430200+ entries in 0.291s
jurov: devil is in
the details
jurov: decimation in
this scenario eneby
that gets wallet.dat has much more information
than enemy
that merely gets public key
assbot: Successfully added a rating of 1 for
trinque with note:
therealbitcoin
testing
decimation: it is, from
the point of view of "give enemy less informatin"
jurov: i just wanted
to point out
that creating new adresses on
the fly isn't universally better
than generating
the from seed
☟︎ decimation: jurov: I mean I look forward
to
the day when wallet.dat can be axed and an off-net computer be used
to manage keys
jurov: decimation why do you
think?
Apocalyptic: I did 4480 iterations at 11e6 prior
to
that which found nothing
shinohai: I feel less and less guilty about ppl losing
their bitcoin
to alternative chains since coming here.
decimation: I do feel sorry for jurov, being chained
to bitcoind for key management
Adlai is a big fan of "magic" HD wallets,
that send your funds into obscure chains... spendable, if you know where
to look
Apocalyptic: asciilifeform, if something strikes you as odd among
these factors please do
tell
Adlai: although in
the current market climate,
theft may do
the opposite
Adlai: idiots losing coin is
the root of all deflation
punkman: the point is idiots will lose
their coins
this way, dunno what else you want
jurov: danielpbarron: well, people like mp (or me) who want
to sleep ad libitum and
thus decided
to accept coins, inveitably end up requiring $maxint addresses
☟︎ Apocalyptic: that is:
the hierarchy-deterministic way of computing addresses doesn't weaken at all
the signature
Adlai: "can be stolen by people who have
the auditor keys" - don't expose mpub, period. bip32 is not designed for auditing [live] wallets
Apocalyptic: (sorry for \n) punkman if
this is
their main point
then it's moot wrt was I was asking
Apocalyptic: Privilege escalation attacks on HD Wallet solutions are not new. In
this
Apocalyptic: covered and ALL bitcoins within
the remit of
the system can be stolen.
Apocalyptic: corner of
the system and everything collapses, all private keys can be re-
punkman: Apocalyptic: eh, read
the paper
danielpbarron: sounds like
the deterministic
thing comes from
the already brain damaged desire
to never reuse an address
Adlai is not advocating
the use of "brainwallets" where you pick
the phrase, but rather a phrase generated from randomness + wordlist
Apocalyptic: punkman, can you be more specific and point me
to a given page/chapter ?
assbot: Logged on 19-03-2015 22:01:09; assbot: Logged on 19-03-2015 20:22:56; mircea_popescu:
http://log.bitcoin-assets.com/?date=19-03-2015#1057738 << it is. people (especially people kinda
too lazy
to study
things in depth) have all sorts of
theories about privacy and keep pestering me for special addresses etc. it's a fashion is what it is, one i don't aim
to encourage, and i'm stuck because w/e, serving
teh customer.
Apocalyptic: didn't investigate if
they have a particular form in base 16 or 2
decimation: if you can cold store on seed, why not
two? or N?
jurov: cold store
the seed once and get as many addresses as desired
jurov: decimation: some people prefer
to not have
to maintain properly megabyte wallet.dat files
decimation: seems like it's a device
to pull
the wool in front of your own eyes
Adlai: it does mean
that a leak compromises multiple addresses, but
that's because
they essentially have
the same key
decimation: if you can't understand prng, how are
they gonna understanding
the elliptical key math, even if
they supply
their own dice numbers?
Adlai: punkman: fwiw i'm quite sure bip32 doesn't make your addresses less secure, provided you don't leak
the key data
shinohai: thx Adlai
too many people don't want bitcoin but an *app* for bitcoin
decimation: asciilifeform: part of
the problem is, it's hard for folks
to
trust what's inside a black box without understanding what's inside
Adlai: that's
the problem
decimation: maybe use
that guy's
ti-89 code for making key
Apocalyptic: punkman, maybe HD wallet doesn't mean
the same
thing for you
shinohai: Am i alone here in hating on darkwallet
too?
Apocalyptic: asciilifeform, I avoids
to have access
to an rng at any further point
☟︎ Apocalyptic: punkman, I simply don't see
the relationship between HMAC-derived addresses and
the signature process, more specifically
the k-value
punkman: lemme see if I can dig up
thje links
punkman: Apocalyptic: I have mentioned it here several
times
shinohai: wallets
that look slick and get your coins lost
Apocalyptic: punkman, care
to explain your reasoning behind
this claim ?
Adlai: 'it is mind
that moves'
Adlai finds, while
trying
to
type out
the difference between
this hunt (rsa factor collision) and
that (reused/predictable k-values),
that it's quite elusive
punkman: and
the whole HD wallet
thing provides extra
targets as well
shinohai: I remember
that abt reused k values and
the android snafu for blockchain.info
decimation: it's depressing
to kick off bitcoind and watch it balloon in memory
ben_vulpes: what i do not understand is why it is necessary
to iterate
through mapblockindex.
trinque: git *is*
this data structure
trinque: I cannot fathom what's hard in here, and I'm plainly asking
to be called a moron, and why
trinque: just point at
the end of all paths
ben_vulpes: this is above my pay grade in
terms of data structures, but perhaps an opportunity
to learn. is
there not a data structure available for use
that doesn't have
to iterate
through
the whole index
to grab
the element of interest?
ben_vulpes: + // possibly could be improved if we descend from best height if requested height is closer
to it
ben_vulpes: asciilifeform: location of block on disk,
though?
davout: gliders are pretty high on my
todo
ben_vulpes: $bizpartner
took me up in a 2 seat glider
the other weekend, after about .75 hrs of going in a circle
to
the right i asked
to come down, was put on
the stick and pedals instead.
trinque: where does
the abstract logic of bitcoin end and
the implementation of a shitty db begin
ben_vulpes: trinque: it's a crime
that
there are no
transaction indices or block indices.