I'm curious how many people around here remember the story of Ladar Levison and Lavabit:

"Lavabit was ordered to provide the SSL key in machine readable format by noon, August 5 or face a fine of $5000 per day.[28] Levison closed down Lavabit 3 days later. "


It still stands out as an almost unique defiance against government surveillance.

waxwing boosted

#Bitcoin doesn't have inflation, it has predictable distribution of a fixed cap supply.

Calling it inflation confuses people.

@pete in your recent mailing lost post you wrote, in response to this:

"> In the CHECKTEMPLATEVERIFY approach, ... Based on a
> destructuring argument, it is only possible to create templates which expand
> in a finite number of steps. ....

(snipped), :

"The "finite" number of steps could be millions of transactions - "infinitely
long" for any practical purpose."

I don't understand why this is an issue. If there's a chain of ctv outputs, why does the network as a whole care?

This is interesting: stacker news is experimenting with a WoT model:


I fed the sheep :)


Interestingly the guy coded it to display the payment hash in the twitch chat when it's received: "tanglesheep
Thx for feeding via BITCOIN LN your payment hash is ..."

The sheep all ran to the trough straight away. Surreal.

Here's a fun artificial case to demonstrate the point (from the first post in thread): you make an app that rewards people who own a set of addresses (that you've chosen in advance because .. they're cool people) A_i with pubkeys P_i . They can claim 1 coin by signing a message with key P_i. To make it fun you allow them to enter the text (m) they sign in some web app, then your app verifies the signature of P_i against that text m, and sends the coin if so (once per P_i).

Show thread

github.com/indutny/elliptic/bl do not read that great if taken at face value 馃槀

Also am I taking crazy pills or is it really dubious to be using any form of truncation in these algorithms?!

Show thread

ECDSA has, as part of its definition in the sign() and verify() operations, a hashing step on the message. There are very good reasons why this is necessary. Apparently according to Matt Green's recent blog post, this is the code that does sign/verify in metamask (and may well be, many other JS projects):


I notice it does not include that hash step. It won't matter in all but an extremely artificial case, but ...

Also comments like this: (1/2)

waxwing boosted

Battery testing done. It can easily go 5 days just on battery. Bottom metrics are mempool size and median fee (no decimal point yet).

waxwing boosted

馃攰Don't miss our next event!

馃搮26 January@18:00

鈿★笍Igor Korsakov creator of Blue Wallet will tell us what LN developments he finds interesting:
- @Synonym_to
- Omni bolt protocol, tokens on lightning
- LSPs


For trading of many things (good example: FX), margin is logical and it improves liquidity/market functioning. I might want to put 30% of my investments into a position, but if I can do it while only risking 10% of my investments with a central counterparty, it's far superior. When leverage becomes very large, it does indeed become a reckless gamble (except for specialized professional situations), but even when conservative, it's still hugely valuable to reduce counterparty risk.

Show thread

I still think real-time updating of collateral/margin in trading could be the surprising 'killer-app' of (or maybe just bidi channels).

I mean I could well be wrong, but it's a surprising idea in the sense that everyone has assumed that 'streaming payments' is useful pretty much only for micro-payments.

The 'posting of margin' (the old name for it) is often misunderstood, people think margin trading is degenerate but it's actually about reducing counterparty risk.

waxwing boosted

Just purchased an Internet package on Claro's own website using #LightningNetwork! It was easy to find the option (big button under the credit card form), and confirmation was instant. The future is now.

Pepperidge farm remembers when your computing device was your servant, not your master.


waxwing boosted

Chapter 4, in which we introduce malicious pinecones to model classes of attack on the P2P Matrix network (and figure out mitigations). Very fun to have got to the point of handling adversarial conditions!

... I still can't imagine a concocted scenario where I would screw up in this kind of way. Perhaps that's more an argument for actually *understanding* things like signature algorithms, even if you're not a world-class expert, and less a commentary on personal motivation.

I wonder if the rather high complexity of the code he *removed* might have been a factor, too.

OK I'll stop :)


Show thread

.. wanted to achieve a big performance boost and wasn't paying attention to any of the underlying mathematics too carefully.

*Perhaps* choosing '8' in the nonce generation actually made it faster (hmm, ok, maybe not, that is wild guess)? If that were true, it would explain it. But if not, we still have the case of someone ignoring security issues because they're 100% focused on improving user experience/achieving a goal.

As someone who's made bad errors in coding such stuff myself, (4/n)

Show thread

.. from Charles; this is the most important part of a PR thread as it tells you the outline of what the *intention* is (usually). It is all about performance. He's switching up the underlying crypto code in the hope of making the library a lot faster.
4. In the final comment, on merging, again from Charles, and again the *only* comment that talks about PR content, we have a concret-ised claim of the speed improvement.

The conclusion is conjecture but I think fairly obvious: Charles badly (3/n)

Show thread

The PR conversation: github.com/bitpay/bitcore/pull has 20 entries. There are a few things I notice:

1. This is all Ryan's work, there is no ACK going on, he wrote the code and merged it.
2. There is, however, a fair bit of feedback from several well known community members. All of it is just 'cool!' or variants thereof. (I am loth to judge though, been there, got the T-shirt. We don't always check everything and sometimes take stuff at face value).
3. Look at the main introductory comment .. (2/n)

Show thread

In that recent citadel dispatch podcast I mentioned the funny anecdote of being on IRC with gmax when the "Biased Nonce-sense" paper (Breitner, Heninger) came out, and how he in a matter of minutes found the commit that caused the 64 bit nonces. I was pleased to see the latest version of the paper credits him (p. 10 eprint.iacr.org/2019/023.pdf ) but also it inspired me to re-look at the offending Ryan X Charles commit: github.com/bitpay/bitcore/pull
Why 8 bytes? Look at the PR.

Show older
unidentified instance

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!