waxwing @waxwing@x0f.org

ZmnSCPxj is here.

(and he has a microphone).

This must be the noisiest conference I've ever been to ... there's an LND guy trying to give a presentation approximately 3 meters from where I'm sitting and I can't hear him :)

While the LN node count has increased 150% during Feb to Oct this year, the central point dominance has decreased 13% - talk by Elias Rohrer right now in Berlin.

Having tons of productive discussions with people today, mostly about schnorr, taproot, coinjoin and various related ideas. The conference (this is only the pre- part) appears to be packed out.

Also saw a demo from @openoms of the raspiblitz project, really impressed with how much functionality is already packed in there.

paper concerned: https://eprint.iacr.org/2016/191.pdf

; it's a descendant of the much more famous Pointcheval and Stern paper from 2000 that introduced the now famous Forking Lemma.

On the key prefixing, the industry debate is interesting but there's nothing to discuss for Bitcoin's Schnorr inasmuch as the musig scenario of arbitrary keys being provided as input means it's completely necessary to use prefixing.

Only just noticed that Wuille's bip-schnorr footnote on security references the same paper that I dug up for my "ring signatures" blog post (https://joinmarket.me/blog/blog/ring-signatures/), for the topic of the security proof of Schnorr. It's an interesting paper, very dense but in particular for the section I quoted describing the fascinating issue of "key prefixing" and how industry has vacillated on it. Intriguingly the paper authors argue *against* the necessity of key prefixing but bip-schnorr ofc does use it 1/2

BlueMatt giving PoS (so beloved of academia) a good battering 😂

https://www.youtube.com/watch?time_continue=1&v=EarnK6eBUj4

Refreshingly (well, kinda), even in random shops in shopping malls in Berlin you will sometimes hear "sorry, cash only". This is so rare nowadays in "developed" countries.

I'll just be happy as long as people accept cash as an *option* ... which is starting to fall away.

Not novel, but considering the experience I just had at an airport (being asked for boarding pass at shop and getting dirty look when I said no) just reminds me that people should focus on the main reason privacy is important: security requires privacy. Even if you never plan on doing anything censured by society, leaks of info to corps, governments and their representatives are threats, however minor, to your personal security.

Just tried it .. damn, I guarantee that if you gave that to a new user, however technical, it would take them at least 5 minutes (and probably longer) to figure out how to enable it!

I do appreciate clean, simple design but sometimes it makes advanced features incredibly obscure to access.

(Also I'd like a clear notification of whether my connection to Tor HS that I configured in SPV settings is working .. atm I can't see anything).

@LarryBitcoin I know you're not on here but hi :)

Integrated Tor support without Orbot on Green ... could be really cool .. Orbot refused to work on my old Android phone.
https://www.reddit.com/r/Bitcoin/comments/difmkk/blockstream_green_bitcoin_wallet_adds_early/

Now I'm sitting in a cafe not on a train I can think a bit more :) I guess it's not much of a question that collision resistance *is* required, but that was also true of p2sh (consider multisig). You want to reduce the creation of P', s' s.t. P' +H(P',s')G == P + H(P,s)G by the attacker to a known hard problem. Does that encapsulate it entirely? I really have no idea :)