Posts by kalle@bitcoinhackers.org
(DIR) Post #AEVOUVduy1Gydz5h2G by kalle@bitcoinhackers.org
2021-12-17T20:02:38Z
0 likes, 0 repeats
@lukedashjr ok, so upgrade mechanisms is one reason for knots, but what else? It's your project and I have no reason to argue about your choices. I honestly just want to know what they are.Is there a list of functional diffs or similar?
(DIR) Post #AEVOqUqSc6B0XaRSJk by kalle@bitcoinhackers.org
2021-12-17T20:06:36Z
0 likes, 0 repeats
@lukedashjr @_ yeah, nonsense spamming. Block the dude.
(DIR) Post #AEVP6bqgLGwStZEErI by kalle@bitcoinhackers.org
2021-12-17T20:09:31Z
0 likes, 0 repeats
@lukedashjr beautiful, thanks!
(DIR) Post #AEas5M2adaCl1KO7yy by kalle@bitcoinhackers.org
2021-12-20T11:27:43Z
0 likes, 0 repeats
@orionwl@sjors @lopp And wherever you run, you can't know what shitshow your new country will pull off next week.
(DIR) Post #AEfU4WLPfCs3XS6dTk by kalle@bitcoinhackers.org
2021-12-22T13:25:46Z
1 likes, 0 repeats
What's the purpose of having the nonce commitment, R, in the challenge of of a Schnorr signature?The only reason I can come up with is malleability. if R isn't part of the challenge and (R,s) is valid for a message m and key P, then (R+xG,s+x) is also valid for m and P.Are there other issues than this?ping @waxwing https://x0f.org/@waxwing/107486175670399976
(DIR) Post #AEjZsMAJ3nVSqoKkS0 by kalle@bitcoinhackers.org
2021-12-21T16:14:41Z
0 likes, 1 repeats
Just published: Schnorr Basics.* How Schnorr signatures work* Why use a nonce?* Why is the nonce private?* Why is nonce reuse bad?Thoroughly unreviewed by experts, please comment with corrections.https://popeller.io/schnorr-basics
(DIR) Post #AEkPNdmOiR0g7VpEFk by kalle@bitcoinhackers.org
2021-12-22T21:37:21Z
0 likes, 0 repeats
@loppFunny though
(DIR) Post #AEni3eXgeRkFIV0UPA by kalle@bitcoinhackers.org
2021-12-26T15:23:23Z
0 likes, 0 repeats
@waxwingThe witness version is part of the checksum, they simply ignored the checksum, it seems. The data part, witness version+witness program, is checksummed.@jb55
(DIR) Post #AFTDiwKtW23TrTbGSm by kalle@bitcoinhackers.org
2022-01-15T16:44:39Z
0 likes, 0 repeats
@jimmysong Good Morning, Jimmy! Beautiful T-shirt!
(DIR) Post #AI6zISubp4TGHhtnai by kalle@bitcoinhackers.org
2022-04-04T16:55:38Z
0 likes, 0 repeats
@jimmysongGreat story! You're a very good writer, did you know that? Thanks Jimmy!
(DIR) Post #AKHAURWImdESpesHcO by kalle@bitcoinhackers.org
2022-06-08T07:32:35Z
0 likes, 1 repeats
@ZmnSCPxj Coindesk [1] says this and I'm wondering if the quote is correct. I just want to make sure I'm not propagating invalid blocks of text.Background: I'm writing a few paragraphs about pseudonymous development at https://rosenbaum.se/btcphil/ and I think you're an interesting example.[1] https://www.coindesk.com/markets/2020/06/29/many-bitcoin-developers-are-choosing-to-use-pseudonyms-for-good-reason/
(DIR) Post #APQGk3oQFM6UvL8iae by kalle@bitcoinhackers.org
2022-11-09T09:15:19Z
0 likes, 0 repeats
@peteThis will be the year of mastodon microblogging.
(DIR) Post #ASPYlRmRyO1XlBRNGC by kalle@bitcoinhackers.org
2023-02-06T18:11:02Z
0 likes, 0 repeats
I haven't seen this argument for RBF/full-RBF being discussed:An attacker sends a tx (T) to a merchant and at the same time sends a double-spend tx (D) to the rest of the network, hoping that D will prevail, except on the target node.If T is not replaceable, the merchant will not become aware of D until D is mined.1/n
(DIR) Post #ASPYlSXFAPSE6JKkCG by kalle@bitcoinhackers.org
2023-02-06T18:11:45Z
0 likes, 0 repeats
If T is replaceable, the merchant can wait X seconds before sending the good or service. If no double spend has happened within X seconds, they can be pretty sure that this particular attack isn't being pulled off.Has this been brought up as an advantage for RBF/fullRBF before? I'm looking for links to such discussions?2/n
(DIR) Post #ASPYlTE8avlWFLP03U by kalle@bitcoinhackers.org
2023-02-06T18:12:48Z
0 likes, 0 repeats
A typical attack that utilizes RBF is to send the replacement transaction right after the good or service is delivered. This makes for a window of failure for the attacker. The longer delivery takes, the higher the risk of attack failure. The merchant can thus wait X seconds before delivery, to somewhat deter attempts at this attack.3/n
(DIR) Post #ASPYlTjghd0DpCACES by kalle@bitcoinhackers.org
2023-02-06T18:13:23Z
0 likes, 0 repeats
With the attack descibed above, if D is successfully propagated to miners, there is no risk of failure if T isn't replaceable. So the problem boils down to how to get D to miners, before the merchant's node propagates T to said miners. On the other hand if T is replaceable, the merchant will become aware of D within the time of normal transaction propagation.@pete @harding any thoughts on this?4/4
(DIR) Post #ASPpbZGWzFURIeNy7M by kalle@bitcoinhackers.org
2023-02-06T21:47:35Z
0 likes, 0 repeats
@peteOh, that last part was a really good point. Thanks!@harding
(DIR) Post #AST0EcUCWrITb6v4Vs by kalle@bitcoinhackers.org
2023-02-07T17:08:41Z
0 likes, 0 repeats
@matt404 on the link
(DIR) Post #AST0Ecxyk97H5SqqvY by kalle@bitcoinhackers.org
2023-02-07T17:11:24Z
0 likes, 0 repeats
@mattOr do I have to be logged in to read it?
(DIR) Post #AStQ7B8na2kto6s1eS by kalle@bitcoinhackers.org
2023-02-19T08:10:30Z
0 likes, 0 repeats
I'mnpub1g9ym6t98cz9tvvsac865zak83txjjhd2yqcdegzwsqg2mxfww9xs8fy05ton nostr