Re: [Mimblewimble] To Schnorr or not to Schnorr

7.html > [3] https://lists.launchpad.net/mimblewimble/msg00087.html > -- > Mailing list: https://launchpad.net/~mimblewimble > Post to : mimblewimble@lists.launchpad.net > Unsubscribe : https://launchpad.net/~mimblewimble > More help : https://help.launchpad.net/

Re: [Mimblewimble] To Schnorr or not to Schnorr

t fix multisig. And even if a new > libsecp makes incompatible signatures, we can just wipe whatever testnet > we're on (assuming we're that far). So why wouldn't that be a better > placeholder? We can still consider upstream libsecp Schnorr a blocker. > > Thanks! > - Ig

Re: [Mimblewimble] Potentional method of hardforking MimbleWimble via freaky invalid to valid block transitions

> circuits out of attempting to satisfy a set of invalid kernels. > I think your thinking in terms of kernels is wrong; kernels have no amounts and can't inflate or deflate the currency; they can't really be "invalid" in this sense. Just looking at inputs and outputs is a better way

Re: [Mimblewimble] Potentional method of hardforking MimbleWimble via freaky invalid to valid block transitions

ows reorgs to happen within frakenblocks, and still provides the majority of the efficiency benefit. -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: https://www.wpsoftware.net/andrew "A goose alone, I suppose, can know the loneliness of geese

Re: [Mimblewimble] Potentional method of hardforking MimbleWimble via freaky invalid to valid block transitions

nels around forever. > > [0]: https://github.com/ignopeverell/grin/blob/master/doc/chainsync.md > > -- > Mailing list: https://launchpad.net/~mimblewimble > Post to : mimblewimble@lists.launchpad.net > Unsubscribe : https://launchpad.net/~mimblewimble > More help

Re: [Mimblewimble] Scriptless scripting and deniable swaps

On Fri, Feb 03, 2017 at 10:42:14PM +, Andrew Poelstra wrote: > > Pieter Wuille in particular has stressed to me what a great feature of MW it > is > that everything looks the same, and that breaking this property should be > taken > very seriously. > In this lin

Re: [Mimblewimble] Scriptless scripting and deniable swaps

n zero-knowledge of p and q you prove the following statement: n = p*q; pubkey = xG where x = base^(2^largenumber mod (p-1)(q-1)) which I don't think is likely to be a huge circuit. -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: https://www.wpsoftware.

Re: [Mimblewimble] defending against malicious transactors

ybody thinks thinks this -would- actually be helpful, I'd be curious to know why. *** Cheers, Andrew -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: https://www.wpsoftware.net/andrew "A goose alone, I suppose, can know the lonelin

Re: [Mimblewimble] [POLL] Perfectly hiding vs perfectly binding

[0] Greg Sanders, Greg Maxwell, Tim Ruffing [1] https://eprint.iacr.org/2017/237.pdf [2] http://eprint.iacr.org/2015/628 -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: https://www.wpsoftware.net/andrew "A goose alone, I suppose, can

Re: [Mimblewimble] Discreet Log Contracts

we could support that form of > contract as well. > > - Igno > -- > Mailing list: https://launchpad.net/~mimblewimble > Post to : mimblewimble@lists.launchpad.net > Unsubscribe : https://launchpad.net/~mimblewimble > More help : https://help.launchpad.net/ListHelp -- Andrew

Re: [Mimblewimble] [POLL] Perfectly hiding vs perfectly binding

ease with the number of assets. With two assets my idea would allow only 4 denominations per asset in the same size, and the size would increase with every additional asset the chain supported. -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: htt

Re: [Mimblewimble] On fees

, > Seamus Finnigan > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > -- > Mailing list: https://launchpad.net/~mimblewimble > Post to : mimblewimble@lists.launchpad.net > Unsubscribe : https://launchpad.net/~mimblewimble > More help : htt

Re: [Mimblewimble] Scheduled hard forks

d.net/~mimblewimble > > Post to : mimblewimble@lists.launchpad.net > > Unsubscribe : https://launchpad.net/~mimblewimble > > More help : https://help.launchpad.net/ListHelp > > > > > -- > Mailing list: https://launchpad.net/~mimblewimble > Post to : mimblewimb

Re: [Mimblewimble] Hashed switch commitments

ithout even needing to argue about whether this is a sensible use of blockchain space. > So I'd be happy to hear others' arguments. The benefits would be tangible, > but so would be the drawbacks. > > - Igno > > [1] https://lists.launchpad.net/mimblewimble/msg00165.html -- Andr

Re: [Mimblewimble] Branding and messaging

etty serious confusion, and that we should avoid "quid" for this reason. -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: https://www.wpsoftware.net/andrew "A goose alone, I suppose, can know the loneliness of geese who can never find

Re: [Mimblewimble] Hashed switch commitments

t; bit, so you reveal "0" bit - that > would not leak the magnitude of the amount (could be simply the padding zero > in the high digits). > > > > On 7 Sep 2017, at 11:12, Andrew Poelstra <apoels...@wpsoftware.net> wrote: > > > > On Thu, Sep 07, 2017 at

Re: [Mimblewimble] Bi-directional payment channels

> channel tx with a locktime at L-1, then a new return transaction with L-2 > would surely make the payment channel tx now redundant ? Do you know where > Im going wrong with this thinking ? > > [1] https://lists.launchpad.net/mimblewimble/msg00047.html > -- Andrew Poelstra

Re: [Mimblewimble] Communication channels

hanks, > Tim Wilson > "Given how vitriolic the Bitcoin community is, I think we should also have a witchhunt against the moderators of r/bitcoin." Please no. -- Andrew Poelstra Mathematics Department, Blockstream Email: apoelstra at wpsoftware.net Web: https://www.wpsoftwar