log☇︎
437900+ entries in 0.302s
decimation: yeah that's kinda what I'm hinting at I guess
phf: mucking around with the code that desides what blocks to send to a requesting client
phf: asciilifeform: it's not a permanent stuck, but a slowdown. i haven't sent out that orphanage graph that i posted some time ago, because i'm still kicking shit around, but the beahior that you can see from it, is that blocks are sent out as multiple subchains. when a subchain arrives that's missing a parent subchain, it gets rejected many times over and over, until parent subchain is filled in. i think the behavior can be improved by
decimation: jurov, what is 'N'? the length of the cache?
jurov: let them compete
jurov: only needs wallet that creates N copies of the tx with N addresses
jurov: it's not hard for every node to advertise addy for caching fees ☟︎
decimation: yes, but you would agree that building such a network with an eye toward minimizingn latency everywhere would be expensive ☟︎
asciilifeform: if the miners want to march into a usg mousetrap, no problem
decimation: I suppose my point (central clearinghouse) is that I foresee some entity like akamai that will 'magic away' this problem for miners, who will all pay for the service
asciilifeform: the current one mostly works. if sufficiently abused, and folks with actual stake in the matter get sufficiently annoyed, another one will be used
phf: re: orphanage, i'm still investigating, but there's no reason why we can't have a better initial sync block handoff strategy, that doesn't get stock, because some parent in an orphanage subchain failed to get sent out
decimation: mempool in this case being the gigantic c++ 'map' that holds transactions in memory?
asciilifeform: there are 1,001 possible ways to queue up transactions for miners to choose from
asciilifeform: think of it this way - the mempool isn't, by the same token, really 'part of bitcoin' either
decimation: but someone still needs to hold transactions until they 'clear'
asciilifeform: it was just a piece of shit stuck to the skin, not a tumour
asciilifeform: i shot that problem in the head
decimation: umm, didn't you just complain about the orphan problem?
asciilifeform: i still utterly fail to see what is so wrong with classic bitcoin
decimation: satoshi was being dumb when he failed to program payments for caching
decimation: what other option is there?
asciilifeform: decimation: in what sense would that look like 'bitcoin' at all ?
decimation: asciilifeform: I predict the bitcoin version will be resolved with some kind of central transaction clearhouse monopoly, sadly
decimation: similarly, the 'ddos attackers' end up driving everyone to akamai, etc
decimation: the pre-digital version was expecting some kind of handout/human attenion being paid to a stranger
mircea_popescu: the process ensures everyone has to swim in the same pisspool.
mircea_popescu: decimation riddle me this : you don't like reading dumb "newspapers", but how many good ones were sunk by exactly this before you heard of them ?
decimation: 'web of trust' in this case being the poorly done implmentations of smtp routing
asciilifeform: hence 'jam tomorrow'
asciilifeform: decimation: re: the orphanages, if you have them at all, what you're doing is 'i'll store this piece of shit on your say-so, and MAYBE it will be shown to be a valid block (rx) later'
decimation: for instance, spam drives everyone to big isp mail hosts, gmail, etc - not only for spam protection but also for 'web of trust'
decimation: no, I would argue that the benefits accrue to specific corporations
asciilifeform: decimation: it is as doomed as the cartoon wolf who walks off the cliff and does not necessarily notice - at first
decimation: asciilifeform: in this way you can see how the internet 'as is' is doomed to some degree
asciilifeform: there is NO circumventing this, because ultimately it is a thermodynamic law
asciilifeform: in NO possible universe does this lead to anything but grief
asciilifeform: there is a basic principle which applies equally to the 'orphanage' discussions and to today's ddos thread: NEVER give derps something valuable just for showing up
assbot: Logged on 19-07-2015 18:34:53; mod6: but now I'm scared that even if i /do/ remove them by hand, they might get accidentially pruned by a downstream patch (later in time) causing the makefile to puke.
mircea_popescu: http://log.bitcoin-assets.com/?date=19-07-2015#1206370 << this makes sense. ☝︎
mircea_popescu: apparently either there's none or everyone else in bitcoin is just watching tv.
assbot: Logged on 19-07-2015 18:26:59; asciilifeform: i've been waiting to hear somebody describe ~some~, even very theoretical, down side for those
mircea_popescu: http://log.bitcoin-assets.com/?date=19-07-2015#1206352 << obviously, inasmuch as they're the result of lengthy consideration / involved discussion here, their unexpected downsides shouldn't be expected to be provided by us. ☝︎
decimation: you did force the attacker to lay down one card
mircea_popescu: not like you're going to see it on wh.gov
mircea_popescu: anyway, wanted to see i can first take down random sites with it
mircea_popescu: asciilifeform well the whole thing's a parody.
decimation: maybe even $$ tril
decimation: I see ip has here to stay forever, because of the $$ bil it would cost to do otherwise
decimation: my earlier proposal of 'charging per packet routed' is a jungle way of implementing this
asciilifeform: iirc he still thinks that ip as it exists now can be entirely abstracted over, and that the spec ought not mention details like packets
decimation: yeah I was more interested in the argument that generated it
decimation: gonna have to re-read
decimation: yeah I didn't recall the encrypted part being mentioned before
asciilifeform: payload (incl. the signature) is in the crypted blob ☟︎
asciilifeform: decimation: attacker cannot glean identity from an rsa-encrypted packet sent to a known public key
phf: and you want it to be fully stateless?
asciilifeform: generally speaking, your machine - to an attacker lacking the keys - must look exactly like an empty wall socket to the enemy.
decimation: as I recall his objection is that he didn't want third parties to be able to easily glean identites from packets
asciilifeform: it is the one and only pill against ddos
asciilifeform: but the aspect i'd like to emphasize - one which mircea_popescu thought to be an optional frill and did not include in his spec - is the single-packet authentication.
decimation: back in the day, ham radio folks used to run something much like fidonet except completely over shortwave/vhf radio
asciilifeform: gossip net is rather more like anarchist 'cells' than anything else.
asciilifeform: decimation: this is rather like saying 'proposed something like a chair, except that it flies through space and takes pictures'
decimation: I think ascii is proposing something like tor except everyone knows everyone else, and routes accordingly
asciilifeform: or even to remain the same from day to day
asciilifeform: and since we aren't a usg wankatron like tor, there is no reason for all of the 'gates' to be publicly advertised
jurov: ah that i wanted to know
jurov: how does the gate look? like tor enter node?
asciilifeform: why is there only one gate ?
asciilifeform: jurov: the point is that the million wolves are, in your example, all lining up at one gate
jurov: but if you get gigawolves via ip arriginv, how are you getting sheep through?
jurov: what if there are million wolves and you must check their sigs?
decimation: jurov: why does qntra need more than 1 gigabit
decimation: which is roughly the position we are all in, failing to have $$ mil networks
asciilifeform: wolf gets to stay in the forest, outside city walls
asciilifeform: a network that a wotless wolf cannot even connect to in any meaningful sense.
asciilifeform: jurov: understand that the solution has to be deployed as a network, rather than in one point
phf: build FIDO on top of gossipd ;)
jurov: dear decimation these ddoses have tens or hundreds gigabits... and not with 1500 byt packets ☟︎
decimation: it might add a tiny bit of latency
asciilifeform: the only thing you need the fast logic for is to mux/demux to the processing pipes
jurov: we can do asics that easily do 1e6*1e5 operations per second ?
asciilifeform: rather than hll synthesis
asciilifeform: probably needs to be designed the old-fashioned way, to get real performance
asciilifeform: decimation: wouldn't go that far
decimation: probably could go to opencores right now and find a crypto block
asciilifeform: none of this is an open problem in any sense
asciilifeform: what it means is, designed for the occasion
jurov: any asic that comes even close to that? ecdsa/2048RSA?
asciilifeform: jurov: aha. and you check them at line speed.
jurov: they need to be checked at places where do 1e6 pkt/sec flow
jurov: but if you check sigs at destination, then you haven't solved ddos at all
asciilifeform: 'mother taught me never to speak with strangers' (tm) (r)
decimation: asciilifeform: how could you route if the destination were encrypted?
asciilifeform: the heroic bandwidths are, imho, unnecessary - the only thing it needs to do extremely quickly is to reject enemy garbage
decimation: jurov: to be fair, cisco does the same thing (custom logic in router)
decimation: jurov: yeah it would need to be done in custom logic
jurov: asciilifeform: how would that cheap 1e6/sec sig verificating router look?
asciilifeform: this is also why every packet is rsa-encrypted to the destination's pubkey.