@waxwing
Bitcoin, cryptography, Joinmarket etc.
Relays (1)
- wss://nostr.wine/ – read & write
Recent Notes
LOL hodlonaut flip flopping, such a politician, if he only he'd of actually pay attention to technical information instead of politics and cancel culture he'd have a lot easier time.
https://blossom....
It's been a really eye-opening year or so. Not because a bunch of people have a bad or stupid take, but that they got so vicious and nasty about it.
Respect to the ones who just expressed a viewpoint, with decency and without hyperbole. I count very few.
Respect to the ones who just expressed a viewpoint, with decency and without hyperbole. I count very few.
Quantum related stuff exists on mainstream media as well.
Oh sure, but he had heard 'qc is a danger to bitcoin' thing. To be fair, didn't like, quiz him in detail.
Saddest news👇
https://forklog.com/en/bhutan-liquidates-22-million-in-bitcoin-reserves/
The report seems to say it's normal behavior?
1
Ah, i see. By using all|acp you have the 'crowdfunding' workflow, so the output set can be ... set ... in advance of the input set, so people can send their signed inputs independently of the other on...
Sorry on reflection that was a bit dumb; a ring sig wouldn't allow apportioning blame either. I found the old coinshuffle paper to be quite insightful on this difficulty.
1
1. Yes, all phases are disconnected at the network layer.
2. Yes it's signed with SIGHASH ACP | ALL in phase 2
3. Yes they are linkable ring signatures
4. Phase 3 and 4 will only happen if one of the...
Ah, i see. By using all|acp you have the 'crowdfunding' workflow, so the output set can be ... set ... in advance of the input set, so people can send their signed inputs independently of the other ones.
There's one complicated detail I see: in your example you have Carol fail-to-deliver on the inputs, and then the re-start with the other two, and the ring sigs allow them to demonstrate they were part of the original set, right. But in the case where the coordination fails, not because of failure-to-deliver but because of inputs not matching with outputs, you have the problem of not knowing who is at fault, right. Not saying you *have* to solve that problem, not sure, maybe.
There's one complicated detail I see: in your example you have Carol fail-to-deliver on the inputs, and then the re-start with the other two, and the ring sigs allow them to demonstrate they were part of the original set, right. But in the case where the coordination fails, not because of failure-to-deliver but because of inputs not matching with outputs, you have the problem of not knowing who is at fault, right. Not saying you *have* to solve that problem, not sure, maybe.
Use of ring signatures to fix denial of service in coinjoin
https://image.nostr.build/885b0c57555ce22cacdd1d218e1418038e0999c42f806c69398dfbf8a791431d.png
Interesting. Definitely people have talked about this kind of approach before. A couple Qs: phase1 and phase 2 are disconnected at the network layer, right? so phase 2 A and B send a psbt with their inputs signed, is that right? Yes I think this all makes sense. At phase 3 (network disconnected again right) you're, by ring-signing, asserting you were one of the phase2 participants and that you authorize the use of one of the addresses (it says A' in phase 3 but address is A?) for output. Are you using linkable ring sigs? (to avoid ability to make 2 valid ring sigs on same pubkey). Hmm now I look more carefully I'm not sure I understood the A' vs A distinction, because is Phase 4 for normal operation or fallback? If it's normal operation, what does Phase 1 do?
1
Oh, and in case you were wondering, isn't something like witness discount similar? The answer is a resounding no! Think about it - what the witness discount controls is *how much stuff can go into a block* and is therefore a *global* consensus rule. If miners break it they fork off. Here what the ZIP is discussing is having everyone sing kumbaya and agree what kinds of fees are fair, reasonable and keep good privacy and ddos resistance for everyone. It'll work fine, until it doesn't.
1
I discovered something quite remarkable today after seeing podcasts with Sean Bowe [1] describing the new tachyon system and then one today with Ying Tong [2] mentioning the fabled 'sandblasting attack' . It turns out that zcash put out a ZIP zips.z.cash/zip-0317 with what seems to me extraordinary content: it says not that there is some resource limit for blocks, but that individual transactions *should* be treated thusly: fee should be linear in number of ins/outs, but 2 outs should be treated like one (for a privacy reason), that certain types of transactions (their different shielded pools) should not be discriminated, and they disrecommend relay of transactions with other fees, and then give a long RECOMMENDED section to miners on how to construct blocks. This is totally nuts - the miner incentive is always to maximize fee revenue, and while it can be hard to work under that scenario sometimes, it's crazy to try to say things like randomize your candidate transactions and only take high paying txs in this ratio, or similar, as they do. Bear in mind that the sandblasting attack, which genuinely crippled the network afaik because they couldn't verify, in a normal node, as fast as the attacker could create transactions, happened because they had the insane idea of a flat fee for every individual transaction, no matter how big it was! (to be sure, they must have done that for better privacy, but it's an utterly broken concept).
These are some of the very smartest cryptographers in the world, and I am not exaggerating for effect, there. How did they get such batshit insane ideas (or lack of ideas?) about how a permissionless p2p network works?
[1] its on the recent Zero Knowledge podcast, look it up, [2] the recent BTCKVR podcast 'BitVM optimizations', around 35 minutes
#cryptography #bitcoin #zcash
These are some of the very smartest cryptographers in the world, and I am not exaggerating for effect, there. How did they get such batshit insane ideas (or lack of ideas?) about how a permissionless p2p network works?
[1] its on the recent Zero Knowledge podcast, look it up, [2] the recent BTCKVR podcast 'BitVM optimizations', around 35 minutes
#cryptography #bitcoin #zcash
This is a very cool idea. Quickly launch desktop VMs. Probably useful for running agents and stuff. Could have a 1 click clawdbot setup on remote remote server to try it out. https://skyvm.dev/
Interesting for sure! But why is it described as AI powered? Is that an essential component?
1
https://eprint.iacr.org/2022/1178 "We propose a new, unifying framework that yields an array of cryptographic primitives with certified deletion. These primitives enable a party in possession of a quantum ciphertext to generate a classical certificate that the encrypted plaintext has been information-theoretically deleted, and cannot be recovered even given unbounded computational resources." 🤯
#cryptography
#cryptography
41❤️2🤙2❤️1👀1😮1
