Co-author of the Bitcoin Optech weekly newsletter (2018-23) and the third edition of Mastering Bitcoin (2023). Brink.dev grant committee member (2022-24) and former board member (2020-22). Lives in Hilo, Hawaii. All opinions are my own.
Public Key
npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu
Profile Code
nprofile1qqsgz07wf388du08kn6xj7l3qv9fpudqk7plrp7n9xqq5nwcd9lewkgpz3mhxue69uhhyetvv9ujuerpd46hxtnfduqs6amnwvaz7tmwdaejumr0dsnsfml3
Author Public Key
npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu Show more details
Published at
2024-07-14T05:52:01+02:00 Event JSON
{
"id": "cc634c65a642d4a873161f916613ae7b1732e061ba13cd9589ddf54915b70311" ,
"pubkey": "813fce4c4e76f1e7b4f4697bf1030a90f1a0b783f187d329800a4dd8697f9759" ,
"created_at": 1720929121 ,
"kind": 0 ,
"tags": [
[
"alt",
"User profile for David A. Harding"
]
],
"content": "{\"name\":\"David A. Harding\",\"picture\":\"https://dtrt.org/img/me-2021-10-15-waterfall.jpg\",\"nip05\":\"[email protected] \",\"about\":\"Co-author of the Bitcoin Optech weekly newsletter (2018-23) and the third edition of Mastering Bitcoin (2023). Brink.dev grant committee member (2022-24) and former board member (2020-22). Lives in Hilo, Hawaii. All opinions are my own.\",\"display_name\":\"David A. Harding\"}" ,
"sig": "f0f55a17203c63ecb8dbaf232f681ca8bdb327580d9591f4d0460f65fb23e677f748557f5b06ef3dbbae869208c244d8e44df763b5318f26c6660e5cb90bb734"
}
Last Notes npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding So you save 50 kb on the query but may receive a response that's bloated by potentially more than 50 kb of unwanted data? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Isn't that 0.01% error rate over the total number of public keys in the set? E.g. if I follow 1,000 out of the 1 million publeys on nostr, I'll get guaranteed updates from my 1k follows plus updates from about 100 random people (1e6 x 0.0001)? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding We'll be covering Dark Skippy in Friday's Optech Newsletter. I'm guessing @nprofile…f4ja would be happy to have you as a guest on the subsequent Recap podcast next Tuesday. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I'm unaware of any evidence of long term storage in any prehistoric society of large amounts of honey or fat. The quantities needed to significantly extend human life during famine are huge and preservation using prehistoric methods was difficult and unreliable. It's much easier to keep animals alive than to store their fat. It's much easier to have bees guard their own honey against predation than to have humans guard it. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Yeah, 1 kg/day in modern times to maintain weight and full fitness sounds right to me. In prehistoric times, the average human was significantly shorter (so lower BMI) and the body will down regulate calorie burn as it enters starvation, so I guessed the minimum requirement during a prehistoric famine was about half, i e. 0.5 kg. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I dunno, you need rather large amounts of them to significantly prolong life during famine, about 0.5 kg/day/person, and you need to protect them from spoilage and insect/animal predation. That only sounds plausible for a static society, but before domestication, only nomadic societies were likely to obtain regular access to honey and non-fish meat. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding How will vbytes and varops interact? There were a lot of problems when we had both bytes and sigops, e.g. invalid block templates. Now, in taproot, we size transactions as max(vbytes, sigops*50 - 50). Which model will varops use? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding No, but it might be useful to track overall address reuse, e.g. what percentage of total BTC supply is in output scripts that have been spent from before. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Anything technical? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding If our civilization is interplanetary, mining will occur when electricity is the cheapest, i.e. near the sun (not the earth). npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I'm jealous. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Yeah, I'll put that on my todo list. Gonna need a bigger home server closet. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I don't understand why I've haven't been able to buy a router in the past decade that just works well continuously and supports more than 4 clients. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Do you think using a donor directed fund would be easier? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Had to send the funds from my Phoenix wallet somewhere and SNI is a resource I frequently use. Can't wait to see the redesign! https://image.nostr.build/3afd2538b3564897fe6bff7136fad114846862ec1930a7949164ae5aa87d45bd.jpg npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I don't think LN-penalty is the main problem here, as the most powerful form of the attack starts by filling channels with as many expiring HTLCs as possible, which is a problem for any channel design. The only solutions I'm aware of are (1) temporary dynamic block size increases, which only increase the cost of the attack by a small multiple, (2) some form of time stop, although that increases the risk of capital losses from the time value of money, and (3) various bond designs, although they upfront accept losses to the time value of money. Of those options, I think bonds may be under explored but I also think that the main downsides of time stop may be almost entirely mitigated by John Law's hierarchical channel factories design, which would involve channels being opened by three parties, with two preferred partners being able to continue exchanging funds in the channel even if the third counterparty initiated a force close that was taking forever due to a time stop. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding The attack you describe was called "forced expiration spam" in the original LN paper. I usually call it an "expiration flood". Other people have other names for it. See https://bitcoinops.org/en/topics/expiration-floods/ npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Re: testnet drama. Last I checked, there was about 1 EH (1,000 PH) of sha256d hashrate for rent through on an easy API. If you really oppose what @npub17u5…t4tp is doing, you can do the following: - Set up a testnet node. - On that node, use the invalidateblock RPC to locally reject blocks that you think Lopp created. - Setup a Stratum v1 server and connect it to your testnet node. - Rent hashrate and point it at your stratum server. That should be enough, but if someone tries to exploit the testnet difficulty drop to create long reorgs, set the time on your testnet node to 119 minutes in the future. But, if you want to be productive, I suggest just switching to signet. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding BIP63 stealth addresses also has a number but no content. The basic idea is simple but one part was problematic and there was no agreement how to work around it. BIP47 payment codes is one way (that many people don't like); proposed BIP352 silent payments is a modern take on the problem that has broader support (but still comes with tradeoffs). npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Man, that's not what I associate the abbreviation GCC with. 🤣 npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding For not the first time, I tried to get Nostr running on my Linux desktop with Firefox and failed. The nos2x-fox extension pegs one of my cores at 100% and the Alby extension wants full access to my LN node to do anything. So, for now, it will continue to be the case that the only time I post or reply on Nostr is when I'm stuck somewhere with only my phone to entertain me. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Suggestions: - Really experiment with public transit in a new place. In places with good taxi service, you can't get stranded, so it's reasonable to just yolo it and not do any route planning when taking the bus/tram/whatever. You'll often discover cool places and nice routes that way. - Find the parks. People in cities do all sorts of cool things in parks that people with large houses and backyards only rarely do in public. There's something magical about being in a public space with thousands of people all having fun and living the best parts of their lives. - Look for a public events calendar, check Meetup, and (if you are willing) Facebook. Lots of people means lots of things happening. - Figure out how to do the things you love even if they seem foreign to the place you are. It's your chance to find amazing people who enjoy those things so much that they're willing to go against the local culture to do them. - Oh, and if you can, go up the stairs and not an elevator. It's good exercise, gives you a sense of agency, and you'll feel awesome each time you reach your floor. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding What about swap in potentiam, which can already used with Phoenix today IIUC? https://bitcoinops.org/en/newsletters/2023/12/20/#:~:text=ZmnSCPxj%20and%20Jesse%20Posner%20proposed,transaction%20while%20it%20is%20offline. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding VanEck also donating: https://www.google.com/amp/s/www.coindesk.com/business/2024/01/05/vaneck-to-donate-5-of-profits-from-btc-etf-to-bitcoin-core-developers/amp/ Disclosure: I'm a member of Brink's grant committee (unpaid). npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Are you sure that's possible with MIT? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding There's an archive here based on the public api: https://github.com/jamesob/delving-bitcoin-archive Code for mirroring yourself: https://github.com/jamesob/discourse-archive This was discussed on the ML: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-November/022142.html npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding What's the fundamental difference between the forum and the existing (centralized) dev mailing lists, which have worked reasonably well for over a decade? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Using gpt4all with "mistral openorca" which is currently on mistral 7b. I did some quick tests with a hosted version of mistral 8x7b and I was super impressed, so I'm really looking forward to getting that locally when it becomes available. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Usually I don't find generative AI useful for writing @npub1hku…432p newsletters. I often don't start out fully understanding the ideas we cover and so I can't tell if what the AI writes is accurate or nonsense. Writing it myself forces me to really think about it, and I can just keep iterating on my draft until it feels accurate (and then it gets peer reviewed). However, this week I'm writing the year in review newsletter and it's fun just pasting in my text from earlier in the year into a LLM running privately on my laptop and asking it to summarize everything into a single paragraph. I can just edit, add links, and I'm done! Whee! npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-April/020242.html npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding There's a history of discussion and implementation here: https://bitcoinops.org/en/topics/anchor-outputs/ The summaries aren't detailed, especially not about motivation, but they do point to some conversations that may have been important at the time but would be a bit hard to find now (e.g., they used the old "simplified commitments" name). See also: https://bitcoinops.org/en/topics/cpfp-carve-out/ npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I've actually bet play money on it having less than 1% at the end of the 2024: https://manifold.markets/harding/will-oceanxyz-find-1-of-the-final-1?r=aGFyZGluZw (A pretty easy stat to fake, so I wouldn't put too much stock in it) npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding That's what I thought before I moved here, now I eat spam all the time and enjoy it. I still hate pineapple though. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding That's not correct. The spenders must send a signed psbt before the receiver gives them a utxo to include. If the spender bails, the receiver can broadcast the signed psbt. Although there's no benefit from the bailing, there's also no loss to either party from it. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I'm pleased to announce that Mastering Bitcoin (3rd edition), co-authored by @aantonop and myself, has been sent to the printer. Ebooks should be available around Nov 15th. Print books should be available by early December. https://dtrt.org/posts/mb3e-announcement/ New chapters and sections of the book cover schnorr signatures, scriptless multisignatures, MAST, P2C, taproot, tapscript, bech32(m), fee management, scriptless threshold signatures, compact block filters, compact blocks, and more. Updates in the third edition include the evolution of Bitcoin scripting, terminology updates, RGB and taproot assets, much more backup and recovery info, and complete witness transaction serialization. Compared to my initial draft, the book has been much improved thanks to comprehensive technical reviews from npub1j5mp526z5fkz9wkrk6mt5nzu43xndyrwkr8mnqngdqwytgcpc5vqcnsd5c Olaoluwa Osuntokun and René Pickhardt. I can't fully express how much gratitude I have for them. All of my royalties from Mastering Bitcoin (3rd ed.) will be donated to @bitcoinbrink to support Bitcoin developers. It's impossible to write about Bitcoin technology without wanting to support the people who build it and then give it to the world for free. This updated book wouldn't have happened without my editors at O'Reilly: Angela Rufino, Michelle Smith, Kristen Brown, and Clare Laylock. Their commitment to giving readers the best possible book shines in every one of the over 500 emails we exchanged during the past 10 months. I also owe a huge thanks to the inimitable Adam Jonas, who did the scariest thing possible to an educational author: introduced me to teachers such as Femi Longe and Dulce Villarreal who will be depending on the book for their classes. Femi, Dulce: I hope it meets expectations! Finally, I have to confess that updating the book took more out of me than I expected. I don't think I could've finished if it hadn't been for the unreserved support and encouragement of my incredible partner. Thank you, Amanda. I love you. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I hope so. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Chapter 10 of Mastering Bitcoin (3rd edition) has now been sent to my editor. This chapter is about the P2P network. Major additions include BIP152 compact block relay and BIP157/8 compact block filters. https://nostr.build/i/df92cd309d31f0dcc1bad6c27c98740c28cef57fbe1ec1e79773653a87e18ea1.jpg npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Just tried Bard and there was misinformation in every answer it gave me. ChatGPT gets lots of stuff wrong too, but I think Bard is about an order of magnitude worse. Unless my anecdotal experience is non-typical, I'm amazed Google is encouraging people to use this thing.---it just makes me think that Google is losing it. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Left a reply about what I think might be the issue: https://github.com/JoinMarket-Org/joinmarket-clientserver/issues/1465#issuecomment-1546706665 npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Status update #2 on Mastering Bitcoin, 3rd edition: I sent my editor the first draft of Chapter 9 about transaction fees. This chapter consists of 90% new material. It describes the basic principles of Bitcoin's fee (block space) market, fee estimation, fee bumping (both CPFP and RBF, with a infobox about opt-in RBF vs full RBF), transaction pinning, CPFP carve out, and package relay. Sections from the previous edition's Transactions chapter about fees being implicit in a transaction and (anti) fee sniping are moved to this chapter. This is the last planned major change from the 2nd edition, so I'm hoping to finish the remaining chapters pretty quick. https://nostr.build/i/c6852d791e2c80b3d1cc31833be2ec878f8736d16a42ae413802b6314d615c1b.jpg npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding What prevents an image server from adding an identical-appearing watermark to an alternative image? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I'm not a "screw you" kinda guy, so when I couldn't write short, I usually wrote nothing at all. Sometimes, in retrospect, that was a good call, but it other cases it just meant that misinformation stayed out there or it received a "screw you" or other unhelpful response from someone else. I think brevity should be encouraged but not required. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Unfortunately, with stock BIP158, you can't avoid monitoring for reused addresses until you've spent all the coins you want to spend that you previously received to those addresses. That's because BIP158 "basic" filters use the output scriptPubKey to track both receiving bitcoins and spending them. For example, Alice receives some bitcoins to bc1pfoo in a transaction in a block. The filter for that block commits to OP_0 foo. Later, Alice spends that transaction output. The filter for that later block also commits to OP_0 foo. If, in between those two blocks, someone else sent bitcoins to bc1pfoo, then the filter for that block would also commit to OP_0 foo. It wouldn't be possible for Alice's wallet to determine whether the filter made that commitment because new bitcoins were received to bc1pfoo or because of a spend of the bitcoins she had previously received. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding It depends a lot on the threat model. Let's consider two scenarios: 1. Mallory is monitoring all traffic to a given IP address (no Tor, or Tor is completely broken) and wants to learn which outputs it controls. Every transaction downloaded by that IP address which doesn't belong to its wallet increases the anonymity set of the transactions which do belong to that IP addresses's wallet. Because BIP157/8 involves downloading whole blocks (typically a few thousand transactions), it would create decent-sized anonymity sets even if there was never a false positive; adding the occasional false positive block just improves that. By comparison, Bitcoin Core is like having a 100% false positive rate; now the anonymity set is every transaction in the entire best block chain. 2. Mallory knows a Bitcoin address and wants to find the IP address of the wallet controlling that Bitcoin address (again, no Tor). If Mallory has the ability to surveil IP addresses that the wallet might be using, she can spent a tiny bit of money to that address to get the wallet to download that block. Many other wallets will also download that block, either because they had transactions in it or because of the false positive rate, so that's the initial anonymity set. Mallory can then send another tiny bit of money to the address. The wallet she's interested in will download that new block but many of the other wallets which previously downloaded it won't (they didn't have a tx in that block or it wasn't a false positive for them). This shrinks the anonymity set. Each time Mallory sends a bit more money to the address, the anonymity set shrinks further, until she finds the IP address. By comparison, Bitcoin Core is immune to this attack. It downloads every seemingly-valid block unconditionally. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I disagree about there not being any privacy benefit. Every Wasabi instance that's paired with a local node performs exactly the same non-coinjoin/non-broadcasting network operations, making it impossible to use network activity to determine which instance received which transaction outputs. (This is called information theoretic perfect privacy.) Wasabi instances that use BIP157/8 compact block filters each perform different network operations depending on their transaction history. These operations are performed over Tor, with Wasabi frequently rotating network identities, which defeats simple attacks---but is still far from perfect. If the threat model includes global passive surveillance, record-now-decrypt-when-post-quantum surveillance, crypto or protocol vulnerabilities in Tor or Wasabi, or other threats, then it may be possible to identify the IP address of a wallet controlling a certain address. More importantly "it only saves a bit of bandwidth and storage" ignores what is, to me, the primary benefit of running a full node: the assurance that the bitcoins you receive have all the characteristics necessary to make them easy to sell in the future, specifically that every previous transfer of those bitcoins was valid according to the consensus rules and that all of those transfers are documented on the block chain currently known to have the most proof of work. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding What's anti-klepto? npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Want? Yes. Should? Probably not. Keeping on top of Bitcoin and LN is already more than full time some weeks (including this week, alas). npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I'd definitely read that. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I think that's kind of an interesting dynamic. One one hand, if you have >50% of hash rate in the US, then you have a ~$5 billion/yr industry that at least some politicians are going to want to keep happy. On the other hand, if the censorship is egregious, either the value of BTC is going to drop (contracting the industry) or some users are going to switch to a new PoW function (possibly decimating the industry). It's kind of the same dynamic you get from regulating industry in general, e.g. raising local minimum wage, but the feedback loop in Bitcoin is currently much faster than most industries, so the same politician who's in power when the problem is created is likely to still be in power when the problem manifests. npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding ❤❤❤ npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding I had the same thought when reading that book, although I rather enjoyed the rest. But during the Money chapter, I was thinking, "nah, I like Szabo's theory way better". npub1syluunzwwmc70d85d9alzqc2jrc6pdur7xrax2vqpfxas6tljavsa46ksu David A. Harding Status update on Mastering Bitcoin, 3rd edition: yesterday I sent my editor the first draft of Chapter 8 about digital signatures. In addition to small revisions from the second edition about ECDSA and sighashes, the draft now describes schnorr signatures, scriptless multisignatures, and scriptless threshold signatures. Plus there's now a description of the major differences between ECDSA and schnorr signatures. If I finish the remaining 6 chapters early, I hope to come back and add some information about signature adaptors. https://nostr.build/i/nostr.build_99363bf600b1feb48496720c58d17376ffb68da065170522eee9f1dd74245e48.png