tmsr - Search: from:asciilifeform

101300+ entries in 0.032s

asciilifeform: sorta how student might get to select a few exam questions from a pool, but there are others that are mandatory.

asciilifeform: mircea_popescu: the cure, i realized, is that ~some~ of the oldtx selected by Z must depend on value of prev block, so as to prevent waltzing of Z 'until all i need is the 10% i'm fraudulently storing instead of the 100%' .

asciilifeform: welcome , john_cocktail

asciilifeform: (so L ~must~ use current block.)

asciilifeform: and reorg will favour him.

asciilifeform: the plagiarist can make a block with higher PoW than the victim, ~every time, since he isn't handicapped by having to compute L(Z)

asciilifeform: and actually now that i think about it, it'd be guaranteed-lethal

asciilifeform: (the fact that the original victim could, normally, relay his original faster than a typical plagiarist could hash, is immaterial, it is still a potential vuln)

asciilifeform: oooh gotta revisit upstack, briefly, http://btcbase.org/log/2017-03-01#1620677 << ~this~ in particular cannot be done as written. else, the first relayer of a freshly mined block could simply steal the work that went into determining luby(Z) and get massive head start on making his own block, which he then relays instead of the plagiarized. ☝︎

asciilifeform: what are ~all~ of the places where A has the ecstasy, but B does the laundry, where A!=B ☟︎

asciilifeform: ~100% of asciilifeform's line of thought re 'trbi', from this, to the casks thing, etc., was only 'how to plug the leaks'

asciilifeform: in that one party creates the sharp broken edge, but very other people have to live with the cost.

asciilifeform: it is one of the major leaks in the vacuum piping

asciilifeform: amounts suck.

asciilifeform: think dubloons, rather than pieces-of-eight.

asciilifeform: no moar coin breaking.

asciilifeform: i.e. danielpbarron's vectors

asciilifeform: one simple way to do this, is to dispense with amounts (as discussed in at least 2 old threads)

asciilifeform: which is , how would you have such a thing as a sanely-behaving balance to begin with

asciilifeform: that's more or less equivalent to my question

asciilifeform: i.e. that some output, somewhere, yielded moar coin than the sum of the inputs.

asciilifeform: that doesn't prove that monetary mass was not somehow added during noncoinbase ops

asciilifeform: which means that i gotta be able to prove that monetary mass is what the mining curve says it is. and not something else.

asciilifeform: valid also means 'nobody gets to printolade'

asciilifeform: because if not , you have the fed.

asciilifeform: can third party calculate the monetary mass ?

asciilifeform: 'we're squaring circles, may as well make perpetuum mobile and immortality'

asciilifeform: now you also want homomorphic arithmetic, looks like

asciilifeform: how do you verify without public balances ?

asciilifeform: i suppose this is why mircea_popescu wanted the 2-input thing.

asciilifeform: esp. if everyone is in the habit of using all of the decimal places of P as an invoice id.

asciilifeform: if balances are visible -- anyone can see that addr A had a payment-P-shaped chunk subtracted from it at time T.

asciilifeform: mircea_popescu: btw 'no payers, only payments' is probably impossible with public balances existing in any sense.

asciilifeform: ( http://btcbase.org/log/2016-10-20#1557335 thread , and elsewhere ) ☝︎

asciilifeform: !#s martian bank

asciilifeform: well yes, this'd be implicit in ring sig.

asciilifeform: so long as they are guaranteed to be distinct at every step in time

asciilifeform: ( i can't think of any reason why payee would care if payer A, or B, had supplied the agreed-upon amount )

asciilifeform: i guess this isn't one of the problems.

asciilifeform: well not quite, we do store the pgp'd orders

asciilifeform: someone else can pay him same amt. and then to whom does he send the plutonium.

asciilifeform: the amts aren't secret, per the scheme, though

asciilifeform: (in so far as payee can be trusted to stfu forever)

asciilifeform: because that'd work

asciilifeform: or does payee get told the secret over separate (say, rsa'd) channel

asciilifeform: to revisit the smoke grenade -- how do you deal with the unopposability of having paid for something ?

asciilifeform: she's in the l0gz

asciilifeform: oh lol that chick

asciilifeform: i can never keep the 2 straight.

asciilifeform: (or was it zcashulation ? )

asciilifeform: it is very easy to 'zerocoin'erize.

asciilifeform: ( asciilifeform also has pretty strong bias against mechanically-complicated crypto. )

asciilifeform: i dug for the can-guarantee-avg-case-np-hard? thing -- found zip.

asciilifeform: you will find that many 'wouldn't that be useful..' items are ~entirely absent in the public lit. and no prizes for guessing why.

asciilifeform: dunno re mircea_popescu's planet, on mine, semiconductors sorta stopped, in 2009-ish, and aren't threatening to develop mega-improvement

asciilifeform: (if you need a jupiter-sized machine, it isn't very hotstuff algo-wise)

asciilifeform: there's computables and there's computables-and-doables. unfortunately distinct sets in practice.

asciilifeform: (of guarantee of not committing it)

asciilifeform: mircea_popescu: would be interesting to tally the avg case cost of not committing this error.

asciilifeform: i suspect so

asciilifeform: mircea_popescu: how's that. the seekrit, is blown, neh

asciilifeform: if he has half a brain -- knows which k.

asciilifeform: say, today, k3, k4, k7, ... , k9 sign. tomorrow, k7, k21, k3, ... , k333. next day, k42, k3, ... whatever. now 'you can't verify that no subgroup...' ~within~ the algo, but someone who has the whole list and notices that only k3 recurrs...

asciilifeform: by process of elimination .

asciilifeform: ^ where my contention was, you can factor out the signer using multiple sets of shamirized sigs

asciilifeform: all i recall is old thread, http://btcbase.org/log/2016-08-30#1532069 ☝︎

asciilifeform: (it nominally solved this problem)

asciilifeform: can anybody remind me of how shamir&rivest's original algo fails

asciilifeform: (recall the zero-whatvrs, how many of those alts by now.)

asciilifeform: and the charlatans -- since; and quite vigorously

asciilifeform: the crackpots have been at it since before chaum,

asciilifeform: and yeah this is the squared-circle from couplaedaysago

asciilifeform: the good noose : i don't know a proof that you ~can't~ do this...

asciilifeform: oook i getit

asciilifeform: what's the spendability condition ?

asciilifeform: mircea_popescu: let's suppose you had ring signature, we have edge of the sword. how does the hilt work ? i.e. you have an output, that is spendable, but you want it spendable by ~you~, not by 1,001 randomly-selected pubkeys.

asciilifeform: (and on raid5 no less)

asciilifeform: metoo, i was quite convinced that i lost a set of l0gz to bitrot

asciilifeform: theeere

asciilifeform: yes!

asciilifeform: but evidently not with asciilifeform , because it dun turn up there

asciilifeform: maybe it was a pm convo

asciilifeform: ( next day, http://btcbase.org/log/2016-02-06#1397621 moar .) ☝︎

asciilifeform: the thread.

asciilifeform: mircea_popescu: i think i found it : http://btcbase.org/log/2016-02-05#1396876 ☝︎

asciilifeform: (at least, of the public material!)

asciilifeform: incidentally ~all of the material is circa 1970s.

asciilifeform: i.e. no known algo for constructing a known problem--solution pair, using rng, of ~known~ average complexity.

asciilifeform: i walked compendia of known np-hard/np-complete problems, and found that all of them had same hole

asciilifeform: it keeps coming back ☟︎

asciilifeform: http://btcbase.org/log/2016-03-20#1436710 << another thread re subj ☝︎

asciilifeform: http://btcbase.org/log/2016-06-06#1477755 << it ? ☝︎

asciilifeform: graph-circuit appeals because it -- does

asciilifeform: rsa doesn't pretend to a known complexity class tho.

asciilifeform: ( spoiler : can't prove the hardness of magicking ~your particular~ graph. )

asciilifeform: i actually worked with this notion last year, when investigating nonretarded (i.e. of provable complexity) block ciphering. and came to same realization that mircea_popescu is probably about to come to

asciilifeform: nono we had this

asciilifeform: can't seem to find ~this~, either

asciilifeform: ( as in, say, these : http://web.mit.edu/~ezyang/Public/graph/svg.html )

asciilifeform: graph isomerism zkp ?