generalizethis
Legendary
 Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
 |
April 19, 2015, 02:11:02 PM |
|
 I like making logical fallacies and assert that all the blockchain must be public without making the obvious point that only your received and spent outputs are necessary to audit just as the case in international business when the auditor will in no way have jurisdiction to audit foreign accounts. I also fail to see how my faulty argument applies to darksend if it is truly anonymous. So never mind the obvious comparison that the viewkey acts as a receipt verified mathematically by the network. |
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
toknormal
Legendary
Offline
Activity: 3066
Merit: 1188
|
|
April 19, 2015, 02:54:07 PM |
|
just as the case in international business when the auditor will in no way have jurisdiction to audit foreign accounts
That isn't the kind of audit thats important in crypto. Your thinking of the accountant that walks into your office and "audits" your bookkeeping. For a start, the idea that cryptocurrency based economies will "just work like fiat ones" is a bit ludicrous. As I keep trying to explain, crypto is anonymous. For that reason, showing a compliance auditor a random balance on the blockchain carries about as much weight as pulling a set of keys out of a drawer and showing them those. Secondly, all forms of money are validated by some kind of trusted third party. Thats what gives money its value. The fiat money system has a counterparty in the middle of the transaction to fulfil that role. With art it's a trusted auction house. Nobody's going to buy the bar of gold from under your bed without it being rubber stamped in public as part of the elemental continuum with atomic number 79 (a publicly verifiable and visible form of money). In crypto, all counterparties have been eliminated from the transaction. Instead, the entire blockchain is publicly visible and verifiable so that public consensus can act at the "trusted third party". Bury that and you've buried your whole value proposition with it. Not only that, there are loads of other 'signals' that the whole cryptonote way of approaching things is all wrong. The fact that visibility had to be compromised to deliver "fungibility" (<-- in inverted commas because fungibility and visibility are different things) is only one. Dash managed to avoid this compromise because it has diversified its network functionality. Other areas of "compromise and fudge" of mono-functional networks include: - having to find a fudge between low blocktime and too many orphans to get the comfirmation speed up - having to find a fudge between blocksize and efficiency to address the problems of scaleability In both these areas, Dash has achieved the best of all worlds through functional diversification whereas others are stuck with the worst. Perfect launch or not, it’s an original crypto who’s innovative approaches to “big problems” are working, and working in visible ways. |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
April 19, 2015, 03:03:14 PM |
|
|
|
|
|
toknormal
Legendary
Offline
Activity: 3066
Merit: 1188
|
|
April 19, 2015, 04:46:48 PM |
|
LoL. When in doubt, call in reinforcements from the Monero troll army. Altogether. Lets do the "instamine scam" dance. |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
April 19, 2015, 04:54:45 PM |
|
The criticism, if factual, should denounce every coin I just claimed was faulty, therefore I should join the debate and end this ring-signature conspiracy. |
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
April 19, 2015, 05:01:44 PM |
|
And here's this:
Every transaction involves two keys: a public spend key, and a public view key. The destination for an output in a transaction is actually a one-time public key computed from these two keys. The formula used for calculating this is: P = Hs(rA)G + B (where Hs is a hash function, r is a random, G is a basepoint, A is the public view key, B is the public spend key).
When scanning incoming transactions every transaction is scanned to see if is for "you". To do this, your wallet computes P' = Hs(aR)G + B (following the same definitions as before, except that a is your private view key, and R = rG, which is packed elsewhere into the transaction). Notice that this only requires your private view key and your public spend key, and this check is immutable and cannot be faked. You cannot receive transactions and identify them without the corresponding private view key.
In order to spend the funds you have to compute a one-time private spend key for that output using Hs(aR) + b (where b is your private spend key), so it's impossible to spend the funds without it. Literally that's all the cryptography you need to understand, but I guess when your aim is to deflect attention from an instamined scam it helps to call it a "mountain of cryptography".
From this we can also determine that it is possible to enumerate all the view keys, but as the key space is 2256 it's not possible unless you have more processing power than all the energy in the universe, and more time than the universe has existed.
The upshot of this is that an auditor only needs your private view key to identify all of your transactions. On the other hand, with Bitcoin and its clones you would typically need to sign every address you own (or for something like Electrum you'd be able to provide your master public key). In some ways the private view key is like the Electrum master public key, in that with both you can view every transaction for that account, and there's no way to fake that data. As with any audit, though, you could always have a second wallet for your secret transactions, but typically auditors would uncover that through other mechanisms.
The claim that the auditor has to "see the balances in the sending addresses" is ludicrous - if I, as a company, receive a payment from Microsoft Inc. do my auditors go and ask Microsoft for their bank balance?
|
|
|
|
toknormal
Legendary
Offline
Activity: 3066
Merit: 1188
|
|
April 19, 2015, 07:25:22 PM
Last edit: April 20, 2015, 08:16:02 PM by toknormal |
|
The upshot of this is that an auditor only needs your private view key to identify all of your transactions.
That isn't the 'upshot' at all. How many daily hours do you think are spent on blockchain.info verifying transactions and wallet balances ? There are a load of reasons that my wallet might not be showing me the correct balance which are nothing to do with "math" - I installed the wrong wallet file, didn't catch up with the blockchain, my wallet is hacked, whatever. blockchain.info and its like are positively SCOURED daily for verification purposes. Thousands of hours are spent on there checking stuff including "where did it come from and where did it go" type audits. All that activity is of immense value in terms of maintaining a high level of confidence in the system. What do I do if I open my wallet which I think had 500 XMR in it and suddenly it's only got 300 ? How does someone in that situation seek "public consensus" that the balance is correct - whether for reasons of getting drunk the night before and gambling it away without remembering, getting hacked or it not having been there in the first place ? Does Fluffypony come along and wave a math paper at them ? Are you seriously proposing that people are just going to accept losing all that transparency ? (Because if you are then you can kiss the value goodbye as well). if I, as a company, receive a payment from Microsoft Inc. do my auditors go and ask Microsoft for their bank balance?
Not in the fiat system by most certainly yes in a cryptocurrency. This is why I say Monero is a fiat business model. Everything is seen from the perspective of bank accounts in a fiat system with scant regard to the things that make crypto totally distinct and nothing like the counterparty based banking model. There is no statutory "us and them" in crypto as there is in fiat. That applies to any base monetary medium such as gold. First parties and third parties do not exist. There is simply a blockchain thats in the public domain and a bunch of anonymous private keys to control it. The correct place for such an "ownership model" is in the next layer - financial services such as ETFs or managed funds. It's the very fact that the blockchain IS in the public domain that gives the private keys their value. There's no need to make it invisible - all your doing is re-inventing the wheel because we already have privacy built into the blockchain. What's needed is to maximise its fungibility - for all kinds of reasons, not just privacy - to mitigate recurring and identifiable patterns of movement. |
|
|
|
|
FryMaple (OP)
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 19, 2015, 08:35:31 PM |
|
This attack could, of course never be carried out on any Proof of Work network InstantX.
You should look at the code and read the whitepaper, because it deals with this exact situation. Nice try though... there is a bounty for this? How about 50 BTC to double spend an InstantX on testnet? |
|
|
|
|
|
|
|
illodin
|
|
April 20, 2015, 08:37:13 AM |
|
This attack could, of course never be carried out on any Proof of Work network InstantX.
You should look at the code and read the whitepaper, because it deals with this exact situation. Nice try though... there is a bounty for this? How about 50 BTC to double spend an InstantX on testnet? I don't think there is. And there shouldn't, as starting up as many masternodes as one pleases in testnet is easy and free. AFAIK if you own both the hashrate and the masternode network, then you can do what you want, as you basically own everything. |
|
|
|
|
|
illodin
|
|
April 20, 2015, 08:43:07 AM |
|
When your dreams of InstantX being easily exploited get shattered, switch to off-topic ad hominems. Standard. Fuck instamined coins and fuck scammers, they are scum and the coin is crap.
And another one. Darkcoin/Dash is organized crime
One more. haha, Dash/Darkcoin - by scammers, for scammers.
Lol shitcoin gonna shitcoin
Where are the Darkcoin/Dash sheep now? No dumb justifications?
After such premature ejaculation bukkake party getting angry when the candy is taken away from you is quite understandable. |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
April 20, 2015, 11:00:08 AM |
|
When your dreams of Evan going to jail for fraud happen. When ever I see him come into the light, I'm gonna bring it up. Can't he answer for himself? I honestly don't care about insta-whatever, I saw him post and wanted an answer. I got it, cowardice. |
|
|
|
toknormal
Legendary
Offline
Activity: 3066
Merit: 1188
|
|
April 20, 2015, 11:37:44 AM |
|
When ever I see him come into the light, I'm gonna bring it up Why ? Did he force you to invest or something ? (Hint - if only he had you'd be a whole lot better off  ) |
|
|
|
|
generalizethis
Legendary
Offline
Activity: 1750
Merit: 1036
Facts are more efficient than fud
|
|
April 20, 2015, 11:41:57 AM |
|
When ever I see him come into the light, I'm gonna bring it up A scam is a scam is a scam, but let me offer up another story based my incredible skills of supposition.... |
|
|
|
FryMaple (OP)
Newbie
Offline
Activity: 8
Merit: 0
|
|
April 20, 2015, 01:58:11 PM |
|
This attack could, of course never be carried out on any Proof of Work network InstantX.
You should look at the code and read the whitepaper, because it deals with this exact situation. Nice try though... there is a bounty for this? How about 50 BTC to double spend an InstantX on testnet? I don't think there is. And there shouldn't, as starting up as many masternodes as one pleases in testnet is easy and free. AFAIK if you own both the hashrate and the masternode network, then you can do what you want, as you basically own everything. Evan thinks otherwise and asked me to attempt a double spend on testnet. Why should I do this for free? If it's so secure, why not have a bounty for exploits? |
|
|
|
|
toknormal
Legendary
Offline
Activity: 3066
Merit: 1188
|
|
April 20, 2015, 08:08:54 PM |
|
Why should I do this for free?
If it's so secure, why not have a bounty for exploits?
Apparently you don't need one according to your original thesis It's a self funding exercise who's reward is potentially unlimited |
|
|
|
|
|
illodin
|
|
April 20, 2015, 10:09:40 PM |
|
How about 50 BTC to double spend an InstantX on testnet?
I don't think there is. And there shouldn't, as starting up as many masternodes as one pleases in testnet is easy and free. AFAIK if you own both the hashrate and the masternode network, then you can do what you want, as you basically own everything. Evan thinks otherwise and asked me to attempt a double spend on testnet. Yes, please attempt, by using the method you outlined. If there was a bounty for breaking the testnet, people would cheat by launching enough masternodes they'd have 99% of the masternode network. Why should I do this for free?
Well, you already created a sockpuppet account and this thread. So why not go all the way? And it wouldn't be for free, think how your bag of shitcoins would skyrocket if just the big evil DASH would go away. If it's so secure, why not have a bounty for exploits?
Can't say for sure, but probably because it would be an extra effort. Let's assume it is secure, and no one will break it. What's the use of the bounty then, it would only cause hassle as people would submit invalid cases and someone would have to potentially spend a lot of time to verify/invalidate them. |
|
|
|
|
|
