|
Can you say some more about the device and about a software development platform (SDK) that can be used?
Do you program it in C?
Does it have enough memory and CPU power to run ECDSA functions?
|
|
|
|
Each of these pools runs tens of nodes...
In separate data centers?? What does it matter? |
|
|
|
If you look at this hashrate chart, you can see that by just targeting the 4 largest pools you could split the hashrate into 2 equal groups.
"Targeting" how? Each of these pools runs tens of nodes and each of these nodes connects to tens of peers, from all over the world. How do you imagine delaying information about new blocks coming to these nodes? |
|
|
|
|
I find it quite impossible in practice, to "split the miners into 2 equal groups by causing a communications delay between them".
It's probably even harder than splitting the internet in half.
|
|
|
|
You are not a wallet thief, man - you've done nothing wrong in that matters. I am also not a wallet thief, even though the man has also somehow accused me of such. We are all dicks though.  If I was to be upset by all the names that different kind of dicks call me, I'd have been upset all me life. It's a public forum, people have different characters which are going to clash and you have to know how to deal with it - especially if you are older than them. But that is not the point. The point is that I have been here for years and if someone asked me today how I have contributed into an actual "technical development" of bitcoin by my activity on this "Development & Technical Discussion" forum, I'd have said: I haven't at all. Although I have certainly made my dick bigger here. And the sad part is that everybody seems to be here for that reason. |
|
|
|
|
I really wish this forum would sometimes happen to be about an actual technical discussion and not always about who has a bigger dick.
|
|
|
|
Why don't you want to discuss the protocol changes needed for bootstrapping clients with utxo snapshots?
Because you obviously don't.
Please explain me: if it isn't about your ego, then what is it about?
Oh... No comments? Well, let me guess, then... You can't talk about it, because it happens that this specific feature is being researched by a company that you work and signed an NDA for? Maybe it's indeed not about your ego. Maybe it's just about money. |
|
|
|
|
Mind that later I spent some time with sipa asking him how to realize the bip 37 solution for fetching the missing transactions. He came back to me the next day saying that it wasn't actually possible.
So yes, I was listening.
But at that moment it was pretty clear that in order to improve block downloading times some network protocol changes were needed. Whilst the message I got from you was that you weren't willing to make any changes because you didn't seem to see block downloading times as a problem worth solving.
Just like at this moment you don't seem to see the bootstrapping time to be a problem worth solving.
Although not because it's not really worth solving, but because you want to solve it yourself.
Because you only care about a progress in Bitcoin development when it goes along the way with indulging your ego.
If it doesn't, then it has to wait for when you have time.
|
|
|
|
Where did I say that compact blocks were 'my proposal'? No - I came to you saying that I would like to work on improving the block download times. And you told me off, saying basically that it wasn't necessary. Plus also some other bullshit about BIP37 that didn't turn out to be true. 10:05 < gmaxwell> tonikt: Not a very worthwhile thing in my opinion, and as sipa points out its already possible. But then few years later, suddenly improving the block download times became so much desirable and you've been so proud of you delivering it to the public. Pathetic |
|
|
|
I'm just explaining you how you are being perceived. Whether your intentions were not to tell the guy of, but maybe only to encourage him into a more productive way of thinking - that's a different story. And no, I'm not going to look through the IRC logs from several years ago, just to prove to myself that I haven't dreamed about something and it actually happened. Because, believe me or not, I seriously don't give a fuck whether you believe me or not Why don't you want to discuss the protocol changes needed for bootstrapping clients with utxo snapshots? Because you obviously don't. Please explain me: if it isn't about your ego, then what is it about? |
|
|
|
|
Seriously man, this happens all the time.
Whenever a person from outside the circle comes with an idea, you either tell him that the idea is stupid or just not worth working on.
I've seen it so many times, that I'm sick of it already.
Just me, years ago, trying to talk on #bitcoin-dev about ways to speed up block downloading times. That was a no no - block propagation didn't need improving because you didn't think it was important... It almost got me banned from the channel.. And yet we are; 2016 - a new brilliant feature that the bitcoin core team is so proud of: compact fucking blocks!
Or: How many times have I tried to discuss a way of solving the bootstrapping issue once and for all by extending the protocol to allow a secured distribution of the utxo db?
No fucking way to discuss it, because first you don't find it important, then you are 'way ahead' of me with the design, and then you still don't know how to do the hashing of the fucking records - and that took you like 4 years to realize....
Just like I had said: at the end it's still going to be done, except that it will take at least 10 years, because you're too busy now with other stuff and this specific thing is too big of a deal for your ego to let anyone from outside to claim credit for solving.
|
|
|
|
Which means that if you want to change any bit there, you have to play the bitcoin celebrities PR game, which is mostly about indulging a big egos of a few funny characters. Which is just something you're purely making up. And it's unfortunate because if other people read it and don't know that you're extrapolating based on your imagination and fears they might not contribute where they otherwise might. That does the world a disservice. Man, how long have I been here? What I've said has zero to do with fears and all to do with my observations and experience. Just go back to the top of this topic. Guys came with some ideas to optimize the lib - maybe not the most brilliant ones, but also definitely not a stupid ones... And what was your reaction? You basically told them off. You do it all the time. If there was a ranking of people scaring newcomers away from contributing into the code, you'd be on top of it. Because you always know better. Some others 'core devs' have quite similar characters. Just a few, but they are enough to scare new people from contributing. Especially a talented, brilliant people won't be willing to put up with this shit, that you guys throw at them. |
|
|
|
There is no question that at this moment sipa's secp256k1 lib is the fastest solution on the market. And you can complain all you want about messy coding or poor documentation, but unless you provide an alternative to prove that it can be done so much better... well, then it's just going to be a moaning. And just a moaning isn't very professional. Sipa didn't go to openssl forum saying how shitty their implementation was - he just made a better one, to prove the point. And he proved it so well that now nobody bothers to make an effort in beating him. |
|
|
|
Sipa you say? Why did he abandon the project? Was it just some proof of work?
Proof of work that have already found so many applications, including one in your project. I guess you can call it however you like. I don't know him and can't speak for him, but I wouldn't say he abandoned it. Rather decided it was complete enough and moved on with his life, like we do all the time. Even satoshi did that with his big project. And you're also not going to work on a single project all your life, are you? |
|
|
|
|
It wasn't 'the collective'.
Sipa wrote the entire library, from scratch, all by himself.
The guys just took his code, adding some pretty useless checks and heavy building system around it, and now it's 'officially' hosted from bitcoin/secp256k1, as the 'community project' . Which means that if you want to change any bit there, you have to play the bitcoin celebrities PR game, which is mostly about endulging a big egos of a few funny characters.
But if you check the history of sipa/secp256k1 you can see that it used to quite easy to commit optimizations into that code.
It was all done by one person as his personal, partially experimental project and I personally admire the work.
And you can't seriously expect from and coder to work on his personal hobby project and then deliver it with the industry standards documentation.
What kind of documentation would you even expect from a lib that provides a simple EC math functions? The function names are descriptive enough if you understand the operations they provide. And if you don't understand the math behind it then no document is going to help you anyway.
|
|
|
|
The original secp256k1 lib is a great piece of work, but it surely can be improved even more. Any optimizations are very welcome - I'm sure sipa (the original author) would agree. He's a very nice guy and it's easy to contact him directly (probably best via IRC). Although, about the code used by the core, he'll probably tell you that it's being maintained by other people now. Otherwise, just publish your improvements here - even if not Bitcoin Core, someone else will use them, trust me, because time is money |
|
|
|
I thought maybe something along these lines:
Let x be a 32bit integer (the only source of entropy). Then the private key k is
k = pbkdf2(scrypt(key=sha3("bull testicles" + sha3(x), salt=sha3(sha3(x)), N=2^(sha3(x)%1000000000000), r=8, p=1, dkLen=32), salt=sha3(sha3(x)), c=2^(sha3(x)%1000000000000), dkLen=32, prf=HMAC_SHA256)
I am quite sure that this very simple brainwallet cannot be cracked within one week, even for low entropies. Of course, for 32bit of entropy, I wouldnt keep the wallet live for more than a few months / maybe years. But for any four word english phrase that my mind comes up with, I would say it's pretty secure.
Disclaimer: if in doubt assume my approach is unsafe as hell and will lead to a total loss of your funds!
Yes, it's actually another thing worth mentioning. Despite of what some people claim (or may think) not everybody uses brainwallet.org (which BTW doesn't work), or bitcoinpaperwallet.com, or brainwallet.io or BIP38 or any other "standard" generously acknowledged by the ever patronising us bitcoin celebrities. You just gave an example for quite a complex hashing mechanism - it takes quite a lot of time to just calc one hash. Myself, I use much more simple hashing - calculates in an instant, but I'm still comfortable with it, as I focus on making strong passwords. And it is not only about how you generate the first address, but also others originating from the same seed. My point is: whoever is going to crack brain wallets cannot really do all-at-once as the function that turns the password into the 256 bit private key can be literally anything. He needs to address each one separately - first having to learn what it actually is. Suit yourself with the method of the guy who "invented Brainwallets", using the breakthrough science-fiction sentence cracking solution that you have allegedly researched [again!], but don't want to disclose... But still, if you want to crack my password, you will have to launch a slightly different software. |
|
|
|
|
I'm going to go back to publishing my thoughts on best practices in brain wallets security.
Despite of attacks on my credibility and honesty (which I'm going to ignore, as they are not worth my time), I'm standing behind all my previous statements on how to choose a secure brain wallet seed.
I think all the solutions I described in this topic are secure enough.
But it doesn't mean we cannot make them even more secure, using other kind of tricks.
Think of your life's savings - millions of dollars worth of bitcoins, which you want to protect only by passwords memorised in your brain.
This method is what I would call insurance fund security countermeasure.
You can take e.g. 2% of your life savings and put it on the insurance fund.
Worst case scenario: if your brain wallet gets cracked one day, it will cost you 1% of your savings, assuming you quickly act upon it.
Here is the method:
Note: a brain wallet can lead to practically unlimited number of addresses, but to simplify my guide I will assume that one brain wallet = one address.
So:
1. Make two or more brain wallets and deposit the insurance fund in their P2KH addresses (spreading the entire fund across them - evenly or however you like).
2. Make a multisig address 2-of-2 (or N-of-N if you made more brain wallets in point one) and deposit the rest of your savings there.
3. Do not spend from your multisig address, as it would disclose (to a potential attacker) that there is a much bigger stake to take than just the insurance.
Now, for the insurance to work, you will have to monitor the balance on your insurance addresses - use whatever method you want; manual or automatic.
If any of your passwords gets cracked, its insurance address will get emptied.
Important note here: the insurance address must carry enough coins, to tempt the attacker.
Anyway, when an insurance address gets emptied - this tells you to move the funds from your multisig savings address to a new one.
Also, you can draw conclusions that the password you used for that address was too weak - and learn from it...
|
|
|
|
Suggestion: I will put 5 BTC into an address which is secured by an entropy of 32 bits only.
what do you mean? you will post the public address and 224 bits of its private key - and we only have to guess the remaining 32 bits? sign me in! to go through all the 4294967296 combinations within a week (604800 seconds), one would only have to check 7101 keys per second. that's totally doable - you will loose your money, man. however, that will have nothing to do with cracking brain wallets - it's just pure brute forcing of random values. |
|
|
|
question the technical aspects of what I'm saying, instead of trying to undermine my motives. It's just pathetic, man. How old are you?
Because the mod is a type of person that prefers to run a forum for kids who he can impress and patronise all the time.
... By this logic nobody should trust your expertise on cryptography because you know too much about the topic and your advice might be luring unconscious people into using solutions that you claim are secured, but personally know how to break.
How are you going to answer that?
Ask me again if you ever see me advocating solutions which are have resulted in lots of funds loss in practice... or selling wallet cracking tools. Are you not advocating Bitcoin? |
|
|
|
|
Show Posts
