirm the longest chain
 91 2012-05-03 10:04:22 <etotheipi__> (this is something I want to do in Armory.... when it's *done*)
 92 2012-05-03 10:05:00 <finway> etotheipi, why don't your implement validation in Armory ?
 93 2012-05-03 10:06:18 <etotheipi_> finway: that's potentially multiple months of pain and suffering, and ultimately ending up with a buggy version of block validation that causes blockchain forks
 94 2012-05-03 10:07:13 <finway> bitcoinJ doesn't do a fork
 95 2012-05-03 10:07:54 <finway> more implementations are good
 96 2012-05-03 10:07:56 <etotheipi_> some client developers want to make it their mission to reimplement that... and if you're willing to give it your all, that works
 97 2012-05-03 10:08:20 <etotheipi_> but my focus is on enabling new functionality on the network, not reimplementing the networking engine
 98 2012-05-03 10:08:36 <finway> etotheipi, i bet you're right
 99 2012-05-03 10:08:55 <etotheipi_> however, I will, eventually, figure out how to integrate someone else's networking library
100 2012-05-03 10:09:02 <etotheipi_> so that Armory can be standalone
101 2012-05-03 10:10:55 <finway> pitty my python skills are pretty lame.
102 2012-05-03 10:11:26 <etotheipi_> although to be fair... I think it would be "fun" to do the networking stuff
103 2012-05-03 10:11:45 <finway> etotheipi, will you consider twisted ?
104 2012-05-03 10:11:46 <etotheipi_> I just re-learned python-twisted and it's a delightful little networking environment
105 2012-05-03 10:12:05 <finway> haa
106 2012-05-03 10:12:11 <etotheipi_> finway: I already use twisted in Armory, but very limited:  just for light communication between Armory and the satoshi client
107 2012-05-03 10:13:00 <Joric> comeon pain and suffering everybody knows programming is a pure joy
108 2012-05-03 10:14:35 <etotheipi_> but I recently re-read the awesome tutorial on twisted and am kind of anxious to play with it:  http://krondo.com/?page_id=1327
109 2012-05-03 10:16:27 <finway> ha
110 2012-05-03 10:16:52 <finway> etotheipi, how long have you played with python ?
111 2012-05-03 10:16:57 <etotheipi_> I've probably read through the first 15 sections about 3 times now...
112 2012-05-03 11:02:26 <gribble> New news from bitcoinrss: Diapolo opened pull request 1189 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/1189>
113 2012-05-03 11:26:51 <paulo_> is there a tool that converts private keys into bitcoin addresses?
114 2012-05-03 11:31:01 <ThomasV> paulo: pywallet
115 2012-05-03 11:34:38 <etotheipi_> paulo_: you can do it with the ECDSA calculator in Armory, which works in offline mode
116 2012-05-03 11:34:57 <paulo_> ok, thanks.
117 2012-05-03 11:35:12 <etotheipi_> just copy the key into the private key field, in any format, and click "Calculate" and it will compute the public key, hash160, and addr str
118 2012-05-03 11:35:28 <paulo_> saves me from downloading python.
119 2012-05-03 11:35:40 <etotheipi_> armory has full installers now
120 2012-05-03 11:35:57 <etotheipi_> and it will put "Armory (Offline)" in your menu
121 2012-05-03 11:36:02 <etotheipi_> (yes I'm very proud of this upgrade :))
122 2012-05-03 11:36:20 <etotheipi_> but come on... python is awesome!
123 2012-05-03 11:36:46 <etotheipi_> http://bitcoinarmory.com/index.php/get-armory
124 2012-05-03 11:57:58 <finway> Oh, satoshidice.com are losing control
125 2012-05-03 11:58:06 <finway> txes are flushing...
126 2012-05-03 11:58:44 <etotheipi_> that looks like a cool site
127 2012-05-03 11:58:48 <etotheipi_> I've been meaning to try it...
128 2012-05-03 11:58:55 <finway> It's 400 txes per hour now.
129 2012-05-03 11:59:26 <finway> Something like explotion
130 2012-05-03 11:59:28 <etotheipi_> heh...is that why the blockchain size has been accelerating recently :)
131 2012-05-03 12:00:12 <finway> I bet it is.
132 2012-05-03 12:01:01 <etotheipi_> gah, another site that should implement URLs...
133 2012-05-03 12:01:08 <ThomasV> is the number of tx rise caused by a real increase of usage?
134 2012-05-03 12:01:21 <finway> It's real.
135 2012-05-03 12:01:22 <finway> But it's fast.
136 2012-05-03 12:01:29 <etotheipi_> I finally went to all the effort to implement URL handling, and none of these sites support it!
137 2012-05-03 12:01:31 <ThomasV> or is someone spamming the chain?
138 2012-05-03 12:01:39 <finway> Maybe some double spending.
139 2012-05-03 12:01:56 <finway> and maybe some spamming.
140 2012-05-03 12:02:23 <ThomasV> etotheipi_: I asked cinfu.com to implement bitcoin: URIs. guess how long it took them?
141 2012-05-03 12:04:06 <finway> We are getting a new high level of no.transactions per day.
142 2012-05-03 12:04:09 <finway> More than 15k
143 2012-05-03 12:04:40 <finway> This is crazy.
144 2012-05-03 12:04:49 <paulo_> finway: what is the usual?
145 2012-05-03 12:05:06 <finway> usual are 6k-8k
146 2012-05-03 12:05:09 <ThomasV> paulo_: http://blockchain.info/charts/n-transactions?showDataPoints=false&show_header=true&daysAverageString=1&timespan=&scale=0&address=
147 2012-05-03 12:05:21 <copumpkin> finway: you think it's all due to satoshi's dice?
148 2012-05-03 12:05:24 <copumpkin> I'd believe it
149 2012-05-03 12:05:27 <copumpkin> it looks pretty popular
150 2012-05-03 12:05:28 <finway> Sure
151 2012-05-03 12:05:37 <etotheipi_> that's surprisingly cyclic
152 2012-05-03 12:06:05 <finway> copumpkin, search addresses start_with '1dice'
153 2012-05-03 12:06:06 <finway> Or check their site.
154 2012-05-03 12:06:09 <etotheipi_> it can't be weekly
155 2012-05-03 12:06:48 <paulo_> looks like the last time the most transactions per day happened was when it reached $30 per BTC
156 2012-05-03 12:07:18 <finway> SatoshiDICE are rolling, crazyly.
157 2012-05-03 12:08:13 <finway> I bet it'll be more than 15k today.
158 2012-05-03 12:08:16 <jeremias> I would make some kind of limit for the amount...
159 2012-05-03 12:08:34 <jeremias> because the amount of transactions is annoying
160 2012-05-03 12:09:06 <finway> This can't be manual.
161 2012-05-03 12:09:27 <jeremias> people are betting 0.05 BTC bets = 25 cents
162 2012-05-03 12:09:53 <paulo_> http://blockchain.info/charts/n-transactions?timespan=all&showDataPoints=false&daysAverageString=1&show_header=true&scale=0&address=
163 2012-05-03 12:10:02 <paulo_> what's with those 10k spikes?
164 2012-05-03 12:10:27 <etotheipi_> what's with the x-axis?
165 2012-05-03 12:10:53 <paulo_> sometime around May.
166 2012-05-03 12:12:20 <finway> My Bitcoin folder are 1.7GB now.
167 2012-05-03 12:13:39 <neofutur> this is the size of the blockchain, and it will always grow
168 2012-05-03 12:13:51 <finway> Didn't expect scalability problems comming so fast.
169 2012-05-03 12:14:07 <neofutur> https://bitcointalk.org/index.php?topic=71542
170 2012-05-03 12:14:19 <neofutur> you re not the only one to have this problem
171 2012-05-03 12:14:40 <jeremias> 1.7 GB isn't that much
172 2012-05-03 12:14:49 <jeremias> HD movie takes easily 8GB
173 2012-05-03 12:14:54 <neofutur> depend if you are using a eepc 4G or not
174 2012-05-03 12:15:05 <neofutur> ( 4 GB disk )
175 2012-05-03 12:16:14 <finway> jeremias, setting new full nodes are.
176 2012-05-03 12:16:16 <neofutur> eeepc being just one example of a small device people use
177 2012-05-03 12:16:48 <etotheipi_> neofutur: what kind of eeepc are you using?
178 2012-05-03 12:16:58 <etotheipi_> my eeepc I got 4 years ago had a 160 GB HD
179 2012-05-03 12:17:13 <neofutur> eh I still have the first one, eepc 4G
180 2012-05-03 12:17:14 <etotheipi_> and i thought that was a cheaper one
181 2012-05-03 12:17:17 <neofutur> eeepc 4G
182 2012-05-03 12:17:33 <etotheipi_> well your point is still valid... I'm just surprised by the eeepc specs
183 2012-05-03 12:18:09 <neofutur> http://www.fixya.com/search/p636635-asus_eee_pc_4g_pc_notebook/low_disk_space
184 2012-05-03 12:18:13 <neofutur> from 2008 ;)
185 2012-05-03 12:18:37 <neofutur> its the first eeepc  asus made
186 2012-05-03 12:19:12 <neofutur> milions sold in europe afaik
187 2012-05-03 12:19:38 <finway> Gambling people are craaaaaazy.
188 2012-05-03 12:19:47 <neofutur> they came very cheap in a bundle with the first 3G contracts
189 2012-05-03 12:19:51 <finway> It's  600 txes per hour now.
190 2012-05-03 12:19:56 <drizztbsd> finway: trading is gambling :P
191 2012-05-03 12:20:21 <etotheipi_> ack, this reminds me that I need to upgrade Armory to handle multiple blk000X.dat files
192 2012-05-03 12:20:22 <etotheipi_> :(
193 2012-05-03 12:20:35 <etotheipi_> I originally wrote it not realizing there could be more than one
194 2012-05-03 12:22:20 <neofutur> ( I also have a laptop with more disks, but I wish I could also use bitcoin on the small eeepc i always travel with
195 2012-05-03 12:22:26 <drizztbsd> etotheipi_: why do you have more?
196 2012-05-03 12:22:36 <neofutur> or on the raspberry pi that recently came out
197 2012-05-03 12:23:33 <etotheipi_> drizztbsd: I use Bitcoin-Qt/bitcoind's blockchain file... which is blk0001.dat... it will stop updating that file after 2 GB and start new data to blk0002.dat, etc
198 2012-05-03 12:23:53 <drizztbsd> oh, fat32 (sux) compliancy
199 2012-05-03 12:24:08 <etotheipi_> but I wrote this originally when the blockchain file was like 400 MB and didn't even realize there was a limit
200 2012-05-03 12:24:17 <etotheipi_> (I should've known, but didn't even think about it)
201 2012-05-03 12:24:19 <finway> My Raspberry Pi will arrive at July, but i guess i can't using it to load a full bitcoin node then...:(
202 2012-05-03 12:24:37 <etotheipi_> finway: but you can use it as an offline signing device for Armory :)
203 2012-05-03 12:25:01 <finway> etotheipi, i like full nodes, it's full.
204 2012-05-03 12:25:14 <etotheipi_> finway: well then, get two
205 2012-05-03 12:25:17 <etotheipi_> :)
206 2012-05-03 12:25:54 <etotheipi_> I've been thiking about ways to simplify Armory's cold storage, and I think Raspberry Pi + 3D printer would work well :)
207 2012-05-03 12:26:37 <etotheipi_> plenty of people have old laptops, but it would be cool to print off custom pi cases and sell them as dedicated cold-storage signers...
208 2012-05-03 12:26:56 <finway> etotheipi, i'm using  32bit windows :(
209 2012-05-03 12:28:03 <etotheipi_> finway: don't worry, I haven't forgotten you
210 2012-05-03 12:28:12 <etotheipi_> I've just neglected you temporarily, that's all :)
211 2012-05-03 12:28:37 <finway> :P
212 2012-05-03 12:30:07 <finway> You should listen to this, like heart beating.  http://blockchain.info/unconfirmed-transactions
213 2012-05-03 12:30:43 <finway> Much faster than before.
214 2012-05-03 12:43:26 <etotheipi_> sipa, something mild to consider... in Armory, I created wallet IDs from the root address + network byte
215 2012-05-03 12:43:44 <etotheipi_> actually, from root address and the first child address ,
216 2012-05-03 12:44:20 <etotheipi_> the reason for this was so that the "ID" identifies network (mainnet,testnet,etc), and the determinism as well
217 2012-05-03 12:44:44 <etotheipi_> if you were to change the determinism algorithm (which I did early on in Armory) it should end up with a different ID
218 2012-05-03 12:46:50 <etotheipi_> sipa: actually looking at the spec, it would be fine to just hash the serialized public parent
219 2012-05-03 12:47:17 <etotheipi_> that captures at least addr, chaincode and network
220 2012-05-03 12:48:21 <paulo_> no pywallet channel?
221 2012-05-03 12:49:24 <etotheipi_> paulo_: Armory didn't work for you?
222 2012-05-03 12:49:45 <paulo_> changed my mind, chose pywallet instead
223 2012-05-03 12:49:58 <paulo_> I want to learn python, too.
224 2012-05-03 12:50:34 <etotheipi_> well I definitely approve of learning python :)
225 2012-05-03 12:51:29 <paulo_> but I get socket errors on pywallet
226 2012-05-03 13:05:40 <gmaxwell> etotheipi_: Pi is seriously overkill hardware for keystorage/signer.
227 2012-05-03 13:06:02 <etotheipi_> gmaxwell: and a laptop with 512 MB of RAM isn't?
228 2012-05-03 13:06:56 <etotheipi_> gmaxwell: well okay... if I'm going to start out with the intention to make a new device... I could try something more lightweight... I just don't have any experience with creating such devices
229 2012-05-03 13:07:20 <etotheipi_> the laptop thing makes sense because people have those laying around anyway...
230 2012-05-03 13:07:20 <gmaxwell> amazing. The look of disapproval works over IRC without me typing anything!
231 2012-05-03 13:07:37 <gmaxwell> etotheipi_: right, and because if you get bored of bitcoin they can be repurposed.
232 2012-05-03 13:07:54 <etotheipi_> but that argument applies to Pis, too
233 2012-05-03 13:23:09 <etotheipi_> I really just want an excuse to buy a 3D printer
234 2012-05-03 13:23:21 <etotheipi_> it looks like a super-fun hobby
235 2012-05-03 13:24:21 <hazek> could anyone tell me if I'm right thinking that the "mathematical proof" (valid digital signature, valid hashing result) in Bitcoin is always different?
236 2012-05-03 13:24:43 <Joric> yep theres nonce
237 2012-05-03 13:25:04 <hazek> so even if I'm singing a transaction with the same bitcoins
238 2012-05-03 13:25:10 <Joric> yeah every time you sign the transaction it changes
239 2012-05-03 13:25:23 <Joric> eg http://brainwallet.org#transactions
240 2012-05-03 13:25:29 <hazek> right, this makes it impossible for anyone to figure out the private key right?
241 2012-05-03 13:25:38 <etotheipi_> it's actually a security snafu if you use the same random number for two different sigs
242 2012-05-03 13:25:50 <hazek> snafu?
243 2012-05-03 13:26:12 <etotheipi_> slang for "seriously bad news"
244 2012-05-03 13:26:21 <etotheipi_> (Situation Normal, All Fucked Up)
245 2012-05-03 13:26:30 <hazek> :P
246 2012-05-03 13:26:52 <hazek> I'm writing the script for my upcoming bitcoin learning curve video
247 2012-05-03 13:26:55 <hazek> and i wanted to make sure
248 2012-05-03 13:27:27 <hazek> of course I'm not going into detail but still I didn't want to say something that wasn't true
249 2012-05-03 13:27:41 <etotheipi_> so ECDSA signatures require a random number which means signing the same data twice results in different sigs
250 2012-05-03 13:27:52 <etotheipi_> other sig algorithms like RSA do not do that
251 2012-05-03 13:27:54 <hazek> right
252 2012-05-03 13:27:55 <etotheipi_> they will look the same every time
253 2012-05-03 13:28:13 <hazek> you mean they will be valid both times
254 2012-05-03 13:28:16 <hazek> but look different
255 2012-05-03 13:28:46 <hazek> ie unique
256 2012-05-03 13:28:47 <etotheipi_> if I sign msg A twice with ECDSA:  I will get two signatures that look completely different, but they're both valid
257 2012-05-03 13:29:03 <etotheipi_> the math with the sig+msg+pubkey works out
258 2012-05-03 13:29:17 <hazek> right
259 2012-05-03 13:29:18 <etotheipi_> if I do the same thing with RSA, the signatures are going to be identical
260 2012-05-03 13:29:34 <hazek> and this is what ensures eventhough bitcoins reside in the digital world one cannot copy them
261 2012-05-03 13:29:50 <etotheipi_> that's not what gives it security
262 2012-05-03 13:29:55 <hazek> no no
263 2012-05-03 13:29:58 <hazek> I understand
264 2012-05-03 13:30:02 <hazek> believe me
265 2012-05-03 13:30:12 <hazek> it's just the language i'm going to use to explain it
266 2012-05-03 13:30:41 <hazek> anyway ty for your help
267 2012-05-03 13:30:42 <etotheipi_> right... only the owner of an address can provide the signature needed to spend it
268 2012-05-03 13:30:54 <hazek> yep
269 2012-05-03 13:30:58 <hazek> ty buddy
270 2012-05-03 13:30:59 <paulo_> what makes ECDSA non-deterministic?
271 2012-05-03 13:31:47 <hazek> [17:27] <etotheipi_> so ECDSA signatures require a random number which means signing the same data twice results in different sigs
272 2012-05-03 13:32:01 <hazek> that's what paulo_
273 2012-05-03 13:32:13 <paulo_> what if we use the same number?
274 2012-05-03 13:32:16 <ciscoftw> anybody using the 'bitcoin-dissector' for wireshark?
275 2012-05-03 13:32:28 <hazek> then it wouldn't be a random number
276 2012-05-03 13:32:37 <etotheipi_> if you believe wiki... using the same random number twice is what allowed hackers to break PS3 encryption
277 2012-05-03 13:32:59 <hazek> oh if random generator gave the same number twice you mean
278 2012-05-03 13:33:02 <etotheipi_> the private key pretty much just falls out of the equation if you sign two different messages with the same private key and same random number
279 2012-05-03 13:33:13 <ciscoftw> ps3 didnt use a random number, it was like 7
280 2012-05-03 13:33:20 <etotheipi_> haha
281 2012-05-03 13:33:25 <hazek> lol those fools
282 2012-05-03 13:34:11 <etotheipi_> luckily, the random number is 32-bytes, and random number generators are good enough that the sun will burn out long before anyone accidentally uses the same number twice
283 2012-05-03 13:34:36 <ciscoftw> ..it was '4' regarding the ps3
284 2012-05-03 13:34:43 <etotheipi_> ciscoftw: seriously?
285 2012-05-03 13:34:50 <ciscoftw> http://www.engadget.com/2010/12/29/hackers-obtain-ps3-private-cryptography-key-due-to-epic-programm/
286 2012-05-03 13:35:37 <paulo_> i wonder what the hacker's reactions were. lol
287 2012-05-03 13:35:56 <etotheipi_> oh, that codebyte is one of the posts on XKCD
288 2012-05-03 13:36:30 <ciscoftw> int getRandomNumber() return '4' ...so gd fail
289 2012-05-03 13:36:56 <paulo_> so it's the non-deterministc nature of ECDSA that allows us to differentiate transactions that are exactly the same.
290 2012-05-03 13:37:20 <ciscoftw> any of you guys using the wireshark dissector? 'bitcoin-dissector'
291 2012-05-03 13:37:20 <paulo_> (e.g. same inputs, outputs, and amounts)
292 2012-05-03 13:37:33 <copumpkin> paulo_: surprise and excitement :)
293 2012-05-03 13:37:34 <etotheipi_> paulo_: if you sign the same transaction twice... you will get two different sigs and thus two different tx hashes... but only one will be taken by the network and that becomes "the one"
294 2012-05-03 13:37:50 <copumpkin> paulo_: (I'm in that group)
295 2012-05-03 13:38:15 <paulo_> etotheipi_: but what if you really want the same-looking transactions out in the network?
296 2012-05-03 13:38:35 <sipa> etotheipi_: what do you call wallet id?
297 2012-05-03 13:39:19 <etotheipi_> sipa: currently in Armory, every wallet has wallet id:  it is netbyte+hash160[:5]
298 2012-05-03 13:39:27 <etotheipi_> of the first address after the root
299 2012-05-03 13:39:45 <etotheipi_> in base58
300 2012-05-03 13:39:55 <etotheipi_> so when I see a wallet ID, I know immediately if it's for the same network
301 2012-05-03 13:40:14 <etotheipi_> and if I change the determinsm algorithm, the same root key is going to to produce a different ID
302 2012-05-03 13:40:51 <sipa> hmm, i'd just use the key fingerprint?
303 2012-05-03 13:41:05 <sipa> of the chain or the wallet
304 2012-05-03 13:41:27 <etotheipi_> sipa: I'm pointing out that the key fingerprint doesn't help you identify whether the chain is for the same network
305 2012-05-03 13:42:00 <sipa> ok, add a network byte, and maybe a depth byte
306 2012-05-03 13:42:11 <etotheipi_> well I"m just pointing it out for reference
307 2012-05-03 13:42:33 <etotheipi_> it looks like you already ahve the network byte in the "serialized" form
308 2012-05-03 13:42:58 <etotheipi_> I'm just trying to figure out, right now, how to identify "wallets" in the client
309 2012-05-03 13:43:12 <sipa> right, but the serialized form is way too long to function as an id
310 2012-05-03 13:43:41 <sipa> i'd say betwork byte, depth byte, chain key fingerprint
311 2012-05-03 13:44:20 <sipa> maybe we could combine network and depth byte somehow, and limit depth to 63
312 2012-05-03 13:44:31 <etotheipi_> heh
313 2012-05-03 13:44:45 <etotheipi_> ambitious!
314 2012-05-03 13:45:12 <sipa> so you can distinguish what depth a node is from directly
315 2012-05-03 13:45:15 <etotheipi_> right now I use 6-bytes-converted-to-base58 and the IDs are about 8-9 chars long
316 2012-05-03 13:45:19 <Diapolo> sipa: would it be okay to name the first client generated default address "default address"? I think it should have a label.
317 2012-05-03 13:45:50 <sipa> Diapolo: i don't think there needs to be anything called a default address
318 2012-05-03 13:46:29 <sipa> just generate a key when you need one, and give it a name if you like to
319 2012-05-03 13:46:54 <Diapolo> sipa: was just another random thought :)
320 2012-05-03 13:47:11 <sipa> Diapolo: i like your devotion :)
321 2012-05-03 13:48:37 <Diapolo> sipa: And I like the dev team and contributing what my coding-skills allow.
322 2012-05-03 13:51:12 <sipa> etotheipi_: also, i actually hate base58, but adding yet another form of encoding is probably worse
323 2012-05-03 13:52:59 <sipa> etotheipi_: if i had to design it from scratch now, i'd use base32 and a 30-bit CRC
324 2012-05-03 13:53:00 <etotheipi_> sipa: what do yo uhate about it?  besides that lcm(64,58) is annoyingly large
325 2012-05-03 13:53:37 <sipa> and start with 5 bit data class and 5 bit version
326 2012-05-03 13:54:14 <etotheipi_> I don't totally follow
327 2012-05-03 13:54:37 <etotheipi_> so your encoded strings would be longer because you'd use base32 instead of 58
328 2012-05-03 13:54:45 <etotheipi_> but you'd shorten the checksums?
329 2012-05-03 13:55:14 <sipa> the checksum right now doesn't provide any guarantee
330 2012-05-03 13:55:51 <sipa> it's unlikely of course, but you could get a valid address by just changing a few bita
331 2012-05-03 13:55:54 <sipa> bits
332 2012-05-03 13:56:30 <sipa> if the checksum needs to have any value, use a checksum that works at the level of the encoding, and not at the data below
333 2012-05-03 13:56:44 <sipa> sorry, s/value/guarantee/
334 2012-05-03 13:58:43 <sipa> (30 bits is a multiple of 5 bits, so it'd just be the last 6 characters that become the checksum)
335 2012-05-03 13:59:14 <sipa> but i'm ranting - it's a very minor weakness right now
336 2012-05-03 14:01:04 <gmaxwell> It's really sad in fact.. with the same amount of overhead we could have something like catching every error that changes less than 6 characters.
337 2012-05-03 14:01:54 <sipa> gmaxwell: exactly
338 2012-05-03 14:01:57 <etotheipi_> well if you are really concerned, you would use reed-solomon
339 2012-05-03 14:02:07 <sipa> no need for an error-correcting code
340 2012-05-03 14:02:08 <etotheipi_> I have foregone that because I don't want to obfuscate the data
341 2012-05-03 14:02:15 <Diapolo> Bitcoin 2.0 can have all this, we just need to allow sending old coins :-P.
342 2012-05-03 14:02:17 <sipa> you just need to be able to detect errors
343 2012-05-03 14:02:18 <etotheipi_> well, why not?
344 2012-05-03 14:02:22 <gmaxwell> You don't have to obfuscate the data for an RS code.
345 2012-05-03 14:02:40 <gmaxwell> etotheipi_: you can arrange it so that the N original points end up unchanged.
346 2012-05-03 14:02:42 <sipa> it's just adding some symbols at the end to make the equations valid
347 2012-05-03 14:03:04 <etotheipi_> no way... I thought you had to re-encode all the points
348 2012-05-03 14:03:13 <etotheipi_> err... you know what I mean
349 2012-05-03 14:03:21 <sipa> not if you work in GF(2^256) for example
350 2012-05-03 14:03:30 <etotheipi_> I guess that's what I get for not looking closely enough at it
351 2012-05-03 14:03:30 <sipa> than you can just use the original bytes as symbols
352 2012-05-03 14:03:35 <gmaxwell> Nope, you can arrange it so you don't. So long as your field is GF2^N.
353 2012-05-03 14:04:03 <gmaxwell> (e.g. the RS code used for raid-6 in the linux kernel does this)
354 2012-05-03 14:04:06 <etotheipi_> then why not use it?  I thought it can detect N errors, or correct N/2 errors (where N is the number of bytes)
355 2012-05-03 14:04:36 <sipa> etotheipi_: with mining hamming distance 2N+M+1 you can correct N errors, detect M errors
356 2012-05-03 14:04:49 <sipa> minimum
357 2012-05-03 14:05:04 <sipa> bitcoin is beginning to affect my typing skills
358 2012-05-03 14:06:54 <sipa> gmaxwell: with a CRC30 you'd be able to detect any error burst not more than 29 bits long, or any odd number of bit flips
359 2012-05-03 14:07:49 <sipa> a CRC for Z_58 might be trickier
360 2012-05-03 14:09:30 <gmaxwell> I think the actual model of failures is more like complete distruction of whole printed symbols. E.g. you'll never have bursts that begin half way in one character and span half way to the next except via pure chance.
361 2012-05-03 14:10:36 <gmaxwell> So an RS code over the space of the symbols gives you N syndrom characters = all errors involving upto that detected, which is also optimal.
362 2012-05-03 14:11:15 <Diapolo> current max block-file size is 2000MB correct?
363 2012-05-03 14:11:36 <etotheipi_> Diapolo I think its 0x7fffffff bytes
364 2012-05-03 14:12:01 <Diapolo> I subtracted MAX_SIZE I guess
365 2012-05-03 14:12:06 <sipa> it's 0x7F000000 bytes
366 2012-05-03 14:12:16 <etotheipi_> ooh, good to know
367 2012-05-03 14:12:19 <sipa> for some odd reason
368 2012-05-03 14:13:23 <etotheipi_> so that's 2032 MB
369 2012-05-03 14:13:40 <etotheipi_> exactly
370 2012-05-03 14:13:53 <Diapolo> right
371 2012-05-03 14:14:29 <gmaxwell> MiB!
372 2012-05-03 14:14:32 <sipa> 2130706432 bytes, 2080768 KiB, or 2032 MiB
373 2012-05-03 14:14:53 <Diapolo> I hate that MiB thing somehow ^^
374 2012-05-03 14:14:57 <etotheipi_> is MiB "million bytes"?
375 2012-05-03 14:15:06 <sipa> Mi = 2^20
376 2012-05-03 14:15:11 <sipa> M = 10^6
377 2012-05-03 14:15:15 <etotheipi_> oh, wtf
378 2012-05-03 14:15:18 <Diapolo> when I say 2032MB I meant 0x7F000000 / 1024 / 1024
379 2012-05-03 14:15:25 <etotheipi_> right, me too
380 2012-05-03 14:15:36 <sipa> no need to overload SI prefixes
381 2012-05-03 14:15:40 <etotheipi_> haha
382 2012-05-03 14:15:46 <luke-jr> gmaxwell: noooo
383 2012-05-03 14:15:55 <luke-jr> SI ftl
384 2012-05-03 14:16:29 <luke-jr> MB = 1024 KB
385 2012-05-03 14:16:33 <etotheipi_> http://xkcd.com/394/
386 2012-05-03 14:16:34 <sipa> KB doesn't exist
387 2012-05-03 14:16:39 <luke-jr> sipa: does so