1 2013-09-18 00:09:55 <phantomcircuit> stratum request/response dump http://pastebin.com/raw.php?i=2dw68UK6
  2 2013-09-18 00:10:10 <phantomcircuit> python code attempting to construct the block header/hash http://pastebin.com/Ki8F1K83
  3 2013-09-18 00:10:19 <phantomcircuit> output http://pastebin.com/wfYA0Pm1
  4 2013-09-18 00:10:32 <phantomcircuit> expected hash value is 000000000beb64c7015f77d1dd9a8074d1513f6f8ec4756c2693ef98cff373ab
  5 2013-09-18 00:10:34 <phantomcircuit> from cpuminer
  6 2013-09-18 00:10:59 <phantomcircuit> merkleroot matches the dumped merkleroot from cpuminer so the problem is likely something else
  7 2013-09-18 00:11:22 <phantomcircuit> i've been looking at this far too long to see what's wrong with it anymore
  8 2013-09-18 00:11:23 <phantomcircuit> :/
  9 2013-09-18 00:14:42 <gavinandresen> BlueMatt: jenkins is out of space? … will fix now...
 10 2013-09-18 00:15:11 <BlueMatt> gavinandresen: what happened to the cron job?
 11 2013-09-18 00:15:32 <gavinandresen> BlueMatt: dunno, I'll check.  Should be working...
 12 2013-09-18 00:16:47 <gavinandresen> Did somebody else fix the out-of-space problem?  I don't see a problem...
 13 2013-09-18 00:17:09 <phantomcircuit> gavinandresen, isn't the out of space problem on tmpfs?
 14 2013-09-18 00:17:41 <gavinandresen> phantomcircuit: not according to 'df'
 15 2013-09-18 00:18:00 <gavinandresen> (4.3 gig available)
 16 2013-09-18 00:18:45 <BlueMatt> I dunno, I didnt see logs that indicated out of space, but thats what someone was saying
 17 2013-09-18 00:19:46 <phantomcircuit> gavinandresen, iirc the person saying they saw an out of space error said it referenced /tmp
 18 2013-09-18 00:19:52 <phantomcircuit> in which case it could just be random
 19 2013-09-18 00:20:22 <gavinandresen> mmm.  I don't see anything wrong with jenkins, and last pull-test was successful.
 20 2013-09-18 00:20:29 <phantomcircuit> heh well this coinbase transaction isn't evenvalid
 21 2013-09-18 00:20:43 <phantomcircuit> but i dont think that could be the cause of this since cpuminer doesn't check that at all
 22 2013-09-18 00:21:38 <phantomcircuit> oh actually it is derp hex encoded
 23 2013-09-18 00:54:16 <cfields> BlueMatt: was it really out of space? builds were failing a few days ago because of a build problem that's been fixed since. is that what you were referencing maybe?
 24 2013-09-18 00:57:51 <BlueMatt> cfields: no idea, someone commented on irc earlier today that builds failed, I dunno details because most people ignore the "Please ping BlueMatt" comment
 25 2013-09-18 00:58:47 <cfields> heh ok
 26 2013-09-18 05:52:05 <lianj> is there more info about https://en.bitcoin.it/wiki/Address#Multi-signature_addresses ? is this used somewhere on the network? how does it differ from OP_CHECKMULTISIG script type
 27 2013-09-18 05:53:16 <gmaxwell> Thats talking about P2SH, and yes, its used on the network.
 28 2013-09-18 05:55:03 <lianj> oh duh, p2sh. ok :D
 29 2013-09-18 05:55:36 <gmaxwell> yea, dunno why it only talks about one use of p2sh but thats the wiki for you. :P
 30 2013-09-18 06:00:00 <CodeShark> are there any other things p2sh is actually being used for right now?
 31 2013-09-18 06:01:03 <lianj> pushing non-standard scripts maybe? dunno, peers prolly look into the inner script aswell before relaying
 32 2013-09-18 06:02:15 <gmaxwell> lianj: ... they can't look into the "inner" script when you pay to.
 33 2013-09-18 06:02:32 <gmaxwell> (on redemption they do, sure.)
 34 2013-09-18 06:02:52 <lianj> yea, thats what i mean
 35 2013-09-18 06:04:02 <gmaxwell> CodeShark: you saw, https://bitcointalk.org/index.php?topic=293382.0  I assume? :)
 36 2013-09-18 06:04:11 <CodeShark> yes, I did
 37 2013-09-18 06:06:01 <CodeShark> I was referring to stuff besides hackerbaiting :p
 38 2013-09-18 06:06:56 <gmaxwell> the more common usage I've seen has been escrows, which indeed is just multisig of some kind or another.
 39 2013-09-18 06:11:31 <CodeShark> the only three templates in script.cpp's solver currently are TX_PUBKEY, TX_PUBKEYHASH, and TX_MULTISIG
 40 2013-09-18 06:12:15 <CodeShark> if p2sh were truly a general pattern, we wouldn't need these special cases :)
 41 2013-09-18 06:13:27 <CodeShark> legacy's a real bitch sometimes
 42 2013-09-18 07:02:31 <gmaxwell> CodeShark: the solver stuff isn't general and probably never will be general.
 43 2013-09-18 07:03:26 <gmaxwell> The idea of transaction "ownership" would actually be undecidable under script for fully general scripts (well, would be save some of the limitations in script currently)
 44 2013-09-18 10:21:27 <TD> good day
 45 2013-09-18 10:50:16 <jgarzik> mornin'
 46 2013-09-18 11:07:18 <gavinandresen> mornin
 47 2013-09-18 11:09:27 <sipa> muffin
 48 2013-09-18 11:09:42 <Diablo-D3> sipa is our derpy.
 49 2013-09-18 11:10:19 <sipa> derp derp
 50 2013-09-18 11:10:56 <Diablo-D3> 
ACTION is glad the bronies have not discovered bitcoin

 51 2013-09-18 11:11:12 <sipa> 
ACTION resists urge to google 'bronies'

 52 2013-09-18 11:11:25 <Diablo-D3> sipa: male adult fans of my little pony
 53 2013-09-18 11:11:26 <da2ce7> sipa: justdoit
 54 2013-09-18 11:11:55 <Diablo-D3> sipa: basically, the current punching bag of the internet
 55 2013-09-18 11:12:16 <da2ce7> Diablo-D3: well, a rarther long-term one at that.
 56 2013-09-18 11:12:31 <Diablo-D3> well, I think it evolved from furries as a punching bag
 57 2013-09-18 11:14:40 <TD> evening gavin
 58 2013-09-18 11:57:21 <gavinandresen> TD: good night!  bedtime...
 59 2013-09-18 11:57:26 <TD> sleep well
 60 2013-09-18 12:02:05 <jgarzik> drat
 61 2013-09-18 12:02:13 <jgarzik> 
ACTION was hoping to catch gavinandresen and sort autoconf

 62 2013-09-18 12:02:36 <gavinandresen> I thought consensus on autoconf was clear
 63 2013-09-18 12:03:13 <gavinandresen> build -g -O2 by default, document ./configure CXXFLAGS="-g -ggdb" if you want to debug (or is it CXXFLAGS=foo ./configure ...)
 64 2013-09-18 12:03:20 <jgarzik> gavinandresen, hopefully my PR captures consensus, but wanted to make sure you were happy
 65 2013-09-18 12:03:37 <jgarzik> https://github.com/bitcoin/bitcoin/pull/3011
 66 2013-09-18 12:04:15 <jgarzik> gavinandresen, mainly, I didn't know if "-g -ggdb" was something you needed specifically in configure.ac
 67 2013-09-18 12:04:46 <jgarzik> CXXFLAGS="-g -ggdb" ./configure
 68 2013-09-18 12:04:59 <jgarzik> to answer your question
 69 2013-09-18 12:05:47 <gavinandresen> jgarzik: under what conditions will those -arch i386 / etc OSX flags get used?
 70 2013-09-18 12:06:18 <gavinandresen> or maybe a better question: what does AX_CHECK_COMPILE_FLAG do?
 71 2013-09-18 12:07:14 <jgarzik> gavinandresen, tests that a certain compile flag works, or not, on the current build machine
 72 2013-09-18 12:07:39 <gavinandresen> tests by building a little a.out?
 73 2013-09-18 12:08:10 <TD> yeah.
 74 2013-09-18 12:08:16 <TD> you can see what it does in the config.log file
 75 2013-09-18 12:08:21 <TD> that's why configure is so damn slow
 76 2013-09-18 12:08:24 <jgarzik> I don't think it links -- just compiles a no-op file
 77 2013-09-18 12:08:27 <TD> it actually tests whether things work by compiling little programs
 78 2013-09-18 12:08:31 <jgarzik> yep
 79 2013-09-18 12:08:43 <jgarzik> each test runs the compiler and/or linker, on a tiny program
 80 2013-09-18 12:08:47 <TD> it's a bit sad that in 2013 we're still converting things to use autotools
 81 2013-09-18 12:08:48 <gavinandresen> jgarzik: in any case, seems to me the -mmacosx-version-min and -arch flags should also be something passed in via CXXFLAGS, if needed on whatever machine is used to build releases.
 82 2013-09-18 12:08:58 <TD> surely there were better systems available these days that could have been used .... maybe not
 83 2013-09-18 12:09:22 <jgarzik> gavinandresen, I'm OK with that -- I'll go with whatever makes the OSX builder happy :)
 84 2013-09-18 12:09:38 <jgarzik> 
ACTION is all for deleting lines from configure.ac, too

 85 2013-09-18 12:09:47 <gavinandresen> less is better
 86 2013-09-18 12:09:49 <gavinandresen> agreed
 87 2013-09-18 12:10:00 <sipa> TD: and i wouldn't have objected to any buildsystem at all, but someone had to write one :)
 88 2013-09-18 12:10:13 <TD> yeah
 89 2013-09-18 12:10:36 <TD> whenever i look at the output of autoconf my appreciation for maven goes up, even though it's a gigantic xml monstrosity
 90 2013-09-18 12:10:40 <TD> heh
 91 2013-09-18 12:10:56 <sipa> anything was probably better than maintaining 5 separate build files...
 92 2013-09-18 12:11:31 <gavinandresen> I was THIS CLOSE to fixing those 5 Makefiles so all the common code was in one include'd file.....
 93 2013-09-18 12:11:51 <jgarzik> gavinandresen, JFYI, "./configure --help" lists the environment variables that can impact the build, in case you need a handy reference
 94 2013-09-18 12:12:02 <jgarzik> hehe
 95 2013-09-18 12:12:17 <jgarzik> ENVVAR=FOO ENV2VAR="bar baz" ./configure
 96 2013-09-18 12:12:20 <jgarzik> is the general pattern
 97 2013-09-18 12:12:43 <jgarzik> TD, heh
 98 2013-09-18 12:12:55 <CodeShark> people still use xml?!? :p
 99 2013-09-18 12:13:03 <sipa> CodeShark: haha
100 2013-09-18 12:13:12 <sipa> people still use ASN.1?!?
101 2013-09-18 12:13:13 <nkuttler> xml still has valid use cases
102 2013-09-18 12:13:19 <gavinandresen> Was about to post this to bitcoin-development RE: XBT:  It seems very likely that the official currency code will become XBT; I think somebody should pull-request a change for the 0.9 release that changes BTC to XBT in the Bitcoin-Qt GUI, code comments, etc.
103 2013-09-18 12:13:39 <sipa> "official"
104 2013-09-18 12:13:49 <sipa> i though the X prefix was for non-official codes
105 2013-09-18 12:13:52 <jgarzik> I remember how in awe I was on XML, back in the day.  I thought it was so much better than what had come before, all these ad hoc crappy formats (I spent a while writing code to read Excel spreadsheets and TIFF files <shiver> the 1990s)
106 2013-09-18 12:13:52 <sipa> *thought
107 2013-09-18 12:14:02 <gavinandresen> XAU is official for gold....
108 2013-09-18 12:14:03 <TD> could we at least wait on that until it actually happens? it'd be kind of annoying to move away from the consensus BTC
109 2013-09-18 12:14:10 <sipa> ah
110 2013-09-18 12:14:18 <sipa> s/non-official/non-country/
111 2013-09-18 12:14:26 <jgarzik> +1 -- I prefer to wait until it is ISO-approved
112 2013-09-18 12:14:35 <gavinandresen> yes.  I should say "ISO sanctioned non-country"
113 2013-09-18 12:14:36 <TD> i mean it's kind of busywork and BTC is more natural than XBT
114 2013-09-18 12:14:43 <TD> also what about mBTC, uBTC, etc
115 2013-09-18 12:14:44 <jgarzik> +1
116 2013-09-18 12:14:46 <TD> mXBT?
117 2013-09-18 12:14:47 <TD> uXBT?
118 2013-09-18 12:14:53 <gavinandresen> yup.
119 2013-09-18 12:14:57 <TD> heck, perhaps we should simply replace it with a unicode character :)
120 2013-09-18 12:14:58 <sipa> XBTe-3
121 2013-09-18 12:14:59 <sipa> XBTe-6
122 2013-09-18 12:15:02 <TD> hahaha
123 2013-09-18 12:15:03 <jgarzik> 
ACTION is just sentimental about losing BTC, too :)

124 2013-09-18 12:15:10 <TD> 
ACTION likes BTC

125 2013-09-18 12:15:15 <michagogo> 
ACTION will also miss BTC

126 2013-09-18 12:15:17 <TD> somehow i doubt Bhutan is going to launch another currency
127 2013-09-18 12:15:24 <jgarzik> hah
128 2013-09-18 12:15:31 <gavinandresen> I'm a pull-the-bandaid-off-fast kinda guy, so if it is going to be XBT, then I think we should push that it become XBT sooner rather than later.
129 2013-09-18 12:15:34 <TD> it's not even clear to me why ISO currency codes are hierarchically structured. how many currencies does a country need?
130 2013-09-18 12:15:40 <jgarzik> Really, the ISO needs to figure its shit out
131 2013-09-18 12:15:45 <michagogo> Seriously, BTC makes sense as an abbreviation for BiTCoin
132 2013-09-18 12:15:49 <sipa> TD: some have 3 or 4, afaik
133 2013-09-18 12:15:54 <michagogo> XBT is non-intuitive
134 2013-09-18 12:16:03 <jgarzik> There will soon be many global currencies.  And "global currency" is a new concept to ISO, gold nonwithstanding.
135 2013-09-18 12:16:06 <gavinandresen> X marks the spot, man!
136 2013-09-18 12:16:10 <jgarzik> :)
137 2013-09-18 12:16:18 <CodeShark> XAU is also nonintuitive unless you speak latin :p
138 2013-09-18 12:16:21 <gavinandresen> We've got the X factor!
139 2013-09-18 12:16:25 <michagogo> Also, the community doesn't necessarily need to adopt XBT as something to be used in day-to-day life...
140 2013-09-18 12:16:28 <jgarzik> CodeShark, or periodic table
141 2013-09-18 12:16:29 <gavinandresen> We are Xtra Special!
142 2013-09-18 12:16:38 <michagogo> CodeShark: That's why most people call it "gold"
143 2013-09-18 12:17:03 <sipa> also, people talk about dollars/bucks/... instead of USD. News at 11.
144 2013-09-18 12:17:12 <michagogo> We can keep BTC to use day-to-day even while ISO or whatever calls it XBT
145 2013-09-18 12:17:13 <TD> https://en.bitcoin.it/wiki/Bitcoin_symbol
146 2013-09-18 12:17:21 <TD> https://en.bitcoin.it/wiki/How_to_easily_type_the_circled_B_symbol_on_a_Mac
147 2013-09-18 12:17:37 <michagogo> Another example: here in Israel, our currency is the New Shekel
148 2013-09-18 12:17:37 <TD> that last page is one i wrote years ago when i was pushing for Ⓑ to become the symbol
149 2013-09-18 12:17:43 <TD> it didn't take off  :)
150 2013-09-18 12:18:07 <michagogo> When talking about it in English, it's almost always referred to as NIS (New Israeli Shekel)
151 2013-09-18 12:18:37 <gavinandresen> 
ACTION wonders what the M1 New Shekel money supply is....

152 2013-09-18 12:18:37 <TD> oh, good news
153 2013-09-18 12:18:46 <michagogo> The ISO currency code is actually ILS, but I've never, ever seen or heard that code used other than on exchange rate sites
154 2013-09-18 12:18:50 <TD> ben says the iphone wallet *can* handle a change in tx hash, and it generates non-canonical sigs with negative components
155 2013-09-18 12:18:55 <michagogo> gavinandresen: Hmm?
156 2013-09-18 12:19:11 <TD> sipa: to un-negativize a signature, it's enough to just flip the sign? i forgot what you have to do there
157 2013-09-18 12:19:30 <CodeShark> it's mod the field modulus, no?
158 2013-09-18 12:19:45 <sipa> TD: take the complement of both R and S (with the field size)
159 2013-09-18 12:20:10 <jgarzik> gavinandresen, one more q
160 2013-09-18 12:20:16 <jgarzik> gavinandresen, is -O3 an OSX platform requirement?
161 2013-09-18 12:20:17 <sipa> the field size being 2^256 - 2^32 - ...
162 2013-09-18 12:20:25 <TD> yes the magic prime
163 2013-09-18 12:20:39 <gavinandresen> jgarzik: nope
164 2013-09-18 12:20:39 <sipa> TD: there's code in git head that does it in bitcoind
165 2013-09-18 12:20:39 <TD> so you mean r' = r mod p ?
166 2013-09-18 12:20:41 <jgarzik> gavinandresen, configure currently adds -O3, because mumble
167 2013-09-18 12:20:44 <jgarzik> ok
168 2013-09-18 12:20:48 <CodeShark> TD: r' = p - r
169 2013-09-18 12:20:48 <sipa> TD: no, r' = p - r
170 2013-09-18 12:20:51 <TD> ok
171 2013-09-18 12:21:04 <CodeShark> = -r (mod p)
172 2013-09-18 12:21:35 <sipa> TD: i'm wrong; it's just the complement of S you need to take
173 2013-09-18 12:21:41 <TD> and you do that for r and s independently?
174 2013-09-18 12:21:43 <sipa> https://github.com/bitcoin/bitcoin/blob/master/src/key.cpp#L202
175 2013-09-18 12:21:46 <TD> thanks
176 2013-09-18 12:21:59 <CodeShark> right, the "sign" of X is given
177 2013-09-18 12:22:06 <CodeShark> err, R
178 2013-09-18 12:22:14 <sipa> oh, and it's modulo the order, not the field size
179 2013-09-18 12:22:21 <TD> sipa: that code is handling odd S values, not flipping the sign?
180 2013-09-18 12:22:22 <sipa> 
ACTION 's memory was fuzzy, sorry

181 2013-09-18 12:22:30 <CodeShark> mod the order?
182 2013-09-18 12:22:32 <sipa> TD: it has no sign
183 2013-09-18 12:22:55 <sipa> TD: the problem is that reinterpreting the (naively) serialized value results in a negative value
184 2013-09-18 12:23:00 <CodeShark> a point on an elliptic curve is in FxF
185 2013-09-18 12:23:05 <CodeShark> where F is the field
186 2013-09-18 12:23:17 <TD> yes, i know that you can't really have negative r/s values
187 2013-09-18 12:23:22 <TD> it's meaningless to have that in the field
188 2013-09-18 12:23:24 <sipa> TD: you need to perform the complement whenever the highest bit is set
189 2013-09-18 12:23:44 <sipa> and as a side effect, the even/oddness also changes
190 2013-09-18 12:23:56 <TD> i see
191 2013-09-18 12:23:59 <sipa> which is why it's used in that code
192 2013-09-18 12:24:11 <sipa> but the complement is otherwise useful too
193 2013-09-18 12:24:57 <sipa> (we've talked about changing the rule there to also trigger on highest-bit-set, rather than lowest-bit-set, as that will result in an average 0.5 byte size reduction per signature)
194 2013-09-18 12:26:05 <CodeShark> sipa: it's the field complement, no?
195 2013-09-18 12:26:16 <CodeShark> consider the case of F = real numbers
196 2013-09-18 12:26:17 <sipa> CodeShark: no, the order complement
197 2013-09-18 12:26:20 <TD> just prefixing the bad signature with a zero byte should also work, right?
198 2013-09-18 12:26:33 <CodeShark> oh, right - we're talking the signature - not the point
199 2013-09-18 12:26:34 <sipa> TD: eh, right!
200 2013-09-18 12:26:49 <sipa> that's much easier to implement, indeed
201 2013-09-18 12:27:08 <CodeShark> I should go to sleep :p
202 2013-09-18 12:27:18 <sipa> 
ACTION hibernates CodeShark

203 2013-09-18 12:28:04 <gavinandresen> 
ACTION hibernates

204 2013-09-18 12:28:23 <sipa> hmm, how many timezones are you two apart?
205 2013-09-18 12:28:39 <CodeShark> I think somewhere between 0 and 3
206 2013-09-18 12:29:10 <sipa> that would suprise me :)
207 2013-09-18 12:29:37 <sipa> 18 or so
208 2013-09-18 12:30:14 <CodeShark> the continental US only has 4 time zones
209 2013-09-18 12:30:21 <sipa> gavin is in australia
210 2013-09-18 12:30:25 <CodeShark> oh...
211 2013-09-18 12:30:28 <CodeShark> lol
212 2013-09-18 12:31:09 <CodeShark> time to turn on your text flipping plugin, sipa :p
213 2013-09-18 12:31:18 <sipa> ʇɥƃıɹ ǝɹ,noʎ
214 2013-09-18 12:40:55 <TD> cool
215 2013-09-18 12:41:14 <TD> someone who works at YubiCo is hacking together a YubiKey Neo that can be tapped against android phones to sign transactions
216 2013-09-18 12:41:26 <TD> (using HD wallet keys)
217 2013-09-18 12:41:30 <sipa> :o
218 2013-09-18 12:42:28 <TD> yeah they're using bitcoinj and announced what they're doing on the mailing list
219 2013-09-18 12:43:05 <sipa> so they actually have secp256k1 signing on the yubikey?
220 2013-09-18 12:43:35 <SomeoneWeird> neat!
221 2013-09-18 12:43:37 <CodeShark> I doubt it :p
222 2013-09-18 12:43:56 <TD> the premium version: http://www.yubico.com/products/yubikey-hardware/yubikey-neo/
223 2013-09-18 12:44:02 <TD> it's like a 20% project for the employee, it seems
224 2013-09-18 12:44:11 <TD> but he said they might release it, if it works out well
225 2013-09-18 12:45:15 <CodeShark> so you're talking about someone who is actually reprogramming the thing?
226 2013-09-18 12:45:18 <TD> yes
227 2013-09-18 12:45:42 <coingenuity> very cool
228 2013-09-18 12:45:43 <TD> it's a secure java smartcard inside
229 2013-09-18 12:45:47 <TD> so he's writing a bitcoin applet for it
230 2013-09-18 12:46:02 <coingenuity> thats cool
231 2013-09-18 12:46:04 <CodeShark> is the SDK public?
232 2013-09-18 12:46:16 <coingenuity> CodeShark: yeah, all their shit is open source
233 2013-09-18 12:46:43 <TD> i dunno if you can upload arbitrary applets to the neo
234 2013-09-18 12:46:53 <TD> however, the guy works for yubico, so it doesn't need to be open source
235 2013-09-18 12:46:55 <CodeShark> yeah, that's what I'm asking
236 2013-09-18 12:47:04 <TD> seems the neo is $50, so about half the price of the plastic trezor. however it has no display, of course.
237 2013-09-18 12:47:08 <CodeShark> if it were I might get on it myself :)
238 2013-09-18 12:47:11 <TD> so a compromised device can still grab all your moneyzz
239 2013-09-18 12:47:33 <SomeoneWeird> as with anything
240 2013-09-18 12:47:44 <SomeoneWeird> hmm
241 2013-09-18 12:47:48 <CodeShark> what about the input? doesn't it also have a button?
242 2013-09-18 12:47:51 <SomeoneWeird> i wonder if you could use the button like a password input
243 2013-09-18 12:47:52 <TD> well, no, trezor is specifically designed to solve that. however, it's probably a good way to handle the problem of physical theft of a phone. you can use a short pin
244 2013-09-18 12:48:08 <CodeShark> this is the solution I've been after for a while :p
245 2013-09-18 12:48:17 <CodeShark> but I'm not such an embedded sys guy
246 2013-09-18 12:48:17 <TD> CodeShark: it's NFC. so no button. you'd just enter the PIN on your phone then touch the neo to the back of your device
247 2013-09-18 12:48:23 <TD> you could keep it on a keyring or whatever
248 2013-09-18 12:48:26 <SomeoneWeird> TD, the nfc yubikeys have a button
249 2013-09-18 12:48:34 <TD> oh, ok.
250 2013-09-18 12:48:39 <TD> well, i guess it wouldn't be needed here
251 2013-09-18 12:48:42 <SomeoneWeird> so you can still use them normally
252 2013-09-18 12:48:44 <CodeShark> if you enter the pin on your phone, it's subject to logger attacks
253 2013-09-18 12:49:20 <SomeoneWeird> so... you use the button to enter a pin
254 2013-09-18 12:49:23 <CodeShark> the goal would be to remove all possibility of reprogramming the device without physical access
255 2013-09-18 12:49:47 <TD> it is irrelevant - if you can get malware on the phone you win anyway because you can ask the device to sign whatever tx you want
256 2013-09-18 12:49:52 <TD> it's really just about physical security, i guess
257 2013-09-18 12:50:03 <CodeShark> no, you could still be forced to confirm on the device
258 2013-09-18 12:50:22 <SomeoneWeird> if your device is compromised then no
259 2013-09-18 12:50:33 <CodeShark> the device cannot be reprogrammed without physical access
260 2013-09-18 12:50:47 <TD> but who cares about reprogramming it?
261 2013-09-18 12:50:53 <TD> if you can get malware onto your phone you control display+input
262 2013-09-18 12:51:00 <TD> the device will do whatever you want, if it's in range and connected
263 2013-09-18 12:51:08 <CodeShark> right, the device also needs output
264 2013-09-18 12:51:24 <CodeShark> but it needn't be a full-blown LCD display
265 2013-09-18 12:51:30 <CodeShark> it could even be a buzzer or a vibrator
266 2013-09-18 12:51:30 <TD> yes. trezor provides everything needed and it also fits on a keyring. but that's 2x the price even at the low end version
267 2013-09-18 12:51:42 <TD> well, no, again, how do you know it's signing what you think it's signing?
268 2013-09-18 12:51:50 <CodeShark> you encode it in the beeps
269 2013-09-18 12:51:51 <TD> you have to confirm using an on device display the identity you believe you're paying
270 2013-09-18 12:51:55 <TD> ...
271 2013-09-18 12:51:59 <SomeoneWeird> lmao
272 2013-09-18 12:52:04 <SomeoneWeird> output the address as morse code!
273 2013-09-18 12:52:06 <TD> haha
274 2013-09-18 12:52:10 <CodeShark> use a speech synth
275 2013-09-18 12:52:27 <CodeShark> or just prerecorded samples
276 2013-09-18 12:52:32 <SomeoneWeird> using a buzzer, suuuure
277 2013-09-18 12:52:41 <TD> no AFAICT it's kind of useless if you were to have a secure keystore/chip in the phone itself, but most androids don't have one
278 2013-09-18 12:52:42 <CodeShark> "buzzer" = piezoelectric speaker
279 2013-09-18 12:53:12 <CodeShark> like the things they put in greeting cards
280 2013-09-18 12:53:14 <TD> so it can be useful for that i guess. or as a way to easily pass money around in a physical form, that's more secure than a cascasius coin
281 2013-09-18 12:53:49 <TD> that might be the more interesting use case actually
282 2013-09-18 12:54:07 <CodeShark> anyhow, point is, an audio output device could be made much more compactly while having much greater throughput to the human nervous system
283 2013-09-18 12:55:06 <jgarzik> my security robot needs to understand English commands -- I need to find a speech recognition module that does not send all speech to an Apple data center ;p
284 2013-09-18 12:55:55 <TD> jgarzik: use one that sends it all to a google datacenter instead! :)
285 2013-09-18 12:56:52 <CodeShark> an alternative would be a laser that projects directly on your retina
286 2013-09-18 12:56:53 <jgarzik> all the open source software packages for speech-to-text tend to suck
287 2013-09-18 12:56:54 <CodeShark> :)
288 2013-09-18 12:57:07 <jgarzik> the best ones seem to be statistical, and have human help (apple, google)
289 2013-09-18 12:57:19 <SomeoneWeird> CodeShark, oh yes do that i will buy one
290 2013-09-18 12:57:31 <jgarzik> sadly not an option for a project that aims to protect your speech
291 2013-09-18 12:58:14 <TD> human help?
292 2013-09-18 12:58:30 <TD> actually google speech recognition can run offline and the quality drop isn't that big
293 2013-09-18 12:58:50 <TD> you basically get a neural net that was trained in a bigass datacenter, but the final result is small enough to run on a phone
294 2013-09-18 12:59:04 <TD> i mean, there _is_ a quality drop, but it's not unusably bad or anything.
295 2013-09-18 12:59:11 <jgarzik> TD, neat!
296 2013-09-18 12:59:36 <jgarzik> TD, as long as I can run it standalone on a Linux box, all good
297 2013-09-18 12:59:47 <TD> i think it's android only. so it depends whether you consider that a "linux box" :)
298 2013-09-18 13:00:23 <CodeShark> can't you emulate android on a "linux box"? :)
299 2013-09-18 13:01:59 <CodeShark> ok, perhaps that's not what jgarzik meant by standalone
300 2013-09-18 13:06:07 <jgarzik> my "security robot" project posits one or more servers (VPS's or whatever) coordinating to provide a singular robotic identity, with which you communicate.  The robot's first task is simply secure key storage and use, though one could see other non-security uses (like a Personal Assistant Robot).
301 2013-09-18 13:06:28 <jgarzik> I want to be able to call my robot on the phone (==SIP), give him some instructions, and let him take it from there.
302 2013-09-18 13:06:57 <TD> sort of like google now
303 2013-09-18 13:06:58 <CodeShark> that's called a secretary
304 2013-09-18 13:06:58 <jgarzik> the voice recognition module needs to fit on a Linux server somehow, even if emulating Android in a box
305 2013-09-18 13:07:32 <jgarzik> CodeShark, trouble is you either have to pay them or marry them
306 2013-09-18 13:07:37 <jgarzik> 
ACTION runs

307 2013-09-18 13:07:59 <sipa> jgarzik: procreation is also an option, i guess
308 2013-09-18 13:08:02 <CodeShark> if you marry them you can forget about faithful execution of requests :p
309 2013-09-18 13:08:39 <TD> haha
310 2013-09-18 13:08:48 <CodeShark> the last thing you want is a personal assistant that requires emotional attention and defies you if you don't provide it :p
311 2013-09-18 13:09:55 <CodeShark> "robot, did you do something new to with your threads? you're looking great!"
312 2013-09-18 13:10:00 <jgarzik> yeah, that complicates bitcoin transaction signing :)
313 2013-09-18 13:10:25 <jgarzik> More seriously, I plan to use this for things like oracles or other robots that hold or control funds
314 2013-09-18 13:10:47 <CodeShark> "robot, how about after this request I get you a new chassis?"
315 2013-09-18 13:11:08 <jgarzik> though admittedly voice recognition is an advanced feature for these purposes :)
316 2013-09-18 13:11:26 <CodeShark> couldn't voice be recorded and played back?
317 2013-09-18 13:11:37 <TD> yeah
318 2013-09-18 13:11:40 <TD> like autonomous agents?
319 2013-09-18 13:11:42 <jgarzik> CodeShark, well you want near-real time
320 2013-09-18 13:11:46 <TD> http://en.bitcoin.it/wiki/Agents
321 2013-09-18 13:11:47 <jgarzik> CodeShark, but yes
322 2013-09-18 13:12:02 <jgarzik> yes, this also pursues my goal of autonomous agents :)
323 2013-09-18 13:12:24 <jgarzik> in general it wants a "human communication layer", supporting email, voice, and other common methods
324 2013-09-18 13:12:28 <TD> i gave a talk on the topic of agents a fwe weeks ago
325 2013-09-18 13:12:38 <jgarzik> TD, putting code towards that goal...
326 2013-09-18 13:12:40 <TD> i am trying to get the organisers of that conf to put the videos online. will be annoyed if they  don't
327 2013-09-18 13:12:43 <jgarzik> (and a thousand other projects)
328 2013-09-18 13:12:53 <TD> i discussed how before you can have agents, you need a "TradeNet"
329 2013-09-18 13:13:06 <TD> like a p2p network that allows buyers and sellers to find each other and negotiate, all using standardised protocols
330 2013-09-18 13:13:13 <TD> because otherwise agents can't directly compete with humans
331 2013-09-18 13:13:31 <TD> the more you dig into the agents concept the deeper and more complicated it gets, really ....
332 2013-09-18 13:13:58 <jgarzik> TD, I also want to work on APIs and interfaces for hiring humans, which, Amazon Mechanical Turk nonwithstanding, the tools and interfaces are quite immature and primitive
333 2013-09-18 13:14:36 <jgarzik> Ideally my security robot should be able to post a proposal on bitcointalk, and handle responses
334 2013-09-18 13:14:49 <jgarzik> (specially formatted responses, parsing random English is a bit much, even with speech recog)
335 2013-09-18 13:15:40 <CodeShark> I prefer chat commands :p
336 2013-09-18 13:15:43 <TD> haha. you have no idea ;)
337 2013-09-18 13:15:54 <TD> i'd prefer to see hard protocols over a p2p network with GUIs for interaction
338 2013-09-18 13:16:06 <TD> no reason to bitcointalk some kind of SPOF
339 2013-09-18 13:16:24 <TD> but even deeper than some way to find and negotiate with agents, you need lots and lots of low trust protocols
340 2013-09-18 13:16:32 <jgarzik> TD, that was an example.  the general point being: the robot should be able to $post on $forum, and $read $responses
341 2013-09-18 13:16:33 <TD> otherwise agents are just gonna get killed instantly by greedy and much more intelligent humans
342 2013-09-18 13:16:58 <TD> well ..... maybe. i'm not so sure. you could sink a lot of time into working with interfaces designed for humans like forums and text.
343 2013-09-18 13:17:04 <jgarzik> nods.  not just low-trust protocols you need economics and game theory preventing cheating.
344 2013-09-18 13:17:18 <TD> i think trusted computing can go a long way actually
345 2013-09-18 13:17:19 <CodeShark> and possibly law
346 2013-09-18 13:17:25 <jgarzik> if you want to hire humans and work with humans, you go where the humans are.
347 2013-09-18 13:17:29 <jgarzik> that simple.
348 2013-09-18 13:17:31 <TD> in some cases it's the only solution. for instance, an agent wishes to rent some server time to run on
349 2013-09-18 13:17:37 <Ry4an> Cory Doctorow's Eastern Standard Tribe had a pretty good mockup of a mediated system wherein one character got a lawyer he'd never met working a jurisdiction he'd never visited vetted and tasked w/ reviewing a contract as a discretely tracked, escrowed work item.
350 2013-09-18 13:17:41 <TD> so it uploads itself to the new server, copies its wallet there ..... boom it's gone.
351 2013-09-18 13:17:51 <TD> to solve that you really need hardware security so the owner of the server can't steal the wallet
352 2013-09-18 13:18:18 <TD> intel SGX should make this a lot easier than it is today
353 2013-09-18 13:19:27 <jgarzik> hardware solutions are helpful, but ultimately you need to figure out ways to prevent the server owner stealing funds via access exclusion -- don't let them get access to 100% of the private keys ever
354 2013-09-18 13:19:57 <TD> that's hard.
355 2013-09-18 13:20:10 <TD> esp as the agent can be sybil attacked. how does it know the two best offers on the market aren't really from the same guy?
356 2013-09-18 13:20:52 <jgarzik> TD, bootstrapping that problem assumes the robot does not have existing, trusted servers to live on, and cannot test new solutions short/medium term
357 2013-09-18 13:21:16 <jgarzik> TD, StorJ post covers some of that
358 2013-09-18 13:21:57 <TD> yea, again, i bet it's easy for humans to come up with attacks on whatever algorithms you invent. the storj approach is fine as far as it goes (for a/b testing new code, etc) but having humans scam agents out of their wallets would be a big deal
359 2013-09-18 13:22:06 <TD> and you can't solve that with a/b testing
360 2013-09-18 13:23:51 <jgarzik> TD, "StorJ isn't smart enough to judge bad proposals on its own instead it forms agreements that make it unprofitable to cheat."
361 2013-09-18 13:24:03 <TD>  easy to say that!
362 2013-09-18 13:24:08 <jgarzik> hehe
363 2013-09-18 13:24:40 <jgarzik> Yah, those business models depend on investors placing above average faith and funds into the scheme
364 2013-09-18 13:25:05 <jgarzik> Which might not happen (current practice) or might happen (robots are valuable and useful in this new trust model)
365 2013-09-18 13:25:09 <TD> being an agent would sort of be like running a business in somalia or some other place where law enforcement has just broken down
366 2013-09-18 13:25:15 <TD> everyone would be out to get you
367 2013-09-18 13:25:27 <TD> a secure CPU in this case would be like your "home base"
368 2013-09-18 13:26:17 <jgarzik> TD, ultimately you cannot escape human awareness of the robot, and therefore human control
369 2013-09-18 13:26:25 <jgarzik> or if not control, DoS
370 2013-09-18 13:26:59 <TD> DoS, sure
371 2013-09-18 13:28:16 <jgarzik> Controlling when a robot is online or offline is a significant measure of control
372 2013-09-18 13:29:04 <jgarzik> That's why my security robot does Paxos and some other distributed coordination bits
373 2013-09-18 13:29:44 <jgarzik> A "robot" is defined a core identity (SIN, an ECDSA key scheme like bitcoin addresses).  One or more servers may participate in the singular identity.
374 2013-09-18 13:30:26 <sipa> as long as the singular identity isn't a singularity
375 2013-09-18 13:30:27 <jgarzik> It's not a botnet per se, because all are designed to Act As One, that is, reach a consensus on incoming commands, or actions to be taken
376 2013-09-18 13:30:43 <jgarzik> sipa, that's the 3D printing module...
377 2013-09-18 13:30:52 <jgarzik> once the robot owns a 3D printer and a smelter...
378 2013-09-18 13:30:55 <jgarzik> ;p
379 2013-09-18 13:31:14 <helo> and child laborers
380 2013-09-18 13:32:08 <TD> i have to say i'm very much looking forward to SGX
381 2013-09-18 13:32:20 <TD> it seems they finally designed a usable trusted computing platform that might actually work
382 2013-09-18 13:34:14 <TD> lolz. their case study is a secure video chat app - work sponsored by the DHS
383 2013-09-18 13:35:58 <sipa> TD: going to the meetup this evening?
384 2013-09-18 13:36:01 <TD> wow nice. 4 devs, 4 qa guys for 4 months to build the secure video chat prototype. size of the enclave, only 32mb
385 2013-09-18 13:36:07 <TD> sipa: the one with vitaly? i might do yes
386 2013-09-18 13:36:12 <TD> probably will
387 2013-09-18 13:36:13 <sipa> i probably will
388 2013-09-18 13:36:19 <sipa> i don't think i've met him
389 2013-09-18 13:42:53 <TD> sipa: yeah. the meetup with jon was good. it was huge
390 2013-09-18 13:42:59 <TD> the meetups have grown so much!
391 2013-09-18 14:19:44 <sipa> Timeout: aborting command ``/mnt/bitcoin/qa/pull-tester/pull-tester.sh'' with signal 9
392 2013-09-18 14:43:06 <TD> ah finally!
393 2013-09-18 14:43:12 <TD> someone serious is implementing the ripple p2p exchange concept
394 2013-09-18 14:43:14 <TD> https://github.com/zeroreserve/ZeroReserve/wiki
395 2013-09-18 14:45:53 <gmaxwell> cool.
396 2013-09-18 15:35:49 <TD> sipa: will you be eating dinner at the office?
397 2013-09-18 15:38:39 <sipa> TD: yeah
398 2013-09-18 15:38:59 <TD> sipa: let me know when you go down and i'll join you
399 2013-09-18 15:39:06 <TD> then i guess we can head over after that
400 2013-09-18 15:45:27 <imton> guys, I need a little of your help. I am building an a service using btcs. I am having trouble with private keys storage/handling.
401 2013-09-18 15:47:13 <imton> to put it simple, my problem is that when a person sells their btcs and they deposit them to us, from that time that the seller of btcs creates the a sell order, I need to be prepared to automatically transfer that btcs to the buyer when a buyer , well, buys.
402 2013-09-18 15:48:07 <imton> So, how can I securely store that address private key that the seller sent the btcs to to automatically transfer the btcs to the buyer when a buyer buys.?
403 2013-09-18 15:54:47 <kjj> you need a hot/cold wallet setup.
404 2013-09-18 15:57:44 <imton> kjj ok. but I think that can't resolve the problem. My ideal situation would be a way in that private keys are symmetrically encrypted so if in worst scenario an attacker get access to the DB get can't do nothing with the privkeys.
405 2013-09-18 15:58:37 <sipa> imton: who has the keys?
406 2013-09-18 15:58:48 <sipa> the symmetric encryption keys, i mean
407 2013-09-18 15:59:34 <imton> We have the priv keys, but my idea what to encrypt them with their password, so they only can "unlock" them.
408 2013-09-18 15:59:57 <imton> with AES 256.
409 2013-09-18 16:00:18 <sipa> how do they send you the key?
410 2013-09-18 16:00:27 <kjj> you ever hear of a man-in-the-middle?
411 2013-09-18 16:00:33 <imton> of course
412 2013-09-18 16:00:53 <imton> We tell sellers to send BTCs to "X" address.
413 2013-09-18 16:01:07 <imton> that creates an "sell order".
414 2013-09-18 16:01:33 <imton> It will all handled in a secure connection, HTTPS.
415 2013-09-18 16:01:37 <kjj> don't take this the wrong way, but you should seriously reconsider creating an exchange
416 2013-09-18 16:02:18 <imton> I have been months on this, so I will do it. I need to in fact :)
417 2013-09-18 16:03:18 <imton> anyways, my problem is that at the time the seller creates the order, if I have the private key encrypted he will be the only person able to "unlock"/decrypt that priv key.
418 2013-09-18 16:03:39 <imton> if a buyer buys his btcs say 10 hours later...
419 2013-09-18 16:03:53 <imton> I would need to ask the seller to enter the password
420 2013-09-18 16:04:08 <Belxjander> imton: well the security you are discussing is more for "immediate" buy and sell orders right ?
421 2013-09-18 16:04:24 <imton> an unlock it and at the same time the buyer ask the same to encrypt that priv key with the buyer pass. it does not make sense to do this way.
422 2013-09-18 16:04:34 <imton> Belxjander right...
423 2013-09-18 16:04:55 <imton> I need another strategy
424 2013-09-18 16:06:18 <Belxjander> imton: you can always "proxy" the key exchange and use pregenerated "garbage" tokens
425 2013-09-18 16:06:30 <imton> What I thought as a solution is that at the time the seller makes a sell order, I could decrypt the priv key at that time and let that priv key in plain text on the db until a buyer buys it and then encrypt it with buyer's pass.
426 2013-09-18 16:06:47 <Belxjander> imton: when the "buy" and "sell" happen... the buyer and seller can transfer direct and both "return" the tokens for the transaction
427 2013-09-18 16:06:54 <imton> Belxjander I am not sure I understand that...
428 2013-09-18 16:07:24 <Belxjander> imton: make your own keys and treat the DB itself as a security nightmare of a "hot wallet"...
429 2013-09-18 16:08:01 <Belxjander> imton: give each "buyer" and "seller" a token address in the DB (so the entire DB becomes a "wallet" and the tokens are addresses in the DB)
430 2013-09-18 16:08:13 <sipa> imton: why creates thiese keys?
431 2013-09-18 16:08:16 <sipa> imton: you, or them?
432 2013-09-18 16:08:53 <Belxjander> imton: its a really obnoxious problem and then some
433 2013-09-18 16:09:13 <Belxjander> imton: as you have to default to distrust everything and only have anything happen after confirmation
434 2013-09-18 16:13:11 <imton> sipa: I create the address when the seller creates a sell order. Immediately I encrypt the priv key with the user password (i ask them to enter it again)
435 2013-09-18 16:13:58 <sipa> ok, so what is the problem?
436 2013-09-18 16:14:46 <sipa> it seems weird to rely on your users' own security to protect a key you're managing
437 2013-09-18 16:15:09 <sipa> (also consider the case where they lose the password and blame you for not being able to recover it)
438 2013-09-18 16:16:20 <imton> sipa: the idea is to encrypt the private key twice. 1) symmetrically with user pass AES256 and 2) asymmetrically RSA with a Pub Key of ours. In case of recovery/pass lost, they will need to contact us. makes sense?
439 2013-09-18 16:19:36 <imton> The problem is this. Me -seller- create a sell order. It asks me my password again, the services encrypt the priv key with his pass, and then it tells me to send the BTCs to X address. Then the seller  put that order on the marketplace to sell.  A buyer can only buys others people (sellers) orders entirely.
440 2013-09-18 16:20:59 <Belxjander> imton: an "all or nothing" approach?
441 2013-09-18 16:21:18 <Belxjander> imton: I just outlined an idea in PM which may let you allow partials as well
442 2013-09-18 16:21:35 <Belxjander> or at least a "change address" enabled approach
443 2013-09-18 16:22:10 <imton> If I decrypt that seller's order privkey at the time he puts the order to sell, from the time that order is "waiting for a buyer" till a buyers buy, in the worst scenario an attacker takes control of the db he can read that privkey in plain text.
444 2013-09-18 16:22:44 <gmaxwell> imton: I'm not sure why you're going through all this complexity for a sevice where you can still steal all the coins, seems like a pretext.
445 2013-09-18 16:23:10 <imton> gmaxwell: you mean "us" as a service?
446 2013-09-18 16:23:19 <imton> well, yes, of course, but we won't.
447 2013-09-18 16:23:28 <gmaxwell> until you get hacked.
448 2013-09-18 16:23:31 <gmaxwell> or "hacked"
449 2013-09-18 16:23:39 <imton> well, that is what I am trying to solve.
450 2013-09-18 16:23:40 <imton> :)
451 2013-09-18 16:23:53 <imton> or say.. prevent.
452 2013-09-18 16:23:55 <Belxjander> gmaxwell: I just outlined an idea to him in private... which kind of defeats the sysadmin access problem as well
453 2013-09-18 16:24:01 <gmaxwell> except, it doesn't the hacker has the same capability you do, they just lurk capturing all the keys.
454 2013-09-18 16:24:45 <Belxjander> gmaxwell: maybe I should outline here what I threw at him in PM ?
455 2013-09-18 16:24:55 <gmaxwell> If you instead escrow coins to prevent doublespending you could make theft basically impossible, but making the UI workable is another matter.
456 2013-09-18 16:24:57 <Belxjander> maybe you can spot a hole I can't see with my sleep addled brain?
457 2013-09-18 16:25:11 <gmaxwell> This is really not the forum for service discussions. :-/
458 2013-09-18 16:25:20 <gmaxwell> (but we don't really have a better one)
459 2013-09-18 16:25:24 <Belxjander> is -tech better ?
460 2013-09-18 16:25:59 <gmaxwell> probably.
461 2013-09-18 16:26:14 <Belxjander> well I am already there as well
462 2013-09-18 16:30:42 <imton> gmaxwell: I thought using escrow but I don't think that would solve the problem, oh I am a UI/UX designer, so that won't be a problem at all :) I need help in the other internal part :)
463 2013-09-18 16:31:03 <Belxjander> imton: I'm better with underlying systems myself
464 2013-09-18 16:31:08 <imton> gmaxwell using escrow how would you solve that problem?
465 2013-09-18 16:31:21 <Luke-Jr> imton: UI eh? what do you think of this? http://luke.dashjr.org/tmp/code/20130830-ReceiveMockup.png
466 2013-09-18 16:31:23 <Belxjander> just a bit braindead due to lack of sleep
467 2013-09-18 16:32:05 <imton> Luke-Jr: you mean, what do I think about the UI?
468 2013-09-18 16:32:24 <Luke-Jr> well, yeah. it's a mockup, there's nothing except UI there :P
469 2013-09-18 16:32:57 <Luke-Jr> the technical goal is to prevent people from using addresses more than once
470 2013-09-18 16:33:54 <TD> i think we'll need something like that for making payment requests
471 2013-09-18 16:34:06 <imton> Luke-Jr ok let me see
472 2013-09-18 16:40:48 <imton> Luke-Jr I don't see anything wrong with that UI, it's pretty simple and that a good thing. Aesthetically I would try to remove as much borders as possible, fix spaces between UI elements to be more consistent and more clean.
473 2013-09-18 16:41:40 <sipa> TD: food?
474 2013-09-18 16:41:48 <TD> yeah. see you in milliways?
475 2013-09-18 16:41:52 <sipa> oki
476 2013-09-18 16:41:56 <Luke-Jr> lol
477 2013-09-18 16:45:23 <Ry4an> Luke-Jr: "Enter the name of who this payment will be from" might be better as "Enter the name of the payer"
478 2013-09-18 16:45:33 <Ry4an> or something like it, that original is pretty contorted.
479 2013-09-18 16:48:29 <imton> Luke-Jr I agree with Ry4an and also, the first time I used bitcoin-qt I just couldn't understand what "label"  was for
480 2013-09-18 16:48:43 <imton> So I think label should be re-written or explained in another way.
481 2013-09-18 16:49:00 <imton> "Enter a label for this transaction" doesn't explain much.
482 2013-09-18 16:49:34 <imton> and in "Amount"  maybe a "0.00" placeholder would be nice.
483 2013-09-18 16:50:56 <Luke-Jr> s/label/notes?
484 2013-09-18 16:52:03 <Ry4an> "memo" is the name US-ians are used to using to describe transactions on our checks and online banking, but I've no illusions that's universal
485 2013-09-18 17:03:23 <imton> the first time I used bitcoin-qt I thought "label" was part of the "bitcoin protocol" it self, but it turned out to be only something for internal practical use. What I mean, I thought everyone would see that text and that prevented me to enter a real label that would have been useful. Maybe if we explain that it won't be transmitted...
486 2013-09-18 17:03:48 <numismatics> who are (are there any) the osx developers for bitcoin-qt?
487 2013-09-18 17:04:26 <Luke-Jr> "Private memo"?
488 2013-09-18 17:04:32 <Luke-Jr> numismatics: just Gavin I think
489 2013-09-18 17:05:04 <numismatics> i'd really like to help, talk to him?
490 2013-09-18 17:05:13 <gmaxwell> The person who has been working on autotools for us is also on OSX.
491 2013-09-18 17:05:20 <gmaxwell> (cfields)
492 2013-09-18 17:05:21 <Luke-Jr> numismatics: help with what?
493 2013-09-18 17:05:33 <gmaxwell> numismatics: you don't need to talk to gavin to help— if you want to help... Help!
494 2013-09-18 17:05:34 <numismatics> contribute to bitcoin-qt development
495 2013-09-18 17:05:44 <numismatics> heh, kick ass!
496 2013-09-18 17:06:16 <numismatics> is there a mailing list? what needs looking at?
497 2013-09-18 17:07:22 <Luke-Jr> numismatics: if you're looking to do some GUI stuff, perhaps implementing this would be a good start: http://luke.dashjr.org/tmp/code/20130830-ReceiveMockup.png
498 2013-09-18 17:07:42 <Luke-Jr> otoh, that might actually be more complicated than it looks
499 2013-09-18 17:07:44 <gmaxwell> numismatics: bitcoin-development, also the issue tracker and pulls on github are good background. The bigger question is what you want to work on?
500 2013-09-18 17:07:53 <imton> Luke-Jr: may be just "Enter a label for this transaction (won't be sent to the bitcoin network)" or something like that
501 2013-09-18 17:08:28 <gmaxwell> A good way to get started is to start testing other people's pulls and providing feedback, while working on whatever interests you personally. (though to avoid wasting your time, you should let people know if you're planning on working on anything big)
502 2013-09-18 17:08:28 <imton> gmaxwell: I could help on UI
503 2013-09-18 17:08:44 <Luke-Jr> maybe a Sign/Verify for transactions (ie, the sending side) would be easy
504 2013-09-18 17:08:47 <gmaxwell> More people working on the UI is good. The UI is underserviced.
505 2013-09-18 17:09:13 <numismatics> understood, I'll start by reading up github's issue tracker
506 2013-09-18 17:32:09 <midnightmagic> cfields: I don't suppose you've managed to get your OSX bitcoind install into that weird OSX-only broken state?
507 2013-09-18 17:32:31 <jgarzik> ouch
508 2013-09-18 17:32:36 <jgarzik> 80+ BTC tx fee:
509 2013-09-18 17:32:37 <jgarzik> http://blockchain.info/tx/258478e8b7a3b78301661e78b4f93a792af878b545442498065ab272eaacf035
510 2013-09-18 17:38:44 <sturles> Bet this user checks his hand crafted transactions better next time..
511 2013-09-18 17:39:12 <Cusipzzz> sturles: same user did it multiple times with > 1btc fee in each, there is a thread on it.
512 2013-09-18 17:39:32 <Cusipzzz> at first i thought it was laundering with the pool owner consent, but these txns have been mined by many different pools
513 2013-09-18 17:41:13 <Cusipzzz> so, we're left with user error
514 2013-09-18 18:02:21 <cfields> midnightmagic: which state is that?
515 2013-09-18 18:05:27 <midnightmagic> cfields: I thought there was a problem where the block database mechanism (I think chainstate) would end up in a corrupt form and the block database would need reindexing but just on OSX.
516 2013-09-18 18:06:19 <cfields> midnightmagic: yes, i hit that yesterday. And i have a pristine chainstate dir if you'd like to have a look
517 2013-09-18 18:06:32 <gmaxwell> cfields: what you hit is not something that other people have reported.
518 2013-09-18 18:06:45 <gmaxwell> Go look at the reports, different error.
519 2013-09-18 18:07:01 <gmaxwell> (though what you hit is interesting too, leveldb isn't supposted to do that! f@#$@ leveldb)
520 2013-09-18 18:07:31 <cfields> oh, then i suppose not
521 2013-09-18 18:07:51 <gmaxwell> midnightmagic: all (?) reports on OSX since 0.8.4 are now read errors on block files. I _believe_ I fixed that a couple days ago.
522 2013-09-18 18:08:32 <gmaxwell> Though if someone wants to look at cfields database that would perhaps be good!
523 2013-09-18 18:09:53 <midnightmagic> gmaxwell: commitid (and/or branch?)
524 2013-09-18 18:10:06 <midnightmagic> super curious about that, personally.
525 2013-09-18 18:10:54 <gmaxwell> midnightmagic: e7bad10c12ce9b5d424ac273c1c977b88469d46c
526 2013-09-18 18:16:50 <gmaxwell> cfields: was your leveldb run with a 32 bit binary?
527 2013-09-18 18:17:10 <cfields> no
528 2013-09-18 18:23:42 <imton> sipa: In your watch-only patch/pull... when importing a new address, the indexing times hangs/freezes something?
529 2013-09-18 18:23:46 <imton> *time
530 2013-09-18 18:45:00 <warren> gmaxwell: copying from your xiph example that uses intrin.h on windows builds for cpuid, does xiph use mingw or that's available only on MSVC?
531 2013-09-18 18:48:05 <gmaxwell> warren: it's part of the windows API, and works fine both in mingw and in MSVC.
532 2013-09-18 18:50:07 <warren> I don't see intrin.h in mingw anywhere
533 2013-09-18 18:52:57 <gmaxwell> warren: then look harder? It's part of the win32 API.
534 2013-09-18 18:53:29 <warren> gmaxwell: searching google, it seems mingw32 was missing it until later versions than what we have in gitian
535 2013-09-18 18:53:52 <gmaxwell> then use inline asm
536 2013-09-18 18:54:28 <jgarzik> warren, PS I already gave you portable inline asm cpuid code
537 2013-09-18 18:54:57 <warren> inline asm doesn't work on windows 64
538 2013-09-18 18:55:18 <gmaxwell> ... you always have SSE2 there.
539 2013-09-18 18:55:31 <warren> true
540 2013-09-18 18:55:37 <warren> gah... stupid mess
541 2013-09-18 18:55:45 <gmaxwell> you also cannot compile with mingw32 for that.
542 2013-09-18 18:55:45 <jgarzik> inline asm works just fine on windows 64
543 2013-09-18 18:55:52 <warren> jgarzik: not with MSVC
544 2013-09-18 18:55:56 <gmaxwell> jgarzik: MSVC doesn't allow it.
545 2013-09-18 18:56:01 <jgarzik> mingw64 will
546 2013-09-18 18:56:04 <jgarzik> ;p
547 2013-09-18 18:56:30 <jgarzik> debian/fedora both have mingw64 sets, IIRC
548 2013-09-18 18:57:06 <warren> jgarzik: I'm trying to write something generic for submission to bitcoin that will work on mingw32 (old version in gitian), mingw64 (future gitian) and MSVC
549 2013-09-18 18:57:07 <gmaxwell> warren: this is how theora does cpuid: http://0bin.net/paste/QJpExlxUWl5jxnDX#6xH9PfJHjGzzV3wd9nRr2h8ZfYjcmbWcLQoOxAxK8/0=
550 2013-09-18 18:57:50 <warren> gmaxwell: so just forget about MSVC?
551 2013-09-18 18:58:16 <jgarzik> http://software.intel.com/en-us/articles/cpuid-for-x64-platforms-and-microsoft-visual-studio-net-2005
552 2013-09-18 18:58:52 <jgarzik> if we haven't dropped MSVC support by now, I think it's dead Jim
553 2013-09-18 18:59:01 <warren> I don't actually have MSVC, but I suppose I could get it as a member of Apache Foundation... not sure if I'm required to use it only on Apache Foundation dev though.
554 2013-09-18 18:59:05 <gmaxwell> warren: if you care aboue MSVC use the __cpuid() there?
555 2013-09-18 18:59:35 <gmaxwell> warren: everyone can get it at no cost (they have some basic version available for gratis, AFAIK)
556 2013-09-18 18:59:37 <warren> gmaxwell: I copied the __cpuid() from your earlier xiph example, only now to discover mingw32 lacks intrin.h
557 2013-09-18 18:59:57 <gmaxwell> old ass mingw32.
558 2013-09-18 19:00:05 <gmaxwell> :)
559 2013-09-18 19:00:13 <warren> I didn't pick the version. =)
560 2013-09-18 19:03:35 <gmaxwell> I don't have any great advice for you, making inherently non-portable functionality portable is messy. The important thing is to move all the messyness out of the way.
561 2013-09-18 19:04:00 <gmaxwell> If it were easy to be clean we'd probably already have arch specific sha256 code.
562 2013-09-18 19:05:25 <warren> do we have ANYONE using MSVC?
563 2013-09-18 19:05:41 <warren> if not I'll just dump __cpuid()
564 2013-09-18 19:06:26 <warren> jgarzik: to be more precise 64bit MSVC dropped support for inline asm
565 2013-09-18 19:06:37 <jgarzik> "i think it's dead Jim" -->> note lack of msvc makefiles in bitcoin.git
566 2013-09-18 19:07:01 <gmaxwell> warren: you just make it so that you don't get the SIMD if you don't have inline asm. ... which would be the case if the code was using sane inline asm instead of that intrensic crud in any case. :)
567 2013-09-18 19:07:17 <gmaxwell> no need to make the MSVC problems worse.
568 2013-09-18 19:07:26 <jgarzik> I'm trying to recall, and too lazy to check git, whether MSVC build support was dropped a while ago, or just in the recent autoconf switch.
569 2013-09-18 19:07:43 <warren> autoconf switch is still missing things
570 2013-09-18 19:07:52 <gmaxwell> That 2112 guy on the forum enjoys calling us incompetent because of problems building with MSVC, no clue if it works currently or not.
571 2013-09-18 19:08:10 <jgarzik> nobody builds with it
572 2013-09-18 19:08:33 <gmaxwell> It's certantly not a tested or supported platform. Increasing incompatiblity gratitiously is not desirable, but I don't see any problem with "don't have this smaller set of compilers, don't get the asm stuff"
573 2013-09-18 19:10:04 <warren> gmaxwell: where does OC_X86_ASM come from?  that doesn't seem to be in the preprocessor defines at least in our gitian toolchain
574 2013-09-18 19:13:44 <gmaxwell> warren: thats a libtheora specific define that gets set by autotools. Obviously you wouldn't use that.
575 2013-09-18 19:14:58 <warren> dropping MSVC compat for now
576 2013-09-18 19:15:29 <gmaxwell> Does that mean that you're going to gratitiously break MSVC or just not support the SIMD on it?
577 2013-09-18 19:15:39 <jgarzik> hrm.  Anybody know whether retroshare.sourceforge.net security is any good?
578 2013-09-18 19:15:55 <jgarzik> 
ACTION doesn't find any deep-dives into the tech, based on a quick google

579 2013-09-18 19:16:00 <warren> gmaxwell: I don't have the cycles to actually test MSVC, I'll try to avoid SIMD on it.
580 2013-09-18 19:16:07 <warren> but won't test it
581 2013-09-18 19:16:45 <swulf--> what do you need tested?
582 2013-09-18 19:16:51 <edcba> using msvc with bitcoin has been challenging from the beginning...
583 2013-09-18 19:17:23 <warren> Satoshi was a Windows dev who didn't use MSVC?
584 2013-09-18 19:18:12 <edcba> you really think he was a "windows dev" ?
585 2013-09-18 19:18:35 <warren> He was something...
586 2013-09-18 19:19:10 <edcba> i wonder how the fist windows binaries were built
587 2013-09-18 19:19:30 <edcba> i'd bet on some cygwin thing
588 2013-09-18 19:20:35 <gmaxwell> jgarzik: my email mailbox contains 46 mentions of it. about 25% of them are from people I consider dangerously clueless, I see no real mention if it by anyone I consider compent, the closest I have to that is this thread: https://emu.freenetproject.org/pipermail/devl/2011-July/035670.html
589 2013-09-18 19:20:55 <jgarzik> edcba, first bitcoin ?  probably MSVC.  first bitcoin was windows-only.
590 2013-09-18 19:21:25 <gmaxwell> My understanding is that its a boring and conventional p2p sharing tool which requires its users to basically join a darnetish VPN to run it over.
591 2013-09-18 19:22:53 <jgarzik> some in the BitPay office really like cjdns
592 2013-09-18 19:23:07 <gmaxwell> My recollection is that it used overly grand claims for its security model, while having the expected darknet weaknesses. E.g. if a friend of a friend invites a badguy into your clubhouse the security model is violated.
593 2013-09-18 19:23:12 <jgarzik> I don't think friend-to-friend connections will ever create a network of any size
594 2013-09-18 19:23:32 <gmaxwell> cjdns Is technically pretty interesting.
595 2013-09-18 19:23:48 <jgarzik> the ipv6 trick is cute.
596 2013-09-18 19:25:06 <gmaxwell> The way the routing resists the typical DHT attacks is neat... basically to capture traffic you need to both do a dht attack and have peerings near the traffic sources you are trying to capture. .. sadly, that means it can't really be secure in an open network.
597 2013-09-18 19:28:42 <cfields> gavinandresen: ping
598 2013-09-18 19:28:57 <cfields> gavinandresen: when you get a few, could you please drop the updated win32 deps on the pull-tester?
599 2013-09-18 19:29:29 <cfields> i noticed that win32 is currently busted, but the pull-tester didn't pick it up because the win32 test-build is currently disable
600 2013-09-18 19:30:06 <cfields> i'm about to PR the fix
601 2013-09-18 19:45:09 <warren> gmaxwell: I guess I can ifdef _MSC_VER to avoid SIMD
602 2013-09-18 19:49:37 <midnightmagic> maybe it can't be rigourly built, but transitive trust models can sure make things a lot easier to manage.
603 2013-09-18 19:59:34 <Luke-Jr> edcba: the original client was Windows only
604 2013-09-18 19:59:56 <Luke-Jr> woops, jgarzik got that already