03:23 |
* |
asciilifeform massaged 3.2.2 and 4.3.1, and elsewhere; stops for the day |
| |
~ 1 hours 32 minutes ~ |
04:55 |
asciilifeform |
thimbronion, jonsykkel , et al : had possibly interesting idea for auto-resolution of forks. record the first l1 peer via whom you received a hearsay bearing that speaker. the chain of the fork received via that peer is to be considered genuine. |
| |
↖ ↖ |
04:56 |
asciilifeform |
applies (unless asciilifeform miscalculates) recursively, to enforce '1st user owns the handle' across the pestnet. |
| |
↖ |
04:57 |
* |
asciilifeform invites folx to come up w/ a counterexample, in which algo bombs |
05:00 |
asciilifeform |
http://logs.nosuchlabs.com/log/asciilifeform/2022-01-23#1075817 << in the absence of an immediate message or prod from that speaker (if he is in-wot) , that is. |
05:00 |
dulapbot |
Logged on 2022-01-23 23:55:51 asciilifeform: thimbronion, jonsykkel , et al : had possibly interesting idea for auto-resolution of forks. record the first l1 peer via whom you received a hearsay bearing that speaker. the chain of the fork received via that peer is to be considered genuine. |
05:02 |
asciilifeform |
( a message directly from a peer already resolves any forks afflicting that peer) |
05:02 |
dulapbot |
Logged on 2022-01-21 18:00:55 asciilifeform: thimbronion: a msg from a direct peer is prima facie authentic |
05:07 |
asciilifeform |
on contemplation, not clear that forks can even occur at your station if all of your peers apply this rule. |
05:08 |
asciilifeform |
could dispense, then, with the fugly 'fork alarm' thing entirely. |
05:08 |
asciilifeform |
(and if one of yer peers ~isn't~ applying it, will be immediately clear ~who~) |
05:09 |
asciilifeform |
this might be the sought-after finalsolution, unless asciilifeform is missing sumthing. |
05:09 |
* |
asciilifeform to bed. |
| |
~ 33 minutes ~ |
05:43 |
jonsykkel |
im not clear on wat a fork is exactly, prev understanding was that fork = 2+ msgs exists with same selfchain value (chain has fork shape to it), and can occur for peers as well as non peers |
05:43 |
jonsykkel |
reading draft now, understanding is that fork has occured if recv msg that overlaps with previously recorded chain in time dimension (or msg that predates genesis, presumably), and is strictly relevant for non peers |
| |
~ 1 hours 43 minutes ~ |
07:27 |
jonsykkel |
http://logs.nosuchlabs.com/log/asciilifeform/2022-01-23#1075817 << say u have following net: http://zzz.st/up/vFniopMQ/20220124_081722.png where square=pestron, color=handle, line=peering. noone has ever sent any msg, then blue(a) broadcasts a msg. yellow guy records msg and relays to red and green. red records msg. green rejects msg cuz in-wot hearsay (draft 4.3.1 step8). now blue(b) broadcasts |
07:27 |
dulapbot |
Logged on 2022-01-23 23:55:51 asciilifeform: thimbronion, jonsykkel , et al : had possibly interesting idea for auto-resolution of forks. record the first l1 peer via whom you received a hearsay bearing that speaker. the chain of the fork received via that peer is to be considered genuine. |
07:27 |
jonsykkel |
msg, green records and relays to red and yellow. red autoresolves cuz considers blue(a) the genuine blue chain. yellow rejects cuz in-wot hearsay. is this correct understanding? wat happens next, how does anyone know theres a collision? |
| |
~ 6 hours 38 minutes ~ |
14:05 |
asciilifeform |
jonsykkel: asciilifeform reverted the 4.3.1 step8 thing before went to bed |
| |
↖ ↖ |
14:07 |
asciilifeform |
green & yellow will not reject apriori |
14:12 |
asciilifeform |
they'll have seen blue(a). |
| |
~ 1 hours 27 minutes ~ |
15:40 |
asciilifeform |
jonsykkel: 1 possible issue (in light of the current buffer logic) is if blue(a) and blue(b) fire within 'Te' interval. |
15:42 |
asciilifeform |
if they do not, and, say, blue(a) fires, all three (yellow, red, green) will store 'yellow' as designated relayer for 'troo' 'a', and worx |
| |
↖ |
15:42 |
asciilifeform |
ditto if blue(b) fires 1st, then store 'green' |
| |
~ 21 minutes ~ |
16:04 |
shinohai |
$ticker btc usd |
16:04 |
busybot |
Current BTC price in USD: $34105.7 |
16:04 |
shinohai |
$uptime |
16:04 |
busybot |
The bot has been up for: 52 days 29 minutes and 40 seconds |
| |
~ 19 minutes ~ |
16:23 |
asciilifeform |
34$ when! |
16:25 |
thimbronion |
asciilifeform: let's say the peer via which first hearsay message from alice goes offline. Now we receive a message from alice that breaks the chain. Alice is permaforked? |
16:27 |
asciilifeform |
forked until $peer returns and relays the original's; or until resolved by %resolve (which loox like you'd still need, ugh) |
16:29 |
* |
asciilifeform quite convinced that there's a clean solution to all of this, simply asciilifeform somehow missing it, not looked in correct direction evidently |
16:30 |
PeterL |
would you only be able to "getdata" from peers, or can you ask for intervening messages from L2? |
16:30 |
asciilifeform |
only peers |
16:30 |
asciilifeform |
getdata aint relayed. |
16:31 |
asciilifeform |
(it's potentially expensive) |
16:31 |
PeterL |
although, if you are seeing messages from L2 then they must be connected to one of your peers, presumably they would have the intervening messages? |
16:32 |
asciilifeform |
not necessarily |
16:32 |
asciilifeform |
for instance, they would not have seen messages preceding their peering |
16:32 |
asciilifeform |
(unless successfully getdata'd upstream for'em) |
16:32 |
PeterL |
so not guranteed |
16:33 |
asciilifeform |
aha. in general getdata aint guaranteed to succeed. |
16:33 |
asciilifeform |
(tho often enuff you'll have entire msg history of the pestnet from genesis. but not guaranteed.) |
16:38 |
asciilifeform |
orthogonally, asciilifeform still considering variant of this, but corrected -- the idea is, one ought not to process an in-wot hearsay if the speaker corresponds to a 'warm' peer. (you'll either defo get the immed. copy, eventually, or oughta prod him then getdata for it until you do) |
16:38 |
dulapbot |
Logged on 2022-01-24 09:06:12 asciilifeform: jonsykkel: asciilifeform reverted the 4.3.1 step8 thing before went to bed |
16:39 |
asciilifeform |
given addr cast, there oughta be no such thing as a 'broken peering' while peer's station is standing |
16:39 |
asciilifeform |
(if it aint standing, anyffin you see w/ that speaker is ipso facto bogus) |
16:40 |
asciilifeform |
i.e. not clear that you'd want to process in-wot hearsay at all. |
16:41 |
PeterL |
the other messy time is if A and B each have a different peer named C, how do things get handled if A and B peer? |
| |
↖ |
16:43 |
asciilifeform |
well, ideal would be if somehow distinguishable. |
16:46 |
asciilifeform |
w/ the current logic, doubt that A and B would stay peered for long, unless one of'em is willing to give his C the boot. |
16:49 |
asciilifeform |
let's turn the problem 'inside out' and give ~desired ultimate condition~ (in the same way the 'martian bank' describes the desired condition of bitcoin net) . |
16:49 |
dulapbot |
(trilema) 2016-10-20 asciilifeform: ('martian bank' being simply a naive abstraction of 'idealizes swiss bank', where money supply is constant, and i can send from account a1 can send to a2 if and only if i have the privkey for a1, and double-spend - impossible, etc.) |
16:51 |
asciilifeform |
what asciilifeform wants is to emulate the 1 desirable aspect of a traditional centralized 'fleanode' : that the 1st user of a handle on a given pestnet can be distinguished from subsequently appearing users. |
| |
↖ |
16:51 |
asciilifeform |
this is likely impossible in the general case. |
16:52 |
asciilifeform |
q is -- to what extent can one in fact square this circle. |
16:56 |
asciilifeform |
... suppose, for instance, that the msg having ~lower min bounce~ is considered (in absence of immediate msgs from $speaker) to represent the troo branch of a fork. |
16:56 |
thimbronion |
asciilifeform: could the original handle user broadcast a pubkey which could be used to answer challenges if an imposter shows up later? Or is this what we already have with resolve, sorta? |
16:56 |
asciilifeform |
thimbronion: no pubkeys in pest. |
16:56 |
asciilifeform |
you can of course talk to people 'out of band' and send gpggrams, etc |
16:57 |
asciilifeform |
but this doesn't help a pest station distinguish fork ends for marking. |
16:57 |
asciilifeform |
gotta have a means for actually suffixing e.g. bozo-1, bozo-2, when receiving l2+ hearsays. |
16:58 |
asciilifeform |
thimbronion: recall the orig. reason why pest is using symmetric crypto, btw |
| |
↖ ↖ |
17:00 |
asciilifeform |
( we aint got the req'd holy grail. ) |
17:00 |
dulapbot |
Logged on 2021-07-03 13:14:52 asciilifeform: gold standard would obv. be rsa signatures. but these aint practical at line-rate on pc sadly. |
17:02 |
asciilifeform |
~anyffin~ that can be thrown at a station gotta be processable (incl. ~all~ K(S) attempts over whole, wot, ~and~ dedup.) in the avail. interval per packet to maintain line rate. |
17:02 |
dulapbot |
Logged on 2021-09-23 15:21:07 asciilifeform: i expect you'd have at least 8cores on reasonable box, which gives you ~105840 ticks to process a packet, imho entirely doable. |
17:03 |
thimbronion |
why would challenges occur at line rate? |
17:03 |
asciilifeform |
not 'would', but ~could~ |
17:03 |
asciilifeform |
anything that ~can~, must be considered to ~will~ |
17:05 |
thimbronion |
challenge sould be symmetrically encrypted and manually initiated. Response would be manual. |
17:05 |
thimbronion |
*would |
17:07 |
asciilifeform |
on top of which, asciilifeform ~likes~ that there aint long-term keys in pest. pubkey crypto oughta be manually operated, i.e. consciously triggered at appropriate occasions, rather than sumthing a rando can cause you to do when he pleases |
| |
↖ |
17:07 |
dulapbot |
Logged on 2022-01-18 16:20:27 asciilifeform: but 'erry ln you type to a stranger in a chat' aint 1 of'em |
17:08 |
asciilifeform |
and there's no place to bolt on a 'manual' challenge, cuz again, no way to 'attach' pest msgs to a longterm key w/out forcing its use in sealing ~erry~ msg. |
17:10 |
asciilifeform |
the fundamental unsolved problem atm is in fact ~distinguishing~ multiple l2+ stations speaking w/ same handle. |
| |
↖ |
17:13 |
asciilifeform |
thimbronion: does this make sense to you ? pgpgrams to/from randos who are 'sharing party line' are completely meaningless. |
17:13 |
thimbronion |
right - no way to block the l2 peer that didn't respond to the challenge - only the l1 peer that is the conduit |
17:14 |
asciilifeform |
they aint distinguishable ! |
17:14 |
thimbronion |
l1 peers distinguishable, l2 peers indistinguishable |
17:14 |
asciilifeform |
aha |
17:14 |
asciilifeform |
that's the boojum |
17:17 |
asciilifeform |
atm the only things which are distinguishable are 1) msgs from l1 peers 2) arbitrary msgs w/ distinct speakers 3) ~relayers~ of msgs from l2+ peers 4) chains. |
17:17 |
asciilifeform |
err, 3) ~relayers of msgs from l2+ speakers |
17:18 |
* |
asciilifeform thinks he's finally cleaned up all the gaffes in spec where referred to a l2+ station as a 'peer' |
17:18 |
* |
asciilifeform may've missed 1 or 2 tho |
17:20 |
thimbronion |
So the only person who could identify a counterfeit station would be the original station - because, hey - that wasn't me! |
| |
↖ |
17:20 |
asciilifeform |
correct, that's the only operator who immediately knows (supposing he's 'warm'. if he's 'cold', i.e. he's out mountain climbing and/or his station is down, then not him, either) |
17:24 |
asciilifeform |
and (as PeterL pointed out upstack ) not all collisions feature an obvious 'genuine' and 'impostor' station from the pov of all stations on the pestnet |
17:24 |
dulapbot |
Logged on 2022-01-24 11:41:33 PeterL: the other messy time is if A and B each have a different peer named C, how do things get handled if A and B peer? |
17:31 |
asciilifeform |
thimbronion, PeterL , et al : see the 1st thrd re subj also. |
17:31 |
dulapbot |
Logged on 2021-09-13 15:04:51 asciilifeform: punkman: the stick gotta be both long and short. hot and cold. |
17:31 |
asciilifeform |
( featuring certain of asciilifeform's prev. attempts at solutions ) |
17:33 |
asciilifeform |
( e.g. this one. which imho nogood. ) |
17:33 |
dulapbot |
Logged on 2021-09-13 15:10:22 asciilifeform: either that, or -- from asciilifeform's chalkboard -- erry message includes 2 additional 256bit fields . one is H256(R) where R is a rng turd. the other is the R from previous. |
17:33 |
dulapbot |
Logged on 2021-09-13 15:10:44 asciilifeform: a message not carrying correct R is immediately known to be fraudulent. |
17:33 |
dulapbot |
Logged on 2021-09-13 15:11:37 asciilifeform: this scheme is however vulnerable to mitm, anyone who is able to read a message's successor can generate a variant message, because knows the requisite R. |
17:38 |
asciilifeform |
^ in which thread, asciilifeform came up w/ interning hearsays and counting the relaying peers, to allow ~some~ distinguishing mark. |
17:38 |
asciilifeform |
it's a half-solution, that one could perhaps live with, but imho still sux. |
17:39 |
* |
thimbronion needs moar modafinil |
17:39 |
asciilifeform |
thimbronion: the 1 from that shop you linked last yr was a++ delish, btw. |
17:40 |
thimbronion |
asciilifeform: indeed no duds |
17:40 |
asciilifeform |
they had an interesting spampaypal scheme for fiatola intake btw (chances are that thimbronion not seen it). they send you to some shithole and 'buy tshirts' |
17:41 |
* |
asciilifeform was surprised that it wasn't a straight blackhole |
17:43 |
thimbronion |
lol no didn't see it |
17:43 |
asciilifeform |
prolly not long lived |
| |
~ 22 minutes ~ |
18:06 |
* |
asciilifeform has been bashing head against the 'fork' thing since july, not come up w/ anyffing palatable |
| |
~ 1 hours 45 minutes ~ |
19:52 |
asciilifeform |
... thinking about it, this might not be a problem given that just about erryone will see the original 1st. |
19:52 |
dulapbot |
Logged on 2021-09-13 15:11:37 asciilifeform: this scheme is however vulnerable to mitm, anyone who is able to read a message's successor can generate a variant message, because knows the requisite R. |
19:53 |
asciilifeform |
so, for the sake of argument: suppose that (at the expense of payload) a message gets 2 new h256 fields : call'em Q and R ; |
19:54 |
asciilifeform |
Q is H(message, incl. A; and a 32-byte turd, S, not included in the msg.) |
19:55 |
asciilifeform |
A -- is the S from that station's prev. message . |
19:55 |
asciilifeform |
err, Q and A. |
19:56 |
asciilifeform |
lol |
19:56 |
asciilifeform |
let's repost: |
| |
↖ |
19:56 |
asciilifeform |
so, for the sake of argument: suppose that (at the expense of payload) a message gets 2 new h256 fields : call'em Q and A ; |
| |
↖ |
19:56 |
asciilifeform |
Q is H(message, incl. A; and a 32-byte turd, S, not included in the msg.) |
| |
↖ |
19:56 |
asciilifeform |
A -- is the S from that station's prev. message . |
| |
↖ ↖ |
19:59 |
whaack |
howdy |
19:59 |
asciilifeform |
wb whaack |
19:59 |
whaack |
ty |
19:59 |
whaack |
!e view-height |
19:59 |
trbexplorer |
block_height: 720224 |
19:59 |
trbexplorer |
mins_since_last_block: 9 |
19:59 |
whaack |
!e view-block 720224 |
19:59 |
trbexplorer |
http://paste.deedbot.org/?id=5piY 1 of 1 |
20:00 |
whaack |
!e view-tx 720224 1234 |
20:00 |
trbexplorer |
http://paste.deedbot.org/?id=rDfM 1 of 1 |
20:02 |
whaack |
random tx lotto hit a segwit :( |
20:02 |
asciilifeform |
lol |
20:03 |
* |
asciilifeform can't tell whether ^ represents working eater or no |
20:03 |
asciilifeform |
... to wrap up upstack: if H(M_prev + A_current) != Q_prev : you have a bogon. |
| |
↖ |
20:06 |
asciilifeform |
if one could fit e.g. a lamport sig in there, there'd be no headache. |
| |
↖ |
20:06 |
asciilifeform |
but can't. |
20:07 |
asciilifeform |
i.e. somebody who knows A_current can forge a bogus M_prev. |
20:09 |
asciilifeform |
the $64 question is whether this is actually a problem , given that the genuine M_prev reaches errybody 1st. |
20:17 |
asciilifeform |
the latter aint guaranteed tho, esp. if >1 msg sent in reasonably quick succession. dr.evil takes A_current and forges M_prev, and sends it out (with a doctored timestamp, for good measure), this may reach some stations on the pestnet before the genuine m_prev. |
20:20 |
asciilifeform |
so this scheme's a dead end, unless somebody can think of a mechanism whereby knowledge of A_current aint sufficient to forge M_prev, but somehow whole orchestra -- existing packet fields, along w/ the Q and A -- fits in 508 bytes. |
20:20 |
dulapbot |
Logged on 2021-09-19 16:28:22 asciilifeform: but only <=508byte guaranteed not to frag. |
20:20 |
PeterL |
solution: don't let dr. evil be your only peer into the pestnet? |
20:20 |
asciilifeform |
PeterL: he aint your peer. he's sitting somewhere in your l2+. |
20:20 |
asciilifeform |
hears an l3 msg before you do, and forges it. |
| |
↖ |
20:21 |
asciilifeform |
an' nao yer back to indistinguishability . |
20:23 |
asciilifeform |
this was wai asciilifeform tossed out the orig. variant of the scheme. the extra packet mass does 0 good, yer back to where you started. |
| |
~ 37 minutes ~ |
21:00 |
asciilifeform |
... could, of course, reveal the A's in a (dedicated broadcast type) msg ~after~ satisfied that erryone on net received yer msgs. but this brings you back to 'can't distinguish in real time' |
| |
~ 2 hours 7 minutes ~ |
23:08 |
* |
asciilifeform looked again for 'canhaz lamport but weighing over9000x less?' but found still only ye olde winternitz's method, which still order of magnitude too obese (and slow) . |
23:08 |
dulapbot |
Logged on 2020-11-13 13:25:17 asciilifeform: meanwhile, in olds : in '19, erlehmann apparently wrote an implementation of Winternitz's OTS algo, in the style of his earlier remake of asciilifeform's Lamport OTS proggy. |