1 2016-08-19 02:35:26 <dcousens> if BIP70 isn't available, is there any thoughts on an extension to BIP21 to allow for multiple outputs? QR codes obviously have their limits,  but I'm thinking you could probably do a simple GET to a URL provided.
 2 2016-08-19 02:38:12 <dcousens> It just seems I've often had projects that require multiple outputs in a transaction,  and the only solution was to use BIP70,  which requires a whole stack of various tech compared to how simple the project may have been up to that point
 3 2016-08-19 02:39:38 <dcousens> Probably relevant as separate BIP instead of an extension, but, point remains,  any thoughts?
 4 2016-08-19 02:40:46 <dcousens> Its a "replacement" for BIP70, as much as it is simply an advanced payment request,  I have no need for a 2-way protocol in most situations
 5 2016-08-19 02:41:06 <dcousens> Its not a "replacement"***
 6 2016-08-19 13:34:50 <rafalcpp> is bitcoin built (also) on offline computer (airgapped) by anyone?
 7 2016-08-19 13:34:59 <rafalcpp> *are bitcoin builds
 8 2016-08-19 13:35:14 <spudowiar> rafalcpp: well, how would that work?
 9 2016-08-19 13:35:25 <rafalcpp> whoops. Are bitcoin builds being created (in Gitian) and then gpg signed, on offline computer - by anyone yet
10 2016-08-19 13:35:32 <spudowiar> rafalcpp: you'd have to pull the files from an online computer, it could be compromised then
11 2016-08-19 13:35:46 <spudowiar> rafalcpp: there's no way of getting uncompromised files to an offline computer
12 2016-08-19 13:35:56 <spudowiar> rafalcpp: so it's a pointless endeavour
13 2016-08-19 13:36:02 <rafalcpp> spudowiar: copy all files needed to build on computer B.  Run build there. Sign it there.  Move via some media (e.g. CD rom) the files to A. Upload to internet from A
14 2016-08-19 13:36:18 <spudowiar> How do you get files to Computer B?
15 2016-08-19 13:36:48 <rafalcpp> spudowiar: on a CD, from a computer that can be compromised, it doesn't matter because you can check signatures of the files that end up on B before using them
16 2016-08-19 13:37:28 <spudowiar> rafalcpp: well, now you're relying on signatures from a third party
17 2016-08-19 13:38:33 <rafalcpp> spudowiar: bitcoin sources are signed by bitcoin devels of course
18 2016-08-19 13:38:50 <rafalcpp> yeah I assume that computer B, and it's operating system is not compromised. Have to assume something
19 2016-08-19 13:38:58 <spudowiar> ofc
20 2016-08-19 13:39:18 <spudowiar> What I'd do personally, is go to a random computer shop to check signatures, etc. then verify AGAIN on the airgapped computer (with files from my own computer)
21 2016-08-19 13:39:40 <spudowiar> Provides me with enough assurance :)
22 2016-08-19 13:39:54 <rafalcpp> so if only  1) computer B was not pre-hacked on hardware level   2) computer B system installation was fine (e.g. Debian/Ubuntu is not backdoored, and the I can meet in person ftpmaster or ask 100 people what is his pubkey)
23 2016-08-19 13:40:07 <spudowiar> yeh
24 2016-08-19 13:40:12 <rafalcpp> then there is no way to compromise it at all.  (besides like kidnapping the builder - but that is why we have many builders)
25 2016-08-19 13:40:23 <spudowiar> hehe
26 2016-08-19 13:40:28 <rafalcpp> allright. So, does anyone do that already? E.g. any of people signing bitcoin releases now?
27 2016-08-19 13:41:55 <rafalcpp> maybe it would be worthwhile to do so?
28 2016-08-19 13:43:21 <rafalcpp> wumpus: any thoughts on it? Now I'm getting to like Gitian, so I think such build (by some of builders) could be an improvement
29 2016-08-19 13:49:22 <moli> rafalcpp, every release is signed
30 2016-08-19 13:50:01 <rafalcpp> moli: of course. I asked about are they being signed on air-gapped computer
31 2016-08-19 13:55:42 <pigeons> how air-gapped is air-gapped? remove the sound cards? anyway you reproduce whatever they built exactly with gitian on your own machine
32 2016-08-19 13:56:29 <rafalcpp> pigeons: yes, remove all such hardware. Indeed it's enough to sign the checksum. Reason for it would be only to confirm that you get the identical checksum
33 2016-08-19 13:57:00 <pigeons> you built it byte for byte exact copy with gitian
34 2016-08-19 13:57:03 <jonasschnelli> What would air-gapped build solve?
35 2016-08-19 13:57:06 <jonasschnelli> *builds
36 2016-08-19 13:57:30 <pigeons> nothing
37 2016-08-19 13:58:02 <rafalcpp> it would solve attempt to online hack all the ~10 people who confirm builds now
38 2016-08-19 13:58:32 <jonasschnelli> The current build concept with gitian would require that an attacker compromise either gitian (will be very likely detected by the devs) or every devs/gitian-builders system
39 2016-08-19 13:58:34 <rafalcpp> (how ever small possibiliy of doing that is)
40 2016-08-19 13:58:50 <jonasschnelli> rafalcpp: no. It would not solve that.
41 2016-08-19 13:58:50 <rafalcpp> jonasschnelli: yeap, every of the 10 signers
42 2016-08-19 13:59:09 <pigeons> more people build with gitian than the 10 signers and get the same result
43 2016-08-19 13:59:55 <pigeons> the point is that anybody can
44 2016-08-19 14:00:11 <moli> the problem more likely is if bitcoin.org or github gets compromised, but even more likely is users computers are already compromised
45 2016-08-19 14:01:33 <rafalcpp> pigeons: hmm ok, if someone really cares (runs exchange for example) then he anyway builds from sources, and there it is question of how secure is the source code git tag.  (plus smugging in hostile change can be hard... though happened with altcoin at least once already)
46 2016-08-19 14:02:23 <jonasschnelli> There is also a verify-git-commits script
47 2016-08-19 14:02:42 <jonasschnelli> All git commits are GPG signed (form a certain point back in time)
48 2016-08-19 14:02:51 <rafalcpp> jonasschnelli: I assume compromising 1 developer source code GPG allows to add a last hostile commit and tag it
49 2016-08-19 14:03:18 <rafalcpp> for the source code route, question would be instead: is that signature placed on offline computer?
50 2016-08-19 14:03:38 <jonasschnelli> sure. but It needs to end up in the main git repository...
51 2016-08-19 14:03:54 <jonasschnelli> A push will be detected immediately.
52 2016-08-19 14:04:00 <rafalcpp> jonasschnelli: yeah that is super cool tool, we do same in our projects now (and Gitian too, great invention thanks to Bitcoin too :)
53 2016-08-19 14:04:39 <rafalcpp> jonasschnelli: I assume github is compromisable to begin with, and that end user relies on crypto-signatures, not just on some hosting
54 2016-08-19 14:05:06 <jonasschnelli> Yes. But git is already distributed..
55 2016-08-19 14:05:20 <jonasschnelli> A git tag refers to a hash
56 2016-08-19 14:05:57 <jonasschnelli> compromising the source code is probably way more difficult then compromising the binaries
57 2016-08-19 14:06:06 <jonasschnelli> but here is this....
58 2016-08-19 14:07:04 <jonasschnelli> if an attacker manages, to steal Breadwallets or Android Walltes App Store credentials, the attacker could upload a malicious binary which sends-home all private keys.
59 2016-08-19 14:07:35 <rafalcpp> jonasschnelli: use (attack) case would be: target an exchange or rich user, who builds from source.  As a cost you need to impersonate github https or compromise their servers first (did happened once),   and to compromise over-internet computer of developer who GPG signs tags on releases usually
60 2016-08-19 14:07:53 <rafalcpp> use this dev's key to commit -S hostile change, and tag -s it.
61 2016-08-19 14:08:02 <rafalcpp> deliver that from compromised github
62 2016-08-19 14:08:53 <rafalcpp> jonasschnelli: yeah. So this scenario makes sense, right? Perhaps something worth it to steal say 1 million in btc
63 2016-08-19 14:10:00 <rafalcpp> so I think if the git tag would be placed on airgapped computer (some inconvenience for this developers), then the cost of attack would increase to require some physical compromise of them
64 2016-08-19 14:11:40 <rafalcpp> that is correct right? If yes, then I wonder if such approach would be worth the extra effort (if it's not done that way already)
65 2016-08-19 14:11:57 <pigeons> ignoring the fact that this will be noticed, a physical compromise isn't necessarily more expensive as you presume
66 2016-08-19 14:14:02 <rafalcpp> pigeons: you mean the attack would be noticed right?  (because the compromised version could be sent to only targeted user, exactly to avoid other users realizing the code is bad and rising alarm)
67 2016-08-19 14:14:43 <pigeons> i thought you said they compromised github and not a trageted user?
68 2016-08-19 14:15:15 <pigeons> look, of course there are risks, but i dont agree that this fixes any of them
69 2016-08-19 14:15:29 <rafalcpp> pigeons: yes but in such position they could compromise github to server on version of software to certain user, and other to everyone else.  This is one of main reasons for deterministic builds for me
70 2016-08-19 14:15:38 <rafalcpp> *to server one version
71 2016-08-19 14:16:12 <rafalcpp> waxwing: WoT of gnupg? This is same gnupg pubkey as always, WoT check on it is the same
72 2016-08-19 14:17:33 <pigeons> now we've compromised all of the gitian builders who sign, all of the builders who dont sign but wuld notice, github, etc
73 2016-08-19 14:21:42 <rafalcpp> pigeons: well not all at once.  Either github + 1 developer (laanwj@gmail.com now),  or website + all gitian signers
74 2016-08-19 14:25:38 <rafalcpp> then... anyone here thinks changing requirement of that from "we need to hack their computer online" into "we need to physically attack their signing computer" would be a good step?
75 2016-08-19 14:26:30 <rafalcpp> maybe it's just me.  But I think even for governmnts it is much harder to physically attack people (and do so without rising alarm as some developer dissapears suddenly)
76 2016-08-19 14:35:09 <waxwing> i think there is more defence in distribution than in moving from logic to physical layer. The latter is not nothing, but attacks on physical distribution layer are very real, and where they are happen they are horribly hard to detect.
77 2016-08-19 14:36:21 <waxwing> Worst case, N developers use physical devices, but all of a type that has been backdoored. And nobody knows. I think it's more about the N.
78 2016-08-19 16:45:16 <Ylbam> Do we know who is behing the interesting http://bcoin.io/ project?
79 2016-08-19 16:48:21 <Ylbam> Copyright owned by Fedor Indutny  who seems to be an engineer working at PayPal
80 2016-08-19 16:48:59 <Ylbam> Looks like he is a Node.js core team member too.
81 2016-08-19 16:53:51 <jonasschnelli> Ylbam: yes. Its him: https://twitter.com/_chjj
82 2016-08-19 16:56:39 <Ylbam> @jonasschnelli: thanx, looks like an amazing project.
83 2016-08-19 16:57:18 <jonasschnelli> grml... wasn't supposed as a /me message