1 2017-07-31 01:13:33 <danielmetlitski> How does Bitcoin prevent someone modifying the key generation code to pick a specific address to generate a private key for?
2 2017-07-31 01:25:51 <ivan> danielmetlitski: https://arstechnica.com/information-technology/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/
3 2017-07-31 01:26:00 <ivan> (or a better resource, there are a hundred)
4 2017-07-31 01:26:37 <danielmetlitski> text wall
5 2017-07-31 01:30:42 <danielmetlitski> an offline computer can generate a key
6 2017-07-31 01:31:19 <danielmetlitski> that key can be used despite being generated offline
7 2017-07-31 01:32:26 <danielmetlitski> and reverse engineering it to generate a private key for a non-random address is impossible??
8 2017-07-31 01:35:35 <danielmetlitski> sorry d/cââ¬â¢d for a sec
9 2017-07-31 01:36:24 <danielmetlitski> and since sha256 was cracked a long time ago, it still uses sha256?
10 2017-07-31 01:38:24 <achow101> danielmetlitski: sha256 wasn't "cracked"
11 2017-07-31 01:40:27 <danielmetlitski> this is sha256, crack this its crackable
12 2017-07-31 01:40:32 <danielmetlitski> 59b4dbb11c532b2590032e48a6165f754dab1a7a24f2d50b762e3891b9e2ab1f
13 2017-07-31 01:40:50 <danielmetlitski> a surprise awaits
14 2017-07-31 01:40:55 <achow101> what do you mean by "crackable"?
15 2017-07-31 01:41:02 <achow101> preimage attack or collision attack?
16 2017-07-31 01:41:15 <danielmetlitski> reverse this
17 2017-07-31 01:41:16 <danielmetlitski> 59b4dbb11c532b2590032e48a6165f754dab1a7a24f2d50b762e3891b9e2ab1f
18 2017-07-31 01:41:22 <danielmetlitski> i just used an online sha256 generator to make it
19 2017-07-31 01:42:01 <danielmetlitski> if you are unable to reverse it, ill show u how
20 2017-07-31 01:42:07 <achow101> show me how
21 2017-07-31 01:42:16 <danielmetlitski> https://md5hashing.net/hash
22 2017-07-31 01:42:55 <achow101> a lookup table does not mean that it was cracked
23 2017-07-31 01:43:03 <achow101> it just means that the site has a database of strings and their corresponding hashes
24 2017-07-31 01:43:35 <danielmetlitski> my hash wasnââ¬â¢t pre-stored on that website
25 2017-07-31 01:43:40 <achow101> it is in fact not "crackable"
26 2017-07-31 01:45:09 <achow101> crack this then: 34e3a78f0142542197be9d6d9d4aac6e4c18f203e05cfc82c2d516829052942b
27 2017-07-31 01:45:10 <danielmetlitski> http://jheusser.github.io/2013/02/03/satcoin.html
28 2017-07-31 01:45:13 <achow101> I bet you can't
29 2017-07-31 01:46:04 <danielmetlitski> is it sha 256
30 2017-07-31 01:46:09 <achow101> yes
31 2017-07-31 01:46:31 <achow101> anyways, sha256 is unrelated to key generation
32 2017-07-31 01:46:52 <danielmetlitski> what is used for key generation
33 2017-07-31 01:46:59 <achow101> a random number generator
34 2017-07-31 01:47:06 <achow101> and then EC math
35 2017-07-31 01:47:11 <danielmetlitski> well the source code is public
36 2017-07-31 01:47:17 <achow101> so?
37 2017-07-31 01:47:29 <danielmetlitski> can you change it to be non random
38 2017-07-31 01:47:42 <danielmetlitski> say I wanted your wallet
39 2017-07-31 01:47:50 <achow101> sure, but only for one implementation. it isn't a network wide thing
40 2017-07-31 01:47:59 <danielmetlitski> what
41 2017-07-31 01:48:03 <achow101> you can change your local implementation, but that won't effect anyone but you
42 2017-07-31 01:48:25 <danielmetlitski> you can generate wallets offline that instantly with the bitcoin network
43 2017-07-31 01:48:48 <achow101> instantly _what_ with the bitcoin network?
44 2017-07-31 01:48:53 <danielmetlitski> yes
45 2017-07-31 01:49:15 <danielmetlitski> like right now, you can generate wallets offline for Bitcoin, the private keys and address are generated offline
46 2017-07-31 01:49:18 <achow101> yes
47 2017-07-31 01:49:21 <achow101> so?
48 2017-07-31 01:49:47 <danielmetlitski> if I change my local implementation to choose specific numbers that correspond to a hot wallet
49 2017-07-31 01:50:04 <achow101> you don't know what numbers correspond to a hot wallet
50 2017-07-31 01:50:07 <danielmetlitski> what prevents me from reversing it
51 2017-07-31 01:50:19 <achow101> you can't, unless you have compromised the wallet itself
52 2017-07-31 01:50:29 <achow101> how do you plan on reversing it?
53 2017-07-31 01:50:30 <danielmetlitski> what do you mean compromised
54 2017-07-31 01:50:49 <danielmetlitski> by changing the random number generator
55 2017-07-31 01:51:04 <achow101> the private keys are stored on that wallet. private keys cannot be derived from public keys (yet). public keys cannot be derived from addresses
56 2017-07-31 01:51:11 <achow101> they are all one way functions
57 2017-07-31 01:51:42 <danielmetlitski> yes but you can edit functions
58 2017-07-31 01:51:48 <achow101> yes, you can decide to make your wallet choose a specific private key, but how do you know what that private keys is?
59 2017-07-31 01:52:06 <danielmetlitski> how is it impossible to change it to generate specific things
60 2017-07-31 01:52:18 <achow101> all of that stuff happens locally wallet side and some of it is network consensus rules
61 2017-07-31 01:52:36 <achow101> so you can't change it unless you have access to the computer or you convince the other person to run software that you have written
62 2017-07-31 01:52:48 <danielmetlitski> well the part I donââ¬â¢t understand is, is why is it impossible to reverse engineer this
63 2017-07-31 01:52:59 <danielmetlitski> we have all the source code
64 2017-07-31 01:53:23 <achow101> it is impossible to reverse engineer it because the mathematics behind all of the crypto functions makes it so that it is impossible to do
65 2017-07-31 01:53:33 <achow101> it has nothing to do with source code; it's all properties of math
66 2017-07-31 01:53:39 <danielmetlitski> I understand itââ¬â¢s ââ¬Åprobabilityââ¬Â and ââ¬Åencryptionââ¬Â but I want specifics
67 2017-07-31 01:53:46 <achow101> there is no encryption
68 2017-07-31 01:54:13 <danielmetlitski> are you a dev achow101?
69 2017-07-31 01:54:20 <achow101> yes-ish
70 2017-07-31 01:54:58 <danielmetlitski> cuz you canââ¬â¢t explain specifically what prevents it from being reverse engineered
71 2017-07-31 01:55:20 <danielmetlitski> Iââ¬â¢m not trying to hack people, I am doing my due dilligence on if bitcoin is a trully secure entity to hold my funds
72 2017-07-31 01:55:22 <achow101> it's cryptography that I don't quite remember the details of. cryptography and code implementation are different things
73 2017-07-31 01:55:37 <achow101> I work on things not related to cryptography
74 2017-07-31 01:55:55 <danielmetlitski> grr so you have no clue what you are talking about >.<
75 2017-07-31 01:56:11 <achow101> no, i do, i just don't remember the specifics for ecdsa
76 2017-07-31 01:56:38 <danielmetlitski> so what about SAT mining
77 2017-07-31 01:59:29 <danielmetlitski> maybe Iââ¬â¢ll try SAT mining on my S9ââ¬â¢s and see if itââ¬â¢s still possible, has anyone done it yet?
78 2017-07-31 02:08:37 <achow101> danielmetlitski: you can't get private keys from public keys because of the discrete logarithm problem
79 2017-07-31 02:09:13 <danielmetlitski> bruh itââ¬â¢s not even real numbers
80 2017-07-31 02:09:57 <achow101> ?
81 2017-07-31 02:10:00 <danielmetlitski> The NSA has broken it
82 2017-07-31 02:10:22 <achow101> no. the NSA broke a random number generator that was based on elliptic curves
83 2017-07-31 02:10:29 <achow101> they did not break ECC itself
84 2017-07-31 02:10:45 <danielmetlitski> they are able to break much of currency cryptography
85 2017-07-31 02:10:59 <danielmetlitski> according 2 this
86 2017-07-31 02:11:00 <danielmetlitski> https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf
87 2017-07-31 02:11:29 <danielmetlitski> u know what the NSA does right
88 2017-07-31 02:11:45 <achow101> diffie hellman is unrelated to this
89 2017-07-31 02:12:18 <danielmetlitski> the reason the NSA are able to do it is the reason the US goes after people like Alexander Vinnik
90 2017-07-31 02:13:35 <danielmetlitski> heââ¬â¢s gonna get to keep his money, go into witness protection, and work with the NSA to compromise even further
91 2017-07-31 02:13:54 <achow101> and now you're just trolling
92 2017-07-31 02:14:48 <danielmetlitski> if you think that the US government doesnââ¬â¢t have the network key to BTC then you are the troll
93 2017-07-31 02:15:17 <achow101> "network key" wtf are you talking about? THere is no "network key". Clearly you don't understand how Bitcoin or cryptography works
94 2017-07-31 02:16:08 <danielmetlitski> the source code repository and network alert key
95 2017-07-31 02:16:21 <achow101> the source code is on github
96 2017-07-31 02:16:23 <danielmetlitski> he gave it to Gavin Andresen, a CIA operative
97 2017-07-31 02:16:28 <achow101> the alert system was dismantled
98 2017-07-31 02:17:36 <achow101> the alert system no longer works since every single node 0.14.0+ will broadcast to all nodes that still have the alert system (defined by having a certain protocol verison number) a final alert that cannot be overridden
99 2017-07-31 02:17:37 <danielmetlitski> Nakamoto is clearly under witness protection, they let him keep his money but made him sell majority stake & hand over project access
100 2017-07-31 02:17:53 <achow101> the alert system doesn't even do anything anyways except display whatever message you want
101 2017-07-31 02:18:14 <achow101> gavin doesn't have access to the project anymore. his commit access was revoked
102 2017-07-31 02:18:33 <achow101> and satoshi was never involved with it on github as the move to github occured long after he left
103 2017-07-31 02:20:21 <danielmetlitski> well no doubt but the US just kidnaps a Russian national in Greece who destabilized Bitcoin
104 2017-07-31 02:21:20 <danielmetlitski> no vested interest?
105 2017-07-31 18:20:35 <nerdcore> bitcoind requires Berkeley DB 4.8 for backward compatibility on wallets, right? What version would have used 4.8? I'd like to know if I need it or not while building a new version
106 2017-07-31 18:20:45 <nerdcore> I don't know what bdb version my wallet is. How could I tell?
107 2017-07-31 18:24:08 <arubi> `db_verify wallet.dat` will tell you if you have the 'db*-util' package
108 2017-07-31 18:30:31 <nerdcore> arubi I do not seem to have a `db_verify` command installed
109 2017-07-31 18:31:07 <nerdcore> I'd like to compile the latest code but I don't know whether I need bdb 4.8 or not
110 2017-07-31 18:35:38 <arubi> nerdcore, you can use the depends system to build with all the proper libraries
111 2017-07-31 18:36:21 <arubi> are you running linux?
112 2017-07-31 18:37:17 <nerdcore> ah yes I recall something like that. Yes I am on Debian
113 2017-07-31 18:37:41 <nerdcore> (I'm sure I did this correctly last year...)
114 2017-07-31 18:39:23 <arubi> okay, so as long as you have these : "build-essential libtool autotools-dev automake pkg-config libssl-dev libevent-dev bsdmainutils" , you can then cd into the depends directory and run `make`
115 2017-07-31 18:40:24 <arubi> (if that's your "triplet")
116 2017-07-31 18:40:24 <arubi> then cd .. back to the root dir, and you can run something like `./configure --prefix="$PWD/depends/x86_64-pc-linux-gnu"`
117 2017-07-31 18:40:24 <arubi> then `make` from the root directory will use the libs from the depends build
118 2017-07-31 18:48:27 <nerdcore> riiiiight. thx. Is this documented somewhere? It's not obvious when you untar and the README points you to "doc/build-*.txt"
119 2017-07-31 18:48:41 <nerdcore> (IMO)
120 2017-07-31 18:50:34 <arubi> it's in build-unix.md and the README.md in ./depends
121 2017-07-31 18:52:43 <arubi> yea I agree it's got a bit of "lore" in it. this process isn't described literally
122 2017-07-31 19:04:30 <nerdcore> I've fired the depends make job. It'll take a while...
123 2017-07-31 19:05:16 <nerdcore> it is a nice fast system but many of its CPU cores are busy folding proteins for dogecoin lol
124 2017-07-31 19:06:50 <arubi> hehehe, gl
125 2017-07-31 19:11:18 <nerdcore> I'm sure I've done this before, I just always forget to have bitcoind build its own dependencies first :(
126 2017-07-31 19:11:28 <nerdcore> then link 'em
127 2017-07-31 19:11:31 <nerdcore> thx for the tip
128 2017-07-31 19:12:08 <nerdcore> i have an ubuntu 14.04 system where I built against system bdb-4.8 and it worked fine but there was no simple debian 8 pkg
129 2017-07-31 19:13:06 <arubi> right, there's either the clean depends way, or add the ppa to apt. really it's great to have everything self contained in depends
130 2017-07-31 19:14:52 <nerdcore> seems like this might, by chance, build a more stable binary. but that's just speculation