1 2012-09-14 00:01:28 <gmaxwell> MC-Eeepc: we've discussed that in here before, I have the impression that it was varriously opposed, but I don't recall specifics so I could be imagining that.
  2 2012-09-14 00:01:39 <gmaxwell> The obvious problem is what midnightmagic says...
  3 2012-09-14 00:02:20 <MC-Eeepc> i suspect the people who will have thier ass saved by an auto backup wont have much concept of wallet.dat anyway
  4 2012-09-14 00:02:25 <MC-Eeepc> or even know where it is
  5 2012-09-14 00:03:27 <gmaxwell> MC-Eeepc: sure, but... it's not useful unless default, and a default feature impacts more people than the one it saves.
  6 2012-09-14 00:03:36 <gmaxwell> But stop.. I don't want to argue with you. I think we should do that too.
  7 2012-09-14 00:03:51 <MC-Eeepc> oh, cool
  8 2012-09-14 00:04:35 <MC-Eeepc> perhaps an elective screen on first run
  9 2012-09-14 00:04:40 <gmaxwell> Backup every 90 address generations. or one a week, whichever is more often. number them and keep 10 or something.  Encryption needs to be taught to delete the backups.
 10 2012-09-14 00:05:02 <gmaxwell> nah, protective things need to be default really, if we can't make it sufficiently safe we shouldn't offer it, and if it is it should be default.
 11 2012-09-14 00:05:04 <denisx> fuck, where is the wallet.dat on a mac?
 12 2012-09-14 00:05:19 <copumpkin> ~/Library/Application Support/Bitcoin
 13 2012-09-14 00:05:55 <gmaxwell> Generally it's bad design to ask the user anything we don't absolutely have to.  Asking them basically just has the advantage of letting us blame the victim down the road when they get screwed after picking the 'wrong' option.
 14 2012-09-14 00:06:18 <copumpkin> gmaxwell++
 15 2012-09-14 00:07:30 <gmaxwell> (also, telling them that we're 'backing it up' may discourage real backups and then a hdd crash kills them, I'd rather it be a pleasent surprise after corruption.)
 16 2012-09-14 00:08:06 <MC-Eeepc> something to remind a user to export to external sotrage or something?
 17 2012-09-14 00:08:29 <MC-Eeepc> every 90 keygens or whatever
 18 2012-09-14 00:08:39 <gmaxwell> MC-Eeepc: yea, thats been more recently suggested... the only issue with that is we can't tell if a backup was done manually, so it could be annoying.
 19 2012-09-14 00:08:58 <gmaxwell> "fuck you, it's already backed up"
 20 2012-09-14 00:09:06 <denisx> then backup and don't tell
 21 2012-09-14 00:09:07 <MC-Eeepc> i thought manual backups were a bit dangerous anyway
 22 2012-09-14 00:09:18 <gmaxwell> denisx: you can't do external backups without telling.
 23 2012-09-14 00:09:27 <denisx> gmaxwell: not external
 24 2012-09-14 00:09:28 <gmaxwell> MC-Eeepc: you just need to shut down cleanly first, then they're fine.
 25 2012-09-14 00:09:44 <gmaxwell> denisx: yes sure we were just talking about that. I agree. but the user still needs external backups.
 26 2012-09-14 00:09:50 <MC-Eeepc> yeah i didnt know that the first few times
 27 2012-09-14 00:10:16 <MC-Eeepc> i was unaware wallet.dat was a database, or that databases are mounted and unmounted
 28 2012-09-14 00:10:18 <gmaxwell> Ultimately the switch to determinstic wallets will greatly reduce the concern here.
 29 2012-09-14 00:10:45 <denisx> yeah, like apple is offering to save the pw for the WDE. but I don't use that either
 30 2012-09-14 00:11:53 <MC-Eeepc> could the client have an option to automatically crypt up the wallet good and FTP it somewhere safe
 31 2012-09-14 00:12:14 <MC-Eeepc> market for wallet assurance providers or somethng?
 32 2012-09-14 00:16:32 <gmaxwell> possibly. Once we have determinstic wallets the user should only really need one backup ever. And it should be small enough to print too.
 33 2012-09-14 00:18:15 <MC-Eeepc> oh you are do HD wallets cool
 34 2012-09-14 00:19:06 <gmaxwell> MC-Eeepc: yea, why do you think sipa wrote the BIP?
 35 2012-09-14 00:19:24 <jrmithdobbs> gmaxwell: hey, you want another 5 pages of how merkle trees work? ;p
 36 2012-09-14 00:19:50 <gmaxwell> jrmithdobbs: you could explain pointers in C to me perhaps?
 37 2012-09-14 00:19:56 <MC-Eeepc> havent looked at the bips in a while
 38 2012-09-14 00:20:15 <jrmithdobbs> gmaxwell: haha, did I miss another hilarious thread?
 39 2012-09-14 00:20:21 <MC-Eeepc> looked at the bittorrent ones though, DHT is still draft lol
 40 2012-09-14 00:42:43 <stamit> why is that guy still talking here?
 41 2012-09-14 00:43:40 <copumpkin> which guy?
 42 2012-09-14 03:29:17 <btcguy> hey, my bitcoin client has stopped downloading blocks. i'm waiting for a transaction, but it has been stuck at 93.35% for 20 minutes
 43 2012-09-14 03:33:37 <sturles> Try restarting it.
 44 2012-09-14 03:34:30 <sturles> I've seen this as well.  It wakes up again eventually, but it can take a very long time.
 45 2012-09-14 03:36:20 <btcguy> i restarted it, but now the progress bar isn't showing up. I noticed that i didn't have a transaction that was sent this morning, noticed the blocks stopped so i read up on it. deleted the blocks, and let it redownload. stuck right around the same spot
 46 2012-09-14 03:37:07 <btcguy> I'll have to try restarting my computer
 47 2012-09-14 03:39:33 <weex_> btcguy: was it downloading before that 20 minutes?
 48 2012-09-14 03:39:59 <btcguy> yeah, it downloaded all the way up to that point. and then just stopped at 85 days ago
 49 2012-09-14 03:40:02 <BitcoinBaltar> how many active connections do you have?
 50 2012-09-14 03:40:12 <btcguy> 12
 51 2012-09-14 03:40:17 <weex_> how's your disk space?
 52 2012-09-14 03:40:44 <btcguy> 85 gigs free
 53 2012-09-14 03:41:15 <BitcoinBaltar> which version of the software is it?
 54 2012-09-14 03:42:16 <btcguy> umm one second
 55 2012-09-14 03:42:25 <btcguy> 0.6.3
 56 2012-09-14 03:42:44 <btcguy> I haven't really had any problems with my bitwallet until recently
 57 2012-09-14 03:44:06 <weex_> you could check your debug.log
 58 2012-09-14 03:44:38 <BitcoinBaltar> you could try added some other nodes to your bitcoin.conf file, here is a site that lists the longest running nodes by country - http://nodes.bitcoin.st
 59 2012-09-14 03:45:10 <btcguy> thanks i'll try both
 60 2012-09-14 03:45:14 <weex_> weird it doesn't show anything later than 0.6.0
 61 2012-09-14 03:45:39 <BitcoinBaltar> I think that is the network version and not client version.
 62 2012-09-14 03:46:36 <weex_> ahh
 63 2012-09-14 03:47:41 <xisalty> >fsf
 64 2012-09-14 03:47:48 <xisalty> as in the free software foundation ?
 65 2012-09-14 03:47:50 <btcguy> de-bug doesnt say much about it
 66 2012-09-14 03:48:20 <weex> who me?
 67 2012-09-14 03:48:44 <weex> 
ACTION is a member

 68 2012-09-14 03:49:02 <xisalty> Yes
 69 2012-09-14 03:49:09 <xisalty> bretty good xD
 70 2012-09-14 03:49:25 <weex> yeah i believe to some extent in user freedom
 71 2012-09-14 03:49:40 <xisalty> Nice
 72 2012-09-14 03:50:38 <btcguy> nevermind, i closed my bitcoin wallet and it showed up.
 73 2012-09-14 03:53:44 <btcguy> oh, i restarted it again and it finally started up again thanks for trying to help guys
 74 2012-09-14 03:55:34 <weex> i aim to try
 75 2012-09-14 05:03:44 <prietus> hi, i have troubles using diablominer, complaints about C  [libc.so.6+0x1174ff]  __nss_hosts_lookup+0x78bf , here is http://paste.debian.net/189772/
 76 2012-09-14 05:04:25 <Diablo-D3> erp nvidia
 77 2012-09-14 05:04:31 <prietus> yes Diablo-D3
 78 2012-09-14 05:04:36 <Diablo-D3> you're on the newest driver, right?
 79 2012-09-14 05:05:12 <Diablo-D3> DM should be working fine for you, even if you are on nvidia
 80 2012-09-14 05:05:13 <prietus> mmm, i think so
 81 2012-09-14 05:05:18 <Diablo-D3> btw, nvidia mining is seriously not worth it
 82 2012-09-14 05:05:32 <Diablo-D3> but theres no reason why DM shouldnt work
 83 2012-09-14 05:06:09 <prietus> im on linux x64 debian wheezy
 84 2012-09-14 05:06:30 <Diablo-D3> weird, I use sid, but Im on a radeon
 85 2012-09-14 05:07:10 <Diablo-D3> hrm
 86 2012-09-14 05:07:18 <Diablo-D3> that traceback makes zero sense
 87 2012-09-14 05:07:23 <Diablo-D3> its crashing in nss
 88 2012-09-14 05:07:33 <prietus> yes
 89 2012-09-14 05:07:34 <Diablo-D3> thats the dns stuff inside libc
 90 2012-09-14 05:07:47 <Diablo-D3> I dont think its a driver bug at all now that I think of it
 91 2012-09-14 05:08:00 <prietus> agreed
 92 2012-09-14 05:09:10 <Diablo-D3> bring it up with the debian java team
 93 2012-09-14 05:09:24 <Diablo-D3> because either they screwed up, or the glibc team screwed up something that java is hitting
 94 2012-09-14 05:09:46 <prietus> with java sun i have the same error
 95 2012-09-14 05:09:56 <prietus> exactly the same error
 96 2012-09-14 05:10:05 <Diablo-D3> hrm, not the java team then
 97 2012-09-14 05:10:09 <Diablo-D3> and I really doubt its glibc
 98 2012-09-14 05:10:34 <Diablo-D3> you can always try upgrading to sid
 99 2012-09-14 05:10:47 <Diablo-D3> thats fixed quite a few random bugs that didnt make sense for some debian users
100 2012-09-14 05:10:47 <prietus> yes im thinking about
101 2012-09-14 05:11:32 <prietus> do you use debian opencl? Diablo-D3
102 2012-09-14 05:11:44 <prietus> i mean debian packages
103 2012-09-14 05:11:50 <Diablo-D3> yes
104 2012-09-14 05:11:54 <Diablo-D3> debian packages fglrx as well
105 2012-09-14 05:12:09 <Diablo-D3> on both amd and nvidia, NEVER use their installer
106 2012-09-14 05:12:13 <Diablo-D3> always use debian's own debs
107 2012-09-14 05:12:27 <prietus> as i do
108 2012-09-14 05:12:40 <prietus> im going to sid
109 2012-09-14 05:12:50 <Diablo-D3> good luck because I'm going to bed =P
110 2012-09-14 05:13:00 <prietus> lol thanks a lot
111 2012-09-14 05:13:04 <Diablo-D3> if going to sid doesnt fix it, bring it up on the DM thread in the forum
112 2012-09-14 05:13:19 <prietus> sure thanks again
113 2012-09-14 05:14:25 <prietus> bye
114 2012-09-14 06:20:32 <prietus> hey Diablo-D3 update to sid and mining is ok
115 2012-09-14 06:20:48 <prietus> *updated
116 2012-09-14 07:02:20 <prietus> ERROR: Invalid solution 539 from GeForce GT 520M (#1), possible driver or hardware issue, may be because of high temperature?
117 2012-09-14 07:13:13 <c_k> prietus: #bitcoin-mining
118 2012-09-14 07:13:36 <andyrossy> solve
119 2012-09-14 07:13:53 <prietus> ok c_k
120 2012-09-14 07:38:35 <sipa> 
ACTION -> conference

121 2012-09-14 10:16:42 <Milkman> hey
122 2012-09-14 10:16:52 <Milkman> is there anyway i can make bitcoins to buy drugs on the internet?
123 2012-09-14 10:17:15 <edcba> you can make bitcoins
124 2012-09-14 10:17:25 <Milkman> lol
125 2012-09-14 10:17:27 <edcba> now the buying drugs...
126 2012-09-14 10:17:34 <edcba> maybe
127 2012-09-14 10:17:34 <Milkman> how do you make bitcoins?
128 2012-09-14 10:17:43 <edcba> you download bitcoin client
129 2012-09-14 10:17:48 <edcba> and that's all
130 2012-09-14 10:17:52 <edcba> then you wait
131 2012-09-14 10:17:53 <Milkman> is there anyway to dupe bitcoins?
132 2012-09-14 10:17:56 <edcba> waaaait
133 2012-09-14 10:18:13 <edcba> Milkman: being very very very very very lucky
134 2012-09-14 10:18:23 <JFK911> cloning bitcoins is not something you will ever learn for free
135 2012-09-14 10:18:28 <edcba> if we could nobody would use it :)
136 2012-09-14 10:19:02 <jeremias> just copy & paste the bitcoins and you got more of them
137 2012-09-14 10:19:05 <jeremias> easy as cake
138 2012-09-14 10:19:09 <edcba> haha
139 2012-09-14 10:19:14 <edcba> nice
140 2012-09-14 10:19:17 <JFK911> i can help you, but chances are you have no money at all because you can't buy your own bitcoins
141 2012-09-14 10:20:44 <edcba> Milkman: realistic way to get bitcoins anonymously is to use your graphic card to generate them with help of a pool
142 2012-09-14 10:20:59 <edcba> or if you are really paranoid without pool
143 2012-09-14 10:21:23 <edcba> but without pool you'll have to wait like months to get something like $500
144 2012-09-14 10:22:17 <edcba> months with your computer graphic card runnig at full speed...
145 2012-09-14 10:22:57 <edcba> so maybe you can grow some canabis with heat generated too
146 2012-09-14 10:25:14 <gmaxwell> This doesn't sound like a conversation for bitcoin-dev, or freenode in general.
147 2012-09-14 10:26:43 <edcba> yeah goto #bitcoin
148 2012-09-14 13:40:22 <Tril_> is my 0.7.0rc3 supposed to say version v0.6.1-...?
149 2012-09-14 13:41:15 <gmaxwell> Tril_: did you build it yourself?
150 2012-09-14 13:41:16 <lianj> ?
151 2012-09-14 13:41:23 <Tril_> gmaxwell: yes
152 2012-09-14 13:41:36 <gmaxwell> Tril_: it does that if you build from git and haven't managed to pull the updated tags.
153 2012-09-14 13:41:42 <gmaxwell> see if git pull --tags   does anything
154 2012-09-14 13:45:25 <epscy> if you converted a bitcoin private key to a number, how many digits would that number be?
155 2012-09-14 13:45:43 <sipa> in decimal?
156 2012-09-14 13:45:48 <epscy> yeah
157 2012-09-14 13:46:06 <sipa> 77 or 78
158 2012-09-14 13:46:21 <sipa> not more than 78
159 2012-09-14 13:46:28 <epscy> thanks
160 2012-09-14 13:46:45 <epscy> i assume a bitcoin address would be less
161 2012-09-14 13:47:03 <lianj> sipa: but it can be for example the number 23?
162 2012-09-14 13:47:10 <Tril_> gmaxwell: pull --tags worked, thanks
163 2012-09-14 13:51:35 <sipa> lianj: yes, that is a valid secret
164 2012-09-14 13:56:17 <sipa> every number between 1 and 2^256-2^128+something
165 2012-09-14 13:57:09 <Tril_> make clean doesn't remove bitcoin-qt, is this desired?
166 2012-09-14 13:57:37 <sipa> Tril_: never noticed, strange indeed
167 2012-09-14 14:26:10 <gavinandresen> speaking of tags... rc3 looks sane, has a few dozen downloads, should we tag/build 0.7.0 final today or Monday ?
168 2012-09-14 14:27:28 <MC-Eeepc> whats the git page gavinandresen ?
169 2012-09-14 14:27:42 <gavinandresen> git page ???
170 2012-09-14 14:27:52 <MC-Eeepc> the url
171 2012-09-14 14:27:57 <gavinandresen> url for what ?
172 2012-09-14 14:28:11 <MC-Eeepc> the github page for the project
173 2012-09-14 14:28:28 <gavinandresen> github.com/bitcoin/bitcoin
174 2012-09-14 14:28:44 <MC-Eeepc> thank you
175 2012-09-14 14:32:18 <MC-Eeepc> shit i cant see anything about a changelog here
176 2012-09-14 14:33:49 <gavinandresen> MC-Eeepc: poke the Commits tab
177 2012-09-14 14:35:00 <MC-Eeepc> oh thats cool
178 2012-09-14 14:35:10 <MC-Eeepc> can you view by version number
179 2012-09-14 14:35:17 <MC-Eeepc> ie between 7rc2 an rc3
180 2012-09-14 14:36:30 <gavinandresen> MC-Eeepc: yes:  see https://github.com/blog/612-introducing-github-compare-view
181 2012-09-14 14:36:40 <gavinandresen> MC-Eeepc:  e.g.    https://github.com/bitcoin/bitcoin/compare/v0.7.0rc2...v0.7.0rc3
182 2012-09-14 14:38:49 <MC-Eeepc> ok
183 2012-09-14 14:43:35 <michaelmclees> quick question, i have a client running on my machine
184 2012-09-14 14:43:48 <michaelmclees> on the same network, i have a new client that is downloading the blockchain
185 2012-09-14 14:44:07 <michaelmclees> i have done an addnode to the old computer
186 2012-09-14 14:44:20 <michaelmclees> and they are talking to each other
187 2012-09-14 14:44:30 <michaelmclees> but the blockchain download is still awfully slow
188 2012-09-14 14:44:39 <michaelmclees> on the same router, i would think it would be blazing fast
189 2012-09-14 14:44:43 <michaelmclees> what's the deal?
190 2012-09-14 14:50:02 <MC-Eeepc> its limited by i/o and cpu
191 2012-09-14 14:51:37 <wumpus> gavinandresen: I'd say tag it monday, so we still have the weekend to see if issues show up
192 2012-09-14 14:51:40 <michaelmclees> would a slow computer limit it to 500 bytes ps?
193 2012-09-14 14:52:19 <wumpus> yes, the validation is pretty expensive
194 2012-09-14 14:52:33 <gavinandresen> wumpus: ACK, Monday it is.
195 2012-09-14 14:52:53 <michaelmclees> thank you guys, always very helpful and fast, guess i'll just continue to wait
196 2012-09-14 14:54:01 <Eliel> michaelmclees: in your case, it'd most likely make more sense to copy the already synced database over.
197 2012-09-14 14:54:21 <michaelmclees> i tried that without success
198 2012-09-14 14:54:36 <michaelmclees> would it matter if im copying from windows and pasting to linux?
199 2012-09-14 14:54:54 <Eliel> you need to run the synced node with -detachdb parameter once and shut it down properly before it'll work
200 2012-09-14 14:55:30 <Eliel> otherwise it'll leave the database in a "broken" state that won't work copied to another system.
201 2012-09-14 14:55:40 <michaelmclees> ahh, well that explains it
202 2012-09-14 14:57:34 <michaelmclees> im almost at the end of blk001, should i wait until it naturally starts 002 and then copy and paste that?
203 2012-09-14 14:57:51 <michaelmclees> along with blkindex
204 2012-09-14 14:58:01 <Eliel> I don't understand your question.
205 2012-09-14 14:58:27 <michaelmclees> well, on the new machine, my blk0001 file is at 1.9 gb
206 2012-09-14 14:58:39 <Eliel> just run the synced node with -detachdb parameter, then gracefully shut it down, wait until it's fully shut down.
207 2012-09-14 14:58:58 <Eliel> then copy blk* over to the other system's bitcoin's data folder.
208 2012-09-14 14:59:06 <Eliel> replacing any blk* files in there.
209 2012-09-14 14:59:27 <michaelmclees> can i run it with that parameter by checking the box in the client
210 2012-09-14 14:59:59 <Eliel> if that's found in the options, I guess so.
211 2012-09-14 15:00:47 <Eliel> as long as you're running the same version on both, it should work.
212 2012-09-14 15:01:52 <michaelmclees> both 6.3, one windows, other linux, will that conflict?
213 2012-09-14 15:07:16 <Tril_> possbile bug - Win7, Bitcoin-qt 0.7.0rc3, I'm running -onlynet=ipv6 and went to console and typed "peerinfo", I got "Method not found (code -32601)"
214 2012-09-14 15:08:26 <Tril_> I also have v6 port 8333 open and can connect remotely but have only 8 peers (after about 10 minutes - maybe ok)
215 2012-09-14 15:09:35 <Tril_> nevermind the former, it's getpeerinfo, duh
216 2012-09-14 16:30:19 <Mysticsam> Hi everyone I have found a bug in 0.6.3
217 2012-09-14 16:35:38 <Mysticsam> I had my client offline for a couple of days. I was getting bitcoin just before i was starting the client. When i was startingthe client it started to download blocks. It did also get the bitcoin tranfer from judt minutes before the client was started . The thing is that it comfired that tranfer with block that was older then the transfer itself.
218 2012-09-14 16:36:50 <Mysticsam> so the tranfer the was just 2-4 minutes old got 50 cinfirmes
219 2012-09-14 16:45:29 <JFK911> you have to rescan the blockchain now
220 2012-09-14 16:51:39 <daedeloth> hi there
221 2012-09-14 16:51:48 <daedeloth> I'm working on a very simple API to accept bitcoins in my game
222 2012-09-14 16:51:52 <daedeloth> (docs at http://bitcoin.catlab.eu/)
223 2012-09-14 16:52:13 <daedeloth> Main goal is to use it myself, but if others want to use it, I want that to be possible as well
224 2012-09-14 16:52:34 <daedeloth> So, as for implementation I was thinking the following
225 2012-09-14 16:52:43 <daedeloth> and I would like to hear your feedback/thoughts
226 2012-09-14 16:53:20 <daedeloth> when a CLIENT (= an API user) registers, I create an account for him
227 2012-09-14 16:53:20 <t7> 
ACTION is reading it

228 2012-09-14 16:53:58 <t7> "...our server contacts your server." how
229 2012-09-14 16:54:19 <daedeloth> when a USER (end user) initiates a payment, CLIENT requests a new address. I give him an address from a rotating set of "income accounts"
230 2012-09-14 16:54:27 <daedeloth> t7: simple POST HTTP request
231 2012-09-14 16:54:42 <t7> ah so i just set up a url somewhere
232 2012-09-14 16:54:56 <daedeloth> so, when the bitcoins arrive in this incoming account, I MOVE the bitcoins to the address of CLIENT
233 2012-09-14 16:55:12 <daedeloth> and once a day, I send the complete content of the CLIENT account to the CLIENT "end address"
234 2012-09-14 16:55:25 <daedeloth> t7: yea provide it with the /v1/request call
235 2012-09-14 16:55:41 <t7> daedeloth: i think rather than sending a key your should require the requests to be signed
236 2012-09-14 16:55:51 <t7> someone could MITM and get the key
237 2012-09-14 16:56:43 <daedeloth> t7: yes, it's possible, but then they would also have to do a DNS hack on the CLIENT server in order to fake the response from the validate call
238 2012-09-14 16:57:05 <daedeloth> the validationcode in itself is useless
239 2012-09-14 16:58:05 <daedeloth> well, what I'm basically wondering about, creating this "many" accounts: is it bad?
240 2012-09-14 16:58:22 <t7> daedeloth: no, but pool them after they are finished
241 2012-09-14 16:58:33 <t7> that way you dont have a 100 megabit wallet
242 2012-09-14 16:58:38 <t7> or worse
243 2012-09-14 16:58:45 <daedeloth> yea, I can do that for the incoming accounts
244 2012-09-14 16:58:47 <t7> pool the addresses
245 2012-09-14 16:58:49 <daedeloth> but not for the client accounts
246 2012-09-14 16:58:56 <daedeloth> but then again, that won't be that many
247 2012-09-14 16:59:35 <daedeloth> actually I don't really need the client accounts
248 2012-09-14 17:26:47 <denisx> any news from the guy with the deleted wallet?
249 2012-09-14 17:43:28 <Joric> did anyone manage to write blockchain analyzer already? i.e. to determine the shortest path between two arbitrary addresses
250 2012-09-14 17:44:26 <Diablo-D3> no, but sounds easy with erlang
251 2012-09-14 17:45:05 <Joric> hehe erlang =) i'd rather suggest patching bitcoind
252 2012-09-14 17:45:40 <Joric> at least add indexing by addresses
253 2012-09-14 17:53:30 <eian> joric, I got disconnected before you asked something
254 2012-09-14 17:53:52 <eian> joric, were you asking about clustering of some sort?
255 2012-09-14 17:54:49 <Joric> eian, determining the shortest path between two arbitrary addresses
256 2012-09-14 17:55:48 <eian> I don't see an ultra reliable way to do that
257 2012-09-14 17:55:58 <eian> how would you determine if there is a path?
258 2012-09-14 17:56:15 <Joric> eian, consequent transactions
259 2012-09-14 17:56:50 <eian> do you mean subsequent?
260 2012-09-14 17:57:29 <Joric> well, or that
261 2012-09-14 17:58:19 <eian> I've tried clustering in every way I know how
262 2012-09-14 17:58:26 <eian> but yeah
263 2012-09-14 17:58:40 <eian> I've went through the entire block chain and clustered via inputs
264 2012-09-14 17:59:15 <eian> but gmaxwell made it aware that this is not entirely correct, since it is possible for inputs to come from multiple people
265 2012-09-14 18:00:09 <eian> although that is rare
266 2012-09-14 18:01:55 <gavinandresen> creating a trust-free peer-to-peer input mixing service would be a fun little project.
267 2012-09-14 18:03:05 <eian> gmaxwell was saying multiperson tx's would be more common in 0.7 - I didn't catch why
268 2012-09-14 18:03:16 <eian> I've been lazying abour reading the source :P
269 2012-09-14 18:03:18 <eian> about*
270 2012-09-14 18:03:27 <gmaxwell> Because they're easy to create by hand now.
271 2012-09-14 18:03:30 <gavinandresen> raw transactions API makes it a lot easier to create the transactions
272 2012-09-14 18:03:46 <eian> ah I see
273 2012-09-14 18:03:56 <gmaxwell> you don't need to dork with the source. I've got a howto written up, along with several others that I'll publish when 0.7 comes out.
274 2012-09-14 18:04:13 <eian> great :) Look forward to reading it
275 2012-09-14 18:04:28 <gavinandresen> so if somebody was to create a trust-free p2p mixing service... what would be the best decentralized place to publish "I've got an input I want to combine, who wants to join me" messages ?
276 2012-09-14 18:04:51 <Joric> i'm too lazy to finish the tx editor :) though i have a slightly better version in development
277 2012-09-14 18:04:52 <eian> irc?
278 2012-09-14 18:05:10 <gmaxwell> how to use raw txn for fully offline wallets, how to use it for joint party transactions, how to use it for N-way escrow transactions and redemption.
279 2012-09-14 18:05:18 <gavinandresen> irc would work, except contributing more irc traffic seems anti-social
280 2012-09-14 18:05:44 <gmaxwell> gavinandresen: so far IRC has worked for me. I've done a whole bunch of these transactions with varrous people. :P  But I assume you mean automatic.
281 2012-09-14 18:05:53 <gavinandresen> yes, I mean automatic
282 2012-09-14 18:06:10 <gmaxwell> If you want a service I suppose you'd run a private irc server as a hidden service.
283 2012-09-14 18:06:24 <gmaxwell> but thats not decenteralized.
284 2012-09-14 18:06:42 <gavinandresen> yeah, I'm wondering if there are decentralized, anonymous broadcast mechanisms.
285 2012-09-14 18:06:52 <gmaxwell> sure, the bittorrent DHT.
286 2012-09-14 18:07:40 <gavinandresen> I'll have to look deeper into how that works.  Could we use it for our bootstrapping ?
287 2012-09-14 18:07:41 <Joric> the only i know so far is http://blockchain.info/pushtx http://bitsend.rowit.co.uk went offline
288 2012-09-14 18:08:13 <gmaxwell> gavinandresen: then you just have a meta bootstrapping issue.
289 2012-09-14 18:08:16 <eian> jorc, that site is neat :)
290 2012-09-14 18:08:32 <gmaxwell> the only fully decenteralized bootstrapping mechnism I know of is scanning the internet. :P
291 2012-09-14 18:08:40 <gmaxwell> which doesn't work so hot for ipv6.
292 2012-09-14 18:08:46 <gavinandresen> gmaxwell: how does bittorrent's DHT bootstrap ?
293 2012-09-14 18:08:46 <Joric> eian, http://brainwallet.org/#tx uses it
294 2012-09-14 18:08:55 <gmaxwell> gavinandresen: hardcoded seednodes.
295 2012-09-14 18:09:05 <gmaxwell> IIRC, been a long time since I looked at it.
296 2012-09-14 18:09:49 <eian> gmaxwell, have time to look at a more recent report? it's 5 pages (with pretty pictures!)
297 2012-09-14 18:10:02 <gmaxwell> eian: I will tonight.
298 2012-09-14 18:10:07 <eian> ok, thanks
299 2012-09-14 18:10:33 <gmaxwell> gavinandresen: also, I think running a bittorrent DHT node might give us some of the same problems IRC gave us; misdetection by varrious bits of naughty behavior detection stuff.
300 2012-09-14 18:10:50 <gmaxwell> instead of "zomg botnet"  you'd get "zomg p2p file trading"
301 2012-09-14 18:11:03 <gavinandresen> gmaxwell: yeah....
302 2012-09-14 18:12:13 <eian> I tried running some code that connects to IRC on www.softlayer.com and the told me it was against their AUP (acceptable use policy)
303 2012-09-14 18:12:30 <eian> I believe it is a common restriction
304 2012-09-14 18:13:23 <Luke-Jr> gmaxwell: multicast!
305 2012-09-14 18:22:13 <gavinandresen> gmaxwell: I was thinking about Emergency Wallet Backup Recovery today... do you think we could come up with a scheme that is "safe enough" even if the user chooses a weak passphrase, if recovering the backed up wallet takes on the order of a day or two if you know the passphrase?
306 2012-09-14 18:23:23 <Luke-Jr> gavinandresen: wouldn't that just be encrypting with the result of 1 GH (or so) of SHA256 on the passphrase?
307 2012-09-14 18:24:17 <gavinandresen> Luke-Jr: hmm?  The scheme I was thinking of was encrypt with (passphrase + randomness).  Then throwing away the randomness, so to decrypt you have to brute-force.
308 2012-09-14 18:24:43 <Luke-Jr> I suppose that could work too
309 2012-09-14 18:25:02 <wizkid057> interesting...  a sanctioned brute force recovery setup
310 2012-09-14 18:25:03 <gavinandresen> ... and scaling the brute-force so it takes an average computer a day or two of 100% CPU time.
311 2012-09-14 18:25:05 <Luke-Jr> question is whether you want to depend on the entropy source or SHA256 being uncrackable
312 2012-09-14 18:26:38 <Luke-Jr> probably worth considering too: which one is harder for GPUs/FPGAs to bruteforce?
313 2012-09-14 18:26:40 <gavinandresen> That led me to start thinking about whether or not there is a way to tell the user "You chose a weak passphrase."
314 2012-09-14 18:27:13 <gavinandresen> (re: GPU/FPGAs :  could use scrypt with very high memory/cpu work factors for the "takes a day to brute force")
315 2012-09-14 18:27:41 <BlueMatt> yuck, can we stick with hd?
316 2012-09-14 18:27:50 <gmaxwell> gavinandresen: other than too short to possibly be non-weak it's hard to do fair weakness checking. Because the checking itself reduces entropy.
317 2012-09-14 18:28:36 <gmaxwell> gavinandresen: I don't generally like the needs a password bit much though, simply because the user forgetting the password is one of the useful cases to backup against.
318 2012-09-14 18:28:39 <gavinandresen> gmaxwell: well, that led me to thinking it'd be spiffy if there was a web service with rainbow tables of all the known passwords/phrases to check against....
319 2012-09-14 18:28:45 <gmaxwell> (and often seriously underestimated by the user)
320 2012-09-14 18:29:18 <gavinandresen> Ideally, I'd love to submit a SHA256 of my master passphrase along with my email address, and then get told by the web service if/when anybody in the world thought of the same passphrase.
321 2012-09-14 18:29:19 <gmaxwell> gavinandresen: ya, sure just send your password to the password search engine.. doh. :P
322 2012-09-14 18:29:59 <gavinandresen> gmaxwell: if the service stored nothing but hashes it'd be safe...
323 2012-09-14 18:30:34 <BlueMatt> again, doesnt it make more sense to encourage hd wallet use and have people print out unencrypted copies as backup instead of doing complicated make-wallet-security-weaker encryption?
324 2012-09-14 18:30:36 <freewil> would it be safer to submit a hash of the hash?
325 2012-09-14 18:30:39 <gavinandresen> ... seed it with all of the common/hacked password databases that are already out there....
326 2012-09-14 18:30:44 <gmaxwell> gavinandresen: nah, ... because mtgox users with all hashed passwords were safe? :P
327 2012-09-14 18:31:36 <gmaxwell> (the problem is the service or someone who cracked them could just run bruteforcing against the recieved password)
328 2012-09-14 18:31:38 <Luke-Jr> gmaxwell: all the secure passwords are
329 2012-09-14 18:31:39 <wizkid057> crappy passwords will always be a weakness
330 2012-09-14 18:32:04 <Luke-Jr> I doubt my old MtGox password can be found
331 2012-09-14 18:32:08 <gmaxwell> wizkid057: they're not a weakness if the attacker can't use them (lacking the hundreds of bits of private keying material)
332 2012-09-14 18:32:09 <wizkid057> lol
333 2012-09-14 18:32:15 <gmaxwell> Luke-Jr: how many digits is it?
334 2012-09-14 18:32:23 <wizkid057> my mtgox password is 6 characters :P
335 2012-09-14 18:32:26 <Luke-Jr> gmaxwell: I think 8 or so
336 2012-09-14 18:32:32 <Luke-Jr> but I used a random maker program
337 2012-09-14 18:32:37 <gmaxwell> Luke-Jr: then it can be found.
338 2012-09-14 18:32:49 <wizkid057> they'll never find mine...
339 2012-09-14 18:33:00 <gmaxwell> You can do something like 1B/cryptmd5/s on a fairly modest gpu cluster. IIRC.
340 2012-09-14 18:33:11 <gavinandresen> gmaxwell: sure, I suppose you'd have to trust that the service would actually notify you if it managed to brute-force your password instead of trying the password somewhere...
341 2012-09-14 18:33:12 <BlueMatt> 8char ascii is pretty close to rainbow-table territory
342 2012-09-14 18:33:40 <gmaxwell> BlueMatt: I have md5 rainbow tables for with 12 characters of alphanum.
343 2012-09-14 18:35:06 <BlueMatt> gmaxwell: yep, thats why you dont use alphanum ;)
344 2012-09-14 18:35:10 <gavinandresen> BlueMatt: RE: hd wallets and printing out to backup:  yeah, probably that's the right way to go, it is simpler.
345 2012-09-14 18:35:45 <gavinandresen> BlueMatt: ... although I think printers will get more and more rare as we all get iPads and iPhones
346 2012-09-14 18:35:50 <gavinandresen> ... and kindles and....
347 2012-09-14 18:36:19 <wizkid057> gavinandresen: i dont think there will be a lack of printers in our lifetimes
348 2012-09-14 18:36:39 <BlueMatt> gavinandresen: well, thats true, but I suppose most people will have printer access for a long time now (though keeping people from printing to pdf and storing their seed on their desktop in pdf form is a whole 'nother story...)
349 2012-09-14 18:36:44 <gavinandresen> I dunno, I don't use my printer very much.
350 2012-09-14 18:36:51 <BlueMatt> but you still have one ;)
351 2012-09-14 18:37:06 <gavinandresen> Yes, but I'm a geek
352 2012-09-14 18:37:09 <BlueMatt> or your office has one, or your neighbor has one (worst case) or...
353 2012-09-14 18:37:21 <gmaxwell> gavinandresen: another option is multiparty excrowed backups. Licensed attornies (subject to professional standards; less subject to legal intimidation) with the decryption keys offline in multiple jurisdictions who don't even know what customers they have because you only pay to get data back from them.
354 2012-09-14 18:37:22 <gavinandresen> printing private keys on a shared printer is scary
355 2012-09-14 18:37:36 <gmaxwell> esp with printers that save recent printouts. :(
356 2012-09-14 18:37:39 <gavinandresen> yes
357 2012-09-14 18:37:57 <gavinandresen> heck, printing private keys on a network-connected printer is scary
358 2012-09-14 18:38:03 <wizkid057> doesnt that go against the whole decentralized theme?
359 2012-09-14 18:38:05 <eian> indeed: http://www.cbsnews.com/2100-18563_162-6412439.html
360 2012-09-14 18:38:29 <helo> Bitcoin Safe Printer (tm)
361 2012-09-14 18:38:30 <gmaxwell> wizkid057: then don't use it.
362 2012-09-14 18:38:45 <BlueMatt> gavinandresen: true...but Id say its a fairly minor risk (its rarely researched, though there were some great probes into custom printer firmwares that did fun things a few years back)
363 2012-09-14 18:39:14 <gmaxwell> BlueMatt: I mean _stock_ printer behavior on many highend multifunctions maintains past jobs so you can reprint from them.
364 2012-09-14 18:39:36 <gmaxwell> e.g. I can walk up to the printer nearest to me in my office and print any of the last ~100 jobs that went through it.
365 2012-09-14 18:39:50 <gmaxwell> But this doesn't worry me much at all. Wrong threat model.
366 2012-09-14 18:40:06 <BlueMatt> gmaxwell: true, but, again, its probably pretty rare that people will be searching through your printer (hopefully its only physically accessible except to a rare one or two people...)
367 2012-09-14 18:40:08 <gmaxwell> someone who can get to your printer can copy your disk and/or install a keyboard wedge.
368 2012-09-14 18:40:17 <BlueMatt> yep
369 2012-09-14 18:40:52 <gavinandresen> multi-device transaction authorization makes all of this much safer, assuming there are good backup solutions for both devices
370 2012-09-14 18:40:53 <eian> My company rented a $30k multifunction laser printer - I'm sure we had sensitive stuff still on the hard drive when our lease expired
371 2012-09-14 18:40:54 <gmaxwell> I think the risk of data loss enormously trumps the marginal risk of a local leak.. if bitcoin becomes a lot more popular that might change.
372 2012-09-14 18:41:17 <gmaxwell> eian: there are now standards for dealing with that.
373 2012-09-14 18:41:23 <gmaxwell> actually interesting question, brb.
374 2012-09-14 18:41:24 <eian> I'm glad :)
375 2012-09-14 18:41:36 <wumpus> a lot of companies leave network printers exposed to the open internet, that can be some fun
376 2012-09-14 18:42:13 <BlueMatt> wumpus: yea, there were some fun custom firmwares a year or two ago that just did dumb shit on the lcds and printed crap...
377 2012-09-14 18:42:25 <BlueMatt> (and the firmware upgrade stuff is usually very non-locked-down)
378 2012-09-14 18:42:25 <wumpus> almost as much fun as security cameras
379 2012-09-14 18:42:33 <BlueMatt> heh
380 2012-09-14 18:43:29 <wizkid057> there was a not super public bug in some HP laserjet network printers that would let you set the LCD text
381 2012-09-14 18:43:48 <wizkid057> and some of those printers needed a physical button press to initiate a firmware update...
382 2012-09-14 18:44:46 <wumpus> in many cases it's the http server on those devices that's vulnerable, not the printing itself, though there have indeed been some exploits through postscript too
383 2012-09-14 18:45:07 <wizkid057> stop the printer, initiate firmware update, send "PRESS OK TO PRINT" to the screen, and wait for someone to wonder where their document is and press OK to start the firmware update
384 2012-09-14 18:45:12 <BlueMatt> anyway...I agree with gavinandresen, multi-device/wallet txes helps all of this a ton, and then Id say use hd wallets for both devices, print them both out, and you are pretty well-off
385 2012-09-14 18:45:43 <daedeloth> the "move" command is instant, right? When I call move, and right after I call "balance", it shows the new balance?
386 2012-09-14 18:45:46 <gavinandresen> yes.  Print them on different printers.  Or print one and email the other....
387 2012-09-14 18:45:58 <gavinandresen> daedeloth: yes
388 2012-09-14 18:46:05 <BlueMatt> or display on screen and make the user copy it down
389 2012-09-14 18:46:07 <daedeloth> ok thanks :)