#bitcoin-core-dev log

19:00:15 <wumpus> #startmeeting
19:00:15 <lightningbot> Meeting started Thu Jan 11 19:00:15 2018 UTC.  The chair is wumpus. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:00:15 <lightningbot> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:00:21 <wumpus> #bitcoin-core-dev Meeting: wumpus sipa gmaxwell jonasschnelli morcos luke-jr btcdrak sdaftuar jtimon cfields petertodd kanzure bluematt instagibbs phantomcircuit codeshark michagogo marcofalke paveljanik NicolasDorier jl2012 achow101 meshcollider jnewbery maaku fanquake promag
19:00:38 <meshcollider> hi
19:00:40 <wumpus> congrats everyone on merging segwit wallet!
19:00:47 <meshcollider> \o/
19:00:48 <achow101> hi
19:01:04 <wumpus> I think we should focus this meeting on what there is to do still for 0.16
19:01:21 <provoostenator> hi
19:01:22 <wumpus> I've just updated https://github.com/bitcoin/bitcoin/milestone/30 removing everything that isn't either a bugfix or has to do with segwit
19:01:25 <instagibbs> hi
19:01:31 <instagibbs> \o/ so great to see
19:01:32 <wumpus> (well, moving it forward to 0.17)
19:02:18 <provoostenator> I'd like to get either #11991 or #11937 in so non-tech-savy people can actually use bech32.
19:02:21 <gribble> https://github.com/bitcoin/bitcoin/issues/11991 | [qt] Receive: checkbox for bech32 address by Sjors · Pull Request #11991 · bitcoin/bitcoin · GitHub
19:02:23 <wumpus> so that is the "high priority" list for now, if there's anything that should be added let me know
19:02:23 <gribble> https://github.com/bitcoin/bitcoin/issues/11937 | Qt: Setting for deciding address type (legacy, p2sh or bech32) by hsjoberg · Pull Request #11937 · bitcoin/bitcoin · GitHub
19:02:27 <BlueMatt> #11281 needs rebase and resolution of current discussion
19:02:31 <gribble> https://github.com/bitcoin/bitcoin/issues/11281 | Avoid permanent cs_main/cs_wallet lock during RescanFromTime by jonasschnelli · Pull Request #11281 · bitcoin/bitcoin · GitHub
19:02:40 <jonasschnelli> Will do soon
19:02:46 <wumpus> provoostenator: agreed
19:02:59 <provoostenator> I'll try to keep them fresh based on feedback.
19:03:05 <instagibbs> -qt support for address types i think is a big ? still
19:03:08 <jonasschnelli> Yes. I also think 11991 11937 should go into 0.16
19:03:13 <BlueMatt> I believe there's still pending segwit wallet stuff in some rpcs that are still TODO
19:03:14 <BlueMatt> sipa?
19:03:15 <achow101> If 11281 goes in, I would like to also have #11200
19:03:17 <gribble> https://github.com/bitcoin/bitcoin/issues/11200 | Allow for aborting rescans and canceling showProgress dialogs by achow101 · Pull Request #11200 · bitcoin/bitcoin · GitHub
19:03:36 <cfields> hi, here
19:04:05 <achow101> also #12101 and #12104 are bugfix-ish
19:04:06 <provoostenator> bech32 change behavior is nice to have; #11991 is mostly for my own OCD and I can just run that myself
19:04:07 <gribble> https://github.com/bitcoin/bitcoin/issues/12101 | Clamp walletpassphrase timeout to 2^31 seconds and check its bounds by achow101 · Pull Request #12101 · bitcoin/bitcoin · GitHub
19:04:08 <gribble> https://github.com/bitcoin/bitcoin/issues/12104 | HTTP Error 404: Not Found
19:04:09 <gribble> https://github.com/bitcoin/bitcoin/issues/11991 | [qt] Receive: checkbox for bech32 address by Sjors · Pull Request #11991 · bitcoin/bitcoin · GitHub
19:04:32 <achow101> s/12024/12104
19:04:33 <BlueMatt> do we want to fix the non-regression rpc too-many-sockets thing given its an upstream bug? cfields?
19:04:37 <provoostenator> (sorry, I meant #12119)
19:04:39 <gribble> https://github.com/bitcoin/bitcoin/issues/12119 | [wallet] use bech32 change address if any destination is bech32 by Sjors · Pull Request #12119 · bitcoin/bitcoin · GitHub
19:05:06 <cfields> BlueMatt: yes, I'll clean that up and PR it today. What's not clear, though, is if we should attempt to max out available fds.
19:05:08 <wumpus> 11200 seems more like a feature and isn't necessarily segwit related
19:05:25 <wumpus> more for 0.17
19:06:20 <provoostenator> wumpus: when you move something to 0.17 does that mean it be merged before 0.16 is branched off, or does it not have that meaning?
19:06:30 <provoostenator> *it won't
19:06:45 <wumpus> provoostenator: yes
19:07:28 <BlueMatt> wumpus: tend to agree re: 11200, though I'd still very much like to see #11281
19:07:31 <gribble> https://github.com/bitcoin/bitcoin/issues/11281 | Avoid permanent cs_main/cs_wallet lock during RescanFromTime by jonasschnelli · Pull Request #11281 · bitcoin/bitcoin · GitHub
19:07:34 <meshcollider> Will we have the signing certificates ready for the release? jonasschnelli cfields
19:07:49 <cfields> wumpus: consider the maxing fd's question a topic suggestion. I'm unsure what to do there.
19:07:58 <wumpus> BlueMatt: isn't that one already on there?
19:08:16 <jonasschnelli> meshcollider: at least there is a static non distributed RSA cert now available... (OSX).
19:08:32 <BlueMatt> wumpus: it is, was just re-enforcing :)
19:08:35 <meshcollider> jonasschnelli: ok
19:08:47 <jonasschnelli> (but no clue about Windows) topic?
19:08:52 <cfields> meshcollider: yes, we didn't get the threshold key setup in time, so we have a temporary key now. Presumably for 0.16 only.
19:09:17 <wumpus> BlueMatt: but yes I agree keeping that, it's more of a fix I guess (but also not really)
19:09:38 <promag> o/
19:10:08 <cfields> meshcollider: I've written up a few little things worth committing, I'll PR those today as well.
19:10:09 <wumpus> great news regarding the signing key
19:10:15 <wumpus> cfields: ok, topic noted
19:11:22 <cfields> oh, on to me then?
19:11:45 <cfields> #11785 is what I'm unsure about
19:11:46 <gribble> https://github.com/bitcoin/bitcoin/issues/11785 | Raise the open fd limit to the maximum allowed by vii · Pull Request #11785 · bitcoin/bitcoin · GitHub
19:11:48 <wumpus> #topic maxing out fds
19:12:15 <wumpus> oops, accidentelly tagged #12101 0.17 while it should be 0.16
19:12:16 <provoostenator> As discussed earlier today: what's the minimum time before we branch of 0.16? So there's some time to test stuff and fix PR's.
19:12:17 <gribble> https://github.com/bitcoin/bitcoin/issues/12101 | Clamp walletpassphrase timeout to 2^31 seconds and check its bounds by achow101 · Pull Request #12101 · bitcoin/bitcoin · GitHub
19:12:27 <cfields> tl;dr: there was an issue where fd's could be maxed out causing crashes and weird behavior. Let's assume that we get that issue under control. Should we still attempt to bump up our fd limit?
19:13:12 <wumpus> cfields: I'm not sure that should be default behavior, how much is it frowned upon if daemons do that, don't know how other software handles it?
19:13:33 <wumpus> cfields: I think the usual way is to leave ulimit setting to the user/sysadmin
19:13:49 <ryanofsky> provoostenator, i think normally there is a feature freeze on master before creating the release branch
19:14:16 <wumpus> yes, normally there's a feature freeze
19:14:34 <wumpus> I also need to open translations for 0.16
19:14:35 <cfields> wumpus: I tend to agree with that. IMO if we're bumping into fd issues, we want to see them rather than mask them
19:14:58 <cfields> but iirc gmaxwell was generally in favor of a general bump
19:15:02 <wumpus> cfields: indeed, we should try to be robust against them, or at least exit with a clear error if that it's not possible
19:15:33 <cfields> wumpus: ok, mind commenting there? I'll poke gmaxwell again about it too
19:15:45 <cfields> </topic>
19:15:51 <wumpus> cfields: sure
19:15:59 <cfields> thanks :)
19:16:01 <wumpus> other topics?
19:16:04 <jonasschnelli> I have a short disussion request for 11281
19:16:07 <jonasschnelli> https://github.com/bitcoin/bitcoin/pull/11281/commits/b2cc7020956cfd36925e4957493cd28d1d6f672e
19:16:16 <jonasschnelli> Is that a concern (see commit above)=
19:16:17 <jonasschnelli> ?
19:16:35 <jtimon> wumpus what are these "fds" to max out?
19:16:40 <wumpus> #topic "Avoid permanent cs_main/cs_wallet lock during RescanFromTime" discussion (jonasschnelli)
19:16:44 <jonasschnelli> sipa brought up the point, but I think it's okay if we just mention that in the rpc help
19:16:45 <wumpus> jtimon: "file descriptors"
19:16:49 <jtimon> thanks
19:17:23 <jonasschnelli> background: you may import a key and can see it's there but the related transactions are (still) missing
19:17:33 <achow101> I think it's fine to mention that in the help
19:17:34 <jonasschnelli> since the lock is released now
19:17:41 * BlueMatt is fine with the documentation fix, we cant always block the world waiting on things to be consistent
19:17:52 <BlueMatt> but sipa is the one who brought it up and apparently is mia today
19:18:05 <jonasschnelli> Okay. Lets wait on his feedback
19:18:08 <achow101> the alternative would be to block those calls during a rescan, right?
19:18:09 <jonasschnelli> </topic>
19:18:17 <wumpus> other topics?
19:18:20 <promag> what happens today if you import and then it crashes?
19:18:24 <jnewbery> Other PRs that would be nice for 0.16 are the RPC changes in #7965 (#10583, #11415, #10579)
19:18:26 <gribble> https://github.com/bitcoin/bitcoin/issues/7965 | Remaining instances of ENABLE_WALLET in `libbitcoin_server.a` · Issue #7965 · bitcoin/bitcoin · GitHub
19:18:29 <gribble> https://github.com/bitcoin/bitcoin/issues/10583 | [RPC] Split part of validateaddress into getaddressinfo by achow101 · Pull Request #10583 · bitcoin/bitcoin · GitHub
19:18:32 <gribble> https://github.com/bitcoin/bitcoin/issues/11415 | [RPC] Disallow using addresses in createmultisig by achow101 · Pull Request #11415 · bitcoin/bitcoin · GitHub
19:18:33 <jonasschnelli> promag: I guess the same problem
19:18:35 <gribble> https://github.com/bitcoin/bitcoin/issues/10579 | [RPC] Split signrawtransaction into wallet and non-wallet RPC command by achow101 · Pull Request #10579 · bitcoin/bitcoin · GitHub
19:18:47 <kanzure> hi.
19:18:48 <wumpus> jnewbery: those have nothing to do with segwit, so I moved them to 0.17
19:19:02 <jonasschnelli> Agree
19:19:19 <jnewbery> Shame. They deprecate the RPCs but don't remove them, so we're stuck with those wallet dependencies until v0.18
19:19:46 <wumpus> if we do a "theme release" at all we need to focus, sorry
19:19:48 <promag> jonasschnelli: should we "mark" those addresses until the rescan finishes?
19:19:51 <ryanofsky> 11415 maybe could be merged now
19:19:58 <jtimon> do #8994 and #10757 have a chance to get merged for 0.16 if I fix the nits?
19:20:00 <promag> jonasschnelli: future work I guess
19:20:01 <gribble> https://github.com/bitcoin/bitcoin/issues/8994 | Testchains: Introduce custom chain whose constructor... by jtimon · Pull Request #8994 · bitcoin/bitcoin · GitHub
19:20:05 <gribble> https://github.com/bitcoin/bitcoin/issues/10757 | RPC: Introduce getblockstats to plot things by jtimon · Pull Request #10757 · bitcoin/bitcoin · GitHub
19:20:13 <jonasschnelli> promag: Yes... probably... need to think about that first
19:20:19 <wumpus> no, we're not adding non-segwit features for 0.16
19:20:29 <BlueMatt> wumpus: oooo, "theme release", can we start themeing based on cocktails like openwrt?
19:20:41 <achow101> presumably 0.17 will be sooner than the usual 6 months?
19:20:48 <ryanofsky> ok so feature freeze has already started?
19:20:51 <wumpus> BlueMatt: lol!
19:21:02 <instagibbs> ryanofsky, non-segwit ff i believe so
19:21:04 <jonasschnelli> I think since merging SW wallet freeze is active
19:21:06 <wumpus> ryanofsky: for non-segwit things, yes, for segwit things it's open for sicussion
19:21:07 <cfields> BlueMatt: by that you mean "white russian" (or something) for ~5 years, iirc?
19:21:07 <instagibbs> qt stuff might still be required
19:21:08 <BlueMatt> yes, didnt we say feature freeze when segwit wallet got merged
19:21:10 <achow101> ryanofsky: I'm guessing feature freeze started last night as soon as 11403 merged
19:21:22 <wumpus> BlueMatt: yes
19:21:22 <BlueMatt> cfields: yea......
19:21:31 <jtimon> achow101: really? I thought 0.16 was the exception and we're getting close to its regular planned non ahead of time date
19:21:39 <jonasschnelli> no
19:21:42 <promag> btw, 17 theme is?
19:21:53 <wumpus> achow101: we could do 0.17 sooner, but one thing at a time please, this is for discussion once 0.16 is out of the door :)
19:21:57 <BlueMatt> promag: white russian, apparently
19:22:13 <wumpus> no theme for 0.17, no themes again please, back to simply time based releases
19:22:24 <meshcollider> wumpus: you mean 17.0 ;)
19:22:34 <provoostenator> Given that the world demands SegWit from the Core wallet, I tend to agree about feature freeze for non-SegWit stuff.
19:22:43 <jtimon> BlueMatt: it seems tohe feature freeze is being done sooner than that
19:22:49 <provoostenator> And I guess it's about hte regular time to release anyway?
19:22:52 <wumpus> segwit was an exception because that was 'promised' for 0.15.1, I don't think this should become routine
19:23:27 <achow101> provoostenator: I think there's still 2 months left for the usual timing
19:23:51 <wumpus> yes, we're intentionally trying to do the release sooner than the usual planning
19:24:12 <wumpus> (e.g. the one in #11449 is worst-case)
19:24:13 <gribble> https://github.com/bitcoin/bitcoin/issues/11449 | Release schedule for 0.16.0 · Issue #11449 · bitcoin/bitcoin · GitHub
19:24:30 <MarcoFalke> Is #10387 a blocker for 0.16?
19:24:33 <gribble> https://github.com/bitcoin/bitcoin/issues/10387 | Eventually connect to NODE_NETWORK_LIMITED peers by jonasschnelli · Pull Request #10387 · bitcoin/bitcoin · GitHub
19:24:50 <jonasschnelli> MarcoFalke: no... can go into 0.17 IMO
19:24:53 <wumpus> MarcoFalke: I don't know, let's discuss
19:24:54 <jonasschnelli> Or why would it be?
19:24:59 <jtimon> I thought the only blocker for 0.16 was #11403 ?
19:25:03 <BlueMatt> its pending on gmaxwell, just need his ack, I think
19:25:05 <gribble> https://github.com/bitcoin/bitcoin/issues/11403 | SegWit wallet support by sipa · Pull Request #11403 · bitcoin/bitcoin · GitHub
19:25:34 <BlueMatt> but, its def a "feature"
19:25:38 <jonasschnelli> 10387 is independent from the BIP159 signalling.... connecting would be nice though, but includes some risks.. so no hurry with that
19:25:39 <BlueMatt> we're doing the bit announce on master already
19:25:46 <wumpus> ok moving it to 0.17
19:25:48 <BlueMatt> so thats ok for it to go 17
19:26:14 <jonasschnelli> Ah,.. did 10387 still had the 0.16 tag?, Yes. Needs a 0.17 then
19:26:35 <wumpus> that leaves 13 open things in https://github.com/bitcoin/bitcoin/milestone/30
19:26:51 <wumpus> (including the release notes and the release schedule itself)
19:27:25 <sipa> oops, i'm here
19:27:33 <BlueMatt> lol
19:27:35 <sipa> timezone confusion
19:28:02 <BlueMatt> sipa: plx comment on 11281
19:28:02 <jonasschnelli> we need a core meeting alarm/notification service
19:28:12 <BlueMatt> also pending segwit wallet work
19:28:16 <BlueMatt> whats still missing?
19:28:18 <meshcollider> Does anything actually need to be done for #11048
19:28:19 <gribble> https://github.com/bitcoin/bitcoin/issues/11048 | Weird gettransaction details on testnet with segwit · Issue #11048 · bitcoin/bitcoin · GitHub
19:28:20 <jonasschnelli> sipa, Bluemat refers to https://github.com/bitcoin/bitcoin/pull/11281/commits/b2cc7020956cfd36925e4957493cd28d1d6f672e
19:28:40 <provoostenator> How do I add myself to the fancy meeting username mention ping?
19:28:55 <instagibbs> gotta tip wumpus some bch
19:29:23 <achow101> lol
19:29:23 <meshcollider> instagibbs: lol
19:29:25 <sipa> yeah will do, on my phone in a bar now
19:29:36 <instagibbs> RWC?
19:29:40 <wumpus> instagibbs: please no, no need to threaten me, will add him :)
19:29:51 <sipa> instagibbs: yes
19:30:18 <BlueMatt> sipa: woke up in a bar?
19:30:42 <sipa> BlueMatt: just charged my phone  and saw your signal msg
19:30:43 <jonasschnelli> heh
19:31:22 <cfields> so apparrently BlueMatt is the core meeting alarm service
19:31:26 <instagibbs> provoostenator, what's the status of -qt PR for 0.16? I'm kind of out of it but am willing to test with my branch
19:32:05 <wumpus> any other topics?
19:32:19 <luke-jr> hi
19:32:27 <provoostenator> instagibbs: #11991
19:32:27 <bitcoin-git> [13bitcoin] 15kekimusmaximus opened pull request #12158: Avoid unnecessary copy of objects. (06master...06avoid_copies) 02https://github.com/bitcoin/bitcoin/pull/12158
19:32:30 <gribble> https://github.com/bitcoin/bitcoin/issues/11991 | [qt] Receive: checkbox for bech32 address by Sjors · Pull Request #11991 · bitcoin/bitcoin · GitHub
19:32:37 <BlueMatt> lol, ok, everyone's here, start over now?
19:32:39 <luke-jr> #12146 should be tagged 0.16 too
19:32:40 <gribble> https://github.com/bitcoin/bitcoin/issues/12146 | Wallet: Support disabling implicit Segwit operation by luke-jr · Pull Request #12146 · bitcoin/bitcoin · GitHub
19:32:56 <provoostenator> Bit of discussion about the UI... but otherwise ready to go.
19:33:03 <gmaxwell> ^ 11991 seems like an obvious and easy win.
19:33:16 <sipa> #11991
19:33:19 <gribble> https://github.com/bitcoin/bitcoin/issues/11991 | [qt] Receive: checkbox for bech32 address by Sjors · Pull Request #11991 · bitcoin/bitcoin · GitHub
19:33:44 <luke-jr> indeed, I'd also suggest the bech32 change thing
19:34:20 <gmaxwell> yes, the "use native change if destinations are native"?  I think that makes a lot of sense.
19:34:24 <luke-jr> #12119
19:34:26 <gribble> https://github.com/bitcoin/bitcoin/issues/12119 | [wallet] use bech32 change address if any destination is bech32 by Sjors · Pull Request #12119 · bitcoin/bitcoin · GitHub
19:34:41 <provoostenator> bech32 change thing needs a small refactor which I'll try to do tomorrow. But also has some discussion about which circumstances should trigger bech32 use. Please weigh in...
19:34:48 <wumpus> both 11991 and 12119 are already in the 0.16 milestone
19:34:53 <gmaxwell> The whole reason we didn't _always_ use native change was privacy, but if the outputs are native, then that same argument says we should use native.
19:35:08 <provoostenator> What about inputs?
19:35:17 <sipa> arguably you could just uniformly ranomly pick the address type of 1 of the inputs, and make the change that
19:35:26 <gmaxwell> provoostenator: I think they're irrelevant.
19:35:41 <wumpus> sipa: sounds like a plan
19:35:47 <gmaxwell> sipa: I don't think that makes any sense.
19:35:53 <provoostenator> As in: if any input or any output is bech32, use bech32, unless changeaddress param says otherwise. .... ok, why intput irrelevant?
19:35:54 <luke-jr> wumpus: 12146 isn't yet.
19:36:04 * sipa meh 12146
19:36:09 <wumpus> luke-jr: seems like that needs some more discussion
19:36:09 <gmaxwell> Why would it possibly be relevant in any way?
19:36:13 <instagibbs> we want to frustrate chain analysis, mimicking the payment as much as possible is ++
19:36:19 <promag> gmaxwell: what if someone wants 0.16 to behave like 0.15?
19:36:39 <luke-jr> wumpus: releasing Segwit wallet without it is a problem for people who don't want to use Segwit.
19:36:43 <provoostenator> We also want to reduce fees.
19:36:50 <gmaxwell> The only reason to not always use native, assuming you are using segwit to begin with in your wallet, is that it would make it easier to tell which of the outputs are change.
19:36:56 <jonasschnelli> luke-jr: define don't use?
19:37:16 <wumpus> luke-jr: just don't use the segwit address types then?
19:37:17 <gmaxwell> But that doesn't apply if the outputs (any of them, arguably) are native.
19:37:20 <luke-jr> jonasschnelli: never have a Segwit UTXO despite what anyone else may do
19:37:25 <provoostenator> So in other words, if you're spending from a bech32 address, there's no reason _not_ to use a native address as change?
19:37:39 <luke-jr> wumpus: without 12146, people can malleate your address and you'll never know
19:37:39 <gmaxwell> provoostenator: no!
19:37:42 <instagibbs> provoostenator, ??
19:37:52 <wumpus> is address malleation a thing now?
19:37:59 <provoostenator> It saves fees and there's no privacy downside, what am I missing?
19:38:07 <sipa> luke-jr: they can already
19:38:11 <gmaxwell> Again, inputs are irrelevant-- I can't figure out why you think inputs are at all relevant.
19:38:12 <jonasschnelli> provoostenator: he's worried about block size increase
19:38:17 <sipa> and have forever
19:38:24 <jonasschnelli> as sipa said,.. it was also possible by p2pk -> p2pkh
19:38:27 <luke-jr> sipa: with 12146, you would at least notice / not accept it
19:38:36 <sipa> luke-jr: why not? it's cheaper!
19:38:38 <jonasschnelli> s/was/is
19:38:48 <luke-jr> sipa: what?
19:39:03 <wumpus> would anyone use that at all, why would it be worth maintaining?
19:39:12 <sipa> you're lucky if someone sends you a witness output instead anyone of p2pkh
19:39:13 <jonasschnelli> I think luke-jr argument are more political/philosophical then technical/economical
19:39:20 <wumpus> it just complicates all kinds of logic
19:39:29 <gmaxwell> provoostenator: the privacy downside arises when your pay to a non-segwit destination.  If you pay a non-segwit destination but make a native output as change, then which of the outputs is change is far more easily identified.
19:39:30 <luke-jr> wumpus: because using Segwit enables miners to increase block size, and has no benefits for the current wallet.
19:39:37 <instagibbs> i think this is going to be another "no one else agrees" type argument, sorry luke-jr
19:39:39 <sipa> (i think it's really bad that we accept outputs to addresses we didn'√ give out)
19:39:41 <BlueMatt> provoostenator: its still a privacy leak, you're (probably) much, much more likely to use non-bech32 outputs as non-change, so irrespective of the inputs you'd be pretty clearly tagging your change output
19:40:06 <sipa> but it's not specific to segwit, and needs fixing independently
19:40:07 <instagibbs> simply not handing out those addresses should be enough... sender doesn't care if you want to spend more later
19:40:10 <BlueMatt> provoostenator: in fact, even worse, you're tagging it *because* your inputs are bech32 you're making clear that you support segwit in your wallet, so the bech32 output is *most likely* the change
19:40:27 <luke-jr> instagibbs: the sender can trick you into accepting Segwit without 12146
19:40:27 <wumpus> instagibbs: indeed
19:40:35 <instagibbs> luke-jr, worse, the sender *wont know* you don't implictly convert, leading to a orphaned utxo!
19:40:36 <wumpus> 'trick you into accepting segwit'
19:40:48 <instagibbs> whatever jerk is doing that
19:40:48 <gmaxwell> But if the other outputs are native, then this issue doesn't exist.
19:41:00 <luke-jr> instagibbs: orphaned UTXO is exactly the expected outcome
19:41:04 <luke-jr> instagibbs: and that's his fault
19:41:06 <Chris_St1> so the debate is whether we are creating the change output as the same script type as the payment output in a two output scenario?
19:41:07 <instagibbs> .....
19:41:11 <wumpus> man, that sounds like it should be prosecuted as a war crime
19:41:32 <provoostenator> Alright, so rule should be: ignore inputs, if any output is bech32, use bech32 for change, unless setting overrides?
19:41:36 <luke-jr> Chris_St1: there's two parallel conversations going on here now :/
19:41:49 <provoostenator> luke-jr: yes, IRC needs threads
19:42:09 <wumpus> #topic when to use bech32 for change
19:42:11 <wumpus> ^^
19:42:13 <meshcollider> provoostenator: yes that's most sensible
19:42:16 <BlueMatt> provoostenator: thats not a bad idea, imo
19:42:17 <Chris_St1> what about when there are more than two outputs? Or are we just worried about GUI?
19:42:19 * jtimon thinks about what "trick you into accepting segwit" may mean...
19:42:31 <instagibbs> Chris_St1, privacy mostly
19:42:37 <gmaxwell> provoostenator: thats my belief.
19:42:41 <meshcollider> Was sipa suggestion of random choice serious or a joke
19:42:44 <provoostenator> Chris_St1: _any_ output, not _all_
19:42:49 <instagibbs> meshcollider, serious to me, makes sense
19:43:00 <luke-jr> IMO any output makes sense.
19:43:01 <gmaxwell> provoostenator: I think someone could reasonable argue that it should be "if a majority" rather than any.
19:43:03 <cfields> don't you lose the change privacy if there's a mix of segwit output types, though?
19:43:04 <meshcollider> Yeah was unsure if there's any downside
19:43:09 <wumpus> meshcollider: I think he was serious, it makes sense, less deterministic the change choice the better
19:43:33 <Chris_St1> instagibbs: yes, but what if you a 3 segwit payment outputs and 2 p2pkh payment outputs, what is the change type?
19:43:37 <gmaxwell> I think "all" is obviously too strong.
19:43:37 <cfields> if there's a p2wsh output and change goes to p2wpkh, that's obvious
19:43:53 <instagibbs> Chris_St1, arguments to be had. Could flip weighted coin, could just pick the cheapest to mimic
19:44:00 <instagibbs> (native)
19:44:03 <gmaxwell> cfields: "segwit" here means native.
19:44:04 <morcos> I don't think its worth going overboard with complication.   If you are super privacy conscious you can manually do what you want, otherwise we should make the default what makes sense for the network.
19:44:11 <morcos> So I like provoostenator's idea
19:44:24 <provoostenator> Chris_St1: bech32 in my proposal s well as the majority proposol (which I think it's a bit complicated...)
19:44:28 <Chris_St1> morcos: But that erodes the privacy of *everyone*. see zcash?
19:44:59 <morcos> Chris_St1: i don't think that analogy applies
19:45:03 <gmaxwell> Any is what I proposed on the PR, though I noted that "majority" would also be defensible.  Requiring all, or worse, not using native even if all are native is bad for privacy.
19:45:07 <BlueMatt> yea, majority-are-native or signle-is-native are both fine with me
19:45:13 <luke-jr> weighed random?
19:45:31 <gmaxwell> I think it's okay to bias some here towards the more cost effective form.
19:45:36 <morcos> well maybe, but thats why we're preservign some level of privacy...  in that we only use bech32 for change if we're paying at least one bech32 address
19:45:37 <wumpus> yes
19:45:38 <instagibbs> hiding with other segwit wallets imo is your best bet anyways...
19:45:49 <gmaxwell> also the difference between these things only matters for sendmany...
19:45:52 <provoostenator> luke-jr: I that would be a great way for me to demonstrate my C++ incompetence :-)
19:46:07 * sipa is fine with (if not otherwise configured) using any bech32 -> change is bech32
19:46:25 <jnewbery> any-output-is-native seems reasonable to me
19:46:41 <achow101> same
19:46:42 <gmaxwell> sipa: I think my suggestion was "unless configured that change should be legacy, change is native if any output is native".
19:46:57 <morcos> i think non-determinism in what kind of change address you have is just ick..  especially since the p2sh-wrapped kind is temporary
19:47:00 <provoostenator> As for luke-jr's point: having some flag to completely opt-out of SegWit seems reasonable to me.
19:47:04 <gmaxwell> (or if anyone felt that was too strong, change is native unless the majority is non-native; but it seems no one does)
19:47:05 <sipa> gmaxwell: and p2sh-p2wsh otherwise?
19:47:13 <gmaxwell> sipa: yes.
19:47:20 <sipa> makes snese
19:47:35 <Chris_Stewart_5> gmaxwell: by native you mean p2wpkh?
19:47:41 <gmaxwell> sipa: so if you set yourself to be legacy, you'll stay legacy regardless, in order to respect any weird requirement to avoid creating segwit outputs.
19:48:08 <instagibbs> morcos, if it has native change is native is entirely determinstic, luckily
19:48:21 <instagibbs> sorry, has native, comma, change is native
19:48:52 <gmaxwell> morcos: I think you were responding to things like "weighed random change types"
19:49:03 <morcos> correct
19:49:06 <BlueMatt> more topics?
19:49:24 <luke-jr> back to 12146?
19:49:26 <gmaxwell> yea, I could go for weighed-random change types if the choice were otherwise neutral, but it's not.
19:49:31 * BlueMatt notes that it really would be nice to see #12118 in 0.16, just because its really a free 5% speedup in removeForBlock which is a big chunk of block validation latency....
19:49:33 <gribble> https://github.com/bitcoin/bitcoin/issues/12118 | Sort mempool by min(feerate, ancestor_feerate) by sdaftuar · Pull Request #12118 · bitcoin/bitcoin · GitHub
19:49:45 <instagibbs> luke-jr, Creating utxo bloat to *slightly* reduce blocksize is weird weird feature to add imo
19:49:51 <instagibbs> (if we've transitioned)
19:49:57 <luke-jr> instagibbs: it's not UTXO bloat.
19:50:10 <BlueMatt> luke-jr: nack, just use 0.15.1 and focus on the real fix of splitting hd chain
19:50:11 <instagibbs> the scenario here is that some joker pays you, and you don't want to spend it, right?
19:50:25 <morcos> +1 BlueMatt
19:50:30 <BlueMatt> alternatively, this could be accomplished by using labels/accounts
19:50:40 <BlueMatt> label addresses and then payments will show up without the labels
19:50:44 <luke-jr> instagibbs: more or less
19:50:57 <luke-jr> BlueMatt: NACK, to myself and many others, mandatory Segwit wallet is a regression
19:51:06 <BlueMatt> then dont use 0.16
19:51:15 <luke-jr> so 0.15 is supported forever?
19:51:19 <gmaxwell> luke's argument is lame but there are other arguments for the position...  But I think it's ultimately futile.
19:51:21 <luke-jr> including new features?
19:51:31 <morcos> luke-jr: right, but thats basically the only feature, so just dont use it until we have the version that doesn't accept all variations of key encoding
19:51:32 <BlueMatt> if you want the option, do the real fix, not the dirty hack of working like 0.15.1
19:51:33 <gmaxwell> luke-jr: by anyone who cares to support it
19:51:36 <instagibbs> This feature doesn't make any sense to me though.
19:51:55 <luke-jr> BlueMatt: there isn't a better fix
19:51:56 <BlueMatt> (the real fix being splitting the hd chain so that we never identify as ours addresses other than the ones we gave out)
19:52:07 <morcos> ^ it's in sipas gist
19:52:11 <achow101> luke-jr: the real fix is using different hd paths
19:52:13 <sipa> indeed.
19:52:14 <BlueMatt> which sipa proposed (I believe to much agreement) as the long-term route for the wallet
19:52:15 <luke-jr> BlueMatt: that's more than a fix. :p
19:52:17 <gmaxwell> instagibbs: it's very bad that we support showing funds paid to addresses we never issued.  It invites really bad behavior that can cause irrecoverable funds loss.   But the ship has already sailed on that.
19:52:23 <instagibbs> gmaxwell, no I get the issue
19:52:30 <instagibbs> I don't get his fix, it's one-sided
19:52:39 <gmaxwell> ah.
19:52:56 <morcos> we all agree to fixing that, what we don't care about is that we are temporarily makign it worse for the case of giving out legacy and receiving segwit
19:52:57 <instagibbs> sender has no clue you won't accept it!(outside of us wagging fingers to not try it)
19:53:02 <gmaxwell> Well thats because his motivation isn't one of the sensible ones, it's because he's discouraging people from using segwit to keep the blocksize down.
19:53:10 <BlueMatt> luke-jr: it is more than a fix for your specific issue, but its much nicer and isnt ridiculous from a ux/maintainability perspective
19:53:13 <luke-jr> that is a sensible one
19:53:15 <BlueMatt> we dont need more options in the wallet...
19:53:19 <instagibbs> anyways, all i have to say. Let's fix the wallet.
19:53:35 <gmaxwell> I don't share his concern, but even if I did-- his fix isn't needed for it:  anyone autoconverting an address has a serious risk of funds loss already.
19:53:41 <provoostenator> luke-jr: what's wrong with launching with -addresstype=legacy?
19:53:42 <luke-jr> BlueMatt: 12146 is trivial
19:53:44 <morcos> luke-jr: would it help if we we very publicly communicated that our philosophy is to not accept payments except for addresses which have been given out?
19:53:45 <wumpus> certainly not options that only exist for some political goal and no one will actually use nor test
19:54:14 <morcos> we discussed doing that when we were making this change, b/c we knew we'd be making things worse on that front, but we'd already crossed the bridge with addwitnessaddress
19:54:18 <luke-jr> provoostenator: the current code will still accept Segwit payments to malleated addresses
19:54:18 <morcos> and other variants
19:54:25 <BlueMatt> anyway, one more review on #12118 and slipping in past feature freeze would make me very happy...good to keep the march of performance improvements in block validation latency moving :)
19:54:27 <gribble> https://github.com/bitcoin/bitcoin/issues/12118 | Sort mempool by min(feerate, ancestor_feerate) by sdaftuar · Pull Request #12118 · bitcoin/bitcoin · GitHub
19:54:41 <gmaxwell> luke-jr: your change isn't needed to prevent autoconverting. Anyone who 'autoconverts' will have casual funds loss due to converted outputs being unreconized by older software, and _unrecoverable loss_ due to uncompressed pubkeys and potentially HSMs.
19:54:45 <cfields> instagibbs: at best, if you wag your finger and I'm forced to re-send a non-witness tx, that's 2x the tx's for that interaction. Not doing much to reduce block size...
19:55:08 <provoostenator> luke-jr: oh, you mean someone sees the public key after you spend it and then figures out how to send to its SegWit equivalent? I'm not sure if that actually works, see my backwards compatibility test PR.
19:55:13 <gmaxwell> luke-jr: that should be ample discouragement there.
19:55:16 <wumpus> morcos: would make sense to document that, though I wouldn't know where!
19:55:28 <jnewbery> Doesn't seem to me like this needs to be discussed for v0.16 release. Luke can maintain his patch in knots and everyone is happy. And then we can reconsider 12146 for 0.16.1
19:55:28 <instagibbs> cfields, what we need is a way of bloating the weight without taking up serialization space lol
19:55:30 <luke-jr> gmaxwell: all the more reason to allow people to avoid accepting the attempts
19:55:35 <provoostenator> But I don't see the point in ignoring such a transaction. There's certainly no way to stop it.
19:55:37 <achow101> provoostenator: given a p2pkh address, you can easily make the p2wpkh output without needing to see a transaction
19:55:38 <morcos> We can use the @bitcoin twitter handle maybe
19:55:48 <meshcollider> provoostenator: you don't need the public key, segwit addresses use PKH too
19:56:02 <wumpus> but a warning against 'malleating' addresses would make sense, I mean it's bad form and just because bitcoin core happens to accept it doesn't mean other wallets do
19:56:03 <luke-jr> provoostenator: it's an invalid payment
19:56:06 <gmaxwell> And yes, as morocos said, we knew that our handling of segwit would increase the risk that someone falsely believed they could autoconvert.  It was a tradeoff we made, otherwise segwit support would be delayed behind a massive redesign.
19:56:23 <luke-jr> morcos: It would probably be good to do so, but I'm not sure it accomplishes the same thing
19:56:40 <luke-jr> also, you *can't* malleate right now
19:56:41 <morcos> yes, so lets spend our time doing the redesign and communicating our intentions
19:56:42 <cfields> instagibbs: heh
19:56:50 <morcos> you can do other forms of malleation
19:56:52 <BlueMatt> </topic>? It seems like everyone agrees outside of luke, and there is a *real* solution...also easy to not use 0.16 for now
19:56:59 <sipa> luke-jr: you can use p2pk instead of p2pkh
19:57:04 <wumpus> BlueMatt: yes, any other topics?
19:57:07 <Chris_Stewart_5> PSA: if anyone is interested in talking more about #12131 or #12132 there is a development channel that some work has been occurring in: #bitcoin-mast
19:57:08 <gribble> https://github.com/bitcoin/bitcoin/issues/12131 | [BIP-98 + BIP-116] MERKLEBRANCHVERIFY by kallewoof · Pull Request #12131 · bitcoin/bitcoin · GitHub
19:57:10 <gribble> https://github.com/bitcoin/bitcoin/issues/12132 | [BIP-117] Tail call semantics by kallewoof · Pull Request #12132 · bitcoin/bitcoin · GitHub
19:57:12 <wumpus> oh 3 minutes to go
19:57:12 <luke-jr> sipa: only if you know the key, which only the recipient does
19:57:27 <morcos> aren't those a bit premature for PR's?
19:57:29 <arubi> sipa, then I'll trick you into accepting some big bare n-of-m with a bunch of pubkeys
19:57:29 <achow101> luke-jr: you can malleate it to a p2sh nested p2pkh
19:57:34 <gmaxwell> luke-jr: I think it's adequate enough to let people know that if they do that, they _will_ lose funds, its effectively a guarentee.  some switch to willfully ignore the outputs in a recoverable way wouldn't help that message at all.
19:57:37 <arubi> (all of yours)
19:57:41 <gmaxwell> and basically no one but you would set it.
19:57:41 <morcos> is there any consensus at all around wanting those features?
19:57:51 <luke-jr> achow101: nope, pretty sure we won't accept that without adding it to the wallet explicitly
19:58:09 <sipa> achow101: as luke-jr says
19:58:14 <luke-jr> gmaxwell: I don't agree only I would set it.
19:58:24 <gmaxwell> luke-jr: you can malleat addresses now fwiw, this is a long term design flaw in the wallet.
19:58:31 <gmaxwell> oh sipa pointed that out too
19:58:39 <luke-jr> gmaxwell: but you can't, as I pointed out
19:58:39 <wumpus> there's not really incentive for anyone to set a 'ignore some payments to me' setting, real user complaints are about not receiving payments...
19:58:41 <Chris_Stewart_5> morcos: I would say they are premature -- but I think they are definitely worht exploring more
19:58:41 <instagibbs> you can send people naked multisig...
19:58:42 <instagibbs> lol
19:58:51 <Chris_Stewart_5> if that was directed at me
19:58:55 <sipa> instagibbs: indeed
19:58:58 <luke-jr> instagibbs: !
19:59:03 <gmaxwell> luke-jr: something like 80% of addresses are reused...
19:59:05 <arubi> and with a bunch of pubkeys
19:59:19 <morcos> Chris_Stewart_5: yes...  i just wasnt sure if i was behind the times...
19:59:27 <luke-jr> gmaxwell: unsupported use case, not relevant to the discussion, but instagibbs found an example case
19:59:27 <gmaxwell> as wumpus says, the incentives are against setting that knob.
19:59:40 <instagibbs> I guess that's another argument, there are tons of ways of malleating it, let's just fix the wallet instead.
19:59:42 <Chris_Stewart_5> morcos: Also why we should discuss the development in a separate channel IMO as it is a little speculative still
19:59:44 <wumpus> gmaxwell: also thanks to some exchanges that have a limit on the number of deposit addresses
19:59:46 <sipa> instagibbs: indeed
20:00:06 <sipa> DING
20:00:10 <wumpus> #endmeeting