You can now choose your local currency from the select box in the page footer. To quickly switch between BTC and your local currency click on one of the green buttons below a transaction (people were confused as to why they didn't do anything, I think this is a good use for them).

Also fixed a bug where two factor authentication emails were sometimes not being sent out.

iPhone app is done, I'm submitting it tomorrow.

The server logs the IP the wallet was created with and the IP of the last wallet backup. A wallet can operate in two modes.

Payload only mode - If you have alerts disabled (default) then the server does not keep any information about your public keys and the only thing it stores is an encrypted JSON payload.

Public key mode - If you have alerts enabled your public keys are inserted in a separate table along with your email or skype username etc. This could then be used to connect public keys to a wallet identifier.

We do not log any data regarding /multiaddr lookups (the api call needed to lookup your balance) and your wallet identifier is not included in this lookup.


Seems they are not running a pool so I've allocated that IP to Slush instead. Thanks for looking into it.



It seems about 80% of the hashing power is allocated for. The IP's that I would most like to label are:

1) 88.6.208.35 - Spanish IP, Largest share of unknown blocks - no other pools seems to be hosted in spain.

2) 62.220.146.204 = Tor node

3) 107.20.185.227 = either ABCPool.co or Arsbitcoin.com

4) BTCMine seems to be overly represented. I have allocated them 88.214.194.226 (Which is definitely them) and 88.214.193.104 (Which I allocated because its the same ISP and block). It's possible that 88.214.193.104 belongs to a different pool.

It's not a big deal to take a few seconds to say this idea won't work or to post a link to where it has previously been discussed. No need to be arsey about it.

P.S. It was not documented that math operations are limited to 4 bytes, for example the BitcoinArmory client will not abide by this.

Thanks, I've added them.

I suspect the reason why this IP is showing such a high number of relayed blocks stems from the fact that I am having trouble connecting to Slush's node. Because I can't connect to slush any blocks found by the pool will get designated to another ip.

Because 176.31.159.150 happens to be hosted by the same ISP as Slush (Ovh Systems) it is likely they share a very low latency latency connection and the reason why 176.31.159.150 is relaying Slush's blocks so fast. The equipment may even be in the same datacenter.

I have changed that IP back to bitparking. The problem might be an ip can automatically be assigned to P2Pool by the scraper, but it can never be unassigned. So it is more of a representation of all ip's that ever once joined the network, rather than ones actually mining currently.

Yes I caught this mistake after I posted it. Thanks for taking a look anyway.

One more attempt before I give up https://en.bitcoin.it/wiki/BIP_UNOFFICIAL_DRAFT

Adding an op code is not a problem, satoshi designed this as the intended upgrade path.


However when you define a P2SH op code it becomes almost exactly the same as OP_EVAL. This brings with it a host of security concerns because it A) allows recursion and B) You can manipulate the hash using other operations before it's executed. Basically it leaves too many "What ifs" to be implemented quickly.

As you explained Luke-jr doesn't like Gavin's proposal because it taints the scripting system forcing that templates become a mandatory part of the language. Visa Versa Gavin doesn't like Luke's proposal because it also "taints" the scripting system, but in a different way. It requires that the scriptPubKey is able to look at data in the scriptSig which is not on the stack.

Nothing much I can do about this. Because I'm using the "first relayed" ip it's not always accurate. Once slush restarts his node it should help with things a bit.

Never mind, i'm an idiot. Proposal withdrawn.

Agreed but in my understanding the initial scriptPubKey would transpose <serializedScriptB> into another scriptPubKey that if allowed would transpose <serializedScriptA>. If it isn't already an exception needs to be made so that the scriptPubKey resulting from deserializing <serializedScriptB> it can no longer be interpreted as a P2SH scriptPubKey.

Gavin,

I just wanted to double check that it has been considered what would happen if the serialised script itself matches the P2SH template. From the wording of the BIP it's sounds like it probably has been considered:


Otherwise there might be dos potential in a script of the following format:

scriptSig: <sig> <serializedScriptA> <serializedScriptB>
scriptPubKey: OP_HASH160 <scriptBHash> OP_EQUAL

Where <serializedScriptB> deserializes to "OP_HASH160 <scriptAHash> OP_EQUAL".

If only <serializedScriptB> was checked as being standard then a potentially malicious script could be hidden in <serializedScriptA>i.e. <serializedScriptA> could contain hundreds of OP_CHECKSIG's
 

This may have been a problem with my interpretation but scriptSig and scriptPubkey would not actually need to be combined if OP_CODEHASHVERIFY hashed only up to the end of scriptSig (not stack -1 as I worded it)?

Here is my explanation of luke's proposal as I understand it. Standard script template for a single key would be:


1) Combine ScriptSig & ScriptPubKey

   <sig> OP_CODESEPARATOR <pubKey> OP_CHECKSIG <scriptHash> OP_CHECKHASHVERIFY

2) <sig> is pushed onto the stack
   
   OP_CODESEPARATOR <pubKey> OP_CHECKSIG <scriptHash> OP_CHECKHASHVERIFY

3) OP_CODESEPARATOR marks the beginning of the data to be hashed

   <pubKey> OP_CHECKSIG <scriptHash> OP_CHECKHASHVERIFY

4) <pubKey> is pushed onto the stack

   OP_CHECKSIG <scriptHash> OP_CHECKHASHVERIFY

5) OP_CHECKSIG validates <sig> and <pubkey> as normal

   <scriptHash> OP_CHECKHASHVERIFY

6) <scriptHash> is pushed onto the stack

   OP_CHECKHASHVERIFY

7) Everything from the marker that was set at OP_CODESEPARATOR up to stack -1 is hashed and compared with the top stack item e.g. <scriptHash>. If equal the script is valid.

Advantages
- Like P2SH hash enables "pay to script" functionality - transfers multiSig fees from sender to receiver & reduces muliSig blockchain bloat.
- The script interprets as a script, no magic code path based on template matching.
- Static analysis without deserializing anything.
- Fairly simple, should be just as fast to get it in use as P2SH. Luke has coded it already.

Disadvantages
- Old clients validate almost nothing, with P2SH they at least check the <scriptHash> matches the <script>
- Requires redefinition of an op code

Just to explain for those that don't know. You can already receive payments to a split key wallet using OP_CHECKMULTISIG which is already implemented and requires no change to block validation rules. However you would need to use a double length bitcoin address. e.g.

1CCPUpxshNH5EPetALLDhz56dg3soyrHEELKLdDRCkwH1MPN1q8fcpzBA3tiRJfSY9S

you can of course can use tools like firstbits to shorten this to just a few characters. Its not ideal, but if split key wallet services can already use it I don't think there is any need to rush in something which would make irreversible changes to the concept of a bitcoin script .

In the current script system every operation has a purpose and scripts executes in a methodical order. When P2SH is introduced scripts can no longer be executed simply by interpreting the instructions. P2SH undermines the scripting language because it requires that if the interpreter spots a specific template do something else rather than execute the script.

Take the a standard P2SH template:

scriptSig: [signature] [serializedScript]
scriptPubKey: OP_HASH160 [serializedScriptHash] OP_EQUAL

If it were to follow the rules of the scripting system exactly as it is now it would always return true.

[signature] [serializedScript] OP_HASH160 [serializedScriptHash] OP_EQUAL
[signature] [serializedScript] [serializedScriptHashA] [serializedScriptHash] OP_EQUAL

There is no operation to stay that  [serializedScript] should be deserialized and run. At least OP_EVAL & OP_CODEHASHCHECK follow the rules.

Btw I am not opposed to this for any political reasons, I think Gavin does an absolutely superb job as project leader, it just seems like a short sighted change to me.

I don't know if this is any help http://www.megaupload.com/?d=6YGA0REA. Unfortunately I can't make it live as it takes about 10 minus to generate the page.

Why is it necessary to rely on a third party escrow service when most transactions could be made without?

For example #bitcoin-otc could provide a list of trusted representatives along with their bitcoin addresses which people can use as arbitrators. An (A + B) or (c) transaction where C is the arbitrator. Using CHECKMULTISIG I could imagine a form in the client with the destination address, a checkbox saying "Require authorisation from self" and an additional field "Add arbitrator" - relatively straight forward and the majority of transaction would not need to involve #bitcoin-otc or the arbitrator. However with P2SH hash #bitcoin-otc needs to have a web service to construct the transaction, users need to copy their public keys into the web service and once the script hash is constructed add it to their bitcoin client.


I started trying to think of different ways split key wallets could maintain compatibility with the existing widespread use of pay to address. The easiest way would be for wallet services to mange the private keys of a number of User's public addresses and automatically forward payments received using a user defined CHECKMULTISIG template.

The other method I came up with started getting a bit complex, but i'll post it anyway:

Redefine OP_NOP1 as a new opcode OP_ATTACH_SCRIPT. Conceptually it would allow the owner of an address to pre register a script which must be run before funds can be redeemed allowing them to change authentication method at their own free without needing to move funds.

After an OP_ATTACH_SCRIPT any successful call to OP_CHECKSIG will cause the top stack item to be inserted into an index using the pubKey as the primary key.
All calls to OP_CHECKSIG in a scriptSig that reference a public key which has an attached script cause the script to be retrieved and executed using the current stack. If the scriptSig contains a OP_ATTACH_SCRIPT it is executed after.

You first need to attach a script to an address by using a transaction with a scriptSig in the following format (example two signature transaction (A + B)).


Execution:

OP_PUSHDATA1 33 {[pubkey2] OP_CHECKSIG} <sig> <pubKey> OP_ATTACH_SCRIPT OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
<script> <sig> <pubKey> OP_ATTACH_SCRIPT OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
<script> <sig> <pubKey> OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
<script> <sig> <pubKey> <pubKey> OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
<script> <sig> <pubKey> <pubKeyA> <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
<script> <sig> <pubKey> OP_CHECKSIG
On success ** attachedScripts.put(<pubKey>, <script>) **

Funds are sent to the address using the a standard scriptPubKey template.


Once a script is attached subsequent scriptSigs need to prepended with each additional signature and then the standard scriptSig template.


For new clients this is executed as follows:

<sig> <sig> <pubKey> OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG   
<sig> <sig> <pubKey> <pubKey>   OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG   
<sig> <sig> <pubKey> <pubHashA> <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG   
<sig> <sig> <pubKey>  OP_CHECKSIG
On success ** attachedScripts.find(<pubKey>) **
<sig> {[pubkey2] OP_CHECKSIG}

The script will validate for old clients as :


Remove multi sig support using:


Redefine multi sig as A + (B or C) using:


Advantages:
1) Maintain full out of the box compatibility with existing pay to pubKeyHash - payments will appear in all existing bitcoin clients.
2) Needs only to include additional [pubKeys] once on script attach, not in every scriptsig. This would potential save 32 bytes per 2 key transactions, 64 bytes per 3 key transactions etc.
4) Maintain consistency of the scripting language
5) You can change the authentication required for a particular address. People can enable multiSig on their existing vanity addresses, You can change "Wallet protection services" without needing to change address.
6) Potentially allow people to "trade" addresses for example you could buy a popular vanity and change the authentication type by hand removing the need to trust that the original key was removed. Same concept can be applied to physical bitcoins, or bitbills.

Disadvantages:
2) Client needs to track what pub keys have a Script attached. An index like this is needed:
   
   
This would need to be updated during re-org.

3) Like P2SH this needs 50% miners adoption - old clients may find themselves on the shorter side of the blockchain.
4) Need to "register" an address by sending at least one transaction from it, addresses would be more permanent and less disposable.

I'm a bit confused as to why this is considered advantageous over OP_CHECKMULTISIG.  In order to be able to tell If my bitcoin address is involved in a multisig transaction I first have to know the scriptSig?

Consider the following use case: I want to receive payment for some goods I've sold on an auction website. The buyer isn't happy with sending the entire funds up front so instead he sends me a two part multi signature transaction, on the condition that once I send him a tracking number he will provide the signature of his key. As I understand it there would be way for me as the seller to tell whether I have received any funds without the buyer contacting me and providing me with the script (which I then have to manually hash & verify). The payment won't show in my client, I can't get an alert from a 3rd party etc.

How would script hashes be represented in a wallet service? Should the script hash be masqueraded as a bitcoin address or should they be differentiated? OP_CHECKMULTISIG seems like it would be easier to represent in a client, you can label it "Payment of x received, requires approval of bitcoin address 1223".  I'm worried it could be very confusing for end users, people have a hard time understanding bitcoin addresses as is already.

True I hadn't really consider the vanity aspect of firstbits.

The incompatibility should now be resolved.

http://www.blockchain.info/fb/1Locu
http://www.blockchain.info/fb/1Locus
http://www.blockchain.info/fb/1Locus7

Block explorer compatiable query api up

http://www.blockchain.info/q

Now on my bug list, thanks.