1 2013-10-16 00:12:45 <super3> can i get some feedback on my pull? https://github.com/bitcoin/bitcoin/pull/3085
  2 2013-10-16 00:57:57 <warren> wumpus: seems -commits is dead
  3 2013-10-16 01:39:42 <Luke-Jr> warren: has been for months
  4 2013-10-16 01:39:45 <Luke-Jr> CIA died
  5 2013-10-16 02:18:11 <gmaxwell> warren: so I finally got a chance to look at the redhat openssl rpms.
  6 2013-10-16 02:22:23 <warren> gmaxwell: oh?
  7 2013-10-16 02:27:49 <pigeons> they were configured without ecdsa last i saw
  8 2013-10-16 02:31:54 <gmaxwell> warren: they are not !@#!@ ABI compatible with our prior RPMS, but they're API compatible.
  9 2013-10-16 02:32:54 <warren> not surprised.
 10 2013-10-16 02:39:46 <warren> gmaxwell: looking at various bitcoin rpms out there
 11 2013-10-16 02:40:49 <warren> gmaxwell: do you agree with the packages that auto-create a rpc password and put the blockchain in /var somewhere by default?  not sure how I feel about that.
 12 2013-10-16 02:41:00 <gmaxwell> warren: I suspect what we should do is just do an rpm of 0.9 when it is released.
 13 2013-10-16 02:41:16 <gmaxwell> warren: iieieer not so sure about that.
 14 2013-10-16 02:41:39 <warren> gmaxwell: if we don't get involved now, someone else will push a package through the review process without our input
 15 2013-10-16 02:43:02 <gmaxwell> so we have to have a race to the bottom? crappiest package wins?  The reason I was suggesting packaging 0.9 is because the build procedure is entirely changing for it.
 16 2013-10-16 02:43:42 <warren> that's true, but packaging the old version is 1) already done and 2) straightforward.  we just need to oppose things we don't want in the later package.
 17 2013-10-16 02:44:02 <warren> if we disagree with the auto rpc password and putting it in /var/somewhere then we need to speak up
 18 2013-10-16 02:44:10 <gmaxwell> warren: where is a package that is doing that?
 19 2013-10-16 02:44:49 <warren> I haven't looked at it for a few months, looking at least version
 20 2013-10-16 02:44:51 <warren> latest
 21 2013-10-16 02:44:57 <warren> http://linux.ringingliberty.com/bitcoin/
 22 2013-10-16 02:45:54 <warren> putting it into /var was for a custom selinux policy that it installs
 23 2013-10-16 02:46:03 <warren> but that can be done in homedirs too
 24 2013-10-16 02:47:03 <warren> grrr.... btrfs is screwing up again
 25 2013-10-16 02:51:23 <warren> +    return fs::path("/var/lib/bitcoin");
 26 2013-10-16 02:51:26 <gmaxwell> ...
 27 2013-10-16 02:51:33 <gmaxwell> yea this rpm sucks
 28 2013-10-16 02:51:33 <warren> +    if (!pathPidFile.is_complete()) pathPidFile = boost::filesystem::path("/var/run") / pathPidFile;
 29 2013-10-16 02:51:47 <gmaxwell> it patches a bunch of crap that it didn't need to.
 30 2013-10-16 02:51:52 <warren> gmaxwell: just saying we need to be involved in the review process to torpedo dumb things or we'll never be able to remove it
 31 2013-10-16 02:51:56 <gmaxwell> -   -l boost_system$(BOOST_LIB_SUFFIX) \
 32 2013-10-16 02:52:20 <gmaxwell> +   -l boost_system-mt$(BOOST_LIB_SUFFIX) \
 33 2013-10-16 02:52:24 <warren> that includes getting sane default selinux policies into upstream selinux-policy
 34 2013-10-16 02:52:31 <gmaxwell> ... wtf the enviroment variable is there for that exact reason.
 35 2013-10-16 02:53:29 <warren> /usr/sbin/bitcoind       <--- does it really belong there?
 36 2013-10-16 02:54:15 <gmaxwell> no, sbin is for system essential stuff.
 37 2013-10-16 02:55:30 <warren>  /var/lib/bitcoin(/.*)?          gen_context(system_u:object_r:bitcoin_var_lib_t,s0)
 38 2013-10-16 02:55:38 <warren> do we want this at all, or at least as an option?
 39 2013-10-16 02:56:01 <warren> we probably want selinux to enforce both in a system location and homedir
 40 2013-10-16 02:56:58 <gmaxwell> oh crap
 41 2013-10-16 02:57:23 <gmaxwell> this introduces a security vulnerability.
 42 2013-10-16 02:57:25 <warren> it seems I was wrong about auto rpc password setting, that's ubuntu I thnk
 43 2013-10-16 02:58:25 <gmaxwell> warren: are people actually using this package?
 44 2013-10-16 02:58:55 <warren> gmaxwell: it's the top hit on google for fedora bitcoin
 45 2013-10-16 02:58:58 <warren> =(
 46 2013-10-16 02:59:16 <warren> gmaxwell: I made that patch for openssl because I didn't want to run anything written by this person.
 47 2013-10-16 02:59:29 <warren> gmaxwell: he even got donations for this package =)
 48 2013-10-16 03:00:51 <gmaxwell> I'm not sure how we need to go about announcing a security issue in a non-distro package. :(
 49 2013-10-16 03:01:34 <warren> presumably contact the maintainer ... make him fix it, then announce?
 50 2013-10-16 03:01:41 <gmaxwell> ugh.
 51 2013-10-16 03:01:57 <gmaxwell> this also forces the creation of a DB_CONFIG with set_flags DB_LOG_AUTOREMOVE
 52 2013-10-16 03:02:25 <warren> ooh
 53 2013-10-16 03:02:37 <warren> it does set a password ...
 54 2013-10-16 03:02:57 <gmaxwell> yes. Using rand().
 55 2013-10-16 03:03:16 <gmaxwell> Thats the aformentioned security problem.
 56 2013-10-16 03:03:47 <gmaxwell> fortunately it doesn't set a non-local listening settings too.. at least one saving grace.
 57 2013-10-16 03:22:27 <warren> gmaxwell: hmm, something is odd about these .rpm files
 58 2013-10-16 03:22:44 <warren> gmaxwell: and there's one complaint on the forum about it failing its GPG check
 59 2013-10-16 03:24:45 <gmaxwell> warren: ::sigh::
 60 2013-10-16 03:24:52 <gmaxwell> confirmed, rpcpassword generation is insecure.
 61 2013-10-16 03:26:44 <gmaxwell> perl calls glibc rand/srand, and regardless of how its initilized (I saw some docs that say /dev/urandom, but I don't see that code), it only has 32 bits of state, and I was able to produce collisions.
 62 2013-10-16 03:27:31 <gmaxwell> (In 410000 runs I got 409981 unique rpc passwords)
 63 2013-10-16 03:28:26 <warren> that's mostly* good!
 64 2013-10-16 03:29:40 <gmaxwell> no, it's not good at all.
 65 2013-10-16 03:29:59 <gmaxwell> it means that with 2^32 attempts you are guarenteed to guess any rpc password.
 66 2013-10-16 03:30:31 <gmaxwell> oh man, this guy is the jacob appelbaum imposter guy.
 67 2013-10-16 03:31:54 <warren> I'm bad at jokes.
 68 2013-10-16 03:32:44 <gmaxwell> sorry, I'm bad at jokes too.
 69 2013-10-16 03:53:17 <gmaxwell> warren: you sort out what else you thought was weird about it?
 70 2013-10-16 03:54:24 <warren> gmaxwell: rpm was unable to install the .src.rpm into a non-root user's homedir, had to use rpm2cpio
 71 2013-10-16 04:01:17 <gmaxwell> warren: I think that use with the gpg failure just didn't have the gpg key installed.
 72 2013-10-16 04:02:52 <gmaxwell> that same file verifies for me with the key on the website.. of course there appears to be absolutely no way to verify that key: its not signed by anything or used anywhere else on the internet.
 73 2013-10-16 04:03:51 <warren> ok, I suppose if the source matches there's nothing malicious in the .src.rpm
 74 2013-10-16 04:04:08 <warren> I can't explain why I can't install the .src.rpm
 75 2013-10-16 04:06:56 <gmaxwell> warren: what error do you get?
 76 2013-10-16 04:07:39 <warren> error: unpacking of archive failed on file /home/test/rpmbuild/SPECS/bitcoin.spec: cpio: rename failed - No space left on device
 77 2013-10-16 04:07:44 <warren> gmaxwell: which doesn't seem to be true
 78 2013-10-16 04:07:54 <warren> I thought btrfs was screwing up, but nothing else is having problems
 79 2013-10-16 04:08:15 <warren> I moved /home/test to ext4 and same problem
 80 2013-10-16 04:08:30 <dizko> out of inodes?
 81 2013-10-16 04:08:35 <warren> "rpm2cpio ...rpm |cpio -id" on the same directory works fine
 82 2013-10-16 04:24:43 <Tril> warren: /tmp out of space then?
 83 2013-10-16 04:25:03 <warren> Tril: 3.8G available
 84 2013-10-16 04:25:25 <Tril> I'd prefix the command with 'strace' then.
 85 2013-10-16 04:26:22 <warren> I'm able to install other .src.rpm's in that non-root user.
 86 2013-10-16 04:26:29 <warren> not going to waste my time on this
 87 2013-10-16 04:52:57 <michagogo> cloud|Re: Fedora packages: Are we (you?) also involved in other distros' packages? I know BlueMatt has his ppa, but Ubuntu ships an old (and maybe badly patched? No idea) version
 88 2013-10-16 04:55:04 <michagogo> cloud|(At least they did as of a couple weeks ago)
 89 2013-10-16 05:20:50 <Luke-Jr> michagogo|cloud: I handle Gentoo
 90 2013-10-16 05:29:15 <michagogo> cloud|That's the one where packages are just the source, right?
 91 2013-10-16 05:34:13 <Luke-Jr> michagogo|cloud: more or less
 92 2013-10-16 05:47:36 <michagogo> cloud|;;later tell sipa You may want to bump the scale on your graph in advance... Around 6-7 hours from now, [diffchange]
 93 2013-10-16 05:47:43 <gribble> The operation succeeded.
 94 2013-10-16 08:11:01 <HM2> 
ACTION pokes Application

 95 2013-10-16 10:42:46 <gribble> sipa was last seen in #bitcoin-dev 11 hours, 20 minutes, and 53 seconds ago: <sipa> ok
 96 2013-10-16 10:42:46 <michagogo> cloud|;;seen sipa
 97 2013-10-16 10:51:01 <mikey> Anybody know if 50btc has an irc chan?
 98 2013-10-16 11:07:31 <sipa> michagogo|cloud: saw it
 99 2013-10-16 11:08:28 <sipa> my vps ran out of diskspace
100 2013-10-16 11:21:16 <sipa> michagogo|cloud, gmaxwell: updated
101 2013-10-16 11:23:48 <gmaxwell> sipa: I saw. :) does your disk space usage grow with the hashrate?
102 2013-10-16 11:24:08 <sipa> yeah, i log every hash computer by the network
103 2013-10-16 11:24:25 <TD> haha
104 2013-10-16 11:24:30 <TD> well disk space is cheap
105 2013-10-16 11:25:03 <gmaxwell> yea. whats 2.5 petawrites per second on a modern VPS? pfft. no biggie
106 2013-10-16 11:25:09 <sipa> ;;calc [nethash]*86400*1000000/2**30
107 2013-10-16 11:25:10 <gribble> 196703395.407
108 2013-10-16 11:25:15 <sipa> ;;calc [nethash]*86400*1000000/2**50
109 2013-10-16 11:25:16 <gribble> 187.59097615
110 2013-10-16 11:25:24 <sipa> ;;calc [nethash]*86400*1000000/2**50*32
111 2013-10-16 11:25:25 <gribble> 6002.91123679
112 2013-10-16 11:25:32 <gribble> 5.86221800468
113 2013-10-16 11:25:32 <sipa> ;;calc [nethash]*86400*1000000/2**60*32
114 2013-10-16 11:25:39 <sipa> 6 exabytes per day :(
115 2013-10-16 11:26:54 <TD> the graph i really like the most, though, is this one: http://blockchain.info/charts/n-transactions-excluding-popular?timespan=all&showDataPoints=false&daysAverageString=1&show_header=true&scale=0&address=
116 2013-10-16 11:27:05 <TD> it's also got the right general curve, albeit noisily
117 2013-10-16 11:44:39 <c0rw1n> hay ok. then "if that curve goes on forevurr", how long do we have until btc has so many transactions per block, that most any block's fees would be over the coinbase amount?
118 2013-10-16 11:45:06 <sipa> never
119 2013-10-16 11:45:11 <sipa> (1MB block size limit)
120 2013-10-16 11:45:36 <c0rw1n> like that limit is hardcoded forever?
121 2013-10-16 11:45:46 <sipa> it can be changed with a hard fork
122 2013-10-16 11:46:11 <sipa> (of course, everything can be changed with a hard fork)
123 2013-10-16 11:46:21 <TD> what do you mean "over the coinbase amount"?
124 2013-10-16 11:46:27 <TD> you mean "fees would be larger than 25btc" ?
125 2013-10-16 11:46:29 <c0rw1n> no
126 2013-10-16 11:46:30 <sipa> he means the subsidy i guess
127 2013-10-16 11:47:01 <c0rw1n> yeah, counting the subsidy halvings
128 2013-10-16 11:47:19 <TD> well, nobody really knows how fees and such will play out in future. we can make guesses and suggestions, but it's hard to know
129 2013-10-16 11:47:49 <c0rw1n> how many txes can bitcoin handle total then? at 1MB each 10 min
130 2013-10-16 11:48:21 <sipa> ~7 per second
131 2013-10-16 11:49:37 <sipa> actually, my answer is wrong; the block size limit doesn't prevent the total fees per block from rising
132 2013-10-16 11:49:41 <sipa> it may actually increase them
133 2013-10-16 11:50:00 <sipa> but as TD says, it's hard to know how this plays out in the future
134 2013-10-16 11:50:49 <whiz> is there a graph that's showing current (averaged) tx/s available? i understand we are far away from 7tx/s?
135 2013-10-16 11:50:58 <TD> we're at about 0.5 tx/sec at the moment
136 2013-10-16 11:51:00 <TD> however
137 2013-10-16 11:51:05 <TD> many miners are not making 1mb blocks
138 2013-10-16 11:51:06 <c0rw1n> (my original question was, more accurately "when will the subsidy/block curve intersect the fees/block curve" )
139 2013-10-16 11:51:10 <TD> our actual "capacity" is much lower as a result.
140 2013-10-16 11:51:30 <c0rw1n> we're not maxing the capacity, is all
141 2013-10-16 11:51:34 <TD> generally miners have not demonstrated any real understanding of soft block size caps. a lot of them seem to just leave it at the default.
142 2013-10-16 11:51:56 <TD> we lack good tools to visualise and understand network capacity, unfortunately
143 2013-10-16 11:52:07 <TD> but yeah. at the moment we're not in any kind of danger zone
144 2013-10-16 13:59:03 <jgarzik> gavinandresen, what is your XCode version?  I'm going to try and get an OSX test build going
145 2013-10-16 13:59:33 <jgarzik> gavinandresen, we have the latest OSX, whatever it is (Mountain Lion?  Undead Cheetah?   Superfluous Marmoset?)
146 2013-10-16 14:26:58 <kinlo> jgarzik: mountain lion is the latest (well, mavericks is but it isn't released yet, altough it will be released this month...)
147 2013-10-16 15:25:22 <jgarzik> kinlo, sure
148 2013-10-16 15:25:33 <jgarzik> kinlo, though the most valuable bit of info is XCode version
149 2013-10-16 15:55:18 <maaku> jgarzik: xcode 4.6.2 works for me
150 2013-10-16 15:55:58 <maaku> unfortunately the release pathway has gavin's SDK path hard coded
151 2013-10-16 15:56:05 <maaku> not sure if this is still true post-autotools
152 2013-10-16 16:06:28 <jgarzik> gavinandresen, what is your XCode version?  I'm going to try and get an OSX test build going
153 2013-10-16 16:07:25 <michagogo> cloud|Mavericks isn't released yet, but it *is* already GM
154 2013-10-16 16:20:41 <michagogo> Erm, question about bitrpc.py...
155 2013-10-16 16:21:44 <michagogo> It looks to me like "getwork" does the exact same thing as "gettransaction"
156 2013-10-16 16:22:54 <michagogo> I also don't see getrawtransaction there
157 2013-10-16 16:23:06 <michagogo> same with submitblock
158 2013-10-16 16:23:13 <michagogo> And probably many others
159 2013-10-16 16:23:29 <michagogo> getblocktemplate, for example
160 2013-10-16 16:38:08 <kinlo> jgarzik: I was under the impression that gavin still uses 10.6 and the xcode from that time-area, but I'm sure he'll answer soon
161 2013-10-16 16:38:20 <kinlo> (to create backwards compatible binaries)
162 2013-10-16 16:38:43 <michagogo> .6, not .5?
163 2013-10-16 16:38:52 <kinlo> .6
164 2013-10-16 16:38:52 <michagogo> 
ACTION has 10.5 in his head from somewhere

165 2013-10-16 16:39:01 <kinlo> snow leopard
166 2013-10-16 16:39:20 <michagogo> 
ACTION tries to think why he was thinking about leopard, then

167 2013-10-16 16:39:24 <michagogo> bbl
168 2013-10-16 17:28:35 <olalonde> i have a noob asic question, not sure if i can ask here
169 2013-10-16 17:31:22 <Musk> olalonde #bitcoin-mining
170 2013-10-16 18:53:39 <michagogo> Hmm, what exactly is sendcoinsentry? I've seen it mentioned in a couple places lately, but I haven't come across it before
171 2013-10-16 18:54:06 <michagogo> and google doesn't turn up much
172 2013-10-16 18:55:57 <Ry4an> brainstrain
173 2013-10-16 20:39:16 <HM2> how irritating
174 2013-10-16 20:39:22 <HM2> boost intrusive lists are circular
175 2013-10-16 20:39:46 <HM2> so there's no equivalent to testing the next pointer for null without a reference to the list head object
176 2013-10-16 20:43:19 <skinnkavaj> Open question: Can mastercoin concept be used for a decentralized bitcoin securities exchange? There is talk about that in the neobee thread, but i dont know...
177 2013-10-16 20:43:24 <skinnkavaj> gmaxwell: fire at me!
178 2013-10-16 20:44:12 <warren> skinnkavaj: if mastercoin were actually decentralized maybe
179 2013-10-16 20:44:58 <gavinandresen> jgarzik: development machine or the machine I use to build backwards-compatible releases?
180 2013-10-16 20:48:37 <gmaxwell> skinnkavaj: if you had asked that in #bitcoin you might have recieved an answer.
181 2013-10-16 20:58:52 <jgarzik> gavinandresen, a good choice for testing payment request stuff on OSX :)
182 2013-10-16 20:58:58 <jgarzik> gavinandresen, whichever that may be
183 2013-10-16 20:59:51 <gavinandresen> jgarzik: ? not following
184 2013-10-16 21:02:33 <jgarzik> gavinandresen, you asked " development machine or the machine I use to build backwards-compatible releases?"
185 2013-10-16 21:02:51 <jgarzik> gavinandresen, looking to test payment request stuff in the client, so I'm guessing the answer is "development machine"
186 2013-10-16 21:02:53 <gavinandresen> ah, ok, got it.
187 2013-10-16 21:03:14 <sipa> jgarzik: qualifying your question with a '?' would have helped, perhaps :)
188 2013-10-16 21:03:16 <gavinandresen> Yes, dev machine-- any Xcode should be fine.  I use macports clang++ to compile, because I like lldb
189 2013-10-16 21:03:42 <jgarzik> ok
190 2013-10-16 21:03:50 <jgarzik> any Xcode: check
191 2013-10-16 21:03:54 <gavinandresen> jgarzik: … so setup looks like: Install XCode. Run it, and tell it to install command-line tools.
192 2013-10-16 21:04:35 <gavinandresen> jgarzik: Then install macports 'port' command.  port install  <stuff>  -- including clang-3.3
193 2013-10-16 21:05:11 <gavinandresen> jgarzik: my configure is:  CXXFLAGS='-g -O0 -Qunused-arguments -DDEBUG_LOCKORDER' CXX=/opt/local/bin/clang++-mp-3.3 ./configure --disable-hardening --disable-silent-rules
194 2013-10-16 21:06:22 <gavinandresen> jgarzik: Setting up the backwards-compatible build environment is much harder. And last I checked, you need a 32-bit machine to make it all work properly.
195 2013-10-16 21:11:47 <jgarzik> gavinandresen, thanks
196 2013-10-16 21:12:23 <sipa> will jgarzik compile -qt? :o