1 2014-03-03 00:00:19 <sipa> 0.8.6 may fail to validate the blockchain after running 0.
  2 2014-03-03 00:00:22 <sipa> 0.9
  3 2014-03-03 00:00:24 <[\\\]> actually
  4 2014-03-03 00:00:44 <[\\\]> debug.log has a bunch of "ReacceptWalletTransactions found spent coin "
  5 2014-03-03 00:00:49 <[\\\]> after running .8.6 after .9
  6 2014-03-03 00:01:06 <sipa> now that is interesting
  7 2014-03-03 00:01:26 <[\\\]> I'm currently stuck on the flash screen at "Done Loading"
  8 2014-03-03 00:01:32 <[\\\]> but its not responsive
  9 2014-03-03 00:01:32 <sipa> oh, 0.8.6 after 0.9
 10 2014-03-03 00:01:34 <sipa> yes, that's expected
 11 2014-03-03 00:01:42 <sipa> it should be mentioned in the release notes
 12 2014-03-03 00:01:45 <[\\\]> Windows isn't saying its not responsive
 13 2014-03-03 00:01:55 <[\\\]> but I can't interact with it
 14 2014-03-03 00:02:15 <Persopolis> that's a bit of an extreme test - i was more intrested to know if x86 is running and you start installing 64bit if it detects the x86 running and acts appropriately
 15 2014-03-03 00:02:40 <[\\\]> I can do that too.
 16 2014-03-03 00:03:32 <[\\\]> The debug log shows it was trying to connect to peers up until 45 seconds ago
 17 2014-03-03 00:03:49 <[\\\]> process has activity bouncing up and down, so it doesn't look like its completely hung yet
 18 2014-03-03 00:05:02 <sipa> [\\\]: https://github.com/bitcoin/bitcoin/issues/3782
 19 2014-03-03 00:05:18 <[\\\]> sipa, I ended up killing it
 20 2014-03-03 00:05:22 <[\\\]> and then restarting and its fine
 21 2014-03-03 00:05:24 <[\\\]> all blocks
 22 2014-03-03 00:05:49 <[\\\]> So at least I didn't have to resync
 23 2014-03-03 00:06:00 <sipa> please comment
 24 2014-03-03 00:06:37 <Persopolis> "sipa is fast"
 25 2014-03-03 00:09:28 <[\\\]> sipa, pm?
 26 2014-03-03 00:09:50 <sipa> no, on that issue
 27 2014-03-03 00:09:59 <[\\\]> I know, but may I pm
 28 2014-03-03 00:10:11 <sipa> yes, but i'm about to disappear
 29 2014-03-03 00:12:57 <TheSeven> BlueMatt: btw, while you're at it, you might want to update the package description of the ubuntu bitcoin package... it says the blockchain is 2+ gigabytes... might want to bump that to 20+ ;)
 30 2014-03-03 00:16:19 <[\\\]> posted.
 31 2014-03-03 00:22:32 <wallet42> is the order of the pubkeys or signatures somehow relevant in creating a p2sh / redeem Multisig transaction?
 32 2014-03-03 00:22:49 <sipa> the signatures must be in the same order as the public keys
 33 2014-03-03 00:23:33 <wallet42> and omitted signatures are simply ommited or is there a placeholder value?
 34 2014-03-03 00:23:48 <sipa> simply omitted
 35 2014-03-03 00:23:49 <wallet42> in case of 2 of 3
 36 2014-03-03 00:23:51 <wallet42> k
 37 2014-03-03 00:23:56 <wallet42> thx
 38 2014-03-03 00:24:32 <[\\\]> I just installed .9.0rc2 (x64) while .8.6 was running.
 39 2014-03-03 00:24:43 <[\\\]> The install completed successfully.
 40 2014-03-03 00:25:21 <[\\\]> It failed on start with a directory lock erro, which is expected, just like you were trying to run multiple copies of the same version.
 41 2014-03-03 00:25:44 <[\\\]> Persopolis ^
 42 2014-03-03 00:27:53 <skinnkavaj> Good storage huh?
 43 2014-03-03 00:27:54 <skinnkavaj> https://www.youtube.com/watch?v=EcYHOZeb6LA
 44 2014-03-03 00:28:16 <skinnkavaj> Tell me why Bitalo is bad, is it?
 45 2014-03-03 00:35:06 <wallet42> is it the same order or "reverse" order since stack stuff?
 46 2014-03-03 00:37:20 <Persopolis> [\\\] that's good :)
 47 2014-03-03 00:39:33 <[\\\]> I agree.  I think that the experience is as one would expect (unless you were expected an in place upgrade, which doesn't happen when converting between x64 and X86)
 48 2014-03-03 00:39:55 <Diablo-D3> hey guys
 49 2014-03-03 00:40:09 <Diablo-D3> remember when we said bitcoin will officially be the world's currency when porn accepts it?
 50 2014-03-03 00:40:18 <Diablo-D3> nsfw, obviously: https://www.skweezme.com/get-access
 51 2014-03-03 00:40:25 <Diablo-D3> skeezme is basically the netflix of porn.
 52 2014-03-03 00:43:29 <Persopolis> 
ACTION opens incognito browser window...

 53 2014-03-03 00:44:35 <davvblack> There were a bunch of sites that accepted Bitcoin for a few days, then rescinded that on the grounds that it actually drove sales down.
 54 2014-03-03 00:44:35 <[\\\]> its awesome you decided that that needed to be posted into -dev.
 55 2014-03-03 00:44:45 <davvblack> oh, yeah, wrong channel...
 56 2014-03-03 00:45:08 <Diablo-D3> [\\\]: #bitcoin is supposed to be family friendly or w/e
 57 2014-03-03 01:05:15 <shesek> davvblack, well, they can't hide an "$99/month subscription" in the footprints under a huge "$0.99 ACCESS!" with bitcoin
 58 2014-03-03 01:05:31 <davvblack> yeah, that's part of it
 59 2014-03-03 01:05:33 <shesek> they make a lot of money from charging hidden amounts month after month from users
 60 2014-03-03 01:05:40 <davvblack> but i mean, if they can charge what they actually mean to charge, that might work better
 61 2014-03-03 01:06:00 <davvblack> i'd also be MUCH more willing to pay $10 or whatever in BTC rather than give a CC number for a $1 charge to a porn site
 62 2014-03-03 01:06:04 <davvblack> for that exact reason
 63 2014-03-03 01:06:23 <davvblack> this is the wrong room for this discussion, but it doesn't matter since it's so dead in here.
 64 2014-03-03 01:07:07 <shesek> the question is whether more paying users that actually know how much they're going to pay is more profitable than less users that pay higher amounts unknowingly
 65 2014-03-03 01:07:41 <shesek> (well, you also need to take chargebacks into account here - they also lose a lot of money on chargebacks because of their shady tactics)
 66 2014-03-03 01:07:50 <davvblack> If porn continues only to use predatory/abusive prices, the trend will continue of nobody wanting to pay for porn
 67 2014-03-03 01:08:04 <davvblack> though it's kind of hard to get out of that deathspiral as an industry
 68 2014-03-03 01:09:33 <shesek> a pay-per-video model can actually work pretty neatly with Bitcoin - part of the video is played for free, then replaced with a bitcoin address QR code
 69 2014-03-03 01:09:48 <davvblack> mm hmm
 70 2014-03-03 01:09:49 <shesek> they can listen to payments and start playing immediately after receiving the payment
 71 2014-03-03 02:49:12 <[\\\]> davvblack, it does matter because 1) this channel is publicly logged and linked as a bitcoin development channel and 2) This channel is meant to be a spot for developers to work on bitcoin, not idle chatter.
 72 2014-03-03 03:11:01 <etotheipi_> anyone aware of an issue with blockchain.info?  I just got a report of a transaction that has 400 confirmations in Armory, biteasy, blockr.io, but blockchain.info shows it unconfirmed
 73 2014-03-03 03:12:39 <gmaxwell> can you share the txid with me? (perhaps in PM?
 74 2014-03-03 03:17:30 <gmaxwell> So I see it too, whats more fun is that bc.i shows some of the outputs as spent, and those spends as confirmed.
 75 2014-03-03 03:17:44 <etotheipi_> oh yeah...
 76 2014-03-03 03:18:16 <etotheipi_> so, I wonder how that happened...
 77 2014-03-03 03:18:18 <etotheipi_> 2+ days old
 78 2014-03-03 03:18:52 <gmaxwell> https://blockchain.info/tx-index/114157517 < interesting to see that they 'handle' showing an unconfirmed input on a confirmed transaction.
 79 2014-03-03 03:19:06 <gmaxwell> "
 80 2014-03-03 03:19:06 <gmaxwell> Status: Not Connected (0 Nodes Connected)"
 81 2014-03-03 03:20:03 <etotheipi_> Okay, well I'll see if I can find a way to report it to them
 82 2014-03-03 03:38:44 <lechuga_> does blockexplorer not like p2sh multisig txns
 83 2014-03-03 03:39:09 <justanotheruser> lechuga_: I think it calls them "strange"
 84 2014-03-03 03:39:14 <lechuga_> yeah
 85 2014-03-03 03:39:32 <lechuga_> http://blockexplorer.com/testnet/tx/4606c37e23d8c27bdeb2f26e276a8ae3b3ffa363dccf6cc5b03b5ce02eee5947#o0
 86 2014-03-03 03:39:36 <lechuga_> that was the redeeming txn
 87 2014-03-03 03:39:50 <lechuga_> it pays to my mycelium testnet wallet
 88 2014-03-03 03:40:00 <lechuga_> but i dont ever see the txn there either
 89 2014-03-03 03:40:07 <lechuga_> i wonder if its not fond of p2sh either
 90 2014-03-03 03:41:16 <justanotheruser> lechuga_: The redemption isn't showing up in mycelium?
 91 2014-03-03 03:41:40 <lechuga_> nope
 92 2014-03-03 03:41:49 <lechuga_> oh nm
 93 2014-03-03 03:41:50 <lechuga_> there it is
 94 2014-03-03 03:41:52 <lechuga_> sry
 95 2014-03-03 05:35:42 <tunage> where is the bitcoinj project? what task are left to be done?
 96 2014-03-03 05:35:58 <tunage> I am a java programmer
 97 2014-03-03 05:36:03 <davvblack> https://code.google.com/p/bitcoinj/issues/list
 98 2014-03-03 05:36:17 <parkerk> Is there any way to run bitcoind/Bitcoin-Qt without having a full block chain? I know there are clients like Multibit and Electrum, but neither seems to support RPC at the moment. I'm trying to run bitcoin on a machine with memory requirements for a project, so I can't afford several gigs of space taken by the chain
 99 2014-03-03 05:36:30 <davvblack> no, not really
100 2014-03-03 05:36:32 <davvblack> not and be useufl
101 2014-03-03 05:36:34 <davvblack> useful
102 2014-03-03 05:36:46 <parkerk> not and be useful?
103 2014-03-03 05:37:03 <davvblack>  you can't like figure out what coins are at an address without the full blockchain
104 2014-03-03 05:37:09 <davvblack> afaik
105 2014-03-03 05:37:24 <davvblack> (in Bitcoin Core's current implementation)
106 2014-03-03 05:37:29 <parkerk> Theres stuff like SPV though I know, where you can prune heavilly
107 2014-03-03 05:37:40 <davvblack> yeah, it's possible.  just not yet.
108 2014-03-03 05:37:49 <parkerk> Oh okay, thanks
109 2014-03-03 05:37:50 <parkerk> Or does anyone know if Multibit or Electrum support json-RPC?
110 2014-03-03 05:39:49 <tunage> I got number 46. how difficult would it be (or could bork), implementing l2ptp?
111 2014-03-03 05:41:18 <tunage> it's just a new port.
112 2014-03-03 05:41:27 <davvblack> so then do it :P
113 2014-03-03 05:41:50 <tunage> davvblack that's what I am here for brother!
114 2014-03-03 05:41:59 <davvblack> did you read the thread?
115 2014-03-03 05:42:00 <davvblack> https://code.google.com/p/bitcoinj/issues/detail?id=46&colspec=ID%20Type%20Status%20Priority%20Component%20Owner%20Summary
116 2014-03-03 05:42:01 <tunage> I was picking one.  :)
117 2014-03-03 05:42:05 <davvblack> it's not just about incoming connections
118 2014-03-03 05:42:11 <davvblack> it's about deliberately selecting a peer
119 2014-03-03 05:42:14 <davvblack> which needs a UI
120 2014-03-03 05:42:16 <davvblack> etc
121 2014-03-03 05:43:48 <tunage> reading deeper.  bare with me.
122 2014-03-03 05:44:25 <davvblack> you should just learn C++ and contribute to Bitcoin Core :)
123 2014-03-03 05:45:24 <parkerk> Or implement RPC ;) looks like there is a bounty https://bitcointalk.org/index.php?topic=105278.0
124 2014-03-03 05:46:32 <tunage> davvblack don't be a hater.  :)
125 2014-03-03 05:47:08 <tunage> I know this stuff. unfortunately at the java side which I consider trash.
126 2014-03-03 05:47:46 <tunage> I am digging deeper and deeper into c++. but I am not that good yet.  :/
127 2014-03-03 05:48:06 <davvblack> I'm a positive hater.  Also that bounty is expired fwiw.
128 2014-03-03 05:48:29 <davvblack> which is apparently no longer 5btc.
129 2014-03-03 05:48:30 <tunage> davvblack I'm just looking to pitch in.
130 2014-03-03 05:48:38 <wyager> Does the fact that there are 21,000,000*100,000,000 Satoshis have anything to do with Satoshi wanting the number of Satoshis to fit into the mantissa of a IEEE 754 floating point number? For some reason I thought that was the case, but I can't find anywhere that actually says that.
131 2014-03-03 05:49:08 <tunage> bitcoin already consumes my life, how much worse can it get??
132 2014-03-03 05:49:13 <gmaxwell> wyager: that was my assumption, but I've never seen id documented.
133 2014-03-03 05:49:19 <parkerk> Ah, so it is :( guess so one likes RPC
134 2014-03-03 05:50:20 <wyager> gmaxwell: Yeah, for some reason I was pretty sure that was the reasoning behind it, but I can't find that anywhere! I may add that to some wiki pages as a possible justification.
135 2014-03-03 05:50:25 <tunage> I want to help, what needs to be done?
136 2014-03-03 05:50:46 <davvblack> that issues page for bitcoinj :P
137 2014-03-03 05:50:59 <davvblack> or this one if you learn C++ github.com/bitcoin/bitcoin/issues
138 2014-03-03 05:51:14 <davvblack> https://github.com/bitcoin/bitcoin/issues
139 2014-03-03 05:52:24 <tunage> put this mobips invested training to work!!!!
140 2014-03-03 05:53:53 <parkerk> Are there public servers for bitcoinj? Or do I need to host my own? From what I understand, bitcoinj talks to servers, which do the heavy work/keep track of the blocks
141 2014-03-03 05:54:48 <davvblack> nah, bitcoinj still downloads a pruned blockchain, iirc
142 2014-03-03 05:55:31 <parkerk> Really? I guess I assumed otherwise as multibit uses it
143 2014-03-03 05:56:31 <davvblack> "Highly optimised lightweight simplified payment verification (SPV) mode. In this mode, only a small part of the block chain is downloaded and verified, making bitcoinj suitable for usage on constrained devices like laptops, smartphones or cheap virtual private servers. SPV wallets can sync with the blockchain in seconds, even from a cold start."
144 2014-03-03 05:56:35 <davvblack> https://code.google.com/p/bitcoinj/
145 2014-03-03 05:56:54 <davvblack> it doesn't know the complete cryptographic history of each coin
146 2014-03-03 05:57:13 <davvblack> but still knows the value of each address and all spendable outputs
147 2014-03-03 05:57:16 <parkerk> Ahh, thanks. That's exactly what I need. If only it were in python ;,(
148 2014-03-03 05:57:35 <davvblack> the only thing for bitcoin i've seen in python are wrappers for the json RPC
149 2014-03-03 05:57:37 <davvblack> doesn't really count.
150 2014-03-03 05:58:47 <wyager> OK, there was only one relevant wiki page re. the 21 million cap. I've edited it to mention both the reward halving schedule and the IEEE mantissa as possible justifications
151 2014-03-03 05:59:51 <davvblack> storing a satoshi value in a float sounds incredibly dangerous to me :P
152 2014-03-03 06:00:08 <wyager> davvblack: Yeah, but it can be done, which may be why satoshi chose 21M BTC
153 2014-03-03 06:00:14 <davvblack> the math is pretty close, but that's a weird thing to chose
154 2014-03-03 06:00:16 <davvblack> mm hmm
155 2014-03-03 06:00:21 <wyager> He was probably considering javascript clients, for example
156 2014-03-03 06:00:23 <davvblack> 51 bits or something?
157 2014-03-03 06:00:27 <wyager> 52
158 2014-03-03 06:00:31 <davvblack> yea
159 2014-03-03 06:00:34 <wyager> So it's actually right under half
160 2014-03-03 06:00:46 <gmaxwell> wyager: it also fits in a decimal64
161 2014-03-03 06:00:55 <wyager> true
162 2014-03-03 06:02:36 <wyager> Clever guy
163 2014-03-03 06:03:19 <davvblack> heh, fwiw, it is not possible to store all of the satoshi accurately in the default number type in php.
164 2014-03-03 06:03:21 <gmaxwell> people whine about a lot of things in bitcoin being "arbritary" which are ... more considered than you might expect.
165 2014-03-03 06:03:41 <gmaxwell> davvblack: depends on how you've compiled php and on which platform, I think. :(
166 2014-03-03 06:03:47 <wyager> davvblack: Maybe Satoshi wanted people not to make BTC stuff in php :p
167 2014-03-03 06:04:00 <wyager> Didn't stop karpeles
168 2014-03-03 06:04:14 <davvblack> i don't think satoshi was a technological prescriptivist :P
169 2014-03-03 06:04:23 <davvblack> but yeah, there might be a way to compile PHP to allow that.
170 2014-03-03 06:04:39 <davvblack> again, sounds incredibly dangerous
171 2014-03-03 06:19:55 <anton000> bcmath gmp?
172 2014-03-03 06:20:51 <davvblack> right
173 2014-03-03 06:22:11 <wumpus> no decimal type in php? or arbitrary precision integer?
174 2014-03-03 06:22:31 <davvblack> gmp provides those
175 2014-03-03 06:22:33 <davvblack> not inherently
176 2014-03-03 06:22:44 <davvblack> php is super lose with type.
177 2014-03-03 06:22:49 <wumpus> DO NOT store BTC amounts in double (or, the horror, float)
178 2014-03-03 06:23:02 <davvblack> iirc, "123412341234123412341234" == "123412341234123412341000" evaluates to true in php
179 2014-03-03 06:23:07 <davvblack> because they both look 'numbery'
180 2014-03-03 06:23:11 <davvblack> and get converted silently
181 2014-03-03 06:23:16 <wumpus> if you have problems with your JSON library and numbers, you could try https://github.com/bitcoin/bitcoin/pull/3759
182 2014-03-03 06:31:05 <anton000> satoshi can be stored in php int if your on 64bit
183 2014-03-03 06:31:44 <anton000> 9223372036854775807
184 2014-03-03 06:31:44 <anton000> $ php -r 'echo PHP_INT_MAX;'
185 2014-03-03 06:32:23 <anton000> *youre
186 2014-03-03 06:44:51 <wumpus> eek...
187 2014-03-03 06:48:20 <BCB> how can you tell if the blockchain has been fully downloaded on linux
188 2014-03-03 06:48:45 <phantomcircuit> BCB, bitcoind or bitcoin-qt
189 2014-03-03 06:48:49 <wumpus> you'll never download the blockchain fully :)
190 2014-03-03 06:48:53 <BCB> bitcoind
191 2014-03-03 06:48:59 <BCB> wumpus caught up
192 2014-03-03 06:49:03 <phantomcircuit> BCB, tail ~/.bitcoin/debug.log
193 2014-03-03 06:49:17 <wumpus> you can check the block you're at with getinfo though
194 2014-03-03 06:50:14 <BCB> "blocks" : 286273,
195 2014-03-03 06:50:58 <BCB> looks like I'm behind
196 2014-03-03 06:51:15 <BCB> phantomcircuit, where can I find the latest block
197 2014-03-03 06:51:29 <wumpus> the way bitcoin-qt checks if you're caught up is: look at the time of the last block, if it is recent, you've caught up
198 2014-03-03 06:51:34 <gribble> 288696
199 2014-03-03 06:51:34 <phantomcircuit> ;;bc,blocks
200 2014-03-03 06:51:50 <BCB> coll
201 2014-03-03 06:51:53 <BCB> cool
202 2014-03-03 06:51:54 <BCB> thx
203 2014-03-03 06:55:09 <anton000> 288696
204 2014-03-03 06:55:32 <anton000> i hate you gribble bot lolol
205 2014-03-03 07:01:13 <rasmuzen> jcorgan: CodeShark: hey :P
206 2014-03-03 07:27:03 <jcorgan> rasmuzen: how are your bitcoin studies coming along?
207 2014-03-03 07:37:37 <rasmuzen> jcorgan: good I think
208 2014-03-03 07:38:01 <rasmuzen> jcorgan: it's a slow and steady process, there's a ton to learn
209 2014-03-03 07:38:29 <rasmuzen> jcorgan: so if I'm trying to check the balance of a wallet, I'm going to have to be able to find out the balance for a set of public keys, yeah?
210 2014-03-03 07:39:42 <jcorgan> i wouldn't go about it that way
211 2014-03-03 07:40:27 <jcorgan> public keys don't have balances
212 2014-03-03 07:40:59 <davvblack> (addresses are hashes of public keys, rasmuzen)
213 2014-03-03 07:41:02 <davvblack> so they are related
214 2014-03-03 07:41:02 <jcorgan> just keep track in your wallet of all the unspent transaction outputs that you are able to redeem.  they will all have a certain value associated with them, and the sum of those is the wallet ballance.
215 2014-03-03 07:44:00 <jcorgan> it would probably help adjust your thinking to eliminate the concept of "balances"
216 2014-03-03 07:45:22 <rasmuzen> jcorgan: davvblack: isn't each utxo always directly correlated with a public key?
217 2014-03-03 07:45:30 <jcorgan> that concept has too many misleading associations from its traditional usage in accounting to be usefully applied in bitcoin
218 2014-03-03 07:45:52 <jcorgan> each utxo *can* be associate with a public key (hashed to an address), but it could also be other things
219 2014-03-03 07:46:07 <rasmuzen> jcorgan: like what
220 2014-03-03 07:46:11 <davvblack> it can also be the hash of a script who's criteria need to be met
221 2014-03-03 07:46:18 <davvblack> that's how m of n transactions work
222 2014-03-03 07:46:28 <wumpus> that's it, I'm not going to #bitcoin anymore
223 2014-03-03 07:46:48 <rasmuzen> wumpus: why do you say that
224 2014-03-03 07:47:08 <davvblack> obnoxious people like stoned
225 2014-03-03 07:48:05 <jcorgan> rasmuzen: if you recall from the previous discussion, about the glass boxes, the locks on them are really challenges, that can be opened by satisfying the challenge
226 2014-03-03 07:48:28 <rasmuzen> jcorgan: so you can have a glass box that isn't associated with a public key?
227 2014-03-03 07:48:32 <jcorgan> those challenges are often in the form of "prove you have the private key for this address"
228 2014-03-03 07:48:57 <davvblack> you could even have a box with a nonsense challenge like "show that 2 = 5"
229 2014-03-03 07:49:01 <jcorgan> it could be associated with multiple keys
230 2014-03-03 07:49:03 <davvblack> and sending coins there gets them stuck
231 2014-03-03 07:49:28 <rasmuzen> jcorgan: how often in practice are those challenges not just "prove that you have the private key for this address" it seems like the vast majority of the time is that type of lock
232 2014-03-03 07:49:30 <jcorgan> it could be "execute a script that hashes to this"
233 2014-03-03 07:49:42 <jcorgan> most of the time, yes, but not all the time
234 2014-03-03 07:49:57 <jcorgan> bitcoin is more general than that
235 2014-03-03 07:50:19 <rasmuzen> jcorgan: but if I'm the one creating the glass boxes, then can't I assume they're all created that way?
236 2014-03-03 07:51:49 <jcorgan> you could, but it seems like you are going out of your way to mentally fit the idea of single address "balances" and address reuse into what is a more general system
237 2014-03-03 07:52:12 <rasmuzen> jcorgan: I guess I feel like it's complicating the system to take into account other types of locks, am I wrong/
238 2014-03-03 07:52:52 <jcorgan> the system is already what it is, you don't gain by pretending it is simpler than that
239 2014-03-03 07:53:14 <jcorgan> let me put it this way
240 2014-03-03 07:53:38 <michagogo> cloud|rasmuzen: for a wallet, you only care about glass boxes created to fit your key
241 2014-03-03 07:53:52 <jcorgan> even if all your service ever does is create pay-to-pubkey-hash type transactions, a user's wallet is a collection of those unspent transactions, not a "collection of addresses"
242 2014-03-03 07:54:32 <michagogo> cloud|You only need to look for glass boxes that fit your keys when looking for transactions sent to you
243 2014-03-03 07:55:02 <jcorgan> michagogo|cloud: this is a continuation of a discussion from yesterday, there's some context missing
244 2014-03-03 07:55:10 <michagogo> cloud|But if you're trying to get a larger overview of what's going on, you need to consider that there will be other glass boxes
245 2014-03-03 07:55:18 <michagogo> cloud|jcorgan: ah, okay
246 2014-03-03 07:55:47 <jcorgan> we left things off with you asking why anyone ever needed more than one address
247 2014-03-03 07:56:02 <jcorgan> and several of us responded with answers about privacy and information leakage and linkage
248 2014-03-03 07:56:06 <jcorgan> but then you had to leave
249 2014-03-03 07:56:33 <rasmuzen> jcorgan: so do utxos have a unique id or something they can be associated with? I'll need to store a list of utxos per wallet, something like [utxo id, utxo value, utxo lock key]
250 2014-03-03 07:57:41 <tarix_jp> you need the txid and the tx index. it probably helps to look at a transaction and then look up where its inputs came from
251 2014-03-03 07:58:18 <jcorgan> once confirmed into a block, the tuple [tx_hash, output number] is sufficient to reconstruct everything, but you may want to also cache the tx amount and scriptpubkey as well
252 2014-03-03 07:58:54 <davvblack> anyone have technical background on the peter todd coinbase consensus thing?
253 2014-03-03 07:59:18 <rasmuzen> so basically find the tx that the utxo came from, and the output index? then cache the tx amount (for that specific output) and the scriptpubkey
254 2014-03-03 07:59:25 <tarix_jp> jcorgan: keeping the scriptpubkey speeds up the signing of the input for a new transaction?
255 2014-03-03 08:00:49 <jcorgan> it identifies what is needed to redeem that output
256 2014-03-03 08:01:46 <jcorgan> and yes, caching it in the wallet might make it faster to lookup, but that's implementation dependent
257 2014-03-03 08:01:49 <rasmuzen> so if I wanted to be able to instantly look up the value of any utxo I'd need to linearly process every single transaction in the block chain and maintain a giant index for this stuff?
258 2014-03-03 08:02:13 <jcorgan> ?
259 2014-03-03 08:02:18 <jcorgan> the utxo has the value stored in it
260 2014-03-03 08:02:34 <jcorgan> you just need to keep track of whether it has already been spent
261 2014-03-03 08:03:14 <tarix_jp> think carefully if you really want to store utxos that aren't related to you. as of right now there are over 9million of them.
262 2014-03-03 08:03:15 <rasmuzen> so someone's net worth in bitcoin is the total value across all utxos for which they know the answer to the lock
263 2014-03-03 08:03:23 <jcorgan> in your case you can let bitcoind manage things and just query it through its RPC interface
264 2014-03-03 08:03:42 <jcorgan> rasmuzen: pretty much
265 2014-03-03 08:05:06 <rasmuzen> jcorgan: would it be at all useful to provide a service that tells you the value of a txo and whether it's unspent or not
266 2014-03-03 08:05:18 <rasmuzen> input: transaction, output index
267 2014-03-03 08:05:35 <rasmuzen> output: value (int/satoshi), unspent: (bool)
268 2014-03-03 08:06:06 <rasmuzen> doesn't seem like it
269 2014-03-03 08:06:38 <rasmuzen> is it safe to give out your scriptpubkey and bitcoin address?
270 2014-03-03 08:07:39 <jcorgan> not sure i understand--those are what are published on the blockchain
271 2014-03-03 08:07:58 <rasmuzen> but what if you don't have the blockchain on your computer
272 2014-03-03 08:08:23 <rasmuzen> I'm thinking typical user who doesn't have bitcoind/bitcoin-qt, they just use blockchain.info?
273 2014-03-03 08:08:49 <jeremias> or whatever other wallets there  are
274 2014-03-03 08:09:28 <jcorgan> if you have had bitcoin sent to an address, and then you tell someone else what that address is, you've given certain financial information about you.  *Especially* in the case where you reuse addresses for more than one transaction.
275 2014-03-03 08:10:07 <jcorgan> so in general, the identity mapping between person<==>address is a matter of privacy policy
276 2014-03-03 08:11:13 <jcorgan> but are you still going with the idea that you'd like to to provide a web wallet service?
277 2014-03-03 08:12:37 <rasmuzen> jcorgan: I guess I'm trying to figure that out
278 2014-03-03 08:12:48 <rasmuzen> jcorgan: it doesn't really feel like there's a big need for another web wallet service
279 2014-03-03 08:12:57 <rasmuzen> jcorgan: except maybe for other cryptocurrencies
280 2014-03-03 08:13:24 <wumpus> please don't store money for other people
281 2014-03-03 08:13:52 <rasmuzen> wumpus: -_- why
282 2014-03-03 08:16:33 <wumpus> it is very high risk
283 2014-03-03 08:17:37 <michagogo> cloud|canibuildasitehandlingotherpeoplesmoney.com
284 2014-03-03 08:19:11 <rasmuzen> if everybody listened to that advice then we'd have no web wallets or banks or etc.
285 2014-03-03 08:19:30 <Apocalyptic> well I certainly wish Karpeles did listen to that advice
286 2014-03-03 08:19:48 <rasmuzen> can you blame him for trying
287 2014-03-03 08:20:14 <rasmuzen> anyways
288 2014-03-03 08:25:32 <wumpus> rasmuzen: which would be good, with all problems that the proliferation of shady services (some with a glossy finish, "trade with confidence!") has given us
289 2014-03-03 08:26:36 <tarix_jp> scams are not unique to bitcoin
290 2014-03-03 08:27:10 <wumpus> I'm not so much talking about scams, just mess-ups, and they all start with the promise to keep money for other people
291 2014-03-03 08:28:05 <tarix_jp> the current alternatives are terrible.
292 2014-03-03 08:29:23 <tarix_jp> if i had a paper wallet in my house i would never be able to leave. one dumb neighbor and poof, up in smoke.
293 2014-03-03 08:29:54 <wumpus> so you put it in another person's paper wallet, which can go poof as well
294 2014-03-03 08:30:13 <gmaxwell> wumpus: it's enough that that I've noticed a negative emotional reaction twitter 'bootstrap' ... it seems like its is a scam signal to me.
295 2014-03-03 08:32:22 <rasmuzen> does nobody find it useful to be able to create a public/private key pair, send bitcoins to that public address, check the balance "of that address", then send bitcoins from that address with the private key and not have to know about all the utxo stuff?
296 2014-03-03 08:32:54 <rasmuzen> I feel like that abstraction layer is awesome, and 99.9% of people will never know about utxos and eventually most probably won't even know about public/private keys
297 2014-03-03 08:32:59 <tarix_jp> every wallet client insulates the user from utxos
298 2014-03-03 08:33:33 <wumpus> gmaxwell: it's certainly the 'the easy way' to do web design, makes sense as a bit of a stink signal... on the other hand, a company investing everything in a nice design instead of security would not get far either, so it's also a deceiving signal (but by lack of information...)
299 2014-03-03 08:34:42 <gmaxwell> yea, wasn't an intentional signal... I just saw a site with it and felt uneasy and then realized it was because so many scam sites had used it too.
300 2014-03-03 08:34:50 <jcorgan> wumpus: bootstrap screams "let's throw something up quickly", a sign of a company without proper resources or who is only planning to be around for a short while
301 2014-03-03 08:35:31 <sipa> davvblack: it is absolutely possible to find out wallet balances without downloading full block history - you just can validate everything
302 2014-03-03 08:35:36 <Apocalyptic> <jcorgan> wumpus: bootstrap screams "let's throw something up quickly", a sign of a company without proper resources or who is only planning to be around for a short while // I must disagree on this
303 2014-03-03 08:35:55 <jcorgan> Apocalyptic: correction, "screams to me"
304 2014-03-03 08:36:14 <Apocalyptic> I run a service with a boostrap website and i don't belong to either of those categories
305 2014-03-03 08:37:07 <tarix_jp> coinbase ran on pure bootstrap for 18 months or so?
306 2014-03-03 08:37:42 <jcorgan> Apocalyptic: of course.  i'm just relating, after seeing what seems like hundreds of marginal companies using bootstrap, what reaction i have, like gmaxwell mentioned
307 2014-03-03 08:37:43 <Apocalyptic> jcorgan, but i get that it may seem so
308 2014-03-03 08:38:48 <jcorgan> it's like companies that only have webforms for feedback or contact, or that use cheesy stock photography
309 2014-03-03 08:39:43 <sipa> rasmuzen: that abstraction is awesome... but completely unsafe
310 2014-03-03 08:40:03 <rasmuzen> sipa: why?
311 2014-03-03 08:40:15 <sipa> rasmuzen: you're trusting a third party to tell you how much money you have
312 2014-03-03 08:40:56 <rasmuzen> sipa: you don't use a bank?
313 2014-03-03 08:41:39 <sipa> rasmuzen: yes
314 2014-03-03 08:41:48 <rasmuzen> sipa: yes you don't or yes you do?
315 2014-03-03 08:42:04 <sipa> rasmuzen: i do
316 2014-03-03 08:42:18 <rasmuzen> sipa: so you trust a third party service to tell you how much money you have?
317 2014-03-03 08:42:29 <sipa> rasmuzen: no, i pay them for it
318 2014-03-03 08:42:47 <rasmuzen> sipa: do you consider that unsafe?
319 2014-03-03 08:42:51 <sipa> no
320 2014-03-03 08:43:06 <sipa> just unfortunate
321 2014-03-03 08:43:21 <rasmuzen> jcorgan: so if I want to create a service that provides the total value of all unspent outputs associated with a given scriptpubkey, I'll need to process all transactions and create a giant index?
322 2014-03-03 08:43:34 <sipa> rasmuzen: yes
323 2014-03-03 08:43:58 <rasmuzen> I realize that utxos aren't necessarily associated with a scriptpubkey, that's only a subset of all utxos
324 2014-03-03 08:44:00 <rasmuzen> I'm only interested in those for now
325 2014-03-03 08:44:23 <rasmuzen> sipa: jcorgan: then what's the easiest way to retrieve and process all transactions? bitcoind?
326 2014-03-03 08:44:27 <sipa> rasmuzen: i'm just saying that it is a huge responsibility... and judging from what has happened in the bitcoin world so far, many have screwed up
327 2014-03-03 08:44:37 <jcorgan> rasmuzen: yes, you do.  bitcoind can do most of the heavy lifting for you.
328 2014-03-03 08:45:14 <sipa> rasmuzen: if you want to go through as many hoops as banks do, then please do, but just the regulations are probably horrible
329 2014-03-03 08:45:40 <sipa> rasmuzen: and with bitcoin, there is no need for that
330 2014-03-03 08:46:08 <sipa> there are several open source packages that can do this for you, locally, without trusting any service
331 2014-03-03 08:46:23 <rasmuzen> sipa: but that isn't scalable
332 2014-03-03 08:46:36 <sipa> how so?
333 2014-03-03 08:47:09 <rasmuzen> sipa: you're talking about offline wallets?
334 2014-03-03 08:47:37 <sipa> i'm talking about any bitcoin wallet implementation
335 2014-03-03 08:47:42 <rasmuzen> that isn't a web wallet
336 2014-03-03 08:48:15 <sipa> well web wallets are a wallet implementation tok, just not one you run yourself
337 2014-03-03 08:48:21 <sipa> *too
338 2014-03-03 08:48:56 <rasmuzen> so say I want to send you money, I need to install something on my computer to do that?
339 2014-03-03 08:49:12 <sipa> is that unreasonable?
340 2014-03-03 08:49:17 <rasmuzen> completely
341 2014-03-03 08:49:26 <sipa> then there is no hope for bitcoin
342 2014-03-03 08:49:34 <rasmuzen> I'm at a restaurant, you just paid for dinner, I wanna give you ten bucks from my phone
343 2014-03-03 08:49:36 <wumpus> or on your phone, or use a specific device for the purpose like a trezor, ...
344 2014-03-03 08:49:48 <wumpus> is this news?
345 2014-03-03 08:49:52 <sipa> oh, sure, doesn't need to be a desktop system
346 2014-03-03 08:49:57 <rasmuzen> I'm not gonna have the entire block chain downloaded on my phone
347 2014-03-03 08:50:04 <sipa> you don't need to
348 2014-03-03 08:50:14 <wumpus> what are you talking about, none of the phone apps download the whole blockchain
349 2014-03-03 08:50:35 <davvblack> look at how bitcoinj does it
350 2014-03-03 08:50:37 <wumpus> (at least the ones I know of ...)
351 2014-03-03 08:50:52 <rasmuzen> then how can they be sure how much money you have in your wallet?
352 2014-03-03 08:51:00 <tarix_jp> yeah, all of the phone clients are SPV clients :)
353 2014-03-03 08:51:03 <davvblack> you can't be 'sure'
354 2014-03-03 08:51:07 <sipa> they use lightweight verification
355 2014-03-03 08:51:09 <davvblack> but you can be 'somewhat confident'
356 2014-03-03 08:51:19 <davvblack> which still has a bunch of 9s on the end
357 2014-03-03 08:51:34 <davvblack> it just requires trust in the miners, where the normal client doesn't
358 2014-03-03 08:51:59 <sipa> it basically requires miners to conspire against you, if they want to make you false believe you received money
359 2014-03-03 08:53:04 <wumpus> and lying miners still can't steal your coins directly, unlike webwallet operators
360 2014-03-03 08:53:32 <rasmuzen> blah
361 2014-03-03 08:53:53 <rasmuzen> so what do you have to put on your phone to enable you to send money from it?
362 2014-03-03 08:54:09 <sipa> "bitcoin wallet for android" for example
363 2014-03-03 08:54:18 <tarix_jp> from nothing (block chain.info) to a light weight client
364 2014-03-03 08:54:22 <sipa> is an actual bitcoin client
365 2014-03-03 08:55:02 <rasmuzen> but what do you have to input into the app to enable it to send money?
366 2014-03-03 08:55:18 <tarix_jp> address + amount
367 2014-03-03 08:55:22 <sipa> well you have to send bitcoin to it...
368 2014-03-03 08:55:26 <tarix_jp> do you have an android phone?
369 2014-03-03 08:55:29 <wumpus> usually a QR code
370 2014-03-03 08:55:35 <sipa> before it can send any yourself
371 2014-03-03 08:55:35 <wumpus> NFC is also supported
372 2014-03-03 08:55:42 <sipa> or just a URI
373 2014-03-03 08:57:02 <rasmuzen> so the app has a separate bitcoin address that you send to or you put your own bitcoin address onto it?
374 2014-03-03 08:57:21 <wumpus> yes the app is a complete bitcoin wallet
375 2014-03-03 08:57:22 <sipa> it has its own
376 2014-03-03 08:57:50 <wumpus> you can send coins to it, and it can spend them again
377 2014-03-03 08:58:11 <rasmuzen> see that's not how people think
378 2014-03-03 08:58:29 <sipa> and "your own bitcoin address" sounds a bit incorrect... addresses aren't really supposed to be reused for more than one payment (though many applications make it hard)
379 2014-03-03 08:58:32 <rasmuzen> people have a bank account, they can spend the funds in their bank account with their credit card, or they can enable a mobile app (eg venmo) to spend their funds
380 2014-03-03 08:58:39 <rasmuzen> they aren't going to send funds to their phone to spend from their...
381 2014-03-03 08:58:41 <rasmuzen> that isn't scalable
382 2014-03-03 08:58:48 <rasmuzen> there*
383 2014-03-03 08:58:48 <wumpus> this is not about how people think but how things are actually are
384 2014-03-03 08:59:12 <tarix_jp> anyway, if you have an android phone and want to install the bitcoin testnet wallet i would be happen to send you some to play with. you can send them around and look at the transactions they generate.
385 2014-03-03 08:59:31 <sipa> i don't know... i put physical notes and coins in my physical wallet too
386 2014-03-03 08:59:40 <sipa> that's very much the same
387 2014-03-03 08:59:56 <wumpus> yes it is sort of the same
388 2014-03-03 09:00:10 <wumpus> you carry the money along with you in your phone instead of your wallet
389 2014-03-03 09:00:13 <sipa> has worked reasonably well for the last few centuries
390 2014-03-03 09:00:18 <rasmuzen> it's going away
391 2014-03-03 09:00:32 <rasmuzen> I can't remember the last time I even had cash in my wallet
392 2014-03-03 09:00:43 <rasmuzen> I pay with my phone or card always
393 2014-03-03 09:00:44 <sipa> there is work around being abke to share a bitcoin wallet across multiple devices
394 2014-03-03 09:01:02 <sipa> but it has obvious security risks
395 2014-03-03 09:01:11 <rasmuzen> what if your computer dies? then you lose all your coins?
396 2014-03-03 09:01:15 <sipa> no
397 2014-03-03 09:01:20 <rasmuzen> where's the backup?
398 2014-03-03 09:01:24 <sipa> elsewhere
399 2014-03-03 09:01:26 <rasmuzen> lol
400 2014-03-03 09:01:45 <sipa> what's funny?
401 2014-03-03 09:01:50 <rasmuzen> elsewhere is a third party's database
402 2014-03-03 09:02:01 <sipa> no
403 2014-03-03 09:02:04 <rasmuzen> it will be
404 2014-03-03 09:02:12 <rasmuzen> for 99.9% of users of bitcoin in 5 years
405 2014-03-03 09:02:20 <sipa> probably
406 2014-03-03 09:02:25 <wumpus> bitcoin pretty much has the same risk profile with regard to theft or loss as gold, anyway this is veering off-topic for #-dev
407 2014-03-03 09:02:43 <rasmuzen> alright I'll shut up
408 2014-03-03 09:02:52 <wumpus> (though you can't backup your gold! :P)
409 2014-03-03 09:03:00 <rasmuzen> lol
410 2014-03-03 09:03:30 <sipa> the way forward that actually provides good security without giving up access to your coins, is through multisig
411 2014-03-03 09:03:44 <sipa> where you require an additional signature by a third party
412 2014-03-03 09:03:52 <wumpus> but if it's gone it's gone, so you don't want to carry along large amounts of it (or even access to it) everywhere you go
413 2014-03-03 09:04:12 <sipa> who is configured to for example not sign automatically abkve a certain amount
414 2014-03-03 09:04:22 <sipa> or enforce daily limits
415 2014-03-03 09:04:38 <sipa> or require confirmation through (say) an SMS before continuing
416 2014-03-03 09:08:08 <wumpus> in that case the third party can refuse you access to your coins but it cannot steal them
417 2014-03-03 09:10:00 <sipa> you probably want 2-of-3 multisig, where one of the keys is secure storage (vault?)
418 2014-03-03 09:10:21 <sipa> so you can still access everything using this
419 2014-03-03 09:10:31 <wumpus> good poiint
420 2014-03-03 09:14:04 <wumpus> at least it can be done, if only developers of new services focused on that instead of building another dime a dozen web wallet
421 2014-03-03 09:18:57 <gmaxwell> I mean, thats why we rushed to get p2sh deployed so there would be no sender side hangups when one of these innovative wallets showed up.
422 2014-03-03 09:19:16 <gmaxwell> We didn't want people to choose to not do that because coins couldn't be sent to such a wallet.
423 2014-03-03 09:19:49 <gmaxwell> And I don't know if we were mistaken that doing that was necessary and most of sufficient simply because there are major widely used clients that still will not send to p2sh.
424 2014-03-03 09:23:24 <wumpus> is there anything else that we can do to make P2SH more well-known?
425 2014-03-03 09:24:39 <wumpus> maybe something that allows building P2SH scripts/addresses in the GUI?
426 2014-03-03 09:25:37 <gmaxwell> I think that we're finally over the hump now, since bitcoinj has it it'll just take updates from the things using it to remove that barrier.
427 2014-03-03 09:26:09 <gmaxwell> I can't tell if its working in bc.i yet, if not, that needs to be fixed. Armory needs to be fixed still, but I think thats a lesser impact.
428 2014-03-03 09:26:28 <gmaxwell> I mean, whos going to care about creating addresses when people can't send them funds? :P
429 2014-03-03 09:27:48 <gmaxwell> beyond that, we're missing a bunch of things in the ecosystem.  I don't believe any normal wallet can do a n-factor wallet.. the only way to do it with bitcoin-qt is via raw transactions, and even then you need to use a blockexplorer to find the txouts to spend because we don't have a way to add a p2sh address to the wallet without having the keys.
430 2014-03-03 09:28:56 <wumpus> sure, agreed, but giving it more visibility sometimes helps, so people that want to create services realize it's there and usable right now without rocket science
431 2014-03-03 09:28:59 <sipa> 
ACTION does the watch-only dance

432 2014-03-03 09:29:33 <wumpus> +1 sipa
433 2014-03-03 09:30:08 <gmaxwell> wumpus: so I had a conversation with some pool operators wrt moving their funds to multisig earlier.
434 2014-03-03 09:31:27 <wumpus> good, some early adopters
435 2014-03-03 09:31:31 <gmaxwell> And the barriers we hit were (1) no multisig, (2) only create raw (they considered it a danger and they'd rather have something that guarenteed correct fees), (3) format for signatures that packed inputs, but thats easy to work around, (4) no solver for the script they really want to use (which isn't a plain n of m)) ... I think that was it.
436 2014-03-03 09:31:46 <gmaxwell> er (1) should be no watching wallet to get the inputs, sorry, 1:30 in the morning here
437 2014-03-03 09:32:14 <gmaxwell> (4) could can just wait and be plain n-of-m at first. So I think the biggest barrier was watching.
438 2014-03-03 09:32:30 <gmaxwell> oh and their own pool software can't actually pay to a p2sh address, but that sounded like an easy fix.
439 2014-03-03 09:35:32 <gmaxwell> Ultimately we need something better than watching. . ... e.g. Create multsig wallet (e.g. that would come after multiwallet support) where you pop in extended pubkeys and it knows how to create signing requests... but bare metal support would be a start.
440 2014-03-03 09:35:42 <wumpus> I'll try to fix the nits in the watch only pull and get (1) for next release
441 2014-03-03 09:36:05 <gmaxwell> I lost track of the nits.
442 2014-03-03 09:36:23 <gmaxwell> was it just having a seperate 'watched balance' ?
443 2014-03-03 09:36:25 <wumpus> the main one is that the watch only balance should be reported separately
444 2014-03-03 09:36:27 <wumpus> yes
445 2014-03-03 09:36:53 <gmaxwell> makes sense, I guess it should also get flags in list transactions (category?) and listunspent
446 2014-03-03 09:36:59 <wumpus> the getbalance balance has always been the amount of coins that can be spent now with the keys we have at the moment
447 2014-03-03 09:37:31 <wumpus> yes, in listunspent there is already a flag
448 2014-03-03 09:37:50 <wumpus> not sure about listtransactions, but indeed there should be one so they can be identified
449 2014-03-03 09:38:15 <gmaxwell> the other thing they wanted was BIP32 public derrivation, so they wouldn't be stuck with a single key, but I think that at that point it was biting off too much at once.
450 2014-03-03 09:42:42 <sipa> having bip32 watchonly chains
451 2014-03-03 09:42:57 <sipa> and even better, automatic p2sh of several bip32 chains
452 2014-03-03 09:43:03 <sipa> would be awesome
453 2014-03-03 09:43:16 <sipa> and perhaps cleaner than the current watchonly code
454 2014-03-03 09:43:31 <sipa> though a large part would be shared, i guess
455 2014-03-03 09:44:01 <wumpus> I believe CodeShark is doing that
456 2014-03-03 09:44:14 <CodeShark> indeed I am :)
457 2014-03-03 09:44:27 <CodeShark> I've actually already done that
458 2014-03-03 09:44:34 <gmaxwell> sipa: yea thats what they want, automatic p2sh of multiple bip32 chains.
459 2014-03-03 09:44:35 <wumpus> including the p2sh part?
460 2014-03-03 09:44:45 <CodeShark> but I'm reworking it a bit to allow a more flexible hierarchy
461 2014-03-03 09:45:14 <gmaxwell> there is also a web implementation of this.. in any case, for that kind of thing you'd want to watchadd an extended redeemscript. (one that has bip32 pubkeys in it)
462 2014-03-03 09:45:53 <CodeShark> for a working implementation, https://github.com/ciphrex/CoinVault
463 2014-03-03 09:45:53 <gmaxwell> CodeShark: what about satisfaction flexiblity.
464 2014-03-03 09:46:08 <CodeShark> satisfaction flexibility?
465 2014-03-03 09:47:30 <gmaxwell> e.g. the demand here was for A&&B||(A||B&&2-of-3(C,D,E))   basically both operators OR one of the operators and two of three semitrusted third parties. ::ducks::
466 2014-03-03 09:48:21 <CodeShark> wouldn't that require a nonstandard script?
467 2014-03-03 09:48:34 <gmaxwell> sadly I don't see any obvious way to really make a rational rule for encoding that stuff beyond saying how many keys there are total and a karnaugh map. :P
468 2014-03-03 09:48:44 <gmaxwell> yea so? we can add scripts to the standard set at an time you know.
469 2014-03-03 09:48:54 <gmaxwell> (also pools don't really care)
470 2014-03-03 09:49:41 <anton000> with:  OP_HASH160 b472a266d0bd89c13706a4132ccfb16f7c3b9fcb OP_EQUAL  <-- so anyone can spend as long as they have scripSig correcthorsebatterystaple  ?
471 2014-03-03 09:50:02 <CodeShark> from my experience working with this stuff, it's too complicated usabilitywise to allow for arbitrary satisfaction for each specific script - you need to select a set of master keychains and then apply a common satisfaction policy to the set
472 2014-03-03 09:50:29 <CodeShark> at this point I've only fully implemented m-of-n
473 2014-03-03 09:50:36 <CodeShark> globally defined on a set of keychains
474 2014-03-03 09:50:44 <gmaxwell> CodeShark: I agree. e.g. spefiy that A B C D E  are extended public keys, and then have a single satisfyablity rule for the wallet over them.
475 2014-03-03 09:50:57 <CodeShark> that's how CoinVault works :)
476 2014-03-03 09:51:14 <gmaxwell> right and I was asking if you thought of or had done anything more complex than m of n
477 2014-03-03 09:51:37 <CodeShark> not yet - it's hard enough to properly apply m-of-n at this point
478 2014-03-03 09:52:00 <CodeShark> we're talking a significant usage learning curve, let alone the implementation hurdles
479 2014-03-03 09:52:16 <gmaxwell> At least I think that $random-rule is no harder beyond the specification, the rest of the procedure is the same.
480 2014-03-03 09:52:27 <gmaxwell> "go collect signature, young lad"
481 2014-03-03 09:52:42 <CodeShark> I actually think implementing arbitrary satisfiability is *easier* than coming up with a good usability model for typical applications :)
482 2014-03-03 09:53:25 <gmaxwell> I don't know that it changes the usability at all, other than the UI just needs to tell you what signatures remaining would satisfy it.
483 2014-03-03 09:53:42 <gmaxwell> but you've actually done ui for this, I have not.
484 2014-03-03 09:54:16 <CodeShark> well, if we're planning on relaying these types of transactions I'll start thinking about how to allow for such policies
485 2014-03-03 09:54:40 <CodeShark> right now the UI just has two fields - m and n :)
486 2014-03-03 09:55:50 <CodeShark> perhaps for now we can just use a notation like the one you gave
487 2014-03-03 09:56:12 <CodeShark> at least internally
488 2014-03-03 09:57:34 <CodeShark> I've found the most annoying thing so far to be the fact that some children of an extended key might not exist, although the probability for a specific child not existing is ~3.73446e-39
489 2014-03-03 09:57:55 <gmaxwell> CodeShark: tricky part is efficient encoding in script, e.g. there isn't a unique encoding to script, and the most efficient one isn't the most obvious (E.g. no need to ever repeat a pubkey)
490 2014-03-03 09:57:56 <CodeShark> so I'm now debating whether to even account for this case at all :)
491 2014-03-03 09:58:31 <CodeShark> right, gmaxwell - I'd love to actually have a decent script compiler :)
492 2014-03-03 09:58:40 <CodeShark> that can optimize
493 2014-03-03 09:59:00 <CodeShark> but it doesn't really seem worth doing unless we intend to relay these transactions
494 2014-03-03 09:59:37 <CodeShark> and since right now we're using such a tiny number of script types it doesn't seem worth the effort
495 2014-03-03 10:00:52 <gmaxwell> CodeShark: We'll relay it if there is an application able to use it. there is a cyclic problem here that I can't describe the isstandard rule without knowing what scripts it would support. :)
496 2014-03-03 10:01:31 <gmaxwell> but I don't think there would be any opposition to allowing fancier satisfaction rules, and everytime it seems I manage to get someone interested in multisig they want something slightly more complicated.
497 2014-03-03 10:01:55 <CodeShark> it seems like we have a serious bottleneck in development, then. in general, computer systems are designed by people who cannot possibly conceive of all the applications - the applications come later
498 2014-03-03 10:02:22 <CodeShark> at least at a systems level
499 2014-03-03 10:02:34 <wumpus> CodeShark: it's good that you're working on applications, feedback from that can be used to improve the rules
500 2014-03-03 10:03:04 <CodeShark> by allowing more free usage of the bitcoin script, we encourage more developers to try to come up with good applications
501 2014-03-03 10:03:16 <gmaxwell> but really, you should never let IsStandard guide you. We'll accomidate any sane usage.
502 2014-03-03 10:03:18 <CodeShark> by restricting it, we've killed much of the incentive to experiment
503 2014-03-03 10:03:32 <wumpus> CodeShark: also you can get around isstandard by submitting directly to pools, it shouldn't hold you back
504 2014-03-03 10:04:04 <CodeShark> not all pools support nonstandard scripts - you might be waiting a long time before confirmation
505 2014-03-03 10:04:12 <wumpus> well on testnet all the experimentation is possible, and that's where it should be happening in the first place
506 2014-03-03 10:04:14 <gmaxwell> you can say that, and yet usage of the stuff that is allowed is zilch. In the long term I hope we'll improve that, in the short term we need to be prudent to consider that attacks or damage to forward compatiblity we open up.
507 2014-03-03 10:04:59 <CodeShark> by having to hardcode specifically allowed script types, we've essentially negated any benefit that could come from having a scripting language
508 2014-03-03 10:05:01 <sipa> well you can send *TO* nonstandard p2sh all you like
509 2014-03-03 10:05:32 <gmaxwell> CodeShark: already don't have to hard code "specifically" allowed, e.g. the n of m stuff opens over a range.
510 2014-03-03 10:05:44 <CodeShark> right, as sipa says sending isn't a problem
511 2014-03-03 10:05:47 <CodeShark> it's redeeming them
512 2014-03-03 10:06:08 <CodeShark> and I would like to see p2sh become standard for to
513 2014-03-03 10:06:12 <sipa> CodeShark: i agree partially, but the ability to just flip a policy to add a new script type is vastly easier than hardforking...
514 2014-03-03 10:07:56 <gmaxwell> figuring out what the minimum safe IsStandard is something that needs to be done, I don't know if anyone of us has given it much though. It needs to still block the obvious malleabiltiy abuses as well as forward compatiblity abuses (e.g. using the NOP op_codes, or tx version)
515 2014-03-03 10:08:22 <CodeShark> so then perhaps the best way to move forward with this signature policy thing is to write up a few examples of specific scripts
516 2014-03-03 10:09:13 <CodeShark> the second step would be a tool that can transform human-readable expressions to script and vice versa
517 2014-03-03 10:09:22 <CodeShark> a compiler of sorts
518 2014-03-03 10:09:53 <_andares> have there been previous attempts at a "script"ing language?
519 2014-03-03 10:09:55 <gmaxwell> well if your intermediate step is just a truth table, then you can abstract the specification and the optimization.