2801
|
Bitcoin / Development & Technical Discussion / Re: Av reports viruses in sst file
|
on: April 04, 2014, 11:00:21 PM
|
Since yesterday 01.20 GMT+1 my AV goes crazy. Multiple times per minute it reports viruses on my sst files from QT client. I deletet all the files manually, and now its downloading the blockchain files again.
What AV is this? (as an aside, have you reported the false positives?) Anything that is actively scanning the leveldb files in real time is going to be very bad for performance.
|
|
|
2802
|
Bitcoin / Hardware / Re: HashFast announces specs for new ASIC: 400GH/s
|
on: April 04, 2014, 07:51:18 PM
|
Pretty sure VMC was around before Hashfast... can't swear on that though. Gotta say it's quite the strange turn of events, though. Very perplexing.
Yea, VMC has been around for a long time. It set off my scam-dar very very hard, so I stayed clear of it and I expect a lot of people did to. The last drama around december was that they were talking about being ready to ship only to turn around and post that their design partnership feel through and that they were "almost done" with RTL. This turn of events is quite perplexing.
|
|
|
2803
|
Economy / Computer hardware / WTS CoinTerra IV "2/TH" (more like 1.5-1.8TH/s) miner in Silicon valley/Bay area
|
on: April 02, 2014, 10:31:03 PM
|
Greetings. I had a much delayed CoinTerra IV show up without prior notice... and while I'd love to add it to my collection— the CT units are awesome on P2Pool— I'm currently out of room. The unit is new-in-box and located in Mountain View, California. I'm looking to sell it immediately for USD (in person) or BTC. It looks like these units-in-hand go for about $8k on ebay, but I'm willing to negotiate. An ideal buyer would be willing to pick it up tomorrow, in person, in mountain view and pay cash, basically minimizing my time in fussing with it. PM on here or reach me at nick gmaxwell on freenode, or via email at greg<at>xiph.org. (Also— if any in-person buyers is interested in some historic early batch 1 avalons that mine at about 80GH/s, feel free to inquire. )
|
|
|
2804
|
Bitcoin / Development & Technical Discussion / Re: [SECURITY] DoS Vulnerability
|
on: April 02, 2014, 09:42:49 PM
|
I stuffed some AV definitions into the testnet chain years ago and _no one_ has ever reported an AV hit on it. Obviously we can obscure the blockchain from things like that, but so far there appears to be no reason to do so.
Do you actually have evidence of some AV software noticing signatures inside the blockchain files?
AFAICT you don't. Even if it were to occur only a fraction of bitcoin nodes run on windows/mac systems with that kind of nutty AV software, so we could simply deploy an update which obfuscated the block files if it ever were an issue. You should take more care with your claims of doom, chicken little.
|
|
|
2805
|
Bitcoin / Development & Technical Discussion / Re: How is the base point G chosen for secp256k1?
|
on: April 01, 2014, 06:26:04 PM
|
The NSA picked it. There is no known way to gimmick the base point.
As far as anyone yet knows our parameters were not selected by "The NSA". In any case, choice of the generator was discussed extensively. The most we could come up with is that perhaps someone could convince you that a particular pubkey was a 'nothing up my sleeve' pubkey when it really wasn't.
|
|
|
2806
|
Bitcoin / Development & Technical Discussion / Re: CoinJoin: Bitcoin privacy for the real world
|
on: April 01, 2014, 12:43:50 AM
|
Was the plan to pay 100% to the author of the first complete implementation, or for piece-work in progress?
Any payouts would need to be discussed with the other signers, but my thinking had been to pay most of it to to the most substantive complete and usable implementation, and partial amounts to smaller efforts (e.g. people who built toy tools and things only a developer could love). I had also planned on doing the payout itself as a coinjoin, and using a small bit of the funds to pay people to join into the coinjoin.
|
|
|
2807
|
Bitcoin / Development & Technical Discussion / Re: new paper: Securing Bitcoin wallets via threshold signatures
|
on: March 31, 2014, 08:43:25 PM
|
In the suggested approach there's an owner of the full private key, who then can share this private key so that "m of n" transactions can be made, but he still can use the whole private key to spend the balance himself.
They note in the paper that it's possible to do the dealing step in a distributed manner where no one party learns the key (indeed, the proposed protocol does something like that internally for sharing shares of the ECDSA nonce) but they don't go into detail about it. I think any practical implementation would want to do this simply due to the difficulty in obtaining a single device whos security you can be confident of... The differences I'd make between this and multisig is that it requires a synchronous protocol to both establish keys initially (assuming a distributed dealer) and to sign. E.g. it might be harder to make a signature using N offline wallets as you'd have to shuttle data back and forth to the offline wallets multiple times. It's also harder to 'show' that an address is multisig— e.g. for the purpose of making your policy public, though I'm not sure how much this matters since you can 'fake' multisig too. It also requires a more complex signer software. On the plus side it's much more efficient in the blockchain, esp with high N, and the transactions are indistinguishable from non-multisig which is good for privacy.
|
|
|
2810
|
Bitcoin / Development & Technical Discussion / Re: CoinSwap: Transaction graph disjoint trustless trading
|
on: March 25, 2014, 11:14:06 PM
|
What is to stop Alice from simply not sending Carol X (so Carol can't spend TX_2) announcing TX_3 which spends TX_1, and then announcing the TX_0_Refund as well?
TX_3 is created and announced by Carol. Alice can't collect TX_3's output without making X public (as TX_3 requires X to be in the signature). The TX_0_Refund is nlocked for the future: "TX_0_refund must have a further future locktime than TX_1_refund. Otherwise Bob can delay step (I.) in the protocol until the refunds become valid and then announce TX_3 while Alice announces TX_0_refund in order to try to cause Alice to get refunded while Bob still gets paid." (I believe thats describing what you're thinking about there)
|
|
|
2812
|
Bitcoin / Hardware / Re: [ANN] Spondoolies-Tech launches a new line of ASIC miners - Best W/GH/s ratio
|
on: March 25, 2014, 02:30:51 PM
|
I expect that an LCD display would see only fairly modest use, after spending many years working for an network equipment maker that shipped LCDs on its products I can only think of a couple incidents where I'm aware that it was actually useful beyond displaying the device name— but a network triggerable "identify unit" light would be insanely useful (along with lights for power and 'actively mining', of course). I think, in general, most people would prefer more cost optimization over a fancier display. If an LCD doesn't make it on, I hope at least a set of indicator LEDs does.
|
|
|
2813
|
Economy / Service Announcements / Re: [ANN] Kraken Passes Cryptographically Verifiable Proof of Reserves Audit
|
on: March 25, 2014, 01:27:26 AM
|
The original post claims to contain a signed message by a third party auditor who is independent from Kraken, rather than any cryptographic proof. (As an aside: I am unable to verify the author of the message because the PGP key is not obviously connected to the strong set or signed by any key I directly recognize. I am also unable to verify the Independence of the auditor.) I am unclear as to why this is being described as a "Cryptographically Verifiable Proof of (100%) Reserves" since the security of the audit ultimately rests on the honesty, integrity, and computer security of the auditor (while operating from inside Kraken's offices) and not cryptography. The audit is also apparently not complete: until a non-trivial portion of customers "verify using open-source tools that your balance at the time of the audit is part of this root hash". I am unable to find instructions for customers to perform this step.
|
|
|
2814
|
Bitcoin / Development & Technical Discussion / Re: CoinSwap: Transaction graph disjoint trustless trading
|
on: March 24, 2014, 11:36:53 PM
|
So, we have a refund for the TX_0 transaction, but don't announce it. If Carol announces a transaction that spends TX_0, and then announces a refund for TX_1, how does the refund work to prevent cheating? Isn't TX_0 spent at that point?
TX_0's output is a 2-of-2 multisignature output. It can't be spent unilaterally, the other user must sign it too. Does that answer your question?
|
|
|
2816
|
Bitcoin / Development & Technical Discussion / Re: Really Really ultimate blockchain compression: CoinWitness
|
on: March 23, 2014, 12:58:06 PM
|
This is one place where unboundedness matters. An unbounded machine can emulate a machine that executes self-modifying code. Compilers and proof checkers (as in logical proofs, not cryptographic proofs) are another. Here is self-modifying code: http://eprint.iacr.org/2013/879The class of techniques is universal up to the parametrized runtime limit, as you note— while that technically makes it non-universal— well, in a finite universe everything has a finite tape . - Electrum is (last time I checked) just block depth check.
- SPV is block depth check on the longest-header-chain (no block validation, header-hash-chaining and difficulty check only).
- Full clients are block height check on the longest-valid-block-chain (transactions validated).
I'm told electrum now connects to multiple servers, which helps. Some of the things I was discussing here is SPV but counts on other people to go out and find and get mined the evidence of a longer chain, maybe arguably in-better. SPV could— in theory— be boosted to full security compactly if you were able to have SNARKs for block validity as the block headers could carry proofs that they were a result of validating a faithful history though the engineering gap to verify such large computations is pretty big. Somewhat relevant on the subject of the SPV tying of external systems is the abstract I submitted to an upcoming bitcoin workshop (and the citations it includes): http://0bin.net/paste/vkc4NWr3BeXwgO6O#TzYCxardJ3U4lkQAoP8mv+/nDJWZZk6TZeWKrMQ1Gcc=
|
|
|
2817
|
Bitcoin / Hardware / Re: HashFast announces specs for new ASIC: 400GH/s
|
on: March 21, 2014, 12:11:21 PM
|
Even if it were the case that there was some extreme chip excess and diverting the supply did nothing to delay your orders those chips showing up on the network is adverse to your interest— because it raises the difficulty ahead of you and reduces your income (for the products you haven't received yet as well as any miners you're already running).
|
|
|
2819
|
Bitcoin / Development & Technical Discussion / Re: TX Only Valid Until X Block
|
on: March 20, 2014, 08:41:19 PM
|
Well, there is a business use case for knowing that if a transaction has not happened by X time, then it definitely will not happen. A "drop dead date" is absolutely crucial for some contracts.
Sure, and you can have that— conflict it with an alternative spend and then it cannot happen.
|
|
|
|