1 2012-12-25 00:01:56 <stealth222> the typical user doesn't need to understand group theory to understand the concept of a digital signature at a higher level
2 2012-12-25 00:02:21 <stealth222> you can even use the example of writing a check
3 2012-12-25 00:02:35 <stealth222> you sign a check to someone else, you can't even cash it yourself
4 2012-12-25 00:03:06 <andytoshi> ...but anyone can forge a signature, especially on a computer
5 2012-12-25 00:03:10 <andytoshi> people -know- you can copy files
6 2012-12-25 00:13:42 <stealth222> how about this: you have a deck of cards, you start at one card and then deal n cards down. you end up at some other card. knowing the initial card, if the deck is shuffled in a highly ordered way (for instance, A, 2, 3, 4, ... of the same suit) then it's easy to know what card you'll end on just knowing the starting card and n
7 2012-12-25 00:13:59 <stealth222> but now say the deck is shuffled
8 2012-12-25 00:15:14 <stealth222> even if someone knows what card you start with and what card you end with, figuring out n requires knowing exactly how the deck is shuffled
9 2012-12-25 00:17:48 <andytoshi> presumably you are trying to hide n by only publishing the start and end cards to the deck owner
10 2012-12-25 00:17:54 <andytoshi> and he will understand n, while no observer will
11 2012-12-25 00:18:09 <andytoshi> ..but then, how do you know the deck in order to choose what cards to publish?
12 2012-12-25 00:18:09 <stealth222> right
13 2012-12-25 00:18:18 <andytoshi> so there's still a communication problem
14 2012-12-25 00:18:31 <andytoshi> but i get the principle
15 2012-12-25 00:18:49 <stealth222> elliptic curves allow us to all shuffle the deck in the same fashion but do not allow us to describe the card order succinctly
16 2012-12-25 00:20:00 <andytoshi> hmm
17 2012-12-25 00:21:23 <stealth222> let A be the starting card, n be the number of cards dealt, and B be the ending card. algebraically speaking, for our purposes here elliptic curves are nothing more than a representation of a cyclic group in which it's easy to figure out B knowing A and n but very hard to figure out n knowing A and B
18 2012-12-25 00:21:52 <stealth222> the same group could be represented as addition mod some prime
19 2012-12-25 00:21:59 <stealth222> but that would be easy to reverse
20 2012-12-25 00:22:27 <andytoshi> yep, i'm good with group theory, and understand why ECC is hard to reverse even though it's just a cyclic group
21 2012-12-25 00:22:31 <stealth222> think of a "circular" deck
22 2012-12-25 00:22:33 <stealth222> yeah
23 2012-12-25 00:23:27 <andytoshi> so, assuming i can explain this "scrambled cycle" to an ordinary folk
24 2012-12-25 00:23:43 <andytoshi> which of A, B, n do all parties have, and what do they share?
25 2012-12-25 00:27:25 <andytoshi> this should be easy, but i don't see it :\\
26 2012-12-25 00:31:10 <andytoshi> in RSA, the trick is that i can publish n while keeping -n secret
27 2012-12-25 00:31:19 <andytoshi> and the group is multiplicative, so i really mean n^-1
28 2012-12-25 00:31:29 <stealth222> yes
29 2012-12-25 00:33:37 <andytoshi> i dunno, i had hope for this scrambled cycle explanation but it seems like the analogy doesn't quite work
30 2012-12-25 00:33:56 <andytoshi> also i actually don't remember how ECDSA is done
31 2012-12-25 00:34:07 <stealth222> I'll keep thinking about it - but in any case, not sure the typical user needs to understand the details
32 2012-12-25 00:34:20 <andytoshi> i suppose not
33 2012-12-25 00:34:28 <andytoshi> they need to understand that public crypto exists
34 2012-12-25 00:34:56 <andytoshi> and sciencey people would want you to demonstrate one to prove it exists...but normal people don't have that luxury
35 2012-12-25 00:35:06 <andytoshi> computers are magic, math is magic
36 2012-12-25 00:35:15 <stealth222> knowing someone's public key, the object to be signed, and a signature, it is easy to verify it. but it is extremely hard, just given this information, to produce a valid signature for a given object.
37 2012-12-25 00:35:30 <stealth222> a different given object
38 2012-12-25 00:36:12 <stealth222> that's all people really need to understand unless they want to get into the math
39 2012-12-25 00:36:20 <andytoshi> yeah, i guess i'll stick with that then
40 2012-12-25 00:57:27 <gmaxwell> 16:32 < Luke-Jr> someone should setup a blockchain.info clone that doesn't do garbage like promote firstbits/dice, and shows sources as outputs instead of addresses <.<
41 2012-12-25 00:57:39 <gmaxwell> ^ the fact that you can't get txn inputs out of it is really frustrating.
42 2012-12-25 00:58:02 <gmaxwell> People show up asking why their txn isn't confirmed??? and its often because it depends on a long chain of unconfirmed transactions.
43 2012-12-25 00:58:21 <gmaxwell> but you can't actually see that from any webpage these days, AFAIK.
44 2012-12-25 01:00:51 <stealth222> a graph UI showing transaction dependencies would be nice
45 2012-12-25 01:01:41 <gmaxwell> there is even a graph thing on that site??? but it shows transactions as coming from addresses, not specific inputs... so it can't show e.g. which inputs are confirmed or not.
46 2012-12-25 01:02:00 <stealth222> right, the dendrogram thing
47 2012-12-25 01:02:40 <stealth222> each node should show backwards dependencies
48 2012-12-25 01:02:47 <stealth222> up to the last confirmed nodes
49 2012-12-25 01:03:25 <stealth222> and they could be grouped by block
50 2012-12-25 01:04:32 <stealth222> blockchain.info only shows forward dependencies
51 2012-12-25 01:05:01 <stealth222> the exact same graph control could be used to show backwards dependencies
52 2012-12-25 01:06:14 <stealth222> but rather than grouping vertically by generation it would be more interesting to group vertically by block
53 2012-12-25 01:06:27 <Luke-Jr> gmaxwell: well, if you enable advanced, it will link the inputs
54 2012-12-25 01:06:34 <gmaxwell> stealth222: well it's not just that??? it very thoughly hides the inputs. E.g. it shows address "Y" paying txn "X" but as far as I know there is no way to actually see the inputs to a txn like you could on blockexplorer. Since its often showing unconfirmed txn I dunno how relevant block grouping really is.
55 2012-12-25 01:06:37 <Luke-Jr> but that should be the default as long as it's showing a low-level view :/
56 2012-12-25 01:06:42 <gmaxwell> Luke-Jr: really?
57 2012-12-25 01:06:46 <Luke-Jr> yeah
58 2012-12-25 01:07:04 <Luke-Jr> 16kNKa7WUg8QAPFy8dJRv7USSu2fAG2pkW (1.69184573 BTC - Output)
59 2012-12-25 01:07:15 <gmaxwell> https://blockchain.info/en/tx/c04f20f668f69c82961e20a9344ffb7d521380a2dbafb006688d2bc502b2a26b?show_adv=true <it shows the addresses but not which txid/vout
60 2012-12-25 01:07:25 <Luke-Jr> the Output links to the prev transaction and highlights the output in orange
61 2012-12-25 01:07:28 <gmaxwell> and the link just goes to the general page of the address.
62 2012-12-25 01:07:45 <gmaxwell> ah! I'd missed the output links.
63 2012-12-25 01:07:47 <Luke-Jr> gmaxwell: scroll down adn click "Show scripts & coinbase"
64 2012-12-25 01:08:18 <gmaxwell> Luke-Jr: that link has that clicked (show_adv=true) I was just missing the [output] links.
65 2012-12-25 01:08:21 <stealth222> you can see the scripts - but can you visualize the dependency graph along with confirmations?
66 2012-12-25 01:08:39 <gmaxwell> Better than I'd thought at least.
67 2012-12-25 01:09:35 <stealth222> I've got a database I can use to build this - just need to find a good js graph library
68 2012-12-25 01:09:46 <Luke-Jr> stealth222: dygraphs
69 2012-12-25 01:10:54 <stealth222> hmm, does it do directed graphs?
70 2012-12-25 01:11:01 <Luke-Jr> dunno
71 2012-12-25 01:11:12 <Luke-Jr> I just find it nice for pool statistics <.<
72 2012-12-25 01:11:35 <Luke-Jr> without any big dependencies
73 2012-12-25 01:12:44 <stealth222> I've dabbled with sigma before - it's not bad
74 2012-12-25 01:12:47 <stealth222> might be sufficient
75 2012-12-25 01:13:13 <stealth222> http://sigmajs.org/
76 2012-12-25 01:13:56 <gmaxwell> the graphic at the top doesn't inspire me with confidence.
77 2012-12-25 01:14:22 <gmaxwell> There seem to be a lot of graphing libraries whos purpose seems to be to generate a pretty mess and impress you with the complexity of the data, rather than help you understand it. :P
78 2012-12-25 01:14:31 <stealth222> heh, very true
79 2012-12-25 01:14:49 <stealth222> well, if you know of a better graph library, I'm all ears :)
80 2012-12-25 01:15:06 <gmaxwell> (not that making comprehsnible graph is actually easy??? even graphviz often does a pretty poor job of it)
81 2012-12-25 01:15:52 <Luke-Jr> yeah, I used graphviz to make a simple family tree graph
82 2012-12-25 01:15:58 <Luke-Jr> it does ridiculously stupid things
83 2012-12-25 01:16:58 <gmaxwell> Luke-Jr: like this? http://people.xiph.org/~greg/family.png
84 2012-12-25 01:17:19 <Luke-Jr> gmaxwell: yeah, but mine has cousins and such
85 2012-12-25 01:18:06 <gmaxwell> yea, it tends to behave for things that neatly seperate into levels.
86 2012-12-25 01:21:37 <stealth222> I'm gonna have to go...TBC
87 2012-12-25 01:22:17 <Luke-Jr> what about TBC?
88 2012-12-25 01:22:22 <Luke-Jr> o.OO
89 2012-12-25 01:22:45 <gmaxwell> I think that means "to be continued"
90 2012-12-25 02:26:13 <btcguy> suck my cock gmaxwell
91 2012-12-25 02:26:14 <btcguy> suck my cock gmaxwell
92 2012-12-25 02:26:19 <btcguy> suck my cock gmaxwell
93 2012-12-25 02:26:20 <btcguy> suck my cock gmaxwell
94 2012-12-25 02:26:23 <btcguy> suck my cock gmaxwell
95 2012-12-25 02:26:28 <btcguy> suck my cock gmaxwell
96 2012-12-25 02:26:31 <btcguy> suck my cock gmaxwell
97 2012-12-25 02:26:32 <btcguy> suck my cock gmaxwell
98 2012-12-25 02:26:35 <btcguy> suck my cock gmaxwell
99 2012-12-25 02:26:36 <btcguy> suck my cock gmaxwell
100 2012-12-25 02:26:38 <btcguy> suck my cock gmaxwell
101 2012-12-25 02:26:41 <btcguy> suck my cock gmaxwell
102 2012-12-25 02:26:50 <btcguy> suck my cock gmaxwell
103 2012-12-25 02:26:52 <btcguy> suck my cock gmaxwell
104 2012-12-25 02:26:55 <btcguy> suck my cock gmaxwell
105 2012-12-25 02:26:56 <btcguy> suck my cock gmaxwell
106 2012-12-25 02:26:58 <btcguy> suck my cock gmaxwell
107 2012-12-25 02:27:00 <btcguy> suck my cock gmaxwell
108 2012-12-25 02:27:04 <btcguy> suck my cock gmaxwell
109 2012-12-25 02:27:08 <btcguy> suck my cock gmaxwell
110 2012-12-25 02:27:10 <btcguy> suck my cock gmaxwell
111 2012-12-25 02:27:13 <btcguy> suck my cock gmaxwell
112 2012-12-25 02:27:14 <btcguy> suck my cock gmaxwell
113 2012-12-25 02:27:16 <btcguy> suck my cock gmaxwell
114 2012-12-25 02:27:20 <btcguy> suck my cock gmaxwell
115 2012-12-25 02:27:22 <btcguy> suck my cock gmaxwell
116 2012-12-25 02:27:24 <btcguy> suck my cock gmaxwell
117 2012-12-25 02:27:31 <btcguy> suck my cock gmaxwell
118 2012-12-25 02:27:32 <btcguy> suck my cock gmaxwell
119 2012-12-25 02:27:35 <btcguy> suck my cock gmaxwell
120 2012-12-25 02:27:36 <btcguy> suck my cock gmaxwell
121 2012-12-25 02:27:38 <btcguy> suck my cock gmaxwell
122 2012-12-25 02:27:40 <btcguy> suck my cock gmaxwell
123 2012-12-25 02:27:43 <btcguy> suck my cock gmaxwell
124 2012-12-25 02:27:46 <btcguy> suck my cock gmaxwell
125 2012-12-25 02:30:07 <gmaxwell> 09:17 -!- n0n00dz4u [~n0n00dz4u@c-76-109-90-201.hsd1.fl.comcast.net] has joined #bitcoin
126 2012-12-25 02:30:33 <gmaxwell> (malware miner dude on a different jump host)
127 2012-12-25 18:13:22 <D34TH> ouch i have a 2.1mb wallet.dat
128 2012-12-25 18:42:11 <gmaxwell> D34TH: hm? mine here is 11MBytes.
129 2012-12-25 18:42:21 <gmaxwell> Go go bdb.
130 2012-12-25 18:42:27 <D34TH> lol
131 2012-12-25 18:42:36 <D34TH> someone seems to be giving out an asston of btc
132 2012-12-25 18:42:58 <gmaxwell> D34TH: hm?
133 2012-12-25 18:43:15 <D34TH> over 2k btc has been randomly given out in otc
134 2012-12-25 19:03:08 <Kiba> hello
135 2012-12-25 21:18:48 <chje> hi, free bitcoins phantomcircuit
136 2012-12-25 21:18:50 <chje> AfSjs3NXUis8cWH8WMCpLsAgUeWZxMKgnKXuFYX87Ptd
137 2012-12-25 21:18:51 <chje> AfSjs3NXUis8cWH8WMCpLsAgUeWZxMKgnKXuFYX87Ptd
138 2012-12-25 21:22:16 <Scrat> cheap, cheap
139 2012-12-25 21:22:28 <chje> Scrat: AfSjs3NXUis8cWH8WMCpLsAgUeWZxMKgnKXuFYX87Ptd
140 2012-12-25 21:23:09 <Scrat> not even worth the mouseclicks for 0.00001 ;p
141 2012-12-25 21:23:28 <chje> hey, blame the guy who thought it was cute wasting .00001 on me :)
142 2012-12-25 21:27:17 <chje> Azelphur: AfSjs3NXUis8cWH8WMCpLsAgUeWZxMKgnKXuFYX87Ptd free bitcoins
143 2012-12-25 21:29:17 <JWU42> chje: go away pls
144 2012-12-25 21:29:27 <chje> JWU42: no
145 2012-12-25 21:29:32 <chje> do you have free moneis
146 2012-12-25 21:29:42 <JWU42> yes
147 2012-12-25 21:29:48 <JWU42> all money is free
148 2012-12-25 21:29:57 <JWU42> you just have to work for it
149 2012-12-25 21:30:05 <chje> that nos not fre
150 2012-12-25 21:30:05 <JWU42> ;)
151 2012-12-25 21:30:17 <JWU42> this is free = some advice
152 2012-12-25 21:30:32 <JWU42> go away
153 2012-12-25 21:31:02 <chje> no
154 2012-12-25 21:31:04 <chje> ban me
155 2012-12-25 21:31:07 <chje> thats the only way
156 2012-12-25 21:31:11 <chje> phantomcircuit: ban me pls
157 2012-12-25 21:31:20 <chje> kickban actually
158 2012-12-25 21:33:59 <chje> a
159 2012-12-25 21:34:00 <chje> b
160 2012-12-25 21:34:01 <chje> d
161 2012-12-25 21:34:02 <chje> e
162 2012-12-25 21:34:03 <chje> f
163 2012-12-25 21:34:04 <chje> g
164 2012-12-25 21:34:05 <chje> h
165 2012-12-25 21:34:06 <chje> i
166 2012-12-25 21:34:07 <chje> k
167 2012-12-25 21:34:08 <chje> m
168 2012-12-25 21:34:09 <chje> n
169 2012-12-25 21:34:10 <chje> o
170 2012-12-25 21:34:11 <chje> p
171 2012-12-25 21:34:12 <chje> r
172 2012-12-25 21:34:13 <chje> t
173 2012-12-25 21:34:15 <chje> u
174 2012-12-25 21:34:16 <chje> w
175 2012-12-25 21:34:17 <chje> x
176 2012-12-25 21:34:18 <chje> y
177 2012-12-25 21:34:19 <chje> z
178 2012-12-25 21:34:25 <chje> chje
179 2012-12-25 21:34:30 <chje> chchj
180 2012-12-25 21:34:38 <chje> chei22223242
181 2012-12-25 21:35:32 <sipa> jgarzik, gmaxwell: care to remove some vermin here?
182 2012-12-25 21:35:51 <chje> gmaxwell: +1
183 2012-12-25 21:36:25 <chje> �ACTION has left IRC (D)�
184 2012-12-25 21:36:41 <chje> �ACTION has kicked sipa (noob)�
185 2012-12-25 21:59:24 <JWU42> hooray
186 2012-12-25 21:59:27 <gmaxwell> sorry
187 2012-12-25 22:00:04 <JWU42> no worries
188 2012-12-25 22:00:32 <JWU42> the downside of a channel of 200+ with 1 or 2 active @'s
189 2012-12-25 22:00:35 <JWU42> ;)