2010-07-24 04:04:20 UTC - Re: Reading/Writing Blocks and FLATDATA #

BitcoinTalk

Re: Reading/Writing Blocks and FLATDATA

2010-07-24 04:04:20 UTC - Original Post

FLATDATA was a workaround to serialize a fixed field length array. There was a cleaner way to make it understand how to serialize arrays directly, but MSVC6 couldn’t do it and I wanted to keep compatibility with MSVC6 at that time. We don’t support MSVC6 anymore because we use something in Boost that doesn’t. We lost support for it after 0.2.0. Maybe someday I’ll swap in the clean way that just knows how to serialize fixed length arrays without wrapping them in FLATDATA.

2010-07-25 14:46:33 UTC - Re: a simple traffic load test run #

original post Was that on the test network? http://bitcointalk.org/index.php?topic=363.0

2010-07-25 15:29:52 UTC - Re: a simple traffic load test run #

BitcoinTalk

Re: a simple traffic load test run

2010-07-25 15:29:52 UTC - Original Post

Please do these tests on the test network. That’s what it’s for. Thanks.

2010-07-25 16:55:09 UTC - Bitcoin 0.3.3 released – PLEASE UPGRADE #

BitcoinTalk

Bitcoin 0.3.3 released – PLEASE UPGRADE

2010-07-25 16:55:09 UTC - Original Post

Please upgrade to 0.3.3! Important security improvements were made in 0.3.2 and 0.3.3.

New features:

• Gavin Andresen’s HTTP authentication to secure JSON-RPC
  
• 5x faster initial block download, under 30 minutes

2010-07-25 17:45:22 UTC - Re: Stealing Coins #

It’s best if you tell it to me privately so it can be fixed first.

I just e-mailed you my e-mail address. (or you could PM me here)

2010-07-25 19:06:23 UTC - Re: Stealing Coins #

Red, thanks for telling me privately first! Please go ahead and post it (and relieve the suspense for everyone!)

His point is that transactions paid to a Bitcoin Address are only as secure as the hash function. To make Bitcoin Addresses short, they are a hash of the public key, not the public key itself. An attacker would only have to break the hash function, not ECDSA.

2010-07-25 20:01:40 UTC - Re: Stealing Coins #

Quote from: knightmb on July 25, 2010, 07:44:02 PM

If I figure out that Public Key 123456 generates Hash ABCD
and
Public Key 654321 also generates Hash ABCD
I’m still left without the Private Key.

But from what you are saying, all I need is Public Key 654321 and I can spend coin pretending to be Public Key 123456.\

\ You would still have to sign it with public key 654321. You need to find a collision using a public key for which you know the private key.

When you claim a Bitcoin Address transaction, you give your public key that matches the hash, then you must sign it with that key.

Red’s point is that it’s easy to quickly generate insecure public keys which you could break and find the private key after you find a collision.

He points out that if the public key was required to be a secure one, one which must have required significant work to find the prime numbers, that would increase the strength above that of the hash function alone. Someone trying to brute force would have to take time generating a key for each attempt.

2010-07-25 20:48:01 UTC - Re: Stealing Coins #

Quote Here is a paper that claims to find SHA-1 collisions in 2^52 crypto operations. And optimally secure hash would take 2^80 operations. 2^52 time is still large, but it is getting into cluster and botnet range.
2^80 is if you can use a birthday attack. You can’t use a birthday attack for this, so the difficulty is the full 2^160 bits. Although, if you were trying to crack any one of 1 million (2^20) transactions, you could do a partial birthday attack 2^160/2^20 = 2^140.

Bitcoin Addresses are the only place where 160-bit hash is used. Everything else is SHA-256. They’re calculated as:

bitcoinaddress = RIPEMD-160(SHA-256(publickey))

Correct me if I’m wrong (please, and I’ll gladly eat crow) but I think it would be hard to use an analytical attack on RIPEMD-160 in this case. An analytical attack prescribes a certain range or pattern of inputs to try that will greatly increase your chance of finding a collision. Here, you don’t have that kind of control over RIPEMD-160’s input, because the input is the output of SHA-256. If an analytical attack helps you find an input to RIPEMD-160 that produces a collision, what are you going to do with it? You still have to get SHA-256 to output that value, so you would still have to break SHA-256 too.

For brute force, RIPEMD-160(SHA-256(x)) is no stronger than RIPEMD-160 alone. But for analytical attack, it seems like you must analytical attack both RIPEMD-160 and SHA-256. If I’m wrong, then the strength is the same as RIPEMD-160 and the SHA-256 only serves as one round of key strengthening.

2010-07-25 21:34:29 UTC - Re: JSON-RPC password #

Quote from: lachesis on July 25, 2010, 07:52:35 PM

I found what appears to be a bug: with a long enough username and password combination, the base64 encoder in bitcoind produces authorization headers that look like this:

Code: …
Authorization: Basic YWJiYWJiYWFiYmE6aGVsbG93b3JsZGhlbGxvd29ybGRoZWxsb3dvcmxkaGVsbG93
b3JsZGhlbGxvd29ybGRoZWxsb3dvcmxk

It inserts a newline every 64 characters, which obviously breaks the Authorization header, so commands like “bitcoin getinfo” fail. The server still works fine with properly behaving clients.

This can be solved by removing the newlines (and maybe ‘’s) from result at the end of the Base64Encode function:

Code: result.erase(std::remove(result.begin(), result.end(), ’ ‘), result.end());
result.erase(std::remove(result.begin(), result.end(), ‘’), result.end());

+1 to you for having such a long password that you found this bug.

Uploaded to SVN as rev 110.

2010-07-25 21:44:16 UTC - Re: JSON-RPC password #

Quote from: BitLex on July 25, 2010, 08:45:38 PM

i got some problems here too trying to get this run on PHP.
so far i had no luck, neither the wiki-sample (jsonRPCClient trying to fopen( http://username:password@localhost:8332/)), nor my curl-sample (using setopt CURLOPT_HTTPAUTH, CURLAUTH_BASIC) seem to work.

That’s strange, didn’t someone just say that was supposed to work? (what library was he using?) Post if you figure out what wrong.

I hope it’s not going to put up this much of a fight for all PHP users.

Looks like we’ve got the Fortran scenario already.

2010-07-25 21:51:31 UTC - Re: JSON-RPC password #

Great catch! Simpler fix is to specify the BIO_FLAGS_BASE64_NO_NL in the rpc.cpp/EncodeBase64 function

2010-07-25 22:06:57 UTC - Re: md5? #

For future reference, here’s my public key. It’s the same one that’s been there since the bitcoin.org site first went up in 2008. Grab it now in case you need it later.

http://www.bitcoin.org/Satoshi_Nakamoto.asc

2010-07-25 22:27:36 UTC - Re: Stealing Coins #

Sorry, actually it’s ECDSA (Elliptic Curve Digital Signature Algorithm) not RSA. I shouldn’t have said “prime numbers”. ECDSA doesn’t take much time to generate a keypair.

2010-07-26 17:23:33 UTC - bitcoind without wxWidgets #

I replaced the last of the few wxBase dependencies in bitcoind.

bitcoind now compiles without wxWidgets or wxBase in SVN rev 112.

main(int argc, char* argv[]) is added to init.cpp. CMyApp and the Startup folder stuff are moved to ui.cpp. ui.cpp and uibase.cpp aren’t linked by bitcoind.

The makefiles have -DGUI to control whether the GUI is used.

I test compiled MinGW, VC and Ubuntu. I don’t know if I broke the Mac OSX build, someone will need to check that.

2010-07-26 18:41:31 UTC - Re: Bitcoin x64 for Windows #

BitcoinTalk

Re: Bitcoin x64 for Windows

2010-07-26 18:41:31 UTC - Original Post

Quote from: Olipro on July 26, 2010, 06:39:17 AM

Credit to tcatm for the caching part of the SHA context - this offers absolutely brilliant performance. Additionally, the Intel compiler really comes into its own here as its parallelisation abilities give a massive performance boost over Visual Studio.

Performance: 4700khash/s on 4 cores, I think that speaks for itself.

I’ve included both the VS and Intel build, but there’s really no comparison, the Intel build craps all over VS.

Is that still starting from Crypto++? Lets get this into the main sourcecode.

2010-07-27 01:29:42 UTC - Re: Bitcoin x86 for Windows #

BitcoinTalk

Re: Bitcoin x86 for Windows

2010-07-27 01:29:42 UTC - Original Post

Quote from: Olipro on July 26, 2010, 01:04:41 PM

Crypto++ 5.6.0: http://www.cryptopp.com/
Cached SHA256: http://pastebin.com/rJAYZJ32 (although I’m pretty sure this is publically submitted elsewhere, I was linked to it on IRC)

I added the cached SHA256 state idea to the SVN, rev 113. The speedup is about 70%. I credited it to tcatm based on your post in the x64 thread.

I can compile the Crypto++ 5.6.0 ASM SHA code with MinGW but as soon as it runs it crashes. It says its for MASM (Microsoft’s assembler) and the sample command line they give looks like Visual C++. Does it only work with the MSVC and Intel compilers?

2010-07-27 03:04:58 UTC - Re: Proof-of-work difficulty increasing #

New difficulty factor 244.213223092
+35%

I updated the first post.

date, difficulty factor, % change
2009 1.00
30/12/2009 1.18 +18%
11/01/2010 1.31 +11%
25/01/2010 1.34 +2%
04/02/2010 1.82 +36%
14/02/2010 2.53 +39%
24/02/2010 3.78 +49%
08/03/2010 4.53 +20%
21/03/2010 4.57 +9%
01/04/2010 6.09 +33%
12/04/2010 7.82 +28%
21/04/2010 11.46 +47%
04/05/2010 12.85 +12%
19/05/2010 11.85 -8%
29/05/2010 16.62 +40%
11/06/2010 17.38 +5%
24/06/2010 19.41 +12%
06/07/2010 23.50 +21%
13/07/2010 45.38 +93%
16/07/2010 181.54 +300%
27/07/2010 244.21 +35%

2010-07-27 18:27:30 UTC - Re: Bitcoin x86 for Windows #

BitcoinTalk

Re: Bitcoin x86 for Windows

2010-07-27 18:27:30 UTC - Original Post

Quote from: BlackEye on July 25, 2010, 10:12:23 PM

I was able to integrate the SHA256 functionality from Crypto++ 5.6.0 into Bitcoin. This is the fastest SHA256 yet using the SSE2 assembly code. Since Bitcoin was sending unaligned data to the block hash function, I had to change the MOVDQA instruction to MOVDQU.

I think using the SHA256 functionality from Crypto++ 5.6.0 is the way forward right now.

I added a subset of the Crypto++ 5.6.0 library to the SVN. I stripped it down to just SHA and 11 general dependency files. There shouldn’t be any other crypto in there other than SHA.

I aligned the data fields and it worked. The ASM SHA-256 is about 48% faster. The combined speedup is about 2.5x faster than version 0.3.3.

I guess it’s using SSE2. It automatically sets its build configuration at compile time based on the compiler environment.

It looks like it has some SSE2 detection at runtime, but it’s hard to tell if it actually uses it to fall back if it’s not available. I want the release builds to have SSE2. SSE2 has been around since the first Pentium 4. A Pentium 3 or older would be so slow, you’d be wasting your electricity trying to generate on it anyway.

This is SVN rev 114.

2010-07-27 19:47:42 UTC - Re: Bitcoin x86 for Windows #

BitcoinTalk

Re: Bitcoin x86 for Windows

2010-07-27 19:47:42 UTC - Original Post

OK, thanks. I’d also like to know if it runs fine as long as you don’t turn on Generate. You’d think as long as it doesn’t actually execute any SSE2 instructions, it would still load. At least Pentium 3’s could run it without generating.

2010-07-28 20:58:26 UTC - Re: Having problems specifing -datadir #

BitcoinTalk

Re: Having problems specifing -datadir

2010-07-28 20:58:26 UTC - Original Post

It was able to reproduce this. The database doesn’t like the relative path.

“bitcoind -datadir=./subdir getinfo” works against a running daemon, but trying to start the daemon as “bitcoind -datadir=./subdir” gets that exception.

I guess we should resolve the full path before passing it to the database.

It looks like you were the first one to ever use -datadir with a relative path.

2010-07-28 21:23:23 UTC - Re: Build error SVN r115 on my Mac: workaround #

BitcoinTalk

Re: Build error SVN r115 on my Mac: workaround

2010-07-28 21:23:23 UTC - Original Post

Was that the only thing I broke in the OSX build?! Does it actually work after just that one change?

I had to do that for makefile.vc also. It compiled, but SHA-256 didn’t work correctly; it returned the same incorrect hash each time.

We’ll disable it now, and if anyone figures out how to fix it, we can re-enable it then. It’s still 1.7x faster from the midstate optimisation.

The Crypto++ ASM SHA-256 works with GCC on Linux and Windows (MinGW).

I uploaded this makefile.osx change to SVN. (let me know if that compiles now)

2010-07-29 01:16:23 UTC - Re: Difficulty #

You were looking at the wrong code. Here’s the code that applies:

Code: bool CBlock::CheckBlock() const
{
…
// Check timestamp
if (nTime > GetAdjustedTime() + 2 * 60 * 60)
return error(“CheckBlock() : block timestamp too far in the future”);
…

bool CBlock::AcceptBlock()
{
…
// Check timestamp against prev
if (nTime <= pindexPrev->GetMedianTimePast())
return error(“AcceptBlock() : block’s timestamp is too early”);

The timestamp is limited to up to 2 hours in the future. It can be earlier than the previous block, but it must be greater than the median of the last 11 blocks. The reason for doing it that way is so the time can get corrected in the next block if the previous block had the time too far in the future, like what happened.

2010-07-29 02:00:38 UTC - Re: Scalability and transaction rate #

BitcoinTalk

Re: Scalability and transaction rate

2010-07-29 02:00:38 UTC - Original Post

The current system where every user is a network node is not the intended configuration for large scale. That would be like every Usenet user runs their own NNTP server. The design supports letting users just be users. The more burden it is to run a node, the fewer nodes there will be. Those few nodes will be big server farms. The rest will be client nodes that only do transactions and don’t generate.

Quote from: bytemaster on July 28, 2010, 08:59:42 PM

Besides, 10 minutes is too long to verify that payment is good. It needs to be as fast as swiping a credit card is today.

See the snack machine thread, I outline how a payment processor could verify payments well enough, actually really well (much lower fraud rate than credit cards), in something like 10 seconds or less. If you don’t believe me or don’t get it, I don’t have time to try to convince you, sorry.
http://bitcointalk.org/index.php?topic=423.msg3819#msg3819

2010-07-29 02:10:46 UTC - Re: wiki registration email? #

WTF? How did we get on that? AFAIK, the only e-mail is if you tell the forum to do notifications, and I guess the wiki registration. I’d consider turning off the forum notification e-mails, I don’t know why we have that.

2010-07-29 19:13:06 UTC - ALERT Upgrade to 0.3.6 #

BitcoinTalk ALERT Upgrade to 0.3.6

2010-07-29 19:13:06 UTC - Original Post

Please upgrade to 0.3.6 ASAP! We fixed an implementation bug where it was possible that bogus transactions could be displayed as accepted. Do not accept Bitcoin transactions as payment until you upgrade to version 0.3.6!

If you can’t upgrade to 0.3.6 right away, it’s best to shut down your Bitcoin node until you do.

Also in 0.3.6, faster hashing:

• midstate cache optimisation thanks to tcatm
  
• Crypto++ ASM SHA-256 thanks to BlackEye
  

Total generating speedup 2.4x faster.

Download:
http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.6/

Windows and Linux users: if you got 0.3.5 you still need to upgrade to 0.3.6.

2010-07-29 19:55:51 UTC - Re: ALERT version 0.3.6 #

BitcoinTalk

Re: ALERT version 0.3.6

2010-07-29 19:55:51 UTC - Original Post

Haven’t had time to update the SVN yet. Wait for 0.3.6, I’m building it now. You can shut down your node in the meantime.

2010-07-29 20:30:15 UTC - Re: ALERT version 0.3.6 #

BitcoinTalk

Re: ALERT version 0.3.6

2010-07-29 20:30:15 UTC - Original Post

SVN is updated with version 0.3.6.

Uploading Windows build of 0.3.6 to Sourceforge now, then will rebuild linux.

2010-07-29 21:20:38 UTC - Re: ALERT Upgrade to 0.3.6 ASAP! #

BitcoinTalk

Re: ALERT Upgrade to 0.3.6 ASAP!

2010-07-29 21:20:38 UTC - Original Post

0.3.6 Linux build is back to the old makefile.unix. It static links libjpeg so that shouldn’t be a problem.

Is that working better?

If you got 22DbRunRecoveryException and you’ve used someone else’s build before, you may need to delete (or move the files somewhere else) database/log.000000*

Windows and Linux users: if you got 0.3.5 you still need to upgrade to 0.3.6.

2010-07-29 21:43:15 UTC - Re: ALERT Upgrade to 0.3.6 ASAP! #

BitcoinTalk

Re: ALERT Upgrade to 0.3.6 ASAP!

2010-07-29 21:43:15 UTC - Original Post

“./bitcoin: /lib64/libc.so.6: version `GLIBC_2.11’ not found (required by ./bitcoin)” isn’t a new problem that started with 0.3.6 is it? This was built on the same OS installations as 0.3.0.

Unfortunately I upgraded to Ubuntu 10.04 before 0.3.0. I will not upgrade anymore. I don’t know when I might have time to reinstall to downgrade, but at least by not upgrading, it’ll gradually fix itself.

2010-07-29 22:04:15 UTC - Re: Implementation bug prior to 0.3.6 #

BitcoinTalk

Re: Implementation bug prior to 0.3.6

2010-07-29 22:04:15 UTC - Original Post

Actually, it works well to just PM me. I’m the one who’s going to be fixing it. If you find a security flaw, I would definitely like to hear from you privately to fix it before it goes public.

2010-07-29 22:08:31 UTC - Re: Transaction disappeared in the void… #

BitcoinTalk

Re: Transaction disappeared in the void…

2010-07-29 22:08:31 UTC - Original Post

If the transaction didn’t go out immediately at first, like if you weren’t connected at the time, it may take up to 2 hours to resend it. Long term, it does keep relentlessly sending it.

I’ll shorten that length of time in a future version.

You do need to have downloaded the complete block chain (currently 71040 blocks) before you’ll see any confirms. Same with the recipient.

2010-07-29 22:17:24 UTC - Re: Linux distribution download #

Yeah, acutely aware that I should have stayed on 9.04 or 9.10. It’s a lot more work to downgrade than upgrade and I’ve been squeezed for time. Ubuntu is the most popular distro, so I’m staying with that.

2010-07-29 23:12:12 UTC - Re: ALERT Upgrade to 0.3.6 ASAP! #

BitcoinTalk

Re: ALERT Upgrade to 0.3.6 ASAP!

2010-07-29 23:12:12 UTC - Original Post

Quote from: lachesis on July 29, 2010, 10:14:36 PM

On Debian testing 32-bit, I get a few build errors, all resembling:

Code: script.cpp:114: error: \u0091OP_NOP1\u0092 was not declared in this scope

I got these when attempting to “make bitcoind” without “make clean” or “make” first. It looks like the bitcoind build instructions don’t compile the headers first, but they also don’t delete the headers.h.gch, so the old headers are used if present.

If anyone else gets this error, the simplest solution is to “make clean” and retry the build.

We don’t really need pre-compiled header. It only makes it compile slightly faster. I think I’ll just get rid of it. Even still, you’d still need to remember to “make -f makefile.unix clean” or delete headers.h.gch one more time to get rid of the leftover file.

Damn that GLIBC_2.11. I thought I’d been careful not to accept any of the updates.

2010-07-30 06:02:38 UTC - [bitcoin-list] Alert: upgrade to bitcoin 0.3.6 #

bitcoin-list

[bitcoin-list] Alert: upgrade to bitcoin 0.3.6

2010-07-30 06:02:38 UTC - Original Email -

Please upgrade to 0.3.6 ASAP to get an important bugfix.

See the bitcoin.org homepage for download links.

2010-07-30 19:19:05 UTC - Re: Bug: “Immature” coins lost in wallet.dat during transaction #

BitcoinTalk

Re: Bug: “Immature” coins lost in wallet.dat during transaction

2010-07-30 19:19:05 UTC - Original Post

I don’t get how it let you send if it was not matured. Your balance would have been lower than the amount. It would have said balance 0.01, right? If I try that it says “you don’t have enough money” or “Insufficient funds” from the command line.

How many blocks did it say it had left to mature when you sent?

There’s a chance it might still go through.

Have you copied or moved your wallet.dat in any way?

2010-07-30 19:40:54 UTC - Re: [PATCH] implement ’listtransactions’ #

What are you needing to use listtransactions for?

The reason I didn’t implement listtransactions is I want to make sure web programmers don’t use it. It would be very easy to latch onto that for watching for received payments. There is no reliable way to do it that way and make sure nothing can slip through the cracks. Until we have solid example code using getreceivedbyaddress and getreceivedbylabel to point to and say “use this! use this! don’t use listtransactions!”, I don’t think we should implement listtransactions.

When we do implement listtransactions, maybe one way to fight that is to make it all text. It should not break down the fields into e.g. comment, confirmations, credit, debit. It could be one pretty formatted string like “0/unconfirmed 0:0:0 date comment debit 4 credit 0” or something so it’s hard for programmers to do the wrong thing and process it. It’s only for viewing the status of your server. I guess that would be kinda annoying for web interfaces that would rather format it into html columns though.

2010-07-30 19:53:06 UTC - Re: ALERT Upgrade to 0.3.6 ASAP! #

BitcoinTalk

Re: ALERT Upgrade to 0.3.6 ASAP!

2010-07-30 19:53:06 UTC - Original Post

Quote from: knightmb on July 30, 2010, 07:24:07 PM

I can only imagine the pain you went through to get these builds because I’m trying to build the program on a Ubuntu 9.04 box and so far I can’t seem to find all the dependencies to compile no matter how much I keep installing packages and compiling source, LOL.

I can’t understand why you’re having so much pain. I just followed the instructions in build-unix.txt. I made a couple little corrections for Boost 1.37, which I’ll put on SVN the next time I update it, noted below:

Dependencies
————

sudo apt-get install build-essential
sudo apt-get install libgtk2.0-dev
sudo apt-get install libssl-dev
sudo apt-get install libdb4.7-dev
sudo apt-get install libdb4.7++-dev
sudo apt-get install libboost-all-dev (or libboost1.37-dev)

cd /usr/local
tar -xzvf wxWidgets-2.9.0.tar.gz
cd /usr/local/wxWidgets-2.9.0
mkdir buildgtk
cd buildgtk
../configure --with-gtk --enable-debug --disable-shared --enable-monolithic
make
sudo su
make install
ldconfig

LIBS=
-Wl,-Bstatic
-l boost_system
-l boost_filesystem
-l boost_program_options
-l boost_thread
-l db_cxx
-l crypto
-Wl,-Bdynamic
-l gthread-2.0

2010-07-30 21:44:04 UTC - Re: ALERT Upgrade to 0.3.6 ASAP! #

BitcoinTalk

Re: ALERT Upgrade to 0.3.6 ASAP!

2010-07-30 21:44:04 UTC - Original Post

Quote from: knightmb on July 30, 2010, 08:04:19 PM

So that last command should simply be
sudo apt-get install libboost1.37-dev

Except that wouldn’t work for boost 1.40+ (on Ubuntu 10.04), where you need to get libboost-all-dev.

Seems they changed everything around in Boost recently, “-mt” and all that, makes it hard.

BTW, I tried Boost 1.34 but it didn’t have the boost.interprocess stuff.

Mac OSX version is available now. See bitcoin.org or the SourceForge link.

2010-07-31 00:29:20 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-07-31 00:29:20 UTC - Original Post

That’s amazing…

So are you saying you use 128-bit registers to SIMD four 32-bit data at once? I’ve wondered about that for a long time, but I didn’t think it would be possible due to addition carrying into the neighbour’s value.

2010-07-31 01:32:08 UTC - Webpage idea: Next predicted difficulty change #

BitcoinTalk

Webpage idea: Next predicted difficulty change

2010-07-31 01:32:08 UTC - Original Post

It would be neat if someone had a page (like that handy calculator at http://www.alloscomp.com/bitcoin/calculator.php) that projects what the next difficulty adjustment will be.

projected difficulty adjustment multiplier =

blocks_since_last_adjustment / 2016
————————————
time_since_last_adjustment / 14_days

For instance, if it already got half way to the next adjustment in only 3.5 days instead of 7, we would expect difficulty to double:

(1008/2016) / (3.5/14) = 0.5/0.25 = 2.0

Also, it could show the predicted time when the next adjustment will occur, and tell when the last adjustment was and how much it changed.

2010-07-31 14:38:52 UTC - Re: Linux distribution download #

https://bitcointalk.org/index.php?topic=612.msg6822#msg6822 It can be built with Boost 1.37 or later.

2010-08-02 17:39:27 UTC - Re: Linux version => No GUI after upgrade. WTF? #

BitcoinTalk

Re: Linux version => No GUI after upgrade. WTF?

2010-08-02 17:39:27 UTC - Original Post

Did it print anything to the console? Are you sure you didn’t run “bitcoind”?

Try version 0.3.7.

2010-08-02 18:02:20 UTC - Re: Mac Client Problems Outlined… #

BitcoinTalk

Re: Mac Client Problems Outlined…

2010-08-02 18:02:20 UTC - Original Post

“Minimize to the tray instead of the taskbar” & “Minimize to the tray on close” must not be implemented yet on the Mac. We should grey them out in the next version.

2010-08-02 19:02:46 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-02 19:02:46 UTC - Original Post

Is it 2x fast on AMD and 1/2 fast on Intel?

Quote from: tcatm on July 31, 2010, 10:12:38 AM

Btw. Why are you using this alignup<16> function when attribute ((aligned (16))) will tell the compiler to align at compiletime?

Tried that, but it doesn’t work for things on the stack. I ran some tests.

It doesn’t even cause an error, it just doesn’t align it.

2010-08-02 20:22:08 UTC - Re: Protocol Buffers for Bitcoin #

BitcoinTalk

Re: Protocol Buffers for Bitcoin

2010-08-02 20:22:08 UTC - Original Post

The reason I didn’t use protocol buffers or boost serialization is because they looked too complex to make absolutely airtight and secure. Their code is too large to read and be sure that there’s no way to form an input that would do something unexpected.

I hate reinventing the wheel and only resorted to writing my own serialization routines reluctantly. The serialization format we have is as dead simple and flat as possible. There is no extra freedom in the way the input stream is formed. At each point, the next field in the data structure is expected. The only choices given are those that the receiver is expecting. There is versioning so upgrades are possible.

CAddress is about the only object with significant reserved space in it. (about 7 bytes for flags and 12 bytes for possible future IPv6 expansion)

The larger things we have like blocks and transactions can’t be optimized much more for size. The bulk of their data is hashes and keys and signatures, which are uncompressible. The serialization overhead is very small, usually 1 byte for size fields.

On Gavin’s idea about an existing P2P broadcast infrastructure, I doubt one exists. There are few P2P systems that only need broadcast. There are some libraries like Chord that try to provide a distributed hash table infrastructure, but that’s a huge difficult problem that we don’t need or want. Those libraries are also much harder to install than ourselves.

2010-08-03 20:56:11 UTC - Re: Builds for Ubuntu? #

Is satoshi noWx patch in 0.3.7 already? Before that bitcoind required wx, and I never seen Satoshi announcing that it’s in trunk

2010-08-03 21:05:08 UTC - Re: Bitcoind x86 binary for CentOS #

BitcoinTalk

Re: Bitcoind x86 binary for CentOS

2010-08-03 21:05:08 UTC - Original Post

Quote from: sgtstein on August 03, 2010, 05:30:37 PM

I have successfully built it with 4.8, 4.7 never would but with 4.8 bitcoind locks up whenever it dumps the initial block download to disk.

I urge you not to use BDB 4.8. The database/log0000* files will be incompatible if anyone uses your build and then goes back to the official build.

2010-08-03 21:26:26 UTC - Re: Content-Length header and 500 (was Re: Authentication, JSON RPC and Python) #

BitcoinTalk

Re: Content-Length header and 500 (was Re: Authentication, JSON RPC and Python)

2010-08-03 21:26:26 UTC - Original Post

Quote from: gavinandresen on August 03, 2010, 06:56:44 PM Quote from: jgarzik on August 03, 2010, 06:09:08 PM

bitcoin requires the Content-Length header, but several JSON-RPC libraries do not provide it. When the Content-Length header is absent, bitcoin returns 500 Internal Server Error.

Can you be more specific about which JSON libraries don’t provide Content-Length ? It’d be nice to document that.

I guess we should try to support the case where there’s no Content-Length parameter. I don’t want to rip and replace streams though, even if it has to read one character at a time.

Edit: That is, assuming there actually are any libraries that don’t support Content-Length.

2010-08-03 22:45:07 UTC - Re: What happens when network is split for prolonged time and reconnected? #

BitcoinTalk

Re: What happens when network is split for prolonged time and reconnected?

2010-08-03 22:45:07 UTC - Original Post

creighto: I agree with that idea. After a few hours, it should be possible for the client to notice if the flow of blocks has dropped off by more than would be likely just by chance. It could tell if it’s not hearing the hum of the world anymore.

Quote from: knightmb on August 03, 2010, 07:02:13 PM Quote from: gavinandresen on August 03, 2010, 06:38:44 PM

Or if the split lasted long enough (more than 100 blocks), transactions that involve generated coins on the shorter chain would be invalid at the merge.

Interesting info, so other than some double-spending issues, as long as the block chain isn’t separated for more than 100 or so blocks (or 16+ hours),

In practice, splits are likely to be very asymmetrical. It would be hard to split the world down the middle. More likely it would be a single country vs the rest of the world, lets say a 1:10 split. In that case, it would take the minority fork 10 times as long to generate 100 blocks, so about 7 days. Also it would be super easy for the client to realize it’s hearing way too few blocks and something must be wrong.

Quote from: knightmb on August 03, 2010, 07:02:13 PM

If there a hard coded limit on split delay? Meaning if I had a small network split from the public network, spent some coin around, came back a few days later and got them sync up to the public network (other than coin generation if it happened) transactions should be fine?

There’s no time limit. Assuming you weren’t spending coins generated in the minority fork, or spending someone’s double-spends you received, your transactions can get into the other chain at any time later.

2010-08-03 23:40:18 UTC - Please upgrade to 0.3.8! #

Version 0.3.8 adds an important security improvement. Everyone should upgrade to get this change.

The new safety feature displays a warning message in the status bar and locks down RPC if it detects a problem that may require an upgrade.

If it sees a longer chain, but it can’t process it, then it knows something is wrong. It displays “WARNING: Displayed transactions may not be correct! You may need to upgrade.” and makes most RPC commands return an error. It still keeps generating as normal, which is necessary for the stability of the network.

There were important security updates in the versions before this too, so if you haven’t upgraded recently, it’s extremely important that you upgrade now!

Also, don’t forget, we recently added 2.4x faster generating thanks to tcatm’s mid-state caching optimisation and BlackEye’s help getting ASM SHA-256 working.

Download:
http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.8/

2010-08-04 00:09:32 UTC - Re: Bitcoind x86 binary for CentOS #

BitcoinTalk

Re: Bitcoind x86 binary for CentOS

2010-08-04 00:09:32 UTC - Original Post

Quote from: knightmb on August 03, 2010, 11:46:46 PM

There are two versions, one built from stock code, the other modified to accept up to 1,000 nodes (hence the super node name)

I’d rather you didn’t make a build of the 1000 node connecting version available. It won’t take very many people running that before we have to make another release just to limit the incoming connections.

2010-08-04 00:29:37 UTC - Re: Please upgrade to 0.3.8! #

BitcoinTalk

Re: Please upgrade to 0.3.8!

2010-08-04 00:29:37 UTC - Original Post

I guess SourceForge hasn’t updated its mirrors yet. The files are there on the admin side, but not on the user side. I have no idea how long that will take. It’s always been immediate in the past.

Edit: SourceForge is updated now.

2010-08-04 00:40:40 UTC - Re: Building initial transaction trust through “coin ripping” #

BitcoinTalk

Re: Building initial transaction trust through “coin ripping”

2010-08-04 00:40:40 UTC - Original Post

The software is designed to support things like this. I was going to post details of the plans for Escrow, but since getting slashdotted I haven’t had time.

2010-08-04 16:25:36 UTC - Re: Flood attack 0.00000001 BC #

BitcoinTalk

Re: Flood attack 0.00000001 BC

2010-08-04 16:25:36 UTC - Original Post

Quote from: Insti on August 04, 2010, 02:58:31 PM

It seems to do more harm than good because it prevents micropayment implementations such as the one bytemaster is suggesting.

Bitcoin isn’t currently practical for very small micropayments. Not for things like pay per search or per page view without an aggregating mechanism, not things needing to pay less than 0.01. The dust spam limit is a first try at intentionally trying to prevent overly small micropayments like that.

Bitcoin is practical for smaller transactions than are practical with existing payment methods. Small enough to include what you might call the top of the micropayment range. But it doesn’t claim to be practical for arbitrarily small micropayments.

2010-08-05 16:03:21 UTC - Re: Flood attack 0.00000001 BC #

BitcoinTalk

Re: Flood attack 0.00000001 BC

2010-08-05 16:03:21 UTC - Original Post

Forgot to add the good part about micropayments. While I don’t think Bitcoin is practical for smaller micropayments right now, it will eventually be as storage and bandwidth costs continue to fall. If Bitcoin catches on on a big scale, it may already be the case by that time. Another way they can become more practical is if I implement client-only mode and the number of network nodes consolidates into a smaller number of professional server farms. Whatever size micropayments you need will eventually be practical. I think in 5 or 10 years, the bandwidth and storage will seem trivial.

I am not claiming that the network is impervious to DoS attack. I think most P2P networks can be DoS attacked in numerous ways. (On a side note, I read that the record companies would like to DoS all the file sharing networks, but they don’t want to break the anti-hacking/anti-abuse laws.)

If we started getting DoS attacked with loads of wasted transactions back and forth, you would need to start paying a 0.01 minimum transaction fee. 0.1.5 actually had an option to set that, but I took it out to reduce confusion. Free transactions are nice and we can keep it that way if people don’t abuse them.

That brings up the question: if there was a minimum 0.01 fee for each transaction, should we automatically add the fee if it’s just the minimum 0.01? It would be awfully annoying to ask each time. If you have 50.00 and send 10.00, the recipient would get 10.00 and you’d have 39.99 left. I think it should just add it automatically. It’s trivial compared to the fees many other types of services add automatically.

Quote from: FreeMoney on August 04, 2010, 07:30:32 PM

Does including more slow down your hashing rate?

No, not at all.

2010-08-05 16:30:20 UTC - Re: Flood attack 0.00000001 BC #

BitcoinTalk

Re: Flood attack 0.00000001 BC

2010-08-05 16:30:20 UTC - Original Post

Quote from: bytemaster

Payments would generally be advanced, say 1 BTC at a time and when the connection closes any “change” would be returned. This rule makes it impossible to pay for a simple “search query” with no further transactions.

One alternative is to use a round-up system. You pay for, say, 1000 pages or images or downloads or searches or whatever at a time. When you’ve used up your 1000 pages, you pay for another 1000 pages. If you only use 1 page, then you have 999 left that you may never use, but it’s not a big deal because the cost per 1000 is still small.

Or you could pay per day. The first time you access the site on a given day, you pay for 24 hours of access.

Per 1000 or per day may be easier for consumers to get their heads around too. They worry about per item because it’s harder to figure if it might add up too fast. Unlimited for 24 hours they know what the cost will be. Or if 1000 seems like plenty, they’re not worrying that it’s costing more with each click if they figure 1000 is more than they’ll probably use.

2010-08-05 16:39:58 UTC - Re: Flood attack 0.00000001 BC #

BitcoinTalk

Re: Flood attack 0.00000001 BC

2010-08-05 16:39:58 UTC - Original Post

Quote from: bytemaster on August 05, 2010, 03:39:19 PM

The only solution to this problem is to make broadcasting of a transaction “non free”. Namely, if you want me to include it you have to pay me. The net (no pun intended) result is that each client would need to pay other clients to whom they even send their transaction, not just the individual who gets it in a block. In this way the laws of economics take over and no one gets a free ride on the transaction broadcast system.

I don’t know a way to implement that. The transaction fee to the block creator uses a special trick to include the transaction fee without any additional size. If there was a transaction for each transaction fee, then what about the transactions fees for the transaction fee’s transaction?

2010-08-05 17:06:03 UTC - Re: Who’s the Spanish jerk draining the Faucet? #

BitcoinTalk

Re: Who’s the Spanish jerk draining the Faucet?

2010-08-05 17:06:03 UTC - Original Post

Silently failing would look bad.

Quote from: gavinandresen on August 04, 2010, 08:40:55 PM

1. Rate limit based on the first byte of the IP address (79. or 81. in this case).
   

Definitely needed. What rate are you thinking of? Ultimately, it’s better to rate limit it than to let it all drain out.

Quote from: gavinandresen on August 04, 2010, 08:40:55 PM

1. Rate limit based on last two domains of reverse DNS lookup of the IP address (rima-tde.net in this case).
   

That might work surprisingly well. If it works, it keeps them from hitting the rate limit, but the rate limit is there as the last line of defence.

Quote from: gavinandresen on August 04, 2010, 08:40:55 PM

1. Make the standard amount given away 0.5 Bitcoins (Bitcoins have gone up 10 times in value since I started the Faucet).
   

Definitely time to lower it.

2010-08-05 17:28:40 UTC - Re: bitcoind transaction to ip address #

BitcoinTalk

Re: bitcoind transaction to ip address

2010-08-05 17:28:40 UTC - Original Post

It’s not implemented.

It turned out nobody liked that mode of transfer anyway, so it hasn’t had much development attention.

2010-08-05 17:38:21 UTC - Re: Transaction Overload Solution #

I can’t think of a way to implement that. All the transaction fees would be additional transactions. What about the transaction fees for the transaction fee’s transaction?

2010-08-05 17:49:43 UTC - Re: Flood attack 0.00000001 BC #

BitcoinTalk

Re: Flood attack 0.00000001 BC

2010-08-05 17:49:43 UTC - Original Post

Quote from: bytemaster on August 05, 2010, 04:46:52 PM

Right now the transaction fee address is left “blank” and the block generator fills it out.
Now you would fill it in with the address of the person you are asking to build the block.

If you’re only going to have one person work on building the block, that could take days. Oh, do you mean send a different variation to each node with the tx fee written to them?

The way it is now, it’s whoever builds this gets it.

If we needed to, we could have a BitTorrent-esque tit-for-tat for transaction broadcast. Relay paying transactions to me, or I won’t relay them to you. It probably won’t be an actual problem though. It only takes one node relaying like it should to cancel out 7 others greedily not relaying.

2010-08-05 18:08:30 UTC - Re: A proposal for a semi-automated Escrow mechanism #

BitcoinTalk

Re: A proposal for a semi-automated Escrow mechanism

2010-08-05 18:08:30 UTC - Original Post

A transaction can be written that requires two signatures to spend it next. You write a payment that requires the signature of both the recipient and the sender to spend it. To release the escrow, you give the recipient the signature for your half, or the payee can return it by giving you his signed half. There’s no mediator in this simple case. The recourse is to refuse to ever release it, essentially burning the money.

2010-08-07 16:28:17 UTC - Re: latency and locality #

Once you get away from a system where each node’s influence is proportional to their CPU power, then what else do you use to determine who is (approximately) one person?

2010-08-07 17:46:09 UTC - Re: Bitcoin minting is thermodynamically perverse #

BitcoinTalk

Re: Bitcoin minting is thermodynamically perverse

2010-08-07 17:46:09 UTC - Original Post

It’s the same situation as gold and gold mining. The marginal cost of gold mining tends to stay near the price of gold. Gold mining is a waste, but that waste is far less than the utility of having gold available as a medium of exchange.

I think the case will be the same for Bitcoin. The utility of the exchanges made possible by Bitcoin will far exceed the cost of electricity used. Therefore, not having Bitcoin would be the net waste.

Quote from: gridecon on August 06, 2010, 04:48:00 PM

As an overall point, I also do not agree with the idea that the very high computational burden of coin generation is in fact a necessity of the current system. As I understand it, currency creation is fundamentally metered by TIME - and if that is the fundamental controlling variable, what is the need for everyone to “roll as many dice as posible” within that given time period? The “chain of proof” for coin ownership and transactions doesn’t depend on the method for spawning coins.

Each node’s influence on the network is proportional to its CPU power. The only way to show the network how much CPU power you have is to actually use it.

If there’s something else each person has a finite amount of that we could count for one-person-one-vote, I can’t think of it. IP addresses… much easier to get lots of them than CPUs.

I suppose it might be possible to measure CPU power at certain times. For instance, if the CPU power challenge was only run for an average of 1 minute every 10 minutes. You could still prove your total power at given times without running it all the time. I’m not sure how that could be implemented though. There’s no way for a node that wasn’t present at the time to know that a past chain was actually generated in a duty cycle with 9 minute breaks, not back to back.

Proof-of-work has the nice property that it can be relayed through untrusted middlemen. We don’t have to worry about a chain of custody of communication. It doesn’t matter who tells you a longest chain, the proof-of-work speaks for itself.

2010-08-07 20:04:59 UTC - Re: A proposal for a semi-automated Escrow mechanism #

BitcoinTalk

Re: A proposal for a semi-automated Escrow mechanism

2010-08-07 20:04:59 UTC - Original Post

Quote from: jgarzik on August 05, 2010, 07:00:30 PM

Due to that recourse, it is unlikely to be used as an escrow mechanism

Really? Do you think people won’t be able to understand the benefit? (If your response is an argument that there’s no benefit at all, I guess that will reinforce the case that people won’t be able to understand it.)

2010-08-07 20:13:52 UTC - Escrow #

Here’s an outline of the kind of escrow transaction that’s possible in software. This is not implemented and I probably won’t have time to implement it soon, but just to let you know what’s possible.

The basic escrow: The buyer commits a payment to escrow. The seller receives a transaction with the money in escrow, but he can’t spend it until the buyer unlocks it. The buyer can release the payment at any time after that, which could be never. This does not allow the buyer to take the money back, but it does give him the option to burn the money out of spite by never releasing it. The seller has the option to release the money back to the buyer.

While this system does not guarantee the parties against loss, it takes the profit out of cheating.

If the seller doesn’t send the goods, he doesn’t get paid. The buyer would still be out the money, but at least the seller has no monetary motivation to stiff him.

The buyer can’t benefit by failing to pay. He can’t get the escrow money back. He can’t fail to pay due to lack of funds. The seller can see that the funds are committed to his key and can’t be sent to anyone else.

Now, an economist would say that a fraudulent seller could start negotiating, such as “release the money and I’ll give you half of it back”, but at that point, there would be so little trust and so much spite that negotiation is unlikely. Why on earth would the fraudster keep his word and send you half if he’s already breaking his word to steal it? I think for modest amounts, almost everyone would refuse on principle alone.

2010-08-07 21:16:01 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-07 21:16:01 UTC - Original Post

Quote from: impossible7 on August 06, 2010, 11:37:20 AM

CRITICAL_BLOCK is a macro that contains a for loop. The assertion failure indicates that break has been called inside the body of the loop. The only break statement in this block is in line 2762. In the original source file, there is no break statement in this critical block. I think you must remove lines 2759-2762. The is nothing like that in the original main.cpp.

Sorry about that. CRITICAL_BLOCK isn’t perfect. You have to be careful not to break or continue out of it. There’s an assert that catches and warns about break. I can be criticized for using it, but the syntax would be so much more bloated and error prone without it.

Is there a chance the SSE2 code is slow on Intel because of some quirk that could be worked around? For instance, if something works but is slow if it’s not aligned, or thrashing the cache, or one type of instruction that’s really slow? I’m not sure how available it is, but I think Intel used to have a profiler for profiling on a per instruction level. I guess if tcatm doesn’t have a system with the slow processor to test with, there’s not much hope. But it would be really nice if this was working on most CPUs.

2010-08-09 18:50:41 UTC - Re: bitcoin generation broken in 0.3.8? #

BitcoinTalk

Re: bitcoin generation broken in 0.3.8?

2010-08-09 18:50:41 UTC - Original Post

I found that SSE2 only added a slight 2% speedup, which didn’t seem worth the incompatibility. I was trying to take the safer option.

It doesn’t look to me like Crypto++ could be deciding whether to use SSE2 at runtime. There’s one place where it detects SSE2 for deciding some block count parameter, but the SSE2 stuff is all #ifdef at compile time and I can’t see how that would switch at runtime. Maybe I’m not looking in the right place.

Should we enable SSE2 in all the makefiles? It seems like we must in case someone compiles with 64-bit.

I will recompile the 64-bit part of the Linux 0.3.8 release.

2010-08-09 19:46:58 UTC - Version 0.3.8.1 update for Linux 64-bit #

BitcoinTalk

Version 0.3.8.1 update for Linux 64-bit

2010-08-09 19:46:58 UTC - Original Post

When we switched to Crypto++ 5.6.0 SHA-256 in version 0.3.6, generation got broken on the Linux 64-bit build. Version 0.3.8.1 is on SourceForge with the 64-bit binary updated.

Download:
http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.8/bitcoin-0.3.8.1-linux.tar.gz/download

Future versions after 0.3.8 will probably require SSE2. Anyone have Pentium 3 or older where this would be a problem?

2010-08-09 20:13:26 UTC - Re: What could be the transition plan to Y2038 compliant Bitcoin? #

BitcoinTalk

Re: What could be the transition plan to Y2038 compliant Bitcoin?

2010-08-09 20:13:26 UTC - Original Post

unsigned int is good until 2106. Surely the network will have to be totally revamped at least once by then.

There should not be any signed int. If you’ve found a signed int somewhere, please tell me (within the next 25 years please) and I’ll change it to unsigned int.

2010-08-09 20:34:06 UTC - Re: bitcoin generation broken in 0.3.8? (64-bit) #

BitcoinTalk

Re: bitcoin generation broken in 0.3.8? (64-bit)

2010-08-09 20:34:06 UTC - Original Post

I uploaded 0.3.8.1 for Linux with re-built 64-bit. I ran a difficulty 1 test with it and it has generated blocks.

http://bitcointalk.org/index.php?topic=765.0

Download:
http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.8/bitcoin-0.3.8.1-linux.tar.gz/download

2010-08-09 20:55:06 UTC - Re: Version 0.3.8.1 update for Linux 64-bit #

BitcoinTalk

Re: Version 0.3.8.1 update for Linux 64-bit

2010-08-09 20:55:06 UTC - Original Post

That’s a good point, I believe you could run with generation off if you don’t have SSE2.

How about add to the top of cryptopp/config.h:

#if !defined(_M_X64) && !defined(x86_64)
#define CRYPTOPP_DISABLE_SSE2 1
#endif

that would disable SSE2 for 32-bit builds. (at least with GCC or MSVC)

2010-08-09 20:58:45 UTC - Connection limits #

SVN rev 125:

• Always make 8 outbound connections even if have 8 inbound
  
• Limit outbound connections to one per a.b.?.? range
  
• Switch -maxconnections=#
  

2010-08-09 21:28:39 UTC - Re: Bitcoin minting is thermodynamically perverse #

BitcoinTalk

Re: Bitcoin minting is thermodynamically perverse

2010-08-09 21:28:39 UTC - Original Post

The heat from your computer is not wasted if you need to heat your home. If you’re using electric heat where you live, then your computer’s heat isn’t a waste. It’s equal cost if you generate the heat with your computer.

If you have other cheaper heating than electric, then the waste is only the difference in cost.

If it’s summer and you’re using A/C, then it’s twice.

Bitcoin generation should end up where it’s cheapest. Maybe that will be in cold climates where there’s electric heat, where it would be essentially free.

2010-08-10 23:46:00 UTC - Re: Version 0.3.8.1 update for Linux 64-bit #

BitcoinTalk

Re: Version 0.3.8.1 update for Linux 64-bit

2010-08-10 23:46:00 UTC - Original Post

SVN rev 128: disable SSE2 on 32-bit. This may only disable it for MSVC and GCC. Other compilers might have different 64-bit defines.

2010-08-11 00:14:22 UTC - Re: Not a suggestion #

This is a very interesting topic. If a solution was found, a much better, easier, more convenient implementation of Bitcoin would be possible.

Originally, a coin can be just a chain of signatures. With a timestamp service, the old ones could be dropped eventually before there’s too much backtrace fan-out, or coins could be kept individually or in denominations. It’s the need to check for the absence of double-spends that requires global knowledge of all transactions.

The challenge is, how do you prove that no other spends exist? It seems a node must know about all transactions to be able to verify that. If it only knows the hash of the in/outpoints, it can’t check the signatures to see if an outpoint has been spent before. Do you have any ideas on this?

It’s hard to think of how to apply zero-knowledge-proofs in this case.

We’re trying to prove the absence of something, which seems to require knowing about all and checking that the something isn’t included.

2010-08-11 01:30:02 UTC - Re: Escrow #

Quote from: jgarzik on August 10, 2010, 06:53:57 PM

Ask some real-world business owners if they want to tell their customers about the chance of the money being lost forever, unrecoverable by either party.

That makes it sound like it might somehow get lost and the parties can’t get it even if they want to cooperate.

When you pay for something up front, you can’t get it back either. Consumers seem comfortable with that. It’s no worse than that.

Either party always has the option to release it to the other.

Quote from: nelisky on August 10, 2010, 08:20:36 PM

But the money burning solution, while great at preventing economically viable fraud, does nothing to prevent revenge and actually makes everyone loose if one side is dishonest. I would certainly not endorse that.

Then you must also be against the common system of payment up front, where the customer loses.

Payment up front: customer loses, and the thief gets the money.
Simple escrow: customer loses, but the thief doesn’t get the money either.

Are you guys saying payment up front is better, because at least the thief gets the money, so at least someone gets it?

Imagine someone stole something from you. You can’t get it back, but if you could, if it had a kill switch that could be remote triggered, would you do it? Would it be a good thing for thieves to know that everything you own has a kill switch and if they steal it, it’ll be useless to them, although you still lose it too? If they give it back, you can re-activate it.

Imagine if gold turned to lead when stolen. If the thief gives it back, it turns to gold again.

It still seems to me the problem may be one of presenting it the right way. For one thing, not being so blunt about “money burning” for the purposes of game theory discussion. The money is never truly burned. You have the option to release it at any time forever.

2010-08-11 01:42:30 UTC - Re: Compile error in SVN r127 #

BitcoinTalk

Re: Compile error in SVN r127

2010-08-11 01:42:30 UTC - Original Post

Updated SVN. Thanks.

There’s little hope of not repeatedly stumbling over that in the future. It doesn’t break the compile for me.

2010-08-11 21:07:59 UTC - Re: Not a suggestion #

Still thinking this idea through…

The only job the network needs to do is to tell whether a spend of an outpoint is the first or not.

If we’re willing to have clients keep the history for their own money, then some of the information may not need to be stored by the network, such as:

• the value
  
• the association of inpoints and outpoints in one transaction
  

2010-08-11 21:46:51 UTC - Re: Lost large number of bitcoins #

BitcoinTalk

Re: Lost large number of bitcoins

2010-08-11 21:46:51 UTC - Original Post

Quote from: sirius-m on August 11, 2010, 02:01:53 AM

I added to the FAQ the warning to back up after each transaction. Is it necessary btw to stop the client before making a backup? That’s a bit inconvenient. Automatic backups would be useful indeed.

You can get away with backing up without stopping the client if you don’t do anything or receive a payment within a few seconds before the backup. (like 5 seconds)

Quote from: gridecon on August 11, 2010, 08:46:08 PM

Wait, I’m confused again. I thought the essence of the surprise was that Bitcoin is programmed to “empty your wallet” for EACH transaction.

No, it doesn’t usually empty your wallet with each transaction. It uses the smallest set of coins it can find to add up to near the amount. In this case, unfortunately, his wallet had a single 9000 BTC bill in it, and it had to break it to get 1 BTC and 8999 BTC change.

2010-08-11 22:40:25 UTC - Re: Where is the separate discussion devoted to possible Bitcoin weaknesses. #

BitcoinTalk

Re: Where is the separate discussion devoted to possible Bitcoin weaknesses.

2010-08-11 22:40:25 UTC - Original Post

It doesn’t have to be such a breaking change. New nodes could accept old transactions for a long time until most nodes have already upgraded before starting to refuse transactions without PoW. Or, they could always accept old transactions, but only a limited number per time period.

I’ve thought about PoW on transactions many times, but usually I end up thinking a 0.01 transaction fee is essentially similar and better. 0.01 is basically a proof of work, but not wasted. But if the problem is validating loads of transactions, then PoW could be checked faster.

A more general umbrella partial solution would be to implement the idea where an unlikely dropoff in blocks received is detected. Then an attacker would still need a substantial portion of the network’s power to benefit from a DoS attack.

Quote from: gavinandresen on August 11, 2010, 04:10:56 PM

Bitcoin’s p2p network is subject to various kinds of denial of service attacks.

There, I said it.

+1

Any demonstration tests at this point would only show what we already know, and divert dev time from strengthening the system to operational fire fighting.

2010-08-11 23:28:50 UTC - Re: Flood attack 0.00000001 BC #

BitcoinTalk

Re: Flood attack 0.00000001 BC

2010-08-11 23:28:50 UTC - Original Post

It would be nice to keep the blk*.dat files small as long as we can.

The eventual solution will be to not care how big it gets.

But for now, while it’s still small, it’s nice to keep it small so new users can get going faster. When I eventually implement client-only mode, that won’t matter much anymore.

There’s more work to do on transaction fees. In the event of a flood, you would still be able to jump the queue and get your transactions into the next block by paying a 0.01 transaction fee. However, I haven’t had time yet to add that option to the UI.

Scale or not, the test network will react in the same ways, but with much less wasted bandwidth and annoyance.

2010-08-12 00:02:06 UTC - Re: BSD detection #

Quote from: dkaparis on August 11, 2010, 11:00:16 PM

   There is this piece of code in headers.h:\\
= #ifdef __WXMAC_OSX__
#define __WXMAC__ 1
#define __WXOSX__ 1
#define __BSD__ 1
#endif
#endif

That code was a bad idea anyway, I’m deleting it. Any Mac code should only use WXMAC_OSX, not WXMAC or WXOSX, and we should stop using BSD.

Quote

#if (defined(__unix__) || defined(unix)) && !defined(USG)
#include <sys/param.h>
#endif

Will that definitely cause BSD to be defined on Mac?

2010-08-12 02:46:56 UTC - Re: Not a suggestion #

Quote from: satoshi on August 11, 2010, 09:07:59 PM

I believe the clients would have to keep the entire history back to the original generated coins. The fact that clients have to keep the entire history reduces the privacy benefit.

Quote from: Red on August 12, 2010, 01:10:19 AM

I thought this too at first. But then I convinced myself otherwise.

Are you back to talking about the existing Bitcoin system here?

I was talking about in the hypothetical system I was describing, if the network doesn’t know the values and lineage of the transactions, then it can’t verify them and vouch for them, so the clients would have to keep the history all the way back.

If a client wasn’t present until recently, the two ways to convince it that a transaction has a valid past is:

1. Show it the entire history back to the original generated coin.
   
2. Show it a history back to a thoroughly deep block, then trust that if so many nodes all said the history up to then was correct then it must be true.
   

2010-08-12 21:14:20 UTC - Re: BSD detection #

This is in SVN rev 130. Check that it compiles right.

Code: #if (defined(unix) || defined(unix)) && !defined(USG)
#include // to get BSD define
#endif
#ifdef WXMAC_OSX
#ifndef BSD
#define BSD 1
#endif
#endif

2010-08-12 21:20:31 UTC - Bugfixes in SVN rev 130 #

BitcoinTalk

Bugfixes in SVN rev 130

2010-08-12 21:20:31 UTC - Original Post

Misc bugfixes in rev 130:

fix -datadir with relative path
autostart is now off by default except on windows
fix occasional “vector iterator not dereferencable” assertion when compiled with msvc
fix readlink compile warning on linux build
use sys/param.h and BSD define instead of BSD
-paytxfee switch, e.g. -paytxfee=0.01

2010-08-12 21:34:44 UTC - Re: Bitcoin Watchdog Service #

True, there would probably be someone with a dial-up modem or satellite dish internet. Rarer would be someone who has both that and the wired internet that has the outage, but if it’s a big enough segment to matter, out of a million people there’s bound to be a multi-home geek.

ISP network cuts are just your local area. If you still have communication with the rest of your area, it would probably be something like 1/1000 of the world or less. Block generation in the segment would take several hours per block.

I favour the plan to monitor if the frequency of blocks received drops too slow. That covers a large range of possibilities.

2010-08-12 21:43:29 UTC - Re: Having problems specifing -datadir #

https://bitcointalk.org/index.php?topic=601.msg8924#msg8924 Fixed in SVN rev 130.

2010-08-12 22:07:23 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-12 22:07:23 UTC - Original Post

That big of a difference in speed, by a factor of 4 or 6, feels like it’s likely to be some quirky weak spot or instruction that the old chip is slow with. Unless it’s a touted feature of the i5 that they made SSE2 six times faster.

A quick summary:
Xeon Quad 41% slower
Core 2 Duo 55% slower
Core 2 Duo same (vess)
Core 2 Quad 50% slower
Core i5 200% faster (nelisky)
Core i5 100% faster (vess)
AMD Opteron 105% faster

aceat64:
My system went from ~7100 to ~4200.
This particular system has dual Intel Xeon Quad-Core CPUs (E5335) @ 2.00GHz.

impossible7:
on an Intel Core 2 Duo T7300 running x86_64 linux it was 55% slower compared to the stock version (r121)

nelisky:
My Core2Quad (Q6600) slowed down 50%,
my i5 improved ~200%,

impossible7:
on an AMD Opteron 2374 HE running x86_64 linux I got a 105% improvement (!)

2010-08-13 03:15:23 UTC - Re: Bugfixes in SVN rev 130 #

BitcoinTalk

Re: Bugfixes in SVN rev 130

2010-08-13 03:15:23 UTC - Original Post

No, that’s not what it is.

-paytxfee allows you to include a transaction fee with your transactions. If transaction confirmations become slow, you can get priority by using “-paytxfee=0.01”. Any transactions you send would cost an extra 0.01. There’s no reason to use more than 0.01.

It’s just there in case we need it. It probably won’t be needed, and it can be explained more if we do.

2010-08-13 17:09:27 UTC - Re: Bitcoin Watchdog Service #

Quote But there will be no irc server to bootstrap from.

Which doesn’t matter because you can’t access sourceforge to download the software either.

If you’ve ever been connected before, you don’t need IRC to bootstrap anymore. Even if you haven’t, you can bootstrap from seed nodes. IRC is completely redundant since 0.3.0.

2010-08-13 17:40:00 UTC - Version 0.3.9 rc1, please test #

BitcoinTalk

Version 0.3.9 rc1, please test

2010-08-13 17:40:00 UTC - Original Post

Here’s a test build if you’d like to help test before 0.3.9 is released.
(or if you’d rather get upgrading out of the way now instead of waiting)

Downloads: (binaries only)
http://www.bitcoin.org/download/bitcoin-0.3.9.rc1-win32.zip
( http://www.bitcoin.org/download/bitcoin-0.3.9.rc1-linux.tar.gz)

SHA1 a36ea00cce27b4b083755df73a3d1e5e5729884e bitcoin-0.3.9.rc1-win32.zip
SHA1 bbb333b0ea57302740ad1bb9948520d00f884f9d bitcoin-0.3.9.rc1-linux.tar.gz

Edit:
Linux please test rc2 instead. This adds a -4way switch for tcatm’s 4-way SSE2. This will only be for Linux:
http://www.bitcoin.org/download/bitcoin-0.3.9.rc2-linux.tar.gz

SHA1 47d9998f7d15fe81234a5c89a542da9d0664df40 bitcoin-0.3.9.rc2-linux.tar.gz

Please report back your results
http://bitcointalk.org/index.php?topic=820

2010-08-13 19:28:47 UTC - Re: Not a suggestion #

I’m not grasping your idea yet. Does it hide any information from the public network? What is the advantage?

If at least 50% of nodes validated transactions enough that old transactions can be discarded, then everyone saw everything and could keep a record of it.

Can public nodes see the values of transactions? Can they see which previous transaction the value came from? If they can, then they know everything. If they can’t, then they couldn’t verify that the value came from a valid source, so you couldn’t take their generated chain as verification of it.

Does it hide the bitcoin addresses? Is that it? OK, maybe now I see, if that’s it.

Crypto may offer a way to do “key blinding”. I did some research and it was obscure, but there may be something there. “group signatures” may be related.

There’s something here in the general area:
http://www.users.zetnet.co.uk/hopwood/crypto/rh/

What we need is a way to generate additional blinded variations of a public key. The blinded variations would have the same properties as the root public key, such that the private key could generate a signature for any one of them. Others could not tell if a blinded key is related to the root key, or other blinded keys from the same root key. These are the properties of blinding. Blinding, in a nutshell, is x = (x * large_random_int) mod m.

When paying to a bitcoin address, you would generate a new blinded key for each use.

Then you need to be able to sign a signature such that you can’t tell that two signatures came from the same private key. I’m not sure if always signing a different blinded public key would already give you this property. If not, I think that’s where group signatures comes in. With group signatures, it is possible for something to be signed but not know who signed it.

As an example, say some unpopular military attack has to be ordered, but nobody wants to go down in history as the one who ordered it. If 10 leaders have private keys, one of them could sign the order and you wouldn’t know who did it.

2010-08-13 23:39:14 UTC - Re: Proposed change to sendtoaddress API call #

BitcoinTalk

Re: Proposed change to sendtoaddress API call

2010-08-13 23:39:14 UTC - Original Post

It’s too soon to start junking up the API for backward compatibility at all costs.

Just return “”.

2010-08-14 00:49:18 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-14 00:49:18 UTC - Original Post

MinGW on Windows has trouble compiling it:

g++ -c -mthreads -O2 -w -Wno-invalid-offsetof -Wformat -g -D__WXDEBUG__ -DWIN32 -D__WXMSW__ -D_WINDOWS -DNOPCH -I”/boost” -I”/db/build_unix” -I"/openssl/include" -I"/wxwidgets/lib/gcc_lib/mswud" -I"/wxwidgets/include" -msse2 -O3 -o obj/sha256.o sha256.cpp

sha256.cpp: In function `long long int vector Ch(long long int vector, long long int vector, long long int vector)’:
sha256.cpp:31: internal compiler error: in perform_integral_promotions, at cp/typeck.c:1454
Please submit a full bug report,
with preprocessed source if appropriate.
See for instructions.
make: * [obj/sha256.o] Error 1

2010-08-14 04:22:29 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-14 04:22:29 UTC - Original Post

If you haven’t already, try aligning thash. It might matter. Couldn’t hurt.

Quote from: tcatm on August 14, 2010, 12:53:07 AM

Looks like we’re triggering a compiler bug in the tree optimizer. Can you try to compile it -O0?

No help from -O0, same error.

MinGW is GCC 3.4.5. Probably the problem.

I’ll see if I can get a newer version of MinGW.

2010-08-14 17:55:37 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-14 17:55:37 UTC - Original Post

Got the test working on 32-bit with MinGW GCC 4.5. Exactly 50% slower than stock with Core 2.

2010-08-14 22:06:13 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-14 22:06:13 UTC - Original Post

MinGW GCC 4.5.0:
Crypto++ doesn’t work, X86_SHA256_HashBlocks() never returns
I only got 4-way working with test.cpp but not when called by BitcoinMiner

MinGW GCC 4.4.1:
Crypto++ works
4-way SIGSEGV

GCC is definitely not aligning __m128i.

Even if we align our own __m128i variables, the compiler may decide to use a __m128i behind the scenes as a temporary variable.

By making our __m128i variables aligned and changing these inlines to defines, I was able to get it to work on 4.4.1 with -O0 only:
#define Ch(b, c, d) ((b & c) ^ (~b & d))
#define Maj(b, c, d) ((b & c) ^ (b & d) ^ (c & d))
#define ROTR(x, n) (_mm_srli_epi32(x, n) | _mm_slli_epi32(x, 32 - n))
#define SHR(x, n) _mm_srli_epi32(x, n)

But that’s with -O0.

2010-08-15 03:40:29 UTC - Re: 4 hashes parallel on SSE2 CPUs for 0.3.6 #

BitcoinTalk

Re: 4 hashes parallel on SSE2 CPUs for 0.3.6

2010-08-15 03:40:29 UTC - Original Post

On both MinGW GCC 4.4.1 and 4.5.0 I have it working with test.cpp but SIGSEGV when called by BitcoinMiner. So now it doesn’t look like it’s the version of GCC, it’s something else, maybe just the luck of how the stack is aligned.

I have it working fine on GCC 4.3.3 on Ubuntu 32-bit.

I found the problem with Crypto++ on MinGW 4.5.0. Here’s the patch for that:

Code:

— \old\sha.cpp Mon Jul 26 13:31:11 2010
+ ew\sha.cpp Sat Aug 14 20:21:08 2010
@@ -336,7 +336,7 @@
ROUND(14, 0, eax, ecx, edi, edx)
ROUND(15, 0, ecx, eax, edx, edi)

• ASL(1)
  
• ASL(label1) // Bitcoin: fix for MinGW GCC 4.5
  

AS2(add WORD_REG(si), 4*16)
ROUND(0, 1, eax, ecx, edi, edx)
ROUND(1, 1, ecx, eax, edx, edi)
@@ -355,7 +355,7 @@
ROUND(14, 1, eax, ecx, edi, edx)
ROUND(15, 1, ecx, eax, edx, edi)
AS2( cmp WORD_REG(si), K_END)

• ASJ( jne, 1, b)
  
• ASJ( jne, label1, ) // Bitcoin: fix for MinGW GCC 4.5
  

2010-08-15 15:52:09 UTC - tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10 #

BitcoinTalk

tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10

2010-08-15 15:52:09 UTC - Original Post

0.3.10 has tcatm’s 4-way SSE2 as an option switch.

Use the switch “-4way” to turn it on. Without the switch you get Crypto++ ASM SHA-256.

I could only get this working with Linux.

Download:
Get 0.3.10 from http://bitcointalk.org/index.php?topic=827.0

Please report back your CPU and results! I think it’s pretty clear that Core 2 and lower are slower, i5 faster. I don’t think we’ve heard any i7 results yet. We need to know about the different models of AMD or other less common CPUs.

2010-08-15 16:37:16 UTC - Re: Potential disaster scenario #

Some places where generation will gravitate to:

1. places where it’s cheapest or free
   
2. people who want to help for idealogical reasons
   
3. people who want to get some coins without the inconvenience of doing a transaction to buy them
   

2010-08-15 18:11:41 UTC - Re: Version 0.3.9 rc1, please test #

BitcoinTalk

Re: Version 0.3.9 rc1, please test

2010-08-15 18:11:41 UTC - Original Post

Quote from: jgarzik on August 15, 2010, 05:46:27 PM

the extended-help might have been based on my idea, but the code was somewhat different.

The idea was the main part. When you posted your patch, I realized it should have been done that way instead of “-?”. I always had reservations about “-?” because it intrudes on the possible parameter values, and the help response is based on the version of the caller instead of the server.

2010-08-15 18:23:26 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2

2010-08-15 18:23:26 UTC - Original Post

I hope someone can test an i5 or AMD to check that I built it right. I don’t have either to test with.

I’m also curious if it performs much worse on 32-bit linux vs 64-bit.

2010-08-15 18:43:27 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2

2010-08-15 18:43:27 UTC - Original Post

I just uploaded a quick build so testers can check if I built it right. (I don’t have an i5 or AMD) If it checks out, I’ll put together the full package and do all the release stuff.

2010-08-15 20:38:33 UTC - [bitcoin-list] ALERT - we are investigating a problem #

bitcoin-list

[bitcoin-list] ALERT - we are investigating a problem

2010-08-15 20:38:33 UTC - Original Email -

WARNING We are investigating a problem. DO NOT TRUST ANY\\ #

TRANSACTIONS THAT HAPPENED AFTER 15.08.2010 17:05 UTC (block 74638)
until the issue is resolved.

2010-08-15 20:59:09 UTC - Re: overflow bug SERIOUS #

Here’s the preliminary change. Look right? I have more changes to make, this isn’t all of it. Will SVN shortly.

Code: bool CheckTransaction() const
{
// Basic checks that don’t depend on any context
if (vin.empty() || vout.empty())
return error(“CTransaction::CheckTransaction() : vin or vout empty”);

// Check for negative and overflow values
int64 nTotal = 0;
foreach(const CTxOut& txout, vout)
{
if (txout.nValue < 0)
return error(“CTransaction::CheckTransaction() : txout.nValue negative”);
if (txout.nValue > 21000000 * COIN)
return error(“CTransaction::CheckTransaction() : txout.nValue too high”);
nTotal += txout.nValue;
if (nTotal > 21000000 * COIN)
return error(“CTransaction::CheckTransaction() : txout total too high”);
}

if (IsCoinBase())
{
if (vin[0].scriptSig.size() < 2 || vin[0].scriptSig.size() > 100)
return error(“CTransaction::CheckTransaction() : coinbase script size”);
}
else
{
foreach(const CTxIn& txin, vin)
if (txin.prevout.IsNull())
return error(“CTransaction::CheckTransaction() : prevout is null”);
}

return true;
}

Don’t sticky the topic, nobody looks up there. There’ll be enough posts to bump.

2010-08-15 21:06:45 UTC - Re: overflow bug SERIOUS #

It would help if people stop generating. We will probably need to re-do a branch around the current one, and the less you generate the faster that will be.

A first patch will be in SVN rev 132. It’s not uploaded yet. I’m pushing some other misc changes out of the way first, then I’ll upload the patch for this.

2010-08-15 21:23:55 UTC - Re: overflow bug SERIOUS #

Once you have an update, you could download knightmb’s block chain. You’ll want one that’s old enough that it ends before block 74000 so the most recent security lockin will check it. Can someone find the link for that?

2010-08-15 21:40:19 UTC - Re: overflow bug SERIOUS #

Patch is uploaded to SVN rev 132!

For now, recommended steps:

1. Shut down.
   
2. Download knightmb’s blk files. (replace your blk0001.dat and blkindex.dat files)
   
3. Upgrade.
   
4. It should start out with less than 74000 blocks. Let it redownload the rest.
   

2010-08-15 22:58:08 UTC - Re: overflow bug SERIOUS #

Don’t update the block chain download. When you take someone’s block chain download, you don’t want it right up to the end. A somewhat old one is better so it can download and verify the most recent blocks.

tcatm’s 4-way SSE2 SHA-256 is in the file sha256.cpp and already uploaded a few revs ago.

I just now uploaded rev 134 which is the makefile.unix that enables building with it on Linux. If you build rev 134 on Linux now you’ll get the -4way switch.

If you have problems building because of it, then edit makefile.unix and:

• remove -DFOURWAYSSE2
  
• remove obj/sha256.o from the end of these lines:
  

bitcoin: $(OBJS) obj/ui.o obj/uibase.o obj/sha256.o
bitcoind: $(OBJS:obj/%=obj/nogui/%) obj/sha256.o

The 0.3.10 linux build will have the -4way option when I build it.

Here are the patch downloads for Windows:

http://www.bitcoin.org/download/bitcoin-0.3.10-win32-setup.exe
http://www.bitcoin.org/download/bitcoin-0.3.10-win32.zip

SHA1 16645ec5fcdb35bc54bc7195309a1a81105242bb bitcoin-0.3.10-win32-setup.exe
SHA1 4f35ad7711a38fe8c880c6c9beab430824c426d3 bitcoin-0.3.10-win32.zip

Steps:

1. Shut down.
   
2. Download knightmb’s blk files and replace your blk0001.dat and blkindex.dat files.
   

http://knightmb.dyndns.org/files/bitcoin/blocks/
http://rapidshare.com/files/413168038/BitcoinBlocks.torrent

1. Upgrade to 0.3.10.
   
2. It should start out with less than 74000 blocks and redownload the rest.
   

1. Shut down.
   
2. Delete (or move) blk*.dat
   
3. Upgrade to 0.3.10.
   
4. It redownloads all blocks, probably take about an hour.
   

2010-08-15 23:17:24 UTC - Re: overflow bug SERIOUS #

Quote from: knightmb on August 15, 2010, 10:59:04 PM

[edit] Just saw your post, I’ll build one to less than 74,000 then, should at least save you technical people a few minutes of downloading the new chain.

Just leave the old one alone! Older is better. What block number is it? Anywhere from 60000-74000 is good. The one that you’ve had available for a while has been vetted and is the best choice.

2010-08-15 23:36:10 UTC - Re: overflow bug SERIOUS #

Starting at 67000 is perfect.

Yeah, at the moment you’ll stop at 74638. It should start slowly creeping up as more nodes upgrade and generate.

Linux build links below.

The Linux version includes tcatm’s 4-way SSE2 SHA-256 that makes generating faster on i5 and AMD CPU’s. Use the “-4way” switch to enable it and check if it’s faster for you.

Download links:
http://www.bitcoin.org/download/bitcoin-0.3.10-win32-setup.exe
http://www.bitcoin.org/download/bitcoin-0.3.10-win32.zip
http://www.bitcoin.org/download/bitcoin-0.3.10-linux.tar.gz

SHA1 16645ec5fcdb35bc54bc7195309a1a81105242bb bitcoin-0.3.10-win32-setup.exe
SHA1 4f35ad7711a38fe8c880c6c9beab430824c426d3 bitcoin-0.3.10-win32.zip
SHA1 e3fda1ddb31b0d5c35156cacd80dee6ea6ae6423 bitcoin-0.3.10-linux.tar.gz

2010-08-15 23:37:07 UTC - Re: overflow bug SERIOUS #

Quote from: Joozero on August 15, 2010, 11:32:43 PM

I think that you should add something about this: http://bitcointalk.org/index.php?topic=259.0
There must be a label on the client that show a warning message if needed
Now everyone have always to check the website, and I think that this is bad.

Agree, wanted to do that for a long time, haven’t had time to do it.

For now, you could also subscribe to the bitcoin-list mailing list. It rarely gets used except for announcements like this and major new versions.

Subscribe/unsubscribe page:
http://lists.sourceforge.net/mailman/listinfo/bitcoin-list

2010-08-15 23:48:22 UTC - Version 0.3.10 - block 74638 overflow PATCH! #

BitcoinTalk

Version 0.3.10 - block 74638 overflow PATCH!

2010-08-15 23:48:22 UTC - Original Post

Version 0.3.10 patches the block 74638 overflow bug. http://bitcointalk.org/index.php?topic=823

The Linux version includes tcatm’s 4-way SSE2 SHA-256 that makes generating faster on i5, i7 (with hyperthreading) and AMD CPU’s. Try the “-4way” switch to enable it and check if it’s faster for you.

Download from sourceforge:
http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.3.10/

SHA1 16645ec5fcdb35bc54bc7195309a1a81105242bb bitcoin-0.3.10-win32-setup.exe
SHA1 4f35ad7711a38fe8c880c6c9beab430824c426d3 bitcoin-0.3.10-win32.zip
SHA1 e3fda1ddb31b0d5c35156cacd80dee6ea6ae6423 bitcoin-0.3.10-linux.tar.gz
SHA1 b812ccff4881778b9090f7c0b0255bcba7b078ac bitcoin-0.3.10-macosx.zip

It is no longer necessary to delete blk*.dat. The good block chain has overtaken the bad block chain, so you can just upgrade and it’ll automatically reorg away the bad block chain.

2010-08-16 00:28:28 UTC - Re: 0.3.10.1 Question on where block should be #

BitcoinTalk

Re: 0.3.10.1 Question on where block should be

2010-08-16 00:28:28 UTC - Original Post

I suspect there’s some difficulty receiving blocks if all the nodes you’re connected to are 0.3.9 or lower. We need enough of us so that at least one node you connect to will be 0.3.10. The problem will start to go away when we make up more than 1/8th of the network.

It’ll help if you port forward so you can get lots of connections.

2010-08-16 00:37:20 UTC - Re: 0.3.10.1 Question on where block should be #

BitcoinTalk

Re: 0.3.10.1 Question on where block should be

2010-08-16 00:37:20 UTC - Original Post

For now, can some people running 0.3.10 with static IP who can receive incoming connections post their IP? Then we can -addnode= them and make sure to connect to at least one 0.3.10 node.

2010-08-16 01:00:45 UTC - Re: overflow bug SERIOUS #

Quote from: Ground Loop on August 16, 2010, 12:29:55 AM

Question about fallout: I had a transaction that I submitted after the bad block, using the bad block chain.

What is the status of that transaction?
From what I can tell, my (updated) sending client wallet shows the deducted amount.

Will it get reincorporated into the fixed chain, and will the recipient be able to spend it?

Right, it will get reincorporated into the fixed chain. The transaction won’t disappear, it’ll still be visible on both sides, but the confirmation count will jump back to 0 and start counting up again.

It’s only if you generated a block in the bad chain after block 74638 that the 50 BTC from that will disappear. Any blocks in the bad chain wouldn’t have matured yet.

2010-08-16 01:02:24 UTC - Re: overflow bug SERIOUS #

Quote from: kosovito on August 16, 2010, 12:39:17 AM

I did all steps, now my client is 0.3.10 and it stopped at block 74638. Is all fine?

If you still show 74638 blocks then you aren’t connected to any 0.3.10 nodes.

For today, try adding these parameters:
-addnode=75.158.131.108 -addnode=99.27.237.13 -addnode=68.68.99.14

See
http://bitcointalk.org/index.php?topic=828

2010-08-16 01:12:05 UTC - Re: overflow bug SERIOUS #

Quote from: trebronics on August 16, 2010, 01:02:35 AM

Most people running clients are not reading this message thread. So… Silly questions:

1. How will this continue to affect version 3.8.1 (pre-catastrophe) clients with bad block chain?
   
2. How will this affect clients that upgrade to 3.8.10 but don’t remove their block chain files?
   

1. Once more than 50% of the node power is upgraded and the good chain overtakes the bad, the 0.3.10 nodes will make it hard for any bad transactions to get any confirmations.
   
2. If you didn’t remove your blk*.dat files, you’re not helping to contribute to that 50%, and you’ll still show bad transactions until the good chain overtakes the bad chain.

2010-08-16 02:16:10 UTC - Re: overflow bug SERIOUS #

The bad chain is also slowed down as more nodes upgrade.

We’ve already generated 14 blocks since 74638. The builds of 0.3.10 were uploaded about 2 and 3 hours ago. Of the nodes I’m connected to, more than half are already 0.3.10. I would say we probably already have more power than the bad chain.

2010-08-16 02:38:21 UTC - Re: overflow bug SERIOUS #

On Windows, findstr /c:“version message” debug.log

It looks like the bad chain was on block 74678 recently. Can’t wait to overtake it.

On the stats at http://nullvoid.org/bitcoin/statistix.php there’s been 5 blocks per hour in the last 3 hours. We had a difficulty adjustment about a day ago that should have put it back to 6 blocks per hour.

2010-08-16 02:57:57 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2

2010-08-16 02:57:57 UTC - Original Post

Quote from: tcatm on August 16, 2010, 12:43:39 AM

I propose to compile sha256.cpp with -O3 -march=amdfamk10 (will work on 32bit and 64bit) as only CPUs supporting this instruction set (AMD Phenom, Intel i5 and newer) benefit from -4way and it’ll improve performance by ~9%.

GCC 4.3.3 doesn’t support -march=amdfamk10. I get:
sha256.cpp:1: error: bad value (amdfamk10) for -march= switch

Quote from: NewLibertyStandard on August 16, 2010, 01:49:01 AM

With 4way, I get significantly better performance when I have all my virtual cores enabled. I think I get about the same amount of hashes when hyper threading is turned off with or without 4way.

Hey, you may be onto something!

hyperthreading didn’t help before because all the work was in the arithmetic and logic units, which the hyperthreads share.

tcatm’s SSE2 code must be a mix of normal x86 instructions and SSE2 instructions, so while one is doing x86 code, the other can do SSE2.

How much of an improvement do you get with hyperthreading?

Some numbers? What CPU is that?

2010-08-16 03:23:04 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit 0.3.9 rc2

2010-08-16 03:23:04 UTC - Original Post

Quote from: Vasiliev on August 16, 2010, 03:17:07 AM

try -march=amdfam10

That works.

That’s strange… are we sure that’s the same thing? tcatm, try amdfam10 and make sure you get the same speed measurement.

2010-08-16 04:36:59 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10

2010-08-16 04:36:59 UTC - Original Post

Quote from: jgarzik on August 16, 2010, 03:35:28 AM Code:

cpu family : 6\\
model : 26\\
model name : Genuine Intel(R) CPU 000 @ 3.20GHz\\
stepping : 4

cpu family 6 model 26 stepping 4 is an Intel Core i7.
That’s a 23% speedup with -4way, 63% total speedup with -4way + hyperthreading.
33% faster with hyperthreading than without it.

2010-08-16 12:59:38 UTC - Re: overflow bug SERIOUS #

It looks like we overtook the bad chain somewhere around 74689. 0.3.9 and lower nodes have been responding with the current block number for some hours now.

That means it’s no longer necessary to delete blk*.dat before upgrading. You can just upgrade and it’ll reorg away the bad block chain.

Thanks to everyone for the quick response!

2010-08-16 13:38:01 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10

2010-08-16 13:38:01 UTC - Original Post

I wrapped sha256.cpp in
#ifdef FOURWAYSSE2
#endif // FOURWAYSSE2

try it now.

2010-08-16 15:25:54 UTC - Re: [PATCH] Automatic block validation #

BitcoinTalk

Re: [PATCH] Automatic block validation

2010-08-16 15:25:54 UTC - Original Post

That’s a difficult approach.

We need to cause a reorg, which will disconnect the invalid chain.

This is code that will rarely ever get tested, and is fairly intricate, so something simple and safe is best.

Here’s what I was thinking of. (I haven’t tested this yet) It checks all the blocks in the main chain. If it finds a bad one, it sets all that chain’s bnChainWork to 0 so it can’t win best chain again, and it reduces best chain work to the fork level so any new block after the fork will cause a reorg. (It can’t change pindexBest without actually doing a reorg)

This isn’t perfect yet. It still needs to receive one valid block to trigger the reorg.

It would probably be possible to initiate an AddToBlockIndex or Reorganize after the check, but it would require a lot more careful attention. I probably should break out part of AddToBlockIndex that sets the new best block. I’ll probably end up doing that instead of the code below.

Code:

bool CTxDB::LoadBlockIndex()
{
…

// Verify blocks in the main chain
vector vChain;
for (CBlockIndex* pindex = pindexBest; pindex && pindex->pprev; pindex = pindex->pprev)
{
vChain.push_back(pindex);
CBlock block;
if (!block.ReadFromDisk(pindex))
return error(“LoadBlockIndex() : block.ReadFromDisk failed”);
if (!block.CheckBlock())
{
bnBestChainWork = pindex->pprev->bnChainWork;
foreach(CBlockIndex* pindex2, vChain)
pindex2->bnChainWork = 0;
}
}

return true;
}

2010-08-16 15:59:25 UTC - blocks minus 1 #

Original Post I’d like to reduce the number of blocks displayed in the status bar by 1. When you first load the program, it’ll display 0 blocks instead of 1:
“0 connections 0 blocks 0 transactions”

It’s always been “nBestHeight + 1” because it’s counting the genesis block. Technically, yes, the genesis block is a block. It’s a hardcoded block that you start out with. You can’t not have the genesis block. Maybe think of it as a reference coin that you measure other coins against. The block count people are looking for is the number of blocks they’ve downloaded.

The main benefit is that blocks will be equal to the block number of the current best block. If blocks is 10, then the highest block number you have is 10. It means you have block 10 and you don’t have block 11.

It would reduce the confusion we had here:

Quote from: davidonpda on August 15, 2010, 11:31:37 PM

… It already is on block 74638. I assume that means that block is now a good one?

Quote from: kencausey on August 15, 2010, 11:45:26 PM

I had some confusion on this myself and got clarification in #bitcoin-dev:

The bad block was number 74638, the last good one was 74637. The numbers start at 0, so when your client shows there are 74638 blocks then that means you have up to block number 74637, the last good one.

2010-08-16 17:06:27 UTC - Re: blocks minus 1 #

https://bitcointalk.org/index.php?topic=837.msg9774#msg9774 Done in SVN rev 137

2010-08-16 17:08:02 UTC - Re: [PATCH] Automatic block validation #

BitcoinTalk

Re: [PATCH] Automatic block validation

2010-08-16 17:08:02 UTC - Original Post

Quote from: satoshi on August 16, 2010, 03:25:54 PM

It would probably be possible to initiate an AddToBlockIndex or Reorganize after the check, but it would require a lot more careful attention. I probably should break out part of AddToBlockIndex that sets the new best block. I’ll probably end up doing that instead of the code below.

This is what I ended up doing in SVN rev 139.

Instead of deleting the bad chain, I added an extra CheckBlock to ConnectBlock so bad blocks can’t get back into the best chain once they’re kicked out.

2010-08-16 20:07:46 UTC - Checking the block chain on load #

BitcoinTalk

Re: checkpointing the block chain

2010-08-16 20:20:53 UTC - Original Post

There is no way for the software to automatically know if one chain is better than another except by the greatest proof-of-work. In the design it was necessary for it to switch to a longer chain no matter how far back it has to go.

The only exception to that is the manual checkpoints I’ve added. If it weren’t for those, it would be able to reorg all the way back to the first block.

2010-08-16 22:54:55 UTC - Re: overflow bug SERIOUS #

Un-upgraded nodes have the correct chain most of the time, but they are still trying to include the overflow transaction in every block, so they’re continually trying to fork and generate invalid blocks. If an old version node is restarted, its transaction pool is emptied, so it may generate valid blocks for a while until the transaction gets broadcast again. 0.3.9 and lower nodes still must upgrade.

The SVN now has the code we needed to automatically reorg the block chain without having to delete the blk*.dat files manually. I knew I couldn’t write that code fast and carefully enough yesterday, so I went with the quick manual option.

2010-08-16 23:01:48 UTC - Re: checkpointing the block chain #

2010-08-16 23:01:48 UTC - Original Post

Quote from: NewLibertyStandard on August 16, 2010, 10:42:28 PM

How is the strength of the chain calculated?

Total proof-of-work.

2010-08-18 16:58:44 UTC - Re: New screenshots to the front page? #

BitcoinTalk

Re: New screenshots to the front page?

2010-08-18 16:58:44 UTC - Original Post

Definitely. The old screenshots of 0.1 are very outdated.

Windows Aero is a good choice. Windows is still the largest user group. Mind what’s behind it for the transparent parts.

What to have displayed in the transaction list? Not completely filled up with stuff, just a few things.

2010-08-18 18:01:40 UTC - Re: Difficulty: More nodes active, or faster nodes? #

BitcoinTalk

Re: Difficulty: More nodes active, or faster nodes?

2010-08-18 18:01:40 UTC - Original Post

The performance numbers posted from a VIA C7’s hardware SHA-256 weren’t astronomical. Only in the 1500 khash/s range. If you think about it, just because it’s implemented in hardware doesn’t mean it’s crazy fast. It still has to do all the steps. It’s only if simplifying it down to single-purpose hardware makes it small enough to fit many in parallel. That’s not necessarily easy or a given.

2010-08-18 18:28:28 UTC - Re: Checking the block chain on load #

BitcoinTalk

Re: Checking the block chain on load

2010-08-18 18:28:28 UTC - Original Post

In the next SVN rev, I’ll make it only go back to the last checkpoint at block 74000. If we need to correct a problem in the future, we can always make sure it goes back at least as far back as the problem. Also, I’m adding code to verify the block index, which means the proof-of-work chain is checked.

Still, the system won’t be entirely secure against your blk*.dat files. You are trusting someone if you use a copy of their blk files.

2010-08-19 18:44:36 UTC - Re: Convert Bitcoin to GTK: Yes? No? wx is better? #

BitcoinTalk

Re: Convert Bitcoin to GTK: Yes? No? wx is better?

2010-08-19 18:44:36 UTC - Original Post

Quote from: BioMike on August 19, 2010, 08:05:18 AM

WxWidgets is not really a problem. My problem is the version that is used (2.9), which is considered unstable by many distro packagers (although the WxWidgets devs say it isn’t). On the other side, as far as I know WxWidgets uses gtk under Linux for drawing the whole stuff and makes it for the bitcoins devs easy to make things cross platform.

wxWidgets 2.9 is their first UTF-8 version. We are UTF-8 on all platforms including Windows.

The distro packages of 2.8 are UTF-16, so they just trip people up. People had endless build problems with 2.8 and its wxString UTF-16/ANSI conditional build options until we standardized on 2.9. Also, to use 2.8, we were using ANSI, which was just a temporary stopgap until wxWidgets supported UTF-8.

This is a problem that will solve itself. With time, 2.9 will become a more mainline release.

2010-08-19 18:55:48 UTC - Re: HOWTO: Compiling Bitcoin on Ubuntu 10.04 (Karmic) #

BitcoinTalk

Re: HOWTO: Compiling Bitcoin on Ubuntu 10.04 (Karmic)

2010-08-19 18:55:48 UTC - Original Post

That’s a really well written walkthough. Someone should confirm if they followed it and didn’t run into any snags.

2010-08-19 19:07:43 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10

2010-08-19 19:07:43 UTC - Original Post

Quote from: Ground Loop on August 18, 2010, 11:14:26 PM

Any non-Mac i5 love?
Windows i5 64-bit got slower here.

That’s the first I’ve heard anyone say i5 was slower. Everyone else has said 4way was faster on i5. Moreso with hyperthreading enabled.

Quote from: nelisky on August 18, 2010, 11:02:25 PM

And i5, at least on my macbookpro

Good, so I take it that’s a confirmation that it’s working on Mac as well?

Laszlo told me he did compile in the -4way stuff on Mac, so the -4way switch is also available to try on Mac. I don’t think makefile.osx on SVN has it yet, just the built version.

2010-08-19 19:40:30 UTC - Re: 28 days without generation, i have 4200khash/s #

BitcoinTalk

Re: 28 days without generation, i have 4200khash/s

2010-08-19 19:40:30 UTC - Original Post

Make sure your computer’s date and time are correct.

2010-08-19 20:14:01 UTC - Need a post writing up some things users should know #

BitcoinTalk

Need a post writing up some things users should know

2010-08-19 20:14:01 UTC - Original Post

I’m not sure what to call it, but we could use a post that lists these things users should know. If someone has time to write it, here’s the list:

• Make sure your clock is set correctly.
  

• Microsoft Security Essentials. This never got written up proper.
  

• Warning not to mess around with your wallet.dat file. It’s a database file, it’s not as simple as you think. In this Beta version, we haven’t had time to try and tinker-proof it yet. It may not work as expected if you start swapping it around.
  

2010-08-19 20:28:50 UTC - Re: Hypothetical question on lost coins / transfers #

BitcoinTalk

Re: Hypothetical question on lost coins / transfers

2010-08-19 20:28:50 UTC - Original Post

That’s right. You don’t need to be re-broadcasting your transactions for it to work.

When any node disconnects a fork, it dumps all the transactions from the fork back into the transaction pool to add to the new chain. The entire network is making sure to re-integrate your transactions again. All you should see is that your number of confirmations starts over from 0.

In some types of forks, your transaction would have gotten into both forks already, so you’re already good either way.

2010-08-22 22:51:00 UTC - Re: Need a post writing up some things users should know #

BitcoinTalk

Re: Need a post writing up some things users should know

2010-08-22 22:51:00 UTC - Original Post

The clock part will be covered in the next release (0.3.11 or higher). SVN rev 141 pops up a message box if your clock is too far off.

2010-08-22 23:01:02 UTC - Re: 28 days without generation, i have 4200khash/s #

BitcoinTalk

Re: 28 days without generation, i have 4200khash/s

2010-08-22 23:01:02 UTC - Original Post

Search debug.log for “proof-of-work found”. If you find any, then check for any errors right after that.

Quote from: davidonpda on August 19, 2010, 07:43:01 PM

How big of a margin on the time is allowed for things to work right.

The margin is 2 hours.

This should be solved in SVN rev 141 and the next release (0.3.11+). It’ll pop up a message box alerting you if your clock is off by more than an hour.

2010-08-22 23:21:50 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10

2010-08-22 23:21:50 UTC - Original Post

Thanks for clearing that up. I read the link someone posted about AMD making that change around 2007, but I didn’t know what the story was for Intel.

There’s no hope for Core/Core2 then. They only have half the SSE2 hardware.

Strange that Intel has 3 128bit units, but AMD with 2 128bit units is the faster one.

2010-08-22 23:55:06 UTC - Development of alert system #

I’ve been working on writing the alert system. Alerts are broadcast through the network and apply to a range of version numbers. Alert messages are signed with a private key that only I have.

Nodes can do two things in response to an alert:

• Put a warning message on the status bar.
  
• Make the money handling methods of the json-rpc interface return an error.
  

2010-08-22 23:57:32 UTC - Re: integrating digital payments into p2p protocols #

BitcoinTalk

Re: integrating digital payments into p2p protocols

2010-08-22 23:57:32 UTC - Original Post

Hey Zooko!

I wanted to thank you for posting about Bitcoin on your blog a year or two ago, back when I announced it on the Cryptography mailing list.

2010-08-24 22:43:56 UTC - Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10 #

BitcoinTalk

Re: tcatm’s 4-way SSE2 for Linux 32/64-bit is in 0.3.10

2010-08-24 22:43:56 UTC - Original Post

Quote from: ArtForz on August 21, 2010, 04:56:31 PM

• AMD K10: 2 128bit units
• intel nehalem: 3 128bit units

This probably explains why hyperthreading increases performance with -4way. If three SSE2 units is excessive, then hyperthreading would help keep them all busy.

2010-08-24 23:51:12 UTC - Re: Development of alert system #

BitcoinTalk

Re: Development of alert system

2010-08-24 23:51:12 UTC - Original Post

If you’re so paranoid that you’re getting hysterical over this, then surely you’re paranoid enough that if a warning message displays on the status bar, you’ll check the website and forum.

I think if another bug like the overflow bug occurs, it’s important that automated websites stop trading until their admins can check out what’s going on and decide what to do. If you decide it’s a false alarm and want to take your chances, you can use the “-disablesafemode” switch.

2010-08-25 00:06:36 UTC - Re: Development of alert system #

BitcoinTalk

Re: Development of alert system

2010-08-25 00:06:36 UTC - Original Post

This is in SVN rev 142 as version 0.3.11.

2010-08-25 15:17:37 UTC - Re: Development of alert system #

BitcoinTalk

Re: Development of alert system

2010-08-25 15:17:37 UTC - Original Post

It can’t do arbitrary actions remotely. Maybe some of you are responding to other posters who suggested the alert system should do more?

If there is an alert, the following json-rpc methods return an error:
sendtoaddress
getbalance
getreceivedbyaddress
getreceivedbylabel
listreceivedbyaddress
listreceivedbylabel

The remaining 14 methods function as normal.

I believe the safer option should be enabled by default. If you want your server to keep trading and ignore an alert saying the money its receiving might be like the money from the overflow bug, then you can use the switch and not blame anyone else if you lose your money.

Worst case if you leave alerts enabled, your site stops trading until you upgrade or add the -disablesafemode switch.

Getting surprised by some temporary down time when your node would otherwise be at risk is better than getting surprised by a thief draining all your inventory.

Someday when we haven’t found any new bugs for a long time and it has been thoroughly security reviewed without finding anything, this can be scaled back. I’m not arguing that this is the permanent way of things forever. It’s still beta software.

2010-08-25 16:40:20 UTC - Re: Development of alert system #

https://bitcointalk.org/index.php?topic=898.msg11151#msg11151 I changed the switch name to -disablesafemode.

2010-08-25 16:56:15 UTC - Re: Development of alert system #

BitcoinTalk

Re: Development of alert system

2010-08-25 16:56:15 UTC - Original Post

Quote from: BioMike on August 23, 2010, 05:15:43 AM

@mizerydearia, I think the quote button is easier to find then the reply one.

So, theoretical this is a first control system where can arrest satoshi and demand
that he hands over his key (or get it from his computer) and shut down the complete network?

Or is that not possible? How far would get?

Quote from: jimbobway on August 25, 2010, 04:45:22 PM

A few rhetorical questions for satoshi:

Can you resist waterboarding?
Can you endure electric shock?
All forms of torture?
Lastly, are you Jack Bauer by any chance? Seriously.

WRT the alert system, who cares? The most the key can do is temporarily disable six json-rpc commands until the site owners either add the -disablesafemode switch or upgrade. All nodes keep running and generating, the network stays up. If I’m not available, any script kiddie can figure out how to add two characters and make a new version that disables the alert system. It would be a temporary inconvenience only.

Quote from: BioMike on August 23, 2010, 05:15:43 AM

So, theoretical this is a first control system where can arrest satoshi and demand that he hands over his key (or get it from his computer) and shut down the complete network?

This is what makes me think the people objecting don’t know what they’re talking about. It can’t “shut down the complete network”.

2010-08-25 17:59:30 UTC - Re: Development of alert system #

BitcoinTalk

Re: Development of alert system

2010-08-25 17:59:30 UTC - Original Post

Quote from: nelisky on August 25, 2010, 01:28:32 AM

So what kind of warning do admins get from bitcoind? Is there something we can grep from debug.log? Or will rpc calls raise some specific error? Is there a way to locally force this to happen, for unittesting services?

getinfo has a new field that shows any alert messages or other errors that would be displayed on the status bar.

The rpc methods return a json-rpc error with the error description “Safe mode: " followed by additional text specified by the alert.

I added the switch “-testsafemode” for you. SVN rev 145.

This stuff is very new and may still be subject to change.

Quote from: mizerydearia on August 25, 2010, 12:11:50 AM

I just discovered http://www.bitcoin.org/wiki/doku.php?id=man_page and don’t see any reference to -disablesafemode. Perhaps it should be added! Also others liek -4way should be added as well.

Many switches are intentionally undocumented, like if their functionality is still under construction or I haven’t settled on their name yet, or just test code not intended for release.

-4way should eventually be replaced by an auto-detect.

2010-08-26 00:08:12 UTC - Re: Development of alert system #

Original Post

Quote from: BioMike on August 23, 2010, 05:15:43 AM

So, theoretical this is a first control system where can arrest satoshi and demand
that he hands over his key (or get it from his computer) and shut down the complete network?

Or is that not possible? How far would get?

Quote from: satoshi on August 25, 2010, 04:56:15 PM

This is what makes me think the people objecting don’t know what they’re talking about. It can’t “shut down the complete network”.

Quote from: BioMike on August 23, 2010, 06:23:45 PM

I’ve never objected this change/idea, just asking if this was possible and to what extent.
What’s wrong with getting informed?

My apologies, your post was indeed a question not a statement.

2010-08-26 00:33:28 UTC - Re: RFC: remove DB_PRIVATE flag #

BitcoinTalk

Re: RFC: remove DB_PRIVATE flag

2010-08-26 00:33:28 UTC - Original Post

Can you provide more details about what removing DB_PRIVATE does?

I can’t remember if I had a specific reason for DB_PRIVATE, or if I just copied the flags from some example code. Does removing DB_PRIVATE make it safe for other processes to open the database simultaneously? That may be an improvement, depending what the side effects are. Does it substantially reduce performance by making it have to write out every change immediately or do other coordination? Are there additional locking or coordination files then? What else changes? You could test by timing an initial block download with and without DB_PRIVATE, preferably -connect-ing to a local machine so network isn’t a factor.

Apparently, DB_PRIVATE doesn’t do what you would hope it would do, which is prevent other processes from being able to open the database. It still lets them, it just screws up if they do. Another option, if there’s a way, would be to make it lock the database files so they can’t be accessed by other processes.

2010-08-26 00:44:05 UTC - Re: Need a post writing up some things users should know #

BitcoinTalk

Re: Need a post writing up some things users should know

2010-08-26 00:44:05 UTC - Original Post

Any backup process/procedure would just be a stopgap until there’s time to properly work on coding solutions in software. We can try to use words to help the situation until code gets there.

The main backup improvement will be pre-made pool of keys, and a rescan at load to scrape missed transactions from the block history. Then a backup will last forward for a long time.

2010-08-26 00:57:40 UTC - Re: auto backing up of wallet.dat #

BitcoinTalk

Re: auto backing up of wallet.dat

2010-08-26 00:57:40 UTC - Original Post

I started posting in the other topic but I’ll repeat here, this thread seems more specific to the topic.

The main backup improvement will be a pre-generated pool of keys and a rescan at load to scrape missed transactions from the block history. Then a backup will last forward for a long time.

I was starting to post the same idea you said nelisky.

How about a json-rpc command that locks the wallet, flushes it, copies wallet.dat to a location you specified, then unlocks it? That would be a smaller project than the pooled keys, so maybe it could be done first.

What’s the simplest portable way to copy a file? Is there something in Boost?

What should it be named? maybe:
backupwallet

2010-08-27 00:49:43 UTC - Re: Gentoo Linux Ebuild #

Try -datadir=

Last time I tried $(shell /usr/bin/wx-config), there was immediate hollering about build problems with it. There wasn’t time to investigate at the time.

One problem with $(shell /usr/bin/wx-config) is it will pick up any version (wx 2.8 ) and any configuration (non-UTF-8 ) of wxWidgets that happens to be there. -lwx_gtk2ud-2.9 only matches the right configuration. It fails if wxWidgets was built with the wrong configuration.

Quote Iirc, chatting in #wxwidgets on freenode, the devs there were baffled why that was used.
Did they say why they were baffled?

Quote This is because on my system the path is /usr/include/wx-2.9/wx/wx.h
Why is it there? Was it included by the OS, or did you have to build it? If you built it, I wonder why it would put itself in a different place.

Has wxWidgets 2.9 finally started to become available as a debian package?

Maybe we should do this:

INCLUDEPATHS= \\\ -I”/usr/local/include/wx-2.9" \\\ -I"/usr/local/lib/wx/include/gtk2-unicode-debug-static-2.9" \\\ -I"/usr/include/wx-2.9" \\\ -I"/usr/lib/wx/include/gtk2-unicode-debug-static-2.9"

Again, those paths help make sure it’s only 2.9 and will fail with 2.8.

wxWidgets 2.8 comes in ANSI and UTF-16, both wrong for us. It’s tempting because it’s so easily available as a package; a lot of people were frustrated by it until we started hardcoding 2.9 into the makefile.

2010-08-27 01:13:42 UTC - Re: auto backing up of wallet.dat #

BitcoinTalk

Re: auto backing up of wallet.dat

2010-08-27 01:13:42 UTC - Original Post

If you read it into memory and write it out, it could fail in tight memory situations.

I’m looking for something like copyfile(const char* from, const char* to) or copyfile(path from, path to), preferably something in Boost if it has it. If you find it for me, it’s more likely I’ll get to implementing it.

Quote from: nelisky on August 26, 2010, 01:21:57 AM

As for the file copy, why add to the boost dependency? I for one would love to get a core lib with very little deps.

We require Boost for JSON and a dozen things replacing dependencies on wxWidgets. Boost is good, portable stuff, we should not shy away from it.

2010-08-27 02:54:07 UTC - Re: auto backing up of wallet.dat #

BitcoinTalk

Re: auto backing up of wallet.dat

2010-08-27 02:54:07 UTC - Original Post

I doubt there’s an mmap(2) on Windows. I’d rather call an existing file copy function than make and test my own.

Quote from: nelisky on August 27, 2010, 01:21:09 AM

But if you are already using features from boost::filesystem you can use copy_file from that. I just think that, if not already required for something else, it’s a tad overkill.

Thanks. I thought it would be in there somewhere.

We already use boost::filesystem in a dozen places. It’s not a new added dependency. It gives us a lot of portable stuff that we would otherwise have to have a #ifdef for each OS and test everywhere.

2010-08-27 15:47:57 UTC - Re: auto backing up of wallet.dat #

BitcoinTalk

Re: auto backing up of wallet.dat

2010-08-27 15:47:57 UTC - Original Post

Sorry, I’ve been so busy lately I’ve been skimming messages and I still can’t keep up.

We want to avoid Windows API calls whenever possible. They usually take about 6-8 parameters and a lot of testing to get right, it takes a page of code to do something simple.

I usually shy away from iostreams. Seems like I too often hit limitations. They kind of botched the C++ streams standard in the 90’s, which is too bad, streams can be very powerful and useful when done right. Using it in rpc.cpp may still turn out to be a mistake.

Bottom line is I’d rather call an existing file copy function than make and test my own.

2010-08-27 16:13:16 UTC - Re: New web service: obtain dump of bitcoin block NNNN #

BitcoinTalk

Re: New web service: obtain dump of bitcoin block NNNN

2010-08-27 16:13:16 UTC - Original Post

That’s kind of interesting as an upside-down bar chart of how many blocks were produced each day. The target is 144 blocks per day.

2010-08-27 16:39:26 UTC - Re: Bitcoins are most like shares of common stock #

BitcoinTalk

Re: Bitcoins are most like shares of common stock

2010-08-27 16:39:26 UTC - Original Post

Bitcoins have no dividend or potential future dividend, therefore not like a stock.

More like a collectible or commodity.

2010-08-27 17:32:07 UTC - Re: Bitcoin does NOT violate Mises’ Regression Theorem #

BitcoinTalk

Re: Bitcoin does NOT violate Mises’ Regression Theorem

2010-08-27 17:32:07 UTC - Original Post

As a thought experiment, imagine there was a base metal as scarce as gold but with the following properties:

• boring grey in colour
  
• not a good conductor of electricity
  
• not particularly strong, but not ductile or easily malleable either
  
• not useful for any practical or ornamental purpose
  

• can be transported over a communications channel
  

2010-08-27 21:54:12 UTC - Version 0.3.11 with upgrade alerts #

BitcoinTalk

Version 0.3.11 with upgrade alerts

2010-08-27 21:54:12 UTC - Original Post

Version 0.3.11 is now available.

Changes:

• Some blk*.dat checking on load
  
• Built the -4way code with -march=amdfam10, which makes it a little faster
  
• Warning if your clock is too far off
  
• Warnings/errors/alerts can also be seen in the getinfo command
  
• Alert system