From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1VRkja-0007kX-8L for bitcoin-development@lists.sourceforge.net; Thu, 03 Oct 2013 15:22:34 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.214.51 as permitted sender) client-ip=209.85.214.51; envelope-from=mh.in.england@gmail.com; helo=mail-bk0-f51.google.com; Received: from mail-bk0-f51.google.com ([209.85.214.51]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VRkjY-0003wy-PV for bitcoin-development@lists.sourceforge.net; Thu, 03 Oct 2013 15:22:34 +0000 Received: by mail-bk0-f51.google.com with SMTP id mx10so1007190bkb.38 for ; Thu, 03 Oct 2013 08:22:26 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.204.68.142 with SMTP id v14mr8098911bki.18.1380813746148; Thu, 03 Oct 2013 08:22:26 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.204.237.74 with HTTP; Thu, 3 Oct 2013 08:22:26 -0700 (PDT) In-Reply-To: References: Date: Thu, 3 Oct 2013 17:22:26 +0200 X-Google-Sender-Auth: Jrs5-9OuE7Vx2qCVDo1T7Alw7Hg Message-ID: From: Mike Hearn To: Daniel Lidstrom Content-Type: multipart/alternative; boundary=001a1132e520d7472004e7d7c0eb X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: doubleclick.net] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1VRkjY-0003wy-PV Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Identity protocol observation X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Oct 2013 15:22:34 -0000 --001a1132e520d7472004e7d7c0eb Content-Type: text/plain; charset=UTF-8 1) Generate sacrifice proof file using an app 2) Load file into browser 3) Surf Where are the names in that design? I'm not sure where NameCoin comes into this. The point of a sacrifice is it's an anonymous identity, there's no point attaching a name to it. BTW I keep phone numbers in an address book ;) On Thu, Oct 3, 2013 at 5:16 PM, Daniel Lidstrom wrote: > Fair enough, though people still manage okay with phone numbers. And a > decentralized naming system seems to come at great cost - with namecoin you > need the whole blockchain to resolve names without trust. Strip out a bell > and whistle - meaningfulness and transferability of names - and you get a > simple, rudimentary (spam killing!) system that scales on any device. I'll > only argue that it seems to be Good Enough *for the types of people who > might care about decentralized names*. Probably a very small set :) > > > On Thu, Oct 3, 2013 at 8:00 AM, Mike Hearn wrote: > >> Interesting observation, thanks. >> >> I'd think any competent implementation of such an identity scheme would >> not involve end users directly handling randomized nonsense words, however. >> I always imagined a sacrifice as being a file that you make with a GUI tool >> and load into a browser extension. >> >> >> On Thu, Oct 3, 2013 at 3:35 PM, Daniel Lidstrom wrote: >> >>> A couple more thoughts on this: >>> >>> 1) Both c and k can be kept if c is pronounced 'ch', giving ~10.9 bits >>> per phoneme. >>> 2) An extra phoneme (4 encode 43 bits total) gives room to put extra >>> information into the name, e.g. the first 5 bits could be input as the key >>> to a PRP that permutes the last 38 back to a standard encoding of a tx >>> location. This would give the user 32 random names per sacrifice to choose >>> from, and 38 bits to encode its location in the blockchain, which is enough >>> for pretty large blocks. >>> >>> Sample 4 phoneme names: >>> ~milmoz-vyrnyx >>> ~mypnoz-fojzas >>> ~sawfex-bovlec >>> ~fidhut-guvgis >>> ~bobfej-jessuk >>> ~furcos-diwhuw >>> ~wokryx-wilrox >>> ~bygbyl-caggos >>> ~vewcyv-jyjsal >>> ~daxsaf-cywkul >>> >>> They're not that bad IMHO, especially if you get to pick a decent one >>> from a bunch. >>> >>> >>> On Thu, Oct 3, 2013 at 3:35 AM, Daniel Lidstrom wrote: >>> >>>> The location of a tx in the blockchain can be encoded in >>>> n=log2(h)+log2(t) bits, where h is the block height, and t is the number of >>>> transactions in the block. Currently h~250,000 and t~500, so n~27. A CVC >>>> phoneme encodes ~10.7 bits *, so a transaction today can be located in the >>>> blockchain with 3 of these, e.g. reb-mizvig. This is reasonably short, >>>> readable and memorable. >>>> >>>> The identity protocol Jeff Garzik is working on will link a public key >>>> fingerprint to a miner sacrifice transaction. This tx could in turn be >>>> uniquely described with a short name as above. Associating this name with >>>> the public key becomes secure once the tx is sufficiently buried in the >>>> blockchain. In the identity protocol, lightweight clients check the >>>> validity of a sacrifice tx by checking that its merkle path is valid. But >>>> this path encodes, via the ordering of the hashes at each level, the >>>> location of the transaction in the block, so the lightweight client can >>>> verify the sacrifice tx's short name using only the information he already >>>> has. >>>> >>>> Some more random names: >>>> vec-halhic >>>> wom-vizpyd >>>> guv-zussof >>>> jog-copwug >>>> seg-rizges >>>> jyg-somgod >>>> pax-synjem >>>> zyg-zuxdyj >>>> gid-mutdyj >>>> rel-hyrdaj >>>> >>>> Sources of inspiration: >>>> urbit.org >>>> https://en.bitcoin.it/wiki/Identity_protocol_v1 >>>> >>>> * This is somewhat restricted: I disallowed q for obvious reasons and k >>>> because it conflicts with c, and c looks much softer and less like >>>> Klingon. H is allowed for the first consonant, but not the second, and x >>>> is allowed for the last one, but not the first one. Y is a vowel, but not >>>> a consonant. Maybe these weren't quite the right choices. Paint away! >>>> >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> October Webinars: Code for Performance >>> Free Intel webinars can help you accelerate application performance. >>> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most >>> from >>> the latest Intel processors and coprocessors. See abstracts and register >>> > >>> >>> http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk >>> _______________________________________________ >>> Bitcoin-development mailing list >>> Bitcoin-development@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >>> >>> >> > --001a1132e520d7472004e7d7c0eb Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
1) Generate sacrifice proof file using an app
2) Load file into browser
3) Surf

Whe= re are the names in that design? I'm not sure where NameCoin comes into= this. The point of a sacrifice is it's an anonymous identity, there= 9;s no point attaching a name to it.

BTW I keep phone numbers in an address book ;)=C2=A0




<= div class=3D"gmail_quote">On Thu, Oct 3, 2013 at 5:16 PM, Daniel Lidstrom <= span dir=3D"ltr"><lidstrom83@gmail.com> wrote:
Fair enough, though pe= ople still manage okay with phone numbers.=C2=A0 And a decentralized naming= system seems to come at great cost - with namecoin you need the whole bloc= kchain to resolve names without trust.=C2=A0 Strip out a bell and whistle -= meaningfulness and transferability of names - and you get a simple, rudime= ntary (spam killing!) system that scales on any device.=C2=A0 I'll only= argue that it seems to be Good Enough for the types of people who might= care about=C2=A0decentralized names.=C2=A0 Probably a very small set := )


On Thu, Oct 3, 2013 at 8:00 AM, Mike= Hearn <mike@plan99.net> wrote:
Interesting observation, th= anks.

I'd think any competent implementation of such= an identity scheme would not involve end users directly handling randomize= d nonsense words, however. I always imagined a sacrifice as being a file th= at you make with a GUI tool and load into a browser extension.


On Thu, Oct 3, 2013 at 3:35 PM, Daniel Lidstrom <lidstrom83@gmail.co= m> wrote:
= A couple more thoughts on this:

1) Both c and k can be ke= pt if c is pronounced 'ch', giving ~10.9 bits per phoneme.
2) An extra phoneme (4 encode 43 bits total) gives room to put e= xtra information into the name, e.g. the first 5 bits could be input as the= key to a PRP that permutes the last 38 back to a standard encoding of a tx= location.=C2=A0 This would give the user 32 random names per sacrifice to = choose from, and 38 bits to encode its location in the blockchain, which is= enough for pretty large blocks.

Sample 4 phoneme names:
~milmoz-vyrnyx
~mypnoz-fojzas<= br>~sawfex-bovlec
~fidhut-guvgis
~bobfej-jessuk
~furcos-diwhuw
= ~wokryx-wilrox
~bygbyl-caggos
~vewcyv-jyjsal
~daxsaf-cywkul

They're not that bad IMHO, especially if you get to pick= a decent one from a bunch.


On Thu, Oct 3, 2013 at 3:35 AM, Dan= iel Lidstrom <lidstrom83@gmail.com> wrote:
The location of a tx in the= blockchain can be encoded in n=3Dlog2(h)+log2(t) bits, where h is the bloc= k height, and t is the number of transactions in the block.=C2=A0 Currently= h~250,000 and t~500, so n~27.=C2=A0 A CVC phoneme encodes ~10.7 bits *, so= a transaction today can be located in the blockchain with 3 of these, e.g.= reb-mizvig.=C2=A0 This is reasonably short, readable and memorable.

The identity protocol Jeff Garzik is working on will link a public key = fingerprint to a miner sacrifice transaction.=C2=A0 This tx could in turn b= e uniquely described with a short name as above.=C2=A0 Associating this nam= e with the public key becomes secure once the tx is sufficiently buried in = the blockchain.=C2=A0 In the identity protocol, lightweight clients check t= he validity of a sacrifice tx by checking that its merkle path is valid.=C2= =A0 But this path encodes, via the ordering of the hashes at each level, th= e location of the transaction in the block, so the lightweight client can v= erify the sacrifice tx's short name using only the information he alrea= dy has.

Some more random names:
vec-halhic
wom-vizpyd
guv-zussof
jo= g-copwug
seg-rizges
jyg-somgod
pax-synjem
zyg-zuxdyj
gid-mut= dyj
rel-hyrdaj

Sources of inspiration:
urbit.org
https://en.bitcoin.it/wiki/Identity_protocol_v1

* This is som= ewhat restricted: I disallowed q for obvious reasons and k because it confl= icts with c, and c looks much softer and less like Klingon.=C2=A0 H is allo= wed for the first consonant, but not the second, and x is allowed for the l= ast one, but not the first one.=C2=A0 Y is a vowel, but not a consonant.=C2= =A0 Maybe these weren't quite the right choices.=C2=A0 Paint away!


-----------------------------------------------= -------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most fr= om
the latest Intel processors and coprocessors. See abstracts and register &g= t;
http://pubads.g.doubleclick.net/gam= pad/clk?id=3D60134791&iu=3D/4140/ostg.clktrk
___________________= ____________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment




--001a1132e520d7472004e7d7c0eb--